Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
G data blockiert , keine Systemwiederherstellung möglich , Taskmanager funktioniert nicht

G data blockiert , keine Systemwiederherstellung möglich , Taskmanager funktioniert nicht


Plagegeister aller Art und deren Bekämpfung: G data blockiert , keine Systemwiederherstellung möglich , Taskmanager funktioniert nicht

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 01.04.2015, 15:54   #11
Steffen 70
 
G data blockiert , keine Systemwiederherstellung möglich , Taskmanager funktioniert nicht - Standard

G data blockiert , keine Systemwiederherstellung möglich , Taskmanager funktioniert nicht


Code:
ATTFilter
16:34:55.0048 0x0ac0  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
16:34:59.0603 0x0ac0  ============================================================
16:34:59.0603 0x0ac0  Current date / time: 2015/04/01 16:34:59.0603
16:34:59.0603 0x0ac0  SystemInfo:
16:34:59.0603 0x0ac0  
16:34:59.0603 0x0ac0  OS Version: 6.1.7601 ServicePack: 1.0
16:34:59.0603 0x0ac0  Product type: Workstation
16:34:59.0603 0x0ac0  ComputerName: STEFFEN-PC
16:34:59.0603 0x0ac0  UserName: Steffen
16:34:59.0603 0x0ac0  Windows directory: C:\Windows
16:34:59.0603 0x0ac0  System windows directory: C:\Windows
16:34:59.0603 0x0ac0  Processor architecture: Intel x86
16:34:59.0603 0x0ac0  Number of processors: 2
16:34:59.0603 0x0ac0  Page size: 0x1000
16:34:59.0603 0x0ac0  Boot type: Normal boot
16:34:59.0603 0x0ac0  ============================================================
16:35:01.0178 0x0ac0  KLMD registered as C:\Windows\system32\drivers\34980713.sys
16:35:22.0519 0x0ac0  System UUID: {46E0A9DE-26BC-4181-AEFA-41A238A50B07}
16:35:22.0972 0x0ac0  !crdlk
16:35:22.0987 0x0ac0  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'A'
16:35:22.0987 0x0ac0  ============================================================
16:35:22.0987 0x0ac0  \Device\Harddisk0\DR0:
16:35:22.0987 0x0ac0  MBR partitions:
16:35:22.0987 0x0ac0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:35:22.0987 0x0ac0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D192800
16:35:22.0987 0x0ac0  ============================================================
16:35:23.0034 0x0ac0  C: <-> \Device\Harddisk0\DR0\Partition2
16:35:23.0050 0x0ac0  E: <-> \Device\Harddisk0\DR0\Partition1
16:35:23.0050 0x0ac0  ============================================================
16:35:23.0050 0x0ac0  Initialize success
16:35:23.0050 0x0ac0  ============================================================
16:35:58.0742 0x0ba0  ============================================================
16:35:58.0742 0x0ba0  Scan started
16:35:58.0742 0x0ba0  Mode: Manual; SigCheck; TDLFS; 
16:35:58.0742 0x0ba0  ============================================================
16:35:58.0742 0x0ba0  KSN ping started
16:36:12.0174 0x0ba0  KSN ping finished: true
16:36:13.0172 0x0ba0  ================ Scan system memory ========================
16:36:13.0172 0x0ba0  Scan was interrupted by user!
16:36:13.0250 0x0ba0  AV detected via SS2: G Data InternetSecurity CBE, C:\Program Files\G Data\InternetSecurity\AVK\avkwscpe.exe ( 25.0.0.0 ), 0x41010 ( enabled : outofdate )
16:36:13.0250 0x0ba0  FW detected via SS2: G Data Personal Firewall, C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe ( 22.0.0.1 ), 0x41010 ( enabled )
16:36:15.0700 0x0ba0  ============================================================
16:36:15.0700 0x0ba0  Scan finished
16:36:15.0700 0x0ba0  ============================================================
16:36:15.0700 0x0250  Detected object count: 0
16:36:15.0700 0x0250  Actual detected object count: 0
16:37:56.0398 0x0cd4  ============================================================
16:37:56.0398 0x0cd4  Scan started
16:37:56.0398 0x0cd4  Mode: Manual; SigCheck; TDLFS; 
16:37:56.0398 0x0cd4  ============================================================
16:37:56.0398 0x0cd4  KSN ping started
16:38:10.0063 0x0cd4  KSN ping finished: true
16:38:11.0171 0x0cd4  ================ Scan system memory ========================
16:38:11.0171 0x0cd4  System memory - ok
16:38:11.0171 0x0cd4  ================ Scan services =============================
16:38:11.0358 0x0cd4  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
16:38:11.0405 0x0cd4  1394ohci - ok
16:38:11.0436 0x0cd4  Suspicious service (NoAccess): 98730404f2d3d842
16:38:11.0483 0x0cd4  [ 6EC2346C82F95E3BFBD2EFE50E2C8AF9, 253271FFE32145DC09A9AFFF380E356871AC61F23CF2F3BE58415DB18E38B5CF ] 98730404f2d3d842 C:\Windows\System32\Drivers\98730404f2d3d842.sys
16:38:11.0483 0x0cd4  Suspicious file ( NoAccess ): C:\Windows\System32\Drivers\98730404f2d3d842.sys. md5: 6EC2346C82F95E3BFBD2EFE50E2C8AF9, sha256: 253271FFE32145DC09A9AFFF380E356871AC61F23CF2F3BE58415DB18E38B5CF
16:38:11.0530 0x0cd4  98730404f2d3d842 - detected Rootkit.Win32.Necurs.gen ( 0 )
16:38:13.0979 0x0cd4  98730404f2d3d842 ( Rootkit.Win32.Necurs.gen ) - infected
16:38:13.0979 0x0cd4  Force sending object to P2P due to detect: 98730404f2d3d842
16:38:16.0522 0x0cd4  Object send P2P result: true
16:38:18.0986 0x0cd4  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
16:38:19.0018 0x0cd4  ACPI - ok
16:38:19.0064 0x0cd4  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
16:38:19.0080 0x0cd4  AcpiPmi - ok
16:38:19.0174 0x0cd4  [ F79623288F2A357AB20288B5DC4F452A, AA6F70A4C12E390E08074D6FD0EA0D1856D8274DA833E56A8811BF820A2D41D4 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:38:19.0205 0x0cd4  AdobeFlashPlayerUpdateSvc - ok
16:38:19.0298 0x0cd4  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
16:38:19.0345 0x0cd4  adp94xx - ok
16:38:19.0408 0x0cd4  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
16:38:19.0439 0x0cd4  adpahci - ok
16:38:19.0501 0x0cd4  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
16:38:19.0517 0x0cd4  adpu320 - ok
16:38:19.0548 0x0cd4  [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:38:19.0579 0x0cd4  AeLookupSvc - ok
16:38:19.0657 0x0cd4  [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD             C:\Windows\system32\drivers\afd.sys
16:38:19.0704 0x0cd4  AFD - ok
16:38:19.0751 0x0cd4  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
16:38:19.0766 0x0cd4  agp440 - ok
16:38:19.0829 0x0cd4  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
16:38:19.0844 0x0cd4  aic78xx - ok
16:38:19.0891 0x0cd4  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
16:38:19.0907 0x0cd4  ALG - ok
16:38:19.0954 0x0cd4  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
16:38:19.0954 0x0cd4  Suspicious file ( NoAccess ): C:\Windows\system32\drivers\aliide.sys. md5: 0D40BCF52EA90FC7DF2AEAB6503DEA44, sha256: 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6
16:38:19.0954 0x0cd4  aliide - detected LockedFile.Multi.Generic ( 1 )
16:38:22.0325 0x0cd4  Detect skipped due to KSN trusted
16:38:22.0325 0x0cd4  aliide - ok
16:38:22.0387 0x0cd4  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
16:38:22.0418 0x0cd4  amdagp - ok
16:38:22.0450 0x0cd4  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
16:38:22.0465 0x0cd4  amdide - ok
16:38:22.0512 0x0cd4  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
16:38:22.0528 0x0cd4  AmdK8 - ok
16:38:22.0559 0x0cd4  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
16:38:22.0574 0x0cd4  AmdPPM - ok
16:38:22.0637 0x0cd4  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
16:38:22.0652 0x0cd4  amdsata - ok
16:38:22.0699 0x0cd4  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
16:38:22.0715 0x0cd4  amdsbs - ok
16:38:22.0746 0x0cd4  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
16:38:22.0762 0x0cd4  amdxata - ok
16:38:22.0793 0x0cd4  [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID           C:\Windows\system32\drivers\appid.sys
16:38:22.0840 0x0cd4  AppID - ok
16:38:22.0886 0x0cd4  [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:38:22.0918 0x0cd4  AppIDSvc - ok
16:38:22.0949 0x0cd4  [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo         C:\Windows\System32\appinfo.dll
16:38:22.0964 0x0cd4  Appinfo - ok
16:38:23.0011 0x0cd4  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\DRIVERS\arc.sys
16:38:23.0011 0x0cd4  Suspicious file ( NoAccess ): C:\Windows\system32\DRIVERS\arc.sys. md5: 2932004F49677BD84DBC72EDB754FFB3, sha256: 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8
16:38:23.0027 0x0cd4  arc - detected LockedFile.Multi.Generic ( 1 )
16:38:25.0414 0x0cd4  Detect skipped due to KSN trusted
16:38:25.0414 0x0cd4  arc - ok
16:38:25.0445 0x0cd4  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
16:38:25.0460 0x0cd4  arcsas - ok
16:38:25.0601 0x0cd4  [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
16:38:25.0632 0x0cd4  aspnet_state - ok
16:38:25.0694 0x0cd4  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:38:25.0726 0x0cd4  AsyncMac - ok
16:38:25.0772 0x0cd4  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
16:38:25.0788 0x0cd4  atapi - ok
16:38:26.0022 0x0cd4  [ 712D8A95E45B070114C5309ADA7358FF, 1F0285CFB9982637186531489743798511BA75B612B202231E9BC1CF5372C0BB ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
16:38:26.0147 0x0cd4  atikmdag - ok
16:38:26.0256 0x0cd4  [ F4157B3CECF19B1C266C83AFF051C97A, 26728B59B6003EB36BC322D189254574E94790CE23637228A669FAD6ED76ECE3 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:38:26.0287 0x0cd4  AudioEndpointBuilder - ok
16:38:26.0350 0x0cd4  [ F4157B3CECF19B1C266C83AFF051C97A, 26728B59B6003EB36BC322D189254574E94790CE23637228A669FAD6ED76ECE3 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
16:38:26.0396 0x0cd4  Audiosrv - ok
16:38:26.0911 0x0cd4  [ B90962C56D37665500E3B2510844F57E, D3A97436CACA7FD2E6EF6B07536F26665C06F6251472FAB96E923039412E6E85 ] AVKProxy        C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe
16:38:26.0974 0x0cd4  AVKProxy - ok
16:38:27.0208 0x0cd4  [ 56C6F2D7F1D515B4B534217443D3B67F, CB9E94EE515EE7C426B34EC40DFDEF27893C3379C011B2FF6EEF318A34BCF482 ] AVKService      C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe
16:38:27.0239 0x0cd4  AVKService - ok
16:38:27.0551 0x0cd4  [ 460DF58F2B393689EA6B87288BA7DFC5, D0330FC768B98DB4E76132CB40044E600AFE83964E63845C2534254EA5B15DA2 ] AVKWCtl         C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe
16:38:27.0660 0x0cd4  AVKWCtl - ok
16:38:27.0722 0x0cd4  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:38:27.0738 0x0cd4  AxInstSV - ok
16:38:27.0816 0x0cd4  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
16:38:27.0832 0x0cd4  b06bdrv - ok
16:38:27.0878 0x0cd4  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
16:38:27.0894 0x0cd4  b57nd60x - ok
16:38:27.0956 0x0cd4  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
16:38:27.0972 0x0cd4  BDESVC - ok
16:38:28.0003 0x0cd4  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:38:28.0019 0x0cd4  Beep - ok
16:38:28.0097 0x0cd4  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
16:38:28.0144 0x0cd4  BFE - ok
16:38:28.0237 0x0cd4  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\System32\qmgr.dll
16:38:28.0284 0x0cd4  BITS - ok
16:38:28.0331 0x0cd4  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
16:38:28.0346 0x0cd4  blbdrive - ok
16:38:28.0393 0x0cd4  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:38:28.0409 0x0cd4  bowser - ok
16:38:28.0456 0x0cd4  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:38:28.0471 0x0cd4  BrFiltLo - ok
16:38:28.0487 0x0cd4  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:38:28.0502 0x0cd4  BrFiltUp - ok
16:38:28.0549 0x0cd4  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
16:38:28.0580 0x0cd4  Browser - ok
16:38:28.0658 0x0cd4  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
16:38:28.0674 0x0cd4  Brserid - ok
16:38:28.0705 0x0cd4  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
16:38:28.0721 0x0cd4  BrSerWdm - ok
16:38:28.0721 0x0cd4  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
16:38:28.0736 0x0cd4  BrUsbMdm - ok
16:38:28.0736 0x0cd4  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
16:38:28.0752 0x0cd4  BrUsbSer - ok
16:38:28.0768 0x0cd4  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
16:38:28.0783 0x0cd4  BTHMODEM - ok
16:38:28.0830 0x0cd4  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
16:38:28.0861 0x0cd4  bthserv - ok
16:38:28.0908 0x0cd4  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:38:28.0908 0x0cd4  Suspicious file ( NoAccess ): C:\Windows\system32\DRIVERS\cdfs.sys. md5: 77EA11B065E0A8AB902D78145CA51E10, sha256: 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A
16:38:28.0924 0x0cd4  cdfs - detected LockedFile.Multi.Generic ( 1 )
16:38:31.0310 0x0cd4  Detect skipped due to KSN trusted
16:38:31.0310 0x0cd4  cdfs - ok
16:38:31.0373 0x0cd4  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
16:38:31.0388 0x0cd4  cdrom - ok
16:38:31.0451 0x0cd4  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
16:38:31.0482 0x0cd4  CertPropSvc - ok
16:38:31.0513 0x0cd4  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
16:38:31.0544 0x0cd4  circlass - ok
16:38:31.0638 0x0cd4  [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS            C:\Windows\system32\CLFS.sys
16:38:31.0669 0x0cd4  CLFS - ok
16:38:31.0747 0x0cd4  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:38:31.0763 0x0cd4  clr_optimization_v2.0.50727_32 - ok
16:38:31.0825 0x0cd4  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:38:31.0856 0x0cd4  clr_optimization_v4.0.30319_32 - ok
16:38:31.0919 0x0cd4  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
16:38:31.0934 0x0cd4  CmBatt - ok
16:38:31.0966 0x0cd4  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:38:31.0981 0x0cd4  cmdide - ok
16:38:32.0044 0x0cd4  [ F516F1167EFBBC5ABC90687C94497869, AD650D56241533439419EA00236ABE14AB6E50B768620211D1A44047A9FA14EC ] CNG             C:\Windows\system32\Drivers\cng.sys
16:38:32.0090 0x0cd4  CNG - ok
16:38:32.0122 0x0cd4  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
16:38:32.0137 0x0cd4  Compbatt - ok
16:38:32.0184 0x0cd4  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
16:38:32.0215 0x0cd4  CompositeBus - ok
16:38:32.0231 0x0cd4  COMSysApp - ok
16:38:32.0262 0x0cd4  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
16:38:32.0262 0x0cd4  Suspicious file ( NoAccess ): C:\Windows\system32\DRIVERS\crcdisk.sys. md5: 2C4EBCFC84A9B44F209DFF6C6E6C61D1, sha256: 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6
16:38:32.0278 0x0cd4  crcdisk - detected LockedFile.Multi.Generic ( 1 )
16:38:34.0680 0x0cd4  Detect skipped due to KSN trusted
16:38:34.0680 0x0cd4  crcdisk - ok
16:38:34.0742 0x0cd4  [ 623E143F2DF17C0106A9988F5D7DC878, 9DA30262FF22FA9F1DB247CB3B4A2892D79730EF0ECC9589D399D24B4F58E565 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:38:34.0774 0x0cd4  CryptSvc - ok
16:38:34.0852 0x0cd4  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:38:34.0914 0x0cd4  DcomLaunch - ok
16:38:34.0961 0x0cd4  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
16:38:35.0008 0x0cd4  defragsvc - ok
16:38:35.0054 0x0cd4  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:38:35.0086 0x0cd4  DfsC - ok
16:38:35.0148 0x0cd4  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:38:35.0179 0x0cd4  Dhcp - ok
16:38:35.0226 0x0cd4  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
16:38:35.0273 0x0cd4  discache - ok
16:38:35.0320 0x0cd4  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
16:38:35.0335 0x0cd4  Disk - ok
16:38:35.0382 0x0cd4  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:38:35.0413 0x0cd4  Dnscache - ok
16:38:35.0444 0x0cd4  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
16:38:35.0476 0x0cd4  dot3svc - ok
16:38:35.0522 0x0cd4  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
16:38:35.0569 0x0cd4  DPS - ok
16:38:35.0647 0x0cd4  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:38:35.0663 0x0cd4  drmkaud - ok
16:38:35.0756 0x0cd4  [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:38:35.0803 0x0cd4  DXGKrnl - ok
16:38:35.0850 0x0cd4  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
16:38:35.0897 0x0cd4  EapHost - ok
16:38:36.0084 0x0cd4  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
16:38:36.0178 0x0cd4  ebdrv - ok
16:38:36.0240 0x0cd4  [ BF08DE8E4FA1F143D41B3241F7FCE5F6, 4140BE0ECE0D4B8FDD413DBA120F5D7EF6F94628224320EDA2A85E50BEFDA638 ] EFS             C:\Windows\System32\lsass.exe
16:38:36.0256 0x0cd4  EFS - ok
16:38:36.0349 0x0cd4  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:38:36.0396 0x0cd4  ehRecvr - ok
16:38:36.0443 0x0cd4  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
16:38:36.0458 0x0cd4  ehSched - ok
16:38:36.0536 0x0cd4  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
16:38:36.0568 0x0cd4  elxstor - ok
16:38:36.0630 0x0cd4  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
16:38:36.0646 0x0cd4  ErrDev - ok
16:38:36.0724 0x0cd4  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
16:38:36.0770 0x0cd4  EventSystem - ok
16:38:36.0817 0x0cd4  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
16:38:36.0864 0x0cd4  exfat - ok
16:38:36.0895 0x0cd4  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:38:36.0926 0x0cd4  fastfat - ok
16:38:37.0020 0x0cd4  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
16:38:37.0051 0x0cd4  Fax - ok
16:38:37.0098 0x0cd4  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
16:38:37.0114 0x0cd4  fdc - ok
16:38:37.0145 0x0cd4  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
16:38:37.0192 0x0cd4  fdPHost - ok
16:38:37.0207 0x0cd4  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:38:37.0238 0x0cd4  FDResPub - ok
16:38:37.0270 0x0cd4  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:38:37.0285 0x0cd4  FileInfo - ok
16:38:37.0316 0x0cd4  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:38:37.0348 0x0cd4  Filetrace - ok
16:38:37.0379 0x0cd4  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
16:38:37.0394 0x0cd4  flpydisk - ok
16:38:37.0426 0x0cd4  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:38:37.0426 0x0cd4  Suspicious file ( NoAccess ): C:\Windows\system32\drivers\fltmgr.sys. md5: 7520EC808E0C35E0EE6F841294316653, sha256: 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67
16:38:37.0457 0x0cd4  FltMgr - detected LockedFile.Multi.Generic ( 1 )
16:38:39.0828 0x0cd4  Detect skipped due to KSN trusted
16:38:39.0828 0x0cd4  FltMgr - ok
16:38:39.0953 0x0cd4  [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache       C:\Windows\system32\FntCache.dll
16:38:40.0015 0x0cd4  FontCache - ok
16:38:40.0093 0x0cd4  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
16:38:40.0109 0x0cd4  FontCache3.0.0.0 - ok
16:38:40.0156 0x0cd4  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:38:40.0171 0x0cd4  FsDepends - ok
16:38:40.0202 0x0cd4  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:38:40.0234 0x0cd4  Fs_Rec - ok
16:38:40.0280 0x0cd4  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:38:40.0312 0x0cd4  fvevol - ok
16:38:40.0358 0x0cd4  [ B45F1DF1CCE34E2AF422F0ED78CD70EF, 2B0E705B2274B5801FE70C2A44D9B73BB2D5659BBBB03631737EC55E8D90E997 ] FWLANUSB        C:\Windows\system32\DRIVERS\fwlanusb.sys
16:38:40.0374 0x0cd4  FWLANUSB - ok
16:38:40.0421 0x0cd4  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
16:38:40.0421 0x0cd4  Suspicious file ( NoAccess ): C:\Windows\system32\DRIVERS\gagp30kx.sys. md5: 65EE0C7A58B65E74AE05637418153938, sha256: 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF
16:38:40.0436 0x0cd4  gagp30kx - detected LockedFile.Multi.Generic ( 1 )
16:38:42.0839 0x0cd4  Detect skipped due to KSN trusted
16:38:42.0839 0x0cd4  gagp30kx - ok
16:38:42.0901 0x0cd4  [ 6E755F8DA0790AA6924B8BE91CC99A4B, 7804DC14E6CC1775DB4A7833D0B8FC73C8AA1A2A81F65811FC26FC773FB50670 ] GDBehave        C:\Windows\system32\drivers\GDBehave.sys
16:38:42.0917 0x0cd4  GDBehave - ok
16:38:43.0322 0x0cd4  [ FE489997ABB4335371188561E22E08C7, 8F7859E2228464664B410FCC9224C727784A2EC115D618BF0889BFFEC96D97C2 ] GDFwSvc         C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe
16:38:43.0588 0x0cd4  GDFwSvc - ok
16:38:43.0666 0x0cd4  [ 0B644EB2DA939985D674B653FA446933, BE4517F73A6A20433403100F6B30EDDB194EB243772C8D4AB0C5FB732793FF74 ] GDMnIcpt        C:\Windows\system32\drivers\MiniIcpt.sys
16:38:43.0681 0x0cd4  GDMnIcpt - ok
16:38:43.0759 0x0cd4  [ B7D00C0B098A27937B249E50398D0A73, FD2EF6B9FB85E7A8FB92051C11EB7A3DCD334F9BEAE7F0F242972C06A94BD799 ] GDPkIcpt        C:\Windows\system32\drivers\PktIcpt.sys
16:38:43.0775 0x0cd4  GDPkIcpt - ok
16:38:43.0915 0x0cd4  [ 846972E3EBB10D2F39A69B5E6CF08313, 7E2EC3BBF066C3C40F75F2533D1AB2307C3331FA460243A4F4B31A61714C159E ] GDScan          C:\Program Files\Common Files\G Data\GDScan\GDScan.exe
16:38:43.0946 0x0cd4  GDScan - ok
16:38:44.0009 0x0cd4  [ 3B6E35FDA3AB07A081CA1D0BCB205F19, F0C92BC0152A427D11EA9B1389DA7CDE2BB1DBAE12EE8D9C781E7A215F511D61 ] gdwfpcd         C:\Windows\system32\drivers\gdwfpcd32.sys
16:38:44.0040 0x0cd4  gdwfpcd - ok
16:38:44.0118 0x0cd4  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
16:38:44.0180 0x0cd4  gpsvc - ok
16:38:44.0212 0x0cd4  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
16:38:44.0227 0x0cd4  hcw85cir - ok
16:38:44.0305 0x0cd4  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:38:44.0336 0x0cd4  HdAudAddService - ok
16:38:44.0383 0x0cd4  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
16:38:44.0414 0x0cd4  HDAudBus - ok
16:38:44.0446 0x0cd4  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
16:38:44.0477 0x0cd4  HidBatt - ok
16:38:44.0508 0x0cd4  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
16:38:44.0539 0x0cd4  HidBth - ok
16:38:44.0602 0x0cd4  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
16:38:44.0633 0x0cd4  HidIr - ok
16:38:44.0695 0x0cd4  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\system32\hidserv.dll
16:38:44.0742 0x0cd4  hidserv - ok
16:38:44.0789 0x0cd4  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
16:38:44.0820 0x0cd4  HidUsb - ok
16:38:44.0898 0x0cd4  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:38:44.0929 0x0cd4  hkmsvc - ok
16:38:44.0976 0x0cd4  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:38:45.0007 0x0cd4  HomeGroupListener - ok
16:38:45.0038 0x0cd4  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:38:45.0070 0x0cd4  HomeGroupProvider - ok
16:38:45.0116 0x0cd4  [ 6AD5573C959D466C1BB6360C3CE21FEF, 7CA95C1D756C2223C16B9DF517FCDBBBAAAE3C6FD85F1EE8DA8628ECBD24E93E ] HookCentre      C:\Windows\system32\drivers\HookCentre.sys
16:38:45.0132 0x0cd4  HookCentre - ok
16:38:45.0194 0x0cd4  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
16:38:45.0210 0x0cd4  HpSAMD - ok
16:38:45.0304 0x0cd4  [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:38:45.0366 0x0cd4  HTTP - ok
16:38:45.0413 0x0cd4  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:38:45.0428 0x0cd4  hwpolicy - ok
16:38:45.0475 0x0cd4  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
16:38:45.0522 0x0cd4  i8042prt - ok
16:38:45.0631 0x0cd4  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:38:45.0647 0x0cd4  iaStorV - ok
16:38:45.0787 0x0cd4  [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:38:45.0834 0x0cd4  idsvc - ok
16:38:45.0881 0x0cd4  IEEtwCollectorService - ok
16:38:45.0943 0x0cd4  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
16:38:45.0959 0x0cd4  iirsp - ok
16:38:46.0052 0x0cd4  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
16:38:46.0084 0x0cd4  IKEEXT - ok
16:38:46.0146 0x0cd4  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
16:38:46.0162 0x0cd4  intelide - ok
16:38:46.0193 0x0cd4  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
16:38:46.0224 0x0cd4  intelppm - ok
16:38:46.0271 0x0cd4  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:38:46.0318 0x0cd4  IPBusEnum - ok
16:38:46.0349 0x0cd4  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:38:46.0396 0x0cd4  IpFilterDriver - ok
16:38:46.0489 0x0cd4  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:38:46.0520 0x0cd4  iphlpsvc - ok
16:38:46.0598 0x0cd4  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
16:38:46.0614 0x0cd4  IPMIDRV - ok
16:38:46.0676 0x0cd4  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:38:46.0739 0x0cd4  IPNAT - ok
16:38:46.0786 0x0cd4  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:38:46.0832 0x0cd4  IRENUM - ok
16:38:46.0879 0x0cd4  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:38:46.0895 0x0cd4  isapnp - ok
16:38:46.0926 0x0cd4  [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
16:38:46.0942 0x0cd4  iScsiPrt - ok
16:38:46.0988 0x0cd4  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
16:38:46.0988 0x0cd4  kbdclass - ok
16:38:47.0035 0x0cd4  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
16:38:47.0051 0x0cd4  kbdhid - ok
16:38:47.0082 0x0cd4  [ BF08DE8E4FA1F143D41B3241F7FCE5F6, 4140BE0ECE0D4B8FDD413DBA120F5D7EF6F94628224320EDA2A85E50BEFDA638 ] KeyIso          C:\Windows\system32\lsass.exe
16:38:47.0098 0x0cd4  KeyIso - ok
16:38:47.0129 0x0cd4  [ EF88BAC2B489D9C46F4E41ACF0219CD0, BF0FAF51BB6D0E588E53E483EF48D8D96B33544113892CC723CDEFAE7E5FB97A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:38:47.0144 0x0cd4  KSecDD - ok
16:38:47.0176 0x0cd4  [ 49D70660EE8266988C1F99A0297A1430, D17B7A3118DB42358DEA80D8A21C5F1B0CC33BF74F6570676D4708B36BB91FD4 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:38:47.0191 0x0cd4  KSecPkg - ok
16:38:47.0254 0x0cd4  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:38:47.0316 0x0cd4  KtmRm - ok
16:38:47.0363 0x0cd4  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
16:38:47.0410 0x0cd4  LanmanServer - ok
16:38:47.0472 0x0cd4  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:38:47.0519 0x0cd4  LanmanWorkstation - ok
16:38:47.0612 0x0cd4  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:38:47.0675 0x0cd4  lltdio - ok
16:38:47.0753 0x0cd4  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:38:47.0784 0x0cd4  lltdsvc - ok
16:38:47.0831 0x0cd4  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:38:47.0878 0x0cd4  lmhosts - ok
16:38:47.0924 0x0cd4  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
16:38:47.0940 0x0cd4  LSI_FC - ok
16:38:47.0971 0x0cd4  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
16:38:47.0971 0x0cd4  LSI_SAS - ok
16:38:48.0002 0x0cd4  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:38:48.0002 0x0cd4  LSI_SAS2 - ok
16:38:48.0034 0x0cd4  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:38:48.0065 0x0cd4  LSI_SCSI - ok
16:38:48.0096 0x0cd4  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
16:38:48.0158 0x0cd4  luafv - ok
16:38:48.0221 0x0cd4  [ AB73A39A5E45F465B02C11C500BB0278, 6863B27DA7A0808F232B93CB74ACA09751B6F63FD9FB26EB3FA0282636CE9807 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
16:38:48.0236 0x0cd4  MBAMProtector - ok
16:38:48.0361 0x0cd4  [ 86701B8E4C53280AA8642AC85F8500F4, 6839F2B840410857AE7DA215A17922A7499A9B99D96032756525878E98175103 ] MBAMScheduler   C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
16:38:48.0470 0x0cd4  MBAMScheduler - ok
16:38:48.0595 0x0cd4  [ E27891A49DF92004041FEC5C3A2D4230, A4679A1F10F84935875E35A83FC7075499B8F4CBB543209A38C0D946347CD264 ] MBAMService     C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
16:38:48.0642 0x0cd4  MBAMService - ok
16:38:48.0720 0x0cd4  [ 04B309A1A653177994630C2773E659F1, 1D9F81D2DF513FE177E5308E3DE0CE416109F87FDBD00FE7453FEB6074216C3C ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
16:38:48.0736 0x0cd4  MBAMSwissArmy - ok
16:38:48.0782 0x0cd4  [ 2A1B51A1FE8DC4DC0D52EC700CB02CEF, BF689A361F941F91B63D5F8E54925550333C068F65E59E4DBF0A7B66B8C7EDD6 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
16:38:48.0814 0x0cd4  MBAMWebAccessControl - ok
16:38:48.0860 0x0cd4  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:38:48.0892 0x0cd4  Mcx2Svc - ok
16:38:48.0938 0x0cd4  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
16:38:48.0954 0x0cd4  megasas - ok
16:38:48.0985 0x0cd4  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
16:38:49.0016 0x0cd4  MegaSR - ok
16:38:49.0063 0x0cd4  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
16:38:49.0110 0x0cd4  MMCSS - ok
16:38:49.0141 0x0cd4  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
16:38:49.0188 0x0cd4  Modem - ok
16:38:49.0235 0x0cd4  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:38:49.0282 0x0cd4  monitor - ok
16:38:49.0328 0x0cd4  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
16:38:49.0344 0x0cd4  mouclass - ok
16:38:49.0391 0x0cd4  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:38:49.0406 0x0cd4  mouhid - ok
16:38:49.0453 0x0cd4  [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:38:49.0484 0x0cd4  mountmgr - ok
16:38:49.0594 0x0cd4  [ AE7DAFFEC2CDF695C95925C4C1F8EC02, 9F6F4FDE4678FD506CEBB4BAC29A4B30CDD391F1554B33530009F69F5EE8DB3A ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
16:38:49.0625 0x0cd4  MozillaMaintenance - ok
16:38:49.0672 0x0cd4  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:38:49.0687 0x0cd4  mpio - ok
16:38:49.0734 0x0cd4  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:38:49.0765 0x0cd4  mpsdrv - ok
16:38:49.0843 0x0cd4  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:38:49.0890 0x0cd4  MpsSvc - ok
16:38:49.0937 0x0cd4  [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:38:49.0984 0x0cd4  MRxDAV - ok
16:38:50.0030 0x0cd4  [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:38:50.0062 0x0cd4  mrxsmb - ok
16:38:50.0093 0x0cd4  [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:38:50.0140 0x0cd4  mrxsmb10 - ok
16:38:50.0186 0x0cd4  [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:38:50.0249 0x0cd4  mrxsmb20 - ok
16:38:50.0296 0x0cd4  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
16:38:50.0311 0x0cd4  msahci - ok
16:38:50.0358 0x0cd4  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:38:50.0389 0x0cd4  msdsm - ok
16:38:50.0436 0x0cd4  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
16:38:50.0467 0x0cd4  MSDTC - ok
16:38:50.0514 0x0cd4  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:38:50.0545 0x0cd4  Msfs - ok
16:38:50.0623 0x0cd4  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:38:50.0670 0x0cd4  mshidkmdf - ok
16:38:50.0717 0x0cd4  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:38:50.0732 0x0cd4  msisadrv - ok
16:38:50.0795 0x0cd4  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:38:50.0826 0x0cd4  MSiSCSI - ok
16:38:50.0842 0x0cd4  msiserver - ok
16:38:50.0888 0x0cd4  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:38:50.0935 0x0cd4  MSKSSRV - ok
16:38:50.0951 0x0cd4  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:38:50.0966 0x0cd4  MSPCLOCK - ok
16:38:50.0998 0x0cd4  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:38:51.0044 0x0cd4  MSPQM - ok
16:38:51.0076 0x0cd4  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:38:51.0076 0x0cd4  Suspicious file ( NoAccess ): C:\Windows\system32\drivers\MsRPC.sys. md5: 0E008FC4819D238C51D7C93E7B41E560, sha256: 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2
16:38:51.0091 0x0cd4  MsRPC - detected LockedFile.Multi.Generic ( 1 )
16:38:53.0478 0x0cd4  Detect skipped due to KSN trusted
16:38:53.0478 0x0cd4  MsRPC - ok
16:38:53.0540 0x0cd4  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
16:38:53.0556 0x0cd4  mssmbios - ok
16:38:53.0634 0x0cd4  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:38:53.0634 0x0cd4  Suspicious file ( NoAccess ): C:\Windows\system32\drivers\MSTEE.sys. md5: B42C6B921F61A6E55159B8BE6CD54A36, sha256: 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C
16:38:53.0650 0x0cd4  MSTEE - detected LockedFile.Multi.Generic ( 1 )
16:38:56.0036 0x0cd4  Detect skipped due to KSN trusted
16:38:56.0036 0x0cd4  MSTEE - ok
16:38:56.0083 0x0cd4  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
16:38:56.0083 0x0cd4  Suspicious file ( NoAccess ): C:\Windows\system32\DRIVERS\MTConfig.sys. md5: 33599130F44E1F34631CEA241DE8AC84, sha256: E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B
16:38:56.0099 0x0cd4  MTConfig - detected LockedFile.Multi.Generic ( 1 )
16:38:58.0486 0x0cd4  Detect skipped due to KSN trusted
16:38:58.0486 0x0cd4  MTConfig - ok
16:38:58.0532 0x0cd4  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
16:38:58.0532 0x0cd4  Suspicious file ( NoAccess ): C:\Windows\system32\Drivers\mup.sys. md5: 159FAD02F64E6381758C990F753BCC80, sha256: E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598
16:38:58.0610 0x0cd4  Mup - detected LockedFile.Multi.Generic ( 1 )
16:39:01.0231 0x0cd4  Detect skipped due to KSN trusted
16:39:01.0231 0x0cd4  Mup - ok
16:39:01.0309 0x0cd4  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
16:39:01.0372 0x0cd4  napagent - ok
16:39:01.0418 0x0cd4  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:39:01.0418 0x0cd4  Suspicious file ( NoAccess ): C:\Windows\system32\DRIVERS\nwifi.sys. md5: 26384429FCD85D83746F63E798AB1480, sha256: 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB
16:39:01.0465 0x0cd4  NativeWifiP - detected LockedFile.Multi.Generic ( 1 )
16:39:03.0852 0x0cd4  Detect skipped due to KSN trusted
16:39:03.0852 0x0cd4  NativeWifiP - ok
16:39:03.0961 0x0cd4  [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:39:03.0961 0x0cd4  Suspicious file ( NoAccess ): C:\Windows\system32\drivers\ndis.sys. md5: 8C9C922D71F1CD4DEF73F186416B7896, sha256: 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7
16:39:04.0024 0x0cd4  NDIS - detected LockedFile.Multi.Generic ( 1 )
16:39:06.0395 0x0cd4  Detect skipped due to KSN trusted
16:39:06.0395 0x0cd4  NDIS - ok
16:39:06.0457 0x0cd4  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
16:39:06.0457 0x0cd4  Suspicious file ( NoAccess ): C:\Windows\system32\DRIVERS\ndiscap.sys. md5: 0E1787AA6C9191D3D319E8BAFE86F80C, sha256: F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278
16:39:06.0473 0x0cd4  NdisCap - detected LockedFile.Multi.Generic ( 1 )
16:39:08.0860 0x0cd4  Detect skipped due to KSN trusted
16:39:08.0860 0x0cd4  NdisCap - ok
16:39:08.0891 0x0cd4  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:39:08.0891 0x0cd4  Suspicious file ( NoAccess ): C:\Windows\system32\DRIVERS\ndistapi.sys. md5: E4A8AEC125A2E43A9E32AFEEA7C9C888, sha256: 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55
16:39:08.0922 0x0cd4  NdisTapi - detected LockedFile.Multi.Generic ( 1 )
16:39:18.0937 0x0cd4  Object is SCO, delete is not allowed
16:39:18.0937 0x0cd4  NdisTapi ( LockedFile.Multi.Generic ) - warning
16:39:22.0385 0x0cd4  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:39:22.0385 0x0cd4  Suspicious file ( NoAccess ): C:\Windows\system32\DRIVERS\ndisuio.sys. md5: D8A65DAFB3EB41CBB622745676FCD072, sha256: 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7
16:39:22.0416 0x0cd4  Ndisuio - detected LockedFile.Multi.Generic ( 1 )
16:39:24.0803 0x0cd4  Detect skipped due to KSN trusted
16:39:24.0803 0x0cd4  Ndisuio - ok
16:39:24.0850 0x0cd4  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:39:24.0850 0x0cd4  Suspicious file ( NoAccess ): C:\Windows\system32\DRIVERS\ndiswan.sys. md5: 38FBE267E7E6983311179230FACB1017, sha256: CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14
16:39:24.0881 0x0cd4  NdisWan - detected LockedFile.Multi.Generic ( 1 )
16:39:27.0268 0x0cd4  Detect skipped due to KSN trusted
16:39:27.0268 0x0cd4  NdisWan - ok
16:39:27.0330 0x0cd4  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:39:27.0330 0x0cd4  Suspicious file ( NoAccess ): C:\Windows\system32\drivers\NDProxy.sys. md5: A4BDC541E69674FBFF1A8FF00BE913F2, sha256: 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA
16:39:27.0361 0x0cd4  NDProxy - detected LockedFile.Multi.Generic ( 1 )
16:39:29.0748 0x0cd4  Detect skipped due to KSN trusted
16:39:29.0748 0x0cd4  NDProxy - ok
16:39:29.0795 0x0cd4  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:39:29.0810 0x0cd4  Suspicious file ( NoAccess ): C:\Windows\system32\DRIVERS\netbios.sys. md5: 80B275B1CE3B0E79909DB7B39AF74D51, sha256: 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796
16:39:29.0826 0x0cd4  NetBIOS - detected LockedFile.Multi.Generic ( 1 )
16:39:32.0213 0x0cd4  Detect skipped due to KSN trusted
16:39:32.0213 0x0cd4  NetBIOS - ok
16:39:32.0291 0x0cd4  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:39:32.0291 0x0cd4  Suspicious file ( NoAccess ): C:\Windows\system32\DRIVERS\netbt.sys. md5: 280122DDCF04B378EDD1AD54D71C1E54, sha256: F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0
16:39:32.0353 0x0cd4  NetBT - detected LockedFile.Multi.Generic ( 1 )
16:39:34.0740 0x0cd4  Detect skipped due to KSN trusted
16:39:34.0740 0x0cd4  NetBT - ok
16:39:34.0802 0x0cd4  [ BF08DE8E4FA1F143D41B3241F7FCE5F6, 4140BE0ECE0D4B8FDD413DBA120F5D7EF6F94628224320EDA2A85E50BEFDA638 ] Netlogon        C:\Windows\system32\lsass.exe
16:39:34.0818 0x0cd4  Netlogon - ok
16:39:34.0880 0x0cd4  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
16:39:34.0912 0x0cd4  Netman - ok
16:39:34.0974 0x0cd4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
16:39:35.0005 0x0cd4  NetMsmqActivator - ok
16:39:35.0036 0x0cd4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
16:39:35.0052 0x0cd4  NetPipeActivator - ok
16:39:35.0130 0x0cd4  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
16:39:35.0177 0x0cd4  netprofm - ok
16:39:35.0224 0x0cd4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
16:39:35.0255 0x0cd4  NetTcpActivator - ok
16:39:35.0302 0x0cd4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
16:39:35.0333 0x0cd4  NetTcpPortSharing - ok
16:39:35.0364 0x0cd4  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
16:39:35.0364 0x0cd4  Suspicious file ( NoAccess ): C:\Windows\system32\DRIVERS\nfrd960.sys. md5: 1D85C4B390B0EE09C7A46B91EFB2C097, sha256: 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348
16:39:35.0411 0x0cd4  nfrd960 - detected LockedFile.Multi.Generic ( 1 )
16:39:37.0782 0x0cd4  Detect skipped due to KSN trusted
16:39:37.0782 0x0cd4  nfrd960 - ok
16:39:37.0860 0x0cd4  [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:39:37.0876 0x0cd4  NlaSvc - ok
16:39:37.0922 0x0cd4  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:39:37.0922 0x0cd4  Suspicious file ( NoAccess ): C:\Windows\system32\drivers\Npfs.sys. md5: 1DB262A9F8C087E8153D89BEF3D2235F, sha256: A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101
16:39:37.0954 0x0cd4  Npfs - detected LockedFile.Multi.Generic ( 1 )
16:39:40.0325 0x0cd4  Detect skipped due to KSN trusted
16:39:40.0325 0x0cd4  Npfs - ok
16:39:40.0372 0x0cd4  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
16:39:40.0418 0x0cd4  nsi - ok
16:39:40.0450 0x0cd4  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:39:40.0450 0x0cd4  Suspicious file ( NoAccess ): C:\Windows\system32\drivers\nsiproxy.sys. md5: E9A0A4D07E53D8FEA2BB8387A3293C58, sha256: 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A
16:39:40.0481 0x0cd4  nsiproxy - detected LockedFile.Multi.Generic ( 1 )
16:39:42.0852 0x0cd4  Detect skipped due to KSN trusted
16:39:42.0852 0x0cd4  nsiproxy - ok
16:39:42.0961 0x0cd4  [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:39:42.0961 0x0cd4  Suspicious file ( NoAccess ): C:\Windows\system32\drivers\Ntfs.sys. md5: C8DFF8D07755A66C7A4A738930F0FEAC, sha256: A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA
16:39:43.0008 0x0cd4  Ntfs - detected LockedFile.Multi.Generic ( 1 )
16:39:45.0395 0x0cd4  Detect skipped due to KSN trusted
16:39:45.0395 0x0cd4  Ntfs - ok
16:39:45.0426 0x0cd4  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
16:39:45.0426 0x0cd4  Suspicious file ( NoAccess ): C:\Windows\system32\drivers\Null.sys. md5: F9756A98D69098DCA8945D62858A812C, sha256: 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045
16:39:45.0457 0x0cd4  Null - detected LockedFile.Multi.Generic ( 1 )
16:39:47.0844 0x0cd4  Detect skipped due to KSN trusted
16:39:47.0844 0x0cd4  Null - ok
16:39:48.0094 0x0cd4  [ B5E37E31C053BC9950455A257526514B, 16E2880621F3AA12BDADE71CD7682CA79E2A199D3C9E3E5927C49DCEF0F6183B ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x32.sys
16:39:48.0094 0x0cd4  Suspicious file ( NoAccess ): C:\Windows\system32\DRIVERS\nvm62x32.sys. md5: B5E37E31C053BC9950455A257526514B, sha256: 16E2880621F3AA12BDADE71CD7682CA79E2A199D3C9E3E5927C49DCEF0F6183B
16:39:48.0140 0x0cd4  NVENETFD - detected LockedFile.Multi.Generic ( 1 )
16:39:50.0512 0x0cd4  Detect skipped due to KSN trusted
16:39:50.0512 0x0cd4  NVENETFD - ok
16:39:50.0933 0x0cd4  [ B69E6F70CE1151C8D62ABC9DEF64DFBE, B7BD731D1CCF4E71EF1CF4AFA9189C1831306483B4BF57B12B89113A5230871B ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:39:50.0933 0x0cd4  Suspicious file ( NoAccess ): C:\Windows\system32\DRIVERS\nvlddmkm.sys. md5: B69E6F70CE1151C8D62ABC9DEF64DFBE, sha256: B7BD731D1CCF4E71EF1CF4AFA9189C1831306483B4BF57B12B89113A5230871B
16:39:50.0995 0x0cd4  nvlddmkm - detected LockedFile.Multi.Generic ( 1 )
16:39:53.0382 0x0cd4  Detect skipped due to KSN trusted
16:39:53.0398 0x0cd4  nvlddmkm - ok
16:39:53.0444 0x0cd4  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:39:53.0444 0x0cd4  Suspicious file ( NoAccess ): C:\Windows\system32\drivers\nvraid.sys. md5: B3E25EE28883877076E0E1FF877D02E0, sha256: 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C
16:39:53.0491 0x0cd4  nvraid - detected LockedFile.Multi.Generic ( 1 )
16:39:55.0862 0x0cd4  Detect skipped due to KSN trusted
16:39:55.0862 0x0cd4  nvraid - ok
16:39:56.0065 0x0cd4  [ C44EE36DD84FA95EB81D79C374756003, 1BBFA4A473CA0B19346EA458430377B1979BB533ECDAB2297D7E767DF9BD3682 ] nvsmu           C:\Windows\system32\DRIVERS\nvsmu.sys
16:39:56.0065 0x0cd4  Suspicious file ( NoAccess ): C:\Windows\system32\DRIVERS\nvsmu.sys. md5: C44EE36DD84FA95EB81D79C374756003, sha256: 1BBFA4A473CA0B19346EA458430377B1979BB533ECDAB2297D7E767DF9BD3682
16:39:56.0096 0x0cd4  nvsmu - detected LockedFile.Multi.Generic ( 1 )
16:39:58.0483 0x0cd4  Detect skipped due to KSN trusted
16:39:58.0483 0x0cd4  nvsmu - ok
16:39:58.0561 0x0cd4  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:39:58.0561 0x0cd4  Suspicious file ( NoAccess ): C:\Windows\system32\drivers\nvstor.sys. md5: 4380E59A170D88C4F1022EFF6719A8A4, sha256: 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2
16:39:58.0608 0x0cd4  nvstor - detected LockedFile.Multi.Generic ( 1 )
16:40:00.0979 0x0cd4  Detect skipped due to KSN trusted
16:40:00.0979 0x0cd4  nvstor - ok
16:40:01.0088 0x0cd4  [ E4284FCF99FEA13A7E1836F87AE356F6, 541C40DD3483810632320E8F23427BB52593D156E876C6023BE7F7A8589383E8 ] nvsvc           C:\Windows\system32\nvvsvc.exe
16:40:01.0135 0x0cd4  nvsvc - ok
16:40:01.0291 0x0cd4  [ 03E60E0BFA53ED15DC984FA34B44BB0F, 50ABF2E303B9A2B6DDD0DB411C24C3CD6CC30AFA664B5682CF9189F96548CC10 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
16:40:01.0354 0x0cd4  nvUpdatusService - ok
16:40:01.0416 0x0cd4  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:40:01.0416 0x0cd4  Suspicious file ( NoAccess ): C:\Windows\system32\drivers\nv_agp.sys. md5: 5A0983915F02BAE73267CC2A041F717D, sha256: D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8
16:40:01.0447 0x0cd4  nv_agp - detected LockedFile.Multi.Generic ( 1 )
16:40:03.0834 0x0cd4  Detect skipped due to KSN trusted
16:40:03.0834 0x0cd4  nv_agp - ok
16:40:04.0084 0x0cd4  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
16:40:04.0084 0x0cd4  Suspicious file ( NoAccess ): C:\Windows\system32\drivers\ohci1394.sys. md5: 08A70A1F2CDDE9BB49B885CB817A66EB, sha256: 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63
16:40:04.0115 0x0cd4  ohci1394 - detected LockedFile.Multi.Generic ( 1 )
16:40:06.0486 0x0cd4  Detect skipped due to KSN trusted
16:40:06.0486 0x0cd4  ohci1394 - ok
16:40:06.0564 0x0cd4  [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:40:06.0580 0x0cd4  ose - ok
16:40:06.0626 0x0cd4  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:40:06.0658 0x0cd4  p2pimsvc - ok
16:40:06.0720 0x0cd4  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
16:40:06.0736 0x0cd4  p2psvc - ok
16:40:06.0782 0x0cd4  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\DRIVERS\parport.sys
16:40:06.0782 0x0cd4  Suspicious file ( NoAccess ): C:\Windows\system32\DRIVERS\parport.sys. md5: 2EA877ED5DD9713C5AC74E8EA7348D14, sha256: 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE
16:40:06.0798 0x0cd4  Parport - detected LockedFile.Multi.Generic ( 1 )
16:40:09.0185 0x0cd4  Detect skipped due to KSN trusted
16:40:09.0185 0x0cd4  Parport - ok
16:40:09.0232 0x0cd4  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:40:09.0232 0x0cd4  Suspicious file ( NoAccess ): C:\Windows\system32\drivers\partmgr.sys. md5: 3F34A1B4C5F6475F320C275E63AFCE9B, sha256: 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B
16:40:09.0247 0x0cd4  partmgr - detected LockedFile.Multi.Generic ( 1 )
16:40:11.0634 0x0cd4  Detect skipped due to KSN trusted
16:40:11.0634 0x0cd4  partmgr - ok
16:40:11.0681 0x0cd4  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
16:40:11.0681 0x0cd4  Suspicious file ( NoAccess ): C:\Windows\system32\DRIVERS\parvdm.sys. md5: EB0A59F29C19B86479D36B35983DAADC, sha256: AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8
16:40:11.0681 0x0cd4  Parvdm - detected LockedFile.Multi.Generic ( 1 )
16:40:14.0068 0x0cd4  Detect skipped due to KSN trusted
16:40:14.0068 0x0cd4  Parvdm - ok
16:40:14.0130 0x0cd4  [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:40:14.0161 0x0cd4  PcaSvc - ok
16:40:14.0208 0x0cd4  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
16:40:14.0208 0x0cd4  Suspicious file ( NoAccess ): C:\Windows\system32\drivers\pci.sys. md5: 673E55C3498EB970088E812EA820AA8F, sha256: 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5
16:40:14.0239 0x0cd4  pci - detected LockedFile.Multi.Generic ( 1 )
16:40:16.0626 0x0cd4  Detect skipped due to KSN trusted
16:40:16.0626 0x0cd4  pci - ok
16:40:16.0688 0x0cd4  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
16:40:16.0688 0x0cd4  Suspicious file ( NoAccess ): C:\Windows\system32\drivers\pciide.sys. md5: AFE86F419014DB4E5593F69FFE26CE0A, sha256: CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00
16:40:16.0704 0x0cd4  pciide - detected LockedFile.Multi.Generic ( 1 )
16:40:19.0091 0x0cd4  Detect skipped due to KSN trusted
16:40:19.0091 0x0cd4  pciide - ok
16:40:19.0169 0x0cd4  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
16:40:19.0169 0x0cd4  Suspicious file ( NoAccess ): C:\Windows\system32\DRIVERS\pcmcia.sys. md5: F396431B31693E71E8A80687EF523506, sha256: BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B
16:40:19.0200 0x0cd4  pcmcia - detected LockedFile.Multi.Generic ( 1 )
16:40:21.0571 0x0cd4  Detect skipped due to KSN trusted
16:40:21.0571 0x0cd4  pcmcia - ok
16:40:21.0602 0x0cd4  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:40:21.0602 0x0cd4  Suspicious file ( NoAccess ): C:\Windows\system32\drivers\pcw.sys. md5: 250F6B43D2B613172035C6747AEEB19F, sha256: A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9
16:40:21.0602 0x0cd4  pcw - detected LockedFile.Multi.Generic ( 1 )
16:40:31.0618 0x0cd4  pcw ( LockedFile.Multi.Generic ) - warning
16:40:31.0618 0x0cd4  Force sending object to P2P due to detect: pcw
16:40:35.0112 0x0cd4  Object send P2P result: true
16:40:37.0592 0x0cd4  [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:40:37.0592 0x0cd4  Suspicious file ( NoAccess ): C:\Windows\system32\drivers\peauth.sys. md5: 9E0104BA49F4E6973749A02BF41344ED, sha256: B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116
16:40:37.0639 0x0cd4  PEAUTH - detected LockedFile.Multi.Generic ( 1 )
16:40:40.0010 0x0cd4  Detect skipped due to KSN trusted
16:40:40.0010 0x0cd4  PEAUTH - ok
16:40:40.0182 0x0cd4  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
16:40:40.0260 0x0cd4  pla - ok
16:40:40.0354 0x0cd4  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:40:40.0369 0x0cd4  PlugPlay - ok
16:40:40.0416 0x0cd4  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:40:40.0432 0x0cd4  PNRPAutoReg - ok
16:40:40.0463 0x0cd4  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:40:40.0478 0x0cd4  PNRPsvc - ok
16:40:40.0556 0x0cd4  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:40:40.0603 0x0cd4  PolicyAgent - ok
16:40:40.0650 0x0cd4  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
16:40:40.0681 0x0cd4  Power - ok
16:40:40.0728 0x0cd4  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:40:40.0728 0x0cd4  Suspicious file ( NoAccess ): C:\Windows\system32\DRIVERS\raspptp.sys. md5: 631E3E205AD6D86F2AED6A4A8E69F2DB, sha256: 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065
16:40:40.0744 0x0cd4  PptpMiniport - detected LockedFile.Multi.Generic ( 1 )
16:40:43.0130 0x0cd4  Detect skipped due to KSN trusted
16:40:43.0130 0x0cd4  PptpMiniport - ok
16:40:43.0193 0x0cd4  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
16:40:43.0193 0x0cd4  Suspicious file ( NoAccess ): C:\Windows\system32\DRIVERS\processr.sys. md5: 85B1E3A0C7585BC4AAE6899EC6FCF011, sha256: 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3
16:40:43.0224 0x0cd4  Processor - detected LockedFile.Multi.Generic ( 1 )
16:40:45.0595 0x0cd4  Detect skipped due to KSN trusted
16:40:45.0595 0x0cd4  Processor - ok
16:40:45.0673 0x0cd4  [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc         C:\Windows\system32\profsvc.dll
16:40:45.0704 0x0cd4  ProfSvc - ok
16:40:45.0720 0x0cd4  [ BF08DE8E4FA1F143D41B3241F7FCE5F6, 4140BE0ECE0D4B8FDD413DBA120F5D7EF6F94628224320EDA2A85E50BEFDA638 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:40:45.0736 0x0cd4  ProtectedStorage - ok
16:40:45.0767 0x0cd4  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
16:40:45.0767 0x0cd4  Suspicious file ( NoAccess ): C:\Windows\system32\DRIVERS\pacer.sys. md5: 6270CCAE2A86DE6D146529FE55B3246A, sha256: 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883
16:40:45.0782 0x0cd4  Psched - detected LockedFile.Multi.Generic ( 1 )
16:40:48.0169 0x0cd4  Detect skipped due to KSN trusted
16:40:48.0169 0x0cd4  Psched - o

 

Themen zu G data blockiert , keine Systemwiederherstellung möglich , Taskmanager funktioniert nicht
angeblich, ausführen, blockiert, data, ellung, funktionier, funktioniert, funktioniert nicht, g data, installier, installiert, kurzem, link, mail, neuinstallierung, nicht mehr, ratlos, rechner, retten, rätsel, sperrt, starte, systemwiederherstellung, taskma, taskmanager


« Virus miditest exe oder memtest exe | Windows 8.1 Viele Fehler. Unerwünschte Werbung, Pop Up, System wird immer langsamer »


Ähnliche Themen: G data blockiert , keine Systemwiederherstellung möglich , Taskmanager funktioniert nicht


  1. Zertifikatfehler,Datum falsch,keine SystemWiederherstellung möglich,alle Programme blockieren,
    Log-Analyse und Auswertung - 12.11.2015 (11)
  2. Systemwiederherstellung nicht möglich
    Alles rund um Windows - 04.10.2015 (2)
  3. Avira antivir guard lässt sich nicht aktivieren / keine Systemwiederherstellung möglich
    Antiviren-, Firewall- und andere Schutzprogramme - 24.09.2014 (25)
  4. Keine Downloads Internet möglich, Office 2013 funktioniert nicht
    Plagegeister aller Art und deren Bekämpfung - 03.06.2014 (41)
  5. BKA Trojaner (Firefox) - noch funktioniert alles, keine Systemwh. möglich
    Plagegeister aller Art und deren Bekämpfung - 23.11.2013 (7)
  6. GVU Trojaner - Systemwiederherstellung funktioniert nicht
    Plagegeister aller Art und deren Bekämpfung - 25.07.2013 (3)
  7. BKA-Virus: Kein Internet, kein abgesicherter Modus, keine Systemwiederherstellung möglich
    Plagegeister aller Art und deren Bekämpfung - 14.11.2012 (40)
  8. Ukash Trojaner vom 07.06.2012 - Keine Systemwiederherstellung möglich
    Plagegeister aller Art und deren Bekämpfung - 15.06.2012 (7)
  9. Trojaner aus Emailanhang, keine Systemwiederherstellung möglich
    Plagegeister aller Art und deren Bekämpfung - 23.05.2012 (5)
  10. Bka Trojaner keine systemwiederherstellung möglich
    Plagegeister aller Art und deren Bekämpfung - 10.08.2011 (5)
  11. Systemwiederherstellung XP funktioniert nicht
    Plagegeister aller Art und deren Bekämpfung - 14.06.2011 (2)
  12. Windows kann nicht gestartet werden - keine Systemwiederherstellung möglich
    Alles rund um Windows - 26.03.2011 (5)
  13. Hilft mir bitte, kein Desktop mehr auch keine Systemwiederherstellung möglich >.<
    Log-Analyse und Auswertung - 29.10.2009 (1)
  14. keine Netzwerkverbindung,Systemwiederherstellung mehr möglich!
    Plagegeister aller Art und deren Bekämpfung - 08.03.2009 (8)
  15. keine installations-cd, systemwiederherstellung nicht möglich
    Alles rund um Windows - 08.01.2008 (5)
  16. Systemwiederherstellung funktioniert nicht
    Alles rund um Windows - 17.01.2006 (3)
  17. systemwiederherstellung funktioniert/geht nicht
    Alles rund um Windows - 29.12.2004 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema G data blockiert , keine Systemwiederherstellung möglich , Taskmanager funktioniert nicht - Code: Alles auswählen Aufklappen ATTFilter 16:34:55.0048 0x0ac0 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04 16:34:59.0603 0x0ac0 ============================================================ 16:34:59.0603 0x0ac0 Current date / time: 2015/04/01 16:34:59.0603 16:34:59.0603 0x0ac0 SystemInfo: - G data blockiert , keine Systemwiederherstellung möglich , Taskmanager funktioniert nicht...
Archiv
Du betrachtest: G data blockiert , keine Systemwiederherstellung möglich , Taskmanager funktioniert nicht auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131