| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: MatasploitWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
04.11.2015, 18:38
| #1 | |
 |  Matasploit Hallo ich denke das sich jemand mit einem backdoor zugang zu meinem PC verschafft hat ! Könnte das mal jemand prüfen bitte ?
__________________ Zitat:
|
|
04.11.2015, 18:55
| #2 |
| /// the machine /// TB-Ausbilder    | Matasploit hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
04.11.2015, 19:02
| #3 |
| | MatasploitCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:04-11-2015 durchgeführt von x4v33r (Administrator) auf X4V33R-PC (04-11-2015 18:59:54) Gestartet von C:\Users\x4v33r\Downloads Geladene Profile: x4v33r (Verfügbare Profile: x4v33r) Platform: Windows 7 Ultimate Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe (RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (Microsoft Corporation) C:\Windows\System32\StikyNot.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [14862456 2015-09-01] (Logitech Inc.) HKU\S-1-5-21-818604781-4030078785-4170327772-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation) HKU\S-1-5-21-818604781-4030078785-4170327772-1000\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-818604781-4030078785-4170327772-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8551848 2015-10-19] (Piriform Ltd) ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{4689DC39-C74F-478D-A57D-EEB135698D28}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-20] (AO Kaspersky Lab) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-15] (Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-10-20] (AO Kaspersky Lab) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-15] (Oracle Corporation) Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-20] (AO Kaspersky Lab) Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-10-20] (AO Kaspersky Lab) FireFox: ======== FF ProfilePath: C:\Users\x4v33r\AppData\Roaming\Mozilla\Firefox\Profiles\ouzaoh4v.default FF Homepage: about:home FF NetworkProxy: "gopher", "" FF NetworkProxy: "gopher_port", 0 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-16] () FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-08-06] (Adobe Systems) FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-16] () FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-15] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-15] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-03] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-03] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-08-06] (Adobe Systems) FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems) FF Extension: FT DeepDark - C:\Users\x4v33r\AppData\Roaming\Mozilla\Firefox\Profiles\ouzaoh4v.default\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2015-10-10] FF Extension: A1 Servicecenter - C:\Users\x4v33r\AppData\Roaming\Mozilla\Firefox\Profiles\ouzaoh4v.default\Extensions\{} [2015-09-29] [ist nicht signiert] FF Extension: NoScript - C:\Users\x4v33r\AppData\Roaming\Mozilla\Firefox\Profiles\ouzaoh4v.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-10-27] FF Extension: Adblock Plus - C:\Users\x4v33r\AppData\Roaming\Mozilla\Firefox\Profiles\ouzaoh4v.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-24] FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2015-10-20] [ist nicht signiert] Chrome: ======= CHR Profile: C:\Users\x4v33r\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\x4v33r\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-19] CHR Extension: (Google Drive) - C:\Users\x4v33r\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-19] CHR Extension: (YouTube) - C:\Users\x4v33r\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-13] CHR Extension: (Google-Suche) - C:\Users\x4v33r\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-19] CHR Extension: (Kaspersky Protection) - C:\Users\x4v33r\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka [2015-10-13] CHR Extension: (Google Tabellen) - C:\Users\x4v33r\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-15] CHR Extension: (Google Text & Tabellen Offline) - C:\Users\x4v33r\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-15] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\x4v33r\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-15] CHR Extension: (Google Mail) - C:\Users\x4v33r\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-19] CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2015936 2015-09-29] (Adobe Systems, Incorporated) R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-09-15] (Kaspersky Lab ZAO) R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [63968 2015-08-10] (CyberGhost S.R.L) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-28] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-28] (Dropbox, Inc.) R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [216576 2015-09-09] () [Datei ist nicht signiert] R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation) R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [192120 2015-09-01] (Logitech Inc.) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation) S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [38200 2015-08-04] (The OpenVPN Project) S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-07-03] (Secunia) R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-07-03] (Secunia) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert] R2 Themes; C:\Windows\system32\themeservice.dll [44544 2015-09-22] (Microsoft Corporation) [Datei ist nicht signiert] R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\Unchecky_svc.exe [241400 2015-10-13] (RaMMicHaeL) S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-08] (AO Kaspersky Lab) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-05] (Kaspersky Lab ZAO) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-09-15] (REALiX(tm)) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO) R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO) R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70000 2015-06-27] (Kaspersky Lab ZAO) R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [68280 2015-06-06] (Kaspersky Lab ZAO) R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [181640 2015-10-20] (AO Kaspersky Lab) R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [227000 2015-10-20] (AO Kaspersky Lab) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [940936 2015-10-20] (AO Kaspersky Lab) R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [39096 2015-06-11] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [41144 2015-06-06] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-09-26] (AO Kaspersky Lab) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO) R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [103096 2015-06-16] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO) R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech) R3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-11-04] (Malwarebytes) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation) S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-07-03] (Secunia) R2 VMparport; C:\Windows\system32\drivers\VMparport.sys [31936 2015-08-14] (VMware, Inc.) R0 vsock; C:\Windows\System32\drivers\vsock.sys [75512 2015-08-04] (VMware, Inc.) S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X] U4 klkbdflt2; system32\DRIVERS\klkbdflt2.sys [X] S3 MBfilt; system32\drivers\MBfilt64.sys [X] S3 MSICDSetup; \??\D:\CDriver64.sys [X] S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-11-04 18:59 - 2015-11-04 18:59 - 02198016 _____ (Farbar) C:\Users\x4v33r\Downloads\FRST64.exe 2015-11-04 18:59 - 2015-11-04 18:59 - 00021827 _____ C:\Users\x4v33r\Downloads\FRST.txt 2015-11-04 18:59 - 2015-11-04 18:59 - 00000000 ____D C:\FRST 2015-11-04 18:49 - 2015-11-04 18:49 - 01708032 _____ C:\Users\x4v33r\Downloads\adwcleaner_5.017.exe 2015-11-04 16:26 - 2015-11-04 16:26 - 00000022 _____ C:\Windows\S.dirmngr 2015-11-03 21:50 - 2015-11-03 21:50 - 00000000 ____D C:\ProgramData\SystemRequirementsLab 2015-11-03 21:50 - 2015-11-03 21:50 - 00000000 ____D C:\Program Files (x86)\SystemRequirementsLab 2015-11-03 16:28 - 2015-11-04 18:54 - 00001147 _____ C:\Windows\setupact.log 2015-11-03 16:28 - 2015-11-03 16:28 - 00000000 _____ C:\Windows\setuperr.log 2015-11-02 19:29 - 2015-11-02 19:29 - 06762072 _____ (Piriform Ltd) C:\Users\x4v33r\Downloads\ccsetup511.exe 2015-11-01 22:32 - 2015-11-01 22:32 - 00000000 ____D C:\Users\x4v33r\Downloads\Spielfeld Flüchtlingslager 28 10 2015 2015-10-26 10:19 - 2010-07-21 22:08 - 01864192 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll 2015-10-24 15:32 - 2015-10-24 15:35 - 00000000 ____D C:\Users\x4v33r\AppData\Local\CyberGhost 2015-10-24 15:32 - 2015-10-24 15:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 5 2015-10-24 13:41 - 2015-10-24 13:41 - 00001759 _____ C:\Users\x4v33r\Desktop\public key.txt 2015-10-24 13:39 - 2015-10-24 13:39 - 00001263 _____ C:\Users\x4v33r\AppData\Local\recently-used.xbel 2015-10-17 08:31 - 2015-10-17 08:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-10-15 22:07 - 2015-10-17 13:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-10-15 21:10 - 2015-10-15 21:17 - 00000000 ____D C:\Users\x4v33r\AppData\Local\Battle.net 2015-10-15 21:10 - 2015-10-15 21:11 - 00000000 ____D C:\Users\x4v33r\AppData\Roaming\Battle.net 2015-10-15 21:10 - 2015-10-15 21:10 - 00000000 ____D C:\Users\x4v33r\AppData\Local\Blizzard Entertainment 2015-10-15 21:10 - 2015-10-15 21:10 - 00000000 ____D C:\ProgramData\Blizzard Entertainment 2015-10-15 21:09 - 2015-10-15 21:10 - 00000000 ____D C:\Program Files (x86)\Battle.net 2015-10-15 21:09 - 2015-10-15 21:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net 2015-10-15 21:08 - 2015-10-15 21:08 - 00000000 ____D C:\ProgramData\Battle.net 2015-10-14 14:30 - 2015-09-18 20:31 - 00391784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-10-14 14:30 - 2015-09-18 19:58 - 00345688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-10-14 14:30 - 2015-09-16 05:48 - 25851904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-10-14 14:30 - 2015-09-16 05:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-10-14 14:30 - 2015-09-16 05:36 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-10-14 14:30 - 2015-09-16 05:22 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-10-14 14:30 - 2015-09-16 05:21 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-10-14 14:30 - 2015-09-16 05:21 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-10-14 14:30 - 2015-09-16 05:21 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-10-14 14:30 - 2015-09-16 05:21 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-10-14 14:30 - 2015-09-16 05:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-10-14 14:30 - 2015-09-16 05:14 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-10-14 14:30 - 2015-09-16 05:13 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-10-14 14:30 - 2015-09-16 05:10 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-10-14 14:30 - 2015-09-16 05:09 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-10-14 14:30 - 2015-09-16 05:08 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-10-14 14:30 - 2015-09-16 05:08 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-10-14 14:30 - 2015-09-16 05:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-10-14 14:30 - 2015-09-16 05:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-10-14 14:30 - 2015-09-16 05:01 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-10-14 14:30 - 2015-09-16 04:58 - 20357632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-10-14 14:30 - 2015-09-16 04:58 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-10-14 14:30 - 2015-09-16 04:50 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-10-14 14:30 - 2015-09-16 04:46 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-10-14 14:30 - 2015-09-16 04:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-10-14 14:30 - 2015-09-16 04:45 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-10-14 14:30 - 2015-09-16 04:43 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-10-14 14:30 - 2015-09-16 04:41 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2015-10-14 14:30 - 2015-09-16 04:33 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-10-14 14:30 - 2015-09-16 04:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-10-14 14:30 - 2015-09-16 04:32 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-10-14 14:30 - 2015-09-16 04:32 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-10-14 14:30 - 2015-09-16 04:31 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-10-14 14:30 - 2015-09-16 04:31 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-10-14 14:30 - 2015-09-16 04:29 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-10-14 14:30 - 2015-09-16 04:29 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-10-14 14:30 - 2015-09-16 04:28 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-10-14 14:30 - 2015-09-16 04:28 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-10-14 14:30 - 2015-09-16 04:26 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-10-14 14:30 - 2015-09-16 04:26 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-10-14 14:30 - 2015-09-16 04:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-10-14 14:30 - 2015-09-16 04:24 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-10-14 14:30 - 2015-09-16 04:23 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-10-14 14:30 - 2015-09-16 04:22 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-10-14 14:30 - 2015-09-16 04:22 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-10-14 14:30 - 2015-09-16 04:22 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-10-14 14:30 - 2015-09-16 04:15 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-10-14 14:30 - 2015-09-16 04:11 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-10-14 14:30 - 2015-09-16 04:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-10-14 14:30 - 2015-09-16 04:07 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-10-14 14:30 - 2015-09-16 04:06 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-10-14 14:30 - 2015-09-16 04:05 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-10-14 14:30 - 2015-09-16 04:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-10-14 14:30 - 2015-09-16 04:04 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2015-10-14 14:30 - 2015-09-16 03:59 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-10-14 14:30 - 2015-09-16 03:58 - 12853760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-10-14 14:30 - 2015-09-16 03:58 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2015-10-14 14:30 - 2015-09-16 03:56 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-10-14 14:30 - 2015-09-16 03:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-10-14 14:30 - 2015-09-16 03:55 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-10-14 14:30 - 2015-09-16 03:48 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-10-14 14:30 - 2015-09-16 03:37 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-10-14 14:30 - 2015-09-16 03:34 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-10-14 14:30 - 2015-09-16 03:32 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-10-14 14:30 - 2015-08-06 19:04 - 14176768 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2015-10-14 14:30 - 2015-08-06 19:03 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.old.dll 2015-10-14 14:30 - 2015-08-06 18:44 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2015-10-14 14:30 - 2015-08-06 18:44 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll 2015-10-14 14:29 - 2015-10-01 19:06 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2015-10-14 14:29 - 2015-10-01 19:04 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2015-10-14 14:29 - 2015-10-01 19:00 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2015-10-14 14:29 - 2015-10-01 19:00 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2015-10-14 14:29 - 2015-10-01 19:00 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2015-10-14 14:29 - 2015-10-01 19:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2015-10-14 14:29 - 2015-10-01 19:00 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2015-10-14 14:29 - 2015-10-01 18:50 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2015-10-14 14:29 - 2015-10-01 18:00 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2015-10-14 14:29 - 2015-09-29 04:16 - 05569472 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-10-14 14:29 - 2015-09-29 04:13 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-10-14 14:29 - 2015-09-29 04:11 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-10-14 14:29 - 2015-09-29 04:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2015-10-14 14:29 - 2015-09-29 04:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2015-10-14 14:29 - 2015-09-29 04:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2015-10-14 14:29 - 2015-09-29 04:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-10-14 14:29 - 2015-09-29 04:11 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-10-14 14:29 - 2015-09-29 04:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-10-14 14:29 - 2015-09-29 04:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2015-10-14 14:29 - 2015-09-29 04:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2015-10-14 14:29 - 2015-09-29 04:10 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2015-10-14 14:29 - 2015-09-29 04:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-10-14 14:29 - 2015-09-29 04:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2015-10-14 14:29 - 2015-09-29 04:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-10-14 14:29 - 2015-09-29 04:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-10-14 14:29 - 2015-09-29 04:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-10-14 14:29 - 2015-09-29 04:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2015-10-14 14:29 - 2015-09-29 04:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-10-14 14:29 - 2015-09-29 04:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-10-14 14:29 - 2015-09-29 04:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2015-10-14 14:29 - 2015-09-29 04:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2015-10-14 14:29 - 2015-09-29 04:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-10-14 14:29 - 2015-09-29 04:05 - 03990976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-10-14 14:29 - 2015-09-29 04:05 - 03936192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-10-14 14:29 - 2015-09-29 04:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-10-14 14:29 - 2015-09-29 04:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-10-14 14:29 - 2015-09-29 04:02 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-10-14 14:29 - 2015-09-29 04:01 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-10-14 14:29 - 2015-09-29 04:01 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-10-14 14:29 - 2015-09-29 04:01 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 04:01 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 04:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 04:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 03:59 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-10-14 14:29 - 2015-09-29 03:59 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-10-14 14:29 - 2015-09-29 03:59 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-10-14 14:29 - 2015-09-29 03:59 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-10-14 14:29 - 2015-09-29 03:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-10-14 14:29 - 2015-09-29 03:59 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2015-10-14 14:29 - 2015-09-29 03:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-10-14 14:29 - 2015-09-29 03:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2015-10-14 14:29 - 2015-09-29 03:58 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2015-10-14 14:29 - 2015-09-29 03:58 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-10-14 14:29 - 2015-09-29 03:57 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2015-10-14 14:29 - 2015-09-29 03:57 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2015-10-14 14:29 - 2015-09-29 03:57 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2015-10-14 14:29 - 2015-09-29 03:57 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2015-10-14 14:29 - 2015-09-29 03:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-10-14 14:29 - 2015-09-29 03:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-10-14 14:29 - 2015-09-29 03:49 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-10-14 14:29 - 2015-09-29 03:49 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2015-10-14 14:29 - 2015-09-29 03:49 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 03:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 02:50 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2015-10-14 14:29 - 2015-09-29 02:49 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2015-10-14 14:29 - 2015-09-29 02:49 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2015-10-14 14:29 - 2015-09-29 02:43 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2015-10-14 14:29 - 2015-09-29 02:43 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2015-10-14 14:29 - 2015-09-29 02:40 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 02:40 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 02:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2015-10-14 14:29 - 2015-09-29 02:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2015-10-14 14:29 - 2015-09-15 19:17 - 00157016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-10-14 14:29 - 2015-09-15 19:17 - 00097112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-10-14 14:29 - 2015-09-15 19:11 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-10-14 14:29 - 2015-09-15 19:11 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-10-14 14:29 - 2015-09-15 19:11 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-10-14 14:29 - 2015-09-15 19:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-10-14 14:29 - 2015-09-15 19:11 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-10-14 14:29 - 2015-09-15 19:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-10-14 14:29 - 2015-09-15 19:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-10-14 14:29 - 2015-09-15 18:36 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-10-14 14:29 - 2015-09-15 18:36 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-10-14 14:29 - 2015-09-15 18:36 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-10-14 14:29 - 2015-09-15 18:35 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-10-13 16:48 - 2015-10-13 16:48 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_silabser_01009.Wdf 2015-10-09 09:39 - 2015-10-09 09:39 - 00388608 _____ (Trend Micro Inc.) C:\Users\x4v33r\Downloads\HijackThis_2.0.5.exe 2015-10-09 09:38 - 2015-10-09 09:38 - 00000000 ____D C:\ProgramData\Unchecky 2015-10-09 09:38 - 2015-10-09 09:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unchecky 2015-10-09 09:38 - 2015-10-09 09:38 - 00000000 ____D C:\Program Files (x86)\Unchecky 2015-10-09 09:10 - 2015-10-05 22:26 - 01801288 _____ (Malwarebytes) C:\Users\x4v33r\Desktop\JRT.exe 2015-10-08 22:41 - 2015-11-04 18:49 - 00000000 ____D C:\AdwCleaner 2015-10-08 02:22 - 2015-10-03 06:06 - 42914096 _____ C:\Windows\system32\nvcompiler.dll 2015-10-08 02:22 - 2015-10-03 06:06 - 37882488 _____ C:\Windows\SysWOW64\nvcompiler.dll 2015-10-08 02:22 - 2015-10-03 06:06 - 22306936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2015-10-08 02:22 - 2015-10-03 06:06 - 18359928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2015-10-08 02:22 - 2015-10-03 06:06 - 16541040 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2015-10-08 02:22 - 2015-10-03 06:06 - 15716648 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2015-10-08 02:22 - 2015-10-03 06:06 - 15002304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2015-10-08 02:22 - 2015-10-03 06:06 - 14832968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2015-10-08 02:22 - 2015-10-03 06:06 - 13518496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2015-10-08 02:22 - 2015-10-03 06:06 - 12032200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2015-10-08 02:22 - 2015-10-03 06:06 - 11114616 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2015-10-08 02:22 - 2015-10-03 06:06 - 02869880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2015-10-08 02:22 - 2015-10-03 06:06 - 02489976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2015-10-08 02:22 - 2015-10-03 06:06 - 01905456 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435850.dll 2015-10-08 02:22 - 2015-10-03 06:06 - 01564976 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435850.dll 2015-10-08 02:22 - 2015-10-03 06:06 - 00877176 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2015-10-08 02:22 - 2015-10-03 06:06 - 00861816 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2015-10-08 02:22 - 2015-10-03 06:06 - 00689456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2015-10-08 02:22 - 2015-10-03 06:06 - 00673912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2015-10-08 02:22 - 2015-10-03 06:06 - 00512720 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2015-10-08 02:22 - 2015-10-03 06:06 - 00467912 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2015-10-08 02:22 - 2015-10-03 06:06 - 00422240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2015-10-08 02:22 - 2015-10-03 06:06 - 00414000 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2015-10-08 02:22 - 2015-10-03 06:06 - 00388024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2015-10-08 02:22 - 2015-10-03 06:06 - 00369272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2015-10-08 02:22 - 2015-10-03 06:06 - 00177416 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2015-10-08 02:22 - 2015-10-03 06:06 - 00155976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2015-10-08 02:22 - 2015-10-03 06:06 - 00151368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2015-10-08 02:22 - 2015-10-03 06:06 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2015-10-08 02:22 - 2015-10-03 03:18 - 00102520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2015-10-06 23:16 - 2015-09-25 19:07 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-10-06 23:16 - 2015-09-25 19:07 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-10-06 23:16 - 2015-09-25 19:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-10-06 23:16 - 2015-09-25 19:07 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-10-06 23:16 - 2015-09-25 19:07 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-10-06 23:16 - 2015-09-25 19:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-10-06 23:16 - 2015-09-25 19:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-10-06 23:16 - 2015-09-25 19:06 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-10-06 23:16 - 2015-09-25 19:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-10-06 23:16 - 2015-09-25 19:06 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-10-06 23:16 - 2015-09-25 19:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2015-10-06 23:16 - 2015-09-25 18:59 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-10-06 23:16 - 2015-09-25 18:59 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-10-06 23:16 - 2015-09-25 18:59 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-10-06 23:16 - 2015-09-25 18:59 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2015-10-06 23:16 - 2015-09-25 18:58 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-10-06 23:16 - 2015-09-18 20:22 - 00025432 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2015-10-06 23:16 - 2015-09-18 20:19 - 01291264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-10-06 23:16 - 2015-09-18 20:19 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-10-06 23:16 - 2015-09-18 20:19 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-10-06 23:16 - 2015-09-18 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-10-06 23:16 - 2015-09-18 20:19 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-10-06 23:16 - 2015-09-18 20:09 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-10-06 23:16 - 2015-08-05 18:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll 2015-10-06 23:16 - 2015-08-05 18:06 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2015-10-06 23:15 - 2015-07-18 14:08 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll 2015-10-06 23:15 - 2015-07-18 14:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll 2015-10-06 23:15 - 2015-07-18 14:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll 2015-10-06 23:15 - 2015-07-18 14:08 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll 2015-10-06 23:15 - 2015-07-18 14:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll 2015-10-06 23:15 - 2015-07-18 14:08 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll 2015-10-06 23:15 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll 2015-10-06 23:15 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll 2015-10-06 23:15 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll 2015-10-06 23:15 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll 2015-10-06 23:15 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll 2015-10-06 23:15 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll 2015-10-06 23:15 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll 2015-10-06 23:15 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll 2015-10-06 23:15 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll 2015-10-06 23:15 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll 2015-10-06 23:15 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll 2015-10-06 23:15 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll 2015-10-06 23:15 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll 2015-10-06 23:15 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll 2015-10-06 23:15 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll 2015-10-06 23:15 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll 2015-10-06 23:15 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll 2015-10-06 23:15 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll 2015-10-06 23:15 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll 2015-10-06 23:15 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll 2015-10-06 23:15 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll 2015-10-06 23:15 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll 2015-10-06 23:15 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll 2015-10-06 23:15 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll 2015-10-06 23:15 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll 2015-10-06 23:15 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll 2015-10-06 23:15 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll 2015-10-06 23:15 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll 2015-10-06 23:15 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll 2015-10-06 23:15 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll 2015-10-06 23:15 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll 2015-10-06 23:15 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll 2015-10-06 23:15 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll 2015-10-06 23:15 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll 2015-10-06 23:15 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll 2015-10-06 23:15 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll 2015-10-06 23:15 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll 2015-10-06 23:15 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll 2015-10-06 23:15 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll 2015-10-06 23:15 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll 2015-10-06 23:15 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll 2015-10-06 23:15 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-11-04 18:57 - 2015-09-15 08:56 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2015-11-04 18:52 - 2015-09-15 09:13 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-11-04 18:40 - 2015-09-15 08:27 - 01860792 _____ C:\Windows\WindowsUpdate.log 2015-11-04 18:36 - 2015-09-15 12:03 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-11-04 18:32 - 2015-09-15 09:27 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-11-04 18:29 - 2015-09-28 17:24 - 00001214 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job 2015-11-04 18:29 - 2015-09-28 17:24 - 00001210 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job 2015-11-04 18:25 - 2015-09-15 11:10 - 00000000 ____D C:\Users\x4v33r\AppData\Roaming\vlc 2015-11-04 18:25 - 2015-09-15 09:38 - 00000000 ____D C:\Program Files (x86)\Steam 2015-11-04 17:12 - 2009-07-14 05:45 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-11-04 17:12 - 2009-07-14 05:45 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-11-04 17:07 - 2015-09-15 11:13 - 00003754 _____ C:\Windows\System32\Tasks\AutoKMS 2015-11-04 17:07 - 2015-09-15 09:27 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-11-04 16:33 - 2011-04-12 08:43 - 00702138 _____ C:\Windows\system32\perfh007.dat 2015-11-04 16:33 - 2011-04-12 08:43 - 00150804 _____ C:\Windows\system32\perfc007.dat 2015-11-04 16:33 - 2009-07-14 06:13 - 01628890 _____ C:\Windows\system32\PerfStringBackup.INI 2015-11-04 16:26 - 2015-09-23 12:33 - 00000000 ____D C:\ProgramData\NVIDIA 2015-11-04 16:26 - 2015-09-21 18:05 - 00000000 ____D C:\ProgramData\VMware 2015-11-04 16:26 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-11-02 22:39 - 2015-09-28 17:26 - 00000000 ___RD C:\Users\x4v33r\Dropbox 2015-11-02 22:39 - 2015-09-15 10:42 - 00000000 ____D C:\Users\x4v33r\AppData\Roaming\TS3Client 2015-11-02 19:32 - 2015-09-28 17:24 - 00000000 ____D C:\Users\x4v33r\AppData\Local\Dropbox 2015-11-01 22:40 - 2015-09-15 09:42 - 00000000 ____D C:\Users\x4v33r\AppData\Local\JDownloader v2.0 2015-11-01 02:00 - 2015-09-15 11:18 - 00000000 ____D C:\Users\x4v33r\AppData\Local\Adobe 2015-10-25 19:43 - 2015-09-15 09:27 - 00000000 ____D C:\Users\x4v33r\AppData\Local\Google 2015-10-24 15:32 - 2015-09-15 11:06 - 00000000 ____D C:\Program Files\CyberGhost 5 2015-10-24 13:46 - 2015-09-15 11:28 - 00000000 ____D C:\Users\x4v33r\AppData\Roaming\gnupg 2015-10-24 13:39 - 2015-09-15 11:38 - 00000000 ____D C:\Users\x4v33r\AppData\Local\gtk-2.0 2015-10-23 14:26 - 2015-09-15 10:42 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client 2015-10-20 17:13 - 2015-09-15 08:56 - 00940936 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys 2015-10-20 17:13 - 2015-09-15 08:56 - 00181640 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys 2015-10-20 17:13 - 2015-07-04 01:18 - 00227000 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys 2015-10-18 14:23 - 2015-09-15 10:47 - 00000000 ____D C:\Users\x4v33r\AppData\Roaming\Spotify 2015-10-17 14:50 - 2015-09-15 10:48 - 00000000 ____D C:\Users\x4v33r\AppData\Local\Spotify 2015-10-17 13:56 - 2015-09-15 08:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-10-17 08:31 - 2015-09-28 17:24 - 00000000 ____D C:\Program Files (x86)\Dropbox 2015-10-16 22:36 - 2015-09-15 12:03 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-10-16 22:36 - 2015-09-15 12:03 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-10-16 22:36 - 2015-09-15 12:03 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-10-16 02:25 - 2015-09-15 08:27 - 00000000 ____D C:\Users\x4v33r 2015-10-15 21:31 - 2015-09-15 09:13 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-10-15 10:09 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache 2015-10-11 02:21 - 2015-09-15 11:36 - 00000000 ____D C:\Users\x4v33r\AppData\Roaming\Skype 2015-10-09 09:42 - 2015-09-15 10:00 - 00000000 ____D C:\Windows\pss 2015-10-09 09:39 - 2015-09-15 08:27 - 00000000 ____D C:\Users\x4v33r\AppData\Local\VirtualStore 2015-10-09 09:21 - 2015-09-15 16:10 - 00000831 _____ C:\Users\Public\Desktop\CCleaner.lnk 2015-10-09 09:21 - 2015-09-15 16:10 - 00000000 ____D C:\Program Files\CCleaner 2015-10-09 09:12 - 2015-09-15 17:14 - 00000000 ____D C:\Users\x4v33r\AppData\Roaming\IObit 2015-10-09 09:12 - 2015-09-15 17:14 - 00000000 ____D C:\ProgramData\IObit 2015-10-08 14:04 - 2015-09-15 16:48 - 00000000 ___SD C:\Windows\SysWOW64\GWX 2015-10-08 14:04 - 2015-09-15 16:48 - 00000000 ___SD C:\Windows\system32\GWX 2015-10-08 02:23 - 2015-09-15 09:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2015-10-08 02:23 - 2015-09-15 09:18 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2015-10-08 02:23 - 2015-09-15 09:18 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2015-10-06 23:17 - 2015-09-15 09:19 - 01602234 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2015-10-06 23:16 - 2015-09-15 14:30 - 00000000 ___SD C:\Windows\system32\CompatTel 2015-10-06 23:16 - 2015-09-15 14:30 - 00000000 ____D C:\Windows\system32\appraiser 2015-10-05 08:50 - 2015-09-15 09:13 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-10-05 08:50 - 2015-09-15 09:13 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-10-05 08:50 - 2015-09-15 09:13 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-10-24 13:39 - 2015-10-24 13:39 - 0001263 _____ () C:\Users\x4v33r\AppData\Local\recently-used.xbel Einige Dateien in TEMP: ==================== C:\Users\x4v33r\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpuv5yk6.dll C:\Users\x4v33r\AppData\Local\Temp\proxy_vole5149300507336009336.dll C:\Users\x4v33r\AppData\Local\Temp\SRLDetectionLibrary6564394654827490831.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe [2015-09-15 15:44] - [2010-11-21 04:24] - 2389504 ____A (Microsoft Corporation) 519DC3239A027F822032E928A11309DB C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-10-31 00:06 ==================== Ende von FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:04-11-2015
durchgeführt von x4v33r (2015-11-04 19:00:10)
Gestartet von C:\Users\x4v33r\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2015-09-15 07:27:34)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-818604781-4030078785-4170327772-500 - Administrator - Disabled)
Gast (S-1-5-21-818604781-4030078785-4170327772-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-818604781-4030078785-4170327772-1002 - Limited - Enabled)
x4v33r (S-1-5-21-818604781-4030078785-4170327772-1000 - Administrator - Enabled) => C:\Users\x4v33r
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Kaspersky Internet Security (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky Internet Security (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version: - Infinity Ward)
CCleaner (HKLM\...\CCleaner) (Version: 5.11 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CPUID HWMonitor 1.28 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version: - CyberGhost S.R.L.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.10.8 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.37 - Dropbox, Inc.) Hidden
EVE Online (HKLM-x32\...\{2B168B02-A1FD-4825-A9BC-2B22594831A7}) (Version: 3.0.0 - CCP Games Ltd.)
EveHQ (HKLM-x32\...\EveHQ) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Gpg4win (2.2.6) (HKLM-x32\...\GPG4Win) (Version: 2.2.6 - The Gpg4win Project)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
Logitech Gaming Software 8.72 (HKLM\...\Logitech Gaming Software) (Version: 8.72.107 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 41.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 de)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2.5765 - Mozilla)
Mozilla Thunderbird 38.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.3.0 (x86 de)) (Version: 38.3.0 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.3 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 358.50 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.50 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenVPN 2.3.8-I601 (HKLM\...\OpenVPN) (Version: 2.3.8-I601 - )
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.50.1123.2011 - Realtek)
Secunia PSI (3.0.0.7011) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.7011 - Secunia)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
Skype™ 7.10 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.10.101 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
Spotify (HKU\S-1-5-21-818604781-4030078785-4170327772-1000\...\Spotify) (Version: 1.0.14.124.g4dfabc51 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
System Requirements Lab (HKLM-x32\...\{F89CDED6-B1F1-489F-BA44-698BF6A737C2}) (Version: 6.1.6.0 - Husdawg, LLC)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH)
Unchecky v0.4 (HKLM-x32\...\Unchecky) (Version: 0.4 - RaMMicHaeL)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VMware Player (HKLM\...\{DCA4824C-42E8-4911-9C10-5BB43A315625}) (Version: 12.0.0 - VMware, Inc.)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
15-10-2015 02:00:19 Windows Update
18-10-2015 18:00:21 Windows-Sicherung
19-10-2015 17:20:55 Microsoft Visual C++ 2005 Redistributable wird installiert
19-10-2015 17:21:04 DirectX wurde installiert
20-10-2015 17:01:49 Windows Update
27-10-2015 18:55:07 Windows Update
02-11-2015 19:32:38 Windows-Sicherung
03-11-2015 16:33:08 Windows Update
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2015-11-04 16:26 - 00002024 ____A C:\Windows\system32\Drivers\etc\hosts
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com
Da befinden sich 4 zusätzliche Einträge.
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {17A47407-C174-43D9-999D-E7C74F468B4B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-15] (Google Inc.)
Task: {22DF94E4-585F-4DCD-AA73-C8451F53031F} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-09-28] (Dropbox, Inc.)
Task: {31A302AE-18C5-482E-85DC-544C60AB2470} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-15] (Google Inc.)
Task: {825AC22B-CF12-48E6-A5D8-D430DE6D1667} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-10-19] (Piriform Ltd)
Task: {92F24552-376F-45A5-8C7E-CF2C7477C777} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2015-09-15] ()
Task: {A37804FB-D39A-4E4F-A94D-339A6FAE0C12} - System32\Tasks\AdobeAAMUpdater-1.0-x4v33r-PC-x4v33r => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-08-05] (Adobe Systems Incorporated)
Task: {BCA78E03-6B34-4B92-92BF-DB028A44B74E} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-09-28] (Dropbox, Inc.)
Task: {F53A60BF-A3D6-4340-A870-384F7E858E3F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-16] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-09-23 12:33 - 2015-10-03 03:49 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-09-09 11:52 - 2015-09-09 11:52 - 00216576 _____ () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
2013-09-04 23:17 - 2013-09-04 23:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2015-03-07 01:07 - 2015-03-07 01:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-09-01 19:27 - 2015-09-01 19:27 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-09-01 19:27 - 2015-09-01 19:27 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-09-09 11:40 - 2015-09-09 11:40 - 00221696 _____ () C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll
2015-09-09 11:34 - 2015-09-09 11:34 - 00087040 _____ () C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll
2015-09-09 11:28 - 2015-09-09 11:28 - 00050176 _____ () C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll
2015-09-09 11:39 - 2015-09-09 11:39 - 00072192 _____ () C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll
2015-09-09 11:42 - 2015-09-09 11:42 - 00744448 _____ () C:\Program Files (x86)\GNU\GnuPG\libgcrypt-20.dll
2015-08-14 13:03 - 2015-08-14 13:03 - 01301696 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
2015-09-15 09:19 - 2015-08-27 01:37 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2013-09-04 23:14 - 2013-09-04 23:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-09-30 22:25 - 2015-09-30 22:25 - 00153768 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2015-09-30 22:25 - 2015-09-30 22:25 - 00023208 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2015-09-15 09:39 - 2015-10-05 17:18 - 00778752 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-09-15 09:39 - 2015-07-03 17:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-09-15 09:39 - 2015-07-03 17:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-09-15 09:39 - 2015-07-03 17:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-09-15 09:39 - 2015-10-14 21:56 - 02423376 _____ () C:\Program Files (x86)\Steam\video.dll
2015-09-15 09:39 - 2015-09-24 01:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-09-15 09:39 - 2015-09-24 01:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-09-15 09:39 - 2015-09-24 01:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-09-15 09:39 - 2015-09-24 01:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-09-15 09:39 - 2015-09-24 01:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-09-15 09:39 - 2015-10-14 21:56 - 00705104 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-09-15 09:39 - 2015-10-09 19:13 - 00193024 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2015-09-15 09:39 - 2015-10-08 23:20 - 45010208 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-09-15 09:39 - 2015-09-25 00:56 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2015-10-16 22:36 - 2015-10-16 22:36 - 17599688 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll
2015-07-08 22:18 - 2015-07-08 22:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-818604781-4030078785-4170327772-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\x4v33r\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => C:\Windows\pss\Secunia PSI Tray.lnk.CommonStartup
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: CyberGhost => "C:\Program Files\CyberGhost 5\CyberGhost.exe" /autostart /min
MSCONFIG\startupreg: Dropbox => "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\x4v33r\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\x4v33r\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{E33F93E9-E05D-4608-B932-BCCA6FEF549B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C6FE355E-5061-43BF-BB6F-DC735063A038}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2BCFB9D0-C1A7-4616-9DBE-557DCC0FF543}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{CB8E735A-FED7-4BDF-BB84-F3785848623F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{FD5B1B07-435A-4AE7-AA8D-3840C7BBB3DC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{7AC6DB90-98B7-4923-BF74-7CA99B2709F4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{6D14EB18-6DB7-4AE1-B1D7-5BF0FE9DA3F8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{4C6A3AFA-A10B-47AC-A37E-020DB28B0123}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FFA0864D-1FB0-437C-A6B3-1FBF2141736A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{236C7229-0D0A-453A-BA06-8204D98E5582}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{375422B3-AA67-4082-A7F1-B4625C2A899C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3A8572B4-1779-4547-A37D-C4180691FCC5}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F8D436A1-D715-4C52-AE4C-497CF52CE348}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{E8DA264F-9876-4CF0-B3E8-49B6FA4D69C6}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4EE082DD-D6BD-4308-B216-BF21867C7F41}] => (Allow) H:\Counterstrike\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{01E0845C-549E-49E8-A979-84CD09C13AD0}] => (Allow) H:\Counterstrike\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{93468623-3765-41C5-A33A-E76ECEFDC679}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{DFC799F4-5694-4E30-A069-DA613C4D2D26}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{1CA057C6-1634-41C2-A02E-03286F1F8B05}] => (Allow) I:\Modern Warfare 2\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{B2B83D05-B93D-4F12-812C-3F56088126A7}] => (Allow) I:\Modern Warfare 2\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{BCCD378D-0DA1-43F1-9EBD-6D6C06985919}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{B97BB6D0-33D5-4DFF-9FFB-B414E9C68AEC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: TAP-Windows Adapter V9
Description: TAP-Windows Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: tap0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: VMware Virtual Ethernet Adapter for VMnet1
Description: VMware Virtual Ethernet Adapter for VMnet1
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: VMware Virtual Ethernet Adapter for VMnet8
Description: VMware Virtual Ethernet Adapter for VMnet8
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (11/04/2015 04:28:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/03/2015 04:30:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/02/2015 06:38:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/01/2015 07:00:04 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "K:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"
Error: (10/31/2015 11:31:55 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/30/2015 02:02:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/28/2015 09:47:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/27/2015 04:29:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/26/2015 10:23:33 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/25/2015 07:00:01 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "K:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"
Systemfehler:
=============
Error: (11/02/2015 06:37:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CyberGhost 5 Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (11/02/2015 06:37:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst CyberGhost 5 Client Service erreicht.
Error: (10/20/2015 05:13:56 PM) (Source: KLIF) (EventID: 0) (User: )
Description: Сonnection is not established
Error: (10/20/2015 05:13:54 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
%%5
Error: (10/15/2015 11:17:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (10/15/2015 11:17:31 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (10/14/2015 02:23:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CyberGhost 5 Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (10/14/2015 02:23:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst CyberGhost 5 Client Service erreicht.
Error: (10/13/2015 05:07:57 PM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "L:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.
Error: (10/13/2015 05:07:57 PM) (Source: volsnap) (EventID: 16) (User: )
Description: Die Schattenkopien von Volume "L:" wurden verworfen, weil die Bereitsstellungaufhebung von Volume "L:", das einen Schattenkopiespeicher für diese Schattenkopie enthält, erzwungen wurde.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 22%
Installierter physikalischer RAM: 16332.43 MB
Verfügbarer physikalischer RAM: 12698.64 MB
Summe virtueller Speicher: 32663.06 MB
Verfügbarer virtueller Speicher: 28375 MB
==================== Laufwerke ================================
Drive c: (Windows 7) (Fixed) (Total:232.44 GB) (Free:140.66 GB) NTFS
Drive e: (HDD Musik) (Fixed) (Total:457.78 GB) (Free:451.7 GB) NTFS
Drive f: (HDD Diverses ) (Fixed) (Total:457.78 GB) (Free:445.69 GB) NTFS
Drive g: (HDD Daten) (Fixed) (Total:488.28 GB) (Free:474.5 GB) NTFS
Drive h: (SSD) (Fixed) (Total:55.68 GB) (Free:27.52 GB) NTFS
Drive i: (HDD Games) (Fixed) (Total:488.28 GB) (Free:221.12 GB) NTFS
Drive j: (HDD Cinema) (Fixed) (Total:886.45 GB) (Free:380.45 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 48BE9A27)
Partition: GPT.
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: E315B32D)
Partition: GPT.
========================================================
Disk: 2 (Size: 55.9 GB) (Disk ID: E315B311)
Partition: GPT.
========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 16CDA452)
Partition 1: (Not Active) - (Size=488.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=488.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=886.5 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
__________________ |
|
05.11.2015, 20:28
| #4 |
| /// the machine /// TB-Ausbilder | Matasploit hi, Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
05.11.2015, 20:49
| #5 | |
| | MatasploitCode:
ATTFilter 20:46:48.0522 0x1b58 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
20:46:48.0522 0x1b58 UEFI system
20:46:52.0490 0x1b58 ============================================================
20:46:52.0490 0x1b58 Current date / time: 2015/11/05 20:46:52.0490
20:46:52.0490 0x1b58 SystemInfo:
20:46:52.0490 0x1b58
20:46:52.0490 0x1b58 OS Version: 6.1.7601 ServicePack: 1.0
20:46:52.0490 0x1b58 Product type: Workstation
20:46:52.0490 0x1b58 ComputerName: X4V33R-PC
20:46:52.0490 0x1b58 UserName: x4v33r
20:46:52.0490 0x1b58 Windows directory: C:\Windows
20:46:52.0490 0x1b58 System windows directory: C:\Windows
20:46:52.0490 0x1b58 Running under WOW64
20:46:52.0490 0x1b58 Processor architecture: Intel x64
20:46:52.0490 0x1b58 Number of processors: 8
20:46:52.0490 0x1b58 Page size: 0x1000
20:46:52.0490 0x1b58 Boot type: Normal boot
20:46:52.0490 0x1b58 ============================================================
20:46:52.0667 0x1b58 KLMD registered as C:\Windows\system32\drivers\79815918.sys
20:46:52.0748 0x1b58 System UUID: {3766E4DD-9108-86C6-8210-A106F4A2E9BC}
20:46:53.0072 0x1b58 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:46:53.0081 0x1b58 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:46:53.0766 0x1b58 Drive \Device\Harddisk3\DR3 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:46:53.0768 0x1b58 Drive \Device\Harddisk2\DR2 - Size: 0xDF99E6000 ( 55.90 Gb ), SectorSize: 0x200, Cylinders: 0x1C81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:46:53.0772 0x1b58 ============================================================
20:46:53.0772 0x1b58 \Device\Harddisk1\DR1:
20:46:53.0772 0x1b58 GPT partitions:
20:46:53.0773 0x1b58 \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {21686148-6449-6E6F-744E-656564454649}, UniqueGUID: {6162A486-50F9-449B-B9ED-08D97AA3C07C}, Name: , StartLBA 0x800, BlocksNum 0x800
20:46:53.0773 0x1b58 \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {E4D60B55-462F-4AD9-BBD9-A1B98A1DE36D}, Name: Basic data partition, StartLBA 0x1000, BlocksNum 0x3938F000
20:46:53.0773 0x1b58 \Device\Harddisk1\DR1\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {E45995E0-9411-4C76-BD7B-84C033CA4C4D}, Name: Basic data partition, StartLBA 0x39390000, BlocksNum 0x3938F000
20:46:53.0773 0x1b58 \Device\Harddisk1\DR1\Partition4: GPT, TypeGUID: {0657FD6D-A4AB-43C4-84E5-0933C84B4F4F}, UniqueGUID: {AC9625F8-6D09-4FBA-B51E-089228D944B9}, Name: , StartLBA 0x7271F800, BlocksNum 0x1FE7000
20:46:53.0773 0x1b58 MBR partitions:
20:46:53.0773 0x1b58 \Device\Harddisk0\DR0:
20:46:53.0773 0x1b58 GPT partitions:
20:46:53.0773 0x1b58 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {03B140F9-9681-481B-BB96-0FB7E3506D19}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x72000
20:46:53.0773 0x1b58 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {0CC239B2-8A94-4CFD-8A1D-D6AECC4C1668}, Name: EFI system partition, StartLBA 0x72800, BlocksNum 0x32000
20:46:53.0773 0x1b58 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {AA0364FB-0EB8-4ED1-9059-D56C2A1B0BC9}, Name: Microsoft reserved partition, StartLBA 0xA4800, BlocksNum 0x40000
20:46:53.0773 0x1b58 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {7F55EA55-90F0-4E49-9219-599A1DE9A703}, Name: Basic data partition, StartLBA 0xE4800, BlocksNum 0x1D0E1000
20:46:53.0773 0x1b58 MBR partitions:
20:46:53.0773 0x1b58 \Device\Harddisk3\DR3:
20:46:53.0774 0x1b58 MBR partitions:
20:46:53.0774 0x1b58 \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3D090000
20:46:53.0774 0x1b58 \Device\Harddisk3\DR3\Partition2: MBR, Type 0x7, StartLBA 0x3D090800, BlocksNum 0x3D090000
20:46:53.0774 0x1b58 \Device\Harddisk3\DR3\Partition3: MBR, Type 0x7, StartLBA 0x7A120800, BlocksNum 0x6ECE7000
20:46:53.0774 0x1b58 \Device\Harddisk2\DR2:
20:46:53.0774 0x1b58 GPT partitions:
20:46:53.0774 0x1b58 \Device\Harddisk2\DR2\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {A78B81F5-77AE-459E-A0B0-A2FB526A37D7}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
20:46:53.0774 0x1b58 \Device\Harddisk2\DR2\Partition2: GPT, TypeGUID: {5808C8AA-7E8F-42E0-85D2-E1E90434CFB3}, UniqueGUID: {9EE89513-547B-11E3-ACA4-8C89A5CA3DD3}, Name: LDM metadata partition, StartLBA 0x32800, BlocksNum 0x800
20:46:53.0774 0x1b58 \Device\Harddisk2\DR2\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {53C291F3-6488-4C5A-95D7-2B7A4BBF9207}, Name: Basic data partition, StartLBA 0x33000, BlocksNum 0x3F800
20:46:53.0774 0x1b58 \Device\Harddisk2\DR2\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {C1323A25-8B8B-4AC2-ACE6-556C66F43508}, Name: Basic data partition, StartLBA 0x72800, BlocksNum 0x6F5A000
20:46:53.0774 0x1b58 MBR partitions:
20:46:53.0774 0x1b58 ============================================================
20:46:53.0775 0x1b58 C: <-> \Device\Harddisk0\DR0\Partition4
20:46:53.0810 0x1b58 E: <-> \Device\Harddisk1\DR1\Partition2
20:46:53.0835 0x1b58 F: <-> \Device\Harddisk1\DR1\Partition3
20:46:53.0855 0x1b58 G: <-> \Device\Harddisk3\DR3\Partition1
20:46:53.0856 0x1b58 H: <-> \Device\Harddisk2\DR2\Partition4
20:46:53.0882 0x1b58 I: <-> \Device\Harddisk3\DR3\Partition2
20:46:53.0917 0x1b58 J: <-> \Device\Harddisk3\DR3\Partition3
20:46:53.0917 0x1b58 ============================================================
20:46:53.0917 0x1b58 Initialize success
20:46:53.0917 0x1b58 ============================================================
20:47:21.0854 0x0644 ============================================================
20:47:21.0854 0x0644 Scan started
20:47:21.0854 0x0644 Mode: Manual;
20:47:21.0854 0x0644 ============================================================
20:47:21.0854 0x0644 KSN ping started
20:47:24.0804 0x0644 KSN ping finished: true
20:47:25.0964 0x0644 ================ Scan system memory ========================
20:47:25.0964 0x0644 System memory - ok
20:47:25.0964 0x0644 ================ Scan services =============================
20:47:25.0984 0x0644 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:47:25.0984 0x0644 1394ohci - ok
20:47:26.0004 0x0644 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:47:26.0004 0x0644 ACPI - ok
20:47:26.0004 0x0644 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:47:26.0004 0x0644 AcpiPmi - ok
20:47:26.0024 0x0644 [ 8C194A201698B4B4F77D974549819D1F, 081A2496FE1CE519E48677D99A831FF1FEEB1B33C75224CF288FA52F3E0E5FF0 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:47:26.0024 0x0644 AdobeFlashPlayerUpdateSvc - ok
20:47:26.0044 0x0644 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:47:26.0044 0x0644 adp94xx - ok
20:47:26.0054 0x0644 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:47:26.0054 0x0644 adpahci - ok
20:47:26.0070 0x0644 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:47:26.0072 0x0644 adpu320 - ok
20:47:26.0077 0x0644 [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:47:26.0078 0x0644 AeLookupSvc - ok
20:47:26.0088 0x0644 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
20:47:26.0093 0x0644 AFD - ok
20:47:26.0096 0x0644 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
20:47:26.0097 0x0644 agp440 - ok
20:47:26.0099 0x0644 AGSService - ok
20:47:26.0103 0x0644 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
20:47:26.0104 0x0644 ALG - ok
20:47:26.0107 0x0644 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
20:47:26.0107 0x0644 aliide - ok
20:47:26.0109 0x0644 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
20:47:26.0109 0x0644 amdide - ok
20:47:26.0112 0x0644 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
20:47:26.0113 0x0644 AmdK8 - ok
20:47:26.0116 0x0644 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
20:47:26.0117 0x0644 AmdPPM - ok
20:47:26.0120 0x0644 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:47:26.0121 0x0644 amdsata - ok
20:47:26.0125 0x0644 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
20:47:26.0128 0x0644 amdsbs - ok
20:47:26.0130 0x0644 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:47:26.0130 0x0644 amdxata - ok
20:47:26.0133 0x0644 [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID C:\Windows\system32\drivers\appid.sys
20:47:26.0134 0x0644 AppID - ok
20:47:26.0136 0x0644 [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:47:26.0137 0x0644 AppIDSvc - ok
20:47:26.0140 0x0644 [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo C:\Windows\System32\appinfo.dll
20:47:26.0141 0x0644 Appinfo - ok
20:47:26.0146 0x0644 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
20:47:26.0148 0x0644 AppMgmt - ok
20:47:26.0151 0x0644 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
20:47:26.0152 0x0644 arc - ok
20:47:26.0156 0x0644 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:47:26.0157 0x0644 arcsas - ok
20:47:26.0164 0x0644 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:47:26.0165 0x0644 aspnet_state - ok
20:47:26.0168 0x0644 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:47:26.0168 0x0644 AsyncMac - ok
20:47:26.0171 0x0644 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
20:47:26.0171 0x0644 atapi - ok
20:47:26.0184 0x0644 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:47:26.0192 0x0644 AudioEndpointBuilder - ok
20:47:26.0204 0x0644 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:47:26.0212 0x0644 AudioSrv - ok
20:47:26.0220 0x0644 [ 50C3C62FFE6337E6E4F2F01CB07DF63C, CC9C7D2827E872F22A2A79D42195530F61DF6EA6A1C8F520E25DB35537574FAB ] AVP16.0.0 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
20:47:26.0222 0x0644 AVP16.0.0 - ok
20:47:26.0226 0x0644 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:47:26.0228 0x0644 AxInstSV - ok
20:47:26.0237 0x0644 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
20:47:26.0243 0x0644 b06bdrv - ok
20:47:26.0249 0x0644 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:47:26.0252 0x0644 b57nd60a - ok
20:47:26.0257 0x0644 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
20:47:26.0259 0x0644 BDESVC - ok
20:47:26.0261 0x0644 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
20:47:26.0261 0x0644 Beep - ok
20:47:26.0275 0x0644 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
20:47:26.0283 0x0644 BFE - ok
20:47:26.0298 0x0644 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
20:47:26.0308 0x0644 BITS - ok
20:47:26.0312 0x0644 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:47:26.0313 0x0644 blbdrive - ok
20:47:26.0321 0x0644 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:47:26.0322 0x0644 bowser - ok
20:47:26.0333 0x0644 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
20:47:26.0334 0x0644 BrFiltLo - ok
20:47:26.0336 0x0644 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
20:47:26.0336 0x0644 BrFiltUp - ok
20:47:26.0340 0x0644 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
20:47:26.0342 0x0644 Browser - ok
20:47:26.0348 0x0644 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:47:26.0352 0x0644 Brserid - ok
20:47:26.0355 0x0644 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:47:26.0356 0x0644 BrSerWdm - ok
20:47:26.0358 0x0644 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:47:26.0358 0x0644 BrUsbMdm - ok
20:47:26.0360 0x0644 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:47:26.0361 0x0644 BrUsbSer - ok
20:47:26.0363 0x0644 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
20:47:26.0364 0x0644 BTHMODEM - ok
20:47:26.0368 0x0644 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
20:47:26.0370 0x0644 bthserv - ok
20:47:26.0373 0x0644 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:47:26.0374 0x0644 cdfs - ok
20:47:26.0378 0x0644 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:47:26.0380 0x0644 cdrom - ok
20:47:26.0383 0x0644 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
20:47:26.0384 0x0644 CertPropSvc - ok
20:47:26.0388 0x0644 [ 23E65CFFB215D4A2A3DCA8E8A0017E5B, A28772C37BCDE7710600948AA7FAD21EEF01646CC219BD8E3D09B493D2F73243 ] CGVPNCliService C:\Program Files\CyberGhost 5\Service.exe
20:47:26.0389 0x0644 CGVPNCliService - ok
20:47:26.0392 0x0644 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
20:47:26.0393 0x0644 circlass - ok
20:47:26.0400 0x0644 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
20:47:26.0405 0x0644 CLFS - ok
20:47:26.0409 0x0644 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:47:26.0410 0x0644 clr_optimization_v2.0.50727_32 - ok
20:47:26.0414 0x0644 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:47:26.0416 0x0644 clr_optimization_v2.0.50727_64 - ok
20:47:26.0422 0x0644 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:47:26.0424 0x0644 clr_optimization_v4.0.30319_32 - ok
20:47:26.0427 0x0644 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:47:26.0430 0x0644 clr_optimization_v4.0.30319_64 - ok
20:47:26.0433 0x0644 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
20:47:26.0433 0x0644 CmBatt - ok
20:47:26.0436 0x0644 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:47:26.0436 0x0644 cmdide - ok
20:47:26.0444 0x0644 [ B2A6D2A30E93B6F215F74AC7E1733C9C, 960299F7BF2501B46296EDEA050BF30313C17A9B785574B56B79C070BD1B6E1A ] cm_km C:\Windows\system32\DRIVERS\cm_km.sys
20:47:26.0449 0x0644 cm_km - ok
20:47:26.0458 0x0644 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
20:47:26.0463 0x0644 CNG - ok
20:47:26.0466 0x0644 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
20:47:26.0467 0x0644 Compbatt - ok
20:47:26.0469 0x0644 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
20:47:26.0470 0x0644 CompositeBus - ok
20:47:26.0471 0x0644 COMSysApp - ok
20:47:26.0474 0x0644 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:47:26.0474 0x0644 crcdisk - ok
20:47:26.0480 0x0644 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:47:26.0482 0x0644 CryptSvc - ok
20:47:26.0495 0x0644 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
20:47:26.0501 0x0644 CSC - ok
20:47:26.0514 0x0644 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
20:47:26.0522 0x0644 CscService - ok
20:47:26.0527 0x0644 dbupdate - ok
20:47:26.0529 0x0644 dbupdatem - ok
20:47:26.0540 0x0644 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:47:26.0549 0x0644 DcomLaunch - ok
20:47:26.0555 0x0644 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
20:47:26.0559 0x0644 defragsvc - ok
20:47:26.0562 0x0644 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:47:26.0564 0x0644 DfsC - ok
20:47:26.0571 0x0644 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
20:47:26.0574 0x0644 Dhcp - ok
20:47:26.0598 0x0644 [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\Windows\system32\diagtrack.dll
20:47:26.0614 0x0644 DiagTrack - ok
20:47:26.0621 0x0644 [ F1EA0FF09D68FD68DF5B15BF8E2716CA, 851FC0BB8B278E3669090F974FA2618AB86E0EB0B6219F6052E17552CD915D5C ] DirMngr C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
20:47:26.0623 0x0644 DirMngr - ok
20:47:26.0626 0x0644 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
20:47:26.0626 0x0644 discache - ok
20:47:26.0629 0x0644 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
20:47:26.0630 0x0644 Disk - ok
20:47:26.0633 0x0644 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
20:47:26.0634 0x0644 dmvsc - ok
20:47:26.0639 0x0644 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:47:26.0641 0x0644 Dnscache - ok
20:47:26.0647 0x0644 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
20:47:26.0651 0x0644 dot3svc - ok
20:47:26.0656 0x0644 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
20:47:26.0658 0x0644 DPS - ok
20:47:26.0660 0x0644 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:47:26.0660 0x0644 drmkaud - ok
20:47:26.0677 0x0644 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:47:26.0688 0x0644 DXGKrnl - ok
20:47:26.0692 0x0644 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
20:47:26.0694 0x0644 EapHost - ok
20:47:26.0747 0x0644 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
20:47:26.0784 0x0644 ebdrv - ok
20:47:26.0789 0x0644 [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] EFS C:\Windows\System32\lsass.exe
20:47:26.0790 0x0644 EFS - ok
20:47:26.0804 0x0644 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:47:26.0811 0x0644 ehRecvr - ok
20:47:26.0815 0x0644 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
20:47:26.0817 0x0644 ehSched - ok
20:47:26.0828 0x0644 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:47:26.0835 0x0644 elxstor - ok
20:47:26.0837 0x0644 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:47:26.0838 0x0644 ErrDev - ok
20:47:26.0848 0x0644 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
20:47:26.0853 0x0644 EventSystem - ok
20:47:26.0858 0x0644 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
20:47:26.0860 0x0644 exfat - ok
20:47:26.0865 0x0644 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:47:26.0868 0x0644 fastfat - ok
20:47:26.0880 0x0644 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
20:47:26.0888 0x0644 Fax - ok
20:47:26.0891 0x0644 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
20:47:26.0892 0x0644 fdc - ok
20:47:26.0894 0x0644 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
20:47:26.0895 0x0644 fdPHost - ok
20:47:26.0897 0x0644 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
20:47:26.0898 0x0644 FDResPub - ok
20:47:26.0901 0x0644 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:47:26.0901 0x0644 FileInfo - ok
20:47:26.0904 0x0644 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:47:26.0905 0x0644 Filetrace - ok
20:47:26.0907 0x0644 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
20:47:26.0907 0x0644 flpydisk - ok
20:47:26.0913 0x0644 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:47:26.0917 0x0644 FltMgr - ok
20:47:26.0936 0x0644 [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache C:\Windows\system32\FntCache.dll
20:47:26.0950 0x0644 FontCache - ok
20:47:26.0954 0x0644 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:47:26.0954 0x0644 FontCache3.0.0.0 - ok
20:47:26.0957 0x0644 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:47:26.0957 0x0644 FsDepends - ok
20:47:26.0960 0x0644 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:47:26.0960 0x0644 Fs_Rec - ok
20:47:26.0965 0x0644 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:47:26.0968 0x0644 fvevol - ok
20:47:26.0971 0x0644 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:47:26.0972 0x0644 gagp30kx - ok
20:47:26.0991 0x0644 [ B17D0BDBDDF4BD4709D6CA3147D409C0, B83F0D9891190226D2D7D50DE27B61B5FC04B6942C37B78856C45B3309527D9B ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
20:47:27.0005 0x0644 GfExperienceService - ok
20:47:27.0019 0x0644 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
20:47:27.0028 0x0644 gpsvc - ok
20:47:27.0033 0x0644 [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:47:27.0035 0x0644 gupdate - ok
20:47:27.0038 0x0644 [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:47:27.0040 0x0644 gupdatem - ok
20:47:27.0043 0x0644 [ 1854F72C219F72DB49698405520F3638, BEA6C02D947465C9FAE478DF4DCFC08C07B308DD28AA602E2D73690DA669CB1B ] hcmon C:\Windows\system32\drivers\hcmon.sys
20:47:27.0044 0x0644 hcmon - ok
20:47:27.0046 0x0644 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:47:27.0047 0x0644 hcw85cir - ok
20:47:27.0055 0x0644 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:47:27.0058 0x0644 HdAudAddService - ok
20:47:27.0063 0x0644 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
20:47:27.0065 0x0644 HDAudBus - ok
20:47:27.0067 0x0644 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
20:47:27.0067 0x0644 HidBatt - ok
20:47:27.0071 0x0644 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
20:47:27.0072 0x0644 HidBth - ok
20:47:27.0075 0x0644 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
20:47:27.0076 0x0644 HidIr - ok
20:47:27.0078 0x0644 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
20:47:27.0079 0x0644 hidserv - ok
20:47:27.0082 0x0644 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:47:27.0082 0x0644 HidUsb - ok
20:47:27.0085 0x0644 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:47:27.0087 0x0644 hkmsvc - ok
20:47:27.0092 0x0644 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:47:27.0096 0x0644 HomeGroupListener - ok
20:47:27.0101 0x0644 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:47:27.0104 0x0644 HomeGroupProvider - ok
20:47:27.0107 0x0644 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:47:27.0108 0x0644 HpSAMD - ok
20:47:27.0122 0x0644 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:47:27.0131 0x0644 HTTP - ok
20:47:27.0144 0x0644 [ E5805896A55D4166C20F216249F40FA3, F426BF60D5B916E7A778EF24C49FE1FFE1B2977C2ABD2977FD5C38C6E6CB139F ] HWiNFO32 C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS
20:47:27.0144 0x0644 HWiNFO32 - ok
20:47:27.0147 0x0644 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:47:27.0147 0x0644 hwpolicy - ok
20:47:27.0151 0x0644 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:47:27.0152 0x0644 i8042prt - ok
20:47:27.0161 0x0644 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:47:27.0166 0x0644 iaStorV - ok
20:47:27.0182 0x0644 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:47:27.0191 0x0644 idsvc - ok
20:47:27.0194 0x0644 IEEtwCollectorService - ok
20:47:27.0196 0x0644 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:47:27.0197 0x0644 iirsp - ok
20:47:27.0212 0x0644 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
20:47:27.0222 0x0644 IKEEXT - ok
20:47:27.0225 0x0644 IntcAzAudAddService - ok
20:47:27.0227 0x0644 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
20:47:27.0227 0x0644 intelide - ok
20:47:27.0230 0x0644 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:47:27.0231 0x0644 intelppm - ok
20:47:27.0234 0x0644 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:47:27.0236 0x0644 IPBusEnum - ok
20:47:27.0239 0x0644 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:47:27.0240 0x0644 IpFilterDriver - ok
20:47:27.0250 0x0644 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:47:27.0257 0x0644 iphlpsvc - ok
20:47:27.0260 0x0644 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:47:27.0261 0x0644 IPMIDRV - ok
20:47:27.0265 0x0644 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:47:27.0266 0x0644 IPNAT - ok
20:47:27.0269 0x0644 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:47:27.0269 0x0644 IRENUM - ok
20:47:27.0271 0x0644 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:47:27.0271 0x0644 isapnp - ok
20:47:27.0278 0x0644 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:47:27.0281 0x0644 iScsiPrt - ok
20:47:27.0283 0x0644 [ 6BCEF45131C8B8E1C558BE540B190B3C, DFFED7FD9DCC15808184E65065DE6138FE010AC01217E5016B2D20A5B89AC570 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
20:47:27.0284 0x0644 iusb3hcs - ok
20:47:27.0291 0x0644 [ F080EADA8715F811B58BD35BB774F2F9, 06D5A70CBA89561A71B9CB64D7A298767F098395411A7022F414C7D0AC89A44D ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
20:47:27.0295 0x0644 iusb3hub - ok
20:47:27.0310 0x0644 [ 0F1756D9396740F053221FA6260FCE66, 0B722BF6BCF66BBD49DE0E92555742976AB33319CF504461A50181BF7A77E886 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
20:47:27.0319 0x0644 iusb3xhc - ok
20:47:27.0322 0x0644 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:47:27.0322 0x0644 kbdclass - ok
20:47:27.0326 0x0644 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:47:27.0326 0x0644 kbdhid - ok
20:47:27.0328 0x0644 [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] KeyIso C:\Windows\system32\lsass.exe
20:47:27.0329 0x0644 KeyIso - ok
20:47:27.0338 0x0644 [ BEE1682DA217A4AD46C36896769AA580, 4D853D78E459F7BFE4F4217FCAD47CDACFAC19C2F6CF8261FBAA46BDB387FFDC ] kl1 C:\Windows\system32\DRIVERS\kl1.sys
20:47:27.0344 0x0644 kl1 - ok
20:47:27.0348 0x0644 [ 86F40D79CE80ACBE6BEBAC8CE89D75A0, 8B800425160D1AF3C32EF7B5CA794658EE09CD3EE782473D8D38E1C7706076B3 ] klbackupdisk C:\Windows\system32\DRIVERS\klbackupdisk.sys
20:47:27.0349 0x0644 klbackupdisk - ok
20:47:27.0352 0x0644 [ C80861511ADA03A65DC12FAA207592F8, 2B50E009DB0D050099E558B7510104B930966EE8BB94CC0F62D1BFD765D5C7AD ] klbackupflt C:\Windows\system32\DRIVERS\klbackupflt.sys
20:47:27.0353 0x0644 klbackupflt - ok
20:47:27.0356 0x0644 [ 1557DF622127972EDB3DD3A61E7763CC, F6E8F31760B549B882180EB6FB45B40CA6CEDC5E61B11E02609C26E053F7C902 ] kldisk C:\Windows\system32\DRIVERS\kldisk.sys
20:47:27.0357 0x0644 kldisk - ok
20:47:27.0362 0x0644 [ DE7D2DEDE9C9D5219AA439172BA8D21C, B4573553DF8605A6C9417683B6AA12A596E8777175C39567B91BF03CE895D625 ] klflt C:\Windows\system32\DRIVERS\klflt.sys
20:47:27.0364 0x0644 klflt - ok
20:47:27.0370 0x0644 [ C62B714428FD30DD7B3115566C3F470B, 991CA0FCA02D744BAB29FF3F0029BC99EF85C7D8B8024EF5EF51589639191B05 ] klhk C:\Windows\system32\DRIVERS\klhk.sys
20:47:27.0373 0x0644 klhk - ok
20:47:27.0390 0x0644 [ 11586A6A85FF124F53E1435A34DD1707, 6291C3519EA53ACAA0594DAF4EDA41E1201F6CA9C7B0EF0B54CEF7BDB5DCD080 ] KLIF C:\Windows\system32\DRIVERS\klif.sys
20:47:27.0401 0x0644 KLIF - ok
20:47:27.0404 0x0644 [ 3553584440A11136C899B67ACC8CBE9D, B3D6D2E78B0FF0AF5A98E708D977978EA81E99D78F2E9CA2145B466AB4B11342 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
20:47:27.0405 0x0644 KLIM6 - ok
20:47:27.0408 0x0644 [ 22C4E9381C60DA78161FA042FDBA6873, B6CC05C1401E788BCCC8CF668216D9B78A8B51409D3CFBF419047933195062E0 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
20:47:27.0408 0x0644 klkbdflt - ok
20:47:27.0410 0x0644 klkbdflt2 - ok
20:47:27.0412 0x0644 [ D792857D47B8DF5BFEC02534C1933BE2, BDD483FA8E2DC50DB4E54D475867455F0D7E115494E2A31CD27A065C7EC26951 ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
20:47:27.0413 0x0644 klmouflt - ok
20:47:27.0415 0x0644 [ F610F5F17BC87D61EF8954CCD793BAE4, A77FE26B4A474FE799C3D569BDD7858319C57FC14C1BB43ECFAB1FDB19AF5DC6 ] klpd C:\Windows\system32\DRIVERS\klpd.sys
20:47:27.0416 0x0644 klpd - ok
20:47:27.0419 0x0644 [ B36DEE2A91F9388C4D3ED744592DE81D, 78D64539A375C80250FB9FA5E1DDA208B331A85916E19ED1353623DDF750EC58 ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys
20:47:27.0420 0x0644 kltdi - ok
20:47:27.0423 0x0644 [ 2AA3537309C2B9A7F120FB9E6A38250A, 6FD904542E0A21C4D6E46FB3EE11789938B90151D24531EB5319E62759D225DF ] Klwtp C:\Windows\system32\DRIVERS\klwtp.sys
20:47:27.0424 0x0644 Klwtp - ok
20:47:27.0429 0x0644 [ 1686DE8288052316EFDD49EEA8929065, AD43D6ACCD8693BD76F218E1A4EE088BA061C1309A3E7DAA7EC94D875985D895 ] kneps C:\Windows\system32\DRIVERS\kneps.sys
20:47:27.0431 0x0644 kneps - ok
20:47:27.0435 0x0644 [ 3A8C03156C3E31E70EF84E48CA179B46, E25E43D53BB6EE1B5F34C95B4FAD111B37A36367B8D047B10FC614DEE13658E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:47:27.0436 0x0644 KSecDD - ok
20:47:27.0441 0x0644 [ C6330F7C2E92A00E6773E82F79078AFC, D8B851BF4FCE85F2A269F0B46BC7EC5A118FCFDACE8460E7B54C1A7CE306774A ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:47:27.0443 0x0644 KSecPkg - ok
20:47:27.0445 0x0644 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:47:27.0445 0x0644 ksthunk - ok
20:47:27.0453 0x0644 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
20:47:27.0457 0x0644 KtmRm - ok
20:47:27.0463 0x0644 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:47:27.0467 0x0644 LanmanServer - ok
20:47:27.0471 0x0644 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:47:27.0473 0x0644 LanmanWorkstation - ok
20:47:27.0476 0x0644 [ 17325C9B9ADB2BB99049936D0C9812C8, 70ADDC85FD5757BC9C4B97F382B25A19851FF8275021FFC04A81E208A604F83E ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
20:47:27.0477 0x0644 LGBusEnum - ok
20:47:27.0480 0x0644 [ 2D7F1C02B94D6F0F3E10107E5EA8E141, 93B266F38C3C3EAAB475D81597ABBD7CC07943035068BB6FD670DBBE15DE0131 ] LGCoreTemp C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys
20:47:27.0480 0x0644 LGCoreTemp - ok
20:47:27.0483 0x0644 [ C7AF05942E041D4B1F345ACF79993BB3, E8FAAE356C99A11F6CF17640FD9C67F87AFBFEFB70C458CB85178F2AD94DF848 ] LGJoyXlCore C:\Windows\system32\drivers\LGJoyXlCore.sys
20:47:27.0484 0x0644 LGJoyXlCore - ok
20:47:27.0487 0x0644 [ 1DDB8DE3D6EEF31EDCF4977B2D2FAACC, 24291B522A596E2D9A1CDAC192DB1C7422D5DD0E87E5C8A5F5E2CAA90296BF23 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
20:47:27.0487 0x0644 LGVirHid - ok
20:47:27.0490 0x0644 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:47:27.0490 0x0644 lltdio - ok
20:47:27.0497 0x0644 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:47:27.0501 0x0644 lltdsvc - ok
20:47:27.0503 0x0644 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:47:27.0504 0x0644 lmhosts - ok
20:47:27.0508 0x0644 [ 7E74CE69AEF2F66F037E9000AF1209FB, AF5407AB507EB5F01167D4EFA0B235510F26287159C4594FB3B9CB2D086BDD6E ] LogiRegistryService C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
20:47:27.0511 0x0644 LogiRegistryService - ok
20:47:27.0516 0x0644 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
20:47:27.0517 0x0644 LSI_FC - ok
20:47:27.0521 0x0644 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:47:27.0522 0x0644 LSI_SAS - ok
20:47:27.0525 0x0644 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
20:47:27.0526 0x0644 LSI_SAS2 - ok
20:47:27.0529 0x0644 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:47:27.0531 0x0644 LSI_SCSI - ok
20:47:27.0534 0x0644 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
20:47:27.0536 0x0644 luafv - ok
20:47:27.0538 0x0644 [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
20:47:27.0539 0x0644 MBAMProtector - ok
20:47:27.0564 0x0644 [ AB176B9E59C0435499D83047D84EDD59, 85B826A3972CE9AD885313B69B9C60328B850257667D0EB65DDE890D0BB06361 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
20:47:27.0580 0x0644 MBAMScheduler - ok
20:47:27.0600 0x0644 [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
20:47:27.0613 0x0644 MBAMService - ok
20:47:27.0616 0x0644 [ D61070CFAD43038DC56AEAD9BFE9CE2A, BD77AEF60E7FD2015CB14A464799304359547146C14A47F8D25274ACFA2E42D5 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
20:47:27.0617 0x0644 MBAMWebAccessControl - ok
20:47:27.0619 0x0644 MBfilt - ok
20:47:27.0622 0x0644 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:47:27.0624 0x0644 Mcx2Svc - ok
20:47:27.0626 0x0644 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
20:47:27.0627 0x0644 megasas - ok
20:47:27.0633 0x0644 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
20:47:27.0636 0x0644 MegaSR - ok
20:47:27.0639 0x0644 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
20:47:27.0640 0x0644 MEIx64 - ok
20:47:27.0644 0x0644 Microsoft SharePoint Workspace Audit Service - ok
20:47:27.0646 0x0644 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
20:47:27.0648 0x0644 MMCSS - ok
20:47:27.0650 0x0644 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
20:47:27.0651 0x0644 Modem - ok
20:47:27.0653 0x0644 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:47:27.0654 0x0644 monitor - ok
20:47:27.0656 0x0644 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:47:27.0657 0x0644 mouclass - ok
20:47:27.0659 0x0644 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:47:27.0660 0x0644 mouhid - ok
20:47:27.0663 0x0644 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:47:27.0664 0x0644 mountmgr - ok
20:47:27.0668 0x0644 [ C34AB4280614658903BE848CE79ACDB5, 9A943D9B3CF941DAE4EA4E2771B5EC5DA37AB16AD43095EF092B4259D62FF810 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:47:27.0670 0x0644 MozillaMaintenance - ok
20:47:27.0674 0x0644 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
20:47:27.0676 0x0644 mpio - ok
20:47:27.0679 0x0644 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:47:27.0680 0x0644 mpsdrv - ok
20:47:27.0694 0x0644 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:47:27.0704 0x0644 MpsSvc - ok
20:47:27.0709 0x0644 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:47:27.0710 0x0644 MRxDAV - ok
20:47:27.0715 0x0644 [ ACB6782973BD93760D597FC7BB37E692, 9B6EC2858D236DCE61FD5E0247F4D947A5DC484C9C0AABFDAF8270ABA392E787 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:47:27.0717 0x0644 mrxsmb - ok
20:47:27.0723 0x0644 [ 262BF7BB7D0E44CFAA9B12A1E0A6EDF1, CCC3A4CE929C7C8B07C1038BBE8425590CE14F5C37E1D5608978A3AD2F41519C ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:47:27.0727 0x0644 mrxsmb10 - ok
20:47:27.0730 0x0644 [ 8C0376974AA28398FF501E78C04ACB30, 81CE67BE933F67F760A72BF9B581F33BC151D98970765FE4425450A2EF450409 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:47:27.0732 0x0644 mrxsmb20 - ok
20:47:27.0734 0x0644 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
20:47:27.0735 0x0644 msahci - ok
20:47:27.0739 0x0644 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:47:27.0740 0x0644 msdsm - ok
20:47:27.0744 0x0644 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
20:47:27.0746 0x0644 MSDTC - ok
20:47:27.0750 0x0644 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:47:27.0751 0x0644 Msfs - ok
20:47:27.0753 0x0644 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:47:27.0753 0x0644 mshidkmdf - ok
20:47:27.0754 0x0644 MSICDSetup - ok
20:47:27.0757 0x0644 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:47:27.0757 0x0644 msisadrv - ok
20:47:27.0761 0x0644 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:47:27.0764 0x0644 MSiSCSI - ok
20:47:27.0766 0x0644 msiserver - ok
20:47:27.0768 0x0644 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:47:27.0768 0x0644 MSKSSRV - ok
20:47:27.0770 0x0644 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:47:27.0770 0x0644 MSPCLOCK - ok
20:47:27.0772 0x0644 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:47:27.0773 0x0644 MSPQM - ok
20:47:27.0780 0x0644 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:47:27.0784 0x0644 MsRPC - ok
20:47:27.0788 0x0644 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
20:47:27.0788 0x0644 mssmbios - ok
20:47:27.0790 0x0644 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:47:27.0791 0x0644 MSTEE - ok
20:47:27.0793 0x0644 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
20:47:27.0793 0x0644 MTConfig - ok
20:47:27.0796 0x0644 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
20:47:27.0797 0x0644 Mup - ok
20:47:27.0806 0x0644 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
20:47:27.0811 0x0644 napagent - ok
20:47:27.0819 0x0644 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:47:27.0822 0x0644 NativeWifiP - ok
20:47:27.0840 0x0644 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
20:47:27.0851 0x0644 NDIS - ok
20:47:27.0854 0x0644 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:47:27.0855 0x0644 NdisCap - ok
20:47:27.0858 0x0644 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:47:27.0859 0x0644 NdisTapi - ok
20:47:27.0861 0x0644 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:47:27.0862 0x0644 Ndisuio - ok
20:47:27.0866 0x0644 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:47:27.0869 0x0644 NdisWan - ok
20:47:27.0871 0x0644 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:47:27.0872 0x0644 NDProxy - ok
20:47:27.0874 0x0644 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:47:27.0875 0x0644 NetBIOS - ok
20:47:27.0880 0x0644 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:47:27.0883 0x0644 NetBT - ok
20:47:27.0886 0x0644 [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] Netlogon C:\Windows\system32\lsass.exe
20:47:27.0887 0x0644 Netlogon - ok
20:47:27.0894 0x0644 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
20:47:27.0898 0x0644 Netman - ok
20:47:27.0904 0x0644 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:47:27.0906 0x0644 NetMsmqActivator - ok
20:47:27.0909 0x0644 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:47:27.0911 0x0644 NetPipeActivator - ok
20:47:27.0920 0x0644 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
20:47:27.0926 0x0644 netprofm - ok
20:47:27.0930 0x0644 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:47:27.0932 0x0644 NetTcpActivator - ok
20:47:27.0936 0x0644 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:47:27.0937 0x0644 NetTcpPortSharing - ok
20:47:27.0940 0x0644 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:47:27.0941 0x0644 nfrd960 - ok
20:47:27.0948 0x0644 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
20:47:27.0952 0x0644 NlaSvc - ok
20:47:27.0955 0x0644 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:47:27.0955 0x0644 Npfs - ok
20:47:27.0958 0x0644 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
20:47:27.0959 0x0644 nsi - ok
20:47:27.0961 0x0644 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:47:27.0961 0x0644 nsiproxy - ok
20:47:27.0989 0x0644 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:47:28.0007 0x0644 Ntfs - ok
20:47:28.0010 0x0644 NTIOLib_1_0_C - ok
20:47:28.0013 0x0644 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
20:47:28.0013 0x0644 Null - ok
20:47:28.0018 0x0644 [ D812362E8AF615B521AD4DF19A93BD5A, B1F04122DFE9FCC3FC56BE327D86912D624C89F2EFB9684BE66FC22115D0E19F ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
20:47:28.0021 0x0644 NVHDA - ok
20:47:28.0188 0x0644 [ F2D566CF188109B7E1EC955A077B2DAB, E5ACB0F01663786217DFB136DB6BE47F3BF992A3B5E4C2DD10B7276360C8568F ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:47:28.0312 0x0644 nvlddmkm - ok
20:47:28.0349 0x0644 [ C2909BD26906E1D05D77B1D48B48E94A, 5642571FFDBDC63F0E3B1477337103517ABF7C50EBEDA63EF8E162E44C7B2538 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
20:47:28.0370 0x0644 NvNetworkService - ok
20:47:28.0375 0x0644 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:47:28.0377 0x0644 nvraid - ok
20:47:28.0381 0x0644 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:47:28.0383 0x0644 nvstor - ok
20:47:28.0386 0x0644 [ 60C9EC53F9CFBFBE38E9C79B88A6B19F, D89D6C62AB0A3224D850B639E4D7D7265BF183BEE0C60F27FEDDF0194504B078 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
20:47:28.0386 0x0644 NvStreamKms - ok
20:47:28.0472 0x0644 [ 5A773713C332F8760ABB915C24675E8F, DA453D341529B34188D5B235B17BD0FDAE84129539FC212F34B9FCC42DC0549C ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
20:47:28.0533 0x0644 NvStreamSvc - ok
20:47:28.0553 0x0644 [ B3635110131D66553E489B8DFCB0DDA2, 4CAA5FA8F564E80CC557C101CA6E64522A8992D1D8406D639D0838450779CB50 ] nvsvc C:\Windows\system32\nvvsvc.exe
20:47:28.0565 0x0644 nvsvc - ok
20:47:28.0568 0x0644 [ 35DFC12FD7E44B7CB8CCD7E5A2B3975A, 36E0E39646636F6E027691E5C3903C51479B3F707BDEA40F460FD27E357DA14E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
20:47:28.0569 0x0644 nvvad_WaveExtensible - ok
20:47:28.0573 0x0644 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:47:28.0574 0x0644 nv_agp - ok
20:47:28.0578 0x0644 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:47:28.0579 0x0644 ohci1394 - ok
20:47:28.0581 0x0644 [ 0227755477E6B0CECE8CFFF2E6AFEDC0, 9D2B615238CAB50BF0B2E74A1A39CC0258E5AF4F03E4582A353B35E16E7D831A ] OpenVPNService C:\Program Files\OpenVPN\bin\openvpnserv.exe
20:47:28.0582 0x0644 OpenVPNService - ok
20:47:28.0587 0x0644 [ 4965B005492CBA7719E82B71E3245495, 52AD72C05FACC1E0E416A1FA25F34FDD3CB274FAB973BEAAE911A2FACA42B650 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:47:28.0589 0x0644 ose64 - ok
20:47:28.0665 0x0644 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:47:28.0719 0x0644 osppsvc - ok
20:47:28.0731 0x0644 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:47:28.0735 0x0644 p2pimsvc - ok
20:47:28.0744 0x0644 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
20:47:28.0749 0x0644 p2psvc - ok
20:47:28.0753 0x0644 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:47:28.0755 0x0644 Parport - ok
20:47:28.0758 0x0644 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:47:28.0759 0x0644 partmgr - ok
20:47:28.0763 0x0644 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:47:28.0766 0x0644 PcaSvc - ok
20:47:28.0771 0x0644 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
20:47:28.0773 0x0644 pci - ok
20:47:28.0775 0x0644 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
20:47:28.0775 0x0644 pciide - ok
20:47:28.0780 0x0644 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:47:28.0783 0x0644 pcmcia - ok
20:47:28.0785 0x0644 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
20:47:28.0786 0x0644 pcw - ok
20:47:28.0797 0x0644 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:47:28.0805 0x0644 PEAUTH - ok
20:47:28.0828 0x0644 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
20:47:28.0843 0x0644 PeerDistSvc - ok
20:47:28.0856 0x0644 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:47:28.0857 0x0644 PerfHost - ok
20:47:28.0882 0x0644 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
20:47:28.0898 0x0644 pla - ok
20:47:28.0907 0x0644 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:47:28.0912 0x0644 PlugPlay - ok
20:47:28.0914 0x0644 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:47:28.0915 0x0644 PNRPAutoReg - ok
20:47:28.0922 0x0644 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:47:28.0926 0x0644 PNRPsvc - ok
20:47:28.0936 0x0644 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:47:28.0942 0x0644 PolicyAgent - ok
20:47:28.0947 0x0644 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
20:47:28.0950 0x0644 Power - ok
20:47:28.0954 0x0644 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:47:28.0955 0x0644 PptpMiniport - ok
20:47:28.0958 0x0644 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
20:47:28.0959 0x0644 Processor - ok
20:47:28.0964 0x0644 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
20:47:28.0967 0x0644 ProfSvc - ok
20:47:28.0969 0x0644 [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:47:28.0970 0x0644 ProtectedStorage - ok
20:47:28.0974 0x0644 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:47:28.0975 0x0644 Psched - ok
20:47:28.0977 0x0644 [ DD3FD48D69F5FBBB21D46D1514C1C2DB, 2B188E3AC4BD9B608D375DD550507717852C2AF7C0F99FFED90098999B9D4F01 ] PSI C:\Windows\system32\DRIVERS\psi_mf_amd64.sys
20:47:28.0978 0x0644 PSI - ok
20:47:29.0002 0x0644 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
20:47:29.0018 0x0644 ql2300 - ok
20:47:29.0023 0x0644 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
20:47:29.0025 0x0644 ql40xx - ok
20:47:29.0030 0x0644 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
20:47:29.0034 0x0644 QWAVE - ok
20:47:29.0036 0x0644 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:47:29.0037 0x0644 QWAVEdrv - ok
20:47:29.0039 0x0644 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:47:29.0039 0x0644 RasAcd - ok
20:47:29.0042 0x0644 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:47:29.0043 0x0644 RasAgileVpn - ok
20:47:29.0047 0x0644 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
20:47:29.0048 0x0644 RasAuto - ok
20:47:29.0052 0x0644 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:47:29.0054 0x0644 Rasl2tp - ok
20:47:29.0061 0x0644 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
20:47:29.0065 0x0644 RasMan - ok
20:47:29.0069 0x0644 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:47:29.0070 0x0644 RasPppoe - ok
20:47:29.0073 0x0644 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:47:29.0074 0x0644 RasSstp - ok
20:47:29.0080 0x0644 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:47:29.0084 0x0644 rdbss - ok
20:47:29.0086 0x0644 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:47:29.0086 0x0644 rdpbus - ok
20:47:29.0088 0x0644 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:47:29.0089 0x0644 RDPCDD - ok
20:47:29.0093 0x0644 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
20:47:29.0095 0x0644 RDPDR - ok
20:47:29.0097 0x0644 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:47:29.0097 0x0644 RDPENCDD - ok
20:47:29.0100 0x0644 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:47:29.0101 0x0644 RDPREFMP - ok
20:47:29.0104 0x0644 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:47:29.0104 0x0644 RdpVideoMiniport - ok
20:47:29.0109 0x0644 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:47:29.0111 0x0644 RDPWD - ok
20:47:29.0116 0x0644 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:47:29.0119 0x0644 rdyboost - ok
20:47:29.0122 0x0644 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:47:29.0124 0x0644 RemoteAccess - ok
20:47:29.0128 0x0644 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:47:29.0130 0x0644 RemoteRegistry - ok
20:47:29.0134 0x0644 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:47:29.0135 0x0644 RpcEptMapper - ok
20:47:29.0137 0x0644 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
20:47:29.0138 0x0644 RpcLocator - ok
20:47:29.0147 0x0644 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
20:47:29.0154 0x0644 RpcSs - ok
20:47:29.0158 0x0644 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:47:29.0159 0x0644 rspndr - ok
20:47:29.0171 0x0644 [ 6CF9DB101A75360E98659F823852E540, A7D48DF41A831EEF9978B51786EF80DB9CC40602BE66D46CA11BE1548BC2D10C ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
20:47:29.0178 0x0644 RTL8167 - ok
20:47:29.0180 0x0644 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
20:47:29.0180 0x0644 s3cap - ok
20:47:29.0183 0x0644 [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] SamSs C:\Windows\system32\lsass.exe
20:47:29.0183 0x0644 SamSs - ok
20:47:29.0187 0x0644 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:47:29.0188 0x0644 sbp2port - ok
20:47:29.0193 0x0644 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:47:29.0196 0x0644 SCardSvr - ok
20:47:29.0198 0x0644 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:47:29.0199 0x0644 scfilter - ok
20:47:29.0217 0x0644 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
20:47:29.0230 0x0644 Schedule - ok
20:47:29.0234 0x0644 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
20:47:29.0235 0x0644 SCPolicySvc - ok
20:47:29.0239 0x0644 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:47:29.0242 0x0644 SDRSVC - ok
20:47:29.0244 0x0644 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:47:29.0245 0x0644 secdrv - ok
20:47:29.0247 0x0644 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
20:47:29.0248 0x0644 seclogon - ok
20:47:29.0269 0x0644 [ 05E383849FA1FBBBC160612B0080618C, 43A33CC6BD24635EE849E89DB4391AB36292DDC0AC407E1B480B6E1DF7FC3BC5 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
20:47:29.0282 0x0644 Secunia PSI Agent - ok
20:47:29.0295 0x0644 [ F8173F1454F21C451439CB47EF75830A, CF87917CD061686CD956884D4ED73AA8C0B04B0B7B5BA36BAA4CC4A03C8C0263 ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
20:47:29.0303 0x0644 Secunia Update Agent - ok
20:47:29.0306 0x0644 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
20:47:29.0308 0x0644 SENS - ok
20:47:29.0310 0x0644 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:47:29.0311 0x0644 SensrSvc - ok
20:47:29.0313 0x0644 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:47:29.0314 0x0644 Serenum - ok
20:47:29.0317 0x0644 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:47:29.0318 0x0644 Serial - ok
20:47:29.0320 0x0644 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:47:29.0321 0x0644 sermouse - ok
20:47:29.0327 0x0644 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
20:47:29.0329 0x0644 SessionEnv - ok
20:47:29.0331 0x0644 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:47:29.0332 0x0644 sffdisk - ok
20:47:29.0334 0x0644 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:47:29.0334 0x0644 sffp_mmc - ok
20:47:29.0336 0x0644 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:47:29.0336 0x0644 sffp_sd - ok
20:47:29.0338 0x0644 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:47:29.0339 0x0644 sfloppy - ok
20:47:29.0346 0x0644 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:47:29.0351 0x0644 SharedAccess - ok
20:47:29.0359 0x0644 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:47:29.0364 0x0644 ShellHWDetection - ok
20:47:29.0367 0x0644 [ 8C61B219882C9C9ECA09BEDB82B0DDB1, 711681040D9CD93D603F55AB8D62371F5D51917C14818F27859E23E2D60EB18F ] silabenm C:\Windows\system32\DRIVERS\silabenm.sys
20:47:29.0368 0x0644 silabenm - ok
20:47:29.0371 0x0644 [ 2641655FAD6C1EA0F3677978E2BF28C1, E703CE74D09E901BF531589E181DCF95B9C63E09FE1B99E38DEA9EE47EE458BA ] silabser C:\Windows\system32\DRIVERS\silabser.sys
20:47:29.0372 0x0644 silabser - ok
20:47:29.0374 0x0644 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
20:47:29.0374 0x0644 SiSRaid2 - ok
20:47:29.0377 0x0644 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:47:29.0378 0x0644 SiSRaid4 - ok
20:47:29.0386 0x0644 [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
20:47:29.0389 0x0644 SkypeUpdate - ok
20:47:29.0392 0x0644 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:47:29.0394 0x0644 Smb - ok
20:47:29.0397 0x0644 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:47:29.0399 0x0644 SNMPTRAP - ok
20:47:29.0401 0x0644 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
20:47:29.0401 0x0644 spldr - ok
20:47:29.0412 0x0644 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
20:47:29.0419 0x0644 Spooler - ok
20:47:29.0473 0x0644 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
20:47:29.0512 0x0644 sppsvc - ok
20:47:29.0518 0x0644 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:47:29.0519 0x0644 sppuinotify - ok
20:47:29.0528 0x0644 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:47:29.0533 0x0644 srv - ok
20:47:29.0542 0x0644 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:47:29.0546 0x0644 srv2 - ok
20:47:29.0551 0x0644 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:47:29.0553 0x0644 srvnet - ok
20:47:29.0558 0x0644 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:47:29.0561 0x0644 SSDPSRV - ok
20:47:29.0564 0x0644 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:47:29.0566 0x0644 SstpSvc - ok
20:47:29.0580 0x0644 [ 9DA3B55B17B54789AFB8C657D4ACE4D7, 5E4599E682327E3B8097A88A69ED73F96254A29054744D5DFB782054863F131E ] ss_conn_service C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
20:47:29.0588 0x0644 ss_conn_service - ok
20:47:29.0604 0x0644 [ D31201BD8782752BD69DBE1E5DDF9AC5, 98B72690B4E6CC1B694C655DD31CB1FB56B76B62A32CFB748AF78F4C072D9740 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
20:47:29.0613 0x0644 Steam Client Service - ok
20:47:29.0623 0x0644 [ EA8F9ED1691A67929421453125D751C1, DD5AC4727AB1C1C4A6579FD2B57EB41C1A4E6926034AB7D7EB05CD04064AAFDF ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
20:47:29.0627 0x0644 Stereo Service - ok
20:47:29.0629 0x0644 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
20:47:29.0630 0x0644 stexstor - ok
20:47:29.0640 0x0644 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
20:47:29.0648 0x0644 stisvc - ok
20:47:29.0651 0x0644 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
20:47:29.0652 0x0644 storflt - ok
20:47:29.0654 0x0644 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
20:47:29.0655 0x0644 storvsc - ok
20:47:29.0657 0x0644 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
20:47:29.0657 0x0644 swenum - ok
20:47:29.0668 0x0644 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
20:47:29.0674 0x0644 SwitchBoard - ok
20:47:29.0684 0x0644 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
20:47:29.0691 0x0644 swprv - ok
20:47:29.0694 0x0644 [ C3A39C4079305480972D29C44B868C78, 8F1BB75C743256F905EAEDE744B6082C53774C49126875FB4E4FBA30F5478B17 ] Synth3dVsc C:\Windows\system32\drivers\synth3dvsc.sys
20:47:29.0695 0x0644 Synth3dVsc - ok
20:47:29.0723 0x0644 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
20:47:29.0742 0x0644 SysMain - ok
20:47:29.0747 0x0644 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:47:29.0749 0x0644 TabletInputService - ok
20:47:29.0751 0x0644 [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
20:47:29.0752 0x0644 tap0901 - ok
20:47:29.0759 0x0644 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
20:47:29.0763 0x0644 TapiSrv - ok
20:47:29.0766 0x0644 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
20:47:29.0768 0x0644 TBS - ok
20:47:29.0797 0x0644 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:47:29.0818 0x0644 Tcpip - ok
20:47:29.0849 0x0644 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:47:29.0871 0x0644 TCPIP6 - ok
20:47:29.0875 0x0644 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:47:29.0876 0x0644 tcpipreg - ok
20:47:29.0879 0x0644 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:47:29.0879 0x0644 TDPIPE - ok
20:47:29.0881 0x0644 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:47:29.0881 0x0644 TDTCP - ok
20:47:29.0885 0x0644 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:47:29.0887 0x0644 tdx - ok
20:47:29.0890 0x0644 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
20:47:29.0890 0x0644 TermDD - ok
20:47:29.0893 0x0644 [ EF4469AB69EB15E5D3754E6AEAFBCD3D, 3609214C3D5181364B544EBF17E9A109952BE1C4C35BE0A8727BFA8F49ECB130 ] terminpt C:\Windows\system32\drivers\terminpt.sys
20:47:29.0894 0x0644 terminpt - ok
20:47:29.0906 0x0644 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
20:47:29.0914 0x0644 TermService - ok
20:47:29.0917 0x0644 [ 9201BE2BAB8A9FF8E20D8439AE3BB04D, D973C4FE5B8D02B15476D72B49105840A04DBFF8BCB77117C0354D046E6C02FB ] Themes C:\Windows\system32\themeservice.dll
20:47:29.0918 0x0644 Themes - ok
20:47:29.0921 0x0644 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
20:47:29.0922 0x0644 THREADORDER - ok
20:47:29.0926 0x0644 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
20:47:29.0928 0x0644 TrkWks - ok
20:47:29.0933 0x0644 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:47:29.0935 0x0644 TrustedInstaller - ok
20:47:29.0939 0x0644 [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:47:29.0939 0x0644 tssecsrv - ok
20:47:29.0942 0x0644 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:47:29.0943 0x0644 TsUsbFlt - ok
20:47:29.0945 0x0644 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
20:47:29.0945 0x0644 TsUsbGD - ok
20:47:29.0949 0x0644 [ E1748D04AE40118B62BC18AC86032192, A954B141D1B27272C771D14F3B40C7CC1F572DD72559F2C96182EFBE2B095FDE ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
20:47:29.0950 0x0644 tsusbhub - ok
20:47:29.0954 0x0644 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:47:29.0956 0x0644 tunnel - ok
20:47:29.0958 0x0644 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:47:29.0959 0x0644 uagp35 - ok
20:47:29.0966 0x0644 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:47:29.0969 0x0644 udfs - ok
20:47:29.0974 0x0644 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:47:29.0975 0x0644 UI0Detect - ok
20:47:29.0977 0x0644 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:47:29.0978 0x0644 uliagpkx - ok
20:47:29.0981 0x0644 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:47:29.0982 0x0644 umbus - ok
20:47:29.0984 0x0644 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
20:47:29.0984 0x0644 UmPass - ok
20:47:29.0989 0x0644 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
20:47:29.0992 0x0644 UmRdpService - ok
20:47:29.0998 0x0644 [ 20E2D894031B5769482148A4166B29A0, 338CEF86430998AE3E6A8FF0A3B13374A9A240F2E39AEDEC5BA549DAF8550F7B ] Unchecky C:\Program Files (x86)\Unchecky\bin\Unchecky_svc.exe
20:47:30.0001 0x0644 Unchecky - ok
20:47:30.0008 0x0644 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
20:47:30.0012 0x0644 upnphost - ok
20:47:30.0016 0x0644 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
20:47:30.0017 0x0644 usbaudio - ok
20:47:30.0021 0x0644 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:47:30.0022 0x0644 usbccgp - ok
20:47:30.0025 0x0644 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:47:30.0026 0x0644 usbcir - ok
20:47:30.0029 0x0644 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
20:47:30.0030 0x0644 usbehci - ok
20:47:30.0036 0x0644 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:47:30.0040 0x0644 usbhub - ok
20:47:30.0043 0x0644 [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:47:30.0043 0x0644 usbohci - ok
20:47:30.0045 0x0644 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
20:47:30.0046 0x0644 usbprint - ok
20:47:30.0049 0x0644 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:47:30.0050 0x0644 USBSTOR - ok
20:47:30.0053 0x0644 [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:47:30.0053 0x0644 usbuhci - ok
20:47:30.0055 0x0644 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
20:47:30.0057 0x0644 UxSms - ok
20:47:30.0059 0x0644 [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] VaultSvc C:\Windows\system32\lsass.exe
20:47:30.0060 0x0644 VaultSvc - ok
20:47:30.0062 0x0644 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:47:30.0062 0x0644 vdrvroot - ok
20:47:30.0072 0x0644 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
20:47:30.0078 0x0644 vds - ok
20:47:30.0081 0x0644 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:47:30.0082 0x0644 vga - ok
20:47:30.0084 0x0644 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
20:47:30.0085 0x0644 VgaSave - ok
20:47:30.0086 0x0644 VGPU - ok
20:47:30.0091 0x0644 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:47:30.0094 0x0644 vhdmp - ok
20:47:30.0096 0x0644 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
20:47:30.0096 0x0644 viaide - ok
20:47:30.0100 0x0644 [ C7C74D057890D93C3F9FA13874ED696E, 9532B9F4831293FB7BDEAA1B02372DDB6DC9899395CAC1DAE93EAA459DA4E682 ] VMAuthdService C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
20:47:30.0101 0x0644 VMAuthdService - ok
20:47:30.0106 0x0644 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
20:47:30.0109 0x0644 vmbus - ok
20:47:30.0111 0x0644 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
20:47:30.0111 0x0644 VMBusHID - ok
20:47:30.0115 0x0644 [ 23B3E571717D59C8B0A6963B79061B57, B41BF84972DE78FDD9FA1D69D0514FEABB238321A29608A5304D97EB6CC02B3F ] vmci C:\Windows\system32\DRIVERS\vmci.sys
20:47:30.0116 0x0644 vmci - ok
20:47:30.0119 0x0644 [ A3412EC3FF7A5AC2CA3A3951476BFA9C, 8A3D241168205B6B5348F44DF89875067CDD5B29BE8CF14ADA8403225AE2A379 ] VMnetAdapter C:\Windows\system32\DRIVERS\vmnetadapter.sys
20:47:30.0119 0x0644 VMnetAdapter - ok
20:47:30.0122 0x0644 [ F76AD463DBE8D30CB715A09DF9FF2BE9, 5B2184582496ED0EE8582C6AD3BCF49674690C585439B6F57B43ADC12DF941F6 ] VMnetBridge C:\Windows\system32\DRIVERS\vmnetbridge.sys
20:47:30.0122 0x0644 VMnetBridge - ok
20:47:30.0130 0x0644 [ 5AA028983A9E31F166C823213E09D831, E417A2A7E4A77E96F819EF1FCA0156AE01807825C0EE0817E649FE6C0D41A4BE ] VMnetDHCP C:\Windows\SysWOW64\vmnetdhcp.exe
20:47:30.0134 0x0644 VMnetDHCP - ok
20:47:30.0136 0x0644 [ 3E90D3D63FF1E7C8D96C22C0634FBAE7, 469EB9597FE396FCA4ADA49C66DF0ED0F9D5C780F9321D525A6A2B99B59385DD ] VMnetuserif C:\Windows\system32\drivers\vmnetuserif.sys
20:47:30.0137 0x0644 VMnetuserif - ok
20:47:30.0139 0x0644 [ 3B4671ADF5514FECCD6ACC511E2132D6, 496730A7DB3C50715C0596647887E979460D8ADA492C5EFC74A3D3BE04EEAFCA ] VMparport C:\Windows\system32\drivers\VMparport.sys
20:47:30.0140 0x0644 VMparport - ok
20:47:30.0142 0x0644 [ 5C33E873349CF67272A8B342AC963A6E, 9CB419F422C88C0055440E1AF94716C537E9D9CD34DF6F2AE81C3D2CDDD1FD31 ] vmusb C:\Windows\system32\DRIVERS\vmusb.sys
20:47:30.0143 0x0644 vmusb - ok
20:47:30.0158 0x0644 [ 60F09F58C27924548F6627BF3A4111FE, 8357FDFB6574DCB2C036851CAC9A8E4659432FF1CDDBFA8195417CD975B52EF6 ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
20:47:30.0168 0x0644 VMUSBArbService - ok
20:47:30.0179 0x0644 [ FE3F73C95BCDBB97CE8AF594C3EEE4CA, 69A722D67B96593CB4DEE59C99A594A1D91B176153AF923A7D4B3CAB98C7F46D ] VMware NAT Service C:\Windows\SysWOW64\vmnat.exe
20:47:30.0184 0x0644 VMware NAT Service - ok
20:47:30.0187 0x0644 [ 9EA0F4084FE4FA67BE7496503C26AA85, F8700AC5B5A02F071ABE6AFFAD3A68D8BFE911C92E0F70E7F4EF8420199F4F5E ] vmx86 C:\Windows\system32\drivers\vmx86.sys
20:47:30.0188 0x0644 vmx86 - ok
20:47:30.0191 0x0644 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:47:30.0192 0x0644 volmgr - ok
20:47:30.0199 0x0644 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
__________________ Zitat:
|
|
05.11.2015, 20:50
| #6 |
| | MatasploitCode:
ATTFilter 20:47:30.0203 0x0644 volmgrx - ok
20:47:30.0210 0x0644 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:47:30.0213 0x0644 volsnap - ok
20:47:30.0218 0x0644 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:47:30.0220 0x0644 vsmraid - ok
20:47:30.0223 0x0644 [ 7639A7B4A8E5204BB37B479C2D1C8934, 2A35B3A7B20EE3F5888A089D1E46A7FD7B2D86AB36D3401A224F7CD39ABE7F27 ] vsock C:\Windows\system32\drivers\vsock.sys
20:47:30.0224 0x0644 vsock - ok
20:47:30.0250 0x0644 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
20:47:30.0268 0x0644 VSS - ok
20:47:30.0275 0x0644 [ 79F4D90FAA0ACC1866F2F3E03E39CA89, EE08BCBF29A7E4AFFF520B8DF067281425F433EC275F8C86CE8F20F000E92E3D ] vssbrigde64 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe
20:47:30.0277 0x0644 vssbrigde64 - ok
20:47:30.0279 0x0644 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
20:47:30.0280 0x0644 vwifibus - ok
20:47:30.0288 0x0644 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
20:47:30.0293 0x0644 W32Time - ok
20:47:30.0296 0x0644 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:47:30.0296 0x0644 WacomPen - ok
20:47:30.0299 0x0644 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:47:30.0301 0x0644 WANARP - ok
20:47:30.0303 0x0644 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:47:30.0304 0x0644 Wanarpv6 - ok
20:47:30.0326 0x0644 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
20:47:30.0339 0x0644 WatAdminSvc - ok
20:47:30.0365 0x0644 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
20:47:30.0382 0x0644 wbengine - ok
20:47:30.0388 0x0644 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:47:30.0391 0x0644 WbioSrvc - ok
20:47:30.0399 0x0644 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:47:30.0404 0x0644 wcncsvc - ok
20:47:30.0407 0x0644 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:47:30.0408 0x0644 WcsPlugInService - ok
20:47:30.0410 0x0644 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
20:47:30.0411 0x0644 Wd - ok
20:47:30.0424 0x0644 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:47:30.0432 0x0644 Wdf01000 - ok
20:47:30.0436 0x0644 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:47:30.0438 0x0644 WdiServiceHost - ok
20:47:30.0441 0x0644 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:47:30.0443 0x0644 WdiSystemHost - ok
20:47:30.0449 0x0644 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll
20:47:30.0453 0x0644 WebClient - ok
20:47:30.0458 0x0644 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:47:30.0462 0x0644 Wecsvc - ok
20:47:30.0464 0x0644 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:47:30.0466 0x0644 wercplsupport - ok
20:47:30.0469 0x0644 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
20:47:30.0471 0x0644 WerSvc - ok
20:47:30.0473 0x0644 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:47:30.0473 0x0644 WfpLwf - ok
20:47:30.0476 0x0644 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:47:30.0476 0x0644 WIMMount - ok
20:47:30.0478 0x0644 WinDefend - ok
20:47:30.0481 0x0644 WinHttpAutoProxySvc - ok
20:47:30.0488 0x0644 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:47:30.0491 0x0644 Winmgmt - ok
20:47:30.0524 0x0644 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
20:47:30.0547 0x0644 WinRM - ok
20:47:30.0553 0x0644 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:47:30.0554 0x0644 WinUsb - ok
20:47:30.0569 0x0644 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:47:30.0579 0x0644 Wlansvc - ok
20:47:30.0581 0x0644 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
20:47:30.0582 0x0644 WmiAcpi - ok
20:47:30.0588 0x0644 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:47:30.0590 0x0644 wmiApSrv - ok
20:47:30.0592 0x0644 WMPNetworkSvc - ok
20:47:30.0594 0x0644 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:47:30.0595 0x0644 WPCSvc - ok
20:47:30.0599 0x0644 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:47:30.0601 0x0644 WPDBusEnum - ok
20:47:30.0603 0x0644 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:47:30.0603 0x0644 ws2ifsl - ok
20:47:30.0607 0x0644 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
20:47:30.0609 0x0644 wscsvc - ok
20:47:30.0610 0x0644 WSearch - ok
20:47:30.0652 0x0644 [ 361845875ED8ED13086E7F37265C45DA, A0931DC1E35712036E93BBC3600530C0DA12E94E0D898787C818C526DFF240C2 ] wuauserv C:\Windows\system32\wuaueng.dll
20:47:30.0680 0x0644 wuauserv - ok
20:47:30.0685 0x0644 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:47:30.0686 0x0644 WudfPf - ok
20:47:30.0691 0x0644 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:47:30.0693 0x0644 WUDFRd - ok
20:47:30.0697 0x0644 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:47:30.0699 0x0644 wudfsvc - ok
20:47:30.0704 0x0644 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
20:47:30.0707 0x0644 WwanSvc - ok
20:47:30.0712 0x0644 ================ Scan global ===============================
20:47:30.0714 0x0644 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
20:47:30.0719 0x0644 [ 4AD1C61152A0199E3D7F9A82C07AC629, A4A42C7757EB084EE368A6BC4EBAB0C47BE41B0B4119A6AECD1B8E3332A7C5D5 ] C:\Windows\system32\winsrv.dll
20:47:30.0726 0x0644 [ 4AD1C61152A0199E3D7F9A82C07AC629, A4A42C7757EB084EE368A6BC4EBAB0C47BE41B0B4119A6AECD1B8E3332A7C5D5 ] C:\Windows\system32\winsrv.dll
20:47:30.0731 0x0644 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
20:47:30.0738 0x0644 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
20:47:30.0742 0x0644 [ Global ] - ok
20:47:30.0742 0x0644 ================ Scan MBR ==================================
20:47:30.0743 0x0644 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
20:47:30.0748 0x0644 \Device\Harddisk1\DR1 - ok
20:47:30.0750 0x0644 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
20:47:31.0258 0x0644 \Device\Harddisk0\DR0 - ok
20:47:31.0298 0x0644 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk3\DR3
20:47:31.0305 0x0644 \Device\Harddisk3\DR3 - ok
20:47:31.0308 0x0644 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2
20:47:31.0312 0x0644 \Device\Harddisk2\DR2 - ok
20:47:31.0312 0x0644 ================ Scan VBR ==================================
20:47:31.0333 0x0644 [ 1D3F44A73CA36E1E80640F5871BBD643 ] \Device\Harddisk1\DR1\Partition1
20:47:31.0372 0x0644 \Device\Harddisk1\DR1\Partition1 - ok
20:47:31.0373 0x0644 [ D031BA0FE117A35A80A102771F1FFFBB ] \Device\Harddisk1\DR1\Partition2
20:47:31.0405 0x0644 \Device\Harddisk1\DR1\Partition2 - ok
20:47:31.0407 0x0644 [ 4BCCB2D76E38266C9D5E4D74FD12C847 ] \Device\Harddisk1\DR1\Partition3
20:47:31.0408 0x0644 \Device\Harddisk1\DR1\Partition3 - ok
20:47:31.0424 0x0644 [ E0360D3C9EA6CAB509B0EA04B220EB5D ] \Device\Harddisk1\DR1\Partition4
20:47:31.0425 0x0644 \Device\Harddisk1\DR1\Partition4 - ok
20:47:31.0426 0x0644 [ 8954A6719F9F80200697B94F81A6EE9F ] \Device\Harddisk0\DR0\Partition1
20:47:31.0426 0x0644 \Device\Harddisk0\DR0\Partition1 - ok
20:47:31.0428 0x0644 [ 8191AF4C784A05DF702F98804734C93B ] \Device\Harddisk0\DR0\Partition2
20:47:31.0428 0x0644 \Device\Harddisk0\DR0\Partition2 - ok
20:47:31.0429 0x0644 [ 2E6B3014E81C8542FEE74E3A2E8E6511 ] \Device\Harddisk0\DR0\Partition3
20:47:31.0429 0x0644 \Device\Harddisk0\DR0\Partition3 - ok
20:47:31.0430 0x0644 [ 4885CD72A6223F4E0A05D555411DF1BF ] \Device\Harddisk0\DR0\Partition4
20:47:31.0431 0x0644 \Device\Harddisk0\DR0\Partition4 - ok
20:47:31.0433 0x0644 [ 26F1C294F87FAB37FE867F11B2AD28EA ] \Device\Harddisk3\DR3\Partition1
20:47:31.0493 0x0644 \Device\Harddisk3\DR3\Partition1 - ok
20:47:31.0494 0x0644 [ B1910A579C7A491979EF3499BC9FCFCB ] \Device\Harddisk3\DR3\Partition2
20:47:31.0533 0x0644 \Device\Harddisk3\DR3\Partition2 - ok
20:47:31.0535 0x0644 [ 36710D3A487AC34F8978A5916A7457EE ] \Device\Harddisk3\DR3\Partition3
20:47:31.0571 0x0644 \Device\Harddisk3\DR3\Partition3 - ok
20:47:31.0574 0x0644 [ 210F986CF55834721F32848469737DA2 ] \Device\Harddisk2\DR2\Partition1
20:47:31.0574 0x0644 \Device\Harddisk2\DR2\Partition1 - ok
20:47:31.0575 0x0644 [ 8AAB89A9CF90C671C825F2901C7413A4 ] \Device\Harddisk2\DR2\Partition2
20:47:31.0576 0x0644 \Device\Harddisk2\DR2\Partition2 - ok
20:47:31.0577 0x0644 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk2\DR2\Partition3
20:47:31.0577 0x0644 \Device\Harddisk2\DR2\Partition3 - ok
20:47:31.0578 0x0644 [ 702BE61B101174221C78A6AEB3A59B09 ] \Device\Harddisk2\DR2\Partition4
20:47:31.0579 0x0644 \Device\Harddisk2\DR2\Partition4 - ok
20:47:31.0579 0x0644 ================ Scan generic autorun ======================
20:47:31.0620 0x0644 [ 6BE70A935DFD72F47C29757305B50B1E, 6E76D7CA8C417750C2AFAD45344F5863CEA7798A2993716E21DE1997789D1746 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
20:47:31.0647 0x0644 NvBackend - ok
20:47:31.0651 0x0644 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
20:47:31.0653 0x0644 ShadowPlay - ok
20:47:31.0874 0x0644 [ D187A411C9C34F80B4D3AAB97CDB3C0A, 9406914A72D09B0090A263D03AD0E3006C3A30EDBEF0B87C062010AEF2D86B75 ] C:\Program Files\Logitech Gaming Software\LCore.exe
20:47:32.0029 0x0644 Launch LCore - ok
20:47:32.0055 0x0644 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:47:32.0068 0x0644 Sidebar - ok
20:47:32.0072 0x0644 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:47:32.0073 0x0644 mctadmin - ok
20:47:32.0093 0x0644 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:47:32.0105 0x0644 Sidebar - ok
20:47:32.0109 0x0644 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:47:32.0111 0x0644 mctadmin - ok
20:47:32.0118 0x0644 [ B22CB67919EBAD88B0E8BB9CDA446010, 2F744FEAC48EDE7D6B6D2727F7DDFA80B26D9E3B0009741B00992B19AD85E128 ] C:\Windows\System32\StikyNot.exe
20:47:32.0124 0x0644 RESTART_STICKY_NOTES - ok
20:47:32.0126 0x0644 Waiting for KSN requests completion. In queue: 158
20:47:33.0126 0x0644 Waiting for KSN requests completion. In queue: 158
20:47:34.0126 0x0644 Waiting for KSN requests completion. In queue: 158
20:47:34.0985 0x0678 Object required for P2P: [ 20E2D894031B5769482148A4166B29A0 ] Unchecky
20:47:35.0126 0x0644 Waiting for KSN requests completion. In queue: 81
20:47:36.0126 0x0644 Waiting for KSN requests completion. In queue: 81
20:47:37.0126 0x0644 Waiting for KSN requests completion. In queue: 81
20:47:37.0868 0x0678 Object send P2P result: true
20:47:38.0135 0x0644 AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41000 ( enabled : updated )
20:47:38.0136 0x0644 FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41010 ( enabled )
20:47:41.0197 0x0644 ============================================================
20:47:41.0197 0x0644 Scan finished
20:47:41.0197 0x0644 ============================================================
20:47:41.0202 0x1164 Detected object count: 0
20:47:41.0202 0x1164 Actual detected object count: 0
20:47:57.0446 0x0ec4 ============================================================
20:47:57.0446 0x0ec4 Scan started
20:47:57.0446 0x0ec4 Mode: Manual; SigCheck; TDLFS;
20:47:57.0446 0x0ec4 ============================================================
20:47:57.0446 0x0ec4 KSN ping started
20:48:00.0179 0x0ec4 KSN ping finished: true
20:48:00.0617 0x0ec4 ================ Scan system memory ========================
20:48:00.0617 0x0ec4 System memory - ok
20:48:00.0617 0x0ec4 ================ Scan services =============================
20:48:00.0639 0x0ec4 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:48:00.0664 0x0ec4 1394ohci - ok
20:48:00.0671 0x0ec4 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:48:00.0681 0x0ec4 ACPI - ok
20:48:00.0684 0x0ec4 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:48:00.0692 0x0ec4 AcpiPmi - ok
20:48:00.0706 0x0ec4 [ 8C194A201698B4B4F77D974549819D1F, 081A2496FE1CE519E48677D99A831FF1FEEB1B33C75224CF288FA52F3E0E5FF0 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:48:00.0714 0x0ec4 AdobeFlashPlayerUpdateSvc - ok
20:48:00.0724 0x0ec4 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:48:00.0736 0x0ec4 adp94xx - ok
20:48:00.0743 0x0ec4 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:48:00.0753 0x0ec4 adpahci - ok
20:48:00.0758 0x0ec4 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:48:00.0765 0x0ec4 adpu320 - ok
20:48:00.0769 0x0ec4 [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:48:00.0776 0x0ec4 AeLookupSvc - ok
20:48:00.0785 0x0ec4 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
20:48:00.0798 0x0ec4 AFD - ok
20:48:00.0801 0x0ec4 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
20:48:00.0807 0x0ec4 agp440 - ok
20:48:00.0809 0x0ec4 AGSService - ok
20:48:00.0812 0x0ec4 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
20:48:00.0820 0x0ec4 ALG - ok
20:48:00.0822 0x0ec4 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
20:48:00.0828 0x0ec4 aliide - ok
20:48:00.0830 0x0ec4 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
20:48:00.0835 0x0ec4 amdide - ok
20:48:00.0838 0x0ec4 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
20:48:00.0845 0x0ec4 AmdK8 - ok
20:48:00.0847 0x0ec4 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
20:48:00.0854 0x0ec4 AmdPPM - ok
20:48:00.0858 0x0ec4 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:48:00.0864 0x0ec4 amdsata - ok
20:48:00.0869 0x0ec4 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
20:48:00.0877 0x0ec4 amdsbs - ok
20:48:00.0879 0x0ec4 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:48:00.0885 0x0ec4 amdxata - ok
20:48:00.0888 0x0ec4 [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID C:\Windows\system32\drivers\appid.sys
20:48:00.0895 0x0ec4 AppID - ok
20:48:00.0898 0x0ec4 [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:48:00.0904 0x0ec4 AppIDSvc - ok
20:48:00.0907 0x0ec4 [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo C:\Windows\System32\appinfo.dll
20:48:00.0914 0x0ec4 Appinfo - ok
20:48:00.0918 0x0ec4 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
20:48:00.0926 0x0ec4 AppMgmt - ok
20:48:00.0930 0x0ec4 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
20:48:00.0936 0x0ec4 arc - ok
20:48:00.0939 0x0ec4 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:48:00.0946 0x0ec4 arcsas - ok
20:48:00.0953 0x0ec4 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:48:00.0960 0x0ec4 aspnet_state - ok
20:48:00.0962 0x0ec4 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:48:00.0980 0x0ec4 AsyncMac - ok
20:48:00.0983 0x0ec4 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
20:48:00.0988 0x0ec4 atapi - ok
20:48:01.0000 0x0ec4 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:48:01.0015 0x0ec4 AudioEndpointBuilder - ok
20:48:01.0027 0x0ec4 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:48:01.0042 0x0ec4 AudioSrv - ok
20:48:01.0049 0x0ec4 [ 50C3C62FFE6337E6E4F2F01CB07DF63C, CC9C7D2827E872F22A2A79D42195530F61DF6EA6A1C8F520E25DB35537574FAB ] AVP16.0.0 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
20:48:01.0059 0x0ec4 AVP16.0.0 - ok
20:48:01.0063 0x0ec4 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:48:01.0074 0x0ec4 AxInstSV - ok
20:48:01.0082 0x0ec4 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
20:48:01.0095 0x0ec4 b06bdrv - ok
20:48:01.0101 0x0ec4 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:48:01.0111 0x0ec4 b57nd60a - ok
20:48:01.0115 0x0ec4 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
20:48:01.0123 0x0ec4 BDESVC - ok
20:48:01.0125 0x0ec4 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
20:48:01.0143 0x0ec4 Beep - ok
20:48:01.0155 0x0ec4 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
20:48:01.0171 0x0ec4 BFE - ok
20:48:01.0186 0x0ec4 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
20:48:01.0216 0x0ec4 BITS - ok
20:48:01.0219 0x0ec4 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:48:01.0225 0x0ec4 blbdrive - ok
20:48:01.0229 0x0ec4 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:48:01.0235 0x0ec4 bowser - ok
20:48:01.0237 0x0ec4 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
20:48:01.0245 0x0ec4 BrFiltLo - ok
20:48:01.0247 0x0ec4 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
20:48:01.0254 0x0ec4 BrFiltUp - ok
20:48:01.0258 0x0ec4 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
20:48:01.0266 0x0ec4 Browser - ok
20:48:01.0272 0x0ec4 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:48:01.0282 0x0ec4 Brserid - ok
20:48:01.0285 0x0ec4 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:48:01.0293 0x0ec4 BrSerWdm - ok
20:48:01.0295 0x0ec4 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:48:01.0303 0x0ec4 BrUsbMdm - ok
20:48:01.0305 0x0ec4 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:48:01.0311 0x0ec4 BrUsbSer - ok
20:48:01.0314 0x0ec4 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
20:48:01.0322 0x0ec4 BTHMODEM - ok
20:48:01.0326 0x0ec4 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
20:48:01.0345 0x0ec4 bthserv - ok
20:48:01.0349 0x0ec4 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:48:01.0368 0x0ec4 cdfs - ok
20:48:01.0372 0x0ec4 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:48:01.0380 0x0ec4 cdrom - ok
20:48:01.0383 0x0ec4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
20:48:01.0401 0x0ec4 CertPropSvc - ok
20:48:01.0405 0x0ec4 [ 23E65CFFB215D4A2A3DCA8E8A0017E5B, A28772C37BCDE7710600948AA7FAD21EEF01646CC219BD8E3D09B493D2F73243 ] CGVPNCliService C:\Program Files\CyberGhost 5\Service.exe
20:48:01.0410 0x0ec4 CGVPNCliService - ok
20:48:01.0413 0x0ec4 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
20:48:01.0421 0x0ec4 circlass - ok
20:48:01.0428 0x0ec4 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
20:48:01.0439 0x0ec4 CLFS - ok
20:48:01.0443 0x0ec4 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:48:01.0449 0x0ec4 clr_optimization_v2.0.50727_32 - ok
20:48:01.0453 0x0ec4 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:48:01.0459 0x0ec4 clr_optimization_v2.0.50727_64 - ok
20:48:01.0465 0x0ec4 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:48:01.0472 0x0ec4 clr_optimization_v4.0.30319_32 - ok
20:48:01.0476 0x0ec4 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:48:01.0483 0x0ec4 clr_optimization_v4.0.30319_64 - ok
20:48:01.0485 0x0ec4 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
20:48:01.0492 0x0ec4 CmBatt - ok
20:48:01.0494 0x0ec4 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:48:01.0499 0x0ec4 cmdide - ok
20:48:01.0507 0x0ec4 [ B2A6D2A30E93B6F215F74AC7E1733C9C, 960299F7BF2501B46296EDEA050BF30313C17A9B785574B56B79C070BD1B6E1A ] cm_km C:\Windows\system32\DRIVERS\cm_km.sys
20:48:01.0517 0x0ec4 cm_km - ok
20:48:01.0526 0x0ec4 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
20:48:01.0541 0x0ec4 CNG - ok
20:48:01.0543 0x0ec4 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
20:48:01.0549 0x0ec4 Compbatt - ok
20:48:01.0551 0x0ec4 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
20:48:01.0559 0x0ec4 CompositeBus - ok
20:48:01.0561 0x0ec4 COMSysApp - ok
20:48:01.0563 0x0ec4 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:48:01.0568 0x0ec4 crcdisk - ok
20:48:01.0574 0x0ec4 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:48:01.0582 0x0ec4 CryptSvc - ok
20:48:01.0592 0x0ec4 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
20:48:01.0604 0x0ec4 CSC - ok
20:48:01.0617 0x0ec4 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
20:48:01.0632 0x0ec4 CscService - ok
20:48:01.0635 0x0ec4 dbupdate - ok
20:48:01.0636 0x0ec4 dbupdatem - ok
20:48:01.0647 0x0ec4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:48:01.0672 0x0ec4 DcomLaunch - ok
20:48:01.0679 0x0ec4 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
20:48:01.0701 0x0ec4 defragsvc - ok
20:48:01.0705 0x0ec4 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:48:01.0724 0x0ec4 DfsC - ok
20:48:01.0730 0x0ec4 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
20:48:01.0741 0x0ec4 Dhcp - ok
20:48:01.0764 0x0ec4 [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\Windows\system32\diagtrack.dll
20:48:01.0790 0x0ec4 DiagTrack - ok
20:48:01.0797 0x0ec4 [ F1EA0FF09D68FD68DF5B15BF8E2716CA, 851FC0BB8B278E3669090F974FA2618AB86E0EB0B6219F6052E17552CD915D5C ] DirMngr C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
20:48:01.0802 0x0ec4 DirMngr - detected UnsignedFile.Multi.Generic ( 1 )
20:48:01.0802 0x0ec4 Detect skipped due to KSN trusted
20:48:01.0802 0x0ec4 DirMngr - ok
20:48:01.0805 0x0ec4 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
20:48:01.0823 0x0ec4 discache - ok
20:48:01.0826 0x0ec4 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
20:48:01.0833 0x0ec4 Disk - ok
20:48:01.0836 0x0ec4 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
20:48:01.0843 0x0ec4 dmvsc - ok
20:48:01.0848 0x0ec4 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:48:01.0857 0x0ec4 Dnscache - ok
20:48:01.0862 0x0ec4 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
20:48:01.0883 0x0ec4 dot3svc - ok
20:48:01.0887 0x0ec4 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
20:48:01.0907 0x0ec4 DPS - ok
20:48:01.0909 0x0ec4 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:48:01.0915 0x0ec4 drmkaud - ok
20:48:01.0931 0x0ec4 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:48:01.0950 0x0ec4 DXGKrnl - ok
20:48:01.0954 0x0ec4 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
20:48:01.0974 0x0ec4 EapHost - ok
20:48:02.0024 0x0ec4 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
20:48:02.0074 0x0ec4 ebdrv - ok
20:48:02.0079 0x0ec4 [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] EFS C:\Windows\System32\lsass.exe
20:48:02.0085 0x0ec4 EFS - ok
20:48:02.0098 0x0ec4 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:48:02.0114 0x0ec4 ehRecvr - ok
20:48:02.0118 0x0ec4 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
20:48:02.0126 0x0ec4 ehSched - ok
20:48:02.0137 0x0ec4 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:48:02.0149 0x0ec4 elxstor - ok
20:48:02.0152 0x0ec4 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:48:02.0158 0x0ec4 ErrDev - ok
20:48:02.0167 0x0ec4 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
20:48:02.0191 0x0ec4 EventSystem - ok
20:48:02.0197 0x0ec4 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
20:48:02.0216 0x0ec4 exfat - ok
20:48:02.0222 0x0ec4 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:48:02.0243 0x0ec4 fastfat - ok
20:48:02.0255 0x0ec4 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
20:48:02.0270 0x0ec4 Fax - ok
20:48:02.0273 0x0ec4 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
20:48:02.0279 0x0ec4 fdc - ok
20:48:02.0281 0x0ec4 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
20:48:02.0299 0x0ec4 fdPHost - ok
20:48:02.0302 0x0ec4 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
20:48:02.0320 0x0ec4 FDResPub - ok
20:48:02.0323 0x0ec4 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:48:02.0329 0x0ec4 FileInfo - ok
20:48:02.0332 0x0ec4 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:48:02.0350 0x0ec4 Filetrace - ok
20:48:02.0353 0x0ec4 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
20:48:02.0359 0x0ec4 flpydisk - ok
20:48:02.0365 0x0ec4 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:48:02.0375 0x0ec4 FltMgr - ok
20:48:02.0394 0x0ec4 [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache C:\Windows\system32\FntCache.dll
20:48:02.0416 0x0ec4 FontCache - ok
20:48:02.0420 0x0ec4 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:48:02.0425 0x0ec4 FontCache3.0.0.0 - ok
20:48:02.0427 0x0ec4 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:48:02.0433 0x0ec4 FsDepends - ok
20:48:02.0435 0x0ec4 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:48:02.0441 0x0ec4 Fs_Rec - ok
20:48:02.0446 0x0ec4 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:48:02.0456 0x0ec4 fvevol - ok
20:48:02.0459 0x0ec4 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:48:02.0465 0x0ec4 gagp30kx - ok
20:48:02.0484 0x0ec4 [ B17D0BDBDDF4BD4709D6CA3147D409C0, B83F0D9891190226D2D7D50DE27B61B5FC04B6942C37B78856C45B3309527D9B ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
20:48:02.0504 0x0ec4 GfExperienceService - ok
20:48:02.0519 0x0ec4 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
20:48:02.0547 0x0ec4 gpsvc - ok
20:48:02.0552 0x0ec4 [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:48:02.0559 0x0ec4 gupdate - ok
20:48:02.0562 0x0ec4 [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:48:02.0569 0x0ec4 gupdatem - ok
20:48:02.0572 0x0ec4 [ 1854F72C219F72DB49698405520F3638, BEA6C02D947465C9FAE478DF4DCFC08C07B308DD28AA602E2D73690DA669CB1B ] hcmon C:\Windows\system32\drivers\hcmon.sys
20:48:02.0577 0x0ec4 hcmon - ok
20:48:02.0580 0x0ec4 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:48:02.0586 0x0ec4 hcw85cir - ok
20:48:02.0593 0x0ec4 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:48:02.0605 0x0ec4 HdAudAddService - ok
20:48:02.0609 0x0ec4 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
20:48:02.0618 0x0ec4 HDAudBus - ok
20:48:02.0621 0x0ec4 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
20:48:02.0627 0x0ec4 HidBatt - ok
20:48:02.0630 0x0ec4 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
20:48:02.0639 0x0ec4 HidBth - ok
20:48:02.0642 0x0ec4 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
20:48:02.0649 0x0ec4 HidIr - ok
20:48:02.0652 0x0ec4 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
20:48:02.0671 0x0ec4 hidserv - ok
20:48:02.0674 0x0ec4 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:48:02.0680 0x0ec4 HidUsb - ok
20:48:02.0683 0x0ec4 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:48:02.0702 0x0ec4 hkmsvc - ok
20:48:02.0708 0x0ec4 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:48:02.0717 0x0ec4 HomeGroupListener - ok
20:48:02.0722 0x0ec4 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:48:02.0731 0x0ec4 HomeGroupProvider - ok
20:48:02.0735 0x0ec4 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:48:02.0741 0x0ec4 HpSAMD - ok
20:48:02.0755 0x0ec4 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:48:02.0771 0x0ec4 HTTP - ok
20:48:02.0782 0x0ec4 [ E5805896A55D4166C20F216249F40FA3, F426BF60D5B916E7A778EF24C49FE1FFE1B2977C2ABD2977FD5C38C6E6CB139F ] HWiNFO32 C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS
20:48:02.0787 0x0ec4 HWiNFO32 - ok
20:48:02.0790 0x0ec4 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:48:02.0795 0x0ec4 hwpolicy - ok
20:48:02.0799 0x0ec4 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8
__________________ --> Matasploit |
|
05.11.2015, 20:51
| #7 | |
| | MatasploitCode:
ATTFilter 042prt.sys 20:48:02.0807 0x0ec4 i8042prt - ok 20:48:02.0815 0x0ec4 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 20:48:02.0826 0x0ec4 iaStorV - ok 20:48:02.0841 0x0ec4 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 20:48:02.0858 0x0ec4 idsvc - ok 20:48:02.0861 0x0ec4 IEEtwCollectorService - ok 20:48:02.0864 0x0ec4 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys 20:48:02.0869 0x0ec4 iirsp - ok 20:48:02.0884 0x0ec4 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll 20:48:02.0902 0x0ec4 IKEEXT - ok 20:48:02.0905 0x0ec4 IntcAzAudAddService - ok 20:48:02.0907 0x0ec4 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys 20:48:02.0913 0x0ec4 intelide - ok 20:48:02.0916 0x0ec4 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 20:48:02.0923 0x0ec4 intelppm - ok 20:48:02.0926 0x0ec4 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll 20:48:02.0946 0x0ec4 IPBusEnum - ok 20:48:02.0949 0x0ec4 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 20:48:02.0968 0x0ec4 IpFilterDriver - ok 20:48:02.0979 0x0ec4 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 20:48:02.0992 0x0ec4 iphlpsvc - ok 20:48:02.0996 0x0ec4 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 20:48:03.0003 0x0ec4 IPMIDRV - ok 20:48:03.0007 0x0ec4 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys 20:48:03.0026 0x0ec4 IPNAT - ok 20:48:03.0028 0x0ec4 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys 20:48:03.0037 0x0ec4 IRENUM - ok 20:48:03.0039 0x0ec4 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys 20:48:03.0044 0x0ec4 isapnp - ok 20:48:03.0051 0x0ec4 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 20:48:03.0059 0x0ec4 iScsiPrt - ok 20:48:03.0062 0x0ec4 [ 6BCEF45131C8B8E1C558BE540B190B3C, DFFED7FD9DCC15808184E65065DE6138FE010AC01217E5016B2D20A5B89AC570 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys 20:48:03.0067 0x0ec4 iusb3hcs - ok 20:48:03.0074 0x0ec4 [ F080EADA8715F811B58BD35BB774F2F9, 06D5A70CBA89561A71B9CB64D7A298767F098395411A7022F414C7D0AC89A44D ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys 20:48:03.0083 0x0ec4 iusb3hub - ok 20:48:03.0097 0x0ec4 [ 0F1756D9396740F053221FA6260FCE66, 0B722BF6BCF66BBD49DE0E92555742976AB33319CF504461A50181BF7A77E886 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys 20:48:03.0112 0x0ec4 iusb3xhc - ok 20:48:03.0116 0x0ec4 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 20:48:03.0122 0x0ec4 kbdclass - ok 20:48:03.0124 0x0ec4 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 20:48:03.0130 0x0ec4 kbdhid - ok 20:48:03.0132 0x0ec4 [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] KeyIso C:\Windows\system32\lsass.exe 20:48:03.0139 0x0ec4 KeyIso - ok 20:48:03.0148 0x0ec4 [ BEE1682DA217A4AD46C36896769AA580, 4D853D78E459F7BFE4F4217FCAD47CDACFAC19C2F6CF8261FBAA46BDB387FFDC ] kl1 C:\Windows\system32\DRIVERS\kl1.sys 20:48:03.0160 0x0ec4 kl1 - ok 20:48:03.0163 0x0ec4 [ 86F40D79CE80ACBE6BEBAC8CE89D75A0, 8B800425160D1AF3C32EF7B5CA794658EE09CD3EE782473D8D38E1C7706076B3 ] klbackupdisk C:\Windows\system32\DRIVERS\klbackupdisk.sys 20:48:03.0170 0x0ec4 klbackupdisk - ok 20:48:03.0173 0x0ec4 [ C80861511ADA03A65DC12FAA207592F8, 2B50E009DB0D050099E558B7510104B930966EE8BB94CC0F62D1BFD765D5C7AD ] klbackupflt C:\Windows\system32\DRIVERS\klbackupflt.sys 20:48:03.0181 0x0ec4 klbackupflt - ok 20:48:03.0190 0x0ec4 [ 1557DF622127972EDB3DD3A61E7763CC, F6E8F31760B549B882180EB6FB45B40CA6CEDC5E61B11E02609C26E053F7C902 ] kldisk C:\Windows\system32\DRIVERS\kldisk.sys 20:48:03.0197 0x0ec4 kldisk - ok 20:48:03.0201 0x0ec4 [ DE7D2DEDE9C9D5219AA439172BA8D21C, B4573553DF8605A6C9417683B6AA12A596E8777175C39567B91BF03CE895D625 ] klflt C:\Windows\system32\DRIVERS\klflt.sys 20:48:03.0210 0x0ec4 klflt - ok 20:48:03.0216 0x0ec4 [ C62B714428FD30DD7B3115566C3F470B, 991CA0FCA02D744BAB29FF3F0029BC99EF85C7D8B8024EF5EF51589639191B05 ] klhk C:\Windows\system32\DRIVERS\klhk.sys 20:48:03.0224 0x0ec4 klhk - ok 20:48:03.0240 0x0ec4 [ 11586A6A85FF124F53E1435A34DD1707, 6291C3519EA53ACAA0594DAF4EDA41E1201F6CA9C7B0EF0B54CEF7BDB5DCD080 ] KLIF C:\Windows\system32\DRIVERS\klif.sys 20:48:03.0259 0x0ec4 KLIF - ok 20:48:03.0262 0x0ec4 [ 3553584440A11136C899B67ACC8CBE9D, B3D6D2E78B0FF0AF5A98E708D977978EA81E99D78F2E9CA2145B466AB4B11342 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys 20:48:03.0268 0x0ec4 KLIM6 - ok 20:48:03.0271 0x0ec4 [ 22C4E9381C60DA78161FA042FDBA6873, B6CC05C1401E788BCCC8CF668216D9B78A8B51409D3CFBF419047933195062E0 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys 20:48:03.0277 0x0ec4 klkbdflt - ok 20:48:03.0278 0x0ec4 klkbdflt2 - ok 20:48:03.0281 0x0ec4 [ D792857D47B8DF5BFEC02534C1933BE2, BDD483FA8E2DC50DB4E54D475867455F0D7E115494E2A31CD27A065C7EC26951 ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys 20:48:03.0287 0x0ec4 klmouflt - ok 20:48:03.0290 0x0ec4 [ F610F5F17BC87D61EF8954CCD793BAE4, A77FE26B4A474FE799C3D569BDD7858319C57FC14C1BB43ECFAB1FDB19AF5DC6 ] klpd C:\Windows\system32\DRIVERS\klpd.sys 20:48:03.0297 0x0ec4 klpd - ok 20:48:03.0299 0x0ec4 [ B36DEE2A91F9388C4D3ED744592DE81D, 78D64539A375C80250FB9FA5E1DDA208B331A85916E19ED1353623DDF750EC58 ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys 20:48:03.0306 0x0ec4 kltdi - ok 20:48:03.0309 0x0ec4 [ 2AA3537309C2B9A7F120FB9E6A38250A, 6FD904542E0A21C4D6E46FB3EE11789938B90151D24531EB5319E62759D225DF ] Klwtp C:\Windows\system32\DRIVERS\klwtp.sys 20:48:03.0316 0x0ec4 Klwtp - ok 20:48:03.0321 0x0ec4 [ 1686DE8288052316EFDD49EEA8929065, AD43D6ACCD8693BD76F218E1A4EE088BA061C1309A3E7DAA7EC94D875985D895 ] kneps C:\Windows\system32\DRIVERS\kneps.sys 20:48:03.0329 0x0ec4 kneps - ok 20:48:03.0332 0x0ec4 [ 3A8C03156C3E31E70EF84E48CA179B46, E25E43D53BB6EE1B5F34C95B4FAD111B37A36367B8D047B10FC614DEE13658E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 20:48:03.0339 0x0ec4 KSecDD - ok 20:48:03.0343 0x0ec4 [ C6330F7C2E92A00E6773E82F79078AFC, D8B851BF4FCE85F2A269F0B46BC7EC5A118FCFDACE8460E7B54C1A7CE306774A ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 20:48:03.0351 0x0ec4 KSecPkg - ok 20:48:03.0353 0x0ec4 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 20:48:03.0372 0x0ec4 ksthunk - ok 20:48:03.0379 0x0ec4 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll 20:48:03.0402 0x0ec4 KtmRm - ok 20:48:03.0408 0x0ec4 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll 20:48:03.0429 0x0ec4 LanmanServer - ok 20:48:03.0433 0x0ec4 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 20:48:03.0453 0x0ec4 LanmanWorkstation - ok 20:48:03.0456 0x0ec4 [ 17325C9B9ADB2BB99049936D0C9812C8, 70ADDC85FD5757BC9C4B97F382B25A19851FF8275021FFC04A81E208A604F83E ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys 20:48:03.0465 0x0ec4 LGBusEnum - ok 20:48:03.0468 0x0ec4 [ 2D7F1C02B94D6F0F3E10107E5EA8E141, 93B266F38C3C3EAAB475D81597ABBD7CC07943035068BB6FD670DBBE15DE0131 ] LGCoreTemp C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys 20:48:03.0473 0x0ec4 LGCoreTemp - ok 20:48:03.0476 0x0ec4 [ C7AF05942E041D4B1F345ACF79993BB3, E8FAAE356C99A11F6CF17640FD9C67F87AFBFEFB70C458CB85178F2AD94DF848 ] LGJoyXlCore C:\Windows\system32\drivers\LGJoyXlCore.sys 20:48:03.0485 0x0ec4 LGJoyXlCore - ok 20:48:03.0487 0x0ec4 [ 1DDB8DE3D6EEF31EDCF4977B2D2FAACC, 24291B522A596E2D9A1CDAC192DB1C7422D5DD0E87E5C8A5F5E2CAA90296BF23 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys 20:48:03.0495 0x0ec4 LGVirHid - ok 20:48:03.0498 0x0ec4 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 20:48:03.0516 0x0ec4 lltdio - ok 20:48:03.0523 0x0ec4 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll 20:48:03.0545 0x0ec4 lltdsvc - ok 20:48:03.0547 0x0ec4 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll 20:48:03.0566 0x0ec4 lmhosts - ok 20:48:03.0571 0x0ec4 [ 7E74CE69AEF2F66F037E9000AF1209FB, AF5407AB507EB5F01167D4EFA0B235510F26287159C4594FB3B9CB2D086BDD6E ] LogiRegistryService C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe 20:48:03.0578 0x0ec4 LogiRegistryService - ok 20:48:03.0583 0x0ec4 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 20:48:03.0589 0x0ec4 LSI_FC - ok 20:48:03.0593 0x0ec4 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 20:48:03.0599 0x0ec4 LSI_SAS - ok 20:48:03.0602 0x0ec4 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 20:48:03.0608 0x0ec4 LSI_SAS2 - ok 20:48:03.0612 0x0ec4 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 20:48:03.0618 0x0ec4 LSI_SCSI - ok 20:48:03.0622 0x0ec4 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys 20:48:03.0641 0x0ec4 luafv - ok 20:48:03.0643 0x0ec4 [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector C:\Windows\system32\drivers\mbam.sys 20:48:03.0648 0x0ec4 MBAMProtector - ok 20:48:03.0672 0x0ec4 [ AB176B9E59C0435499D83047D84EDD59, 85B826A3972CE9AD885313B69B9C60328B850257667D0EB65DDE890D0BB06361 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe 20:48:03.0697 0x0ec4 MBAMScheduler - ok 20:48:03.0717 0x0ec4 [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe 20:48:03.0736 0x0ec4 MBAMService - ok 20:48:03.0740 0x0ec4 [ D61070CFAD43038DC56AEAD9BFE9CE2A, BD77AEF60E7FD2015CB14A464799304359547146C14A47F8D25274ACFA2E42D5 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys 20:48:03.0746 0x0ec4 MBAMWebAccessControl - ok 20:48:03.0748 0x0ec4 MBfilt - ok 20:48:03.0751 0x0ec4 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 20:48:03.0758 0x0ec4 Mcx2Svc - ok 20:48:03.0761 0x0ec4 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys 20:48:03.0766 0x0ec4 megasas - ok 20:48:03.0773 0x0ec4 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 20:48:03.0781 0x0ec4 MegaSR - ok 20:48:03.0784 0x0ec4 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys 20:48:03.0790 0x0ec4 MEIx64 - ok 20:48:03.0793 0x0ec4 Microsoft SharePoint Workspace Audit Service - ok 20:48:03.0795 0x0ec4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll 20:48:03.0814 0x0ec4 MMCSS - ok 20:48:03.0817 0x0ec4 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys 20:48:03.0835 0x0ec4 Modem - ok 20:48:03.0838 0x0ec4 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 20:48:03.0846 0x0ec4 monitor - ok 20:48:03.0848 0x0ec4 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 20:48:03.0854 0x0ec4 mouclass - ok 20:48:03.0856 0x0ec4 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 20:48:03.0862 0x0ec4 mouhid - ok 20:48:03.0866 0x0ec4 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 20:48:03.0872 0x0ec4 mountmgr - ok 20:48:03.0876 0x0ec4 [ C34AB4280614658903BE848CE79ACDB5, 9A943D9B3CF941DAE4EA4E2771B5EC5DA37AB16AD43095EF092B4259D62FF810 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 20:48:03.0883 0x0ec4 MozillaMaintenance - ok 20:48:03.0887 0x0ec4 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys 20:48:03.0894 0x0ec4 mpio - ok 20:48:03.0897 0x0ec4 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 20:48:03.0915 0x0ec4 mpsdrv - ok 20:48:03.0929 0x0ec4 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll 20:48:03.0958 0x0ec4 MpsSvc - ok 20:48:03.0963 0x0ec4 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 20:48:03.0971 0x0ec4 MRxDAV - ok 20:48:03.0975 0x0ec4 [ ACB6782973BD93760D597FC7BB37E692, 9B6EC2858D236DCE61FD5E0247F4D947A5DC484C9C0AABFDAF8270ABA392E787 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 20:48:03.0983 0x0ec4 mrxsmb - ok 20:48:03.0989 0x0ec4 [ 262BF7BB7D0E44CFAA9B12A1E0A6EDF1, CCC3A4CE929C7C8B07C1038BBE8425590CE14F5C37E1D5608978A3AD2F41519C ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 20:48:03.0999 0x0ec4 mrxsmb10 - ok 20:48:04.0003 0x0ec4 [ 8C0376974AA28398FF501E78C04ACB30, 81CE67BE933F67F760A72BF9B581F33BC151D98970765FE4425450A2EF450409 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 20:48:04.0011 0x0ec4 mrxsmb20 - ok 20:48:04.0013 0x0ec4 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys 20:48:04.0018 0x0ec4 msahci - ok 20:48:04.0023 0x0ec4 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys 20:48:04.0029 0x0ec4 msdsm - ok 20:48:04.0034 0x0ec4 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe 20:48:04.0042 0x0ec4 MSDTC - ok 20:48:04.0046 0x0ec4 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys 20:48:04.0064 0x0ec4 Msfs - ok 20:48:04.0066 0x0ec4 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 20:48:04.0084 0x0ec4 mshidkmdf - ok 20:48:04.0085 0x0ec4 MSICDSetup - ok 20:48:04.0088 0x0ec4 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 20:48:04.0093 0x0ec4 msisadrv - ok 20:48:04.0098 0x0ec4 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 20:48:04.0118 0x0ec4 MSiSCSI - ok 20:48:04.0120 0x0ec4 msiserver - ok 20:48:04.0122 0x0ec4 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 20:48:04.0140 0x0ec4 MSKSSRV - ok 20:48:04.0142 0x0ec4 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 20:48:04.0159 0x0ec4 MSPCLOCK - ok 20:48:04.0161 0x0ec4 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 20:48:04.0179 0x0ec4 MSPQM - ok 20:48:04.0187 0x0ec4 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 20:48:04.0197 0x0ec4 MsRPC - ok 20:48:04.0200 0x0ec4 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 20:48:04.0206 0x0ec4 mssmbios - ok 20:48:04.0207 0x0ec4 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 20:48:04.0225 0x0ec4 MSTEE - ok 20:48:04.0227 0x0ec4 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 20:48:04.0234 0x0ec4 MTConfig - ok 20:48:04.0236 0x0ec4 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys 20:48:04.0243 0x0ec4 Mup - ok 20:48:04.0252 0x0ec4 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll 20:48:04.0276 0x0ec4 napagent - ok 20:48:04.0283 0x0ec4 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 20:48:04.0295 0x0ec4 NativeWifiP - ok 20:48:04.0311 0x0ec4 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys 20:48:04.0329 0x0ec4 NDIS - ok 20:48:04.0332 0x0ec4 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 20:48:04.0351 0x0ec4 NdisCap - ok 20:48:04.0353 0x0ec4 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 20:48:04.0371 0x0ec4 NdisTapi - ok 20:48:04.0374 0x0ec4 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 20:48:04.0391 0x0ec4 Ndisuio - ok 20:48:04.0395 0x0ec4 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 20:48:04.0414 0x0ec4 NdisWan - ok 20:48:04.0417 0x0ec4 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 20:48:04.0435 0x0ec4 NDProxy - ok 20:48:04.0437 0x0ec4 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 20:48:04.0456 0x0ec4 NetBIOS - ok 20:48:04.0461 0x0ec4 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 20:48:04.0482 0x0ec4 NetBT - ok 20:48:04.0484 0x0ec4 [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] Netlogon C:\Windows\system32\lsass.exe 20:48:04.0491 0x0ec4 Netlogon - ok 20:48:04.0498 0x0ec4 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll 20:48:04.0521 0x0ec4 Netman - ok 20:48:04.0527 0x0ec4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 20:48:04.0535 0x0ec4 NetMsmqActivator - ok 20:48:04.0539 0x0ec4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 20:48:04.0547 0x0ec4 NetPipeActivator - ok 20:48:04.0556 0x0ec4 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll 20:48:04.0581 0x0ec4 netprofm - ok 20:48:04.0585 0x0ec4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 20:48:04.0593 0x0ec4 NetTcpActivator - ok 20:48:04.0596 0x0ec4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 20:48:04.0604 0x0ec4 NetTcpPortSharing - ok 20:48:04.0607 0x0ec4 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 20:48:04.0613 0x0ec4 nfrd960 - ok 20:48:04.0619 0x0ec4 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll 20:48:04.0630 0x0ec4 NlaSvc - ok 20:48:04.0632 0x0ec4 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys 20:48:04.0650 0x0ec4 Npfs - ok 20:48:04.0653 0x0ec4 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll 20:48:04.0672 0x0ec4 nsi - ok 20:48:04.0674 0x0ec4 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 20:48:04.0692 0x0ec4 nsiproxy - ok 20:48:04.0719 0x0ec4 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 20:48:04.0746 0x0ec4 Ntfs - ok 20:48:04.0749 0x0ec4 NTIOLib_1_0_C - ok 20:48:04.0752 0x0ec4 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys 20:48:04.0770 0x0ec4 Null - ok 20:48:04.0775 0x0ec4 [ D812362E8AF615B521AD4DF19A93BD5A, B1F04122DFE9FCC3FC56BE327D86912D624C89F2EFB9684BE66FC22115D0E19F ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys 20:48:04.0783 0x0ec4 NVHDA - ok 20:48:04.0947 0x0ec4 [ F2D566CF188109B7E1EC955A077B2DAB, E5ACB0F01663786217DFB136DB6BE47F3BF992A3B5E4C2DD10B7276360C8568F ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 20:48:05.0098 0x0ec4 nvlddmkm - ok 20:48:05.0137 0x0ec4 [ C2909BD26906E1D05D77B1D48B48E94A, 5642571FFDBDC63F0E3B1477337103517ABF7C50EBEDA63EF8E162E44C7B2538 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe 20:48:05.0169 0x0ec4 NvNetworkService - ok 20:48:05.0174 0x0ec4 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys 20:48:05.0182 0x0ec4 nvraid - ok 20:48:05.0186 0x0ec4 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys 20:48:05.0194 0x0ec4 nvstor - ok 20:48:05.0197 0x0ec4 [ 60C9EC53F9CFBFBE38E9C79B88A6B19F, D89D6C62AB0A3224D850B639E4D7D7265BF183BEE0C60F27FEDDF0194504B078 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys 20:48:05.0202 0x0ec4 NvStreamKms - ok 20:48:05.0286 0x0ec4 [ 5A773713C332F8760ABB915C24675E8F, DA453D341529B34188D5B235B17BD0FDAE84129539FC212F34B9FCC42DC0549C ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe 20:48:05.0365 0x0ec4 NvStreamSvc - ok 20:48:05.0386 0x0ec4 [ B3635110131D66553E489B8DFCB0DDA2, 4CAA5FA8F564E80CC557C101CA6E64522A8992D1D8406D639D0838450779CB50 ] nvsvc C:\Windows\system32\nvvsvc.exe 20:48:05.0404 0x0ec4 nvsvc - ok 20:48:05.0407 0x0ec4 [ 35DFC12FD7E44B7CB8CCD7E5A2B3975A, 36E0E39646636F6E027691E5C3903C51479B3F707BDEA40F460FD27E357DA14E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys 20:48:05.0414 0x0ec4 nvvad_WaveExtensible - ok 20:48:05.0418 0x0ec4 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 20:48:05.0425 0x0ec4 nv_agp - ok 20:48:05.0428 0x0ec4 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 20:48:05.0435 0x0ec4 ohci1394 - ok 20:48:05.0439 0x0ec4 [ 0227755477E6B0CECE8CFFF2E6AFEDC0, 9D2B615238CAB50BF0B2E74A1A39CC0258E5AF4F03E4582A353B35E16E7D831A ] OpenVPNService C:\Program Files\OpenVPN\bin\openvpnserv.exe 20:48:05.0444 0x0ec4 OpenVPNService - ok 20:48:05.0449 0x0ec4 [ 4965B005492CBA7719E82B71E3245495, 52AD72C05FACC1E0E416A1FA25F34FDD3CB274FAB973BEAAE911A2FACA42B650 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 20:48:05.0456 0x0ec4 ose64 - ok 20:48:05.0531 0x0ec4 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 20:48:05.0602 0x0ec4 osppsvc - ok 20:48:05.0614 0x0ec4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 20:48:05.0626 0x0ec4 p2pimsvc - ok 20:48:05.0635 0x0ec4 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll 20:48:05.0647 0x0ec4 p2psvc - ok 20:48:05.0651 0x0ec4 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys 20:48:05.0659 0x0ec4 Parport - ok 20:48:05.0662 0x0ec4 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys 20:48:05.0668 0x0ec4 partmgr - ok 20:48:05.0673 0x0ec4 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll 20:48:05.0681 0x0ec4 PcaSvc - ok 20:48:05.0686 0x0ec4 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys 20:48:05.0693 0x0ec4 pci - ok 20:48:05.0696 0x0ec4 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys 20:48:05.0701 0x0ec4 pciide - ok 20:48:05.0707 0x0ec4 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 20:48:05.0715 0x0ec4 pcmcia - ok 20:48:05.0717 0x0ec4 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys 20:48:05.0723 0x0ec4 pcw - ok 20:48:05.0734 0x0ec4 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys 20:48:05.0749 0x0ec4 PEAUTH - ok 20:48:05.0772 0x0ec4 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll 20:48:05.0796 0x0ec4 PeerDistSvc - ok 20:48:05.0809 0x0ec4 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe 20:48:05.0816 0x0ec4 PerfHost - ok 20:48:05.0841 0x0ec4 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll 20:48:05.0877 0x0ec4 pla - ok 20:48:05.0886 0x0ec4 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 20:48:05.0898 0x0ec4 PlugPlay - ok 20:48:05.0901 0x0ec4 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 20:48:05.0908 0x0ec4 PNRPAutoReg - ok 20:48:05.0914 0x0ec4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 20:48:05.0925 0x0ec4 PNRPsvc - ok 20:48:05.0934 0x0ec4 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 20:48:05.0960 0x0ec4 PolicyAgent - ok 20:48:05.0965 0x0ec4 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll 20:48:05.0986 0x0ec4 Power - ok 20:48:05.0990 0x0ec4 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 20:48:06.0009 0x0ec4 PptpMiniport - ok 20:48:06.0012 0x0ec4 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys 20:48:06.0019 0x0ec4 Processor - ok 20:48:06.0024 0x0ec4 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll 20:48:06.0034 0x0ec4 ProfSvc - ok 20:48:06.0036 0x0ec4 [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] ProtectedStorage C:\Windows\system32\lsass.exe 20:48:06.0043 0x0ec4 ProtectedStorage - ok 20:48:06.0046 0x0ec4 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys 20:48:06.0066 0x0ec4 Psched - ok 20:48:06.0068 0x0ec4 [ DD3FD48D69F5FBBB21D46D1514C1C2DB, 2B188E3AC4BD9B608D375DD550507717852C2AF7C0F99FFED90098999B9D4F01 ] PSI C:\Windows\system32\DRIVERS\psi_mf_amd64.sys 20:48:06.0073 0x0ec4 PSI - ok 20:48:06.0097 0x0ec4 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 20:48:06.0123 0x0ec4 ql2300 - ok 20:48:06.0128 0x0ec4 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 20:48:06.0135 0x0ec4 ql40xx - ok 20:48:06.0141 0x0ec4 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll 20:48:06.0153 0x0ec4 QWAVE - ok 20:48:06.0156 0x0ec4 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 20:48:06.0165 0x0ec4 QWAVEdrv - ok 20:48:06.0167 0x0ec4 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 20:48:06.0186 0x0ec4 RasAcd - ok 20:48:06.0189 0x0ec4 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 20:48:06.0208 0x0ec4 RasAgileVpn - ok 20:48:06.0211 0x0ec4 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll 20:48:06.0232 0x0ec4 RasAuto - ok 20:48:06.0236 0x0ec4 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 20:48:06.0255 0x0ec4 Rasl2tp - ok 20:48:06.0262 0x0ec4 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll 20:48:06.0285 0x0ec4 RasMan - ok 20:48:06.0289 0x0ec4 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 20:48:06.0308 0x0ec4 RasPppoe - ok 20:48:06.0311 0x0ec4 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 20:48:06.0331 0x0ec4 RasSstp - ok 20:48:06.0338 0x0ec4 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 20:48:06.0359 0x0ec4 rdbss - ok 20:48:06.0362 0x0ec4 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 20:48:06.0369 0x0ec4 rdpbus - ok 20:48:06.0372 0x0ec4 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 20:48:06.0390 0x0ec4 RDPCDD - ok 20:48:06.0396 0x0ec4 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys 20:48:06.0404 0x0ec4 RDPDR - ok 20:48:06.0406 0x0ec4 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 20:48:06.0424 0x0ec4 RDPENCDD - ok 20:48:06.0427 0x0ec4 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 20:48:06.0446 0x0ec4 RDPREFMP - ok 20:48:06.0449 0x0ec4 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 20:48:06.0455 0x0ec4 RdpVideoMiniport - ok 20:48:06.0461 0x0ec4 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 20:48:06.0470 0x0ec4 RDPWD - ok 20:48:06.0476 0x0ec4 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 20:48:06.0484 0x0ec4 rdyboost - ok 20:48:06.0488 0x0ec4 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll 20:48:06.0507 0x0ec4 RemoteAccess - ok 20:48:06.0512 0x0ec4 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll 20:48:06.0533 0x0ec4 RemoteRegistry - ok 20:48:06.0536 0x0ec4 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 20:48:06.0556 0x0ec4 RpcEptMapper - ok 20:48:06.0559 0x0ec4 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe 20:48:06.0565 0x0ec4 RpcLocator - ok 20:48:06.0575 0x0ec4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll 20:48:06.0600 0x0ec4 RpcSs - ok 20:48:06.0604 0x0ec4 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 20:48:06.0623 0x0ec4 rspndr - ok 20:48:06.0635 0x0ec4 [ 6CF9DB101A75360E98659F823852E540, A7D48DF41A831EEF9978B51786EF80DB9CC40602BE66D46CA11BE1548BC2D10C ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 20:48:06.0649 0x0ec4 RTL8167 - ok 20:48:06.0651 0x0ec4 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys 20:48:06.0657 0x0ec4 s3cap - ok 20:48:06.0660 0x0ec4 [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] SamSs C:\Windows\system32\lsass.exe 20:48:06.0666 0x0ec4 SamSs - ok 20:48:06.0670 0x0ec4 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 20:48:06.0676 0x0ec4 sbp2port - ok 20:48:06.0681 0x0ec4 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll 20:48:06.0703 0x0ec4 SCardSvr - ok 20:48:06.0706 0x0ec4 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 20:48:06.0724 0x0ec4 scfilter - ok 20:48:06.0743 0x0ec4 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll 20:48:06.0765 0x0ec4 Schedule - ok 20:48:06.0769 0x0ec4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll 20:48:06.0787 0x0ec4 SCPolicySvc - ok 20:48:06.0792 0x0ec4 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll 20:48:06.0800 0x0ec4 SDRSVC - ok 20:48:06.0803 0x0ec4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys 20:48:06.0809 0x0ec4 secdrv - ok 20:48:06.0811 0x0ec4 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll 20:48:06.0830 0x0ec4 seclogon - ok 20:48:06.0850 0x0ec4 [ 05E383849FA1FBBBC160612B0080618C, 43A33CC6BD24635EE849E89DB4391AB36292DDC0AC407E1B480B6E1DF7FC3BC5 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe 20:48:06.0871 0x0ec4 Secunia PSI Agent - ok 20:48:06.0884 0x0ec4 [ F8173F1454F21C451439CB47EF75830A, CF87917CD061686CD956884D4ED73AA8C0B04B0B7B5BA36BAA4CC4A03C8C0263 ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe 20:48:06.0897 0x0ec4 Secunia Update Agent - ok 20:48:06.0901 0x0ec4 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll 20:48:06.0919 0x0ec4 SENS - ok 20:48:06.0922 0x0ec4 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll 20:48:06.0929 0x0ec4 SensrSvc - ok 20:48:06.0931 0x0ec4 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 20:48:06.0937 0x0ec4 Serenum - ok 20:48:06.0940 0x0ec4 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys 20:48:06.0948 0x0ec4 Serial - ok 20:48:06.0950 0x0ec4 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys 20:48:06.0956 0x0ec4 sermouse - ok 20:48:06.0963 0x0ec4 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll 20:48:06.0982 0x0ec4 SessionEnv - ok 20:48:06.0984 0x0ec4 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 20:48:06.0992 0x0ec4 sffdisk - ok 20:48:06.0994 0x0ec4 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 20:48:07.0002 0x0ec4 sffp_mmc - ok 20:48:07.0004 0x0ec4 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 20:48:07.0011 0x0ec4 sffp_sd - ok 20:48:07.0013 0x0ec4 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 20:48:07.0019 0x0ec4 sfloppy - ok 20:48:07.0027 0x0ec4 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll 20:48:07.0049 0x0ec4 SharedAccess - ok 20:48:07.0058 0x0ec4 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 20:48:07.0081 0x0ec4 ShellHWDetection - ok 20:48:07.0083 0x0ec4 [ 8C61B219882C9C9ECA09BEDB82B0DDB1, 711681040D9CD93D603F55AB8D62371F5D51917C14818F27859E23E2D60EB18F ] silabenm C:\Windows\system32\DRIVERS\silabenm.sys 20:48:07.0090 0x0ec4 silabenm - ok 20:48:07.0093 0x0ec4 [ 2641655FAD6C1EA0F3677978E2BF28C1, E703CE74D09E901BF531589E181DCF95B9C63E09FE1B99E38DEA9EE47EE458BA ] silabser C:\Windows\system32\DRIVERS\silabser.sys 20:48:07.0100 0x0ec4 silabser - ok 20:48:07.0102 0x0ec4 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 20:48:07.0108 0x0ec4 SiSRaid2 - ok 20:48:07.0111 0x0ec4 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 20:48:07.0118 0x0ec4 SiSRaid4 - ok 20:48:07.0124 0x0ec4 [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 20:48:07.0135 0x0ec4 SkypeUpdate - ok 20:48:07.0139 0x0ec4 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys 20:48:07.0159 0x0ec4 Smb - ok 20:48:07.0163 0x0ec4 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 20:48:07.0170 0x0ec4 SNMPTRAP - ok 20:48:07.0173 0x0ec4 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys 20:48:07.0178 0x0ec4 spldr - ok 20:48:07.0189 0x0ec4 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe 20:48:07.0203 0x0ec4 Spooler - ok 20:48:07.0257 0x0ec4 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe 20:48:07.0322 0x0ec4 sppsvc - ok 20:48:07.0329 0x0ec4 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll 20:48:07.0348 0x0ec4 sppuinotify - ok 20:48:07.0357 0x0ec4 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys 20:48:07.0369 0x0ec4 srv - ok 20:48:07.0378 0x0ec4 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 20:48:07.0389 0x0ec4 srv2 - ok 20:48:07.0394 0x0ec4 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 20:48:07.0402 0x0ec4 srvnet - ok 20:48:07.0407 0x0ec4 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 20:48:07.0428 0x0ec4 SSDPSRV - ok 20:48:07.0431 0x0ec4 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll 20:48:07.0451 0x0ec4 SstpSvc - ok 20:48:07.0464 0x0ec4 [ 9DA3B55B17B54789AFB8C657D4ACE4D7, 5E4599E682327E3B8097A88A69ED73F96254A29054744D5DFB782054863F131E ] ss_conn_service C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe 20:48:07.0478 0x0ec4 ss_conn_service - ok 20:48:07.0493 0x0ec4 [ D31201BD8782752BD69DBE1E5DDF9AC5, 98B72690B4E6CC1B694C655DD31CB1FB56B76B62A32CFB748AF78F4C072D9740 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe 20:48:07.0508 0x0ec4 Steam Client Service - ok 20:48:07.0517 0x0ec4 [ EA8F9ED1691A67929421453125D751C1, DD5AC4727AB1C1C4A6579FD2B57EB41C1A4E6926034AB7D7EB05CD04064AAFDF ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 20:48:07.0527 0x0ec4 Stereo Service - ok 20:48:07.0530 0x0ec4 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys 20:48:07.0536 0x0ec4 stexstor - ok 20:48:07.0546 0x0ec4 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll 20:48:07.0563 0x0ec4 stisvc - ok 20:48:07.0566 0x0ec4 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys 20:48:07.0572 0x0ec4 storflt - ok 20:48:07.0574 0x0ec4 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys 20:48:07.0580 0x0ec4 storvsc - ok 20:48:07.0582 0x0ec4 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 20:48:07.0587 0x0ec4 swenum - ok 20:48:07.0597 0x0ec4 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe 20:48:07.0608 0x0ec4 SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 ) 20:48:07.0608 0x0ec4 Detect skipped due to KSN trusted 20:48:07.0608 0x0ec4 SwitchBoard - ok 20:48:07.0618 0x0ec4 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll 20:48:07.0644 0x0ec4 swprv - ok 20:48:07.0647 0x0ec4 [ C3A39C4079305480972D29C44B868C78, 8F1BB75C743256F905EAEDE744B6082C53774C49126875FB4E4FBA30F5478B17 ] Synth3dVsc C:\Windows\system32\drivers\synth3dvsc.sys 20:48:07.0654 0x0ec4 Synth3dVsc - ok 20:48:07.0682 0x0ec4 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll 20:48:07.0711 0x0ec4 SysMain - ok 20:48:07.0716 0x0ec4 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll 20:48:07.0726 0x0ec4 TabletInputService - ok 20:48:07.0729 0x0ec4 [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys 20:48:07.0736 0x0ec4 tap0901 - ok 20:48:07.0742 0x0ec4 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll 20:48:07.0765 0x0ec4 TapiSrv - ok 20:48:07.0768 0x0ec4 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll 20:48:07.0787 0x0ec4 TBS - ok 20:48:07.0816 0x0ec4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 20:48:07.0846 0x0ec4 Tcpip - ok 20:48:07.0877 0x0ec4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 20:48:07.0907 0x0ec4 TCPIP6 - ok 20:48:07.0912 0x0ec4 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 20:48:07.0919 0x0ec4 tcpipreg - ok 20:48:07.0922 0x0ec4 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 20:48:07.0928 0x0ec4 TDPIPE - ok 20:48:07.0930 0x0ec4 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 20:48:07.0936 0x0ec4 TDTCP - ok 20:48:07.0940 0x0ec4 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys 20:48:07.0947 0x0ec4 tdx - ok 20:48:07.0950 0x0ec4 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 20:48:07.0956 0x0ec4 TermDD - ok 20:48:07.0958 0x0ec4 [ EF4469AB69EB15E5D3754E6AEAFBCD3D, 3609214C3D5181364B544EBF17E9A109952BE1C4C35BE0A8727BFA8F49ECB130 ] terminpt C:\Windows\system32\drivers\terminpt.sys 20:48:07.0964 0x0ec4 terminpt - ok 20:48:07.0976 0x0ec4 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll 20:48:07.0991 0x0ec4 TermService - ok 20:48:07.0994 0x0ec4 [ 9201BE2BAB8A9FF8E20D8439AE3BB04D, D973C4FE5B8D02B15476D72B49105840A04DBFF8BCB77117C0354D046E6C02FB ] Themes C:\Windows\system32\themeservice.dll 20:48:07.0998 0x0ec4 Themes - detected UnsignedFile.Multi.Generic ( 1 ) 20:48:07.0998 0x0ec4 Detect skipped due to KSN trusted 20:48:07.0998 0x0ec4 Themes - ok 20:48:08.0001 0x0ec4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll 20:48:08.0019 0x0ec4 THREADORDER - ok 20:48:08.0023 0x0ec4 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll 20:48:08.0042 0x0ec4 TrkWks - ok 20:48:08.0047 0x0ec4 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 20:48:08.0067 0x0ec4 TrustedInstaller - ok 20:48:08.0071 0x0ec4 [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 20:48:08.0078 0x0ec4 tssecsrv - ok 20:48:08.0080 0x0ec4 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 20:48:08.0087 0x0ec4 TsUsbFlt - ok 20:48:08.0089 0x0ec4 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 20:48:08.0095 0x0ec4 TsUsbGD - ok 20:48:08.0099 0x0ec4 [ E1748D04AE40118B62BC18AC86032192, A954B141D1B27272C771D14F3B40C7CC1F572DD72559F2C96182EFBE2B095FDE ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys 20:48:08.0106 0x0ec4 tsusbhub - ok 20:48:08.0110 0x0ec4 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 20:48:08.0129 0x0ec4 tunnel - ok 20:48:08.0132 0x0ec4 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 20:48:08.0138 0x0ec4 uagp35 - ok 20:48:08.0145 0x0ec4 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 20:48:08.0167 0x0ec4 udfs - ok 20:48:08.0171 0x0ec4 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe 20:48:08.0197 0x0ec4 UI0Detect - ok 20:48:08.0206 0x0ec4 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 20:48:08.0213 0x0ec4 uliagpkx - ok 20:48:08.0216 0x0ec4 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys 20:48:08.0223 0x0ec4 umbus - ok 20:48:08.0225 0x0ec4 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys 20:48:08.0232 0x0ec4 UmPass - ok 20:48:08.0237 0x0ec4 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll 20:48:08.0247 0x0ec4 UmRdpService - ok 20:48:08.0252 0x0ec4 [ 20E2D894031B5769482148A4166B29A0, 338CEF86430998AE3E6A8FF0A3B13374A9A240F2E39AEDEC5BA549DAF8550F7B ] Unchecky C:\Program Files (x86)\Unchecky\bin\Unchecky_svc.exe 20:48:08.0260 0x0ec4 Unchecky - ok 20:48:08.0260 0x0ec4 Object required for P2P: [ 20E2D894031B5769482148A4166B29A0 ] Unchecky 20:48:11.0112 0x0ec4 Object send P2P result: true 20:48:11.0120 0x0ec4 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll 20:48:11.0143 0x0ec4 upnphost - ok 20:48:11.0148 0x0ec4 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 20:48:11.0155 0x0ec4 usbaudio - ok 20:48:11.0159 0x0ec4 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 20:48:11.0167 0x0ec4 usbccgp - ok 20:48:11.0170 0x0ec4 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys 20:48:11.0177 0x0ec4 usbcir - ok 20:48:11.0180 0x0ec4 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys 20:48:11.0187 0x0ec4 usbehci - ok 20:48:11.0194 0x0ec4 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 20:48:11.0204 0x0ec4 usbhub - ok 20:48:11.0207 0x0ec4 [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci C:\Windows\system32\drivers\usbohci.sys 20:48:11.0214 0x0ec4 usbohci - ok 20:48:11.0216 0x0ec4 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys 20:48:11.0224 0x0ec4 usbprint - ok 20:48:11.0227 0x0ec4 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 20:48:11.0234 0x0ec4 USBSTOR - ok 20:48:11.0236 0x0ec4 [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 20:48:11.0243 0x0ec4 usbuhci - ok 20:48:11.0245 0x0ec4 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll 20:48:11.0264 0x0ec4 UxSms - ok 20:48:11.0267 0x0ec4 [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] VaultSvc C:\Windows\system32\lsass.exe 20:48:11.0273 0x0ec4 VaultSvc - ok 20:48:11.0275 0x0ec4 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 20:48:11.0281 0x0ec4 vdrvroot - ok 20:48:11.0291 0x0ec4 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe 20:48:11.0316 0x0ec4 vds - ok 20:48:11.0318 0x0ec4 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 20:48:11.0326 0x0ec4 vga - ok 20:48:11.0328 0x0ec4 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys 20:48:11.0345 0x0ec4 VgaSave - ok 20:48:11.0347 0x0ec4 VGPU - ok 20:48:11.0353 0x0ec4 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 20:48:11.0360 0x0ec4 vhdmp - ok 20:48:11.0363 0x0ec4 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys 20:48:11.0368 0x0ec4 viaide - ok 20:48:11.0372 0x0ec4 [ C7C74D057890D93C3F9FA13874ED696E, 9532B9F4831293FB7BDEAA1B02372DDB6DC9899395CAC1DAE93EAA459DA4E682 ] VMAuthdService C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe 20:48:11.0377 0x0ec4 VMAuthdService - ok 20:48:11.0383 0x0ec4 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys 20:48:11.0391 0x0ec4 vmbus - ok 20:48:11.0393 0x0ec4 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys 20:48:11.0399 0x0ec4 VMBusHID - ok 20:48:11.0402 0x0ec4 [ 23B3E571717D59C8B0A6963B79061B57, B41BF84972DE78FDD9FA1D69D0514FEABB238321A29608A5304D97EB6CC02B3F ] vmci C:\Windows\system32\DRIVERS\vmci.sys 20:48:11.0408 0x0ec4 vmci - ok 20:48:11.0410 0x0ec4 [ A3412EC3FF7A5AC2CA3A3951476BFA9C, 8A3D241168205B6B5348F44DF89875067CDD5B29BE8CF14ADA8403225AE2A379 ] VMnetAdapter C:\Windows\system32\DRIVERS\vmnetadapter.sys 20:48:11.0415 0x0ec4 VMnetAdapter - ok 20:48:11.0418 0x0ec4 [ F76AD463DBE8D30CB715A09DF9FF2BE9, 5B2184582496ED0EE8582C6AD3BCF49674690C585439B6F57B43ADC12DF941F6 ] VMnetBridge C:\Windows\system32\DRIVERS\vmnetbridge.sys 20:48:11.0423 0x0ec4 VMnetBridge - ok 20:48:11.0430 0x0ec4 [ 5AA028983A9E31F166C823213E09D831, E417A2A7E4A77E96F819EF1FCA0156AE01807825C0EE0817E649FE6C0D41A4BE ] VMnetDHCP C:\Windows\SysWOW64\vmnetdhcp.exe 20:48:11.0440 0x0ec4 VMnetDHCP - ok 20:48:11.0443 0x0ec4 [ 3E90D3D63FF1E7C8D96C22C0634FBAE7, 469EB9597FE396FCA4ADA49C66DF0ED0F9D5C780F9321D525A6A2B99B59385DD ] VMnetuserif C:\Windows\system32\drivers\vmnetuserif.sys 20:48:11.0448 0x0ec4 VMnetuserif - ok 20:48:11.0450 0x0ec4 [ 3B4671ADF5514FECCD6ACC511E2132D6, 496730A7DB3C50715C0596647887E979460D8ADA492C5EFC74A3D3BE04EEAFCA ] VMparport C:\Windows\system32\drivers\VMparport.sys 20:48:11.0455 0x0ec4 VMparport - ok 20:48:11.0458 0x0ec4 [ 5C33E873349CF67272A8B342AC963A6E, 9CB419F422C88C0055440E1AF94716C537E9D9CD34DF6F2AE81C3D2CDDD1FD31 ] vmusb C:\Windows\system32\DRIVERS\vmusb.sys 20:48:11.0463 0x0ec4 vmusb - ok 20:48:11.0479 0x0ec4 [ 60F09F58C27924548F6627BF3A4111FE, 8357FDFB6574DCB2C036851CAC9A8E4659432FF1CDDBFA8195417CD975B52EF6 ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe 20:48:11.0495 0x0ec4 VMUSBArbService - ok 20:48:11.0504 0x0ec4 [ FE3F73C95BCDBB97CE8AF594C3EEE4CA, 69A722D67B96593CB4DEE59C99A594A1D91B176153AF923A7D4B3CAB98C7F46D ] VMware NAT Service C:\Windows\SysWOW64\vmnat.exe 20:48:11.0515 0x0ec4 VMware NAT Service - ok 20:48:11.0518 0x0ec4 [ 9EA0F4084FE4FA67BE7496503C26AA85, F8700AC5B5A02F071ABE6AFFAD3A68D8BFE911C92E0F70E7F4EF8420199F4F5E ] vmx86 C:\Windows\system32\drivers\vmx86.sys 20:48:11.0523 0x0ec4 vmx86 - ok 20:48:11.0526 0x0ec4 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys 20:48:11.0532 0x0ec4 volmgr - ok 20:48:11.0540 0x0ec4 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 20:48:11.0550 0x0ec4 volmgrx - ok 20:48:11.0556 0x0ec4 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys 20:48:11.0565 0x0ec4 volsnap - ok 20:48:11.0569 0x0ec4 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 20:48:11.0577 0x0ec4 vsmraid - ok 20:48:11.0580 0x0ec4 [ 7639A7B4A8E5204BB37B479C2D1C8934, 2A35B3A7B20EE3F5888A089D1E46A7FD7B2D86AB36D3401A224F7CD39ABE7F27 ] vsock C:\Windows\system32\drivers\vsock.sys 20:48:11.0585 0x0ec4 vsock - ok 20:48:11.0610 0x0ec4 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe 20:48:11.0649 0x0ec4 VSS - ok 20:48:11.0656 0x0ec4 [ 79F4D90FAA0ACC1866F2F3E03E39CA89, EE08BCBF29A7E4AFFF520B8DF067281425F433EC275F8C86CE8F20F000E92E3D ] vssbrigde64 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe 20:48:11.0663 0x0ec4 vssbrigde64 - ok 20:48:11.0665 0x0ec4 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 20:48:11.0673 0x0ec4 vwifibus - ok 20:48:11.0681 0x0ec4 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll 20:48:11.0704 0x0ec4 W32Time - ok 20:48:11.0708 0x0ec4 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 20:48:11.0714 0x0ec4 WacomPen - ok 20:48:11.0717 0x0ec4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 20:48:11.0736 0x0ec4 WANARP - ok 20:48:11.0738 0x0ec4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 20:48:11.0756 0x0ec4 Wanarpv6 - ok 20:48:11.0777 0x0ec4 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 20:48:11.0799 0x0ec4 WatAdminSvc - ok 20:48:11.0823 0x0ec4 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe 20:48:11.0850 0x0ec4 wbengine - ok 20:48:11.0856 0x0ec4 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 20:48:11.0868 0x0ec4 WbioSrvc - ok 20:48:11.0875 0x0ec4 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll 20:48:11.0890 0x0ec4 wcncsvc - ok 20:48:11.0893 0x0ec4 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 20:48:11.0900 0x0ec4 WcsPlugInService - ok 20:48:11.0902 0x0ec4 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys 20:48:11.0907 0x0ec4 Wd - ok 20:48:11.0921 0x0ec4 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 20:48:11.0937 0x0ec4 Wdf01000 - ok 20:48:11.0941 0x0ec4 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll 20:48:11.0949 0x0ec4 WdiServiceHost - ok 20:48:11.0952 0x0ec4 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll 20:48:11.0959 0x0ec4 WdiSystemHost - ok 20:48:11.0965 0x0ec4 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll 20:48:11.0974 0x0ec4 WebClient - ok 20:48:11.0980 0x0ec4 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll 20:48:12.0002 0x0ec4 Wecsvc - ok 20:48:12.0005 0x0ec4 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll 20:48:12.0025 0x0ec4 wercplsupport - ok 20:48:12.0028 0x0ec4 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll 20:48:12.0047 0x0ec4 WerSvc - ok 20:48:12.0049 0x0ec4 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 20:48:12.0067 0x0ec4 WfpLwf - ok 20:48:12.0069 0x0ec4 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys 20:48:12.0075 0x0ec4 WIMMount - ok 20:48:12.0076 0x0ec4 WinDefend - ok 20:48:12.0079 0x0ec4 WinHttpAutoProxySvc - ok 20:48:12.0086 0x0ec4 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 20:48:12.0107 0x0ec4 Winmgmt - ok 20:48:12.0139 0x0ec4 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll 20:48:12.0172 0x0ec4 WinRM - ok 20:48:12.0178 0x0ec4 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 20:48:12.0186 0x0ec4 WinUsb - ok 20:48:12.0202 0x0ec4 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll 20:48:12.0223 0x0ec4 Wlansvc - ok 20:48:12.0225 0x0ec4 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys 20:48:12.0232 0x0ec4 WmiAcpi - ok 20:48:12.0238 0x0ec4 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 20:48:12.0248 0x0ec4 wmiApSrv - ok 20:48:12.0250 0x0ec4 WMPNetworkSvc - ok 20:48:12.0252 0x0ec4 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll 20:48:12.0259 0x0ec4 WPCSvc - ok 20:48:12.0263 0x0ec4 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 20:48:12.0272 0x0ec4 WPDBusEnum - ok 20:48:12.0274 0x0ec4 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 20:48:12.0291 0x0ec4 ws2ifsl - ok 20:48:12.0295 0x0ec4 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll 20:48:12.0305 0x0ec4 wscsvc - ok 20:48:12.0307 0x0ec4 WSearch - ok 20:48:12.0348 0x0ec4 [ 361845875ED8ED13086E7F37265C45DA, A0931DC1E35712036E93BBC3600530C0DA12E94E0D898787C818C526DFF240C2 ] wuauserv C:\Windows\system32\wuaueng.dll 20:48:12.0390 0x0ec4 wuauserv - ok 20:48:12.0396 0x0ec4 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 20:48:12.0403 0x0ec4 WudfPf - ok 20:48:12.0408 0x0ec4 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 20:48:12.0416 0x0ec4 WUDFRd - ok 20:48:12.0420 0x0ec4 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 20:48:12.0427 0x0ec4 wudfsvc - ok 20:48:12.0433 0x0ec4 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll 20:48:12.0443 0x0ec4 WwanSvc - ok 20:48:12.0448 0x0ec4 ================ Scan global =============================== 20:48:12.0450 0x0ec4 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll 20:48:12.0455 0x0ec4 [ 4AD1C61152A0199E3D7F9A82C07AC629, A4A42C7757EB084EE368A6BC4EBAB0C47BE41B0B4119A6AECD1B8E3332A7C5D5 ] C:\Windows\system32\winsrv.dll 20:48:12.0463 0x0ec4 [ 4AD1C61152A0199E3D7F9A82C07AC629, A4A42C7757EB084EE368A6BC4EBAB0C47BE41B0B4119A6AECD1B8E3332A7C5D5 ] C:\Windows\system32\winsrv.dll 20:48:12.0468 0x0ec4 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll 20:48:12.0475 0x0ec4 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe 20:48:12.0479 0x0ec4 [ Global ] - ok 20:48:12.0479 0x0ec4 ================ Scan MBR ================================== 20:48:12.0480 0x0ec4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1 20:48:12.0521 0x0ec4 \Device\Harddisk1\DR1 - ok 20:48:12.0523 0x0ec4 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0 20:48:13.0066 0x0ec4 \Device\Harddisk0\DR0 - ok 20:48:13.0068 0x0ec4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk3\DR3 20:48:13.0798 0x0ec4 \Device\Harddisk3\DR3 - ok 20:48:13.0802 0x0ec4 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2 20:48:13.0826 0x0ec4 \Device\Harddisk2\DR2 - ok 20:48:13.0826 0x0ec4 ================ Scan VBR ================================== 20:48:13.0828 0x0ec4 [ 1D3F44A73CA36E1E80640F5871BBD643 ] \Device\Harddisk1\DR1\Partition1 20:48:13.0829 0x0ec4 \Device\Harddisk1\DR1\Partition1 - ok 20:48:13.0852 0x0ec4 [ D031BA0FE117A35A80A102771F1FFFBB ] \Device\Harddisk1\DR1\Partition2 20:48:13.0854 0x0ec4 \Device\Harddisk1\DR1\Partition2 - ok 20:48:13.0856 0x0ec4 [ 4BCCB2D76E38266C9D5E4D74FD12C847 ] \Device\Harddisk1\DR1\Partition3 20:48:13.0857 0x0ec4 \Device\Harddisk1\DR1\Partition3 - ok 20:48:13.0858 0x0ec4 [ E0360D3C9EA6CAB509B0EA04B220EB5D ] \Device\Harddisk1\DR1\Partition4 20:48:13.0858 0x0ec4 \Device\Harddisk1\DR1\Partition4 - ok 20:48:13.0860 0x0ec4 [ 8954A6719F9F80200697B94F81A6EE9F ] \Device\Harddisk0\DR0\Partition1 20:48:13.0860 0x0ec4 \Device\Harddisk0\DR0\Partition1 - ok 20:48:13.0861 0x0ec4 [ 8191AF4C784A05DF702F98804734C93B ] \Device\Harddisk0\DR0\Partition2 20:48:13.0862 0x0ec4 \Device\Harddisk0\DR0\Partition2 - ok 20:48:13.0863 0x0ec4 [ 2E6B3014E81C8542FEE74E3A2E8E6511 ] \Device\Harddisk0\DR0\Partition3 20:48:13.0864 0x0ec4 \Device\Harddisk0\DR0\Partition3 - ok 20:48:13.0865 0x0ec4 [ 4885CD72A6223F4E0A05D555411DF1BF ] \Device\Harddisk0\DR0\Partition4 20:48:13.0866 0x0ec4 \Device\Harddisk0\DR0\Partition4 - ok 20:48:13.0868 0x0ec4 [ 26F1C294F87FAB37FE867F11B2AD28EA ] \Device\Harddisk3\DR3\Partition1 20:48:13.0869 0x0ec4 \Device\Harddisk3\DR3\Partition1 - ok 20:48:13.0872 0x0ec4 [ B1910A579C7A491979EF3499BC9FCFCB ] \Device\Harddisk3\DR3\Partition2 20:48:13.0873 0x0ec4 \Device\Harddisk3\DR3\Partition2 - ok 20:48:13.0874 0x0ec4 [ 36710D3A487AC34F8978A5916A7457EE ] \Device\Harddisk3\DR3\Partition3 20:48:13.0875 0x0ec4 \Device\Harddisk3\DR3\Partition3 - ok 20:48:13.0876 0x0ec4 [ 210F986CF55834721F32848469737DA2 ] \Device\Harddisk2\DR2\Partition1 20:48:13.0877 0x0ec4 \Device\Harddisk2\DR2\Partition1 - ok 20:48:13.0878 0x0ec4 [ 8AAB89A9CF90C671C825F2901C7413A4 ] \Device\Harddisk2\DR2\Partition2 20:48:13.0878 0x0ec4 \Device\Harddisk2\DR2\Partition2 - ok 20:48:13.0879 0x0ec4 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk2\DR2\Partition3 20:48:13.0880 0x0ec4 \Device\Harddisk2\DR2\Partition3 - ok 20:48:13.0881 0x0ec4 [ 702BE61B101174221C78A6AEB3A59B09 ] \Device\Harddisk2\DR2\Partition4 20:48:13.0882 0x0ec4 \Device\Harddisk2\DR2\Partition4 - ok 20:48:13.0882 0x0ec4 ================ Scan generic autorun ====================== 20:48:13.0923 0x0ec4 [ 6BE70A935DFD72F47C29757305B50B1E, 6E76D7CA8C417750C2AFAD45344F5863CEA7798A2993716E21DE1997789D1746 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe 20:48:13.0963 0x0ec4 NvBackend - ok 20:48:13.0967 0x0ec4 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe 20:48:13.0975 0x0ec4 ShadowPlay - ok 20:48:14.0196 0x0ec4 [ D187A411C9C34F80B4D3AAB97CDB3C0A, 9406914A72D09B0090A263D03AD0E3006C3A30EDBEF0B87C062010AEF2D86B75 ] C:\Program Files\Logitech Gaming Software\LCore.exe 20:48:14.0395 0x0ec4 Launch LCore - ok 20:48:14.0423 0x0ec4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 20:48:14.0445 0x0ec4 Sidebar - ok 20:48:14.0450 0x0ec4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 20:48:14.0460 0x0ec4 mctadmin - ok 20:48:14.0480 0x0ec4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 20:48:14.0502 0x0ec4 Sidebar - ok 20:48:14.0505 0x0ec4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 20:48:14.0516 0x0ec4 mctadmin - ok 20:48:14.0524 0x0ec4 [ B22CB67919EBAD88B0E8BB9CDA446010, 2F744FEAC48EDE7D6B6D2727F7DDFA80B26D9E3B0009741B00992B19AD85E128 ] C:\Windows\System32\StikyNot.exe 20:48:14.0536 0x0ec4 RESTART_STICKY_NOTES - ok 20:48:14.0540 0x0ec4 AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41000 ( enabled : updated ) 20:48:14.0541 0x0ec4 FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41010 ( enabled ) 20:48:17.0658 0x0ec4 ============================================================ 20:48:17.0658 0x0ec4 Scan finished 20:48:17.0658 0x0ec4 ============================================================ 20:48:17.0662 0x125c Detected object count: 0 20:48:17.0662 0x125c Actual detected object count: 0 20:48:30.0521 0x16e0 Deinitialize success
__________________ Zitat:
|
|
06.11.2015, 19:31
| #8 |
| /// the machine /// TB-Ausbilder | Matasploit und MBAR? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
06.11.2015, 21:11
| #9 | |
| | MatasploitCode:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2015.11.06.05
rootkit: v2015.11.04.02
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18059
x4v33r :: X4V33R-PC [administrator]
06.11.2015 20:45:19
mbar-log-2015-11-06 (20-45-19).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 332088
Time elapsed: 6 minute(s), 14 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
__________________ Zitat:
|
|
07.11.2015, 18:45
| #10 |
| /// the machine /// TB-Ausbilder | Matasploit Logs sehen gut aus. Warum denkst Du das mit dem Backdoor?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
07.11.2015, 18:46
| #11 | |
| | Matasploit Weil meine Maus bewegungen macht die sie nicht sollte ! Denke aber jetzt das das der Treiber war.
__________________ Zitat:
|
|
08.11.2015, 07:08
| #12 |
| /// the machine /// TB-Ausbilder | Matasploit Klingt auch logischer
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Matasploit |
| backdoor, meinem, prüfen, zugang |
Linear-Darstellung
