Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Security Alert - blauer Bildschirm im Browser (https://www.trojaner-board.de/186020-security-alert-blauer-bildschirm-browser.html)

Twiggy77 23.06.2017 16:28
Security Alert - blauer Bildschirm im Browser
 
Hallo,
ich habe in Firefox einen blauen Bildschirm mit der Meldung "Security Alert - Authentifizierung erforderlich, schalten sie den Computer nicht aus, da es einen Datenverlust verursachen kann."
Bitte um Hilfe


FRST Logfile:
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 21-06-2017 01
durchgeführt von marku (Administrator) auf MARKUSSPIEGL-PC (23-06-2017 16:01:48)
Gestartet von C:\Users\marku\Downloads
Geladene Profile: marku (Verfügbare Profile: marku)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Symantec Corporation) C:\Program Files\Norton Security\Engine\22.9.4.8\ns.exe
(CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Symantec Corporation) C:\Program Files\Norton Security\Engine\22.9.4.8\ns.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Maxthon International ltd.) C:\Users\marku\AppData\Roaming\Maxthon5\Public\MxUp\MxUp.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3738344 2015-10-21] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [3738344 2015-10-21] (ELAN Microelectronics Corp.)
HKLM\...\Run: [ApplyEsf-eDocPrintPro] => C:\Program Files\Common Files\MAYComputer\eDocPrintPro\ApplyEsf.exe [403456 2013-11-20] (May Software)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1803392 2015-10-01] (NVIDIA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-09] (Apple Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-10-21] (NEC Electronics Corporation)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [6998656 2009-10-26] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2009-08-19] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1314432 2016-03-11] (CANON INC.)
HKLM-x32\...\Run: [PSUAMain] => "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4020732326-1727681914-3926867655-1004\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation)
HKU\S-1-5-21-4020732326-1727681914-3926867655-1004\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEMN.EXE [945856 2013-03-06] (Microsoft Corporation)
HKU\S-1-5-21-4020732326-1727681914-3926867655-1004\...\Run: [GoogleDriveSync] => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
HKU\S-1-5-21-4020732326-1727681914-3926867655-1004\...\RunOnce: [Uninstall C:\Users\marku\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\marku\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
HKU\S-1-5-21-4020732326-1727681914-3926867655-1004\...\RunOnce: [Uninstall 17.3.6799.0327\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\marku\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64"
HKU\S-1-5-21-4020732326-1727681914-3926867655-1004\...\RunOnce: [Uninstall 17.3.6799.0327] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\marku\AppData\Local\Microsoft\OneDrive\17.3.6799.0327"
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [178280 2016-12-09] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [178280 2016-12-09] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWoW64\nvinit.dll => C:\WINDOWS\SysWoW64\nvinit.dll [158400 2016-12-09] (NVIDIA Corporation)
AppInit_DLLs-x32: , C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [158400 2016-12-09] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.9.4.8\buShell.dll [2017-05-11] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.9.4.8\buShell.dll [2017-05-11] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.9.4.8\buShell.dll [2017-05-11] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine32\22.9.4.8\buShell.dll [2017-05-11] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine32\22.9.4.8\buShell.dll [2017-05-11] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine32\22.9.4.8\buShell.dll [2017-05-11] (Symantec Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk [2015-05-24]
ShortcutTarget: SRS Premium Sound.lnk -> C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe (Acresso Software Inc.)
Startup: C:\Users\marku\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft SharePoint Workspace.lnk [2016-01-10]
ShortcutTarget: Microsoft SharePoint Workspace.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
GroupPolicyScripts-x32: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{0a99766f-9db0-4803-b44d-02c059ae3350}: [DhcpNameServer] 192.168.2.2 0.0.0.0
Tcpip\..\Interfaces\{e41c20a9-ea30-4d44-b8ea-d03ea9bea00b}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-4020732326-1727681914-3926867655-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
SearchScopes: HKU\S-1-5-21-4020732326-1727681914-3926867655-1004 -> {41AAB30D-96E3-472B-9270-E5DAB6E49FE4} URL = hxxps://at.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine\22.9.4.8\coIEPlg.dll [2017-05-26] (Symantec Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine32\22.9.4.8\coIEPlg.dll [2017-05-26] (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-22] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-22] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.9.4.8\coIEPlg.dll [2017-05-26] (Symantec Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.9.4.8\coIEPlg.dll [2017-05-26] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-4020732326-1727681914-3926867655-1004 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)

FireFox:
========
FF DefaultProfile: mrwjsdbz.default-1494965334876
FF ProfilePath: C:\Users\marku\AppData\Roaming\Mozilla\Firefox\Profiles\mrwjsdbz.default-1494965334876 [2017-06-23]
FF Extension: (StartupMaster) - C:\Users\marku\AppData\Roaming\Mozilla\Firefox\Profiles\mrwjsdbz.default-1494965334876\Extensions\{506d044e-41fa-4cc8-9dc6-9ff70e96eebf}.xpi [2017-05-16]
FF Extension: (Video DownloadHelper) - C:\Users\marku\AppData\Roaming\Mozilla\Firefox\Profiles\mrwjsdbz.default-1494965334876\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-06-03]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.9.3.13\coFFAddon
FF Extension: (Norton Security Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.9.3.13\coFFAddon [2017-05-23]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.9.3.13\coFFAddon
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll [2017-06-23] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll [2017-06-23] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2016-04-14] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-22] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-03] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultSearchURL: Default -> hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://de.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\marku\AppData\Local\Google\Chrome\User Data\Default [2017-06-23]
CHR Extension: (Google Docs) - C:\Users\marku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-07]
CHR Extension: (Google Drive) - C:\Users\marku\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-07]
CHR Extension: (YouTube) - C:\Users\marku\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-07]
CHR Extension: (Google-Suche) - C:\Users\marku\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-07]
CHR Extension: (Google Docs Offline) - C:\Users\marku\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-09]
CHR Extension: (Norton Identity Safe) - C:\Users\marku\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2017-05-23]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\marku\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-15]
CHR Extension: (Google Mail) - C:\Users\marku\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-07]
CHR Extension: (Chrome Media Router) - C:\Users\marku\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-16]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.9.4.8\Exts\Chrome.crx [2017-06-06]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4020732326-1727681914-3926867655-1004\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.9.4.8\Exts\Chrome.crx [2017-06-06]
CHR HKLM-x32\...\Chrome\Extension: [fabhkdeopjkcpkmofliimbjckmocfiom] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [kpdmjodecdegfglgaapafjleomjjlpnh] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
R2 CIJSRegister; C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe [144464 2015-02-19] (CANON INC.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144104 2015-10-21] (ELAN Microelectronics Corp.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [387144 2016-02-04] ()
S2 MxService; C:\Program Files (x86)\Maxthon5\Bin\MxService.exe [143648 2017-02-07] (Maxthon International ltd.)
R2 NS; C:\Program Files\Norton Security\Engine\22.9.4.8\NS.exe [326160 2017-05-27] (Symantec Corporation)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [86104 2016-07-19] (Panda Security, S.L.)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2014-10-03] (CyberLink)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-11-10] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)
S2 NanoServiceMain; "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe" [X]
S2 PSUAService; "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe" [X]
S2 RtkAudioService; "C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.9.3.13\Definitions\BASHDefs\20170620.005\BHDrvx64.sys [1862784 2017-06-14] (Symantec Corporation)
R1 ccSet_NS; C:\WINDOWS\system32\drivers\NSx64\1609040.008\ccSetx64.sys [174232 2017-05-11] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [507032 2017-05-05] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156824 2017-05-05] (Symantec Corporation)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2017-04-11] (Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-04-11] (Huawei Technologies Co., Ltd.)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.9.3.13\Definitions\IPSDefs\20170622.003\IDSvia64.sys [1053824 2017-05-22] (Symantec Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R1 NNSALPC; C:\WINDOWS\system32\DRIVERS\NNSALPC.sys [103856 2015-12-10] (Panda Security, S.L.)
R1 NNSHTTP; C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys [210864 2015-12-10] (Panda Security, S.L.)
R1 NNSHTTPS; C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys [120240 2015-12-10] (Panda Security, S.L.)
R1 NNSIDS; C:\WINDOWS\system32\DRIVERS\NNSIDS.sys [120240 2015-12-10] (Panda Security, S.L.)
R1 NNSNAHSL; C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys [58616 2015-06-19] (Panda Security, S.L.)
R1 NNSPICC; C:\WINDOWS\system32\DRIVERS\NNSPICC.sys [112560 2015-12-10] (Panda Security, S.L.)
R1 NNSPIHSW; C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys [82864 2016-03-17] (Panda Security, S.L.)
R1 NNSPOP3; C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys [133552 2015-12-10] (Panda Security, S.L.)
R1 NNSPROT; C:\WINDOWS\system32\DRIVERS\NNSPROT.sys [309680 2015-12-10] (Panda Security, S.L.)
R1 NNSPRV; C:\WINDOWS\system32\DRIVERS\NNSPRV.sys [179632 2016-02-18] (Panda Security, S.L.)
R1 NNSSMTP; C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys [122800 2015-12-10] (Panda Security, S.L.)
R1 NNSSTRM; C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys [267184 2016-02-18] (Panda Security, S.L.)
R1 NNSTLSC; C:\WINDOWS\system32\DRIVERS\NNSTLSC.sys [115632 2015-12-10] (Panda Security, S.L.)
R2 PSINAflt; C:\WINDOWS\system32\DRIVERS\PSINAflt.sys [174000 2016-08-09] (Panda Security, S.L.)
R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [129456 2016-08-09] (Panda Security, S.L.)
R1 PSINKNC; C:\WINDOWS\system32\DRIVERS\PSINKNC.sys [207272 2016-08-09] (Panda Security, S.L.)
R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [133544 2016-08-09] (Panda Security, S.L.)
R2 PSINProt; C:\WINDOWS\system32\DRIVERS\PSINProt.sys [146864 2016-08-09] (Panda Security, S.L.)
R2 PSINReg; C:\WINDOWS\system32\DRIVERS\PSINReg.sys [117168 2016-08-09] (Panda Security, S.L.)
S3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [72112 2016-08-10] (Panda Security, S.L.)
R3 SRTSP; C:\WINDOWS\System32\Drivers\NSx64\1609040.008\SRTSP64.SYS [770712 2017-05-11] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\system32\drivers\NSx64\1609040.008\SRTSPX64.SYS [49304 2017-05-11] (Symantec Corporation)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NSx64\1609040.008\SYMEFASI64.SYS [1714328 2017-05-11] (Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NSx64\1609040.008\SymELAM.sys [24608 2017-05-11] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [102608 2017-05-23] (Symantec Corporation)
R1 SymIRON; C:\WINDOWS\system32\drivers\NSx64\1609040.008\Ironx64.SYS [291480 2017-05-11] (Symantec Corporation)
R1 SymNetS; C:\WINDOWS\System32\Drivers\NSx64\1609040.008\SYMNETS.SYS [567496 2017-05-11] (Symantec Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U4 aspnet_state; kein ImagePath
S3 NAVENG; \??\C:\Program Files\Norton Security\NortonData\22.9.3.13\Definitions\SDSDefs\20170523.008\NAVENG.SYS [X]
S3 NAVEX15; \??\C:\Program Files\Norton Security\NortonData\22.9.3.13\Definitions\SDSDefs\20170523.008\NAVEX15.SYS [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-06-23 16:01 - 2017-06-23 16:03 - 00026065 _____ C:\Users\marku\Downloads\FRST.txt
2017-06-23 16:00 - 2017-06-23 16:01 - 00000000 ____D C:\FRST
2017-06-23 16:00 - 2017-06-23 16:00 - 02439680 _____ (Farbar) C:\Users\marku\Downloads\FRST64.exe
2017-06-23 14:37 - 2017-06-23 14:37 - 00000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2017-06-08 20:12 - 2017-06-08 20:12 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2017-06-08 19:59 - 2017-06-08 20:03 - 259195720 _____ (Apple Inc.) C:\Users\marku\Downloads\iTunes64Setup.exe
2017-06-07 18:18 - 2017-06-07 18:18 - 00003372 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2017-05-24 01:18 - 2017-06-07 18:39 - 00000000 ____D C:\Program Files\Common Files\AV

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-06-23 14:02 - 2015-05-24 22:20 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-06-23 13:54 - 2015-05-24 22:19 - 133627792 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-06-23 13:53 - 2015-08-03 20:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-06-23 13:51 - 2015-08-03 20:39 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-06-23 13:51 - 2015-08-03 20:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-06-23 13:44 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-06-23 13:26 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-23 13:26 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-23 12:23 - 2016-11-23 18:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-06-23 12:18 - 2016-11-30 18:26 - 00000000 ____D C:\Users\marku\AppData\LocalLow\Mozilla
2017-06-23 12:17 - 2016-11-10 05:37 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-06-23 11:43 - 2017-05-23 20:20 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Security
2017-06-23 11:30 - 2017-01-27 19:53 - 00003290 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-06-23 11:30 - 2015-11-18 19:33 - 00002432 _____ C:\Users\marku\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-06-23 11:30 - 2015-11-18 19:33 - 00000000 ___RD C:\Users\marku\OneDrive
2017-06-23 11:21 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-06-23 11:21 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-06-16 14:45 - 2015-12-07 21:04 - 00000000 ____D C:\Users\marku\AppData\Roaming\vlc
2017-06-16 14:30 - 2016-08-16 19:50 - 00000916 _____ C:\Users\Public\Desktop\VLC media player.lnk
2017-06-15 20:29 - 2016-09-05 17:52 - 00000000 ____D C:\ProgramData\CanonIJPLM
2017-06-12 11:14 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-06-07 18:20 - 2017-05-16 22:27 - 00000000 ___RD C:\Users\marku\Google Drive
2017-06-07 18:18 - 2017-05-23 20:16 - 00002306 _____ C:\Users\Public\Desktop\Norton Security.lnk
2017-06-07 18:18 - 2017-05-23 20:15 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2017-06-07 18:18 - 2017-05-23 20:15 - 00000000 ____D C:\WINDOWS\system32\Drivers\NSx64
2017-06-07 18:18 - 2016-07-16 13:47 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-06-07 18:17 - 2016-11-12 09:44 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-06-07 18:17 - 2016-11-10 05:42 - 00000000 ____D C:\ProgramData\NVIDIA
2017-06-07 18:14 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-06-03 20:20 - 2016-01-09 12:15 - 00000000 ____D C:\Users\marku\dwhelper
2017-06-03 19:55 - 2017-03-21 20:15 - 00000000 ____D C:\Program Files\Opera
2017-06-03 19:54 - 2017-03-21 20:16 - 00000000 ____D C:\Users\marku\AppData\Roaming\Opera Software
2017-06-03 19:54 - 2017-03-21 20:16 - 00000000 ____D C:\Users\marku\AppData\Local\Opera Software
2017-06-03 19:32 - 2016-07-16 08:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-06-03 19:28 - 2015-05-25 13:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-06-03 10:17 - 2016-07-17 00:51 - 00946576 _____ C:\WINDOWS\system32\perfh007.dat
2017-06-03 10:17 - 2016-07-17 00:51 - 00222348 _____ C:\WINDOWS\system32\perfc007.dat
2017-06-03 10:17 - 2016-01-29 23:09 - 02339112 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-06-03 10:14 - 2015-07-01 19:49 - 00000988 _____ C:\Users\Public\Desktop\TomTom MyDrive Connect.lnk
2017-06-03 10:14 - 2015-07-01 19:48 - 00000000 ____D C:\Program Files (x86)\MyDrive Connect
2017-06-03 08:36 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-06-03 08:36 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-05-24 07:12 - 2016-12-08 08:57 - 00000000 ____D C:\Users\marku\AppData\Local\Amazon Drive
2017-05-24 07:10 - 2017-04-17 21:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Internet Security

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-12-08 17:52 - 2016-12-08 17:52 - 0023755 _____ () C:\Users\marku\AppData\Local\recently-used.xbel
2016-03-12 17:33 - 2016-03-12 17:33 - 0000016 _____ () C:\ProgramData\mntemp

Einige Dateien in TEMP:
====================
2017-06-07 18:42 - 2017-06-16 14:28 - 32100680 _____ () C:\Users\marku\AppData\Local\Temp\vlc-2.2.6-win64.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-06-03 10:55

==================== Ende von FRST.txt ============================
--- --- ---

FRST Additions Logfile:
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 21-06-2017 01
durchgeführt von marku (23-06-2017 16:04:58)
Gestartet von C:\Users\marku\Downloads
Windows 10 Pro Version 1607 (X64) (2016-11-12 07:49:43)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-4020732326-1727681914-3926867655-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4020732326-1727681914-3926867655-503 - Limited - Disabled)
Gast (S-1-5-21-4020732326-1727681914-3926867655-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4020732326-1727681914-3926867655-1002 - Limited - Enabled)
marku (S-1-5-21-4020732326-1727681914-3926867655-1004 - Administrator - Enabled) => C:\Users\marku

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Security (Enabled - Up to date) {30744133-1E94-7B35-F4A3-82A5AEF1CBAA}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Security (Enabled - Up to date) {8B15A0D7-38AE-74BB-CE13-B9D7D5768117}
FW: Norton Security (Enabled) {084FC016-54FB-7A6D-DFFC-2B9050228CD1}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

64 Bit HP CIO Components Installer (Version: 18.2.4 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.172 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.131 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ATK Hotkey (HKLM-x32\...\{7C05592D-424B-46CB-B505-E0013E8E75C9}) (Version: 1.0.0056 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0001 - ASUS)
BF-480 VR07.01 (HKLM-x32\...\BF-480 VR07.01) (Version:  - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.7.0 - Canon Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.20.13 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 5.2.0 - Canon Inc.)
Canon MG7700 series Benutzerregistrierung (HKLM-x32\...\Canon MG7700 series Benutzerregistrierung) (Version:  - *Canon Inc.)
Canon MG7700 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG7700_series) (Version: 1.00 - Canon Inc.)
Canon MG7700 series On-screen Manual (HKLM-x32\...\Canon MG7700 series On-screen Manual) (Version: 7.8.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.5.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.5.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.7.0 - Canon Inc.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6389 - CDBurnerXP)
CyberLink PowerDirector 13 (HKLM-x32\...\{BA385AFC-00B1-417C-8C20-74B996EF3AF0}) (Version: 13.0.3420.0 - CyberLink Corp.)
Dot4 (HKLM\...\{3EEDA265-C6F3-4EC1-A317-1C9315DEDDDE}) (Version: 1.0.0.0 - HP)
DVD Flick v2 1.3.1.0 (HKLM-x32\...\DVD Flick v2_is1) (Version: 1.3.1.0 - Dennis Meuwissen)
eDocPrintPro (HKLM\...\{57863AC1-14BF-4A3F-9673-0719DE7825ED}) (Version: 3.19.1.1 - MAY Computer)
ELAN Touchpad 15.9.5.3_X64_WHQL (HKLM\...\Elantech) (Version: 15.9.5.3 - ELAN Microelectronic Corp.)
Express Rip (HKLM-x32\...\ExpressRip) (Version: 1.94 - NCH Software)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
gs_x64 (HKLM\...\{344BD061-2564-422E-860F-9E5DC49983AE}) (Version: 9.10 - MAY Computer)
Image Rescue 5 (2.0.4) (HKLM-x32\...\Image Rescue 5_is1) (Version: 2.0.4 - Lexar)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2125 - Intel Corporation)
iTunes (HKLM\...\{0D44E3A4-6C3D-45D7-B443-079509E5BE5D}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Logitech Unifying-Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4020732326-1727681914-3926867655-1004\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 53.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0.3 (x86 de)) (Version: 53.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.2 - Mozilla)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MX5 (HKLM-x32\...\Maxthon5) (Version: 5.0.2.2000 - Maxthon International Limited)
NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.17.0 - NEC Electronics Corporation)
NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.17.0 - NEC Electronics Corporation) Hidden
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
Norton Security (HKLM-x32\...\NS) (Version: 22.9.4.8 - Symantec Corporation)
NVIDIA 3D Vision Treiber 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 342.01 - NVIDIA Corporation)
NVIDIA Grafiktreiber 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
OLYMPUS Digital Camera Updater (HKLM-x32\...\{392427E9-9FA4-4CD2-99EB-FD53A12BDCDA}) (Version: 1.2.1 - Olympus Corporation)
OLYMPUS Viewer 3 (HKLM-x32\...\{938DB0D1-AF2D-4CB6-A777-353E078E3325}) (Version: 1.5.0 - OLYMPUS CORPORATION)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
paint.net (HKLM\...\{6AC1101E-7561-43C9-BEEA-4AB1D220D8FF}) (Version: 4.0.13 - dotPDN LLC)
Panda Devices Agent (x32 Version: 1.08.00 - Panda Security) Hidden
Panda Internet Security (Version: 8.34.00 - Panda Security) Hidden
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.8.0 - Prolific Technology INC)
proDAD Adorage 3.0 (64bit) (HKLM\...\proDAD-Adorage-3.0) (Version: 3.0.108.1 - proDAD GmbH)
RawTherapee Version 4.2 (HKLM\...\{128459AB-59A7-430A-8BD0-3D8803D50400}_is1) (Version: 4.2 - rawtherapee.com)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SonyEditor (remove only) (HKLM-x32\...\SonyEditor) (Version:  - )
SRS Premium Sound Control Panel (HKLM\...\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}) (Version: 1.8.2500 - SRS Labs, Inc.)
TomTom MyDrive Connect 4.1.5.3181 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.5.3181 - TomTom)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Vivaldi (HKU\S-1-5-21-4020732326-1727681914-3926867655-1004\...\Vivaldi) (Version: 1.9.818.50 - Vivaldi)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
WavePad Audio-Editor (HKLM-x32\...\WavePad) (Version: 6.12 - NCH Software)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows-Treiberpaket - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
WinHex (HKLM-x32\...\WinHex) (Version:  - )
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version:  - Yahoo Inc.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0E0F5297-8A68-4F71-BA30-B4DB1C8F35A0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {20160230-153A-4E62-93AB-62ADCBDAA14B} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.9.4.8\SymErr.exe [2017-05-11] (Symantec Corporation)
Task: {21D1CE28-3C44-4751-950E-6064801965D2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2B330403-75D8-4913-A315-710F726F3602} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2C87E81A-379A-4442-A858-8E1180ABC848} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {2CC27EF8-09F1-4056-9F64-E762DDC38A08} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2CDC1B58-C3DA-4A3D-8881-9DB1196A84F7} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {2FD8C91E-C77D-4553-A7CA-47BAB03D66F6} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {33C8B2C2-60AB-4097-AC4F-871D962B3256} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2017-05-27] (Symantec Corporation)
Task: {35A8D6AC-5A2B-42CF-82A8-7D66F5D519EE} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3DB1FD61-7176-46A9-96DF-77BB6C5152A7} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {420B9542-EFB5-48D0-8DBE-A6F8E4053B00} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {430B6B70-D313-456B-883C-0AFDF39D9202} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {482BB38F-7B83-4D9F-8F5C-4F0539AA7DE8} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {487CAF95-AD9E-4488-B253-180FA01F7ED0} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.9.4.8\WSCStub.exe [2017-05-27] (Symantec Corporation)
Task: {4E7555B6-9FBC-4F21-B8A1-86D1426EF86D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {57662CCC-77A4-4F2F-A211-8BF766A5EDE3} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.9.4.8\SymErr.exe [2017-05-11] (Symantec Corporation)
Task: {6252C61A-C727-4CF4-8A4C-294911CBEE4F} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {66632094-33C4-4FD7-8401-C16A49456C06} - System32\Tasks\Maxthon5 Update => C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe [2017-02-08] (Maxthon International ltd.)
Task: {6C8D5D88-D709-4664-BF9B-D4098195D875} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {770FB885-DC98-4C0D-B457-06CB8CC30330} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7C02C0C1-EFAB-4B53-A347-0E28EAC8B121} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {7DD9F811-C40E-465F-8513-AB5F925DB434} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {830B02FA-5744-4914-88EC-2D95D91FE1B9} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8374DE73-3398-46D4-8979-84746C0872F4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {84A9648B-8B95-4C0D-9CED-CA5F34097392} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {861295FF-5787-403D-ACA4-1C78988019CB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {8CD51AC6-C22A-4FF5-A721-C932CB932EB3} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {904BEDFD-338F-47D5-B315-ED334296FFF3} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {97EC2568-CF64-4338-ABED-AD807C3AACB2} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.9.4.8\SymErr.exe [2017-05-11] (Symantec Corporation)
Task: {9A6D0F5C-3028-461C-A766-DE168A1D837B} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {9DA5A626-432E-46BA-818C-20F12EE49136} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {A413B4F1-4629-4BEA-ABB5-8870C5BB1C7A} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {B2EF4EC7-306B-4E15-ADF3-8780DBDF14EE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B4357120-AC58-4291-8546-9C894A26630B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-06-23] (Microsoft Corporation)
Task: {B8760219-A31B-48FC-A0B5-FFB66D781AE3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-25] (Google Inc.)
Task: {BC29FE68-80A9-4902-8485-E112A73082EC} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {C19EA7B3-56B8-49D5-8B29-A996F5A9D03A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-25] (Google Inc.)
Task: {C26393A4-A563-4867-AC94-2C7EC9920BD6} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-23] (Adobe Systems Incorporated)
Task: {C4141C6B-1580-4659-8116-41449CF352FF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {D3207349-8C8C-45FB-A32C-6E2BFC7CCD21} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {D8C7AA4F-9EC8-4634-9536-DB6A0DFB9CB2} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {D902E73E-6A90-4661-B851-3864FD238A99} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {EC3EB630-A5EE-41CE-836A-01C1D9926D85} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {ECEFC1F0-22D6-49A7-AC58-501203D0F84D} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F9880F8E-E12A-4F36-97A4-C98BE32C3974} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-09-05 17:52 - 2016-02-04 12:53 - 00387144 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2016-09-01 18:12 - 2016-09-01 18:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-05-09 00:44 - 2017-05-09 00:44 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-05-12 08:46 - 2017-04-28 02:49 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-11-10 05:42 - 2016-11-14 13:15 - 00135224 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2016-11-10 05:23 - 2016-11-10 05:23 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-18 13:59 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2012-11-26 23:54 - 2012-11-26 23:54 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2017-06-23 13:17 - 2017-06-23 13:18 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-06-23 13:17 - 2017-06-23 13:18 - 00203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-06-23 13:17 - 2017-06-23 13:18 - 43454464 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-06-23 13:17 - 2017-06-23 13:18 - 02437120 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\skypert.dll
2017-03-18 14:00 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-18 14:00 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-18 14:00 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-05-12 08:46 - 2017-04-28 01:36 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-05-12 08:47 - 2017-04-28 01:37 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-4020732326-1727681914-3926867655-1004\Control Panel\Desktop\\Wallpaper -> c:\users\marku\pictures\wallpaperz\asus wallpapers - full hd wallpaper search.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run: => "ApplyEsf-eDocPrintPro"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKU\S-1-5-21-4020732326-1727681914-3926867655-1004\...\StartupApproved\Run: => "OneDrive"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{F949B773-E537-4B21-844B-4B6753C77BC8}] => (Allow) C:\Program Files\CyberLink\PowerDirector13\PDR10.EXE
FirewallRules: [{B7F967C1-4C2F-4686-AB5D-A5ACC65B9B34}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{34A4F4E5-4C0E-468C-A457-22C8EC9C1EB3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{27EDB1CF-F72F-4DEA-88C4-2F98F4361B3B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5D5B06FD-1A88-46FC-93A7-D4AC5D76D9A7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8A1EAA6D-3489-41E0-8754-DDF6FE4FAF51}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5C70E505-294C-4B57-9E28-6B06ACBA3991}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{02A7F8C1-C508-4174-8987-D34EF38B94E4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{DB007B85-F615-4C46-9DEC-7CFAA07B3CB3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{FAE3D42C-B1EE-4D81-AEE0-F1222C47DA16}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{C071AB16-96B5-4383-AE23-3A25318F1639}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{8A63850B-E05D-4D86-84B4-A25BA7D513B2}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{8F6DE979-1D64-4540-8ACB-E62F67E6BF11}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe
FirewallRules: [{EA6A018C-534A-435E-903A-0A15D1DF9EF0}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe
FirewallRules: [{84E896C0-96E6-43BA-8147-F4FE52802F90}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\MxUp.exe
FirewallRules: [{18B936C5-BF98-45E5-8FFD-47852E841DAD}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\MxUp.exe
FirewallRules: [{220F859C-1BA3-4687-9400-2852A966EFE0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8FA1C7B3-5BF4-462A-9A55-6DD4D8332366}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{893FC74E-FBC9-4033-AF44-7DC074A5656C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

Überprüfen Sie den "winmgmt" Dienst oder reparieren Sie den WMI.


==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (06/23/2017 04:07:20 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
.


Vorgang:
  VSS-Server wird instanziiert

Error: (06/23/2017 04:07:20 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} und dem Namen "IVssCoordinatorEx2" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
]


Vorgang:
  VSS-Server wird instanziiert

Error: (06/23/2017 02:01:38 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL W3SVC kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.

Error: (06/23/2017 02:01:37 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "aspnet_state" in der DLL "C:\Windows\System32\aspnet_counters.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (06/23/2017 02:01:37 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "ASP.NET_4.0.30319" in der DLL "C:\Windows\System32\aspnet_counters.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (06/23/2017 02:01:37 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "ASP.NET" in der DLL "C:\Windows\System32\aspnet_counters.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (06/23/2017 01:54:00 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\WINDOWS\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Fehler = 0x80042302).

Error: (06/23/2017 01:54:00 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
.


Vorgang:
  VSS-Server wird instanziiert

Error: (06/23/2017 01:54:00 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} und dem Namen "IVssCoordinatorEx2" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
]


Vorgang:
  VSS-Server wird instanziiert

Error: (06/23/2017 01:48:53 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\WINDOWS\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Fehler = 0x80042302).


Systemfehler:
=============
Error: (06/23/2017 11:20:56 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (06/16/2017 02:24:44 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (06/16/2017 02:23:03 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "E:" können nicht gelesen werden.

Error: (06/16/2017 09:50:06 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (06/15/2017 07:36:05 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (06/12/2017 10:55:42 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (06/08/2017 07:47:22 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (06/07/2017 06:19:59 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (06/07/2017 06:17:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NanoServiceMain" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.

Error: (06/07/2017 06:17:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "PSUAService" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.


CodeIntegrity:
===================================
  Date: 2017-05-23 20:49:41.172
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\SMCLpav\Pav2WSC.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-05-23 20:49:41.164
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\SMCLpav\Pav2WSC.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-05-23 20:49:41.157
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\SMCLpav\Pav2WSC.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-05-23 20:49:41.151
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\SMCLpav\Pav2WSC.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-05-23 20:49:41.147
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\SMCLpav\Pav2WSC.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-05-23 20:49:41.141
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\SMCLpav\Pav2WSC.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-05-23 20:49:41.133
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\SMCLpav\Pav2WSC.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-05-23 20:49:41.128
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\SMCLpav\Pav2WSC.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-05-23 20:49:41.035
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\SMCLpav\Pav2WSC.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-05-23 20:24:21.638
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\SMCLpav\Pav2WSC.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz
Prozentuale Nutzung des RAM: 70%
Installierter physikalischer RAM: 3885.53 MB
Verfügbarer physikalischer RAM: 1127.68 MB
Summe virtueller Speicher: 7853.53 MB
Verfügbarer virtueller Speicher: 4595.77 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:465.22 GB) (Free:82.18 GB) NTFS
Drive d: (Traction DVD 2016) (CDROM) (Total:7.7 GB) (Free:0 GB) UDF

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: DF826BD5)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

==================== Ende von Addition.txt ============================
--- --- ---

Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
main: v2017.06.23.06
rootkit: v2017.05.27.01

Windows 10 x64 NTFS
Internet Explorer 11.1198.14393.0
marku :: MARKUSSPIEGL-PC [administrator]

23.06.2017 16:13:24
mbar-log-2017-06-23 (16-13-24).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 351649
Time elapsed: 57 minute(s), 52 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKLM\SOFTWARE\WOW6432NODE\YingSoft (Trojan.Agent.Trace) -> Delete on reboot. [ddc54af8743539fdc3e560a06d964fb1]

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Twiggy77 23.06.2017 17:13
TDSSKiller Report (Teil 1)
 
17:29:40.0042 0x366c TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
17:29:45.0292 0x366c ============================================================
17:29:45.0292 0x366c Current date / time: 2017/06/23 17:29:45.0292
17:29:45.0292 0x366c SystemInfo:
17:29:45.0297 0x366c
17:29:45.0297 0x366c OS Version: 10.0.14393 ServicePack: 0.0
17:29:45.0297 0x366c Product type: Workstation
17:29:45.0297 0x366c ComputerName: MARKUSSPIEGL-PC
17:29:45.0297 0x366c UserName: marku
17:29:45.0297 0x366c Windows directory: C:\WINDOWS
17:29:45.0297 0x366c System windows directory: C:\WINDOWS
17:29:45.0297 0x366c Running under WOW64
17:29:45.0297 0x366c Processor architecture: Intel x64
17:29:45.0297 0x366c Number of processors: 4
17:29:45.0297 0x366c Page size: 0x1000
17:29:45.0298 0x366c Boot type: Normal boot
17:29:45.0298 0x366c CodeIntegrityOptions = 0x00000001
17:29:45.0298 0x366c ============================================================
17:29:47.0428 0x366c KLMD registered as C:\WINDOWS\system32\drivers\00928850.sys
17:29:47.0428 0x366c KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.1198, osProperties = 0x19
17:29:54.0875 0x366c System UUID: {78E49C4F-A211-ED72-D1C2-314878A055DB}
17:30:02.0245 0x366c Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:30:02.0269 0x366c ============================================================
17:30:02.0269 0x366c \Device\Harddisk0\DR0:
17:30:02.0270 0x366c MBR partitions:
17:30:02.0270 0x366c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:30:02.0270 0x366c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A272000
17:30:02.0270 0x366c ============================================================
17:30:02.0303 0x366c C: <-> \Device\Harddisk0\DR0\Partition2
17:30:02.0303 0x366c ============================================================
17:30:02.0303 0x366c Initialize success
17:30:02.0303 0x366c ============================================================
17:30:11.0615 0x37ac ============================================================
17:30:11.0615 0x37ac Scan started
17:30:11.0615 0x37ac Mode: Manual;
17:30:11.0615 0x37ac ============================================================
17:30:11.0615 0x37ac KSN ping started
17:30:18.0965 0x37ac KSN ping finished: true
17:30:21.0332 0x37ac ================ Scan system memory ========================
17:30:21.0332 0x37ac System memory - ok
17:30:21.0334 0x37ac ================ Scan services =============================
17:30:21.0674 0x37ac [ A7901875F89D011C38CF52C98ACF5B29, 782141AB1DD7ACDE6EA08B5BAFDE8BADD05B81D38C18E097D6D9C46102056EB1 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
17:30:21.0707 0x37ac 1394ohci - ok
17:30:21.0739 0x37ac [ EE1CCC54F75C24727A218F98FC5349DA, 0B0D26640BFA0F551B7087027E572D0BF2C5EAF50A4187C5A7D839180B7FF589 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
17:30:21.0761 0x37ac 3ware - ok
17:30:21.0867 0x37ac [ 73C73E1AA0D4D727A04AAAB120B7F56A, 5D311F11022994410DF5C67914D38B1F0D813EFD181EA234750286A272D67A1A ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
17:30:21.0958 0x37ac ACPI - ok
17:30:22.0020 0x37ac [ 0935496EF9624B46B935CB35ECE1F205, A22A2A29195505A65E8626D60B00C86C23E0CABC1EB8345EA5ED523516CC21C0 ] AcpiDev C:\WINDOWS\System32\drivers\AcpiDev.sys
17:30:22.0077 0x37ac AcpiDev - ok
17:30:22.0095 0x37ac [ D6794C31F4077B71433988787BAA926E, F16365C2F195AAE94D4740E6C3DF4C0CECEC6393CAD65425DCCD28CDBA6EC51A ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
17:30:22.0116 0x37ac acpiex - ok
17:30:22.0156 0x37ac [ FE5F656D6B35089DA39112E74EC6A85A, 5D81EE63998232A5B36DE47FE15B9D04D5BD02234CA133A2462AECA8C60A22ED ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
17:30:22.0172 0x37ac acpipagr - ok
17:30:22.0250 0x37ac [ 2F242941E4DFF69B883D77A16F039557, 45C388365317C720654A659A9326B2BC0E9D84929C704654985597D5D620101C ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
17:30:22.0260 0x37ac AcpiPmi - ok
17:30:22.0291 0x37ac [ C247E35A21682DA8D0DC3AF9F025FCC5, 455415EE3166B3043AD8A4DD50B688DB74242267FB555642441251EFA823E971 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
17:30:22.0295 0x37ac acpitime - ok
17:30:22.0393 0x37ac [ 8D6BA8E7676038A27FD4ECF12CC744B0, F5D59B764DCB4A06A51939533DC7B2391FD68E3979C48939C023A60DCE0D2101 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:30:22.0399 0x37ac AdobeARMservice - ok
17:30:22.0571 0x37ac [ 7DE8B8AC559E16AEB388E7D098E7C288, 37F24B6182E3DE39BDE568304E5ED97CDE9CB45B6BF5C7A4096A09138C1D0B89 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:30:22.0611 0x37ac AdobeFlashPlayerUpdateSvc - ok
17:30:22.0729 0x37ac [ 49B9DB97AFC85DCCBDACDAB2E90085B7, 2A6C2A09F74EA15044F442CCFB54A0F24F105ADB915E5C78F02F59652DC29152 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
17:30:22.0815 0x37ac ADP80XX - ok
17:30:22.0914 0x37ac [ 323AA1953ED9C01E23F740FA891FE064, 4CED6E3D61749316CDE28965C913E7ED462539DAAD637A29484F62AF47AD650D ] AFD C:\WINDOWS\system32\drivers\afd.sys
17:30:23.0010 0x37ac AFD - ok
17:30:23.0085 0x37ac [ 23522E5D581F7722B1B5B86737CAE39C, FB81ABD304376A1E87B65F5E1B34477B628CEDB2091C5D754DE97464B6050C5B ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
17:30:23.0118 0x37ac ahcache - ok
17:30:23.0177 0x37ac [ D0905D4A945D01D4B28DB9E1BD5985F7, CF389CBCD3B99D1BAE34A42F723F1005C32213A394F691978076D3DF1727715C ] AJRouter C:\WINDOWS\System32\AJRouter.dll
17:30:23.0200 0x37ac AJRouter - ok
17:30:23.0250 0x37ac [ 8FD51B3B35707A66080D7C8CB05E792D, FE52F3DC280D208FDDC75F6E3294B8D601E0D86F9BD3DB1ACC8FC296AC74C23B ] ALG C:\WINDOWS\System32\alg.exe
17:30:23.0272 0x37ac ALG - ok
17:30:23.0346 0x37ac [ C17BAFA60F941A1AF5C2B10D8632C409, 43B030E2571D5FC8F6B439C678C2A2261188945C65D6A83E8487E8084645C79A ] amdhub30 C:\WINDOWS\system32\drivers\amdhub30.sys
17:30:23.0360 0x37ac amdhub30 - ok
17:30:23.0440 0x37ac [ DF21E05E41E5AC3F13F304D91457649A, 7F48F2AD1DBE89A261113C76D7C23AD7D87D5599BCC31F8A558A8A10B81BF521 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
17:30:23.0456 0x37ac AmdK8 - ok
17:30:23.0525 0x37ac [ 45D0AA4BB90B821DF92E8F19ABED0C5E, EA87A6E98DB3C5A88A844C04C6934E870B7004E783AA5211722115382A211B90 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
17:30:23.0539 0x37ac AmdPPM - ok
17:30:23.0606 0x37ac [ 74FFBC43B4B899C9A8CA06A892F2CE73, 8D599363C7F3D373F1859BAA4D06DD0F40BE78B56BE52B74DE6EA6EF99452004 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
17:30:23.0617 0x37ac amdsata - ok
17:30:23.0701 0x37ac [ AAB0F1D8D7E54761ABAB13AF161F1680, CF847990EFFA2828F5B1DB1A68F08A6C2C918E9612EDFFCF95C36BCABBBEA272 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
17:30:23.0732 0x37ac amdsbs - ok
17:30:23.0760 0x37ac [ F91BAAC4237C40352A807000F3B716F9, F7EFA08E5067C3D419C9D21EDB880BA08883A80DDF35F8B42EC3AB293FE5E03E ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
17:30:23.0766 0x37ac amdxata - ok
17:30:23.0803 0x37ac [ 3DC51308F5E7A4BB8020D16E64E9D882, 08A0870D7343E3DB3CCDEDB6F53DE7A86440B0272E1D4F0E826D444EC3D8FBC0 ] amdxhc C:\WINDOWS\system32\drivers\amdxhc.sys
17:30:23.0828 0x37ac amdxhc - ok
17:30:23.0850 0x37ac [ BC121C099C6C659126AD2102AFDFF8CF, 42B5EE293BDD7ADCE48173A01B30D8452564B9DA225EAF25E9292FE77C0FCF3E ] AppID C:\WINDOWS\system32\drivers\appid.sys
17:30:23.0860 0x37ac AppID - ok
17:30:23.0918 0x37ac [ 0A7C202CDBFD295363A09DE1A2C05F45, AB516BB714CAD60994A42710E7747FB50A5890F71BD8880BF86096CC485DE393 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
17:30:23.0939 0x37ac AppIDSvc - ok
17:30:24.0003 0x37ac [ 79A87DD43331290A276C02DC396BF530, D0781DC027EE60C94831A2C9C3DD741F8F2100A253CD847E7FCFA59919014278 ] Appinfo C:\WINDOWS\System32\appinfo.dll
17:30:24.0015 0x37ac Appinfo - ok
17:30:24.0146 0x37ac [ 7DEFAE8665BCEDDC2C9983138D69D7A5, BDD39E55DDFD33114EC36CBE79298149E6A920A6B8F440A8C1F7A7003D1867C9 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:30:24.0154 0x37ac Apple Mobile Device Service - ok
17:30:24.0217 0x37ac [ 68190E2BADF23BD782344970E5B5DE9E, 95D30EC12C7FDF5822CED8BC2F17669A6687A2FB262B4F0D15C8DCFF4E9AB33D ] applockerfltr C:\WINDOWS\system32\drivers\applockerfltr.sys
17:30:24.0221 0x37ac applockerfltr - ok
17:30:24.0280 0x37ac [ 76A12AC673B0F8A607ACDD0583C247D4, CBC6C0EB82C7A8E3998344280BBB5A697AFA7206CA2BADFDA7ED6E7DD20E3DAC ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
17:30:24.0290 0x37ac AppMgmt - ok
17:30:24.0385 0x37ac [ E2B0B9A477C169C466609F866311CD45, 26846DC6BF6ECFD97A7C0714160B870A733E1255779029327C1415D48AF133E6 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
17:30:24.0458 0x37ac AppReadiness - ok
17:30:24.0565 0x37ac [ 99CA3E622070FDBD7B75EB7E86B2DE40, 12BDD092667250EBC99B4D597897C1B2C83115CD83ECCDEAC36B2D9C9BEA77B6 ] AppVClient C:\WINDOWS\system32\AppVClient.exe
17:30:24.0638 0x37ac AppVClient - ok
17:30:24.0723 0x37ac [ B66ED2CB37F7E4696A51612AFBA08834, 70BA67AF7F1290E3145B873B53516F138E50D8AAC80CD00CBA66467ABC6643CB ] AppvStrm C:\WINDOWS\system32\drivers\AppvStrm.sys
17:30:24.0757 0x37ac AppvStrm - ok
17:30:24.0820 0x37ac [ 8DC924848E20F890BEFC6B31136D46BE, B7603425B4970F505B5A3EB0F6652A9CDD188059BDC945D6DF2BADC2DF8F4B5D ] AppvVemgr C:\WINDOWS\system32\drivers\AppvVemgr.sys
17:30:24.0853 0x37ac AppvVemgr - ok
17:30:24.0915 0x37ac [ 9ADC5A8BEE10E174F95349E9232D8E76, F322991323DCDC51199BB3AB0DA20F6C3CC7EE6E804400B473C610FDB895F0AE ] AppvVfs C:\WINDOWS\system32\drivers\AppvVfs.sys
17:30:24.0947 0x37ac AppvVfs - ok
17:30:25.0119 0x37ac [ 95415C7C5C43882F7163CA07D956ADA2, 5A082F36A39BE9ABC47AE8A72972554BA577EB04D8018EC862615EA2130FA0E3 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
17:30:25.0231 0x37ac AppXSvc - ok
17:30:25.0303 0x37ac [ E6AB1F0B4C3D4E0D2A88332D76FECD03, 0D3003EB979DA4546DCDD055011E24F13E34F683F02C9801CAC564D1809F11D2 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
17:30:25.0316 0x37ac arcsas - ok
17:30:25.0354 0x37ac [ 18E5C2F937F9DEB8C282DF66A3761925, 30294C381F8C7DCB45EF9BCF572F410FF47630E12D5AA02259C6C80F07BEF495 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
17:30:25.0358 0x37ac ASLDRService - ok
17:30:25.0390 0x37ac [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
17:30:25.0400 0x37ac ASMMAP64 - ok
17:30:25.0444 0x37ac [ 61C5A480C43E7E8E49C42869F49D0D3E, E610F0E4315ABA1D90AD4A1D7A68ABA2ACBB7FCA89E9D1798470365D52592D55 ] AsyncMac C:\WINDOWS\System32\drivers\asyncmac.sys
17:30:25.0455 0x37ac AsyncMac - ok
17:30:25.0512 0x37ac [ A10F989A812B57B9695F6C305907C9C6, E2B292610079AA1A10696138DE8130905A8A834B75A8DED7EBF8B6732B77A0F4 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
17:30:25.0522 0x37ac atapi - ok
17:30:25.0764 0x37ac [ D03E551165C72F2A4BBDDC566EAA819E, 8047E2D20724B464B481F06C3AC1FA5734E97F7EC0D86EFEECD76480C84B3959 ] athr C:\WINDOWS\System32\drivers\athwnx.sys
17:30:26.0453 0x37ac athr - ok
17:30:26.0483 0x37ac [ 63F1212FFE13E62CA1E8D8EE19ABD9A7, A552CAF830CD1D01C077EDDEC95832F5826631D2DFA8747E0E393E32ACED2A57 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
17:30:26.0487 0x37ac ATKGFNEXSrv - ok
17:30:26.0562 0x37ac [ 44D50F4B55BEE38C97A6CBECEBC59384, 43C35E5547E5180B25726F90E0B94149DE1099FD507A6357A6A284A2749433F3 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
17:30:26.0609 0x37ac AudioEndpointBuilder - ok
17:30:26.0661 0x37ac [ 36A9B38EA06A8C14CC82E0C8004A6635, 959E6B359D89E112976AF488F2756F770B491AE53ED07E9D31B4A3D8A7F33C80 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
17:30:26.0719 0x37ac Audiosrv - ok
17:30:26.0775 0x37ac [ 6D90FDA2DC364B8EA1420F2F81585CC3, 10E6F23A213CFE49BE04BB7D366ADD4028D61D7114FEC67C30B5467DF6B36D4F ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
17:30:26.0787 0x37ac AxInstSV - ok
17:30:26.0896 0x37ac [ 61BAC67048CA5C1D08C48FCC8012B613, 71B2A466FC38DA1029B471FBD2541D8FE359751A7B212AE0F420DB3645916450 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
17:30:26.0925 0x37ac b06bdrv - ok
17:30:26.0986 0x37ac [ 94D6B95485BFA35D81524B0EBA0F7569, 14A32CD501B1D816526A75A9EB3782E6C4FF78831628F257050AD2BA73733F57 ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
17:30:26.0993 0x37ac BasicDisplay - ok
17:30:27.0006 0x37ac [ 2E78B31C90766FD086D2B766528E9AEA, D0D9ED8AD90E3D400DA4231AB313B4B2869930DADC3034D6FCDEA000E424F843 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
17:30:27.0011 0x37ac BasicRender - ok
17:30:27.0079 0x37ac [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn C:\WINDOWS\System32\drivers\bcmfn.sys
17:30:27.0082 0x37ac bcmfn - ok
17:30:27.0101 0x37ac [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
17:30:27.0107 0x37ac bcmfn2 - ok
17:30:27.0174 0x37ac [ 2B4D3AEAAD02954F8C191BC2D67949AD, 8237C9AD556CFAF7442FF60F78608104BC17CE3134C89D986D49C38CC60B1518 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
17:30:27.0201 0x37ac BDESVC - ok
17:30:27.0238 0x37ac [ 0A508274355745EEF01C6BE3198D02C4, E2DB08AEE2368FA95FDB357BB31EA4EBF31679C3E72E109DB3D7CD1B5F7B828E ] Beep C:\WINDOWS\system32\drivers\Beep.sys
17:30:27.0241 0x37ac Beep - ok
17:30:27.0350 0x37ac [ 5125CBB61AC81168366BEB290399CB8E, B2A3095D45E2114DE2BD0E5A3AE20B3CE95EE517A35B9E1EAD05E231F38DBDCF ] BFE C:\WINDOWS\System32\bfe.dll
17:30:27.0393 0x37ac BFE - ok
17:30:27.0645 0x37ac [ 332CC3640808BB31D28C710D878F7668, D1F7FC0C08B78F9D52FDE90D2B12832AC182FEE0980079EFCDF424BE007C9E68 ] BHDrvx64 C:\Program Files\Norton Security\NortonData\22.9.3.13\Definitions\BASHDefs\20170620.005\BHDrvx64.sys
17:30:27.0726 0x37ac BHDrvx64 - ok
17:30:27.0840 0x37ac [ D876C567AB767258036F05E4766189FD, DE8BA67325CB64495BD454B8F9DDCAE82636253844FC68B360C7E1CF5D51DD0E ] BITS C:\WINDOWS\System32\qmgr.dll
17:30:27.0894 0x37ac BITS - ok
17:30:27.0968 0x37ac [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:30:27.0990 0x37ac Bonjour Service - ok
17:30:28.0038 0x37ac [ 9CD2A4821DE379305CACB2E99AD8953A, 89D700DFC3C59ACBBADB48954A28C0EBF8D6A11A9E63837689DD891868E43188 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
17:30:28.0053 0x37ac bowser - ok
17:30:28.0141 0x37ac [ 82A93A0772A29EB6E41438D9AE5ECDBD, 2C0EBA86DA33B763B6EBCF3D0A936FB92E0F36FD3D18D0812A33FC5FF1906C3C ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
17:30:28.0204 0x37ac BrokerInfrastructure - ok
17:30:28.0264 0x37ac [ B3F32C630DD3F2F6A6091B89CFF13641, 7A9C53EF9AB9FF1DC392FD711B194A101DB36CA5BC799E817BEB446741089B76 ] Browser C:\WINDOWS\System32\browser.dll
17:30:28.0308 0x37ac Browser - ok
17:30:28.0364 0x37ac [ 722036C26D2C4E50EC2A2EC5FD678846, 999468038AE01F0FF6881F4B2A2CB67BC636641188E95F10729E08ADBC3CB3DE ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
17:30:28.0410 0x37ac BthAvrcpTg - ok
17:30:28.0431 0x37ac [ C2E31BE025D46D189E38DD1EDF07837A, 656528DCAAAF485EC57EE5C3021E96736634DE3B9C39CBCD2728E055ABD4C0A5 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
17:30:28.0440 0x37ac BthHFEnum - ok
17:30:28.0464 0x37ac [ F7CD605FC0B0B22F3F6F247595E3A655, 1CD9140DE5415DDBEACD8667E63E5C95FD64D693B56302A0474E693E578BEAB0 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
17:30:28.0468 0x37ac bthhfhid - ok
17:30:28.0544 0x37ac [ B157D72BDA6A6DD6E9DC6BF338CD0CF8, B2AC26AE214151E5AD93DED78256BC0295DBF0133C854E7DEE4CD776D9C9A349 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
17:30:28.0570 0x37ac BthHFSrv - ok
17:30:28.0588 0x37ac [ 535DC41A33630AE4C262406F9E981C03, 599332589AA28D04189E19B87A4AE6FEEB60B40A7BC6E3B11240DA363A981C29 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
17:30:28.0594 0x37ac BTHMODEM - ok
17:30:28.0667 0x37ac [ 577FFA2B0B8572587FEB825F42453E81, D1BA449B7A535D0F6BC2EDE75D2CBA585E3A00FE552E244F342FB4ACA029A9A5 ] bthserv C:\WINDOWS\system32\bthserv.dll
17:30:28.0693 0x37ac bthserv - ok
17:30:28.0760 0x37ac [ 23F9EF739F685E07482116425E7879AA, 0EBDF96A49A319C0BCF6F51FB6C8C392C017E1738B950C19C91FF43E14D73143 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
17:30:28.0765 0x37ac buttonconverter - ok
17:30:28.0834 0x37ac [ 60EB6A4CE3E21887D302350631C16F26, 4270EFA22285C1A9336CF1220761E416950D2DA9C6A40D1D8452686CD5040DAB ] CapImg C:\WINDOWS\System32\drivers\capimg.sys
17:30:28.0845 0x37ac CapImg - ok
17:30:28.0921 0x37ac [ AF24D2C05C37790E0039D53634C440F1, 8B33D14C340074DEE193FE19B61088070CF9EB21CCE6BBB13DE11172F96DDBBE ] ccSet_NS C:\WINDOWS\system32\drivers\NSx64\1609040.008\ccSetx64.sys
17:30:28.0944 0x37ac ccSet_NS - ok
17:30:29.0004 0x37ac [ F8FB51B9EF6372610E9B31A1D86B62FC, 7461584A8B39AC549AD7BAFFA509D4CD81EEE542808BC8EFC285863A0AE6432D ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
17:30:29.0013 0x37ac cdfs - ok
17:30:29.0106 0x37ac [ 2E6612376D257F74781F2EF1F869D8C3, 908B0DECB9F098F7F11B029A03C06C67FB52E5E8BEA42033A2B579D3B3686AB8 ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll
17:30:29.0151 0x37ac CDPSvc - ok
17:30:29.0186 0x37ac [ A93C9B9EBE2FDE5A536000D72CC17F7F, 9793CFAE8BE8C6B5B39A1D276577965FBB2CE131325A410B7C68BD23492ADAAF ] CDPUserSvc C:\WINDOWS\System32\CDPUserSvc.dll
17:30:29.0209 0x37ac CDPUserSvc - ok
17:30:29.0309 0x37ac [ 613D0137C269187FA298A157E3D14A18, 84BC268525F14BB27202CE242BF94D9E83BC91B50A0335908574F31B29A2F04D ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
17:30:29.0332 0x37ac cdrom - ok
17:30:29.0403 0x37ac [ E189727B3C9909A85B33A16B290E192E, 2C273A9F44EDC5E5435904E9681973854B2F3EBB6100021BB139FF0CCCE9BF20 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
17:30:29.0436 0x37ac CertPropSvc - ok
17:30:29.0513 0x37ac [ 0AED948DA8D5F08B3D6F12E4E2089736, 95E538E81DDBC83492C5F3820C82C78F050B4D74ACF12D7970EC84F93581AE29 ] cht4iscsi C:\WINDOWS\system32\drivers\cht4sx64.sys
17:30:29.0569 0x37ac cht4iscsi - ok
17:30:29.0680 0x37ac [ 0002A0FDE087C1657AB31CE73077539C, 4DD6210B67E9633AB3240371590869DC833A4C986C74FC12A5D4FFFFD361848A ] cht4vbd C:\WINDOWS\System32\drivers\cht4vx64.sys
17:30:29.0819 0x37ac cht4vbd - ok
17:30:29.0951 0x37ac [ F9C045A0001F94F964AB860C91ACDCA7, FC936CFB3D7A9ED99D7DDDC8A6B1761B90FA7EA6843612A2A6FC758C4F3DEDA5 ] CIJSRegister C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe
17:30:29.0961 0x37ac CIJSRegister - ok
17:30:30.0030 0x37ac [ 6B4F90A287D75CCD78694F6790C911B2, 73D7C31E9F475FA3FD568FCA9A953F968729AA114F63C06F38BF5198DAD67BD8 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
17:30:30.0053 0x37ac circlass - ok
17:30:30.0132 0x37ac [ B72D26074E72A757D788FB1BEF8B2F2E, 36847C5315AFB9A5EC66AD3EF2A09C24C0FAF669FDF0831F78600F4609352CB4 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
17:30:30.0168 0x37ac CLFS - ok
17:30:30.0249 0x37ac [ E133CFCBFABB3CB517BE9F42FEA5887C, DA699CDD5F3CC427354540C907BD24CCA7BAC3112C53918EB611CB4EEC7611DA ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll
17:30:30.0291 0x37ac ClipSVC - ok
17:30:30.0306 0x37ac [ EEC3A4A98AE1A337E3CD1483AD6F2E15, 764DA329984A95E092F5C15116DA34FA7FC27216C0862365D4BF10ADC97EC5C5 ] clreg C:\WINDOWS\System32\drivers\registry.sys
17:30:30.0328 0x37ac clreg - ok
17:30:30.0393 0x37ac [ 429623E266EF067A44E8CF148E9DFB9B, A48AA85ACC52C7AD73DB2D6148B3F9FB5EAC33C8F8C5BB6D7D0A9D84B7C08E11 ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
17:30:30.0420 0x37ac CmBatt - ok
17:30:30.0524 0x37ac [ D7D1A078B0CBC042ACE81E7B0B082994, 4DE92876176C2F82A59B74CA1FAAE7A5CE84C90A505A52A737C631D7120E31A4 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
17:30:30.0592 0x37ac CNG - ok
17:30:30.0606 0x37ac [ 3DB10C59405931E2C72EFB82C1AF97D1, 100B5450A70988DB1C1F8A5FDBB3553AF1A0D47B42A5AC71460DB92E26010CE6 ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
17:30:30.0611 0x37ac cnghwassist - ok
17:30:30.0739 0x37ac [ 34C935AF2A414572B412B3556586D783, 912981B88B0796576ECCD5EBE0C4728EC02D5D6A96B039447DCBA59B2583F25E ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys
17:30:30.0743 0x37ac CompositeBus - ok
17:30:30.0755 0x37ac COMSysApp - ok
17:30:30.0812 0x37ac [ 44EEEB2382F566999287E13F2067693C, 53A4A0C85EAD38030FF2078C67465E3710ECD03A08FF34E1E67B2E3E1CC70043 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
17:30:30.0836 0x37ac condrv - ok
17:30:30.0932 0x37ac [ BE8478598F5D6FF600CC13DBA188F81C, 5D78E1F6F5F4AB77518F9B7DA904E6B97EA7B01D45B043939B048DF019FE49A6 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
17:30:30.0975 0x37ac CoreMessagingRegistrar - ok
17:30:31.0048 0x37ac [ 5F06CAC4B09250CDDDD0180A08162924, A2EB0A57225E65FC264CFC9FAD858D8B54A015CDAE3DC904B1C4E9AAB40B1F06 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
17:30:31.0080 0x37ac CryptSvc - ok
17:30:31.0170 0x37ac [ EC2EA2F6C6D23315C20B4829F00D0440, BF1F47C3485E9112FB64F582DFA4679455203574F82A5ADB222BDA1FED1601E6 ] CSC C:\WINDOWS\system32\drivers\csc.sys
17:30:31.0222 0x37ac CSC - ok
17:30:31.0326 0x37ac [ BE35D1BAC3F18C9EB1C1CFBA31ED95E3, 4255475D173868A0E5583E844A1884E819E229838C4DEACAC47F1A4DEF388C9D ] CscService C:\WINDOWS\System32\cscsvc.dll
17:30:31.0366 0x37ac CscService - ok
17:30:31.0417 0x37ac [ 3BBD0073265DA6D3EFBA54B26E5D8236, 3C10C8BEC0D8AC41A3FBD589F41A83D6345C1FDD04B8B99063B2F5670CF10B18 ] dam C:\WINDOWS\system32\drivers\dam.sys
17:30:31.0428 0x37ac dam - ok
17:30:31.0512 0x37ac [ 4A7015195E49A3BA7DB967B277B21E9D, 2EE10950BC0E2B13303491725FB3F0D3AF63518B7D1593BCC4BF503F4A11F408 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
17:30:31.0557 0x37ac DcomLaunch - ok
17:30:31.0629 0x37ac [ AE9F09F87755C18904656CB4F59F351D, B352A43B3B68B497D87B49C302AF3F37F36D56D49878AE3785C3D43597E5DC57 ] DcpSvc C:\WINDOWS\system32\dcpsvc.dll
17:30:31.0667 0x37ac DcpSvc - ok
17:30:31.0755 0x37ac [ ABBD3EE724117242E28D31F19FBCFF03, 68EA91A969DD80A5DE28B0A8EAEB308837183713559C2C2FAEF991858C971393 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
17:30:31.0791 0x37ac defragsvc - ok
17:30:31.0877 0x37ac [ DD74F18227ACC837D9856E24282D446D, 6A760E44CD897952538CDFA8895FE11263D51AAA79CFF24C01F3862E919DA478 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
17:30:31.0944 0x37ac DeviceAssociationService - ok
17:30:32.0003 0x37ac [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
17:30:32.0041 0x37ac DeviceInstall - ok
17:30:32.0101 0x37ac [ CDF1B1B5C5951111791C236B2696C7F8, BF6C4BA545C8827B40DB69890DB4D2B2F9C583C5E3CFBDFD370B05891141458D ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll
17:30:32.0125 0x37ac DevQueryBroker - ok
17:30:32.0186 0x37ac [ 4BC21E937E9F9F408672D2C2CBE4A153, 2F27560D09D184ABB7B4415146F5B8DE56C84FF74A4042596635EF896E39CBC4 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
17:30:32.0199 0x37ac Dfsc - ok
17:30:32.0305 0x37ac [ F0D4400BA0F08610D9A551B15BF10B76, 83EB8FB272FC2DD2CC0659C2FB90AD0DAE88A88AB3951E03BCD933A25B601E10 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
17:30:32.0341 0x37ac Dhcp - ok
17:30:32.0504 0x37ac [ CA7FEDDFCF61EF15A09C54DA2C07C49F, 346EF7709BA9E6BD48592B86FA46F9D956C847EF91F4980EEAD98269D0F0EF67 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
17:30:32.0547 0x37ac diagnosticshub.standardcollector.service - ok
17:30:32.0698 0x37ac [ 22391290BB9D3ED68950672E42B6F3F0, C4DC2DD3CF1564181377A67AB7E08DEFB377D4AE51956A4F27CE46C038D04AFE ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
17:30:32.0821 0x37ac DiagTrack - ok
17:30:32.0885 0x37ac [ 35B9D46560339A5A7F0CAC6ED702C817, F70480B01533B7029F90E2DE297E9E829660300DDE7A7D009B0AC2684E7691A7 ] disk C:\WINDOWS\system32\drivers\disk.sys
17:30:32.0917 0x37ac disk - ok
17:30:33.0053 0x37ac [ 527CE76D1B0587A3F9156809B3E2275E, 6FAB680F73774F3FAA65258D53DC8ADCDAEE2ABDDF825ED79F9526DC3B9B7312 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
17:30:33.0086 0x37ac DmEnrollmentSvc - ok
17:30:33.0124 0x37ac [ 815F45161A4571C2C44491564F3D5968, 32E7AE8414A178CE429C0CDFCF718E3C11C705FB3155EA5CA0EAD48AAE507B01 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
17:30:33.0128 0x37ac dmvsc - ok
17:30:33.0172 0x37ac [ 6E5EE6E420FECD64DE463C5F01CBFE71, F173C56895E80AA03D70CD78B3AB659C2EEAACFF43BE3B6EF3939D6F4AD4F62D ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
17:30:33.0206 0x37ac dmwappushservice - ok
17:30:33.0288 0x37ac [ 86E507EE1457D7FA463BBF05BA76EB1E, 2D2D05CED57C22F41684DC6DD00ACECDF708407493286B2D4007068154E436FF ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
17:30:33.0327 0x37ac Dnscache - ok
17:30:33.0355 0x37ac [ 8F46B4C3F9BA19C26A26D0A11137B20B, BA0A66DBA98D77FD85A7CD2D4593F2B2A1A3B4D32BBECBCFFBEB5A54DCB0D8ED ] dot3svc C:\WINDOWS\System32\dot3svc.dll
17:30:33.0384 0x37ac dot3svc - ok
17:30:33.0407 0x37ac [ CA09EAEE92C6FDDC6B05057F11A0372D, 14DB5C186B69644AA93C445BF31CC9670204F95A47B77B6EACB19B4A316378AD ] DPS C:\WINDOWS\system32\dps.dll
17:30:33.0416 0x37ac DPS - ok
17:30:33.0464 0x37ac [ AE6BD4C879A8C849E53947C92DF3B3A0, 8C29774CB2D30D901C54AAC0C8ACE709351EE40E5C8FB9951B2A18B4A03F28B7 ] drmkaud C:\WINDOWS\system32\DRIVERS\drmkaud.sys
17:30:33.0468 0x37ac drmkaud - ok
17:30:33.0530 0x37ac [ 7433474BE77F065D2FA628671FE31A3E, 063ADDC68F48036749E6EC7B2F66284DB29F90F62E9468D16B4EF5A0FDC45E35 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
17:30:33.0553 0x37ac DsmSvc - ok
17:30:33.0582 0x37ac [ 5FCA45C24501DA7390065D3706A9FC3F, 093FD840F1502ECC6F05B9723CA523B3F15CF39A5D2B9106E1267739B3F2C52C ] DsSvc C:\WINDOWS\System32\DsSvc.dll
17:30:33.0594 0x37ac DsSvc - ok
17:30:33.0750 0x37ac [ 4CECF7C7BFBF95647FEC49475555BFB2, B914ADC19CA4A4EEE83AE560A5CCE2E21A3D9568E5961BEFAD7B455930FB0AB9 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
17:30:33.0883 0x37ac DXGKrnl - ok
17:30:33.0941 0x37ac [ 9FCE4EF7D5E274F862D9A2526B5F4779, 81D42D5475C2801C8E0C233A0BA827569D8A70590017C91C665C8B232D9BFAA9 ] EapHost C:\WINDOWS\System32\eapsvc.dll
17:30:33.0967 0x37ac EapHost - ok
17:30:34.0183 0x37ac [ 7EC6FC0266D74BD47ABB130A328B70EC, 3856790AF967AB03B1A89F97328DC4D5A6854ACDA6169681A9AFB03D7CF791F9 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
17:30:34.0355 0x37ac ebdrv - ok
17:30:34.0412 0x37ac [ F141EE982C1A06839E9C4D81C09445B8, E6800529CC221FE98D098F1E5D3CC7EAA76EEF6D7008D51539BC2C0176166465 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
17:30:34.0446 0x37ac eeCtrl - ok
17:30:34.0508 0x37ac [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] EFS C:\WINDOWS\System32\lsass.exe
17:30:34.0517 0x37ac EFS - ok
17:30:34.0582 0x37ac [ 8D74B8B5D6F7C5BC4C525BAF2B083FF1, DA5656F745B3911F96871887FDFDC40F4D9C820622A0AA27EFE4BA93662833CA ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
17:30:34.0605 0x37ac EhStorClass - ok
17:30:34.0662 0x37ac [ 2A9817B5A9260D8F60D52E36BEF10443, AC1A0203221AFAF584C71317FA07AA1B6E61BE619E918B3B1E4AD57CCED1CF03 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
17:30:34.0686 0x37ac EhStorTcgDrv - ok
17:30:34.0750 0x37ac [ 80A7999DE02CE678B865832E1CE78CD6, 2576EBB6E4D630A906DE724F125099E52A962B5B68B9F9BCA849A7B29D8C8689 ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll
17:30:34.0777 0x37ac embeddedmode - ok
17:30:34.0848 0x37ac [ 3CE2B6AECB9AF8BC159299EEC46A35CA, E933B28BB6E4D01FCCDF8FBBB134C244B28DA3ECBDFA13333F0D4C24B2551780 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
17:30:34.0887 0x37ac EntAppSvc - ok
17:30:34.0918 0x37ac [ 2FDBBCCF9B4516C4F1B2171810EF4939, 27C0A23BAD2BF5B4D203D4E02A1D44B92BB4BA73C10B8055A6E78AF576AC0570 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
17:30:34.0929 0x37ac EraserUtilRebootDrv - ok
17:30:34.0983 0x37ac [ 77B60DEC7DCB4233E4A69D3F52E5DB24, 3A5C905E37A93899051497C90E5BA8E1D003B56C6906CADFD2F1CDF52052D248 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
17:30:34.0987 0x37ac ErrDev - ok
17:30:35.0089 0x37ac [ C4F53D5CC1327739D01C3AAF5B6455F0, 48EE9F18A7A9DF20D30C58C61742BFD0D1B8BCC8C4B4CB5D1D9C989E24B7C347 ] ETD C:\WINDOWS\system32\DRIVERS\ETD.sys
17:30:35.0130 0x37ac ETD - ok
17:30:35.0206 0x37ac [ 9680C1C8008AFF85116C5E45CB0BABD5, CDA04D24B5F9534F41E2A26D15E0311ABF4240032DE4CA156B72B76CC42E69B3 ] ETDService C:\Program Files\Elantech\ETDService.exe
17:30:35.0212 0x37ac ETDService - ok
17:30:35.0302 0x37ac [ F89083AB8B9F51C0031C1CBD0A9A7E35, 9EE973A25134960E62D1A6A1E34AD9B3F7690E71C1AD31A23FA2081A73438754 ] EventSystem C:\WINDOWS\system32\es.dll
17:30:35.0350 0x37ac EventSystem - ok
17:30:35.0388 0x37ac [ 0BF32186C3EC11315C33CC29EA8DD86C, 82B43762A5BC9C0AB7B5D1F96DC47B34700924B598070A7CCB30C92EB5EE1599 ] ew_usbccgpfilter C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys
17:30:35.0392 0x37ac ew_usbccgpfilter - ok
17:30:35.0462 0x37ac [ FCD2C63754C2E739A8EEAD9BC63F9DDC, C57A72ABA4C0BD71F914B9C8FF965DCFF585A205498F19A4584A4BAF7674839D ] exfat C:\WINDOWS\system32\drivers\exfat.sys
17:30:35.0491 0x37ac exfat - ok
17:30:35.0573 0x37ac [ FA918EC296EB410FF02867D008D02421, 23D164A24CB0D212778FA9592A046B6BA1F3628003E04181744A1F891B5B3E5A ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
17:30:35.0603 0x37ac fastfat - ok
17:30:35.0699 0x37ac [ 77CE56471AF984800F318F3734D768C7, 72D540072374A56C2C497F0532A50705D3F0637F2C0C96B1D715F2EDFCA3AA2D ] Fax C:\WINDOWS\system32\fxssvc.exe
17:30:35.0737 0x37ac Fax - ok
17:30:35.0791 0x37ac [ 99598ECA5E41996E005D5B9D9FF1EFA2, 91345CD50EF02431B69093505C1C5F5DC6A1AA6BF192EE9392ED4D5626B60462 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
17:30:35.0836 0x37ac fdc - ok
17:30:35.0895 0x37ac [ EF0DD43A4CBAB367BCA1AFBDC9971E4F, 73E161C45D63FDDE71EE2438137913724DC513860539D1E7F6BD861F5D1B33F3 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
17:30:35.0917 0x37ac fdPHost - ok
17:30:35.0942 0x37ac [ 34DAC585994CD3B4E910DE11C584EF3D, A6C6A4CB5413EA61F1A54E2D3AD71A311CEA2C26218544D2D2D4A5CFEC52DE8C ] FDResPub C:\WINDOWS\system32\fdrespub.dll
17:30:35.0965 0x37ac FDResPub - ok
17:30:36.0007 0x37ac [ B68DA1FE3CA2311AFD38DD6905CA7F71, 4B395DFB1B47D2507CA4D9DC996A70D0A3BDB1A245CD6DA6C42B2A299AFCCF37 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
17:30:36.0030 0x37ac fhsvc - ok
17:30:36.0097 0x37ac [ F44F666B0EACC3181544FFCF8CA0FFC7, 83F771CF9DAE1C504B30731EEC55355EA1253174252DA2192ADF1D228B3735C3 ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys
17:30:36.0106 0x37ac FileCrypt - ok
17:30:36.0170 0x37ac [ 78A210DDFDF2C9EC884631D2DAA573F0, 5D39C6EF4AC690A9749EEDBE2478FFF15A22877A2861EDA103C7BF1607B0C1BD ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
17:30:36.0178 0x37ac FileInfo - ok
17:30:36.0197 0x37ac [ 1A97DB5E701A186989F3795223C3BE39, F7982220D4DF7E104955E63CACE352394E2577DEF49506EA126127F820EB62DF ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
17:30:36.0203 0x37ac Filetrace - ok
17:30:36.0257 0x37ac [ 46626665F0E5906E45619B4EFD6186B8, 37FDD3B8AD49FD29E54DA5567EA77F28A53498AE56348F7A2628E5E5549D638B ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
17:30:36.0262 0x37ac flpydisk - ok
17:30:36.0322 0x37ac [ FDA72ACA14D516D18C33AFCD0FD9260F, 6509612DEC82EA74614B5C9A7B432305A1A468C97B88BED9E141DF2929B621B1 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
17:30:36.0337 0x37ac FltMgr - ok
17:30:36.0471 0x37ac [ 81C8AA35C92D3A5E82477DF00DEDCBFD, F825641B3DD12C35657DC6F05C3A3CF2821D3525CF51E376E678B5FD45AD664E ] FontCache C:\WINDOWS\system32\FntCache.dll
17:30:36.0582 0x37ac FontCache - ok
17:30:36.0741 0x37ac [ 59241194DBDF30A2B4029E402F377900, 47A92E9CD8494C403B377799D395670A393766647E24CD83B15338CE2AA50266 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:30:36.0763 0x37ac FontCache3.0.0.0 - ok
17:30:36.0868 0x37ac [ CD7CD19E72EA2F597D01FC68ECD2F28E, 4E8BAA4AEF28B043780E2FEFFEB5E4DF4E2FB3211CE617D2DBAFB6C7B7DBBDFD ] FrameServer C:\WINDOWS\system32\FrameServer.dll
17:30:36.0937 0x37ac FrameServer - ok
17:30:36.0983 0x37ac [ B07A40B5A7A58B8C75663A572A46084C, 01F34EAFD4A86FF6AFC015BE2D155A53ED8186BD6DA1A05CCEC8425417A8E320 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
17:30:37.0028 0x37ac FsDepends - ok
17:30:37.0086 0x37ac [ 6D6BB5C7363CD35FA715E826F3D029EE, C214F791EB39E8B25CE57ED9D6C1D56EE1AF6021BCB380980BD42A6338A6C9F7 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:30:37.0114 0x37ac Fs_Rec - ok
17:30:37.0196 0x37ac [ 8EEC4925C03E375C4EC496E45C44139A, 06C5C7BCC28D3E435675F0759A09CAB726E971DF4BFC1DC3DCF503EABCDCCCC6 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
17:30:37.0231 0x37ac fvevol - ok
17:30:37.0297 0x37ac [ EF78034773CE506323655A868C949144, DF195BEEE6704FBCC6D2D9E1BF6723E52ED502A1459F495B7D18481E6A79B5BC ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
17:30:37.0311 0x37ac gencounter - ok
17:30:37.0366 0x37ac [ B55FEBC6A00DAA1FE074F020B6907516, 67071FBAC2ABA47AB71358A5F08E92E034A55343878F00137E90B3B1F7362976 ] genericusbfn C:\WINDOWS\System32\drivers\genericusbfn.sys
17:30:37.0377 0x37ac genericusbfn - ok
17:30:37.0458 0x37ac [ DDD8A8CDDC7F13EF57D1DAAE71865936, 9D472A8689F72F24D40D5B94849690F53C67849FDF6162A94EF4FB330A3DA566 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
17:30:37.0492 0x37ac GPIOClx0101 - ok
17:30:37.0596 0x37ac [ 8997353398C8466ECD183942D5FCC65B, C73FD5FFD71003F7FDDC17F59812BD6860992FA35EC0ECC8DE37D935606B485B ] gpsvc C:\WINDOWS\System32\gpsvc.dll
17:30:37.0661 0x37ac gpsvc - ok
17:30:37.0695 0x37ac [ 7ACD8F69B5D6EC97E6D2C006E19BED88, FC69214C9308EA64B88EF4C3C95800586DDBB44C8540846B79A161BAD8203B6E ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys
17:30:37.0698 0x37ac GpuEnergyDrv - ok
17:30:37.0741 0x37ac [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:30:37.0745 0x37ac gupdate - ok
17:30:37.0753 0x37ac [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:30:37.0757 0x37ac gupdatem - ok
17:30:37.0815 0x37ac [ 10E3515FE5DBA6656FA62C29342EC4A1, 2051F10F74ED712B1766EB61E87FADE25AB3D0970BABFD320600D1B0D6377F26 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
17:30:37.0826 0x37ac HDAudBus - ok
17:30:37.0921 0x37ac [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
17:30:37.0965 0x37ac HECIx64 - ok
17:30:37.0991 0x37ac [ B90D284B97CD4CA9DE7430AAAD887A56, 2F14F985C39B7801ED64590979CF2114924E9547F5B11D2B37A74DBFFDD9E7C5 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
17:30:38.0036 0x37ac HidBatt - ok
17:30:38.0101 0x37ac [ B2FE11643CC6ACDEE6C247DD36018FDB, 5796613C7DBF8B2A9E860E006FF1A245B6BE7D10E3F6685AD142B48E5C237B8C ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
17:30:38.0148 0x37ac HidBth - ok
17:30:38.0217 0x37ac [ D24355488A2D4D2323518EC1AC7A6D9E, ED2176A2093726087EDDA25B86E9CDD4BA35F4E748E3A6DE0B15C4C97646B5C7 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
17:30:38.0226 0x37ac hidi2c - ok
17:30:38.0267 0x37ac [ 0AF9ABBA4F3F55C6C803890D64BC3C29, D3DE6FA308F8E7CD4F16387F46AE4B2F7EC9BBA07BF87652B660A0D645710571 ] hidinterrupt C:\WINDOWS\System32\drivers\hidinterrupt.sys
17:30:38.0272 0x37ac hidinterrupt - ok
17:30:38.0308 0x37ac [ CDBCF8E9AB06D88A1E1191D32F320C5D, F76963AB7CF2BAB3A220013879AECD3976BFD851CFB66B5A69A9EA2541048861 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
17:30:38.0317 0x37ac HidIr - ok
17:30:38.0373 0x37ac [ C900FE0DD6A1E2220084B8F1C427790C, 802194EBEDA1A50EDA300078B0888AAC1F17A42E67147B7B3B9C50AD8D4E5C89 ] hidserv C:\WINDOWS\system32\hidserv.dll
17:30:38.0383 0x37ac hidserv - ok
17:30:38.0447 0x37ac [ D8536CB438CC4CCDAE047B768EED22B2, 4F666BFA3554F9ACA6B9D436BFA64474D5F30FB3E78F4E66068CCDF283D9867F ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
17:30:38.0454 0x37ac HidUsb - ok
17:30:38.0520 0x37ac [ 0AC1BD5A28FAA371EF34859FE703E515, 1DD1C33AF8D6EBE7C36FCD051F066E4039D2B47ABAECF7C68BC3933D567930B2 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
17:30:38.0542 0x37ac HomeGroupListener - ok
17:30:38.0598 0x37ac [ 86161A89F16851728802590EC7C92608, 3A3B05BB4E115410D27063B30C0EF3F18295F542050F329F1E466C81A9E23A46 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
17:30:38.0629 0x37ac HomeGroupProvider - ok
17:30:38.0689 0x37ac [ F5CA18197B4646E04DB9EB2D6642CC4D, 5BA3342DDF1BCB67E4156169FE9A33E7BC2641C729E9F1A80C0E80953C6AB114 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
17:30:38.0694 0x37ac HpSAMD - ok
17:30:38.0804 0x37ac [ A10C7C1E69FC90620C7BF2E51302A01F, D725AEAE38255CED73F4922A10F226215528706580B06D01C228488F93AC0397 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
17:30:38.0883 0x37ac HTTP - ok
17:30:38.0958 0x37ac [ 0C84C250F80EAEC2C9768464CC1A9626, 212E1003B78F9B98FEB084FD1FDB59B26A9DE4C9120F24D4361FBBF0F3C035E7 ] HvHost C:\WINDOWS\System32\hvhostsvc.dll
17:30:38.0971 0x37ac HvHost - ok
17:30:39.0043 0x37ac [ 74FC79C52395B10FFD0B55CF22CF88FC, 94D977DA2092EE8C2A598AC48758A84BB22CB6378BD114C2D3B4172A07A9CACC ] hvservice C:\WINDOWS\system32\drivers\hvservice.sys
17:30:39.0066 0x37ac hvservice - ok
17:30:39.0126 0x37ac [ 771EDDA9830A3079F996F34D681FB6E5, F452AD656872A1C8B2D6DCE232CE01EBD456C46F4934A7601E78470F2A2CBF38 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
17:30:39.0172 0x37ac hwpolicy - ok
17:30:39.0243 0x37ac [ 3B9F315E7FA72CC25228EB097DD9C694, B26F1E494428EF197A0C97645C05BB3CA093827A005D35C987F1D6778BC4E52C ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
17:30:39.0255 0x37ac hyperkbd - ok
17:30:39.0339 0x37ac [ B54B30992620C97230013A74461C8517, CAF09BDCDD6DE2A39CB8AE2C65E6F8FE12D8E93D84BBEF6C6A98F872BF54A4E3 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
17:30:39.0352 0x37ac i8042prt - ok
17:30:39.0367 0x37ac [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio C:\WINDOWS\System32\drivers\iagpio.sys
17:30:39.0371 0x37ac iagpio - ok
17:30:39.0397 0x37ac [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c C:\WINDOWS\System32\drivers\iai2c.sys
17:30:39.0404 0x37ac iai2c - ok
17:30:39.0427 0x37ac [ 5A0E850F8CD17791A3E6A3CF81D0CA28, 10A965A49D53360DD250E0758B6BB142872298A21C732EB026ACB93492C5C6CF ] iaLPSS2i_GPIO2 C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
17:30:39.0433 0x37ac iaLPSS2i_GPIO2 - ok
17:30:39.0497 0x37ac [ 7508F1096803385D6376BFD0BD473AC4, 1F32EC23CDC94DCB9710E6663B5C3BD83568545DDC2C741CFC13550A4E4DD2BE ] iaLPSS2i_I2C C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
17:30:39.0509 0x37ac iaLPSS2i_I2C - ok
17:30:39.0563 0x37ac [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
17:30:39.0567 0x37ac iaLPSSi_GPIO - ok
17:30:39.0595 0x37ac [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
17:30:39.0603 0x37ac iaLPSSi_I2C - ok
17:30:39.0654 0x37ac [ D1753C06EE17E29352B065EACF3F10D0, 4DD4C991FAA3CCF99DF8DC9F8F5DEEDEECD55977F0C3AA8C404DEFD21E32A62B ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys
17:30:39.0671 0x37ac iaStor - ok
17:30:39.0742 0x37ac [ 97E553D03219D3D51705C7235D9EAEBD, 5D4578C8804AF32D1DC0868E34D6538138DC15F9568CA7E21051B1C82C0D8D55 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
17:30:39.0776 0x37ac iaStorAV - ok
17:30:39.0814 0x37ac [ 8350FE3BCDE3428BC040877BB7E9EAEB, 77F9456351CA640C6B7862907C0580627E761EC807B551976A95657EB4D6CC20 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
17:30:39.0843 0x37ac iaStorV - ok
17:30:39.0881 0x37ac [ 3BA03F7C7700DDF4C383DDE9252F5817, 3E90F69D0010E7764349D9AE865D577E431FEBC67DA554B400BC808DD286E203 ] ibbus C:\WINDOWS\System32\drivers\ibbus.sys
17:30:39.0915 0x37ac ibbus - ok
17:30:39.0966 0x37ac [ 937AC47F7356554DA05D9722C356EB55, 9EABC9F19B4E1193B669D2674967F5C6F03FAD348EDF0615E3F78554FF9A83CC ] icssvc C:\WINDOWS\System32\tetheringservice.dll
17:30:39.0992 0x37ac icssvc - ok
17:30:40.0205 0x37ac [ B006AF5E9428D0C225367BCA17FCFE2C, E9A01B0664C5EE139882D648962A610AC659D00B2D225F0D8F26BF327C23FDC9 ] IDSVia64 C:\Program Files\Norton Security\NortonData\22.9.3.13\Definitions\IPSDefs\20170622.003\IDSvia64.sys
17:30:40.0322 0x37ac IDSVia64 - ok
17:30:40.0913 0x37ac [ E6D200304A8D739597678807820ABB43, 05194D2625F48C5065318C28B242A03A1C3BDC441087DAFF777203506CE4CF6E ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
17:30:41.0463 0x37ac igfx - ok
17:30:41.0709 0x37ac [ A7BA43047998E1F08C4B224BBA55B813, F70D2A687AF85D7260A9109B53E2EE68C8DC2BF09DECB17F8A25030D91A7BEC5 ] IJPLMSVC C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
17:30:41.0721 0x37ac IJPLMSVC - ok
17:30:41.0807 0x37ac [ F2934208C0E50C0B971A7981AB90BED2, B936BFBBD71E731CC2CDB8B47D262F2EF09726FF921C2DA0841910CA2401423D ] IKEEXT C:\WINDOWS\System32\ikeext.dll
17:30:41.0875 0x37ac IKEEXT - ok
17:30:41.0935 0x37ac [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd C:\WINDOWS\System32\drivers\Impcd.sys
17:30:41.0972 0x37ac Impcd - ok
17:30:41.0993 0x37ac [ 2A01C96DF5802D3434634E55C91232D8, A3ABEF36E2FD2CF5C371ADBF92566A09669A1D990ABE4677370F57F2EEAF8121 ] IndirectKmd C:\WINDOWS\System32\drivers\IndirectKmd.sys
17:30:42.0014 0x37ac IndirectKmd - ok
17:30:42.0207 0x37ac [ 622868E4BAE8FBCD22CB1A5901A2C824, C1A2264C0984DD16C83B663C9CE43E049E1356E32C5771C3ACE225F285699138 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
17:30:42.0390 0x37ac IntcAzAudAddService - ok
17:30:42.0457 0x37ac [ 58CF58DEE26C909BD6F977B61D246295, 0CE27B81C091961A22B75478449D654F9C1A68E43DF80C699DB8DD3D1B288461 ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
17:30:42.0496 0x37ac IntcDAud - ok
17:30:42.0582 0x37ac [ 9F7E87F6595D065A8A200A291043045E, 6944F72F73EADC6C9B7691F2C1C6DF1898F22C88EFA78EC0BA8CB5FFD9CE057B ] intelide C:\WINDOWS\system32\drivers\intelide.sys
17:30:42.0606 0x37ac intelide - ok
17:30:42.0624 0x37ac [ A6BD2E20AE1BC5CB2776C87C28E4F4CA, BD8BE67CED9A4982D785CE9ECBEFE868C3A2E37DF7F9592B9F9049B807A1554B ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
17:30:42.0637 0x37ac intelpep - ok
17:30:42.0661 0x37ac [ 2A48DA39542636DB0FA3BA915385D1B3, 6CA0916F5F4B1E81AE6A6233276320599BFA7C129267177703E3BB6468FB4683 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
17:30:42.0670 0x37ac intelppm - ok
17:30:42.0726 0x37ac [ DB32758F3A7F6CCE81A5430080A2EA65, 36A26BAA884E96804F8EA0B12BB3E81BBE6D4EE704809904091445F36CAB5A29 ] iorate C:\WINDOWS\system32\drivers\iorate.sys
17:30:42.0731 0x37ac iorate - ok
17:30:42.0791 0x37ac [ FE85D0A86CA7A5A99CF8CD04DE7F80AE, 544C01FC01EE728EB5667158207E5F4418FE77A88BA318192A834722DB766F4E ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:30:42.0801 0x37ac IpFilterDriver - ok
17:30:42.0904 0x37ac [ 68C50E8E4265698BE6835156F4DD5008, 5B9CBBCE99315E5569E6733F13E91A687A36F536A68A2B670CC24C4BCC4EAFF4 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
17:30:42.0955 0x37ac iphlpsvc - ok
17:30:43.0007 0x37ac [ 10D01A3657AC8E8004C83D613163DE1E, F9389F1BF87A2D28899F50D270DA6F48B0912CFAF06CEE566697B041DBE92F9C ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
17:30:43.0037 0x37ac IPMIDRV - ok
17:30:43.0074 0x37ac [ F1DAECC3B3D6399875D4F10529D6A77C, 6533D2F858816BE6570C998510919FCA2904EC6EF806F61C1FD325E88133111B ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
17:30:43.0117 0x37ac IPNAT - ok
17:30:43.0193 0x37ac [ BD713ED20CFD71C32C4BE1928423AE9A, E0EE95FEA3930EA335D9B1FF74EEFAA61ECEC89AEBB1D0E43A1E1088F9990273 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
17:30:43.0211 0x37ac iPod Service - ok
17:30:43.0236 0x37ac [ 7475A2903BB704B446AA6309E34D3362, C94643A1626A9716015EBA7041A1224098501EB7DAA704CBFCAD3DC6F3CFC6AF ] irda C:\WINDOWS\system32\drivers\irda.sys
17:30:43.0261 0x37ac irda - ok
17:30:43.0323 0x37ac [ 9725E7F0C64CE9916A5CDABE8D6E13C3, 04AF9E48FEF208A2850DF28352E8FDCBF4018982C72C0F67EE12C048C4070116 ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
17:30:43.0328 0x37ac IRENUM - ok
17:30:43.0393 0x37ac [ 8C604213A2E73088BFFE6CD2E6F1AE53, B4C4FEE4D398A29F72EC27D5668071D7E68CD943FFFC38624DD5DF5BEBDF46D3 ] irmon C:\WINDOWS\System32\irmon.dll
17:30:43.0402 0x37ac irmon - ok
17:30:43.0461 0x37ac [ 58040898883A96160D41739C80328BBF, 7F85C91C905811416E266A263DDEFCDCB0B45376AAE51B551AB636C16577DB9F ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
17:30:43.0466 0x37ac isapnp - ok
17:30:43.0547 0x37ac [ CA20F4621AB8CD3F69199DE21B5B41C4, 0AFFC66DD10D4D15139337E5ED343A2ABBB26CC8A83B3BDF6AD10C68B3931A7C ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
17:30:43.0576 0x37ac iScsiPrt - ok
17:30:43.0595 0x37ac [ 210808437570BDDEE71A43535E3A2D30, EF5DE6EE4FF58F44CDE4D4E7F298ABBC9086EC05CC3AE4903060DA878115AC1E ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
17:30:43.0601 0x37ac kbdclass - ok
17:30:43.0622 0x37ac [ 0B779E9FC426CA2268D28181FA6C222F, 83292023A688C3044D096F22242EB954B7F7511BE8341D45FF0AFBD9CB9BCB4E ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
17:30:43.0627 0x37ac kbdhid - ok
17:30:43.0635 0x37ac [ 813BA3EB2CE038F2A5382DDD75CAD60B, 99FA444027CAC247B54317730D54AB0C4C000AE076B97E47470FDA9834594312 ] kdnic C:\WINDOWS\System32\drivers\kdnic.sys
17:30:43.0639 0x37ac kdnic - ok
17:30:43.0663 0x37ac [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] KeyIso C:\WINDOWS\system32\lsass.exe
17:30:43.0671 0x37ac KeyIso - ok
17:30:43.0696 0x37ac [ 705C0F8BCCEF6E7CB704CCB454192D7E, FC608C708E2C3BF7A66E57B95E19E71E5F5C87EF359D8BC1A817500B45DF9338 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
17:30:43.0705 0x37ac KSecDD - ok
17:30:43.0764 0x37ac [ 55AD13E2BAFC5AB53A10F8C271F5D242, 058BEF14DCB95574BCAB985F04737BA89483937E8D8A74F7B4CEAFB7400C2397 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
17:30:43.0775 0x37ac KSecPkg - ok
17:30:43.0782 0x37ac [ 4ED115CD1A1099705F56B5E0FFF97CC6, 9CC49DF2CD6AAAE405BA661D13EFC1E05111D1DE3D1E50C39C425AF1F075610B ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
17:30:43.0786 0x37ac ksthunk - ok
17:30:43.0850 0x37ac [ 8125BDF7ADC261F75EF0CAD92456E350, 184797AA1D58C4FF743BA60D48590B88B781EE7779205E45E0679DEC79F3E185 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
17:30:43.0879 0x37ac KtmRm - ok
17:30:43.0891 0x37ac [ 4E444F41E69BBE2E0BAE34D5DFCB5732, ACAEFB839CF7A3113D026B9A715994C3DFF8797D73B991253959EF606C4FBC00 ] L1C C:\WINDOWS\System32\drivers\L1C63x64.sys
17:30:43.0898 0x37ac L1C - ok
17:30:43.0964 0x37ac [ 8CCAB08815B50AD78B823DB3F96C8604, 265E6D582EB7207B5CC577D61CB7BC3646F613047F168CD69BB776C37780EBF5 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
17:30:43.0988 0x37ac LanmanServer - ok
17:30:44.0053 0x37ac [ 33DBBCF71F68EA97D9FD34E4C9AB5AC6, 104F04A1560E75EB224A3825707CE51E8798ABD764F5CC3B854FFFC93A39AF60 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
17:30:44.0076 0x37ac LanmanWorkstation - ok
17:30:44.0138 0x37ac [ F8EBAA1FE6D3BF84752931DE1BFA0E2A, 2F3C512712BA709BBBBD779D9E792DBE324876C402CDCEF0345B8B7ABE1D232A ] lfsvc C:\WINDOWS\System32\lfsvc.dll
17:30:44.0145 0x37ac lfsvc - ok
17:30:44.0198 0x37ac [ 5A23E4BE0CCF49663C4CF7EB74C20278, 9DF91014B13B7CED1C3D409F90858FD03EFC5C4347C98901B4DF0AFF2B77845D ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll
17:30:44.0204 0x37ac LicenseManager - ok
17:30:44.0217 0x37ac [ 5933A6673F00D8255C52957E40C2D601, 0AA1281F8B3F97E360592D1B35EE7D3D614F1AB46007F9884CFFB1C5E647575E ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys
17:30:44.0223 0x37ac lltdio - ok
17:30:44.0248 0x37ac [ 88A3C935725FA6EA1A228DCC26CF9C6F, 9B1F70644EEFA1EE7CE151A8A970430087339B7A6345F2E0252370929D4AFAC6 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
17:30:44.0272 0x37ac lltdsvc - ok
17:30:44.0333 0x37ac [ 3F858E28AEE6545FA1B64134DFD5C2CE, FFD7B4FB0A7B61BC6B76A172134673842F2CF00E96FA3ED4A8273DC525B6BB92 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
17:30:44.0342 0x37ac lmhosts - ok
17:30:44.0436 0x37ac [ 8E1B0946948CCC0BC1FA3CB70374A795, 0B894C129A35E223FF9594725AC90916CBD597FAD2211A18FC2AE03EA8679597 ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
17:30:44.0447 0x37ac LSI_SAS - ok
17:30:44.0504 0x37ac [ 4F68163FC04C973500DC4DA0946917B0, DF060C29109EB3978CEDFE781999B0C4C1E8C0FDB133428058D8400C53315EEC ] LSI_SAS2i C:\WINDOWS\system32\drivers\lsi_sas2i.sys
17:30:44.0512 0x37ac LSI_SAS2i - ok
17:30:44.0569 0x37ac [ E5AC5F2815938651CDCC27F425474673, 3AF0598982153C36A766506FA088F7B84333CC96FEBB050402547AFC613AF9F7 ] LSI_SAS3i C:\WINDOWS\system32\drivers\lsi_sas3i.sys
17:30:44.0578 0x37ac LSI_SAS3i - ok
17:30:44.0602 0x37ac [ CCF6EC9FB9B8F18E05B4253E81013E48, EBE8D77FEE8B99BD8C29702404774D554673C96DF3FDF3DCEA9C99E22C2709FC ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
17:30:44.0609 0x37ac LSI_SSS - ok
17:30:44.0701 0x37ac [ D5EFC0BAEC21EDE6FE03D377D403B421, 41BE71AF7C896FD4C51EF7E3871AAB769164DFB8050DA43E48C7A100711414B4 ] LSM C:\WINDOWS\System32\lsm.dll
17:30:44.0745 0x37ac LSM - ok
17:30:44.0828 0x37ac [ C9579D32219E5B936AC3A48D470117EC, E61A77191B6BA25D29B1221FEBBE826BBC11F825C0E35A72B4CEFFF8B7FE59A8 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
17:30:44.0839 0x37ac luafv - ok
17:30:44.0893 0x37ac [ 9F699136FA1A8A170C2C05D7790A5FC0, 4363C527BD2FC9FD8937E9866CA200809AC87B64EA57084491BAB6DEB8ED9E87 ] MapsBroker C:\WINDOWS\System32\moshost.dll
17:30:44.0902 0x37ac MapsBroker - ok
17:30:44.0960 0x37ac [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
17:30:44.0983 0x37ac MBAMSwissArmy - ok
17:30:45.0044 0x37ac [ C3CDCCF07486BD2616A7B82946E07AC0, 1EF95DAB2DA856BC7D7573B2EB2D9006DF337F827F0B56A161D0C97F45DB755E ] megasas C:\WINDOWS\system32\drivers\megasas.sys
17:30:45.0049 0x37ac megasas - ok
17:30:45.0103 0x37ac [ 2CF0CB2A0ED68C5455371E84C16F9627, 1C9166B52140145F1968E83E52BFF041250811B23C770FE181A18A4BA060CA81 ] megasas2i C:\WINDOWS\system32\drivers\MegaSas2i.sys
17:30:45.0108 0x37ac megasas2i - ok
17:30:45.0151 0x37ac [ FADB2FE017E69EECE0E1BA78661C2E8C, BE99B49031D8B4B670B6F6B6E829E54406779CF6F1D8AFE8AB79A73E6764AB2F ] megasr C:\WINDOWS\system32\drivers\megasr.sys
17:30:45.0190 0x37ac megasr - ok
17:30:45.0250 0x37ac [ 55A417C3E41F2A98666CF929EC19108E, A38C262B2863C87E4151525BF26D6AC16E7982D370E2C6998EB15C88C4BC8254 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
17:30:45.0256 0x37ac MessagingService - ok
17:30:45.0329 0x37ac Microsoft SharePoint Workspace Audit Service - ok
17:30:45.0425 0x37ac [ FD60818B66B2E8A5415EA840E99A9D8F, 5D2F22909354534B821D958FBEF6A40EB4F642F53C7B509D00949096EF716F36 ] mlx4_bus C:\WINDOWS\System32\drivers\mlx4_bus.sys
17:30:45.0470 0x37ac mlx4_bus - ok
17:30:45.0523 0x37ac [ 68F6977F1CFBAAC770D940A8C0326FA1, 90EE1E7DAC680EAA5AD50E9B0B9FD8FCE8DD6A02D5EF941B5AA5084CBD40BB80 ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys
17:30:45.0557 0x37ac MMCSS - ok
17:30:45.0615 0x37ac [ 0D50B3F3AB32D416786B58D4553859CE, 9DA4D7A30982E8B31C45BDB721AEF5240EAD9DA6839CF34FDDBCF123BF104F2C ] Modem C:\WINDOWS\system32\drivers\modem.sys
17:30:45.0626 0x37ac Modem - ok
17:30:45.0634 0x37ac [ 9CCCB7FC3EDADEBA461D78615A6011A6, C120B58F25E8CCFD971EB78645C0682F367AD56DC15F2D8C1980CE75B04719DF ] monitor C:\WINDOWS\System32\drivers\monitor.sys
17:30:45.0638 0x37ac monitor - ok
17:30:45.0700 0x37ac [ 27A07B2FB2E3057DA8DAEA4F25D843C7, 09D2B39E6B9AAEC879E5871DD6BCFF2AEF0B894F3B44649665A685F8B3CA6F27 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
17:30:45.0735 0x37ac mouclass - ok
17:30:45.0747 0x37ac [ 7BD6E7F7C9001AB21B8362CFFEE80B25, C470C3363EEF3A60409A5934988BFB9B72AE7C2BB63CC2C2D006D7EB1C797F6A ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
17:30:45.0754 0x37ac mouhid - ok
17:30:45.0774 0x37ac [ F5BDAEE4B7D369D4C74668DCFBA3FF10, 100F39288E56AFE0D39D1CC235BDC9F3727C873CD3114E092DA7A08810BD3EB2 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
17:30:45.0780 0x37ac mountmgr - ok
17:30:45.0833 0x37ac [ 65C0F9AE99ECCCA7C5C3CEFA7ED80904, AABEBEAED256318B5B8C1BC36A2E365CB942ED591C78E78EC6C55EF94A522342 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:30:45.0848 0x37ac MozillaMaintenance - ok
17:30:45.0868 0x37ac [ 30844BD376F9D01E62C820BEF446F1F8, 910D672EDB544A20AEB4450B4D89830F46EDD28CE0021156176315C5D068A1B4 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
17:30:45.0875 0x37ac mpsdrv - ok
17:30:45.0973 0x37ac [ A231E1861F7AA9CCC24B97176BBA838D, CDAB9A25CC55B71E8A83E50504B12E948D7A88F035918E4F94E3624E4AA0A28D ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
17:30:46.0055 0x37ac MpsSvc - ok
17:30:46.0122 0x37ac [ 25D32BE04FE0A23FDF57FD5382757672, 64E39E3E21D9173FB1116B989D80C244C49DA827698A05AF5CC5CD1C6AE155DE ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
17:30:46.0135 0x37ac MRxDAV - ok
17:30:46.0233 0x37ac [ D559FF28B1AD9B1E15A4186E785E61F6, 4B22A740E86CA10B1B43E36CBE9A50B53D1E5504C25694C8FF3A514DF699E99C ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:30:46.0281 0x37ac mrxsmb - ok
17:30:46.0342 0x37ac [ D4D12BC29DE0F09280868FDCA65B3474, A6FE89ABD52087FEE52FDF31DDF4CB627ED400E94FDA86BEBF1D4763F1E42518 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
17:30:46.0373 0x37ac mrxsmb10 - ok
17:30:46.0413 0x37ac [ 0698B15E21EA1B8742F2E7BB3142B754, 0DB79841E863F08452F895DA47CEEF6CA4D527A616EB616FDFF5F7431487E5F7 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
17:30:46.0451 0x37ac mrxsmb20 - ok
17:30:46.0507 0x37ac [ BEF575A5A8EC38F3BA6DB68D3CFFBD9A, 86D0BDD22430092CE1E11A7A2948725746DD848F5DF6F94808D8F0919BDF787C ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys
17:30:46.0585 0x37ac MsBridge - ok
17:30:46.0638 0x37ac [ 308F08347923DEEDE7BC03EC7D485841, 72DB45CA11FE635DF9F8273C38CBEFB8DF5362ADA0CBF6D2B1E570365DC700C0 ] MSDTC C:\WINDOWS\System32\msdtc.exe
17:30:46.0667 0x37ac MSDTC - ok
17:30:46.0737 0x37ac [ F01B849D9D4A8CEAF32D4FDBD0B83C92, D2473AC4C6E6C03DEF13EA73EC78FB878BDC95C047651BF79A16C9DEA82AD046 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
17:30:46.0741 0x37ac Msfs - ok
17:30:46.0803 0x37ac [ 22ECD8F5D1DFADF2011BBB1700CB871D, 8F9EFF51137394EFA5471B8A29C541710063B65806B075B4925A84D5B6BC3BBB ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
17:30:46.0811 0x37ac msgpiowin32 - ok
17:30:46.0860 0x37ac [ FD870F6968A145E4D2BA8A8842686B03, 34B8F601F3B5E42B4D0A41E2AF7DB4EB4E5B627DA8DA9A2A2D46B153AF23AEB1 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
17:30:46.0864 0x37ac mshidkmdf - ok
17:30:46.0889 0x37ac [ 30364757963A028CE5DF0FBAAC270173, C72588A6A52FF8E418A15D2C407A4DB7EA768585423720145F8253D5CA519DC2 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
17:30:46.0894 0x37ac mshidumdf - ok
17:30:46.0914 0x37ac [ 6BB0FEDDAE7135FA37FFAFF4D9E0E876, B41A3C0FFDFC493D6325ED493445AFCED04EC9DFF2B38125616FC5419AD1ACC4 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
17:30:46.0920 0x37ac msisadrv - ok
17:30:46.0998 0x37ac [ 07E3E54734B14F43A4A95A849C0A0DE2, 314AA02EA84D267B32DBAEBEA6C1AC1A266DED1E8D35A17B41D1D2AC75E8049E ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
17:30:47.0029 0x37ac MSiSCSI - ok
17:30:47.0037 0x37ac msiserver - ok
17:30:47.0087 0x37ac [ 4586CDA25B7866DD9505CEECF9DB3C74, B94CE1A7C1B6FFEF7AA33AEC30C27E01E44E6E56A4274705684BFBB738F95BCF ] MSKSSRV C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
17:30:47.0092 0x37ac MSKSSRV - ok
17:30:47.0111 0x37ac [ 642CDE46351D5D2D90311E77072AB46D, B2D3033E607BA2F6E6B9CFB1CBF154CD0CE910EA473C56343EC81B9B94044CCA ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys
17:30:47.0116 0x37ac MsLldp - ok
17:30:47.0171 0x37ac [ F2302A5CE63CA7673200FAFCEEEDB6AF, B8C44FC2DC0332183DE325CDBF511101F3307225295EDD428CE575A8DE15C223 ] MSPCLOCK C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
17:30:47.0177 0x37ac MSPCLOCK - ok
17:30:47.0219 0x37ac [ 6114512EA26E835BA522C63635429DB5, 0F91CE41B4555316A79AEF3047C152D538CC9C7C329987C9FD0E3D961AFC87C8 ] MSPQM C:\WINDOWS\system32\DRIVERS\MSPQM.sys
17:30:47.0224 0x37ac MSPQM - ok
17:30:47.0271 0x37ac [ AA538E16E644D00E3BA5349BBA9598EC, 64A68B06883FE7ED34E04AB119BA819753F1222923EDD4E802C35D402B89D075 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
17:30:47.0302 0x37ac MsRPC - ok
17:30:47.0354 0x37ac [ 7ACFE7435317E791FF9EED2F49B402F2, EAF2CE12403A9D975112A22EDBC313EE63B926C070B35E62D515403DD34BD88D ] MsSecFlt C:\WINDOWS\system32\drivers\mssecflt.sys
17:30:47.0363 0x37ac MsSecFlt - ok
17:30:47.0386 0x37ac [ 0543BEFD41EC4D25C7F7CF36409CEC7D, 631622CFEC49952C0470531B23FFFFF483DC0EFFEF7A97B1179A600392C05DDD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
17:30:47.0390 0x37ac mssmbios - ok
17:30:47.0425 0x37ac [ C1569E4DB8EFE3617847BF041A3C842F, 99ADE5E7F50E04CAEC737F7F90741CCA8EE628996BA5EB6C6BC62184884429B6 ] MSTEE C:\WINDOWS\system32\DRIVERS\MSTEE.sys
17:30:47.0429 0x37ac MSTEE - ok
17:30:47.0449 0x37ac [ 130B16970154BA9876B09E5C4BAC63BE, BE3AF8FC5A26AB9C9DBA9C015C2E1FD3C4CD9CB423A2BBDABA91428BF8620553 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
17:30:47.0453 0x37ac MTConfig - ok
17:30:47.0514 0x37ac [ 032D35C996F21D19A205A7C8F0B76F3C, 1A1C5BD7204BB937A05E201BCC0840B2C8E4B273D8E1D6D9407264FB4C57F014 ] MTsensor C:\WINDOWS\System32\drivers\ATK64AMD.sys
17:30:47.0518 0x37ac MTsensor - ok
17:30:47.0530 0x37ac [ 15D987C8F6CCD4AC94E070C5986762CB, 452FB0C48B86C7F8F53794CC2DDBF2B900B03A0383B2DE8F6A830F8CB0AFBAD8 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
17:30:47.0537 0x37ac Mup - ok
17:30:47.0557 0x37ac [ 3D2C5B4995CA0751D32DEA0DE9FDFE44, A26958785FD9E05E2CA97078C9BB277CD44222BF5F7D9E8DC2F3F6AAAFFC6483 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
17:30:47.0562 0x37ac mvumis - ok
17:30:47.0623 0x37ac [ F88186832F2E3C7B3549EFB0677F6DE6, CA77F3C846507158093BBDA634227C52AF04BC90D9408CBA74591B56D78EB6A6 ] MxService C:\Program Files (x86)\Maxthon5\Bin\MxService.exe
17:30:47.0636 0x37ac MxService - ok
17:30:47.0673 0x37ac NanoServiceMain - ok
17:30:47.0760 0x37ac [ A5FA29F748BBF38FC3FAE4B54FA20A93, 8912F08967CFDD2A74593C9D23F43D6487D1920969C380B39BA8EA4672B24C3B ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
17:30:47.0809 0x37ac NativeWifiP - ok
17:30:47.0839 0x37ac NAVENG - ok
17:30:47.0843 0x37ac NAVEX15 - ok
17:30:47.0904 0x37ac [ C3D9870E680D9D843B18F4626C3858FE, 43596CAC9FB488F810FBA954C52BC4D13F7D32028C40ACFE33DFD7EE36A65C17 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
17:30:47.0927 0x37ac NcaSvc - ok
17:30:47.0955 0x37ac [ 04CE2C0F0759EACD886BA4B658B60D5D, E34D0976FC5936C8629800D826DB127072D1DFC3D350EFACA3AA1B8119551762 ] NcbService C:\WINDOWS\System32\ncbservice.dll
17:30:47.0988 0x37ac NcbService - ok
17:30:48.0002 0x37ac [ E6094065008FE423377294050E7CEA2D, 86E200227256407530E2C28243DEFBC3CB6E9497644404D9AD79DA242286DF7B ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
17:30:48.0010 0x37ac NcdAutoSetup - ok
17:30:48.0071 0x37ac [ 629CB21AC49C8867E0F29DF1C16DB7B4, 20663E68C69D0A1A2FE99A0C2A9DEFABF49786A1DC8F7F4E1699458AF57D7E79 ] ndfltr C:\WINDOWS\System32\drivers\ndfltr.sys
17:30:48.0082 0x37ac ndfltr - ok
17:30:48.0213 0x37ac [ 63560E6BC9BCA978A6B72DF65F7A8930, 278AAB22ED6001E7E336EFC027073EDA727A3D333FF2576D087C92F8E6D768B2 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
17:30:48.0265 0x37ac NDIS - ok
17:30:48.0288 0x37ac [ 6DD605338FAAF6BA17662AA874E0D162, 636607829F5D7C3B7A4683C0A2DD594360D72F2AA3F8710153BE32575AE34A15 ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys
17:30:48.0313 0x37ac NdisCap - ok
17:30:48.0344 0x37ac [ E34196F285F8B8879E1FF36C31F7179E, 77A4F24F995D4C0689C43F9956E08DCEC62517E4F8B1B9EAA1852B5293DB5B9A ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys
17:30:48.0357 0x37ac NdisImPlatform - ok
17:30:48.0410 0x37ac [ 1FAD2398673F30CEC616B89C46B7DCBA, 70302049E6AE2BC6B3A7A9DE54D3F940AD6A9771CC2EBCCEC65994E67A25ECB5 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:30:48.0433 0x37ac NdisTapi - ok
17:30:48.0464 0x37ac [ AEB8ECBE66CC46854066CB1F5623E179, 2F650A85A9DAE38887610C0B876621035616CEDB65D4BBBD7F1405616D218AAF ] Ndisuio C:\WINDOWS\system32\drivers\ndisuio.sys
17:30:48.0471 0x37ac Ndisuio - ok
17:30:48.0488 0x37ac [ 7340104C2BF2F126714F7CDE85E63610, 45B64EC6F3A4C43F7D74806789067658C6EF0D44D36B841F4D26E1EBC95AF66C ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
17:30:48.0492 0x37ac NdisVirtualBus - ok
17:30:48.0531 0x37ac [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] NdisWan C:\WINDOWS\System32\drivers\ndiswan.sys
17:30:48.0543 0x37ac NdisWan - ok
17:30:48.0557 0x37ac [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:30:48.0565 0x37ac ndiswanlegacy - ok
17:30:48.0584 0x37ac [ 78A12E3DF035B5D054986949B19BE43C, AD9B34F89B9F27D473BD5FCE6694A40FCCB808B61ABEDD6F70F1AF6C7E73ABF8 ] ndproxy C:\WINDOWS\system32\DRIVERS\NDProxy.sys
17:30:48.0589 0x37ac ndproxy - ok
17:30:48.0653 0x37ac [ 04C8859355C1DC9C0FA198D1894D71C2, E7C67E73009341B5D402470C686781B3C7BBE2531CE26665E08E711B990B1A77 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
17:30:48.0664 0x37ac Ndu - ok
17:30:48.0693 0x37ac [ 6C76780A01FC2B885BD6E957B5C36B02, DB7834F03A765F65C773E772D8051AFADB22CA4B5074180AA397857A0C47A068 ] NetAdapterCx C:\WINDOWS\system32\drivers\NetAdapterCx.sys
17:30:48.0700 0x37ac NetAdapterCx - ok
17:30:48.0729 0x37ac [ 5D1513BD6430307C9DB86C6E351372ED, D2AB709CF7CFA5B857B084AFC821914A975B7DDDCE154229981F19448973BD6D ] NetBIOS C:\WINDOWS\system32\drivers\netbios.sys
17:30:48.0734 0x37ac NetBIOS - ok
17:30:48.0755 0x37ac [ 6FEBB0A847FFD5F057B9AC8889F1B9A7, 558BCC64C59079E6569F61CCE1219A124B3313FC4E6CB5CBCC94124D202FF19D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
17:30:48.0768 0x37ac NetBT - ok
17:30:48.0781 0x37ac [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] Netlogon C:\WINDOWS\system32\lsass.exe
17:30:48.0786 0x37ac Netlogon - ok
17:30:48.0857 0x37ac [ D3BF2DA9216A4CF22A97820A50A67EFF, D00CBE0A7ECFB449D9B48967A01EE56141404EBE229893D5A1710781AD5F2551 ] Netman C:\WINDOWS\System32\netman.dll
17:30:48.0886 0x37ac Netman - ok
17:30:48.0975 0x37ac [ F2645D51DD8AABC8BC72358409410437, 8CB97628923D6CEA6EFAD7E666BE92C154060BD108C28D46287A520A14B18ADA ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
17:30:49.0045 0x37ac netprofm - ok
17:30:49.0106 0x37ac [ D65F295A049473E6A39EA9A0EA76CA32, 274FC0BA044EB2D14093AB0E561F7FACEE06A3F433C81343C8B926FA2F9BD251 ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll
17:30:49.0130 0x37ac NetSetupSvc - ok
17:30:49.0606 0x37ac [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:30:49.0644 0x37ac NetTcpPortSharing - ok
17:30:49.0763 0x37ac [ 589882D9779C262F10C509BA458746E4, 85A964D69C50602CEE86DA4523D635962DE6526BE425A940340039979D511BA0 ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll
17:30:49.0836 0x37ac NgcCtnrSvc - ok
17:30:49.0930 0x37ac [ 56D1846C49F2D2B0110535AD8C90C0E4, 33C59489919A334E18A971F983E93E4A69FCD243BD06B45BC9A4F5CA224A976B ] NgcSvc C:\WINDOWS\system32\ngcsvc.dll
17:30:50.0038 0x37ac NgcSvc - ok
17:30:50.0163 0x37ac [ 9B9F520C72EE33EAEC857124BB800243, DFA9386B272F4D86F3E4BE861A2FC4617261E1AA40576DDA610FC24AB4961A63 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
17:30:50.0239 0x37ac NlaSvc - ok
17:30:50.0308 0x37ac [ 88960DB46ACCC3FEDEBBB8184D1D8BF5, 6FC18EFC8B4BE7A2A64166C735E1CB9B20E8B62F2296A01576AC1769E3C24E31 ] NNSALPC C:\WINDOWS\system32\DRIVERS\NNSALPC.sys
17:30:50.0329 0x37ac NNSALPC - ok
17:30:50.0418 0x37ac [ 528C0EDB540F0B0A7054D9E2517E8A35, 0762BF4C2D9D8DB648F58CC3D7A919239E4DB8712D8941D53652371F2C025378 ] NNSHTTP C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys
17:30:50.0462 0x37ac NNSHTTP - ok
17:30:50.0481 0x37ac [ DA4688175B84E522F4E0D269475D01D6, D330B09FDD7BEEDB65E7DC2AC3D410F2BC64BEE4ACD663237B4C0F0814C8CE3A ] NNSHTTPS C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys
17:30:50.0499 0x37ac NNSHTTPS - ok
17:30:50.0557 0x37ac [ C71B72375BB54A22F053E7EBDA28BB5C, D188D16BDCED9A5877C8B7791B7C354E266B6B37C110140033E00850372700F5 ] NNSIDS C:\WINDOWS\system32\DRIVERS\NNSIDS.sys
17:30:50.0565 0x37ac NNSIDS - ok
17:30:50.0593 0x37ac [ E4B9C6200A8A1213FD29FAF3C42F5F22, 32B21D03BAE08418E5E3B41D7A792378F9915A4AE24C9007B5192E98D480C12B ] NNSNAHSL C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys
17:30:50.0600 0x37ac NNSNAHSL - ok
17:30:50.0634 0x37ac [ 3F6BAA8B1C4BC50735E54DBDBED734D8, 6E892687D12E947548059E1534ED12EB20DF1A6196EAF73657192C46C9CA7FBB ] NNSPICC C:\WINDOWS\system32\DRIVERS\NNSPICC.sys
17:30:50.0640 0x37ac NNSPICC - ok
17:30:50.0648 0x37ac [ 7585AB5A79BC35C4892DC22E3F523516, DBEB3AB613801574883ADD2DD2011FF295DFB69CB3ACD1FA7952030ED5405CAB ] NNSPIHSW C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys
17:30:50.0653 0x37ac NNSPIHSW - ok
17:30:50.0770 0x37ac [ D9609840CF0571B783A4E81B9061F2B6, 1CED58206E7D90FE20B689DD13427D4C7019239B0AF84CBDA656CF0F2437A726 ] NNSPOP3 C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys
17:30:50.0814 0x37ac NNSPOP3 - ok
17:30:50.0854 0x37ac [ F3F228144410965A196123A4F4D60B66, 9132EE85915DB17B931C3C51819E8522033B3A7AE53B57593F7C77BAD43B9EC3 ] NNSPROT C:\WINDOWS\system32\DRIVERS\NNSPROT.sys
17:30:50.0877 0x37ac NNSPROT - ok
17:30:50.0958 0x37ac [ 8B6BEB3F0980DB3928811F805E97F03E, 42FC0274E20670A81B19FEE7D56CBAAB42F5B632F9489D458E0DBB96B5088D3E ] NNSPRV C:\WINDOWS\system32\DRIVERS\NNSPRV.sys
17:30:50.0973 0x37ac NNSPRV - ok
17:30:51.0054 0x37ac [ 4125E22EF46CFBFB59DEE7F7144E6D74, 4D5C451CA26CF34E0AB6F17F1862398F5E9F6513F306080BDC56893D9B6FBE53 ] NNSSMTP C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys
17:30:51.0065 0x37ac NNSSMTP - ok
17:30:51.0214 0x37ac [ 935ADC2A106BB366F148CB378686D26E, B5B059374CD2DC1CC9FE43046494E7AA880CBE752D38F1BD0EFD7E49879CFFD0 ] NNSSTRM C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys
17:30:51.0236 0x37ac NNSSTRM - ok
17:30:51.0309 0x37ac [ E74AA03D6C9E443EC1C7A35B9B04DAA2, A3B4CB031F33B11F4D5FFE610CD34F8BC4EC6892D850C9ED6B46B20BCFBF0DC1 ] NNSTLSC C:\WINDOWS\system32\DRIVERS\NNSTLSC.sys
17:30:51.0322 0x37ac NNSTLSC - ok
17:30:51.0372 0x37ac [ 001CBD7A2CD45C4EB39C01C3C677EF73, F4AAF4D60DB1232921C7811A62287B55C7C098B7A1FF9A40D88AF58A5ABECBA2 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
17:30:51.0409 0x37ac Npfs - ok
17:30:51.0495 0x37ac [ 90F5DC9802AAA00CD0B6E2AD9E7FFADC, 71C0777829299DECA6ACD42F38802DBE3C29A42CFBD8A396F39DFA44D1F55B6C ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
17:30:51.0509 0x37ac npsvctrig - ok
17:30:51.0816 0x37ac [ C7340B6DEE1DF0856413F69F908ABD84, 9F712505E16543C40A624322DE1C50D3D75ABD41FDC3033BCD7E8E28B599C562 ] NS C:\Program Files\Norton Security\Engine\22.9.4.8\NS.exe
17:30:51.0836 0x37ac NS - ok
17:30:51.0922 0x37ac [ 1993C85962692EF7024501E7FE92D466, F5BCAA8308495EBF8BB061C2015E07C202A779668D171364D7E312975BC18B10 ] nsi C:\WINDOWS\system32\nsisvc.dll
17:30:51.0932 0x37ac nsi - ok
17:30:51.0953 0x37ac [ 0C6218321A09A7B51BA7FFAFBA4CCB21, 330B3FA793A78410B28DFC8250BBF24442E3BB80434A7938BB96F02337614E0D ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
17:30:51.0958 0x37ac nsiproxy - ok
17:30:52.0123 0x37ac [ 8DB6A6B731CEC9046CD8CA0267EC5679, 1C9D826D41B6C069E557B9CBF8762AB02F3C3D817AFD4F9284CD73505477E87C ] NTFS C:\WINDOWS\system32\drivers\NTFS.sys
17:30:52.0220 0x37ac NTFS - ok
17:30:52.0276 0x37ac [ 6E6DD6F9DD2A034CF85E94047DBDB992, 63D0A0756F551B7668D1CBAB24B29FD462C706E8A81690BC248D6C92061FE215 ] Null C:\WINDOWS\system32\drivers\Null.sys
17:30:52.0301 0x37ac Null - ok
17:30:52.0823 0x37ac [ 9859A34471D991AB7437B430C5FA8EDE, 9117AA2A513F161F5F5A382F5A1F5EEA8E36074973B793E9A42FAC55DC7E439A ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
17:30:53.0325 0x37ac nvlddmkm - ok

Twiggy77 23.06.2017 17:55
TDSSKiller Report (Teil 2)
 
17:30:53.0354 0x37ac [ B9EF46C64AFF91523AF14DA36AE20948, CE5B0C98D880BC5FBA0CC81A74F0846B4A91CA26CF092D9184998145715E9240 ] nvpciflt C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
17:30:53.0520 0x37ac nvpciflt - ok
17:30:53.0606 0x37ac [ D261DF41F0840F734856A2B4F5E072C7, 2E703556D0C919375D0B7770513456844B13362190643D5524663EC8546E0FF5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
17:30:53.0641 0x37ac nvraid - ok
17:30:53.0676 0x37ac [ 23B702B555EB0436B9DAA0BC63DA65CE, D454F80D9657CFEC852F022C12D7B2C1A2D7D247ECC591EDB07B9369DFD8C99E ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
17:30:53.0715 0x37ac nvstor - ok
17:30:53.0847 0x37ac [ FFADB2E34CE378F059F57161AD555DBF, 442C79D96012ABD76CB8A4FE1490AEB7D8CC9068170AB85DB7F8115FA807ADB0 ] nvsvc C:\WINDOWS\system32\nvvsvc.exe
17:30:53.0874 0x37ac nvsvc - ok
17:30:53.0956 0x37ac [ 17997DC2441F7E29CDFC6458E0392764, 636CCE2DA1EF8195B33F8D6D5C8CC151D58EBF08DC9AD8ACCCE7ABD41A69639F ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll
17:30:53.0979 0x37ac OneSyncSvc - ok
17:30:54.0051 0x37ac [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:30:54.0063 0x37ac ose - ok
17:30:54.0360 0x37ac [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:30:54.0482 0x37ac osppsvc - ok
17:30:54.0561 0x37ac [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
17:30:54.0594 0x37ac p2pimsvc - ok
17:30:54.0671 0x37ac [ 2BBCED66D7AFC968BDBB0E4D8524DF0A, 762D916390F9DE69B3EA1D31244224F910645F8E5CEF4C505B76B215BFDFCD9A ] p2psvc C:\WINDOWS\system32\p2psvc.dll
17:30:54.0718 0x37ac p2psvc - ok
17:30:54.0760 0x37ac [ 823079C4FF6CE5AB1C61A332FFA8918E, D31EC3DF7F28875FE567D489000B2CC98D34ACB85598C584316047487E90985F ] PandaAgent C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
17:30:54.0765 0x37ac PandaAgent - ok
17:30:54.0818 0x37ac [ 6B81BF7853D161DB8AC62CD8B9C2DE6B, B2DC06D135FD2501217DDA7349556EB873309E02188D4C3901807BA24FAB30C7 ] Parport C:\WINDOWS\System32\drivers\parport.sys
17:30:54.0851 0x37ac Parport - ok
17:30:54.0908 0x37ac [ 0553ECB742278C8F4CFA28B43FF20EAD, ACD7F5BC36573BCEC2C3413DEA687034ECC101EDD3C1544B264BBA29EFCE3425 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
17:30:54.0953 0x37ac partmgr - ok
17:30:55.0048 0x37ac [ CDD8EDF4C35BE6D6137112F5CC7A70DA, 80EECA6BC2E668E5652A5CA9B119CCCE2A2E421F0EED1FD0EAC20C42E77C02ED ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
17:30:55.0103 0x37ac PcaSvc - ok
17:30:55.0172 0x37ac [ 29AF16726F4DD84376ECA85AB6AFF2C6, BEF9EA10637065365ED343C4EBA51191B9BEADD8F1F3362D3EFE75F40BE9A027 ] pci C:\WINDOWS\system32\drivers\pci.sys
17:30:55.0206 0x37ac pci - ok
17:30:55.0310 0x37ac [ 214DCC87E3898F738075D1341252A552, E721FBBC3510DDB848A8CAEA3B6031EE988F42252DBC3BF7BDB6ABD9A0D9FABD ] pciide C:\WINDOWS\system32\drivers\pciide.sys
17:30:55.0346 0x37ac pciide - ok
17:30:55.0406 0x37ac [ AED76A3333B3A31536E430020E0226FC, EC255B79B0908E3C142D92E35B79D90A3F2594BA012CA2B1B04A6A8745153430 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
17:30:55.0429 0x37ac pcmcia - ok
17:30:55.0453 0x37ac [ E63FB38B6E75B39467492FBAD2CD512A, DB406C92BA2460C833A49B98EB5BD58348E868F643A0123B0C9B5315FFC6A124 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
17:30:55.0458 0x37ac pcw - ok
17:30:55.0518 0x37ac [ CA979960D3A580C78EDB4BBD6BD3ABCC, 2A136BC562235D26F6421027B158D406FB1D08FE7D70A50DD3E4D344B0E27205 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
17:30:55.0530 0x37ac pdc - ok
17:30:55.0628 0x37ac [ 1509A77F840AA9E72CF8247D0CF2FBDE, 2D47AD4D8F5C2D871E603FB6D72D25EFD0E63FA3A542DAADAB9D82ED074C0E0B ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
17:30:55.0673 0x37ac PEAUTH - ok
17:30:55.0821 0x37ac [ 2B55ACB1727A8E5E7514D2D75AC4EBEB, 5E7449F3EE0B15E400E405DE561ED2D3932259107A9D9320AE42CA1A5C5AB992 ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll
17:30:55.0921 0x37ac PeerDistSvc - ok
17:30:55.0982 0x37ac [ 540116170E2135FCD5DDE77702166B67, CBEC51C2D47532F1781B3255040F303263420B204C2F8BB2B5D1EC342F57B285 ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys
17:30:55.0990 0x37ac percsas2i - ok
17:30:56.0016 0x37ac [ 8356F87553BF49C703CF382033815898, 245EB941566D848F134629690BF271B1CBEAB6440771D3D8D7AED3756835354E ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys
17:30:56.0022 0x37ac percsas3i - ok
17:30:56.0172 0x37ac [ CB5343FF52A702A9ACFAAE6BE972FE09, EAA5362D91D05D382DF4EBBAA3FD575456F23CAD531CC6F1270F8254892DBF02 ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
17:30:56.0181 0x37ac PerfHost - ok
17:30:56.0310 0x37ac [ D0D57322ABC7473E54472D8374169CC5, BD14A13D6908C8669E56EF9401FD8A3D7C618E8B6556B36E634864E733BCA4B2 ] PhoneSvc C:\WINDOWS\System32\PhoneService.dll
17:30:56.0352 0x37ac PhoneSvc - ok
17:30:56.0417 0x37ac [ C7A94D99CDF054248EFBD9B93D096DA6, F59F0EB5B17DC078E47D044B1126A786D67DC149AC9614CDA6AA1226EEE3EF55 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
17:30:56.0445 0x37ac PimIndexMaintenanceSvc - ok
17:30:56.0590 0x37ac [ F931F21E4287FE3ECCF09B54A232BBA2, CEB7AB3236E5F30214027092B7B695ED35F7A1E007DF4046797D1E4DFEF49EC8 ] pla C:\WINDOWS\system32\pla.dll
17:30:56.0704 0x37ac pla - ok
17:30:56.0765 0x37ac [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
17:30:56.0775 0x37ac PlugPlay - ok
17:30:56.0790 0x37ac [ 56D7A89423325121C4A9BD5C326414F3, 649048C23D1973C3504E26B35362AC99DFE9BF31FFE73F45B43306A212AEA34C ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
17:30:56.0824 0x37ac PNRPAutoReg - ok
17:30:56.0850 0x37ac [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
17:30:56.0880 0x37ac PNRPsvc - ok
17:30:56.0970 0x37ac [ F70CAC34B455D05EAA04B2F8FB58E1CB, 295BFFB3DA03C5CE5462C11D3240024B68AC06E8DEA9062A739BE2CCEE19EB5D ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
17:30:57.0038 0x37ac PolicyAgent - ok
17:30:57.0065 0x37ac [ 60C8376B48BA96F07AEA536527433D44, EB988C119C3E71169B91ED2A744C71933DD35447DC4A8249E80EC24E9E7077D4 ] Power C:\WINDOWS\system32\umpo.dll
17:30:57.0098 0x37ac Power - ok
17:30:57.0153 0x37ac [ 5645B9D9788CCA2C88B9534996ED2D6D, 4988942DF163DB5B9B1A08CE6B628D2C47C2E2EAA30AEAE4EFE21C8CF4C8DC5D ] PptpMiniport C:\WINDOWS\System32\drivers\raspptp.sys
17:30:57.0185 0x37ac PptpMiniport - ok
17:30:57.0474 0x37ac [ 30AA256A85C1A7B17A590B1C5244D28E, 2C1FB30DEF53C37CA0D0CA54B65CB8572C53DDFB430DE57F964253F1082ACEA0 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
17:30:57.0619 0x37ac PrintNotify - ok
17:30:57.0676 0x37ac [ 372913E12677A8CBBBABDD8311894F9D, A5233D95A0D22D2A9DB214E7CB79A99D389B67189FF6A87D0AD4610A333A637F ] Processor C:\WINDOWS\System32\drivers\processr.sys
17:30:57.0684 0x37ac Processor - ok
17:30:57.0769 0x37ac [ 1F115AF75EFBAC28479B4F94A3F8D4A3, BE8D8C50D985F6AF9DDC0F13BDBE2D55D600E1F5E344982536538B14EC484AA6 ] ProfSvc C:\WINDOWS\system32\profsvc.dll
17:30:57.0817 0x37ac ProfSvc - ok
17:30:57.0883 0x37ac [ FC98407B85A31161851FDE245517574F, 2CCD706CF243934FCDA32B24CE0C385EA2E67F206E0306FA584496F583A20CD1 ] Psched C:\WINDOWS\system32\drivers\pacer.sys
17:30:57.0907 0x37ac Psched - ok
17:30:57.0972 0x37ac [ D86DE53B3DDA59CF1A187687E038B3E1, A857BDA0F3A84F6D0EFCBF627AD1D1C1DB4326AF0C47182FB9984D124EB4ECFD ] PSINAflt C:\WINDOWS\system32\DRIVERS\PSINAflt.sys
17:30:58.0006 0x37ac PSINAflt - ok
17:30:58.0061 0x37ac [ 7A0BB6EE85BD4CAC28E82FDC21CF5DBD, 30E9E4169930DC427C61A4AB5D96D0D4305865AC51C0A524621A9A605CB8006C ] PSINFile C:\WINDOWS\system32\DRIVERS\PSINFile.sys
17:30:58.0094 0x37ac PSINFile - ok
17:30:58.0198 0x37ac [ 54994A5A8590B353DC6F827EACEA8824, F633FE283EB41B2206FB4B9E2BD3B1AE0DE8E1D752D18A90D976DB1B8333F483 ] PSINKNC C:\WINDOWS\system32\DRIVERS\PSINKNC.sys
17:30:58.0230 0x37ac PSINKNC - ok
17:30:58.0244 0x37ac [ 3C3DC79600F296191B5E5EB8447F42E5, 5C9BCDEE9A5E71D8D148BA7EA3C40D5239F02D1983E14D4DC91C47D430358A7F ] PSINProc C:\WINDOWS\system32\DRIVERS\PSINProc.sys
17:30:58.0267 0x37ac PSINProc - ok
17:30:58.0288 0x37ac [ 4478E2A174D133D9B7B281B98AE8BECD, F42281235F4E3BC794E60D8C20277A1F5548A855997A4A5691AC88105359F7B4 ] PSINProt C:\WINDOWS\system32\DRIVERS\PSINProt.sys
17:30:58.0296 0x37ac PSINProt - ok
17:30:58.0318 0x37ac [ F50257866AA57FC263BB82654F421599, C0D86653CA9010C21E80AC3F6B98E08AF7D2DEE94E9E3524D7EB9CDBA56E197F ] PSINReg C:\WINDOWS\system32\DRIVERS\PSINReg.sys
17:30:58.0325 0x37ac PSINReg - ok
17:30:58.0363 0x37ac [ 9746D407113028F9CDAC7031D717203E, 7F9A397038732678C52A73E5E2238AB3619E3C1FCB2CE41EFC8E5BD38D77F83E ] PSKMAD C:\WINDOWS\system32\DRIVERS\PSKMAD.sys
17:30:58.0368 0x37ac PSKMAD - ok
17:30:58.0449 0x37ac PSUAService - ok
17:30:58.0527 0x37ac [ 7A68710BAC9B6809314B86C0CB1CBC4A, C02D97993D1F6FE6EFBA5B1366B3A4FE8CE1136A95F3A2DA07BA59554C163501 ] QWAVE C:\WINDOWS\system32\qwave.dll
17:30:58.0590 0x37ac QWAVE - ok
17:30:58.0650 0x37ac [ 819602BBBFDB0BD46DEA3715BF0DD452, D4007FF1E5296316B53436CA3598D6B1CF4F60AB77D5B02F3E595081EDD5D879 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
17:30:58.0695 0x37ac QWAVEdrv - ok
17:30:58.0762 0x37ac [ CDF47037A0939F56D11F699629C276AD, A63F2A3FE80FB8084E3870E907505694B79EE1D9E56E292C01D481FEFD2534B0 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:30:58.0784 0x37ac RasAcd - ok
17:30:58.0879 0x37ac [ 28C2EA278070EE12701D0EDF8CB0EC36, F10288C1C6835840026DB30285345EF892DE989F43C948E7F4760B8895FF675F ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys
17:30:58.0891 0x37ac RasAgileVpn - ok
17:30:58.0954 0x37ac [ 7B82197BF35CC3BE59AEF8B706AB8A16, AB0216164A548A48CD21F5F035E57E867584A96890B9887EC08F8DABDD89F990 ] RasAuto C:\WINDOWS\System32\rasauto.dll
17:30:58.0979 0x37ac RasAuto - ok
17:30:59.0009 0x37ac [ 17E565710172ED71B8531D8822E1C5D1, 0CA39ABD9E544DDAD9D9D7D1FC50444274C31E18F9BF73069051D9F62833698F ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys
17:30:59.0023 0x37ac Rasl2tp - ok
17:30:59.0125 0x37ac [ 28C80449AC9CA09A6DBADF4940C125A7, A827E3A2D7DF67073CCE63C63168B2F4067C7D36E89BB99D4C6F17E46BECEB56 ] RasMan C:\WINDOWS\System32\rasmans.dll
17:30:59.0164 0x37ac RasMan - ok
17:30:59.0189 0x37ac [ 726857E441D1D67F57694A1B613ABD34, 564027EF2E80F99595282FF76B6D339045B7E9AFE72D8DDF2D6EB0D98C329834 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:30:59.0195 0x37ac RasPppoe - ok
17:30:59.0216 0x37ac [ F0F4EEDEEBEE7A4244FAFB96A16B5712, F64717E601BD5EB674003009507B8CDD6F69F00E8670D6895EC64786166A0E8D ] RasSstp C:\WINDOWS\System32\drivers\rassstp.sys
17:30:59.0221 0x37ac RasSstp - ok
17:30:59.0253 0x37ac [ 1A49C9F966A04D031DAD4C73C49D5288, 05C8690948EAA2A55A208D8D34118C27FD5C7D7AEEF4FAD1346E40BBE586946D ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:30:59.0276 0x37ac rdbss - ok
17:30:59.0340 0x37ac [ 79A415E6FA915EFC00297DAB16EC2635, 47BB49F6D756214193D38A4AB182B541AAC180381C3111FF7F9B0AD4C44D8733 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
17:30:59.0346 0x37ac rdpbus - ok
17:30:59.0388 0x37ac [ 7135785C21CA79D270D11037C43D3F19, 654A3C65CF891ED8C82A740D10CF607FC7D709185E664DE03288CEB5B25F03A6 ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
17:30:59.0399 0x37ac RDPDR - ok
17:30:59.0492 0x37ac [ 97A61A3CB2B5CB4FC32B3224EF333448, E4F2E8BCEE3639BE57BBC8A8E67FDE42C3A5158F1204684B0ECD216F4AA044A3 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
17:30:59.0496 0x37ac RdpVideoMiniport - ok
17:30:59.0521 0x37ac [ 69BB204AE07EE84ECFAB1BF13C4BD04B, 1CA832CBF4AE4821EEA2A19F9519C2D1D00406B8CCE2A86FE3B33A5F293DB218 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
17:30:59.0544 0x37ac rdyboost - ok
17:30:59.0671 0x37ac [ 940D6F5A2B0A61EE4170DF84F6C95C20, F8EE846DC8015EDFE7CB5BEEDC977EAA9C586BAC2216DE69D8ECCBDBC7408649 ] ReFSv1 C:\WINDOWS\system32\drivers\ReFSv1.sys
17:30:59.0741 0x37ac ReFSv1 - ok
17:30:59.0815 0x37ac [ 13F6B64235C60167052364BF7D99E4CA, BC12EE00775F7456FB922FBD684BF3F0CFABA5BEBB6E162C23B41DED5C20A978 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
17:30:59.0848 0x37ac RemoteAccess - ok
17:30:59.0900 0x37ac [ 3183B161B1F05333F6C325577FEF3596, D6A89B2A021377B6F371E5B9EFC36FF018822B28F0ED41F8CD2F00C5C8605707 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
17:30:59.0923 0x37ac RemoteRegistry - ok
17:31:00.0008 0x37ac [ 6FF3A30B1220D939D6120646BD5801F3, A526A24912FC5401E96796E41A4945D549486464067179201BCB25BF53049862 ] RetailDemo C:\WINDOWS\system32\RDXService.dll
17:31:00.0085 0x37ac RetailDemo - ok
17:31:00.0213 0x37ac [ C7463D0A8E63A2C2F89E03F98E9EE63F, A1520FAF11CAD2F5785C90F80D1C641AC5B5F8A49216D287D67A4BFF99D8F989 ] RichVideo64 C:\Program Files\CyberLink\Shared files\RichVideo64.exe
17:31:00.0232 0x37ac RichVideo64 - ok
17:31:00.0255 0x37ac [ 5DAA644F17780FC4E3F4820A46D38FEC, 32C27FFA0A4608B164F4E709CD0D998AB73CA9713BE3E47F9DBC7B3D1B6C7453 ] RmSvc C:\WINDOWS\System32\RMapi.dll
17:31:00.0288 0x37ac RmSvc - ok
17:31:00.0343 0x37ac [ 672724C8B21B7DC56646045DE4D5B860, 79986E80A92C949C543959F1E35647A9788DAB2892AC20B6DEA5C0BBC0CEDE9E ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
17:31:00.0365 0x37ac RpcEptMapper - ok
17:31:00.0414 0x37ac [ 109C1D609951E886D3643B15C1EDD1C2, 347D8E7C50EC7F96217C7421D9BC8A42C9DF50B94169CB58DCF857A63C33C2EA ] RpcLocator C:\WINDOWS\system32\locator.exe
17:31:00.0437 0x37ac RpcLocator - ok
17:31:00.0541 0x37ac [ 4A7015195E49A3BA7DB967B277B21E9D, 2EE10950BC0E2B13303491725FB3F0D3AF63518B7D1593BCC4BF503F4A11F408 ] RpcSs C:\WINDOWS\system32\rpcss.dll
17:31:00.0590 0x37ac RpcSs - ok
17:31:00.0649 0x37ac [ 5FF28F097C9699097B473F8FC7C1AA7D, 695560F1DBD85073F3D6CB1FF16F16504CA044EA62E940E463A16BBA8B86E2FA ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys
17:31:00.0656 0x37ac rspndr - ok
17:31:00.0722 0x37ac RtkAudioService - ok
17:31:00.0749 0x37ac [ B5DAEE69BACA64D2BB004568E22D8756, C0072CF6B438ED756435A182D55AC55F3AD356ACBD483DE06A94893D3CA8CCC5 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
17:31:00.0752 0x37ac s3cap - ok
17:31:00.0810 0x37ac [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] SamSs C:\WINDOWS\system32\lsass.exe
17:31:00.0817 0x37ac SamSs - ok
17:31:00.0873 0x37ac [ 5E73FB63E2DBC75FE0C17DEB0010CE0E, 9DAC47486262397D03BC01F7438CAB62CF33BD7B5283F5B9548C770A3D6D0ADC ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
17:31:00.0907 0x37ac sbp2port - ok
17:31:01.0003 0x37ac [ 3CD0130FFDEAEACF0905B482F3934EA3, 1EC355B63135FD2563093EBB206741C0C4CCE0551A662F6DC86C875146A88B06 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
17:31:01.0073 0x37ac SCardSvr - ok
17:31:01.0124 0x37ac [ 5E8ECCE130A72107B6DFDBE26185A7FB, 811E2CE485BC14161FF629069BCCF53B2B8C6F8B1E1A6B3A3C86DBE4F85A5577 ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
17:31:01.0158 0x37ac ScDeviceEnum - ok
17:31:01.0219 0x37ac [ 3D9A82B03C92D1FEC42CB171D6F57778, DC027F02F5EB5F1D10DB6F405FB0C15D4D5C922445F5F3C916624113278AF072 ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
17:31:01.0225 0x37ac scfilter - ok
17:31:01.0287 0x37ac [ D4DB6B318A0A0C74A90260725A228C0B, 57BA2EF9D880488C785C806ABF9EE753A48E589129442D72F815CD6EFFA07B22 ] Schedule C:\WINDOWS\system32\schedsvc.dll
17:31:01.0335 0x37ac Schedule - ok
17:31:01.0393 0x37ac [ B8B1D49283F33E3FFFDB611E51BCA7E5, C467A60150ED3E59D42CA45E8D0410613CC78D1B99DE011CF1C5D82FC799C27B ] scmbus C:\WINDOWS\system32\drivers\scmbus.sys
17:31:01.0398 0x37ac scmbus - ok
17:31:01.0451 0x37ac [ B6F2363584E62960846F7C3F00124A4F, 252189FF9D623CF69BF415FF7C7FE74B0BBF756B632420578BFAFF6595616CF7 ] scmdisk0101 C:\WINDOWS\System32\drivers\scmdisk0101.sys
17:31:01.0484 0x37ac scmdisk0101 - ok
17:31:01.0553 0x37ac [ E189727B3C9909A85B33A16B290E192E, 2C273A9F44EDC5E5435904E9681973854B2F3EBB6100021BB139FF0CCCE9BF20 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
17:31:01.0584 0x37ac SCPolicySvc - ok
17:31:01.0680 0x37ac [ 7C3D10BEC8B0DBA00A78C78EB10B3AE2, A671C9CB97977613576D70607E106C7A29B9EA9E875C7C5AF293EE5903D7AD0A ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
17:31:01.0734 0x37ac sdbus - ok
17:31:01.0786 0x37ac [ F3714DBAA42C15F78FFCDFE4273214EB, 2D018970B92C5F0744FAE10A2FC298F3DCEA5C2EDEB760F4F0651337B9878ABF ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
17:31:01.0809 0x37ac SDRSVC - ok
17:31:01.0911 0x37ac [ 120DFCB71D6C502613A9E2D50E16850C, 2C294010AD1C9C380CD5221A37720544178B7358C8C8553AF44055E4CEE5DAF5 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
17:31:01.0943 0x37ac sdstor - ok
17:31:01.0968 0x37ac [ EFD644DD091E1D94555FC3BBC95EA66D, FBDDA6680BEC378CCF12A32D9186020E884DA15A1E789D1531B1E687FC7B54B1 ] seclogon C:\WINDOWS\system32\seclogon.dll
17:31:01.0979 0x37ac seclogon - ok
17:31:02.0040 0x37ac [ F48535714BED7DD784853889B4594B26, 9B4AB7E7293E79A8F6CC46C84F23E62AD3BD6E958FCE078CDBB125A69FAC7E50 ] SENS C:\WINDOWS\System32\sens.dll
17:31:02.0065 0x37ac SENS - ok
17:31:02.0070 0x37ac Sense - ok
17:31:02.0214 0x37ac [ CF2AEB951CFC56D4F6CF2D66218B673C, CEA0B0E0251EA198893830080EE4CB8A9F18ADBF1F6FEFFC9C7E8AB4588D0639 ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
17:31:02.0292 0x37ac SensorDataService - ok
17:31:02.0445 0x37ac [ C09A42163878A082C3F0D0A3DFE95714, 8033DC38D0EDED3758DA6BF8C1955BE5FFE48863C079C589660B37D0E461300F ] SensorService C:\WINDOWS\system32\SensorService.dll
17:31:02.0496 0x37ac SensorService - ok
17:31:02.0572 0x37ac [ E6F00415DADCEEC860E7AB42BFD19A65, 274CAF22F93D43B6DB6953730E3DF8DA94776B24EEE74B80AB4CD780BC1366A9 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
17:31:02.0604 0x37ac SensrSvc - ok
17:31:02.0664 0x37ac [ 2B487E44AAC4B1360E52BC1618B9EFD1, D6F91C3A74971D531B30F347AB71C4BBEAD703890957A2E642F6642C904E8A82 ] Ser2pl C:\WINDOWS\system32\DRIVERS\ser2pl64.sys
17:31:02.0693 0x37ac Ser2pl - ok
17:31:02.0752 0x37ac [ 401D706DDC0A7AF18C3DD228ADF74551, 27C0B38D7C2E3F6FF06201124E63483931F6071954B2B99EC0143C464238C0B7 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
17:31:02.0762 0x37ac SerCx - ok
17:31:02.0887 0x37ac [ 7084D11083F0CDCA8B5C76F9846ABF5D, F639920882B0E784D8CFAF0D4C0F0C411937B6831E5DD99B0ABFBFE06BA4742F ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
17:31:02.0914 0x37ac SerCx2 - ok
17:31:02.0935 0x37ac [ 3FF478A8ED32A83C36581425F6282B6C, 787646A17098EA7CF36064D0A950C1D470D4A280C8C5AC40023D566E53860EAE ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
17:31:02.0939 0x37ac Serenum - ok
17:31:02.0962 0x37ac [ 92509187AA171A80521528B36F753E1D, FE0DA272B8A155ECC161E99586C4AE7EE17B1C84BC330DA1566C83B8E03FA825 ] Serial C:\WINDOWS\System32\drivers\serial.sys
17:31:02.0968 0x37ac Serial - ok
17:31:02.0984 0x37ac [ 433D38FF6D08B993847EA2A10EB8CB52, 29BA75DB6D1AC761BBDFB5AC8874FC7D763E1CD10D290E369063B34CE951270F ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
17:31:02.0989 0x37ac sermouse - ok
17:31:03.0070 0x37ac [ 82CF273F0E8F243789683DEB40757569, 5433D93A41C4BF04494E6158931C6AC3154888F7CD3A417253EC02FF7EA6D00E ] SessionEnv C:\WINDOWS\system32\sessenv.dll
17:31:03.0105 0x37ac SessionEnv - ok
17:31:03.0139 0x37ac [ 697D3EE0740AEAB62B66ABCA1C83D13B, FCF54A0071ED04AD3FC8551C67FE5FD49089DC0510F753052CAC5972A65C9E3D ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
17:31:03.0143 0x37ac sfloppy - ok
17:31:03.0235 0x37ac [ E38BE81F0F6D9C74E420A82BC6A02AFE, 25D7594FD1BE0B303F9777ACBA702ACD0C27B00D21F82659989C40636851A330 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
17:31:03.0276 0x37ac SharedAccess - ok
17:31:03.0372 0x37ac [ 482E6BE8A07832E824080D352075ACA1, 4123A76C8E805AF4FE229C53E9C174095C0937913BA81A63FE9B45C44AA5B15F ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:31:03.0448 0x37ac ShellHWDetection - ok
17:31:03.0512 0x37ac [ CF3BDF9EAD8D3EF671E9339B44B185BA, C17EC6D5B00F49D9C8B5B6C262A85F34ED71C58450659F006B3632AA84F68E23 ] shpamsvc C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
17:31:03.0557 0x37ac shpamsvc - ok
17:31:03.0607 0x37ac [ A34CE1830E45DA98932295FDE4B7908A, FC553ECF4D64B4B10B7FDE5352707785517A18D487A80665BAFC7261E3F35CDC ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
17:31:03.0633 0x37ac SiSRaid2 - ok
17:31:03.0708 0x37ac [ A7B5C670770E908DA5FEF5BF1136E933, 8D3BB6FF65E631C34BE8EA766481B2FDB2E1E916A4FD67F86705A8975A136E6C ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
17:31:03.0754 0x37ac SiSRaid4 - ok
17:31:03.0814 0x37ac [ D233EAE2A9D48485321816486ED635EF, 03AB49BE9CF15EB7EDC50C400E673B4DF0E5BFDA9A7811E157F2AF2F3CF38D49 ] smphost C:\WINDOWS\System32\smphost.dll
17:31:03.0882 0x37ac smphost - ok
17:31:03.0981 0x37ac [ 0B217141AC1283655402CDB356577735, 6EFA4CA46CFC8B7156CE7E5CA89B7F7073E16D66C2FC13F4DB95FEB78CCF698F ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll
17:31:04.0053 0x37ac SmsRouter - ok
17:31:04.0136 0x37ac [ 6F4CE07D420FB657B5936F71101ABD41, CEC52984C56E578E0FFE12BE1B8148335F788B7D1751F2D0E79B944A41113C20 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
17:31:04.0151 0x37ac SNMPTRAP - ok
17:31:04.0253 0x37ac [ A265FF86BF4C03F47EC277881138675D, 52671A64D22EAA790CAE47D6710289ADB5DBF9BC98CD7CCCF64CA43B2F2A641A ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
17:31:04.0348 0x37ac spaceport - ok
17:31:04.0422 0x37ac [ E03264C4C25B568F92ED1656AD541E64, D42942BFFBC7213D204FAF84F4FE015FC23A6ACB29B5E752834EDBC17A3AC20D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
17:31:04.0465 0x37ac SpbCx - ok
17:31:04.0579 0x37ac [ 1DFE222F8D6A422B7ADC909E0C8840DA, 96761691CF4447710D65573044A1005F2F0F89443DF581A30B97D7944940BB70 ] Spooler C:\WINDOWS\System32\spoolsv.exe
17:31:04.0678 0x37ac Spooler - ok
17:31:04.0964 0x37ac [ 23529A00195CE71252FEBF647E56E27D, 8ADF7A1C96DAE005E9A974D90BE8954F88D49B6848252B88513C49E0A3BD9774 ] sppsvc C:\WINDOWS\system32\sppsvc.exe
17:31:05.0223 0x37ac sppsvc - ok
17:31:05.0398 0x37ac [ DCA26325F46401AA9E1E509D09C0BF95, 4FC82E24B2CADB349786536EBF073CAB653F3CF6F11C769F64B3B24FEB7D3551 ] SRTSP C:\WINDOWS\System32\Drivers\NSx64\1609040.008\SRTSP64.SYS
17:31:05.0459 0x37ac SRTSP - ok
17:31:05.0474 0x37ac [ 730F082876A53B2D13584FA103163BF3, 8406F204F51F18F5049F426EEB30BD4DD22BDE3C928CD0D1CEC10824BBCECADE ] SRTSPX C:\WINDOWS\system32\drivers\NSx64\1609040.008\SRTSPX64.SYS
17:31:05.0498 0x37ac SRTSPX - ok
17:31:05.0576 0x37ac [ 2E0F160AFE1EB7E8C21D6FE782FFFE0B, 0CA845468E42F0448FD7BECFA4E75E8548E20CAAA0DE0C37FFFACF7EB16CE0DE ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
17:31:05.0613 0x37ac srv - ok
17:31:05.0663 0x37ac [ A0BDA7332A9EE59062A7037D161C8715, C08818E52B64BDB194A2434C3F479360C960A99AD08F81CF51D64B7D92EBE0CB ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
17:31:05.0701 0x37ac srv2 - ok
17:31:05.0781 0x37ac [ F13EE0DB1FB1D6946AC3228D7EFCFC8F, 109A809F0338FAB0F4045FA5EE33C6F0A994A9F586B2FBD8920A6AABA0E0EF66 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
17:31:05.0815 0x37ac srvnet - ok
17:31:05.0894 0x37ac [ 44758105AB3EA34E815D4B6CA1153311, 7F223A20D2538C123BAC6F75BE0E126876A116F09502FD980C05B8916E26E1B7 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
17:31:05.0924 0x37ac SSDPSRV - ok
17:31:06.0004 0x37ac [ B97C7EC07218A8002323718202BF5E77, 39D3254383E3F49FD3E2DFF8212F4B5744D8D5E0A6BB320516C5EE525AD211EB ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
17:31:06.0045 0x37ac SstpSvc - ok
17:31:06.0300 0x37ac [ 4E330AD1EED4A5D582EE415FD55953A2, 2C02E1F45F74D250110BA5117AA942495CB2EBAC7F2CCECC284B4FB8F47B13E1 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
17:31:06.0510 0x37ac StateRepository - ok
17:31:06.0701 0x37ac [ 843F16D234D03756B9EB6054B5C62FAA, 529E1F8C6EB4AA881C9FDE9DA6CAFA34F5770E87059E867B8F88B40FE879743D ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:31:06.0718 0x37ac Stereo Service - ok
17:31:06.0783 0x37ac [ 29D26E1347AE1BBD4201014E19880B2C, 9E2153AD96CE4F189EEE43BB02515532C619FB1CA02D8F6DEF517AC3347AAA14 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
17:31:06.0791 0x37ac stexstor - ok
17:31:06.0930 0x37ac [ 505F32DE573ECEDF398DB9E2FC0D5E45, 0F257200BD79C7A62C39279B1C0AF9032028B23561DB71DA9903366A0DF88E5C ] stisvc C:\WINDOWS\System32\wiaservc.dll
17:31:06.0999 0x37ac stisvc - ok
17:31:07.0058 0x37ac [ 6BC6023E866489D22CE30E18846B80D9, FD0D13332F3E267524A9FA7FEC128298D4905722807C172AE8E3DFE445C28DB1 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
17:31:07.0114 0x37ac storahci - ok
17:31:07.0192 0x37ac [ C5E0ACE4771F5575D9D5B457ABF3AD03, 365880BC5AC313F25C313EFB7758301F98D9B2BF4C5FC9499F98C2B7F8407D96 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
17:31:07.0204 0x37ac storflt - ok
17:31:07.0258 0x37ac [ B66D8C75C9BC59D637177AB3B1C569A6, 76252A631F03EEBF5FDC7693F6B0A5E73838CDBE3157114CC96B8BBE88B476BF ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
17:31:07.0270 0x37ac stornvme - ok
17:31:07.0290 0x37ac [ BEBF85EB4D90E6996047DA027D0ED26E, DF109CF0F07CDD1B9B702C2A076D4DD5366DAAD971CC9359AF0358E79981706F ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys
17:31:07.0296 0x37ac storqosflt - ok
17:31:07.0360 0x37ac [ B91FBE7CB4633FEB32AFBD0B48576396, 9EFDD92E8096CE5555F8DC3C870864E5515469603C2373B99B3607234633CA66 ] StorSvc C:\WINDOWS\system32\storsvc.dll
17:31:07.0389 0x37ac StorSvc - ok
17:31:07.0409 0x37ac [ 8E73037A6F8938475692FFCC26EBF385, F78C5CD1A3CD17AA831EEC82426B14006B4DDBC9085A4814E04E8C37FD6B05F7 ] storufs C:\WINDOWS\system32\drivers\storufs.sys
17:31:07.0414 0x37ac storufs - ok
17:31:07.0432 0x37ac [ 9D9DED47DA10E845EFF2DD57C94C809B, 520D0CE7A867051B80C8141E351FE5A5BCE3C99776093F234DB77D3407B1F104 ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
17:31:07.0437 0x37ac storvsc - ok
17:31:07.0490 0x37ac [ 224C92E442B1B8C20C274332F1ACF00D, CDE5DCFB7A21089464A6E2ABB29BBE08B184C3433C218756AA5902A8F67C0B2C ] svsvc C:\WINDOWS\system32\svsvc.dll
17:31:07.0499 0x37ac svsvc - ok
17:31:07.0518 0x37ac [ 505E0C40B5D0ADDCBB414640F59BD2E0, DF4B5E65FE6FF2224F298A2A2FAC9B648C082DFF8463148633647580A9FAD34D ] swenum C:\WINDOWS\System32\drivers\swenum.sys
17:31:07.0524 0x37ac swenum - ok
17:31:07.0553 0x37ac [ 2EE27411B5904C63D723BEA391819F58, C88C11D460E90398E16011B8A2CED5EE5626084F24790EA6115532F8F70060C6 ] swprv C:\WINDOWS\System32\swprv.dll
17:31:07.0573 0x37ac swprv - ok
17:31:07.0668 0x37ac [ 16ABF255E11C98E29800E99AAA879388, 7385D295683C87663BF93C189A9C5DEFAAD96CFAA3FA597AA666FAE6BD018670 ] SymEFASI C:\WINDOWS\system32\drivers\NSx64\1609040.008\SYMEFASI64.SYS
17:31:07.0748 0x37ac SymEFASI - ok
17:31:07.0785 0x37ac [ 3123BDBFE5CF061035D79CB3F3075F82, DB74395045FF4363AE0280F28F9B7D74179181B25829D76A2B048425B59D6B9F ] SymELAM C:\WINDOWS\system32\drivers\NSx64\1609040.008\SymELAM.sys
17:31:07.0789 0x37ac SymELAM - ok
17:31:07.0834 0x37ac [ B439486A910689B6DA73E96404227783, 0F71399AB5D03EDE2F5A00D8D7703A76AFD9DB2CC7B32F363A92B5F365F6B60C ] SymEvent C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
17:31:07.0840 0x37ac SymEvent - ok
17:31:07.0901 0x37ac [ B4BFD2C3A2406E3F8DC39C4E7EF5C1F6, 1F198DBAA99222E0D1190E0E6B0C2A6D234DB6CAC81DE71166E42780882C5B51 ] SymIRON C:\WINDOWS\system32\drivers\NSx64\1609040.008\Ironx64.SYS
17:31:07.0929 0x37ac SymIRON - ok
17:31:07.0972 0x37ac [ 192802618BFA4889818FDD6B2B8CF2B5, 00B5A539775CA732AE3D2590367141C1C7BAF8D342F23C43EBF36B93F9C7BE42 ] SymNetS C:\WINDOWS\System32\Drivers\NSx64\1609040.008\SYMNETS.SYS
17:31:08.0006 0x37ac SymNetS - ok
17:31:08.0077 0x37ac [ 32F46FB0F290D16DAA452B289C985795, 73F88AAAA6026DB4C27F1D054145216DCC3F1960946FB2A7A90518DD1D5737CB ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys
17:31:08.0082 0x37ac Synth3dVsc - ok
17:31:08.0195 0x37ac [ FED48B19D6F55D7A3AB498D85729D1BA, FA5E0E02BC2E2DE108C55991E3B063CC947072228B53539F42F922661510DE7C ] SysMain C:\WINDOWS\system32\sysmain.dll
17:31:08.0244 0x37ac SysMain - ok
17:31:08.0318 0x37ac [ D9FEA79BF6AF136F8E656AE045C2FEC8, E6F08A93348E035185F0F1C6B6277E636F4F25D1136E3ACCA63488DAEEC7114B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
17:31:08.0379 0x37ac SystemEventsBroker - ok
17:31:08.0427 0x37ac [ 86E7FD5C8DBEC1EB51C4368561402B75, 86EE61414CD5854E39E33F67BF5DA4377B569B3ED4D18882C470BC6784891DA1 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
17:31:08.0469 0x37ac TabletInputService - ok
17:31:08.0516 0x37ac [ 3929C8FC134AC672C4F3F85160956257, CD3195CA58BA6F55EA0DDA2BE6AB58280AD1CA488D7AAA1539DD05FB99374F36 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
17:31:08.0560 0x37ac TapiSrv - ok
17:31:08.0711 0x37ac [ F3CFBE74DAF9ABD06F0B2A037DC4C90A, 17644CD7F70CCFFC9C0881AB4017F30D030DE4884B6029C48859C9CF9CA2F14E ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
17:31:08.0832 0x37ac Tcpip - ok
17:31:08.0953 0x37ac [ F3CFBE74DAF9ABD06F0B2A037DC4C90A, 17644CD7F70CCFFC9C0881AB4017F30D030DE4884B6029C48859C9CF9CA2F14E ] Tcpip6 C:\WINDOWS\system32\drivers\tcpip.sys
17:31:09.0048 0x37ac Tcpip6 - ok
17:31:09.0121 0x37ac [ EC9450227A4C661513661F1F9C1F7DD6, 4DB122DECEA7C76BD20A6682958609A40CA2C9EDD236DFA19E9B31C57114DA3A ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
17:31:09.0145 0x37ac tcpipreg - ok
17:31:09.0181 0x37ac [ 0B237F8A96952BF95A14865030E131F2, 263089672218D3A768A6FC9D28DBEFE113D6757A9ECBAB4D364A62AC5DDA8AAE ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
17:31:09.0208 0x37ac tdx - ok
17:31:09.0260 0x37ac [ 06130AFFECEB94525FC2352936576B70, 10EBE2C8FDC087D29E2FFB328F0F7905A5374AB8CC9FAE8699E7676DBC8CBF91 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
17:31:09.0283 0x37ac terminpt - ok
17:31:09.0387 0x37ac [ FB68E5F02316C42BE7282DA492351C6F, AC31D841FEA58B776127E138DB20F8D48E26FD8C00CE2FA9695EA14EBF159A0A ] TermService C:\WINDOWS\System32\termsrv.dll
17:31:09.0510 0x37ac TermService - ok
17:31:09.0552 0x37ac [ 2AF438EC0D361A7BBB70E604A686602C, 4BE6A0461EB2CB94288614434A1CEC81C2ED46241721FD5BBD8ABE0680F7C804 ] Themes C:\WINDOWS\system32\themeservice.dll
17:31:09.0561 0x37ac Themes - ok
17:31:09.0615 0x37ac [ 1482B8ED5CACA87992A882B853B83CEE, 613247F0E362A109090E8563D977DECC50C64D45D6962905FA84A2D59329045C ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
17:31:09.0638 0x37ac TieringEngineService - ok
17:31:09.0688 0x37ac [ 3B3C607C3C62DFBEF61938DA2CAB94DF, E5EEA7F45A7BBFDF6F0003CD77E39958C451DD1B4B401876B5619A3C20F5C370 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
17:31:09.0720 0x37ac tiledatamodelsvc - ok
17:31:09.0734 0x37ac [ C1F8CBE2D4843E0CCC3EFEA2EC60D4AB, 9D07527D982066922318C77AECE99280DE55034C375ACE145E827A6BEB5C3B70 ] TimeBrokerSvc C:\WINDOWS\System32\TimeBrokerServer.dll
17:31:09.0746 0x37ac TimeBrokerSvc - ok
17:31:09.0825 0x37ac [ 46171262D0E806779DEEDFCAB2F830CC, 7F4A4658B8BA217D99E5B5C0E01600C20DC96ECBCA32A5BA7FBE17D2A7B8BFD8 ] TPM C:\WINDOWS\System32\drivers\tpm.sys
17:31:09.0858 0x37ac TPM - ok
17:31:09.0884 0x37ac [ 3B91F35089240F6187AD681A5EC28BDE, 3D035CB73BC8E7831DCD0FB7D9DAD91CE51D3D0F9D9C8B866A0009BD508B6702 ] TrkWks C:\WINDOWS\System32\trkwks.dll
17:31:09.0895 0x37ac TrkWks - ok
17:31:10.0008 0x37ac [ 09440FA30C020B4443391FAFCF4876E3, 208C7725F70C75D8C96CCAF5B22F83B8B1C66D8C9FFF48465B1C9F4A77425569 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
17:31:10.0020 0x37ac TrustedInstaller - ok
17:31:10.0048 0x37ac [ A6F4025664C9D4BC2A9EDAB4092706D7, 89808A1679C0E716F86F06EE7701DCC289200894F0FA1F120DA2AC3A45FDB312 ] tsusbflt C:\WINDOWS\system32\drivers\TsUsbFlt.sys
17:31:10.0059 0x37ac tsusbflt - ok
17:31:10.0079 0x37ac [ 37A96AD493E110C0BF1EE0AC0F9E7DBD, F2A6894A4AEE18DF2B92222CDB0801A13AEEB7212071F0431430788339B30E23 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
17:31:10.0090 0x37ac TsUsbGD - ok
17:31:10.0147 0x37ac [ 5A91FDBA4D3FCB56DAEB8C091B3EB8E1, 8AB91F4423125267FA8509A1C3A9AD1CBD642FA6A96D8789F9AB8CB75ABAD58C ] tsusbhub C:\WINDOWS\system32\drivers\tsusbhub.sys
17:31:10.0169 0x37ac tsusbhub - ok
17:31:10.0196 0x37ac [ 79E264287F17D56D768440B0270466DE, ABF9DC95C5E939B30BFD9BF9EDFDB3BD78A9DFCB055B945965303B6A60E6D7A7 ] tunnel C:\WINDOWS\System32\drivers\tunnel.sys
17:31:10.0205 0x37ac tunnel - ok
17:31:10.0281 0x37ac [ 13781908186770ABE9F8EBCC2B45B138, 4BEC8466254E0C6492CC55CE344A6173878CFA040238C6BE5842E5209F066DEE ] tzautoupdate C:\WINDOWS\system32\tzautoupdate.dll
17:31:10.0314 0x37ac tzautoupdate - ok
17:31:10.0382 0x37ac [ AA65954F512BA097DD190790876DD991, C1BB2B8F54F064D01190327B5E7949EBBDA21D6FC6F94D9FCD20F685C2F855FA ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
17:31:10.0393 0x37ac UASPStor - ok
17:31:10.0435 0x37ac [ AB6268022C3A5B529075A39C33904DA6, 2717F1704640201F2681711543EA39A74C3E89C7DB232EC5DD89FD8AA6F07846 ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys
17:31:10.0446 0x37ac UcmCx0101 - ok
17:31:10.0477 0x37ac [ 7ED2EDA43D21C7A5F589A7960E265C52, 7DB8A595236FBB8A264D7AB155201357212855050ABB5B1036EF32F1223FDCC2 ] UcmTcpciCx0101 C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
17:31:10.0485 0x37ac UcmTcpciCx0101 - ok
17:31:10.0538 0x37ac [ 169351463039B45F5CDED9768879F712, 990C8C4AEF9ED7FF6BCEAE67F7BDAA037777B142B8D96A74F8715C941A5C63C6 ] UcmUcsi C:\WINDOWS\System32\drivers\UcmUcsi.sys
17:31:10.0548 0x37ac UcmUcsi - ok
17:31:10.0583 0x37ac [ 08A9E3AD29B215484FBB68CDC175DF3A, 3EFFF99C3BC4A1454E3D2B5177AE587ED3041AB4CE2A95BA7E28A2124E38E1E5 ] Ucx01000 C:\WINDOWS\system32\drivers\ucx01000.sys
17:31:10.0600 0x37ac Ucx01000 - ok
17:31:10.0619 0x37ac [ DA70AEE267491AA56BC63AA0C0C96CA2, 0A0AADB27607F9292BB3CE000CFDDB19BD4CA09EAAD926C4925CB43B17817AD9 ] UdeCx C:\WINDOWS\system32\drivers\udecx.sys
17:31:10.0624 0x37ac UdeCx - ok
17:31:10.0644 0x37ac [ FBC5ECF6D5A868D0B116C2DBB02B8168, 945AA76C60ABAD6075B5C8F9172C018F75BCF393A1CB8B329F5E68E664627775 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
17:31:10.0656 0x37ac udfs - ok
17:31:10.0678 0x37ac [ B918E40FAA9CD118CCA4AD388B748C98, 4B539B7B656F02C5E5BAEE52A677757B05CC11C5500D619850A564C28FAB8115 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
17:31:10.0682 0x37ac UEFI - ok
17:31:10.0705 0x37ac [ 166B17AE1DD24D8BA8CA474C7C31148F, D34E786277093278F58EFAC957279DC4ED43A190538C875B80F5B1E0A0C30381 ] UevAgentDriver C:\WINDOWS\system32\drivers\UevAgentDriver.sys
17:31:10.0711 0x37ac UevAgentDriver - ok
17:31:10.0823 0x37ac [ FCA4D901FB9934DAB82ED31C4EE89A11, 8EDF8DD71C13DE77AC83D1086670E9E90C69DE379F1CF768C8B9C789254C04AA ] UevAgentService C:\WINDOWS\system32\AgentService.exe
17:31:10.0928 0x37ac UevAgentService - ok
17:31:10.0976 0x37ac [ 0FD75222C1AD2687AB365BEBEA400DD4, AD10DBCA59EB7D34FD8F963CE267F36774A9BC613F8D637903B12AC88C328E8A ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys
17:31:10.0998 0x37ac Ufx01000 - ok
17:31:11.0022 0x37ac [ C1A78C53E01C641AE41BFA65797819F5, 0B9FE1BD724B3315199A1B1DA2F03255E4FE744DA3CE6CD0F77699A8E42E9359 ] UfxChipidea C:\WINDOWS\System32\drivers\UfxChipidea.sys
17:31:11.0028 0x37ac UfxChipidea - ok
17:31:11.0048 0x37ac [ 767307212110EBEFB93EC9A5BE9E85B9, 368797400FE54802CE74F34B773CE2AF09EB8DEA6C035B55419A52F0B5A6FAD0 ] ufxsynopsys C:\WINDOWS\System32\drivers\ufxsynopsys.sys
17:31:11.0056 0x37ac ufxsynopsys - ok
17:31:11.0111 0x37ac [ 8578F83EC5175920F2D8586FFF9DCE47, 049A16AC87F93E761150C8286633FFCA62EE85F5645DDE77D36BD0EB6481FF83 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
17:31:11.0118 0x37ac UI0Detect - ok
17:31:11.0139 0x37ac [ DC460AAA18CA2342FBBFB2DF9B044472, 14D45E059C596AE97506D26705F248CA1C2269160B31A60341060E8A93146CBD ] umbus C:\WINDOWS\System32\drivers\umbus.sys
17:31:11.0144 0x37ac umbus - ok
17:31:11.0157 0x37ac [ C3CF0377917ECE6D65D7623E1E61568F, 4909695E04CBC86BFCFFBC15F332C367521054B7B4D3C141C7CA6B2E40E090B9 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
17:31:11.0161 0x37ac UmPass - ok
17:31:11.0222 0x37ac [ 640CF093C1CF16D5FD317616CA348F31, BEC34D1AACA83BF5A84CE01F6A668E3CA5A33C56A446DC42EFFF7C43D22E1AE6 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
17:31:11.0252 0x37ac UmRdpService - ok
17:31:11.0347 0x37ac [ 6C8E89E9CA8A4E703631E54A5E015AF8, 3C74B9329558ACC4F701099516923DE82CBEDABD8814987221BDF71B53550586 ] UnistoreSvc C:\WINDOWS\System32\unistore.dll
17:31:11.0401 0x37ac UnistoreSvc - ok
17:31:11.0477 0x37ac [ 6CDA3536F6BAB7896A57EAB7DC07F379, 8FBE6457ECD1ABB518D9800EBA8A017774FFAA8EABD2EDC0825181A12FE9AEF6 ] upnphost C:\WINDOWS\System32\upnphost.dll
17:31:11.0514 0x37ac upnphost - ok
17:31:11.0547 0x37ac [ 6B46FC140C9AF68E6E7697D66D59CB4D, F018B4784D65F1A8140A6EA69C35D6A7ECE01738694052FD54AFD2B81A8F2FF8 ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys
17:31:11.0553 0x37ac UrsChipidea - ok
17:31:11.0621 0x37ac [ B4402E7F0923F660270442CE76877ABE, 1C2DD26EAB71F75EA576E8DAABAF71FD7DC3DF807CF025617C774CEF33C0B718 ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys
17:31:11.0627 0x37ac UrsCx01000 - ok
17:31:11.0687 0x37ac [ 9DD431F1B94789CFB527E5D19261F124, 8F5A249A97C5B14B282E3147DD21951D2AD34B651E762814C12F4C26D74EC70C ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys
17:31:11.0692 0x37ac UrsSynopsys - ok
17:31:11.0714 0x37ac [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\WINDOWS\System32\Drivers\usbaapl64.sys
17:31:11.0720 0x37ac USBAAPL64 - ok
17:31:11.0750 0x37ac [ C87E32B90F085970D9637FBAD45EF6FE, C180EACD2EE479277DA5DBF39E43B428BD7945141B2451CB3946B0C1E495E76F ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
17:31:11.0760 0x37ac usbccgp - ok
17:31:11.0782 0x37ac [ 0B663856474AC41924D9E9112203858F, 9E09F2A6279B48CAC09F8C7AA1F1BE02864D540C2ED1460CBA9FABCF0A546A1E ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
17:31:11.0790 0x37ac usbcir - ok
17:31:11.0829 0x37ac [ F83D2250256203AC5DA5E8601C1AFDD7, AC0D90E2DB3051798B9D287CF3D0E92FED4000822E65A82775A29CF896B76F04 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
17:31:11.0835 0x37ac usbehci - ok
17:31:11.0860 0x37ac [ 7FFD26742321919590ED77FCA556D65F, F7FAB63C36F8519F5A7B9091C507F3CB580C390322FAF9155CCE7F66C965B968 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
17:31:11.0880 0x37ac usbhub - ok
17:31:11.0939 0x37ac [ 7A749B2863B5561BE34B39E8E249AD8F, E5B67DFAF5407007FD0CC408D6B4BA19DF59584819FC715E9F9E0FBF3EA00AAB ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
17:31:11.0973 0x37ac USBHUB3 - ok
17:31:11.0997 0x37ac [ D2109F1F4FEBF1DAC415CDC5DE876479, C8A871EBD0E5EF004BA622A73DAC36C03608CD317FDCD0A6A98608DF4CC10D55 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
17:31:12.0001 0x37ac usbohci - ok
17:31:12.0025 0x37ac [ 29C9572F2D061CFC3C0BD48A3163E343, 2527DCC9E6D421F5DC40051C787A5270EB077746785465C9AA2A2AEEF47307D5 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
17:31:12.0029 0x37ac usbprint - ok
17:31:12.0068 0x37ac [ 2EC7B2C8123236B1233A77281D378DF7, D97DB59C9CAE2B8B33C707E8CEA7A65BF88712842CC715D270F7432A99D21BB6 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:31:12.0073 0x37ac usbscan - ok
17:31:12.0138 0x37ac [ 429477D6DEF3321FF7D3EF23CAAADA00, BB7D2AFE99736AAFFA8B0B2DABF7D6A6D5CB9563B1DE6A7E86CE7DC9D27F31C0 ] usbser C:\WINDOWS\System32\drivers\usbser.sys
17:31:12.0146 0x37ac usbser - ok
17:31:12.0179 0x37ac [ 0CC16F7B91C57AE9A4E44425A295FDAA, 7CEE11955E5742DA390601F565412C14A7481B8747C495CCD246696C56B426DC ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
17:31:12.0188 0x37ac USBSTOR - ok
17:31:12.0207 0x37ac [ C917D09064CDBD18F75ADC9B2C48F847, A7F6223346CCD7E84186CD0C0715014F8E3A4398298925A43290224678620D23 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
17:31:12.0211 0x37ac usbuhci - ok
17:31:12.0280 0x37ac [ B4F448F2424492F99F83D3676A453553, 42F1396616EA93BF91EA847B185C321B189F1A5138CA19D22397E8DB6D576973 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
17:31:12.0304 0x37ac usbvideo - ok
17:31:12.0333 0x37ac [ 95BCCEFBC40D06484CF16144FE79B8A5, 8ABA73C5FFEDD319FB96B807AD08716698E557522478DF1A2C5D662675636AE0 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
17:31:12.0348 0x37ac USBXHCI - ok
17:31:12.0365 0x37ac [ 836828E40B9EEFBC77B3032DB677555C, 8AC045B43086E800B03412895D4DBCF506D1B729791CF24EB2ECA3F0F1C9BDEB ] usb_rndisx C:\WINDOWS\System32\drivers\usb8023x.sys
17:31:12.0369 0x37ac usb_rndisx - ok
17:31:12.0484 0x37ac [ A39AFDD26E6F2E5595FF2D3997D7E1FE, 30DE54033DE437C16A069602529E63FF971AF0ABB383885E47B4DF5E0F8483AE ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll
17:31:12.0552 0x37ac UserDataSvc - ok
17:31:12.0676 0x37ac [ A1BDC8AF9F66A71744B5DC99CCEF4058, 098EDA0D186098A8D61DEF20B76F05B978FC3A08A068243FC4823423B430E95B ] UserManager C:\WINDOWS\System32\usermgr.dll
17:31:12.0732 0x37ac UserManager - ok
17:31:12.0819 0x37ac [ F1374B17FE4A4617DFB6D20A0E699763, C3A515594B1593C9F141C342CA1CDB4FE7A3243D8F1785655A3378DB1FE8ED65 ] UsoSvc C:\WINDOWS\system32\usocore.dll
17:31:12.0856 0x37ac UsoSvc - ok
17:31:12.0872 0x37ac [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] VaultSvc C:\WINDOWS\system32\lsass.exe
17:31:12.0879 0x37ac VaultSvc - ok
17:31:12.0896 0x37ac [ 0CBDE344FB48E42D78E29469F202ADBC, A1C3FBA5409DD3BBEAF1D3CE2583D6C8A621C0E4F534155EC540AFD67BC9E8CA ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
17:31:12.0907 0x37ac vdrvroot - ok
17:31:12.0952 0x37ac [ 70D165B3EA8BC576828DC2B964C8D116, 92C9381BDECB5C991F848A02AF2F4189CE0119961FB37E57A37594A80704DDC5 ] vds C:\WINDOWS\System32\vds.exe
17:31:13.0040 0x37ac vds - ok
17:31:13.0118 0x37ac [ 723195568C8755CAD57F7933C5F2C5C2, 5C403799F67223605F825BC16D217C1EF5E1A0DDF00AC6380FE8976339B67D9B ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
17:31:13.0148 0x37ac VerifierExt - ok
17:31:13.0230 0x37ac [ F7F3E80E84E51A6F89831A6F26056A98, CB7587900C466D834693115E1E23D0A44490C128CA1684FB93CB8C34AFCEBC71 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
17:31:13.0271 0x37ac vhdmp - ok
17:31:13.0300 0x37ac [ 7929228F0E8B0C2FA0495A17A4FC27F6, 1F1667B10A96B1D85ED165F62A5C0EF28C37F828B8280EA08BFCC1BAC03F2C90 ] vhf C:\WINDOWS\System32\drivers\vhf.sys
17:31:13.0305 0x37ac vhf - ok
17:31:13.0326 0x37ac [ AEE432ED868831B1F068E373598F6D93, BAE91F47B0CB94B826CA010B490AD924D7B715911DF3FCE62F9165F3B571105C ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
17:31:13.0333 0x37ac vmbus - ok
17:31:13.0346 0x37ac [ 9444B23FC694B5F90F21B0FC7F10D8DD, 86F92856F5C985DD8E5993B51E85E1F47EF8C9B2FB37468998C94266963BB4BD ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
17:31:13.0350 0x37ac VMBusHID - ok
17:31:13.0372 0x37ac [ 4D0287F566B36536DD812A54C015FC4A, 01D6508CA59CF04A47902B1F7C202FD14A81240E0B447588D919DD1072B040CF ] vmgid C:\WINDOWS\System32\drivers\vmgid.sys
17:31:13.0376 0x37ac vmgid - ok
17:31:13.0456 0x37ac [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
17:31:13.0480 0x37ac vmicguestinterface - ok
17:31:13.0509 0x37ac [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicheartbeat C:\WINDOWS\System32\icsvc.dll
17:31:13.0519 0x37ac vmicheartbeat - ok
17:31:13.0544 0x37ac [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
17:31:13.0554 0x37ac vmickvpexchange - ok
17:31:13.0639 0x37ac [ F70DCCE72343449F0D12A0A92282B019, 3EFA99519387BE38C1CB482F1BFC9ED449BE9A5BD86883A1002725B8D4A5ECC1 ] vmicrdv C:\WINDOWS\System32\icsvcext.dll
17:31:13.0666 0x37ac vmicrdv - ok
17:31:13.0702 0x37ac [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicshutdown C:\WINDOWS\System32\icsvc.dll
17:31:13.0714 0x37ac vmicshutdown - ok
17:31:13.0744 0x37ac [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmictimesync C:\WINDOWS\System32\icsvc.dll
17:31:13.0756 0x37ac vmictimesync - ok
17:31:13.0786 0x37ac [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicvmsession C:\WINDOWS\System32\icsvc.dll
17:31:13.0797 0x37ac vmicvmsession - ok
17:31:13.0828 0x37ac [ F70DCCE72343449F0D12A0A92282B019, 3EFA99519387BE38C1CB482F1BFC9ED449BE9A5BD86883A1002725B8D4A5ECC1 ] vmicvss C:\WINDOWS\System32\icsvcext.dll
17:31:13.0839 0x37ac vmicvss - ok
17:31:13.0861 0x37ac [ 29075915F9BDC3437F8BED71C067D399, 2C7718080C11DFDD4C9A2085537F78F5633369B4A27D9C64168F0249594A4AA2 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
17:31:13.0867 0x37ac volmgr - ok
17:31:13.0942 0x37ac [ 6BDB6CE6D2D9E3D3F28F1C97E12B62E2, 5E77D7AF858D7B90FF395F39B86D6F96413D1DDEA28BC9FB40C5524A4DF6DAD0 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
17:31:13.0967 0x37ac volmgrx - ok
17:31:13.0992 0x37ac [ BF2546583BB75F01DDA60A7921DFB230, 579BD0BC55F4F03CD8D1FCDAC3975A1649C688820F2F7FC1AD354132D9E3BEE9 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
17:31:14.0009 0x37ac volsnap - ok
17:31:14.0030 0x37ac [ AC2E20A74D09D24485BE8396CE04F07B, 23FCE8BEE01B89E5CDCA536D75DBA6DCE3E92E13178A66836CEB7829310A89D1 ] volume C:\WINDOWS\system32\drivers\volume.sys
17:31:14.0034 0x37ac volume - ok
17:31:14.0101 0x37ac [ 92F6E3E6D3F1795263EB34B37F74AEF7, 33AB1ECCA1216AF1995E1DB4F11E48156FF62391D7C176C8A4CC1037B9CB3A27 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
17:31:14.0111 0x37ac vpci - ok
17:31:14.0145 0x37ac [ FD9BCB8920973CEAD4D49DC7A6D8A618, 34AB4A485FB40DF737600006D8323BE927FB0BDA2BC170F4C123BE775EAE7CC8 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
17:31:14.0167 0x37ac vsmraid - ok
17:31:14.0303 0x37ac [ DDA66AEF89DAC320A85AECCB4369D2E7, 0F267FC985E0CA3624FC5F4DDA25623649BAD544772179261576F793A0485523 ] VSS C:\WINDOWS\system32\vssvc.exe
17:31:14.0394 0x37ac VSS - ok
17:31:14.0440 0x37ac [ 0C111F220798CCE80484026E06822379, B98A5E44D3ABA67E6DE99E18BF3C2C606923E6269E262665C721F672ACBBED2A ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
17:31:14.0486 0x37ac VSTXRAID - ok
17:31:14.0546 0x37ac [ 607639716E9DB1CEF4E18B5B229293B4, 1D997177093F907EFE8A04AD10443BB9C355C0D7657DBD449E7EE7FCABC3ECBC ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
17:31:14.0570 0x37ac vwifibus - ok
17:31:14.0599 0x37ac [ B1ED64E628763148BF84FBE23F2AD711, 6182A39675E6049BC3DD353694720795A8E3D0331509AA8ABA4883D5C569AD5E ] vwififlt C:\WINDOWS\system32\drivers\vwififlt.sys
17:31:14.0633 0x37ac vwififlt - ok
17:31:14.0697 0x37ac [ B1133B813E4CBF258A392CA08255BA24, 6061F27BD24F39A630ABE77921051785CB4B325156379A5E3636817DD6399C6F ] vwifimp C:\WINDOWS\System32\drivers\vwifimp.sys
17:31:14.0705 0x37ac vwifimp - ok
17:31:14.0809 0x37ac [ 76C1CC611352499326001F25A3ED15F8, 228BFA8A01BB1B3868576D509A2EA6F3D37FEDC8F12D4DC4E0A84CE926C6D1B1 ] W32Time C:\WINDOWS\system32\w32time.dll
17:31:14.0848 0x37ac W32Time - ok
17:31:14.0918 0x37ac [ 55D00B785A7587F4263D125817871283, B92400B229099C1E243F2B149881A1423A2E9C8CA2D77D868B9B923BFDEC7FF2 ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
17:31:14.0941 0x37ac WacomPen - ok
17:31:15.0016 0x37ac [ 1483BE4D0135C378CB61D3CD73AB3E03, B7309C9E4F370860C507BF52D17234CDF4A7FAE95D2D822714E07EF5DEC0249B ] WalletService C:\WINDOWS\system32\WalletService.dll
17:31:15.0059 0x37ac WalletService - ok
17:31:15.0095 0x37ac [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:31:15.0106 0x37ac wanarp - ok
17:31:15.0115 0x37ac [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:31:15.0118 0x37ac wanarpv6 - ok
17:31:15.0251 0x37ac [ 8413D292CD1B27D6B6127B90697F2B1C, E03F9AAC410F5AEDCC30FDB4D8F4739AE7B290EFA735C480A29E9FE53C1D8420 ] wbengine C:\WINDOWS\system32\wbengine.exe
17:31:15.0337 0x37ac wbengine - ok
17:31:15.0450 0x37ac [ 8C521D161445C3E1F38A494E7649E70D, F00990B2FE1FB52C74A2057E6480C5EBF2BDBC32955CC03C6B63360F20A49A18 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
17:31:15.0538 0x37ac WbioSrvc - ok
17:31:15.0602 0x37ac [ E330144B97D493AA886000DCAAA8DAF5, ED86F46F5A76FD8F06CA98BD61B174ADB9AD4B065394356872708DF8B614E4F9 ] wcifs C:\WINDOWS\system32\drivers\wcifs.sys
17:31:15.0646 0x37ac wcifs - ok
17:31:15.0737 0x37ac [ CA10C91D802ABE6E5136E2168C2CD2B4, 5979FF9ED783ED3154257ED0507C7BBAF8C77C081CC30AE835EA8AF7508AAD08 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
17:31:15.0810 0x37ac Wcmsvc - ok
17:31:15.0894 0x37ac [ D50645235A507B0546B1B5CF7D0B8849, 19F5FE10C953B8EE8EEDA9A9F7F2E97AA193BB085E7FC364066686089ADD1C9F ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
17:31:15.0935 0x37ac wcncsvc - ok
17:31:15.0970 0x37ac [ AEA1093B751339267D8C8C1EF3D669CF, 8F3325E7FB16BD856A0593C36F2E3E018909038C52CD5F92E116E0C1366F31CB ] wcnfs C:\WINDOWS\system32\drivers\wcnfs.sys
17:31:15.0981 0x37ac wcnfs - ok
17:31:16.0041 0x37ac [ D520B1B849B6D4D707AB31722B952C2D, 149BABB7BD63C1F212ADD9306C84FFB2A5CE6DC435BD3213EAB787E9B222C61F ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
17:31:16.0075 0x37ac WdBoot - ok
17:31:16.0111 0x37ac [ A556768CC1FA4F36022BEE2F0EDE2566, 3A4BC9DE614F43CD94FA354A565C66B2E1E36C0608D84C6288010B97B9D811AA ] WDC_SAM C:\WINDOWS\System32\drivers\wdcsam64.sys
17:31:16.0136 0x37ac WDC_SAM - ok
17:31:16.0254 0x37ac [ 5030C76047D756263093A47B82970868, E772F15973F6DE36851DD230F1F4190746CD81CA1E7284DC074711C4BF45CAF0 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
17:31:16.0300 0x37ac Wdf01000 - ok
17:31:16.0334 0x37ac [ 29FF9199EDEB4F5470BB134D1A2563D2, 94713F98A6EA6042203D5DD0DE6758F5F0F331F7D4BB05E91EF20CEEEBD6780F ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
17:31:16.0347 0x37ac WdFilter - ok
17:31:16.0406 0x37ac [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
17:31:16.0430 0x37ac WdiServiceHost - ok
17:31:16.0449 0x37ac [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
17:31:16.0459 0x37ac WdiSystemHost - ok
17:31:16.0556 0x37ac [ EDC08B8D3E67F96688774841C247B82A, DB5AFAF87C74431B8EB5420DBF5428691F291B63C2FDE8282EE2E399C76F63F3 ] wdiwifi C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
17:31:16.0647 0x37ac wdiwifi - ok
17:31:16.0700 0x37ac [ 17CF416CFF408190F5A4CBD79AB12E55, E376C8865C7EA633AE20D2CF940E4C7584AC783BAAF7941780FB6C4C84802F33 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
17:31:16.0712 0x37ac WdNisDrv - ok
17:31:16.0769 0x37ac WdNisSvc - ok
17:31:16.0831 0x37ac [ 3570C4E14F85CE0B537D126727ACA91C, A474C9E6B6E4E5945C63367C1D3D24D4782C4A4FEB00FAE15DFED099D8283078 ] WebClient C:\WINDOWS\System32\webclnt.dll
17:31:16.0909 0x37ac WebClient - ok
17:31:16.0947 0x37ac [ 1785F9C96A0BDEC1F6E0C79EF412F342, D6D4EDA69457BEDDA69C2F60FC4C2FAC97D46CD8E9C1804CCD68F169383583E3 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
17:31:16.0993 0x37ac Wecsvc - ok
17:31:17.0027 0x37ac [ B9175D63527B05131F2FA504CF0265F2, 1E43A17788F1B6A29E2889C81E0BE100D64BD3A9DEE7C154D9581F01D2D7D05F ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
17:31:17.0050 0x37ac WEPHOSTSVC - ok
17:31:17.0099 0x37ac [ 5C58EC0C9D4DE04DCDE56F6DCEA62080, 8ED386EDF4C39C339CE0BB2AC7E199C38705E5A6B3F56A4987B9A8ABD19BB59F ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
17:31:17.0123 0x37ac wercplsupport - ok
17:31:17.0172 0x37ac [ F899B355CC95AF26AB36E84E8A0DD685, C400F2F80FFF6473FEF066943C4A2AFF0FFE988A4F755757A2E5005C2A10DAD8 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
17:31:17.0203 0x37ac WerSvc - ok
17:31:17.0234 0x37ac [ E1785942AC51FEE6826CDF02075C5AA9, 56FE7017684086F4F9C3A2C0D3AC00369BA0938BA3987EEBEE9A75B8E3CA0AE1 ] WFPLWFS C:\WINDOWS\system32\drivers\wfplwfs.sys
17:31:17.0256 0x37ac WFPLWFS - ok
17:31:17.0297 0x37ac [ B154618505A6A9026EFA6AB8C4123BF1, 713648D71AA027B4472E7E75B942630DBE7383687984B02A5E99C9E4192C95EB ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
17:31:17.0320 0x37ac WiaRpc - ok
17:31:17.0384 0x37ac [ 0CF79A0EACFFBB75A50A469A27696D02, E112BF7B5A8D0B0AD2EA0E7B9FD4E8CFEC9371C8E94A60248292D688AFE715C4 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
17:31:17.0391 0x37ac WIMMount - ok
17:31:17.0405 0x37ac WinDefend - ok
17:31:17.0447 0x37ac [ 0DE131733317EB4BE67028366B0CAAC6, AC7DADBF03A3752B4D33CA19F03DBCEDD6F56893C2DA25C98B0AB07063D990E3 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
17:31:17.0455 0x37ac WindowsTrustedRT - ok
17:31:17.0517 0x37ac [ 92EB5D38BDF10C790450F3E46BF93A0E, 0FC027398DBD43EDC1F7D703C0B6DB20294DF34E67C9288442039B1A5663CE1B ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
17:31:17.0524 0x37ac WindowsTrustedRTProxy - ok
17:31:17.0638 0x37ac [ 4AB1AC1E60118443A14C241F91AC8FC9, 2B9237AC124874664E31B4F313BAAF8059BD0749653496784B4B89B4B7F66784 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
17:31:17.0684 0x37ac WinHttpAutoProxySvc - ok
17:31:17.0704 0x37ac [ F95DE20312ACCA7761446DE152BD1F7C, F6C5ACA500C2182437F4A7402BD81C3A2B77C0BBD78BA31FB574DC1997FCBFE6 ] WinMad C:\WINDOWS\System32\drivers\winmad.sys
17:31:17.0708 0x37ac WinMad - ok
17:31:17.0844 0x37ac [ CD49CA8E3280ACEEC5ECF431A59F5EFD, 75F48EFC6DEE9E06B490703EE47602AFDEA51505285B02D2CF884601E71857CC ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
17:31:17.0882 0x37ac Winmgmt - ok
17:31:18.0078 0x37ac [ B8C0D620219ECAA23A2AC841EAF454D1, FB527C4D36929D7FAE2A837727C557B7823A72069EBCAB7D16C49E8B21E8D952 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
17:31:18.0236 0x37ac WinRM - ok
17:31:18.0319 0x37ac [ 4EFB346BFDAEEB29316AA52BBB9852B1, 4BC5554F44BD9549D0A929D77BD410FA3EB502A7D0170303D369268672505494 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS
17:31:18.0341 0x37ac WINUSB - ok
17:31:18.0369 0x37ac [ 8B9AFF5F08E66A6F1F1063DEC9457FB6, 98F2AF6988D125521FD34CAA48B9652922F0C8ECFAE9B0C1DF4B3CE6B9CF500F ] WinVerbs C:\WINDOWS\System32\drivers\winverbs.sys
17:31:18.0412 0x37ac WinVerbs - ok
17:31:18.0510 0x37ac [ 15F0990B7C101163FE27D9B19FEB3D43, 5020EF7755E0ACDA77E816C44A5B75286CC1BEA182BECF9D7252EB826A4F1FFE ] wisvc C:\WINDOWS\system32\flightsettings.dll
17:31:18.0550 0x37ac wisvc - ok
17:31:18.0724 0x37ac [ 5A7AA8198156DC2BFF9F064E29D11AF5, 9CBAF1B99B54CDE087E0FC0A2601B3F056F81F2F5AF63B5BB71C7389247E496A ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
17:31:18.0877 0x37ac WlanSvc - ok
17:31:18.0996 0x37ac [ EF39F106D7E0A8918E98E4CDAE25F2E2, B6EDF2646C1E3A1684C40DFC475694DF540C2B1B8E4247AE343E1DF34B1CE4F7 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
17:31:19.0093 0x37ac wlidsvc - ok
17:31:19.0109 0x37ac [ 6F4F4F5A007D1710BD76FB311DA97C07, FC0FEA4364F6BA4E31DBC82735D09D429CA3BE9AFCFF5D5E1263D8B27FC2CE3E ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
17:31:19.0113 0x37ac WmiAcpi - ok
17:31:19.0187 0x37ac [ 3CDDFF6CAD962C5EF1C52FD667C358B6, F6F09145E9461EB17172988D26749FCF36920A1A683459334D04A6D072B31A92 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
17:31:19.0210 0x37ac wmiApSrv - ok
17:31:19.0268 0x37ac WMPNetworkSvc - ok
17:31:19.0309 0x37ac [ 43C8D087B31C592163B33A4BDA540E40, 3A6C4E5E56931B29321DCC723585F2F0E804EF4DCDEAB2A8687F30FC3AE70E43 ] Wof C:\WINDOWS\system32\drivers\Wof.sys
17:31:19.0342 0x37ac Wof - ok
17:31:19.0496 0x37ac [ 5820CC51AB1C368F29ECCA713397D006, AA0CC2BC4DF7DBFB144FF47C3508BEEF00467C9D312C135AFB3406E42C6CD821 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
17:31:19.0618 0x37ac workfolderssvc - ok
17:31:19.0684 0x37ac [ F02930EB91596042F2221397D60AFCE5, 10E2AB0993B67CBAA9E11C68280608965064EC9F7E0C570F5B453FACADB8AB5D ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
17:31:19.0739 0x37ac WPDBusEnum - ok
17:31:19.0799 0x37ac [ 75A9284F01FE7CB1A7D5EAE5C1EB4F33, 390EF23AEA06D8711555F7979FF8BE0620B53C1A551638C4EC6FB7C6678965B3 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
17:31:19.0821 0x37ac WpdUpFltr - ok
17:31:19.0862 0x37ac [ 60E2EB3E7B7F15C25E02462159F90707, D8344B529EEC0D4922CAC3E6897CC9F191ACF1376017BE38ED6BF6019F1ED181 ] WpnService C:\WINDOWS\system32\WpnService.dll
17:31:19.0903 0x37ac WpnService - ok
17:31:19.0933 0x37ac [ C7C91FB86A3C6CD7619725A88ED1884C, 132C43C518F37BF303D768BD5FB0AB835F693C43FE693937D804A34E940D770F ] WpnUserService C:\WINDOWS\System32\WpnUserService.dll
17:31:19.0942 0x37ac WpnUserService - ok
17:31:19.0997 0x37ac [ 36D7B73ADC3E10607ED6EC874AFB5D1E, 1737B3E4D2CA76BB27903BF460E4960E6A0BC32D35069AC7C5E4B07F625F3282 ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
17:31:20.0002 0x37ac ws2ifsl - ok
17:31:20.0075 0x37ac [ 9A0E0B836413EB0BC885532D2A5389D6, AFEE4A0578D5581E4D72999A33C0DEA6253BD891F611AFF9AFDE4160A60105F3 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
17:31:20.0105 0x37ac wscsvc - ok
17:31:20.0126 0x37ac [ 696EC2EAA2A42A137CCBB9A84D6917C0, 424089F4F373962AF8357C5D4D43F35948989BE3F58EAD3690F565F4C1BBC66F ] WSDPrintDevice C:\WINDOWS\System32\drivers\WSDPrint.sys
17:31:20.0132 0x37ac WSDPrintDevice - ok
17:31:20.0150 0x37ac [ 46E4A69825A7554A5DB784A55F8AD203, 7F347054FCDD5DEF93083D420E56EBE5EEBBAE2BD2FED9B2E75E85149DE52780 ] WSDScan C:\WINDOWS\system32\DRIVERS\WSDScan.sys
17:31:20.0154 0x37ac WSDScan - ok
17:31:20.0161 0x37ac WSearch - ok
17:31:20.0318 0x37ac [ A44EAEFD97814D970870F393A06E6F43, 58EF20121E656F1FBB7ADD9AAE789DFE6E8BA9FB3363678645708C9DDEB9814E ] wuauserv C:\WINDOWS\system32\wuaueng.dll
17:31:20.0413 0x37ac wuauserv - ok
17:31:20.0440 0x37ac [ AED7FE551E8672B824A56324076183EB, FFE543AAEFDEFFE6B20C244DB141A9425BDA88ED36F4870F0B70FEC433BDF0C1 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
17:31:20.0451 0x37ac WudfPf - ok
17:31:20.0519 0x37ac [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFRd C:\WINDOWS\system32\drivers\WudfRd.sys
17:31:20.0553 0x37ac WUDFRd - ok
17:31:20.0629 0x37ac [ 47F6450F28BAA32B2AB0D6BE00996249, C8A47D6ADF89AD613AB685C6224B9099DCEFDCD8ABCF703542AFDC356404116E ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
17:31:20.0676 0x37ac wudfsvc - ok
17:31:20.0713 0x37ac [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
17:31:20.0722 0x37ac WUDFWpdFs - ok
17:31:20.0747 0x37ac [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
17:31:20.0755 0x37ac WUDFWpdMtp - ok
17:31:20.0866 0x37ac [ D313FF382A26D1295B212A66EE3E52A8, 59FEF2AF611507BCB6FE036A7D4F1595F3449B76F9B055CDC67DC1BE1D90EEB8 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
17:31:20.0927 0x37ac WwanSvc - ok
17:31:21.0058 0x37ac [ 7EF75102A793AAA6AAA45A4F7C15FF4D, A3FB68905F3E3A7DE52B85FAD966ABCB787FAC7E709964CE9BF2A4F9AC8B0653 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll
17:31:21.0112 0x37ac XblAuthManager - ok
17:31:21.0279 0x37ac [ 765FF96467A26C4C03281ECA426EC2D9, 2526B03C518D72F429C29BA4D4F11707AF277BF71520A1A92238A932950AE161 ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll
17:31:21.0341 0x37ac XblGameSave - ok
17:31:21.0392 0x37ac [ DB77764B46D02DCB9777D9E00A3F7D63, 469491E3A57FBB0CB0482A2493823B57410E24A5BD4C1C96D79FE9888F7827BB ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys
17:31:21.0434 0x37ac xboxgip - ok
17:31:21.0541 0x37ac [ 1A8D9EA4DD1A3E276B85EDB05B42BEC7, 23FC10AC29BDF917AEDB3AAF82537EC2C72453E52B41836FD83643054FA4F0BE ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll
17:31:21.0609 0x37ac XboxNetApiSvc - ok
17:31:21.0672 0x37ac [ 63088A3361D9A308F328F11E9099DD87, E03FDB932FC57F199C8F8A8EADA338BDF7D2F9C6CB8FAB679A92B48B1E5AFE8A ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys
17:31:21.0683 0x37ac xinputhid - ok
17:31:21.0689 0x37ac ================ Scan global ===============================
17:31:21.0759 0x37ac [ 0C710DB449712EE13ACE733695DB7780, BBC7875B38D318CE4E88979D083AC72E8993254A466A8A6882DDE9E0C3B687A3 ] C:\WINDOWS\system32\basesrv.dll
17:31:21.0827 0x37ac [ F109EE1ACA4F7E5714C892D2B01D0890, 1915BD17558BE17C3242AF014351676D47E22A7E8A455A14C23B564E726DB061 ] C:\WINDOWS\system32\winsrv.dll
17:31:21.0911 0x37ac [ 1EE06E957B0B2CA52D26DA7861E160EF, 4B743A1C7010138F5F6684BBCF7CAD6FD05F49920BDD3FDB776347AA6B44AB94 ] C:\WINDOWS\system32\sxssrv.dll
17:31:22.0009 0x37ac [ 9A3B47CD17283B299311013AD3D21D26, 48D5695E7610E7A742E403B2C37664D961E466C10E4FFAE07C8AB6B5BE5F7BF8 ] C:\WINDOWS\system32\services.exe
17:31:22.0027 0x37ac [ Global ] - ok
17:31:22.0028 0x37ac ================ Scan MBR ==================================
17:31:22.0041 0x37ac [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:31:22.0501 0x37ac \Device\Harddisk0\DR0 - ok
17:31:22.0502 0x37ac ================ Scan VBR ==================================
17:31:22.0507 0x37ac [ 06360A7E219C92303DDBFAC0DD7C8A66 ] \Device\Harddisk0\DR0\Partition1
17:31:22.0510 0x37ac \Device\Harddisk0\DR0\Partition1 - ok
17:31:22.0515 0x37ac [ E6AB97339A30BCA9CD2775DE03657A18 ] \Device\Harddisk0\DR0\Partition2
17:31:22.0519 0x37ac \Device\Harddisk0\DR0\Partition2 - ok
17:31:22.0520 0x37ac ================ Scan generic autorun ======================
17:31:22.0581 0x37ac [ 6A59AE2735639095CD93E58B0893914C, A1BFC257313185BD4BE63275C1B58877151C31DE3173EADE685199E9D28A23D9 ] C:\WINDOWS\system32\igfxtray.exe
17:31:22.0597 0x37ac IgfxTray - ok
17:31:22.0621 0x37ac [ 4341A0AE66759EDC080D92DAA0D9B341, A17D7A56627ECBE7D23E634A9E726BA2E3682A7EB75659AE68A426FF2954C717 ] C:\WINDOWS\system32\hkcmd.exe
17:31:22.0637 0x37ac HotKeysCmds - ok
17:31:22.0672 0x37ac [ 5451A9DA41DA19CDD467616492D4096F, 54CBA128702FFF112AE8BA4B187D00CC3ABAB68D3EB1B915193E50523D4DA73F ] C:\WINDOWS\system32\igfxpers.exe
17:31:22.0689 0x37ac Persistence - ok
17:31:22.0737 0x37ac ETDCtrl - ok
17:31:23.0357 0x37ac [ 65E8545F1297CD83534C354A7BED1848, 19B3F3C17A335837454DC1851C6436D0BB2D8B1595AEB4DC71265FB20868B48F ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
17:31:23.0686 0x37ac RtHDVCpl - ok
17:31:23.0811 0x37ac [ C7645D43451C6D94D87F4D07BDE59C89, 495BBA47FC43EE23054FCD419F2F00457162D1C04296900C6AEA551102A810F3 ] C:\Windows\system32\rundll32.exe
17:31:23.0819 0x37ac Logitech Download Assistant - ok
17:31:24.0007 0x37ac [ EB2F390D267304F3B8FBAB3FA197CC02, 16FA6C151BE48ABB419C5666128120B326DB1BB7726800CD07432EA1180058BF ] C:\Program Files\Elantech\ETDCtrl.exe
17:31:24.0096 0x37ac ETDWare - ok
17:31:24.0162 0x37ac [ 466810EE770FAA1AAB6269EF58985DF0, 4C1CDA394655DAB9232716FFC41D157C08B3AB486641FE21958D3CD5C90B85E4 ] C:\Program Files\Common Files\MAYComputer\eDocPrintPro\ApplyEsf.exe
17:31:24.0215 0x37ac ApplyEsf-eDocPrintPro - ok
17:31:24.0315 0x37ac [ 60939CA3059FE5C5153EE953DA8AAFD7, 01717357190787E4BD5520AA84A8F98DC3BE412A6A69F8DBCAA0E5062703CBEB ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
17:31:24.0411 0x37ac NvBackend - ok
17:31:24.0443 0x37ac [ C7F017C9B163E7DAB864649E8241F683, F007F107FCA0E3A12D7E900101EBF02C2453D4AA56BE18769E86B592C88C5106 ] C:\Program Files\iTunes\iTunesHelper.exe
17:31:24.0450 0x37ac iTunesHelper - ok
17:31:24.0494 0x37ac [ 08B438A5A06CD877F19B92F6868C031D, 2011F2AE42A0F28D449167BD1003F7EFD6FDB4B22D52BFF9A8B556039148D556 ] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
17:31:24.0501 0x37ac NUSB3MON - ok
17:31:24.0803 0x37ac [ 6529C89512CE4498919BDC512572F82C, DFF9BB4BFAFE8BA2E1F13B668C6E010FD18591B0CECF65574EA5E14143C79A83 ] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
17:31:24.0978 0x37ac ATKOSD2 - ok
17:31:25.0145 0x37ac [ 5666955DC9FD455A003D86A21E0483A9, 359E2B5857269EDCE395D6171642EAC8B23170AA5266932B2BAE1E5955E8FE77 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
17:31:25.0157 0x37ac ATKMEDIA - ok
17:31:25.0203 0x37ac [ 5AEBF6FA9805C9101220AA4FB4FA17E7, A9B2FC41380211A6C44E839A95676A5BA868CEEBB56D83A780230434C2A20836 ] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
17:31:25.0211 0x37ac HControlUser - ok
17:31:25.0267 0x37ac [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
17:31:25.0302 0x37ac BCSSync - ok
17:31:25.0445 0x37ac [ 0BA2D83CC927053D6EBE5EB78E87E809, 86585BFC7B2C3E1D4A725B93C7CE105DDEC585725602814E8A586444B564927F ] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
17:31:25.0508 0x37ac CanonQuickMenu - ok
17:31:25.0545 0x37ac PSUAMain - ok
17:31:25.0642 0x37ac [ A443A7C05ABF0FCD16E89593F63B633B, 3F579132A39AEC2513CD286AB9A43534DC05F9502FD1A369126236F69EF76282 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
17:31:25.0676 0x37ac SunJavaUpdateSched - ok
17:31:26.0182 0x37ac [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
17:31:26.0584 0x37ac OneDriveSetup - ok
17:31:26.0987 0x37ac [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
17:31:27.0198 0x37ac OneDriveSetup - ok
17:31:27.0557 0x37ac [ C5D30E88C97825CF0652B60C42F103AD, D605DC9021021714BDA36EF48C335F85C77F85474A21B6E5258270E1703B8DC8 ] C:\Users\marku\AppData\Local\Microsoft\OneDrive\OneDrive.exe
17:31:27.0598 0x37ac OneDrive - ok
17:31:27.0668 0x37ac [ 06F6DB72ADABC5E858F38EF69014CE52, B4AEABF3EA6FCABBED879D642BA070DF9C244E28DB5BDC3211205C7B8DB97BFB ] C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
17:31:27.0837 0x37ac OfficeSyncProcess - ok
17:31:27.0891 0x37ac [ D8D796A4EEA0F9B7A25097AE08B2A62A, F1A5F33A95187663A71753ED1E28B68424298E1612EEFDC027CDF6A3387D5D32 ] C:\Program Files (x86)\Microsoft Office\Office14\GROOVEMN.EXE
17:31:27.0936 0x37ac GrooveMonitor - ok
17:31:27.0939 0x37ac GoogleDriveSync - ok
17:31:28.0145 0x37ac [ F4F684066175B77E0C3A000549D2922C, 935C1861DF1F4018D698E8B65ABFA02D7E9037D8F68CA3C2065B6CA165D44AD2 ] C:\WINDOWS\system32\cmd.exe
17:31:28.0183 0x37ac Uninstall C:\Users\marku\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64 - ok
17:31:28.0216 0x37ac [ F4F684066175B77E0C3A000549D2922C, 935C1861DF1F4018D698E8B65ABFA02D7E9037D8F68CA3C2065B6CA165D44AD2 ] C:\WINDOWS\system32\cmd.exe
17:31:28.0224 0x37ac Uninstall 17.3.6799.0327\amd64 - ok
17:31:28.0259 0x37ac [ F4F684066175B77E0C3A000549D2922C, 935C1861DF1F4018D698E8B65ABFA02D7E9037D8F68CA3C2065B6CA165D44AD2 ] C:\WINDOWS\system32\cmd.exe
17:31:28.0267 0x37ac Uninstall 17.3.6799.0327 - ok
17:31:28.0665 0x37ac [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
17:31:28.0876 0x37ac OneDriveSetup - ok
17:31:29.0064 0x37ac [ 2781E6EF593909A8B73FE1AD397F778A, E892D6C57F8903E20129E75A9B877690229280FD8106B5C7F96173175EA1AC4E ] C:\Program Files (x86)\Windows Mail\wab.exe
17:31:29.0100 0x37ac WAB Migrate - ok
17:31:29.0268 0x37ac AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.1198 ), 0x60100 ( disabled : updated )
17:31:29.0361 0x37ac AV detected via SS2: Norton Security, C:\Program Files\Norton Security\Engine\22.9.4.8\WSCStub.exe ( 22.9.0.0 ), 0x51000 ( enabled : updated )
17:31:29.0366 0x37ac FW detected via SS2: Norton Security, C:\Program Files\Norton Security\Engine\22.9.4.8\WSCStub.exe ( 22.9.0.0 ), 0x51010 ( enabled )
17:31:29.0368 0x37ac ============================================================
17:31:29.0368 0x37ac Scan finished
17:31:29.0368 0x37ac ============================================================
17:31:29.0393 0x2434 Detected object count: 0
17:31:29.0393 0x2434 Actual detected object count: 0

Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 23.06.2017
Suchlaufzeit: 18:17
Protokolldatei: malware.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2017.06.23.07
Rootkit-Datenbank: v2017.05.27.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: marku

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 351311
Abgelaufene Zeit: 30 Min., 33 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 4
PUP.Optional.MindSpark, C:\Users\marku\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_videodownloadconverter.dl.myway.com_0.localstorage, , [861ddf63dacf171fee38a73f808204fc],
PUP.Optional.MindSpark, C:\Users\marku\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_videodownloadconverter.dl.myway.com_0.localstorage-journal, , [267d4ff3c2e75ed80f1722c41fe3718f],
PUP.Optional.MindSpark, C:\Users\marku\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_videodownloadconverter.dl.tb.ask.com_0.localstorage, , [bfe49ba702a762d423047a6cb64ce41c],
PUP.Optional.MindSpark, C:\Users\marku\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_videodownloadconverter.dl.tb.ask.com_0.localstorage-journal, , [b7ec7ac8d1d846f08c9bc91d50b2ac54],

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)


Alle Zeitangaben in WEZ +1. Es ist jetzt 21:40 Uhr.

Copyright ©2000-2024, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129