haukilein | 02.12.2016 21:18 | mbar-log-2016-12-02 (19-48-29).txt Code:
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2016.12.02.10
rootkit: v2016.11.20.01
Windows 10 x64 NTFS
Internet Explorer 11.447.14393.0
haukilein :: HAL3000 [administrator]
02.12.2016 19:48:29
mbar-log-2016-12-02 (19-48-29).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 334772
Time elapsed: 14 minute(s), 11 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end) :kaffee:
log-file von TDSS Killer bzw. Report: Code:
20:28:22.0084 0x197c TDSS rootkit removing tool 3.1.0.12 Nov 7 2016 07:10:01
20:28:22.0084 0x197c UEFI system
20:28:27.0001 0x197c ============================================================
20:28:27.0001 0x197c Current date / time: 2016/12/02 20:28:27.0001
20:28:27.0001 0x197c SystemInfo:
20:28:27.0001 0x197c
20:28:27.0001 0x197c OS Version: 10.0.14393 ServicePack: 0.0
20:28:27.0001 0x197c Product type: Workstation
20:28:27.0001 0x197c ComputerName: HAL3000
20:28:27.0001 0x197c UserName: haukilein
20:28:27.0001 0x197c Windows directory: C:\WINDOWS
20:28:27.0001 0x197c System windows directory: C:\WINDOWS
20:28:27.0001 0x197c Running under WOW64
20:28:27.0001 0x197c Processor architecture: Intel x64
20:28:27.0001 0x197c Number of processors: 4
20:28:27.0001 0x197c Page size: 0x1000
20:28:27.0001 0x197c Boot type: Normal boot
20:28:27.0001 0x197c CodeIntegrityOptions = 0x00000001
20:28:27.0001 0x197c ============================================================
20:28:27.0216 0x197c KLMD registered as C:\WINDOWS\system32\drivers\14890317.sys
20:28:27.0216 0x197c KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.447, osProperties = 0x19
20:28:27.0818 0x197c System UUID: {01F77DBA-2507-BB59-4235-4A4C380E82BF}
20:28:28.0288 0x197c Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:28:28.0288 0x197c ============================================================
20:28:28.0288 0x197c \Device\Harddisk0\DR0:
20:28:28.0288 0x197c GPT partitions:
20:28:28.0288 0x197c \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {71DAC786-CA86-4152-96B8-6213FA2BF96C}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x1F4000
20:28:28.0288 0x197c \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {67A6C682-D072-4091-8D5F-3C486A6C4572}, Name: EFI system partition, StartLBA 0x1F4800, BlocksNum 0x82000
20:28:28.0288 0x197c \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {BFBFAFE7-A34F-448A-9A5B-6213EB736C22}, UniqueGUID: {8DB12B57-7616-48E9-84A2-9EF046F3269B}, Name: Basic data partition, StartLBA 0x276800, BlocksNum 0x1F4000
20:28:28.0288 0x197c \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {6A0C33CD-FA2D-4E07-B68A-433A3E07C74F}, Name: Microsoft reserved partition, StartLBA 0x46A800, BlocksNum 0x40000
20:28:28.0288 0x197c \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {EC5F542F-093F-45B6-8AAB-F16BBFDFAC74}, Name: Basic data partition, StartLBA 0x4AA800, BlocksNum 0x6F3A5800
20:28:28.0288 0x197c \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {257702C9-CF06-4CD0-99B5-354B097EB1E7}, Name: Basic data partition, StartLBA 0x6F850000, BlocksNum 0x3200000
20:28:28.0288 0x197c \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {1FFB7406-1066-45DC-98A2-850D77FB542B}, Name: Basic data partition, StartLBA 0x72A50000, BlocksNum 0x1CB6800
20:28:28.0288 0x197c MBR partitions:
20:28:28.0288 0x197c ============================================================
20:28:28.0288 0x197c C: <-> \Device\Harddisk0\DR0\Partition5
20:28:28.0288 0x197c D: <-> \Device\Harddisk0\DR0\Partition6
20:28:28.0288 0x197c ============================================================
20:28:28.0288 0x197c Initialize success
20:28:28.0288 0x197c ============================================================
20:28:53.0866 0x1cd8 ============================================================
20:28:53.0866 0x1cd8 Scan started
20:28:53.0866 0x1cd8 Mode: Manual; SigCheck; TDLFS;
20:28:53.0866 0x1cd8 ============================================================
20:28:53.0866 0x1cd8 KSN ping started
20:28:53.0966 0x1cd8 KSN ping finished: true
20:28:56.0193 0x1cd8 ================ Scan system memory ========================
20:28:56.0193 0x1cd8 System memory - ok
20:28:56.0193 0x1cd8 ================ Scan services =============================
20:28:56.0246 0x1cd8 0086051480502312mcinstcleanup - ok
20:28:56.0329 0x1cd8 1394ohci - ok
20:28:56.0331 0x1cd8 3ware - ok
20:28:56.0331 0x1cd8 ACPI - ok
20:28:56.0346 0x1cd8 AcpiDev - ok
20:28:56.0346 0x1cd8 acpiex - ok
20:28:56.0346 0x1cd8 acpipagr - ok
20:28:56.0346 0x1cd8 AcpiPmi - ok
20:28:56.0346 0x1cd8 acpitime - ok
20:28:56.0362 0x1cd8 [ 561E1023BEB555A77DBEAFB83E74BA14, EBB6C4878F6D7BEF8AD861AF5F262DACE96ECCA68308E30E319CE962FC5C5F35 ] ACPIVPC C:\WINDOWS\System32\drivers\AcpiVpc.sys
20:28:56.0393 0x1cd8 ACPIVPC - ok
20:28:56.0431 0x1cd8 [ C92B0A0957ACAD3CEEF502A2CA10ACB8, 78BF46318B69D9479ECDC83446DD8D454AA2A9A9D94B33C5FC68933DB18AFA3B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:28:56.0431 0x1cd8 AdobeARMservice - ok
20:28:56.0447 0x1cd8 ADP80XX - ok
20:28:56.0447 0x1cd8 AFD - ok
20:28:56.0447 0x1cd8 ahcache - ok
20:28:56.0447 0x1cd8 AJRouter - ok
20:28:56.0462 0x1cd8 ALG - ok
20:28:56.0462 0x1cd8 AmdK8 - ok
20:28:56.0462 0x1cd8 AmdPPM - ok
20:28:56.0462 0x1cd8 amdsata - ok
20:28:56.0462 0x1cd8 amdsbs - ok
20:28:56.0462 0x1cd8 amdxata - ok
20:28:56.0478 0x1cd8 AppID - ok
20:28:56.0478 0x1cd8 AppIDSvc - ok
20:28:56.0478 0x1cd8 Appinfo - ok
20:28:56.0526 0x1cd8 [ 6EB87FDB59AABF6D19C927492DEA0D36, 36168F8CC75D16917A30FA1FACF57659BC2ADF870D20DEE93F851D5348E605BB ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:28:56.0531 0x1cd8 Apple Mobile Device Service - ok
20:28:56.0531 0x1cd8 applockerfltr - ok
20:28:56.0531 0x1cd8 AppReadiness - ok
20:28:56.0531 0x1cd8 AppXSvc - ok
20:28:56.0531 0x1cd8 arcsas - ok
20:28:56.0531 0x1cd8 AsyncMac - ok
20:28:56.0547 0x1cd8 atapi - ok
20:28:56.0547 0x1cd8 athr - ok
20:28:56.0547 0x1cd8 AudioEndpointBuilder - ok
20:28:56.0547 0x1cd8 Audiosrv - ok
20:28:56.0547 0x1cd8 AxInstSV - ok
20:28:56.0563 0x1cd8 b06bdrv - ok
20:28:56.0563 0x1cd8 BasicDisplay - ok
20:28:56.0563 0x1cd8 BasicRender - ok
20:28:56.0578 0x1cd8 bcmfn - ok
20:28:56.0578 0x1cd8 bcmfn2 - ok
20:28:56.0578 0x1cd8 BDESVC - ok
20:28:56.0578 0x1cd8 Beep - ok
20:28:56.0578 0x1cd8 BFE - ok
20:28:56.0578 0x1cd8 BITS - ok
20:28:56.0610 0x1cd8 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:28:56.0629 0x1cd8 Bonjour Service - ok
20:28:56.0632 0x1cd8 bowser - ok
20:28:56.0632 0x1cd8 BrokerInfrastructure - ok
20:28:56.0632 0x1cd8 Browser - ok
20:28:56.0632 0x1cd8 [ AF7DEA6A0E93AF8517A310D189B656BE, 008FE5102EE6B73A8D9AFC2B0E563C6A3567167380FCEDC538278240D2AE1FD4 ] BTATH_BUS C:\WINDOWS\system32\drivers\btath_bus.sys
20:28:56.0647 0x1cd8 BTATH_BUS - ok
20:28:56.0663 0x1cd8 [ C8BF11D79B29BB23A461B65B58BA8593, 35AFAD5ED40304976287E6C982085DF7A91FF48F0320DAC32370FA039AA03C69 ] BtFilter C:\WINDOWS\system32\DRIVERS\btfilter.sys
20:28:56.0679 0x1cd8 BtFilter - ok
20:28:56.0679 0x1cd8 BthAvrcpTg - ok
20:28:56.0694 0x1cd8 BthEnum - ok
20:28:56.0694 0x1cd8 BthHFEnum - ok
20:28:56.0694 0x1cd8 bthhfhid - ok
20:28:56.0694 0x1cd8 BthHFSrv - ok
20:28:56.0694 0x1cd8 BthLEEnum - ok
20:28:56.0710 0x1cd8 BTHMODEM - ok
20:28:56.0710 0x1cd8 BthPan - ok
20:28:56.0710 0x1cd8 BTHPORT - ok
20:28:56.0710 0x1cd8 bthserv - ok
20:28:56.0710 0x1cd8 BTHUSB - ok
20:28:56.0728 0x1cd8 [ 5A458422B4312BAEEFA3E64D321596E6, 1213D86B9B6FBB1414D1D3E5F4B0ED0C68D05EB98C902395AB0F0FC3D8A29AD5 ] busenum C:\WINDOWS\System32\drivers\busenum.sys
20:28:56.0732 0x1cd8 busenum - ok
20:28:56.0732 0x1cd8 buttonconverter - ok
20:28:56.0732 0x1cd8 CapImg - ok
20:28:56.0732 0x1cd8 cdfs - ok
20:28:56.0748 0x1cd8 CDPSvc - ok
20:28:56.0748 0x1cd8 CDPUserSvc - ok
20:28:56.0763 0x1cd8 cdrom - ok
20:28:56.0779 0x1cd8 CertPropSvc - ok
20:28:56.0779 0x1cd8 cfwids - ok
20:28:56.0779 0x1cd8 cht4iscsi - ok
20:28:56.0779 0x1cd8 cht4vbd - ok
20:28:56.0779 0x1cd8 circlass - ok
20:28:56.0795 0x1cd8 CLFS - ok
20:28:56.0795 0x1cd8 ClipSVC - ok
20:28:56.0795 0x1cd8 clreg - ok
20:28:56.0795 0x1cd8 CmBatt - ok
20:28:56.0810 0x1cd8 CNG - ok
20:28:56.0810 0x1cd8 cnghwassist - ok
20:28:56.0848 0x1cd8 [ 579B8A665076612D65107D3C7F80CBF7, EDD2763544A71A580ABC6F3E1F3794B9D20B31522413A6B409398ED900392CCF ] CnxtHdAudService C:\WINDOWS\system32\drivers\CHDRT64.sys
20:28:56.0879 0x1cd8 CnxtHdAudService - ok
20:28:56.0910 0x1cd8 CompositeBus - ok
20:28:56.0910 0x1cd8 COMSysApp - ok
20:28:56.0930 0x1cd8 condrv - ok
20:28:56.0932 0x1cd8 CoreMessagingRegistrar - ok
20:28:57.0010 0x1cd8 [ 75C568E62A2BD89A869C34119A66D19B, 2954F25E511947728FE50AA76ACECE0B6952D1984301027F499E2F3DAAEB65D3 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
20:28:57.0048 0x1cd8 cphs - ok
20:28:57.0048 0x1cd8 CryptSvc - ok
20:28:57.0048 0x1cd8 [ 07F3534C07C5110E9A424C04634C4A8D, 39F97C8A8610A4EFB83A41E490BBDC19261A52DC9827645C1331EFC958F2EDF1 ] CxAudMsg C:\WINDOWS\system32\CxAudMsg64.exe
20:28:57.0063 0x1cd8 CxAudMsg - ok
20:28:57.0063 0x1cd8 dam - ok
20:28:57.0079 0x1cd8 [ A4700D1F78539C0ED32FA50E64F9C692, 5CB03B5F36307BA152245BAD29CB2AC703BBE8197ABC0338A7092ADEA1C3221A ] dc3d C:\WINDOWS\System32\drivers\dc3d.sys
20:28:57.0079 0x1cd8 dc3d - ok
20:28:57.0095 0x1cd8 DcomLaunch - ok
20:28:57.0095 0x1cd8 DcpSvc - ok
20:28:57.0095 0x1cd8 defragsvc - ok
20:28:57.0095 0x1cd8 DeviceAssociationService - ok
20:28:57.0095 0x1cd8 DeviceInstall - ok
20:28:57.0110 0x1cd8 DevQueryBroker - ok
20:28:57.0110 0x1cd8 Dfsc - ok
20:28:57.0110 0x1cd8 [ D722BC26F7431A4DA9A183E56CA9FEE3, 86AB717431CB3DDAF6213A1CFE8DF3684080BAAD569731A90AA1AA198E97506D ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
20:28:57.0132 0x1cd8 dg_ssudbus - ok
20:28:57.0132 0x1cd8 Dhcp - ok
20:28:57.0132 0x1cd8 diagnosticshub.standardcollector.service - ok
20:28:57.0132 0x1cd8 DiagTrack - ok
20:28:57.0132 0x1cd8 disk - ok
20:28:57.0148 0x1cd8 DmEnrollmentSvc - ok
20:28:57.0148 0x1cd8 dmvsc - ok
20:28:57.0148 0x1cd8 dmwappushservice - ok
20:28:57.0148 0x1cd8 Dnscache - ok
20:28:57.0164 0x1cd8 dot3svc - ok
20:28:57.0164 0x1cd8 DPS - ok
20:28:57.0164 0x1cd8 drmkaud - ok
20:28:57.0164 0x1cd8 DsmSvc - ok
20:28:57.0164 0x1cd8 DsSvc - ok
20:28:57.0164 0x1cd8 DXGKrnl - ok
20:28:57.0179 0x1cd8 EapHost - ok
20:28:57.0179 0x1cd8 ebdrv - ok
20:28:57.0179 0x1cd8 EFS - ok
20:28:57.0179 0x1cd8 EhStorClass - ok
20:28:57.0179 0x1cd8 EhStorTcgDrv - ok
20:28:57.0195 0x1cd8 embeddedmode - ok
20:28:57.0195 0x1cd8 EntAppSvc - ok
20:28:57.0195 0x1cd8 ErrDev - ok
20:28:57.0210 0x1cd8 [ 6BD85B39B7B23F03B24CF641ED29147B, 850F21750BB39E5239B1584E1117844CAAAF6A5C58E79366552309F917675CE5 ] ETD C:\WINDOWS\system32\DRIVERS\ETD.sys
20:28:57.0233 0x1cd8 ETD - ok
20:28:57.0233 0x1cd8 [ 8916EACF1256E1C5A3AF81FD39C747E7, FF28FB95E9F9287C1005CF0D9EB84F7CA3D137689862860C9848398504E1EFFF ] ETDService C:\Program Files\Elantech\ETDService.exe
20:28:57.0248 0x1cd8 ETDService - ok
20:28:57.0279 0x1cd8 EventSystem - ok
20:28:57.0279 0x1cd8 exfat - ok
20:28:57.0279 0x1cd8 fastfat - ok
20:28:57.0279 0x1cd8 Fax - ok
20:28:57.0279 0x1cd8 fdc - ok
20:28:57.0295 0x1cd8 fdPHost - ok
20:28:57.0295 0x1cd8 FDResPub - ok
20:28:57.0295 0x1cd8 fhsvc - ok
20:28:57.0295 0x1cd8 FileCrypt - ok
20:28:57.0295 0x1cd8 FileInfo - ok
20:28:57.0311 0x1cd8 Filetrace - ok
20:28:57.0311 0x1cd8 flpydisk - ok
20:28:57.0311 0x1cd8 FltMgr - ok
20:28:57.0311 0x1cd8 FontCache - ok
20:28:57.0311 0x1cd8 FontCache3.0.0.0 - ok
20:28:57.0329 0x1cd8 FrameServer - ok
20:28:57.0331 0x1cd8 FsDepends - ok
20:28:57.0333 0x1cd8 Fs_Rec - ok
20:28:57.0333 0x1cd8 fvevol - ok
20:28:57.0333 0x1cd8 gencounter - ok
20:28:57.0333 0x1cd8 genericusbfn - ok
20:28:57.0395 0x1cd8 [ 21931B9C5FDE6087F47F710AC1BE16E9, A727A8922A9769AAC77F5D85ED3475853655E9483C8DA091653D0B1F3D479398 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
20:28:57.0411 0x1cd8 GfExperienceService - ok
20:28:57.0427 0x1cd8 GPIOClx0101 - ok
20:28:57.0430 0x1cd8 gpsvc - ok
20:28:57.0432 0x1cd8 GpuEnergyDrv - ok
20:28:57.0449 0x1cd8 [ C6FF00DA1605982E616C03BE809FFE2D, 4D9C86B9FF2FA291DC320677D28DF00C26834409F7AD94D6C07D2233ED746B19 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:28:57.0449 0x1cd8 gupdate - ok
20:28:57.0464 0x1cd8 [ C6FF00DA1605982E616C03BE809FFE2D, 4D9C86B9FF2FA291DC320677D28DF00C26834409F7AD94D6C07D2233ED746B19 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:28:57.0464 0x1cd8 gupdatem - ok
20:28:57.0464 0x1cd8 HDAudBus - ok
20:28:57.0480 0x1cd8 HidBatt - ok
20:28:57.0480 0x1cd8 HidBth - ok
20:28:57.0480 0x1cd8 hidi2c - ok
20:28:57.0480 0x1cd8 hidinterrupt - ok
20:28:57.0480 0x1cd8 HidIr - ok
20:28:57.0480 0x1cd8 hidserv - ok
20:28:57.0496 0x1cd8 HidUsb - ok
20:28:57.0496 0x1cd8 HomeGroupListener - ok
20:28:57.0496 0x1cd8 HomeGroupProvider - ok
20:28:57.0496 0x1cd8 HpSAMD - ok
20:28:57.0496 0x1cd8 HTTP - ok
20:28:57.0511 0x1cd8 HvHost - ok
20:28:57.0511 0x1cd8 hvservice - ok
20:28:57.0511 0x1cd8 hwpolicy - ok
20:28:57.0511 0x1cd8 hyperkbd - ok
20:28:57.0527 0x1cd8 i8042prt - ok
20:28:57.0530 0x1cd8 iagpio - ok
20:28:57.0532 0x1cd8 iai2c - ok
20:28:57.0533 0x1cd8 iaLPSS2i_GPIO2 - ok
20:28:57.0533 0x1cd8 iaLPSS2i_I2C - ok
20:28:57.0533 0x1cd8 iaLPSSi_GPIO - ok
20:28:57.0533 0x1cd8 iaLPSSi_I2C - ok
20:28:57.0549 0x1cd8 [ 815499B59D675E42A70894118E7A6422, 2E30C726C8E53C1C6B4F113569287B2F85F0502C13067C8C93C82B3561C760F4 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
20:28:57.0564 0x1cd8 iaStorA - ok
20:28:57.0580 0x1cd8 iaStorAV - ok
20:28:57.0596 0x1cd8 [ A55971BD810EBDEF1E83CE57F5AC091B, 43AAE856E0E1D1647DC8AF37E907DC8FB74C9C388E48A9F68D209AECAA1E54B6 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
20:28:57.0611 0x1cd8 IAStorDataMgrSvc - ok
20:28:57.0611 0x1cd8 iaStorV - ok
20:28:57.0611 0x1cd8 ibbus - ok
20:28:57.0611 0x1cd8 icssvc - ok
20:28:57.0796 0x1cd8 [ 658287D76E8D77C08AE98989F99B8948, DBA67B5772E1FE43ABDB3908A1CF86D76F2774BABC20359D2511F06A2A8CAC57 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
20:28:57.0934 0x1cd8 igfx - ok
20:28:57.0950 0x1cd8 [ A105AD05696D55E6E4F078ED850F6305, 8121A4226D2941EDD4809D516E7684E5C7164ADCF5AA4C8BC6620110625D3E8D ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
20:28:57.0966 0x1cd8 igfxCUIService2.0.0.0 - ok
20:28:57.0966 0x1cd8 IKEEXT - ok
20:28:57.0981 0x1cd8 IndirectKmd - ok
20:28:57.0981 0x1cd8 [ FC7C456AF9B9811499EDBD10616832EE, CA2D8B0E672D3AE449C2FF0B9E142D74E8C72FD877D11162A9F7CC51AF58220F ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
20:28:57.0981 0x1cd8 intaud_WaveExtensible - ok
20:28:57.0997 0x1cd8 [ E300D1E37B737ED14F7A08CD5604E5D9, 5C1135081E29D7F4A97D5CAA2C8FBE1DD04EC7A3D8E648E69F2AA9EBDD88EBBB ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
20:28:58.0012 0x1cd8 IntcDAud - ok
20:28:58.0034 0x1cd8 [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
20:28:58.0065 0x1cd8 Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
20:28:58.0196 0x1cd8 Detect skipped due to KSN trusted
20:28:58.0196 0x1cd8 Intel(R) Capability Licensing Service Interface - ok
20:28:58.0234 0x1cd8 [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
20:28:58.0265 0x1cd8 Intel(R) Capability Licensing Service TCP IP Interface - ok
20:28:58.0265 0x1cd8 intelide - ok
20:28:58.0265 0x1cd8 intelpep - ok
20:28:58.0265 0x1cd8 intelppm - ok
20:28:58.0265 0x1cd8 iorate - ok
20:28:58.0281 0x1cd8 IpFilterDriver - ok
20:28:58.0281 0x1cd8 iphlpsvc - ok
20:28:58.0281 0x1cd8 IPMIDRV - ok
20:28:58.0281 0x1cd8 IPNAT - ok
20:28:58.0312 0x1cd8 [ 2208D673C5D4B22EB0235EA1EC6269CC, 3E73032D67B3B740E11CEA0748CDFFBE35619CBF1AC1C3D86EF089CA326D7918 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:28:58.0334 0x1cd8 iPod Service - ok
20:28:58.0334 0x1cd8 irda - ok
20:28:58.0334 0x1cd8 IRENUM - ok
20:28:58.0350 0x1cd8 irmon - ok
20:28:58.0350 0x1cd8 isapnp - ok
20:28:58.0350 0x1cd8 iScsiPrt - ok
20:28:58.0365 0x1cd8 [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
20:28:58.0381 0x1cd8 jhi_service - ok
20:28:58.0381 0x1cd8 kbdclass - ok
20:28:58.0381 0x1cd8 kbdhid - ok
20:28:58.0397 0x1cd8 kdnic - ok
20:28:58.0397 0x1cd8 KeyIso - ok
20:28:58.0397 0x1cd8 [ ED6314D9982A96A73C95BD634C7FAE66, 034BD8BAE6CC854750DCCDDE59586E0914D87D20448915587CFD2B5537069CAC ] KMDFVirtualKbd C:\WINDOWS\System32\drivers\KMDFVirtualKbd.sys
20:28:58.0397 0x1cd8 KMDFVirtualKbd - ok
20:28:58.0412 0x1cd8 [ 23E3E79A244E63F416A89640359C78B3, 721EBE47CF5617762DA16E0450B5B2DA857F9B04EA3D167770E2A8CA9D31C77C ] KMDFVirtualMouse C:\WINDOWS\System32\drivers\KMDFVirtualMouse.sys
20:28:58.0412 0x1cd8 KMDFVirtualMouse - ok
20:28:58.0412 0x1cd8 KSecDD - ok
20:28:58.0412 0x1cd8 KSecPkg - ok
20:28:58.0434 0x1cd8 ksthunk - ok
20:28:58.0450 0x1cd8 KtmRm - ok
20:28:58.0450 0x1cd8 LanmanServer - ok
20:28:58.0450 0x1cd8 LanmanWorkstation - ok
20:28:58.0481 0x1cd8 [ 8CD7568B0F809731D931144DE376FD16, 78902FA1BED048B336DE71FB82A3614A58BBAA834483F2F2B5ABF4A70FA491F3 ] Lenovo System Agent Service C:\Program Files\Lenovo\iMController\SystemAgentService.exe
20:28:58.0497 0x1cd8 Lenovo System Agent Service - ok
20:28:58.0512 0x1cd8 [ 031199B929009F268A478F0283E1CE32, B7BFB848A03535C16798085D489AB294935955F2982330B39190B2074BF9122B ] LenovoWiFiHotspotSvr C:\Windows\System32\LenovoWiFiHotspotSvr.exe
20:28:58.0512 0x1cd8 LenovoWiFiHotspotSvr - ok
20:28:58.0529 0x1cd8 lfsvc - ok
20:28:58.0532 0x1cd8 LicenseManager - ok
20:28:58.0596 0x1cd8 [ 69145D913B745AFF7D5F5B0349F8593E, 7D7B750DC9BA8DA795DDD1A34996BEE9F63ECE5EFA50B3A88BA13DCB0DA416D1 ] LiveUpdateSvc C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
20:28:58.0650 0x1cd8 LiveUpdateSvc - ok
20:28:58.0650 0x1cd8 lltdio - ok
20:28:58.0650 0x1cd8 lltdsvc - ok
20:28:58.0666 0x1cd8 lmhosts - ok
20:28:58.0681 0x1cd8 [ 3DE66F47365AA8CEB18B1EE272F4FEBA, 8DDD6AB4AEDE3B2FEA0D3B63DD24E3F3422D6ADE067756A3919FCED53C349167 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:28:58.0697 0x1cd8 LMS - ok
20:28:58.0750 0x1cd8 [ 506906AC4867B16B8EF3815D7B5FBED8, 709D65A7A0CE6DF30A4234126A71BF721D5127AFF46394D19AEFCB5E1396390A ] LSCWinService C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
20:28:58.0765 0x1cd8 LSCWinService - ok
20:28:58.0765 0x1cd8 LSI_SAS - ok
20:28:58.0765 0x1cd8 LSI_SAS2i - ok
20:28:58.0765 0x1cd8 LSI_SAS3i - ok
20:28:58.0781 0x1cd8 LSI_SSS - ok
20:28:58.0781 0x1cd8 LSM - ok
20:28:58.0781 0x1cd8 luafv - ok
20:28:58.0812 0x1cd8 [ 02CF33AD83CB69A7CF8598B1CDBC11B6, 9C9C7329F0EB3B94915676E4911BCC04F2FBDFDAF0C98F605B1B5C6606554A0D ] LUService C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
20:28:58.0812 0x1cd8 LUService - ok
20:28:58.0812 0x1cd8 MapsBroker - ok
20:28:58.0812 0x1cd8 megasas - ok
20:28:58.0829 0x1cd8 megasas2i - ok
20:28:58.0831 0x1cd8 megasr - ok
20:28:58.0834 0x1cd8 [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64 C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
20:28:58.0834 0x1cd8 MEIx64 - ok
20:28:58.0834 0x1cd8 MessagingService - ok
20:28:58.0866 0x1cd8 mfeaack - ok
20:28:58.0866 0x1cd8 mfeavfk - ok
20:28:58.0866 0x1cd8 mfeelamk - ok
20:28:58.0897 0x1cd8 mfefire - ok
20:28:58.0897 0x1cd8 mfefirek - ok
20:28:58.0897 0x1cd8 mfehidk - ok
20:28:58.0913 0x1cd8 mfemms - ok
20:28:58.0913 0x1cd8 mfevtp - ok
20:28:58.0913 0x1cd8 mfewfpk - ok
20:28:58.0913 0x1cd8 mlx4_bus - ok
20:28:58.0913 0x1cd8 MMCSS - ok
20:28:58.0930 0x1cd8 Modem - ok
20:28:58.0934 0x1cd8 monitor - ok
20:28:58.0935 0x1cd8 mouclass - ok
20:28:58.0935 0x1cd8 mouhid - ok
20:28:58.0935 0x1cd8 mountmgr - ok
20:28:58.0950 0x1cd8 [ A43F5F2D3D71A902502D61E71A18C265, 9685DABFF80EFFFD28B9B12696BF4821F30989C8441EA0AA3FF0F03ED799AD9D ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:28:58.0966 0x1cd8 MozillaMaintenance - ok
20:28:58.0966 0x1cd8 mpsdrv - ok
20:28:58.0966 0x1cd8 MpsSvc - ok
20:28:58.0982 0x1cd8 MRxDAV - ok
20:28:58.0982 0x1cd8 mrxsmb - ok
20:28:58.0997 0x1cd8 mrxsmb10 - ok
20:28:58.0997 0x1cd8 mrxsmb20 - ok
20:28:58.0997 0x1cd8 MsBridge - ok
20:28:58.0997 0x1cd8 MSDTC - ok
20:28:59.0013 0x1cd8 Msfs - ok
20:28:59.0013 0x1cd8 msgpiowin32 - ok
20:28:59.0013 0x1cd8 mshidkmdf - ok
20:28:59.0013 0x1cd8 mshidumdf - ok
20:28:59.0013 0x1cd8 msisadrv - ok
20:28:59.0031 0x1cd8 MSiSCSI - ok
20:28:59.0034 0x1cd8 msiserver - ok
20:28:59.0035 0x1cd8 MSKSSRV - ok
20:28:59.0035 0x1cd8 MsLldp - ok
20:28:59.0035 0x1cd8 MSPCLOCK - ok
20:28:59.0035 0x1cd8 MSPQM - ok
20:28:59.0035 0x1cd8 MsRPC - ok
20:28:59.0051 0x1cd8 mssmbios - ok
20:28:59.0051 0x1cd8 MSTEE - ok
20:28:59.0051 0x1cd8 MTConfig - ok
20:28:59.0051 0x1cd8 Mup - ok
20:28:59.0051 0x1cd8 mvumis - ok
20:28:59.0066 0x1cd8 NativeWifiP - ok
20:28:59.0066 0x1cd8 NcaSvc - ok
20:28:59.0066 0x1cd8 NcbService - ok
20:28:59.0066 0x1cd8 NcdAutoSetup - ok
20:28:59.0082 0x1cd8 ndfltr - ok
20:28:59.0082 0x1cd8 NDIS - ok
20:28:59.0082 0x1cd8 NdisCap - ok
20:28:59.0082 0x1cd8 NdisImPlatform - ok
20:28:59.0082 0x1cd8 NdisTapi - ok
20:28:59.0097 0x1cd8 Ndisuio - ok
20:28:59.0097 0x1cd8 NdisVirtualBus - ok
20:28:59.0097 0x1cd8 NdisWan - ok
20:28:59.0097 0x1cd8 ndiswanlegacy - ok
20:28:59.0097 0x1cd8 ndproxy - ok
20:28:59.0113 0x1cd8 Ndu - ok
20:28:59.0113 0x1cd8 NetAdapterCx - ok
20:28:59.0113 0x1cd8 NetBIOS - ok
20:28:59.0113 0x1cd8 NetBT - ok
20:28:59.0113 0x1cd8 Netlogon - ok
20:28:59.0130 0x1cd8 Netman - ok
20:28:59.0133 0x1cd8 netprofm - ok
20:28:59.0135 0x1cd8 NetSetupSvc - ok
20:28:59.0135 0x1cd8 NetTcpPortSharing - ok
20:28:59.0151 0x1cd8 NgcCtnrSvc - ok
20:28:59.0151 0x1cd8 NgcSvc - ok
20:28:59.0182 0x1cd8 [ 02E736F9861F1A6134736CF7473C513F, 7C574A50980885B213EFC0C394AFE613879B669246A4EA5EA6B5F791F7F6F32E ] NitroDriverReadSpool9 C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
20:28:59.0198 0x1cd8 NitroDriverReadSpool9 - ok
20:28:59.0198 0x1cd8 NlaSvc - ok
20:28:59.0266 0x1cd8 [ CD2C0C25ECFCF816306126D3C208614B, C0C8B59BDDB349A593DFF5107841EB76618631C867D7C8F234C9ECBD76713CB0 ] nlsX86cc C:\WINDOWS\SysWOW64\NLSSRV32.EXE
20:28:59.0282 0x1cd8 nlsX86cc - ok
20:28:59.0282 0x1cd8 Npfs - ok
20:28:59.0282 0x1cd8 npsvctrig - ok
20:28:59.0297 0x1cd8 nsi - ok
20:28:59.0297 0x1cd8 nsiproxy - ok
20:28:59.0297 0x1cd8 NTFS - ok
20:28:59.0297 0x1cd8 [ 96ACBF3DDC38A52FEE115F577F36568F, DB8CB01971208C8D7A306A5FEDA39A3802195123E6B801DFB905B0E1934D3C96 ] NuidFltr C:\WINDOWS\System32\drivers\NuidFltr.sys
20:28:59.0313 0x1cd8 NuidFltr - ok
20:28:59.0313 0x1cd8 Null - ok
20:28:59.0697 0x1cd8 [ 60328FA27CB565D708CACAC8206037FB, 6D3A4B1B593428CA9F6EB2607C3F5A60DFEB92F4F437956FD916DF6B3B8E27FD ] nvlddmkm C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_7abb66182eb8ed83\nvlddmkm.sys
20:28:59.0944 0x1cd8 nvlddmkm - ok
20:29:00.0006 0x1cd8 [ 72DD6225BA6055472522195F96473639, 27C8F847B247645061C0CD6DFCC986DA27638A9DFE686040160DFDCF7B3A6E72 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
20:29:00.0038 0x1cd8 NvNetworkService - ok
20:29:00.0053 0x1cd8 nvraid - ok
20:29:00.0053 0x1cd8 nvstor - ok
20:29:00.0077 0x1cd8 [ 4680DDDDDBA1CB1D56D49B4A6134155C, BF6E538BC10B23F6D93143F5C48155245852798D4846F401E0DA70A5BCFC74E1 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
20:29:00.0077 0x1cd8 NvStreamKms - ok
20:29:00.0209 0x1cd8 [ E14F52B60581EE71849CD45186892046, 72B3E92CD34489306AB7D794C4C1F67513DE80C72A847DCF7A3EEFE2254762D0 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
20:29:00.0320 0x1cd8 NvStreamSvc - ok
20:29:00.0353 0x1cd8 [ 85397430F424516BF8300FAAEF929366, 2EDF41407C7483AC8E4703BC0A13F764563E4B00D6923FD4678E6E361AC14D6B ] nvsvc C:\WINDOWS\system32\nvvsvc.exe
20:29:00.0384 0x1cd8 nvsvc - ok
20:29:00.0384 0x1cd8 [ 35DFC12FD7E44B7CB8CCD7E5A2B3975A, 36E0E39646636F6E027691E5C3903C51479B3F707BDEA40F460FD27E357DA14E ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
20:29:00.0400 0x1cd8 nvvad_WaveExtensible - ok
20:29:00.0400 0x1cd8 OneSyncSvc - ok
20:29:00.0438 0x1cd8 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:29:00.0438 0x1cd8 ose - ok
20:29:00.0438 0x1cd8 p2pimsvc - ok
20:29:00.0454 0x1cd8 p2psvc - ok
20:29:00.0454 0x1cd8 Parport - ok
20:29:00.0454 0x1cd8 partmgr - ok
20:29:00.0454 0x1cd8 PcaSvc - ok
20:29:00.0469 0x1cd8 pci - ok
20:29:00.0469 0x1cd8 pciide - ok
20:29:00.0469 0x1cd8 pcmcia - ok
20:29:00.0469 0x1cd8 pcw - ok
20:29:00.0469 0x1cd8 pdc - ok
20:29:00.0485 0x1cd8 PEAUTH - ok
20:29:00.0485 0x1cd8 percsas2i - ok
20:29:00.0485 0x1cd8 percsas3i - ok
20:29:00.0516 0x1cd8 PerfHost - ok
20:29:00.0516 0x1cd8 PhoneSvc - ok
20:29:00.0532 0x1cd8 PimIndexMaintenanceSvc - ok
20:29:00.0584 0x1cd8 pla - ok
20:29:00.0584 0x1cd8 PlugPlay - ok
20:29:00.0584 0x1cd8 PNRPAutoReg - ok
20:29:00.0584 0x1cd8 PNRPsvc - ok
20:29:00.0600 0x1cd8 PolicyAgent - ok
20:29:00.0600 0x1cd8 Power - ok
20:29:00.0600 0x1cd8 PptpMiniport - ok
20:29:00.0685 0x1cd8 [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
20:29:00.0785 0x1cd8 PrintNotify - ok
20:29:00.0801 0x1cd8 Processor - ok
20:29:00.0801 0x1cd8 ProfSvc - ok
20:29:00.0801 0x1cd8 Psched - ok
20:29:00.0801 0x1cd8 QWAVE - ok
20:29:00.0817 0x1cd8 QWAVEdrv - ok
20:29:00.0817 0x1cd8 RasAcd - ok
20:29:00.0817 0x1cd8 RasAgileVpn - ok
20:29:00.0817 0x1cd8 RasAuto - ok
20:29:00.0817 0x1cd8 Rasl2tp - ok
20:29:00.0833 0x1cd8 RasMan - ok
20:29:00.0836 0x1cd8 RasPppoe - ok
20:29:00.0839 0x1cd8 RasSstp - ok
20:29:00.0839 0x1cd8 rdbss - ok
20:29:00.0839 0x1cd8 rdpbus - ok
20:29:00.0839 0x1cd8 RDPDR - ok
20:29:00.0854 0x1cd8 RdpVideoMiniport - ok
20:29:00.0854 0x1cd8 rdyboost - ok
20:29:00.0854 0x1cd8 ReFSv1 - ok
20:29:00.0854 0x1cd8 RemoteAccess - ok
20:29:00.0854 0x1cd8 RemoteRegistry - ok
20:29:00.0870 0x1cd8 RetailDemo - ok
20:29:00.0870 0x1cd8 RFCOMM - ok
20:29:00.0901 0x1cd8 [ FBA61BB4C484A01A655AFB18FF86C417, D53B2110CB09D0A909C4E330C468351BFE076BB056CCDDCB8ADA2FB91E96352E ] RichVideo64 C:\Program Files\CyberLink\Shared files\RichVideo64.exe
20:29:00.0901 0x1cd8 RichVideo64 - ok
20:29:00.0917 0x1cd8 RmSvc - ok
20:29:00.0917 0x1cd8 RpcEptMapper - ok
20:29:00.0917 0x1cd8 RpcLocator - ok
20:29:00.0917 0x1cd8 RpcSs - ok
20:29:00.0917 0x1cd8 rspndr - ok
20:29:00.0938 0x1cd8 [ D5C3918E3EF787A41172B8E5348247F0, 033E5E6037CDFE65D26AD834ACD2B652EEED66BA48753F7B319C9FD41CE4F180 ] RTL8168 C:\WINDOWS\System32\drivers\Rt630x64.sys
20:29:00.0969 0x1cd8 RTL8168 - ok
20:29:00.0985 0x1cd8 [ 87CCF37EC2858FCF7689F8FC0B72F39A, 60B71BDC7388887AC7EB2C869DEAF86DD06B7EB9DEE3CF4F4DFE2D1BCE3BDAA8 ] RTSUER C:\WINDOWS\system32\Drivers\RtsUer.sys
20:29:00.0985 0x1cd8 RTSUER - ok
20:29:01.0001 0x1cd8 s3cap - ok
20:29:01.0001 0x1cd8 SamSs - ok
20:29:01.0001 0x1cd8 SAService - ok
20:29:01.0001 0x1cd8 sbp2port - ok
20:29:01.0016 0x1cd8 SCardSvr - ok
20:29:01.0016 0x1cd8 ScDeviceEnum - ok
20:29:01.0016 0x1cd8 scfilter - ok
20:29:01.0016 0x1cd8 Schedule - ok
20:29:01.0016 0x1cd8 scmbus - ok
20:29:01.0033 0x1cd8 scmdisk0101 - ok
20:29:01.0037 0x1cd8 SCPolicySvc - ok
20:29:01.0038 0x1cd8 sdbus - ok
20:29:01.0054 0x1cd8 SDRSVC - ok
20:29:01.0054 0x1cd8 sdstor - ok
20:29:01.0054 0x1cd8 seclogon - ok
20:29:01.0070 0x1cd8 SENS - ok
20:29:01.0070 0x1cd8 SensorDataService - ok
20:29:01.0070 0x1cd8 SensorService - ok
20:29:01.0070 0x1cd8 SensrSvc - ok
20:29:01.0085 0x1cd8 SerCx - ok
20:29:01.0085 0x1cd8 SerCx2 - ok
20:29:01.0085 0x1cd8 Serenum - ok
20:29:01.0085 0x1cd8 Serial - ok
20:29:01.0085 0x1cd8 sermouse - ok
20:29:01.0101 0x1cd8 SessionEnv - ok
20:29:01.0101 0x1cd8 sfloppy - ok
20:29:01.0101 0x1cd8 SharedAccess - ok
20:29:01.0117 0x1cd8 ShellHWDetection - ok
20:29:01.0117 0x1cd8 shpamsvc - ok
20:29:01.0117 0x1cd8 SiSRaid2 - ok
20:29:01.0133 0x1cd8 SiSRaid4 - ok
20:29:01.0138 0x1cd8 smphost - ok
20:29:01.0138 0x1cd8 SmsRouter - ok
20:29:01.0154 0x1cd8 SNMPTRAP - ok
20:29:01.0239 0x1cd8 [ B75529B026C4E61E4E50AE5334D91D39, 9A539028B68C889B5F179BE11B1E3087966C2375B6F7029263B22D39C9E4AEEF ] SNP2UVC C:\WINDOWS\system32\DRIVERS\snp2uvc.sys
20:29:01.0302 0x1cd8 SNP2UVC - ok
20:29:01.0317 0x1cd8 spaceport - ok
20:29:01.0317 0x1cd8 SpbCx - ok
20:29:01.0317 0x1cd8 Spooler - ok
20:29:01.0317 0x1cd8 sppsvc - ok
20:29:01.0334 0x1cd8 srv - ok
20:29:01.0338 0x1cd8 srv2 - ok
20:29:01.0339 0x1cd8 srvnet - ok
20:29:01.0355 0x1cd8 SSDPSRV - ok
20:29:01.0355 0x1cd8 SstpSvc - ok
20:29:01.0355 0x1cd8 [ 36C3697CA09B23C77BDF95A6B0B57310, DAEF9CFBDE444A80FB41DA0BC5C3C4E1E4B535497A5EDA43EC8768A6EC42E4EA ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
20:29:01.0371 0x1cd8 ssudmdm - ok
20:29:01.0386 0x1cd8 [ 76F7D7217FBDAB77798A2A244ACD641F, E65CF2CE789E721CEFCA35DF5100304C56135459DA2421DB2A0DF9E6E9DDE70F ] ssudserd C:\WINDOWS\system32\DRIVERS\ssudserd.sys
20:29:01.0386 0x1cd8 ssudserd - ok
20:29:01.0402 0x1cd8 StateRepository - ok
20:29:01.0402 0x1cd8 stexstor - ok
20:29:01.0402 0x1cd8 stisvc - ok
20:29:01.0402 0x1cd8 storahci - ok
20:29:01.0417 0x1cd8 storflt - ok
20:29:01.0417 0x1cd8 stornvme - ok
20:29:01.0417 0x1cd8 storqosflt - ok
20:29:01.0417 0x1cd8 StorSvc - ok
20:29:01.0417 0x1cd8 storufs - ok
20:29:01.0435 0x1cd8 storvsc - ok
20:29:01.0439 0x1cd8 svsvc - ok
20:29:01.0439 0x1cd8 swenum - ok
20:29:01.0439 0x1cd8 swprv - ok
20:29:01.0439 0x1cd8 Synth3dVsc - ok
20:29:01.0439 0x1cd8 SysMain - ok
20:29:01.0455 0x1cd8 SystemEventsBroker - ok
20:29:01.0455 0x1cd8 TabletInputService - ok
20:29:01.0455 0x1cd8 TapiSrv - ok
20:29:01.0455 0x1cd8 Tcpip - ok
20:29:01.0470 0x1cd8 Tcpip6 - ok
20:29:01.0470 0x1cd8 tcpipreg - ok
20:29:01.0470 0x1cd8 tdx - ok
20:29:01.0470 0x1cd8 terminpt - ok
20:29:01.0486 0x1cd8 TermService - ok
20:29:01.0486 0x1cd8 Themes - ok
20:29:01.0486 0x1cd8 TieringEngineService - ok
20:29:01.0486 0x1cd8 tiledatamodelsvc - ok
20:29:01.0502 0x1cd8 TimeBrokerSvc - ok
20:29:01.0502 0x1cd8 TPM - ok
20:29:01.0502 0x1cd8 TrkWks - ok
20:29:01.0502 0x1cd8 TrustedInstaller - ok
20:29:01.0517 0x1cd8 tsusbflt - ok
20:29:01.0517 0x1cd8 TsUsbGD - ok
20:29:01.0517 0x1cd8 tunnel - ok
20:29:01.0517 0x1cd8 tzautoupdate - ok
20:29:01.0517 0x1cd8 UASPStor - ok
20:29:01.0536 0x1cd8 UcmCx0101 - ok
20:29:01.0539 0x1cd8 UcmTcpciCx0101 - ok
20:29:01.0539 0x1cd8 UcmUcsi - ok
20:29:01.0539 0x1cd8 Ucx01000 - ok
20:29:01.0539 0x1cd8 UdeCx - ok
20:29:01.0539 0x1cd8 udfs - ok
20:29:01.0555 0x1cd8 UEFI - ok
20:29:01.0555 0x1cd8 Ufx01000 - ok
20:29:01.0555 0x1cd8 UfxChipidea - ok
20:29:01.0555 0x1cd8 ufxsynopsys - ok
20:29:01.0571 0x1cd8 UI0Detect - ok
20:29:01.0571 0x1cd8 umbus - ok
20:29:01.0571 0x1cd8 UmPass - ok
20:29:01.0571 0x1cd8 UmRdpService - ok
20:29:01.0586 0x1cd8 UnistoreSvc - ok
20:29:01.0602 0x1cd8 upnphost - ok
20:29:01.0602 0x1cd8 UrsChipidea - ok
20:29:01.0618 0x1cd8 UrsCx01000 - ok
20:29:01.0618 0x1cd8 UrsSynopsys - ok
20:29:01.0618 0x1cd8 usbccgp - ok
20:29:01.0618 0x1cd8 usbcir - ok
20:29:01.0655 0x1cd8 [ 635686E528F2C9CB916EC1BB04EE6AD1, 080A0F209773232860F510F17005EF92650BA831F69BB0006AEF11A2BB0A4906 ] UsbClientService C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
20:29:01.0671 0x1cd8 UsbClientService - detected UnsignedFile.Multi.Generic ( 1 )
20:29:01.0802 0x1cd8 Detect skipped due to KSN trusted
20:29:01.0802 0x1cd8 UsbClientService - ok
20:29:01.0802 0x1cd8 usbehci - ok
20:29:01.0802 0x1cd8 usbhub - ok
20:29:01.0802 0x1cd8 USBHUB3 - ok
20:29:01.0818 0x1cd8 usbohci - ok
20:29:01.0818 0x1cd8 usbprint - ok
20:29:01.0818 0x1cd8 usbser - ok
20:29:01.0818 0x1cd8 USBSTOR - ok
20:29:01.0818 0x1cd8 usbuhci - ok
20:29:01.0836 0x1cd8 USBXHCI - ok
20:29:01.0840 0x1cd8 UserDataSvc - ok
20:29:01.0840 0x1cd8 UserManager - ok
20:29:01.0840 0x1cd8 UsoSvc - ok
20:29:01.0840 0x1cd8 VaultSvc - ok
20:29:01.0855 0x1cd8 vdrvroot - ok
20:29:01.0855 0x1cd8 vds - ok
20:29:01.0855 0x1cd8 VerifierExt - ok
20:29:01.0855 0x1cd8 vhdmp - ok
20:29:01.0855 0x1cd8 vhf - ok
20:29:01.0871 0x1cd8 vmbus - ok
20:29:01.0871 0x1cd8 VMBusHID - ok
20:29:01.0871 0x1cd8 vmgid - ok
20:29:01.0871 0x1cd8 vmicguestinterface - ok
20:29:01.0887 0x1cd8 vmicheartbeat - ok
20:29:01.0887 0x1cd8 vmickvpexchange - ok
20:29:01.0887 0x1cd8 vmicrdv - ok
20:29:01.0887 0x1cd8 vmicshutdown - ok
20:29:01.0902 0x1cd8 vmictimesync - ok
20:29:01.0902 0x1cd8 vmicvmsession - ok
20:29:01.0902 0x1cd8 vmicvss - ok
20:29:01.0902 0x1cd8 volmgr - ok
20:29:01.0902 0x1cd8 volmgrx - ok
20:29:01.0918 0x1cd8 volsnap - ok
20:29:01.0918 0x1cd8 volume - ok
20:29:01.0918 0x1cd8 vpci - ok
20:29:01.0918 0x1cd8 vsmraid - ok
20:29:01.0937 0x1cd8 VSS - ok
20:29:01.0940 0x1cd8 VSTXRAID - ok
20:29:01.0940 0x1cd8 vwifibus - ok
20:29:01.0940 0x1cd8 vwififlt - ok
20:29:01.0940 0x1cd8 vwifimp - ok
20:29:01.0940 0x1cd8 W32Time - ok
20:29:01.0955 0x1cd8 WacomPen - ok
20:29:01.0955 0x1cd8 WalletService - ok
20:29:01.0955 0x1cd8 wanarp - ok
20:29:01.0955 0x1cd8 wanarpv6 - ok
20:29:01.0971 0x1cd8 wbengine - ok
20:29:01.0971 0x1cd8 WbioSrvc - ok
20:29:01.0971 0x1cd8 wcifs - ok
20:29:01.0971 0x1cd8 Wcmsvc - ok
20:29:01.0987 0x1cd8 wcncsvc - ok
20:29:01.0987 0x1cd8 wcnfs - ok
20:29:01.0987 0x1cd8 WdBoot - ok
20:29:01.0987 0x1cd8 Wdf01000 - ok
20:29:01.0987 0x1cd8 WdFilter - ok
20:29:02.0002 0x1cd8 WdiServiceHost - ok
20:29:02.0002 0x1cd8 WdiSystemHost - ok
20:29:02.0002 0x1cd8 wdiwifi - ok
20:29:02.0002 0x1cd8 WdNisDrv - ok
20:29:02.0018 0x1cd8 WdNisSvc - ok
20:29:02.0018 0x1cd8 WebClient - ok
20:29:02.0018 0x1cd8 Wecsvc - ok
20:29:02.0018 0x1cd8 WEPHOSTSVC - ok
20:29:02.0036 0x1cd8 wercplsupport - ok
20:29:02.0039 0x1cd8 WerSvc - ok
20:29:02.0040 0x1cd8 WFPLWFS - ok
20:29:02.0040 0x1cd8 WiaRpc - ok
20:29:02.0040 0x1cd8 WIMMount - ok
20:29:02.0040 0x1cd8 WinDefend - ok
20:29:02.0056 0x1cd8 WindowsTrustedRT - ok
20:29:02.0056 0x1cd8 WindowsTrustedRTProxy - ok
20:29:02.0056 0x1cd8 WinHttpAutoProxySvc - ok
20:29:02.0071 0x1cd8 WinMad - ok
20:29:02.0071 0x1cd8 Winmgmt - ok
20:29:02.0071 0x1cd8 WinRM - ok
20:29:02.0103 0x1cd8 WINUSB - ok
20:29:02.0118 0x1cd8 WinVerbs - ok
20:29:02.0118 0x1cd8 [ 3A627A24EAC6CEC3BA59548AA70BAD6E, C4B908CEB2D6F7F14C635AE02E20B16DAF795073975AE3967627D27E8ABAB015 ] WirelessKeyboardFilter C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys
20:29:02.0134 0x1cd8 WirelessKeyboardFilter - ok
20:29:02.0139 0x1cd8 wisvc - ok
20:29:02.0140 0x1cd8 WlanSvc - ok
20:29:02.0140 0x1cd8 wlidsvc - ok
20:29:02.0140 0x1cd8 WmiAcpi - ok
20:29:02.0156 0x1cd8 wmiApSrv - ok
20:29:02.0156 0x1cd8 WMPNetworkSvc - ok
20:29:02.0171 0x1cd8 Wof - ok
20:29:02.0187 0x1cd8 workfolderssvc - ok
20:29:02.0187 0x1cd8 WPDBusEnum - ok
20:29:02.0187 0x1cd8 WpdUpFltr - ok
20:29:02.0187 0x1cd8 WpnService - ok
20:29:02.0202 0x1cd8 WpnUserService - ok
20:29:02.0202 0x1cd8 ws2ifsl - ok
20:29:02.0202 0x1cd8 wscsvc - ok
20:29:02.0202 0x1cd8 WSearch - ok
20:29:02.0218 0x1cd8 [ 72B4E9DF6456C43C42A1419B09486045, 536BA7377B5BEA7EA46864453933111DB88DB8FB689C68915ACD7261A996E61D ] wsvd C:\WINDOWS\system32\DRIVERS\wsvd.sys
20:29:02.0218 0x1cd8 wsvd - ok
20:29:02.0237 0x1cd8 wuauserv - ok
20:29:02.0240 0x1cd8 WudfPf - ok
20:29:02.0240 0x1cd8 WUDFRd - ok
20:29:02.0240 0x1cd8 wudfsvc - ok
20:29:02.0240 0x1cd8 WUDFWpdFs - ok
20:29:02.0240 0x1cd8 WwanSvc - ok
20:29:02.0256 0x1cd8 XblAuthManager - ok
20:29:02.0256 0x1cd8 XblGameSave - ok
20:29:02.0256 0x1cd8 xboxgip - ok
20:29:02.0272 0x1cd8 XboxNetApiSvc - ok
20:29:02.0272 0x1cd8 xinputhid - ok
20:29:02.0303 0x1cd8 [ 86B8B1F5C1189D68B07666784BE882FE, 0DD8C627F3DDBDB61B1910540C465C0D62C9F8D84C7CBB6C80782DB02D535AF0 ] ZAtheros Bt and Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
20:29:02.0303 0x1cd8 ZAtheros Bt and Wlan Coex Agent - detected UnsignedFile.Multi.Generic ( 1 )
20:29:02.0435 0x1cd8 Detect skipped due to KSN trusted
20:29:02.0435 0x1cd8 ZAtheros Bt and Wlan Coex Agent - ok
20:29:02.0436 0x1cd8 ================ Scan global ===============================
20:29:02.0487 0x1cd8 [ Global ] - ok
20:29:02.0487 0x1cd8 ================ Scan MBR ==================================
20:29:02.0487 0x1cd8 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
20:29:02.0587 0x1cd8 \Device\Harddisk0\DR0 - ok
20:29:02.0587 0x1cd8 ================ Scan VBR ==================================
20:29:02.0602 0x1cd8 [ 5508E74DBB8C8F15E7689A184AF64CC0 ] \Device\Harddisk0\DR0\Partition1
20:29:02.0602 0x1cd8 \Device\Harddisk0\DR0\Partition1 - ok
20:29:02.0618 0x1cd8 [ 068D79907B55C61A3491FAE4495E37D8 ] \Device\Harddisk0\DR0\Partition2
20:29:02.0618 0x1cd8 \Device\Harddisk0\DR0\Partition2 - ok
20:29:02.0618 0x1cd8 [ 159364151B3D00BE38DD3AE06A065248 ] \Device\Harddisk0\DR0\Partition3
20:29:02.0618 0x1cd8 \Device\Harddisk0\DR0\Partition3 - ok
20:29:02.0618 0x1cd8 [ 84833E3E69F2AA95FF524F3C579ABBA8 ] \Device\Harddisk0\DR0\Partition4
20:29:02.0618 0x1cd8 \Device\Harddisk0\DR0\Partition4 - ok
20:29:02.0634 0x1cd8 [ 521ED6B906329C1AC37C02C20CB12469 ] \Device\Harddisk0\DR0\Partition5
20:29:02.0635 0x1cd8 \Device\Harddisk0\DR0\Partition5 - ok
20:29:02.0637 0x1cd8 [ E6F794032F8F6F3F9900F1BE514FA30A ] \Device\Harddisk0\DR0\Partition6
20:29:02.0639 0x1cd8 \Device\Harddisk0\DR0\Partition6 - ok
20:29:02.0655 0x1cd8 [ 8C50D30BAA5B552BA3B21A8CF81D8BEB ] \Device\Harddisk0\DR0\Partition7
20:29:02.0655 0x1cd8 \Device\Harddisk0\DR0\Partition7 - ok
20:29:02.0655 0x1cd8 ================ Scan generic autorun ======================
20:29:02.0655 0x1cd8 ETDCtrl - ok
20:29:02.0718 0x1cd8 [ 235F426670EC4117EADD24A6185A48B9, 609FEE1CE0BE381C81F2F943066FBFC0E8F5043FEDB25E6FBD3F0C174DA17F4F ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
20:29:02.0718 0x1cd8 IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
20:29:02.0843 0x1cd8 Detect skipped due to KSN trusted
20:29:02.0843 0x1cd8 IAStorIcon - ok
20:29:02.0875 0x1cd8 [ 42361B4BD80768E82B80285851037665, A555A6BF8016645B838FEA993AD273D1F472586F3600619DC243B1C33438FA07 ] C:\Program Files\Conexant\ForteConfig\fmapp.exe
20:29:02.0875 0x1cd8 ForteConfig - ok
20:29:02.0944 0x1cd8 [ 4F8B94EC4D4FFA0712CCADF8145F28D1, 6CED9332100CA71FB17930AAC4ED1798E6F3A83CEBEE0A3412EFA01F6F1A6F22 ] C:\Program Files\CONEXANT\SAII\SACpl.exe
20:29:02.0975 0x1cd8 SmartAudio - ok
20:29:03.0041 0x1cd8 [ B58355B1B1C91433B4B119083C7F28B3, CE8272FB392C519D3F1921CE11AF12E0CEE3F96141DCCBF5C40110DA3F9B92BD ] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
20:29:03.0060 0x1cd8 cAudioFilterAgent - ok
20:29:03.0432 0x1cd8 [ 6DB938E782F688C788441AB389B9FC78, 195875E58457FE5CD6E81AD48576186060D4B44FD415DAF881541199808C1BCE ] C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
20:29:03.0707 0x1cd8 Energy Manager - ok
20:29:03.0963 0x1cd8 [ E3D9352D2EE0A4343FE2A4A99FCBCB06, 886D243B569BF11118D19B27DE39DE1E42D471B3DA0C9A397E301E17519C6C42 ] C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe
20:29:04.0150 0x1cd8 Lenovo Utility - ok
20:29:04.0175 0x1cd8 [ 02A27FC0972181EF743160BE9F62F2B4, 0E5B5684E892B1CE83C8A50A23F8478E8D01E2DD283337B5B263FDA4C2654E9F ] C:\Program Files\iTunes\iTunesHelper.exe
20:29:04.0175 0x1cd8 iTunesHelper - ok
20:29:04.0238 0x1cd8 [ 463C40BFC0FB8FF59049E2CA78695A40, 8D693A061A19E47CCADEEC844D4ACF59B5CD3CE97452018807884D2ACBEDA7FF ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
20:29:04.0291 0x1cd8 NvBackend - ok
20:29:04.0291 0x1cd8 ShadowPlay - ok
20:29:04.0291 0x1cd8 WindowsDefender - ok
20:29:04.0291 0x1cd8 snp2uvc - ok
20:29:04.0354 0x1cd8 [ 8F83160C43C61FC6775391B46B7C16BF, 648588126B2CD0B9F50F478BF4F7474137D1285061A3B22B56C1CB5B4FD3C3BF ] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe
20:29:04.0354 0x1cd8 UpdateP2GShortCut - ok
20:29:04.0394 0x1cd8 [ 0080EB1CDD83F14C01534B1DC754234D, D0FC9B95A12D0C92730F8031B3DB287D1309008CF15EA0C02FC14B56FAE8C320 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
20:29:04.0394 0x1cd8 APSDaemon - ok
20:29:04.0409 0x1cd8 [ F655E4A1AED366E96E5D5AA397E0F255, F8573CCA72FA25079B8CE2FC5D30379487E2905B109C73C741FAB31589FA49E1 ] C:\Program Files (x86)\QuickTime\QTTask.exe
20:29:04.0425 0x1cd8 QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
20:29:04.0556 0x1cd8 Detect skipped due to KSN trusted
20:29:04.0556 0x1cd8 QuickTime Task - ok
20:29:04.0578 0x1cd8 [ 793D7221E5EC69EA615349A13B702B8C, 1545C9634A6599FE4B35419B1B40932797FE2E7DF0B5F27D6698810CC075CF86 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
20:29:04.0594 0x1cd8 SunJavaUpdateSched - ok
20:29:04.0673 0x1cd8 OneDriveSetup - ok
20:29:04.0675 0x1cd8 OneDriveSetup - ok
20:29:04.0725 0x1cd8 [ 1C86704AA82D7AB48B489E9B8B6481B9, 0C11A77BF900FA23BC934A0C54AFC6A46A6B6C521C33585614A7660F8EDB300C ] C:\Users\haukilein\AppData\Roaming\Spotify\SpotifyWebHelper.exe
20:29:04.0741 0x1cd8 Spotify Web Helper - ok
20:29:04.0779 0x1cd8 [ FC2343B581874C0ABB3AC090292DF403, 59954BEA312175B0DE773F1751BC5D406D63C1D62BF72C68C459C61965DC4043 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
20:29:04.0794 0x1cd8 GoogleChromeAutoLaunch_40CA0EC59910C2568A5F1CC3477E6C74 - ok
20:29:04.0979 0x1cd8 [ 9BC607E9527BEC3346DAA61443362502, D075DF179D28010A2AF6FA94F7BDD34C8E54AFD4700F5A1CB86FB0B787E0863E ] C:\Users\haukilein\AppData\Roaming\Spotify\Spotify.exe
20:29:05.0110 0x1cd8 Spotify - ok
20:29:05.0142 0x1cd8 [ 1D7DD340E13DF9585EABB849CFC3E11B, 31CCD9753402DC030C641214B4ECB48A757BCD9F427A143A88745C62EFF87766 ] C:\Users\haukilein\AppData\Local\Microsoft\OneDrive\OneDrive.exe
20:29:05.0157 0x1cd8 OneDrive - ok
20:29:05.0157 0x1cd8 Waiting for KSN requests completion. In queue: 69
20:29:06.0175 0x1cd8 Waiting for KSN requests completion. In queue: 69
20:29:07.0184 0x1cd8 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x61100 ( enabled : updated )
20:29:07.0184 0x1cd8 Win FW state via NFP2: enabled ( trusted )
20:29:07.0331 0x1cd8 ============================================================
20:29:07.0331 0x1cd8 Scan finished
20:29:07.0331 0x1cd8 ============================================================
20:29:07.0331 0x2a90 Detected object count: 0
20:29:07.0331 0x2a90 Actual detected object count: 0 Also keine Ahnung wegen des Abos bei McAfee. Für mich ist der PC ein Arbeitsgerät, welches funktionieren muss. Wenn es was besseres oder kostenfreies gibt, was sollte ich nehmen? Kaspersky? Dann kündige ich McAfee eben. Tips willkommen. Danke bis hierher...
:kaffee: |