| |
| |||||||
Log-Analyse und Auswertung: Windows 10: Teleom sagt ... ZBot ich sage k.A.Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
27.05.2018, 19:52
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Windows 10: Teleom sagt ... ZBot ich sage k.A. Schädlinge suchen mit Kaspersky TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
 Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
28.05.2018, 22:58
| #17 |
 | Windows 10: Teleom sagt ... ZBot ich sage k.A. TDSKILLER.txt
__________________Code Code:
ATTFilter 23:55:26.0928 0x06a4 TDSS rootkit removing tool 3.1.0.17 Apr 20 2018 12:12:17
23:55:38.0475 0x06a4 ============================================================
23:55:38.0475 0x06a4 Current date / time: 2018/05/28 23:55:38.0475
23:55:38.0475 0x06a4 SystemInfo:
23:55:38.0475 0x06a4
23:55:38.0475 0x06a4 OS Version: 10.0.17134 ServicePack: 0.0
23:55:38.0475 0x06a4 Product type: Workstation
23:55:38.0475 0x06a4 ComputerName: PHILLIPP-PC
23:55:38.0475 0x06a4 UserName: Game
23:55:38.0475 0x06a4 Windows directory: C:\WINDOWS
23:55:38.0475 0x06a4 System windows directory: C:\WINDOWS
23:55:38.0475 0x06a4 Running under WOW64
23:55:38.0475 0x06a4 Processor architecture: Intel x64
23:55:38.0475 0x06a4 Number of processors: 12
23:55:38.0475 0x06a4 Page size: 0x1000
23:55:38.0475 0x06a4 Boot type: Normal boot
23:55:38.0475 0x06a4 CodeIntegrityOptions = 0x00000001
23:55:38.0475 0x06a4 ============================================================
23:55:38.0537 0x06a4 KLMD registered as C:\WINDOWS\system32\drivers\21583230.sys
23:55:38.0537 0x06a4 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 17134.1, osProperties = 0x19
23:55:38.0553 0x06a4 System UUID: {A3FC0414-57A0-E57E-F138-105814DDFCC0}
23:55:38.0631 0x06a4 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:55:38.0662 0x06a4 Drive \Device\Harddisk1\DR1 - Size: 0x950B056000 ( 596.17 Gb ), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:55:39.0334 0x06a4 Drive \Device\Harddisk2\DR2 - Size: 0x3A3817D6000 ( 3726.02 Gb ), SectorSize: 0x200, Cylinders: 0x76C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:55:39.0334 0x06a4 Drive \Device\Harddisk3\DR3 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:55:39.0334 0x06a4 Drive \Device\Harddisk4\DR4 - Size: 0xEF600000 ( 3.74 Gb ), SectorSize: 0x200, Cylinders: 0x1E8, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:55:39.0334 0x06a4 ============================================================
23:55:39.0334 0x06a4 \Device\Harddisk0\DR0:
23:55:39.0334 0x06a4 GPT partitions:
23:55:39.0350 0x06a4 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {7D9956DE-F430-4E11-ACE1-03B709D762C1}, Name: , StartLBA 0x22, BlocksNum 0x40000
23:55:39.0350 0x06a4 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {7C86CFF9-2F70-47CC-9C4D-9BEED9110CC7}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x746C6000
23:55:39.0350 0x06a4 MBR partitions:
23:55:39.0350 0x06a4 \Device\Harddisk1\DR1:
23:55:39.0350 0x06a4 GPT partitions:
23:55:39.0350 0x06a4 \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {FDBBD614-F35D-41CB-8A71-AD37E4129E57}, Name: , StartLBA 0x22, BlocksNum 0x40000
23:55:39.0350 0x06a4 \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {FB1C9552-BAFF-437F-9FD7-DDC573B7F20F}, Name: , StartLBA 0x40800, BlocksNum 0x4A817800
23:55:39.0350 0x06a4 MBR partitions:
23:55:39.0350 0x06a4 \Device\Harddisk2\DR2:
23:55:39.0350 0x06a4 GPT partitions:
23:55:39.0366 0x06a4 \Device\Harddisk2\DR2\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {46A7E330-DD5E-4949-9AC0-F22C734977A0}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
23:55:39.0366 0x06a4 \Device\Harddisk2\DR2\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {51D3BD3A-D2AE-40C8-96CD-FB3C896B1D8A}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0xD1BCB000
23:55:39.0366 0x06a4 MBR partitions:
23:55:39.0366 0x06a4 \Device\Harddisk3\DR3:
23:55:39.0366 0x06a4 MBR partitions:
23:55:39.0366 0x06a4 \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xFA000
23:55:39.0366 0x06a4 \Device\Harddisk3\DR3\Partition2: MBR, Type 0x7, StartLBA 0xFA800, BlocksNum 0x1CFDEB5F
23:55:39.0366 0x06a4 \Device\Harddisk4\DR4:
23:55:39.0366 0x06a4 MBR partitions:
23:55:39.0366 0x06a4 \Device\Harddisk4\DR4\Partition1: MBR, Type 0xC, StartLBA 0x800, BlocksNum 0x77A800
23:55:39.0366 0x06a4 ============================================================
23:55:39.0366 0x06a4 C: <-> \Device\Harddisk3\DR3\Partition2
23:55:39.0381 0x06a4 D: <-> \Device\Harddisk0\DR0\Partition2
23:55:39.0381 0x06a4 E: <-> \Device\Harddisk2\DR2\Partition2
23:55:39.0397 0x06a4 F: <-> \Device\Harddisk1\DR1\Partition2
23:55:39.0397 0x06a4 ============================================================
23:55:39.0397 0x06a4 Initialize success
23:55:39.0397 0x06a4 ============================================================
23:55:51.0397 0x1268 ============================================================
23:55:51.0397 0x1268 Scan started
23:55:51.0397 0x1268 Mode: Manual;
23:55:51.0397 0x1268 ============================================================
23:55:51.0397 0x1268 KSN ping started
23:55:51.0507 0x1268 KSN ping finished: true
23:55:51.0866 0x1268 ================ Scan system memory ========================
23:55:51.0866 0x1268 System memory - ok
23:55:51.0866 0x1268 ================ Scan services =============================
23:55:51.0897 0x1268 1394ohci - ok
23:55:51.0913 0x1268 3ware - ok
23:55:51.0913 0x1268 ACPI - ok
23:55:51.0913 0x1268 AcpiDev - ok
23:55:51.0913 0x1268 acpiex - ok
23:55:51.0913 0x1268 acpipagr - ok
23:55:51.0928 0x1268 AcpiPmi - ok
23:55:51.0928 0x1268 acpitime - ok
23:55:51.0928 0x1268 ADP80XX - ok
23:55:51.0928 0x1268 AFD - ok
23:55:51.0928 0x1268 afunix - ok
23:55:51.0944 0x1268 ahcache - ok
23:55:51.0944 0x1268 AJRouter - ok
23:55:51.0944 0x1268 ALG - ok
23:55:51.0944 0x1268 AmdK8 - ok
23:55:51.0944 0x1268 AmdPPM - ok
23:55:51.0960 0x1268 amdsata - ok
23:55:51.0960 0x1268 amdsbs - ok
23:55:51.0960 0x1268 amdxata - ok
23:55:51.0960 0x1268 AppID - ok
23:55:51.0960 0x1268 AppIDSvc - ok
23:55:51.0960 0x1268 Appinfo - ok
23:55:51.0960 0x1268 applockerfltr - ok
23:55:51.0975 0x1268 AppMgmt - ok
23:55:51.0975 0x1268 AppReadiness - ok
23:55:51.0975 0x1268 AppVClient - ok
23:55:51.0975 0x1268 AppvStrm - ok
23:55:51.0975 0x1268 AppvVemgr - ok
23:55:51.0975 0x1268 AppvVfs - ok
23:55:51.0975 0x1268 AppXSvc - ok
23:55:51.0991 0x1268 arcsas - ok
23:55:51.0991 0x1268 AssignedAccessManagerSvc - ok
23:55:51.0991 0x1268 AsyncMac - ok
23:55:51.0991 0x1268 atapi - ok
23:55:51.0991 0x1268 AudioEndpointBuilder - ok
23:55:51.0991 0x1268 Audiosrv - ok
23:55:52.0007 0x1268 AxInstSV - ok
23:55:52.0007 0x1268 b06bdrv - ok
23:55:52.0007 0x1268 bam - ok
23:55:52.0007 0x1268 BasicDisplay - ok
23:55:52.0007 0x1268 BasicRender - ok
23:55:52.0007 0x1268 BcastDVRUserService - ok
23:55:52.0022 0x1268 bcmfn2 - ok
23:55:52.0022 0x1268 BDESVC - ok
23:55:52.0022 0x1268 Beep - ok
23:55:52.0116 0x1268 [ 3FCB0D709307668907900A6897500742, 751CA6BEB01168723B2FF5A3A3BAD3EC51DF40B82A90ABA9367B72947224C4AD ] BEService C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
23:55:52.0194 0x1268 BEService - ok
23:55:52.0210 0x1268 BFE - ok
23:55:52.0210 0x1268 bindflt - ok
23:55:52.0210 0x1268 BITS - ok
23:55:52.0225 0x1268 BluetoothUserService - ok
23:55:52.0225 0x1268 bowser - ok
23:55:52.0225 0x1268 BrokerInfrastructure - ok
23:55:52.0241 0x1268 Browser - ok
23:55:52.0241 0x1268 BTAGService - ok
23:55:52.0241 0x1268 BthAvctpSvc - ok
23:55:52.0241 0x1268 BthHFEnum - ok
23:55:52.0241 0x1268 BTHMODEM - ok
23:55:52.0241 0x1268 bthserv - ok
23:55:52.0257 0x1268 bttflt - ok
23:55:52.0257 0x1268 buttonconverter - ok
23:55:52.0257 0x1268 CAD - ok
23:55:52.0272 0x1268 camsvc - ok
23:55:52.0272 0x1268 CapImg - ok
23:55:52.0272 0x1268 CaptureService - ok
23:55:52.0272 0x1268 cdfs - ok
23:55:52.0272 0x1268 CDPSvc - ok
23:55:52.0272 0x1268 CDPUserSvc - ok
23:55:52.0272 0x1268 cdrom - ok
23:55:52.0288 0x1268 CertPropSvc - ok
23:55:52.0288 0x1268 cht4iscsi - ok
23:55:52.0288 0x1268 cht4vbd - ok
23:55:52.0288 0x1268 circlass - ok
23:55:52.0288 0x1268 CldFlt - ok
23:55:52.0288 0x1268 CLFS - ok
23:55:52.0288 0x1268 ClipSVC - ok
23:55:52.0303 0x1268 CmBatt - ok
23:55:52.0303 0x1268 CNG - ok
23:55:52.0303 0x1268 cnghwassist - ok
23:55:52.0319 0x1268 CompositeBus - ok
23:55:52.0319 0x1268 COMSysApp - ok
23:55:52.0319 0x1268 condrv - ok
23:55:52.0335 0x1268 CoreMessagingRegistrar - ok
23:55:52.0335 0x1268 CryptSvc - ok
23:55:52.0335 0x1268 CSC - ok
23:55:52.0335 0x1268 CscService - ok
23:55:52.0335 0x1268 dam - ok
23:55:52.0350 0x1268 DcomLaunch - ok
23:55:52.0350 0x1268 defragsvc - ok
23:55:52.0350 0x1268 DeviceAssociationService - ok
23:55:52.0350 0x1268 DeviceInstall - ok
23:55:52.0350 0x1268 DevicePickerUserSvc - ok
23:55:52.0350 0x1268 DevicesFlowUserSvc - ok
23:55:52.0366 0x1268 DevQueryBroker - ok
23:55:52.0366 0x1268 Dfsc - ok
23:55:52.0366 0x1268 Dhcp - ok
23:55:52.0366 0x1268 diagnosticshub.standardcollector.service - ok
23:55:52.0366 0x1268 diagsvc - ok
23:55:52.0366 0x1268 Disk - ok
23:55:52.0382 0x1268 DmEnrollmentSvc - ok
23:55:52.0382 0x1268 dmvsc - ok
23:55:52.0382 0x1268 dmwappushservice - ok
23:55:52.0382 0x1268 Dnscache - ok
23:55:52.0382 0x1268 dot3svc - ok
23:55:52.0382 0x1268 DPS - ok
23:55:52.0382 0x1268 drmkaud - ok
23:55:52.0397 0x1268 DsmSvc - ok
23:55:52.0397 0x1268 DsSvc - ok
23:55:52.0397 0x1268 DusmSvc - ok
23:55:52.0397 0x1268 DXGKrnl - ok
23:55:52.0397 0x1268 [ 46F2739380768186581E58A410E66972, AEDED6A5696F6273F79353B5BFCB806271154F92E94B40748605BC4C54A9B22F ] e2xw10x64 C:\WINDOWS\System32\drivers\e2xw10x64.sys
23:55:52.0413 0x1268 e2xw10x64 - ok
23:55:52.0413 0x1268 Eaphost - ok
23:55:52.0428 0x1268 [ BC7F1AE189694432A3FA7BE058C31182, C13F2DADA8C06E8EEF27737F999C2D090C7D4CE8FF2D53D4D36D7A5BD61FCC96 ] EasyAntiCheat C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
23:55:52.0444 0x1268 EasyAntiCheat - ok
23:55:52.0444 0x1268 ebdrv - ok
23:55:52.0444 0x1268 EFS - ok
23:55:52.0444 0x1268 EhStorClass - ok
23:55:52.0444 0x1268 EhStorTcgDrv - ok
23:55:52.0444 0x1268 [ 3937E1CB2EBCE950D412DC7140D9C0D0, 607DC751CCB6EDF727E4174C44AB6165E9D57DF35DB91D2F8B973D79BC20A1C6 ] ElgatoVAD C:\WINDOWS\system32\DRIVERS\ElgatoVAD.sys
23:55:52.0460 0x1268 ElgatoVAD - ok
23:55:52.0460 0x1268 embeddedmode - ok
23:55:52.0460 0x1268 EntAppSvc - ok
23:55:52.0460 0x1268 ErrDev - ok
23:55:52.0460 0x1268 EventSystem - ok
23:55:52.0460 0x1268 exfat - ok
23:55:52.0460 0x1268 fastfat - ok
23:55:52.0475 0x1268 Fax - ok
23:55:52.0475 0x1268 fdc - ok
23:55:52.0475 0x1268 fdPHost - ok
23:55:52.0491 0x1268 FDResPub - ok
23:55:52.0491 0x1268 fhsvc - ok
23:55:52.0491 0x1268 FileCrypt - ok
23:55:52.0491 0x1268 FileInfo - ok
23:55:52.0491 0x1268 Filetrace - ok
23:55:52.0507 0x1268 flpydisk - ok
23:55:52.0507 0x1268 FltMgr - ok
23:55:52.0507 0x1268 FontCache - ok
23:55:52.0507 0x1268 FontCache3.0.0.0 - ok
23:55:52.0507 0x1268 FrameServer - ok
23:55:52.0507 0x1268 FsDepends - ok
23:55:52.0507 0x1268 Fs_Rec - ok
23:55:52.0522 0x1268 fvevol - ok
23:55:52.0522 0x1268 gencounter - ok
23:55:52.0522 0x1268 genericusbfn - ok
23:55:52.0522 0x1268 GPIOClx0101 - ok
23:55:52.0522 0x1268 gpsvc - ok
23:55:52.0522 0x1268 GpuEnergyDrv - ok
23:55:52.0522 0x1268 GraphicsPerfSvc - ok
23:55:52.0538 0x1268 HdAudAddService - ok
23:55:52.0538 0x1268 HDAudBus - ok
23:55:52.0538 0x1268 HidBatt - ok
23:55:52.0538 0x1268 HidBth - ok
23:55:52.0538 0x1268 hidi2c - ok
23:55:52.0538 0x1268 hidinterrupt - ok
23:55:52.0553 0x1268 HidIr - ok
23:55:52.0553 0x1268 hidserv - ok
23:55:52.0553 0x1268 HidUsb - ok
23:55:52.0569 0x1268 [ 7D2A63C3CFD2714D153EFCBF412AB7CC, 7448580C09E2CD521BF1E16F0CC88CFEADFCC7232CA50A8E091714DFD2EF7CAE ] HPM1210RcvFaxSrvc C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe
23:55:52.0569 0x1268 HPM1210RcvFaxSrvc - ok
23:55:52.0569 0x1268 HpSAMD - ok
23:55:52.0569 0x1268 [ FE775928DD2365EAD4EA35586FDB2BBF, 0AE4CFC306140BDD9D776E609E355E5C23EF9B7878700927DE6A77E43ADE9537 ] HPSIService C:\WINDOWS\system32\HPSIsvc.exe
23:55:52.0632 0x1268 HPSIService - ok
23:55:52.0632 0x1268 HTTP - ok
23:55:52.0632 0x1268 hvcrash - ok
23:55:52.0647 0x1268 HvHost - ok
23:55:52.0647 0x1268 hvservice - ok
23:55:52.0663 0x1268 [ EF558A02D734A1403583E95CCEEC2487, F0D052DAF48A62E4A90D067BFCB5EE9563804DE68D0EA82E0E11C8D16AD19D29 ] HWiNFO32 C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS
23:55:52.0663 0x1268 HWiNFO32 - ok
23:55:52.0663 0x1268 HwNClx0101 - ok
23:55:52.0663 0x1268 hwpolicy - ok
23:55:52.0663 0x1268 hyperkbd - ok
23:55:52.0663 0x1268 HyperVideo - ok
23:55:52.0663 0x1268 i8042prt - ok
23:55:52.0678 0x1268 iagpio - ok
23:55:52.0678 0x1268 iai2c - ok
23:55:52.0678 0x1268 iaLPSS2i_GPIO2 - ok
23:55:52.0678 0x1268 iaLPSS2i_GPIO2_BXT_P - ok
23:55:52.0678 0x1268 iaLPSS2i_I2C - ok
23:55:52.0678 0x1268 iaLPSS2i_I2C_BXT_P - ok
23:55:52.0694 0x1268 iaLPSSi_GPIO - ok
23:55:52.0694 0x1268 iaLPSSi_I2C - ok
23:55:52.0710 0x1268 [ 350735A5E5B1EB6C733F8D3E01545E3D, 160541B3DB37EF1BC8BCDDAD95FEEDF973DF5D4DC89E5434412C70A43B1D8CE5 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
23:55:52.0725 0x1268 iaStorA - ok
23:55:52.0741 0x1268 iaStorAVC - ok
23:55:52.0741 0x1268 iaStorV - ok
23:55:52.0741 0x1268 ibbus - ok
23:55:52.0741 0x1268 icssvc - ok
23:55:52.0741 0x1268 IKEEXT - ok
23:55:52.0741 0x1268 IndirectKmd - ok
23:55:52.0757 0x1268 InstallService - ok
23:55:52.0757 0x1268 intelide - ok
23:55:52.0757 0x1268 intelpep - ok
23:55:52.0757 0x1268 intelppm - ok
23:55:52.0757 0x1268 [ 19A1A2A4FCE0AAF59223A0B3D13A9F04, 407FD17E7F128D8C4476142DDA84D0E4ADAE627D09A03ABA29472C9771444B2E ] IntelTurboBoostMax C:\WINDOWS\system32\DRIVERS\IntelNit.sys
23:55:52.0772 0x1268 IntelTurboBoostMax - ok
23:55:52.0772 0x1268 iorate - ok
23:55:52.0772 0x1268 IpFilterDriver - ok
23:55:52.0772 0x1268 iphlpsvc - ok
23:55:52.0772 0x1268 IPMIDRV - ok
23:55:52.0772 0x1268 IPNAT - ok
23:55:52.0772 0x1268 IPT - ok
23:55:52.0788 0x1268 IpxlatCfgSvc - ok
23:55:52.0788 0x1268 irda - ok
23:55:52.0788 0x1268 IRENUM - ok
23:55:52.0788 0x1268 irmon - ok
23:55:52.0803 0x1268 isapnp - ok
23:55:52.0803 0x1268 iScsiPrt - ok
23:55:52.0803 0x1268 [ 8486B6866BBBDD8EBDB7C3EC63C5A4F5, 5123DEB37C2BE992C268A6CDA5E3095C4611A87C251E0732BE8EEE6FC3C5FB35 ] ITBMService C:\WINDOWS\SysWOW64\ITBMSvc.exe
23:55:52.0882 0x1268 ITBMService - ok
23:55:52.0882 0x1268 ItSas35i - ok
23:55:52.0882 0x1268 kbdclass - ok
23:55:52.0897 0x1268 kbdhid - ok
23:55:52.0897 0x1268 kdnic - ok
23:55:52.0897 0x1268 KeyIso - ok
23:55:52.0897 0x1268 [ 46F2739380768186581E58A410E66972, AEDED6A5696F6273F79353B5BFCB806271154F92E94B40748605BC4C54A9B22F ] KillerEth C:\WINDOWS\System32\drivers\e2xw10x64.sys
23:55:52.0897 0x1268 KillerEth - ok
23:55:52.0913 0x1268 KSecDD - ok
23:55:52.0913 0x1268 KSecPkg - ok
23:55:52.0913 0x1268 ksthunk - ok
23:55:52.0913 0x1268 KtmRm - ok
23:55:52.0913 0x1268 LanmanServer - ok
23:55:52.0928 0x1268 LanmanWorkstation - ok
23:55:52.0928 0x1268 lfsvc - ok
23:55:52.0928 0x1268 LicenseManager - ok
23:55:52.0928 0x1268 lltdio - ok
23:55:52.0928 0x1268 lltdsvc - ok
23:55:52.0944 0x1268 lmhosts - ok
23:55:52.0944 0x1268 LSI_SAS - ok
23:55:52.0944 0x1268 LSI_SAS2i - ok
23:55:52.0944 0x1268 LSI_SAS3i - ok
23:55:52.0944 0x1268 LSI_SSS - ok
23:55:52.0944 0x1268 LSM - ok
23:55:52.0944 0x1268 luafv - ok
23:55:52.0960 0x1268 LxpSvc - ok
23:55:52.0960 0x1268 MapsBroker - ok
23:55:52.0960 0x1268 mausbhost - ok
23:55:52.0960 0x1268 mausbip - ok
23:55:52.0960 0x1268 megasas - ok
23:55:52.0960 0x1268 megasas2i - ok
23:55:52.0960 0x1268 megasas35i - ok
23:55:52.0975 0x1268 megasr - ok
23:55:52.0975 0x1268 [ F1E754DEEB3369BCCE2228D5C10DE101, ECC894FCF4C3F2364883BA55242C432E9E416D93E71B67985DF24ECB39F9BAC4 ] MEIx64 C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
23:55:52.0991 0x1268 MEIx64 - ok
23:55:52.0991 0x1268 MessagingService - ok
23:55:53.0007 0x1268 mlx4_bus - ok
23:55:53.0007 0x1268 MMCSS - ok
23:55:53.0007 0x1268 Modem - ok
23:55:53.0007 0x1268 monitor - ok
23:55:53.0007 0x1268 mouclass - ok
23:55:53.0007 0x1268 mouhid - ok
23:55:53.0022 0x1268 mountmgr - ok
23:55:53.0022 0x1268 [ 1D8121F646343BD58B25ACBD0E5E9A8A, 5189E054F64159931B11699AAB3B0F9C21170253BED8B9271B74FDB452FBD263 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:55:53.0022 0x1268 MozillaMaintenance - ok
23:55:53.0022 0x1268 mpsdrv - ok
23:55:53.0022 0x1268 mpssvc - ok
23:55:53.0038 0x1268 MRxDAV - ok
23:55:53.0038 0x1268 mrxsmb - ok
23:55:53.0038 0x1268 mrxsmb10 - ok
23:55:53.0038 0x1268 mrxsmb20 - ok
23:55:53.0038 0x1268 MsBridge - ok
23:55:53.0038 0x1268 MSDTC - ok
23:55:53.0038 0x1268 Msfs - ok
23:55:53.0053 0x1268 msgpiowin32 - ok
23:55:53.0053 0x1268 mshidkmdf - ok
23:55:53.0053 0x1268 mshidumdf - ok
23:55:53.0053 0x1268 msisadrv - ok
23:55:53.0053 0x1268 MSiSCSI - ok
23:55:53.0069 0x1268 msiserver - ok
23:55:53.0069 0x1268 MSKSSRV - ok
23:55:53.0069 0x1268 MsLldp - ok
23:55:53.0085 0x1268 MSPCLOCK - ok
23:55:53.0085 0x1268 MSPQM - ok
23:55:53.0085 0x1268 MsRPC - ok
23:55:53.0085 0x1268 MsSecFlt - ok
23:55:53.0085 0x1268 mssmbios - ok
23:55:53.0085 0x1268 MSTEE - ok
23:55:53.0100 0x1268 MTConfig - ok
23:55:53.0100 0x1268 Mup - ok
23:55:53.0100 0x1268 mvumis - ok
23:55:53.0163 0x1268 [ AEC09F6E0C0F9395F7031C73714E27DD, D29996BCEC2758E0308C2504319FAA3058595CE470C172570C8D5B0A7BCA438C ] MZ0380.X64 C:\WINDOWS\system32\DRIVERS\eMZ0380.X64.SYS
23:55:53.0210 0x1268 MZ0380.X64 - ok
23:55:53.0225 0x1268 NativeWifiP - ok
23:55:53.0225 0x1268 NaturalAuthentication - ok
23:55:53.0225 0x1268 NcaSvc - ok
23:55:53.0225 0x1268 NcbService - ok
23:55:53.0225 0x1268 NcdAutoSetup - ok
23:55:53.0225 0x1268 ndfltr - ok
23:55:53.0225 0x1268 NDIS - ok
23:55:53.0225 0x1268 NdisCap - ok
23:55:53.0241 0x1268 NdisImPlatform - ok
23:55:53.0241 0x1268 NdisTapi - ok
23:55:53.0241 0x1268 Ndisuio - ok
23:55:53.0241 0x1268 NdisVirtualBus - ok
23:55:53.0241 0x1268 NdisWan - ok
23:55:53.0241 0x1268 ndiswanlegacy - ok
23:55:53.0257 0x1268 ndproxy - ok
23:55:53.0257 0x1268 Ndu - ok
23:55:53.0257 0x1268 NetAdapterCx - ok
23:55:53.0257 0x1268 NetBIOS - ok
23:55:53.0257 0x1268 NetBT - ok
23:55:53.0257 0x1268 Netlogon - ok
23:55:53.0257 0x1268 Netman - ok
23:55:53.0272 0x1268 netprofm - ok
23:55:53.0272 0x1268 NetSetupSvc - ok
23:55:53.0272 0x1268 NetTcpPortSharing - ok
23:55:53.0272 0x1268 netvsc - ok
23:55:53.0272 0x1268 NgcCtnrSvc - ok
23:55:53.0288 0x1268 NgcSvc - ok
23:55:53.0288 0x1268 NlaSvc - ok
23:55:53.0288 0x1268 Npfs - ok
23:55:53.0288 0x1268 npsvctrig - ok
23:55:53.0288 0x1268 nsi - ok
23:55:53.0288 0x1268 nsiproxy - ok
23:55:53.0288 0x1268 Ntfs - ok
23:55:53.0303 0x1268 Null - ok
23:55:53.0303 0x1268 nvdimm - ok
23:55:53.0303 0x1268 [ BF58D8D2DA50AF7A8E55567B7C73661A, 8E6436235E8EBCD20E121BBE8136563B918C127A509192C355F0FCDC6A993ABB ] NVHDA C:\WINDOWS\system32\drivers\nvhda64v.sys
23:55:53.0303 0x1268 NVHDA - ok
23:55:53.0569 0x1268 [ 66ED27A828302B0E1FFF74DBB912A9DF, 0D92BCEC1A989245A2A1D4738DC141ACABF8A8E0461565246A3AF8C12FA606DE ] nvlddmkm C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_2e7fa54192fe16d0\nvlddmkm.sys
23:55:53.0803 0x1268 nvlddmkm - ok
23:55:53.0819 0x1268 nvraid - ok
23:55:53.0835 0x1268 nvstor - ok
23:55:53.0835 0x1268 [ 9DBC464AB85AA48C9760C6C2E591E2D3, C9D718F8BE838E13F7488F1E8DAA79809340235A5BA5BF206C1C3DBF0A5DDB48 ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll
23:55:53.0850 0x1268 OneSyncSvc - ok
23:55:53.0850 0x1268 p2pimsvc - ok
23:55:53.0850 0x1268 p2psvc - ok
23:55:53.0866 0x1268 Parport - ok
23:55:53.0866 0x1268 partmgr - ok
23:55:53.0866 0x1268 PcaSvc - ok
23:55:53.0866 0x1268 pci - ok
23:55:53.0866 0x1268 pciide - ok
23:55:53.0866 0x1268 pcmcia - ok
23:55:53.0882 0x1268 pcw - ok
23:55:53.0882 0x1268 pdc - ok
23:55:53.0882 0x1268 PEAUTH - ok
23:55:53.0882 0x1268 PeerDistSvc - ok
23:55:53.0882 0x1268 percsas2i - ok
23:55:53.0882 0x1268 percsas3i - ok
23:55:53.0897 0x1268 PerfHost - ok
23:55:53.0897 0x1268 PhoneSvc - ok
23:55:53.0913 0x1268 PimIndexMaintenanceSvc - ok
23:55:53.0913 0x1268 pla - ok
23:55:53.0913 0x1268 PlugPlay - ok
23:55:53.0913 0x1268 pmem - ok
23:55:53.0913 0x1268 PNPMEM - ok
23:55:53.0913 0x1268 PNRPAutoReg - ok
23:55:53.0928 0x1268 PNRPsvc - ok
23:55:53.0928 0x1268 PolicyAgent - ok
23:55:53.0928 0x1268 Power - ok
23:55:53.0928 0x1268 PptpMiniport - ok
23:55:53.0975 0x1268 [ AD62FCEC1CB8ECD7C0E3DFD2FA79FDE4, 6372FC5E78A2DDB8AE6EB73BEB5C0D4056FB6BE9F231A36BAC37AE970F5EB247 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
23:55:54.0022 0x1268 PrintNotify - ok
23:55:54.0038 0x1268 PrintWorkflowUserSvc - ok
23:55:54.0038 0x1268 Processor - ok
23:55:54.0053 0x1268 ProfSvc - ok
23:55:54.0053 0x1268 Psched - ok
23:55:54.0053 0x1268 [ 802AAE76DB52903F86F6F9303D5AB40A, 7500D5F35CB5765A2BA5556E05E0E55334A0083E3BDF21C5F6B30C4E252ACEF9 ] PTSimBus C:\WINDOWS\System32\Drivers\PTSimBus.sys
23:55:54.0053 0x1268 PTSimBus - ok
23:55:54.0069 0x1268 [ 0E209CB85A61F62A2E19AEE44F94ADD0, 603467BB2A98265619FAC96AD3DCE12184B453A33E10C384ADDC61712BC693DA ] PTSimHid C:\WINDOWS\System32\Drivers\PTSimHid.sys
23:55:54.0069 0x1268 PTSimHid - ok
23:55:54.0069 0x1268 PushToInstall - ok
23:55:54.0069 0x1268 QWAVE - ok
23:55:54.0085 0x1268 QWAVEdrv - ok
23:55:54.0085 0x1268 Ramdisk - ok
23:55:54.0085 0x1268 RasAcd - ok
23:55:54.0085 0x1268 RasAgileVpn - ok
23:55:54.0085 0x1268 RasAuto - ok
23:55:54.0085 0x1268 Rasl2tp - ok
23:55:54.0100 0x1268 RasMan - ok
23:55:54.0100 0x1268 RasPppoe - ok
23:55:54.0100 0x1268 RasSstp - ok
23:55:54.0100 0x1268 rdbss - ok
23:55:54.0100 0x1268 rdpbus - ok
23:55:54.0100 0x1268 RDPDR - ok
23:55:54.0116 0x1268 RdpVideoMiniport - ok
23:55:54.0116 0x1268 rdyboost - ok
23:55:54.0116 0x1268 ReFS - ok
23:55:54.0116 0x1268 ReFSv1 - ok
23:55:54.0116 0x1268 RemoteAccess - ok
23:55:54.0116 0x1268 RemoteRegistry - ok
23:55:54.0116 0x1268 RetailDemo - ok
23:55:54.0132 0x1268 rhproxy - ok
23:55:54.0132 0x1268 RmSvc - ok
23:55:54.0132 0x1268 RpcEptMapper - ok
23:55:54.0132 0x1268 RpcLocator - ok
23:55:54.0132 0x1268 RpcSs - ok
23:55:54.0132 0x1268 rspndr - ok
23:55:54.0147 0x1268 [ FD0D651EFBDAAB24962805D44E8E345C, B160487781A65A767C543B70D0BC1D62C9D1F208CC80242B2B3E69500152C49F ] RTSUER C:\WINDOWS\system32\Drivers\RtsUer.sys
23:55:54.0147 0x1268 RTSUER - ok
23:55:54.0147 0x1268 s3cap - ok
23:55:54.0147 0x1268 SamSs - ok
23:55:54.0163 0x1268 sbp2port - ok
23:55:54.0163 0x1268 SCardSvr - ok
23:55:54.0163 0x1268 ScDeviceEnum - ok
23:55:54.0163 0x1268 scfilter - ok
23:55:54.0179 0x1268 Schedule - ok
23:55:54.0179 0x1268 scmbus - ok
23:55:54.0179 0x1268 SCPolicySvc - ok
23:55:54.0194 0x1268 sdbus - ok
23:55:54.0194 0x1268 SDFRd - ok
23:55:54.0194 0x1268 SDRSVC - ok
23:55:54.0194 0x1268 sdstor - ok
23:55:54.0194 0x1268 seclogon - ok
23:55:54.0194 0x1268 SecurityHealthService - ok
23:55:54.0210 0x1268 SEMgrSvc - ok
23:55:54.0210 0x1268 SENS - ok
23:55:54.0210 0x1268 Sense - ok
23:55:54.0210 0x1268 SensorDataService - ok
23:55:54.0225 0x1268 SensorService - ok
23:55:54.0225 0x1268 SensrSvc - ok
23:55:54.0225 0x1268 SerCx - ok
23:55:54.0225 0x1268 SerCx2 - ok
23:55:54.0225 0x1268 Serenum - ok
23:55:54.0225 0x1268 Serial - ok
23:55:54.0241 0x1268 sermouse - ok
23:55:54.0241 0x1268 SessionEnv - ok
23:55:54.0257 0x1268 sfloppy - ok
23:55:54.0257 0x1268 SgrmAgent - ok
23:55:54.0257 0x1268 SgrmBroker - ok
23:55:54.0257 0x1268 SharedAccess - ok
23:55:54.0257 0x1268 SharedRealitySvc - ok
23:55:54.0257 0x1268 ShellHWDetection - ok
23:55:54.0272 0x1268 shpamsvc - ok
23:55:54.0272 0x1268 SiSRaid2 - ok
23:55:54.0272 0x1268 SiSRaid4 - ok
23:55:54.0272 0x1268 smbdirect - ok
23:55:54.0272 0x1268 smphost - ok
23:55:54.0272 0x1268 SmsRouter - ok
23:55:54.0288 0x1268 SNMPTRAP - ok
23:55:54.0288 0x1268 spaceport - ok
23:55:54.0288 0x1268 SpbCx - ok
23:55:54.0288 0x1268 spectrum - ok
23:55:54.0288 0x1268 Spooler - ok
23:55:54.0304 0x1268 sppsvc - ok
23:55:54.0304 0x1268 srv2 - ok
23:55:54.0304 0x1268 srvnet - ok
23:55:54.0304 0x1268 SSDPSRV - ok
23:55:54.0319 0x1268 [ 5EE518DFADC18573E681BB78833E93FA, E98CCD3E2ADA265D6E3CF48CDBFE5C3067E0546F179F23B77C267F65CEB978EE ] ssh-agent C:\WINDOWS\System32\OpenSSH\ssh-agent.exe
23:55:54.0319 0x1268 ssh-agent - ok
23:55:54.0319 0x1268 SstpSvc - ok
23:55:54.0319 0x1268 StateRepository - ok
23:55:54.0350 0x1268 [ 83A8BFB7924EEF962D79E5573994A56F, F97C9511247FCDC6D84A81D94656BD82413781692A82D3A5DBCBAF811A839B96 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
23:55:54.0382 0x1268 Steam Client Service - ok
23:55:54.0382 0x1268 stexstor - ok
23:55:54.0382 0x1268 [ 306FF12041780273C371794F4CBCB055, B4D04C25D5059D6BB3F14DB7649378625DFFA03C26F2A7C061E9A439BE011F30 ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
23:55:54.0397 0x1268 StillCam - ok
23:55:54.0397 0x1268 stisvc - ok
23:55:54.0397 0x1268 storahci - ok
23:55:54.0397 0x1268 storflt - ok
23:55:54.0397 0x1268 stornvme - ok
23:55:54.0397 0x1268 storqosflt - ok
23:55:54.0397 0x1268 StorSvc - ok
23:55:54.0413 0x1268 storufs - ok
23:55:54.0413 0x1268 storvsc - ok
23:55:54.0429 0x1268 svsvc - ok
23:55:54.0429 0x1268 swenum - ok
23:55:54.0444 0x1268 swprv - ok
23:55:54.0444 0x1268 Synth3dVsc - ok
23:55:54.0444 0x1268 SysMain - ok
23:55:54.0460 0x1268 SystemEventsBroker - ok
23:55:54.0460 0x1268 Tablet2k - ok
23:55:54.0460 0x1268 TabletInputService - ok
23:55:54.0475 0x1268 TapiSrv - ok
23:55:54.0475 0x1268 [ 92EEAC0AE44A25D7BE3379E1723E7A0D, 686339E7816AAFFBB355D2BAEC1371527C9A4ED3809F703A101167D3F314E3E5 ] TClass2k C:\WINDOWS\System32\Drivers\TClass2k.sys
23:55:54.0475 0x1268 TClass2k - ok
23:55:54.0491 0x1268 Tcpip - ok
23:55:54.0491 0x1268 Tcpip6 - ok
23:55:54.0491 0x1268 tcpipreg - ok
23:55:54.0491 0x1268 tdx - ok
23:55:54.0491 0x1268 terminpt - ok
23:55:54.0507 0x1268 TermService - ok
23:55:54.0507 0x1268 Themes - ok
23:55:54.0507 0x1268 TieringEngineService - ok
23:55:54.0507 0x1268 TimeBrokerSvc - ok
23:55:54.0507 0x1268 TokenBroker - ok
23:55:54.0522 0x1268 TPM - ok
23:55:54.0522 0x1268 TrkWks - ok
23:55:54.0522 0x1268 TrustedInstaller - ok
23:55:54.0522 0x1268 TsUsbFlt - ok
23:55:54.0522 0x1268 TsUsbGD - ok
23:55:54.0522 0x1268 tsusbhub - ok
23:55:54.0538 0x1268 tunnel - ok
23:55:54.0538 0x1268 tzautoupdate - ok
23:55:54.0538 0x1268 UASPStor - ok
23:55:54.0538 0x1268 UcmCx0101 - ok
23:55:54.0538 0x1268 UcmTcpciCx0101 - ok
23:55:54.0538 0x1268 UcmUcsi - ok
23:55:54.0554 0x1268 [ DE705E1F460DAA4BC40FD4A4937D5BB5, 9A234BB7EE0B9B4DCF34D1BE287DD598D589C90545814131CDDB154FD11D0FED ] UCTblHid C:\WINDOWS\System32\Drivers\UCTblHid.sys
23:55:54.0554 0x1268 UCTblHid - ok
23:55:54.0554 0x1268 Ucx01000 - ok
23:55:54.0554 0x1268 UdeCx - ok
23:55:54.0554 0x1268 udfs - ok
23:55:54.0569 0x1268 UEFI - ok
23:55:54.0569 0x1268 UevAgentDriver - ok
23:55:54.0569 0x1268 UevAgentService - ok
23:55:54.0585 0x1268 Ufx01000 - ok
23:55:54.0585 0x1268 UfxChipidea - ok
23:55:54.0585 0x1268 ufxsynopsys - ok
23:55:54.0585 0x1268 umbus - ok
23:55:54.0585 0x1268 UmPass - ok
23:55:54.0585 0x1268 UmRdpService - ok
23:55:54.0600 0x1268 UnistoreSvc - ok
23:55:54.0600 0x1268 upnphost - ok
23:55:54.0600 0x1268 UrsChipidea - ok
23:55:54.0600 0x1268 UrsCx01000 - ok
23:55:54.0600 0x1268 UrsSynopsys - ok
23:55:54.0600 0x1268 usbccgp - ok
23:55:54.0616 0x1268 usbcir - ok
23:55:54.0616 0x1268 usbehci - ok
23:55:54.0616 0x1268 usbhub - ok
23:55:54.0616 0x1268 USBHUB3 - ok
23:55:54.0632 0x1268 usbohci - ok
23:55:54.0632 0x1268 usbprint - ok
23:55:54.0632 0x1268 usbser - ok
23:55:54.0632 0x1268 USBSTOR - ok
23:55:54.0647 0x1268 usbuhci - ok
23:55:54.0647 0x1268 USBXHCI - ok
23:55:54.0647 0x1268 UserDataSvc - ok
23:55:54.0663 0x1268 UserManager - ok
23:55:54.0663 0x1268 UsoSvc - ok
23:55:54.0663 0x1268 VacSvc - ok
23:55:54.0663 0x1268 VaultSvc - ok
23:55:54.0663 0x1268 vdrvroot - ok
23:55:54.0663 0x1268 vds - ok
23:55:54.0679 0x1268 VerifierExt - ok
23:55:54.0679 0x1268 vhdmp - ok
23:55:54.0679 0x1268 vhf - ok
23:55:54.0679 0x1268 vmbus - ok
23:55:54.0679 0x1268 VMBusHID - ok
23:55:54.0679 0x1268 vmgid - ok
23:55:54.0694 0x1268 vmicguestinterface - ok
23:55:54.0694 0x1268 vmicheartbeat - ok
23:55:54.0694 0x1268 vmickvpexchange - ok
23:55:54.0710 0x1268 vmicrdv - ok
23:55:54.0710 0x1268 vmicshutdown - ok
23:55:54.0710 0x1268 vmictimesync - ok
23:55:54.0725 0x1268 vmicvmsession - ok
23:55:54.0725 0x1268 vmicvss - ok
23:55:54.0725 0x1268 volmgr - ok
23:55:54.0725 0x1268 volmgrx - ok
23:55:54.0725 0x1268 volsnap - ok
23:55:54.0725 0x1268 volume - ok
23:55:54.0725 0x1268 vpci - ok
23:55:54.0741 0x1268 vsmraid - ok
23:55:54.0741 0x1268 VSS - ok
23:55:54.0741 0x1268 VSTXRAID - ok
23:55:54.0741 0x1268 vwifibus - ok
23:55:54.0741 0x1268 vwififlt - ok
23:55:54.0741 0x1268 W32Time - ok
23:55:54.0757 0x1268 WaaSMedicSvc - ok
23:55:54.0757 0x1268 WacomPen - ok
23:55:54.0757 0x1268 WalletService - ok
23:55:54.0757 0x1268 wanarp - ok
23:55:54.0757 0x1268 wanarpv6 - ok
23:55:54.0757 0x1268 WarpJITSvc - ok
23:55:54.0757 0x1268 wbengine - ok
23:55:54.0772 0x1268 WbioSrvc - ok
23:55:54.0772 0x1268 wcifs - ok
23:55:54.0772 0x1268 Wcmsvc - ok
23:55:54.0772 0x1268 wcncsvc - ok
23:55:54.0772 0x1268 wcnfs - ok
23:55:54.0788 0x1268 [ 45545A0E3ECDC23C4E2C104674885F51, DC6042F4A10AA564461623440A6F5A63931D28643131047CF23E4CE1A9461893 ] WdBoot C:\WINDOWS\system32\drivers\wd\WdBoot.sys
23:55:54.0788 0x1268 WdBoot - ok
23:55:54.0788 0x1268 Wdf01000 - ok
23:55:54.0804 0x1268 [ 9A3299DA5B85B13C38C3DAB8F80B608D, E39361AEB53A5E6C5C21A3E708088870B7080EA0CC822E8518DCB579A729FDAA ] WdFilter C:\WINDOWS\system32\drivers\wd\WdFilter.sys
23:55:54.0804 0x1268 WdFilter - ok
23:55:54.0804 0x1268 WdiServiceHost - ok
23:55:54.0804 0x1268 WdiSystemHost - ok
23:55:54.0819 0x1268 wdiwifi - ok
23:55:54.0819 0x1268 WdmCompanionFilter - ok
23:55:54.0819 0x1268 [ BB1DD5254A7BBFE88F85B7EDCA3BE92A, 7B5721AAF9B8D96A2E73C50F873ACD95C0ED8F6915A16D258BDE199CC6FC9851 ] WdNisDrv C:\WINDOWS\system32\drivers\wd\WdNisDrv.sys
23:55:54.0819 0x1268 WdNisDrv - ok
23:55:54.0897 0x1268 [ 3769FB7454F9BFD2860D6E1CA0D3DD24, 2E0E9650F1BE1F20D106EC38ACA36B35658F161E1901E412E5AE535F72F5B5DB ] WdNisSvc C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\NisSrv.exe
23:55:54.0944 0x1268 WdNisSvc - ok
23:55:54.0960 0x1268 WebClient - ok
23:55:54.0960 0x1268 Wecsvc - ok
23:55:54.0975 0x1268 WEPHOSTSVC - ok
23:55:54.0975 0x1268 wercplsupport - ok
23:55:54.0975 0x1268 WerSvc - ok
23:55:54.0975 0x1268 WFDSConMgrSvc - ok
23:55:54.0975 0x1268 WFPLWFS - ok
23:55:54.0975 0x1268 WiaRpc - ok
23:55:54.0991 0x1268 WIMMount - ok
23:55:54.0991 0x1268 [ B9AD53D60DA72C194F0AA2C89136FA35, DE0DC4F2E623A2F3AB5F57010765954A77E52D995AF74F6D8A52841C941C041B ] WinDefend C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MsMpEng.exe
23:55:54.0991 0x1268 WinDefend - ok
23:55:54.0991 0x1268 WindowsTrustedRT - ok
23:55:54.0991 0x1268 WindowsTrustedRTProxy - ok
23:55:55.0007 0x1268 WinHttpAutoProxySvc - ok
23:55:55.0007 0x1268 WinMad - ok
23:55:55.0007 0x1268 Winmgmt - ok
23:55:55.0007 0x1268 WinNat - ok
23:55:55.0007 0x1268 WinRM - ok
23:55:55.0022 0x1268 WINUSB - ok
23:55:55.0022 0x1268 WinVerbs - ok
23:55:55.0022 0x1268 wisvc - ok
23:55:55.0022 0x1268 WlanSvc - ok
23:55:55.0022 0x1268 wlidsvc - ok
23:55:55.0022 0x1268 wlpasvc - ok
23:55:55.0038 0x1268 WmiAcpi - ok
23:55:55.0038 0x1268 wmiApSrv - ok
23:55:55.0038 0x1268 WMPNetworkSvc - ok
23:55:55.0054 0x1268 [ E122AD60BF4D7E4B28CCBABF33B28C1F, 1ABABE62FCC1B1A837540EE66F3EB0CE062962F05247002D61CFDE6ABB8E7E87 ] Wof C:\WINDOWS\system32\drivers\Wof.sys
23:55:55.0054 0x1268 Wof - ok
23:55:55.0054 0x1268 workfolderssvc - ok
23:55:55.0069 0x1268 WpcMonSvc - ok
23:55:55.0069 0x1268 WPDBusEnum - ok
23:55:55.0069 0x1268 WpdUpFltr - ok
23:55:55.0069 0x1268 WpnService - ok
23:55:55.0069 0x1268 WpnUserService - ok
23:55:55.0085 0x1268 ws2ifsl - ok
23:55:55.0085 0x1268 wscsvc - ok
23:55:55.0085 0x1268 WSDPrintDevice - ok
23:55:55.0085 0x1268 WSearch - ok
23:55:55.0085 0x1268 wuauserv - ok
23:55:55.0100 0x1268 WudfPf - ok
23:55:55.0100 0x1268 WUDFRd - ok
23:55:55.0100 0x1268 WUDFWpdFs - ok
23:55:55.0100 0x1268 WwanSvc - ok
23:55:55.0100 0x1268 xbgm - ok
23:55:55.0100 0x1268 XblAuthManager - ok
23:55:55.0116 0x1268 XblGameSave - ok
23:55:55.0116 0x1268 xboxgip - ok
23:55:55.0116 0x1268 XboxGipSvc - ok
23:55:55.0116 0x1268 XboxNetApiSvc - ok
23:55:55.0116 0x1268 xinputhid - ok
23:55:55.0116 0x1268 ================ Scan global ===============================
23:55:55.0132 0x1268 [ Global ] - ok
23:55:55.0132 0x1268 ================ Scan MBR ==================================
23:55:55.0132 0x1268 [ F2634EFAB9E22A7870007C2453CEFE38 ] \Device\Harddisk0\DR0
23:55:55.0335 0x1268 \Device\Harddisk0\DR0 - ok
23:55:55.0350 0x1268 [ F2634EFAB9E22A7870007C2453CEFE38 ] \Device\Harddisk1\DR1
23:55:55.0538 0x1268 \Device\Harddisk1\DR1 - ok
23:55:55.0538 0x1268 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
23:55:55.0554 0x1268 \Device\Harddisk2\DR2 - ok
23:55:55.0554 0x1268 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk3\DR3
23:55:55.0600 0x1268 \Device\Harddisk3\DR3 - ok
23:55:55.0600 0x1268 [ 8CB37AFC263A219EBB7586F9C495114E ] \Device\Harddisk4\DR4
23:55:55.0600 0x1268 \Device\Harddisk4\DR4 - ok
23:55:55.0600 0x1268 ================ Scan VBR ==================================
23:55:55.0600 0x1268 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition1
23:55:55.0600 0x1268 \Device\Harddisk0\DR0\Partition1 - ok
23:55:55.0600 0x1268 [ 60AC55AE00EE4BAB54E2848F280CA88E ] \Device\Harddisk0\DR0\Partition2
23:55:55.0616 0x1268 \Device\Harddisk0\DR0\Partition2 - ok
23:55:55.0616 0x1268 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition1
23:55:55.0616 0x1268 \Device\Harddisk1\DR1\Partition1 - ok
23:55:55.0616 0x1268 [ 9125E9779E25C79338BC6456B41BC0F4 ] \Device\Harddisk1\DR1\Partition2
23:55:55.0616 0x1268 \Device\Harddisk1\DR1\Partition2 - ok
23:55:55.0616 0x1268 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk2\DR2\Partition1
23:55:55.0616 0x1268 \Device\Harddisk2\DR2\Partition1 - ok
23:55:55.0616 0x1268 [ 36EDB11594246011E677BC8F4693C489 ] \Device\Harddisk2\DR2\Partition2
23:55:55.0616 0x1268 \Device\Harddisk2\DR2\Partition2 - ok
23:55:55.0616 0x1268 [ 64341555A9F5081BEC878B766955E0B0 ] \Device\Harddisk3\DR3\Partition1
23:55:55.0616 0x1268 \Device\Harddisk3\DR3\Partition1 - ok
23:55:55.0616 0x1268 [ 498F2B3018465A8D626C8EAF27FB7771 ] \Device\Harddisk3\DR3\Partition2
23:55:55.0616 0x1268 \Device\Harddisk3\DR3\Partition2 - ok
23:55:55.0632 0x1268 [ 0ADD56AC9872543B111347357FAC6EA4 ] \Device\Harddisk4\DR4\Partition1
23:55:55.0632 0x1268 \Device\Harddisk4\DR4\Partition1 - ok
23:55:55.0632 0x1268 ================ Scan generic autorun ======================
23:55:55.0632 0x1268 SecurityHealth - ok
23:55:55.0632 0x1268 [ F3C8882DC5151B81CB444E7E93320A61, 2B77BFB12E57CC1A2CFAF511BF3C3B62ACFA2820910B968EA7EEACC15396638C ] C:\Program Files\Classic Shell\ClassicStartMenu.exe
23:55:55.0632 0x1268 Classic Start Menu - ok
23:55:55.0647 0x1268 [ 07E19783A17B902628656AA03449D1FA, 4B588074F858D9DA8D0329A8FE3B038F14691ADCF540C93DDDA99F73DF407B9B ] C:\Program Files\Elgato\SoundCapture\SoundCapture.exe
23:55:55.0679 0x1268 Elgato Sound Capture - ok
23:55:55.0679 0x1268 OneDriveSetup - ok
23:55:55.0679 0x1268 WAB Migrate - ok
23:55:55.0679 0x1268 OneDriveSetup - ok
23:55:55.0679 0x1268 WAB Migrate - ok
23:55:55.0694 0x1268 Gaijin.Net Agent - ok
23:55:55.0694 0x1268 Waiting for KSN requests completion. In queue: 6
23:55:56.0741 0x1268 AV detected via SS2: Windows Defender, windowsdefender:// ( ), 0x60100 ( disabled : updated )
23:55:56.0757 0x1268 Win FW state via NFP2: enabled ( trusted )
23:55:56.0929 0x1268 ============================================================
23:55:56.0929 0x1268 Scan finished
23:55:56.0929 0x1268 ============================================================
23:55:56.0929 0x1cf0 Detected object count: 0
23:55:56.0929 0x1cf0 Actual detected object count: 0
23:56:00.0851 0x15ec ============================================================
23:56:00.0851 0x15ec Scan started
23:56:00.0851 0x15ec Mode: Manual;
23:56:00.0851 0x15ec ============================================================
23:56:00.0851 0x15ec KSN ping started
23:56:00.0913 0x15ec KSN ping finished: true
23:56:01.0023 0x15ec ================ Scan system memory ========================
23:56:01.0023 0x15ec System memory - ok
23:56:01.0023 0x15ec ================ Scan services =============================
23:56:01.0069 0x15ec 1394ohci - ok
23:56:01.0069 0x15ec 3ware - ok
23:56:01.0069 0x15ec ACPI - ok
23:56:01.0085 0x15ec AcpiDev - ok
23:56:01.0085 0x15ec acpiex - ok
23:56:01.0085 0x15ec acpipagr - ok
23:56:01.0085 0x15ec AcpiPmi - ok
23:56:01.0085 0x15ec acpitime - ok
23:56:01.0101 0x15ec ADP80XX - ok
23:56:01.0101 0x15ec AFD - ok
23:56:01.0101 0x15ec afunix - ok
23:56:01.0101 0x15ec ahcache - ok
23:56:01.0116 0x15ec AJRouter - ok
23:56:01.0116 0x15ec ALG - ok
23:56:01.0116 0x15ec AmdK8 - ok
23:56:01.0116 0x15ec AmdPPM - ok
23:56:01.0116 0x15ec amdsata - ok
23:56:01.0116 0x15ec amdsbs - ok
23:56:01.0132 0x15ec amdxata - ok
23:56:01.0132 0x15ec AppID - ok
23:56:01.0132 0x15ec AppIDSvc - ok
23:56:01.0132 0x15ec Appinfo - ok
23:56:01.0132 0x15ec applockerfltr - ok
23:56:01.0132 0x15ec AppMgmt - ok
23:56:01.0148 0x15ec AppReadiness - ok
23:56:01.0148 0x15ec AppVClient - ok
23:56:01.0148 0x15ec AppvStrm - ok
23:56:01.0148 0x15ec AppvVemgr - ok
23:56:01.0148 0x15ec AppvVfs - ok
23:56:01.0148 0x15ec AppXSvc - ok
23:56:01.0148 0x15ec arcsas - ok
23:56:01.0163 0x15ec AssignedAccessManagerSvc - ok
23:56:01.0163 0x15ec AsyncMac - ok
23:56:01.0163 0x15ec atapi - ok
23:56:01.0163 0x15ec AudioEndpointBuilder - ok
23:56:01.0163 0x15ec Audiosrv - ok
23:56:01.0163 0x15ec AxInstSV - ok
23:56:01.0163 0x15ec b06bdrv - ok
23:56:01.0179 0x15ec bam - ok
23:56:01.0179 0x15ec BasicDisplay - ok
23:56:01.0179 0x15ec BasicRender - ok
23:56:01.0179 0x15ec BcastDVRUserService - ok
23:56:01.0179 0x15ec bcmfn2 - ok
23:56:01.0179 0x15ec BDESVC - ok
23:56:01.0194 0x15ec Beep - ok
23:56:01.0273 0x15ec [ 3FCB0D709307668907900A6897500742, 751CA6BEB01168723B2FF5A3A3BAD3EC51DF40B82A90ABA9367B72947224C4AD ] BEService C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
23:56:01.0335 0x15ec BEService - ok
23:56:01.0351 0x15ec BFE - ok
23:56:01.0351 0x15ec bindflt - ok
23:56:01.0366 0x15ec BITS - ok
23:56:01.0366 0x15ec BluetoothUserService - ok
23:56:01.0366 0x15ec bowser - ok
23:56:01.0382 0x15ec BrokerInfrastructure - ok
23:56:01.0382 0x15ec Browser - ok
23:56:01.0382 0x15ec BTAGService - ok
23:56:01.0382 0x15ec BthAvctpSvc - ok
23:56:01.0382 0x15ec BthHFEnum - ok
23:56:01.0398 0x15ec BTHMODEM - ok
23:56:01.0398 0x15ec bthserv - ok
23:56:01.0398 0x15ec bttflt - ok
23:56:01.0398 0x15ec buttonconverter - ok
23:56:01.0398 0x15ec CAD - ok
23:56:01.0398 0x15ec camsvc - ok
23:56:01.0398 0x15ec CapImg - ok
23:56:01.0413 0x15ec CaptureService - ok
23:56:01.0413 0x15ec cdfs - ok
23:56:01.0413 0x15ec CDPSvc - ok
23:56:01.0413 0x15ec CDPUserSvc - ok
23:56:01.0413 0x15ec cdrom - ok
23:56:01.0413 0x15ec CertPropSvc - ok
23:56:01.0429 0x15ec cht4iscsi - ok
23:56:01.0429 0x15ec cht4vbd - ok
23:56:01.0429 0x15ec circlass - ok
23:56:01.0429 0x15ec CldFlt - ok
23:56:01.0429 0x15ec CLFS - ok
23:56:01.0429 0x15ec ClipSVC - ok
23:56:01.0444 0x15ec CmBatt - ok
23:56:01.0444 0x15ec CNG - ok
23:56:01.0444 0x15ec cnghwassist - ok
23:56:01.0460 0x15ec CompositeBus - ok
23:56:01.0460 0x15ec COMSysApp - ok
23:56:01.0460 0x15ec condrv - ok
23:56:01.0460 0x15ec CoreMessagingRegistrar - ok
23:56:01.0460 0x15ec CryptSvc - ok
23:56:01.0460 0x15ec CSC - ok
23:56:01.0476 0x15ec CscService - ok
23:56:01.0476 0x15ec dam - ok
23:56:01.0476 0x15ec DcomLaunch - ok
23:56:01.0476 0x15ec defragsvc - ok
23:56:01.0476 0x15ec DeviceAssociationService - ok
23:56:01.0476 0x15ec DeviceInstall - ok
23:56:01.0476 0x15ec DevicePickerUserSvc - ok
23:56:01.0491 0x15ec DevicesFlowUserSvc - ok
23:56:01.0491 0x15ec DevQueryBroker - ok
23:56:01.0491 0x15ec Dfsc - ok
23:56:01.0491 0x15ec Dhcp - ok
23:56:01.0491 0x15ec diagnosticshub.standardcollector.service - ok
23:56:01.0491 0x15ec diagsvc - ok
23:56:01.0507 0x15ec Disk - ok
23:56:01.0507 0x15ec DmEnrollmentSvc - ok
23:56:01.0507 0x15ec dmvsc - ok
23:56:01.0507 0x15ec dmwappushservice - ok
23:56:01.0507 0x15ec Dnscache - ok
23:56:01.0507 0x15ec dot3svc - ok
23:56:01.0507 0x15ec DPS - ok
23:56:01.0523 0x15ec drmkaud - ok
23:56:01.0523 0x15ec DsmSvc - ok
23:56:01.0523 0x15ec DsSvc - ok
23:56:01.0523 0x15ec DusmSvc - ok
23:56:01.0523 0x15ec DXGKrnl - ok
23:56:01.0523 0x15ec [ 46F2739380768186581E58A410E66972, AEDED6A5696F6273F79353B5BFCB806271154F92E94B40748605BC4C54A9B22F ] e2xw10x64 C:\WINDOWS\System32\drivers\e2xw10x64.sys
23:56:01.0538 0x15ec e2xw10x64 - ok
23:56:01.0538 0x15ec Eaphost - ok
23:56:01.0538 0x15ec [ BC7F1AE189694432A3FA7BE058C31182, C13F2DADA8C06E8EEF27737F999C2D090C7D4CE8FF2D53D4D36D7A5BD61FCC96 ] EasyAntiCheat C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
23:56:01.0554 0x15ec EasyAntiCheat - ok
23:56:01.0554 0x15ec ebdrv - ok
23:56:01.0554 0x15ec EFS - ok
23:56:01.0554 0x15ec EhStorClass - ok
23:56:01.0569 0x15ec EhStorTcgDrv - ok
23:56:01.0569 0x15ec [ 3937E1CB2EBCE950D412DC7140D9C0D0, 607DC751CCB6EDF727E4174C44AB6165E9D57DF35DB91D2F8B973D79BC20A1C6 ] ElgatoVAD C:\WINDOWS\system32\DRIVERS\ElgatoVAD.sys
23:56:01.0569 0x15ec ElgatoVAD - ok
23:56:01.0569 0x15ec embeddedmode - ok
23:56:01.0569 0x15ec EntAppSvc - ok
23:56:01.0569 0x15ec ErrDev - ok
23:56:01.0569 0x15ec EventSystem - ok
23:56:01.0585 0x15ec exfat - ok
23:56:01.0585 0x15ec fastfat - ok
23:56:01.0585 0x15ec Fax - ok
23:56:01.0585 0x15ec fdc - ok
23:56:01.0585 0x15ec fdPHost - ok
23:56:01.0585 0x15ec FDResPub - ok
23:56:01.0585 0x15ec fhsvc - ok
23:56:01.0601 0x15ec FileCrypt - ok
23:56:01.0601 0x15ec FileInfo - ok
23:56:01.0601 0x15ec Filetrace - ok
23:56:01.0601 0x15ec flpydisk - ok
23:56:01.0601 0x15ec FltMgr - ok
23:56:01.0601 0x15ec FontCache - ok
23:56:01.0601 0x15ec FontCache3.0.0.0 - ok
23:56:01.0616 0x15ec FrameServer - ok
23:56:01.0616 0x15ec FsDepends - ok
23:56:01.0616 0x15ec Fs_Rec - ok
23:56:01.0616 0x15ec fvevol - ok
23:56:01.0616 0x15ec gencounter - ok
23:56:01.0616 0x15ec genericusbfn - ok
23:56:01.0632 0x15ec GPIOClx0101 - ok
23:56:01.0632 0x15ec gpsvc - ok
23:56:01.0632 0x15ec GpuEnergyDrv - ok
23:56:01.0632 0x15ec GraphicsPerfSvc - ok
23:56:01.0632 0x15ec HdAudAddService - ok
23:56:01.0632 0x15ec HDAudBus - ok
23:56:01.0632 0x15ec HidBatt - ok
23:56:01.0632 0x15ec HidBth - ok
23:56:01.0648 0x15ec hidi2c - ok
23:56:01.0648 0x15ec hidinterrupt - ok
23:56:01.0648 0x15ec HidIr - ok
23:56:01.0663 0x15ec hidserv - ok
23:56:01.0663 0x15ec HidUsb - ok
23:56:01.0679 0x15ec [ 7D2A63C3CFD2714D153EFCBF412AB7CC, 7448580C09E2CD521BF1E16F0CC88CFEADFCC7232CA50A8E091714DFD2EF7CAE ] HPM1210RcvFaxSrvc C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe
23:56:01.0679 0x15ec HPM1210RcvFaxSrvc - ok
23:56:01.0694 0x15ec HpSAMD - ok
23:56:01.0694 0x15ec [ FE775928DD2365EAD4EA35586FDB2BBF, 0AE4CFC306140BDD9D776E609E355E5C23EF9B7878700927DE6A77E43ADE9537 ] HPSIService C:\WINDOWS\system32\HPSIsvc.exe
23:56:01.0694 0x15ec HPSIService - ok
23:56:01.0710 0x15ec HTTP - ok
23:56:01.0710 0x15ec hvcrash - ok
23:56:01.0710 0x15ec HvHost - ok
23:56:01.0710 0x15ec hvservice - ok
23:56:01.0726 0x15ec [ EF558A02D734A1403583E95CCEEC2487, F0D052DAF48A62E4A90D067BFCB5EE9563804DE68D0EA82E0E11C8D16AD19D29 ] HWiNFO32 C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS
23:56:01.0726 0x15ec HWiNFO32 - ok
23:56:01.0726 0x15ec HwNClx0101 - ok
23:56:01.0726 0x15ec hwpolicy - ok
23:56:01.0726 0x15ec hyperkbd - ok
23:56:01.0741 0x15ec HyperVideo - ok
23:56:01.0741 0x15ec i8042prt - ok
23:56:01.0741 0x15ec iagpio - ok
23:56:01.0741 0x15ec iai2c - ok
23:56:01.0741 0x15ec iaLPSS2i_GPIO2 - ok
23:56:01.0741 0x15ec iaLPSS2i_GPIO2_BXT_P - ok
23:56:01.0741 0x15ec iaLPSS2i_I2C - ok
23:56:01.0757 0x15ec iaLPSS2i_I2C_BXT_P - ok
23:56:01.0757 0x15ec iaLPSSi_GPIO - ok
23:56:01.0757 0x15ec iaLPSSi_I2C - ok
23:56:01.0773 0x15ec [ 350735A5E5B1EB6C733F8D3E01545E3D, 160541B3DB37EF1BC8BCDDAD95FEEDF973DF5D4DC89E5434412C70A43B1D8CE5 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
23:56:01.0788 0x15ec iaStorA - ok
23:56:01.0804 0x15ec iaStorAVC - ok
23:56:01.0804 0x15ec iaStorV - ok
23:56:01.0804 0x15ec ibbus - ok
23:56:01.0819 0x15ec icssvc - ok
23:56:01.0819 0x15ec IKEEXT - ok
23:56:01.0819 0x15ec IndirectKmd - ok
23:56:01.0835 0x15ec InstallService - ok
23:56:01.0835 0x15ec intelide - ok
23:56:01.0851 0x15ec intelpep - ok
23:56:01.0851 0x15ec intelppm - ok
23:56:01.0851 0x15ec [ 19A1A2A4FCE0AAF59223A0B3D13A9F04, 407FD17E7F128D8C4476142DDA84D0E4ADAE627D09A03ABA29472C9771444B2E ] IntelTurboBoostMax C:\WINDOWS\system32\DRIVERS\IntelNit.sys
23:56:01.0851 0x15ec IntelTurboBoostMax - ok
23:56:01.0851 0x15ec iorate - ok
23:56:01.0866 0x15ec IpFilterDriver - ok
23:56:01.0866 0x15ec iphlpsvc - ok
23:56:01.0866 0x15ec IPMIDRV - ok
23:56:01.0866 0x15ec IPNAT - ok
23:56:01.0866 0x15ec IPT - ok
23:56:01.0866 0x15ec IpxlatCfgSvc - ok
23:56:01.0866 0x15ec irda - ok
23:56:01.0882 0x15ec IRENUM - ok
23:56:01.0882 0x15ec irmon - ok
23:56:01.0882 0x15ec isapnp - ok
23:56:01.0882 0x15ec iScsiPrt - ok
23:56:01.0882 0x15ec [ 8486B6866BBBDD8EBDB7C3EC63C5A4F5, 5123DEB37C2BE992C268A6CDA5E3095C4611A87C251E0732BE8EEE6FC3C5FB35 ] ITBMService C:\WINDOWS\SysWOW64\ITBMSvc.exe
23:56:01.0882 0x15ec ITBMService - ok
23:56:01.0898 0x15ec ItSas35i - ok
23:56:01.0898 0x15ec kbdclass - ok
23:56:01.0898 0x15ec kbdhid - ok
23:56:01.0898 0x15ec kdnic - ok
23:56:01.0898 0x15ec KeyIso - ok
23:56:01.0898 0x15ec [ 46F2739380768186581E58A410E66972, AEDED6A5696F6273F79353B5BFCB806271154F92E94B40748605BC4C54A9B22F ] KillerEth C:\WINDOWS\System32\drivers\e2xw10x64.sys
23:56:01.0913 0x15ec KillerEth - ok
23:56:01.0913 0x15ec KSecDD - ok
23:56:01.0913 0x15ec KSecPkg - ok
23:56:01.0913 0x15ec ksthunk - ok
23:56:01.0913 0x15ec KtmRm - ok
23:56:01.0913 0x15ec LanmanServer - ok
23:56:01.0913 0x15ec LanmanWorkstation - ok
23:56:01.0929 0x15ec lfsvc - ok
23:56:01.0929 0x15ec LicenseManager - ok
23:56:01.0929 0x15ec lltdio - ok
23:56:01.0929 0x15ec lltdsvc - ok
23:56:01.0929 0x15ec lmhosts - ok
23:56:01.0929 0x15ec LSI_SAS - ok
23:56:01.0929 0x15ec LSI_SAS2i - ok
23:56:01.0944 0x15ec LSI_SAS3i - ok
23:56:01.0944 0x15ec LSI_SSS - ok
23:56:01.0944 0x15ec LSM - ok
23:56:01.0944 0x15ec luafv - ok
23:56:01.0944 0x15ec LxpSvc - ok
23:56:01.0944 0x15ec MapsBroker - ok
23:56:01.0944 0x15ec mausbhost - ok
23:56:01.0960 0x15ec mausbip - ok
23:56:01.0960 0x15ec megasas - ok
23:56:01.0960 0x15ec megasas2i - ok
23:56:01.0960 0x15ec megasas35i - ok
23:56:01.0960 0x15ec megasr - ok
23:56:01.0960 0x15ec [ F1E754DEEB3369BCCE2228D5C10DE101, ECC894FCF4C3F2364883BA55242C432E9E416D93E71B67985DF24ECB39F9BAC4 ] MEIx64 C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
23:56:01.0976 0x15ec MEIx64 - ok
23:56:01.0976 0x15ec MessagingService - ok
23:56:01.0976 0x15ec mlx4_bus - ok
23:56:01.0976 0x15ec MMCSS - ok
23:56:01.0976 0x15ec Modem - ok
23:56:01.0976 0x15ec monitor - ok
23:56:01.0976 0x15ec mouclass - ok
23:56:01.0991 0x15ec mouhid - ok
23:56:01.0991 0x15ec mountmgr - ok
23:56:01.0991 0x15ec [ 1D8121F646343BD58B25ACBD0E5E9A8A, 5189E054F64159931B11699AAB3B0F9C21170253BED8B9271B74FDB452FBD263 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:56:01.0991 0x15ec MozillaMaintenance - ok
23:56:01.0991 0x15ec mpsdrv - ok
23:56:01.0991 0x15ec mpssvc - ok
23:56:02.0007 0x15ec MRxDAV - ok
23:56:02.0007 0x15ec mrxsmb - ok
23:56:02.0007 0x15ec mrxsmb10 - ok
23:56:02.0007 0x15ec mrxsmb20 - ok
23:56:02.0007 0x15ec MsBridge - ok
23:56:02.0007 0x15ec MSDTC - ok
23:56:02.0007 0x15ec Msfs - ok
23:56:02.0023 0x15ec msgpiowin32 - ok
23:56:02.0023 0x15ec mshidkmdf - ok
23:56:02.0023 0x15ec mshidumdf - ok
23:56:02.0023 0x15ec msisadrv - ok
23:56:02.0023 0x15ec MSiSCSI - ok
23:56:02.0023 0x15ec msiserver - ok
23:56:02.0023 0x15ec MSKSSRV - ok
23:56:02.0038 0x15ec MsLldp - ok
23:56:02.0038 0x15ec MSPCLOCK - ok
23:56:02.0038 0x15ec MSPQM - ok
23:56:02.0038 0x15ec MsRPC - ok
23:56:02.0038 0x15ec MsSecFlt - ok
23:56:02.0038 0x15ec mssmbios - ok
23:56:02.0038 0x15ec MSTEE - ok
23:56:02.0054 0x15ec MTConfig - ok
23:56:02.0054 0x15ec Mup - ok
23:56:02.0054 0x15ec mvumis - ok
23:56:02.0101 0x15ec [ AEC09F6E0C0F9395F7031C73714E27DD, D29996BCEC2758E0308C2504319FAA3058595CE470C172570C8D5B0A7BCA438C ] MZ0380.X64 C:\WINDOWS\system32\DRIVERS\eMZ0380.X64.SYS
23:56:02.0148 0x15ec MZ0380.X64 - ok
23:56:02.0163 0x15ec NativeWifiP - ok
23:56:02.0163 0x15ec NaturalAuthentication - ok
23:56:02.0163 0x15ec NcaSvc - ok
23:56:02.0179 0x15ec NcbService - ok
23:56:02.0179 0x15ec NcdAutoSetup - ok
23:56:02.0179 0x15ec ndfltr - ok
23:56:02.0179 0x15ec NDIS - ok
23:56:02.0179 0x15ec NdisCap - ok
23:56:02.0179 0x15ec NdisImPlatform - ok
23:56:02.0194 0x15ec NdisTapi - ok
23:56:02.0194 0x15ec Ndisuio - ok
23:56:02.0194 0x15ec NdisVirtualBus - ok
23:56:02.0194 0x15ec NdisWan - ok
23:56:02.0194 0x15ec ndiswanlegacy - ok
23:56:02.0194 0x15ec ndproxy - ok
23:56:02.0210 0x15ec Ndu - ok
23:56:02.0210 0x15ec NetAdapterCx - ok
23:56:02.0210 0x15ec NetBIOS - ok
23:56:02.0210 0x15ec NetBT - ok
23:56:02.0226 0x15ec Netlogon - ok
23:56:02.0226 0x15ec Netman - ok
23:56:02.0226 0x15ec netprofm - ok
23:56:02.0226 0x15ec NetSetupSvc - ok
23:56:02.0241 0x15ec NetTcpPortSharing - ok
23:56:02.0241 0x15ec netvsc - ok
23:56:02.0241 0x15ec NgcCtnrSvc - ok
23:56:02.0241 0x15ec NgcSvc - ok
23:56:02.0241 0x15ec NlaSvc - ok
23:56:02.0241 0x15ec Npfs - ok
23:56:02.0241 0x15ec npsvctrig - ok
23:56:02.0257 0x15ec nsi - ok
23:56:02.0257 0x15ec nsiproxy - ok
23:56:02.0257 0x15ec Ntfs - ok
23:56:02.0257 0x15ec Null - ok
23:56:02.0257 0x15ec nvdimm - ok
23:56:02.0273 0x15ec [ BF58D8D2DA50AF7A8E55567B7C73661A, 8E6436235E8EBCD20E121BBE8136563B918C127A509192C355F0FCDC6A993ABB ] NVHDA C:\WINDOWS\system32\drivers\nvhda64v.sys
23:56:02.0273 0x15ec NVHDA - ok
23:56:02.0523 0x15ec [ 66ED27A828302B0E1FFF74DBB912A9DF, 0D92BCEC1A989245A2A1D4738DC141ACABF8A8E0461565246A3AF8C12FA606DE ] nvlddmkm C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_2e7fa54192fe16d0\nvlddmkm.sys
23:56:02.0694 0x15ec nvlddmkm - ok
23:56:02.0726 0x15ec nvraid - ok
23:56:02.0726 0x15ec nvstor - ok
23:56:02.0741 0x15ec [ 9DBC464AB85AA48C9760C6C2E591E2D3, C9D718F8BE838E13F7488F1E8DAA79809340235A5BA5BF206C1C3DBF0A5DDB48 ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll
23:56:02.0741 0x15ec OneSyncSvc - ok
23:56:02.0741 0x15ec p2pimsvc - ok
23:56:02.0741 0x15ec p2psvc - ok
23:56:02.0757 0x15ec Parport - ok
23:56:02.0757 0x15ec partmgr - ok
23:56:02.0757 0x15ec PcaSvc - ok
23:56:02.0757 0x15ec pci - ok
23:56:02.0757 0x15ec pciide - ok
23:56:02.0757 0x15ec pcmcia - ok
23:56:02.0757 0x15ec pcw - ok
23:56:02.0773 0x15ec pdc - ok
23:56:02.0773 0x15ec PEAUTH - ok
23:56:02.0773 0x15ec PeerDistSvc - ok
23:56:02.0773 0x15ec percsas2i - ok
23:56:02.0773 0x15ec percsas3i - ok
23:56:02.0788 0x15ec PerfHost - ok
23:56:02.0788 0x15ec PhoneSvc - ok
23:56:02.0788 0x15ec PimIndexMaintenanceSvc - ok
23:56:02.0804 0x15ec pla - ok
23:56:02.0804 0x15ec PlugPlay - ok
23:56:02.0804 0x15ec pmem - ok
23:56:02.0804 0x15ec PNPMEM - ok
23:56:02.0804 0x15ec PNRPAutoReg - ok
23:56:02.0804 0x15ec PNRPsvc - ok
23:56:02.0804 0x15ec PolicyAgent - ok
23:56:02.0819 0x15ec Power - ok
23:56:02.0819 0x15ec PptpMiniport - ok
23:56:02.0866 0x15ec [ AD62FCEC1CB8ECD7C0E3DFD2FA79FDE4, 6372FC5E78A2DDB8AE6EB73BEB5C0D4056FB6BE9F231A36BAC37AE970F5EB247 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
23:56:02.0898 0x15ec PrintNotify - ok
23:56:02.0913 0x15ec PrintWorkflowUserSvc - ok
23:56:02.0929 0x15ec Processor - ok
23:56:02.0929 0x15ec ProfSvc - ok
23:56:02.0929 0x15ec Psched - ok
23:56:02.0929 0x15ec [ 802AAE76DB52903F86F6F9303D5AB40A, 7500D5F35CB5765A2BA5556E05E0E55334A0083E3BDF21C5F6B30C4E252ACEF9 ] PTSimBus C:\WINDOWS\System32\Drivers\PTSimBus.sys
23:56:02.0944 0x15ec PTSimBus - ok
23:56:02.0944 0x15ec [ 0E209CB85A61F62A2E19AEE44F94ADD0, 603467BB2A98265619FAC96AD3DCE12184B453A33E10C384ADDC61712BC693DA ] PTSimHid C:\WINDOWS\System32\Drivers\PTSimHid.sys
23:56:02.0944 0x15ec PTSimHid - ok
23:56:02.0944 0x15ec PushToInstall - ok
23:56:02.0944 0x15ec QWAVE - ok
23:56:02.0960 0x15ec QWAVEdrv - ok
23:56:02.0960 0x15ec Ramdisk - ok
23:56:02.0960 0x15ec RasAcd - ok
23:56:02.0976 0x15ec RasAgileVpn - ok
23:56:02.0976 0x15ec RasAuto - ok
23:56:02.0976 0x15ec Rasl2tp - ok
23:56:02.0991 0x15ec RasMan - ok
23:56:02.0991 0x15ec RasPppoe - ok
23:56:02.0991 0x15ec RasSstp - ok
23:56:02.0991 0x15ec rdbss - ok
23:56:02.0991 0x15ec rdpbus - ok
23:56:03.0007 0x15ec RDPDR - ok
23:56:03.0007 0x15ec RdpVideoMiniport - ok
23:56:03.0007 0x15ec rdyboost - ok
23:56:03.0007 0x15ec ReFS - ok
23:56:03.0007 0x15ec ReFSv1 - ok
23:56:03.0007 0x15ec RemoteAccess - ok
23:56:03.0023 0x15ec RemoteRegistry - ok
23:56:03.0023 0x15ec RetailDemo - ok
23:56:03.0023 0x15ec rhproxy - ok
23:56:03.0023 0x15ec RmSvc - ok
23:56:03.0023 0x15ec RpcEptMapper - ok
23:56:03.0038 0x15ec RpcLocator - ok
23:56:03.0038 0x15ec RpcSs - ok
23:56:03.0038 0x15ec rspndr - ok
23:56:03.0038 0x15ec [ FD0D651EFBDAAB24962805D44E8E345C, B160487781A65A767C543B70D0BC1D62C9D1F208CC80242B2B3E69500152C49F ] RTSUER C:\WINDOWS\system32\Drivers\RtsUer.sys
23:56:03.0054 0x15ec RTSUER - ok
23:56:03.0054 0x15ec s3cap - ok
23:56:03.0054 0x15ec SamSs - ok
23:56:03.0054 0x15ec sbp2port - ok
23:56:03.0054 0x15ec SCardSvr - ok
23:56:03.0054 0x15ec ScDeviceEnum - ok
23:56:03.0054 0x15ec scfilter - ok
23:56:03.0069 0x15ec Schedule - ok
23:56:03.0069 0x15ec scmbus - ok
23:56:03.0069 0x15ec SCPolicySvc - ok
23:56:03.0069 0x15ec sdbus - ok
23:56:03.0085 0x15ec SDFRd - ok
23:56:03.0085 0x15ec SDRSVC - ok
23:56:03.0085 0x15ec sdstor - ok
23:56:03.0085 0x15ec seclogon - ok
23:56:03.0085 0x15ec SecurityHealthService - ok
23:56:03.0101 0x15ec SEMgrSvc - ok
23:56:03.0101 0x15ec SENS - ok
23:56:03.0101 0x15ec Sense - ok
23:56:03.0101 0x15ec SensorDataService - ok
23:56:03.0101 0x15ec SensorService - ok
23:56:03.0101 0x15ec SensrSvc - ok
23:56:03.0116 0x15ec SerCx - ok
23:56:03.0116 0x15ec SerCx2 - ok
23:56:03.0116 0x15ec Serenum - ok
23:56:03.0132 0x15ec Serial - ok
23:56:03.0132 0x15ec sermouse - ok
23:56:03.0132 0x15ec SessionEnv - ok
23:56:03.0132 0x15ec sfloppy - ok
23:56:03.0132 0x15ec SgrmAgent - ok
23:56:03.0148 0x15ec SgrmBroker - ok
23:56:03.0148 0x15ec SharedAccess - ok
23:56:03.0148 0x15ec SharedRealitySvc - ok
23:56:03.0148 0x15ec ShellHWDetection - ok
23:56:03.0148 0x15ec shpamsvc - ok
23:56:03.0148 0x15ec SiSRaid2 - ok
23:56:03.0148 0x15ec SiSRaid4 - ok
23:56:03.0163 0x15ec smbdirect - ok
23:56:03.0163 0x15ec smphost - ok
23:56:03.0163 0x15ec SmsRouter - ok
23:56:03.0163 0x15ec SNMPTRAP - ok
23:56:03.0163 0x15ec spaceport - ok
23:56:03.0163 0x15ec SpbCx - ok
23:56:03.0179 0x15ec spectrum - ok
23:56:03.0179 0x15ec Spooler - ok
23:56:03.0179 0x15ec sppsvc - ok
23:56:03.0179 0x15ec srv2 - ok
23:56:03.0179 0x15ec srvnet - ok
23:56:03.0179 0x15ec SSDPSRV - ok
23:56:03.0194 0x15ec [ 5EE518DFADC18573E681BB78833E93FA, E98CCD3E2ADA265D6E3CF48CDBFE5C3067E0546F179F23B77C267F65CEB978EE ] ssh-agent C:\WINDOWS\System32\OpenSSH\ssh-agent.exe
23:56:03.0194 0x15ec ssh-agent - ok
23:56:03.0194 0x15ec SstpSvc - ok
23:56:03.0210 0x15ec StateRepository - ok
23:56:03.0226 0x15ec [ 83A8BFB7924EEF962D79E5573994A56F, F97C9511247FCDC6D84A81D94656BD82413781692A82D3A5DBCBAF811A839B96 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
23:56:03.0241 0x15ec Steam Client Service - ok
23:56:03.0257 0x15ec stexstor - ok
23:56:03.0257 0x15ec [ 306FF12041780273C371794F4CBCB055, B4D04C25D5059D6BB3F14DB7649378625DFFA03C26F2A7C061E9A439BE011F30 ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
23:56:03.0257 0x15ec StillCam - ok
23:56:03.0257 0x15ec stisvc - ok
23:56:03.0273 0x15ec storahci - ok
23:56:03.0273 0x15ec storflt - ok
23:56:03.0273 0x15ec stornvme - ok
23:56:03.0288 0x15ec storqosflt - ok
23:56:03.0288 0x15ec StorSvc - ok
23:56:03.0288 0x15ec storufs - ok
23:56:03.0288 0x15ec storvsc - ok
23:56:03.0288 0x15ec svsvc - ok
23:56:03.0304 0x15ec swenum - ok
23:56:03.0304 0x15ec swprv - ok
23:56:03.0304 0x15ec Synth3dVsc - ok
23:56:03.0304 0x15ec SysMain - ok
23:56:03.0304 0x15ec SystemEventsBroker - ok
23:56:03.0319 0x15ec Tablet2k - ok
23:56:03.0319 0x15ec TabletInputService - ok
23:56:03.0319 0x15ec TapiSrv - ok
23:56:03.0319 0x15ec [ 92EEAC0AE44A25D7BE3379E1723E7A0D, 686339E7816AAFFBB355D2BAEC1371527C9A4ED3809F703A101167D3F314E3E5 ] TClass2k C:\WINDOWS\System32\Drivers\TClass2k.sys
23:56:03.0319 0x15ec TClass2k - ok
23:56:03.0319 0x15ec Tcpip - ok
23:56:03.0319 0x15ec Tcpip6 - ok
23:56:03.0319 0x15ec tcpipreg - ok
23:56:03.0335 0x15ec tdx - ok
23:56:03.0335 0x15ec terminpt - ok
23:56:03.0335 0x15ec TermService - ok
23:56:03.0335 0x15ec Themes - ok
23:56:03.0335 0x15ec TieringEngineService - ok
23:56:03.0351 0x15ec TimeBrokerSvc - ok
23:56:03.0351 0x15ec TokenBroker - ok
23:56:03.0351 0x15ec TPM - ok
23:56:03.0351 0x15ec TrkWks - ok
23:56:03.0351 0x15ec TrustedInstaller - ok
23:56:03.0351 0x15ec TsUsbFlt - ok
23:56:03.0366 0x15ec TsUsbGD - ok
23:56:03.0366 0x15ec tsusbhub - ok
23:56:03.0366 0x15ec tunnel - ok
23:56:03.0366 0x15ec tzautoupdate - ok
23:56:03.0366 0x15ec UASPStor - ok
23:56:03.0366 0x15ec UcmCx0101 - ok
23:56:03.0382 0x15ec UcmTcpciCx0101 - ok
23:56:03.0382 0x15ec UcmUcsi - ok
23:56:03.0382 0x15ec [ DE705E1F460DAA4BC40FD4A4937D5BB5, 9A234BB7EE0B9B4DCF34D1BE287DD598D589C90545814131CDDB154FD11D0FED ] UCTblHid C:\WINDOWS\System32\Drivers\UCTblHid.sys
23:56:03.0382 0x15ec UCTblHid - ok
23:56:03.0382 0x15ec Ucx01000 - ok
23:56:03.0382 0x15ec UdeCx - ok
23:56:03.0382 0x15ec udfs - ok
23:56:03.0398 0x15ec UEFI - ok
23:56:03.0398 0x15ec UevAgentDriver - ok
23:56:03.0398 0x15ec UevAgentService - ok
23:56:03.0413 0x15ec Ufx01000 - ok
23:56:03.0413 0x15ec UfxChipidea - ok
23:56:03.0413 0x15ec ufxsynopsys - ok
23:56:03.0413 0x15ec umbus - ok
23:56:03.0413 0x15ec UmPass - ok
23:56:03.0413 0x15ec UmRdpService - ok
23:56:03.0413 0x15ec UnistoreSvc - ok
23:56:03.0429 0x15ec upnphost - ok
23:56:03.0429 0x15ec UrsChipidea - ok
23:56:03.0429 0x15ec UrsCx01000 - ok
23:56:03.0429 0x15ec UrsSynopsys - ok
23:56:03.0429 0x15ec usbccgp - ok
23:56:03.0444 0x15ec usbcir - ok
23:56:03.0444 0x15ec usbehci - ok
23:56:03.0444 0x15ec usbhub - ok
23:56:03.0444 0x15ec USBHUB3 - ok
23:56:03.0444 0x15ec usbohci - ok
23:56:03.0444 0x15ec usbprint - ok
23:56:03.0460 0x15ec usbser - ok
23:56:03.0460 0x15ec USBSTOR - ok
23:56:03.0460 0x15ec usbuhci - ok
23:56:03.0460 0x15ec USBXHCI - ok
23:56:03.0460 0x15ec UserDataSvc - ok
23:56:03.0460 0x15ec UserManager - ok
23:56:03.0460 0x15ec UsoSvc - ok
23:56:03.0476 0x15ec VacSvc - ok
23:56:03.0476 0x15ec VaultSvc - ok
23:56:03.0476 0x15ec vdrvroot - ok
23:56:03.0476 0x15ec vds - ok
23:56:03.0476 0x15ec VerifierExt - ok
23:56:03.0476 0x15ec vhdmp - ok
23:56:03.0476 0x15ec vhf - ok
23:56:03.0491 0x15ec vmbus - ok
23:56:03.0491 0x15ec VMBusHID - ok
23:56:03.0491 0x15ec vmgid - ok
23:56:03.0491 0x15ec vmicguestinterface - ok
23:56:03.0491 0x15ec vmicheartbeat - ok
23:56:03.0491 0x15ec vmickvpexchange - ok
23:56:03.0507 0x15ec vmicrdv - ok
23:56:03.0507 0x15ec vmicshutdown - ok
23:56:03.0507 0x15ec vmictimesync - ok
23:56:03.0507 0x15ec vmicvmsession - ok
23:56:03.0507 0x15ec vmicvss - ok
23:56:03.0507 0x15ec volmgr - ok
23:56:03.0507 0x15ec volmgrx - ok
23:56:03.0523 0x15ec volsnap - ok
23:56:03.0523 0x15ec volume - ok
23:56:03.0523 0x15ec vpci - ok
23:56:03.0523 0x15ec vsmraid - ok
23:56:03.0523 0x15ec VSS - ok
23:56:03.0523 0x15ec VSTXRAID - ok
23:56:03.0523 0x15ec vwifibus - ok
23:56:03.0538 0x15ec vwififlt - ok
23:56:03.0538 0x15ec W32Time - ok
23:56:03.0538 0x15ec WaaSMedicSvc - ok
23:56:03.0538 0x15ec WacomPen - ok
23:56:03.0538 0x15ec WalletService - ok
23:56:03.0538 0x15ec wanarp - ok
23:56:03.0538 0x15ec wanarpv6 - ok
23:56:03.0554 0x15ec WarpJITSvc - ok
23:56:03.0554 0x15ec wbengine - ok
23:56:03.0554 0x15ec WbioSrvc - ok
23:56:03.0554 0x15ec wcifs - ok
23:56:03.0554 0x15ec Wcmsvc - ok
23:56:03.0554 0x15ec wcncsvc - ok
23:56:03.0554 0x15ec wcnfs - ok
23:56:03.0569 0x15ec [ 45545A0E3ECDC23C4E2C104674885F51, DC6042F4A10AA564461623440A6F5A63931D28643131047CF23E4CE1A9461893 ] WdBoot C:\WINDOWS\system32\drivers\wd\WdBoot.sys
23:56:03.0569 0x15ec WdBoot - ok
23:56:03.0569 0x15ec Wdf01000 - ok
23:56:03.0569 0x15ec [ 9A3299DA5B85B13C38C3DAB8F80B608D, E39361AEB53A5E6C5C21A3E708088870B7080EA0CC822E8518DCB579A729FDAA ] WdFilter C:\WINDOWS\system32\drivers\wd\WdFilter.sys
23:56:03.0569 0x15ec WdFilter - ok
23:56:03.0585 0x15ec WdiServiceHost - ok
23:56:03.0585 0x15ec WdiSystemHost - ok
23:56:03.0585 0x15ec wdiwifi - ok
23:56:03.0601 0x15ec WdmCompanionFilter - ok
23:56:03.0601 0x15ec [ BB1DD5254A7BBFE88F85B7EDCA3BE92A, 7B5721AAF9B8D96A2E73C50F873ACD95C0ED8F6915A16D258BDE199CC6FC9851 ] WdNisDrv C:\WINDOWS\system32\drivers\wd\WdNisDrv.sys
23:56:03.0601 0x15ec WdNisDrv - ok
23:56:03.0663 0x15ec [ 3769FB7454F9BFD2860D6E1CA0D3DD24, 2E0E9650F1BE1F20D106EC38ACA36B35658F161E1901E412E5AE535F72F5B5DB ] WdNisSvc C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\NisSrv.exe
23:56:03.0710 0x15ec WdNisSvc - ok
23:56:03.0726 0x15ec WebClient - ok
23:56:03.0726 0x15ec Wecsvc - ok
23:56:03.0741 0x15ec WEPHOSTSVC - ok
23:56:03.0741 0x15ec wercplsupport - ok
23:56:03.0741 0x15ec WerSvc - ok
23:56:03.0757 0x15ec WFDSConMgrSvc - ok
23:56:03.0757 0x15ec WFPLWFS - ok
23:56:03.0757 0x15ec WiaRpc - ok
23:56:03.0773 0x15ec WIMMount - ok
23:56:03.0773 0x15ec [ B9AD53D60DA72C194F0AA2C89136FA35, DE0DC4F2E623A2F3AB5F57010765954A77E52D995AF74F6D8A52841C941C041B ] WinDefend C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MsMpEng.exe
23:56:03.0773 0x15ec WinDefend - ok
23:56:03.0773 0x15ec WindowsTrustedRT - ok
23:56:03.0773 0x15ec WindowsTrustedRTProxy - ok
23:56:03.0788 0x15ec WinHttpAutoProxySvc - ok
23:56:03.0788 0x15ec WinMad - ok
23:56:03.0788 0x15ec Winmgmt - ok
23:56:03.0788 0x15ec WinNat - ok
23:56:03.0788 0x15ec WinRM - ok
23:56:03.0804 0x15ec WINUSB - ok
23:56:03.0804 0x15ec WinVerbs - ok
23:56:03.0804 0x15ec wisvc - ok
23:56:03.0819 0x15ec WlanSvc - ok
23:56:03.0819 0x15ec wlidsvc - ok
23:56:03.0819 0x15ec wlpasvc - ok
23:56:03.0835 0x15ec WmiAcpi - ok
23:56:03.0835 0x15ec wmiApSrv - ok
23:56:03.0835 0x15ec WMPNetworkSvc - ok
23:56:03.0835 0x15ec [ E122AD60BF4D7E4B28CCBABF33B28C1F, 1ABABE62FCC1B1A837540EE66F3EB0CE062962F05247002D61CFDE6ABB8E7E87 ] Wof C:\WINDOWS\system32\drivers\Wof.sys
23:56:03.0835 0x15ec Wof - ok
23:56:03.0851 0x15ec workfolderssvc - ok
23:56:03.0851 0x15ec WpcMonSvc - ok
23:56:03.0851 0x15ec WPDBusEnum - ok
23:56:03.0851 0x15ec WpdUpFltr - ok
23:56:03.0851 0x15ec WpnService - ok
23:56:03.0866 0x15ec WpnUserService - ok
23:56:03.0866 0x15ec ws2ifsl - ok
23:56:03.0866 0x15ec wscsvc - ok
23:56:03.0866 0x15ec WSDPrintDevice - ok
23:56:03.0866 0x15ec WSearch - ok
23:56:03.0866 0x15ec wuauserv - ok
23:56:03.0882 0x15ec WudfPf - ok
23:56:03.0882 0x15ec WUDFRd - ok
23:56:03.0882 0x15ec WUDFWpdFs - ok
23:56:03.0882 0x15ec WwanSvc - ok
23:56:03.0882 0x15ec xbgm - ok
23:56:03.0882 0x15ec XblAuthManager - ok
23:56:03.0898 0x15ec XblGameSave - ok
23:56:03.0898 0x15ec xboxgip - ok
23:56:03.0898 0x15ec XboxGipSvc - ok
23:56:03.0898 0x15ec XboxNetApiSvc - ok
23:56:03.0898 0x15ec xinputhid - ok
23:56:03.0898 0x15ec ================ Scan global ===============================
23:56:03.0913 0x15ec [ Global ] - ok
23:56:03.0913 0x15ec ================ Scan MBR ==================================
23:56:03.0913 0x15ec [ F2634EFAB9E22A7870007C2453CEFE38 ] \Device\Harddisk0\DR0
23:56:04.0101 0x15ec \Device\Harddisk0\DR0 - ok
23:56:04.0132 0x15ec [ F2634EFAB9E22A7870007C2453CEFE38 ] \Device\Harddisk1\DR1
23:56:04.0335 0x15ec \Device\Harddisk1\DR1 - ok
23:56:04.0335 0x15ec [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
23:56:04.0335 0x15ec \Device\Harddisk2\DR2 - ok
23:56:04.0335 0x15ec [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk3\DR3
23:56:04.0382 0x15ec \Device\Harddisk3\DR3 - ok
23:56:04.0382 0x15ec [ 8CB37AFC263A219EBB7586F9C495114E ] \Device\Harddisk4\DR4
23:56:04.0398 0x15ec \Device\Harddisk4\DR4 - ok
23:56:04.0398 0x15ec ================ Scan VBR ==================================
23:56:04.0398 0x15ec [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition1
23:56:04.0398 0x15ec \Device\Harddisk0\DR0\Partition1 - ok
23:56:04.0398 0x15ec [ 60AC55AE00EE4BAB54E2848F280CA88E ] \Device\Harddisk0\DR0\Partition2
23:56:04.0398 0x15ec \Device\Harddisk0\DR0\Partition2 - ok
23:56:04.0398 0x15ec [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition1
23:56:04.0398 0x15ec \Device\Harddisk1\DR1\Partition1 - ok
23:56:04.0398 0x15ec [ 9125E9779E25C79338BC6456B41BC0F4 ] \Device\Harddisk1\DR1\Partition2
23:56:04.0398 0x15ec \Device\Harddisk1\DR1\Partition2 - ok
23:56:04.0398 0x15ec [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk2\DR2\Partition1
23:56:04.0398 0x15ec \Device\Harddisk2\DR2\Partition1 - ok
23:56:04.0398 0x15ec [ 36EDB11594246011E677BC8F4693C489 ] \Device\Harddisk2\DR2\Partition2
23:56:04.0413 0x15ec \Device\Harddisk2\DR2\Partition2 - ok
23:56:04.0413 0x15ec [ 64341555A9F5081BEC878B766955E0B0 ] \Device\Harddisk3\DR3\Partition1
23:56:04.0413 0x15ec \Device\Harddisk3\DR3\Partition1 - ok
23:56:04.0413 0x15ec [ 498F2B3018465A8D626C8EAF27FB7771 ] \Device\Harddisk3\DR3\Partition2
23:56:04.0413 0x15ec \Device\Harddisk3\DR3\Partition2 - ok
23:56:04.0413 0x15ec [ 0ADD56AC9872543B111347357FAC6EA4 ] \Device\Harddisk4\DR4\Partition1
23:56:04.0413 0x15ec \Device\Harddisk4\DR4\Partition1 - ok
23:56:04.0413 0x15ec ================ Scan generic autorun ======================
23:56:04.0413 0x15ec SecurityHealth - ok
23:56:04.0413 0x15ec [ F3C8882DC5151B81CB444E7E93320A61, 2B77BFB12E57CC1A2CFAF511BF3C3B62ACFA2820910B968EA7EEACC15396638C ] C:\Program Files\Classic Shell\ClassicStartMenu.exe
23:56:04.0413 0x15ec Classic Start Menu - ok
23:56:04.0444 0x15ec [ 07E19783A17B902628656AA03449D1FA, 4B588074F858D9DA8D0329A8FE3B038F14691ADCF540C93DDDA99F73DF407B9B ] C:\Program Files\Elgato\SoundCapture\SoundCapture.exe
23:56:04.0460 0x15ec Elgato Sound Capture - ok
23:56:04.0460 0x15ec OneDriveSetup - ok
23:56:04.0460 0x15ec WAB Migrate - ok
23:56:04.0476 0x15ec OneDriveSetup - ok
23:56:04.0476 0x15ec WAB Migrate - ok
23:56:04.0476 0x15ec Gaijin.Net Agent - ok
23:56:04.0476 0x15ec AV detected via SS2: Windows Defender, windowsdefender:// ( ), 0x60100 ( disabled : updated )
23:56:04.0476 0x15ec Win FW state via NFP2: enabled ( trusted )
23:56:04.0585 0x15ec ============================================================
23:56:04.0585 0x15ec Scan finished
23:56:04.0585 0x15ec ============================================================
23:56:04.0585 0x0ab4 Detected object count: 0
23:56:04.0585 0x0ab4 Actual detected object count: 0
jetzt nochmals eine FRST mit Addition ? |
|
28.05.2018, 23:07
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10: Teleom sagt ... ZBot ich sage k.A. nein, dieser Rechner wird wohl nicht befallen sein.
__________________
__________________ |
|
28.05.2018, 23:12
| #19 |
| | Windows 10: Teleom sagt ... ZBot ich sage k.A. ok, also keinGrund zur Sorge. es ist halt immer mit vorsicht zu genießen. welches AV würdest du mir dann empfehlen.. es gibt ja dann noch mein Notebook, wo sich auch AVG befindet. Da gab es auch solche anzeichen nicht. |
|
28.05.2018, 23:31
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10: Teleom sagt ... ZBot ich sage k.A. 1. AVG wird hier schon ewig von abgeraten 2. von was bitte für Anzeichen redest du da 3. für einen neuen Rechner soll ein neuer Strang aufgemacht werden (das wurde bereits am Anfang ausführlich erklärt)
__________________ Logfiles bitte immer in CODE-Tags posten |
|
28.05.2018, 23:34
| #21 |
| | Windows 10: Teleom sagt ... ZBot ich sage k.A. anzeichen = auf den Notebook hat AVG nichts gefunden. könntest du mir nochein Anti virus programm empfehlen. nichtdas ich mir da nichts eintrete? |
|
29.05.2018, 08:08
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10: Teleom sagt ... ZBot ich sage k.A. Dann wären wir durch!  Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...  und/oder das Forum mit einer kleinen Spende  unterstützen.  Abschließend müssen wir noch ein paar Schritte unternehmen, um dein System aufzuräumen (cleanup mit DelFix) und abzusichern; ich poste dir dazu mal meine Lesestoffe. Wichtiger als irgendein AV ist ein vernünftiger Umgang, also gewisse Verhaltensregeln am Gerät mit Internetzugang, und ein paar grundsätzliche Absicherungen. Deswegen kommen die zuerst. Gliederung:
Lesestoff:Cleanup Alle Logs gepostet? Dann lade Dir bitte das TBCleanUpTool herunter.
Das TBCleanUpTool entfernt die verwendeten Programme, die Quarantäne unserer Scanner und löscht sich abschließend selbst. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, die du nicht mehr verwenden möchtest, kannst du diese über die Systemsteuerung deinstallieren. Lesestoff:Grundsätzliches Lesestoff:Google Chrome Von der Verwendung dieses Browsers muss man aus Datenschutzgründen dringend abraten. Siehe auch Google: Chrome-Browser scannt lokale Dateien auf Windows-PCs Installiere Mozilla Firefox, damit lassen sich auch Profildaten aus Chrome importieren, anschließend Google Chrome deinstallieren, falls es noch installiert ist. Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups deiner wichtigen Dateien oder des Systems (genaueres dazu im Lesestoff zu Backups) Finger weg von Registry-Cleanern, Optimizern usw!!! - die Performancesteigerung ist umstritten bis ganz klar nicht belegbar, dafür hast du ein großes Risiko dein System zu zerstören v.a. bei Registry-Operationen. Das Beste ist, die windowseigene Datenträgerbereinigung zu verwenden - und die Registry in Ruhe zu lassen! Softwareinstallationen und Aktualisierungen Für Windows gibt es seit einiger Zeit einen brauchbaren Paketmanager, der mit einfachen Befehlen es erlaubt, automatisiert Software herunterzuladen und zu installieren. Das erspart eine Menge Arbeit, denn ohne einen Paketmanager muss man jedes Programm selbst prüfen und separat manuell updaten, vorher manuell noch runterladen etc. pp. - siehe auch --> http://www.trojaner-board.de/186035-...r-windows.html Ich empfehle daher, alle Programme, sofern verfügbar, über chocolatey zu installieren. Falls du schon mit Linux zu tun hattest, wird dir die Syntax sehr vertraut sein. Die FAQs zu choco findest du da --> Chocolatey: Häufig gestellte Fragen (englisch) Für den seltenen Fall, dass du das benötigte Programm NICHT im repository von chocolatey findest: Lade diese Software immer von einem sauberen Portal wie  . Finger weg von chip.de oder softonic!Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner. Lesestoff:Absicherung Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch sicherheitsrelevante Software sollte immer in aktueller Version vorliegen - sofern benötigt, wenn nicht benötigt natürlich sinnigerweise deinstallieren oder Alternativen verwenden (und diese aktuell halten). Das zeitnahe Einspielen von Updates ist erforderlich, damit Sicherheitslücken geschlossen werden; Sicherheitslücken werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Besonders aufpassen bzgl. der Aktualität musst du bei folgender Software:
Empfohlene Firefox-Addons (Erweiterungen):  uBlock Origin ist ein einfacher und zuverlässiger Ad- und Trackerblocker.  HTTPS Everywhere Sorgt dafür, dass der Firefox immer, wenn möglich, verschlüsselte Verbindungen (HTTPS) verwendet statt HTTP. Wahlweise kann man darüber durch Setzen eines Häkchens auch alle unverschlüsselten Verbindungen blockieren, Firefox nutzt dann nur noch HTTPS und lädt nichts mehr über üverschlüsselte Verbindungen.Lesestoff:Virenscanner + Firewall Vorab sei erwähnt, dass man niemals die Schutzwirkung eines Virenscanners überbewerten darf! Die Dinger sind mittlerweile auch unter Windows stark umstritten und können Probleme bereiten, die man so ohne AV einfach nicht haben wird. Zudem werden sie auch niemals jeden Schädling finden können. Aussagen der Anbieter dieser Software entpuppen sich regelmäßig als Marketinggeblubber. Lies dazu => Aus aktuellem Anlass: Antivirus-Schlangenöl | Elias Schwerdtfeger und => http://www.golem.de/news/antivirenso...12-125148.html Verwende also MAXIMAL ein einziges der folgenden AVs mit Echtzeitscanner und stets aktueller Signaturendatenbank; verwende immer nur reine Virenscanner (keine Produkte mit Suite oder Internet Security in Namen, denn diese bringen kontraproduktive Firewalls mit - die Windows-Firewall ist alles was benötigt wird!)
Microsoft Security Essentials (MSE) ist ab Windows 8 fest eingebaut, wenn du also Windows 8, 8.1 oder 10 und dich für MSE entschieden hast, brauchst du nicht extra MSE zu installieren. Bei Windows 7 muss es aber manuell installiert oder über die Windows Updates als optionales Update bezogen werden. Selbstverständlich ist ein legales/aktiviertes Windows Voraussetzung dafür. Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und/oder mit dem ESET Online Scanner scannen. Lesestoff:Backup-/Image-Tools IMHO sind Wiederherstellungspunkte nix weiter als eine Notlösung, wer sich auf was Funktionierendes verlassen will und muss, kommt um echte Backup/Imaging Software nicht herum. Ich nehme unter Windows immer Drive Snapshot - Disk Image Backup for Windows NT/2000/XP/2003/X64 Damit man sinnvolle Backups hat muss man regelmäßig zB wöchentlich ein Image auf eine separate externe Festplatte erstellen. Diese externe Festplatte wird nur dann angeschlossen, wenn man das Backup erstellen will (oder etwas wiederherstellen muss), sonsten bleibt sie aus Sicherheitsgründen sicher im Schrank verwahrt - allein schon aus dem Grund, die Backups vor Krypto-Trojaner zu schützen. Option 1: Drivesnapshot Offizielle TB-Anleitung --> http://www.trojaner-board.de/186299-...esnapshot.html  Drive Snapshot - Disk Image Backup for Windows NT/2000/XP/2003/X64 Download (32-Bit) => http://www.drivesnapshot.de/download/snapshot.exe Download (64-Bit) => http://www.drivesnapshot.de/download/snapshot64.exe Es gibt da auch leicht abgespeckte Versionen von Acronis TrueImage gratis wenn man Platten von Seagate und/oder Western Digital hat. Vllt sagen diese Programme dir mehr zu. Mein Favorit aber ist das kleine o.g. Drivesnapshot. Option 2: Seagate DiscWizard Download => Seagate DiscWizard - Download - Filepony Screenshots: http://filepony.de/screenshot/seagate_discwizard5.jpg http://filepony.de/screenshot/seagate_discwizard4.png http://filepony.de/screenshot/seagate_discwizard3.jpg Option 3: Acronis TrueImage WD Edition Download => Acronis True Image WD Edition - Download - Filepony Screenshots: http://filepony.de/screenshot/acroni...d_edition1.jpg http://filepony.de/screenshot/acroni...d_edition2.jpg
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Windows 10: Teleom sagt ... ZBot ich sage k.A. |
| dateien, ganzes, gelaufen, hilfe, installier, installiert, kleines, konnte, mail, nenne, nicht installiert, prgramm, problem, system, tagen, telekom, uhrzeit, windows, windows 10, woche, würde, zbot, zbot., zeus bot |
Linear-Darstellung
