| |
| |||||||
Log-Analyse und Auswertung: Security Alert - blauer Bildschirm im BrowserWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
23.06.2017, 16:28
| #1 |
| |  Security Alert - blauer Bildschirm im Browser Hallo, ich habe in Firefox einen blauen Bildschirm mit der Meldung "Security Alert - Authentifizierung erforderlich, schalten sie den Computer nicht aus, da es einen Datenverlust verursachen kann." Bitte um Hilfe FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 21-06-2017 01
durchgeführt von marku (Administrator) auf MARKUSSPIEGL-PC (23-06-2017 16:01:48)
Gestartet von C:\Users\marku\Downloads
Geladene Profile: marku (Verfügbare Profile: marku)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Symantec Corporation) C:\Program Files\Norton Security\Engine\22.9.4.8\ns.exe
(CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Symantec Corporation) C:\Program Files\Norton Security\Engine\22.9.4.8\ns.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Maxthon International ltd.) C:\Users\marku\AppData\Roaming\Maxthon5\Public\MxUp\MxUp.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3738344 2015-10-21] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [3738344 2015-10-21] (ELAN Microelectronics Corp.)
HKLM\...\Run: [ApplyEsf-eDocPrintPro] => C:\Program Files\Common Files\MAYComputer\eDocPrintPro\ApplyEsf.exe [403456 2013-11-20] (May Software)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1803392 2015-10-01] (NVIDIA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-09] (Apple Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-10-21] (NEC Electronics Corporation)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [6998656 2009-10-26] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2009-08-19] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1314432 2016-03-11] (CANON INC.)
HKLM-x32\...\Run: [PSUAMain] => "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4020732326-1727681914-3926867655-1004\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation)
HKU\S-1-5-21-4020732326-1727681914-3926867655-1004\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEMN.EXE [945856 2013-03-06] (Microsoft Corporation)
HKU\S-1-5-21-4020732326-1727681914-3926867655-1004\...\Run: [GoogleDriveSync] => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
HKU\S-1-5-21-4020732326-1727681914-3926867655-1004\...\RunOnce: [Uninstall C:\Users\marku\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\marku\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
HKU\S-1-5-21-4020732326-1727681914-3926867655-1004\...\RunOnce: [Uninstall 17.3.6799.0327\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\marku\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64"
HKU\S-1-5-21-4020732326-1727681914-3926867655-1004\...\RunOnce: [Uninstall 17.3.6799.0327] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\marku\AppData\Local\Microsoft\OneDrive\17.3.6799.0327"
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [178280 2016-12-09] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [178280 2016-12-09] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWoW64\nvinit.dll => C:\WINDOWS\SysWoW64\nvinit.dll [158400 2016-12-09] (NVIDIA Corporation)
AppInit_DLLs-x32: , C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [158400 2016-12-09] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.9.4.8\buShell.dll [2017-05-11] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.9.4.8\buShell.dll [2017-05-11] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.9.4.8\buShell.dll [2017-05-11] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine32\22.9.4.8\buShell.dll [2017-05-11] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine32\22.9.4.8\buShell.dll [2017-05-11] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine32\22.9.4.8\buShell.dll [2017-05-11] (Symantec Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk [2015-05-24]
ShortcutTarget: SRS Premium Sound.lnk -> C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe (Acresso Software Inc.)
Startup: C:\Users\marku\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft SharePoint Workspace.lnk [2016-01-10]
ShortcutTarget: Microsoft SharePoint Workspace.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
GroupPolicyScripts-x32: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{0a99766f-9db0-4803-b44d-02c059ae3350}: [DhcpNameServer] 192.168.2.2 0.0.0.0
Tcpip\..\Interfaces\{e41c20a9-ea30-4d44-b8ea-d03ea9bea00b}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKU\S-1-5-21-4020732326-1727681914-3926867655-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
SearchScopes: HKU\S-1-5-21-4020732326-1727681914-3926867655-1004 -> {41AAB30D-96E3-472B-9270-E5DAB6E49FE4} URL = hxxps://at.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine\22.9.4.8\coIEPlg.dll [2017-05-26] (Symantec Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine32\22.9.4.8\coIEPlg.dll [2017-05-26] (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-22] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-22] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.9.4.8\coIEPlg.dll [2017-05-26] (Symantec Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.9.4.8\coIEPlg.dll [2017-05-26] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-4020732326-1727681914-3926867655-1004 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
FireFox:
========
FF DefaultProfile: mrwjsdbz.default-1494965334876
FF ProfilePath: C:\Users\marku\AppData\Roaming\Mozilla\Firefox\Profiles\mrwjsdbz.default-1494965334876 [2017-06-23]
FF Extension: (StartupMaster) - C:\Users\marku\AppData\Roaming\Mozilla\Firefox\Profiles\mrwjsdbz.default-1494965334876\Extensions\{506d044e-41fa-4cc8-9dc6-9ff70e96eebf}.xpi [2017-05-16]
FF Extension: (Video DownloadHelper) - C:\Users\marku\AppData\Roaming\Mozilla\Firefox\Profiles\mrwjsdbz.default-1494965334876\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-06-03]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.9.3.13\coFFAddon
FF Extension: (Norton Security Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.9.3.13\coFFAddon [2017-05-23]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.9.3.13\coFFAddon
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll [2017-06-23] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll [2017-06-23] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2016-04-14] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-22] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-03] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultSearchURL: Default -> hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://de.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\marku\AppData\Local\Google\Chrome\User Data\Default [2017-06-23]
CHR Extension: (Google Docs) - C:\Users\marku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-07]
CHR Extension: (Google Drive) - C:\Users\marku\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-07]
CHR Extension: (YouTube) - C:\Users\marku\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-07]
CHR Extension: (Google-Suche) - C:\Users\marku\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-07]
CHR Extension: (Google Docs Offline) - C:\Users\marku\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-09]
CHR Extension: (Norton Identity Safe) - C:\Users\marku\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2017-05-23]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\marku\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-15]
CHR Extension: (Google Mail) - C:\Users\marku\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-07]
CHR Extension: (Chrome Media Router) - C:\Users\marku\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-16]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.9.4.8\Exts\Chrome.crx [2017-06-06]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4020732326-1727681914-3926867655-1004\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.9.4.8\Exts\Chrome.crx [2017-06-06]
CHR HKLM-x32\...\Chrome\Extension: [fabhkdeopjkcpkmofliimbjckmocfiom] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [kpdmjodecdegfglgaapafjleomjjlpnh] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
R2 CIJSRegister; C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe [144464 2015-02-19] (CANON INC.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144104 2015-10-21] (ELAN Microelectronics Corp.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [387144 2016-02-04] ()
S2 MxService; C:\Program Files (x86)\Maxthon5\Bin\MxService.exe [143648 2017-02-07] (Maxthon International ltd.)
R2 NS; C:\Program Files\Norton Security\Engine\22.9.4.8\NS.exe [326160 2017-05-27] (Symantec Corporation)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [86104 2016-07-19] (Panda Security, S.L.)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2014-10-03] (CyberLink)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-11-10] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)
S2 NanoServiceMain; "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe" [X]
S2 PSUAService; "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe" [X]
S2 RtkAudioService; "C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.9.3.13\Definitions\BASHDefs\20170620.005\BHDrvx64.sys [1862784 2017-06-14] (Symantec Corporation)
R1 ccSet_NS; C:\WINDOWS\system32\drivers\NSx64\1609040.008\ccSetx64.sys [174232 2017-05-11] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [507032 2017-05-05] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156824 2017-05-05] (Symantec Corporation)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2017-04-11] (Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-04-11] (Huawei Technologies Co., Ltd.)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.9.3.13\Definitions\IPSDefs\20170622.003\IDSvia64.sys [1053824 2017-05-22] (Symantec Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R1 NNSALPC; C:\WINDOWS\system32\DRIVERS\NNSALPC.sys [103856 2015-12-10] (Panda Security, S.L.)
R1 NNSHTTP; C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys [210864 2015-12-10] (Panda Security, S.L.)
R1 NNSHTTPS; C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys [120240 2015-12-10] (Panda Security, S.L.)
R1 NNSIDS; C:\WINDOWS\system32\DRIVERS\NNSIDS.sys [120240 2015-12-10] (Panda Security, S.L.)
R1 NNSNAHSL; C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys [58616 2015-06-19] (Panda Security, S.L.)
R1 NNSPICC; C:\WINDOWS\system32\DRIVERS\NNSPICC.sys [112560 2015-12-10] (Panda Security, S.L.)
R1 NNSPIHSW; C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys [82864 2016-03-17] (Panda Security, S.L.)
R1 NNSPOP3; C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys [133552 2015-12-10] (Panda Security, S.L.)
R1 NNSPROT; C:\WINDOWS\system32\DRIVERS\NNSPROT.sys [309680 2015-12-10] (Panda Security, S.L.)
R1 NNSPRV; C:\WINDOWS\system32\DRIVERS\NNSPRV.sys [179632 2016-02-18] (Panda Security, S.L.)
R1 NNSSMTP; C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys [122800 2015-12-10] (Panda Security, S.L.)
R1 NNSSTRM; C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys [267184 2016-02-18] (Panda Security, S.L.)
R1 NNSTLSC; C:\WINDOWS\system32\DRIVERS\NNSTLSC.sys [115632 2015-12-10] (Panda Security, S.L.)
R2 PSINAflt; C:\WINDOWS\system32\DRIVERS\PSINAflt.sys [174000 2016-08-09] (Panda Security, S.L.)
R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [129456 2016-08-09] (Panda Security, S.L.)
R1 PSINKNC; C:\WINDOWS\system32\DRIVERS\PSINKNC.sys [207272 2016-08-09] (Panda Security, S.L.)
R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [133544 2016-08-09] (Panda Security, S.L.)
R2 PSINProt; C:\WINDOWS\system32\DRIVERS\PSINProt.sys [146864 2016-08-09] (Panda Security, S.L.)
R2 PSINReg; C:\WINDOWS\system32\DRIVERS\PSINReg.sys [117168 2016-08-09] (Panda Security, S.L.)
S3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [72112 2016-08-10] (Panda Security, S.L.)
R3 SRTSP; C:\WINDOWS\System32\Drivers\NSx64\1609040.008\SRTSP64.SYS [770712 2017-05-11] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\system32\drivers\NSx64\1609040.008\SRTSPX64.SYS [49304 2017-05-11] (Symantec Corporation)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NSx64\1609040.008\SYMEFASI64.SYS [1714328 2017-05-11] (Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NSx64\1609040.008\SymELAM.sys [24608 2017-05-11] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [102608 2017-05-23] (Symantec Corporation)
R1 SymIRON; C:\WINDOWS\system32\drivers\NSx64\1609040.008\Ironx64.SYS [291480 2017-05-11] (Symantec Corporation)
R1 SymNetS; C:\WINDOWS\System32\Drivers\NSx64\1609040.008\SYMNETS.SYS [567496 2017-05-11] (Symantec Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U4 aspnet_state; kein ImagePath
S3 NAVENG; \??\C:\Program Files\Norton Security\NortonData\22.9.3.13\Definitions\SDSDefs\20170523.008\NAVENG.SYS [X]
S3 NAVEX15; \??\C:\Program Files\Norton Security\NortonData\22.9.3.13\Definitions\SDSDefs\20170523.008\NAVEX15.SYS [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-06-23 16:01 - 2017-06-23 16:03 - 00026065 _____ C:\Users\marku\Downloads\FRST.txt
2017-06-23 16:00 - 2017-06-23 16:01 - 00000000 ____D C:\FRST
2017-06-23 16:00 - 2017-06-23 16:00 - 02439680 _____ (Farbar) C:\Users\marku\Downloads\FRST64.exe
2017-06-23 14:37 - 2017-06-23 14:37 - 00000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2017-06-08 20:12 - 2017-06-08 20:12 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2017-06-08 19:59 - 2017-06-08 20:03 - 259195720 _____ (Apple Inc.) C:\Users\marku\Downloads\iTunes64Setup.exe
2017-06-07 18:18 - 2017-06-07 18:18 - 00003372 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2017-05-24 01:18 - 2017-06-07 18:39 - 00000000 ____D C:\Program Files\Common Files\AV
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-06-23 14:02 - 2015-05-24 22:20 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-06-23 13:54 - 2015-05-24 22:19 - 133627792 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-06-23 13:53 - 2015-08-03 20:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-06-23 13:51 - 2015-08-03 20:39 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-06-23 13:51 - 2015-08-03 20:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-06-23 13:44 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-06-23 13:26 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-23 13:26 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-23 12:23 - 2016-11-23 18:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-06-23 12:18 - 2016-11-30 18:26 - 00000000 ____D C:\Users\marku\AppData\LocalLow\Mozilla
2017-06-23 12:17 - 2016-11-10 05:37 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-06-23 11:43 - 2017-05-23 20:20 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Security
2017-06-23 11:30 - 2017-01-27 19:53 - 00003290 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-06-23 11:30 - 2015-11-18 19:33 - 00002432 _____ C:\Users\marku\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-06-23 11:30 - 2015-11-18 19:33 - 00000000 ___RD C:\Users\marku\OneDrive
2017-06-23 11:21 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-06-23 11:21 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-06-16 14:45 - 2015-12-07 21:04 - 00000000 ____D C:\Users\marku\AppData\Roaming\vlc
2017-06-16 14:30 - 2016-08-16 19:50 - 00000916 _____ C:\Users\Public\Desktop\VLC media player.lnk
2017-06-15 20:29 - 2016-09-05 17:52 - 00000000 ____D C:\ProgramData\CanonIJPLM
2017-06-12 11:14 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-06-07 18:20 - 2017-05-16 22:27 - 00000000 ___RD C:\Users\marku\Google Drive
2017-06-07 18:18 - 2017-05-23 20:16 - 00002306 _____ C:\Users\Public\Desktop\Norton Security.lnk
2017-06-07 18:18 - 2017-05-23 20:15 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2017-06-07 18:18 - 2017-05-23 20:15 - 00000000 ____D C:\WINDOWS\system32\Drivers\NSx64
2017-06-07 18:18 - 2016-07-16 13:47 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-06-07 18:17 - 2016-11-12 09:44 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-06-07 18:17 - 2016-11-10 05:42 - 00000000 ____D C:\ProgramData\NVIDIA
2017-06-07 18:14 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-06-03 20:20 - 2016-01-09 12:15 - 00000000 ____D C:\Users\marku\dwhelper
2017-06-03 19:55 - 2017-03-21 20:15 - 00000000 ____D C:\Program Files\Opera
2017-06-03 19:54 - 2017-03-21 20:16 - 00000000 ____D C:\Users\marku\AppData\Roaming\Opera Software
2017-06-03 19:54 - 2017-03-21 20:16 - 00000000 ____D C:\Users\marku\AppData\Local\Opera Software
2017-06-03 19:32 - 2016-07-16 08:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-06-03 19:28 - 2015-05-25 13:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-06-03 10:17 - 2016-07-17 00:51 - 00946576 _____ C:\WINDOWS\system32\perfh007.dat
2017-06-03 10:17 - 2016-07-17 00:51 - 00222348 _____ C:\WINDOWS\system32\perfc007.dat
2017-06-03 10:17 - 2016-01-29 23:09 - 02339112 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-06-03 10:14 - 2015-07-01 19:49 - 00000988 _____ C:\Users\Public\Desktop\TomTom MyDrive Connect.lnk
2017-06-03 10:14 - 2015-07-01 19:48 - 00000000 ____D C:\Program Files (x86)\MyDrive Connect
2017-06-03 08:36 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-06-03 08:36 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-05-24 07:12 - 2016-12-08 08:57 - 00000000 ____D C:\Users\marku\AppData\Local\Amazon Drive
2017-05-24 07:10 - 2017-04-17 21:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Internet Security
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-12-08 17:52 - 2016-12-08 17:52 - 0023755 _____ () C:\Users\marku\AppData\Local\recently-used.xbel
2016-03-12 17:33 - 2016-03-12 17:33 - 0000016 _____ () C:\ProgramData\mntemp
Einige Dateien in TEMP:
====================
2017-06-07 18:42 - 2017-06-16 14:28 - 32100680 _____ () C:\Users\marku\AppData\Local\Temp\vlc-2.2.6-win64.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-06-03 10:55
==================== Ende von FRST.txt ============================
FRST Additions Logfile: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 21-06-2017 01
durchgeführt von marku (23-06-2017 16:04:58)
Gestartet von C:\Users\marku\Downloads
Windows 10 Pro Version 1607 (X64) (2016-11-12 07:49:43)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-4020732326-1727681914-3926867655-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4020732326-1727681914-3926867655-503 - Limited - Disabled)
Gast (S-1-5-21-4020732326-1727681914-3926867655-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4020732326-1727681914-3926867655-1002 - Limited - Enabled)
marku (S-1-5-21-4020732326-1727681914-3926867655-1004 - Administrator - Enabled) => C:\Users\marku
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Security (Enabled - Up to date) {30744133-1E94-7B35-F4A3-82A5AEF1CBAA}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Security (Enabled - Up to date) {8B15A0D7-38AE-74BB-CE13-B9D7D5768117}
FW: Norton Security (Enabled) {084FC016-54FB-7A6D-DFFC-2B9050228CD1}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
64 Bit HP CIO Components Installer (Version: 18.2.4 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.172 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.131 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ATK Hotkey (HKLM-x32\...\{7C05592D-424B-46CB-B505-E0013E8E75C9}) (Version: 1.0.0056 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0001 - ASUS)
BF-480 VR07.01 (HKLM-x32\...\BF-480 VR07.01) (Version: - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.7.0 - Canon Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.20.13 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 5.2.0 - Canon Inc.)
Canon MG7700 series Benutzerregistrierung (HKLM-x32\...\Canon MG7700 series Benutzerregistrierung) (Version: - *Canon Inc.)
Canon MG7700 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG7700_series) (Version: 1.00 - Canon Inc.)
Canon MG7700 series On-screen Manual (HKLM-x32\...\Canon MG7700 series On-screen Manual) (Version: 7.8.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.5.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.5.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.7.0 - Canon Inc.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6389 - CDBurnerXP)
CyberLink PowerDirector 13 (HKLM-x32\...\{BA385AFC-00B1-417C-8C20-74B996EF3AF0}) (Version: 13.0.3420.0 - CyberLink Corp.)
Dot4 (HKLM\...\{3EEDA265-C6F3-4EC1-A317-1C9315DEDDDE}) (Version: 1.0.0.0 - HP)
DVD Flick v2 1.3.1.0 (HKLM-x32\...\DVD Flick v2_is1) (Version: 1.3.1.0 - Dennis Meuwissen)
eDocPrintPro (HKLM\...\{57863AC1-14BF-4A3F-9673-0719DE7825ED}) (Version: 3.19.1.1 - MAY Computer)
ELAN Touchpad 15.9.5.3_X64_WHQL (HKLM\...\Elantech) (Version: 15.9.5.3 - ELAN Microelectronic Corp.)
Express Rip (HKLM-x32\...\ExpressRip) (Version: 1.94 - NCH Software)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
gs_x64 (HKLM\...\{344BD061-2564-422E-860F-9E5DC49983AE}) (Version: 9.10 - MAY Computer)
Image Rescue 5 (2.0.4) (HKLM-x32\...\Image Rescue 5_is1) (Version: 2.0.4 - Lexar)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2125 - Intel Corporation)
iTunes (HKLM\...\{0D44E3A4-6C3D-45D7-B443-079509E5BE5D}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Logitech Unifying-Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4020732326-1727681914-3926867655-1004\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 53.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0.3 (x86 de)) (Version: 53.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.2 - Mozilla)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MX5 (HKLM-x32\...\Maxthon5) (Version: 5.0.2.2000 - Maxthon International Limited)
NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.17.0 - NEC Electronics Corporation)
NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.17.0 - NEC Electronics Corporation) Hidden
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
Norton Security (HKLM-x32\...\NS) (Version: 22.9.4.8 - Symantec Corporation)
NVIDIA 3D Vision Treiber 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 342.01 - NVIDIA Corporation)
NVIDIA Grafiktreiber 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
OLYMPUS Digital Camera Updater (HKLM-x32\...\{392427E9-9FA4-4CD2-99EB-FD53A12BDCDA}) (Version: 1.2.1 - Olympus Corporation)
OLYMPUS Viewer 3 (HKLM-x32\...\{938DB0D1-AF2D-4CB6-A777-353E078E3325}) (Version: 1.5.0 - OLYMPUS CORPORATION)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
paint.net (HKLM\...\{6AC1101E-7561-43C9-BEEA-4AB1D220D8FF}) (Version: 4.0.13 - dotPDN LLC)
Panda Devices Agent (x32 Version: 1.08.00 - Panda Security) Hidden
Panda Internet Security (Version: 8.34.00 - Panda Security) Hidden
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.8.0 - Prolific Technology INC)
proDAD Adorage 3.0 (64bit) (HKLM\...\proDAD-Adorage-3.0) (Version: 3.0.108.1 - proDAD GmbH)
RawTherapee Version 4.2 (HKLM\...\{128459AB-59A7-430A-8BD0-3D8803D50400}_is1) (Version: 4.2 - rawtherapee.com)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SonyEditor (remove only) (HKLM-x32\...\SonyEditor) (Version: - )
SRS Premium Sound Control Panel (HKLM\...\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}) (Version: 1.8.2500 - SRS Labs, Inc.)
TomTom MyDrive Connect 4.1.5.3181 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.5.3181 - TomTom)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Vivaldi (HKU\S-1-5-21-4020732326-1727681914-3926867655-1004\...\Vivaldi) (Version: 1.9.818.50 - Vivaldi)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
WavePad Audio-Editor (HKLM-x32\...\WavePad) (Version: 6.12 - NCH Software)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows-Treiberpaket - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
WinHex (HKLM-x32\...\WinHex) (Version: - )
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version: - Yahoo Inc.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0E0F5297-8A68-4F71-BA30-B4DB1C8F35A0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {20160230-153A-4E62-93AB-62ADCBDAA14B} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.9.4.8\SymErr.exe [2017-05-11] (Symantec Corporation)
Task: {21D1CE28-3C44-4751-950E-6064801965D2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2B330403-75D8-4913-A315-710F726F3602} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2C87E81A-379A-4442-A858-8E1180ABC848} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {2CC27EF8-09F1-4056-9F64-E762DDC38A08} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2CDC1B58-C3DA-4A3D-8881-9DB1196A84F7} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {2FD8C91E-C77D-4553-A7CA-47BAB03D66F6} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {33C8B2C2-60AB-4097-AC4F-871D962B3256} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2017-05-27] (Symantec Corporation)
Task: {35A8D6AC-5A2B-42CF-82A8-7D66F5D519EE} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3DB1FD61-7176-46A9-96DF-77BB6C5152A7} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {420B9542-EFB5-48D0-8DBE-A6F8E4053B00} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {430B6B70-D313-456B-883C-0AFDF39D9202} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {482BB38F-7B83-4D9F-8F5C-4F0539AA7DE8} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {487CAF95-AD9E-4488-B253-180FA01F7ED0} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.9.4.8\WSCStub.exe [2017-05-27] (Symantec Corporation)
Task: {4E7555B6-9FBC-4F21-B8A1-86D1426EF86D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {57662CCC-77A4-4F2F-A211-8BF766A5EDE3} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.9.4.8\SymErr.exe [2017-05-11] (Symantec Corporation)
Task: {6252C61A-C727-4CF4-8A4C-294911CBEE4F} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {66632094-33C4-4FD7-8401-C16A49456C06} - System32\Tasks\Maxthon5 Update => C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe [2017-02-08] (Maxthon International ltd.)
Task: {6C8D5D88-D709-4664-BF9B-D4098195D875} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {770FB885-DC98-4C0D-B457-06CB8CC30330} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7C02C0C1-EFAB-4B53-A347-0E28EAC8B121} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {7DD9F811-C40E-465F-8513-AB5F925DB434} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {830B02FA-5744-4914-88EC-2D95D91FE1B9} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8374DE73-3398-46D4-8979-84746C0872F4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {84A9648B-8B95-4C0D-9CED-CA5F34097392} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {861295FF-5787-403D-ACA4-1C78988019CB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {8CD51AC6-C22A-4FF5-A721-C932CB932EB3} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {904BEDFD-338F-47D5-B315-ED334296FFF3} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {97EC2568-CF64-4338-ABED-AD807C3AACB2} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.9.4.8\SymErr.exe [2017-05-11] (Symantec Corporation)
Task: {9A6D0F5C-3028-461C-A766-DE168A1D837B} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {9DA5A626-432E-46BA-818C-20F12EE49136} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {A413B4F1-4629-4BEA-ABB5-8870C5BB1C7A} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {B2EF4EC7-306B-4E15-ADF3-8780DBDF14EE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B4357120-AC58-4291-8546-9C894A26630B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-06-23] (Microsoft Corporation)
Task: {B8760219-A31B-48FC-A0B5-FFB66D781AE3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-25] (Google Inc.)
Task: {BC29FE68-80A9-4902-8485-E112A73082EC} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {C19EA7B3-56B8-49D5-8B29-A996F5A9D03A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-25] (Google Inc.)
Task: {C26393A4-A563-4867-AC94-2C7EC9920BD6} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-23] (Adobe Systems Incorporated)
Task: {C4141C6B-1580-4659-8116-41449CF352FF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {D3207349-8C8C-45FB-A32C-6E2BFC7CCD21} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {D8C7AA4F-9EC8-4634-9536-DB6A0DFB9CB2} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {D902E73E-6A90-4661-B851-3864FD238A99} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {EC3EB630-A5EE-41CE-836A-01C1D9926D85} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {ECEFC1F0-22D6-49A7-AC58-501203D0F84D} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F9880F8E-E12A-4F36-97A4-C98BE32C3974} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-09-05 17:52 - 2016-02-04 12:53 - 00387144 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2016-09-01 18:12 - 2016-09-01 18:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-05-09 00:44 - 2017-05-09 00:44 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-05-12 08:46 - 2017-04-28 02:49 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-11-10 05:42 - 2016-11-14 13:15 - 00135224 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2016-11-10 05:23 - 2016-11-10 05:23 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-18 13:59 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2012-11-26 23:54 - 2012-11-26 23:54 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2017-06-23 13:17 - 2017-06-23 13:18 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-06-23 13:17 - 2017-06-23 13:18 - 00203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-06-23 13:17 - 2017-06-23 13:18 - 43454464 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-06-23 13:17 - 2017-06-23 13:18 - 02437120 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\skypert.dll
2017-03-18 14:00 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-18 14:00 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-18 14:00 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-05-12 08:46 - 2017-04-28 01:36 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-05-12 08:47 - 2017-04-28 01:37 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4020732326-1727681914-3926867655-1004\Control Panel\Desktop\\Wallpaper -> c:\users\marku\pictures\wallpaperz\asus wallpapers - full hd wallpaper search.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\Run: => "ApplyEsf-eDocPrintPro"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKU\S-1-5-21-4020732326-1727681914-3926867655-1004\...\StartupApproved\Run: => "OneDrive"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{F949B773-E537-4B21-844B-4B6753C77BC8}] => (Allow) C:\Program Files\CyberLink\PowerDirector13\PDR10.EXE
FirewallRules: [{B7F967C1-4C2F-4686-AB5D-A5ACC65B9B34}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{34A4F4E5-4C0E-468C-A457-22C8EC9C1EB3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{27EDB1CF-F72F-4DEA-88C4-2F98F4361B3B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5D5B06FD-1A88-46FC-93A7-D4AC5D76D9A7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8A1EAA6D-3489-41E0-8754-DDF6FE4FAF51}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5C70E505-294C-4B57-9E28-6B06ACBA3991}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{02A7F8C1-C508-4174-8987-D34EF38B94E4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{DB007B85-F615-4C46-9DEC-7CFAA07B3CB3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{FAE3D42C-B1EE-4D81-AEE0-F1222C47DA16}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{C071AB16-96B5-4383-AE23-3A25318F1639}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{8A63850B-E05D-4D86-84B4-A25BA7D513B2}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{8F6DE979-1D64-4540-8ACB-E62F67E6BF11}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe
FirewallRules: [{EA6A018C-534A-435E-903A-0A15D1DF9EF0}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe
FirewallRules: [{84E896C0-96E6-43BA-8147-F4FE52802F90}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\MxUp.exe
FirewallRules: [{18B936C5-BF98-45E5-8FFD-47852E841DAD}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\MxUp.exe
FirewallRules: [{220F859C-1BA3-4687-9400-2852A966EFE0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8FA1C7B3-5BF4-462A-9A55-6DD4D8332366}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{893FC74E-FBC9-4033-AF44-7DC074A5656C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
Überprüfen Sie den "winmgmt" Dienst oder reparieren Sie den WMI.
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (06/23/2017 04:07:20 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
.
Vorgang:
VSS-Server wird instanziiert
Error: (06/23/2017 04:07:20 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} und dem Namen "IVssCoordinatorEx2" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
]
Vorgang:
VSS-Server wird instanziiert
Error: (06/23/2017 02:01:38 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL W3SVC kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.
Error: (06/23/2017 02:01:37 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "aspnet_state" in der DLL "C:\Windows\System32\aspnet_counters.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (06/23/2017 02:01:37 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "ASP.NET_4.0.30319" in der DLL "C:\Windows\System32\aspnet_counters.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (06/23/2017 02:01:37 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "ASP.NET" in der DLL "C:\Windows\System32\aspnet_counters.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (06/23/2017 01:54:00 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\WINDOWS\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Fehler = 0x80042302).
Error: (06/23/2017 01:54:00 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
.
Vorgang:
VSS-Server wird instanziiert
Error: (06/23/2017 01:54:00 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} und dem Namen "IVssCoordinatorEx2" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
]
Vorgang:
VSS-Server wird instanziiert
Error: (06/23/2017 01:48:53 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\WINDOWS\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Fehler = 0x80042302).
Systemfehler:
=============
Error: (06/23/2017 11:20:56 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (06/16/2017 02:24:44 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (06/16/2017 02:23:03 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "E:" können nicht gelesen werden.
Error: (06/16/2017 09:50:06 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (06/15/2017 07:36:05 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (06/12/2017 10:55:42 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (06/08/2017 07:47:22 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (06/07/2017 06:19:59 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (06/07/2017 06:17:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NanoServiceMain" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (06/07/2017 06:17:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "PSUAService" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
CodeIntegrity:
===================================
Date: 2017-05-23 20:49:41.172
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\SMCLpav\Pav2WSC.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-23 20:49:41.164
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\SMCLpav\Pav2WSC.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-23 20:49:41.157
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\SMCLpav\Pav2WSC.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-23 20:49:41.151
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\SMCLpav\Pav2WSC.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-23 20:49:41.147
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\SMCLpav\Pav2WSC.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-23 20:49:41.141
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\SMCLpav\Pav2WSC.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-23 20:49:41.133
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\SMCLpav\Pav2WSC.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-23 20:49:41.128
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\SMCLpav\Pav2WSC.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-23 20:49:41.035
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\SMCLpav\Pav2WSC.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-23 20:24:21.638
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\SMCLpav\Pav2WSC.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz
Prozentuale Nutzung des RAM: 70%
Installierter physikalischer RAM: 3885.53 MB
Verfügbarer physikalischer RAM: 1127.68 MB
Summe virtueller Speicher: 7853.53 MB
Verfügbarer virtueller Speicher: 4595.77 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:465.22 GB) (Free:82.18 GB) NTFS
Drive d: (Traction DVD 2016) (CDROM) (Total:7.7 GB) (Free:0 GB) UDF
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: DF826BD5)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
==================== Ende von Addition.txt ============================
Malwarebytes Anti-Rootkit BETA 1.9.3.1001 www.malwarebytes.org Database version: main: v2017.06.23.06 rootkit: v2017.05.27.01 Windows 10 x64 NTFS Internet Explorer 11.1198.14393.0 marku :: MARKUSSPIEGL-PC [administrator] 23.06.2017 16:13:24 mbar-log-2017-06-23 (16-13-24).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: Objects scanned: 351649 Time elapsed: 57 minute(s), 52 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 1 HKLM\SOFTWARE\WOW6432NODE\YingSoft (Trojan.Agent.Trace) -> Delete on reboot. [ddc54af8743539fdc3e560a06d964fb1] Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) |
|
23.06.2017, 17:13
| #2 |
| | TDSSKiller Report (Teil 1) 17:29:40.0042 0x366c TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
__________________17:29:45.0292 0x366c ============================================================ 17:29:45.0292 0x366c Current date / time: 2017/06/23 17:29:45.0292 17:29:45.0292 0x366c SystemInfo: 17:29:45.0297 0x366c 17:29:45.0297 0x366c OS Version: 10.0.14393 ServicePack: 0.0 17:29:45.0297 0x366c Product type: Workstation 17:29:45.0297 0x366c ComputerName: MARKUSSPIEGL-PC 17:29:45.0297 0x366c UserName: marku 17:29:45.0297 0x366c Windows directory: C:\WINDOWS 17:29:45.0297 0x366c System windows directory: C:\WINDOWS 17:29:45.0297 0x366c Running under WOW64 17:29:45.0297 0x366c Processor architecture: Intel x64 17:29:45.0297 0x366c Number of processors: 4 17:29:45.0297 0x366c Page size: 0x1000 17:29:45.0298 0x366c Boot type: Normal boot 17:29:45.0298 0x366c CodeIntegrityOptions = 0x00000001 17:29:45.0298 0x366c ============================================================ 17:29:47.0428 0x366c KLMD registered as C:\WINDOWS\system32\drivers\00928850.sys 17:29:47.0428 0x366c KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.1198, osProperties = 0x19 17:29:54.0875 0x366c System UUID: {78E49C4F-A211-ED72-D1C2-314878A055DB} 17:30:02.0245 0x366c Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 17:30:02.0269 0x366c ============================================================ 17:30:02.0269 0x366c \Device\Harddisk0\DR0: 17:30:02.0270 0x366c MBR partitions: 17:30:02.0270 0x366c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 17:30:02.0270 0x366c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A272000 17:30:02.0270 0x366c ============================================================ 17:30:02.0303 0x366c C: <-> \Device\Harddisk0\DR0\Partition2 17:30:02.0303 0x366c ============================================================ 17:30:02.0303 0x366c Initialize success 17:30:02.0303 0x366c ============================================================ 17:30:11.0615 0x37ac ============================================================ 17:30:11.0615 0x37ac Scan started 17:30:11.0615 0x37ac Mode: Manual; 17:30:11.0615 0x37ac ============================================================ 17:30:11.0615 0x37ac KSN ping started 17:30:18.0965 0x37ac KSN ping finished: true 17:30:21.0332 0x37ac ================ Scan system memory ======================== 17:30:21.0332 0x37ac System memory - ok 17:30:21.0334 0x37ac ================ Scan services ============================= 17:30:21.0674 0x37ac [ A7901875F89D011C38CF52C98ACF5B29, 782141AB1DD7ACDE6EA08B5BAFDE8BADD05B81D38C18E097D6D9C46102056EB1 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys 17:30:21.0707 0x37ac 1394ohci - ok 17:30:21.0739 0x37ac [ EE1CCC54F75C24727A218F98FC5349DA, 0B0D26640BFA0F551B7087027E572D0BF2C5EAF50A4187C5A7D839180B7FF589 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys 17:30:21.0761 0x37ac 3ware - ok 17:30:21.0867 0x37ac [ 73C73E1AA0D4D727A04AAAB120B7F56A, 5D311F11022994410DF5C67914D38B1F0D813EFD181EA234750286A272D67A1A ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys 17:30:21.0958 0x37ac ACPI - ok 17:30:22.0020 0x37ac [ 0935496EF9624B46B935CB35ECE1F205, A22A2A29195505A65E8626D60B00C86C23E0CABC1EB8345EA5ED523516CC21C0 ] AcpiDev C:\WINDOWS\System32\drivers\AcpiDev.sys 17:30:22.0077 0x37ac AcpiDev - ok 17:30:22.0095 0x37ac [ D6794C31F4077B71433988787BAA926E, F16365C2F195AAE94D4740E6C3DF4C0CECEC6393CAD65425DCCD28CDBA6EC51A ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys 17:30:22.0116 0x37ac acpiex - ok 17:30:22.0156 0x37ac [ FE5F656D6B35089DA39112E74EC6A85A, 5D81EE63998232A5B36DE47FE15B9D04D5BD02234CA133A2462AECA8C60A22ED ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys 17:30:22.0172 0x37ac acpipagr - ok 17:30:22.0250 0x37ac [ 2F242941E4DFF69B883D77A16F039557, 45C388365317C720654A659A9326B2BC0E9D84929C704654985597D5D620101C ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys 17:30:22.0260 0x37ac AcpiPmi - ok 17:30:22.0291 0x37ac [ C247E35A21682DA8D0DC3AF9F025FCC5, 455415EE3166B3043AD8A4DD50B688DB74242267FB555642441251EFA823E971 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys 17:30:22.0295 0x37ac acpitime - ok 17:30:22.0393 0x37ac [ 8D6BA8E7676038A27FD4ECF12CC744B0, F5D59B764DCB4A06A51939533DC7B2391FD68E3979C48939C023A60DCE0D2101 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 17:30:22.0399 0x37ac AdobeARMservice - ok 17:30:22.0571 0x37ac [ 7DE8B8AC559E16AEB388E7D098E7C288, 37F24B6182E3DE39BDE568304E5ED97CDE9CB45B6BF5C7A4096A09138C1D0B89 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 17:30:22.0611 0x37ac AdobeFlashPlayerUpdateSvc - ok 17:30:22.0729 0x37ac [ 49B9DB97AFC85DCCBDACDAB2E90085B7, 2A6C2A09F74EA15044F442CCFB54A0F24F105ADB915E5C78F02F59652DC29152 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS 17:30:22.0815 0x37ac ADP80XX - ok 17:30:22.0914 0x37ac [ 323AA1953ED9C01E23F740FA891FE064, 4CED6E3D61749316CDE28965C913E7ED462539DAAD637A29484F62AF47AD650D ] AFD C:\WINDOWS\system32\drivers\afd.sys 17:30:23.0010 0x37ac AFD - ok 17:30:23.0085 0x37ac [ 23522E5D581F7722B1B5B86737CAE39C, FB81ABD304376A1E87B65F5E1B34477B628CEDB2091C5D754DE97464B6050C5B ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys 17:30:23.0118 0x37ac ahcache - ok 17:30:23.0177 0x37ac [ D0905D4A945D01D4B28DB9E1BD5985F7, CF389CBCD3B99D1BAE34A42F723F1005C32213A394F691978076D3DF1727715C ] AJRouter C:\WINDOWS\System32\AJRouter.dll 17:30:23.0200 0x37ac AJRouter - ok 17:30:23.0250 0x37ac [ 8FD51B3B35707A66080D7C8CB05E792D, FE52F3DC280D208FDDC75F6E3294B8D601E0D86F9BD3DB1ACC8FC296AC74C23B ] ALG C:\WINDOWS\System32\alg.exe 17:30:23.0272 0x37ac ALG - ok 17:30:23.0346 0x37ac [ C17BAFA60F941A1AF5C2B10D8632C409, 43B030E2571D5FC8F6B439C678C2A2261188945C65D6A83E8487E8084645C79A ] amdhub30 C:\WINDOWS\system32\drivers\amdhub30.sys 17:30:23.0360 0x37ac amdhub30 - ok 17:30:23.0440 0x37ac [ DF21E05E41E5AC3F13F304D91457649A, 7F48F2AD1DBE89A261113C76D7C23AD7D87D5599BCC31F8A558A8A10B81BF521 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys 17:30:23.0456 0x37ac AmdK8 - ok 17:30:23.0525 0x37ac [ 45D0AA4BB90B821DF92E8F19ABED0C5E, EA87A6E98DB3C5A88A844C04C6934E870B7004E783AA5211722115382A211B90 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys 17:30:23.0539 0x37ac AmdPPM - ok 17:30:23.0606 0x37ac [ 74FFBC43B4B899C9A8CA06A892F2CE73, 8D599363C7F3D373F1859BAA4D06DD0F40BE78B56BE52B74DE6EA6EF99452004 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys 17:30:23.0617 0x37ac amdsata - ok 17:30:23.0701 0x37ac [ AAB0F1D8D7E54761ABAB13AF161F1680, CF847990EFFA2828F5B1DB1A68F08A6C2C918E9612EDFFCF95C36BCABBBEA272 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys 17:30:23.0732 0x37ac amdsbs - ok 17:30:23.0760 0x37ac [ F91BAAC4237C40352A807000F3B716F9, F7EFA08E5067C3D419C9D21EDB880BA08883A80DDF35F8B42EC3AB293FE5E03E ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys 17:30:23.0766 0x37ac amdxata - ok 17:30:23.0803 0x37ac [ 3DC51308F5E7A4BB8020D16E64E9D882, 08A0870D7343E3DB3CCDEDB6F53DE7A86440B0272E1D4F0E826D444EC3D8FBC0 ] amdxhc C:\WINDOWS\system32\drivers\amdxhc.sys 17:30:23.0828 0x37ac amdxhc - ok 17:30:23.0850 0x37ac [ BC121C099C6C659126AD2102AFDFF8CF, 42B5EE293BDD7ADCE48173A01B30D8452564B9DA225EAF25E9292FE77C0FCF3E ] AppID C:\WINDOWS\system32\drivers\appid.sys 17:30:23.0860 0x37ac AppID - ok 17:30:23.0918 0x37ac [ 0A7C202CDBFD295363A09DE1A2C05F45, AB516BB714CAD60994A42710E7747FB50A5890F71BD8880BF86096CC485DE393 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll 17:30:23.0939 0x37ac AppIDSvc - ok 17:30:24.0003 0x37ac [ 79A87DD43331290A276C02DC396BF530, D0781DC027EE60C94831A2C9C3DD741F8F2100A253CD847E7FCFA59919014278 ] Appinfo C:\WINDOWS\System32\appinfo.dll 17:30:24.0015 0x37ac Appinfo - ok 17:30:24.0146 0x37ac [ 7DEFAE8665BCEDDC2C9983138D69D7A5, BDD39E55DDFD33114EC36CBE79298149E6A920A6B8F440A8C1F7A7003D1867C9 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 17:30:24.0154 0x37ac Apple Mobile Device Service - ok 17:30:24.0217 0x37ac [ 68190E2BADF23BD782344970E5B5DE9E, 95D30EC12C7FDF5822CED8BC2F17669A6687A2FB262B4F0D15C8DCFF4E9AB33D ] applockerfltr C:\WINDOWS\system32\drivers\applockerfltr.sys 17:30:24.0221 0x37ac applockerfltr - ok 17:30:24.0280 0x37ac [ 76A12AC673B0F8A607ACDD0583C247D4, CBC6C0EB82C7A8E3998344280BBB5A697AFA7206CA2BADFDA7ED6E7DD20E3DAC ] AppMgmt C:\WINDOWS\System32\appmgmts.dll 17:30:24.0290 0x37ac AppMgmt - ok 17:30:24.0385 0x37ac [ E2B0B9A477C169C466609F866311CD45, 26846DC6BF6ECFD97A7C0714160B870A733E1255779029327C1415D48AF133E6 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll 17:30:24.0458 0x37ac AppReadiness - ok 17:30:24.0565 0x37ac [ 99CA3E622070FDBD7B75EB7E86B2DE40, 12BDD092667250EBC99B4D597897C1B2C83115CD83ECCDEAC36B2D9C9BEA77B6 ] AppVClient C:\WINDOWS\system32\AppVClient.exe 17:30:24.0638 0x37ac AppVClient - ok 17:30:24.0723 0x37ac [ B66ED2CB37F7E4696A51612AFBA08834, 70BA67AF7F1290E3145B873B53516F138E50D8AAC80CD00CBA66467ABC6643CB ] AppvStrm C:\WINDOWS\system32\drivers\AppvStrm.sys 17:30:24.0757 0x37ac AppvStrm - ok 17:30:24.0820 0x37ac [ 8DC924848E20F890BEFC6B31136D46BE, B7603425B4970F505B5A3EB0F6652A9CDD188059BDC945D6DF2BADC2DF8F4B5D ] AppvVemgr C:\WINDOWS\system32\drivers\AppvVemgr.sys 17:30:24.0853 0x37ac AppvVemgr - ok 17:30:24.0915 0x37ac [ 9ADC5A8BEE10E174F95349E9232D8E76, F322991323DCDC51199BB3AB0DA20F6C3CC7EE6E804400B473C610FDB895F0AE ] AppvVfs C:\WINDOWS\system32\drivers\AppvVfs.sys 17:30:24.0947 0x37ac AppvVfs - ok 17:30:25.0119 0x37ac [ 95415C7C5C43882F7163CA07D956ADA2, 5A082F36A39BE9ABC47AE8A72972554BA577EB04D8018EC862615EA2130FA0E3 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll 17:30:25.0231 0x37ac AppXSvc - ok 17:30:25.0303 0x37ac [ E6AB1F0B4C3D4E0D2A88332D76FECD03, 0D3003EB979DA4546DCDD055011E24F13E34F683F02C9801CAC564D1809F11D2 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys 17:30:25.0316 0x37ac arcsas - ok 17:30:25.0354 0x37ac [ 18E5C2F937F9DEB8C282DF66A3761925, 30294C381F8C7DCB45EF9BCF572F410FF47630E12D5AA02259C6C80F07BEF495 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe 17:30:25.0358 0x37ac ASLDRService - ok 17:30:25.0390 0x37ac [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys 17:30:25.0400 0x37ac ASMMAP64 - ok 17:30:25.0444 0x37ac [ 61C5A480C43E7E8E49C42869F49D0D3E, E610F0E4315ABA1D90AD4A1D7A68ABA2ACBB7FCA89E9D1798470365D52592D55 ] AsyncMac C:\WINDOWS\System32\drivers\asyncmac.sys 17:30:25.0455 0x37ac AsyncMac - ok 17:30:25.0512 0x37ac [ A10F989A812B57B9695F6C305907C9C6, E2B292610079AA1A10696138DE8130905A8A834B75A8DED7EBF8B6732B77A0F4 ] atapi C:\WINDOWS\system32\drivers\atapi.sys 17:30:25.0522 0x37ac atapi - ok 17:30:25.0764 0x37ac [ D03E551165C72F2A4BBDDC566EAA819E, 8047E2D20724B464B481F06C3AC1FA5734E97F7EC0D86EFEECD76480C84B3959 ] athr C:\WINDOWS\System32\drivers\athwnx.sys 17:30:26.0453 0x37ac athr - ok 17:30:26.0483 0x37ac [ 63F1212FFE13E62CA1E8D8EE19ABD9A7, A552CAF830CD1D01C077EDDEC95832F5826631D2DFA8747E0E393E32ACED2A57 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe 17:30:26.0487 0x37ac ATKGFNEXSrv - ok 17:30:26.0562 0x37ac [ 44D50F4B55BEE38C97A6CBECEBC59384, 43C35E5547E5180B25726F90E0B94149DE1099FD507A6357A6A284A2749433F3 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll 17:30:26.0609 0x37ac AudioEndpointBuilder - ok 17:30:26.0661 0x37ac [ 36A9B38EA06A8C14CC82E0C8004A6635, 959E6B359D89E112976AF488F2756F770B491AE53ED07E9D31B4A3D8A7F33C80 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll 17:30:26.0719 0x37ac Audiosrv - ok 17:30:26.0775 0x37ac [ 6D90FDA2DC364B8EA1420F2F81585CC3, 10E6F23A213CFE49BE04BB7D366ADD4028D61D7114FEC67C30B5467DF6B36D4F ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll 17:30:26.0787 0x37ac AxInstSV - ok 17:30:26.0896 0x37ac [ 61BAC67048CA5C1D08C48FCC8012B613, 71B2A466FC38DA1029B471FBD2541D8FE359751A7B212AE0F420DB3645916450 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys 17:30:26.0925 0x37ac b06bdrv - ok 17:30:26.0986 0x37ac [ 94D6B95485BFA35D81524B0EBA0F7569, 14A32CD501B1D816526A75A9EB3782E6C4FF78831628F257050AD2BA73733F57 ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys 17:30:26.0993 0x37ac BasicDisplay - ok 17:30:27.0006 0x37ac [ 2E78B31C90766FD086D2B766528E9AEA, D0D9ED8AD90E3D400DA4231AB313B4B2869930DADC3034D6FCDEA000E424F843 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys 17:30:27.0011 0x37ac BasicRender - ok 17:30:27.0079 0x37ac [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn C:\WINDOWS\System32\drivers\bcmfn.sys 17:30:27.0082 0x37ac bcmfn - ok 17:30:27.0101 0x37ac [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys 17:30:27.0107 0x37ac bcmfn2 - ok 17:30:27.0174 0x37ac [ 2B4D3AEAAD02954F8C191BC2D67949AD, 8237C9AD556CFAF7442FF60F78608104BC17CE3134C89D986D49C38CC60B1518 ] BDESVC C:\WINDOWS\System32\bdesvc.dll 17:30:27.0201 0x37ac BDESVC - ok 17:30:27.0238 0x37ac [ 0A508274355745EEF01C6BE3198D02C4, E2DB08AEE2368FA95FDB357BB31EA4EBF31679C3E72E109DB3D7CD1B5F7B828E ] Beep C:\WINDOWS\system32\drivers\Beep.sys 17:30:27.0241 0x37ac Beep - ok 17:30:27.0350 0x37ac [ 5125CBB61AC81168366BEB290399CB8E, B2A3095D45E2114DE2BD0E5A3AE20B3CE95EE517A35B9E1EAD05E231F38DBDCF ] BFE C:\WINDOWS\System32\bfe.dll 17:30:27.0393 0x37ac BFE - ok 17:30:27.0645 0x37ac [ 332CC3640808BB31D28C710D878F7668, D1F7FC0C08B78F9D52FDE90D2B12832AC182FEE0980079EFCDF424BE007C9E68 ] BHDrvx64 C:\Program Files\Norton Security\NortonData\22.9.3.13\Definitions\BASHDefs\20170620.005\BHDrvx64.sys 17:30:27.0726 0x37ac BHDrvx64 - ok 17:30:27.0840 0x37ac [ D876C567AB767258036F05E4766189FD, DE8BA67325CB64495BD454B8F9DDCAE82636253844FC68B360C7E1CF5D51DD0E ] BITS C:\WINDOWS\System32\qmgr.dll 17:30:27.0894 0x37ac BITS - ok 17:30:27.0968 0x37ac [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 17:30:27.0990 0x37ac Bonjour Service - ok 17:30:28.0038 0x37ac [ 9CD2A4821DE379305CACB2E99AD8953A, 89D700DFC3C59ACBBADB48954A28C0EBF8D6A11A9E63837689DD891868E43188 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys 17:30:28.0053 0x37ac bowser - ok 17:30:28.0141 0x37ac [ 82A93A0772A29EB6E41438D9AE5ECDBD, 2C0EBA86DA33B763B6EBCF3D0A936FB92E0F36FD3D18D0812A33FC5FF1906C3C ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll 17:30:28.0204 0x37ac BrokerInfrastructure - ok 17:30:28.0264 0x37ac [ B3F32C630DD3F2F6A6091B89CFF13641, 7A9C53EF9AB9FF1DC392FD711B194A101DB36CA5BC799E817BEB446741089B76 ] Browser C:\WINDOWS\System32\browser.dll 17:30:28.0308 0x37ac Browser - ok 17:30:28.0364 0x37ac [ 722036C26D2C4E50EC2A2EC5FD678846, 999468038AE01F0FF6881F4B2A2CB67BC636641188E95F10729E08ADBC3CB3DE ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys 17:30:28.0410 0x37ac BthAvrcpTg - ok 17:30:28.0431 0x37ac [ C2E31BE025D46D189E38DD1EDF07837A, 656528DCAAAF485EC57EE5C3021E96736634DE3B9C39CBCD2728E055ABD4C0A5 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys 17:30:28.0440 0x37ac BthHFEnum - ok 17:30:28.0464 0x37ac [ F7CD605FC0B0B22F3F6F247595E3A655, 1CD9140DE5415DDBEACD8667E63E5C95FD64D693B56302A0474E693E578BEAB0 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys 17:30:28.0468 0x37ac bthhfhid - ok 17:30:28.0544 0x37ac [ B157D72BDA6A6DD6E9DC6BF338CD0CF8, B2AC26AE214151E5AD93DED78256BC0295DBF0133C854E7DEE4CD776D9C9A349 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll 17:30:28.0570 0x37ac BthHFSrv - ok 17:30:28.0588 0x37ac [ 535DC41A33630AE4C262406F9E981C03, 599332589AA28D04189E19B87A4AE6FEEB60B40A7BC6E3B11240DA363A981C29 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys 17:30:28.0594 0x37ac BTHMODEM - ok 17:30:28.0667 0x37ac [ 577FFA2B0B8572587FEB825F42453E81, D1BA449B7A535D0F6BC2EDE75D2CBA585E3A00FE552E244F342FB4ACA029A9A5 ] bthserv C:\WINDOWS\system32\bthserv.dll 17:30:28.0693 0x37ac bthserv - ok 17:30:28.0760 0x37ac [ 23F9EF739F685E07482116425E7879AA, 0EBDF96A49A319C0BCF6F51FB6C8C392C017E1738B950C19C91FF43E14D73143 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys 17:30:28.0765 0x37ac buttonconverter - ok 17:30:28.0834 0x37ac [ 60EB6A4CE3E21887D302350631C16F26, 4270EFA22285C1A9336CF1220761E416950D2DA9C6A40D1D8452686CD5040DAB ] CapImg C:\WINDOWS\System32\drivers\capimg.sys 17:30:28.0845 0x37ac CapImg - ok 17:30:28.0921 0x37ac [ AF24D2C05C37790E0039D53634C440F1, 8B33D14C340074DEE193FE19B61088070CF9EB21CCE6BBB13DE11172F96DDBBE ] ccSet_NS C:\WINDOWS\system32\drivers\NSx64\1609040.008\ccSetx64.sys 17:30:28.0944 0x37ac ccSet_NS - ok 17:30:29.0004 0x37ac [ F8FB51B9EF6372610E9B31A1D86B62FC, 7461584A8B39AC549AD7BAFFA509D4CD81EEE542808BC8EFC285863A0AE6432D ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys 17:30:29.0013 0x37ac cdfs - ok 17:30:29.0106 0x37ac [ 2E6612376D257F74781F2EF1F869D8C3, 908B0DECB9F098F7F11B029A03C06C67FB52E5E8BEA42033A2B579D3B3686AB8 ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll 17:30:29.0151 0x37ac CDPSvc - ok 17:30:29.0186 0x37ac [ A93C9B9EBE2FDE5A536000D72CC17F7F, 9793CFAE8BE8C6B5B39A1D276577965FBB2CE131325A410B7C68BD23492ADAAF ] CDPUserSvc C:\WINDOWS\System32\CDPUserSvc.dll 17:30:29.0209 0x37ac CDPUserSvc - ok 17:30:29.0309 0x37ac [ 613D0137C269187FA298A157E3D14A18, 84BC268525F14BB27202CE242BF94D9E83BC91B50A0335908574F31B29A2F04D ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys 17:30:29.0332 0x37ac cdrom - ok 17:30:29.0403 0x37ac [ E189727B3C9909A85B33A16B290E192E, 2C273A9F44EDC5E5435904E9681973854B2F3EBB6100021BB139FF0CCCE9BF20 ] CertPropSvc C:\WINDOWS\System32\certprop.dll 17:30:29.0436 0x37ac CertPropSvc - ok 17:30:29.0513 0x37ac [ 0AED948DA8D5F08B3D6F12E4E2089736, 95E538E81DDBC83492C5F3820C82C78F050B4D74ACF12D7970EC84F93581AE29 ] cht4iscsi C:\WINDOWS\system32\drivers\cht4sx64.sys 17:30:29.0569 0x37ac cht4iscsi - ok 17:30:29.0680 0x37ac [ 0002A0FDE087C1657AB31CE73077539C, 4DD6210B67E9633AB3240371590869DC833A4C986C74FC12A5D4FFFFD361848A ] cht4vbd C:\WINDOWS\System32\drivers\cht4vx64.sys 17:30:29.0819 0x37ac cht4vbd - ok 17:30:29.0951 0x37ac [ F9C045A0001F94F964AB860C91ACDCA7, FC936CFB3D7A9ED99D7DDDC8A6B1761B90FA7EA6843612A2A6FC758C4F3DEDA5 ] CIJSRegister C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe 17:30:29.0961 0x37ac CIJSRegister - ok 17:30:30.0030 0x37ac [ 6B4F90A287D75CCD78694F6790C911B2, 73D7C31E9F475FA3FD568FCA9A953F968729AA114F63C06F38BF5198DAD67BD8 ] circlass C:\WINDOWS\System32\drivers\circlass.sys 17:30:30.0053 0x37ac circlass - ok 17:30:30.0132 0x37ac [ B72D26074E72A757D788FB1BEF8B2F2E, 36847C5315AFB9A5EC66AD3EF2A09C24C0FAF669FDF0831F78600F4609352CB4 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys 17:30:30.0168 0x37ac CLFS - ok 17:30:30.0249 0x37ac [ E133CFCBFABB3CB517BE9F42FEA5887C, DA699CDD5F3CC427354540C907BD24CCA7BAC3112C53918EB611CB4EEC7611DA ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll 17:30:30.0291 0x37ac ClipSVC - ok 17:30:30.0306 0x37ac [ EEC3A4A98AE1A337E3CD1483AD6F2E15, 764DA329984A95E092F5C15116DA34FA7FC27216C0862365D4BF10ADC97EC5C5 ] clreg C:\WINDOWS\System32\drivers\registry.sys 17:30:30.0328 0x37ac clreg - ok 17:30:30.0393 0x37ac [ 429623E266EF067A44E8CF148E9DFB9B, A48AA85ACC52C7AD73DB2D6148B3F9FB5EAC33C8F8C5BB6D7D0A9D84B7C08E11 ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys 17:30:30.0420 0x37ac CmBatt - ok 17:30:30.0524 0x37ac [ D7D1A078B0CBC042ACE81E7B0B082994, 4DE92876176C2F82A59B74CA1FAAE7A5CE84C90A505A52A737C631D7120E31A4 ] CNG C:\WINDOWS\system32\Drivers\cng.sys 17:30:30.0592 0x37ac CNG - ok 17:30:30.0606 0x37ac [ 3DB10C59405931E2C72EFB82C1AF97D1, 100B5450A70988DB1C1F8A5FDBB3553AF1A0D47B42A5AC71460DB92E26010CE6 ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys 17:30:30.0611 0x37ac cnghwassist - ok 17:30:30.0739 0x37ac [ 34C935AF2A414572B412B3556586D783, 912981B88B0796576ECCD5EBE0C4728EC02D5D6A96B039447DCBA59B2583F25E ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys 17:30:30.0743 0x37ac CompositeBus - ok 17:30:30.0755 0x37ac COMSysApp - ok 17:30:30.0812 0x37ac [ 44EEEB2382F566999287E13F2067693C, 53A4A0C85EAD38030FF2078C67465E3710ECD03A08FF34E1E67B2E3E1CC70043 ] condrv C:\WINDOWS\system32\drivers\condrv.sys 17:30:30.0836 0x37ac condrv - ok 17:30:30.0932 0x37ac [ BE8478598F5D6FF600CC13DBA188F81C, 5D78E1F6F5F4AB77518F9B7DA904E6B97EA7B01D45B043939B048DF019FE49A6 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll 17:30:30.0975 0x37ac CoreMessagingRegistrar - ok 17:30:31.0048 0x37ac [ 5F06CAC4B09250CDDDD0180A08162924, A2EB0A57225E65FC264CFC9FAD858D8B54A015CDAE3DC904B1C4E9AAB40B1F06 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll 17:30:31.0080 0x37ac CryptSvc - ok 17:30:31.0170 0x37ac [ EC2EA2F6C6D23315C20B4829F00D0440, BF1F47C3485E9112FB64F582DFA4679455203574F82A5ADB222BDA1FED1601E6 ] CSC C:\WINDOWS\system32\drivers\csc.sys 17:30:31.0222 0x37ac CSC - ok 17:30:31.0326 0x37ac [ BE35D1BAC3F18C9EB1C1CFBA31ED95E3, 4255475D173868A0E5583E844A1884E819E229838C4DEACAC47F1A4DEF388C9D ] CscService C:\WINDOWS\System32\cscsvc.dll 17:30:31.0366 0x37ac CscService - ok 17:30:31.0417 0x37ac [ 3BBD0073265DA6D3EFBA54B26E5D8236, 3C10C8BEC0D8AC41A3FBD589F41A83D6345C1FDD04B8B99063B2F5670CF10B18 ] dam C:\WINDOWS\system32\drivers\dam.sys 17:30:31.0428 0x37ac dam - ok 17:30:31.0512 0x37ac [ 4A7015195E49A3BA7DB967B277B21E9D, 2EE10950BC0E2B13303491725FB3F0D3AF63518B7D1593BCC4BF503F4A11F408 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 17:30:31.0557 0x37ac DcomLaunch - ok 17:30:31.0629 0x37ac [ AE9F09F87755C18904656CB4F59F351D, B352A43B3B68B497D87B49C302AF3F37F36D56D49878AE3785C3D43597E5DC57 ] DcpSvc C:\WINDOWS\system32\dcpsvc.dll 17:30:31.0667 0x37ac DcpSvc - ok 17:30:31.0755 0x37ac [ ABBD3EE724117242E28D31F19FBCFF03, 68EA91A969DD80A5DE28B0A8EAEB308837183713559C2C2FAEF991858C971393 ] defragsvc C:\WINDOWS\System32\defragsvc.dll 17:30:31.0791 0x37ac defragsvc - ok 17:30:31.0877 0x37ac [ DD74F18227ACC837D9856E24282D446D, 6A760E44CD897952538CDFA8895FE11263D51AAA79CFF24C01F3862E919DA478 ] DeviceAssociationService C:\WINDOWS\system32\das.dll 17:30:31.0944 0x37ac DeviceAssociationService - ok 17:30:32.0003 0x37ac [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll 17:30:32.0041 0x37ac DeviceInstall - ok 17:30:32.0101 0x37ac [ CDF1B1B5C5951111791C236B2696C7F8, BF6C4BA545C8827B40DB69890DB4D2B2F9C583C5E3CFBDFD370B05891141458D ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll 17:30:32.0125 0x37ac DevQueryBroker - ok 17:30:32.0186 0x37ac [ 4BC21E937E9F9F408672D2C2CBE4A153, 2F27560D09D184ABB7B4415146F5B8DE56C84FF74A4042596635EF896E39CBC4 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys 17:30:32.0199 0x37ac Dfsc - ok 17:30:32.0305 0x37ac [ F0D4400BA0F08610D9A551B15BF10B76, 83EB8FB272FC2DD2CC0659C2FB90AD0DAE88A88AB3951E03BCD933A25B601E10 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll 17:30:32.0341 0x37ac Dhcp - ok 17:30:32.0504 0x37ac [ CA7FEDDFCF61EF15A09C54DA2C07C49F, 346EF7709BA9E6BD48592B86FA46F9D956C847EF91F4980EEAD98269D0F0EF67 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe 17:30:32.0547 0x37ac diagnosticshub.standardcollector.service - ok 17:30:32.0698 0x37ac [ 22391290BB9D3ED68950672E42B6F3F0, C4DC2DD3CF1564181377A67AB7E08DEFB377D4AE51956A4F27CE46C038D04AFE ] DiagTrack C:\WINDOWS\system32\diagtrack.dll 17:30:32.0821 0x37ac DiagTrack - ok 17:30:32.0885 0x37ac [ 35B9D46560339A5A7F0CAC6ED702C817, F70480B01533B7029F90E2DE297E9E829660300DDE7A7D009B0AC2684E7691A7 ] disk C:\WINDOWS\system32\drivers\disk.sys 17:30:32.0917 0x37ac disk - ok 17:30:33.0053 0x37ac [ 527CE76D1B0587A3F9156809B3E2275E, 6FAB680F73774F3FAA65258D53DC8ADCDAEE2ABDDF825ED79F9526DC3B9B7312 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll 17:30:33.0086 0x37ac DmEnrollmentSvc - ok 17:30:33.0124 0x37ac [ 815F45161A4571C2C44491564F3D5968, 32E7AE8414A178CE429C0CDFCF718E3C11C705FB3155EA5CA0EAD48AAE507B01 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys 17:30:33.0128 0x37ac dmvsc - ok 17:30:33.0172 0x37ac [ 6E5EE6E420FECD64DE463C5F01CBFE71, F173C56895E80AA03D70CD78B3AB659C2EEAACFF43BE3B6EF3939D6F4AD4F62D ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll 17:30:33.0206 0x37ac dmwappushservice - ok 17:30:33.0288 0x37ac [ 86E507EE1457D7FA463BBF05BA76EB1E, 2D2D05CED57C22F41684DC6DD00ACECDF708407493286B2D4007068154E436FF ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 17:30:33.0327 0x37ac Dnscache - ok 17:30:33.0355 0x37ac [ 8F46B4C3F9BA19C26A26D0A11137B20B, BA0A66DBA98D77FD85A7CD2D4593F2B2A1A3B4D32BBECBCFFBEB5A54DCB0D8ED ] dot3svc C:\WINDOWS\System32\dot3svc.dll 17:30:33.0384 0x37ac dot3svc - ok 17:30:33.0407 0x37ac [ CA09EAEE92C6FDDC6B05057F11A0372D, 14DB5C186B69644AA93C445BF31CC9670204F95A47B77B6EACB19B4A316378AD ] DPS C:\WINDOWS\system32\dps.dll 17:30:33.0416 0x37ac DPS - ok 17:30:33.0464 0x37ac [ AE6BD4C879A8C849E53947C92DF3B3A0, 8C29774CB2D30D901C54AAC0C8ACE709351EE40E5C8FB9951B2A18B4A03F28B7 ] drmkaud C:\WINDOWS\system32\DRIVERS\drmkaud.sys 17:30:33.0468 0x37ac drmkaud - ok 17:30:33.0530 0x37ac [ 7433474BE77F065D2FA628671FE31A3E, 063ADDC68F48036749E6EC7B2F66284DB29F90F62E9468D16B4EF5A0FDC45E35 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll 17:30:33.0553 0x37ac DsmSvc - ok 17:30:33.0582 0x37ac [ 5FCA45C24501DA7390065D3706A9FC3F, 093FD840F1502ECC6F05B9723CA523B3F15CF39A5D2B9106E1267739B3F2C52C ] DsSvc C:\WINDOWS\System32\DsSvc.dll 17:30:33.0594 0x37ac DsSvc - ok 17:30:33.0750 0x37ac [ 4CECF7C7BFBF95647FEC49475555BFB2, B914ADC19CA4A4EEE83AE560A5CCE2E21A3D9568E5961BEFAD7B455930FB0AB9 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys 17:30:33.0883 0x37ac DXGKrnl - ok 17:30:33.0941 0x37ac [ 9FCE4EF7D5E274F862D9A2526B5F4779, 81D42D5475C2801C8E0C233A0BA827569D8A70590017C91C665C8B232D9BFAA9 ] EapHost C:\WINDOWS\System32\eapsvc.dll 17:30:33.0967 0x37ac EapHost - ok 17:30:34.0183 0x37ac [ 7EC6FC0266D74BD47ABB130A328B70EC, 3856790AF967AB03B1A89F97328DC4D5A6854ACDA6169681A9AFB03D7CF791F9 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys 17:30:34.0355 0x37ac ebdrv - ok 17:30:34.0412 0x37ac [ F141EE982C1A06839E9C4D81C09445B8, E6800529CC221FE98D098F1E5D3CC7EAA76EEF6D7008D51539BC2C0176166465 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 17:30:34.0446 0x37ac eeCtrl - ok 17:30:34.0508 0x37ac [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] EFS C:\WINDOWS\System32\lsass.exe 17:30:34.0517 0x37ac EFS - ok 17:30:34.0582 0x37ac [ 8D74B8B5D6F7C5BC4C525BAF2B083FF1, DA5656F745B3911F96871887FDFDC40F4D9C820622A0AA27EFE4BA93662833CA ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys 17:30:34.0605 0x37ac EhStorClass - ok 17:30:34.0662 0x37ac [ 2A9817B5A9260D8F60D52E36BEF10443, AC1A0203221AFAF584C71317FA07AA1B6E61BE619E918B3B1E4AD57CCED1CF03 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys 17:30:34.0686 0x37ac EhStorTcgDrv - ok 17:30:34.0750 0x37ac [ 80A7999DE02CE678B865832E1CE78CD6, 2576EBB6E4D630A906DE724F125099E52A962B5B68B9F9BCA849A7B29D8C8689 ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll 17:30:34.0777 0x37ac embeddedmode - ok 17:30:34.0848 0x37ac [ 3CE2B6AECB9AF8BC159299EEC46A35CA, E933B28BB6E4D01FCCDF8FBBB134C244B28DA3ECBDFA13333F0D4C24B2551780 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll 17:30:34.0887 0x37ac EntAppSvc - ok 17:30:34.0918 0x37ac [ 2FDBBCCF9B4516C4F1B2171810EF4939, 27C0A23BAD2BF5B4D203D4E02A1D44B92BB4BA73C10B8055A6E78AF576AC0570 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 17:30:34.0929 0x37ac EraserUtilRebootDrv - ok 17:30:34.0983 0x37ac [ 77B60DEC7DCB4233E4A69D3F52E5DB24, 3A5C905E37A93899051497C90E5BA8E1D003B56C6906CADFD2F1CDF52052D248 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys 17:30:34.0987 0x37ac ErrDev - ok 17:30:35.0089 0x37ac [ C4F53D5CC1327739D01C3AAF5B6455F0, 48EE9F18A7A9DF20D30C58C61742BFD0D1B8BCC8C4B4CB5D1D9C989E24B7C347 ] ETD C:\WINDOWS\system32\DRIVERS\ETD.sys 17:30:35.0130 0x37ac ETD - ok 17:30:35.0206 0x37ac [ 9680C1C8008AFF85116C5E45CB0BABD5, CDA04D24B5F9534F41E2A26D15E0311ABF4240032DE4CA156B72B76CC42E69B3 ] ETDService C:\Program Files\Elantech\ETDService.exe 17:30:35.0212 0x37ac ETDService - ok 17:30:35.0302 0x37ac [ F89083AB8B9F51C0031C1CBD0A9A7E35, 9EE973A25134960E62D1A6A1E34AD9B3F7690E71C1AD31A23FA2081A73438754 ] EventSystem C:\WINDOWS\system32\es.dll 17:30:35.0350 0x37ac EventSystem - ok 17:30:35.0388 0x37ac [ 0BF32186C3EC11315C33CC29EA8DD86C, 82B43762A5BC9C0AB7B5D1F96DC47B34700924B598070A7CCB30C92EB5EE1599 ] ew_usbccgpfilter C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys 17:30:35.0392 0x37ac ew_usbccgpfilter - ok 17:30:35.0462 0x37ac [ FCD2C63754C2E739A8EEAD9BC63F9DDC, C57A72ABA4C0BD71F914B9C8FF965DCFF585A205498F19A4584A4BAF7674839D ] exfat C:\WINDOWS\system32\drivers\exfat.sys 17:30:35.0491 0x37ac exfat - ok 17:30:35.0573 0x37ac [ FA918EC296EB410FF02867D008D02421, 23D164A24CB0D212778FA9592A046B6BA1F3628003E04181744A1F891B5B3E5A ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys 17:30:35.0603 0x37ac fastfat - ok 17:30:35.0699 0x37ac [ 77CE56471AF984800F318F3734D768C7, 72D540072374A56C2C497F0532A50705D3F0637F2C0C96B1D715F2EDFCA3AA2D ] Fax C:\WINDOWS\system32\fxssvc.exe 17:30:35.0737 0x37ac Fax - ok 17:30:35.0791 0x37ac [ 99598ECA5E41996E005D5B9D9FF1EFA2, 91345CD50EF02431B69093505C1C5F5DC6A1AA6BF192EE9392ED4D5626B60462 ] fdc C:\WINDOWS\System32\drivers\fdc.sys 17:30:35.0836 0x37ac fdc - ok 17:30:35.0895 0x37ac [ EF0DD43A4CBAB367BCA1AFBDC9971E4F, 73E161C45D63FDDE71EE2438137913724DC513860539D1E7F6BD861F5D1B33F3 ] fdPHost C:\WINDOWS\system32\fdPHost.dll 17:30:35.0917 0x37ac fdPHost - ok 17:30:35.0942 0x37ac [ 34DAC585994CD3B4E910DE11C584EF3D, A6C6A4CB5413EA61F1A54E2D3AD71A311CEA2C26218544D2D2D4A5CFEC52DE8C ] FDResPub C:\WINDOWS\system32\fdrespub.dll 17:30:35.0965 0x37ac FDResPub - ok 17:30:36.0007 0x37ac [ B68DA1FE3CA2311AFD38DD6905CA7F71, 4B395DFB1B47D2507CA4D9DC996A70D0A3BDB1A245CD6DA6C42B2A299AFCCF37 ] fhsvc C:\WINDOWS\system32\fhsvc.dll 17:30:36.0030 0x37ac fhsvc - ok 17:30:36.0097 0x37ac [ F44F666B0EACC3181544FFCF8CA0FFC7, 83F771CF9DAE1C504B30731EEC55355EA1253174252DA2192ADF1D228B3735C3 ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys 17:30:36.0106 0x37ac FileCrypt - ok 17:30:36.0170 0x37ac [ 78A210DDFDF2C9EC884631D2DAA573F0, 5D39C6EF4AC690A9749EEDBE2478FFF15A22877A2861EDA103C7BF1607B0C1BD ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys 17:30:36.0178 0x37ac FileInfo - ok 17:30:36.0197 0x37ac [ 1A97DB5E701A186989F3795223C3BE39, F7982220D4DF7E104955E63CACE352394E2577DEF49506EA126127F820EB62DF ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys 17:30:36.0203 0x37ac Filetrace - ok 17:30:36.0257 0x37ac [ 46626665F0E5906E45619B4EFD6186B8, 37FDD3B8AD49FD29E54DA5567EA77F28A53498AE56348F7A2628E5E5549D638B ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys 17:30:36.0262 0x37ac flpydisk - ok 17:30:36.0322 0x37ac [ FDA72ACA14D516D18C33AFCD0FD9260F, 6509612DEC82EA74614B5C9A7B432305A1A468C97B88BED9E141DF2929B621B1 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 17:30:36.0337 0x37ac FltMgr - ok 17:30:36.0471 0x37ac [ 81C8AA35C92D3A5E82477DF00DEDCBFD, F825641B3DD12C35657DC6F05C3A3CF2821D3525CF51E376E678B5FD45AD664E ] FontCache C:\WINDOWS\system32\FntCache.dll 17:30:36.0582 0x37ac FontCache - ok 17:30:36.0741 0x37ac [ 59241194DBDF30A2B4029E402F377900, 47A92E9CD8494C403B377799D395670A393766647E24CD83B15338CE2AA50266 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 17:30:36.0763 0x37ac FontCache3.0.0.0 - ok 17:30:36.0868 0x37ac [ CD7CD19E72EA2F597D01FC68ECD2F28E, 4E8BAA4AEF28B043780E2FEFFEB5E4DF4E2FB3211CE617D2DBAFB6C7B7DBBDFD ] FrameServer C:\WINDOWS\system32\FrameServer.dll 17:30:36.0937 0x37ac FrameServer - ok 17:30:36.0983 0x37ac [ B07A40B5A7A58B8C75663A572A46084C, 01F34EAFD4A86FF6AFC015BE2D155A53ED8186BD6DA1A05CCEC8425417A8E320 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys 17:30:37.0028 0x37ac FsDepends - ok 17:30:37.0086 0x37ac [ 6D6BB5C7363CD35FA715E826F3D029EE, C214F791EB39E8B25CE57ED9D6C1D56EE1AF6021BCB380980BD42A6338A6C9F7 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 17:30:37.0114 0x37ac Fs_Rec - ok 17:30:37.0196 0x37ac [ 8EEC4925C03E375C4EC496E45C44139A, 06C5C7BCC28D3E435675F0759A09CAB726E971DF4BFC1DC3DCF503EABCDCCCC6 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys 17:30:37.0231 0x37ac fvevol - ok 17:30:37.0297 0x37ac [ EF78034773CE506323655A868C949144, DF195BEEE6704FBCC6D2D9E1BF6723E52ED502A1459F495B7D18481E6A79B5BC ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys 17:30:37.0311 0x37ac gencounter - ok 17:30:37.0366 0x37ac [ B55FEBC6A00DAA1FE074F020B6907516, 67071FBAC2ABA47AB71358A5F08E92E034A55343878F00137E90B3B1F7362976 ] genericusbfn C:\WINDOWS\System32\drivers\genericusbfn.sys 17:30:37.0377 0x37ac genericusbfn - ok 17:30:37.0458 0x37ac [ DDD8A8CDDC7F13EF57D1DAAE71865936, 9D472A8689F72F24D40D5B94849690F53C67849FDF6162A94EF4FB330A3DA566 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys 17:30:37.0492 0x37ac GPIOClx0101 - ok 17:30:37.0596 0x37ac [ 8997353398C8466ECD183942D5FCC65B, C73FD5FFD71003F7FDDC17F59812BD6860992FA35EC0ECC8DE37D935606B485B ] gpsvc C:\WINDOWS\System32\gpsvc.dll 17:30:37.0661 0x37ac gpsvc - ok 17:30:37.0695 0x37ac [ 7ACD8F69B5D6EC97E6D2C006E19BED88, FC69214C9308EA64B88EF4C3C95800586DDBB44C8540846B79A161BAD8203B6E ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys 17:30:37.0698 0x37ac GpuEnergyDrv - ok 17:30:37.0741 0x37ac [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 17:30:37.0745 0x37ac gupdate - ok 17:30:37.0753 0x37ac [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 17:30:37.0757 0x37ac gupdatem - ok 17:30:37.0815 0x37ac [ 10E3515FE5DBA6656FA62C29342EC4A1, 2051F10F74ED712B1766EB61E87FADE25AB3D0970BABFD320600D1B0D6377F26 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys 17:30:37.0826 0x37ac HDAudBus - ok 17:30:37.0921 0x37ac [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\WINDOWS\System32\drivers\HECIx64.sys 17:30:37.0965 0x37ac HECIx64 - ok 17:30:37.0991 0x37ac [ B90D284B97CD4CA9DE7430AAAD887A56, 2F14F985C39B7801ED64590979CF2114924E9547F5B11D2B37A74DBFFDD9E7C5 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys 17:30:38.0036 0x37ac HidBatt - ok 17:30:38.0101 0x37ac [ B2FE11643CC6ACDEE6C247DD36018FDB, 5796613C7DBF8B2A9E860E006FF1A245B6BE7D10E3F6685AD142B48E5C237B8C ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys 17:30:38.0148 0x37ac HidBth - ok 17:30:38.0217 0x37ac [ D24355488A2D4D2323518EC1AC7A6D9E, ED2176A2093726087EDDA25B86E9CDD4BA35F4E748E3A6DE0B15C4C97646B5C7 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys 17:30:38.0226 0x37ac hidi2c - ok 17:30:38.0267 0x37ac [ 0AF9ABBA4F3F55C6C803890D64BC3C29, D3DE6FA308F8E7CD4F16387F46AE4B2F7EC9BBA07BF87652B660A0D645710571 ] hidinterrupt C:\WINDOWS\System32\drivers\hidinterrupt.sys 17:30:38.0272 0x37ac hidinterrupt - ok 17:30:38.0308 0x37ac [ CDBCF8E9AB06D88A1E1191D32F320C5D, F76963AB7CF2BAB3A220013879AECD3976BFD851CFB66B5A69A9EA2541048861 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys 17:30:38.0317 0x37ac HidIr - ok 17:30:38.0373 0x37ac [ C900FE0DD6A1E2220084B8F1C427790C, 802194EBEDA1A50EDA300078B0888AAC1F17A42E67147B7B3B9C50AD8D4E5C89 ] hidserv C:\WINDOWS\system32\hidserv.dll 17:30:38.0383 0x37ac hidserv - ok 17:30:38.0447 0x37ac [ D8536CB438CC4CCDAE047B768EED22B2, 4F666BFA3554F9ACA6B9D436BFA64474D5F30FB3E78F4E66068CCDF283D9867F ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys 17:30:38.0454 0x37ac HidUsb - ok 17:30:38.0520 0x37ac [ 0AC1BD5A28FAA371EF34859FE703E515, 1DD1C33AF8D6EBE7C36FCD051F066E4039D2B47ABAECF7C68BC3933D567930B2 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll 17:30:38.0542 0x37ac HomeGroupListener - ok 17:30:38.0598 0x37ac [ 86161A89F16851728802590EC7C92608, 3A3B05BB4E115410D27063B30C0EF3F18295F542050F329F1E466C81A9E23A46 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll 17:30:38.0629 0x37ac HomeGroupProvider - ok 17:30:38.0689 0x37ac [ F5CA18197B4646E04DB9EB2D6642CC4D, 5BA3342DDF1BCB67E4156169FE9A33E7BC2641C729E9F1A80C0E80953C6AB114 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys 17:30:38.0694 0x37ac HpSAMD - ok 17:30:38.0804 0x37ac [ A10C7C1E69FC90620C7BF2E51302A01F, D725AEAE38255CED73F4922A10F226215528706580B06D01C228488F93AC0397 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys 17:30:38.0883 0x37ac HTTP - ok 17:30:38.0958 0x37ac [ 0C84C250F80EAEC2C9768464CC1A9626, 212E1003B78F9B98FEB084FD1FDB59B26A9DE4C9120F24D4361FBBF0F3C035E7 ] HvHost C:\WINDOWS\System32\hvhostsvc.dll 17:30:38.0971 0x37ac HvHost - ok 17:30:39.0043 0x37ac [ 74FC79C52395B10FFD0B55CF22CF88FC, 94D977DA2092EE8C2A598AC48758A84BB22CB6378BD114C2D3B4172A07A9CACC ] hvservice C:\WINDOWS\system32\drivers\hvservice.sys 17:30:39.0066 0x37ac hvservice - ok 17:30:39.0126 0x37ac [ 771EDDA9830A3079F996F34D681FB6E5, F452AD656872A1C8B2D6DCE232CE01EBD456C46F4934A7601E78470F2A2CBF38 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys 17:30:39.0172 0x37ac hwpolicy - ok 17:30:39.0243 0x37ac [ 3B9F315E7FA72CC25228EB097DD9C694, B26F1E494428EF197A0C97645C05BB3CA093827A005D35C987F1D6778BC4E52C ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys 17:30:39.0255 0x37ac hyperkbd - ok 17:30:39.0339 0x37ac [ B54B30992620C97230013A74461C8517, CAF09BDCDD6DE2A39CB8AE2C65E6F8FE12D8E93D84BBEF6C6A98F872BF54A4E3 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys 17:30:39.0352 0x37ac i8042prt - ok 17:30:39.0367 0x37ac [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio C:\WINDOWS\System32\drivers\iagpio.sys 17:30:39.0371 0x37ac iagpio - ok 17:30:39.0397 0x37ac [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c C:\WINDOWS\System32\drivers\iai2c.sys 17:30:39.0404 0x37ac iai2c - ok 17:30:39.0427 0x37ac [ 5A0E850F8CD17791A3E6A3CF81D0CA28, 10A965A49D53360DD250E0758B6BB142872298A21C732EB026ACB93492C5C6CF ] iaLPSS2i_GPIO2 C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys 17:30:39.0433 0x37ac iaLPSS2i_GPIO2 - ok 17:30:39.0497 0x37ac [ 7508F1096803385D6376BFD0BD473AC4, 1F32EC23CDC94DCB9710E6663B5C3BD83568545DDC2C741CFC13550A4E4DD2BE ] iaLPSS2i_I2C C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys 17:30:39.0509 0x37ac iaLPSS2i_I2C - ok 17:30:39.0563 0x37ac [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys 17:30:39.0567 0x37ac iaLPSSi_GPIO - ok 17:30:39.0595 0x37ac [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys 17:30:39.0603 0x37ac iaLPSSi_I2C - ok 17:30:39.0654 0x37ac [ D1753C06EE17E29352B065EACF3F10D0, 4DD4C991FAA3CCF99DF8DC9F8F5DEEDEECD55977F0C3AA8C404DEFD21E32A62B ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys 17:30:39.0671 0x37ac iaStor - ok 17:30:39.0742 0x37ac [ 97E553D03219D3D51705C7235D9EAEBD, 5D4578C8804AF32D1DC0868E34D6538138DC15F9568CA7E21051B1C82C0D8D55 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys 17:30:39.0776 0x37ac iaStorAV - ok 17:30:39.0814 0x37ac [ 8350FE3BCDE3428BC040877BB7E9EAEB, 77F9456351CA640C6B7862907C0580627E761EC807B551976A95657EB4D6CC20 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys 17:30:39.0843 0x37ac iaStorV - ok 17:30:39.0881 0x37ac [ 3BA03F7C7700DDF4C383DDE9252F5817, 3E90F69D0010E7764349D9AE865D577E431FEBC67DA554B400BC808DD286E203 ] ibbus C:\WINDOWS\System32\drivers\ibbus.sys 17:30:39.0915 0x37ac ibbus - ok 17:30:39.0966 0x37ac [ 937AC47F7356554DA05D9722C356EB55, 9EABC9F19B4E1193B669D2674967F5C6F03FAD348EDF0615E3F78554FF9A83CC ] icssvc C:\WINDOWS\System32\tetheringservice.dll 17:30:39.0992 0x37ac icssvc - ok 17:30:40.0205 0x37ac [ B006AF5E9428D0C225367BCA17FCFE2C, E9A01B0664C5EE139882D648962A610AC659D00B2D225F0D8F26BF327C23FDC9 ] IDSVia64 C:\Program Files\Norton Security\NortonData\22.9.3.13\Definitions\IPSDefs\20170622.003\IDSvia64.sys 17:30:40.0322 0x37ac IDSVia64 - ok 17:30:40.0913 0x37ac [ E6D200304A8D739597678807820ABB43, 05194D2625F48C5065318C28B242A03A1C3BDC441087DAFF777203506CE4CF6E ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys 17:30:41.0463 0x37ac igfx - ok 17:30:41.0709 0x37ac [ A7BA43047998E1F08C4B224BBA55B813, F70D2A687AF85D7260A9109B53E2EE68C8DC2BF09DECB17F8A25030D91A7BEC5 ] IJPLMSVC C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE 17:30:41.0721 0x37ac IJPLMSVC - ok 17:30:41.0807 0x37ac [ F2934208C0E50C0B971A7981AB90BED2, B936BFBBD71E731CC2CDB8B47D262F2EF09726FF921C2DA0841910CA2401423D ] IKEEXT C:\WINDOWS\System32\ikeext.dll 17:30:41.0875 0x37ac IKEEXT - ok 17:30:41.0935 0x37ac [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd C:\WINDOWS\System32\drivers\Impcd.sys 17:30:41.0972 0x37ac Impcd - ok 17:30:41.0993 0x37ac [ 2A01C96DF5802D3434634E55C91232D8, A3ABEF36E2FD2CF5C371ADBF92566A09669A1D990ABE4677370F57F2EEAF8121 ] IndirectKmd C:\WINDOWS\System32\drivers\IndirectKmd.sys 17:30:42.0014 0x37ac IndirectKmd - ok 17:30:42.0207 0x37ac [ 622868E4BAE8FBCD22CB1A5901A2C824, C1A2264C0984DD16C83B663C9CE43E049E1356E32C5771C3ACE225F285699138 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys 17:30:42.0390 0x37ac IntcAzAudAddService - ok 17:30:42.0457 0x37ac [ 58CF58DEE26C909BD6F977B61D246295, 0CE27B81C091961A22B75478449D654F9C1A68E43DF80C699DB8DD3D1B288461 ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys 17:30:42.0496 0x37ac IntcDAud - ok 17:30:42.0582 0x37ac [ 9F7E87F6595D065A8A200A291043045E, 6944F72F73EADC6C9B7691F2C1C6DF1898F22C88EFA78EC0BA8CB5FFD9CE057B ] intelide C:\WINDOWS\system32\drivers\intelide.sys 17:30:42.0606 0x37ac intelide - ok 17:30:42.0624 0x37ac [ A6BD2E20AE1BC5CB2776C87C28E4F4CA, BD8BE67CED9A4982D785CE9ECBEFE868C3A2E37DF7F9592B9F9049B807A1554B ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys 17:30:42.0637 0x37ac intelpep - ok 17:30:42.0661 0x37ac [ 2A48DA39542636DB0FA3BA915385D1B3, 6CA0916F5F4B1E81AE6A6233276320599BFA7C129267177703E3BB6468FB4683 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys 17:30:42.0670 0x37ac intelppm - ok 17:30:42.0726 0x37ac [ DB32758F3A7F6CCE81A5430080A2EA65, 36A26BAA884E96804F8EA0B12BB3E81BBE6D4EE704809904091445F36CAB5A29 ] iorate C:\WINDOWS\system32\drivers\iorate.sys 17:30:42.0731 0x37ac iorate - ok 17:30:42.0791 0x37ac [ FE85D0A86CA7A5A99CF8CD04DE7F80AE, 544C01FC01EE728EB5667158207E5F4418FE77A88BA318192A834722DB766F4E ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 17:30:42.0801 0x37ac IpFilterDriver - ok 17:30:42.0904 0x37ac [ 68C50E8E4265698BE6835156F4DD5008, 5B9CBBCE99315E5569E6733F13E91A687A36F536A68A2B670CC24C4BCC4EAFF4 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll 17:30:42.0955 0x37ac iphlpsvc - ok 17:30:43.0007 0x37ac [ 10D01A3657AC8E8004C83D613163DE1E, F9389F1BF87A2D28899F50D270DA6F48B0912CFAF06CEE566697B041DBE92F9C ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys 17:30:43.0037 0x37ac IPMIDRV - ok 17:30:43.0074 0x37ac [ F1DAECC3B3D6399875D4F10529D6A77C, 6533D2F858816BE6570C998510919FCA2904EC6EF806F61C1FD325E88133111B ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys 17:30:43.0117 0x37ac IPNAT - ok 17:30:43.0193 0x37ac [ BD713ED20CFD71C32C4BE1928423AE9A, E0EE95FEA3930EA335D9B1FF74EEFAA61ECEC89AEBB1D0E43A1E1088F9990273 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 17:30:43.0211 0x37ac iPod Service - ok 17:30:43.0236 0x37ac [ 7475A2903BB704B446AA6309E34D3362, C94643A1626A9716015EBA7041A1224098501EB7DAA704CBFCAD3DC6F3CFC6AF ] irda C:\WINDOWS\system32\drivers\irda.sys 17:30:43.0261 0x37ac irda - ok 17:30:43.0323 0x37ac [ 9725E7F0C64CE9916A5CDABE8D6E13C3, 04AF9E48FEF208A2850DF28352E8FDCBF4018982C72C0F67EE12C048C4070116 ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys 17:30:43.0328 0x37ac IRENUM - ok 17:30:43.0393 0x37ac [ 8C604213A2E73088BFFE6CD2E6F1AE53, B4C4FEE4D398A29F72EC27D5668071D7E68CD943FFFC38624DD5DF5BEBDF46D3 ] irmon C:\WINDOWS\System32\irmon.dll 17:30:43.0402 0x37ac irmon - ok 17:30:43.0461 0x37ac [ 58040898883A96160D41739C80328BBF, 7F85C91C905811416E266A263DDEFCDCB0B45376AAE51B551AB636C16577DB9F ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys 17:30:43.0466 0x37ac isapnp - ok 17:30:43.0547 0x37ac [ CA20F4621AB8CD3F69199DE21B5B41C4, 0AFFC66DD10D4D15139337E5ED343A2ABBB26CC8A83B3BDF6AD10C68B3931A7C ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys 17:30:43.0576 0x37ac iScsiPrt - ok 17:30:43.0595 0x37ac [ 210808437570BDDEE71A43535E3A2D30, EF5DE6EE4FF58F44CDE4D4E7F298ABBC9086EC05CC3AE4903060DA878115AC1E ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys 17:30:43.0601 0x37ac kbdclass - ok 17:30:43.0622 0x37ac [ 0B779E9FC426CA2268D28181FA6C222F, 83292023A688C3044D096F22242EB954B7F7511BE8341D45FF0AFBD9CB9BCB4E ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys 17:30:43.0627 0x37ac kbdhid - ok 17:30:43.0635 0x37ac [ 813BA3EB2CE038F2A5382DDD75CAD60B, 99FA444027CAC247B54317730D54AB0C4C000AE076B97E47470FDA9834594312 ] kdnic C:\WINDOWS\System32\drivers\kdnic.sys 17:30:43.0639 0x37ac kdnic - ok 17:30:43.0663 0x37ac [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] KeyIso C:\WINDOWS\system32\lsass.exe 17:30:43.0671 0x37ac KeyIso - ok 17:30:43.0696 0x37ac [ 705C0F8BCCEF6E7CB704CCB454192D7E, FC608C708E2C3BF7A66E57B95E19E71E5F5C87EF359D8BC1A817500B45DF9338 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys 17:30:43.0705 0x37ac KSecDD - ok 17:30:43.0764 0x37ac [ 55AD13E2BAFC5AB53A10F8C271F5D242, 058BEF14DCB95574BCAB985F04737BA89483937E8D8A74F7B4CEAFB7400C2397 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys 17:30:43.0775 0x37ac KSecPkg - ok 17:30:43.0782 0x37ac [ 4ED115CD1A1099705F56B5E0FFF97CC6, 9CC49DF2CD6AAAE405BA661D13EFC1E05111D1DE3D1E50C39C425AF1F075610B ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys 17:30:43.0786 0x37ac ksthunk - ok 17:30:43.0850 0x37ac [ 8125BDF7ADC261F75EF0CAD92456E350, 184797AA1D58C4FF743BA60D48590B88B781EE7779205E45E0679DEC79F3E185 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll 17:30:43.0879 0x37ac KtmRm - ok 17:30:43.0891 0x37ac [ 4E444F41E69BBE2E0BAE34D5DFCB5732, ACAEFB839CF7A3113D026B9A715994C3DFF8797D73B991253959EF606C4FBC00 ] L1C C:\WINDOWS\System32\drivers\L1C63x64.sys 17:30:43.0898 0x37ac L1C - ok 17:30:43.0964 0x37ac [ 8CCAB08815B50AD78B823DB3F96C8604, 265E6D582EB7207B5CC577D61CB7BC3646F613047F168CD69BB776C37780EBF5 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll 17:30:43.0988 0x37ac LanmanServer - ok 17:30:44.0053 0x37ac [ 33DBBCF71F68EA97D9FD34E4C9AB5AC6, 104F04A1560E75EB224A3825707CE51E8798ABD764F5CC3B854FFFC93A39AF60 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll 17:30:44.0076 0x37ac LanmanWorkstation - ok 17:30:44.0138 0x37ac [ F8EBAA1FE6D3BF84752931DE1BFA0E2A, 2F3C512712BA709BBBBD779D9E792DBE324876C402CDCEF0345B8B7ABE1D232A ] lfsvc C:\WINDOWS\System32\lfsvc.dll 17:30:44.0145 0x37ac lfsvc - ok 17:30:44.0198 0x37ac [ 5A23E4BE0CCF49663C4CF7EB74C20278, 9DF91014B13B7CED1C3D409F90858FD03EFC5C4347C98901B4DF0AFF2B77845D ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll 17:30:44.0204 0x37ac LicenseManager - ok 17:30:44.0217 0x37ac [ 5933A6673F00D8255C52957E40C2D601, 0AA1281F8B3F97E360592D1B35EE7D3D614F1AB46007F9884CFFB1C5E647575E ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys 17:30:44.0223 0x37ac lltdio - ok 17:30:44.0248 0x37ac [ 88A3C935725FA6EA1A228DCC26CF9C6F, 9B1F70644EEFA1EE7CE151A8A970430087339B7A6345F2E0252370929D4AFAC6 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll 17:30:44.0272 0x37ac lltdsvc - ok 17:30:44.0333 0x37ac [ 3F858E28AEE6545FA1B64134DFD5C2CE, FFD7B4FB0A7B61BC6B76A172134673842F2CF00E96FA3ED4A8273DC525B6BB92 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll 17:30:44.0342 0x37ac lmhosts - ok 17:30:44.0436 0x37ac [ 8E1B0946948CCC0BC1FA3CB70374A795, 0B894C129A35E223FF9594725AC90916CBD597FAD2211A18FC2AE03EA8679597 ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys 17:30:44.0447 0x37ac LSI_SAS - ok 17:30:44.0504 0x37ac [ 4F68163FC04C973500DC4DA0946917B0, DF060C29109EB3978CEDFE781999B0C4C1E8C0FDB133428058D8400C53315EEC ] LSI_SAS2i C:\WINDOWS\system32\drivers\lsi_sas2i.sys 17:30:44.0512 0x37ac LSI_SAS2i - ok 17:30:44.0569 0x37ac [ E5AC5F2815938651CDCC27F425474673, 3AF0598982153C36A766506FA088F7B84333CC96FEBB050402547AFC613AF9F7 ] LSI_SAS3i C:\WINDOWS\system32\drivers\lsi_sas3i.sys 17:30:44.0578 0x37ac LSI_SAS3i - ok 17:30:44.0602 0x37ac [ CCF6EC9FB9B8F18E05B4253E81013E48, EBE8D77FEE8B99BD8C29702404774D554673C96DF3FDF3DCEA9C99E22C2709FC ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys 17:30:44.0609 0x37ac LSI_SSS - ok 17:30:44.0701 0x37ac [ D5EFC0BAEC21EDE6FE03D377D403B421, 41BE71AF7C896FD4C51EF7E3871AAB769164DFB8050DA43E48C7A100711414B4 ] LSM C:\WINDOWS\System32\lsm.dll 17:30:44.0745 0x37ac LSM - ok 17:30:44.0828 0x37ac [ C9579D32219E5B936AC3A48D470117EC, E61A77191B6BA25D29B1221FEBBE826BBC11F825C0E35A72B4CEFFF8B7FE59A8 ] luafv C:\WINDOWS\system32\drivers\luafv.sys 17:30:44.0839 0x37ac luafv - ok 17:30:44.0893 0x37ac [ 9F699136FA1A8A170C2C05D7790A5FC0, 4363C527BD2FC9FD8937E9866CA200809AC87B64EA57084491BAB6DEB8ED9E87 ] MapsBroker C:\WINDOWS\System32\moshost.dll 17:30:44.0902 0x37ac MapsBroker - ok 17:30:44.0960 0x37ac [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys 17:30:44.0983 0x37ac MBAMSwissArmy - ok 17:30:45.0044 0x37ac [ C3CDCCF07486BD2616A7B82946E07AC0, 1EF95DAB2DA856BC7D7573B2EB2D9006DF337F827F0B56A161D0C97F45DB755E ] megasas C:\WINDOWS\system32\drivers\megasas.sys 17:30:45.0049 0x37ac megasas - ok 17:30:45.0103 0x37ac [ 2CF0CB2A0ED68C5455371E84C16F9627, 1C9166B52140145F1968E83E52BFF041250811B23C770FE181A18A4BA060CA81 ] megasas2i C:\WINDOWS\system32\drivers\MegaSas2i.sys 17:30:45.0108 0x37ac megasas2i - ok 17:30:45.0151 0x37ac [ FADB2FE017E69EECE0E1BA78661C2E8C, BE99B49031D8B4B670B6F6B6E829E54406779CF6F1D8AFE8AB79A73E6764AB2F ] megasr C:\WINDOWS\system32\drivers\megasr.sys 17:30:45.0190 0x37ac megasr - ok 17:30:45.0250 0x37ac [ 55A417C3E41F2A98666CF929EC19108E, A38C262B2863C87E4151525BF26D6AC16E7982D370E2C6998EB15C88C4BC8254 ] MessagingService C:\WINDOWS\System32\MessagingService.dll 17:30:45.0256 0x37ac MessagingService - ok 17:30:45.0329 0x37ac Microsoft SharePoint Workspace Audit Service - ok 17:30:45.0425 0x37ac [ FD60818B66B2E8A5415EA840E99A9D8F, 5D2F22909354534B821D958FBEF6A40EB4F642F53C7B509D00949096EF716F36 ] mlx4_bus C:\WINDOWS\System32\drivers\mlx4_bus.sys 17:30:45.0470 0x37ac mlx4_bus - ok 17:30:45.0523 0x37ac [ 68F6977F1CFBAAC770D940A8C0326FA1, 90EE1E7DAC680EAA5AD50E9B0B9FD8FCE8DD6A02D5EF941B5AA5084CBD40BB80 ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys 17:30:45.0557 0x37ac MMCSS - ok 17:30:45.0615 0x37ac [ 0D50B3F3AB32D416786B58D4553859CE, 9DA4D7A30982E8B31C45BDB721AEF5240EAD9DA6839CF34FDDBCF123BF104F2C ] Modem C:\WINDOWS\system32\drivers\modem.sys 17:30:45.0626 0x37ac Modem - ok 17:30:45.0634 0x37ac [ 9CCCB7FC3EDADEBA461D78615A6011A6, C120B58F25E8CCFD971EB78645C0682F367AD56DC15F2D8C1980CE75B04719DF ] monitor C:\WINDOWS\System32\drivers\monitor.sys 17:30:45.0638 0x37ac monitor - ok 17:30:45.0700 0x37ac [ 27A07B2FB2E3057DA8DAEA4F25D843C7, 09D2B39E6B9AAEC879E5871DD6BCFF2AEF0B894F3B44649665A685F8B3CA6F27 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys 17:30:45.0735 0x37ac mouclass - ok 17:30:45.0747 0x37ac [ 7BD6E7F7C9001AB21B8362CFFEE80B25, C470C3363EEF3A60409A5934988BFB9B72AE7C2BB63CC2C2D006D7EB1C797F6A ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys 17:30:45.0754 0x37ac mouhid - ok 17:30:45.0774 0x37ac [ F5BDAEE4B7D369D4C74668DCFBA3FF10, 100F39288E56AFE0D39D1CC235BDC9F3727C873CD3114E092DA7A08810BD3EB2 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys 17:30:45.0780 0x37ac mountmgr - ok 17:30:45.0833 0x37ac [ 65C0F9AE99ECCCA7C5C3CEFA7ED80904, AABEBEAED256318B5B8C1BC36A2E365CB942ED591C78E78EC6C55EF94A522342 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 17:30:45.0848 0x37ac MozillaMaintenance - ok 17:30:45.0868 0x37ac [ 30844BD376F9D01E62C820BEF446F1F8, 910D672EDB544A20AEB4450B4D89830F46EDD28CE0021156176315C5D068A1B4 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys 17:30:45.0875 0x37ac mpsdrv - ok 17:30:45.0973 0x37ac [ A231E1861F7AA9CCC24B97176BBA838D, CDAB9A25CC55B71E8A83E50504B12E948D7A88F035918E4F94E3624E4AA0A28D ] MpsSvc C:\WINDOWS\system32\mpssvc.dll 17:30:46.0055 0x37ac MpsSvc - ok 17:30:46.0122 0x37ac [ 25D32BE04FE0A23FDF57FD5382757672, 64E39E3E21D9173FB1116B989D80C244C49DA827698A05AF5CC5CD1C6AE155DE ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys 17:30:46.0135 0x37ac MRxDAV - ok 17:30:46.0233 0x37ac [ D559FF28B1AD9B1E15A4186E785E61F6, 4B22A740E86CA10B1B43E36CBE9A50B53D1E5504C25694C8FF3A514DF699E99C ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 17:30:46.0281 0x37ac mrxsmb - ok 17:30:46.0342 0x37ac [ D4D12BC29DE0F09280868FDCA65B3474, A6FE89ABD52087FEE52FDF31DDF4CB627ED400E94FDA86BEBF1D4763F1E42518 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys 17:30:46.0373 0x37ac mrxsmb10 - ok 17:30:46.0413 0x37ac [ 0698B15E21EA1B8742F2E7BB3142B754, 0DB79841E863F08452F895DA47CEEF6CA4D527A616EB616FDFF5F7431487E5F7 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys 17:30:46.0451 0x37ac mrxsmb20 - ok 17:30:46.0507 0x37ac [ BEF575A5A8EC38F3BA6DB68D3CFFBD9A, 86D0BDD22430092CE1E11A7A2948725746DD848F5DF6F94808D8F0919BDF787C ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys 17:30:46.0585 0x37ac MsBridge - ok 17:30:46.0638 0x37ac [ 308F08347923DEEDE7BC03EC7D485841, 72DB45CA11FE635DF9F8273C38CBEFB8DF5362ADA0CBF6D2B1E570365DC700C0 ] MSDTC C:\WINDOWS\System32\msdtc.exe 17:30:46.0667 0x37ac MSDTC - ok 17:30:46.0737 0x37ac [ F01B849D9D4A8CEAF32D4FDBD0B83C92, D2473AC4C6E6C03DEF13EA73EC78FB878BDC95C047651BF79A16C9DEA82AD046 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 17:30:46.0741 0x37ac Msfs - ok 17:30:46.0803 0x37ac [ 22ECD8F5D1DFADF2011BBB1700CB871D, 8F9EFF51137394EFA5471B8A29C541710063B65806B075B4925A84D5B6BC3BBB ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys 17:30:46.0811 0x37ac msgpiowin32 - ok 17:30:46.0860 0x37ac [ FD870F6968A145E4D2BA8A8842686B03, 34B8F601F3B5E42B4D0A41E2AF7DB4EB4E5B627DA8DA9A2A2D46B153AF23AEB1 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys 17:30:46.0864 0x37ac mshidkmdf - ok 17:30:46.0889 0x37ac [ 30364757963A028CE5DF0FBAAC270173, C72588A6A52FF8E418A15D2C407A4DB7EA768585423720145F8253D5CA519DC2 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys 17:30:46.0894 0x37ac mshidumdf - ok 17:30:46.0914 0x37ac [ 6BB0FEDDAE7135FA37FFAFF4D9E0E876, B41A3C0FFDFC493D6325ED493445AFCED04EC9DFF2B38125616FC5419AD1ACC4 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys 17:30:46.0920 0x37ac msisadrv - ok 17:30:46.0998 0x37ac [ 07E3E54734B14F43A4A95A849C0A0DE2, 314AA02EA84D267B32DBAEBEA6C1AC1A266DED1E8D35A17B41D1D2AC75E8049E ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll 17:30:47.0029 0x37ac MSiSCSI - ok 17:30:47.0037 0x37ac msiserver - ok 17:30:47.0087 0x37ac [ 4586CDA25B7866DD9505CEECF9DB3C74, B94CE1A7C1B6FFEF7AA33AEC30C27E01E44E6E56A4274705684BFBB738F95BCF ] MSKSSRV C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys 17:30:47.0092 0x37ac MSKSSRV - ok 17:30:47.0111 0x37ac [ 642CDE46351D5D2D90311E77072AB46D, B2D3033E607BA2F6E6B9CFB1CBF154CD0CE910EA473C56343EC81B9B94044CCA ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys 17:30:47.0116 0x37ac MsLldp - ok 17:30:47.0171 0x37ac [ F2302A5CE63CA7673200FAFCEEEDB6AF, B8C44FC2DC0332183DE325CDBF511101F3307225295EDD428CE575A8DE15C223 ] MSPCLOCK C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys 17:30:47.0177 0x37ac MSPCLOCK - ok 17:30:47.0219 0x37ac [ 6114512EA26E835BA522C63635429DB5, 0F91CE41B4555316A79AEF3047C152D538CC9C7C329987C9FD0E3D961AFC87C8 ] MSPQM C:\WINDOWS\system32\DRIVERS\MSPQM.sys 17:30:47.0224 0x37ac MSPQM - ok 17:30:47.0271 0x37ac [ AA538E16E644D00E3BA5349BBA9598EC, 64A68B06883FE7ED34E04AB119BA819753F1222923EDD4E802C35D402B89D075 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys 17:30:47.0302 0x37ac MsRPC - ok 17:30:47.0354 0x37ac [ 7ACFE7435317E791FF9EED2F49B402F2, EAF2CE12403A9D975112A22EDBC313EE63B926C070B35E62D515403DD34BD88D ] MsSecFlt C:\WINDOWS\system32\drivers\mssecflt.sys 17:30:47.0363 0x37ac MsSecFlt - ok 17:30:47.0386 0x37ac [ 0543BEFD41EC4D25C7F7CF36409CEC7D, 631622CFEC49952C0470531B23FFFFF483DC0EFFEF7A97B1179A600392C05DDD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys 17:30:47.0390 0x37ac mssmbios - ok 17:30:47.0425 0x37ac [ C1569E4DB8EFE3617847BF041A3C842F, 99ADE5E7F50E04CAEC737F7F90741CCA8EE628996BA5EB6C6BC62184884429B6 ] MSTEE C:\WINDOWS\system32\DRIVERS\MSTEE.sys 17:30:47.0429 0x37ac MSTEE - ok 17:30:47.0449 0x37ac [ 130B16970154BA9876B09E5C4BAC63BE, BE3AF8FC5A26AB9C9DBA9C015C2E1FD3C4CD9CB423A2BBDABA91428BF8620553 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys 17:30:47.0453 0x37ac MTConfig - ok 17:30:47.0514 0x37ac [ 032D35C996F21D19A205A7C8F0B76F3C, 1A1C5BD7204BB937A05E201BCC0840B2C8E4B273D8E1D6D9407264FB4C57F014 ] MTsensor C:\WINDOWS\System32\drivers\ATK64AMD.sys 17:30:47.0518 0x37ac MTsensor - ok 17:30:47.0530 0x37ac [ 15D987C8F6CCD4AC94E070C5986762CB, 452FB0C48B86C7F8F53794CC2DDBF2B900B03A0383B2DE8F6A830F8CB0AFBAD8 ] Mup C:\WINDOWS\system32\Drivers\mup.sys 17:30:47.0537 0x37ac Mup - ok 17:30:47.0557 0x37ac [ 3D2C5B4995CA0751D32DEA0DE9FDFE44, A26958785FD9E05E2CA97078C9BB277CD44222BF5F7D9E8DC2F3F6AAAFFC6483 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys 17:30:47.0562 0x37ac mvumis - ok 17:30:47.0623 0x37ac [ F88186832F2E3C7B3549EFB0677F6DE6, CA77F3C846507158093BBDA634227C52AF04BC90D9408CBA74591B56D78EB6A6 ] MxService C:\Program Files (x86)\Maxthon5\Bin\MxService.exe 17:30:47.0636 0x37ac MxService - ok 17:30:47.0673 0x37ac NanoServiceMain - ok 17:30:47.0760 0x37ac [ A5FA29F748BBF38FC3FAE4B54FA20A93, 8912F08967CFDD2A74593C9D23F43D6487D1920969C380B39BA8EA4672B24C3B ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys 17:30:47.0809 0x37ac NativeWifiP - ok 17:30:47.0839 0x37ac NAVENG - ok 17:30:47.0843 0x37ac NAVEX15 - ok 17:30:47.0904 0x37ac [ C3D9870E680D9D843B18F4626C3858FE, 43596CAC9FB488F810FBA954C52BC4D13F7D32028C40ACFE33DFD7EE36A65C17 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll 17:30:47.0927 0x37ac NcaSvc - ok 17:30:47.0955 0x37ac [ 04CE2C0F0759EACD886BA4B658B60D5D, E34D0976FC5936C8629800D826DB127072D1DFC3D350EFACA3AA1B8119551762 ] NcbService C:\WINDOWS\System32\ncbservice.dll 17:30:47.0988 0x37ac NcbService - ok 17:30:48.0002 0x37ac [ E6094065008FE423377294050E7CEA2D, 86E200227256407530E2C28243DEFBC3CB6E9497644404D9AD79DA242286DF7B ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll 17:30:48.0010 0x37ac NcdAutoSetup - ok 17:30:48.0071 0x37ac [ 629CB21AC49C8867E0F29DF1C16DB7B4, 20663E68C69D0A1A2FE99A0C2A9DEFABF49786A1DC8F7F4E1699458AF57D7E79 ] ndfltr C:\WINDOWS\System32\drivers\ndfltr.sys 17:30:48.0082 0x37ac ndfltr - ok 17:30:48.0213 0x37ac [ 63560E6BC9BCA978A6B72DF65F7A8930, 278AAB22ED6001E7E336EFC027073EDA727A3D333FF2576D087C92F8E6D768B2 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys 17:30:48.0265 0x37ac NDIS - ok 17:30:48.0288 0x37ac [ 6DD605338FAAF6BA17662AA874E0D162, 636607829F5D7C3B7A4683C0A2DD594360D72F2AA3F8710153BE32575AE34A15 ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys 17:30:48.0313 0x37ac NdisCap - ok 17:30:48.0344 0x37ac [ E34196F285F8B8879E1FF36C31F7179E, 77A4F24F995D4C0689C43F9956E08DCEC62517E4F8B1B9EAA1852B5293DB5B9A ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys 17:30:48.0357 0x37ac NdisImPlatform - ok 17:30:48.0410 0x37ac [ 1FAD2398673F30CEC616B89C46B7DCBA, 70302049E6AE2BC6B3A7A9DE54D3F940AD6A9771CC2EBCCEC65994E67A25ECB5 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 17:30:48.0433 0x37ac NdisTapi - ok 17:30:48.0464 0x37ac [ AEB8ECBE66CC46854066CB1F5623E179, 2F650A85A9DAE38887610C0B876621035616CEDB65D4BBBD7F1405616D218AAF ] Ndisuio C:\WINDOWS\system32\drivers\ndisuio.sys 17:30:48.0471 0x37ac Ndisuio - ok 17:30:48.0488 0x37ac [ 7340104C2BF2F126714F7CDE85E63610, 45B64EC6F3A4C43F7D74806789067658C6EF0D44D36B841F4D26E1EBC95AF66C ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys 17:30:48.0492 0x37ac NdisVirtualBus - ok 17:30:48.0531 0x37ac [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] NdisWan C:\WINDOWS\System32\drivers\ndiswan.sys 17:30:48.0543 0x37ac NdisWan - ok 17:30:48.0557 0x37ac [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys 17:30:48.0565 0x37ac ndiswanlegacy - ok 17:30:48.0584 0x37ac [ 78A12E3DF035B5D054986949B19BE43C, AD9B34F89B9F27D473BD5FCE6694A40FCCB808B61ABEDD6F70F1AF6C7E73ABF8 ] ndproxy C:\WINDOWS\system32\DRIVERS\NDProxy.sys 17:30:48.0589 0x37ac ndproxy - ok 17:30:48.0653 0x37ac [ 04C8859355C1DC9C0FA198D1894D71C2, E7C67E73009341B5D402470C686781B3C7BBE2531CE26665E08E711B990B1A77 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys 17:30:48.0664 0x37ac Ndu - ok 17:30:48.0693 0x37ac [ 6C76780A01FC2B885BD6E957B5C36B02, DB7834F03A765F65C773E772D8051AFADB22CA4B5074180AA397857A0C47A068 ] NetAdapterCx C:\WINDOWS\system32\drivers\NetAdapterCx.sys 17:30:48.0700 0x37ac NetAdapterCx - ok 17:30:48.0729 0x37ac [ 5D1513BD6430307C9DB86C6E351372ED, D2AB709CF7CFA5B857B084AFC821914A975B7DDDCE154229981F19448973BD6D ] NetBIOS C:\WINDOWS\system32\drivers\netbios.sys 17:30:48.0734 0x37ac NetBIOS - ok 17:30:48.0755 0x37ac [ 6FEBB0A847FFD5F057B9AC8889F1B9A7, 558BCC64C59079E6569F61CCE1219A124B3313FC4E6CB5CBCC94124D202FF19D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 17:30:48.0768 0x37ac NetBT - ok 17:30:48.0781 0x37ac [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] Netlogon C:\WINDOWS\system32\lsass.exe 17:30:48.0786 0x37ac Netlogon - ok 17:30:48.0857 0x37ac [ D3BF2DA9216A4CF22A97820A50A67EFF, D00CBE0A7ECFB449D9B48967A01EE56141404EBE229893D5A1710781AD5F2551 ] Netman C:\WINDOWS\System32\netman.dll 17:30:48.0886 0x37ac Netman - ok 17:30:48.0975 0x37ac [ F2645D51DD8AABC8BC72358409410437, 8CB97628923D6CEA6EFAD7E666BE92C154060BD108C28D46287A520A14B18ADA ] netprofm C:\WINDOWS\System32\netprofmsvc.dll 17:30:49.0045 0x37ac netprofm - ok 17:30:49.0106 0x37ac [ D65F295A049473E6A39EA9A0EA76CA32, 274FC0BA044EB2D14093AB0E561F7FACEE06A3F433C81343C8B926FA2F9BD251 ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll 17:30:49.0130 0x37ac NetSetupSvc - ok 17:30:49.0606 0x37ac [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 17:30:49.0644 0x37ac NetTcpPortSharing - ok 17:30:49.0763 0x37ac [ 589882D9779C262F10C509BA458746E4, 85A964D69C50602CEE86DA4523D635962DE6526BE425A940340039979D511BA0 ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll 17:30:49.0836 0x37ac NgcCtnrSvc - ok 17:30:49.0930 0x37ac [ 56D1846C49F2D2B0110535AD8C90C0E4, 33C59489919A334E18A971F983E93E4A69FCD243BD06B45BC9A4F5CA224A976B ] NgcSvc C:\WINDOWS\system32\ngcsvc.dll 17:30:50.0038 0x37ac NgcSvc - ok 17:30:50.0163 0x37ac [ 9B9F520C72EE33EAEC857124BB800243, DFA9386B272F4D86F3E4BE861A2FC4617261E1AA40576DDA610FC24AB4961A63 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll 17:30:50.0239 0x37ac NlaSvc - ok 17:30:50.0308 0x37ac [ 88960DB46ACCC3FEDEBBB8184D1D8BF5, 6FC18EFC8B4BE7A2A64166C735E1CB9B20E8B62F2296A01576AC1769E3C24E31 ] NNSALPC C:\WINDOWS\system32\DRIVERS\NNSALPC.sys 17:30:50.0329 0x37ac NNSALPC - ok 17:30:50.0418 0x37ac [ 528C0EDB540F0B0A7054D9E2517E8A35, 0762BF4C2D9D8DB648F58CC3D7A919239E4DB8712D8941D53652371F2C025378 ] NNSHTTP C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys 17:30:50.0462 0x37ac NNSHTTP - ok 17:30:50.0481 0x37ac [ DA4688175B84E522F4E0D269475D01D6, D330B09FDD7BEEDB65E7DC2AC3D410F2BC64BEE4ACD663237B4C0F0814C8CE3A ] NNSHTTPS C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys 17:30:50.0499 0x37ac NNSHTTPS - ok 17:30:50.0557 0x37ac [ C71B72375BB54A22F053E7EBDA28BB5C, D188D16BDCED9A5877C8B7791B7C354E266B6B37C110140033E00850372700F5 ] NNSIDS C:\WINDOWS\system32\DRIVERS\NNSIDS.sys 17:30:50.0565 0x37ac NNSIDS - ok 17:30:50.0593 0x37ac [ E4B9C6200A8A1213FD29FAF3C42F5F22, 32B21D03BAE08418E5E3B41D7A792378F9915A4AE24C9007B5192E98D480C12B ] NNSNAHSL C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys 17:30:50.0600 0x37ac NNSNAHSL - ok 17:30:50.0634 0x37ac [ 3F6BAA8B1C4BC50735E54DBDBED734D8, 6E892687D12E947548059E1534ED12EB20DF1A6196EAF73657192C46C9CA7FBB ] NNSPICC C:\WINDOWS\system32\DRIVERS\NNSPICC.sys 17:30:50.0640 0x37ac NNSPICC - ok 17:30:50.0648 0x37ac [ 7585AB5A79BC35C4892DC22E3F523516, DBEB3AB613801574883ADD2DD2011FF295DFB69CB3ACD1FA7952030ED5405CAB ] NNSPIHSW C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys 17:30:50.0653 0x37ac NNSPIHSW - ok 17:30:50.0770 0x37ac [ D9609840CF0571B783A4E81B9061F2B6, 1CED58206E7D90FE20B689DD13427D4C7019239B0AF84CBDA656CF0F2437A726 ] NNSPOP3 C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys 17:30:50.0814 0x37ac NNSPOP3 - ok 17:30:50.0854 0x37ac [ F3F228144410965A196123A4F4D60B66, 9132EE85915DB17B931C3C51819E8522033B3A7AE53B57593F7C77BAD43B9EC3 ] NNSPROT C:\WINDOWS\system32\DRIVERS\NNSPROT.sys 17:30:50.0877 0x37ac NNSPROT - ok 17:30:50.0958 0x37ac [ 8B6BEB3F0980DB3928811F805E97F03E, 42FC0274E20670A81B19FEE7D56CBAAB42F5B632F9489D458E0DBB96B5088D3E ] NNSPRV C:\WINDOWS\system32\DRIVERS\NNSPRV.sys 17:30:50.0973 0x37ac NNSPRV - ok 17:30:51.0054 0x37ac [ 4125E22EF46CFBFB59DEE7F7144E6D74, 4D5C451CA26CF34E0AB6F17F1862398F5E9F6513F306080BDC56893D9B6FBE53 ] NNSSMTP C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys 17:30:51.0065 0x37ac NNSSMTP - ok 17:30:51.0214 0x37ac [ 935ADC2A106BB366F148CB378686D26E, B5B059374CD2DC1CC9FE43046494E7AA880CBE752D38F1BD0EFD7E49879CFFD0 ] NNSSTRM C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys 17:30:51.0236 0x37ac NNSSTRM - ok 17:30:51.0309 0x37ac [ E74AA03D6C9E443EC1C7A35B9B04DAA2, A3B4CB031F33B11F4D5FFE610CD34F8BC4EC6892D850C9ED6B46B20BCFBF0DC1 ] NNSTLSC C:\WINDOWS\system32\DRIVERS\NNSTLSC.sys 17:30:51.0322 0x37ac NNSTLSC - ok 17:30:51.0372 0x37ac [ 001CBD7A2CD45C4EB39C01C3C677EF73, F4AAF4D60DB1232921C7811A62287B55C7C098B7A1FF9A40D88AF58A5ABECBA2 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 17:30:51.0409 0x37ac Npfs - ok 17:30:51.0495 0x37ac [ 90F5DC9802AAA00CD0B6E2AD9E7FFADC, 71C0777829299DECA6ACD42F38802DBE3C29A42CFBD8A396F39DFA44D1F55B6C ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys 17:30:51.0509 0x37ac npsvctrig - ok 17:30:51.0816 0x37ac [ C7340B6DEE1DF0856413F69F908ABD84, 9F712505E16543C40A624322DE1C50D3D75ABD41FDC3033BCD7E8E28B599C562 ] NS C:\Program Files\Norton Security\Engine\22.9.4.8\NS.exe 17:30:51.0836 0x37ac NS - ok 17:30:51.0922 0x37ac [ 1993C85962692EF7024501E7FE92D466, F5BCAA8308495EBF8BB061C2015E07C202A779668D171364D7E312975BC18B10 ] nsi C:\WINDOWS\system32\nsisvc.dll 17:30:51.0932 0x37ac nsi - ok 17:30:51.0953 0x37ac [ 0C6218321A09A7B51BA7FFAFBA4CCB21, 330B3FA793A78410B28DFC8250BBF24442E3BB80434A7938BB96F02337614E0D ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys 17:30:51.0958 0x37ac nsiproxy - ok 17:30:52.0123 0x37ac [ 8DB6A6B731CEC9046CD8CA0267EC5679, 1C9D826D41B6C069E557B9CBF8762AB02F3C3D817AFD4F9284CD73505477E87C ] NTFS C:\WINDOWS\system32\drivers\NTFS.sys 17:30:52.0220 0x37ac NTFS - ok 17:30:52.0276 0x37ac [ 6E6DD6F9DD2A034CF85E94047DBDB992, 63D0A0756F551B7668D1CBAB24B29FD462C706E8A81690BC248D6C92061FE215 ] Null C:\WINDOWS\system32\drivers\Null.sys 17:30:52.0301 0x37ac Null - ok 17:30:52.0823 0x37ac [ 9859A34471D991AB7437B430C5FA8EDE, 9117AA2A513F161F5F5A382F5A1F5EEA8E36074973B793E9A42FAC55DC7E439A ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys 17:30:53.0325 0x37ac nvlddmkm - ok |
|
23.06.2017, 17:55
| #3 |
| | TDSSKiller Report (Teil 2) 17:30:53.0354 0x37ac [ B9EF46C64AFF91523AF14DA36AE20948, CE5B0C98D880BC5FBA0CC81A74F0846B4A91CA26CF092D9184998145715E9240 ] nvpciflt C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
__________________17:30:53.0520 0x37ac nvpciflt - ok 17:30:53.0606 0x37ac [ D261DF41F0840F734856A2B4F5E072C7, 2E703556D0C919375D0B7770513456844B13362190643D5524663EC8546E0FF5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys 17:30:53.0641 0x37ac nvraid - ok 17:30:53.0676 0x37ac [ 23B702B555EB0436B9DAA0BC63DA65CE, D454F80D9657CFEC852F022C12D7B2C1A2D7D247ECC591EDB07B9369DFD8C99E ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys 17:30:53.0715 0x37ac nvstor - ok 17:30:53.0847 0x37ac [ FFADB2E34CE378F059F57161AD555DBF, 442C79D96012ABD76CB8A4FE1490AEB7D8CC9068170AB85DB7F8115FA807ADB0 ] nvsvc C:\WINDOWS\system32\nvvsvc.exe 17:30:53.0874 0x37ac nvsvc - ok 17:30:53.0956 0x37ac [ 17997DC2441F7E29CDFC6458E0392764, 636CCE2DA1EF8195B33F8D6D5C8CC151D58EBF08DC9AD8ACCCE7ABD41A69639F ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll 17:30:53.0979 0x37ac OneSyncSvc - ok 17:30:54.0051 0x37ac [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 17:30:54.0063 0x37ac ose - ok 17:30:54.0360 0x37ac [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 17:30:54.0482 0x37ac osppsvc - ok 17:30:54.0561 0x37ac [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll 17:30:54.0594 0x37ac p2pimsvc - ok 17:30:54.0671 0x37ac [ 2BBCED66D7AFC968BDBB0E4D8524DF0A, 762D916390F9DE69B3EA1D31244224F910645F8E5CEF4C505B76B215BFDFCD9A ] p2psvc C:\WINDOWS\system32\p2psvc.dll 17:30:54.0718 0x37ac p2psvc - ok 17:30:54.0760 0x37ac [ 823079C4FF6CE5AB1C61A332FFA8918E, D31EC3DF7F28875FE567D489000B2CC98D34ACB85598C584316047487E90985F ] PandaAgent C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe 17:30:54.0765 0x37ac PandaAgent - ok 17:30:54.0818 0x37ac [ 6B81BF7853D161DB8AC62CD8B9C2DE6B, B2DC06D135FD2501217DDA7349556EB873309E02188D4C3901807BA24FAB30C7 ] Parport C:\WINDOWS\System32\drivers\parport.sys 17:30:54.0851 0x37ac Parport - ok 17:30:54.0908 0x37ac [ 0553ECB742278C8F4CFA28B43FF20EAD, ACD7F5BC36573BCEC2C3413DEA687034ECC101EDD3C1544B264BBA29EFCE3425 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys 17:30:54.0953 0x37ac partmgr - ok 17:30:55.0048 0x37ac [ CDD8EDF4C35BE6D6137112F5CC7A70DA, 80EECA6BC2E668E5652A5CA9B119CCCE2A2E421F0EED1FD0EAC20C42E77C02ED ] PcaSvc C:\WINDOWS\System32\pcasvc.dll 17:30:55.0103 0x37ac PcaSvc - ok 17:30:55.0172 0x37ac [ 29AF16726F4DD84376ECA85AB6AFF2C6, BEF9EA10637065365ED343C4EBA51191B9BEADD8F1F3362D3EFE75F40BE9A027 ] pci C:\WINDOWS\system32\drivers\pci.sys 17:30:55.0206 0x37ac pci - ok 17:30:55.0310 0x37ac [ 214DCC87E3898F738075D1341252A552, E721FBBC3510DDB848A8CAEA3B6031EE988F42252DBC3BF7BDB6ABD9A0D9FABD ] pciide C:\WINDOWS\system32\drivers\pciide.sys 17:30:55.0346 0x37ac pciide - ok 17:30:55.0406 0x37ac [ AED76A3333B3A31536E430020E0226FC, EC255B79B0908E3C142D92E35B79D90A3F2594BA012CA2B1B04A6A8745153430 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys 17:30:55.0429 0x37ac pcmcia - ok 17:30:55.0453 0x37ac [ E63FB38B6E75B39467492FBAD2CD512A, DB406C92BA2460C833A49B98EB5BD58348E868F643A0123B0C9B5315FFC6A124 ] pcw C:\WINDOWS\system32\drivers\pcw.sys 17:30:55.0458 0x37ac pcw - ok 17:30:55.0518 0x37ac [ CA979960D3A580C78EDB4BBD6BD3ABCC, 2A136BC562235D26F6421027B158D406FB1D08FE7D70A50DD3E4D344B0E27205 ] pdc C:\WINDOWS\system32\drivers\pdc.sys 17:30:55.0530 0x37ac pdc - ok 17:30:55.0628 0x37ac [ 1509A77F840AA9E72CF8247D0CF2FBDE, 2D47AD4D8F5C2D871E603FB6D72D25EFD0E63FA3A542DAADAB9D82ED074C0E0B ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys 17:30:55.0673 0x37ac PEAUTH - ok 17:30:55.0821 0x37ac [ 2B55ACB1727A8E5E7514D2D75AC4EBEB, 5E7449F3EE0B15E400E405DE561ED2D3932259107A9D9320AE42CA1A5C5AB992 ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll 17:30:55.0921 0x37ac PeerDistSvc - ok 17:30:55.0982 0x37ac [ 540116170E2135FCD5DDE77702166B67, CBEC51C2D47532F1781B3255040F303263420B204C2F8BB2B5D1EC342F57B285 ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys 17:30:55.0990 0x37ac percsas2i - ok 17:30:56.0016 0x37ac [ 8356F87553BF49C703CF382033815898, 245EB941566D848F134629690BF271B1CBEAB6440771D3D8D7AED3756835354E ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys 17:30:56.0022 0x37ac percsas3i - ok 17:30:56.0172 0x37ac [ CB5343FF52A702A9ACFAAE6BE972FE09, EAA5362D91D05D382DF4EBBAA3FD575456F23CAD531CC6F1270F8254892DBF02 ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe 17:30:56.0181 0x37ac PerfHost - ok 17:30:56.0310 0x37ac [ D0D57322ABC7473E54472D8374169CC5, BD14A13D6908C8669E56EF9401FD8A3D7C618E8B6556B36E634864E733BCA4B2 ] PhoneSvc C:\WINDOWS\System32\PhoneService.dll 17:30:56.0352 0x37ac PhoneSvc - ok 17:30:56.0417 0x37ac [ C7A94D99CDF054248EFBD9B93D096DA6, F59F0EB5B17DC078E47D044B1126A786D67DC149AC9614CDA6AA1226EEE3EF55 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll 17:30:56.0445 0x37ac PimIndexMaintenanceSvc - ok 17:30:56.0590 0x37ac [ F931F21E4287FE3ECCF09B54A232BBA2, CEB7AB3236E5F30214027092B7B695ED35F7A1E007DF4046797D1E4DFEF49EC8 ] pla C:\WINDOWS\system32\pla.dll 17:30:56.0704 0x37ac pla - ok 17:30:56.0765 0x37ac [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll 17:30:56.0775 0x37ac PlugPlay - ok 17:30:56.0790 0x37ac [ 56D7A89423325121C4A9BD5C326414F3, 649048C23D1973C3504E26B35362AC99DFE9BF31FFE73F45B43306A212AEA34C ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll 17:30:56.0824 0x37ac PNRPAutoReg - ok 17:30:56.0850 0x37ac [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll 17:30:56.0880 0x37ac PNRPsvc - ok 17:30:56.0970 0x37ac [ F70CAC34B455D05EAA04B2F8FB58E1CB, 295BFFB3DA03C5CE5462C11D3240024B68AC06E8DEA9062A739BE2CCEE19EB5D ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll 17:30:57.0038 0x37ac PolicyAgent - ok 17:30:57.0065 0x37ac [ 60C8376B48BA96F07AEA536527433D44, EB988C119C3E71169B91ED2A744C71933DD35447DC4A8249E80EC24E9E7077D4 ] Power C:\WINDOWS\system32\umpo.dll 17:30:57.0098 0x37ac Power - ok 17:30:57.0153 0x37ac [ 5645B9D9788CCA2C88B9534996ED2D6D, 4988942DF163DB5B9B1A08CE6B628D2C47C2E2EAA30AEAE4EFE21C8CF4C8DC5D ] PptpMiniport C:\WINDOWS\System32\drivers\raspptp.sys 17:30:57.0185 0x37ac PptpMiniport - ok 17:30:57.0474 0x37ac [ 30AA256A85C1A7B17A590B1C5244D28E, 2C1FB30DEF53C37CA0D0CA54B65CB8572C53DDFB430DE57F964253F1082ACEA0 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll 17:30:57.0619 0x37ac PrintNotify - ok 17:30:57.0676 0x37ac [ 372913E12677A8CBBBABDD8311894F9D, A5233D95A0D22D2A9DB214E7CB79A99D389B67189FF6A87D0AD4610A333A637F ] Processor C:\WINDOWS\System32\drivers\processr.sys 17:30:57.0684 0x37ac Processor - ok 17:30:57.0769 0x37ac [ 1F115AF75EFBAC28479B4F94A3F8D4A3, BE8D8C50D985F6AF9DDC0F13BDBE2D55D600E1F5E344982536538B14EC484AA6 ] ProfSvc C:\WINDOWS\system32\profsvc.dll 17:30:57.0817 0x37ac ProfSvc - ok 17:30:57.0883 0x37ac [ FC98407B85A31161851FDE245517574F, 2CCD706CF243934FCDA32B24CE0C385EA2E67F206E0306FA584496F583A20CD1 ] Psched C:\WINDOWS\system32\drivers\pacer.sys 17:30:57.0907 0x37ac Psched - ok 17:30:57.0972 0x37ac [ D86DE53B3DDA59CF1A187687E038B3E1, A857BDA0F3A84F6D0EFCBF627AD1D1C1DB4326AF0C47182FB9984D124EB4ECFD ] PSINAflt C:\WINDOWS\system32\DRIVERS\PSINAflt.sys 17:30:58.0006 0x37ac PSINAflt - ok 17:30:58.0061 0x37ac [ 7A0BB6EE85BD4CAC28E82FDC21CF5DBD, 30E9E4169930DC427C61A4AB5D96D0D4305865AC51C0A524621A9A605CB8006C ] PSINFile C:\WINDOWS\system32\DRIVERS\PSINFile.sys 17:30:58.0094 0x37ac PSINFile - ok 17:30:58.0198 0x37ac [ 54994A5A8590B353DC6F827EACEA8824, F633FE283EB41B2206FB4B9E2BD3B1AE0DE8E1D752D18A90D976DB1B8333F483 ] PSINKNC C:\WINDOWS\system32\DRIVERS\PSINKNC.sys 17:30:58.0230 0x37ac PSINKNC - ok 17:30:58.0244 0x37ac [ 3C3DC79600F296191B5E5EB8447F42E5, 5C9BCDEE9A5E71D8D148BA7EA3C40D5239F02D1983E14D4DC91C47D430358A7F ] PSINProc C:\WINDOWS\system32\DRIVERS\PSINProc.sys 17:30:58.0267 0x37ac PSINProc - ok 17:30:58.0288 0x37ac [ 4478E2A174D133D9B7B281B98AE8BECD, F42281235F4E3BC794E60D8C20277A1F5548A855997A4A5691AC88105359F7B4 ] PSINProt C:\WINDOWS\system32\DRIVERS\PSINProt.sys 17:30:58.0296 0x37ac PSINProt - ok 17:30:58.0318 0x37ac [ F50257866AA57FC263BB82654F421599, C0D86653CA9010C21E80AC3F6B98E08AF7D2DEE94E9E3524D7EB9CDBA56E197F ] PSINReg C:\WINDOWS\system32\DRIVERS\PSINReg.sys 17:30:58.0325 0x37ac PSINReg - ok 17:30:58.0363 0x37ac [ 9746D407113028F9CDAC7031D717203E, 7F9A397038732678C52A73E5E2238AB3619E3C1FCB2CE41EFC8E5BD38D77F83E ] PSKMAD C:\WINDOWS\system32\DRIVERS\PSKMAD.sys 17:30:58.0368 0x37ac PSKMAD - ok 17:30:58.0449 0x37ac PSUAService - ok 17:30:58.0527 0x37ac [ 7A68710BAC9B6809314B86C0CB1CBC4A, C02D97993D1F6FE6EFBA5B1366B3A4FE8CE1136A95F3A2DA07BA59554C163501 ] QWAVE C:\WINDOWS\system32\qwave.dll 17:30:58.0590 0x37ac QWAVE - ok 17:30:58.0650 0x37ac [ 819602BBBFDB0BD46DEA3715BF0DD452, D4007FF1E5296316B53436CA3598D6B1CF4F60AB77D5B02F3E595081EDD5D879 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys 17:30:58.0695 0x37ac QWAVEdrv - ok 17:30:58.0762 0x37ac [ CDF47037A0939F56D11F699629C276AD, A63F2A3FE80FB8084E3870E907505694B79EE1D9E56E292C01D481FEFD2534B0 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 17:30:58.0784 0x37ac RasAcd - ok 17:30:58.0879 0x37ac [ 28C2EA278070EE12701D0EDF8CB0EC36, F10288C1C6835840026DB30285345EF892DE989F43C948E7F4760B8895FF675F ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys 17:30:58.0891 0x37ac RasAgileVpn - ok 17:30:58.0954 0x37ac [ 7B82197BF35CC3BE59AEF8B706AB8A16, AB0216164A548A48CD21F5F035E57E867584A96890B9887EC08F8DABDD89F990 ] RasAuto C:\WINDOWS\System32\rasauto.dll 17:30:58.0979 0x37ac RasAuto - ok 17:30:59.0009 0x37ac [ 17E565710172ED71B8531D8822E1C5D1, 0CA39ABD9E544DDAD9D9D7D1FC50444274C31E18F9BF73069051D9F62833698F ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys 17:30:59.0023 0x37ac Rasl2tp - ok 17:30:59.0125 0x37ac [ 28C80449AC9CA09A6DBADF4940C125A7, A827E3A2D7DF67073CCE63C63168B2F4067C7D36E89BB99D4C6F17E46BECEB56 ] RasMan C:\WINDOWS\System32\rasmans.dll 17:30:59.0164 0x37ac RasMan - ok 17:30:59.0189 0x37ac [ 726857E441D1D67F57694A1B613ABD34, 564027EF2E80F99595282FF76B6D339045B7E9AFE72D8DDF2D6EB0D98C329834 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 17:30:59.0195 0x37ac RasPppoe - ok 17:30:59.0216 0x37ac [ F0F4EEDEEBEE7A4244FAFB96A16B5712, F64717E601BD5EB674003009507B8CDD6F69F00E8670D6895EC64786166A0E8D ] RasSstp C:\WINDOWS\System32\drivers\rassstp.sys 17:30:59.0221 0x37ac RasSstp - ok 17:30:59.0253 0x37ac [ 1A49C9F966A04D031DAD4C73C49D5288, 05C8690948EAA2A55A208D8D34118C27FD5C7D7AEEF4FAD1346E40BBE586946D ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 17:30:59.0276 0x37ac rdbss - ok 17:30:59.0340 0x37ac [ 79A415E6FA915EFC00297DAB16EC2635, 47BB49F6D756214193D38A4AB182B541AAC180381C3111FF7F9B0AD4C44D8733 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys 17:30:59.0346 0x37ac rdpbus - ok 17:30:59.0388 0x37ac [ 7135785C21CA79D270D11037C43D3F19, 654A3C65CF891ED8C82A740D10CF607FC7D709185E664DE03288CEB5B25F03A6 ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys 17:30:59.0399 0x37ac RDPDR - ok 17:30:59.0492 0x37ac [ 97A61A3CB2B5CB4FC32B3224EF333448, E4F2E8BCEE3639BE57BBC8A8E67FDE42C3A5158F1204684B0ECD216F4AA044A3 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys 17:30:59.0496 0x37ac RdpVideoMiniport - ok 17:30:59.0521 0x37ac [ 69BB204AE07EE84ECFAB1BF13C4BD04B, 1CA832CBF4AE4821EEA2A19F9519C2D1D00406B8CCE2A86FE3B33A5F293DB218 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys 17:30:59.0544 0x37ac rdyboost - ok 17:30:59.0671 0x37ac [ 940D6F5A2B0A61EE4170DF84F6C95C20, F8EE846DC8015EDFE7CB5BEEDC977EAA9C586BAC2216DE69D8ECCBDBC7408649 ] ReFSv1 C:\WINDOWS\system32\drivers\ReFSv1.sys 17:30:59.0741 0x37ac ReFSv1 - ok 17:30:59.0815 0x37ac [ 13F6B64235C60167052364BF7D99E4CA, BC12EE00775F7456FB922FBD684BF3F0CFABA5BEBB6E162C23B41DED5C20A978 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 17:30:59.0848 0x37ac RemoteAccess - ok 17:30:59.0900 0x37ac [ 3183B161B1F05333F6C325577FEF3596, D6A89B2A021377B6F371E5B9EFC36FF018822B28F0ED41F8CD2F00C5C8605707 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll 17:30:59.0923 0x37ac RemoteRegistry - ok 17:31:00.0008 0x37ac [ 6FF3A30B1220D939D6120646BD5801F3, A526A24912FC5401E96796E41A4945D549486464067179201BCB25BF53049862 ] RetailDemo C:\WINDOWS\system32\RDXService.dll 17:31:00.0085 0x37ac RetailDemo - ok 17:31:00.0213 0x37ac [ C7463D0A8E63A2C2F89E03F98E9EE63F, A1520FAF11CAD2F5785C90F80D1C641AC5B5F8A49216D287D67A4BFF99D8F989 ] RichVideo64 C:\Program Files\CyberLink\Shared files\RichVideo64.exe 17:31:00.0232 0x37ac RichVideo64 - ok 17:31:00.0255 0x37ac [ 5DAA644F17780FC4E3F4820A46D38FEC, 32C27FFA0A4608B164F4E709CD0D998AB73CA9713BE3E47F9DBC7B3D1B6C7453 ] RmSvc C:\WINDOWS\System32\RMapi.dll 17:31:00.0288 0x37ac RmSvc - ok 17:31:00.0343 0x37ac [ 672724C8B21B7DC56646045DE4D5B860, 79986E80A92C949C543959F1E35647A9788DAB2892AC20B6DEA5C0BBC0CEDE9E ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll 17:31:00.0365 0x37ac RpcEptMapper - ok 17:31:00.0414 0x37ac [ 109C1D609951E886D3643B15C1EDD1C2, 347D8E7C50EC7F96217C7421D9BC8A42C9DF50B94169CB58DCF857A63C33C2EA ] RpcLocator C:\WINDOWS\system32\locator.exe 17:31:00.0437 0x37ac RpcLocator - ok 17:31:00.0541 0x37ac [ 4A7015195E49A3BA7DB967B277B21E9D, 2EE10950BC0E2B13303491725FB3F0D3AF63518B7D1593BCC4BF503F4A11F408 ] RpcSs C:\WINDOWS\system32\rpcss.dll 17:31:00.0590 0x37ac RpcSs - ok 17:31:00.0649 0x37ac [ 5FF28F097C9699097B473F8FC7C1AA7D, 695560F1DBD85073F3D6CB1FF16F16504CA044EA62E940E463A16BBA8B86E2FA ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys 17:31:00.0656 0x37ac rspndr - ok 17:31:00.0722 0x37ac RtkAudioService - ok 17:31:00.0749 0x37ac [ B5DAEE69BACA64D2BB004568E22D8756, C0072CF6B438ED756435A182D55AC55F3AD356ACBD483DE06A94893D3CA8CCC5 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys 17:31:00.0752 0x37ac s3cap - ok 17:31:00.0810 0x37ac [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] SamSs C:\WINDOWS\system32\lsass.exe 17:31:00.0817 0x37ac SamSs - ok 17:31:00.0873 0x37ac [ 5E73FB63E2DBC75FE0C17DEB0010CE0E, 9DAC47486262397D03BC01F7438CAB62CF33BD7B5283F5B9548C770A3D6D0ADC ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys 17:31:00.0907 0x37ac sbp2port - ok 17:31:01.0003 0x37ac [ 3CD0130FFDEAEACF0905B482F3934EA3, 1EC355B63135FD2563093EBB206741C0C4CCE0551A662F6DC86C875146A88B06 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll 17:31:01.0073 0x37ac SCardSvr - ok 17:31:01.0124 0x37ac [ 5E8ECCE130A72107B6DFDBE26185A7FB, 811E2CE485BC14161FF629069BCCF53B2B8C6F8B1E1A6B3A3C86DBE4F85A5577 ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll 17:31:01.0158 0x37ac ScDeviceEnum - ok 17:31:01.0219 0x37ac [ 3D9A82B03C92D1FEC42CB171D6F57778, DC027F02F5EB5F1D10DB6F405FB0C15D4D5C922445F5F3C916624113278AF072 ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys 17:31:01.0225 0x37ac scfilter - ok 17:31:01.0287 0x37ac [ D4DB6B318A0A0C74A90260725A228C0B, 57BA2EF9D880488C785C806ABF9EE753A48E589129442D72F815CD6EFFA07B22 ] Schedule C:\WINDOWS\system32\schedsvc.dll 17:31:01.0335 0x37ac Schedule - ok 17:31:01.0393 0x37ac [ B8B1D49283F33E3FFFDB611E51BCA7E5, C467A60150ED3E59D42CA45E8D0410613CC78D1B99DE011CF1C5D82FC799C27B ] scmbus C:\WINDOWS\system32\drivers\scmbus.sys 17:31:01.0398 0x37ac scmbus - ok 17:31:01.0451 0x37ac [ B6F2363584E62960846F7C3F00124A4F, 252189FF9D623CF69BF415FF7C7FE74B0BBF756B632420578BFAFF6595616CF7 ] scmdisk0101 C:\WINDOWS\System32\drivers\scmdisk0101.sys 17:31:01.0484 0x37ac scmdisk0101 - ok 17:31:01.0553 0x37ac [ E189727B3C9909A85B33A16B290E192E, 2C273A9F44EDC5E5435904E9681973854B2F3EBB6100021BB139FF0CCCE9BF20 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll 17:31:01.0584 0x37ac SCPolicySvc - ok 17:31:01.0680 0x37ac [ 7C3D10BEC8B0DBA00A78C78EB10B3AE2, A671C9CB97977613576D70607E106C7A29B9EA9E875C7C5AF293EE5903D7AD0A ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys 17:31:01.0734 0x37ac sdbus - ok 17:31:01.0786 0x37ac [ F3714DBAA42C15F78FFCDFE4273214EB, 2D018970B92C5F0744FAE10A2FC298F3DCEA5C2EDEB760F4F0651337B9878ABF ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll 17:31:01.0809 0x37ac SDRSVC - ok 17:31:01.0911 0x37ac [ 120DFCB71D6C502613A9E2D50E16850C, 2C294010AD1C9C380CD5221A37720544178B7358C8C8553AF44055E4CEE5DAF5 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys 17:31:01.0943 0x37ac sdstor - ok 17:31:01.0968 0x37ac [ EFD644DD091E1D94555FC3BBC95EA66D, FBDDA6680BEC378CCF12A32D9186020E884DA15A1E789D1531B1E687FC7B54B1 ] seclogon C:\WINDOWS\system32\seclogon.dll 17:31:01.0979 0x37ac seclogon - ok 17:31:02.0040 0x37ac [ F48535714BED7DD784853889B4594B26, 9B4AB7E7293E79A8F6CC46C84F23E62AD3BD6E958FCE078CDBB125A69FAC7E50 ] SENS C:\WINDOWS\System32\sens.dll 17:31:02.0065 0x37ac SENS - ok 17:31:02.0070 0x37ac Sense - ok 17:31:02.0214 0x37ac [ CF2AEB951CFC56D4F6CF2D66218B673C, CEA0B0E0251EA198893830080EE4CB8A9F18ADBF1F6FEFFC9C7E8AB4588D0639 ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe 17:31:02.0292 0x37ac SensorDataService - ok 17:31:02.0445 0x37ac [ C09A42163878A082C3F0D0A3DFE95714, 8033DC38D0EDED3758DA6BF8C1955BE5FFE48863C079C589660B37D0E461300F ] SensorService C:\WINDOWS\system32\SensorService.dll 17:31:02.0496 0x37ac SensorService - ok 17:31:02.0572 0x37ac [ E6F00415DADCEEC860E7AB42BFD19A65, 274CAF22F93D43B6DB6953730E3DF8DA94776B24EEE74B80AB4CD780BC1366A9 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll 17:31:02.0604 0x37ac SensrSvc - ok 17:31:02.0664 0x37ac [ 2B487E44AAC4B1360E52BC1618B9EFD1, D6F91C3A74971D531B30F347AB71C4BBEAD703890957A2E642F6642C904E8A82 ] Ser2pl C:\WINDOWS\system32\DRIVERS\ser2pl64.sys 17:31:02.0693 0x37ac Ser2pl - ok 17:31:02.0752 0x37ac [ 401D706DDC0A7AF18C3DD228ADF74551, 27C0B38D7C2E3F6FF06201124E63483931F6071954B2B99EC0143C464238C0B7 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys 17:31:02.0762 0x37ac SerCx - ok 17:31:02.0887 0x37ac [ 7084D11083F0CDCA8B5C76F9846ABF5D, F639920882B0E784D8CFAF0D4C0F0C411937B6831E5DD99B0ABFBFE06BA4742F ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys 17:31:02.0914 0x37ac SerCx2 - ok 17:31:02.0935 0x37ac [ 3FF478A8ED32A83C36581425F6282B6C, 787646A17098EA7CF36064D0A950C1D470D4A280C8C5AC40023D566E53860EAE ] Serenum C:\WINDOWS\System32\drivers\serenum.sys 17:31:02.0939 0x37ac Serenum - ok 17:31:02.0962 0x37ac [ 92509187AA171A80521528B36F753E1D, FE0DA272B8A155ECC161E99586C4AE7EE17B1C84BC330DA1566C83B8E03FA825 ] Serial C:\WINDOWS\System32\drivers\serial.sys 17:31:02.0968 0x37ac Serial - ok 17:31:02.0984 0x37ac [ 433D38FF6D08B993847EA2A10EB8CB52, 29BA75DB6D1AC761BBDFB5AC8874FC7D763E1CD10D290E369063B34CE951270F ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys 17:31:02.0989 0x37ac sermouse - ok 17:31:03.0070 0x37ac [ 82CF273F0E8F243789683DEB40757569, 5433D93A41C4BF04494E6158931C6AC3154888F7CD3A417253EC02FF7EA6D00E ] SessionEnv C:\WINDOWS\system32\sessenv.dll 17:31:03.0105 0x37ac SessionEnv - ok 17:31:03.0139 0x37ac [ 697D3EE0740AEAB62B66ABCA1C83D13B, FCF54A0071ED04AD3FC8551C67FE5FD49089DC0510F753052CAC5972A65C9E3D ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys 17:31:03.0143 0x37ac sfloppy - ok 17:31:03.0235 0x37ac [ E38BE81F0F6D9C74E420A82BC6A02AFE, 25D7594FD1BE0B303F9777ACBA702ACD0C27B00D21F82659989C40636851A330 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 17:31:03.0276 0x37ac SharedAccess - ok 17:31:03.0372 0x37ac [ 482E6BE8A07832E824080D352075ACA1, 4123A76C8E805AF4FE229C53E9C174095C0937913BA81A63FE9B45C44AA5B15F ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 17:31:03.0448 0x37ac ShellHWDetection - ok 17:31:03.0512 0x37ac [ CF3BDF9EAD8D3EF671E9339B44B185BA, C17EC6D5B00F49D9C8B5B6C262A85F34ED71C58450659F006B3632AA84F68E23 ] shpamsvc C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll 17:31:03.0557 0x37ac shpamsvc - ok 17:31:03.0607 0x37ac [ A34CE1830E45DA98932295FDE4B7908A, FC553ECF4D64B4B10B7FDE5352707785517A18D487A80665BAFC7261E3F35CDC ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys 17:31:03.0633 0x37ac SiSRaid2 - ok 17:31:03.0708 0x37ac [ A7B5C670770E908DA5FEF5BF1136E933, 8D3BB6FF65E631C34BE8EA766481B2FDB2E1E916A4FD67F86705A8975A136E6C ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys 17:31:03.0754 0x37ac SiSRaid4 - ok 17:31:03.0814 0x37ac [ D233EAE2A9D48485321816486ED635EF, 03AB49BE9CF15EB7EDC50C400E673B4DF0E5BFDA9A7811E157F2AF2F3CF38D49 ] smphost C:\WINDOWS\System32\smphost.dll 17:31:03.0882 0x37ac smphost - ok 17:31:03.0981 0x37ac [ 0B217141AC1283655402CDB356577735, 6EFA4CA46CFC8B7156CE7E5CA89B7F7073E16D66C2FC13F4DB95FEB78CCF698F ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll 17:31:04.0053 0x37ac SmsRouter - ok 17:31:04.0136 0x37ac [ 6F4CE07D420FB657B5936F71101ABD41, CEC52984C56E578E0FFE12BE1B8148335F788B7D1751F2D0E79B944A41113C20 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe 17:31:04.0151 0x37ac SNMPTRAP - ok 17:31:04.0253 0x37ac [ A265FF86BF4C03F47EC277881138675D, 52671A64D22EAA790CAE47D6710289ADB5DBF9BC98CD7CCCF64CA43B2F2A641A ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys 17:31:04.0348 0x37ac spaceport - ok 17:31:04.0422 0x37ac [ E03264C4C25B568F92ED1656AD541E64, D42942BFFBC7213D204FAF84F4FE015FC23A6ACB29B5E752834EDBC17A3AC20D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys 17:31:04.0465 0x37ac SpbCx - ok 17:31:04.0579 0x37ac [ 1DFE222F8D6A422B7ADC909E0C8840DA, 96761691CF4447710D65573044A1005F2F0F89443DF581A30B97D7944940BB70 ] Spooler C:\WINDOWS\System32\spoolsv.exe 17:31:04.0678 0x37ac Spooler - ok 17:31:04.0964 0x37ac [ 23529A00195CE71252FEBF647E56E27D, 8ADF7A1C96DAE005E9A974D90BE8954F88D49B6848252B88513C49E0A3BD9774 ] sppsvc C:\WINDOWS\system32\sppsvc.exe 17:31:05.0223 0x37ac sppsvc - ok 17:31:05.0398 0x37ac [ DCA26325F46401AA9E1E509D09C0BF95, 4FC82E24B2CADB349786536EBF073CAB653F3CF6F11C769F64B3B24FEB7D3551 ] SRTSP C:\WINDOWS\System32\Drivers\NSx64\1609040.008\SRTSP64.SYS 17:31:05.0459 0x37ac SRTSP - ok 17:31:05.0474 0x37ac [ 730F082876A53B2D13584FA103163BF3, 8406F204F51F18F5049F426EEB30BD4DD22BDE3C928CD0D1CEC10824BBCECADE ] SRTSPX C:\WINDOWS\system32\drivers\NSx64\1609040.008\SRTSPX64.SYS 17:31:05.0498 0x37ac SRTSPX - ok 17:31:05.0576 0x37ac [ 2E0F160AFE1EB7E8C21D6FE782FFFE0B, 0CA845468E42F0448FD7BECFA4E75E8548E20CAAA0DE0C37FFFACF7EB16CE0DE ] srv C:\WINDOWS\system32\DRIVERS\srv.sys 17:31:05.0613 0x37ac srv - ok 17:31:05.0663 0x37ac [ A0BDA7332A9EE59062A7037D161C8715, C08818E52B64BDB194A2434C3F479360C960A99AD08F81CF51D64B7D92EBE0CB ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys 17:31:05.0701 0x37ac srv2 - ok 17:31:05.0781 0x37ac [ F13EE0DB1FB1D6946AC3228D7EFCFC8F, 109A809F0338FAB0F4045FA5EE33C6F0A994A9F586B2FBD8920A6AABA0E0EF66 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys 17:31:05.0815 0x37ac srvnet - ok 17:31:05.0894 0x37ac [ 44758105AB3EA34E815D4B6CA1153311, 7F223A20D2538C123BAC6F75BE0E126876A116F09502FD980C05B8916E26E1B7 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 17:31:05.0924 0x37ac SSDPSRV - ok 17:31:06.0004 0x37ac [ B97C7EC07218A8002323718202BF5E77, 39D3254383E3F49FD3E2DFF8212F4B5744D8D5E0A6BB320516C5EE525AD211EB ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll 17:31:06.0045 0x37ac SstpSvc - ok 17:31:06.0300 0x37ac [ 4E330AD1EED4A5D582EE415FD55953A2, 2C02E1F45F74D250110BA5117AA942495CB2EBAC7F2CCECC284B4FB8F47B13E1 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll 17:31:06.0510 0x37ac StateRepository - ok 17:31:06.0701 0x37ac [ 843F16D234D03756B9EB6054B5C62FAA, 529E1F8C6EB4AA881C9FDE9DA6CAFA34F5770E87059E867B8F88B40FE879743D ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 17:31:06.0718 0x37ac Stereo Service - ok 17:31:06.0783 0x37ac [ 29D26E1347AE1BBD4201014E19880B2C, 9E2153AD96CE4F189EEE43BB02515532C619FB1CA02D8F6DEF517AC3347AAA14 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys 17:31:06.0791 0x37ac stexstor - ok 17:31:06.0930 0x37ac [ 505F32DE573ECEDF398DB9E2FC0D5E45, 0F257200BD79C7A62C39279B1C0AF9032028B23561DB71DA9903366A0DF88E5C ] stisvc C:\WINDOWS\System32\wiaservc.dll 17:31:06.0999 0x37ac stisvc - ok 17:31:07.0058 0x37ac [ 6BC6023E866489D22CE30E18846B80D9, FD0D13332F3E267524A9FA7FEC128298D4905722807C172AE8E3DFE445C28DB1 ] storahci C:\WINDOWS\system32\drivers\storahci.sys 17:31:07.0114 0x37ac storahci - ok 17:31:07.0192 0x37ac [ C5E0ACE4771F5575D9D5B457ABF3AD03, 365880BC5AC313F25C313EFB7758301F98D9B2BF4C5FC9499F98C2B7F8407D96 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys 17:31:07.0204 0x37ac storflt - ok 17:31:07.0258 0x37ac [ B66D8C75C9BC59D637177AB3B1C569A6, 76252A631F03EEBF5FDC7693F6B0A5E73838CDBE3157114CC96B8BBE88B476BF ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys 17:31:07.0270 0x37ac stornvme - ok 17:31:07.0290 0x37ac [ BEBF85EB4D90E6996047DA027D0ED26E, DF109CF0F07CDD1B9B702C2A076D4DD5366DAAD971CC9359AF0358E79981706F ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys 17:31:07.0296 0x37ac storqosflt - ok 17:31:07.0360 0x37ac [ B91FBE7CB4633FEB32AFBD0B48576396, 9EFDD92E8096CE5555F8DC3C870864E5515469603C2373B99B3607234633CA66 ] StorSvc C:\WINDOWS\system32\storsvc.dll 17:31:07.0389 0x37ac StorSvc - ok 17:31:07.0409 0x37ac [ 8E73037A6F8938475692FFCC26EBF385, F78C5CD1A3CD17AA831EEC82426B14006B4DDBC9085A4814E04E8C37FD6B05F7 ] storufs C:\WINDOWS\system32\drivers\storufs.sys 17:31:07.0414 0x37ac storufs - ok 17:31:07.0432 0x37ac [ 9D9DED47DA10E845EFF2DD57C94C809B, 520D0CE7A867051B80C8141E351FE5A5BCE3C99776093F234DB77D3407B1F104 ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys 17:31:07.0437 0x37ac storvsc - ok 17:31:07.0490 0x37ac [ 224C92E442B1B8C20C274332F1ACF00D, CDE5DCFB7A21089464A6E2ABB29BBE08B184C3433C218756AA5902A8F67C0B2C ] svsvc C:\WINDOWS\system32\svsvc.dll 17:31:07.0499 0x37ac svsvc - ok 17:31:07.0518 0x37ac [ 505E0C40B5D0ADDCBB414640F59BD2E0, DF4B5E65FE6FF2224F298A2A2FAC9B648C082DFF8463148633647580A9FAD34D ] swenum C:\WINDOWS\System32\drivers\swenum.sys 17:31:07.0524 0x37ac swenum - ok 17:31:07.0553 0x37ac [ 2EE27411B5904C63D723BEA391819F58, C88C11D460E90398E16011B8A2CED5EE5626084F24790EA6115532F8F70060C6 ] swprv C:\WINDOWS\System32\swprv.dll 17:31:07.0573 0x37ac swprv - ok 17:31:07.0668 0x37ac [ 16ABF255E11C98E29800E99AAA879388, 7385D295683C87663BF93C189A9C5DEFAAD96CFAA3FA597AA666FAE6BD018670 ] SymEFASI C:\WINDOWS\system32\drivers\NSx64\1609040.008\SYMEFASI64.SYS 17:31:07.0748 0x37ac SymEFASI - ok 17:31:07.0785 0x37ac [ 3123BDBFE5CF061035D79CB3F3075F82, DB74395045FF4363AE0280F28F9B7D74179181B25829D76A2B048425B59D6B9F ] SymELAM C:\WINDOWS\system32\drivers\NSx64\1609040.008\SymELAM.sys 17:31:07.0789 0x37ac SymELAM - ok 17:31:07.0834 0x37ac [ B439486A910689B6DA73E96404227783, 0F71399AB5D03EDE2F5A00D8D7703A76AFD9DB2CC7B32F363A92B5F365F6B60C ] SymEvent C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS 17:31:07.0840 0x37ac SymEvent - ok 17:31:07.0901 0x37ac [ B4BFD2C3A2406E3F8DC39C4E7EF5C1F6, 1F198DBAA99222E0D1190E0E6B0C2A6D234DB6CAC81DE71166E42780882C5B51 ] SymIRON C:\WINDOWS\system32\drivers\NSx64\1609040.008\Ironx64.SYS 17:31:07.0929 0x37ac SymIRON - ok 17:31:07.0972 0x37ac [ 192802618BFA4889818FDD6B2B8CF2B5, 00B5A539775CA732AE3D2590367141C1C7BAF8D342F23C43EBF36B93F9C7BE42 ] SymNetS C:\WINDOWS\System32\Drivers\NSx64\1609040.008\SYMNETS.SYS 17:31:08.0006 0x37ac SymNetS - ok 17:31:08.0077 0x37ac [ 32F46FB0F290D16DAA452B289C985795, 73F88AAAA6026DB4C27F1D054145216DCC3F1960946FB2A7A90518DD1D5737CB ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys 17:31:08.0082 0x37ac Synth3dVsc - ok 17:31:08.0195 0x37ac [ FED48B19D6F55D7A3AB498D85729D1BA, FA5E0E02BC2E2DE108C55991E3B063CC947072228B53539F42F922661510DE7C ] SysMain C:\WINDOWS\system32\sysmain.dll 17:31:08.0244 0x37ac SysMain - ok 17:31:08.0318 0x37ac [ D9FEA79BF6AF136F8E656AE045C2FEC8, E6F08A93348E035185F0F1C6B6277E636F4F25D1136E3ACCA63488DAEEC7114B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll 17:31:08.0379 0x37ac SystemEventsBroker - ok 17:31:08.0427 0x37ac [ 86E7FD5C8DBEC1EB51C4368561402B75, 86EE61414CD5854E39E33F67BF5DA4377B569B3ED4D18882C470BC6784891DA1 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll 17:31:08.0469 0x37ac TabletInputService - ok 17:31:08.0516 0x37ac [ 3929C8FC134AC672C4F3F85160956257, CD3195CA58BA6F55EA0DDA2BE6AB58280AD1CA488D7AAA1539DD05FB99374F36 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 17:31:08.0560 0x37ac TapiSrv - ok 17:31:08.0711 0x37ac [ F3CFBE74DAF9ABD06F0B2A037DC4C90A, 17644CD7F70CCFFC9C0881AB4017F30D030DE4884B6029C48859C9CF9CA2F14E ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys 17:31:08.0832 0x37ac Tcpip - ok 17:31:08.0953 0x37ac [ F3CFBE74DAF9ABD06F0B2A037DC4C90A, 17644CD7F70CCFFC9C0881AB4017F30D030DE4884B6029C48859C9CF9CA2F14E ] Tcpip6 C:\WINDOWS\system32\drivers\tcpip.sys 17:31:09.0048 0x37ac Tcpip6 - ok 17:31:09.0121 0x37ac [ EC9450227A4C661513661F1F9C1F7DD6, 4DB122DECEA7C76BD20A6682958609A40CA2C9EDD236DFA19E9B31C57114DA3A ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys 17:31:09.0145 0x37ac tcpipreg - ok 17:31:09.0181 0x37ac [ 0B237F8A96952BF95A14865030E131F2, 263089672218D3A768A6FC9D28DBEFE113D6757A9ECBAB4D364A62AC5DDA8AAE ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys 17:31:09.0208 0x37ac tdx - ok 17:31:09.0260 0x37ac [ 06130AFFECEB94525FC2352936576B70, 10EBE2C8FDC087D29E2FFB328F0F7905A5374AB8CC9FAE8699E7676DBC8CBF91 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys 17:31:09.0283 0x37ac terminpt - ok 17:31:09.0387 0x37ac [ FB68E5F02316C42BE7282DA492351C6F, AC31D841FEA58B776127E138DB20F8D48E26FD8C00CE2FA9695EA14EBF159A0A ] TermService C:\WINDOWS\System32\termsrv.dll 17:31:09.0510 0x37ac TermService - ok 17:31:09.0552 0x37ac [ 2AF438EC0D361A7BBB70E604A686602C, 4BE6A0461EB2CB94288614434A1CEC81C2ED46241721FD5BBD8ABE0680F7C804 ] Themes C:\WINDOWS\system32\themeservice.dll 17:31:09.0561 0x37ac Themes - ok 17:31:09.0615 0x37ac [ 1482B8ED5CACA87992A882B853B83CEE, 613247F0E362A109090E8563D977DECC50C64D45D6962905FA84A2D59329045C ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe 17:31:09.0638 0x37ac TieringEngineService - ok 17:31:09.0688 0x37ac [ 3B3C607C3C62DFBEF61938DA2CAB94DF, E5EEA7F45A7BBFDF6F0003CD77E39958C451DD1B4B401876B5619A3C20F5C370 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll 17:31:09.0720 0x37ac tiledatamodelsvc - ok 17:31:09.0734 0x37ac [ C1F8CBE2D4843E0CCC3EFEA2EC60D4AB, 9D07527D982066922318C77AECE99280DE55034C375ACE145E827A6BEB5C3B70 ] TimeBrokerSvc C:\WINDOWS\System32\TimeBrokerServer.dll 17:31:09.0746 0x37ac TimeBrokerSvc - ok 17:31:09.0825 0x37ac [ 46171262D0E806779DEEDFCAB2F830CC, 7F4A4658B8BA217D99E5B5C0E01600C20DC96ECBCA32A5BA7FBE17D2A7B8BFD8 ] TPM C:\WINDOWS\System32\drivers\tpm.sys 17:31:09.0858 0x37ac TPM - ok 17:31:09.0884 0x37ac [ 3B91F35089240F6187AD681A5EC28BDE, 3D035CB73BC8E7831DCD0FB7D9DAD91CE51D3D0F9D9C8B866A0009BD508B6702 ] TrkWks C:\WINDOWS\System32\trkwks.dll 17:31:09.0895 0x37ac TrkWks - ok 17:31:10.0008 0x37ac [ 09440FA30C020B4443391FAFCF4876E3, 208C7725F70C75D8C96CCAF5B22F83B8B1C66D8C9FFF48465B1C9F4A77425569 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe 17:31:10.0020 0x37ac TrustedInstaller - ok 17:31:10.0048 0x37ac [ A6F4025664C9D4BC2A9EDAB4092706D7, 89808A1679C0E716F86F06EE7701DCC289200894F0FA1F120DA2AC3A45FDB312 ] tsusbflt C:\WINDOWS\system32\drivers\TsUsbFlt.sys 17:31:10.0059 0x37ac tsusbflt - ok 17:31:10.0079 0x37ac [ 37A96AD493E110C0BF1EE0AC0F9E7DBD, F2A6894A4AEE18DF2B92222CDB0801A13AEEB7212071F0431430788339B30E23 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys 17:31:10.0090 0x37ac TsUsbGD - ok 17:31:10.0147 0x37ac [ 5A91FDBA4D3FCB56DAEB8C091B3EB8E1, 8AB91F4423125267FA8509A1C3A9AD1CBD642FA6A96D8789F9AB8CB75ABAD58C ] tsusbhub C:\WINDOWS\system32\drivers\tsusbhub.sys 17:31:10.0169 0x37ac tsusbhub - ok 17:31:10.0196 0x37ac [ 79E264287F17D56D768440B0270466DE, ABF9DC95C5E939B30BFD9BF9EDFDB3BD78A9DFCB055B945965303B6A60E6D7A7 ] tunnel C:\WINDOWS\System32\drivers\tunnel.sys 17:31:10.0205 0x37ac tunnel - ok 17:31:10.0281 0x37ac [ 13781908186770ABE9F8EBCC2B45B138, 4BEC8466254E0C6492CC55CE344A6173878CFA040238C6BE5842E5209F066DEE ] tzautoupdate C:\WINDOWS\system32\tzautoupdate.dll 17:31:10.0314 0x37ac tzautoupdate - ok 17:31:10.0382 0x37ac [ AA65954F512BA097DD190790876DD991, C1BB2B8F54F064D01190327B5E7949EBBDA21D6FC6F94D9FCD20F685C2F855FA ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys 17:31:10.0393 0x37ac UASPStor - ok 17:31:10.0435 0x37ac [ AB6268022C3A5B529075A39C33904DA6, 2717F1704640201F2681711543EA39A74C3E89C7DB232EC5DD89FD8AA6F07846 ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys 17:31:10.0446 0x37ac UcmCx0101 - ok 17:31:10.0477 0x37ac [ 7ED2EDA43D21C7A5F589A7960E265C52, 7DB8A595236FBB8A264D7AB155201357212855050ABB5B1036EF32F1223FDCC2 ] UcmTcpciCx0101 C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys 17:31:10.0485 0x37ac UcmTcpciCx0101 - ok 17:31:10.0538 0x37ac [ 169351463039B45F5CDED9768879F712, 990C8C4AEF9ED7FF6BCEAE67F7BDAA037777B142B8D96A74F8715C941A5C63C6 ] UcmUcsi C:\WINDOWS\System32\drivers\UcmUcsi.sys 17:31:10.0548 0x37ac UcmUcsi - ok 17:31:10.0583 0x37ac [ 08A9E3AD29B215484FBB68CDC175DF3A, 3EFFF99C3BC4A1454E3D2B5177AE587ED3041AB4CE2A95BA7E28A2124E38E1E5 ] Ucx01000 C:\WINDOWS\system32\drivers\ucx01000.sys 17:31:10.0600 0x37ac Ucx01000 - ok 17:31:10.0619 0x37ac [ DA70AEE267491AA56BC63AA0C0C96CA2, 0A0AADB27607F9292BB3CE000CFDDB19BD4CA09EAAD926C4925CB43B17817AD9 ] UdeCx C:\WINDOWS\system32\drivers\udecx.sys 17:31:10.0624 0x37ac UdeCx - ok 17:31:10.0644 0x37ac [ FBC5ECF6D5A868D0B116C2DBB02B8168, 945AA76C60ABAD6075B5C8F9172C018F75BCF393A1CB8B329F5E68E664627775 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys 17:31:10.0656 0x37ac udfs - ok 17:31:10.0678 0x37ac [ B918E40FAA9CD118CCA4AD388B748C98, 4B539B7B656F02C5E5BAEE52A677757B05CC11C5500D619850A564C28FAB8115 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys 17:31:10.0682 0x37ac UEFI - ok 17:31:10.0705 0x37ac [ 166B17AE1DD24D8BA8CA474C7C31148F, D34E786277093278F58EFAC957279DC4ED43A190538C875B80F5B1E0A0C30381 ] UevAgentDriver C:\WINDOWS\system32\drivers\UevAgentDriver.sys 17:31:10.0711 0x37ac UevAgentDriver - ok 17:31:10.0823 0x37ac [ FCA4D901FB9934DAB82ED31C4EE89A11, 8EDF8DD71C13DE77AC83D1086670E9E90C69DE379F1CF768C8B9C789254C04AA ] UevAgentService C:\WINDOWS\system32\AgentService.exe 17:31:10.0928 0x37ac UevAgentService - ok 17:31:10.0976 0x37ac [ 0FD75222C1AD2687AB365BEBEA400DD4, AD10DBCA59EB7D34FD8F963CE267F36774A9BC613F8D637903B12AC88C328E8A ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys 17:31:10.0998 0x37ac Ufx01000 - ok 17:31:11.0022 0x37ac [ C1A78C53E01C641AE41BFA65797819F5, 0B9FE1BD724B3315199A1B1DA2F03255E4FE744DA3CE6CD0F77699A8E42E9359 ] UfxChipidea C:\WINDOWS\System32\drivers\UfxChipidea.sys 17:31:11.0028 0x37ac UfxChipidea - ok 17:31:11.0048 0x37ac [ 767307212110EBEFB93EC9A5BE9E85B9, 368797400FE54802CE74F34B773CE2AF09EB8DEA6C035B55419A52F0B5A6FAD0 ] ufxsynopsys C:\WINDOWS\System32\drivers\ufxsynopsys.sys 17:31:11.0056 0x37ac ufxsynopsys - ok 17:31:11.0111 0x37ac [ 8578F83EC5175920F2D8586FFF9DCE47, 049A16AC87F93E761150C8286633FFCA62EE85F5645DDE77D36BD0EB6481FF83 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe 17:31:11.0118 0x37ac UI0Detect - ok 17:31:11.0139 0x37ac [ DC460AAA18CA2342FBBFB2DF9B044472, 14D45E059C596AE97506D26705F248CA1C2269160B31A60341060E8A93146CBD ] umbus C:\WINDOWS\System32\drivers\umbus.sys 17:31:11.0144 0x37ac umbus - ok 17:31:11.0157 0x37ac [ C3CF0377917ECE6D65D7623E1E61568F, 4909695E04CBC86BFCFFBC15F332C367521054B7B4D3C141C7CA6B2E40E090B9 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys 17:31:11.0161 0x37ac UmPass - ok 17:31:11.0222 0x37ac [ 640CF093C1CF16D5FD317616CA348F31, BEC34D1AACA83BF5A84CE01F6A668E3CA5A33C56A446DC42EFFF7C43D22E1AE6 ] UmRdpService C:\WINDOWS\System32\umrdp.dll 17:31:11.0252 0x37ac UmRdpService - ok 17:31:11.0347 0x37ac [ 6C8E89E9CA8A4E703631E54A5E015AF8, 3C74B9329558ACC4F701099516923DE82CBEDABD8814987221BDF71B53550586 ] UnistoreSvc C:\WINDOWS\System32\unistore.dll 17:31:11.0401 0x37ac UnistoreSvc - ok 17:31:11.0477 0x37ac [ 6CDA3536F6BAB7896A57EAB7DC07F379, 8FBE6457ECD1ABB518D9800EBA8A017774FFAA8EABD2EDC0825181A12FE9AEF6 ] upnphost C:\WINDOWS\System32\upnphost.dll 17:31:11.0514 0x37ac upnphost - ok 17:31:11.0547 0x37ac [ 6B46FC140C9AF68E6E7697D66D59CB4D, F018B4784D65F1A8140A6EA69C35D6A7ECE01738694052FD54AFD2B81A8F2FF8 ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys 17:31:11.0553 0x37ac UrsChipidea - ok 17:31:11.0621 0x37ac [ B4402E7F0923F660270442CE76877ABE, 1C2DD26EAB71F75EA576E8DAABAF71FD7DC3DF807CF025617C774CEF33C0B718 ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys 17:31:11.0627 0x37ac UrsCx01000 - ok 17:31:11.0687 0x37ac [ 9DD431F1B94789CFB527E5D19261F124, 8F5A249A97C5B14B282E3147DD21951D2AD34B651E762814C12F4C26D74EC70C ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys 17:31:11.0692 0x37ac UrsSynopsys - ok 17:31:11.0714 0x37ac [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\WINDOWS\System32\Drivers\usbaapl64.sys 17:31:11.0720 0x37ac USBAAPL64 - ok 17:31:11.0750 0x37ac [ C87E32B90F085970D9637FBAD45EF6FE, C180EACD2EE479277DA5DBF39E43B428BD7945141B2451CB3946B0C1E495E76F ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys 17:31:11.0760 0x37ac usbccgp - ok 17:31:11.0782 0x37ac [ 0B663856474AC41924D9E9112203858F, 9E09F2A6279B48CAC09F8C7AA1F1BE02864D540C2ED1460CBA9FABCF0A546A1E ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys 17:31:11.0790 0x37ac usbcir - ok 17:31:11.0829 0x37ac [ F83D2250256203AC5DA5E8601C1AFDD7, AC0D90E2DB3051798B9D287CF3D0E92FED4000822E65A82775A29CF896B76F04 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys 17:31:11.0835 0x37ac usbehci - ok 17:31:11.0860 0x37ac [ 7FFD26742321919590ED77FCA556D65F, F7FAB63C36F8519F5A7B9091C507F3CB580C390322FAF9155CCE7F66C965B968 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys 17:31:11.0880 0x37ac usbhub - ok 17:31:11.0939 0x37ac [ 7A749B2863B5561BE34B39E8E249AD8F, E5B67DFAF5407007FD0CC408D6B4BA19DF59584819FC715E9F9E0FBF3EA00AAB ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys 17:31:11.0973 0x37ac USBHUB3 - ok 17:31:11.0997 0x37ac [ D2109F1F4FEBF1DAC415CDC5DE876479, C8A871EBD0E5EF004BA622A73DAC36C03608CD317FDCD0A6A98608DF4CC10D55 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys 17:31:12.0001 0x37ac usbohci - ok 17:31:12.0025 0x37ac [ 29C9572F2D061CFC3C0BD48A3163E343, 2527DCC9E6D421F5DC40051C787A5270EB077746785465C9AA2A2AEEF47307D5 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys 17:31:12.0029 0x37ac usbprint - ok 17:31:12.0068 0x37ac [ 2EC7B2C8123236B1233A77281D378DF7, D97DB59C9CAE2B8B33C707E8CEA7A65BF88712842CC715D270F7432A99D21BB6 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys 17:31:12.0073 0x37ac usbscan - ok 17:31:12.0138 0x37ac [ 429477D6DEF3321FF7D3EF23CAAADA00, BB7D2AFE99736AAFFA8B0B2DABF7D6A6D5CB9563B1DE6A7E86CE7DC9D27F31C0 ] usbser C:\WINDOWS\System32\drivers\usbser.sys 17:31:12.0146 0x37ac usbser - ok 17:31:12.0179 0x37ac [ 0CC16F7B91C57AE9A4E44425A295FDAA, 7CEE11955E5742DA390601F565412C14A7481B8747C495CCD246696C56B426DC ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS 17:31:12.0188 0x37ac USBSTOR - ok 17:31:12.0207 0x37ac [ C917D09064CDBD18F75ADC9B2C48F847, A7F6223346CCD7E84186CD0C0715014F8E3A4398298925A43290224678620D23 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys 17:31:12.0211 0x37ac usbuhci - ok 17:31:12.0280 0x37ac [ B4F448F2424492F99F83D3676A453553, 42F1396616EA93BF91EA847B185C321B189F1A5138CA19D22397E8DB6D576973 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys 17:31:12.0304 0x37ac usbvideo - ok 17:31:12.0333 0x37ac [ 95BCCEFBC40D06484CF16144FE79B8A5, 8ABA73C5FFEDD319FB96B807AD08716698E557522478DF1A2C5D662675636AE0 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS 17:31:12.0348 0x37ac USBXHCI - ok 17:31:12.0365 0x37ac [ 836828E40B9EEFBC77B3032DB677555C, 8AC045B43086E800B03412895D4DBCF506D1B729791CF24EB2ECA3F0F1C9BDEB ] usb_rndisx C:\WINDOWS\System32\drivers\usb8023x.sys 17:31:12.0369 0x37ac usb_rndisx - ok 17:31:12.0484 0x37ac [ A39AFDD26E6F2E5595FF2D3997D7E1FE, 30DE54033DE437C16A069602529E63FF971AF0ABB383885E47B4DF5E0F8483AE ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll 17:31:12.0552 0x37ac UserDataSvc - ok 17:31:12.0676 0x37ac [ A1BDC8AF9F66A71744B5DC99CCEF4058, 098EDA0D186098A8D61DEF20B76F05B978FC3A08A068243FC4823423B430E95B ] UserManager C:\WINDOWS\System32\usermgr.dll 17:31:12.0732 0x37ac UserManager - ok 17:31:12.0819 0x37ac [ F1374B17FE4A4617DFB6D20A0E699763, C3A515594B1593C9F141C342CA1CDB4FE7A3243D8F1785655A3378DB1FE8ED65 ] UsoSvc C:\WINDOWS\system32\usocore.dll 17:31:12.0856 0x37ac UsoSvc - ok 17:31:12.0872 0x37ac [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] VaultSvc C:\WINDOWS\system32\lsass.exe 17:31:12.0879 0x37ac VaultSvc - ok 17:31:12.0896 0x37ac [ 0CBDE344FB48E42D78E29469F202ADBC, A1C3FBA5409DD3BBEAF1D3CE2583D6C8A621C0E4F534155EC540AFD67BC9E8CA ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys 17:31:12.0907 0x37ac vdrvroot - ok 17:31:12.0952 0x37ac [ 70D165B3EA8BC576828DC2B964C8D116, 92C9381BDECB5C991F848A02AF2F4189CE0119961FB37E57A37594A80704DDC5 ] vds C:\WINDOWS\System32\vds.exe 17:31:13.0040 0x37ac vds - ok 17:31:13.0118 0x37ac [ 723195568C8755CAD57F7933C5F2C5C2, 5C403799F67223605F825BC16D217C1EF5E1A0DDF00AC6380FE8976339B67D9B ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys 17:31:13.0148 0x37ac VerifierExt - ok 17:31:13.0230 0x37ac [ F7F3E80E84E51A6F89831A6F26056A98, CB7587900C466D834693115E1E23D0A44490C128CA1684FB93CB8C34AFCEBC71 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys 17:31:13.0271 0x37ac vhdmp - ok 17:31:13.0300 0x37ac [ 7929228F0E8B0C2FA0495A17A4FC27F6, 1F1667B10A96B1D85ED165F62A5C0EF28C37F828B8280EA08BFCC1BAC03F2C90 ] vhf C:\WINDOWS\System32\drivers\vhf.sys 17:31:13.0305 0x37ac vhf - ok 17:31:13.0326 0x37ac [ AEE432ED868831B1F068E373598F6D93, BAE91F47B0CB94B826CA010B490AD924D7B715911DF3FCE62F9165F3B571105C ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys 17:31:13.0333 0x37ac vmbus - ok 17:31:13.0346 0x37ac [ 9444B23FC694B5F90F21B0FC7F10D8DD, 86F92856F5C985DD8E5993B51E85E1F47EF8C9B2FB37468998C94266963BB4BD ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys 17:31:13.0350 0x37ac VMBusHID - ok 17:31:13.0372 0x37ac [ 4D0287F566B36536DD812A54C015FC4A, 01D6508CA59CF04A47902B1F7C202FD14A81240E0B447588D919DD1072B040CF ] vmgid C:\WINDOWS\System32\drivers\vmgid.sys 17:31:13.0376 0x37ac vmgid - ok 17:31:13.0456 0x37ac [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll 17:31:13.0480 0x37ac vmicguestinterface - ok 17:31:13.0509 0x37ac [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicheartbeat C:\WINDOWS\System32\icsvc.dll 17:31:13.0519 0x37ac vmicheartbeat - ok 17:31:13.0544 0x37ac [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll 17:31:13.0554 0x37ac vmickvpexchange - ok 17:31:13.0639 0x37ac [ F70DCCE72343449F0D12A0A92282B019, 3EFA99519387BE38C1CB482F1BFC9ED449BE9A5BD86883A1002725B8D4A5ECC1 ] vmicrdv C:\WINDOWS\System32\icsvcext.dll 17:31:13.0666 0x37ac vmicrdv - ok 17:31:13.0702 0x37ac [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicshutdown C:\WINDOWS\System32\icsvc.dll 17:31:13.0714 0x37ac vmicshutdown - ok 17:31:13.0744 0x37ac [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmictimesync C:\WINDOWS\System32\icsvc.dll 17:31:13.0756 0x37ac vmictimesync - ok 17:31:13.0786 0x37ac [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicvmsession C:\WINDOWS\System32\icsvc.dll 17:31:13.0797 0x37ac vmicvmsession - ok 17:31:13.0828 0x37ac [ F70DCCE72343449F0D12A0A92282B019, 3EFA99519387BE38C1CB482F1BFC9ED449BE9A5BD86883A1002725B8D4A5ECC1 ] vmicvss C:\WINDOWS\System32\icsvcext.dll 17:31:13.0839 0x37ac vmicvss - ok 17:31:13.0861 0x37ac [ 29075915F9BDC3437F8BED71C067D399, 2C7718080C11DFDD4C9A2085537F78F5633369B4A27D9C64168F0249594A4AA2 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys 17:31:13.0867 0x37ac volmgr - ok 17:31:13.0942 0x37ac [ 6BDB6CE6D2D9E3D3F28F1C97E12B62E2, 5E77D7AF858D7B90FF395F39B86D6F96413D1DDEA28BC9FB40C5524A4DF6DAD0 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys 17:31:13.0967 0x37ac volmgrx - ok 17:31:13.0992 0x37ac [ BF2546583BB75F01DDA60A7921DFB230, 579BD0BC55F4F03CD8D1FCDAC3975A1649C688820F2F7FC1AD354132D9E3BEE9 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys 17:31:14.0009 0x37ac volsnap - ok 17:31:14.0030 0x37ac [ AC2E20A74D09D24485BE8396CE04F07B, 23FCE8BEE01B89E5CDCA536D75DBA6DCE3E92E13178A66836CEB7829310A89D1 ] volume C:\WINDOWS\system32\drivers\volume.sys 17:31:14.0034 0x37ac volume - ok 17:31:14.0101 0x37ac [ 92F6E3E6D3F1795263EB34B37F74AEF7, 33AB1ECCA1216AF1995E1DB4F11E48156FF62391D7C176C8A4CC1037B9CB3A27 ] vpci C:\WINDOWS\System32\drivers\vpci.sys 17:31:14.0111 0x37ac vpci - ok 17:31:14.0145 0x37ac [ FD9BCB8920973CEAD4D49DC7A6D8A618, 34AB4A485FB40DF737600006D8323BE927FB0BDA2BC170F4C123BE775EAE7CC8 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys 17:31:14.0167 0x37ac vsmraid - ok 17:31:14.0303 0x37ac [ DDA66AEF89DAC320A85AECCB4369D2E7, 0F267FC985E0CA3624FC5F4DDA25623649BAD544772179261576F793A0485523 ] VSS C:\WINDOWS\system32\vssvc.exe 17:31:14.0394 0x37ac VSS - ok 17:31:14.0440 0x37ac [ 0C111F220798CCE80484026E06822379, B98A5E44D3ABA67E6DE99E18BF3C2C606923E6269E262665C721F672ACBBED2A ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys 17:31:14.0486 0x37ac VSTXRAID - ok 17:31:14.0546 0x37ac [ 607639716E9DB1CEF4E18B5B229293B4, 1D997177093F907EFE8A04AD10443BB9C355C0D7657DBD449E7EE7FCABC3ECBC ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys 17:31:14.0570 0x37ac vwifibus - ok 17:31:14.0599 0x37ac [ B1ED64E628763148BF84FBE23F2AD711, 6182A39675E6049BC3DD353694720795A8E3D0331509AA8ABA4883D5C569AD5E ] vwififlt C:\WINDOWS\system32\drivers\vwififlt.sys 17:31:14.0633 0x37ac vwififlt - ok 17:31:14.0697 0x37ac [ B1133B813E4CBF258A392CA08255BA24, 6061F27BD24F39A630ABE77921051785CB4B325156379A5E3636817DD6399C6F ] vwifimp C:\WINDOWS\System32\drivers\vwifimp.sys 17:31:14.0705 0x37ac vwifimp - ok 17:31:14.0809 0x37ac [ 76C1CC611352499326001F25A3ED15F8, 228BFA8A01BB1B3868576D509A2EA6F3D37FEDC8F12D4DC4E0A84CE926C6D1B1 ] W32Time C:\WINDOWS\system32\w32time.dll 17:31:14.0848 0x37ac W32Time - ok 17:31:14.0918 0x37ac [ 55D00B785A7587F4263D125817871283, B92400B229099C1E243F2B149881A1423A2E9C8CA2D77D868B9B923BFDEC7FF2 ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys 17:31:14.0941 0x37ac WacomPen - ok 17:31:15.0016 0x37ac [ 1483BE4D0135C378CB61D3CD73AB3E03, B7309C9E4F370860C507BF52D17234CDF4A7FAE95D2D822714E07EF5DEC0249B ] WalletService C:\WINDOWS\system32\WalletService.dll 17:31:15.0059 0x37ac WalletService - ok 17:31:15.0095 0x37ac [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 17:31:15.0106 0x37ac wanarp - ok 17:31:15.0115 0x37ac [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys 17:31:15.0118 0x37ac wanarpv6 - ok 17:31:15.0251 0x37ac [ 8413D292CD1B27D6B6127B90697F2B1C, E03F9AAC410F5AEDCC30FDB4D8F4739AE7B290EFA735C480A29E9FE53C1D8420 ] wbengine C:\WINDOWS\system32\wbengine.exe 17:31:15.0337 0x37ac wbengine - ok 17:31:15.0450 0x37ac [ 8C521D161445C3E1F38A494E7649E70D, F00990B2FE1FB52C74A2057E6480C5EBF2BDBC32955CC03C6B63360F20A49A18 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll 17:31:15.0538 0x37ac WbioSrvc - ok 17:31:15.0602 0x37ac [ E330144B97D493AA886000DCAAA8DAF5, ED86F46F5A76FD8F06CA98BD61B174ADB9AD4B065394356872708DF8B614E4F9 ] wcifs C:\WINDOWS\system32\drivers\wcifs.sys 17:31:15.0646 0x37ac wcifs - ok 17:31:15.0737 0x37ac [ CA10C91D802ABE6E5136E2168C2CD2B4, 5979FF9ED783ED3154257ED0507C7BBAF8C77C081CC30AE835EA8AF7508AAD08 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll 17:31:15.0810 0x37ac Wcmsvc - ok 17:31:15.0894 0x37ac [ D50645235A507B0546B1B5CF7D0B8849, 19F5FE10C953B8EE8EEDA9A9F7F2E97AA193BB085E7FC364066686089ADD1C9F ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll 17:31:15.0935 0x37ac wcncsvc - ok 17:31:15.0970 0x37ac [ AEA1093B751339267D8C8C1EF3D669CF, 8F3325E7FB16BD856A0593C36F2E3E018909038C52CD5F92E116E0C1366F31CB ] wcnfs C:\WINDOWS\system32\drivers\wcnfs.sys 17:31:15.0981 0x37ac wcnfs - ok 17:31:16.0041 0x37ac [ D520B1B849B6D4D707AB31722B952C2D, 149BABB7BD63C1F212ADD9306C84FFB2A5CE6DC435BD3213EAB787E9B222C61F ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys 17:31:16.0075 0x37ac WdBoot - ok 17:31:16.0111 0x37ac [ A556768CC1FA4F36022BEE2F0EDE2566, 3A4BC9DE614F43CD94FA354A565C66B2E1E36C0608D84C6288010B97B9D811AA ] WDC_SAM C:\WINDOWS\System32\drivers\wdcsam64.sys 17:31:16.0136 0x37ac WDC_SAM - ok 17:31:16.0254 0x37ac [ 5030C76047D756263093A47B82970868, E772F15973F6DE36851DD230F1F4190746CD81CA1E7284DC074711C4BF45CAF0 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys 17:31:16.0300 0x37ac Wdf01000 - ok 17:31:16.0334 0x37ac [ 29FF9199EDEB4F5470BB134D1A2563D2, 94713F98A6EA6042203D5DD0DE6758F5F0F331F7D4BB05E91EF20CEEEBD6780F ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys 17:31:16.0347 0x37ac WdFilter - ok 17:31:16.0406 0x37ac [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll 17:31:16.0430 0x37ac WdiServiceHost - ok 17:31:16.0449 0x37ac [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll 17:31:16.0459 0x37ac WdiSystemHost - ok 17:31:16.0556 0x37ac [ EDC08B8D3E67F96688774841C247B82A, DB5AFAF87C74431B8EB5420DBF5428691F291B63C2FDE8282EE2E399C76F63F3 ] wdiwifi C:\WINDOWS\system32\DRIVERS\wdiwifi.sys 17:31:16.0647 0x37ac wdiwifi - ok 17:31:16.0700 0x37ac [ 17CF416CFF408190F5A4CBD79AB12E55, E376C8865C7EA633AE20D2CF940E4C7584AC783BAAF7941780FB6C4C84802F33 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys 17:31:16.0712 0x37ac WdNisDrv - ok 17:31:16.0769 0x37ac WdNisSvc - ok 17:31:16.0831 0x37ac [ 3570C4E14F85CE0B537D126727ACA91C, A474C9E6B6E4E5945C63367C1D3D24D4782C4A4FEB00FAE15DFED099D8283078 ] WebClient C:\WINDOWS\System32\webclnt.dll 17:31:16.0909 0x37ac WebClient - ok 17:31:16.0947 0x37ac [ 1785F9C96A0BDEC1F6E0C79EF412F342, D6D4EDA69457BEDDA69C2F60FC4C2FAC97D46CD8E9C1804CCD68F169383583E3 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll 17:31:16.0993 0x37ac Wecsvc - ok 17:31:17.0027 0x37ac [ B9175D63527B05131F2FA504CF0265F2, 1E43A17788F1B6A29E2889C81E0BE100D64BD3A9DEE7C154D9581F01D2D7D05F ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll 17:31:17.0050 0x37ac WEPHOSTSVC - ok 17:31:17.0099 0x37ac [ 5C58EC0C9D4DE04DCDE56F6DCEA62080, 8ED386EDF4C39C339CE0BB2AC7E199C38705E5A6B3F56A4987B9A8ABD19BB59F ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll 17:31:17.0123 0x37ac wercplsupport - ok 17:31:17.0172 0x37ac [ F899B355CC95AF26AB36E84E8A0DD685, C400F2F80FFF6473FEF066943C4A2AFF0FFE988A4F755757A2E5005C2A10DAD8 ] WerSvc C:\WINDOWS\System32\WerSvc.dll 17:31:17.0203 0x37ac WerSvc - ok 17:31:17.0234 0x37ac [ E1785942AC51FEE6826CDF02075C5AA9, 56FE7017684086F4F9C3A2C0D3AC00369BA0938BA3987EEBEE9A75B8E3CA0AE1 ] WFPLWFS C:\WINDOWS\system32\drivers\wfplwfs.sys 17:31:17.0256 0x37ac WFPLWFS - ok 17:31:17.0297 0x37ac [ B154618505A6A9026EFA6AB8C4123BF1, 713648D71AA027B4472E7E75B942630DBE7383687984B02A5E99C9E4192C95EB ] WiaRpc C:\WINDOWS\System32\wiarpc.dll 17:31:17.0320 0x37ac WiaRpc - ok 17:31:17.0384 0x37ac [ 0CF79A0EACFFBB75A50A469A27696D02, E112BF7B5A8D0B0AD2EA0E7B9FD4E8CFEC9371C8E94A60248292D688AFE715C4 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys 17:31:17.0391 0x37ac WIMMount - ok 17:31:17.0405 0x37ac WinDefend - ok 17:31:17.0447 0x37ac [ 0DE131733317EB4BE67028366B0CAAC6, AC7DADBF03A3752B4D33CA19F03DBCEDD6F56893C2DA25C98B0AB07063D990E3 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys 17:31:17.0455 0x37ac WindowsTrustedRT - ok 17:31:17.0517 0x37ac [ 92EB5D38BDF10C790450F3E46BF93A0E, 0FC027398DBD43EDC1F7D703C0B6DB20294DF34E67C9288442039B1A5663CE1B ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys 17:31:17.0524 0x37ac WindowsTrustedRTProxy - ok 17:31:17.0638 0x37ac [ 4AB1AC1E60118443A14C241F91AC8FC9, 2B9237AC124874664E31B4F313BAAF8059BD0749653496784B4B89B4B7F66784 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll 17:31:17.0684 0x37ac WinHttpAutoProxySvc - ok 17:31:17.0704 0x37ac [ F95DE20312ACCA7761446DE152BD1F7C, F6C5ACA500C2182437F4A7402BD81C3A2B77C0BBD78BA31FB574DC1997FCBFE6 ] WinMad C:\WINDOWS\System32\drivers\winmad.sys 17:31:17.0708 0x37ac WinMad - ok 17:31:17.0844 0x37ac [ CD49CA8E3280ACEEC5ECF431A59F5EFD, 75F48EFC6DEE9E06B490703EE47602AFDEA51505285B02D2CF884601E71857CC ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 17:31:17.0882 0x37ac Winmgmt - ok 17:31:18.0078 0x37ac [ B8C0D620219ECAA23A2AC841EAF454D1, FB527C4D36929D7FAE2A837727C557B7823A72069EBCAB7D16C49E8B21E8D952 ] WinRM C:\WINDOWS\system32\WsmSvc.dll 17:31:18.0236 0x37ac WinRM - ok 17:31:18.0319 0x37ac [ 4EFB346BFDAEEB29316AA52BBB9852B1, 4BC5554F44BD9549D0A929D77BD410FA3EB502A7D0170303D369268672505494 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS 17:31:18.0341 0x37ac WINUSB - ok 17:31:18.0369 0x37ac [ 8B9AFF5F08E66A6F1F1063DEC9457FB6, 98F2AF6988D125521FD34CAA48B9652922F0C8ECFAE9B0C1DF4B3CE6B9CF500F ] WinVerbs C:\WINDOWS\System32\drivers\winverbs.sys 17:31:18.0412 0x37ac WinVerbs - ok 17:31:18.0510 0x37ac [ 15F0990B7C101163FE27D9B19FEB3D43, 5020EF7755E0ACDA77E816C44A5B75286CC1BEA182BECF9D7252EB826A4F1FFE ] wisvc C:\WINDOWS\system32\flightsettings.dll 17:31:18.0550 0x37ac wisvc - ok 17:31:18.0724 0x37ac [ 5A7AA8198156DC2BFF9F064E29D11AF5, 9CBAF1B99B54CDE087E0FC0A2601B3F056F81F2F5AF63B5BB71C7389247E496A ] WlanSvc C:\WINDOWS\System32\wlansvc.dll 17:31:18.0877 0x37ac WlanSvc - ok 17:31:18.0996 0x37ac [ EF39F106D7E0A8918E98E4CDAE25F2E2, B6EDF2646C1E3A1684C40DFC475694DF540C2B1B8E4247AE343E1DF34B1CE4F7 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll 17:31:19.0093 0x37ac wlidsvc - ok 17:31:19.0109 0x37ac [ 6F4F4F5A007D1710BD76FB311DA97C07, FC0FEA4364F6BA4E31DBC82735D09D429CA3BE9AFCFF5D5E1263D8B27FC2CE3E ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys 17:31:19.0113 0x37ac WmiAcpi - ok 17:31:19.0187 0x37ac [ 3CDDFF6CAD962C5EF1C52FD667C358B6, F6F09145E9461EB17172988D26749FCF36920A1A683459334D04A6D072B31A92 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe 17:31:19.0210 0x37ac wmiApSrv - ok 17:31:19.0268 0x37ac WMPNetworkSvc - ok 17:31:19.0309 0x37ac [ 43C8D087B31C592163B33A4BDA540E40, 3A6C4E5E56931B29321DCC723585F2F0E804EF4DCDEAB2A8687F30FC3AE70E43 ] Wof C:\WINDOWS\system32\drivers\Wof.sys 17:31:19.0342 0x37ac Wof - ok 17:31:19.0496 0x37ac [ 5820CC51AB1C368F29ECCA713397D006, AA0CC2BC4DF7DBFB144FF47C3508BEEF00467C9D312C135AFB3406E42C6CD821 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll 17:31:19.0618 0x37ac workfolderssvc - ok 17:31:19.0684 0x37ac [ F02930EB91596042F2221397D60AFCE5, 10E2AB0993B67CBAA9E11C68280608965064EC9F7E0C570F5B453FACADB8AB5D ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll 17:31:19.0739 0x37ac WPDBusEnum - ok 17:31:19.0799 0x37ac [ 75A9284F01FE7CB1A7D5EAE5C1EB4F33, 390EF23AEA06D8711555F7979FF8BE0620B53C1A551638C4EC6FB7C6678965B3 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys 17:31:19.0821 0x37ac WpdUpFltr - ok 17:31:19.0862 0x37ac [ 60E2EB3E7B7F15C25E02462159F90707, D8344B529EEC0D4922CAC3E6897CC9F191ACF1376017BE38ED6BF6019F1ED181 ] WpnService C:\WINDOWS\system32\WpnService.dll 17:31:19.0903 0x37ac WpnService - ok 17:31:19.0933 0x37ac [ C7C91FB86A3C6CD7619725A88ED1884C, 132C43C518F37BF303D768BD5FB0AB835F693C43FE693937D804A34E940D770F ] WpnUserService C:\WINDOWS\System32\WpnUserService.dll 17:31:19.0942 0x37ac WpnUserService - ok 17:31:19.0997 0x37ac [ 36D7B73ADC3E10607ED6EC874AFB5D1E, 1737B3E4D2CA76BB27903BF460E4960E6A0BC32D35069AC7C5E4B07F625F3282 ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys 17:31:20.0002 0x37ac ws2ifsl - ok 17:31:20.0075 0x37ac [ 9A0E0B836413EB0BC885532D2A5389D6, AFEE4A0578D5581E4D72999A33C0DEA6253BD891F611AFF9AFDE4160A60105F3 ] wscsvc C:\WINDOWS\System32\wscsvc.dll 17:31:20.0105 0x37ac wscsvc - ok 17:31:20.0126 0x37ac [ 696EC2EAA2A42A137CCBB9A84D6917C0, 424089F4F373962AF8357C5D4D43F35948989BE3F58EAD3690F565F4C1BBC66F ] WSDPrintDevice C:\WINDOWS\System32\drivers\WSDPrint.sys 17:31:20.0132 0x37ac WSDPrintDevice - ok 17:31:20.0150 0x37ac [ 46E4A69825A7554A5DB784A55F8AD203, 7F347054FCDD5DEF93083D420E56EBE5EEBBAE2BD2FED9B2E75E85149DE52780 ] WSDScan C:\WINDOWS\system32\DRIVERS\WSDScan.sys 17:31:20.0154 0x37ac WSDScan - ok 17:31:20.0161 0x37ac WSearch - ok 17:31:20.0318 0x37ac [ A44EAEFD97814D970870F393A06E6F43, 58EF20121E656F1FBB7ADD9AAE789DFE6E8BA9FB3363678645708C9DDEB9814E ] wuauserv C:\WINDOWS\system32\wuaueng.dll 17:31:20.0413 0x37ac wuauserv - ok 17:31:20.0440 0x37ac [ AED7FE551E8672B824A56324076183EB, FFE543AAEFDEFFE6B20C244DB141A9425BDA88ED36F4870F0B70FEC433BDF0C1 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys 17:31:20.0451 0x37ac WudfPf - ok 17:31:20.0519 0x37ac [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFRd C:\WINDOWS\system32\drivers\WudfRd.sys 17:31:20.0553 0x37ac WUDFRd - ok 17:31:20.0629 0x37ac [ 47F6450F28BAA32B2AB0D6BE00996249, C8A47D6ADF89AD613AB685C6224B9099DCEFDCD8ABCF703542AFDC356404116E ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll 17:31:20.0676 0x37ac wudfsvc - ok 17:31:20.0713 0x37ac [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys 17:31:20.0722 0x37ac WUDFWpdFs - ok 17:31:20.0747 0x37ac [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys 17:31:20.0755 0x37ac WUDFWpdMtp - ok 17:31:20.0866 0x37ac [ D313FF382A26D1295B212A66EE3E52A8, 59FEF2AF611507BCB6FE036A7D4F1595F3449B76F9B055CDC67DC1BE1D90EEB8 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll 17:31:20.0927 0x37ac WwanSvc - ok 17:31:21.0058 0x37ac [ 7EF75102A793AAA6AAA45A4F7C15FF4D, A3FB68905F3E3A7DE52B85FAD966ABCB787FAC7E709964CE9BF2A4F9AC8B0653 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll 17:31:21.0112 0x37ac XblAuthManager - ok 17:31:21.0279 0x37ac [ 765FF96467A26C4C03281ECA426EC2D9, 2526B03C518D72F429C29BA4D4F11707AF277BF71520A1A92238A932950AE161 ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll 17:31:21.0341 0x37ac XblGameSave - ok 17:31:21.0392 0x37ac [ DB77764B46D02DCB9777D9E00A3F7D63, 469491E3A57FBB0CB0482A2493823B57410E24A5BD4C1C96D79FE9888F7827BB ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys 17:31:21.0434 0x37ac xboxgip - ok 17:31:21.0541 0x37ac [ 1A8D9EA4DD1A3E276B85EDB05B42BEC7, 23FC10AC29BDF917AEDB3AAF82537EC2C72453E52B41836FD83643054FA4F0BE ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll 17:31:21.0609 0x37ac XboxNetApiSvc - ok 17:31:21.0672 0x37ac [ 63088A3361D9A308F328F11E9099DD87, E03FDB932FC57F199C8F8A8EADA338BDF7D2F9C6CB8FAB679A92B48B1E5AFE8A ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys 17:31:21.0683 0x37ac xinputhid - ok 17:31:21.0689 0x37ac ================ Scan global =============================== 17:31:21.0759 0x37ac [ 0C710DB449712EE13ACE733695DB7780, BBC7875B38D318CE4E88979D083AC72E8993254A466A8A6882DDE9E0C3B687A3 ] C:\WINDOWS\system32\basesrv.dll 17:31:21.0827 0x37ac [ F109EE1ACA4F7E5714C892D2B01D0890, 1915BD17558BE17C3242AF014351676D47E22A7E8A455A14C23B564E726DB061 ] C:\WINDOWS\system32\winsrv.dll 17:31:21.0911 0x37ac [ 1EE06E957B0B2CA52D26DA7861E160EF, 4B743A1C7010138F5F6684BBCF7CAD6FD05F49920BDD3FDB776347AA6B44AB94 ] C:\WINDOWS\system32\sxssrv.dll 17:31:22.0009 0x37ac [ 9A3B47CD17283B299311013AD3D21D26, 48D5695E7610E7A742E403B2C37664D961E466C10E4FFAE07C8AB6B5BE5F7BF8 ] C:\WINDOWS\system32\services.exe 17:31:22.0027 0x37ac [ Global ] - ok 17:31:22.0028 0x37ac ================ Scan MBR ================================== 17:31:22.0041 0x37ac [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 17:31:22.0501 0x37ac \Device\Harddisk0\DR0 - ok 17:31:22.0502 0x37ac ================ Scan VBR ================================== 17:31:22.0507 0x37ac [ 06360A7E219C92303DDBFAC0DD7C8A66 ] \Device\Harddisk0\DR0\Partition1 17:31:22.0510 0x37ac \Device\Harddisk0\DR0\Partition1 - ok 17:31:22.0515 0x37ac [ E6AB97339A30BCA9CD2775DE03657A18 ] \Device\Harddisk0\DR0\Partition2 17:31:22.0519 0x37ac \Device\Harddisk0\DR0\Partition2 - ok 17:31:22.0520 0x37ac ================ Scan generic autorun ====================== 17:31:22.0581 0x37ac [ 6A59AE2735639095CD93E58B0893914C, A1BFC257313185BD4BE63275C1B58877151C31DE3173EADE685199E9D28A23D9 ] C:\WINDOWS\system32\igfxtray.exe 17:31:22.0597 0x37ac IgfxTray - ok 17:31:22.0621 0x37ac [ 4341A0AE66759EDC080D92DAA0D9B341, A17D7A56627ECBE7D23E634A9E726BA2E3682A7EB75659AE68A426FF2954C717 ] C:\WINDOWS\system32\hkcmd.exe 17:31:22.0637 0x37ac HotKeysCmds - ok 17:31:22.0672 0x37ac [ 5451A9DA41DA19CDD467616492D4096F, 54CBA128702FFF112AE8BA4B187D00CC3ABAB68D3EB1B915193E50523D4DA73F ] C:\WINDOWS\system32\igfxpers.exe 17:31:22.0689 0x37ac Persistence - ok 17:31:22.0737 0x37ac ETDCtrl - ok 17:31:23.0357 0x37ac [ 65E8545F1297CD83534C354A7BED1848, 19B3F3C17A335837454DC1851C6436D0BB2D8B1595AEB4DC71265FB20868B48F ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 17:31:23.0686 0x37ac RtHDVCpl - ok 17:31:23.0811 0x37ac [ C7645D43451C6D94D87F4D07BDE59C89, 495BBA47FC43EE23054FCD419F2F00457162D1C04296900C6AEA551102A810F3 ] C:\Windows\system32\rundll32.exe 17:31:23.0819 0x37ac Logitech Download Assistant - ok 17:31:24.0007 0x37ac [ EB2F390D267304F3B8FBAB3FA197CC02, 16FA6C151BE48ABB419C5666128120B326DB1BB7726800CD07432EA1180058BF ] C:\Program Files\Elantech\ETDCtrl.exe 17:31:24.0096 0x37ac ETDWare - ok 17:31:24.0162 0x37ac [ 466810EE770FAA1AAB6269EF58985DF0, 4C1CDA394655DAB9232716FFC41D157C08B3AB486641FE21958D3CD5C90B85E4 ] C:\Program Files\Common Files\MAYComputer\eDocPrintPro\ApplyEsf.exe 17:31:24.0215 0x37ac ApplyEsf-eDocPrintPro - ok 17:31:24.0315 0x37ac [ 60939CA3059FE5C5153EE953DA8AAFD7, 01717357190787E4BD5520AA84A8F98DC3BE412A6A69F8DBCAA0E5062703CBEB ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe 17:31:24.0411 0x37ac NvBackend - ok 17:31:24.0443 0x37ac [ C7F017C9B163E7DAB864649E8241F683, F007F107FCA0E3A12D7E900101EBF02C2453D4AA56BE18769E86B592C88C5106 ] C:\Program Files\iTunes\iTunesHelper.exe 17:31:24.0450 0x37ac iTunesHelper - ok 17:31:24.0494 0x37ac [ 08B438A5A06CD877F19B92F6868C031D, 2011F2AE42A0F28D449167BD1003F7EFD6FDB4B22D52BFF9A8B556039148D556 ] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe 17:31:24.0501 0x37ac NUSB3MON - ok 17:31:24.0803 0x37ac [ 6529C89512CE4498919BDC512572F82C, DFF9BB4BFAFE8BA2E1F13B668C6E010FD18591B0CECF65574EA5E14143C79A83 ] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe 17:31:24.0978 0x37ac ATKOSD2 - ok 17:31:25.0145 0x37ac [ 5666955DC9FD455A003D86A21E0483A9, 359E2B5857269EDCE395D6171642EAC8B23170AA5266932B2BAE1E5955E8FE77 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe 17:31:25.0157 0x37ac ATKMEDIA - ok 17:31:25.0203 0x37ac [ 5AEBF6FA9805C9101220AA4FB4FA17E7, A9B2FC41380211A6C44E839A95676A5BA868CEEBB56D83A780230434C2A20836 ] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe 17:31:25.0211 0x37ac HControlUser - ok 17:31:25.0267 0x37ac [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe 17:31:25.0302 0x37ac BCSSync - ok 17:31:25.0445 0x37ac [ 0BA2D83CC927053D6EBE5EB78E87E809, 86585BFC7B2C3E1D4A725B93C7CE105DDEC585725602814E8A586444B564927F ] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE 17:31:25.0508 0x37ac CanonQuickMenu - ok 17:31:25.0545 0x37ac PSUAMain - ok 17:31:25.0642 0x37ac [ A443A7C05ABF0FCD16E89593F63B633B, 3F579132A39AEC2513CD286AB9A43534DC05F9502FD1A369126236F69EF76282 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 17:31:25.0676 0x37ac SunJavaUpdateSched - ok 17:31:26.0182 0x37ac [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe 17:31:26.0584 0x37ac OneDriveSetup - ok 17:31:26.0987 0x37ac [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe 17:31:27.0198 0x37ac OneDriveSetup - ok 17:31:27.0557 0x37ac [ C5D30E88C97825CF0652B60C42F103AD, D605DC9021021714BDA36EF48C335F85C77F85474A21B6E5258270E1703B8DC8 ] C:\Users\marku\AppData\Local\Microsoft\OneDrive\OneDrive.exe 17:31:27.0598 0x37ac OneDrive - ok 17:31:27.0668 0x37ac [ 06F6DB72ADABC5E858F38EF69014CE52, B4AEABF3EA6FCABBED879D642BA070DF9C244E28DB5BDC3211205C7B8DB97BFB ] C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE 17:31:27.0837 0x37ac OfficeSyncProcess - ok 17:31:27.0891 0x37ac [ D8D796A4EEA0F9B7A25097AE08B2A62A, F1A5F33A95187663A71753ED1E28B68424298E1612EEFDC027CDF6A3387D5D32 ] C:\Program Files (x86)\Microsoft Office\Office14\GROOVEMN.EXE 17:31:27.0936 0x37ac GrooveMonitor - ok 17:31:27.0939 0x37ac GoogleDriveSync - ok 17:31:28.0145 0x37ac [ F4F684066175B77E0C3A000549D2922C, 935C1861DF1F4018D698E8B65ABFA02D7E9037D8F68CA3C2065B6CA165D44AD2 ] C:\WINDOWS\system32\cmd.exe 17:31:28.0183 0x37ac Uninstall C:\Users\marku\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64 - ok 17:31:28.0216 0x37ac [ F4F684066175B77E0C3A000549D2922C, 935C1861DF1F4018D698E8B65ABFA02D7E9037D8F68CA3C2065B6CA165D44AD2 ] C:\WINDOWS\system32\cmd.exe 17:31:28.0224 0x37ac Uninstall 17.3.6799.0327\amd64 - ok 17:31:28.0259 0x37ac [ F4F684066175B77E0C3A000549D2922C, 935C1861DF1F4018D698E8B65ABFA02D7E9037D8F68CA3C2065B6CA165D44AD2 ] C:\WINDOWS\system32\cmd.exe 17:31:28.0267 0x37ac Uninstall 17.3.6799.0327 - ok 17:31:28.0665 0x37ac [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe 17:31:28.0876 0x37ac OneDriveSetup - ok 17:31:29.0064 0x37ac [ 2781E6EF593909A8B73FE1AD397F778A, E892D6C57F8903E20129E75A9B877690229280FD8106B5C7F96173175EA1AC4E ] C:\Program Files (x86)\Windows Mail\wab.exe 17:31:29.0100 0x37ac WAB Migrate - ok 17:31:29.0268 0x37ac AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.1198 ), 0x60100 ( disabled : updated ) 17:31:29.0361 0x37ac AV detected via SS2: Norton Security, C:\Program Files\Norton Security\Engine\22.9.4.8\WSCStub.exe ( 22.9.0.0 ), 0x51000 ( enabled : updated ) 17:31:29.0366 0x37ac FW detected via SS2: Norton Security, C:\Program Files\Norton Security\Engine\22.9.4.8\WSCStub.exe ( 22.9.0.0 ), 0x51010 ( enabled ) 17:31:29.0368 0x37ac ============================================================ 17:31:29.0368 0x37ac Scan finished 17:31:29.0368 0x37ac ============================================================ 17:31:29.0393 0x2434 Detected object count: 0 17:31:29.0393 0x2434 Actual detected object count: 0 Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 23.06.2017 Suchlaufzeit: 18:17 Protokolldatei: malware.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2017.06.23.07 Rootkit-Datenbank: v2017.05.27.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: marku Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 351311 Abgelaufene Zeit: 30 Min., 33 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 4 PUP.Optional.MindSpark, C:\Users\marku\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_videodownloadconverter.dl.myway.com_0.localstorage, , [861ddf63dacf171fee38a73f808204fc], PUP.Optional.MindSpark, C:\Users\marku\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_videodownloadconverter.dl.myway.com_0.localstorage-journal, , [267d4ff3c2e75ed80f1722c41fe3718f], PUP.Optional.MindSpark, C:\Users\marku\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_videodownloadconverter.dl.tb.ask.com_0.localstorage, , [bfe49ba702a762d423047a6cb64ce41c], PUP.Optional.MindSpark, C:\Users\marku\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_videodownloadconverter.dl.tb.ask.com_0.localstorage-journal, , [b7ec7ac8d1d846f08c9bc91d50b2ac54], Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) |
|
| Themen zu Security Alert - blauer Bildschirm im Browser |
| alert, authentifizierung, bildschirm, blaue, blauer, blauer bildschirm, browse, browser, canon, compu, computer, datenverlust, erforderlich, firefox, hilfe, meldung, nicht, schalten, security, security alert, verlust, windowsapps |
Linear-Darstellung
