Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Raiffeisen E-Banking Probleme - infizierten Rechner

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 16.04.2018, 19:55   #1
RSLB
 
Raiffeisen E-Banking Probleme - infizierten Rechner - Standard

Raiffeisen E-Banking Probleme - infizierten Rechner



Hallo Ihr Lieben,

Ich habe mir etwas geholt was den folgenden Beiträge sehr ähnlich ist:Sobald ich auf dem infizierten Rechner meine E-Banking Website besuche, bekomme ich folgende Meldung:
^

Die Bank hat mir bestätigt, dass es an einem Virus liegt und ich kriege diese Meldung auch nicht von anderen Rechner aus.

Obwohl es im Nachhinein wahrscheinlich nicht sehr schlau war, habe ich verschiedene Sachen aus den oben genannten Beiträge ausprobiert. In folgender Reihenfolge:
  1. ESET Endpoint Antivirus Full Scan
  2. Malwarebytes Threat Scan
  3. Malwarebytes Anti-Rootkit Scan
  4. Kaspersky TDSS Scan
  5. Malwarebytes AdwCleaner Scan

Der erste Malwarebytes Scan hat einen FireFox Installer als Trojan.Malpack erkannt. Ansonsten waren die Scans eher unerfolgreich.

Ich habe alle Berichte der Scans angehängt sowie die Resultate vom FRST scan.

Ich bin sehr dankbar um Eure Hilfe, falls Ihr sonst welche Informationen braucht kann ich diese gerne nachliefern.

Beste Grüsse,
Nathan


ESET Endpoint Antivirus Full Scan
Code:
ATTFilter
Zeit;Geprfte Ordner;Geprft;Infiziert;Ges„ubert;Status
15.04.2018 09:57:48;Arbeitsspeicher;C:\Bootsektor;D:\Bootsektor;E:\Bootsektor;C:\;D:\;E:\;944030;0;0;Abgeschlossen
         
Malwarebytes Threat Scan
Code:
ATTFilter
Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 4/16/18
Scan Time: 3:49 PM
Log File: f0e7d27a-417c-11e8-9823-3c528247f0f3.json
Administrator: Yes

-Software Information-
Version: 3.4.5.2467
Components Version: 1.0.342
Update Package Version: 1.0.4754
License: Trial

-System Information-
OS: Windows 10 (Build 16299.371)
CPU: x64
File System: NTFS
User: System

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 525767
Threats Detected: 1
Threats Quarantined: 1
Time Elapsed: 4 min, 10 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 1
Trojan.MalPack, C:\USERS\JCH\DESKTOP\FIREFOX_SETUP_STUB_58.0.EXE, Quarantined, [3882], [508707],1.0.4754

Physical Sector: 0
(No malicious items detected)


(end)
         
Malwarebytes Anti-Rootkit Scan
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.10.3.1001
www.malwarebytes.org

Database version:
  main:    v2018.04.16.05
  rootkit: v2018.04.05.01

Windows 10 x64 NTFS
Internet Explorer 11.371.16299.0
jch :: NBJCH [administrator]

16.04.2018 16:16:44
mbar-log-2018-04-16 (16-16-44).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 424600
Time elapsed: 36 minute(s), 10 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
Kaspersky TDSS Scan
(den habe ich gerade nochmals gemacht, ich hatte den Report nicht gespeichert aber es hatte auch nichts gemeldet)
Code:
ATTFilter
19:39:10.0527 0x348c  TDSS rootkit removing tool 3.1.0.16 Jan 24 2018 17:27:43
19:39:10.0527 0x348c  UEFI system
19:39:13.0320 0x348c  ============================================================
19:39:13.0320 0x348c  Current date / time: 2018/04/16 19:39:13.0320
19:39:13.0324 0x348c  SystemInfo:
19:39:13.0324 0x348c  
19:39:13.0324 0x348c  OS Version: 10.0.16299 ServicePack: 0.0
19:39:13.0324 0x348c  Product type: Workstation
19:39:13.0324 0x348c  ComputerName: NBJCH
19:39:13.0324 0x348c  UserName: jch
19:39:13.0324 0x348c  Windows directory: C:\WINDOWS
19:39:13.0324 0x348c  System windows directory: C:\WINDOWS
19:39:13.0324 0x348c  Running under WOW64
19:39:13.0324 0x348c  Processor architecture: Intel x64
19:39:13.0324 0x348c  Number of processors: 4
19:39:13.0324 0x348c  Page size: 0x1000
19:39:13.0324 0x348c  Boot type: Normal boot
19:39:13.0324 0x348c  CodeIntegrityOptions = 0x00000001
19:39:13.0324 0x348c  ============================================================
19:39:13.0482 0x348c  KLMD registered as C:\WINDOWS\system32\drivers\65258553.sys
19:39:13.0482 0x348c  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 16299.15, osProperties = 0x19
19:39:13.0671 0x348c  System UUID: {64BCF57E-A033-FB7E-1E4E-B702CEAEC104}
19:39:14.0058 0x348c  Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:39:14.0065 0x348c  ============================================================
19:39:14.0065 0x348c  \Device\Harddisk0\DR0:
19:39:14.0065 0x348c  GPT partitions:
19:39:14.0066 0x348c  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {19840438-2F25-483E-A6F6-19CA01F35A14}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0xB4000
19:39:14.0066 0x348c  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {CF318979-A264-4E12-A8F1-BDF9BD617B65}, Name: Microsoft reserved partition, StartLBA 0xB4800, BlocksNum 0x40000
19:39:14.0066 0x348c  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {51B2A672-FDBC-492E-9353-A6E623A3C3FA}, Name: Basic data partition, StartLBA 0xF4800, BlocksNum 0x1B18D000
19:39:14.0066 0x348c  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {4E2A5558-DCB9-4625-B08D-B1C473C34809}, Name: Basic data partition, StartLBA 0x1B281800, BlocksNum 0x1EA000
19:39:14.0066 0x348c  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {B32A5987-011B-4902-8980-A1EFE4A7D78C}, Name: Basic data partition, StartLBA 0x1B46B800, BlocksNum 0x2485000
19:39:14.0066 0x348c  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {D28A8FD6-16D4-40BF-808E-0BD0439BA57A}, Name: Basic data partition, StartLBA 0x1D8F0800, BlocksNum 0x400000
19:39:14.0066 0x348c  MBR partitions:
19:39:14.0066 0x348c  ============================================================
19:39:14.0068 0x348c  C: <-> \Device\Harddisk0\DR0\Partition3
19:39:14.0070 0x348c  D: <-> \Device\Harddisk0\DR0\Partition5
19:39:14.0070 0x348c  E: <-> \Device\Harddisk0\DR0\Partition6
19:39:14.0070 0x348c  ============================================================
19:39:14.0070 0x348c  Initialize success
19:39:14.0070 0x348c  ============================================================
19:39:22.0653 0x2234  ============================================================
19:39:22.0653 0x2234  Scan started
19:39:22.0653 0x2234  Mode: Manual; SigCheck; TDLFS; 
19:39:22.0653 0x2234  ============================================================
19:39:22.0653 0x2234  KSN ping started
19:39:22.0798 0x2234  KSN ping finished: true
19:39:23.0236 0x2234  ================ Scan system memory ========================
19:39:23.0236 0x2234  System memory - ok
19:39:23.0237 0x2234  ================ Scan services =============================
19:39:23.0279 0x2234  [ 08312DEEF0D3F8647AA53AD90A69094E, E32620323E7EDD3CAB5B04B9E37DDE7CA87B45C2CB17520D69D03C17E1D5F65A ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
19:39:23.0339 0x2234  1394ohci - ok
19:39:23.0355 0x2234  [ 645009E711BBF117CCEE917A03FB0CDD, B531951443D961C08428CB0F77F57D9F33C37C0637F919A9DA9DB5DA18479F70 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
19:39:23.0368 0x2234  3ware - ok
19:39:23.0372 0x2234  [ 4014DBD09673A53A523D8AF26C301E05, 80B133C26697C06649AA1C0005EADAADA377A7423AF532FEEE15B02400CB9B6A ] Accelerometer   C:\WINDOWS\system32\DRIVERS\Accelerometer.sys
19:39:23.0385 0x2234  Accelerometer - ok
19:39:23.0402 0x2234  [ 334BAC25FE297342B119730E699B826C, 7ADC9240BFC835C48609BFCED422C4653BC2CA23F4474CD57A25D15EE44736B0 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
19:39:23.0428 0x2234  ACPI - ok
19:39:23.0433 0x2234  [ 44EA35A4B397898A83BF1B9B4B8DAE35, 023E3BC5CE47518269A812F156EFF1BD4CB14F1F5DD3FCC317DE046A519E20CE ] AcpiDev         C:\WINDOWS\System32\drivers\AcpiDev.sys
19:39:23.0449 0x2234  AcpiDev - ok
19:39:23.0454 0x2234  [ 91D113A1532B8AB1E25B7DE5AB3C2F83, 43134DB92D522FCF537FFA8E829021F43BDD90006D7F096BA483DA1DAD3D1CC3 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
19:39:23.0468 0x2234  acpiex - ok
19:39:23.0472 0x2234  [ 620BB2682BA625DF037072D89F44F6EE, A1A72F663C75DC65B1BA278CD7F43FAE6D1BDAE2F3F1D8269F508DECB555FFF9 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
19:39:23.0487 0x2234  acpipagr - ok
19:39:23.0491 0x2234  [ B9805A3C479390CEAEA5AEF5E4A90A2E, D9256734BC46EA43133873BDDE56B9A3597F74CFE82500FFB374A8EE6293ADD3 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
19:39:23.0506 0x2234  AcpiPmi - ok
19:39:23.0510 0x2234  [ ABD4EB55C661143B015BD0B9B47B235C, 5F109BA04010E634D547E86AF67659EA06BD05FCF78A493DB190790C4D7E13EA ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
19:39:23.0524 0x2234  acpitime - ok
19:39:23.0531 0x2234  [ AAA8E68E685DB1B68747E3DF68F96368, 1A5BE239B2D0C6F727303A98CFFC91070B6A05ECD6B9CD05AB326AC1910ECEBF ] acsock          C:\WINDOWS\system32\DRIVERS\acsock64.sys
19:39:23.0554 0x2234  acsock - ok
19:39:23.0561 0x2234  [ CA805DA983594B01F3554464B2E5158F, AC311C5D59AA1FA2B1B3CDB9CCEABEC85878BF6CA6106253186909AA9EB3C1BA ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:39:23.0571 0x2234  AdobeARMservice - ok
19:39:23.0597 0x2234  [ 8C58BD711FAD5F11E8CFDBC5CED973A5, 340FCD2C492009D5D7732FBF94198C4767125A77E0C71BB20E5CB2BDA5AB57CF ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
19:39:23.0633 0x2234  ADP80XX - ok
19:39:23.0654 0x2234  [ 9619C0D7DB55CC3A636A24A7D82B0C8E, 12FA6F3CCABDC707F1ED1D48F9C53B84773D8E68719256192C64DE40D5DB909E ] AFD             C:\WINDOWS\system32\drivers\afd.sys
19:39:23.0677 0x2234  AFD - ok
19:39:23.0688 0x2234  [ DCE606F0E15E0FB75ECC02EBB3DEFA9C, CC851775136EC09CD41BF7EE1582BC6BE41086A807F5EBF3F97C60B57D5ADBC5 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
19:39:23.0707 0x2234  ahcache - ok
19:39:23.0714 0x2234  [ 84FFB4AC2BA923364DF13F73751E05D1, EBD054282D93F290408A2343C0CBF98CEF7619A8252DC04E15322E51505D45AF ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
19:39:23.0730 0x2234  AJRouter - ok
19:39:23.0735 0x2234  [ 084101AB03969D8ED00D5FFBE5F4C3DF, 6425FA16F0CBF5F3008780095364830EBF1F073BD5109764FE9E88245AFB9367 ] ALG             C:\WINDOWS\System32\alg.exe
19:39:23.0760 0x2234  ALG - ok
19:39:23.0768 0x2234  [ 654824DF0CE32C9D274C1943DEB19AEA, 298D21026D503CBCE7A5385E8466905C62EDC89EE7AAD824127A213A9662ED73 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
19:39:23.0788 0x2234  AmdK8 - ok
19:39:23.0795 0x2234  [ 12C4246CE1B769B720BE0848F75AB4C1, EDB6C085FB1291FE5436360FFE227E9885C5698B2076C6C326316A4E672AE8AE ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
19:39:23.0815 0x2234  AmdPPM - ok
19:39:23.0819 0x2234  [ F1C16AABA27E9E153AEC7BD2AB853F30, 7CFDBD218E6C161747A21BBACC78BF1061F2427ED1247F1AE0879BE155C504E7 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
19:39:23.0832 0x2234  amdsata - ok
19:39:23.0839 0x2234  [ C834D0F1ECB8473E9E6D18EE1BCEECB2, C9B7B9279F96DE4DA1EE096B6463591B3A718F87CD75E544C5A07C3639D1F188 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
19:39:23.0855 0x2234  amdsbs - ok
19:39:23.0859 0x2234  [ 49203D2FFE30CBB36BE66A0E70F3D954, E5B5A3B3B4A8FF03B5C902642C776CECD554CA1DB25419111EDA83602986CCCE ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
19:39:23.0870 0x2234  amdxata - ok
19:39:23.0877 0x2234  [ 38DC4D8B1BD5DA43179EEA726BD05249, 4BCACD6A6EDCBC76F3132142E70E9BE828BAA2C2D91F634A322FADD330C7ACC0 ] AppID           C:\WINDOWS\system32\drivers\appid.sys
19:39:23.0891 0x2234  AppID - ok
19:39:23.0899 0x2234  [ A78F24AF599EA536C6028D80E4037664, 0FE73CAFAE336D8831225BDCC0158BEEEED2E9E6086109974BE7F1982A79C9CA ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
19:39:23.0922 0x2234  AppIDSvc - ok
19:39:23.0928 0x2234  [ 9D01D0608E39FCDE57969B0AA0191A56, E9D7F44A87D87F56CD3AA9D22C5466C04F2B9515124872BFA7FDE3FD81659DD4 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
19:39:23.0947 0x2234  Appinfo - ok
19:39:23.0955 0x2234  [ 7DEFAE8665BCEDDC2C9983138D69D7A5, BDD39E55DDFD33114EC36CBE79298149E6A920A6B8F440A8C1F7A7003D1867C9 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:39:23.0966 0x2234  Apple Mobile Device Service - ok
19:39:23.0971 0x2234  [ 1E085E2302D568F0CE041732B3E887B0, 0D2A3675FDD04C800B302C84A43F233F0217EB4B1AD44B11AADDB0D5D8FA0DB2 ] applockerfltr   C:\WINDOWS\system32\drivers\applockerfltr.sys
19:39:23.0988 0x2234  applockerfltr - ok
19:39:23.0995 0x2234  [ 043786FF3A1B6A066613E0B166F28F07, CB248FA46D3798487A543344095F8EC5ACD8A4A5B9FCC7C374CAFE9DB04C6281 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
19:39:24.0017 0x2234  AppMgmt - ok
19:39:24.0033 0x2234  [ 1D123729F547EEDFBE3F510346848C38, B170860348FBAC054203A7B858866A12944D7046C01BA3A14AC0860D8C288770 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
19:39:24.0067 0x2234  AppReadiness - ok
19:39:24.0087 0x2234  [ FBC6C10A81DB0319A8AB2B14801922C2, 9E667CFBF81FDBBD4DA7086BA1682F3384BE4A99FD3E8546D381385F95431FB3 ] AppVClient      C:\WINDOWS\system32\AppVClient.exe
19:39:24.0114 0x2234  AppVClient - ok
19:39:24.0120 0x2234  [ 05B19AD776D80FF0FADB44608896C16F, B7DDDF06C0E525774DA3AE3EA718E0CCC2D6C27F7430103B578859FAAAF2941F ] AppvStrm        C:\WINDOWS\system32\drivers\AppvStrm.sys
19:39:24.0132 0x2234  AppvStrm - ok
19:39:24.0138 0x2234  [ 3EA678F2C70083FB1588772FE7FAFFE1, 8B236563E285352DE9DC056DC87872412D3A756E82DA9D0191931A19714B4078 ] AppvVemgr       C:\WINDOWS\system32\drivers\AppvVemgr.sys
19:39:24.0151 0x2234  AppvVemgr - ok
19:39:24.0157 0x2234  [ ADD72B1FFE20B37A13A5A861724ECA05, D48515E1CF9B6317031B1151AEB8C7042D5FD63ABAD755749FE4660979F4E20B ] AppvVfs         C:\WINDOWS\system32\drivers\AppvVfs.sys
19:39:24.0171 0x2234  AppvVfs - ok
19:39:24.0225 0x2234  [ 9D25C64C3567B3918EF2389398E72FA7, 20C2687A81599954F77D0AC82180ADCA3800FE49D19FF36C2E8B9A0BAEFC6A8B ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
19:39:24.0320 0x2234  AppXSvc - ok
19:39:24.0335 0x2234  [ B42C83DE28776B80DBA1310C56DD4F74, 8E017B73D5AD644EC1D46BC1DC2CAF465A6793E2AD6DC35A2E3AB907E7719C40 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
19:39:24.0348 0x2234  arcsas - ok
19:39:24.0365 0x2234  [ 0D51FFDAE7C906C308369EAB87358304, 684E0405D82C67285FA1586426EA6792BBE796524C10DD24C2AF48FEF4E3D92E ] AssignedAccessManagerSvc C:\WINDOWS\System32\assignedaccessmanagersvc.dll
19:39:24.0391 0x2234  AssignedAccessManagerSvc - ok
19:39:24.0398 0x2234  [ C2151380227CD1F7DDA2401C1F151367, 0E76DCD69CAB960DC65942269081436A9DDA255E908E71A29E72DFCFC5CDCC7C ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
19:39:24.0416 0x2234  AsyncMac - ok
19:39:24.0420 0x2234  [ 6191B9B2EE0E8CB957C683B9B341CC86, E60ACC6E9C6E90F2E1DA0DE220C890B50887FD97E7884F8F4301FF2C9A2F408A ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
19:39:24.0431 0x2234  atapi - ok
19:39:24.0446 0x2234  [ 0A414BE36FFA16E9F20F94008E366AD6, FE254DDDEB22FFFBBFCC87FE035AE5C6F44F08C6FF0EDFBC0C584C0C47E6FF55 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
19:39:24.0478 0x2234  AudioEndpointBuilder - ok
19:39:24.0509 0x2234  [ 57D7504862058467BA8FB8D988E6D372, B0993D1040C91FFB9B5EDBFCBF9885887C90A01E9A7DD4218FA0D09A05C42097 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
19:39:24.0564 0x2234  Audiosrv - ok
19:39:24.0574 0x2234  [ 947FF5992E26AFD4CAA34506678B70BC, 0B125EDBD6E740375E45AAA465DC83740F5CD43A55CDA404F7A81F37EE3BC57C ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
19:39:24.0595 0x2234  AxInstSV - ok
19:39:24.0609 0x2234  [ A921805C1ED3253DF48FCA4D724173EB, 7DB6A13228812550F066C76273ECA6B3FC12E7CC98C245D16B5A13FBCF6A509D ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
19:39:24.0631 0x2234  b06bdrv - ok
19:39:24.0636 0x2234  [ 3CC12A09AE7293F4CD1688117B46B9BB, 377B7FB7704BEA894801956756EF0EF2E8C938ABAA047F4729CDE91B44357CFB ] bam             C:\WINDOWS\system32\drivers\bam.sys
19:39:24.0648 0x2234  bam - ok
19:39:24.0652 0x2234  [ 2A7267AA15E508F6D05A5B562F1FD1CE, 7070123619A3F08864844FF89C9DEA1D4ED48D05D2B93E305774BE715583DD51 ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
19:39:24.0668 0x2234  BasicDisplay - ok
19:39:24.0672 0x2234  [ FAFAEDFC7CAFD8B8FADA6A81BAF92E3A, 11EA3C361DFE5CC177E7D8FD002DC6542E05D1C74977A4716BC1B3DA5CAE963F ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
19:39:24.0688 0x2234  BasicRender - ok
19:39:24.0693 0x2234  [ 739D089777D2B66DBE7201E5EA4BA2D7, 9AD12E18A042C5B8EFB19297BC2E7BD1FEF75A138FEFB64C6BF0261FD3E53AB1 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
19:39:24.0707 0x2234  bcmfn2 - ok
19:39:24.0719 0x2234  [ 72963E0676003016B431306A6F4951BF, 3442A7C1AC1EE8E68F15C78CEBAC237D7535F834AA13F8BB602645DD183A73D3 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
19:39:24.0741 0x2234  BDESVC - ok
19:39:24.0747 0x2234  [ 355D162E52819C19396FB01A8E005A1F, F7911703B51832806F9A88ECD7912A66A02A7798931F27757046D62895FCA0BD ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
19:39:24.0761 0x2234  Beep - ok
19:39:24.0781 0x2234  [ 7384D8967C8AF3D46DA2FD722168F222, FDC66CBBD041B35B726686F7593119D29C65D568BCA40B13918E57A25AB840CF ] BFE             C:\WINDOWS\System32\bfe.dll
19:39:24.0817 0x2234  BFE - ok
19:39:24.0847 0x2234  [ A0D1BF71E828CEFD7F9DC726AEAD80CE, 742F245105412476A8713ADFBBA5E6498B3B1A03DCF3EE58C15F5AC06C686B44 ] BITS            C:\WINDOWS\System32\qmgr.dll
19:39:24.0896 0x2234  BITS - ok
19:39:24.0914 0x2234  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:39:24.0932 0x2234  Bonjour Service - ok
19:39:24.0937 0x2234  [ 8843185CC8F60801C06812799584F6EB, 35D893B9C53215548C95143377F8DDC98A45F2269839BA498F2FA22B409F13C0 ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
19:39:24.0953 0x2234  bowser - ok
19:39:24.0971 0x2234  [ FA2702519B710C40E6E55F85F7F87BBC, 95EE006E89FDC78F17BD68DE9977030A0FD47343FDF8308A68742F9E3D13CDF2 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
19:39:25.0007 0x2234  BrokerInfrastructure - ok
19:39:25.0013 0x2234  [ A4863B7B1F0DB513D6E34547BACC211A, 41E74A60721CCBE0A4D487B3EE01BAC3108D9BA819BF58A64E963478C43828E9 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
19:39:25.0034 0x2234  BthAvrcpTg - ok
19:39:25.0040 0x2234  [ 82BD96D56574231AD0E9BBF293EA2E7F, EFC7121D6EC425F89BF10078F3716A63753303B6DAB6CC3EF90730E6CBED4630 ] BthEnum         C:\WINDOWS\System32\drivers\BthEnum.sys
19:39:25.0058 0x2234  BthEnum - ok
19:39:25.0066 0x2234  [ 9C9EE272C11252C651C5DE6A1AC1EDAA, DED378E894FA07B75F2E93490075879A50879CACACCF09F3F9EF37EDFA159233 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
19:39:25.0085 0x2234  BthHFEnum - ok
19:39:25.0089 0x2234  [ 69734E386826ED857C889330F35B4D9C, F0804D41D4BA6C9022B70D5092C4F14128D33F66C5D85DE10115A37C36927B70 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
19:39:25.0107 0x2234  bthhfhid - ok
19:39:25.0120 0x2234  [ BC58294295CBAD6637A526470305B5EA, FAA1A1C85D418B063D8A6E93558BA74D766081268354D63E28D372BD55D523DD ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
19:39:25.0149 0x2234  BthHFSrv - ok
19:39:25.0154 0x2234  [ 338B8D45C7DFB03DB7957188E16C9661, C634A32E6C945760BD85E3862B88BDA3E63A33DAD69523FD14523C3D301E675C ] bthl2cap        C:\WINDOWS\system32\DRIVERS\bthl2cap.sys
19:39:25.0174 0x2234  bthl2cap - ok
19:39:25.0181 0x2234  [ 47BF82E2A6D11279C8501E08518AB835, 2B8D770AC694F31844A39BAC3B49C36523C9586D4B22C390009B057D4DA9D0F0 ] BthLEEnum       C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
19:39:25.0198 0x2234  BthLEEnum - ok
19:39:25.0202 0x2234  [ A94AFAEA86F5F792BB4ECA095B231464, 588256D53CD50B8299FCABF624E8EF29761B16DE1999896DC647FBF8E2BAEA68 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
19:39:25.0219 0x2234  BTHMODEM - ok
19:39:25.0225 0x2234  [ 4F58D8C265FFA943878CF7F922432847, 5A98E89770E94DC729E04831BD186296F549C56771FA5ED60A56585502E70ACB ] BthPan          C:\WINDOWS\System32\drivers\bthpan.sys
19:39:25.0247 0x2234  BthPan - ok
19:39:25.0268 0x2234  [ CC98DC94BB904EEADD22242535DF83DB, 8F638CF720C9EEAE57DE10277C26D343D9EE08B61A3F4871822537ED089008EC ] BTHPORT         C:\WINDOWS\System32\drivers\BTHport.sys
19:39:25.0306 0x2234  BTHPORT - ok
19:39:25.0319 0x2234  [ 572BCA61B7E026E057AF7DF456AC7E0B, CA35DCC02BFE2D34C40449E47F0C8BA4AD709F01A952B9354332560CE72A1E4F ] bthserv         C:\WINDOWS\system32\bthserv.dll
19:39:25.0342 0x2234  bthserv - ok
19:39:25.0349 0x2234  [ 55C836530A9602255BFB4F5D9DA2B737, DB82CB1FB657955AE80A144CC30D5112CF90FBEFCE9E89CF7CEF2929EBE56B28 ] BTHUSB          C:\WINDOWS\System32\drivers\BTHUSB.sys
19:39:25.0366 0x2234  BTHUSB - ok
19:39:25.0370 0x2234  [ 39E7437FC59CDD7A303ABD514E462E8B, 9DCACFC12090BA03E3DD8E0EFE02382E3D42B528BDF6DD77318CAFACBA9EBA09 ] bttflt          C:\WINDOWS\system32\drivers\bttflt.sys
19:39:25.0382 0x2234  bttflt - ok
19:39:25.0386 0x2234  [ 522888590B0C19BC8128119060AE7901, 9C979FD442E7B189FD156BD5E5E4A3D10FDABB3C38094B9C67A702103D39B00F ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
19:39:25.0403 0x2234  buttonconverter - ok
19:39:25.0408 0x2234  [ 2AB01CE5E233A6FBA3E91BD57772AA4B, DC241810B774BCE651B525885480F05D15AE0E623D53E4CB02562A8424C067E2 ] CAD             C:\WINDOWS\System32\drivers\CAD.sys
19:39:25.0420 0x2234  CAD - ok
19:39:25.0427 0x2234  [ E2C8EE32C053892E685A989071AAE333, 842228C315BBD5FA802A81833BB0158774969FED4C5A706F9B904F7C70DB80A3 ] camsvc          C:\WINDOWS\system32\CapabilityAccessManager.dll
19:39:25.0449 0x2234  camsvc - ok
19:39:25.0455 0x2234  [ F6F97879F53AD57194C6BC8272FD73EA, C11CB040CC64ABC0A6EAD6D6985659896FBB5911D2E10B6584E0F90FE6813C57 ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
19:39:25.0473 0x2234  CapImg - ok
19:39:25.0477 0x2234  [ 9E82A95D77AC78C84BA75FF896B060BF, 87905E55724ADE5149D3BBC2DB76A7275580DE204BB561B8E1FCD631DEF3D9F9 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
19:39:25.0499 0x2234  cdfs - ok
19:39:25.0515 0x2234  [ 147CEBE0C5F7A80135C54715521AD9E1, 99ACF25165C0C17822B0FC06F662848CA0DFAD51B3E3B440005C2E033BFE4840 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
19:39:25.0551 0x2234  CDPSvc - ok
19:39:25.0564 0x2234  [ 6F9F9FA8976D9A45D3C75E7A49AC9995, 7350C4A0A1FEF73203F4AFF2689D59A34728F4F71849110235B1CA5FE0F5AF3D ] CDPUserSvc      C:\WINDOWS\System32\CDPUserSvc.dll
19:39:25.0589 0x2234  CDPUserSvc - ok
19:39:25.0601 0x2234  [ 6D83565C1652E80447EDEA6947FA89D7, A84A3EA45304A9E3F53DA9F4CB9F2D9FF8A2AD69A36AEA366D35A2F5C9FDF851 ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
19:39:25.0621 0x2234  cdrom - ok
19:39:25.0628 0x2234  [ 6286CBE87B64AB7D1F59E3375A2FF3F4, 92C276A18F99D2A423BC3A99EBDA1239F3B335C1EB6EBAF2F2800A23188B26F2 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
19:39:25.0648 0x2234  CertPropSvc - ok
19:39:25.0657 0x2234  [ D81954CE5E016FD716EDDB2B2FD9BA58, C47FF6D6527605238EF46E9BDF4544E2B2F4F9C5BCE13881F569F996541D7FF7 ] cht4iscsi       C:\WINDOWS\system32\drivers\cht4sx64.sys
19:39:25.0674 0x2234  cht4iscsi - ok
19:39:25.0708 0x2234  [ F9A8570805807FFD66488F0A858E1308, 5D8363C5EEB7B92CFA219C466D04D8C625CACAFBDEA5857C5C9FA0C391AC2FEB ] cht4vbd         C:\WINDOWS\System32\drivers\cht4vx64.sys
19:39:25.0752 0x2234  cht4vbd - ok
19:39:25.0762 0x2234  [ 9798D58461706930190F1F2F6BF21D80, BD7552297A636E19F5D544BDBF3490DA544E76002F62B227FA5BDA7A11760040 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
19:39:25.0779 0x2234  circlass - ok
19:39:25.0790 0x2234  [ 6AF3865AEF65623814209794409AA15F, F95A18B08329A5A794AE7B59AE9193B479E9AF6904E2656701AFFE32C6658840 ] CldFlt          C:\WINDOWS\system32\drivers\cldflt.sys
19:39:25.0813 0x2234  CldFlt - ok
19:39:25.0823 0x2234  [ 33609EDF8062E8FE79DD5F9079E4D3CE, 3170634F63C66961BE3E98025FC735D8A61A98CA631430A448AE3243208C1C0C ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
19:39:25.0840 0x2234  CLFS - ok
19:39:25.0985 0x2234  [ F7DF7FE901C3096F7E248C6DC6B3CB7C, 7B12C682D578D1D361D6067FCEC555E01933006AD97EEC85DD477AD227BFA14C ] ClickToRunSvc   C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
19:39:26.0137 0x2234  ClickToRunSvc - ok
19:39:26.0171 0x2234  [ 0EFD85AB09099246CDF8DB63978CC00A, 1E402747B03E0B17D7AE76D52B9E1BE8DA7D29A92B8301DC9FC7A02C0E78757C ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
19:39:26.0199 0x2234  ClipSVC - ok
19:39:26.0208 0x2234  [ 2BA3BA38B5A6A667B0EAEC477276707B, 80AD05C5C7E0398EB7320A82878700C6588B7411F3DEA02E5784CA599CB548C2 ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
19:39:26.0223 0x2234  CmBatt - ok
19:39:26.0238 0x2234  [ 5FD7E04967054728203265A310ED8D4A, 676C1A8D9DF8BBDC8BBEA3DD921736AF80FA7D5EFF5C0E6F2DE1C0010162800B ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
19:39:26.0261 0x2234  CNG - ok
19:39:26.0267 0x2234  [ C65AF00EF12A1755E7CA370B0C71935D, C03315A5B999EB9AA5B5F1F000BD8A1C68DFC151B23AA2F29F69F7129407AA11 ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
19:39:26.0278 0x2234  cnghwassist - ok
19:39:26.0311 0x2234  [ 7B1B881A90A0DEB704CB088459D4E60B, 4A5F032CCC3F1B9E04A130F7E15EDD1005DF4570C8D7BD939D0772F156E4DA5E ] CnxtHdAudService C:\WINDOWS\system32\drivers\CHDRT64ISST.sys
19:39:26.0348 0x2234  CnxtHdAudService - ok
19:39:26.0369 0x2234  [ A50300498D56B2448F3593D25478D508, 841D66D4AB9749EE64802611157A9AAED1117B6B2C411B3DA272CE439E69AE45 ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_9c1fb8f4db31c348\CompositeBus.sys
19:39:26.0382 0x2234  CompositeBus - ok
19:39:26.0386 0x2234  COMSysApp - ok
19:39:26.0390 0x2234  [ 65602B0DB49199647FECB2D1212147BE, DC25D2DED7C31B4691B61FC69BB12E50CA5EDA9705339CCC82BE145EFD6D47C5 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
19:39:26.0401 0x2234  condrv - ok
19:39:26.0421 0x2234  [ AB638EA8ECDBDC692C64F4FF4F940D1D, FE873A86E951C8886CF546E193814807DD356C20308655D4128B3DFCE16BF0BC ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
19:39:26.0450 0x2234  CoreMessagingRegistrar - ok
19:39:26.0473 0x2234  [ E13D3DD8CC5F8EB3BAD2A4727BAB4B43, 8D9ADB9F9F3B2444A3F357BEB47707B91DD11C13724C2AEF4B28E6E67F9F952B ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
19:39:26.0490 0x2234  cphs - ok
19:39:26.0512 0x2234  [ 30F0252493A2CFA6A7A123875A77025A, 84623474FFE238DD9FB6E3C467C22BEDE76608E249555E87EE18D56922821B53 ] cplspcon        C:\WINDOWS\system32\IntelCpHDCPSvc.exe
19:39:26.0533 0x2234  cplspcon - ok
19:39:26.0540 0x2234  [ D64EF74FC6DA47EC2E460076F299E77D, 1F77E9F777FA6996222DE45B3AB2C01CD94C80A4A7F5CA092DDF1F18D74F93AA ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
19:39:26.0561 0x2234  CryptSvc - ok
19:39:26.0577 0x2234  [ 0AAC6E3138AB83C466281642D1A48F15, 31AEBAE422BFDC9EBE0B8CBAEE5ABAA27E8EA47387D4A24C91A3CE92EF7E0C92 ] CSC             C:\WINDOWS\system32\drivers\csc.sys
19:39:26.0605 0x2234  CSC - ok
19:39:26.0622 0x2234  [ 9D4FA712339A09110809A4CC270AF4F0, 6403633EB0061CE3E4665E7A757EB697FD47DEE540EEDEC035CC13184FC62947 ] CscService      C:\WINDOWS\System32\cscsvc.dll
19:39:26.0655 0x2234  CscService - ok
19:39:26.0659 0x2234  [ E61D58DE5AADFE98EE47DCFAD63B50C6, 004170DF82EC1650C7FEEF181E9E7F587FB5DA90D54771EAC8C0958451B2F247 ] CxMonSvc        C:\WINDOWS\CxSvc\CxMonSvc.exe
19:39:26.0670 0x2234  CxMonSvc - ok
19:39:26.0675 0x2234  [ CEFC169946825C5F329545279FEC823B, 155848D7887E00863540542122A16BFD65DEEDC1B8B64F7E92D64D2C74CB5C1D ] CxUtilSvc       C:\WINDOWS\CxSvc\CxUtilSvc.exe
19:39:26.0686 0x2234  CxUtilSvc - ok
19:39:26.0690 0x2234  [ 72BE43ABD786E86AAE7EA2193201E100, A013CF10AA4158082B5D0D7F885969C5C92710A6084E57E9DDBDA84420D97367 ] dam             C:\WINDOWS\system32\drivers\dam.sys
19:39:26.0702 0x2234  dam - ok
19:39:26.0725 0x2234  [ 79BDBB684629A526CCD958F06B9D6FAD, 489A85A5F63E5F012740B538878D6DAEBBB474D64F27A6847D3E387A704E5297 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
19:39:26.0774 0x2234  DcomLaunch - ok
19:39:26.0796 0x2234  [ F7FB921F438C3566CEC55657EA4E7D9C, 17FA956E3B89F9B6C154975E7E1AAFB204F5EDEACC14A8424827DE13440A9299 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
19:39:26.0825 0x2234  defragsvc - ok
19:39:26.0840 0x2234  [ B5F9123D6537856EA698386ABA27A232, C60DD499254B4A3741ECE71AF1685763BD6A6F828F879D54E175A6198C89ABF0 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
19:39:26.0868 0x2234  DeviceAssociationService - ok
19:39:26.0873 0x2234  [ 64A80A746FC460126FA4124AA2D93848, 851ECA69489FF9A834B6A5ACF9D51283FD3796E21316D8A22E57DED2F415782C ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
19:39:26.0893 0x2234  DeviceInstall - ok
19:39:26.0915 0x2234  [ A19F51A044B62C994144ED87A7A5A887, 91ECE0E067E138817CD46A876B2D28CB47A2CCBE9C924EA91A1966FDF69AF7DF ] DevicesFlowUserSvc C:\WINDOWS\System32\DevicesFlowBroker.dll
19:39:26.0950 0x2234  DevicesFlowUserSvc - ok
19:39:26.0957 0x2234  [ 0D2A4CA81D1F7B5E5FBFE1E4F60246B8, EF425C2FB1191720F9B53EB26EC904F53851D296B222E20B0733615575D4B7E5 ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
19:39:26.0975 0x2234  DevQueryBroker - ok
19:39:26.0983 0x2234  [ FAEC08F583CAD06D4F057DBB733A03A1, 3FB5FDB9B7B4B55916F102E6AA2FE387F2D552229FB1E6852E5DAC9A49B214A3 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
19:39:26.0999 0x2234  Dfsc - ok
19:39:27.0009 0x2234  [ FDB38FF469568190277A694D1BF599F5, 5512DB70C942FBFD78DBAE3DF379A2DDB9249B45BF5CE2CB305605C14CD1F25F ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
19:39:27.0035 0x2234  Dhcp - ok
19:39:27.0040 0x2234  [ 8C46ADC4354DDE94CA459CB4BA822073, 8B0597866B6BAD22641B70836B29FC01433A00AFDABF31E5672DD5DF6ADCC3BB ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
19:39:27.0061 0x2234  diagnosticshub.standardcollector.service - ok
19:39:27.0070 0x2234  [ E2BF09B816393AF73EDCB8ECF9BBDB2D, DBDFFC2450E4EC684DD59383799ACF1D207B0882C301B8D562FB76307AFCC553 ] diagsvc         C:\WINDOWS\system32\DiagSvc.dll
19:39:27.0091 0x2234  diagsvc - ok
19:39:27.0139 0x2234  [ 3DEAA6E6626AF9E84DB66124C1679AC8, B5277B71244FDBBE2C7D351CD519B01BDF26D8605E88F480B17B2E85B35A9B5A ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
19:39:27.0221 0x2234  DiagTrack - ok
19:39:27.0231 0x2234  [ 8C7FF86607E367E6319F7F637115D665, D49EAA69A880A566558ED58F60B378AB9E2F950DC951741908DD0914121D6099 ] Disk            C:\WINDOWS\system32\drivers\disk.sys
19:39:27.0241 0x2234  Disk - ok
19:39:27.0260 0x2234  [ 133E5277C2A50770EADFAC4AF2232D69, E24933DD2440BA8DBDFD3A583301A9BE56A4ED699134242DB52E1AB5721C53D4 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
19:39:27.0297 0x2234  DmEnrollmentSvc - ok
19:39:27.0302 0x2234  [ 64009621AAF4BC6626BC1A623A26FAD1, C94E63FB12AC58022C0C7F7721C7A38E9411DE94BFB12416091DC1A1F8C90414 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
19:39:27.0317 0x2234  dmvsc - ok
19:39:27.0322 0x2234  [ 10E72E3315305461D3F0C7560AE98CA5, 702B5C056DB6B4E337231BBEA48E106FA95F26B48CDE91857305E4C6E4EE6A12 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
19:39:27.0340 0x2234  dmwappushservice - ok
19:39:27.0350 0x2234  [ B307EE2CEF643264DF3DAAF5DD2D08E2, 4A362C947852C076B53AD4655DD4EDE7D6106AABAFAD6ED1D874DA4F33EC0F8B ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
19:39:27.0371 0x2234  Dnscache - ok
19:39:27.0382 0x2234  [ E1C233826ECA1E52672052C49BD42485, 20B573BD6C5C760C21863F7E8B5AA544661C38E240C41ABA1C69B61C68A8FDD0 ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
19:39:27.0403 0x2234  dot3svc - ok
19:39:27.0410 0x2234  [ 6D8971C942FEE43A0AB6B3192534AFB4, 44D437DD32E1FDD7922B352CA6C19C83C1ADD825FB704B8E07BEF01E866E2B99 ] DPS             C:\WINDOWS\system32\dps.dll
19:39:27.0431 0x2234  DPS - ok
19:39:27.0435 0x2234  [ F4800922F4ABA619585CE320A72E6389, CA83BCAA8B37F303E89598F8C93B201A3F000A09F4A9963E370D7E59BD79D448 ] drmkaud         C:\WINDOWS\System32\drivers\drmkaud.sys
19:39:27.0447 0x2234  drmkaud - ok
19:39:27.0454 0x2234  [ BB73FD1329739982C2915AB827A01362, 70E69942AE14D5012D9A8B1C799B5B4B4FCC2E456D8940CB4C104D6AB7C4997B ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
19:39:27.0475 0x2234  DsmSvc - ok
19:39:27.0483 0x2234  [ 280297274D162AD79ED767D8CB22DE9C, E344797EDD9EC2ED3D1D07FF1B94DFB8BA318DDE8CD6CECA937A27B4B2E22A0E ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
19:39:27.0500 0x2234  DsSvc - ok
19:39:27.0510 0x2234  [ A05724426389EBC1351E3D6F95CF3EAC, E638F97043274515F9A8A46B55C9478E886683580F33A0E90A3BDFBA6A4F6C26 ] DusmSvc         C:\WINDOWS\System32\dusmsvc.dll
19:39:27.0533 0x2234  DusmSvc - ok
19:39:27.0578 0x2234  [ EAC1B96AF31F554FC2ED24CEF8AB42D8, 8DBB1C204C5FC7AAEB23CDFF4E01442356CBC3DE78AFC4A82783B2123DA6BEB8 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
19:39:27.0639 0x2234  DXGKrnl - ok
19:39:27.0662 0x2234  [ 2AAC97A2DDFE3149851A9F8E002F2721, 7CDCB2BA56A6417C49A94D45BC674678073EB6B999FB0665EC329A26C5E9BCA7 ] e1dexpress      C:\WINDOWS\system32\DRIVERS\e1d65x64.sys
19:39:27.0682 0x2234  e1dexpress - ok
19:39:27.0691 0x2234  [ 15F9203D87BC8BB2F2607D4DED0450BF, 9B800856BF34430FF58B64BA410070E78114706D74F757416EC162A30E7AC441 ] eamonm          C:\WINDOWS\system32\DRIVERS\eamonm.sys
19:39:27.0704 0x2234  eamonm - ok
19:39:27.0710 0x2234  [ FA94398748930D840FE35A44F1D225A7, E2D48460413904AAFB50E18A24471157D2A235F5CCDF89EE49BB139D1CA3B9F6 ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
19:39:27.0730 0x2234  Eaphost - ok
19:39:27.0793 0x2234  [ C99D40C97841E0A7F0F90B8629593A97, 2DE7FB6E3CD7B06079C2B05D8C10AD0EDF187684ED1DE5BEE98FAB9A4B331824 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
19:39:27.0872 0x2234  ebdrv - ok
19:39:27.0888 0x2234  [ 94E06D509D50807774F35BEE3163E806, ADADFA0D533944579BA0E5FE31A68D4D1395E7B9DB75E58D47E0ADC0DA5AD16C ] EFS             C:\WINDOWS\System32\lsass.exe
19:39:27.0904 0x2234  EFS - ok
19:39:27.0912 0x2234  [ 31D3933AFFF4A58819F76EDE58339F73, 9A4543974DA844DFFC5BFE8D26AE32AA899779095BE1F53D931FC6E3E0378E33 ] ehdrv           C:\WINDOWS\system32\DRIVERS\ehdrv.sys
19:39:27.0924 0x2234  ehdrv - ok
19:39:27.0931 0x2234  [ 260BBD6B1ED06298E509B452354EDB91, CF794D5AC62C6DBF356BC717910FD2B106A8BD90C3C03BA43859FD876F8820BC ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
19:39:27.0941 0x2234  EhStorClass - ok
19:39:27.0949 0x2234  [ F3BEBDC1B9DBA32F183079EAE6244837, 5DE0DA8D2A13BFA852355619C6DE5AC2FDFAB314A619A4F209842581E4D82DE1 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
19:39:27.0962 0x2234  EhStorTcgDrv - ok
19:39:27.0968 0x2234  [ 199711EC0A2808F65DD7DFDBE312F0FD, FAA30232AC9357696DA8D1348B07E556BE4ECF99259128922A44DF7D5FBF4D4A ] EHttpSrv        C:\Program Files\ESET\ESET Endpoint Antivirus\ehttpsrv.exe
19:39:27.0977 0x2234  EHttpSrv - ok
19:39:28.0014 0x2234  [ 02E1DEC17CA6AEEF2D5B4945BC29D57B, A55AF1FD06BFB7D9D3B8B2B4D150B5E220BB5BB846C5B4237B92C04882E98783 ] ekrn            C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe
19:39:28.0059 0x2234  ekrn - ok
19:39:28.0072 0x2234  [ A75880A9192B9DA69F46867B06276746, 53856262A5BD4BE93CB45D1F43B87F45CB01C02B7D94231CF05346B9BDF1F18D ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
19:39:28.0096 0x2234  embeddedmode - ok
19:39:28.0105 0x2234  [ 3BC17ABD52295C64A8BEE3CF4B244B12, 9153DF82C10B314983DB78AB88B468C39E213AE3C504AD865C54213F76F120D6 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
19:39:28.0127 0x2234  EntAppSvc - ok
19:39:28.0133 0x2234  [ 8804798548EC2B65BE92FEB72467BF20, 01560545A1BB9FE1364BBE5804421425C7914B3BF9E69628B468CC798DFD9977 ] epfwwfpr        C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys
19:39:28.0142 0x2234  epfwwfpr - ok
19:39:28.0176 0x2234  [ CF0F703C073ED190CFED90793C3CA007, 46B5DE34296B438477894EB8456EF2AB9E8A20E592A7D9DFCED12DFF03C3BA84 ] EraAgentSvc     C:\Program Files\ESET\RemoteAdministrator\Agent\ERAAgent.exe
19:39:28.0214 0x2234  EraAgentSvc - ok
19:39:28.0223 0x2234  [ 1B63CA857FD03FD0A5A1379F2996784F, 9EE5205DCFADAFC62D36528087FA4E023F7E48FF0D2A8333D8A6111AE09D21B8 ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
19:39:28.0238 0x2234  ErrDev - ok
19:39:28.0245 0x2234  [ 007BDB97251D74B7A453AE37725E7F86, 6FABA43BA89F5889103C388B2176ED06AD1D95784B5FD2EC9D09632FDC905466 ] eshasrv         C:\Program Files\ESET\ESET Endpoint Antivirus\eshasrv.exe
19:39:28.0256 0x2234  eshasrv - ok
19:39:28.0262 0x2234  [ 0AE7DAAA8524C8D1A4C2414296EF329E, 6A5CAA0819BA177A510F9DEEB94BE5BC699C088769781FB512D7327FF700DBD1 ] ESProtectionDriver C:\WINDOWS\system32\drivers\mbae64.sys
19:39:28.0271 0x2234  ESProtectionDriver - ok
19:39:28.0284 0x2234  [ 6A5FA501A2D96001391FF3CBA32935AB, 018DB01ADE957A1A1FF5B168A2EC0EFEF8BFBE036079791FDF0C6AA6C12295BA ] EventSystem     C:\WINDOWS\system32\es.dll
19:39:28.0311 0x2234  EventSystem - ok
19:39:28.0328 0x2234  [ DDA34282ADCD44D120FF98F07D527DD4, 7C88181A63739E2093574B4972E40AB9DCF811580334D439C8AFC0C72E4EE571 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
19:39:28.0350 0x2234  EvtEng - ok
19:39:28.0360 0x2234  [ F1ACA42D448E3986565EA54275EEEA65, C85101D6E7A2204FD73AAACD972F610B6A4BCF7EB7512412FD34660DCB5E8C5C ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
19:39:28.0383 0x2234  exfat - ok
19:39:28.0396 0x2234  [ 0AF4B36754A6EAE794EE4398E219A9E1, A818763D7AE6E7F4BC57294BB4D80FE9E04387BB3EBE8A6088D2AF746FF548A6 ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
19:39:28.0413 0x2234  fastfat - ok
19:39:28.0428 0x2234  [ B1A38C0D977D8738779CA3EFEBDFCA8C, EDD852EF89AFBDDBBBE002E6675EAFCC46742B6136EB22428C84D737C6229FEA ] Fax             C:\WINDOWS\system32\fxssvc.exe
19:39:28.0459 0x2234  Fax - ok
19:39:28.0465 0x2234  [ 7CD8426A33F06EB72BFEC51F7C264AF8, 4FDD5F6A8BDF25D965CE52132DD0EA77D335C1C5F77A7758F3F6E22DFC12BDF5 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
19:39:28.0481 0x2234  fdc - ok
19:39:28.0485 0x2234  [ 21EB16C5DDFBC19DEBE9EEC10EA423FB, 514327DA987793AFE1DFB4F2C0F033C349432E6F1F6AACBAE23E24E63EFA51B9 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
19:39:28.0501 0x2234  fdPHost - ok
19:39:28.0505 0x2234  [ 57F98EFE6CB82AE5400BA99C705AF45C, 7AB83C7AF4CA49BFC2976FB707B251C181279B7E16EBDD43AD0E1A4AB8C4DFC9 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
19:39:28.0522 0x2234  FDResPub - ok
19:39:28.0528 0x2234  [ 02F93E4B9EC2821B6670208044FF5332, 2D947C8AE51E749029B3180751E4486E27A19471A7A98087076103D307B5CE64 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
19:39:28.0548 0x2234  fhsvc - ok
19:39:28.0551 0x2234  [ DE51BBBCF358188F9736F031546F9908, E2B80DF63C039663085FA9D63F3F30736EC20C49BC678CBD7D7C7231107C3635 ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
19:39:28.0568 0x2234  FileCrypt - ok
19:39:28.0573 0x2234  [ 822F664952B0F8D11BB6BD2F11779602, B7E9908A305942194E64E834819186CBBF9DD4469B300DCC8D31E1E5674D6600 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
19:39:28.0585 0x2234  FileInfo - ok
19:39:28.0589 0x2234  [ 5A4935682A0D47A4EAC4BE3C2ACF74D6, 0DCF2E7928D11F49EBF906233894E81CFFE938ADFCA802CE0207CA58B4A02AAD ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
19:39:28.0606 0x2234  Filetrace - ok
19:39:28.0610 0x2234  [ 60641F22D1D38EAD197C25F0339C9712, 110ACEADAE92C384C80356C9DE88E3A94141881E8544DB65736875FFA2716F68 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
19:39:28.0624 0x2234  flpydisk - ok
19:39:28.0636 0x2234  [ D38A250AE8335BC74808897B3C404F4D, 6626EB79A2A936406DEC81318ED2B0E18862277AC30D16F0BD2ACA012516E25B ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
19:39:28.0653 0x2234  FltMgr - ok
19:39:28.0691 0x2234  [ D9E18DDDC08B77E634F2AFEF0CC551FF, 701BFDFAD6E86C48E02612E54F3F8819632FC13526893AD2BBAA51348F5E24FF ] FontCache       C:\WINDOWS\system32\FntCache.dll
19:39:28.0755 0x2234  FontCache - ok
19:39:28.0766 0x2234  [ A7C6894FFF261C0FEFDCB41BE83CF430, C3DB55140E4848873BC0004030933402CD396112C14F432258D875DB1608700E ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:39:28.0775 0x2234  FontCache3.0.0.0 - ok
19:39:28.0793 0x2234  [ 95F8BF9B335A0BE8920BE160F95B2503, 596B02CFF111C2610E73FA2EBDBB7E6C5C190A9DD9E2FE4CAC6ED475691B7A43 ] FrameServer     C:\WINDOWS\system32\FrameServer.dll
19:39:28.0831 0x2234  FrameServer - ok
19:39:28.0836 0x2234  [ 0425D9D2A679060CC9755449779FBA54, F0BFEE92081BDF82AAD58AD1B21659F465DCE6F9F9F16ABBE9A84C17978AA3A0 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
19:39:28.0848 0x2234  FsDepends - ok
19:39:28.0852 0x2234  [ B962036CAADC05E466FEB165E0974587, EAA88EBBAAFF31A5E35B3B23B12E94EE3C659399CDDAADBF4B6146AE091CA5AA ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:39:28.0864 0x2234  Fs_Rec - ok
19:39:28.0884 0x2234  [ 2C8891C306C8F43A273BDB7C490E1C92, DD8D905956652D276796F5638980E3219EF2D8C2B65A8DE537D549BF5C306BE4 ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
19:39:28.0913 0x2234  fvevol - ok
19:39:28.0920 0x2234  [ DFAB4D8FE39C64EAD3A4DCBA25AAFEE0, BABCAE227CD2E87E37C708539C2232251B37F35EFFE2B927914D72517F161E44 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
19:39:28.0935 0x2234  gencounter - ok
19:39:28.0939 0x2234  [ 8B34E3F794F652082D7E8AF112F71681, C6CFA239BDF46827BFC89DC9A9BF45B0EBCE3EF1BB7DCA33980A632E549B37F5 ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
19:39:28.0956 0x2234  genericusbfn - ok
19:39:28.0963 0x2234  [ 127C23F4720C8902A3AB0FEE12205317, E3BF55D81B04572D11B41CDA2DB4509FD252561EB29ED22CC6F616E856E3D86E ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
19:39:28.0977 0x2234  GPIOClx0101 - ok
19:39:29.0003 0x2234  [ 846347C05DBC7C49143D9723EC3714E9, DCC888F1262CA50DA3109D132A9C04F83A961720647E9882D3EFCBF8E3D703B5 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
19:39:29.0052 0x2234  gpsvc - ok
19:39:29.0057 0x2234  [ 582578F031109BE65C15E1D8A45BA547, 4BB1E20A2BDF8F504FF787EF338B6180DD537F53A0DC843B96AEFD8BBE970653 ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
19:39:29.0073 0x2234  GpuEnergyDrv - ok
19:39:29.0081 0x2234  [ 141904F0581468B39B579EA33CA57549, 1D947A6079CED7840B0FF4720C36D873F5A69EA6C94E4C15ADF1A7C0CD0CD0EA ] GraphicsPerfSvc C:\WINDOWS\System32\GraphicsPerfSvc.dll
19:39:29.0099 0x2234  GraphicsPerfSvc - ok
19:39:29.0105 0x2234  [ 2D8BBF6C7241AAD9EDE7708EBB7B43A4, 51AF8150C6CF738AF14F502E6BDAD1035773DD45980770E06393814B75259EF8 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:39:29.0117 0x2234  gupdate - ok
19:39:29.0122 0x2234  [ 2D8BBF6C7241AAD9EDE7708EBB7B43A4, 51AF8150C6CF738AF14F502E6BDAD1035773DD45980770E06393814B75259EF8 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:39:29.0133 0x2234  gupdatem - ok
19:39:29.0138 0x2234  [ 99A34FD1F6431A10D8C3BB50E170D0F2, 14BFF99BBF9ED53D3A157B096CDE0394824260021BA96E1F2C7B1CFB598DD850 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
19:39:29.0155 0x2234  HDAudBus - ok
19:39:29.0159 0x2234  [ 2443FC6EEB9CF092B62127D867901B02, ABD5E907FF066B95C5697C4E470B4EA19976DEC90C8159B963A82EDA218AB114 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
19:39:29.0172 0x2234  HidBatt - ok
19:39:29.0177 0x2234  [ 205043CDC16ADE85E252DD54AE925161, F377F046EFEE53C7786AF15C0BB5BADE36511427575A712B0098A883F3715DB3 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
19:39:29.0197 0x2234  HidBth - ok
19:39:29.0201 0x2234  [ 4A4A22FD851B1764D2A9D8F268A1431B, 36135071DA69CC671FDA16859DB7E11E518BE3E5005E3D619B28D0FCE3C80A34 ] hidemi          C:\WINDOWS\System32\drivers\hidemi.sys
19:39:29.0210 0x2234  hidemi - ok
19:39:29.0216 0x2234  [ B521DDDC9038C066B1B957BF063A531A, C5FE68FB22C28C4D06A0792FD5AC9A1F0EC01EF26E1D37B9DF05F22D8B7DFF8C ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
19:39:29.0233 0x2234  hidi2c - ok
19:39:29.0237 0x2234  [ 5AC0EBFA76E93273A806176D3178E986, 679BFEFF9F4172EBB14A6C2E8381F54FBDC9E8705E8B0F306723DDF48B6E5143 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
19:39:29.0248 0x2234  hidinterrupt - ok
19:39:29.0253 0x2234  [ 366AC0E05EBF5D5C375F65CD8BC7F0DF, A6B751864E33EBB5DE2E09403A8C26E72DD5510F3A380FA502393FC11A14A433 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
19:39:29.0268 0x2234  HidIr - ok
19:39:29.0272 0x2234  [ 75F4CCB7FF03603E91DD0C7FF83DAABF, 10508A6C36163C9D40C16A47AB4CA8C03C89BB7795690818E5C562E3FF828D5B ] hidserv         C:\WINDOWS\system32\hidserv.dll
19:39:29.0291 0x2234  hidserv - ok
19:39:29.0298 0x2234  [ 7CB54D02746024648FCE184FC3F941FF, 6C7B8E6AD3C05D66868D0268C9C8183021AB241E576184FAD0BD50ED4E18E9ED ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
19:39:29.0313 0x2234  HidUsb - ok
19:39:29.0322 0x2234  [ 459EC4290CF0D8269DB28FBFD6284C58, F1C34F11E18F6D48C8378F77DE167AD208E9E7C3022DCA714FF0403AEFF80857 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
19:39:29.0344 0x2234  HomeGroupListener - ok
19:39:29.0357 0x2234  [ 24C900B7296AA9867FB761A5801AFBD1, 4A765E905D0F7C4B450A28FB85F413F4EAD2B53240E804FA531626ABB0518381 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
19:39:29.0384 0x2234  HomeGroupProvider - ok
19:39:29.0390 0x2234  [ E5AEAB81548F0060001938831C6252B4, 0746C990293A7583629883989E97B6C03B6CF017816410750F13CD00570762FA ] hp3ddgsrv       C:\WINDOWS\system32\HP3DDGService.exe
19:39:29.0402 0x2234  hp3ddgsrv - ok
19:39:29.0406 0x2234  [ 8ECD68506AF6E9F3188F1F822F780FDB, 6A3ABF527A9C4495197F22CC7AA0F1483F0D722CA93FB6ADEA835D2AE8FF5EB4 ] hpdskflt        C:\WINDOWS\system32\DRIVERS\hpdskflt.sys
19:39:29.0417 0x2234  hpdskflt - ok
19:39:29.0422 0x2234  [ 835FB95D85D362057A72D21A48C2C7F8, 06A57F9E459E52DAA7B27F232DBC1E0ED0E04759D34AF3E15A645D11DFDD6A58 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
19:39:29.0435 0x2234  HpSAMD - ok
19:39:29.0439 0x2234  [ 5E5445D0A23626EF004479D4370DF13C, B7CE61FA3AA4929F549667FE7581721C039A7393E644C7530D0DFE73A5C32422 ] hpsrv           C:\WINDOWS\system32\Hpservice.exe
19:39:29.0453 0x2234  hpsrv - ok
19:39:29.0462 0x2234  [ 517DF0B5228DBA34D8A81DE3B14F5EBA, 9AB289EB8D128D55D75D66C72F7FE614BF63B33B17003CFC7F03C0C1FDEF078A ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
19:39:29.0479 0x2234  HPSupportSolutionsFrameworkService - ok
19:39:29.0502 0x2234  [ E2F4638649D2157D8A863ADBEF99C2E5, 9EF44666F3CEAC729828F733C816BD72A52C4477A0573AE048392CB2C65B90FD ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
19:39:29.0535 0x2234  HTTP - ok
19:39:29.0541 0x2234  [ 8B8395999252DE3BA4EBC1A5F28827F3, 95B9B330C43438C6203FD08A441C3CC269CFBA812FC804805786F0243BA1949C ] HvHost          C:\WINDOWS\System32\hvhostsvc.dll
19:39:29.0553 0x2234  HvHost - ok
19:39:29.0557 0x2234  [ 71E673C20651C2530A359F0D8B3B3E57, B936598732BEC2D5A4E644F721EF258A754D4D6A5A2C84C96310CFAA21B1B2BC ] hvservice       C:\WINDOWS\system32\drivers\hvservice.sys
19:39:29.0569 0x2234  hvservice - ok
19:39:29.0573 0x2234  [ 3737FE486929AFC48F1D10677B698E52, 9E8792F3A494AE3E7CDA65E93B561B6FFFB9C781606F5863D524DDD24CFEB9C3 ] HwNClx0101      C:\WINDOWS\system32\Drivers\mshwnclx.sys
19:39:29.0590 0x2234  HwNClx0101 - ok
19:39:29.0596 0x2234  [ 3C65EBF7F1BFD98426C355D66876ECEE, CA1DC462C4D96176C81EF3448238B76B4CDA3C521533973B281359D7F436B8A5 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
19:39:29.0605 0x2234  hwpolicy - ok
19:39:29.0609 0x2234  [ E3BDE6C567ED5CD7B15B2E522C120D02, 954EC837636D0F08A3596E4270F37E03C99F8D1A7E80D0D323E0CB793324D776 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
19:39:29.0623 0x2234  hyperkbd - ok
19:39:29.0629 0x2234  [ 1D7BBC4C6F33A4A6189AEA1509615DF9, 66D6E64353CE80949082E594061BCA077849840B175F18F0743285B389F57250 ] HyperVideo      C:\WINDOWS\System32\drivers\HyperVideo.sys
19:39:29.0642 0x2234  HyperVideo - ok
19:39:29.0650 0x2234  [ 56FF074E50F9042FD2856AB3418F4B18, 239C9BF23DE2E36FD7112C425CDF18F29B751D75EF3551AEFB048FAD2B0A55E2 ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
19:39:29.0670 0x2234  i8042prt - ok
19:39:29.0674 0x2234  [ B5EC43755E62591197DE5CBBDAA9FEB7, 1B4E0EAB677B09A050925879ECDA311404270DCF020AAD390692427198C73C9F ] iagpio          C:\WINDOWS\System32\drivers\iagpio.sys
19:39:29.0691 0x2234  iagpio - ok
19:39:29.0698 0x2234  [ D8CA23F9C5FEF44296FDE1E005C06EC0, 0D7B03EF9E19B9B2A28C3318560488B3F9573CF364A533A9B4A2CD0A7FFA4F84 ] iai2c           C:\WINDOWS\System32\drivers\iai2c.sys
19:39:29.0713 0x2234  iai2c - ok
19:39:29.0719 0x2234  [ 7B769C9D19C013F94874C4B15D59A005, 53A15F0480AEC43B5A01CFB17360188885B6ECBFFF6E566D27E5B6D4C7737243 ] iaLPSS2i_GPIO2  C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
19:39:29.0734 0x2234  iaLPSS2i_GPIO2 - ok
19:39:29.0739 0x2234  [ E0F1B3A2A70FABE3BE1C9140BB55E607, 34E5B055619F3A26B7BB6054EA49D40B7D6DAFE234F57F358FE7C8EE83E10618 ] iaLPSS2i_GPIO2_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys
19:39:29.0754 0x2234  iaLPSS2i_GPIO2_BXT_P - ok
19:39:29.0760 0x2234  [ 89A869BCC0588A3009ECB875B09ECD39, 5ECC2C6E661B326511682D8EA1C82F942C63835890687285FEF455C5C9DC2476 ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
19:39:29.0779 0x2234  iaLPSS2i_I2C - ok
19:39:29.0786 0x2234  [ 2E693DF3C02A0859DB8DE25772751100, 3EFFDA44B247E04258429ADC85E88E23F926FD487A3A85BF879E6E5802197B3F ] iaLPSS2i_I2C_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys
19:39:29.0805 0x2234  iaLPSS2i_I2C_BXT_P - ok
19:39:29.0810 0x2234  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
19:39:29.0820 0x2234  iaLPSSi_GPIO - ok
19:39:29.0825 0x2234  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
19:39:29.0847 0x2234  iaLPSSi_I2C - ok
19:39:29.0874 0x2234  [ 0609694A9C4D6C71319732FA82C6E5C5, 5507D20AB9C86B11564C953C6F535976A0D201295C642EA0CABF435DAD908251 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
19:39:29.0910 0x2234  iaStorA - ok
19:39:29.0934 0x2234  [ 435883A27A376B125BD4DF888417C85F, 091F9285FCF1D5605D03CB68C062A2DE6FF2D705FF43E983A8A7B5DFA0872A96 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
19:39:29.0958 0x2234  iaStorAV - ok
19:39:29.0965 0x2234  [ E091D765D9292E56C493D609A53C38DF, 4CC5B97F3CCA51BB803D199936B3C5E9754E0639BDE8CC6480E2874BAF84A925 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
19:39:29.0974 0x2234  IAStorDataMgrSvc - ok
19:39:29.0987 0x2234  [ 7118E4390C4ACDE61E280CE52BCAF44E, 11123C1555344A191283187BF1F4A8D731E29EE27C7A7A7916873E8D2E95D978 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
19:39:30.0006 0x2234  iaStorV - ok
19:39:30.0020 0x2234  [ 9DBE8C359ABACE1BE1BBAB687D114506, D2E5CB2BFC42627C1BB38A68F925DD534AEFFF9354AFD184005EC338E8E6B232 ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
19:39:30.0041 0x2234  ibbus - ok
19:39:30.0047 0x2234  ibtsiva - ok
19:39:30.0053 0x2234  [ 1606B6C6CFC27C75381B7DF7460A43C6, 9D221D70191F0D17DF614B3A12C4DE5DDF1966FA8B6A49651CEA9CADBF696E41 ] ibtusb          C:\WINDOWS\system32\DRIVERS\ibtusb.sys
19:39:30.0065 0x2234  ibtusb - ok
19:39:30.0072 0x2234  [ 0CF99D60588AF7F198C135BABCA287F2, C72235865426659957909E8465B7D208EB5CAA21B529F07BB055D33028326D9C ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
19:39:30.0092 0x2234  icssvc - ok
19:39:30.0296 0x2234  [ A0FF4D57C13ECD0745BD840C37ABD4C0, 83723E896FF58616C7A0AB7A35BBACC912E4E322D7FA657A3C38FC41728C140F ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
19:39:30.0513 0x2234  igfx - ok
19:39:30.0543 0x2234  [ 70F2F68DB668251F00FF7F44E83A8D29, A6A40123B2FE3FA8D877D6F0E2B77209219186D7A469877F9940C7C41211B38F ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
19:39:30.0560 0x2234  igfxCUIService2.0.0.0 - ok
19:39:30.0583 0x2234  [ 4D8123F7262C87B3CAE5A62AF74F7939, 8F003562F50218307ECC48A7BF43BE1DA88352D2749902A029081804B71C85DB ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
19:39:30.0623 0x2234  IKEEXT - ok
19:39:30.0635 0x2234  [ 42CAF6216A6E516DC56BA319ACC7EEC5, DF60FF41F06D1101E4A81F7416DB5A34D7BA885CBA874BC15AD43FB4080F2958 ] IndirectKmd     C:\WINDOWS\System32\drivers\IndirectKmd.sys
19:39:30.0652 0x2234  IndirectKmd - ok
19:39:30.0680 0x2234  [ 02D6C68057FDED7E08FD3CAEE564B6C8, 8DF7C7D6C5970DE16ABE32FAFEDEB467A243283C227FAFF25D7258875A2F459C ] InstallService  C:\WINDOWS\system32\InstallService.dll
19:39:30.0725 0x2234  InstallService - ok
19:39:30.0740 0x2234  [ C1129E1C1E8747444C32F9070A1F3C95, 2AE0130F202EBE57B05721A8F65816A59517DB6E5AB8BC64E27E6EF3AC9A6946 ] IntcAudioBus    C:\WINDOWS\System32\drivers\IntcAudioBus.sys
19:39:30.0754 0x2234  IntcAudioBus - ok
19:39:30.0772 0x2234  [ EE79946320DA8E6222F39C0775E32E4D, 6FF66D2DFF558FC35DECE77C94AF9031635F1C793B05F204AA31AAE3C26407B8 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
19:39:30.0798 0x2234  IntcDAud - ok
19:39:30.0816 0x2234  [ EEE4AB06BE1AF0651D566361D5AC8293, 75FAEC3ED94F059338B593BBF7BD926638151D850E6352F15DFF422C73199331 ] IntcOED         C:\WINDOWS\System32\drivers\IntcOED.sys
19:39:30.0841 0x2234  IntcOED - ok
19:39:30.0867 0x2234  [ B63CF22D1AD2ABDC39D85851B2BEAA6D, 37E9043BABB5895BFD2B59AFB60C438B992C6EAA1B5FDE5B3445314343F4C406 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
19:39:30.0890 0x2234  Intel(R) Capability Licensing Service TCP IP Interface - ok
19:39:30.0903 0x2234  [ 252D2362BEADF2045A8660AD08BDD21A, 848527FE8E85A2D333072470D1833F53DE7984D1DB7A873F3F9BEB1E1588AD2C ] Intel(R) Security Assist C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
19:39:30.0922 0x2234  Intel(R) Security Assist - detected UnsignedFile.Multi.Generic ( 1 )
19:39:31.0086 0x2234  Detect skipped due to KSN trusted
19:39:31.0086 0x2234  Intel(R) Security Assist - ok
19:39:31.0094 0x2234  [ 40943C1CD031ACE06A8374AD56B9E5EA, 05E5AD4330F272C421A8726E9E6555115D8717DC5AFDE3CC1DB53A3D7518BF62 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
19:39:31.0105 0x2234  intelide - ok
19:39:31.0111 0x2234  [ 327D9CCF5492543AEF3979F9EEAD02BE, 1C6CD9ECB785D022A38DF683FACCA737469BF72E42365CD6DB8C2675F2ED1F1C ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
19:39:31.0123 0x2234  intelpep - ok
19:39:31.0132 0x2234  [ 7344528DFD4484CF86F36E24E7CB59B1, 821947C152E7A2B4782199E033EAEE8D3F43A5EC4CC369334A6C0793C62DA069 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
19:39:31.0150 0x2234  intelppm - ok
19:39:31.0154 0x2234  [ 8387E90B551B9B7F32EDC69909591E9E, 7086B6F2B728D7C46F0A1E7E4F81B3D33C25BD5F8A2A4ECEBA55F8C68F164500 ] invdimm         C:\WINDOWS\System32\drivers\invdimm.sys
19:39:31.0171 0x2234  invdimm - ok
19:39:31.0175 0x2234  [ E207078E0E1BB3524277DB9077E4148E, 309320950095AF83DCBE08BFDD4BFE4EBADBF48CA255871A6B37BAAA7B4A5B38 ] iorate          C:\WINDOWS\system32\drivers\iorate.sys
19:39:31.0187 0x2234  iorate - ok
19:39:31.0192 0x2234  [ FD8F64B7B345E539F2EA7F72846F83B4, 95F232BC2454D68F1A154C9BD8FCCF60D36F5424B798661D6F1DD8E052ED0D04 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:39:31.0210 0x2234  IpFilterDriver - ok
19:39:31.0231 0x2234  [ 1C5867DC4091C2E23329AB984BF95604, 56FA9888A7A969539833644AD50730BBA5E770AC6097AFB490E34196596C55E0 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
19:39:31.0269 0x2234  iphlpsvc - ok
19:39:31.0279 0x2234  [ 8AAB863E72A4F9C578FED2EE3541545B, B3278B790DF9F77F8FDDBECAD22E0D2E080D74B8E61EFF112055478B3B0B2329 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
19:39:31.0289 0x2234  IPMIDRV - ok
19:39:31.0298 0x2234  [ 7BEC2AF23F586EFF0DB4DBF4331B0C70, D02506CAB19AD1D3ABBB35FCC569ED613EB9D6828E9BC0389EC8A8DFC548334B ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
19:39:31.0320 0x2234  IPNAT - ok
19:39:31.0324 0x2234  [ 35A54F19E703D4FE5919F812F6CC5D0A, B0AC1C97D115F57390BD2B4F9114429CF1729EB8D658B3EAEC8ECF28A24369F7 ] IPT             C:\WINDOWS\System32\drivers\ipt.sys
19:39:31.0339 0x2234  IPT - ok
19:39:31.0345 0x2234  [ F6C47021C41F721B628161B64D7DECB9, 625227F18518098C00AF2C6F4EE5D96711D26080459AD2C9F7CF2A5778DEF191 ] IpxlatCfgSvc    C:\WINDOWS\System32\IpxlatCfg.dll
19:39:31.0364 0x2234  IpxlatCfgSvc - ok
19:39:31.0370 0x2234  [ BF933330256DEDAFA939BEBC46D060C7, F9B47A83945DF2A043384626A2EB47AE9F915048636334D9768A0B4901C84E08 ] irda            C:\WINDOWS\system32\drivers\irda.sys
19:39:31.0387 0x2234  irda - ok
19:39:31.0392 0x2234  [ F88664A2A82DDA456180FFF95A771765, 004BBC715FE6EC0D4D2CAE978EA64C6CEA130EE10C356B7FACF0C98B51E8AECB ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
19:39:31.0409 0x2234  IRENUM - ok
19:39:31.0416 0x2234  [ 4F500A0171606B0E37964694140FCA16, 6E29A7348395EE3EB85E2BA97E581FBF605CE1BA4651F5848976AD293CC797E3 ] irmon           C:\WINDOWS\System32\irmon.dll
19:39:31.0432 0x2234  irmon - ok
19:39:31.0436 0x2234  [ B4174F9A73B9263B5B5C0DD8A00DE87D, 390C4848F22CC8049473CC76A2FF4BF2A3C870E075413236D6A30B204FBD7D53 ] isaHelperSvc    C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
19:39:31.0442 0x2234  isaHelperSvc - detected UnsignedFile.Multi.Generic ( 1 )
19:39:31.0602 0x2234  Detect skipped due to KSN trusted
19:39:31.0602 0x2234  isaHelperSvc - ok
19:39:31.0610 0x2234  [ A3B7A93F32E110949CA01DDE7C6B991B, 5F38B882DBAB4BDFCAB289721D6D5A0D85675BA580AC96FB74ED826A4800C998 ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
19:39:31.0622 0x2234  isapnp - ok
19:39:31.0632 0x2234  [ 68B971E7200EC9013BF90BC72B66110A, CC2324A16B5C39A2431D9B26B40881496338F7D7D532510CCA94452F19A990C8 ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
19:39:31.0647 0x2234  iScsiPrt - ok
19:39:31.0655 0x2234  [ 0D77396A923B08754208622B044EE597, 27503A57C452C01F335C06A30EDBBBCBA69A95E2BE7E3BE111F9D71013B3BDA4 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
19:39:31.0668 0x2234  jhi_service - ok
19:39:31.0675 0x2234  [ E320F986BBE0CD9324EA0A193EBF29B1, 9B4C7F1493377CE532361F88A0C88798F24E7EFB093DA2F0A6CB1575B9E3535C ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
19:39:31.0687 0x2234  kbdclass - ok
19:39:31.0692 0x2234  [ AFF5DDCC1A79217C9526FF5E01A69E89, 2BCD49DD8DD977B97521465B981332CA8FA8D16AB45B45993C87647FA3E9DAF0 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
19:39:31.0711 0x2234  kbdhid - ok
19:39:31.0715 0x2234  [ 916E62AF3386F7A74603E5C545F6FF2D, C5CA784F60B8CA3DE0672A816DCE14F1AD6B6783A5E6B556ED7C91337F65144F ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
19:39:31.0732 0x2234  kdnic - ok
19:39:31.0737 0x2234  [ 94E06D509D50807774F35BEE3163E806, ADADFA0D533944579BA0E5FE31A68D4D1395E7B9DB75E58D47E0ADC0DA5AD16C ] KeyIso          C:\WINDOWS\system32\lsass.exe
19:39:31.0750 0x2234  KeyIso - ok
19:39:31.0755 0x2234  [ BE46CEF0F176D215B3FDF1C664B3D6A7, 4989CE6CC5803A1E26AC197CDA234B91BC3A33E5C456E2FCE6E7744000BF0987 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
19:39:31.0770 0x2234  KSecDD - ok
19:39:31.0778 0x2234  [ 5F0A90AC0AA8C772B20AD71B87422838, 176F7C6E322098DF5033CFF0BAA267BA9D7AF7E635F3D28BC0E5F11DFECD8015 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
19:39:31.0790 0x2234  KSecPkg - ok
19:39:31.0798 0x2234  [ DD8C4726127CFE313233372D70787C37, 2420616FEEFC08A3F47420193A3A592D4AC5D2C817D27E5B7E4FD64153751AFB ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
19:39:31.0814 0x2234  ksthunk - ok
19:39:31.0826 0x2234  [ 6EAF246BC12DB548AC65A4CEFB14B547, F1487051FE459DB5A751DA2A6FF1E552F92226933AF8C037FA7D660B049896A3 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
19:39:31.0853 0x2234  KtmRm - ok
19:39:31.0862 0x2234  [ 2EC02DFC530560D0C01C7428E4CC9D27, 74EABA6EEEE771F19D75D9B64972B94C5308EEA5D51C0C2DB360570F1CB36F69 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
19:39:31.0884 0x2234  LanmanServer - ok
19:39:31.0892 0x2234  [ F8097F90811E9BB10F5B96262399F3C7, 1BDFB850ACE73E8882BBC3B18A5A7BCEE68696917D8462A159CE2763133DC516 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
19:39:31.0922 0x2234  LanmanWorkstation - ok
19:39:31.0930 0x2234  [ D81931EF9914A135F9ECF409DC826266, 8BA15C12B374DE555CB7D3CDFDDC42FE583625A9C29BCCDDEB432223E4DEEB2D ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
19:39:31.0950 0x2234  lfsvc - ok
19:39:31.0955 0x2234  [ 6A361ED0DE59D58CC633F7BB40AB950D, AF5315AFAAE41AAB55BB7243FD9EA2949C7F114C0ED24073751733B5A11142BA ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
19:39:31.0972 0x2234  LicenseManager - ok
19:39:31.0976 0x2234  [ 56B6326B15A14043C82ED9EA3B817E2C, F3F99397B12529FAF4B77E11A3279B882F9BF986D0DDB3F1847B8EE96C6E40FF ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
19:39:31.0991 0x2234  lltdio - ok
19:39:32.0002 0x2234  [ 48199253D7F6119F88294F8845F0808D, 85C014250C14425BEFF2D8B2CCF6A29D9A5DA329ECD00F1E6D4F8DB809194FAC ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
19:39:32.0026 0x2234  lltdsvc - ok
19:39:32.0033 0x2234  [ DCF6F1AA7A51CC08FED089363F83316E, C80FB26A6172510F3AD5E4D636AA49AD5D931FB47BECD9E8507F781D88917710 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
19:39:32.0049 0x2234  lmhosts - ok
19:39:32.0058 0x2234  [ A67ADE6FC8203E1CDF74482F6C078E2F, 7919D8C45DD55D9EFD7779AA934B498F5AFE908DD35F572A7F82E25536BD34C3 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:39:32.0074 0x2234  LMS - ok
19:39:32.0084 0x2234  [ 20048BEE892138A745B1C23EBB0E069F, B526035CE839BADA6ABC0A0CBFFDFA5267F4EB668AE201871E61E0011518843E ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
19:39:32.0097 0x2234  LSI_SAS - ok
19:39:32.0102 0x2234  [ 9EAB16572B576979D585DDEDB12417CD, 97C37DFEA309E27E4AC50D1F4C7C3D1FB9661E0DEBB442D620D8E460F9FC9966 ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
19:39:32.0114 0x2234  LSI_SAS2i - ok
19:39:32.0119 0x2234  [ 3B7B359C0870317106DF3438D4FF491D, 5EDF767D79EF49210DD3BCC00D7629600DD522B29A2B9A9D7805076ECDCBFD1D ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
19:39:32.0131 0x2234  LSI_SAS3i - ok
19:39:32.0137 0x2234  [ 2DE03BA338A4B0ACDB416A30F1C7D56F, CF2218EA8C67CC13893B286B0904F28FBFE5AA818CC3AD1C77120B7B6E80031F ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
19:39:32.0150 0x2234  LSI_SSS - ok
19:39:32.0167 0x2234  [ A4ADC59A58724CDA67A7AB93457EEE43, C5CEFD57A31A7C377ACF3F5A071646DA358079F9BEB602B96C14392FC2D57539 ] LSM             C:\WINDOWS\System32\lsm.dll
19:39:32.0202 0x2234  LSM - ok
19:39:32.0211 0x2234  [ 9A497169E145FCE2D8AA7DBC67377F64, 3FA4CE7455ACBB32DECA8BC7EAD0EC1A0E123CBCBF8781FBB16453455AB9F0FE ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
19:39:32.0228 0x2234  luafv - ok
19:39:32.0233 0x2234  [ 3520DE00ABC5EFF0DBAFD41129AD970F, 821F9D9AAA6D8B08BEBFB76DAE5A8CCFB598789510A93D3DD4F149A39EE5D6B5 ] MapsBroker      C:\WINDOWS\System32\moshost.dll
19:39:32.0250 0x2234  MapsBroker - ok
19:39:32.0264 0x2234  [ BF56CB9D02DEE8CA9CBA50220BE16F15, C6380ED59AD7B9CC9451A24808E193454CF15D90A2C1DAF22FBD3380B150F96F ] mausbhost       C:\WINDOWS\System32\drivers\mausbhost.sys
19:39:32.0285 0x2234  mausbhost - ok
19:39:32.0290 0x2234  [ 01BDEE1FFF6D2216797DFEE4ABD937D9, ED247E6F87ECA39A7D479CA7E386D85CE8B2978164E4E9876196176F393E1235 ] mausbip         C:\WINDOWS\System32\drivers\mausbip.sys
19:39:32.0301 0x2234  mausbip - ok
19:39:32.0308 0x2234  [ A276E01963EB0D8685AE56C40FFC0E86, 10DC7B634D91AD8E0678559E23CB86451085BFDF53166DB06CA35F6B8893FC51 ] MBAMChameleon   C:\WINDOWS\System32\Drivers\MbamChameleon.sys
19:39:32.0320 0x2234  MBAMChameleon - ok
19:39:32.0327 0x2234  [ 556F12926B94D36821D4ABFC6F02EB1D, 514C3EC048024220B4B37E46C57DAEC7BE8AD94E7C53206677DE77A736AC46C8 ] MBAMFarflt      C:\WINDOWS\system32\DRIVERS\farflt.sys
19:39:32.0336 0x2234  MBAMFarflt - ok
19:39:32.0341 0x2234  [ 84DED95846466C5BB53407288B074F52, 27FEE2C428EC184FF22229394DC328BC9E2AA41B3C08005AFC3C1158C107D322 ] MBAMProtection  C:\WINDOWS\system32\DRIVERS\mbam.sys
19:39:32.0351 0x2234  MBAMProtection - ok
19:39:32.0457 0x2234  [ 96FA5B38DD94C8D49289CE75150D97C3, 31D2435E026B0425D47B479E7E58CAF7BEF5C2D23F9D164A59FF2BF27D49489F ] MBAMService     C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
19:39:32.0571 0x2234  MBAMService - ok
19:39:32.0591 0x2234  [ 351BF8F77B0A15A7B5A2AE098C52A387, A84330DF5C4F0E5D6251D311B5DC78722D7724E87DAF5DE5A11EB73BB3502E26 ] MBAMSwissArmy   C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
19:39:32.0604 0x2234  MBAMSwissArmy - ok
19:39:32.0612 0x2234  [ AAEEB331DDE8596F4522316E4420ACB6, 4C404123312EE3F9795F57C4A42E2E203A16E04D577C75EFE095C9284D3EFB31 ] MBAMWebProtection C:\WINDOWS\system32\DRIVERS\mwac.sys
19:39:32.0622 0x2234  MBAMWebProtection - ok
19:39:32.0626 0x2234  [ 56A0A21000EBEE7E7283929B6B4BA479, 80481A97DB0E3FAF957DF12BC657EA4E01B95B37F8EFB24C23B09AC8ED8AD45C ] mchpemi         C:\WINDOWS\System32\drivers\mchpemi.sys
19:39:32.0635 0x2234  mchpemi - ok
19:39:32.0639 0x2234  [ C7B8B5053D646CBD30BE1BA6B487D396, E3864D4CE619D67E284C64A4EAA8843FB49BC2B8CC8659F4C4B89DB6701468CB ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
19:39:32.0652 0x2234  megasas - ok
19:39:32.0656 0x2234  [ EB8ED3204499DDB2D3BA094A4563EE3E, A5D0095D575B241CA66CAD86280170803E7042F51D3654FCB03D7EA2347E261B ] megasas2i       C:\WINDOWS\system32\drivers\MegaSas2i.sys
19:39:32.0668 0x2234  megasas2i - ok
19:39:32.0684 0x2234  [ F1C1D4E752DE1D58295040E5BE8813AF, 4DE17C5FCE63AFD545B16FA16A38F7395F29155FE165E7B21BC028CCD2A4B18E ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
19:39:32.0705 0x2234  megasr - ok
19:39:32.0714 0x2234  [ 86F565B0D41EBCCE7256B812F3A0442B, BACB5753D4501679B0C3D5D6B2D2D5233EC6B5BF76D0C2BD616EC460D5B9918F ] MEIx64          C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
19:39:32.0726 0x2234  MEIx64 - ok
19:39:32.0732 0x2234  [ 4965456A1B4B3039E4B9AB233F5E9B1E, 3C303FE2BF9B38D73D005EA673C9500731125D793F4C77130F9BA8D745579591 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
19:39:32.0748 0x2234  MessagingService - ok
19:39:32.0769 0x2234  [ 16B078D1089FEA98710C9D07C152DCEE, A42C28E12F1BB21E907C1308447AD63DDF8FA5B2734A199A6EBE3824F3D1235C ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
19:39:32.0798 0x2234  mlx4_bus - ok
19:39:32.0802 0x2234  [ 20C57CE47B1A877C48A4B68E9A4E21FA, 35F98286F0665C5E06914F04F174476FBB41823564EDC55E351FCE211E2C765F ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
19:39:32.0818 0x2234  MMCSS - ok
19:39:32.0823 0x2234  [ A4467A5C080318F0CCCF5ED463821F8B, C8ECD63245B19807BAA92C3F3F87643A2F6B178395ABB15BD54D9DE68CC1A09B ] Modem           C:\WINDOWS\system32\drivers\modem.sys
19:39:32.0840 0x2234  Modem - ok
19:39:32.0844 0x2234  MongoDB - ok
19:39:32.0851 0x2234  [ 78BE85C1F1C7F3AF6C87BCE127007D5A, 5D5229FBCDC855BFF9BA3247BF4EF8E22764CFC1EC974FD5AB2D9E6293EF15A1 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
19:39:32.0867 0x2234  monitor - ok
19:39:32.0872 0x2234  [ 8E262B34A8BD184B4B3025AA8C396B00, B48AB637A92894318DC0A33CE55519D8FBD7B31177FA3C4CA33D8609D4FC0058 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
19:39:32.0885 0x2234  mouclass - ok
19:39:32.0889 0x2234  [ C094A555F148495EA130D3BBC5232D5E, 32E823C20FED94DB23F72F67DF1A2C043CA6179A543F3BD24FCB5500BA00A37C ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
19:39:32.0910 0x2234  mouhid - ok
19:39:32.0918 0x2234  [ 8209AC7D3F8AF41E3A14D022CD1F2040, D5B325AB8E7B354BCA3550ACD03FF5AC27B5C04A1D10C9FA4686EEA34D7293FE ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
19:39:32.0930 0x2234  mountmgr - ok
19:39:32.0937 0x2234  [ 9ED85AE9682DE81A22B3FDA490766303, D5998EC9F47F805B70E1667CAF1D52210F7DA565BF944411E455C0AA2F83147F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:39:32.0949 0x2234  MozillaMaintenance - ok
19:39:32.0954 0x2234  [ F36E4074C66DD31855A8D79EF0AE8066, 01C01B3EAEFADBCDACA5BE7CB2AA199667786C1AD637CF6792BF715242BEFEAD ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
19:39:32.0972 0x2234  mpsdrv - ok
19:39:32.0993 0x2234  [ 4ABF7D7C44354807174EC36965B49C76, 3F57C8794F2CBFFE098B614418BBA8FC051E8DD798313228B4E03E101FCD9791 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
19:39:33.0036 0x2234  MpsSvc - ok
19:39:33.0050 0x2234  [ 215D672CB71987CD98EB2298EFB84DDC, 7E23C36DBB7C80556560E1DECE5E8F5D3D422F3D1FFE9CEA511A0BCD9D69D304 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
19:39:33.0070 0x2234  MRxDAV - ok
19:39:33.0083 0x2234  [ 71729B1EE949E1B092CB5CB75CC63715, BEA57BD3C2BEF261021DE706E67FF2836F52A7B21B2B3B2F0F5D76D20685614F ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:39:33.0102 0x2234  mrxsmb - ok
19:39:33.0111 0x2234  [ 87FF93E7420C9068C0D5B2F3109809F4, E07BF924C0D57EDA6193D8FD149EBD8FD8CB0C9375AC7998517AD0804FBBCA23 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
19:39:33.0124 0x2234  mrxsmb20 - ok
19:39:33.0132 0x2234  [ 167408B38458ECAE545C57527BC99024, CB699B6C6F5B6DCDE85F8F0E40DD31B8066600A0833E5CD99ADE31DEC516B34F ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
19:39:33.0150 0x2234  MsBridge - ok
19:39:33.0156 0x2234  [ D5778559A0F34EE0BF0457293C6B5F4F, 73C0829F641F62CBFC0523ED54D94121E3A694ECCF148DBF4A5743631BADB714 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
19:39:33.0177 0x2234  MSDTC - ok
19:39:33.0185 0x2234  [ DC23D3D24C64BF3A314E34887AD86732, 5CF60E096CF13976759CBBBAEA1DBBE189A77843C6B32828C77F7BFB6506CCAD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
19:39:33.0199 0x2234  Msfs - ok
19:39:33.0203 0x2234  [ 6DDDFCAB646BBBCFC583135C4430E10F, 5EFD3F4F84EBEEC58914D5CC89622D69F2DBDFB7EB9AD8D9A0868127187FD673 ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
19:39:33.0215 0x2234  msgpiowin32 - ok
19:39:33.0218 0x2234  [ 01C6A86BEA8279E557A5056148F068BF, 42983A61654F51515AC6DD64A68D319883FD02B3EC575F7EA7A907576866F0AF ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
19:39:33.0234 0x2234  mshidkmdf - ok
19:39:33.0238 0x2234  [ F65ABC7DE945047147F17330F79732CB, 050C64D7284D767C951E94EFBA579D0E066C36CA1899A2C64CEA41A34B8E9EF2 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
19:39:33.0253 0x2234  mshidumdf - ok
19:39:33.0257 0x2234  [ 05B23012427801E710BDD12720B9020B, 48FB22CFDF61AAE4221B3B23E539C08083289FB0CB5ABF249700DDF968C7250A ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
19:39:33.0268 0x2234  msisadrv - ok
19:39:33.0275 0x2234  [ 21B88DF67507BD4DFF8A5487074BB31F, 5F2E1FB6227873DCA97D1BE6271E900AFA6BCE54D765C9BDBA07B74FC87B147B ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
19:39:33.0297 0x2234  MSiSCSI - ok
19:39:33.0300 0x2234  msiserver - ok
19:39:33.0304 0x2234  [ 021C34C1968B78ACFBF30553EE78A1D3, 035C8D6F06A3697F0A902FB14F10091D026DB0A7492FAECD12D5A7F683C48A20 ] MSKSSRV         C:\WINDOWS\System32\drivers\MSKSSRV.sys
19:39:33.0320 0x2234  MSKSSRV - ok
19:39:33.0325 0x2234  [ C3F5EA6B9041A30B4F11BE2E7863E487, 07324A9D81D30A173D3F369AA1A304AD7713C7CCF9909C6427718F0F90CE49C9 ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
19:39:33.0341 0x2234  MsLldp - ok
19:39:33.0348 0x2234  [ 601D666820F0408B896791D19BE6D258, DD6BA3962A6D387D9F06B6D7006DBB2BF46D84A8FA91C628DA9D96117F14F4F0 ] MSPCLOCK        C:\WINDOWS\System32\drivers\MSPCLOCK.sys
19:39:33.0364 0x2234  MSPCLOCK - ok
19:39:33.0369 0x2234  [ 46E61FBA0097E48E5628C74A3F72233A, 21BD64041781085A7873ADA34C3648FBBBED386A071C69F21D98F2A0C3120DC6 ] MSPQM           C:\WINDOWS\System32\drivers\MSPQM.sys
19:39:33.0384 0x2234  MSPQM - ok
19:39:33.0395 0x2234  [ 3B6127DB162A2B1B0DA2F35BA77F12F1, 76465FB9A18538FBF8A62D317ACEE93AA5DF2B4D84E74A2AB3FFEE5C94F7992B ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
19:39:33.0412 0x2234  MsRPC - ok
19:39:33.0423 0x2234  [ 29DC5DFDF305E73A40AB13D102736EEA, 3F17F1841E5BD266962D106342CE811497E46C3EBCD9A6CDF5B4FB4B8D64DE21 ] MsSecFlt        C:\WINDOWS\system32\drivers\mssecflt.sys
19:39:33.0439 0x2234  MsSecFlt - ok
19:39:33.0444 0x2234  [ CBD56E0B55FB3672BA80382EC2F8835C, 1956E9B20A363B715C2111138D2085AA28FEDA7A82228CB4D8CE7ACC578E4DDB ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
19:39:33.0454 0x2234  mssmbios - ok
19:39:33.0458 0x2234  [ 5734B2A36D3BB13A638E5305EEEC582D, 613D559ED892EC4ABDF80F2435892895677F97902E699BE30283C150ABA49877 ] MSTEE           C:\WINDOWS\System32\drivers\MSTEE.sys
19:39:33.0475 0x2234  MSTEE - ok
19:39:33.0481 0x2234  [ 85270E0DC6907C6B99F72A36F17AED34, 58C0BBF9CC9E42266C8AF9AB9FEC77442F96C7C6D0DFCFAAB763DAD30B1B7939 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
19:39:33.0496 0x2234  MTConfig - ok
19:39:33.0501 0x2234  [ DD673D9422457EFCCDEE45C73C0DF241, 7FDE57422416F4339344F765A1A4A9D1D59D66D74121F6082ECA562F91E71445 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
19:39:33.0514 0x2234  Mup - ok
19:39:33.0519 0x2234  [ 3C57FF3BCF496D24C39C2198158864BB, 8671DF39AE5DD83033EC70BF8A502ED027B33B90FFC28AC2C79EC8F2F9128C14 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
19:39:33.0531 0x2234  mvumis - ok
19:39:33.0537 0x2234  [ E0C3F5D83B8C78CFB58CB858573141C3, C8378584FD478CB00CE833DB257AAE7226064343E2DFB9453BF0270626022357 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
19:39:33.0550 0x2234  MyWiFiDHCPDNS - ok
19:39:33.0566 0x2234  [ FD916B66910494DFF70C944FC38A2623, 134E9309DA253E5512F8EFE525ECB701E82CB64003DD8DC20E8395A29BDC9324 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
19:39:33.0595 0x2234  NativeWifiP - ok
19:39:33.0614 0x2234  [ 870B3D0E1A8F6F01356BD75F2E47E0C1, 88EC0AA1144F1523B7DDD6BCAF8771CB246153B14E950AA6F4859FB8287D6634 ] NaturalAuthentication C:\WINDOWS\System32\NaturalAuth.dll
19:39:33.0648 0x2234  NaturalAuthentication - ok
19:39:33.0655 0x2234  [ FBA9F5B9F59A665F248F70B905EDCE14, D2C1795192809F6413E080A9ADC949A4D99D0FC6BE668870127161474FF40596 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
19:39:33.0679 0x2234  NcaSvc - ok
19:39:33.0689 0x2234  [ 2A265F3FE5F77F22CEA9D2785E0399C1, 24FF1D06A2A05DC7A2D7552E0B45CF6F689A4FC9A135474B587FA7649BCFED3D ] NcbService      C:\WINDOWS\System32\ncbservice.dll
19:39:33.0714 0x2234  NcbService - ok
19:39:33.0720 0x2234  [ 3C7E074AE41D8DFB41A9E65904D8BF43, 34890591FDCEC035D3BB021DB035A4728C415A70F55D88F21E39073040C912AB ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
19:39:33.0738 0x2234  NcdAutoSetup - ok
19:39:33.0743 0x2234  [ 77B047B109CE758A017F58FAE5038D0D, 8E9E4ED5128C506B696FD5F0E8AD0D11FF53B5DD2F88860FF8F60307A7E08DEA ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
19:39:33.0755 0x2234  ndfltr - ok
19:39:33.0782 0x2234  [ 25D126EFFEC0B117DA4C81F7AE6C99FC, 86B7472B4C4B7564FD921FD48125D3692249B269BEE0DEF55097123309EF2306 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
19:39:33.0818 0x2234  NDIS - ok
19:39:33.0829 0x2234  [ 067AE5BA349CC35AF8975D22DC483DDF, FEC185ECDA27041506DF74528AA65B32FEBB06E32A55C8F7BA161A755C6659CF ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
19:39:33.0846 0x2234  NdisCap - ok
19:39:33.0852 0x2234  [ 6FC4D7EB5D38CFB7966405036116F065, B3E9083ABE7AD797FA54FB1308AA57D49C9B7BA662B09607666B23777F6167C8 ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
19:39:33.0871 0x2234  NdisImPlatform - ok
19:39:33.0875 0x2234  [ ED7CC4E16B76B2603C9F827188EA63B4, A6E739D219F50866051A08867844BDA878D6FEA33E91DEAC1948A55CDC5BEB9F ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:39:33.0896 0x2234  NdisTapi - ok
19:39:33.0901 0x2234  [ E9676E94DEA144259344A15D68785B17, 8FFF34D44E4E7E2EBE9C9337BA8E713ACD6344551C709A5537900290C51B66B3 ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
19:39:33.0922 0x2234  Ndisuio - ok
19:39:33.0928 0x2234  [ DC1D26D62F40B7552BCF49D92774F0C5, 3DD7CE2AD578101EFF8C1448800A1317F01893AF6E559C4DCCD9F6ACE4B027E4 ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
19:39:33.0945 0x2234  NdisVirtualBus - ok
19:39:33.0952 0x2234  [ 66F56AC744101DB870934D0EB31C2426, 932013EE8542E6770657A904B09E2BD2052E8C04216289EB5F011770A46CA6F9 ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
19:39:33.0975 0x2234  NdisWan - ok
19:39:33.0983 0x2234  [ 66F56AC744101DB870934D0EB31C2426, 932013EE8542E6770657A904B09E2BD2052E8C04216289EB5F011770A46CA6F9 ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:39:34.0006 0x2234  ndiswanlegacy - ok
19:39:34.0013 0x2234  [ 8ABF5B8D5839F8DAE2E0D3165AE732F6, CD382FFF8A71FD85B92EEE76647481AC45BD2A5815C012520A89A18EEE6E01AC ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
19:39:34.0030 0x2234  ndproxy - ok
19:39:34.0038 0x2234  [ A791792DC412CCD83DA0AF6871682552, FE1A30A6D1501463CF8AAC3AD8CE114ACFEDD38CF9BD6B2247B84E41D74A9E6B ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
19:39:34.0056 0x2234  Ndu - ok
19:39:34.0065 0x2234  [ D4F51E88C71BF8F06EA1BE320B0BB75B, ABDA528F8159290BFDFBAAFC3BDA4484649FF612FD1D9E74284CA7DBA00A4B0D ] Net Driver HPZ12 C:\Windows\System32\HPZinw12.dll
19:39:34.0073 0x2234  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
19:39:34.0218 0x2234  Detect skipped due to KSN trusted
19:39:34.0218 0x2234  Net Driver HPZ12 - ok
19:39:34.0229 0x2234  [ BE79982A50AC88BC0765F3AFECFCB596, 1E7CACB1095C3F1D10766E15B31DEE195C1E6954D4E7ADA141CA4C15EE3DA445 ] NetAdapterCx    C:\WINDOWS\system32\drivers\NetAdapterCx.sys
19:39:34.0249 0x2234  NetAdapterCx - ok
19:39:34.0254 0x2234  [ 80475A12D4AA90937CE69265BAFA993F, 8100BF2A621D43C5E79C58183F9F7E882076BEA2D524D3AED87C8D0790F0F154 ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
19:39:34.0265 0x2234  NetBIOS - ok
19:39:34.0278 0x2234  [ E5C5E6ED3949546E2ACA79B6A3817202, 16D21CC0E65906ECFE17F4FD1D8A5FAE4CC7A3BD5B96E704835961DF2A131726 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
19:39:34.0299 0x2234  NetBT - ok
19:39:34.0304 0x2234  [ 94E06D509D50807774F35BEE3163E806, ADADFA0D533944579BA0E5FE31A68D4D1395E7B9DB75E58D47E0ADC0DA5AD16C ] Netlogon        C:\WINDOWS\system32\lsass.exe
19:39:34.0316 0x2234  Netlogon - ok
19:39:34.0324 0x2234  [ 94BC40F88309B0B7DFE68B2C2BB15EB6, 7E485F6A3F0B1C34C59D1F36EDE05ED9724E23FF63EA273910A02D8177905D9B ] Netman          C:\WINDOWS\System32\netman.dll
19:39:34.0348 0x2234  Netman - ok
19:39:34.0363 0x2234  [ 79ED54CA41486399361778D533E55A99, 17467C0C0D4D099DC7BF2BDE46086AF4AFC28895C62A35AA6A3906C19418AA32 ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
19:39:34.0391 0x2234  netprofm - ok
19:39:34.0404 0x2234  [ B368E739AF3F577EA8D1B256F91036AD, 48BF739A0448F57B2BB0DA891D478D284A5C7F44C61D6E4F8131EED4DF7CFFDA ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
19:39:34.0431 0x2234  NetSetupSvc - ok
19:39:34.0437 0x2234  [ 97FF2186BBAA215727300404862D297B, 1D4F3475252C2315EF51B7B76206776BFF4462C0B31328E266BF5F4ACC2475D1 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:39:34.0451 0x2234  NetTcpPortSharing - ok
19:39:34.0459 0x2234  [ 8AED8AF4CBF661E82CF74CBF198B0C56, 7208216C9E6A938E2CCB2F510D4A6F00F35E1AAF3FE0E6D7272F5543B843EBFC ] netvsc          C:\WINDOWS\System32\drivers\netvsc.sys
19:39:34.0481 0x2234  netvsc - ok
19:39:34.0609 0x2234  [ A878A444B442606F3669D78D1E58A4FC, 74F13DDC325A465678E0DE62EF5E32A53F5FF8CA24297E7CAA44F9B58EB7FECC ] Netwtw04        C:\WINDOWS\system32\DRIVERS\Netwtw04.sys
19:39:34.0757 0x2234  Netwtw04 - ok
19:39:34.0919 0x2234  [ 8F9E99E7EC1151EC2AAC45F1169F54D6, BDE7D70271DD84993FB76338FA492A3C0848C127EA7DAC1CB013009147614709 ] Netwtw06        C:\WINDOWS\system32\DRIVERS\Netwtw06.sys
19:39:35.0086 0x2234  Netwtw06 - ok
19:39:35.0115 0x2234  [ E27ACE78CA1BDF4FBBF3323D6E9AFCDB, 7930C172AD493E39712A0F4B1AF4ADFB4ABD499B00FEEA2E1D5C9E5A26105EFC ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
19:39:35.0148 0x2234  NgcCtnrSvc - ok
19:39:35.0170 0x2234  [ A557C92583E81CA97D2C0F2467E7C2F9, F78B07DB33253142C6CB2DE1BFA1C54EB7CB5D64C94C9B73182C7D49314061EF ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
19:39:35.0216 0x2234  NgcSvc - ok
19:39:35.0232 0x2234  [ 7F609310AC1EC8D66D912438AC792392, C61FAD8431F3E627E9D81DFF95A37C057ED4EB3F3F78A598D5BD236D194EB612 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
19:39:35.0254 0x2234  NlaSvc - ok
19:39:35.0260 0x2234  [ EFF488F6DA45224965B30CE1AB464C08, AC1D0C3175958CD3F9E311C545044B9A847D6F8C89907CAB2CD3C73EC6E1836B ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
19:39:35.0274 0x2234  Npfs - ok
19:39:35.0279 0x2234  [ 5CB8082E51DE7D19042F0FF8C517CB0D, C0C5389E097D520018C346ECBF8AF9928FB44D9AD7B0EFD2D44E910214580A1A ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
19:39:35.0300 0x2234  npsvctrig - ok
19:39:35.0305 0x2234  [ 54407F4E774AE8AD37885BBCC0FFDB3E, 7A22A15A5EC874682FF04B35A69867A476FE88A97E27AA3A9C3F32E4B31D160F ] nsi             C:\WINDOWS\system32\nsisvc.dll
19:39:35.0321 0x2234  nsi - ok
19:39:35.0326 0x2234  [ 201F3764A379001168DFB2B90F7C1E57, BC5662D43B073B41E3810938FAE511E82AD3F69DDE8B73C23D7EDBB3E6364B5B ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
19:39:35.0342 0x2234  nsiproxy - ok
19:39:35.0388 0x2234  [ ADF52C1A5831EA1009382B3BE3A204B3, 9A8355FBB4BCEE45388C8D187203EBEF999A5B5C6E0D05A327AC9CD739FB0560 ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
19:39:35.0448 0x2234  NTFS - ok
19:39:35.0474 0x2234  [ 6D8A287B88F76EB47ACC6BF8E318E1FD, 73A8A8AD677D9BC432159B0099C2BF3928C14D2E5C88E5BCC8B96FCDFA3ED691 ] Null            C:\WINDOWS\system32\drivers\Null.sys
19:39:35.0499 0x2234  Null - ok
19:39:35.0504 0x2234  [ 532F27A2B62D70C327E763F035AED6C1, 9FB6C8040D48384BC72A2021EAD7D48B5E876731849FBA68338EC3562E7CB659 ] nvdimmn         C:\WINDOWS\System32\drivers\nvdimmn.sys
19:39:35.0519 0x2234  nvdimmn - ok
19:39:35.0526 0x2234  [ 7E04652EB1A476BC0A72ECDC613AF0C5, F356C5F7B1C30253F4F8A3E45AAA8C82940DBE1F208D81043D7D89EE54355890 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
19:39:35.0539 0x2234  nvraid - ok
19:39:35.0546 0x2234  [ 880B3E874914DAEF97119876543AE117, E41A633F5C2519438FCA0A85F134061224C39AB82EE61F3B80043E21985A80D7 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
19:39:35.0559 0x2234  nvstor - ok
19:39:35.0571 0x2234  [ 54EFF5C0838ABFCBBF1F47B5B9B5031F, 0895649806196B2C75013585F9C93397AB3F64817CDC4CCD17ACDE6B01F3DC38 ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
19:39:35.0594 0x2234  OneSyncSvc - ok
19:39:35.0604 0x2234  [ D2D448DB69352A6B3177C38D47E6041D, 5CDFBC71041F442305BBA6E64B082011F5DC65CDAA2C64B6CF23D199F7BFF4A9 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:39:35.0616 0x2234  ose - ok
19:39:35.0627 0x2234  [ 3C899D21CE920195CA987756769B1820, B2FACDF82CF8E2EA263CB6B2FDB3CF66B41D01D014F2BE1A683513971D050C3C ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
19:39:35.0652 0x2234  p2pimsvc - ok
19:39:35.0664 0x2234  [ 35E6495236E917BDFD9659F62EFE2E33, 4B4AE686C7D2A9B7D496E62162E984CCCE79D6E42223F5B3D2EBBC7E526EA85C ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
19:39:35.0693 0x2234  p2psvc - ok
19:39:35.0699 0x2234  [ 2E07EC2C1622F5E7B535D62DCD61F3AB, 5FECA3CD9AF531E59B1A0FE04AE8BA22F3C929EB6AA5B2171C88A788AFAA8115 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
19:39:35.0714 0x2234  Parport - ok
19:39:35.0721 0x2234  [ 681E8A68C13253D23B93953FDE569120, 77B06B881999600DA85C6EB28BAE707D06B1D2BA0CFF2957689FDEBFD4BEEE10 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
19:39:35.0734 0x2234  partmgr - ok
19:39:35.0749 0x2234  [ 251EA87EC2CC9555A211551F1E063E4B, 795BC1DCAE1E97084B98E0DFD5B2D57F4BD054FA7D99B1DA04D2EEDA01D8A619 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
19:39:35.0770 0x2234  PcaSvc - ok
19:39:35.0783 0x2234  [ 38FABAC2072FC9E6459F7B7ECF3F6C47, 2100746F9BB00AF439C94DDD22B7EA4F77C61C0424F4961E5EB31C32F3FBF1B4 ] pci             C:\WINDOWS\system32\drivers\pci.sys
19:39:35.0800 0x2234  pci - ok
19:39:35.0804 0x2234  [ E5AF806815ED797086629741F29E4156, 1AD39A8DD564807EE11775C1C69129184A28B7AC4ED66E47CBE657C9215986C4 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
19:39:35.0815 0x2234  pciide - ok
19:39:35.0820 0x2234  [ 2A631D447B988AFBE847CBAA8E5CC298, 65D52E0E7F16EFFF8926E4FF97B42ABB2C5F1125FB13F521143712E3F9028FE7 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
19:39:35.0834 0x2234  pcmcia - ok
19:39:35.0840 0x2234  [ 6F55F5AD830F8EA1D37ED23A0CBD7112, 40E7BE7CA194F5742BE24E1E391A5B833B0E7243DDDF05B332C5D26FB3086D13 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
19:39:35.0852 0x2234  pcw - ok
19:39:35.0858 0x2234  [ 1796112EB89559910BC18865A29C8894, 3EDACF3FDFB4164C1F07BAE7ABCA4E8DC5DBADE11C73F18546E5FE2A10CCDEA8 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
19:39:35.0870 0x2234  pdc - ok
19:39:35.0885 0x2234  [ 7D9F4EB1450CFB32D708BF943C170475, D94EA6B775414031273D0C55BBAAEC07D780B7226859F22A26772B104BA302BD ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
19:39:35.0929 0x2234  PEAUTH - ok
19:39:35.0967 0x2234  [ 57B89D5EAA6A2422C70CF158B9D5F21D, 6D2149CD16B01B323120DC5FA5B9A102B3069877D5A6E8F5370F718643F6383E ] PeerDistSvc     C:\WINDOWS\system32\peerdistsvc.dll
19:39:36.0035 0x2234  PeerDistSvc - ok
19:39:36.0046 0x2234  [ 35FD028E4323018202C0B7D115FD3AEF, CA0CA9EF7A6496EBD35C775D0BD9CC814B07391B69C83938C90926D316A336FD ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
19:39:36.0056 0x2234  percsas2i - ok
19:39:36.0061 0x2234  [ F9F3D8BE9BC9241CC726197261362AC4, 0AF0EBD551B3C079C7A5EA568A171B43F822C4AD0177A8135FBF315813108535 ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
19:39:36.0071 0x2234  percsas3i - ok
19:39:36.0091 0x2234  [ 8C0C30BDD3CE3FC34A59B4B101162ED3, 9A89007DBBD936F985D562B3C686ADE49ED947289500A2D776BFCF9B4DF478BF ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
19:39:36.0108 0x2234  PerfHost - ok
19:39:36.0132 0x2234  [ C811E13F01FB77570B727337BBCF64B8, B37FA2DF1607F1B4443BDB94C5AC95A66A498A0FF51C2C9C2F4E1D5C7400B949 ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
19:39:36.0169 0x2234  PhoneSvc - ok
19:39:36.0177 0x2234  [ D59CD92CE3784678C09B8DF518A8E1A6, 7D5B05D50EA66BAB6B8436A5989F5CA17DC35DB02E445CDEFDADEE0BEB3DE2C8 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
19:39:36.0198 0x2234  PimIndexMaintenanceSvc - ok
19:39:36.0231 0x2234  [ 73B5A132EBF3A8075A7C68DFBB4DE719, 847FC2A2B4C1C65BFEFBBF90C2EB99378E2FDE469425F141BC75D1874F94658C ] pla             C:\WINDOWS\system32\pla.dll
19:39:36.0283 0x2234  pla - ok
19:39:36.0294 0x2234  [ 64A80A746FC460126FA4124AA2D93848, 851ECA69489FF9A834B6A5ACF9D51283FD3796E21316D8A22E57DED2F415782C ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
19:39:36.0314 0x2234  PlugPlay - ok
19:39:36.0319 0x2234  [ 36D43EA5517F3F4AAAC8EE061C957EF1, 970CBE8F689C26C384B8F4E6D0C68BB07434C4776B497E310A603A896AED05E0 ] pmem            C:\WINDOWS\System32\drivers\pmem.sys
19:39:36.0336 0x2234  pmem - ok
19:39:36.0342 0x2234  [ 9A80707D8B6C1806531BFD7399B3CC76, C9996A265B0C461843DECE336314AEDD38D3F0644A8AA4D3F20D3496AD17956B ] Pml Driver HPZ12 C:\Windows\System32\HPZipm12.dll
19:39:36.0352 0x2234  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
19:39:36.0587 0x2234  Detect skipped due to KSN trusted
19:39:36.0587 0x2234  Pml Driver HPZ12 - ok
19:39:36.0596 0x2234  [ 59048555B59FD69287CFAB6022B5CC86, 733D3F1DBF75D6A5A015E6F849216E1954813F86E5D3B05B4AF0E9FD523FC646 ] PNPMEM          C:\WINDOWS\System32\drivers\pnpmem.sys
19:39:36.0608 0x2234  PNPMEM - ok
19:39:36.0614 0x2234  [ 7815D5EEE3624640150B1365EB2E98C5, 2E45B211F40510554E5BDA876E53497FA4A8465A152F77CF38CAD38CC6F47C8A ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
19:39:36.0630 0x2234  PNRPAutoReg - ok
19:39:36.0640 0x2234  [ 3C899D21CE920195CA987756769B1820, B2FACDF82CF8E2EA263CB6B2FDB3CF66B41D01D014F2BE1A683513971D050C3C ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
19:39:36.0665 0x2234  PNRPsvc - ok
19:39:36.0678 0x2234  [ E1BCA08929D806A087D90BC11C6020E8, F9FE2E761F0F00C4A0C221D25069348185C75CA350DDD1407A6401220227A9F6 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
19:39:36.0705 0x2234  PolicyAgent - ok
19:39:36.0716 0x2234  [ A3CCFB8A5BD48F56EF2ACB4A427A1AC7, 03A6F53C44A90D2FAE1F0C212606C484AE0DFBFDF6675497FF0FBAB46D17B268 ] Power           C:\WINDOWS\system32\umpo.dll
19:39:36.0736 0x2234  Power - ok
19:39:36.0742 0x2234  [ AACA74DEF7BE3DED322411787494878B, 86BAF7E855077A03F4B8C0778304CFDB9D0CF245F82B87CD60CAB666D1D17D9D ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
19:39:36.0759 0x2234  PptpMiniport - ok
19:39:36.0811 0x2234  [ FAA5FBD37C00DE72573F9BF6B6E64BAD, AEF599C9D47ED197FAC54326E99114AD7EAA107A0248C77997D353A7B5C06FBB ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
19:39:36.0901 0x2234  PrintNotify - ok
19:39:36.0918 0x2234  [ 8803D4F36F1CB2E2203F5EB59571E89C, 0C83A8706CDB7400CCAB145211793B8C6153D30CA50843A5E3980536F2A38C11 ] PrintWorkflowUserSvc C:\WINDOWS\System32\PrintWorkflowService.dll
19:39:36.0940 0x2234  PrintWorkflowUserSvc - ok
19:39:36.0951 0x2234  [ C009BE61D95CAD5F999D0F4785AEFB7B, E834AEB963E4FA8DBE9A9E69BD2212C001EF9F5461719EFB80C55C87450AFD73 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
19:39:36.0969 0x2234  Processor - ok
19:39:36.0981 0x2234  [ A2CA8830BF77FAB39D6E5C45A404FB78, F78511C80FFE1B2BB8A3B51811AFB22CEE4038D4D23AEBFD7768C32E61CEB77D ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
19:39:37.0007 0x2234  ProfSvc - ok
19:39:37.0018 0x2234  [ 5818FE76C3C6AE0CA723EBE483BF447F, 613E1FE02FA52A6EF4B1E5C56F0108D493B1E97F799CF409A6697A5D5112C8B3 ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
19:39:37.0032 0x2234  Psched - ok
19:39:37.0040 0x2234  [ FC1CEF0CC00E2C405ABFEF07B8CD1375, 259E366C87DC8BB4AA3562CF3E731EC5938D3936CA12D4120A9E85183BDF990C ] PushToInstall   C:\WINDOWS\system32\PushToInstall.dll
19:39:37.0063 0x2234  PushToInstall - ok
19:39:37.0072 0x2234  [ 034BA34ADFA10F9D7E4989273DDABA33, 8763D28817A64F0D82B61EBA1FA54D7E0C97E66FA3F359C1A681740E1AF680C2 ] QWAVE           C:\WINDOWS\system32\qwave.dll
19:39:37.0096 0x2234  QWAVE - ok
19:39:37.0101 0x2234  [ 16F9A6B593B52EB18F7ECB9D251BDF7A, 5DD26B91DF51A07097A893F3537F94FE2CD1F9D132B0994451E922CE1359516B ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
19:39:37.0116 0x2234  QWAVEdrv - ok
19:39:37.0121 0x2234  [ 13600C467512147E99052806F2C1307A, 705257F42FA3502113958A295E0E0FED9C6A35DB6214099360606E792F69B1C6 ] Ramdisk         C:\WINDOWS\system32\DRIVERS\ramdisk.sys
19:39:37.0132 0x2234  Ramdisk - ok
19:39:37.0136 0x2234  [ BD6EF1748DC3DBACEC97B87B6252AAC7, D5D8FF60403BC0B1B315B3413D15E47FE64C63D8F1AC28225DDC21E41BD8A7E5 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys

...
         

Geändert von RSLB (16.04.2018 um 20:16 Uhr)

Alt 16.04.2018, 19:57   #2
RSLB
 
Raiffeisen E-Banking Probleme - infizierten Rechner - Standard

Raiffeisen E-Banking Probleme - infizierten Rechner



Code:
ATTFilter
 ...
19:39:37.0150 0x2234  RasAcd - ok
19:39:37.0156 0x2234  [ ED0EE10911C16AD8B21B9003C90E968F, CFB280D14F629E87BBBDA83841E4B3DD8866FB8382FF17D3E807BBFBBC3BAC1A ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
19:39:37.0174 0x2234  RasAgileVpn - ok
19:39:37.0181 0x2234  [ 54D8A771A5C32C293288E64ABE07FE50, 073F65F1F910C4887C7F60992F5C50629EEA5F4AA8182206D73F2FECE56AB6BC ] RasAuto         C:\WINDOWS\System32\rasauto.dll
19:39:37.0199 0x2234  RasAuto - ok
19:39:37.0204 0x2234  [ E0220BB6580D34001D4D1D133052DAA4, F350A34E7592673B7B77F907E7D7ACFC50C6099A4874C1D870BD0E089D8EF668 ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
19:39:37.0223 0x2234  Rasl2tp - ok
19:39:37.0246 0x2234  [ DDC95170F61986C1226FC575D404298B, 326DB48EAB266BAF18D69AC49504985D495121FE5090D5A11EB55CFC3D85AFA6 ] RasMan          C:\WINDOWS\System32\rasmans.dll
19:39:37.0287 0x2234  RasMan - ok
19:39:37.0296 0x2234  [ 12EE1D92F4E5FAE4B6F65195A2016CE5, C62E9EBD4FE642248C36BB2C9BD7B1C1C09E8A33D4B4AA39DD32F9FD1FE86081 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:39:37.0314 0x2234  RasPppoe - ok
19:39:37.0320 0x2234  [ 91CE469015979E5B3C3DBC2C41A476E8, 45D7EA66311126E370B4E082F7E8507399AC594AB6F7CD5A45C9F09658FD7E19 ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
19:39:37.0339 0x2234  RasSstp - ok
19:39:37.0352 0x2234  [ BC808F726164F2EBF18E79B9AC7B70AF, B551D5DE08DC91675D2B92CBB3F2FBC16D1C5260B240B36532EAEA011F296B17 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:39:37.0370 0x2234  rdbss - ok
19:39:37.0378 0x2234  [ 9D7E65A15478944836C353B556F9CB87, F2D2D73EBF3A866B0511135D60C5C6CE397F41366A2D33D0B045A4A08066CF72 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
19:39:37.0391 0x2234  rdpbus - ok
19:39:37.0400 0x2234  [ 39886C19FB466BBF8AEC31E3E77C034C, 58817B7941377DD5C972131EAF8FD472992F912ED48E6CB770410D359675D3B9 ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
19:39:37.0418 0x2234  RDPDR - ok
19:39:37.0428 0x2234  [ 4D1A63ACEC42A88E52AFC4E84A8CE9EE, 37789428D78273EB09F3613BC72DF5D5E9210D4650CC4D9F9DD413DB4A20B6F2 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
19:39:37.0439 0x2234  RdpVideoMiniport - ok
19:39:37.0450 0x2234  [ A4C3DC6530752AF3C78DAAC8B2B23EA7, 8CE953800256FD75FA608530B9570E42A838DCE7E82DE5F396432BC320590C00 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
19:39:37.0465 0x2234  rdyboost - ok
19:39:37.0499 0x2234  [ FB0577F6BC9E07549CEACF5224327499, 7AD01A641C3A8735C05C7EFDF3730D7A385A241306E3AD01B088D7329FF319E0 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
19:39:37.0543 0x2234  ReFS - ok
19:39:37.0569 0x2234  [ 4136BCA61BCDCC79DCE145F9CB639CD6, 58D49C41532A31F6F2112317BB60D80D34A4D29CAABBF11BAD9C45FD8B812F93 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
19:39:37.0598 0x2234  ReFSv1 - ok
19:39:37.0606 0x2234  [ 2C07420FA14E4F10AEA3B9184C53FA49, 4221812D97F2E8BFE76D04A53226AEC9D87E947D86B44AEFE22785BD79AE818E ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
19:39:37.0617 0x2234  RegSrvc - ok
19:39:37.0631 0x2234  [ 16884710EB4898CB49B18609EEE34C6C, CEC4850825D81969BE269A4DC23DF54F6E2346AADE40D95E91B512412D4BD358 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
19:39:37.0657 0x2234  RemoteAccess - ok
19:39:37.0665 0x2234  [ 9D82CD53B622A85A10B4DA8F4724A8E4, 0D4DDDF7C8D90CB19A86EA531205BAF19BA2335DBD10CD9F006C969CE9735223 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
19:39:37.0686 0x2234  RemoteRegistry - ok
19:39:37.0701 0x2234  [ 24C716C6A5AA3BEC3180BB15050C75C5, 15BC70E932C4AB0609231098F8C3EC56840BB20099C74C008EF23DBFC556A43E ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
19:39:37.0736 0x2234  RetailDemo - ok
19:39:37.0744 0x2234  [ 5BF7698021DB13B55753FD921BEBE318, E8FA328F4070765EE0BFE0D55E8E9CF7AF2D4F3233A1578FF58A7B2782AD9174 ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys
19:39:37.0765 0x2234  RFCOMM - ok
19:39:37.0770 0x2234  [ BBC228CA2F96B784B01FE7F1C5E3CFBB, AF24D0B4093F9CCE88C5BCB94944BCD6D36B890AD8544AF0CD7814B8D4F73A7A ] rhproxy         C:\WINDOWS\System32\drivers\rhproxy.sys
19:39:37.0786 0x2234  rhproxy - ok
19:39:37.0792 0x2234  [ 665A51DE515A2E8B0BDB3D6917D47DD9, F5BF28900F55CB17016E64775B9A5B64D16E2A5898F4D5A7ABE26639932B2C63 ] RmSvc           C:\WINDOWS\System32\RMapi.dll
19:39:37.0813 0x2234  RmSvc - ok
19:39:37.0818 0x2234  [ D0F6698E56F0157EA72F2D754C6FD555, A93DEECB1D84E5AC2C1E2D3D54BA118774E6F77996BEC7BCB6C758B6D04D1920 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
19:39:37.0840 0x2234  RpcEptMapper - ok
19:39:37.0847 0x2234  [ EB65907BD63871669C54D5E5BAE4DD34, 9A429C4B416913D65728A40890FC3C69465C4C77C2D313007BDF24EA5F4E1400 ] RpcLocator      C:\WINDOWS\system32\locator.exe
19:39:37.0862 0x2234  RpcLocator - ok
19:39:37.0885 0x2234  [ 79BDBB684629A526CCD958F06B9D6FAD, 489A85A5F63E5F012740B538878D6DAEBBB474D64F27A6847D3E387A704E5297 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
19:39:37.0938 0x2234  RpcSs - ok
19:39:37.0950 0x2234  [ 27B80E5766B114621980F82FB78E912A, D7986FB32AFA2F376FBAA5EFAC18F5E699BAF97AD0C92A0B787E1CAF77465CFD ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
19:39:37.0965 0x2234  rspndr - ok
19:39:37.0983 0x2234  [ 1AD7DCCDACD8C48CD68CFA51AE805156, 2E6B7B52C7E137B35C149B9835115468A7B94CFA470CA92446F123D2F99E04CF ] RTSPER          C:\WINDOWS\system32\DRIVERS\RtsPer.sys
19:39:38.0003 0x2234  RTSPER - ok
19:39:38.0016 0x2234  [ AE4607D7C7AA83A863BFA214483E8EE4, 828CC9F40BAB2F65AF75608D37ED17EF608E73E911132DD085F0685F163EFEC6 ] RTSUER          C:\WINDOWS\system32\Drivers\RtsUer.sys
19:39:38.0032 0x2234  RTSUER - ok
19:39:38.0090 0x2234  [ D13E0883770F9A11F53DCE930B00FAD1, 6C5C2689DC0C692C27EA7162BD12F39B11E7C7D3A033B11327BAF857E3D2A484 ] rtsuvc          C:\WINDOWS\system32\DRIVERS\rtsuvc.sys
19:39:38.0152 0x2234  rtsuvc - ok
19:39:38.0165 0x2234  [ 96C14A080CE15E4D8A9C7AE526F7B804, F8753CB05393EDDAC5FF99C5DAAFCF955C4CE8D14E065E9A7B4ED156BF9503D3 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
19:39:38.0179 0x2234  s3cap - ok
19:39:38.0185 0x2234  [ 94E06D509D50807774F35BEE3163E806, ADADFA0D533944579BA0E5FE31A68D4D1395E7B9DB75E58D47E0ADC0DA5AD16C ] SamSs           C:\WINDOWS\system32\lsass.exe
19:39:38.0199 0x2234  SamSs - ok
19:39:38.0204 0x2234  [ 324FA3C337EB54B43448F7B08444DC8D, 6AC6E84EBE169400D5CE140C7DC7F527D1A8F5B642593870AD7D1B193C21C7A3 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
19:39:38.0216 0x2234  sbp2port - ok
19:39:38.0225 0x2234  [ 93B12AC7CEAF6BA742DC13AEA349217A, BFDFF3779827B1FF39C5834D9248FFF162B9362F2F7FD8EF8750FD83F35E23D3 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
19:39:38.0248 0x2234  SCardSvr - ok
19:39:38.0256 0x2234  [ 3396A6A892987E8B81289583FC416360, E002C70A34C01B0F5EEA3D53A150DFB3693D1ABA63D61E7EEF3C5B6D5AC86215 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
19:39:38.0276 0x2234  ScDeviceEnum - ok
19:39:38.0282 0x2234  [ 62A33CE69DB508BCEC63F4D3BFF400CE, 914FF18959025C71923558898F95B8113EE49930144A0B19FC06C5C043A171B4 ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
19:39:38.0297 0x2234  scfilter - ok
19:39:38.0317 0x2234  [ B6F0D0C90C052BDB4E3EA7DAC982D72F, B34DFEC3565B8F33D919A6A6BBEC9315466E525E1B2F069968CBC9969EB9E05B ] Schedule        C:\WINDOWS\system32\schedsvc.dll
19:39:38.0353 0x2234  Schedule - ok
19:39:38.0364 0x2234  [ 7B057373146CC4E5A1F1DA665EA55DC7, 48F1C276F99D4E135A261DDEFE2D813430DEFF6BA30FCBFFB102EA40EAD9434A ] scmbus          C:\WINDOWS\system32\drivers\scmbus.sys
19:39:38.0376 0x2234  scmbus - ok
19:39:38.0384 0x2234  [ 6286CBE87B64AB7D1F59E3375A2FF3F4, 92C276A18F99D2A423BC3A99EBDA1239F3B335C1EB6EBAF2F2800A23188B26F2 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
19:39:38.0402 0x2234  SCPolicySvc - ok
19:39:38.0411 0x2234  [ 1F58E6D5C1F211DE8BF5131BF12077D1, 76816B302DB4D0B91FC8DEE6643C9839A48812DF1EE7D34100134550184AA2CB ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
19:39:38.0427 0x2234  sdbus - ok
19:39:38.0433 0x2234  [ 6D3853838864886B4F10B074282772E0, 50855299C5D7FBE0E45EE6288EA1B824215D3E3693F24F1AD2BB2F2E27F6150D ] SDFRd           C:\WINDOWS\System32\drivers\SDFRd.sys
19:39:38.0444 0x2234  SDFRd - ok
19:39:38.0452 0x2234  [ 368180051766E4289E3D47AF21F2668C, AD1E675A990684F131F09E61988525102CDEDA0817A20F188FE9D2A428216BC2 ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
19:39:38.0470 0x2234  SDRSVC - ok
19:39:38.0476 0x2234  [ 80E9563F0B75E98482ECB7D5CBA56BBA, D1121951117253CBA45DF3D4A9A50374F2FCF750CA6661299B8EBF78904245EA ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
19:39:38.0487 0x2234  sdstor - ok
19:39:38.0492 0x2234  [ 0356C85312D78F4C7F33C74B6000BB93, 378018A0ABDF65506B471F091DEF6A8E1D2E719BEBA843595C550E3151C9E6D6 ] seclogon        C:\WINDOWS\system32\seclogon.dll
19:39:38.0510 0x2234  seclogon - ok
19:39:38.0523 0x2234  [ 2BBC2F0C8DF38DD72AF7EC97298101C0, 58A5226321CCB28FBC259C1D0DA1D3469DDA2C81BBE516F3ECC6C10BA2DD166B ] SecurityHealthService C:\WINDOWS\system32\SecurityHealthService.exe
19:39:38.0547 0x2234  SecurityHealthService - ok
19:39:38.0572 0x2234  [ A8A23102301BCB047B269C59167D4B8F, 9851F4E693FE6BAC39ABF14A1469300D718019ABCAC39049A07E7809F7C253C0 ] SEMgrSvc        C:\WINDOWS\system32\SEMgrSvc.dll
19:39:38.0618 0x2234  SEMgrSvc - ok
19:39:38.0628 0x2234  [ 62EDAD383010E037C4D3846C7C021A00, CF2C5D97B4B8C472242A1DCC1CB97A081BFDA41F5708CA78DC9B5041C9B747D9 ] SENS            C:\WINDOWS\System32\sens.dll
19:39:38.0649 0x2234  SENS - ok
19:39:38.0653 0x2234  Sense - ok
19:39:38.0682 0x2234  [ DDBBE9A08C79D3BB50D6053507F7777D, CA67D6FFCF63F38AAA320276F0AB96F87F6431907D2BC138E7EEE4530BE88AF1 ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
19:39:38.0733 0x2234  SensorDataService - ok
19:39:38.0752 0x2234  [ 109A90EF5B1E771DA47C371BA9485960, 37BAECE685E79F37889CD0603F086341A5CA349E943D26CB991A7EFBD2998FAF ] SensorService   C:\WINDOWS\system32\SensorService.dll
19:39:38.0782 0x2234  SensorService - ok
19:39:38.0790 0x2234  [ 3C7280B0BB401D6645128A9D5B076D35, 75EEAA870D027FAB9406AACE969D386DAA1C3A8933895424AB70350BD5F30227 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
19:39:38.0810 0x2234  SensrSvc - ok
19:39:38.0817 0x2234  [ 75A27472AFD009255DBDE52038E3BDB5, 95C31B86D77D73B340901D3BD9798A9E3171D4D3F3D4632FBE3F6AE2B49A17C7 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
19:39:38.0828 0x2234  SerCx - ok
19:39:38.0836 0x2234  [ 84005F54308109A022413D628E966412, 6828A10DF28053C159E93BDD7A62A5517E7037DC302D0EEED55BF07B48E0A202 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
19:39:38.0850 0x2234  SerCx2 - ok
19:39:38.0854 0x2234  [ 40384793F74CFFA45BCC38DF65E978EC, FA68F18573CA92703A3442BB4BC5135C42520BA7D2C3E4B872115C02EE0A719E ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
19:39:38.0869 0x2234  Serenum - ok
19:39:38.0874 0x2234  [ 699470AD24D67908991A777716A352FD, 6155D9785DF9A9346B715798A2C4A0F9B90D2AF725E710F127E06155272B406E ] Serial          C:\WINDOWS\System32\drivers\serial.sys
19:39:38.0889 0x2234  Serial - ok
19:39:38.0895 0x2234  [ 92453F065F52A8EF0328A926B2C9502F, 11CF98993B00B4850C30528F0922BF392B8DE085AD84D17721964D543A41D64D ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
19:39:38.0916 0x2234  sermouse - ok
19:39:38.0934 0x2234  [ 846F99625DB02B06E0581715D0C4D0C9, EC72C2C860921A4234079D29C29D6F80F73B1D87610C6A4F0B1ABC948E532756 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
19:39:38.0961 0x2234  SessionEnv - ok
19:39:38.0968 0x2234  [ 1D8920C40F19B5FBA5F4897779840AD1, 9B1DAFD92963118ACEA411224AA65C841D57D29F6F1EB69A58AB32BC5FEB1592 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
19:39:38.0982 0x2234  sfloppy - ok
19:39:38.0999 0x2234  [ F74C32575862D3F32B21A1A52E7763CA, A60DA54A99D489804575E271B57388F61A3C03A2B4F1798699E5385C12A85575 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
19:39:39.0033 0x2234  SharedAccess - ok
19:39:39.0047 0x2234  [ 63377493508564288721EF5421A216F5, 8D8F2CAD3608AE47AFEAA60C51E288EA622EC85B1CAA330CD226CA7A49F0F8E3 ] SharedRealitySvc C:\WINDOWS\System32\SharedRealitySvc.dll
19:39:39.0072 0x2234  SharedRealitySvc - ok
19:39:39.0088 0x2234  [ 887458A234108B5B69038299BE7FAD88, B25780E36FCA373141EC129EC878AC0C2D560DFF62FEE3DFE332256C1FCDF579 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:39:39.0122 0x2234  ShellHWDetection - ok
19:39:39.0131 0x2234  [ 5ED18BE9FE76540A0596BB41C91719C6, 54B52E6EC059F48D2A4FEDC9D2B7B391A605F63CFC29C46A9FC5BA936EF3A72D ] shpamsvc        C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
19:39:39.0153 0x2234  shpamsvc - ok
19:39:39.0161 0x2234  [ A871F9CC9CF388DC7193D22EF8D8C8DF, D9E915F85E4FD993B04162B7D30BE6F230DD5464BBD75AE173255E59BA777067 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
19:39:39.0171 0x2234  SiSRaid2 - ok
19:39:39.0179 0x2234  [ D30FC341550CC364880950152AE8B1C5, BCCEB920C8DBCE061A62B0B7C91DA2981312DE9A8EC2D7398AE6009148603C77 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
19:39:39.0189 0x2234  SiSRaid4 - ok
19:39:39.0201 0x2234  [ 22CC2A61BC77C5972B58756049AA254E, 4DF554A1C2FF8C2D9AD8633231961DE95171A17295DAA7779E607AFD7BD8FE03 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
19:39:39.0219 0x2234  SkypeUpdate - ok
19:39:39.0226 0x2234  [ 7118C7E6E197CE545043485C3DC5FBD7, 8FE4D621BA603515C9E789E89C054BCC8E886B6778851492ABEB12407CA496F3 ] SmbDrv          C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys
19:39:39.0236 0x2234  SmbDrv - ok
19:39:39.0240 0x2234  [ 7D5AC54B39E647568BA2878EA1C5EF43, A57F4B48E3ABAC641415C94D13D67B398E22F46D4E5A61D2218A61CB12D7A8F7 ] SmbDrvI         C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
19:39:39.0250 0x2234  SmbDrvI - ok
19:39:39.0255 0x2234  [ 9CA6E573757C76A515EFD6DD795A3A1E, E7F87EF70545ABA33171A5783439E6E7874A2CAEE0C7ECF384023FBDCD967743 ] smphost         C:\WINDOWS\System32\smphost.dll
19:39:39.0273 0x2234  smphost - ok
19:39:39.0288 0x2234  [ F4B4E405BCDE95D748F8429FCC30E668, 72E675166B3E90D3FC23FD1AF1A3B201416294C962E0800707DCBA71DB9D7736 ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
19:39:39.0318 0x2234  SmsRouter - ok
19:39:39.0329 0x2234  [ FDADDEC855034107E5FAD708B4E2424D, 1E3A07E0F67E23F32E046F516608D78299BA66BC647F6A6A240C77245FE3A7FF ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
19:39:39.0347 0x2234  SNMPTRAP - ok
19:39:39.0361 0x2234  [ DA0AECA8222682F90C325E483E8115D4, 20CB647C132F20A3466C7C429057F01C4AC7A3D0E49B6C40206E61231EA05A54 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
19:39:39.0383 0x2234  spaceport - ok
19:39:39.0388 0x2234  [ CCECE7E96B4F7B0E9F0FC82F6DADA917, 4C20D74971C7A822C51429BE960F85016B03166E05D43B29F5D290F413006C18 ] SpatialGraphFilter C:\WINDOWS\system32\drivers\SpatialGraphFilter.sys
19:39:39.0400 0x2234  SpatialGraphFilter - ok
19:39:39.0405 0x2234  [ 545507AF670BC88B89200A118513ED9A, 1450D29E678F26B317D55BBF41E603296C5FBA54F956801D3E796808FFDCC0AD ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
19:39:39.0417 0x2234  SpbCx - ok
19:39:39.0438 0x2234  [ FAEF35589C86C448F732926716956087, 6D370EA797617A3138FB15F285F08373299BE77B5C8CCD28BF559F17437E8A48 ] spectrum        C:\WINDOWS\system32\spectrum.exe
19:39:39.0480 0x2234  spectrum - ok
19:39:39.0501 0x2234  [ 153F12DE99760ACC89F53848DED45679, 6C55023782082B4E5CB5E653C530A6CF0AF86D5D38566AA4C3A332534BE0EA7B ] Spooler         C:\WINDOWS\System32\spoolsv.exe
19:39:39.0536 0x2234  Spooler - ok
19:39:39.0612 0x2234  [ CED434DA6E043B450141932D974FF8C1, 48704C2461D1019522F2F0F931B663EEE2E5E200949F63DA41ADA965B3612669 ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
19:39:39.0710 0x2234  sppsvc - ok
19:39:39.0734 0x2234  [ CD568BE7C01EF3BA7CDA1CF36C37513C, 7B443D0619BB166CF6021E9352817590AA35093FDD9A0C79CFC76DC49DC632EA ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
19:39:39.0766 0x2234  srv2 - ok
19:39:39.0776 0x2234  [ 43480B3EE4D23F5AA8EE7C6D83B09487, BDBF48060ECAE1CD5AB40DFF41C8E2499185BA690A19BCB87AE1D2A0613E33FD ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
19:39:39.0797 0x2234  srvnet - ok
19:39:39.0805 0x2234  [ 7B5E955BB63726AB625F79AA7AF7FA11, A5ED49F465BCB26C61F390018520BE97392BA9D85CC6A7C040BAA2D0EFF983FF ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
19:39:39.0827 0x2234  SSDPSRV - ok
19:39:39.0836 0x2234  [ 3BEF5FAC7F3DA3E25B80CC41B5060616, CAAB3CAF150F564964471F494F583014E5EF842BC4761A64B708842C4425753B ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
19:39:39.0861 0x2234  SstpSvc - ok
19:39:39.0941 0x2234  [ 0A86D5AF20A4EF70F7DE0FC9B6DE4D0E, 143CF06504FCD04D74D36642F9071D3EAE7B5B65CEB82C328F9EBBB898D90C49 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
19:39:40.0048 0x2234  StateRepository - ok
19:39:40.0060 0x2234  [ 162A805E13B3C0DD06AE8B6FC1900156, 43782D9136596365B87E7DF2046CC28C2AF9EC014308E1458E0315F7F6463B44 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
19:39:40.0070 0x2234  stexstor - ok
19:39:40.0085 0x2234  [ 3B3F5D6BB8A6A6F3630194A471989069, 0A5D586A1866113B94F5F11571506E133F64640DB38BEEDBE5489ED10314FA31 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
19:39:40.0117 0x2234  stisvc - ok
19:39:40.0124 0x2234  [ D218EA2F4126629BEAC03555216CB506, B2CDE7FAFD74E1EDFE213BCA84F84F081FF3718D70E3E614A8304A92FDEDEAEF ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
19:39:40.0138 0x2234  storahci - ok
19:39:40.0145 0x2234  [ 03B1F66AB47618A6123EB0631B57A31B, C06BD9D1648E56703067D5724B8AF898048A5D604B2560A69CF6B5CCF3651A66 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
19:39:40.0156 0x2234  storflt - ok
19:39:40.0164 0x2234  [ 15EA6F1F6BA9A0E2C8D32A6EB77129F8, 05E414CDCA79D97DA03F61BB268CC599DBD16F35FDA6D6628EB9FBD0170FF176 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
19:39:40.0177 0x2234  stornvme - ok
19:39:40.0183 0x2234  [ 15599E47C28DC511F0CA3B664A257728, 2ED213F392D4C2B848187F0583C7AEE2A41A2AA1E4DE8AC85D45EFEB0A430593 ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
19:39:40.0200 0x2234  storqosflt - ok
19:39:40.0221 0x2234  [ BA9471C7B5B02F2EDF5055CC1A1476F3, D9BF3D2C5127E469BB037308114287686A9C3927396D64013007927C9A9716AB ] StorSvc         C:\WINDOWS\system32\storsvc.dll
19:39:40.0261 0x2234  StorSvc - ok
19:39:40.0271 0x2234  [ 4D6FF8DDBF9CC61EC95A4BF4096D52FF, B78EDD3FB711412140C541EDF9468AB6DC1A82AEE207F22976E9C6B9722F7891 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
19:39:40.0282 0x2234  storufs - ok
19:39:40.0287 0x2234  [ 6FD2D01E4AD9494874A3A8BA74A8FA64, AFEDB991465631F68F035B968345C4B700360F2F66543A48C75458D952E50B08 ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
19:39:40.0298 0x2234  storvsc - ok
19:39:40.0304 0x2234  [ 587854AF01CABE83A62D81FFEEBCD6AA, 99103FCCFE18DA0EA0121A10BCB7DEB833DE2A5C4CB8BD70E4983C2274D469E6 ] svsvc           C:\WINDOWS\system32\svsvc.dll
19:39:40.0323 0x2234  svsvc - ok
19:39:40.0329 0x2234  [ 027B27E4B9DB3931D64159B81BD915A0, B30BD828748205642529B6E528D12B16F86CA4F06F60C2C2E89AD7A97EB06B49 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
19:39:40.0339 0x2234  swenum - ok
19:39:40.0355 0x2234  [ E0915F9B3C154FEF700C34A8E613B945, 172205D9DF0ABCC1F2B9484BA75A637BC0899CB42BFA5F0352B9C8E0CD6DDDA3 ] swprv           C:\WINDOWS\System32\swprv.dll
19:39:40.0384 0x2234  swprv - ok
19:39:40.0389 0x2234  [ 3D63A58A9DD3F984A7E3C2F2CB357E06, F520333AFF9F8D37707A6B50A33B712B5AF114D12C8092D2DFB04F05F241B03E ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
19:39:40.0405 0x2234  Synth3dVsc - ok
19:39:40.0421 0x2234  [ 42285B7866943D0C9E7F00601FB2DEC2, 80861C8AE5708006E82F852858E108F30CBD9948839F73678FA1CE8FD0C36E43 ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
19:39:40.0440 0x2234  SynTP - ok
19:39:40.0452 0x2234  [ 954FC33E315830260B43BD6F08913669, E4CE320CE5D847F2FEB6D1C818F2F2589303077840D25C264AE934183BF72E7E ] SynTPEnhService C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
19:39:40.0474 0x2234  SynTPEnhService - ok
19:39:40.0497 0x2234  [ EE6CEBDB3C9AAD1C80AE32878FCD17C4, F172BE926BBDD8B11F641687FC5F9C062F322C43D08A5E1F189BCCB44CE3C4E4 ] SysMain         C:\WINDOWS\system32\sysmain.dll
19:39:40.0536 0x2234  SysMain - ok
19:39:40.0551 0x2234  [ 74FFACDE32B58CCB74B9EF990C7757C0, 69AF6FF98C5793441CC46136AD99B05392974E2C0189C76066EA0DDEE8B5CF31 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
19:39:40.0574 0x2234  SystemEventsBroker - ok
19:39:40.0583 0x2234  [ 73F6476EE9F5448838B2883E0B710CD7, 0C2362C92A5CF8EBE428FC7C0399A8B6812CA42DD11D8669CB23FB10AC7B52AA ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
19:39:40.0604 0x2234  TabletInputService - ok
19:39:40.0611 0x2234  [ D412C98F4E8ED0653D7A2B4D9A6E4592, E18BBD48287EC6B6A946BFE6DDE646C4A22FEB9C9B4488E923E9E19FF64708AE ] tap0901_zyxel   C:\WINDOWS\System32\drivers\tap0901_zyxel.sys
19:39:40.0621 0x2234  tap0901_zyxel - ok
19:39:40.0631 0x2234  [ AC1AA61B04116E540C5AFD18F11F2697, D5ACC296853911E2C9A5E7B0B6F36AC4FA6B49417CB456D153427BCFD944C195 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
19:39:40.0655 0x2234  TapiSrv - ok
19:39:40.0706 0x2234  [ AE5CA8D3D81DCC76C5FFF1CD60E48606, 6FF9E019DF170CC44217BBB168E291C6F1EF4B73B154A125A89A0E2DD1721C3D ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
19:39:40.0770 0x2234  Tcpip - ok
19:39:40.0825 0x2234  [ AE5CA8D3D81DCC76C5FFF1CD60E48606, 6FF9E019DF170CC44217BBB168E291C6F1EF4B73B154A125A89A0E2DD1721C3D ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
19:39:40.0888 0x2234  Tcpip6 - ok
19:39:40.0904 0x2234  [ 74A1BF4093FA7B7D6C9366A39911A78E, E60694303A608EBFEAA5C581B312A212BC7081A4D67234F003917FA6E6A05F84 ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
19:39:40.0922 0x2234  tcpipreg - ok
19:39:40.0933 0x2234  [ 09125A12CAB5F8D5EAE9C83C25792FDD, D3116D8F3CD5897F90126BF3847A2B301367D4698CA8AD30A313B39F804D3D4E ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
19:39:40.0946 0x2234  tdx - ok
19:39:41.0121 0x2234  [ A2F0401D1BBD2B647CCC637ABFC80D79, 2B3456E9A2950EA2BC0C258C14C7493B069B4432554C5A15AA3BF32C9C15D83C ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
19:39:41.0304 0x2234  TeamViewer - ok
19:39:41.0326 0x2234  [ B4B68E1DB59456419D9E49645729502A, A741EDEBCF5E8141BCC8867D5A62024425656432B6E6B0A0131B1B4AB878744E ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
19:39:41.0338 0x2234  terminpt - ok
19:39:41.0362 0x2234  [ 96037700AEE1B4D5A6FFC62861E4FF8C, E2E4D23525389C13126401215541F5625258DA18372CB5C98D0B95123A86ACFB ] TermService     C:\WINDOWS\System32\termsrv.dll
19:39:41.0404 0x2234  TermService - ok
19:39:41.0414 0x2234  [ E0F78207F33D6C10CBFB23E873837C87, 55D4411A4070AFE81E576989D67DC411BAE39D9B90697E7646F07716EABE8EC1 ] Themes          C:\WINDOWS\system32\themeservice.dll
19:39:41.0435 0x2234  Themes - ok
19:39:41.0445 0x2234  [ B52BA61AB8E4BAA83EA86BAB312EE6ED, D9A9D17FD222A67CA1906A422055718269929F0B33C7417F7D1F9447FD424683 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
19:39:41.0470 0x2234  TieringEngineService - ok
19:39:41.0484 0x2234  [ BC834B233125DBB321B809972F2E270E, 7085FAF5BC5E37E81E30345E984887E2D3F7657F87A23C0C1C0A4DFCD558BA55 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
19:39:41.0516 0x2234  tiledatamodelsvc - ok
19:39:41.0523 0x2234  [ EA80B2C811A7F6B1C9EED312F06F26FB, 7DC0A5C2F56C0FD0C4BE84EA09900DF20275A2FD63ADB9D8EE4CBF39E1E2A4F4 ] TimeBrokerSvc   C:\WINDOWS\System32\TimeBrokerServer.dll
19:39:41.0545 0x2234  TimeBrokerSvc - ok
19:39:41.0568 0x2234  [ 5AC485259DA784EDBF63E6D6CFA62D6B, 453B9BB1E62D708E535A0D41B78B71ECBBA051248BF2ADBCDA885B918417BA79 ] TokenBroker     C:\WINDOWS\System32\TokenBroker.dll
19:39:41.0615 0x2234  TokenBroker - ok
19:39:41.0628 0x2234  [ F54728E32D67537C5A13454E23449C7A, F2FF6A36693EFE86B441134DF43327D2768D00A867059646F6CA93E10A682019 ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
19:39:41.0642 0x2234  TPM - ok
19:39:41.0650 0x2234  [ 39187852984778424A0EFD6B01FAB272, 2E7F7AEE8BAB1C6D8B880C28222EFFB721CFDA3B39215BB065088E396581ADA9 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
19:39:41.0671 0x2234  TrkWks - ok
19:39:41.0677 0x2234  [ 6E39B63A16B33827B861C56F0E58E021, 6A6C4387CB213FBD2BF2952BE5175F98116C671FB0046426ACA293BD5EBB59A0 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
19:39:41.0694 0x2234  TrustedInstaller - ok
19:39:41.0701 0x2234  [ 8D811209E34358EAD3FD8E40F657E59C, 1A40ED03C03C4FD87EBD166C0D87356F5036F04FBC1F9A600E92E2125B117DFE ] tsusbflt        C:\WINDOWS\system32\drivers\TsUsbFlt.sys
19:39:41.0717 0x2234  tsusbflt - ok
19:39:41.0721 0x2234  [ 68DE1735FB020AE8948BD7B60F2EBD3B, 198EFA09C3FB57CD7C11F1AB91491E8FB8093F12DACE1B1AF1BDE50EBCD8EB43 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
19:39:41.0736 0x2234  TsUsbGD - ok
19:39:41.0743 0x2234  [ 32230D3F06B0874DFB727028CA4F6348, 8F50B556C38F736AAB8160912F0A3917BCA6396555D0DCB7A65B7FF0A8225416 ] tsusbhub        C:\WINDOWS\system32\drivers\tsusbhub.sys
19:39:41.0761 0x2234  tsusbhub - ok
19:39:41.0767 0x2234  [ ACD39B0E5CFDA7B1AB7DF33FC5CC0E46, 89FE50DE5037770D568BA025A7EB06B5FAEA39A1EB97910319B942B02EFD14E5 ] tunnel          C:\WINDOWS\System32\drivers\tunnel.sys
19:39:41.0786 0x2234  tunnel - ok
19:39:41.0793 0x2234  [ D5E68FCEDE15214BDB5D986D5B50E0BF, D2FA040B4BF4424928ABFB0B8CCA768C8DC9BE3DA86A3C61B1CEE1A2C543FADC ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
19:39:41.0814 0x2234  tzautoupdate - ok
19:39:41.0821 0x2234  [ 04FC2C7F73AE58BF0DD674164E28A6DF, 513E98D6838008B6F97E895BCD639679276AD6A7F7E789A6F3D4E9F9781CA78A ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
19:39:41.0833 0x2234  UASPStor - ok
19:39:41.0840 0x2234  [ E437FC4B1833F6B745184F78C4921FB8, 171605C7BF95FE1F342B314A969ECBE0B0D04E67D1306F470B3424AB6DE1478D ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
19:39:41.0856 0x2234  UcmCx0101 - ok
19:39:41.0864 0x2234  [ 950A3E42167904CAB9AA64863C31CEB5, FC31C3177EDA9FFD2CE51EB2B1E696E50FFB378973C3C001EE29265FED249353 ] UcmTcpciCx0101  C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
19:39:41.0884 0x2234  UcmTcpciCx0101 - ok
19:39:41.0889 0x2234  [ F520EF2D24C1B43A2151DCA271865271, 5F9F4D82C5E6DBA8E0232DA05B30AE69BB43B66AA870584D2F9D740D61118A02 ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
19:39:41.0912 0x2234  UcmUcsi - ok
19:39:41.0922 0x2234  [ E6E91B3980A495D2A9D28A09580EA993, B4987D875A8AA176818C115844388EE64054411689B014ADEAC18164D02F6AE8 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
19:39:41.0937 0x2234  Ucx01000 - ok
19:39:41.0942 0x2234  [ DACA289DFFA7658C04FEF6DCFA2AA9CE, 7BD32B5F395A8675D4B2BDCA75530F2FFA64ED87B2B67FDA08EF709A4EA15553 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
19:39:41.0961 0x2234  UdeCx - ok
19:39:41.0971 0x2234  [ 12383D410AEF99AD6979A8EFD3D61888, 376929794A2A8B05DDB2EE93E58A3C3DA19855F5CBC8B29E208E28BF95970355 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
19:39:41.0994 0x2234  udfs - ok
19:39:42.0000 0x2234  [ AB7FE51D818B6059C2F56FA62268CCAC, D8412F13BFE0B96E0A9CCB5E25A567A66AE24983564D76954AA76DAF0A52726E ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
19:39:42.0012 0x2234  UEFI - ok
19:39:42.0019 0x2234  [ A6134CA92B545353EEB0420F36D39F1C, 2F100FC25ACF16948C9B95A7FAA5336B7C8E3CB571196B04D5DB8308D8C6C491 ] UevAgentDriver  C:\WINDOWS\system32\drivers\UevAgentDriver.sys
19:39:42.0031 0x2234  UevAgentDriver - ok
19:39:42.0055 0x2234  [ 8899E490269C7634368B4FE6E77CFE8D, ADDA7FD2DE1C94F9F91DA9C248DEF1D253B807FB07549EF14774C5D0001C5B3D ] UevAgentService C:\WINDOWS\system32\AgentService.exe
19:39:42.0099 0x2234  UevAgentService - ok
19:39:42.0113 0x2234  [ 58447F28E697A93521DD20530A8D50ED, BC166B829BA28DAEB8B113D5575D6A11BF81716B38797396496F4D2C2E537F23 ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
19:39:42.0129 0x2234  Ufx01000 - ok
19:39:42.0135 0x2234  [ 69ED2D00A7787D9D84E6C90CE0B02B2D, 55B137766D72BF5FFF645E8E76248FD15367DFDF7FFDABB9A9ECC27FD7555DD3 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
19:39:42.0147 0x2234  UfxChipidea - ok
19:39:42.0154 0x2234  [ F061EC57330FBC597A4E7298BE667780, 0C32162782BAE9912373CA40A67567BAEF185173E033579C4833A91C11D83E2E ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
19:39:42.0168 0x2234  ufxsynopsys - ok
19:39:42.0178 0x2234  [ B26729B378282F72241859C13326E3E8, 859398D02E301B8C79078DB43E3BF9691EBA52DD0717868E27D2D6EF918098DD ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
19:39:42.0197 0x2234  UI0Detect - ok
19:39:42.0201 0x2234  UIUService2 - ok
19:39:42.0206 0x2234  [ D40BCED160D332005AF612E1228825E6, 72B7B89A3ED1D6846D004D9BDCAAF8F1D488C21A93A926FE158217B529B55157 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
19:39:42.0222 0x2234  umbus - ok
19:39:42.0234 0x2234  [ 64CF24D7B1FA4975C52A31BF4C82EB73, 2F803884A417F2DD39A155D20EAA4D61D494E41B0F98760810EC5193B84DD425 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
19:39:42.0249 0x2234  UmPass - ok
19:39:42.0259 0x2234  [ E6B6BDA0412D3C56275E662A5A1937FD, CB971073A34CF3FA184B8E41308A14CFD5E22F48B01109E7531DF013EB5E05E7 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
19:39:42.0282 0x2234  UmRdpService - ok
19:39:42.0306 0x2234  [ F0A388AA51F0DE22AA38A4BA9B04AD9E, 1B325D1BF2B041C33BF0336D9651A744AC0A9529085F898A3D90158784F26DC2 ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
19:39:42.0354 0x2234  UnistoreSvc - ok
19:39:42.0375 0x2234  [ D2931E3F67A990328DE5CE7E43F4467C, 06BA872FB07CFDD14813963A06E01F225EFDF58A63D6B0A5AEF7872C7126DF54 ] upnphost        C:\WINDOWS\System32\upnphost.dll
19:39:42.0404 0x2234  upnphost - ok
19:39:42.0409 0x2234  [ ACE4C3B4C7D17B154FFC5BBE5F7A9835, C330123EE9BF90518CCB7DA923ED32C0CFA9319C886D9ECA65E3B84E743CB145 ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
19:39:42.0418 0x2234  UrsChipidea - ok
19:39:42.0423 0x2234  [ ECE40EB976A5ACB366808AECF6B235BA, FA00D0A8EF1BCA0349DCA961F4093DF790E5031F91586050372029AA9A7726C5 ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
19:39:42.0435 0x2234  UrsCx01000 - ok
19:39:42.0439 0x2234  [ EB738F830D3E7EA62A218F101EF91FD4, 35B05845497448C0721377F0EDD7624A4043D0C6E91C5C1CB96853F2D3B16457 ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
19:39:42.0451 0x2234  UrsSynopsys - ok
19:39:42.0458 0x2234  [ B43E28E5CF868517EEC0923AB2BC366B, 01817474AFBC2199387F30F708DDD9458FB156EA4AECC8C3E2EBBCBF7A2BA857 ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
19:39:42.0472 0x2234  usbccgp - ok
19:39:42.0479 0x2234  [ 1080D80B5F6D249F23BAE1C0C36233A4, 8EB810282DACCE101D4B5F70FEB450204359537098215DED1DBFF9E14B6F86D0 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
19:39:42.0496 0x2234  usbcir - ok
19:39:42.0502 0x2234  [ EE162DA2C92026A5B96ED89737975AA8, A26E58C7BEE9B6F0F692A2649F258384E55523A64889E3B7D8EFD6D77753E243 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
19:39:42.0514 0x2234  usbehci - ok
19:39:42.0527 0x2234  [ C27FEE9758E3BEDE4D48B5EDBE1122CF, 64F7215ADCA3DC1E2D8EF3E6C3579529605DF8F7A2161FB04B19182C828E54D6 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
19:39:42.0547 0x2234  usbhub - ok
19:39:42.0562 0x2234  [ DAB1695B400DE19A9DEA686022FD1544, 0D95745883C5D5828294D67297C4B7F5AA7DCF6D3DE412506EB6C0957F605F75 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
19:39:42.0584 0x2234  USBHUB3 - ok
19:39:42.0589 0x2234  [ 44B954306BB2B311E070EDA276FECAB1, 8F3C1FC07E2B8059E41AF3BD1CC03C67770B4FB403D79171CA075874721BBCAB ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
19:39:42.0607 0x2234  usbohci - ok
19:39:42.0613 0x2234  [ EEF26F9034F0608B93D4D239534BB0BA, 6B047603D4F86C12CF0B22F4260E8BC6A6FF0BEEC50C74E31CA3A4E86567F90D ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
19:39:42.0628 0x2234  usbprint - ok
19:39:42.0634 0x2234  [ 446F2908C891A583BEA930226E37036E, 830A0E9170B1BD58447EB12AAF7FA8B97B15F3D35DE53553CFC4A67620DA4619 ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
19:39:42.0650 0x2234  usbser - ok
19:39:42.0656 0x2234  [ 441CAE778B6A1FF6E618E37814A7A52A, 61DF48D662421F2149FA63187B2C8556A991BDA47EA75798BA86C572C432C1EB ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
19:39:42.0669 0x2234  USBSTOR - ok
19:39:42.0673 0x2234  [ 2D6BB2157B37B2D9DABF8C218F2A805B, 5FCA03DCAE81F6B7A6EB63F13A361ED915D82635697DAA085A31D447C21C1B65 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
19:39:42.0690 0x2234  usbuhci - ok
19:39:42.0704 0x2234  [ D4AF6826A473562C169B0916BFE3486C, 5295EDBEFBA27DCC1DAA4C456713CFE5D857A6BD18EB4B05C977CAF19990141F ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
19:39:42.0722 0x2234  USBXHCI - ok
19:39:42.0756 0x2234  [ DBB8DA23D912E799683A34BFBAE3EF70, FE7EAB44503C72EC3CD722617D04C0BF01EDFD2F5834C3D501538800E43C6B74 ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
19:39:42.0811 0x2234  UserDataSvc - ok
19:39:42.0843 0x2234  [ 29D52BDF7605DBD39C2D6D089E72C6F4, 500CBB6AD5B097525CD5DD70F127ED66BDE8E5608DAAC5067FA0F04DC1F00D06 ] UserManager     C:\WINDOWS\System32\usermgr.dll
19:39:42.0886 0x2234  UserManager - ok
19:39:42.0919 0x2234  [ 1EC6FE430906F4B4935F51DD079406B4, 5DD497FD9A97FA6E5C94E04E75C23D5CC2C5A0BEE252277F67A6FC00D11A3C33 ] UsoSvc          C:\WINDOWS\system32\usocore.dll
19:39:42.0968 0x2234  UsoSvc - ok
19:39:42.0978 0x2234  [ 94E06D509D50807774F35BEE3163E806, ADADFA0D533944579BA0E5FE31A68D4D1395E7B9DB75E58D47E0ADC0DA5AD16C ] VaultSvc        C:\WINDOWS\system32\lsass.exe
19:39:42.0989 0x2234  VaultSvc - ok
19:39:43.0017 0x2234  [ AA98700D973A174D92AC515BDAA54477, 7432137FE52629E0C161291D5F7B3AEF6EDEA6115689AB270F42AD9C17C7CB36 ] VBoxDrv         C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys
19:39:43.0044 0x2234  VBoxDrv - ok
19:39:43.0053 0x2234  [ CAA008A6627553A2A043968F29D9E6C5, 3688327611D5BA4A970A16E421BF7989BB33C306982B4F4EC99463EE0A60EA96 ] VBoxNetAdp      C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys
19:39:43.0065 0x2234  VBoxNetAdp - ok
19:39:43.0073 0x2234  [ BFFB5CC74E529157265937EA9D39194B, FE5BB02B697AD91E3EC5C1B7CD76365E0BF9D3BDAFFD24FAF97B829567B17DEA ] VBoxNetLwf      C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys
19:39:43.0085 0x2234  VBoxNetLwf - ok
19:39:43.0092 0x2234  [ D6DB5EDDD1E003EBD0099A85D83F97B7, D3143BE8C8C7F5F1CDBBE69C541DE62FDE313CBFDA32850F37F2A164F7B253AA ] VBoxUSBMon      C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys
19:39:43.0103 0x2234  VBoxUSBMon - ok
19:39:43.0109 0x2234  [ BF13071600C1A0B090BEEC159A75B133, 78B239E5189B090D11A6C2CE19D8428CCCB03740CA22D00561E1BC9B5D609046 ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
19:39:43.0120 0x2234  vdrvroot - ok
19:39:43.0137 0x2234  [ 07C192BEEA76B1BD9D0310ED20551D54, 0E8A90B2A228CEE94DBD193E7C6775A64C8BBEF70E318F2ECE935B6ED5B26638 ] vds             C:\WINDOWS\System32\vds.exe
19:39:43.0175 0x2234  vds - ok
19:39:43.0184 0x2234  [ 9D4EEE333603F3675685F644053499D5, 545A21F86C8CD64B556DE688B31DDB157863766D53E52DE443B881D267223578 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
19:39:43.0200 0x2234  VerifierExt - ok
19:39:43.0217 0x2234  [ 274D49BBF0F3C7F193BFC13434F2F08C, B8F56DDBE61D1A6EC0967C5543A1772BEA6E7E9D4923F6DE5A09CD43AC7CDBE3 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
19:39:43.0243 0x2234  vhdmp - ok
19:39:43.0249 0x2234  [ E10FEBB566E1F0A3936AB304F338637E, 01B344061F2A8802EE88F584CF583DCECA478823A0D37C41D90340E4E2FBC43F ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
19:39:43.0264 0x2234  vhf - ok
19:39:43.0270 0x2234  [ 3093314480D83FB733A6069AB12D3DA1, 9056C57A56D151E3AF456FDD843F9BD7727E12B59EB09C423196F23609EA7F42 ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
19:39:43.0282 0x2234  vmbus - ok
19:39:43.0287 0x2234  [ 12723C0F54432B4A98702110B344B030, DFAA6FC88F6EC7A540B5AAE930A591DD59E844630A6B03DEEA31126EAAEA256E ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
19:39:43.0302 0x2234  VMBusHID - ok
19:39:43.0306 0x2234  [ BCD144BFA4E13E0F74D852ADF283626E, 7423E69CECC2791DF814ECA6464C522BB914F7F6B0178C1A9881CBF56A1F8E1C ] vmgid           C:\WINDOWS\System32\drivers\vmgid.sys
19:39:43.0321 0x2234  vmgid - ok
19:39:43.0331 0x2234  [ 16071A66A9313085B54037B5D7D1C353, 613FAB4F93FA1C33D6303C5712B516AAFB1DACDAB712F7F52A34D7CD558183BE ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
19:39:43.0353 0x2234  vmicguestinterface - ok
19:39:43.0362 0x2234  [ 16071A66A9313085B54037B5D7D1C353, 613FAB4F93FA1C33D6303C5712B516AAFB1DACDAB712F7F52A34D7CD558183BE ] vmicheartbeat   C:\WINDOWS\System32\icsvc.dll
19:39:43.0383 0x2234  vmicheartbeat - ok
19:39:43.0391 0x2234  [ 16071A66A9313085B54037B5D7D1C353, 613FAB4F93FA1C33D6303C5712B516AAFB1DACDAB712F7F52A34D7CD558183BE ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
19:39:43.0412 0x2234  vmickvpexchange - ok
19:39:43.0423 0x2234  [ F03A5454EAE669167639CA3F2EDF73B1, 03D9A033B694BF95AC04355EB54B72030372880E0EF63C4A6D6A2A10F571AFEA ] vmicrdv         C:\WINDOWS\System32\icsvcext.dll
19:39:43.0447 0x2234  vmicrdv - ok
19:39:43.0457 0x2234  [ 16071A66A9313085B54037B5D7D1C353, 613FAB4F93FA1C33D6303C5712B516AAFB1DACDAB712F7F52A34D7CD558183BE ] vmicshutdown    C:\WINDOWS\System32\icsvc.dll
19:39:43.0479 0x2234  vmicshutdown - ok
19:39:43.0487 0x2234  [ 16071A66A9313085B54037B5D7D1C353, 613FAB4F93FA1C33D6303C5712B516AAFB1DACDAB712F7F52A34D7CD558183BE ] vmictimesync    C:\WINDOWS\System32\icsvc.dll
19:39:43.0508 0x2234  vmictimesync - ok
19:39:43.0517 0x2234  [ 16071A66A9313085B54037B5D7D1C353, 613FAB4F93FA1C33D6303C5712B516AAFB1DACDAB712F7F52A34D7CD558183BE ] vmicvmsession   C:\WINDOWS\System32\icsvc.dll
19:39:43.0538 0x2234  vmicvmsession - ok
19:39:43.0549 0x2234  [ F03A5454EAE669167639CA3F2EDF73B1, 03D9A033B694BF95AC04355EB54B72030372880E0EF63C4A6D6A2A10F571AFEA ] vmicvss         C:\WINDOWS\System32\icsvcext.dll
19:39:43.0569 0x2234  vmicvss - ok
19:39:43.0575 0x2234  [ D81F6B790519A60F3D1788B45D04B749, 7607DBA77412127C4968D3B6C4FD25F8C286A22DDDD9C78BDC54DF3A4C98AA8E ] vnvdimm         C:\WINDOWS\System32\drivers\vnvdimm.sys
19:39:43.0589 0x2234  vnvdimm - ok
19:39:43.0597 0x2234  [ 4F91CD6C36DF2FDB91390082A116E602, 47AD91A097B1A6769A3EBB53EF1DE861420BC3E208F148CDAA04E3B4276F0C92 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
19:39:43.0608 0x2234  volmgr - ok
19:39:43.0619 0x2234  [ 6D6CACED512C1EF1FEAC215E37E3A9BC, 11B26DA5AB0C3736E2B8ADF3E06BFF3FD7853F9D6A948EA15ADC8B7D230062D4 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
19:39:43.0637 0x2234  volmgrx - ok
19:39:43.0649 0x2234  [ 5B27846CF4B1C21AFB3A35A8336BA02F, 0481F605776B638CCE855525DF605288AB4ECA87FCB4B6E668B60E3DFD120EF2 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
19:39:43.0667 0x2234  volsnap - ok
19:39:43.0671 0x2234  [ 72A95A844D6BAF2924A4C15BEDFD6BCA, AB9F8C77A077C9E95061D562F516793E547BC276926E1895A186A39317F21BA1 ] volume          C:\WINDOWS\system32\drivers\volume.sys
19:39:43.0682 0x2234  volume - ok
19:39:43.0688 0x2234  [ 9198C53EE69D942217E2ACC29A01D605, 4F4742EC69DEF6485FECD60F0EB3C7DBBCB78E706C85319CAC8FFC40D3C27780 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
19:39:43.0699 0x2234  vpci - ok
19:39:43.0715 0x2234  [ 05F1897706AA0C9F7336C0DC20E46B5B, 6F567997EC2C97922DB69F3A02F7A5443614312C37BC9F689FAB5B4661A9A29C ] vpnagent        C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
19:39:43.0733 0x2234  vpnagent - ok
19:39:43.0738 0x2234  [ 0F42C39016F82F345C0F2DB2D5B90EB4, 2E957E72BB8D0293F61FA7385BA9400DF7759E1E3D35FE24F3877A6460988F4D ] vpnva           C:\WINDOWS\System32\drivers\vpnva64-6.sys
19:39:43.0749 0x2234  vpnva - ok
19:39:43.0756 0x2234  [ 075CE3C9E77D2666AFA888951E5F07A9, 264EDD6301851A41FB2233DC9BFC357EE5B60BEC1A04578FD7A576BA145E2A31 ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
19:39:43.0770 0x2234  vsmraid - ok
19:39:43.0802 0x2234  [ 53B56525785DDBBF34956948A08F6491, 799759ACDF514F195A6C9DACBA966866E9012AA862B45D2E27D345D5901B7924 ] VSS             C:\WINDOWS\system32\vssvc.exe
19:39:43.0858 0x2234  VSS - ok
19:39:43.0873 0x2234  [ 26D00E85BE4726B114335250FCDEDA89, BA1E3EC92786A17B99BF6544FD76F0458DAC2810D2A3B0785AC2B066079D5B09 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
19:39:43.0888 0x2234  VSTXRAID - ok
19:39:43.0896 0x2234  [ 3DFDB573E4D49EA8F416B573525B7A86, 9951D34FF0B98CA562EC0D81E23DA81BF5E5E6B4F5C274BC8E258BAE5E69DF8D ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
19:39:43.0913 0x2234  vwifibus - ok
19:39:43.0920 0x2234  [ A40FA64655AB5B8773A96A821616C5FC, 221063771A70CD6238D5DD816EC99BFFE31418EDA08E2270D864554234271087 ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
19:39:43.0936 0x2234  vwififlt - ok
19:39:43.0942 0x2234  [ 0D34F98DBDF09D239533AC345C360F03, 503F6826443560C65FC281E41E91C5EBBEFFC937C975FA4CBBF5F5FC34EC3E4B ] vwifimp         C:\WINDOWS\System32\drivers\vwifimp.sys
19:39:43.0956 0x2234  vwifimp - ok
19:39:43.0973 0x2234  [ A17A4F2823C5424C9B8B990644817DC0, D8CE6FC8B6B5BB89968D83AC3DC054C35BD16880D0B321B64799DA1830C2B626 ] W32Time         C:\WINDOWS\system32\w32time.dll
19:39:44.0004 0x2234  W32Time - ok
19:39:44.0012 0x2234  [ 5B5430522E0BDF2A753D758710BE7C5E, 1476C664EFCE7A2FEE738BB767D3E2EABBEF19F1037D383140BC01F92E154039 ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
19:39:44.0029 0x2234  WacomPen - ok
19:39:44.0042 0x2234  [ 451D40C28E7D1CF51A980B83FDEFF498, E6CEEB222A1C0D97E53DCFC2E22084FD4547A8CE3C16A54DD49622F524BF48CE ] WalletService   C:\WINDOWS\system32\WalletService.dll
19:39:44.0071 0x2234  WalletService - ok
19:39:44.0079 0x2234  [ E77B19FF6C2FFA5B19CDF62DA4953BC9, 2D93403BCB2A44F9CF110C1EF99C1C79D2BBB8068CCCA7C30B6606C1190F6C98 ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:39:44.0095 0x2234  wanarp - ok
19:39:44.0100 0x2234  [ E77B19FF6C2FFA5B19CDF62DA4953BC9, 2D93403BCB2A44F9CF110C1EF99C1C79D2BBB8068CCCA7C30B6606C1190F6C98 ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:39:44.0114 0x2234  wanarpv6 - ok
19:39:44.0119 0x2234  [ E3B4C37F1F3D8078AA2AFBEE7F5468CF, E620DC9F5AAAE9652E3B742BBF4D671F04D623F657959C98F2230CEF26086CDE ] WarpJITSvc      C:\WINDOWS\System32\Windows.WARP.JITService.dll
19:39:44.0137 0x2234  WarpJITSvc - ok
19:39:44.0168 0x2234  [ 1C1EB9C4DAF428B3BFDD58572768182C, 99F429EB8C2DEC185124B8811AF96D30E963E2F71CC7184AF8650805818B52E4 ] wbengine        C:\WINDOWS\system32\wbengine.exe
19:39:44.0224 0x2234  wbengine - ok
19:39:44.0252 0x2234  [ A0B4836C489C2535795C4E71E378AD07, 39A511EE1FFFD956496768A1D1453E503C911DE512EBCAECFCDFC0B8E3A8544D ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
19:39:44.0293 0x2234  WbioSrvc - ok
19:39:44.0305 0x2234  [ 0610F02EC87DBF6BA319CB1D6B8771AE, CCD9E8A028F091907BC30619ACA126F9FBA448A69124E53EF905978E3B5734F8 ] wcifs           C:\WINDOWS\system32\drivers\wcifs.sys
19:39:44.0318 0x2234  wcifs - ok
19:39:44.0340 0x2234  [ A616F82723F181A850C9E22E5D1AF2EB, 5A439FCADBB277EF497F6B590192C6AAB361D1D013D4C461D3A5620FCD263174 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
19:39:44.0381 0x2234  Wcmsvc - ok
19:39:44.0395 0x2234  [ 505E50A4819CF28DCE8176DB15952D49, 6003C93FB0997A9FFD5CBE9BD18C86B08594AD56D70AD93F72FB67C5F6D7666A ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
19:39:44.0422 0x2234  wcncsvc - ok
19:39:44.0429 0x2234  [ 87F462C7D37F380187BE12F079F73216, 4025B95FAF4751633E9DD9BA9312274E99778EEBADC8EA37D5E179A41C1EE344 ] wcnfs           C:\WINDOWS\system32\drivers\wcnfs.sys
19:39:44.0445 0x2234  wcnfs - ok
19:39:44.0450 0x2234  [ 6FD8F1FBED780A7F3DF329C834E52AC5, 3AD265AF0E955A78102BFF7048C08C3D250694EBB47B9E603090EC0FE5BD522E ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
19:39:44.0462 0x2234  WdBoot - ok
19:39:44.0483 0x2234  [ FCC960498E3CD899F0A429F7CF9E77AD, 91FB3B6AF1522754E6ECF5D0CD146B1D06F657D06E6D9D917F55A3789A92D8EB ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
19:39:44.0508 0x2234  Wdf01000 - ok
19:39:44.0519 0x2234  [ 7D182F0F227FC141C5D2085175BE05F6, 58F3F00521DBD7D33E5383FBFE264777B8403C16F52C887FA4C5F391CB1E0250 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
19:39:44.0536 0x2234  WdFilter - ok
19:39:44.0544 0x2234  [ AB406F30BE98CDB7AA7171336EF031BA, 912137DE2DF4BE3B9D777E6F19B99FC233D0CE2CCE97B98AF885CC728AC78721 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
19:39:44.0565 0x2234  WdiServiceHost - ok
19:39:44.0570 0x2234  [ AB406F30BE98CDB7AA7171336EF031BA, 912137DE2DF4BE3B9D777E6F19B99FC233D0CE2CCE97B98AF885CC728AC78721 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
19:39:44.0592 0x2234  WdiSystemHost - ok
19:39:44.0612 0x2234  [ 394CCCA2A8C04BA14327636F20AB9DAD, E14C82C255517CCA4DECEF1A1DA3B1115D5E7AA98838D2B9848E150ADCDCEC34 ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
19:39:44.0645 0x2234  wdiwifi - ok
19:39:44.0656 0x2234  [ 0D38C257A7B34A818726BA2F323B196E, B136076CFDD0FB9B78E0BFF2873F4F3477808E12EB897ED0D883481EB92A24DE ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
19:39:44.0668 0x2234  WdNisDrv - ok
19:39:44.0672 0x2234  WdNisSvc - ok
19:39:44.0680 0x2234  [ DF58AA71FBA55E15F572C93447696DEC, F20C93140A44C1E61B5544FC8B3A1145E9ED57B2F09881719F4B2853B4900891 ] wdnsfltr        C:\WINDOWS\system32\drivers\wdnsfltr.sys
19:39:44.0695 0x2234  wdnsfltr - ok
19:39:44.0704 0x2234  [ 36947722152A5C5CE9CAA33AD84ACCB5, 8B6E7D7BC091DDCA6AF90ED100AAEDACCE9110179BAD5E444D6788E52C68F461 ] WebClient       C:\WINDOWS\System32\webclnt.dll
19:39:44.0726 0x2234  WebClient - ok
19:39:44.0736 0x2234  [ 7997BC2386A9976C0645A28FA8A6E7EA, ABE47A6132B7651EA2055F97E7BD9D596906086BCD726147449D4378C7E4F9B9 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
19:39:44.0757 0x2234  Wecsvc - ok
19:39:44.0765 0x2234  [ CEA146E0D096A491B265CD2340C2E31D, 285BA0D58E6E93FEB0D8F33738C6A223D7269378B3E77A7760D7131E43DEBE7C ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
19:39:44.0782 0x2234  WEPHOSTSVC - ok
19:39:44.0789 0x2234  [ 40610BA98D5830FB14C3695B3BCA647A, 6E047D04DDD9DCB142572CEAB5E73585062205BABE510C5B0D63800B2A9D251A ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
19:39:44.0809 0x2234  wercplsupport - ok
19:39:44.0818 0x2234  [ AA2B3154D12ABE34640C866AC3472E33, 32EBA0B999FDA77E6828274FE49A7619B97471BF828B18BF55BDAE19FB10DC6A ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
19:39:44.0846 0x2234  WerSvc - ok
19:39:44.0863 0x2234  [ 86B816E9D24625287BDE9784953A5E86, BCA73B320100D7C1052751D7FA42990579B6BA5908E31B2212BFE75681B32D3F ] WFDSConMgrSvc   C:\WINDOWS\System32\wfdsconmgrsvc.dll
19:39:44.0898 0x2234  WFDSConMgrSvc - ok
19:39:44.0910 0x2234  [ C82198D3B33854D9578F9B09025E4293, E4CEEC078B2EE56186D75AE762D6511F3AF88C41C52039710D06CB2945C1B397 ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
19:39:44.0926 0x2234  WFPLWFS - ok
19:39:44.0933 0x2234  [ F78A2731EC972312C4C998174A9BB325, 72CCA57EB6383F65683C276337F53AB38BC398CEA69E53D6E2867D5EE8B4B007 ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
19:39:44.0952 0x2234  WiaRpc - ok
19:39:44.0958 0x2234  [ C8D3FC38426E990E2787771678B19C6D, FB6CA9A5BF3935793CD8B2F288FAC0C675B333D4F7393FA02244E3BCC2E25625 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
19:39:44.0970 0x2234  WIMMount - ok
19:39:44.0973 0x2234  WinDefend - ok
19:39:44.0988 0x2234  [ 4499AB24236526E5CFCE817CD02EC034, 5D8666B2EEBAD0CDD70E43F83540C738333CFC5124C74432E7AB677504A48688 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
19:39:45.0000 0x2234  WindowsTrustedRT - ok
19:39:45.0004 0x2234  [ 813EE0F4D4B8D599DB1968682D080732, A3EF1BBB866F5A7C1B5303BBF6E805B35739602CA7F244C076A8BF90F1CB2952 ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
19:39:45.0017 0x2234  WindowsTrustedRTProxy - ok
19:39:45.0044 0x2234  [ A6779AAAFCCF789782A78622B1076DD2, DF8EE65AA04DB4CC500945B7C26BA8C2F063B4E3B46F8F5FA207C72D0C0EB505 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
19:39:45.0077 0x2234  WinHttpAutoProxySvc - ok
19:39:45.0087 0x2234  [ E23475E9150E6A50B12DB176EA5CDD56, 25699796948D4679D0C1633C726C3CDF052F877AAA18CD7D069F95A88701CB73 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
19:39:45.0098 0x2234  WinMad - ok
19:39:45.0108 0x2234  [ 0FBD5D358094E254A1508832D4042FF7, 4EC4DB3B03BE1518BB38D4F3BF79A77D1BCA5A2DE9BA5F9C9312606E4E2A14E9 ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
19:39:45.0132 0x2234  Winmgmt - ok
19:39:45.0140 0x2234  [ 90DBE4DB3A8266C6E078EF6682E26B91, 432AAEDE3628EAD3F844D3CBBA0AAA6AFDD04CAB04EA7871689D7FD394F25EC1 ] WinNat          C:\WINDOWS\system32\drivers\winnat.sys
19:39:45.0160 0x2234  WinNat - ok
19:39:45.0211 0x2234  [ C2A88E382CD48E4772A5570D66BF1A90, F1BFB1873FB1E37DAADE923FC30265C72018CF2003B0A5E0E5896167D1680D01 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
19:39:45.0302 0x2234  WinRM - ok
19:39:45.0321 0x2234  [ E92F3539C4758F6A9F4B80CBAC75B3E6, 9CF9069B9A738E86181FB02904720B2A88353574F35BDC298A2EB697D22B7723 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
19:39:45.0341 0x2234  WINUSB - ok
19:39:45.0349 0x2234  [ 59126AFCC64270747B5CC9B44A4A48F4, C0C1E6B248E725FE02B58151838AAC8841FB70B673A2B6EFB49EEA96E7F1C1DA ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
19:39:45.0360 0x2234  WinVerbs - ok
19:39:45.0366 0x2234  [ 569FB3D619213F226CBB60F9CB8FE1BD, 1BFFC248FB43948EE4E5C19A45CF2DB89BEA14F67CA50BF58C5C4D2C7A2B8EFA ] WirelessButtonDriver64 C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys
19:39:45.0377 0x2234  WirelessButtonDriver64 - ok
19:39:45.0396 0x2234  [ 0A3ADAA0EFAFA26CA8570E24A13CE484, 2B7FA1ADD904962F296111F555F4BB45A3BA77B6961DABC502B6DDC4E9324CEB ] wisvc           C:\WINDOWS\system32\flightsettings.dll
19:39:45.0434 0x2234  wisvc - ok
19:39:45.0487 0x2234  [ AA11D9AEF05DE5BF7371005E6C03798C, 32003C63D3EB60D9B3F2F249873047C6C510E9195FAFE145B1CDB5C9F0358026 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
19:39:45.0566 0x2234  WlanSvc - ok
19:39:45.0612 0x2234  [ 6573EE8E98779F26C79A62CF15CB61D2, DAC8A01E17B0AF6C4EFE0E3BFA3C18D7B5EECD6EB7FA8A63AFEE4C0FCB353927 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
19:39:45.0685 0x2234  wlidsvc - ok
19:39:45.0720 0x2234  [ 56E1A46DD1C5D28B10F02E21D077EBF6, CC9AADBBBA03E162948EE39CCAAFD0A43253C86F5B875765748B73A084DC4B25 ] wlpasvc         C:\WINDOWS\System32\lpasvc.dll
19:39:45.0773 0x2234  wlpasvc - ok
19:39:45.0782 0x2234  [ E8C793ED028E132771988760819E3754, 7BC02774EEDF4B884181854BEADF2DCAC615BA3ED7F1551C0863B79E009E3043 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
19:39:45.0795 0x2234  WmiAcpi - ok
19:39:45.0806 0x2234  [ 7112092A3C6F41EDBE83636791C774D9, D7697F75EB9CAA5924CF7227A46BC5A0F1BDD3FA14D384ED5B669C1FB512B31D ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
19:39:45.0826 0x2234  wmiApSrv - ok
19:39:45.0832 0x2234  WMPNetworkSvc - ok
19:39:45.0841 0x2234  [ 8D6E6F6C233AF450C50FA615530B44D2, 1BF6CD93B97920500F5FD0E9D8395ACCAAA2D126FD9C256148797B292D5F9A6C ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
19:39:45.0855 0x2234  Wof - ok
19:39:45.0897 0x2234  [ 1431D184691F7FA9AAC2064EB0EC6C96, 6185E5AB281327563DC4E87526B37792A9B4B86C65D5BADDBB1DBA6A50FC9134 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
19:39:45.0961 0x2234  workfolderssvc - ok
19:39:45.0974 0x2234  [ AE9793230B219113DE1163138645E5AE, 9CBC10269D847E4EFCF8B412D34B9551594396390BF5BFDEED03DBFB84D7174F ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
19:39:45.0991 0x2234  WPDBusEnum - ok
19:39:45.0999 0x2234  [ 9EAE1EF282864674355B4B81DF6AE935, 781CED5AE95D365BB59769517FA9462EFC6472ED4EB08C98EC66CE3E17C66D69 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
19:39:46.0008 0x2234  WpdUpFltr - ok
19:39:46.0019 0x2234  [ C75B59E441206A572CC64BBB60EE54B3, C43A3109EAB89B6A23E033C127F1B5586651A1A3A1C4D45ECFBF0ABE472FEBA1 ] WpnService      C:\WINDOWS\system32\WpnService.dll
19:39:46.0046 0x2234  WpnService - ok
19:39:46.0053 0x2234  [ 07F4AF1730D55567EACE7ADDEA28FE48, 256671C52C350E42662DC590AE36BAFD06E9507551C39575BCD894D8FD040129 ] WpnUserService  C:\WINDOWS\System32\WpnUserService.dll
19:39:46.0072 0x2234  WpnUserService - ok
19:39:46.0082 0x2234  [ 367B3ED0C688AFE28C376B0230814567, 1E7419254852A70AEAA30DF0F85C4E489591E5A0E90256C40676F712D45960CA ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
19:39:46.0099 0x2234  ws2ifsl - ok
19:39:46.0109 0x2234  [ 95E6DA58562C14947935B1C5D393A7F0, B9F0F8B2F50B48125B89BF61B3229317E918619B6A9D47FF0B368A87EE0CE734 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
19:39:46.0131 0x2234  wscsvc - ok
19:39:46.0136 0x2234  [ 7B44553610A89F2011CF69BEA9AFD4CB, A7DE907114570F8CC248F4996045D33C0FB0159B8E6F0A4127F1C205183DDF35 ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
19:39:46.0151 0x2234  WSDPrintDevice - ok
19:39:46.0157 0x2234  [ 8068DC839C3729FFC70821FBEF05D5ED, FAD4FDC8DD9CD119B93C8B8889796E9766952C032D70ACD8FA97D29A4BDFE29F ] WSDScan         C:\WINDOWS\system32\DRIVERS\WSDScan.sys
19:39:46.0173 0x2234  WSDScan - ok
19:39:46.0178 0x2234  WSearch - ok
19:39:46.0235 0x2234  [ 868520F90F9DA2AA4160BA5A5F412D82, 251CDC32E1A9CBB1FF7FE5259EE11BE43A4EC5C801911D94B9F35F1814701EE1 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
19:39:46.0318 0x2234  wuauserv - ok
19:39:46.0332 0x2234  [ BD5E68B369DF3453A0A87663C6C5476D, 17B766ADB299D247EF9D4554F86015B38A89AE5C0310A36E1FCB0AC28462CE96 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
19:39:46.0350 0x2234  WudfPf - ok
19:39:46.0360 0x2234  [ A86A249314FD0A780214028B0C31A386, 71D0A346DA228EFD44F2D63765A01B59B305EC753C172730096F143F3A4D62F0 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
19:39:46.0383 0x2234  WUDFRd - ok
19:39:46.0392 0x2234  [ A86A249314FD0A780214028B0C31A386, 71D0A346DA228EFD44F2D63765A01B59B305EC753C172730096F143F3A4D62F0 ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
19:39:46.0412 0x2234  WUDFWpdFs - ok
19:39:46.0442 0x2234  [ 02DCDAE63AB343418D7420D481FE839C, DBFD3C9EF34645EB3A11107760C8298590368A2E815695B857CCF653910265A7 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
19:39:46.0496 0x2234  WwanSvc - ok
19:39:46.0507 0x2234  [ 42C738ED1552FE168F6EE1BAE8ACFCAC, 01E9CD1FA7935DD442A2EBFC93E4BDDF204F995379FCAFFEADAF0BF6638AB925 ] xbgm            C:\WINDOWS\system32\xbgmsvc.exe
19:39:46.0520 0x2234  xbgm - ok
19:39:46.0545 0x2234  [ A03C4D4D71304087820A0EF18FCF7582, F92737321A5082A72F20491810A09D249F0676F0F12478A2C81ADF9B2F79BAB0 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
19:39:46.0593 0x2234  XblAuthManager - ok
19:39:46.0623 0x2234  [ 77ADC2F5DBE303EF8B8D2D08AEE3F3DB, 65128FB8561EF1BE4E3CAA3B0D873FEA3A218E3CF90527068C43F6E549ECB188 ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
19:39:46.0672 0x2234  XblGameSave - ok
19:39:46.0688 0x2234  [ 2244A4CEFE8F9C74091369ACE2E9EBC6, 48F59F36EBA0434BED00B53321107C0BDFF20131683D5E6BC7A9F5DA0B8B6929 ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
19:39:46.0712 0x2234  xboxgip - ok
19:39:46.0718 0x2234  [ 1A9550D746B8604D37A90436EF686777, 3DBF305C228D28A3C4FC48F65CC38BDBFEE6B7995CEE8319E680E073978CA58B ] XboxGipSvc      C:\WINDOWS\System32\XboxGipSvc.dll
19:39:46.0738 0x2234  XboxGipSvc - ok
19:39:46.0764 0x2234  [ 4951DD543AA2710760D90A58261ED665, 37D08FA58147A6606E69DB39405898D82BC40420F8FFB0BD097694A53E60AD1D ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
19:39:46.0812 0x2234  XboxNetApiSvc - ok
19:39:46.0819 0x2234  [ 4A91B49C6B1E41151D47CB919ADF013A, 4DA1E3F50B2D63AFD2F7A014E3C0420C1E7DEDE96A48EEC33C53023D88F9AAFF ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
19:39:46.0838 0x2234  xinputhid - ok
19:39:46.0848 0x2234  [ DCF1C283860C3CAB0BF0A71528A0136C, DFC44E5337A8B37C54CA57D53F74E41BE2C0495AF2A566FE1E9A37C045BF4C84 ] XtuAcpiDriver   C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys
19:39:46.0864 0x2234  XtuAcpiDriver - ok
19:39:46.0935 0x2234  [ EB62D8843FB1669B30D28046E63932F8, 0317419FC6F719670D6095109EA461DE39DA4284082F533A398E05F64E5CCDC9 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
19:39:47.0006 0x2234  ZeroConfigService - ok
19:39:47.0022 0x2234  [ 19EBAAB0F84B3492223C82A5043CDE65, 6F2F0839C1D8CA5F85B6382ACDD680BFE62163F425F4B316F5D74FF5828B75CF ] ZyWALL SecuExtender Helper C:\Program Files (x86)\Zyxel\ZyWALL SecuExtender\SecuExtenderHelper.exe
19:39:47.0033 0x2234  ZyWALL SecuExtender Helper - ok
19:39:47.0066 0x2234  ================ Scan global ===============================
19:39:47.0071 0x2234  [ EB45383BE9D7ECB36D55B262E0D8EB46, DC975066C426B5FBBFA3A4254D1D97DBF889B6BFD062D9FF1892F66C0CFF2DE3 ] C:\WINDOWS\system32\basesrv.dll
19:39:47.0079 0x2234  [ B7147831151D5519E5A80CC71CA1F73D, 2862ACE7D2672399B4E0CD0D0275301BD63BFE16E4680A09F5DFDFCFBB7187BF ] C:\WINDOWS\system32\winsrv.dll
19:39:47.0086 0x2234  [ 9451BA31B1DC19CED2608D82863C6486, 888F8676086DD8338445C35A64106E01122881FD08858D3996470EBF0DF30648 ] C:\WINDOWS\system32\sxssrv.dll
19:39:47.0102 0x2234  [ AB75687641C9ADBE22336EC3C496909C, 5ACB7665BFF5024E3B244EC733F612FA257B886BC84ADD6F61246B5F6BC37B9E ] C:\WINDOWS\system32\services.exe
19:39:47.0112 0x2234  [ Global ] - ok
19:39:47.0112 0x2234  ================ Scan MBR ==================================
19:39:47.0114 0x2234  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
19:39:47.0138 0x2234  \Device\Harddisk0\DR0 - ok
19:39:47.0138 0x2234  ================ Scan VBR ==================================
19:39:47.0141 0x2234  [ DAA04F19D9453B0A819EFD4FF7CE837C ] \Device\Harddisk0\DR0\Partition1
19:39:47.0142 0x2234  \Device\Harddisk0\DR0\Partition1 - ok
19:39:47.0146 0x2234  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition2
19:39:47.0146 0x2234  \Device\Harddisk0\DR0\Partition2 - ok
19:39:47.0149 0x2234  [ EB04032D6EC91229E55674C19C1F6F83 ] \Device\Harddisk0\DR0\Partition3
19:39:47.0150 0x2234  \Device\Harddisk0\DR0\Partition3 - ok
19:39:47.0152 0x2234  [ 646AABB8C57B5B173CE125E2636C8440 ] \Device\Harddisk0\DR0\Partition4
19:39:47.0153 0x2234  \Device\Harddisk0\DR0\Partition4 - ok
19:39:47.0156 0x2234  [ EC24FC72FEC25F6246786611241F8CD4 ] \Device\Harddisk0\DR0\Partition5
19:39:47.0158 0x2234  \Device\Harddisk0\DR0\Partition5 - ok
19:39:47.0162 0x2234  [ 0D99BD8A08CEFAB267B3AD04377AF878 ] \Device\Harddisk0\DR0\Partition6
19:39:47.0163 0x2234  \Device\Harddisk0\DR0\Partition6 - ok
19:39:47.0164 0x2234  ================ Scan generic autorun ======================
19:39:47.0164 0x2234  SecurityHealth - ok
19:39:47.0172 0x2234  [ 12CDD943B34BEF2A7A6AECA08D445D85, CEE4E1602F2F4776CA785E077114C35CF417179597651477A15FD0FF5DD06D02 ] C:\WINDOWS\RTSCM64.EXE
19:39:47.0184 0x2234  RtsCM - ok
19:39:47.0188 0x2234  [ DC6806FF8FEEADEC6ACCD2565E5FFC30, 30E5064E112B5AA49246F283E6AD55041C341564763BC410AB3C174AAB48DF48 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
19:39:47.0197 0x2234  IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
19:39:47.0278 0x2234  Detect skipped due to KSN trusted
19:39:47.0278 0x2234  IAStorIcon - ok
19:39:47.0284 0x2234  [ 95880B82FB3ED223AB272269555170F2, 74887CA87B48B709C062413358522A87FBAFD5E718B8A31919B679D2B5C56142 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
19:39:47.0297 0x2234  IMSS - ok
19:39:47.0318 0x2234  [ 68F1419721354EC1F78A71E10B54FCA8, 5BB4814BD28EE8ABB15BE6B8E723F6960F37EC17A619F5D93EFBCC6FC59502F6 ] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
19:39:47.0340 0x2234  Cisco AnyConnect Secure Mobility Agent for Windows - ok
19:39:47.0356 0x2234  [ 9CE467BFF974344FB989F83D600B0A80, 40AEBDFEB9380ED5F3A6995F108C9D8D3D1433778C835B75FAE3B1A3534794DF ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
19:39:47.0373 0x2234  SunJavaUpdateSched - ok
19:39:47.0711 0x2234  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
19:39:48.0062 0x2234  OneDriveSetup - ok
19:39:48.0412 0x2234  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
19:39:48.0754 0x2234  OneDriveSetup - ok
19:39:48.0788 0x2234  [ 2D7841420EF0ADE2C17CB65CF1A136C5, 99E2D99154767084507C394FDDC6E1CF6999D896665AC9EC05CE9E2578434237 ] C:\Users\jch\AppData\Local\Microsoft\OffCAT\OffCAT_RTS.exe
19:39:48.0804 0x2234  OffCAT - ok
19:39:49.0151 0x2234  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
19:39:49.0494 0x2234  OneDriveSetup - ok
19:39:49.0550 0x2234  [ 41205572066FA2F02036BAD3C6D0916A, 987B26F8FD0AC83CE309D119D284836F8AF16A6DDE2537B62798F2BB5FF0D420 ] C:\Users\jgr\AppData\Local\Microsoft\OneDrive\OneDrive.exe
19:39:49.0587 0x2234  OneDrive - ok
19:39:49.0603 0x2234  [ 93690F7205E1A337E94682E612F8AD22, F1B3798A2A1E5B9D616F743E5FBA9FA23A9FFCED40F35A7FCF0BD2D99E022CB8 ] C:\Program Files (x86)\Windows Mail\wab.exe
19:39:49.0632 0x2234  WAB Migrate - ok
19:39:49.0968 0x2234  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
19:39:50.0320 0x2234  OneDriveSetup - ok
19:39:50.0356 0x2234  [ 93690F7205E1A337E94682E612F8AD22, F1B3798A2A1E5B9D616F743E5FBA9FA23A9FFCED40F35A7FCF0BD2D99E022CB8 ] C:\Program Files (x86)\Windows Mail\wab.exe
19:39:50.0384 0x2234  WAB Migrate - ok
19:39:50.0699 0x2234  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
19:39:51.0051 0x2234  OneDriveSetup - ok
19:39:51.0083 0x2234  [ 93690F7205E1A337E94682E612F8AD22, F1B3798A2A1E5B9D616F743E5FBA9FA23A9FFCED40F35A7FCF0BD2D99E022CB8 ] C:\Program Files (x86)\Windows Mail\wab.exe
19:39:51.0112 0x2234  WAB Migrate - ok
19:39:51.0430 0x2234  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
19:39:51.0772 0x2234  OneDriveSetup - ok
19:39:51.0812 0x2234  [ FD9A7F99A09DB266D0C1361B0ACCBD7E, 579160BDACDFE39AE5DDD7B5C2964453E89BA8D933F3FB16C6E3897EA3BDED29 ] C:\Users\admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe
19:39:51.0831 0x2234  OneDrive - ok
19:39:51.0845 0x2234  [ 93690F7205E1A337E94682E612F8AD22, F1B3798A2A1E5B9D616F743E5FBA9FA23A9FFCED40F35A7FCF0BD2D99E022CB8 ] C:\Program Files (x86)\Windows Mail\wab.exe
19:39:51.0872 0x2234  WAB Migrate - ok
19:39:51.0873 0x2234  Waiting for KSN requests completion. In queue: 317
19:39:52.0899 0x2234  AV detected via SS2: Malwarebytes, C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe ( 3.0.0.167 ), 0x61000 ( enabled : updated )
19:39:52.0899 0x2234  AV detected via SS2: ESET Endpoint Antivirus, C:\Program Files\ESET\ESET Endpoint Antivirus\ecmd.exe ( 6.5.2107.0 ), 0x41000 ( enabled : updated )
19:39:52.0919 0x2234  Win FW state via NFP2: enabled ( trusted )
19:39:53.0076 0x2234  ============================================================
19:39:53.0076 0x2234  Scan finished
19:39:53.0076 0x2234  ============================================================
19:39:53.0084 0x1168  Detected object count: 0
19:39:53.0084 0x1168  Actual detected object count: 0
         
Malwarebytes AdwCleaner Scan
Code:
ATTFilter
# -------------------------------
# Malwarebytes AdwCleaner 7.1.0.0
# -------------------------------
# Build:    04-12-2018
# Database: 2018-04-16.1
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    04-16-2018
# Duration: 00:00:11
# OS:       Windows 10 Pro
# Scanned:  40655
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########


# -------------------------------
# Malwarebytes AdwCleaner 7.1.0.0
# -------------------------------
# Build:    04-12-2018
# Database: 2018-04-16.1
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    04-16-2018
# Duration: 00:00:01
# OS:       Windows 10 Pro
# Cleaned:  0
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Chromium Policies
[+] Reset IE Policies
[+] Reset Proxy Settings
[+] Reset Winsock

*************************


########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
         
__________________


Alt 16.04.2018, 19:58   #3
RSLB
 
Raiffeisen E-Banking Probleme - infizierten Rechner - Standard

Raiffeisen E-Banking Probleme - infizierten Rechner



FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15.04.2018
Ran by jch (administrator) on NBJCH (16-04-2018 17:49:49)
Running from C:\Users\jch\Downloads
Loaded Profiles: jch (Available Profiles: jch & defaultuser0 & admin)
Platform: Windows 10 Pro Version 1709 16299.371 (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(HP) C:\Windows\System32\HP3DDGService.exe
(HP) C:\Windows\System32\hpservice.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel Corporation) C:\Windows\System32\IntelCpHDCPSvc.exe
(Conexant Systems, Inc) C:\Windows\CxSvc\CxMonSvc.exe
(Conexant Systems, Inc.) C:\Windows\CxSvc\CxUtilSvc.exe
(ESET) C:\Program Files\ESET\RemoteAdministrator\Agent\ERAAgent.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\UIUSrv2.exe
(Zyxel Communications Corp.) C:\Program Files (x86)\Zyxel\ZyWALL SecuExtender\SecuExtenderHelper.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe
(Conexant) C:\Windows\System32\MicTray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor Corp.) C:\Windows\RtsCM64.exe
(Microsoft Corp.) C:\Users\jch\AppData\Local\Microsoft\OffCAT\OffCAT_RTS.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\HP-NB-AIO\SmartAudio3.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.1000_x64__kzf8qxf38zg5c\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

====================
         
--- --- ---

--- --- ---
Code:
ATTFilter
--- --- ---
Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RtsCM] => C:\WINDOWS\RTSCM64.EXE [225280 2017-03-09] (Realtek Semiconductor Corp.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322104 2016-03-08] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1178400 2016-01-07] (Intel Corporation)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [975248 2015-07-24] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
HKU\S-1-5-21-4260820389-203242751-2565199900-1108\...\Run: [OffCAT] => C:\Users\jch\AppData\Local\Microsoft\OffCAT\OffCAT_RTS.exe [365440 2016-08-01] (Microsoft Corp.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{0d75236d-370b-4915-9fbb-45703da4bba0}: [NameServer] 172.16.184.11
Tcpip\..\Interfaces\{4f39b35d-ab95-43b8-8c2f-5b5dd1e075f7}: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{ef65dd54-1889-4265-a847-bc3d941ad46f}: [DhcpNameServer] 172.16.184.11

Internet Explorer:
==================
HKU\S-1-5-21-4260820389-203242751-2565199900-1108\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/fr-ch/?ocid=iehp
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-04-15] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2018-04-15] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-03-31] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-08-17] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2018-04-15] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-08-17] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll => No File
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-31] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-31] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-31] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-31] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: kivccjt3.default-1522316322991
FF ProfilePath: C:\Users\jch\AppData\Roaming\Mozilla\Firefox\Profiles\kivccjt3.default-1522316322991 [2018-04-16]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-08-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-08-17] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-03] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-12] (Adobe Systems Inc.)

Chrome: 
=======
CHR Profile: C:\Users\jch\AppData\Local\Google\Chrome\User Data\Default [2018-04-16]
CHR Extension: (No Name) - C:\Users\jch\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (No Name) - C:\Users\jch\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (No Name) - C:\Users\jch\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-21]
CHR Extension: (No Name) - C:\Users\jch\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-21]
CHR Extension: (Adblock Plus) - C:\Users\jch\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-01-27]
CHR Extension: (No Name) - C:\Users\jch\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (No Name) - C:\Users\jch\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-25]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\jch\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2018-04-14]
CHR Extension: (XPath Helper) - C:\Users\jch\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgimnogjllphhhkhlmebbmlgjoejdpjl [2017-10-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\jch\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (No Name) - C:\Users\jch\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-21]
CHR Extension: (Chrome Media Router) - C:\Users\jch\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-27]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8522416 2018-04-06] (Microsoft Corporation)
R2 cplspcon; C:\WINDOWS\system32\IntelCpHDCPSvc.exe [613360 2017-09-07] (Intel Corporation)
R2 CxMonSvc; C:\WINDOWS\CxSvc\CxMonSvc.exe [22648 2016-06-07] (Conexant Systems, Inc)
R2 CxUtilSvc; C:\WINDOWS\CxSvc\CxUtilSvc.exe [141432 2016-07-30] (Conexant Systems, Inc.)
S3 EHttpSrv; C:\Program Files\ESET\ESET Endpoint Antivirus\ehttpsrv.exe [52864 2017-06-09] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [2002480 2017-06-09] (ESET)
R2 EraAgentSvc; C:\Program Files\ESET\RemoteAdministrator\Agent\ERAAgent.exe [1708192 2016-07-01] (ESET)
S3 eshasrv; C:\Program Files\ESET\ESET Endpoint Antivirus\eshasrv.exe [194688 2017-06-09] (ESET)
R2 hp3ddgsrv; C:\WINDOWS\system32\HP3DDGService.exe [130072 2017-10-03] (HP)
R2 hpsrv; C:\WINDOWS\system32\Hpservice.exe [38728 2016-10-12] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332144 2017-11-21] (HP Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18488 2016-03-08] (Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [542320 2017-12-06] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [415208 2017-09-07] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-07-06] (Intel Corporation) [File not signed]
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-07-06] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2016-01-07] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6479136 2018-03-27] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268928 2017-12-20] ()
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4329952 2017-12-18] (Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [256168 2017-12-14] (Synaptics Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803952 2017-11-09] (TeamViewer GmbH)
R2 UIUService2; C:\WINDOWS\SysWOW64\UIUSrv2.exe [108544 2018-02-13] (Conexant Systems, Inc.) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3758720 2017-12-20] (Intel® Corporation)
R2 ZyWALL SecuExtender Helper; C:\Program Files (x86)\Zyxel\ZyWALL SecuExtender\SecuExtenderHelper.exe [85648 2016-12-22] (Zyxel Communications Corp.)
S2 MongoDB; "C:\Program Files\MongoDB\Server\3.4\bin\mongod.exe" --directoryperdb --dbpath "C:\Program Files\MongoDB\Server\3.4\data\db" --logpath "C:\Program Files\MongoDB\Server\3.4\log\mongo.log" --logappend --rest --service

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Accelerometer; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [53760 2017-12-18] (HP)
R3 CnxtHdAudService; C:\WINDOWS\system32\drivers\CHDRT64ISST.sys [1656824 2017-07-17] (Conexant Systems Inc.)
R3 e1dexpress; C:\WINDOWS\system32\DRIVERS\e1d65x64.sys [531424 2015-08-14] (Intel Corporation)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [272496 2017-04-06] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [202928 2017-04-06] (ESET)
R1 epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [77168 2017-04-06] (ESET)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [76192 2018-03-19] ()
S3 hidemi; C:\WINDOWS\System32\drivers\hidemi.sys [30544 2015-08-21] (Microchip)
R0 hpdskflt; C:\WINDOWS\System32\DRIVERS\hpdskflt.sys [39936 2017-12-18] (HP)
S3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [136128 2017-12-06] (Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [193768 2018-04-16] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [112864 2018-04-16] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [44768 2018-04-16] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-04-16] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [102112 2018-04-16] (Malwarebytes)
S3 mchpemi; C:\WINDOWS\System32\drivers\mchpemi.sys [37728 2015-08-21] (Microchip)
S3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [7932160 2017-01-24] (Intel Corporation)
R3 Netwtw06; C:\WINDOWS\system32\DRIVERS\Netwtw06.sys [8623512 2018-01-25] (Intel Corporation)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [769752 2015-12-18] (Realsil Semiconductor Corporation)
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [413912 2015-12-22] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3222016 2017-03-09] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [42088 2016-08-18] (Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51880 2017-12-14] (Synaptics Incorporated)
R3 tap0901_zyxel; C:\WINDOWS\System32\drivers\tap0901_zyxel.sys [49736 2016-12-21] (The OpenVPN Project)
R3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [200832 2018-01-15] (Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [211704 2018-01-15] (Oracle Corporation)
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [52592 2015-07-24] (Cisco Systems, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [30368 2017-06-21] (HP)
R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [63840 2015-06-06] (Intel Corporation)
U3 aspnet_state; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-04-16 17:49 - 2018-04-16 17:50 - 000020182 _____ C:\Users\jch\Downloads\FRST.txt
2018-04-16 17:49 - 2018-04-16 17:49 - 002403328 _____ (Farbar) C:\Users\jch\Downloads\FRST64.exe
2018-04-16 17:49 - 2018-04-16 17:49 - 000000000 ____D C:\FRST
2018-04-16 17:42 - 2018-04-16 17:44 - 000000000 ____D C:\AdwCleaner
2018-04-16 17:42 - 2018-04-16 17:42 - 007256272 _____ (Malwarebytes) C:\Users\jch\Downloads\adwcleaner_7.1.0.0.exe
2018-04-16 17:39 - 2018-04-16 17:41 - 000305780 _____ C:\TDSSKiller.3.1.0.16_16.04.2018_17.39.56_log.txt
2018-04-16 17:39 - 2018-04-16 17:39 - 004944584 _____ (AO Kaspersky Lab) C:\Users\jch\Downloads\tdsskiller.exe
2018-04-16 16:16 - 2018-04-16 17:11 - 000000000 ____D C:\Users\jch\Desktop\mbar
2018-04-16 16:16 - 2018-04-16 17:11 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2018-04-16 16:16 - 2018-04-16 16:16 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\3444052F.sys
2018-04-16 16:15 - 2018-04-16 16:15 - 014178840 _____ (Malwarebytes Corp.) C:\Users\jch\Downloads\mbar-1.10.3.1001.exe
2018-04-16 15:59 - 2018-01-31 19:14 - 000000000 ____D C:\Users\jch\VirtualBox VMs
2018-04-16 15:48 - 2018-04-16 17:46 - 000112864 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2018-04-16 15:48 - 2018-04-16 17:46 - 000102112 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2018-04-16 15:48 - 2018-04-16 17:46 - 000044768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-04-16 15:48 - 2018-04-16 15:48 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-04-16 15:48 - 2018-04-16 15:48 - 000193768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-04-16 15:47 - 2018-04-16 16:16 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-04-16 15:47 - 2018-04-16 15:47 - 000001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-04-16 15:47 - 2018-04-16 15:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-04-16 15:47 - 2018-04-16 15:47 - 000000000 ____D C:\Program Files\Malwarebytes
2018-04-16 15:47 - 2018-03-19 12:57 - 000076192 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2018-04-16 15:46 - 2018-04-16 15:46 - 073208032 _____ (Malwarebytes ) C:\Users\jch\Desktop\mb3-setup-consumer-3.4.5.2467-1.0.342-1.0.4720.exe
2018-04-16 12:16 - 2018-04-16 16:56 - 001388448 _____ C:\Users\Public\VOIP.dat
2018-04-16 12:16 - 2018-04-16 12:16 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2018-04-14 15:02 - 2018-04-14 15:02 - 001740938 _____ C:\Users\jch\Documents\Application.pdf
2018-04-11 12:43 - 2018-03-30 14:34 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-04-11 12:43 - 2018-03-30 07:18 - 001092008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-04-11 12:43 - 2018-03-30 07:14 - 000423320 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-04-11 12:43 - 2018-03-30 07:12 - 000599448 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-04-11 12:43 - 2018-03-30 07:12 - 000270208 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2018-04-11 12:43 - 2018-03-30 07:12 - 000075168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2018-04-11 12:43 - 2018-03-30 07:10 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-04-11 12:43 - 2018-03-30 07:08 - 002513920 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-04-11 12:43 - 2018-03-30 07:08 - 001568160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-04-11 12:43 - 2018-03-30 07:08 - 001415296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-04-11 12:43 - 2018-03-30 07:08 - 000137112 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-04-11 12:43 - 2018-03-30 07:07 - 000300448 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-04-11 12:43 - 2018-03-30 07:07 - 000069528 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-04-11 12:43 - 2018-03-30 07:06 - 000166304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2018-04-11 12:43 - 2018-03-30 07:06 - 000053152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pcw.sys
2018-04-11 12:43 - 2018-03-30 07:05 - 001206688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-04-11 12:43 - 2018-03-30 07:05 - 001056152 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-04-11 12:43 - 2018-03-30 07:05 - 000748448 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-04-11 12:43 - 2018-03-30 07:05 - 000191824 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2018-04-11 12:43 - 2018-03-30 07:05 - 000073120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-04-11 12:43 - 2018-03-30 07:05 - 000066720 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2018-04-11 12:43 - 2018-03-30 07:05 - 000059808 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvhostsvc.dll
2018-04-11 12:43 - 2018-03-30 07:05 - 000035744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDFHost.dll
2018-04-11 12:43 - 2018-03-30 07:05 - 000022800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumbase.dll
2018-04-11 12:43 - 2018-03-30 07:05 - 000022208 _____ (Microsoft Corporation) C:\WINDOWS\system32\IumSdk.dll
2018-04-11 12:43 - 2018-03-30 07:05 - 000020888 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2018-04-11 12:43 - 2018-03-30 07:05 - 000015632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumdll.dll
2018-04-11 12:43 - 2018-03-30 07:04 - 002002336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-04-11 12:43 - 2018-03-30 07:04 - 000608160 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-04-11 12:43 - 2018-03-30 07:04 - 000035224 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-04-11 12:43 - 2018-03-30 07:03 - 001277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-04-11 12:43 - 2018-03-30 07:03 - 000664992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-04-11 12:43 - 2018-03-30 07:03 - 000508272 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2018-04-11 12:43 - 2018-03-30 07:03 - 000479920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-04-11 12:43 - 2018-03-30 07:03 - 000460704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-04-11 12:43 - 2018-03-30 07:03 - 000319864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2018-04-11 12:43 - 2018-03-30 07:03 - 000292384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2018-04-11 12:43 - 2018-03-30 07:03 - 000272288 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-04-11 12:43 - 2018-03-30 07:03 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2018-04-11 12:43 - 2018-03-30 07:03 - 000139680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2018-04-11 12:43 - 2018-03-30 07:03 - 000077216 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-04-11 12:43 - 2018-03-30 07:03 - 000059808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bam.sys
2018-04-11 12:43 - 2018-03-30 07:03 - 000022400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2018-04-11 12:43 - 2018-03-30 07:02 - 000128416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2018-04-11 12:43 - 2018-03-30 07:01 - 008600480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-04-11 12:43 - 2018-03-30 07:01 - 001209760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-04-11 12:43 - 2018-03-30 07:01 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2018-04-11 12:43 - 2018-03-30 07:01 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-04-11 12:43 - 2018-03-30 07:01 - 000471968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-04-11 12:43 - 2018-03-30 07:01 - 000034208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fs_rec.sys
2018-04-11 12:43 - 2018-03-30 07:00 - 002395040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-04-11 12:43 - 2018-03-30 07:00 - 000103320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2018-04-11 12:43 - 2018-03-30 07:00 - 000094104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys
2018-04-11 12:43 - 2018-03-30 06:59 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2018-04-11 12:43 - 2018-03-30 06:59 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-04-11 12:43 - 2018-03-30 06:58 - 000898216 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-04-11 12:43 - 2018-03-30 06:58 - 000129432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2018-04-11 12:43 - 2018-03-30 06:58 - 000039328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storvsc.sys
2018-04-11 12:43 - 2018-03-30 06:57 - 001173576 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-04-11 12:43 - 2018-03-30 06:57 - 000711944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-04-11 12:43 - 2018-03-30 06:57 - 000540064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-04-11 12:43 - 2018-03-30 06:57 - 000121248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2018-04-11 12:43 - 2018-03-30 06:57 - 000109976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2018-04-11 12:43 - 2018-03-30 06:57 - 000081304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2018-04-11 12:43 - 2018-03-30 06:57 - 000031640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhv.sys
2018-04-11 12:43 - 2018-03-30 06:56 - 000018680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshhyperv.dll
2018-04-11 12:43 - 2018-03-30 06:55 - 000367344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-04-11 12:43 - 2018-03-30 06:55 - 000062880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys
2018-04-11 12:43 - 2018-03-30 06:54 - 002574240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-04-11 12:43 - 2018-03-30 06:54 - 000749984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-04-11 12:43 - 2018-03-30 06:54 - 000670112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2018-04-11 12:43 - 2018-03-30 06:54 - 000645536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2018-04-11 12:43 - 2018-03-30 06:54 - 000461728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2018-04-11 12:43 - 2018-03-30 06:54 - 000408992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-04-11 12:43 - 2018-03-30 06:53 - 007676304 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-04-11 12:43 - 2018-03-30 06:53 - 002710736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-04-11 12:43 - 2018-03-30 06:53 - 002220952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2018-04-11 12:43 - 2018-03-30 06:53 - 000831392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2018-04-11 12:43 - 2018-03-30 06:53 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-04-11 12:43 - 2018-03-30 06:53 - 000549552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2018-04-11 12:43 - 2018-03-30 06:53 - 000495008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2018-04-11 12:43 - 2018-03-30 06:53 - 000246176 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-04-11 12:43 - 2018-03-30 06:53 - 000163744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2018-04-11 12:43 - 2018-03-30 06:53 - 000094080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll
2018-04-11 12:43 - 2018-03-30 06:53 - 000040352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClientPS.dll
2018-04-11 12:43 - 2018-03-30 06:52 - 021351632 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-04-11 12:43 - 2018-03-30 06:52 - 002457504 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-04-11 12:43 - 2018-03-30 06:52 - 000727456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-04-11 12:43 - 2018-03-30 06:52 - 000677280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-04-11 12:43 - 2018-03-30 06:52 - 000428960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-04-11 12:43 - 2018-03-30 06:52 - 000282528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2018-04-11 12:43 - 2018-03-30 06:52 - 000247480 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2018-04-11 12:43 - 2018-03-30 06:52 - 000192416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2018-04-11 12:43 - 2018-03-30 06:52 - 000054688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vdrvroot.sys
2018-04-11 12:43 - 2018-03-30 06:52 - 000047512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmstorfl.sys
2018-04-11 12:43 - 2018-03-30 06:52 - 000028520 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
2018-04-11 12:43 - 2018-03-30 06:51 - 000902928 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2018-04-11 12:43 - 2018-03-30 06:51 - 000147872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2018-04-11 12:43 - 2018-03-30 06:51 - 000125568 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2018-04-11 12:43 - 2018-03-30 06:51 - 000123800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys
2018-04-11 12:43 - 2018-03-30 06:51 - 000071208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WindowsTrustedRT.sys
2018-04-11 12:43 - 2018-03-30 06:50 - 001336344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-04-11 12:43 - 2018-03-30 06:50 - 000057760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbios.sys
2018-04-11 12:43 - 2018-03-30 06:49 - 000204184 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2018-04-11 12:43 - 2018-03-30 06:48 - 001778584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2018-04-11 12:43 - 2018-03-30 06:48 - 001628064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2018-04-11 12:43 - 2018-03-30 06:48 - 001420696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2018-04-11 12:43 - 2018-03-30 06:48 - 001101728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-04-11 12:43 - 2018-03-30 06:48 - 000819104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2018-04-11 12:43 - 2018-03-30 06:48 - 000813984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2018-04-11 12:43 - 2018-03-30 06:48 - 000744856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2018-04-11 12:43 - 2018-03-30 06:48 - 000614304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2018-04-11 12:43 - 2018-03-30 06:48 - 000586800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp110_win.dll
2018-04-11 12:43 - 2018-03-30 06:48 - 000397720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2018-04-11 12:43 - 2018-03-30 06:48 - 000231328 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2018-04-11 12:43 - 2018-03-30 06:28 - 001929712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-04-11 12:43 - 2018-03-30 06:28 - 000777912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-04-11 12:43 - 2018-03-30 06:27 - 000481464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2018-04-11 12:43 - 2018-03-30 06:24 - 000212896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-04-11 12:43 - 2018-03-30 06:23 - 000566664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-04-11 12:43 - 2018-03-30 06:19 - 006092152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-04-11 12:43 - 2018-03-30 06:18 - 000016600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshhyperv.dll
2018-04-11 12:43 - 2018-03-30 06:16 - 000289824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2018-04-11 12:43 - 2018-03-30 06:13 - 002193176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-04-11 12:43 - 2018-03-30 06:13 - 000450936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2018-04-11 12:43 - 2018-03-30 06:13 - 000073896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll
2018-04-11 12:43 - 2018-03-30 06:12 - 000186520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2018-04-11 12:43 - 2018-03-30 06:10 - 000704080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2018-04-11 12:43 - 2018-03-30 06:10 - 000099240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2018-04-11 12:43 - 2018-03-30 06:09 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-04-11 12:43 - 2018-03-30 06:07 - 001003160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-04-11 12:43 - 2018-03-30 06:06 - 000180632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2018-04-11 12:43 - 2018-03-30 06:05 - 001491360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2018-04-11 12:43 - 2018-03-30 06:05 - 000027040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVClientPS.dll
2018-04-11 12:43 - 2018-03-30 06:04 - 000417368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp110_win.dll
2018-04-11 12:43 - 2018-03-30 05:55 - 025253888 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-04-11 12:43 - 2018-03-30 05:46 - 018925056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-04-11 12:43 - 2018-03-30 05:46 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-04-11 12:43 - 2018-03-30 05:46 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2018-04-11 12:43 - 2018-03-30 05:46 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-04-11 12:43 - 2018-03-30 05:45 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-04-11 12:43 - 2018-03-30 05:45 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2018-04-11 12:43 - 2018-03-30 05:45 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2018-04-11 12:43 - 2018-03-30 05:44 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2018-04-11 12:43 - 2018-03-30 05:44 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2018-04-11 12:43 - 2018-03-30 05:44 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-04-11 12:43 - 2018-03-30 05:43 - 019355136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-04-11 12:43 - 2018-03-30 05:43 - 006576128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-04-11 12:43 - 2018-03-30 05:43 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\url.dll
2018-04-11 12:43 - 2018-03-30 05:43 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-04-11 12:43 - 2018-03-30 05:43 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iexpress.exe
2018-04-11 12:43 - 2018-03-30 05:43 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wextract.exe
2018-04-11 12:43 - 2018-03-30 05:43 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEAdvpack.dll
2018-04-11 12:43 - 2018-03-30 05:43 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-04-11 12:43 - 2018-03-30 05:43 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2018-04-11 12:43 - 2018-03-30 05:43 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2018-04-11 12:43 - 2018-03-30 05:43 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2018-04-11 12:43 - 2018-03-30 05:43 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2018-04-11 12:43 - 2018-03-30 05:43 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2018-04-11 12:43 - 2018-03-30 05:43 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2018-04-11 12:43 - 2018-03-30 05:43 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pngfilt.dll
2018-04-11 12:43 - 2018-03-30 05:43 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsnmp32.dll
2018-04-11 12:43 - 2018-03-30 05:43 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\virtdisk.dll
2018-04-11 12:43 - 2018-03-30 05:43 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2018-04-11 12:43 - 2018-03-30 05:43 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2018-04-11 12:43 - 2018-03-30 05:43 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rfxvmt.dll
2018-04-11 12:43 - 2018-03-30 05:43 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe
2018-04-11 12:43 - 2018-03-30 05:43 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshta.exe
2018-04-11 12:43 - 2018-03-30 05:43 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2018-04-11 12:43 - 2018-03-30 05:42 - 000397824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2018-04-11 12:43 - 2018-03-30 05:42 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-04-11 12:43 - 2018-03-30 05:42 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2018-04-11 12:43 - 2018-03-30 05:42 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2018-04-11 12:43 - 2018-03-30 05:42 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2018-04-11 12:43 - 2018-03-30 05:42 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2018-04-11 12:43 - 2018-03-30 05:42 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inseng.dll
2018-04-11 12:43 - 2018-03-30 05:42 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2018-04-11 12:43 - 2018-03-30 05:42 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imgutil.dll
2018-04-11 12:43 - 2018-03-30 05:42 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licmgr10.dll
2018-04-11 12:43 - 2018-03-30 05:41 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-04-11 12:43 - 2018-03-30 05:41 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2018-04-11 12:43 - 2018-03-30 05:41 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-04-11 12:43 - 2018-03-30 05:41 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-04-11 12:43 - 2018-03-30 05:41 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2018-04-11 12:43 - 2018-03-30 05:41 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2018-04-11 12:43 - 2018-03-30 05:41 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2018-04-11 12:43 - 2018-03-30 05:41 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll
2018-04-11 12:43 - 2018-03-30 05:40 - 011924992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-04-11 12:43 - 2018-03-30 05:40 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2018-04-11 12:43 - 2018-03-30 05:40 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-04-11 12:43 - 2018-03-30 05:40 - 000314880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2018-04-11 12:43 - 2018-03-30 05:40 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2018-04-11 12:43 - 2018-03-30 05:40 - 000257536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2018-04-11 12:43 - 2018-03-30 05:40 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\keyiso.dll
2018-04-11 12:43 - 2018-03-30 05:40 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2018-04-11 12:43 - 2018-03-30 05:39 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-04-11 12:43 - 2018-03-30 05:39 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2018-04-11 12:43 - 2018-03-30 05:39 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-04-11 12:43 - 2018-03-30 05:38 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-04-11 12:43 - 2018-03-30 05:38 - 000966656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2018-04-11 12:43 - 2018-03-30 05:38 - 000956928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2018-04-11 12:43 - 2018-03-30 05:38 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-04-11 12:43 - 2018-03-30 05:38 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-04-11 12:43 - 2018-03-30 05:38 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-04-11 12:43 - 2018-03-30 05:38 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2018-04-11 12:43 - 2018-03-30 05:37 - 003677184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-04-11 12:43 - 2018-03-30 05:37 - 001298944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-04-11 12:43 - 2018-03-30 05:36 - 003664384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-04-11 12:43 - 2018-03-30 05:36 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-04-11 12:43 - 2018-03-30 05:36 - 002014720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-04-11 12:43 - 2018-03-30 05:36 - 001560064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-04-11 12:43 - 2018-03-30 05:36 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-04-11 12:43 - 2018-03-30 05:36 - 000897024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-04-11 12:43 - 2018-03-30 05:36 - 000825856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-04-11 12:43 - 2018-03-30 05:36 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2018-04-11 12:43 - 2018-03-30 05:36 - 000098304 _____ C:\WINDOWS\system32\runexehelper.exe
2018-04-11 12:43 - 2018-03-30 05:35 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-04-11 12:43 - 2018-03-30 05:35 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2018-04-11 12:43 - 2018-03-30 05:35 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-04-11 12:43 - 2018-03-30 05:35 - 000496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-04-11 12:43 - 2018-03-30 05:35 - 000400384 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-04-11 12:43 - 2018-03-30 05:35 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2018-04-11 12:43 - 2018-03-30 05:35 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-04-11 12:43 - 2018-03-30 05:35 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-04-11 12:43 - 2018-03-30 05:35 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\convertvhd.exe
2018-04-11 12:43 - 2018-03-30 05:35 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2018-04-11 12:43 - 2018-03-30 05:35 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-04-11 12:43 - 2018-03-30 05:35 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2018-04-11 12:43 - 2018-03-30 05:35 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2018-04-11 12:43 - 2018-03-30 05:35 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2018-04-11 12:43 - 2018-03-30 05:34 - 000339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2018-04-11 12:43 - 2018-03-30 05:33 - 008031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-04-11 12:43 - 2018-03-30 05:33 - 000707584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2018-04-11 12:43 - 2018-03-30 05:33 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-04-11 12:43 - 2018-03-30 05:33 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2018-04-11 12:43 - 2018-03-30 05:33 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\irda.sys
2018-04-11 12:43 - 2018-03-30 05:33 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2018-04-11 12:43 - 2018-03-30 05:33 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2018-04-11 12:43 - 2018-03-30 05:33 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2018-04-11 12:43 - 2018-03-30 05:33 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2018-04-11 12:43 - 2018-03-30 05:33 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2018-04-11 12:43 - 2018-03-30 05:33 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2018-04-11 12:43 - 2018-03-30 05:33 - 000072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2018-04-11 12:43 - 2018-03-30 05:33 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2018-04-11 12:43 - 2018-03-30 05:33 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2018-04-11 12:43 - 2018-03-30 05:33 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\virtdisk.dll
2018-04-11 12:43 - 2018-03-30 05:33 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2018-04-11 12:43 - 2018-03-30 05:33 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmictimeprovider.dll
2018-04-11 12:43 - 2018-03-30 05:33 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dmvsc.sys
2018-04-11 12:43 - 2018-03-30 05:33 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-04-11 12:43 - 2018-03-30 05:33 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2018-04-11 12:43 - 2018-03-30 05:33 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnEapPeerProxy.dll
2018-04-11 12:43 - 2018-03-30 05:33 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnEapAuthProxy.dll
2018-04-11 12:43 - 2018-03-30 05:33 - 000028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\HyperVideo.sys
2018-04-11 12:43 - 2018-03-30 05:33 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\VMBusHID.sys
2018-04-11 12:43 - 2018-03-30 05:33 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysntfy.dll
2018-04-11 12:43 - 2018-03-30 05:33 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidtel.exe
2018-04-11 12:43 - 2018-03-30 05:33 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\nrpsrv.dll
2018-04-11 12:43 - 2018-03-30 05:33 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasacd.sys
2018-04-11 12:43 - 2018-03-30 05:33 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmApplicationHealthMonitorProxy.dll
2018-04-11 12:43 - 2018-03-30 05:33 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hyperkbd.sys
2018-04-11 12:43 - 2018-03-30 05:33 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmgencounter.sys
2018-04-11 12:43 - 2018-03-30 05:33 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2018-04-11 12:43 - 2018-03-30 05:33 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmgid.sys
2018-04-11 12:43 - 2018-03-30 05:33 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vms3cap.sys
2018-04-11 12:43 - 2018-03-30 05:33 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-04-11 12:43 - 2018-03-30 05:32 - 023674880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-04-11 12:43 - 2018-03-30 05:32 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-04-11 12:43 - 2018-03-30 05:32 - 000212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2018-04-11 12:43 - 2018-03-30 05:32 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-04-11 12:43 - 2018-03-30 05:32 - 000198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2018-04-11 12:43 - 2018-03-30 05:32 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2018-04-11 12:43 - 2018-03-30 05:32 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2018-04-11 12:43 - 2018-03-30 05:32 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe
2018-04-11 12:43 - 2018-03-30 05:32 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2018-04-11 12:43 - 2018-03-30 05:32 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe
2018-04-11 12:43 - 2018-03-30 05:32 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-04-11 12:43 - 2018-03-30 05:32 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2018-04-11 12:43 - 2018-03-30 05:32 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2018-04-11 12:43 - 2018-03-30 05:32 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2018-04-11 12:43 - 2018-03-30 05:32 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\efslsaext.dll
2018-04-11 12:43 - 2018-03-30 05:32 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2018-04-11 12:43 - 2018-03-30 05:32 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
2018-04-11 12:43 - 2018-03-30 05:32 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndisuio.sys
2018-04-11 12:43 - 2018-03-30 05:32 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\lltdio.sys
2018-04-11 12:43 - 2018-03-30 05:32 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Synth3dVsc.sys
2018-04-11 12:43 - 2018-03-30 05:32 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsnmp32.dll
2018-04-11 12:43 - 2018-03-30 05:32 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll
2018-04-11 12:43 - 2018-03-30 05:32 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\efssvc.dll
2018-04-11 12:43 - 2018-03-30 05:32 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerSvc.dll
2018-04-11 12:43 - 2018-03-30 05:32 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdPnp.dll
2018-04-11 12:43 - 2018-03-30 05:32 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2018-04-11 12:43 - 2018-03-30 05:32 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys
2018-04-11 12:43 - 2018-03-30 05:32 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\RfxVmt.sys
2018-04-11 12:43 - 2018-03-30 05:32 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2018-04-11 12:43 - 2018-03-30 05:32 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmiprop.dll
2018-04-11 12:43 - 2018-03-30 05:32 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWNet.dll
2018-04-11 12:43 - 2018-03-30 05:32 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfhost.exe
2018-04-11 12:43 - 2018-03-30 05:32 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe
2018-04-11 12:43 - 2018-03-30 05:32 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe
2018-04-11 12:43 - 2018-03-30 05:32 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\gpuenergydrv.sys
2018-04-11 12:43 - 2018-03-30 05:31 - 000795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalAuth.dll
2018-04-11 12:43 - 2018-03-30 05:31 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-04-11 12:43 - 2018-03-30 05:31 - 000416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2018-04-11 12:43 - 2018-03-30 05:31 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-04-11 12:43 - 2018-03-30 05:31 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-04-11 12:43 - 2018-03-30 05:31 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2018-04-11 12:43 - 2018-03-30 05:31 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2018-04-11 12:43 - 2018-03-30 05:31 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvc.dll
2018-04-11 12:43 - 2018-03-30 05:31 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2018-04-11 12:43 - 2018-03-30 05:31 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll
2018-04-11 12:43 - 2018-03-30 05:31 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2018-04-11 12:43 - 2018-03-30 05:31 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2018-04-11 12:43 - 2018-03-30 05:31 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2018-04-11 12:43 - 2018-03-30 05:31 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll
2018-04-11 12:43 - 2018-03-30 05:31 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2018-04-11 12:43 - 2018-03-30 05:31 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2018-04-11 12:43 - 2018-03-30 05:31 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2018-04-11 12:43 - 2018-03-30 05:31 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-04-11 12:43 - 2018-03-30 05:31 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\keyiso.dll
2018-04-11 12:43 - 2018-03-30 05:31 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2018-04-11 12:43 - 2018-03-30 05:31 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2018-04-11 12:43 - 2018-03-30 05:31 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2018-04-11 12:43 - 2018-03-30 05:31 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\nsisvc.dll
2018-04-11 12:43 - 2018-03-30 05:30 - 012833280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-04-11 12:43 - 2018-03-30 05:30 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-04-11 12:43 - 2018-03-30 05:30 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2018-04-11 12:43 - 2018-03-30 05:30 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2018-04-11 12:43 - 2018-03-30 05:30 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll
2018-04-11 12:43 - 2018-03-30 05:30 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-04-11 12:43 - 2018-03-30 05:30 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2018-04-11 12:43 - 2018-03-30 05:30 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-04-11 12:43 - 2018-03-30 05:30 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll
2018-04-11 12:43 - 2018-03-30 05:30 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2018-04-11 12:43 - 2018-03-30 05:30 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2018-04-11 12:43 - 2018-03-30 05:30 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-04-11 12:43 - 2018-03-30 05:30 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll
2018-04-11 12:43 - 2018-03-30 05:30 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2018-04-11 12:43 - 2018-03-30 05:30 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2018-04-11 12:43 - 2018-03-30 05:30 - 000188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2018-04-11 12:43 - 2018-03-30 05:30 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2018-04-11 12:43 - 2018-03-30 05:29 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-04-11 12:43 - 2018-03-30 05:29 - 000791552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-04-11 12:43 - 2018-03-30 05:29 - 000723968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2018-04-11 12:43 - 2018-03-30 05:29 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-04-11 12:43 - 2018-03-30 05:29 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2018-04-11 12:43 - 2018-03-30 05:29 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2018-04-11 12:43 - 2018-03-30 05:29 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2018-04-11 12:43 - 2018-03-30 05:29 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-04-11 12:43 - 2018-03-30 05:29 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll
2018-04-11 12:43 - 2018-03-30 05:29 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2018-04-11 12:43 - 2018-03-30 05:29 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2018-04-11 12:43 - 2018-03-30 05:29 - 000298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2018-04-11 12:43 - 2018-03-30 05:29 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2018-04-11 12:43 - 2018-03-30 05:29 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-04-11 12:43 - 2018-03-30 05:28 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2018-04-11 12:43 - 2018-03-30 05:28 - 001245184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2018-04-11 12:43 - 2018-03-30 05:28 - 000984064 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2018-04-11 12:43 - 2018-03-30 05:28 - 000970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2018-04-11 12:43 - 2018-03-30 05:28 - 000951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2018-04-11 12:43 - 2018-03-30 05:28 - 000820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2018-04-11 12:43 - 2018-03-30 05:28 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-04-11 12:43 - 2018-03-30 05:28 - 000757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-04-11 12:43 - 2018-03-30 05:28 - 000721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-04-11 12:43 - 2018-03-30 05:28 - 000624128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2018-04-11 12:43 - 2018-03-30 05:28 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-04-11 12:43 - 2018-03-30 05:28 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-04-11 12:43 - 2018-03-30 05:28 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2018-04-11 12:43 - 2018-03-30 05:28 - 000147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2018-04-11 12:43 - 2018-03-30 05:27 - 008104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-04-11 12:43 - 2018-03-30 05:27 - 003170816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-04-11 12:43 - 2018-03-30 05:27 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-04-11 12:43 - 2018-03-30 05:27 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2018-04-11 12:43 - 2018-03-30 05:27 - 001002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-04-11 12:43 - 2018-03-30 05:27 - 000985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-04-11 12:43 - 2018-03-30 05:27 - 000947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2018-04-11 12:43 - 2018-03-30 05:27 - 000889856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2018-04-11 12:43 - 2018-03-30 05:27 - 000813568 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-04-11 12:43 - 2018-03-30 05:27 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2018-04-11 12:43 - 2018-03-30 05:27 - 000332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2018-04-11 12:43 - 2018-03-30 05:27 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2018-04-11 12:43 - 2018-03-30 05:27 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpsrv.dll
2018-04-11 12:43 - 2018-03-30 05:26 - 004747776 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-04-11 12:43 - 2018-03-30 05:26 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-04-11 12:43 - 2018-03-30 05:26 - 002209280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-04-11 12:43 - 2018-03-30 05:26 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-04-11 12:43 - 2018-03-30 05:26 - 001955328 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSvc.dll
2018-04-11 12:43 - 2018-03-30 05:26 - 001816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-04-11 12:43 - 2018-03-30 05:26 - 001573376 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2018-04-11 12:43 - 2018-03-30 05:26 - 001343488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2018-04-11 12:43 - 2018-03-30 05:26 - 000765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2018-04-11 12:43 - 2018-03-30 05:26 - 000716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-04-11 12:43 - 2018-03-30 05:25 - 002628608 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-04-11 12:43 - 2018-03-30 05:25 - 002528256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-04-11 12:43 - 2018-03-30 05:25 - 002083840 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-04-11 12:43 - 2018-03-30 05:25 - 001822720 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-04-11 12:43 - 2018-03-30 05:25 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-04-11 12:43 - 2018-03-30 05:25 - 001548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-04-11 12:43 - 2018-03-30 05:25 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-04-11 12:43 - 2018-03-30 05:25 - 001055744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-04-11 12:43 - 2018-03-30 05:25 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-04-11 12:43 - 2018-03-30 05:25 - 000841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2018-04-11 12:43 - 2018-03-30 05:25 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-04-11 12:43 - 2018-03-30 05:25 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-04-11 12:43 - 2018-03-30 05:25 - 000374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2018-04-11 12:43 - 2018-03-30 05:25 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2018-04-11 12:43 - 2018-03-30 05:25 - 000270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2018-04-11 12:43 - 2018-03-30 05:24 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-04-11 12:43 - 2018-03-30 05:24 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-04-11 12:43 - 2018-03-30 05:23 - 000963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-04-11 12:43 - 2018-03-30 05:23 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-04-11 12:43 - 2018-03-30 05:23 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2018-04-11 12:43 - 2018-03-30 05:23 - 000387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2018-04-11 12:43 - 2018-03-30 05:23 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2018-04-11 12:43 - 2018-03-30 05:23 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2018-04-11 12:43 - 2018-03-30 05:22 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2018-04-11 12:43 - 2018-03-30 05:22 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpbus.sys
2018-04-11 12:43 - 2018-03-30 05:22 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\beep.sys
2018-04-11 12:43 - 2018-03-30 05:21 - 002511360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2018-04-11 12:43 - 2018-03-30 05:21 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2018-04-11 12:43 - 2018-03-30 05:20 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2018-04-11 12:43 - 2018-03-30 05:20 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2018-04-11 12:43 - 2018-03-30 05:20 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2018-04-11 12:43 - 2018-03-30 05:20 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2018-04-11 12:43 - 2018-03-30 05:20 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2018-04-11 12:43 - 2018-03-30 05:20 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2018-04-11 12:43 - 2018-03-30 05:20 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2018-04-11 12:43 - 2018-03-30 05:20 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdPnp.dll
2018-04-11 12:43 - 2018-03-30 05:20 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msfs.sys
2018-04-11 12:43 - 2018-03-30 05:20 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmiprop.dll
2018-04-11 12:43 - 2018-03-30 05:20 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWNet.dll
2018-04-11 12:43 - 2018-03-30 05:20 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\null.sys
2018-04-11 12:43 - 2018-03-28 21:54 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2018-04-11 12:43 - 2018-03-13 09:03 - 005907288 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-04-11 12:43 - 2018-03-13 09:03 - 000779960 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-04-11 12:43 - 2018-03-13 09:03 - 000739696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2018-04-11 12:43 - 2018-03-13 09:03 - 000382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-04-11 12:43 - 2018-03-13 09:03 - 000279960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2018-04-11 12:43 - 2018-03-13 09:02 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-04-11 12:43 - 2018-03-13 08:59 - 000535968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2018-04-11 12:43 - 2018-03-13 08:58 - 000441248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2018-04-11 12:43 - 2018-03-13 08:58 - 000377760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-04-11 12:43 - 2018-03-13 08:58 - 000170904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-04-11 12:43 - 2018-03-13 08:55 - 001778360 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2018-04-11 12:43 - 2018-03-13 08:55 - 000979352 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2018-04-11 12:43 - 2018-03-13 08:55 - 000417440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2018-04-11 12:43 - 2018-03-13 08:55 - 000334240 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2018-04-11 12:43 - 2018-03-13 08:54 - 000555936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2018-04-11 12:43 - 2018-03-13 08:54 - 000128928 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2018-04-11 12:43 - 2018-03-13 08:53 - 001054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-04-11 12:43 - 2018-03-13 08:53 - 000774560 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2018-04-11 12:43 - 2018-03-13 08:53 - 000143264 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2018-04-11 12:43 - 2018-03-13 08:53 - 000113568 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2018-04-11 12:43 - 2018-03-13 08:53 - 000091152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2018-04-11 12:43 - 2018-03-13 08:52 - 007384576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-04-11 12:43 - 2018-03-13 08:52 - 000172112 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll
2018-04-11 12:43 - 2018-03-13 08:52 - 000127136 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2018-04-11 12:43 - 2018-03-13 08:51 - 002773408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-04-11 12:43 - 2018-03-13 08:50 - 000617312 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-04-11 12:43 - 2018-03-13 07:41 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2018-04-11 12:43 - 2018-03-13 07:40 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2018-04-11 12:43 - 2018-03-13 07:40 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-04-11 12:43 - 2018-03-13 07:38 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2018-04-11 12:43 - 2018-03-13 07:38 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2018-04-11 12:43 - 2018-03-13 07:38 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2018-04-11 12:43 - 2018-03-13 07:37 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetDriverInstall.dll
2018-04-11 12:43 - 2018-03-13 07:37 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2018-04-11 12:43 - 2018-03-13 07:37 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2018-04-11 12:43 - 2018-03-13 07:36 - 000297984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2018-04-11 12:43 - 2018-03-13 07:36 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2018-04-11 12:43 - 2018-03-13 07:35 - 000758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2018-04-11 12:43 - 2018-03-13 07:35 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2018-04-11 12:43 - 2018-03-13 07:35 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2018-04-11 12:43 - 2018-03-13 07:35 - 000245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll
2018-04-11 12:43 - 2018-03-13 07:35 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsAuth.dll
2018-04-11 12:43 - 2018-03-13 07:35 - 000219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsCfg.dll
2018-04-11 12:43 - 2018-03-13 07:35 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlgpclnt.dll
2018-04-11 12:43 - 2018-03-13 07:34 - 008727552 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2018-04-11 12:43 - 2018-03-13 07:34 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2018-04-11 12:43 - 2018-03-13 07:34 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsExt.dll
2018-04-11 12:43 - 2018-03-13 07:34 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2018-04-11 12:43 - 2018-03-13 07:34 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2018-04-11 12:43 - 2018-03-13 07:33 - 007544832 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-04-11 12:43 - 2018-03-13 07:33 - 001574912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2018-04-11 12:43 - 2018-03-13 07:33 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2018-04-11 12:43 - 2018-03-13 07:33 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2018-04-11 12:43 - 2018-03-13 07:33 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2018-04-11 12:43 - 2018-03-13 07:33 - 000278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2018-04-11 12:43 - 2018-03-13 07:33 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2018-04-11 12:43 - 2018-03-13 07:33 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll
2018-04-11 12:43 - 2018-03-13 07:32 - 005195776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-04-11 12:43 - 2018-03-13 07:32 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2018-04-11 12:43 - 2018-03-13 07:32 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2018-04-11 12:43 - 2018-03-13 07:32 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2018-04-11 12:43 - 2018-03-13 07:32 - 000286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2018-04-11 12:43 - 2018-03-13 07:32 - 000200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2018-04-11 12:43 - 2018-03-13 07:31 - 002849792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2018-04-11 12:43 - 2018-03-13 07:31 - 001263104 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2018-04-11 12:43 - 2018-03-13 07:31 - 001173504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2018-04-11 12:43 - 2018-03-13 07:31 - 000596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll
2018-04-11 12:43 - 2018-03-13 07:31 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2018-04-11 12:43 - 2018-03-13 07:30 - 007145472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2018-04-11 12:43 - 2018-03-13 07:30 - 003400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2018-04-11 12:43 - 2018-03-13 07:30 - 000893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2018-04-11 12:43 - 2018-03-13 07:30 - 000863744 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2018-04-11 12:43 - 2018-03-13 07:30 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2018-04-11 12:43 - 2018-03-13 07:30 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2018-04-11 12:43 - 2018-03-13 07:29 - 003211776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2018-04-11 12:43 - 2018-03-13 07:28 - 003160576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2018-04-11 12:43 - 2018-03-13 07:28 - 002857984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-04-11 12:43 - 2018-03-13 07:28 - 001967104 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2018-04-11 12:43 - 2018-03-13 07:28 - 001157632 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2018-04-11 12:43 - 2018-03-13 07:28 - 000939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2018-04-11 12:43 - 2018-03-13 07:28 - 000886272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2018-04-11 12:43 - 2018-03-13 07:28 - 000837120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2018-04-11 12:43 - 2018-03-13 07:28 - 000508928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2018-04-11 12:43 - 2018-03-13 07:27 - 003125760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-04-11 12:43 - 2018-03-13 07:27 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-04-11 12:43 - 2018-03-13 07:27 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2018-04-11 12:43 - 2018-03-13 07:26 - 001737728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-04-11 12:43 - 2018-03-13 07:26 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2018-04-11 12:43 - 2018-03-13 07:25 - 001346560 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2018-04-11 12:43 - 2018-03-13 07:25 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2018-04-11 12:43 - 2018-03-13 07:24 - 001275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2018-04-11 12:43 - 2018-03-13 07:24 - 000389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2018-04-11 12:43 - 2018-03-13 07:24 - 000205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\sensrsvc.dll
2018-04-11 12:43 - 2018-03-13 07:23 - 001556992 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2018-04-11 12:43 - 2018-03-13 07:23 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2018-04-11 12:43 - 2018-03-13 07:23 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2018-04-11 12:43 - 2018-03-13 07:22 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2018-04-11 12:43 - 2018-03-13 07:22 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2018-04-11 12:43 - 2018-03-13 07:22 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\racpldlg.dll
2018-04-11 12:43 - 2018-03-13 07:22 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-04-11 12:43 - 2018-03-13 07:19 - 001615712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-04-11 12:43 - 2018-03-13 07:19 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-04-11 12:43 - 2018-03-13 07:19 - 000311200 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2018-04-11 12:43 - 2018-03-13 07:15 - 000597160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2018-04-11 12:43 - 2018-03-13 07:08 - 001555784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2018-04-11 12:43 - 2018-03-13 07:08 - 000747416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2018-04-11 12:43 - 2018-03-13 07:07 - 000115104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2018-04-11 12:43 - 2018-03-13 07:06 - 000564640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2018-04-11 12:43 - 2018-03-13 07:04 - 006481096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-04-11 12:43 - 2018-03-13 07:04 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-04-11 12:43 - 2018-03-13 07:04 - 000140592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll
2018-04-11 12:43 - 2018-03-13 06:44 - 003490816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2018-04-11 12:43 - 2018-03-13 06:44 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2018-04-11 12:43 - 2018-03-13 06:43 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-04-11 12:43 - 2018-03-13 06:40 - 006118400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2018-04-11 12:43 - 2018-03-13 06:40 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll
2018-04-11 12:43 - 2018-03-13 06:40 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2018-04-11 12:43 - 2018-03-13 06:39 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\icm32.dll
2018-04-11 12:43 - 2018-03-13 06:39 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2018-04-11 12:43 - 2018-03-13 06:39 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2018-04-11 12:43 - 2018-03-13 06:39 - 000164352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TtlsCfg.dll
2018-04-11 12:43 - 2018-03-13 06:38 - 006466560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-04-11 12:43 - 2018-03-13 06:38 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlgpclnt.dll
2018-04-11 12:43 - 2018-03-13 06:37 - 003181568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-04-11 12:43 - 2018-03-13 06:37 - 000981504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2018-04-11 12:43 - 2018-03-13 06:37 - 000537088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
2018-04-11 12:43 - 2018-03-13 06:37 - 000381440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2018-04-11 12:43 - 2018-03-13 06:37 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2018-04-11 12:43 - 2018-03-13 06:37 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2018-04-11 12:43 - 2018-03-13 06:37 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
2018-04-11 12:43 - 2018-03-13 06:37 - 000091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2018-04-11 12:43 - 2018-03-13 06:36 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2018-04-11 12:43 - 2018-03-13 06:36 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2018-04-11 12:43 - 2018-03-13 06:36 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2018-04-11 12:43 - 2018-03-13 06:35 - 006204416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2018-04-11 12:43 - 2018-03-13 06:34 - 002409984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2018-04-11 12:43 - 2018-03-13 06:34 - 000706048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2018-04-11 12:43 - 2018-03-13 06:33 - 002464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-04-11 12:43 - 2018-03-13 06:33 - 000981504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2018-04-11 12:43 - 2018-03-13 06:32 - 002577408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2018-04-11 12:43 - 2018-03-13 06:32 - 001948672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2018-04-11 12:43 - 2018-03-13 06:31 - 001348608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-04-11 12:43 - 2018-03-13 06:31 - 000862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2018-04-11 12:43 - 2018-03-13 06:31 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2018-04-11 12:43 - 2018-03-13 06:31 - 000402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2018-04-11 12:43 - 2018-03-13 06:30 - 002349568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-04-11 12:43 - 2018-03-13 06:30 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2018-04-11 12:43 - 2018-03-13 06:28 - 000328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2018-04-11 12:43 - 2018-03-13 06:27 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2018-04-11 12:43 - 2018-03-13 06:27 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2018-04-11 12:43 - 2018-03-13 06:26 - 000483328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2018-04-11 12:43 - 2017-11-26 15:32 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2018-04-11 12:43 - 2017-11-26 14:36 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-04-11 12:43 - 2017-11-26 13:12 - 000123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2018-04-09 17:27 - 2018-04-09 17:27 - 000053063 _____ C:\Users\jch\Downloads\Formular_Arbeitsplaetze_MasterArbeit_ger.PDF
2018-04-09 17:22 - 2018-04-09 17:22 - 000122549 _____ C:\Users\jch\Downloads\PhD position.pdf
2018-04-09 17:02 - 2018-04-09 17:02 - 000043444 _____ C:\Users\jch\Downloads\Ausschreibung PostDoc- 2015.pdf
2018-04-09 14:41 - 2018-04-09 14:41 - 000106947 _____ C:\Users\jch\Downloads\bill-2018-03-14.pdf
2018-04-08 14:09 - 2018-04-08 14:09 - 000000000 ____D C:\Program Files\Sublime Text 3
2018-03-29 11:40 - 2018-03-29 11:40 - 003401446 _____ C:\Users\jch\Desktop\geckodriver-v0.20.0-win64.zip
2018-03-29 11:38 - 2018-04-16 16:09 - 000000000 ____D C:\Users\jch\AppData\LocalLow\Mozilla
2018-03-29 11:38 - 2018-04-16 15:46 - 000000000 ____D C:\Users\jch\AppData\Local\Mozilla
2018-03-29 11:38 - 2018-03-29 11:38 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-03-29 11:38 - 2018-03-29 11:38 - 000001000 _____ C:\Users\Public\Desktop\Firefox.lnk
2018-03-29 11:38 - 2018-03-29 11:38 - 000000000 ____D C:\Users\jch\AppData\Roaming\Mozilla
2018-03-29 11:38 - 2018-03-29 11:38 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-03-29 11:38 - 2018-03-29 11:38 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-03-21 12:24 - 2018-04-16 16:56 - 001388448 _____ C:\Users\Public\ASR.dat
2018-03-18 18:40 - 2018-03-11 22:48 - 000131132 _____ C:\Users\jch\Desktop\Programmauszug V4.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-04-16 17:46 - 2017-04-21 16:41 - 000000000 __SHD C:\Users\jch\IntelGraphicsProfiles
2018-04-16 17:45 - 2017-12-19 11:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-04-16 17:45 - 2017-09-29 10:45 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2018-04-16 17:37 - 2017-12-19 11:23 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-04-16 16:02 - 2017-04-21 16:41 - 000000128 _____ C:\WINDOWS\system32\config\netlogon.ftl
2018-04-16 15:59 - 2017-12-19 11:29 - 000000000 ____D C:\Users\jch
2018-04-16 15:58 - 2017-12-19 11:29 - 001718084 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-04-16 13:30 - 2017-12-19 11:30 - 000000000 ____D C:\Users\jch\AppData\Local\Packages
2018-04-16 12:19 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-04-16 12:18 - 2017-09-29 15:44 - 000000000 ____D C:\WINDOWS\INF
2018-04-16 10:02 - 2017-04-27 12:24 - 000000000 ____D C:\Work
2018-04-15 10:00 - 2017-09-29 15:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-04-15 09:59 - 2016-07-30 23:10 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-04-14 23:50 - 2017-05-17 16:12 - 000001073 _____ C:\Users\jch\.bash_history
2018-04-14 12:34 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-04-14 11:23 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\rescache
2018-04-12 13:24 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-04-11 13:44 - 2016-07-30 23:05 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-04-11 13:43 - 2017-12-19 11:23 - 000466024 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-04-11 13:42 - 2017-09-29 15:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-04-11 13:42 - 2017-09-29 15:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-04-11 13:42 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB
2018-04-11 13:42 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\en-GB
2018-04-11 13:42 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-04-11 13:42 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-04-11 13:01 - 2017-07-29 17:31 - 000000000 ____D C:\Private
2018-04-11 12:52 - 2017-04-26 13:41 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-04-11 12:48 - 2017-10-11 11:28 - 136971704 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-04-11 12:48 - 2017-09-29 15:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-04-11 12:48 - 2017-04-26 13:41 - 136971704 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-04-08 14:36 - 2017-05-18 16:39 - 000007620 _____ C:\Users\jch\AppData\Local\Resmon.ResmonCfg
2018-04-08 14:09 - 2017-06-05 17:32 - 000000000 ____D C:\Users\jch\AppData\Local\Sublime Text 3
2018-04-04 17:28 - 2017-07-27 17:43 - 000000000 ____D C:\Users\jch\AppData\Local\RStudio-Desktop
2018-04-04 08:29 - 2017-07-27 17:43 - 000147456 _____ C:\Users\jch\AppData\Local\WebpageIcons.db
2018-04-03 21:37 - 2018-03-16 22:08 - 000835064 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-04-03 21:37 - 2018-03-16 22:08 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-04-03 08:21 - 2017-08-17 13:23 - 000014059 _____ C:\Users\jch\Documents\.Rhistory
2018-03-31 16:20 - 2017-03-31 09:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Strumenti di Microsoft Office 2016
2018-03-28 12:27 - 2017-12-22 12:55 - 000000204 ___SH C:\Users\jch\ntuser.ini
2018-03-28 12:25 - 2018-03-16 20:29 - 000000000 ____D C:\Users\jch\.credentials
2018-03-28 12:25 - 2018-01-07 08:53 - 000000000 ____D C:\Users\jch\.conda
2018-03-23 14:12 - 2017-04-21 16:43 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-03-21 08:55 - 2017-12-19 11:40 - 000000000 ___RD C:\Users\jch\OneDrive
2018-03-21 08:55 - 2017-12-19 11:35 - 000003358 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4260820389-203242751-2565199900-1108
2018-03-21 08:55 - 2017-05-25 09:45 - 000002364 _____ C:\Users\jch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

==================== Files in the root of some directories =======

2017-10-09 20:38 - 2017-10-09 20:38 - 000000000 _____ () C:\Users\jch\.mongorc.js
2018-03-21 12:24 - 2018-04-16 16:56 - 001388448 _____ () C:\Users\Public\ASR.dat
2018-04-16 12:16 - 2018-04-16 16:56 - 001388448 _____ () C:\Users\Public\VOIP.dat
2017-09-13 17:48 - 2017-09-13 18:11 - 000000468 _____ () C:\Users\jch\AppData\Roaming\Data-Check.launch.pyw.log
2017-05-23 07:10 - 2017-05-23 07:10 - 000000337 _____ () C:\Users\jch\AppData\Local\Perfmon.PerfmonCfg
2018-01-31 19:57 - 2018-01-31 19:57 - 000000600 _____ () C:\Users\jch\AppData\Local\PUTTY.RND
2017-05-18 16:39 - 2018-04-08 14:36 - 000007620 _____ () C:\Users\jch\AppData\Local\Resmon.ResmonCfg
2017-07-27 17:43 - 2018-04-04 08:29 - 000147456 _____ () C:\Users\jch\AppData\Local\WebpageIcons.db

Some files in TEMP:
====================
2018-04-16 09:46 - 2018-04-16 09:46 - 058834376 _____ (Skype Technologies S.A.) C:\Users\jch\AppData\Local\Temp\SkypeSetup.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-04-14 11:23

==================== End of FRST.txt ============================
         
__________________

Geändert von RSLB (16.04.2018 um 20:05 Uhr)

Alt 16.04.2018, 20:12   #4
RSLB
 
Raiffeisen E-Banking Probleme - infizierten Rechner - Standard

Raiffeisen E-Banking Probleme - infizierten Rechner



FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15.04.2018
Ran by jch (16-04-2018 17:50:32)
Running from C:\Users\jch\Downloads
Windows 10 Pro Version 1709 16299.371 (X64) (2017-12-19 09:36:35)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

admin (S-1-5-21-795514730-4054122176-1461915740-1001 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-795514730-4054122176-1461915740-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-795514730-4054122176-1461915740-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-795514730-4054122176-1461915740-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-795514730-4054122176-1461915740-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-795514730-4054122176-1461915740-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Endpoint Antivirus (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Endpoint Antivirus (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{C788B026-20BD-4E96-B698-533F1D6C5013}) (Version: 7.2.4 - Hewlett-Packard) Hidden
7-Zip 17.01 beta (x64) (HKLM\...\7-Zip) (Version: 17.01 beta - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.5 - Adobe Systems Incorporated)
Alcor Micro Smart Card Reader Driver (HKLM-x32\...\{F24F876B-7D71-4BD6-88E9-614D3B000044}) (Version: 1.7.44.0 - Alcor Micro Corp.) Hidden
Alcor Micro Smart Card Reader Driver (HKLM-x32\...\SZCCID) (Version: 1.7.44.0 - Alcor Micro Corp.)
Apple Application Support (32 bits) (HKLM-x32\...\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Atom (HKU\S-1-5-21-4260820389-203242751-2565199900-1108\...\atom) (Version: 1.23.3 - GitHub Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.1.04011 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\{0FC5E486-6EA0-4665-A39D-DCC016D88632}) (Version: 4.1.04011 - Cisco Systems, Inc.) Hidden
Conexant ISST Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 9.0.134.2 - Conexant)
EPS Viewer (HKLM-x32\...\{32E05824-A0AC-4DFE-B965-5F52C28FBE9F}_is1) (Version:  - IdeaMK)
ESET Endpoint Antivirus (HKLM\...\{E794A738-5725-4AA7-85EA-898235D36B3F}) (Version: 6.5.2107.1 - ESET, spol. s r.o.)
ESET Remote Administrator Agent (HKLM\...\{94FB5797-B020-44BC-BCAB-DBB35366B9B0}) (Version: 6.4.283.0 - ESET, spol. s r.o.)
FileZilla Client 3.26.1 (HKU\S-1-5-21-4260820389-203242751-2565199900-1108\...\FileZilla Client) (Version: 3.26.1 - Tim Kosse)
GAUSS 18 x64 (HKLM\...\{61357717-545A-46AB-8B79-008FE2C25988}) (Version: 18.1.0.4407 - Aptech)
GAUSS 18 x64 (HKLM\...\{E62B7C25-9B3B-470F-ACEB-2F23E7328C53}) (Version: 18.1.2.4416 - Aptech)
Git version 2.12.2.2 (HKLM\...\Git_is1) (Version: 2.12.2.2 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 65.0.3325.181 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
HP Support Solutions Framework (HKLM-x32\...\{E2CB09C1-3C76-4395-BB47-50C066535CF8}) (Version: 12.8.47.1 - HP)
HP System Default Settings (HKLM-x32\...\{BCF8F914-F91D-4DC5-A9E3-655B444CBFFD}) (Version: 1.2.6.1 - Hewlett-Packard Company)
HP Welcome (HKLM\...\HPWelcome) (Version: 1.0 - HP Inc.)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1177 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 20.4 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4771 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.7.1051 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{35069AA3-F7B2-4759-96F0-9EE43AACB690}) (Version: 19.00.1621.3340 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{a2d9fda8-65eb-4c06-81ef-31e0a4daa335}) (Version: 10.1.1.11 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{ed4a5da7-ac62-4aa5-9502-7b4de55e8cb5}) (Version: 20.20.2 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{3D45BD48-F215-4C69-B23F-256C83D1D7F0}) (Version: 1.0.0.534 - Intel Corporation)
Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Malwarebytes version 3.4.5.2467 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.4.5.2467 - Malwarebytes)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.9126.2152 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.9126.2152 - Microsoft Corporation)
Microsoft Office 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.9126.2152 - Microsoft Corporation)
Microsoft Office 365 - it-it (HKLM\...\O365HomePremRetail - it-it) (Version: 16.0.9126.2152 - Microsoft Corporation)
Microsoft Office Configuration Analyzer Tool 2.2 (HKLM-x32\...\{EA5C0F11-00CA-0321-0801-141002021782}) (Version: 2.2.6018.801 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.9126.2152 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.9126.2152 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - it-it (HKLM\...\ProPlusRetail - it-it) (Version: 16.0.9126.2152 - Microsoft Corporation)
Microsoft Office Professionnel Plus*2016 - fr-fr (HKLM\...\ProPlusRetail - fr-fr) (Version: 16.0.9126.2152 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4260820389-203242751-2565199900-1108\...\OneDriveSetup.exe) (Version: 18.025.0204.0009 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mozilla Firefox 59.0.2 (x64 en-GB) (HKLM\...\Mozilla Firefox 59.0.2 (x64 en-GB)) (Version: 59.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 59.0.2 - Mozilla)
Nullsoft Install System (HKLM-x32\...\NSIS) (Version: 3.02.1 - )
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.9126.2152 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.9126.2152 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.9126.2152 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.9126.2152 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.9126.2152 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-040C-0000-0000000FF1CE}) (Version: 16.0.9126.2152 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0410-0000-0000000FF1CE}) (Version: 16.0.9126.2152 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 5.2.6 (HKLM\...\{E4157798-7F79-4E27-84A0-A6BF96607F47}) (Version: 5.2.6 - Oracle Corporation)
PuTTY release 0.70 (64-bit) (HKLM\...\{45B3032F-22CC-40CD-9E97-4DA7095FA5A2}) (Version: 0.70.0.0 - Simon Tatham)
Python 3.6.0 (Anaconda3 4.3.1 64-bit) (HKU\S-1-5-21-4260820389-203242751-2565199900-1108\...\Python 3.6.0 (Anaconda3 4.3.1 64-bit)) (Version: 4.3.1 - Continuum Analytics, Inc.)
R for Windows 3.4.1 (HKLM\...\R for Windows 3.4.1_is1) (Version: 3.4.1 - R Core Team)
R for Windows 3.4.2 (HKLM\...\R for Windows 3.4.2_is1) (Version: 3.4.2 - R Core Team)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.21287 - Realtek Semiconduct Corp.)
RStudio (HKLM-x32\...\RStudio) (Version: 1.0.153 - RStudio)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.)
Steuer St.Gallen 2017 nP 1.1.0 (HKLM-x32\...\7449-9735-2550-3422) (Version: 1.1.0 - Information Factory AG)
Sublime Text Build 3126 (HKLM\...\Sublime Text 3_is1) (Version:  - Sublime HQ Pty Ltd)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.65 - Synaptics Incorporated)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.88438 - TeamViewer)
TeXstudio 2.12.4 (HKLM-x32\...\TeXstudio_is1) (Version: 2.12.4 - Benito van der Zander)
WinDirStat 1.1.2 (HKU\S-1-5-21-4260820389-203242751-2565199900-1108\...\WinDirStat) (Version:  - )
ZyWALL SecuExtender (HKLM-x32\...\{82AC941C-39BC-448D-89AF-9D65CC7E8167}) (Version: 4.0.2.0 - Zyxel Communications Corp.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4260820389-203242751-2565199900-1108_Classes\CLSID\{0358B920-0AC7-461F-98F4-58E32CD89148}\InprocServer32 -> C:\Users\jch\AppData\Roaming\Microsoft\Windows\Contrrt\Everysummer.dll ()
CustomCLSID: HKU\S-1-5-21-4260820389-203242751-2565199900-1108_Classes\CLSID\{DAE467D6-5C66-404A-BD99-4AC8261A733A}\InprocServer32 -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-08-28] (Igor Pavlov)
ContextMenuHandlers1: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Antivirus\shellExt.dll [2017-06-09] (ESET)
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Antivirus\shellExt.dll [2017-06-09] (ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-27] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-08-28] (Igor Pavlov)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-09-07] (Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-08-28] (Igor Pavlov)
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Antivirus\shellExt.dll [2017-06-09] (ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-27] (Malwarebytes)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00548BE5-8698-4915-8B2C-47B21FAB4A2A} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {110CEA16-CCA2-4CB9-ACD4-D57BF67978BC} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA}
Task: {43103991-73C6-46BD-85D1-28104DF9AC91} - System32\Tasks\Microsoft\Windows\Conexant\SA3 => C:\Program Files\CONEXANT\SA3\HP-NB-AIO\SACpl.exe [2016-10-06] (Conexant Systems, Inc.)
Task: {9A75D74C-6C0F-4BC3-A7B0-9E4DE0296B3F} - System32\Tasks\Microsoft\Windows\Conexant\MicTray => C:\Windows\System32\MicTray64.exe [2017-05-14] (Conexant)
Task: {9D128E36-F120-4C34-B3A2-3E4C1A83E41A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-04-15] (Microsoft Corporation)
Task: {A5271525-0462-42CB-8FE8-13C1AB55D3E4} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-04-06] (Microsoft Corporation)
Task: {A5E40BB3-466D-46B5-9BA5-C2854978D793} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-04-06] (Microsoft Corporation)
Task: {A8D56C44-A4F4-4293-ABB9-673DD4B68B7A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-21] (Google Inc.)
Task: {A8FDA858-E140-4EAD-9278-D5290AD198CF} - System32\Tasks\Workhours_Recorder => C:\Users\jch\AppData\Local\Continuum\Anaconda3\python.exe [2017-10-15] (Python Software Foundation)
Task: {C4B1661D-D88C-45A9-9E82-175EAE7721CF} - System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202}
Task: {CA98F9E9-92D7-4524-B9D7-9A9C41575D54} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-04-15] (Microsoft Corporation)
Task: {CC2559E0-1346-4EAA-BC65-5F88FCF26359} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-04-15] (Microsoft Corporation)
Task: {D258E4A3-FEEF-4E80-98E7-48E2399905C5} - System32\Tasks\RegistrationModuleReminder_Welcome-S-1-5-21-795514730-4054122176-1461915740-1001 => C:\Program Files\HP\HP Welcome\Garage.Container.exe [2015-12-15] (HP Inc)
Task: {D261BA7A-020B-4215-BD71-8C841C816674} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-04-15] (Microsoft Corporation)
Task: {D4A2F8C5-2E8B-4A36-A39F-DCAFF48E33B8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {DA0785C6-DCF7-44FE-81DF-DD07D02DF4A4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {E2D09B08-6B3D-41B6-B97A-FC267CFDC203} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-21] (Google Inc.)
Task: {EB349381-BACF-43F5-B1B6-85E022ECF454} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\jch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Anaconda Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> "/K" C:\Users\jch\AppData\Local\Continuum\Anaconda3\Scripts\activate.bat C:\Users\jch\AppData\Local\Continuum\Anaconda3

==================== Loaded Modules (Whitelisted) ==============

2017-05-09 00:44 - 2017-05-09 00:44 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-05-09 00:44 - 2017-05-09 00:44 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-07-06 13:52 - 2015-07-06 13:52 - 000007680 _____ () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
2018-04-16 15:47 - 2018-03-27 13:47 - 002492704 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-04-16 15:47 - 2018-03-12 15:09 - 002300192 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-09-29 15:41 - 2017-09-29 15:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-03-29 11:38 - 2018-03-29 11:38 - 000120016 _____ () C:\Users\jch\AppData\Roaming\Microsoft\Windows\Contrrt\Everysummer.dll
2016-07-30 23:11 - 2018-03-31 16:19 - 008936112 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2018-03-14 11:38 - 2018-02-22 02:26 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-03-14 11:38 - 2018-02-22 02:21 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-03-27 06:44 - 2018-03-27 06:44 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.1000_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-03-27 06:44 - 2018-03-27 06:44 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.1000_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-03-27 06:44 - 2018-03-27 06:44 - 022050304 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.1000_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-03-27 06:44 - 2018-03-27 06:44 - 002584576 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.1000_x64__kzf8qxf38zg5c\skypert.dll
2018-03-23 14:11 - 2018-03-20 08:00 - 004435288 _____ () C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\libglesv2.dll
2018-03-23 14:11 - 2018-03-20 08:00 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\libegl.dll
2015-07-24 14:34 - 2015-07-24 14:34 - 000063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2016-01-07 01:48 - 2016-01-07 01:48 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 13:47 - 2016-07-16 13:45 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4260820389-203242751-2565199900-1108\Control Panel\Desktop\\Wallpaper -> C:\Users\jch\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D3FF034F-34B3-459C-B05D-8456097DE15F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{9AC369AC-A43E-4F18-93A8-7CB6714CA1DB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C0E2CA54-1894-4E30-B9C2-BE3871EA22CF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B7C9AE53-7434-4CD6-A05D-8665A7324A62}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [UDP Query User{B306BE91-8745-45CE-8E0A-F1C70A282DF0}C:\users\jch\appdata\local\continuum\anaconda3\pythonw.exe] => (Allow) C:\users\jch\appdata\local\continuum\anaconda3\pythonw.exe
FirewallRules: [TCP Query User{03F8E3C0-3B33-45E2-B82C-583FB621A877}C:\users\jch\appdata\local\continuum\anaconda3\pythonw.exe] => (Allow) C:\users\jch\appdata\local\continuum\anaconda3\pythonw.exe
FirewallRules: [{3B1549BA-F4C0-428E-AE31-3331E961A157}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{774D9AE3-96A1-4441-8141-0A866F1D1A65}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{97E7F89C-91B9-446D-99E1-D2C2131F88CE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{1A4FDE6F-CC13-4F98-A7BF-C199FA345B57}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{4BA01265-A99B-449B-86DE-EEDAB388BBC5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C2DF2CC9-CB97-47C5-BA3D-077BF5B51435}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{FE289D97-3BB1-48A4-80A5-0F32DB1001C3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BBAEA70A-D08A-42BD-A243-C4B704450B7C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8CCF8713-27EA-4A8C-98FC-D5085601B9D1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{99D1CD07-0174-4EBB-B51C-7EA494D687F1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{AD24028D-9EA6-421C-8A9F-AC22E8114423}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{146F132B-BCA0-45A3-B9F3-0AA8CC70B85F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C1C94678-7188-4FEE-B4FD-7B312A75359A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{87A0515E-15DA-42E3-AF47-10FB9E58AADF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{FDB67C82-549B-4DCC-85D9-77AAF5387635}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4F7F9654-1E4E-4889-84D9-A217F1B0D4D4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{10A30443-8FA6-4620-827D-E5F998691D33}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{9DA95F4F-5011-44C4-9A64-2B9E5B50E0A0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{97298E4B-E8F1-4E0D-AAB7-F39B2FB94118}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{D9FE6E31-18EA-4CE1-80F4-2137C7043B7F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{6C5844D7-9E45-482F-8C84-636D817DAF4E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{C61677A6-BFB9-4146-A9DE-7B8EB5DA2303}C:\users\jch\appdata\local\continuum\anaconda3\pythonw.exe] => (Allow) C:\users\jch\appdata\local\continuum\anaconda3\pythonw.exe
FirewallRules: [UDP Query User{6218A402-9722-4819-A649-457167129B8A}C:\users\jch\appdata\local\continuum\anaconda3\pythonw.exe] => (Allow) C:\users\jch\appdata\local\continuum\anaconda3\pythonw.exe
FirewallRules: [TCP Query User{CA81B221-094F-4AE2-B4CA-75AE80D6EDF6}C:\users\jch\appdata\local\continuum\anaconda3\pythonw.exe] => (Allow) C:\users\jch\appdata\local\continuum\anaconda3\pythonw.exe
FirewallRules: [UDP Query User{4CF466CD-873B-4E01-9C10-B6D2EC441DB7}C:\users\jch\appdata\local\continuum\anaconda3\pythonw.exe] => (Allow) C:\users\jch\appdata\local\continuum\anaconda3\pythonw.exe
FirewallRules: [{C621B4A1-193E-4341-A849-F3D2C22EF5E7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{ECC5F8CB-0BA6-4324-9E3B-0BF50C8FF38B}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{FC6F42AE-7AC6-4E01-9440-140372264FC1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{695E16B4-E12D-41B1-B724-070342ED16D6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{0D798167-8422-4975-893C-7179C7067333}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Restore Points =========================

14-04-2018 11:25:12 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/16/2018 05:46:14 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1521) (User: SANDERSG)
Description: Windows cannot locate the server copy of your roaming profile and is attempting to log you on with your local profile. Changes to the profile will not be copied to the server when you log off. This error may be caused by network problems or insufficient security rights. 

 DETAIL - The network path was not found.

Error: (04/16/2018 03:49:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 3.0.0.1429, time stamp: 0x5ab557c4
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x70e248e8
Faulting process ID: 0xbf8
Faulting application start time: 0x01d3d589acc82605
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
Faulting module path: unknown
Report ID: 6320b8d0-da40-4b8f-a33f-63371d69e685
Faulting package full name: 
Faulting package-relative application ID:

Error: (04/16/2018 01:30:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program EXCEL.EXE version 16.0.9126.2152 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1bac

Start Time: 01d3d572e3653e59

Termination Time: 4294967295

Application Path: C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE

Report Id: 0ee5600d-5f84-4f60-a9d2-a91e6e12c798

Faulting package full name: 

Faulting package-relative application ID:

Error: (04/16/2018 12:19:52 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1521) (User: SANDERSG)
Description: Windows cannot locate the server copy of your roaming profile and is attempting to log you on with your local profile. Changes to the profile will not be copied to the server when you log off. This error may be caused by network problems or insufficient security rights. 

 DETAIL - The network path was not found.

Error: (04/16/2018 09:31:38 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1521) (User: SANDERSG)
Description: Windows cannot locate the server copy of your roaming profile and is attempting to log you on with your local profile. Changes to the profile will not be copied to the server when you log off. This error may be caused by network problems or insufficient security rights. 

 DETAIL - The network path was not found.

Error: (04/15/2018 04:50:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 65.0.3325.181, time stamp: 0x5ab09a5a
Faulting module name: KERNELBASE.dll, version: 10.0.16299.371, time stamp: 0x6369e29f
Exception code: 0xe0000008
Fault offset: 0x0000000000014008
Faulting process ID: 0xcec
Faulting application start time: 0x01d3d48e7e3fceca
Faulting application path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report ID: 55ebf0c8-affe-4db4-8b31-7486621c3a43
Faulting package full name: 
Faulting package-relative application ID:

Error: (04/15/2018 09:50:32 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1521) (User: SANDERSG)
Description: Windows cannot locate the server copy of your roaming profile and is attempting to log you on with your local profile. Changes to the profile will not be copied to the server when you log off. This error may be caused by network problems or insufficient security rights. 

 DETAIL - The network path was not found.

Error: (04/14/2018 10:46:35 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: git-credential-manager.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileLoadException
   at Microsoft.Alm.Cli.Program.Main(System.String[])


System errors:
=============
Error: (04/16/2018 05:46:36 PM) (Source: DCOM) (EventID: 10016) (User: SANDERSG)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user SANDERSG\jch SID (S-1-5-21-4260820389-203242751-2565199900-1108) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/16/2018 05:46:19 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/16/2018 05:46:19 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/16/2018 05:46:19 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/16/2018 05:46:19 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/16/2018 05:46:17 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: SANDERSG)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has successfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (04/16/2018 05:46:13 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has successfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (04/16/2018 05:46:13 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1794) (User: NT AUTHORITY)
Description: The Trusted Platform Module (TPM) firmware on this PC has a known security problem. Please contact your PC manufacturer to find out if an update is available. For more information please go to https://go.microsoft.com/fwlink/?linkid=852572


CodeIntegrity:
===================================

Date: 2018-04-16 17:51:23.771
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-04-16 17:51:23.769
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-04-16 17:51:15.562
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-04-16 17:51:15.560
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-04-16 17:51:08.128
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-04-16 17:51:08.126
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-04-16 17:47:27.957
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-04-16 17:47:27.954
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-6600U CPU @ 2.60GHz
Percentage of memory in use: 24%
Total physical RAM: 16264.6 MB
Available physical RAM: 12244.65 MB
Total Virtual: 16664.6 MB
Available Virtual: 12787.85 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:216.78 GB) (Free:71.39 GB) NTFS
Drive d: (Recovery Image) (Fixed) (Total:18.26 GB) (Free:2.38 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.99 GB) FAT32

\\?\Volume{19840438-2f25-483e-a6f6-19ca01f35a14}\ (SYSTEM) (Fixed) (Total:0.35 GB) (Free:0.25 GB) FAT32
\\?\Volume{4e2a5558-dcb9-4625-b08d-b1c473c34809}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.38 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 152DCB03)

Partition: GPT.

==================== End of Addition.txt ============================
         
--- --- ---

Alt 17.04.2018, 01:30   #5
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Raiffeisen E-Banking Probleme - infizierten Rechner - Standard

Raiffeisen E-Banking Probleme - infizierten Rechner



hi,

Zitat:
Cisco AnyConnect Secure Mobility Client
ESET Endpoint Antivirus
ESET Remote Administrator Agent
GAUSS 18 x64
Microsoft Office 365 - de-de
Microsoft Office Professional Plus 2016 - de-de
ZyWALL SecuExtender
Also das sieht stark nach Bürorechner aus. Dafür wäre aber deine IT-Abteilung zuständig, nicht das TB. Bitte mal erklären.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 17.04.2018, 10:59   #6
RSLB
 
Raiffeisen E-Banking Probleme - infizierten Rechner - Standard

Raiffeisen E-Banking Probleme - infizierten Rechner



Hallo cosinus,

zunächst danke für die schnelle Rückmeldung.

Der PC ist tatsächlich etwas zwischen Arbeit und Privat. Den Laptop habe ich ursprünglich über die Arbeit bestellt, doch inzwischen ist es eher ein privaten Laptop geworden.

Ich bin noch Student und habe deswegen Cisco als Uni-VPN. Gleichzeitig bin ich auch an der Universität angestellt und kann deswegen auf Seiten wie Studyhouse Office Professional sehr günstig holen (warum ich Office 365 habe weiss ich ehrlich gesagt nicht). Gauss ist ebenfalls mit meiner Uni-Anstellung verbunden, da meine Aufgabe dort in der Optimierung eines Gauss-Codes liegt.

ZyWall und ESET sind mit meiner anderen Anstellung verbunden. Dort arbeite ich hauptsächlich im Home-Office, desewegen habe ich den VPN auf alle meine privaten Geräte. ESET habe ich, weil ich eben über die Firma den Laptop bekommen habe.

Ich bin mir nicht genau sicher, warum TB solche Sachen an der IT-Abteilung überlässt, doch ich kann mir folgendes vorstellen:
  • Damit, der Nutzer nichts unternimmt, was die IT-Abteilung verbieten würde. -> In diesem Fall dürfte es kein Problem sein, der Laptop ist wie gesagt mein eigener und ich darf ohne weiteres Sachen installieren oder deinstallieren, selbst Windows.
  • Weil eine Firma es sich leisten kann, Professionellen dafür anzustellen. -> Das kann ich auch absolut verstehen und, weil wir nur eine kleine 5-Personen Firma wo alles relativ unkompliziert ist, könnte ich wahrscheinlich auch mein halb-privaten Laptop über unseren IT-Beratung reparieren lassen (die sind jedoch meist inkompetent )

Wenn es also aus dem ersten Grund ist, dürfte dies kein Problem sein. Wenn es hingegen aus dem zweiten ist, dann bitte entschuldigt den Beitrag, den dürft ihr gerne löschen.

Wenn es aus anderen Gründen ist, die ich nicht genannt habe, dürft ihr gerne anhand von den gegebenen Informationen entscheiden ob der Beitrag gelöscht werden soll.

Auf jeden Fall danke für Deine Zeit

Alt 17.04.2018, 13:22   #7
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Raiffeisen E-Banking Probleme - infizierten Rechner - Icon22

Raiffeisen E-Banking Probleme - infizierten Rechner



Ich begreife nicht wirklich, warum das fast immer in Diskussionen ausartet. Es ist doch sonnenklar, dass für gewerbliche Systeme bzw Bürorechner die dafür eingestellten Admins nunmal zuständig sind. Siehe auch https://www.trojaner-board.de/108423...-anfragen.html
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 17.04.2018, 13:40   #8
RSLB
 
Raiffeisen E-Banking Probleme - infizierten Rechner - Standard

Raiffeisen E-Banking Probleme - infizierten Rechner



Zitat:
Zitat von cosinus Beitrag anzeigen
Ich begreife nicht wirklich, warum das fast immer in Diskussionen ausartet. Es ist doch sonnenklar, dass für gewerbliche Systeme bzw Bürorechner die dafür eingestellten Admins nunmal zuständig sind. Siehe auch https://www.trojaner-board.de/108423-loeschen-logfiles-andere-anfragen.html
Weil es eben meiner Meinung nach einen Sonderfall ist. In dem Fall bin ich einerseits der IT-Verantwortlicher in unserer 5 Personen Firma (in manchen Fällen kontaktiere ich eine IT-Beratungsfirma wenn ich die Probleme selber nicht lösen kann), andererseits ist der PC halb-privat und halb-gewerblich.

In deinem Link steht nämlich auch, dass ihr bei Kleinunternehmen manchmal Ausnahmen macht. Ich wollte hiermit keine Diskussion starten, wenn Du das Gefühl hast, ich soll eine IT-Beratung direkt kontaktieren dann bitte schliesse den Beitrag. Die IT-Abteilung unserer Firma bin aber grundsätzlich ich.

Danke für Deine Zeit.

Alt 17.04.2018, 13:51   #9
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Raiffeisen E-Banking Probleme - infizierten Rechner - Standard

Raiffeisen E-Banking Probleme - infizierten Rechner



Nein was ich nicht verstehe sind solchen grundsätzlichen Diskussionen. Als wenn es nicht selbstverständlich sei , dass für gewerblich Rechner nun mal die IT der Firma zuständig ist.

Dass du den halbprivat nutzt bzw es hier um ne kleine 5-Mann-Firma geht kann ich ich bitte wie vorher wissen? Sowas steht nicht in deinem FRST-Log und beschrieben hast du es auch nicht...



Lesestoff:
Google Chrome

Offensichtlich nutzt du den Browser Chrome von Google. Ich muss von der Verwendung dieses Browsers aus Datenschutzgründen dringend abraten. Siehe auch Google: Chrome-Browser scannt lokale Dateien auf Windows-PCs

Installiere Mozilla Firefox, damit lassen sich auch Profildaten aus Chrome importieren, anschließend Google Chrome deinstallieren.




Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
Task: {00548BE5-8698-4915-8B2C-47B21FAB4A2A} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 17.04.2018, 14:23   #10
RSLB
 
Raiffeisen E-Banking Probleme - infizierten Rechner - Standard

Raiffeisen E-Banking Probleme - infizierten Rechner



Okay, ich verstehe. Sorry, dass ich mein Fall nicht präzis genug geschildert habe und danke für deine Bemühungen trotz der Unklarheit meinerseits.

Hier der FRST Fixlog:
Code:
ATTFilter
Fix result of Farbar Recovery Scan Tool (x64) Version: 15.04.2018
Ran by jch (17-04-2018 14:17:49) Run:3
Running from C:\Users\jch\Desktop
Loaded Profiles: jch (Available Profiles: jch & defaultuser0 & admin)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Task: {00548BE5-8698-4915-8B2C-47B21FAB4A2A} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
emptytemp:
*****************

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{00548BE5-8698-4915-8B2C-47B21FAB4A2A} => could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => could not remove. Access Denied.
HKLM\SOFTWARE\Policies\Google => not found

=========== EmptyTemp: ==========

BITS transfer queue => 9461760 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9488668 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 7090 B
Edge => 0 B
Chrome => 14922424 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 822 B
NetworkService => 0 B
jch => 52609716 B
jgr => 0 B
Mba => 0 B
defaultuser0 => 0 B
admin => 0 B

RecycleBin => 0 B
EmptyTemp: => 82.5 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 17-04-2018 14:20:34)


Result of scheduled keys to remove after reboot:

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{00548BE5-8698-4915-8B2C-47B21FAB4A2A} => could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => could not remove. Access Denied.

==== End of Fixlog 14:20:35 ====
         
Achtung: Mein PC ist beim Neustart gar nicht mehr neu gestartet. Ich habe im Fixlog gesehen, dass mir den Zugriff nicht gewährt wurde auf manchen Sachen (RunCampaignManager) und dachte ich mach es einfach nochmal.

Ich war leider etwas dumm und habe die erste Fixlog.txt Datei nicht gespeichert, dies wäre nur die zweite.

Geändert von RSLB (17.04.2018 um 14:30 Uhr)

Alt 17.04.2018, 14:56   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Raiffeisen E-Banking Probleme - infizierten Rechner - Standard

Raiffeisen E-Banking Probleme - infizierten Rechner



Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte:


1. Schritt: Malwarebytes Version 3

Downloade Dir bitte Malwarebytes Anti-Malware 3
  • Installiere das Programm in den vorgegebenen Pfad.
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM nach dem Neustart, klicke auf Berichte.
  • Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
  • Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.



2. Schritt: ESET

Downloade Dir bitte ESET Online Scanner (Bebilderte Anleitung)
  • Starte die Installationsdatei.
  • Akzeptiere die Nutzungsbedingungen.
  • Wähle Erkennung evtl. unerwünschter Anwendungen aktivieren aus und klicke auf Scannen.
  • Zuerst werden die notwendigen Signaturen heruntergeladen, anschließend startet ESET automatisch den Suchlauf.
  • Am Ende des Suchlaufs werden gegebenenfalls die gefundenen Elemente aufgelistet.
  • Schließe den ESET Online Scanner rechts oben [ X ] und klicke anschließend auf Schließen.
  • Drücke bitte die Tastenkombination WIN+R zum Ausführen und kopiere folgenden Text in die Zeile und drücke im Anschluss auf OK:
    Code:
    ATTFilter
    notepad "%tmp%\log.txt"
             
  • Kopiere den gesamten Text mittels STRG+A und STRG+C hier in deine Antwort in CODE-Tags



3. Schritt: SecurityCheck

Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 17.04.2018, 18:07   #12
RSLB
 
Raiffeisen E-Banking Probleme - infizierten Rechner - Standard

Raiffeisen E-Banking Probleme - infizierten Rechner



Anbei die Scan Berichte:

Malwarebytes
Code:
ATTFilter
Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 4/17/18
Scan Time: 4:26 PM
Log File: 447e6308-424b-11e8-95d1-3c528247f0f3.json
Administrator: Yes

-Software Information-
Version: 3.4.5.2467
Components Version: 1.0.342
Update Package Version: 1.0.4768
License: Trial

-System Information-
OS: Windows 10 (Build 16299.371)
CPU: x64
File System: NTFS
User: System

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 521433
Threats Detected: 0
(No malicious items detected)
Threats Quarantined: 0
(No malicious items detected)
Time Elapsed: 3 min, 10 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)


(end)
         
ESET Online Scanner
Code:
ATTFilter
16:30:35 # product=EOS
# version=8
# flags=0
# esetonlinescanner_deu.exe=2.0.19.0
# EOSSerial=
# end=init
# utc_time=2018-04-17 14:30:35
# local_time=2018-04-17 16:30:35 (+0100, W. Europe Summer Time)
# country="Switzerland"
# osver=10.0.16299 NT 
16:30:38 # product=EOS
# version=8
# flags=0
# esetonlinescanner_deu.exe=2.0.19.0
# EOSSerial=b70346254a1b59469d5637779b78a648
# end=init
# utc_time=2018-04-17 14:30:38
# local_time=2018-04-17 16:30:38 (+0100, W. Europe Summer Time)
# country="Switzerland"
# osver=10.0.16299 NT 
16:30:51 Updating
16:30:51 Update Init
16:30:53 Update Download
16:32:22 esets_scanner_reload returned 0
16:32:22 g_uiModuleBuild: 37074
16:32:22 Update Finalize
16:32:22 Call m_esets_charon_send
16:32:22 Call m_esets_charon_destroy
16:32:22 Updated modules version: 37074
16:32:32 Call m_esets_charon_setup_create
16:32:32 Call m_esets_charon_create
16:32:32 m_esets_charon_create OK
16:32:32 Call m_esets_charon_start_send_thread
16:32:32 Call m_esets_charon_setup_set
16:32:32 m_esets_charon_setup_set OK
16:32:32 Scanner engine: 37074
17:50:57 # product=EOS
# version=8
# flags=0
# esetonlinescanner_deu.exe=2.0.19.0
# EOSSerial=b70346254a1b59469d5637779b78a648
# engine=37074
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# sfx_checked=true
# utc_time=2018-04-17 15:50:57
# local_time=2018-04-17 17:50:57 (+0100, W. Europe Summer Time)
# country="Switzerland"
# lang=1031
# osver=10.0.16299 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 10397988 18214768 0 0
# compatibility_mode_1='ESET Endpoint Antivirus'
# compatibility_mode=8248 16777213 100 100 2526428 35691821 0 0
# scanned=2
# found=0
# cleaned=0
# scan_time=4713
         
Security Check
Code:
ATTFilter
 Results of screen317's Security Check version 1.009  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Malwarebytes              
ESET Endpoint Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Java 8 Update 144  
 Java version 32-bit out of Date! 
 Google Chrome (65.0.3325.181) 
 Google Chrome (SetupMetrics...) 
````````Process Check: objlist.exe by Laurent````````  
 ESET NOD32 Antivirus egui.exe  
 ESET NOD32 Antivirus ekrn.exe  
 Malwarebytes Anti-Malware mbamservice.exe  
 ESET RemoteAdministrator Agent ERAAgent.exe 
 Malwarebytes Anti-Malware mbamtray.exe  
 Windows Defender MSASCuiL.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
         
Ich bekomme diese Meldung übrigens nicht mehr wenn ich jetzt meine E-Banking Website besuche.

Alt 18.04.2018, 08:58   #13
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Raiffeisen E-Banking Probleme - infizierten Rechner - Standard

Raiffeisen E-Banking Probleme - infizierten Rechner



Da war auch nicht mehr wirklich was...


Dann wären wir durch!

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen.

Abschließend müssen wir noch ein paar Schritte unternehmen, um dein System aufzuräumen (cleanup mit DelFix) und abzusichern; ich poste dir dazu mal meine Lesestoffe. Wichtiger als irgendein AV ist ein vernünftiger Umgang, also gewisse Verhaltensregeln am Gerät mit Internetzugang, und ein paar grundsätzliche Absicherungen. Deswegen kommen die zuerst. Gliederung:

  1. Cleanup mit unserem TBCleanup-Script

  2. Grundsätzliches

  3. Absicherung

  4. Virenscanner + Firewall

  5. Backup- und Imaging-Tools



Lesestoff:
Cleanup

Alle Logs gepostet? Dann lade Dir bitte das TBCleanUpTool herunter.
  • Schließe alle offenen Programme.
  • Rechtsklicke auf die TBCleanUp.bat und wähle Als Administrator ausführen.
  • Drücke eine beliebige Taste, um den Entfernungsprozess zu starten.
Hinweis:
Das TBCleanUpTool entfernt die verwendeten Programme, die Quarantäne unserer Scanner und löscht sich abschließend selbst.
Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, die du nicht mehr verwenden möchtest, kannst du diese über die Systemsteuerung deinstallieren.




Lesestoff:
Grundsätzliches

Lesestoff:
Google Chrome

Von der Verwendung dieses Browsers muss man aus Datenschutzgründen dringend abraten. Siehe auch Google: Chrome-Browser scannt lokale Dateien auf Windows-PCs

Installiere Mozilla Firefox, damit lassen sich auch Profildaten aus Chrome importieren, anschließend Google Chrome deinstallieren, falls es noch installiert ist.


Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups deiner wichtigen Dateien oder des Systems (genaueres dazu im Lesestoff zu Backups)

Finger weg von Registry-Cleanern, Optimizern usw!!! - die Performancesteigerung ist umstritten bis ganz klar nicht belegbar, dafür hast du ein großes Risiko dein System zu zerstören v.a. bei Registry-Operationen. Das Beste ist, die windowseigene Datenträgerbereinigung zu verwenden - und die Registry in Ruhe zu lassen!


Softwareinstallationen und Aktualisierungen

Für Windows gibt es seit einiger Zeit einen brauchbaren Paketmanager, der mit einfachen Befehlen es erlaubt, automatisiert Software herunterzuladen und zu installieren. Das erspart eine Menge Arbeit, denn ohne einen Paketmanager muss man jedes Programm selbst prüfen und separat manuell updaten, vorher manuell noch runterladen etc. pp. - siehe auch --> http://www.trojaner-board.de/186035-...r-windows.html


Ich empfehle daher, alle Programme, sofern verfügbar, über chocolatey zu installieren. Falls du schon mit Linux zu tun hattest, wird dir die Syntax sehr vertraut sein. Die FAQs zu choco findest du da --> Chocolatey: Häufig gestellte Fragen (englisch)


Für den seltenen Fall, dass du das benötigte Programm NICHT im repository von chocolatey findest: Lade diese Software immer von einem sauberen Portal wie . Finger weg von chip.de oder softonic!
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner.




Lesestoff:
Absicherung

Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch sicherheitsrelevante Software sollte immer in aktueller Version vorliegen - sofern benötigt, wenn nicht benötigt natürlich sinnigerweise deinstallieren oder Alternativen verwenden (und diese aktuell halten).

Das zeitnahe Einspielen von Updates ist erforderlich, damit Sicherheitslücken geschlossen werden; Sicherheitslücken werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Besonders aufpassen bzgl. der Aktualität musst du bei folgender Software:
  • Browser (Internet Explorer, Edge, Firefox, Chrome, ...)

  • Flash Player: Was Adobe mit seinem Flash Player veranstaltet, ist irgendwo zwischen Frechheit und Inkompetenz einzustufen; in dem Teil werden ständig neue dicke Sicherheitslücken gefunden - für YT reicht meistens HTML5 aus, das ist der Standardplayer wenn der Flash Player inaktiv oder nicht installiert ist; für spezielle Browsergames kann es aber sein, dass du den Flash Player brauchst. Nutze Flash so sparsam wie möglich und wenn dann immer aktuell halten!!

  • Java: Spielt kaum noch eine Rolle. Fast nirgendwo werden mehr Java-Applets eingesetzt. Wird noch für spezielles Zeugs in OpenOffice genutzt, IIRC brauchen auch manche Games Java. Aber wirklich sehr selten.

  • PDF-Reader: NICHT den AdobeReader benutzen, sondern besser sowas wie PDF-XChange; der interne PDF-Betrachter vom Firefox reicht meist auch aus. Vermeide Adobe unbedingt, das ist eine Firma mit miserabler Sicherheitspolitik!


Empfohlene Firefox-Addons (Erweiterungen):

uBlock Origin ist ein einfacher und zuverlässiger Ad- und Trackerblocker.

HTTPS Everywhere Sorgt dafür, dass der Firefox immer, wenn möglich, verschlüsselte Verbindungen (HTTPS) verwendet statt HTTP. Wahlweise kann man darüber durch Setzen eines Häkchens auch alle unverschlüsselten Verbindungen blockieren, Firefox nutzt dann nur noch HTTPS und lädt nichts mehr über üverschlüsselte Verbindungen.




Lesestoff:
Virenscanner + Firewall

Vorab sei erwähnt, dass man niemals die Schutzwirkung eines Virenscanners überbewerten darf!

Die Dinger sind mittlerweile auch unter Windows stark umstritten und können Probleme bereiten, die man so ohne AV einfach nicht haben wird. Zudem werden sie auch niemals jeden Schädling finden können. Aussagen der Anbieter dieser Software entpuppen sich regelmäßig als Marketinggeblubber. Lies dazu => Aus aktuellem Anlass: Antivirus-Schlangenöl | Elias Schwerdtfeger und => http://www.golem.de/news/antivirenso...12-125148.html

Verwende also MAXIMAL ein einziges der folgenden AVs mit Echtzeitscanner und stets aktueller Signaturendatenbank; verwende immer nur reine Virenscanner (keine Produkte mit Suite oder Internet Security in Namen, denn diese bringen kontraproduktive Firewalls mit - die Windows-Firewall ist alles was benötigt wird!)



Microsoft Security Essentials (MSE) ist ab Windows 8 fest eingebaut, wenn du also Windows 8, 8.1 oder 10 und dich für MSE entschieden hast, brauchst du nicht extra MSE zu installieren. Bei Windows 7 muss es aber manuell installiert oder über die Windows Updates als optionales Update bezogen werden. Selbstverständlich ist ein legales/aktiviertes Windows Voraussetzung dafür.

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und/oder mit dem ESET Online Scanner scannen.






Lesestoff:
Backup-/Image-Tools

IMHO sind Wiederherstellungspunkte nix weiter als eine Notlösung, wer sich auf was Funktionierendes verlassen will und muss, kommt um echte Backup/Imaging Software nicht herum. Ich nehme unter Windows immer Drive Snapshot - Disk Image Backup for Windows NT/2000/XP/2003/X64

Damit man sinnvolle Backups hat muss man regelmäßig zB wöchentlich ein Image auf eine separate externe Festplatte erstellen. Diese externe Festplatte wird nur dann angeschlossen, wenn man das Backup erstellen will (oder etwas wiederherstellen muss), sonsten bleibt sie aus Sicherheitsgründen sicher im Schrank verwahrt - allein schon aus dem Grund, die Backups vor Krypto-Trojaner zu schützen.



Option 1: Drivesnapshot

Offizielle TB-Anleitung --> http://www.trojaner-board.de/186299-...esnapshot.html






Drive Snapshot - Disk Image Backup for Windows NT/2000/XP/2003/X64
Download (32-Bit) => http://www.drivesnapshot.de/download/snapshot.exe
Download (64-Bit) => http://www.drivesnapshot.de/download/snapshot64.exe



Es gibt da auch leicht abgespeckte Versionen von Acronis TrueImage gratis wenn man Platten von Seagate und/oder Western Digital hat. Vllt sagen diese Programme dir mehr zu. Mein Favorit aber ist das kleine o.g. Drivesnapshot.



Option 2: Seagate DiscWizard
Download => Seagate DiscWizard - Download - Filepony


Screenshots:
http://filepony.de/screenshot/seagate_discwizard5.jpg
http://filepony.de/screenshot/seagate_discwizard4.png
http://filepony.de/screenshot/seagate_discwizard3.jpg




Option 3: Acronis TrueImage WD Edition
Download => Acronis True Image WD Edition - Download - Filepony


Screenshots:
http://filepony.de/screenshot/acroni...d_edition1.jpg
http://filepony.de/screenshot/acroni...d_edition2.jpg
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 18.04.2018, 11:17   #14
RSLB
 
Raiffeisen E-Banking Probleme - infizierten Rechner - Standard

Raiffeisen E-Banking Probleme - infizierten Rechner



Nochmal danke für die hervorragende Hilfe deinerseits. Obwohl gestern Abend zu Hause alles in Ordnung war (i.e. keine Meldung mehr beim E-Banking Besuch), ist es heute nicht mehr der Fall.

Ich bin heute ins Büro gegangen um an meiner Masterarbeit zu schreiben, doch irgendwann habe ich gemerkt, dass beim Druck von "^" direkt zwei "^^" auftauchen. Dieses Problem hatte ich zum ersten Mal am Wochenende gemerkt, kurz bevor ich diese E-Banking Probleme feststellen konnte. Ich hatte mich mal informiert und dachte es könnte eventuell an einem Keylogger liegen.

Als ich gestern den ersten Beitrag erstellte, hatte ich den Problem mit "^^" nicht mehr und obwohl ich es am Anfang im Beitrag geschrieben hatte, habe ich es schlussendlich doch noch gelöscht, weil es kein aktuelles Problem mehr war.

Ich habe auch schon früher festgestellt, dass manche Dateien, die ich zuhause lösche (z.B. den Backup von einem iPhone, der im AppData war) wiederhergestellt werden, wenn ich mir im Büro verbinde. Könnte es sein, dass der Virus irgendwo in meinem Profil steckt und nun wiederhergestellt wurde?

Ich gehe die Schritte von gestern im Büro jetzt nochmal durch (1. MBAM, 2. ESET Online Scanner, 3. SecurityCheck, 4. FRST-Scan) und poste gleich die Logs sobald ich damit durch bin.

Danke für die wertvolle Unterstützung.

Alt 18.04.2018, 11:29   #15
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Raiffeisen E-Banking Probleme - infizierten Rechner - Standard

Raiffeisen E-Banking Probleme - infizierten Rechner



Der Rechner ist sauber. Was soll dieser Scannerei?
Was habt ihr alle immer nur mit keylogger? Ein keylogger zeichnet Tastaturanschläge auf und macht nicht willkürlich irgendwo neue rein
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu Raiffeisen E-Banking Probleme - infizierten Rechner
antivirus, bootsektor, brauch, code, data, desktop, detected, eset, explorer, file, firefox, folge, ics, infizierte, kaspersky, malwarebytes, meldung, ordner, problem, probleme, rechner, setup, stream, tdss, verschiedene



Ähnliche Themen: Raiffeisen E-Banking Probleme - infizierten Rechner


  1. Secure Banking - Online Banking auf der sicheren Seite!
    Archiv - 29.08.2016 (471)
  2. Online Banking Manipuliert - Fehlüberweisung vorgegaukelt - Online Banking gesperrt bis Rücküberweisung
    Plagegeister aller Art und deren Bekämpfung - 14.03.2016 (26)
  3. Nach vermeintlicher DHL-Mail Probleme beim Online-Banking und massenhaft Mails
    Plagegeister aller Art und deren Bekämpfung - 12.06.2015 (28)
  4. Banking Trojaner
    Plagegeister aller Art und deren Bekämpfung - 10.06.2015 (19)
  5. Win 8: Probleme mit dem Online Banking
    Plagegeister aller Art und deren Bekämpfung - 16.06.2014 (13)
  6. Online Banking – Sicherheitsabfrage und andere Probleme - laut Kripo "guter Virus"
    Plagegeister aller Art und deren Bekämpfung - 11.07.2013 (17)
  7. Trojaner TR/Spy.Banker.YF - Online Banking Probleme
    Plagegeister aller Art und deren Bekämpfung - 12.06.2013 (17)
  8. Online-Banking-Probleme -> mittels Malwarebytes Trojan.FakeMS + Malware.Trace gefunden. Was jetzt?
    Plagegeister aller Art und deren Bekämpfung - 07.11.2012 (3)
  9. Müll aus Secure Banking - Online Banking auf der sicheren Seite!
    Mülltonne - 04.10.2012 (0)
  10. Online Banking - TAN Abfrage beim Banking - Trojaner?
    Log-Analyse und Auswertung - 12.08.2011 (3)
  11. Sparkasse Online-Banking Probleme
    Log-Analyse und Auswertung - 19.05.2011 (44)
  12. Probleme mit Online Banking
    Plagegeister aller Art und deren Bekämpfung - 01.03.2011 (8)
  13. Probleme beim Online-Banking: Trojan.Win32.Generic!BT, Win32.Backdoor.Papras/A und andere...
    Log-Analyse und Auswertung - 06.11.2010 (19)
  14. DRINGEND HILFE GESUCHT FÜR TROJANERBEKÄMPFUNG! TR/Spy.53760...probleme mit firefox, email, banking..
    Plagegeister aller Art und deren Bekämpfung - 18.08.2010 (15)
  15. Online Banking
    Log-Analyse und Auswertung - 16.12.2009 (2)
  16. Probleme mit SSL-Seiten z.B. Online-Banking
    Log-Analyse und Auswertung - 23.05.2009 (0)

Zum Thema Raiffeisen E-Banking Probleme - infizierten Rechner - Hallo Ihr Lieben, Ich habe mir etwas geholt was den folgenden Beiträge sehr ähnlich ist: https://www.trojaner-board.de/182862-windows-7-raiffeisen-e-banking-funktioniert-mehr-trojanerverdacht.html http://www.trojaner-board.de/168357-...ingefuegt.html https://www.trojaner-board.de/166389-http-guardsapps-2fh-co-i-net-banking-sms-android-virus.html Sobald ich auf dem infizierten Rechner meine E-Banking Website besuche, bekomme ich - Raiffeisen E-Banking Probleme - infizierten Rechner...
Archiv
Du betrachtest: Raiffeisen E-Banking Probleme - infizierten Rechner auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.