Exploit:JS/Blacole.HP

Ulli13 · 05.08.2012, 12:12

Code:

ATTFilter

13:07:01.0782 3496	TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
13:07:01.0989 3496	============================================================
13:07:01.0989 3496	Current date / time: 2012/08/05 13:07:01.0989
13:07:01.0989 3496	SystemInfo:
13:07:01.0989 3496	
13:07:01.0989 3496	OS Version: 6.1.7601 ServicePack: 1.0
13:07:01.0989 3496	Product type: Workstation
13:07:01.0989 3496	ComputerName: ***-PC
13:07:01.0989 3496	UserName: ***
13:07:01.0989 3496	Windows directory: C:\Windows
13:07:01.0989 3496	System windows directory: C:\Windows
13:07:01.0989 3496	Running under WOW64
13:07:01.0989 3496	Processor architecture: Intel x64
13:07:01.0989 3496	Number of processors: 4
13:07:01.0989 3496	Page size: 0x1000
13:07:01.0989 3496	Boot type: Normal boot
13:07:01.0989 3496	============================================================
13:07:05.0530 3496	Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:07:05.0535 3496	============================================================
13:07:05.0535 3496	\Device\Harddisk0\DR0:
13:07:05.0535 3496	MBR partitions:
13:07:05.0535 3496	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A380D41
13:07:05.0535 3496	============================================================
13:07:05.0549 3496	C: <-> \Device\Harddisk0\DR0\Partition0
13:07:05.0549 3496	============================================================
13:07:05.0549 3496	Initialize success
13:07:05.0549 3496	============================================================
13:07:55.0845 4064	============================================================
13:07:55.0845 4064	Scan started
13:07:55.0845 4064	Mode: Manual; SigCheck; TDLFS; 
13:07:55.0845 4064	============================================================
13:07:57.0202 4064	1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
13:07:57.0295 4064	1394ohci - ok
13:07:57.0342 4064	ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
13:07:57.0358 4064	ACPI - ok
13:07:57.0373 4064	AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
13:07:57.0436 4064	AcpiPmi - ok
13:07:57.0514 4064	AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:07:57.0529 4064	AdobeARMservice - ok
13:07:57.0576 4064	adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
13:07:57.0592 4064	adp94xx - ok
13:07:57.0623 4064	adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
13:07:57.0639 4064	adpahci - ok
13:07:57.0639 4064	adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
13:07:57.0654 4064	adpu320 - ok
13:07:57.0685 4064	AeLookupSvc     (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
13:07:57.0763 4064	AeLookupSvc - ok
13:07:57.0810 4064	AFD             (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
13:07:57.0857 4064	AFD - ok
13:07:57.0904 4064	agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
13:07:57.0904 4064	agp440 - ok
13:07:57.0951 4064	ALG             (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
13:07:57.0982 4064	ALG - ok
13:07:58.0013 4064	aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
13:07:58.0029 4064	aliide - ok
13:07:58.0075 4064	AMD External Events Utility (514089cb4a7df38dc4dd936ade4114d3) C:\Windows\system32\atiesrxx.exe
13:07:58.0138 4064	AMD External Events Utility - ok
13:07:58.0216 4064	AMD FUEL Service - ok
13:07:58.0231 4064	amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
13:07:58.0247 4064	amdide - ok
13:07:58.0278 4064	AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
13:07:58.0325 4064	AmdK8 - ok
13:07:58.0746 4064	amdkmdag        (9a4b92150a5e259a7159d914cc3a60d7) C:\Windows\system32\DRIVERS\atikmdag.sys
13:07:58.0933 4064	amdkmdag - ok
13:07:59.0152 4064	amdkmdap        (9deb889d152f9c9dba98be8986084535) C:\Windows\system32\DRIVERS\atikmpag.sys
13:07:59.0183 4064	amdkmdap - ok
13:07:59.0199 4064	AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
13:07:59.0230 4064	AmdPPM - ok
13:07:59.0261 4064	amdsata         (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
13:07:59.0277 4064	amdsata - ok
13:07:59.0292 4064	amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
13:07:59.0323 4064	amdsbs - ok
13:07:59.0323 4064	amdxata         (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
13:07:59.0339 4064	amdxata - ok
13:07:59.0417 4064	AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
13:07:59.0417 4064	AntiVirSchedulerService - ok
13:07:59.0433 4064	AntiVirService  (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
13:07:59.0448 4064	AntiVirService - ok
13:07:59.0479 4064	AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
13:07:59.0573 4064	AppID - ok
13:07:59.0589 4064	AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
13:07:59.0620 4064	AppIDSvc - ok
13:07:59.0667 4064	Appinfo         (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
13:07:59.0682 4064	Appinfo - ok
13:07:59.0729 4064	arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
13:07:59.0729 4064	arc - ok
13:07:59.0745 4064	arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
13:07:59.0745 4064	arcsas - ok
13:07:59.0838 4064	AsIO            (a82c01606dc27d05d9d3bfb6bb807e32) C:\Windows\syswow64\drivers\AsIO.sys
13:07:59.0854 4064	AsIO - ok
13:07:59.0869 4064	AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
13:07:59.0916 4064	AsyncMac - ok
13:07:59.0932 4064	atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
13:07:59.0947 4064	atapi - ok
13:07:59.0994 4064	AtiHDAudioService (cbd14f698def12ee3557604b726cb8eb) C:\Windows\system32\drivers\AtihdW76.sys
13:07:59.0994 4064	AtiHDAudioService - ok
13:08:02.0849 4064	atikmdag        (9a4b92150a5e259a7159d914cc3a60d7) C:\Windows\system32\DRIVERS\atikmdag.sys
13:08:02.0943 4064	atikmdag - ok
13:08:03.0208 4064	AtiPcie         (c07a040d6b5a42dd41ee386cf90974c8) C:\Windows\system32\DRIVERS\AtiPcie.sys
13:08:03.0208 4064	AtiPcie - ok
13:08:03.0301 4064	AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
13:08:03.0364 4064	AudioEndpointBuilder - ok
13:08:03.0364 4064	AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
13:08:03.0395 4064	AudioSrv - ok
13:08:03.0489 4064	avgntflt        (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys
13:08:03.0504 4064	avgntflt - ok
13:08:03.0551 4064	avipbb          (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys
13:08:03.0567 4064	avipbb - ok
13:08:03.0582 4064	avkmgr          (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
13:08:03.0582 4064	avkmgr - ok
13:08:03.0613 4064	AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
13:08:03.0676 4064	AxInstSV - ok
13:08:03.0738 4064	b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
13:08:03.0785 4064	b06bdrv - ok
13:08:03.0832 4064	b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
13:08:03.0863 4064	b57nd60a - ok
13:08:03.0910 4064	BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
13:08:03.0941 4064	BDESVC - ok
13:08:03.0957 4064	Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
13:08:04.0003 4064	Beep - ok
13:08:04.0081 4064	BFE             (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
13:08:04.0128 4064	BFE - ok
13:08:04.0237 4064	BITS            (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
13:08:04.0315 4064	BITS - ok
13:08:04.0347 4064	blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
13:08:04.0362 4064	blbdrive - ok
13:08:04.0393 4064	bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
13:08:04.0409 4064	bowser - ok
13:08:04.0440 4064	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:08:04.0471 4064	BrFiltLo - ok
13:08:04.0487 4064	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:08:04.0503 4064	BrFiltUp - ok
13:08:04.0518 4064	Browser         (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
13:08:04.0581 4064	Browser - ok
13:08:04.0627 4064	Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
13:08:04.0659 4064	Brserid - ok
13:08:04.0674 4064	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
13:08:04.0690 4064	BrSerWdm - ok
13:08:04.0721 4064	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
13:08:04.0737 4064	BrUsbMdm - ok
13:08:04.0768 4064	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
13:08:04.0783 4064	BrUsbSer - ok
13:08:04.0799 4064	BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
13:08:04.0815 4064	BTHMODEM - ok
13:08:04.0846 4064	bthserv         (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
13:08:04.0908 4064	bthserv - ok
13:08:04.0955 4064	cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
13:08:05.0002 4064	cdfs - ok
13:08:05.0049 4064	cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
13:08:05.0064 4064	cdrom - ok
13:08:05.0095 4064	CertPropSvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
13:08:05.0142 4064	CertPropSvc - ok
13:08:05.0173 4064	circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
13:08:05.0189 4064	circlass - ok
13:08:05.0267 4064	CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
13:08:05.0283 4064	CLFS - ok
13:08:05.0345 4064	clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:08:05.0361 4064	clr_optimization_v2.0.50727_32 - ok
13:08:05.0407 4064	clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:08:05.0407 4064	clr_optimization_v2.0.50727_64 - ok
13:08:05.0485 4064	clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:08:05.0517 4064	clr_optimization_v4.0.30319_32 - ok
13:08:05.0532 4064	clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:08:05.0548 4064	clr_optimization_v4.0.30319_64 - ok
13:08:05.0563 4064	CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
13:08:05.0579 4064	CmBatt - ok
13:08:05.0610 4064	cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
13:08:05.0610 4064	cmdide - ok
13:08:05.0704 4064	CNG             (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
13:08:05.0735 4064	CNG - ok
13:08:05.0751 4064	Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
13:08:05.0766 4064	Compbatt - ok
13:08:05.0782 4064	CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
13:08:05.0813 4064	CompositeBus - ok
13:08:05.0829 4064	COMSysApp - ok
13:08:05.0829 4064	crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
13:08:05.0844 4064	crcdisk - ok
13:08:05.0875 4064	CryptSvc        (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
13:08:05.0938 4064	CryptSvc - ok
13:08:06.0000 4064	DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
13:08:06.0047 4064	DcomLaunch - ok
13:08:06.0094 4064	defragsvc       (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
13:08:06.0141 4064	defragsvc - ok
13:08:06.0156 4064	DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
13:08:06.0203 4064	DfsC - ok
13:08:06.0265 4064	Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
13:08:06.0312 4064	Dhcp - ok
13:08:06.0359 4064	discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
13:08:06.0390 4064	discache - ok
13:08:06.0421 4064	Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
13:08:06.0437 4064	Disk - ok
13:08:06.0468 4064	Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
13:08:06.0499 4064	Dnscache - ok
13:08:06.0531 4064	dot3svc         (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
13:08:06.0577 4064	dot3svc - ok
13:08:06.0624 4064	DPS             (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
13:08:06.0671 4064	DPS - ok
13:08:06.0702 4064	drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
13:08:06.0718 4064	drmkaud - ok
13:08:06.0796 4064	DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
13:08:06.0811 4064	DXGKrnl - ok
13:08:06.0874 4064	EapHost         (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
13:08:06.0905 4064	EapHost - ok
13:08:07.0233 4064	ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
13:08:07.0311 4064	ebdrv - ok
13:08:07.0404 4064	EFS             (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
13:08:07.0435 4064	EFS - ok
13:08:07.0529 4064	ehRecvr         (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
13:08:07.0576 4064	ehRecvr - ok
13:08:07.0591 4064	ehSched         (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
13:08:07.0623 4064	ehSched - ok
13:08:07.0716 4064	elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
13:08:07.0747 4064	elxstor - ok
13:08:07.0779 4064	ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
13:08:07.0794 4064	ErrDev - ok
13:08:07.0841 4064	EventSystem     (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
13:08:07.0888 4064	EventSystem - ok
13:08:07.0903 4064	exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
13:08:07.0935 4064	exfat - ok
13:08:07.0966 4064	fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
13:08:08.0013 4064	fastfat - ok
13:08:08.0075 4064	Fax             (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
13:08:08.0091 4064	Fax - ok
13:08:08.0106 4064	fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
13:08:08.0122 4064	fdc - ok
13:08:08.0153 4064	fdPHost         (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
13:08:08.0184 4064	fdPHost - ok
13:08:08.0200 4064	FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
13:08:08.0231 4064	FDResPub - ok
13:08:08.0247 4064	FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
13:08:08.0247 4064	FileInfo - ok
13:08:08.0247 4064	Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
13:08:08.0278 4064	Filetrace - ok
13:08:08.0309 4064	flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
13:08:08.0309 4064	flpydisk - ok
13:08:08.0340 4064	FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
13:08:08.0356 4064	FltMgr - ok
13:08:08.0434 4064	FontCache       (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
13:08:08.0481 4064	FontCache - ok
13:08:08.0543 4064	FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:08:08.0543 4064	FontCache3.0.0.0 - ok
13:08:08.0574 4064	FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
13:08:08.0590 4064	FsDepends - ok
13:08:08.0605 4064	Fs_Rec          (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
13:08:08.0605 4064	Fs_Rec - ok
13:08:08.0637 4064	fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
13:08:08.0652 4064	fvevol - ok
13:08:08.0683 4064	gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
13:08:08.0699 4064	gagp30kx - ok
13:08:08.0761 4064	gpsvc           (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
13:08:08.0824 4064	gpsvc - ok
13:08:08.0839 4064	hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
13:08:08.0949 4064	hcw85cir - ok
13:08:08.0995 4064	HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
13:08:09.0011 4064	HdAudAddService - ok
13:08:09.0027 4064	HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
13:08:09.0058 4064	HDAudBus - ok
13:08:09.0073 4064	HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
13:08:09.0089 4064	HidBatt - ok
13:08:09.0105 4064	HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
13:08:09.0136 4064	HidBth - ok
13:08:09.0151 4064	HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
13:08:09.0167 4064	HidIr - ok
13:08:09.0198 4064	hidserv         (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
13:08:09.0229 4064	hidserv - ok
13:08:09.0307 4064	HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
13:08:09.0323 4064	HidUsb - ok
13:08:09.0417 4064	hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
13:08:09.0463 4064	hkmsvc - ok
13:08:09.0510 4064	HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
13:08:09.0526 4064	HomeGroupListener - ok
13:08:09.0541 4064	HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
13:08:09.0557 4064	HomeGroupProvider - ok
13:08:09.0604 4064	HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
13:08:09.0619 4064	HpSAMD - ok
13:08:09.0666 4064	HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
13:08:09.0713 4064	HTTP - ok
13:08:09.0729 4064	hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
13:08:09.0744 4064	hwpolicy - ok
13:08:09.0760 4064	i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
13:08:09.0775 4064	i8042prt - ok
13:08:09.0822 4064	iaStorV         (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
13:08:09.0838 4064	iaStorV - ok
13:08:09.0931 4064	IDriverT        (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
13:08:09.0963 4064	IDriverT ( UnsignedFile.Multi.Generic ) - warning
13:08:09.0963 4064	IDriverT - detected UnsignedFile.Multi.Generic (1)
13:08:10.0056 4064	idsvc           (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:08:10.0072 4064	idsvc - ok
13:08:10.0165 4064	iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
13:08:10.0165 4064	iirsp - ok
13:08:10.0243 4064	IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
13:08:10.0290 4064	IKEEXT - ok
13:08:10.0431 4064	IntcAzAudAddService (589b94a9b73a0e819ff873743a480834) C:\Windows\system32\drivers\RTKVHD64.sys
13:08:10.0462 4064	IntcAzAudAddService - ok
13:08:10.0555 4064	intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
13:08:10.0571 4064	intelide - ok
13:08:10.0587 4064	intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
13:08:10.0602 4064	intelppm - ok
13:08:10.0633 4064	IPBusEnum       (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
13:08:10.0649 4064	IPBusEnum - ok
13:08:10.0680 4064	IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:08:10.0727 4064	IpFilterDriver - ok
13:08:10.0758 4064	iphlpsvc        (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
13:08:10.0805 4064	iphlpsvc - ok
13:08:10.0836 4064	IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
13:08:10.0852 4064	IPMIDRV - ok
13:08:10.0883 4064	IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
13:08:10.0914 4064	IPNAT - ok
13:08:10.0945 4064	irda            (05360b1ea5a2abf620d1d96ebd8bd8f1) C:\Windows\system32\DRIVERS\irda.sys
13:08:10.0977 4064	irda - ok
13:08:10.0992 4064	IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
13:08:11.0023 4064	IRENUM - ok
13:08:11.0055 4064	Irmon           (3848384ab383f0a8f506c4370635c1f9) C:\Windows\System32\irmon.dll
13:08:11.0086 4064	Irmon - ok
13:08:11.0117 4064	irsir           (d2ca12736624ba636f8357dc3ef0757e) C:\Windows\system32\DRIVERS\irsir.sys
13:08:11.0133 4064	irsir - ok
13:08:11.0164 4064	isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
13:08:11.0179 4064	isapnp - ok
13:08:11.0211 4064	iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
13:08:11.0211 4064	iScsiPrt - ok
13:08:11.0242 4064	kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
13:08:11.0257 4064	kbdclass - ok
13:08:11.0289 4064	kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
13:08:11.0304 4064	kbdhid - ok
13:08:11.0335 4064	KeyIso          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:08:11.0335 4064	KeyIso - ok
13:08:11.0382 4064	KSecDD          (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
13:08:11.0382 4064	KSecDD - ok
13:08:11.0398 4064	KSecPkg         (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
13:08:11.0413 4064	KSecPkg - ok
13:08:11.0445 4064	ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
13:08:11.0476 4064	ksthunk - ok
13:08:11.0507 4064	KtmRm           (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
13:08:11.0554 4064	KtmRm - ok
13:08:11.0585 4064	LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
13:08:11.0616 4064	LanmanServer - ok
13:08:11.0647 4064	LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
13:08:11.0694 4064	LanmanWorkstation - ok
13:08:11.0725 4064	lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
13:08:11.0757 4064	lltdio - ok
13:08:11.0819 4064	lltdsvc         (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
13:08:11.0866 4064	lltdsvc - ok
13:08:11.0881 4064	lmhosts         (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
13:08:11.0913 4064	lmhosts - ok
13:08:11.0944 4064	LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
13:08:11.0959 4064	LSI_FC - ok
13:08:11.0975 4064	LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
13:08:11.0991 4064	LSI_SAS - ok
13:08:12.0006 4064	LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:08:12.0022 4064	LSI_SAS2 - ok
13:08:12.0037 4064	LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:08:12.0037 4064	LSI_SCSI - ok
13:08:12.0069 4064	luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
13:08:12.0115 4064	luafv - ok
13:08:12.0162 4064	lxbc_device - ok
13:08:12.0178 4064	MBAMProtector   (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
13:08:12.0193 4064	MBAMProtector - ok
13:08:12.0303 4064	MBAMService     (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
13:08:12.0318 4064	MBAMService - ok
13:08:12.0334 4064	Mcx2Svc         (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
13:08:12.0349 4064	Mcx2Svc - ok
13:08:12.0365 4064	megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
13:08:12.0381 4064	megasas - ok
13:08:12.0396 4064	MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
13:08:12.0412 4064	MegaSR - ok
13:08:12.0474 4064	MMCSS           (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
13:08:12.0505 4064	MMCSS - ok
13:08:12.0537 4064	Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
13:08:12.0583 4064	Modem - ok
13:08:12.0615 4064	monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
13:08:12.0630 4064	monitor - ok
13:08:12.0677 4064	mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
13:08:12.0677 4064	mouclass - ok
13:08:12.0708 4064	mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
13:08:12.0724 4064	mouhid - ok
13:08:12.0771 4064	mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
13:08:12.0771 4064	mountmgr - ok
13:08:12.0833 4064	MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:08:12.0864 4064	MozillaMaintenance - ok
13:08:12.0895 4064	mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
13:08:12.0895 4064	mpio - ok
13:08:12.0942 4064	mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
13:08:12.0958 4064	mpsdrv - ok
13:08:13.0020 4064	MpsSvc          (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
13:08:13.0083 4064	MpsSvc - ok
13:08:13.0114 4064	MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
13:08:13.0129 4064	MRxDAV - ok
13:08:13.0161 4064	mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:08:13.0192 4064	mrxsmb - ok
13:08:13.0223 4064	mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:08:13.0239 4064	mrxsmb10 - ok
13:08:13.0270 4064	mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:08:13.0285 4064	mrxsmb20 - ok
13:08:13.0301 4064	msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
13:08:13.0317 4064	msahci - ok
13:08:13.0348 4064	msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
13:08:13.0348 4064	msdsm - ok
13:08:13.0379 4064	MSDTC           (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
13:08:13.0395 4064	MSDTC - ok
13:08:13.0410 4064	Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
13:08:13.0441 4064	Msfs - ok
13:08:13.0457 4064	mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
13:08:13.0504 4064	mshidkmdf - ok
13:08:13.0519 4064	msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
13:08:13.0535 4064	msisadrv - ok
13:08:13.0566 4064	MSiSCSI         (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
13:08:13.0597 4064	MSiSCSI - ok
13:08:13.0597 4064	msiserver - ok
13:08:13.0629 4064	MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
13:08:13.0675 4064	MSKSSRV - ok
13:08:13.0691 4064	MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
13:08:13.0753 4064	MSPCLOCK - ok
13:08:13.0816 4064	MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
13:08:13.0863 4064	MSPQM - ok
13:08:13.0909 4064	MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
13:08:13.0925 4064	MsRPC - ok
13:08:13.0956 4064	mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
13:08:13.0956 4064	mssmbios - ok
13:08:14.0003 4064	MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
13:08:14.0065 4064	MSTEE - ok
13:08:14.0081 4064	MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
13:08:14.0081 4064	MTConfig - ok
13:08:14.0112 4064	MTsensor        (19b006b181e3875fd254f7b67acf1e7c) C:\Windows\system32\DRIVERS\ASACPI.sys
13:08:14.0128 4064	MTsensor - ok
13:08:14.0143 4064	Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
13:08:14.0159 4064	Mup - ok
13:08:14.0268 4064	napagent        (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
13:08:14.0299 4064	napagent - ok
13:08:14.0362 4064	NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
13:08:14.0409 4064	NativeWifiP - ok
13:08:14.0580 4064	NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
13:08:14.0596 4064	NDIS - ok
13:08:14.0627 4064	NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
13:08:14.0674 4064	NdisCap - ok
13:08:14.0689 4064	NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
13:08:14.0721 4064	NdisTapi - ok
13:08:14.0736 4064	Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
13:08:14.0767 4064	Ndisuio - ok
13:08:14.0783 4064	NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
13:08:14.0830 4064	NdisWan - ok
13:08:14.0877 4064	NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
13:08:14.0908 4064	NDProxy - ok
13:08:14.0939 4064	NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
13:08:14.0970 4064	NetBIOS - ok
13:08:15.0001 4064	NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
13:08:15.0033 4064	NetBT - ok
13:08:15.0048 4064	Netlogon        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:08:15.0064 4064	Netlogon - ok
13:08:15.0111 4064	Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
13:08:15.0142 4064	Netman - ok
13:08:15.0189 4064	netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
13:08:15.0220 4064	netprofm - ok
13:08:15.0298 4064	NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:08:15.0313 4064	NetTcpPortSharing - ok
13:08:15.0345 4064	nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
13:08:15.0345 4064	nfrd960 - ok
13:08:15.0391 4064	NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
13:08:15.0423 4064	NlaSvc - ok
13:08:15.0454 4064	Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
13:08:15.0501 4064	Npfs - ok
13:08:15.0516 4064	nsi             (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
13:08:15.0563 4064	nsi - ok
13:08:15.0610 4064	nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
13:08:15.0641 4064	nsiproxy - ok
13:08:15.0891 4064	Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
13:08:15.0953 4064	Ntfs - ok
13:08:16.0093 4064	Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
13:08:16.0140 4064	Null - ok
13:08:16.0281 4064	NVENETFD        (99ed33f7fe39026a477893d92aea5ef0) C:\Windows\system32\DRIVERS\nvmfdx64.sys
13:08:16.0312 4064	NVENETFD - ok
13:08:16.0499 4064	nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
13:08:16.0530 4064	nvraid - ok
13:08:16.0561 4064	nvsmu           (76b304c8156779d4d39530118acf1d1a) C:\Windows\system32\DRIVERS\nvsmu.sys
13:08:16.0577 4064	nvsmu - ok
13:08:16.0655 4064	nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
13:08:16.0671 4064	nvstor - ok
13:08:16.0733 4064	nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
13:08:16.0749 4064	nv_agp - ok
13:08:16.0764 4064	ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
13:08:16.0780 4064	ohci1394 - ok
13:08:16.0842 4064	p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
13:08:16.0889 4064	p2pimsvc - ok
13:08:17.0045 4064	p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
13:08:17.0061 4064	p2psvc - ok
13:08:17.0092 4064	Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
13:08:17.0107 4064	Parport - ok
13:08:17.0217 4064	partmgr         (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
13:08:17.0232 4064	partmgr - ok
13:08:17.0263 4064	PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
13:08:17.0279 4064	PcaSvc - ok
13:08:17.0310 4064	pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
13:08:17.0326 4064	pci - ok
13:08:17.0326 4064	pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
13:08:17.0341 4064	pciide - ok
13:08:17.0373 4064	pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
13:08:17.0373 4064	pcmcia - ok
13:08:17.0388 4064	pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
13:08:17.0404 4064	pcw - ok
13:08:17.0497 4064	PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
13:08:17.0544 4064	PEAUTH - ok
13:08:17.0794 4064	PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
13:08:17.0809 4064	PerfHost - ok
13:08:17.0934 4064	pla             (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
13:08:18.0012 4064	pla - ok
13:08:18.0075 4064	PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
13:08:18.0106 4064	PlugPlay - ok
13:08:18.0121 4064	PNRPAutoReg     (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
13:08:18.0153 4064	PNRPAutoReg - ok
13:08:18.0184 4064	PNRPsvc         (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
13:08:18.0199 4064	PNRPsvc - ok
13:08:18.0246 4064	PolicyAgent     (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
13:08:18.0277 4064	PolicyAgent - ok
13:08:18.0309 4064	Power           (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
13:08:18.0355 4064	Power - ok
13:08:18.0402 4064	PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
13:08:18.0449 4064	PptpMiniport - ok
13:08:18.0465 4064	Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
13:08:18.0465 4064	Processor - ok
13:08:18.0511 4064	ProfSvc         (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
13:08:18.0543 4064	ProfSvc - ok
13:08:18.0558 4064	ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:08:18.0574 4064	ProtectedStorage - ok
13:08:18.0605 4064	Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
13:08:18.0636 4064	Psched - ok
13:08:18.0714 4064	ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
13:08:18.0745 4064	ql2300 - ok
13:08:18.0855 4064	ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
13:08:18.0870 4064	ql40xx - ok
13:08:18.0901 4064	QWAVE           (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
13:08:18.0917 4064	QWAVE - ok
13:08:18.0933 4064	QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
13:08:18.0948 4064	QWAVEdrv - ok
13:08:18.0964 4064	RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
13:08:18.0995 4064	RasAcd - ok
13:08:19.0026 4064	RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
13:08:19.0057 4064	RasAgileVpn - ok
13:08:19.0073 4064	RasAuto         (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
13:08:19.0120 4064	RasAuto - ok
13:08:19.0151 4064	Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:08:19.0198 4064	Rasl2tp - ok
13:08:19.0213 4064	RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
13:08:19.0245 4064	RasMan - ok
13:08:19.0276 4064	RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
13:08:19.0307 4064	RasPppoe - ok
13:08:19.0323 4064	RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
13:08:19.0369 4064	RasSstp - ok
13:08:19.0401 4064	rdbss           (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
13:08:19.0447 4064	rdbss - ok
13:08:19.0463 4064	rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
13:08:19.0479 4064	rdpbus - ok
13:08:19.0494 4064	RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:08:19.0572 4064	RDPCDD - ok
13:08:19.0619 4064	RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
13:08:19.0666 4064	RDPENCDD - ok
13:08:19.0681 4064	RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
13:08:19.0713 4064	RDPREFMP - ok
13:08:19.0744 4064	RDPWD           (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
13:08:19.0806 4064	RDPWD - ok
13:08:19.0837 4064	rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
13:08:19.0853 4064	rdyboost - ok
13:08:19.0869 4064	RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
13:08:19.0915 4064	RemoteAccess - ok
13:08:19.0947 4064	RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
13:08:19.0993 4064	RemoteRegistry - ok
13:08:20.0009 4064	RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
13:08:20.0040 4064	RpcEptMapper - ok
13:08:20.0056 4064	RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
13:08:20.0071 4064	RpcLocator - ok
13:08:20.0118 4064	RpcSs           (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
13:08:20.0149 4064	RpcSs - ok
13:08:20.0181 4064	rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
13:08:20.0196 4064	rspndr - ok
13:08:20.0243 4064	RTL8167         (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
13:08:20.0259 4064	RTL8167 - ok
13:08:20.0305 4064	RtNdPt60        (e16b7c030a05ef649b18fab0a93d871f) C:\Windows\system32\DRIVERS\RtNdPt60.sys
13:08:20.0305 4064	RtNdPt60 - ok
13:08:20.0321 4064	RTTEAMPT        (1de78f5008120cd79b34c12394dcd493) C:\Windows\system32\DRIVERS\RtTeam60.sys
13:08:20.0337 4064	RTTEAMPT - ok
13:08:20.0337 4064	RTVLANPT        (b1018aa1b5735f5fa89fd4dadf4bea7a) C:\Windows\system32\DRIVERS\RtVlan60.sys
13:08:20.0352 4064	RTVLANPT - ok
13:08:20.0368 4064	SamSs           (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:08:20.0383 4064	SamSs - ok
13:08:20.0415 4064	sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
13:08:20.0415 4064	sbp2port - ok
13:08:20.0446 4064	SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
13:08:20.0493 4064	SCardSvr - ok
13:08:20.0508 4064	scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
13:08:20.0524 4064	scfilter - ok
13:08:20.0602 4064	Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
13:08:20.0649 4064	Schedule - ok
13:08:20.0664 4064	SCPolicySvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
13:08:20.0695 4064	SCPolicySvc - ok
13:08:20.0711 4064	SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
13:08:20.0727 4064	SDRSVC - ok
13:08:20.0836 4064	secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
13:08:20.0867 4064	secdrv - ok
13:08:20.0883 4064	seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
13:08:20.0914 4064	seclogon - ok
13:08:20.0929 4064	SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
13:08:20.0976 4064	SENS - ok
13:08:20.0992 4064	SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
13:08:21.0023 4064	SensrSvc - ok
13:08:21.0023 4064	Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
13:08:21.0039 4064	Serenum - ok
13:08:21.0070 4064	Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
13:08:21.0085 4064	Serial - ok
13:08:21.0117 4064	sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
13:08:21.0132 4064	sermouse - ok
13:08:21.0163 4064	SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
13:08:21.0195 4064	SessionEnv - ok
13:08:21.0210 4064	sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
13:08:21.0226 4064	sffdisk - ok
13:08:21.0241 4064	sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
13:08:21.0257 4064	sffp_mmc - ok
13:08:21.0273 4064	sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
13:08:21.0288 4064	sffp_sd - ok
13:08:21.0304 4064	sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
13:08:21.0319 4064	sfloppy - ok
13:08:21.0351 4064	SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
13:08:21.0382 4064	SharedAccess - ok
13:08:21.0429 4064	ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
13:08:21.0460 4064	ShellHWDetection - ok
13:08:21.0491 4064	SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:08:21.0491 4064	SiSRaid2 - ok
13:08:21.0507 4064	SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
13:08:21.0522 4064	SiSRaid4 - ok
13:08:21.0538 4064	Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
13:08:21.0569 4064	Smb - ok
13:08:21.0600 4064	SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
13:08:21.0616 4064	SNMPTRAP - ok
13:08:21.0631 4064	spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
13:08:21.0647 4064	spldr - ok
13:08:21.0694 4064	Spooler         (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
13:08:21.0725 4064	Spooler - ok
13:08:22.0068 4064	sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
13:08:22.0162 4064	sppsvc - ok
13:08:22.0287 4064	sppuinotify     (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
13:08:22.0318 4064	sppuinotify - ok
13:08:22.0365 4064	srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
13:08:22.0396 4064	srv - ok
13:08:22.0427 4064	srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
13:08:22.0443 4064	srv2 - ok
13:08:22.0536 4064	srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
13:08:22.0567 4064	srvnet - ok
13:08:22.0599 4064	SSDPSRV         (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
13:08:22.0645 4064	SSDPSRV - ok
13:08:22.0645 4064	SstpSvc         (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
13:08:22.0677 4064	SstpSvc - ok
13:08:22.0723 4064	stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
13:08:22.0739 4064	stexstor - ok
13:08:22.0770 4064	stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
13:08:22.0801 4064	stisvc - ok
13:08:22.0833 4064	swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
13:08:22.0833 4064	swenum - ok
13:08:22.0895 4064	swprv           (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
13:08:22.0942 4064	swprv - ok
13:08:23.0160 4064	SysMain         (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
13:08:23.0191 4064	SysMain - ok
13:08:23.0301 4064	TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
13:08:23.0332 4064	TabletInputService - ok
13:08:23.0394 4064	TapiSrv         (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
13:08:23.0441 4064	TapiSrv - ok
13:08:23.0488 4064	TBS             (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
13:08:23.0550 4064	TBS - ok
13:08:23.0800 4064	Tcpip           (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
13:08:23.0862 4064	Tcpip - ok
13:08:24.0127 4064	TCPIP6          (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
13:08:24.0159 4064	TCPIP6 - ok
13:08:24.0252 4064	tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
13:08:24.0283 4064	tcpipreg - ok
13:08:24.0315 4064	TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
13:08:24.0346 4064	TDPIPE - ok
13:08:24.0361 4064	TDTCP           (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
13:08:24.0377 4064	TDTCP - ok
13:08:24.0408 4064	tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
13:08:24.0439 4064	tdx - ok
13:08:24.0471 4064	TEAM            (1de78f5008120cd79b34c12394dcd493) C:\Windows\system32\DRIVERS\RtTeam60.sys
13:08:24.0486 4064	TEAM - ok
13:08:24.0502 4064	TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
13:08:24.0517 4064	TermDD - ok
13:08:24.0611 4064	TermService     (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
13:08:24.0658 4064	TermService - ok
13:08:24.0705 4064	Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
13:08:24.0751 4064	Themes - ok
13:08:24.0783 4064	THREADORDER     (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
13:08:24.0814 4064	THREADORDER - ok
13:08:24.0829 4064	TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
13:08:24.0861 4064	TrkWks - ok
13:08:24.0907 4064	TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
13:08:24.0939 4064	TrustedInstaller - ok
13:08:24.0970 4064	tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:08:25.0001 4064	tssecsrv - ok
13:08:25.0032 4064	TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
13:08:25.0063 4064	TsUsbFlt - ok
13:08:25.0110 4064	tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
13:08:25.0141 4064	tunnel - ok
13:08:25.0157 4064	uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
13:08:25.0173 4064	uagp35 - ok
13:08:25.0204 4064	udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
13:08:25.0235 4064	udfs - ok
13:08:25.0266 4064	UI0Detect       (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
13:08:25.0282 4064	UI0Detect - ok
13:08:25.0329 4064	uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
13:08:25.0329 4064	uliagpkx - ok
13:08:25.0360 4064	umbus           (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
13:08:25.0360 4064	umbus - ok
13:08:25.0375 4064	UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
13:08:25.0391 4064	UmPass - ok
13:08:25.0422 4064	upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
13:08:25.0453 4064	upnphost - ok
13:08:25.0485 4064	usbccgp         (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\drivers\usbccgp.sys
13:08:25.0516 4064	usbccgp - ok
13:08:25.0563 4064	usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
13:08:25.0578 4064	usbcir - ok
13:08:25.0609 4064	usbehci         (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
13:08:25.0625 4064	usbehci - ok
13:08:25.0672 4064	usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
13:08:25.0703 4064	usbhub - ok
13:08:25.0719 4064	usbohci         (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
13:08:25.0734 4064	usbohci - ok
13:08:25.0750 4064	usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
13:08:25.0781 4064	usbprint - ok
13:08:25.0812 4064	USBSTOR         (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:08:25.0843 4064	USBSTOR - ok
13:08:25.0859 4064	usbuhci         (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
13:08:25.0875 4064	usbuhci - ok
13:08:25.0906 4064	UxSms           (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
13:08:25.0937 4064	UxSms - ok
13:08:25.0968 4064	VaultSvc        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:08:25.0968 4064	VaultSvc - ok
13:08:25.0984 4064	vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
13:08:25.0999 4064	vdrvroot - ok
13:08:26.0046 4064	vds             (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
13:08:26.0077 4064	vds - ok
13:08:26.0109 4064	vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
13:08:26.0124 4064	vga - ok
13:08:26.0124 4064	VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
13:08:26.0171 4064	VgaSave - ok
13:08:26.0202 4064	vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
13:08:26.0218 4064	vhdmp - ok
13:08:26.0233 4064	viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
13:08:26.0233 4064	viaide - ok
13:08:26.0249 4064	volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
13:08:26.0265 4064	volmgr - ok
13:08:26.0296 4064	volmgrx         (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
13:08:26.0311 4064	volmgrx - ok
13:08:26.0358 4064	volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
13:08:26.0358 4064	volsnap - ok
13:08:26.0389 4064	vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
13:08:26.0405 4064	vsmraid - ok
13:08:26.0499 4064	VSS             (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
13:08:26.0545 4064	VSS - ok
13:08:26.0639 4064	vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
13:08:26.0655 4064	vwifibus - ok
13:08:26.0701 4064	W32Time         (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
13:08:26.0733 4064	W32Time - ok
13:08:26.0748 4064	WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
13:08:26.0764 4064	WacomPen - ok
13:08:26.0795 4064	WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:08:26.0842 4064	WANARP - ok
13:08:26.0842 4064	Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:08:26.0873 4064	Wanarpv6 - ok
13:08:26.0951 4064	wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
13:08:26.0998 4064	wbengine - ok
13:08:27.0091 4064	WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
13:08:27.0107 4064	WbioSrvc - ok
13:08:27.0154 4064	wcncsvc         (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
13:08:27.0185 4064	wcncsvc - ok
13:08:27.0201 4064	WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
13:08:27.0216 4064	WcsPlugInService - ok
13:08:27.0247 4064	Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
13:08:27.0263 4064	Wd - ok
13:08:27.0310 4064	Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
13:08:27.0325 4064	Wdf01000 - ok
13:08:27.0341 4064	WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
13:08:27.0388 4064	WdiServiceHost - ok
13:08:27.0388 4064	WdiSystemHost   (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
13:08:27.0403 4064	WdiSystemHost - ok
13:08:27.0435 4064	WebClient       (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
13:08:27.0466 4064	WebClient - ok
13:08:27.0481 4064	Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
13:08:27.0528 4064	Wecsvc - ok
13:08:27.0544 4064	wercplsupport   (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
13:08:27.0575 4064	wercplsupport - ok
13:08:27.0606 4064	WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
13:08:27.0653 4064	WerSvc - ok
13:08:27.0700 4064	WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
13:08:27.0731 4064	WfpLwf - ok
13:08:27.0731 4064	WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
13:08:27.0747 4064	WIMMount - ok
13:08:27.0778 4064	WinDefend - ok
13:08:27.0778 4064	WinHttpAutoProxySvc - ok
13:08:27.0840 4064	Winmgmt         (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
13:08:27.0887 4064	Winmgmt - ok
13:08:28.0043 4064	WinRM           (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
13:08:28.0121 4064	WinRM - ok
13:08:28.0339 4064	Wlansvc         (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
13:08:28.0371 4064	Wlansvc - ok
13:08:28.0417 4064	WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
13:08:28.0449 4064	WmiAcpi - ok
13:08:28.0542 4064	wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
13:08:28.0558 4064	wmiApSrv - ok
13:08:28.0589 4064	WMPNetworkSvc - ok
13:08:28.0620 4064	WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
13:08:28.0667 4064	WPCSvc - ok
13:08:28.0745 4064	WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
13:08:28.0761 4064	WPDBusEnum - ok
13:08:28.0776 4064	ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
13:08:28.0807 4064	ws2ifsl - ok
13:08:28.0839 4064	wscsvc          (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
13:08:28.0870 4064	wscsvc - ok
13:08:28.0870 4064	WSearch - ok
13:08:29.0135 4064	wuauserv        (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
13:08:29.0197 4064	wuauserv - ok
13:08:29.0385 4064	WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
13:08:29.0431 4064	WudfPf - ok
13:08:29.0478 4064	WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:08:29.0509 4064	WUDFRd - ok
13:08:29.0541 4064	wudfsvc         (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
13:08:29.0572 4064	wudfsvc - ok
13:08:29.0603 4064	WwanSvc         (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
13:08:29.0634 4064	WwanSvc - ok
13:08:29.0650 4064	MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
13:08:30.0414 4064	\Device\Harddisk0\DR0 - ok
13:08:30.0414 4064	Boot (0x1200)   (66af2f3d2d30b0b20064802f279e702d) \Device\Harddisk0\DR0\Partition0
13:08:30.0414 4064	\Device\Harddisk0\DR0\Partition0 - ok
13:08:30.0430 4064	============================================================
13:08:30.0430 4064	Scan finished
13:08:30.0430 4064	============================================================
13:08:30.0430 2892	Detected object count: 1
13:08:30.0430 2892	Actual detected object count: 1
13:09:39.0439 2892	IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
13:09:39.0439 2892	IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip

Exploit:JS/Blacole.HP

Log-Analyse und Auswertung: Exploit:JS/Blacole.HP

Exploit:JS/Blacole.HP

Ähnliche Themen: Exploit:JS/Blacole.HP