| |
| |||||||
Log-Analyse und Auswertung: Tastatur schreibt von selber nach "Entf" Taste - Virus ?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
| |
15.05.2016, 21:29
| #1 |
| |  Tastatur schreibt von selber nach "Entf" Taste - Virus ? Hallo zusammen, habe seit einiger Zeit ein Problem mit dem PC / der Tastatur. Wenn ich auf die Entf Taste drücke dann schreibt der PC von selber Hallo "Enter Taste" 3mmmmmmmmmmmmmm.... Es ist eigentlich ein Benutzername + Passwort was er also immer wiedergibt. Hatte bisher Windows 7 64Bit und habe jetzt Windows 10 64Bit komplett frisch auf einer neuen SSD installiert. Zurzeit ist nur KIS 2015, Mozilla und Geforcetreiber installiert! Ich komme nichtmal in den Taskmanager da sich nichts tut mit der normalen Kombination. Die Tastatur ist über USB Verbunden.(es wurden auch schon verschiedene Ports benutzt) Hat sich diese Scheisse schon ins BIOS eingeschlichen? Im abgesichterten Modus ist das ebenfalls vorhanden!!! Habe auch 2 Scans von Farbar Recovery Scann Tool eingefügt: Code:
ATTFilter Gestartet von E:\Programme
Windows 10 Pro Version 1511 (X64) (2016-05-15 20:00:11)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-871847227-993053103-2275549740-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-871847227-993053103-2275549740-503 - Limited - Disabled)
Gast (S-1-5-21-871847227-993053103-2275549740-501 - Limited - Disabled)
Matthias (S-1-5-21-871847227-993053103-2275549740-1001 - Administrator - Enabled) => C:\Users\Matthias
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Internet Security (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky Internet Security (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4331 - Intel Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 46.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 de)) (Version: 46.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1 - Mozilla)
NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 365.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 365.19 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-871847227-993053103-2275549740-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Matthias\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\Windows\SYSTEM32\ism32k.dll
2016-05-15 22:06 - 2016-05-10 01:35 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-10-30 09:17 - 2015-10-30 09:17 - 02652784 _____ () C:\Windows\system32\CoreUIComponents.dll
2015-10-30 09:17 - 2015-10-30 09:17 - 02652784 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-05-15 22:02 - 2016-05-15 22:02 - 00959168 _____ () C:\Users\Matthias\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2015-10-30 09:17 - 2015-10-30 09:17 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-10-30 09:17 - 2015-10-30 09:17 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-10-30 09:18 - 2015-10-30 20:46 - 08005632 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-30 09:18 - 2015-10-30 20:46 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-30 09:18 - 2015-10-30 20:46 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-30 09:18 - 2015-10-30 20:46 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-08 23:18 - 2015-07-08 23:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2016-05-15 22:07 - 2016-05-02 08:02 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-05-15 22:02 - 2016-05-15 22:02 - 00679624 _____ () C:\Users\Matthias\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-10-30 09:24 - 2015-10-30 09:21 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-871847227-993053103-2275549740-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{9015F27C-1DE7-42F6-87D1-6A485355FFBA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{05B1CCB8-24DF-4433-888D-37E1599ED3C8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{083C8E2F-E8F8-4464-8138-46DB8E943488}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2E48AC8E-362E-4EEF-9510-1AA551D396D4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0716D2CF-84CA-4AC8-B4AF-886F7FAB7B47}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{CD1F575B-54E2-4349-A5ED-64B2F865DCB3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{9294638A-A2C7-49E8-A466-413F1A58D740}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{CFA1046C-5590-4403-A451-1DBF2166363C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A5612A70-5594-4AD0-ABF8-64B11ECD1AAA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (05/15/2016 10:18:29 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-ONA3995)
Description: Bei der Aktivierung der App „Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App“ ist folgender Fehler aufgetreten: -2147024770. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (05/15/2016 10:13:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-ONA3995)
Description: Bei der Aktivierung der App „Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App“ ist folgender Fehler aufgetreten: -2147024770. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (05/15/2016 10:12:48 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode:
hr=0x803F7001
Befehlszeilenargumente:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (05/15/2016 10:12:47 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode:
hr=0x803F7001
Befehlszeilenargumente:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
Error: (05/15/2016 10:12:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvStreamNetworkService.exe, Version: 7.1.2071.1338, Zeitstempel: 0x5726e00c
Name des fehlerhaften Moduls: MessageBus.dll, Version: 0.0.0.0, Zeitstempel: 0x5726d98c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000010f73
ID des fehlerhaften Prozesses: 0x97c
Startzeit der fehlerhaften Anwendung: 0xNvStreamNetworkService.exe0
Pfad der fehlerhaften Anwendung: NvStreamNetworkService.exe1
Pfad des fehlerhaften Moduls: NvStreamNetworkService.exe2
Berichtskennung: NvStreamNetworkService.exe3
Vollständiger Name des fehlerhaften Pakets: NvStreamNetworkService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: NvStreamNetworkService.exe5
Error: (05/15/2016 10:07:34 PM) (Source: ESENT) (EventID: 489) (User: )
Description: firefox (6372) Der Versuch, die Datei "C:\Users\Matthias\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\User\Default\DataStore\Data\nouser1\120712-0049\DBStore\spartan.edb" für den Lesezugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.
Error: (05/15/2016 10:07:24 PM) (Source: ESENT) (EventID: 489) (User: )
Description: firefox (6372) Der Versuch, die Datei "C:\Users\Matthias\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\User\Default\DataStore\Data\nouser1\120712-0049\DBStore\spartan.edb" für den Lesezugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.
Error: (05/15/2016 10:00:47 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode:
hr=0x803F7001
Befehlszeilenargumente:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=UserLogon;SessionId=2
Error: (05/15/2016 10:00:19 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode:
hr=0x803F7001
Befehlszeilenargumente:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
Systemfehler:
=============
Error: (05/15/2016 10:12:47 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTNetzwerkdienstS-1-5-20LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (05/15/2016 10:12:20 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-ONA3995)
Description: {0002DF02-0000-0000-C000-000000000046}
Error: (05/15/2016 10:12:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_59054" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/15/2016 10:12:20 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (05/15/2016 10:04:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Intel(R) HD Graphics Control Panel Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (05/15/2016 10:04:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) HD Graphics Control Panel Service erreicht.
Error: (05/15/2016 10:00:36 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (05/15/2016 09:54:15 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "Druckererweiterungen und -benachrichtigungen" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (05/15/2016 09:53:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Netzwerklistendienst" wurde mit folgendem Fehler beendet:
%%21
CodeIntegrity:
===================================
Date: 2016-05-15 21:59:51.988
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-05-15 21:53:25.791
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
Prozentuale Nutzung des RAM: 24%
Installierter physikalischer RAM: 8070.64 MB
Verfügbarer physikalischer RAM: 6096.95 MB
Summe virtueller Speicher: 9990.64 MB
Verfügbarer virtueller Speicher: 7870.77 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:108.4 GB) (Free:89.15 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive e: () (Fixed) (Total:357.36 GB) (Free:357.22 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 2E5B3CF9)
Partition 1: (Active) - (Size=108.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=357.4 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
Code:
ATTFilter Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-05-02] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{fbd9f1d0-af55-400b-bc41-3d0ff879a7ca}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-12-08] (AO Kaspersky Lab)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-12-08] (AO Kaspersky Lab)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-12-08] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-12-08] (AO Kaspersky Lab)
FireFox:
========
FF ProfilePath: C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\wjf9hxcb.default
FF Extension: Adblock Plus - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\wjf9hxcb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-15]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2016-05-15]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-12-08] (Kaspersky Lab ZAO)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-05-02] (NVIDIA Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2015-12-19] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-05-02] (NVIDIA Corporation)
S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-05-02] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-02] (NVIDIA Corporation)
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70512 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [68280 2015-06-06] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [181640 2015-12-08] (AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [227512 2015-12-08] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [934272 2015-12-08] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [39608 2015-06-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [41656 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-12-08] (AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [87944 2015-12-08] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [102584 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [202032 2016-01-19] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-05-02] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek )
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
U4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-05-15 22:53 - 2016-05-15 21:53 - 00000000 ____D C:\Windows\Panther
2016-05-15 22:52 - 2016-05-15 22:52 - 00008192 __RSH C:\BOOTSECT.BAK
2016-05-15 22:18 - 2016-05-15 22:18 - 00000000 ____D C:\FRST
2016-05-15 22:14 - 2016-05-15 22:14 - 00000000 ____D C:\Users\Matthias\AppData\Local\Comms
2016-05-15 22:12 - 2016-05-15 22:12 - 00000000 __SHD C:\Users\Matthias\IntelGraphicsProfiles
2016-05-15 22:12 - 2016-05-15 22:12 - 00000000 ____D C:\ProgramData\NVIDIA
2016-05-15 22:10 - 2016-05-15 22:12 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-05-15 22:10 - 2016-05-15 22:10 - 00002519 _____ C:\Users\Matthias\Desktop\Sicherer Zahlungsverkehr.lnk
2016-05-15 22:10 - 2016-05-15 22:10 - 00002213 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2016-05-15 22:10 - 2016-05-15 22:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2016-05-15 22:10 - 2016-05-15 22:10 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2016-05-15 22:10 - 2015-12-08 21:34 - 00934272 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2016-05-15 22:10 - 2015-12-08 21:34 - 00227512 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2016-05-15 22:10 - 2015-12-08 21:34 - 00181640 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2016-05-15 22:10 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2016-05-15 22:09 - 2016-05-15 22:09 - 163129352 _____ (Kaspersky Lab) C:\Users\Matthias\Downloads\kis16.0.0.614abcdde_9992.exe
2016-05-15 22:08 - 2016-05-15 22:08 - 00000000 ____D C:\Users\Matthias\AppData\Local\NVIDIA Corporation
2016-05-15 22:07 - 2016-05-15 22:18 - 00000000 ____D C:\Users\Matthias\AppData\Local\Mozilla
2016-05-15 22:07 - 2016-05-15 22:08 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\Mozilla
2016-05-15 22:07 - 2016-05-15 22:07 - 00001450 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-05-15 22:07 - 2016-05-15 22:07 - 00001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-05-15 22:07 - 2016-05-15 22:07 - 00001216 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-05-15 22:07 - 2016-05-15 22:07 - 00000000 ____D C:\Users\Matthias\AppData\Local\NVIDIA
2016-05-15 22:07 - 2016-05-15 22:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-05-15 22:07 - 2016-05-15 22:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-15 22:07 - 2016-05-15 22:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-05-15 22:07 - 2016-05-02 07:39 - 01377800 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2016-05-15 22:07 - 2016-05-02 07:39 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2016-05-15 22:07 - 2016-05-02 07:38 - 01767944 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2016-05-15 22:07 - 2016-05-02 07:38 - 01756608 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2016-05-15 22:07 - 2016-05-02 07:38 - 00112032 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2016-05-15 22:07 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2016-05-15 22:07 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2016-05-15 22:07 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2016-05-15 22:07 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2016-05-15 22:07 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2016-05-15 22:07 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2016-05-15 22:06 - 2016-05-15 22:12 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-05-15 22:06 - 2016-05-15 22:07 - 00000000 ____D C:\ProgramData\Package Cache
2016-05-15 22:06 - 2016-05-15 22:07 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-05-15 22:06 - 2016-05-15 22:06 - 00242320 _____ C:\Users\Matthias\Downloads\Firefox Setup Stub 46.0.1.exe
2016-05-15 22:06 - 2016-05-15 22:06 - 00242320 _____ C:\Users\Matthias\Downloads\Firefox Setup Stub 46.0.1 (1).exe
2016-05-15 22:06 - 2016-05-15 22:06 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-05-15 22:06 - 2016-05-13 06:58 - 12643392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-05-15 22:06 - 2016-05-10 20:11 - 00039240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2016-05-15 22:06 - 2016-05-10 06:05 - 42924088 _____ C:\Windows\system32\nvcompiler.dll
2016-05-15 22:06 - 2016-05-10 06:05 - 37567424 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-05-15 22:06 - 2016-05-10 06:05 - 31625272 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-05-15 22:06 - 2016-05-10 06:05 - 25374776 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-05-15 22:06 - 2016-05-10 06:05 - 21380696 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-05-15 22:06 - 2016-05-10 06:05 - 20922648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-05-15 22:06 - 2016-05-10 06:05 - 20078656 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-05-15 22:06 - 2016-05-10 06:05 - 17777016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-05-15 22:06 - 2016-05-10 06:05 - 17370472 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-05-15 22:06 - 2016-05-10 06:05 - 17370400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-05-15 22:06 - 2016-05-10 06:05 - 17332320 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-05-15 22:06 - 2016-05-10 06:05 - 14227696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-05-15 22:06 - 2016-05-10 06:05 - 10566520 _____ C:\Windows\system32\nvptxJitCompiler.dll
2016-05-15 22:06 - 2016-05-10 06:05 - 08673880 _____ C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-05-15 22:06 - 2016-05-10 06:05 - 03685280 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-05-15 22:06 - 2016-05-10 06:05 - 03262968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-05-15 22:06 - 2016-05-10 06:05 - 02614208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-05-15 22:06 - 2016-05-10 06:05 - 02258368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-05-15 22:06 - 2016-05-10 06:05 - 01924152 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436519.dll
2016-05-15 22:06 - 2016-05-10 06:05 - 01573432 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436519.dll
2016-05-15 22:06 - 2016-05-10 06:05 - 00960056 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-05-15 22:06 - 2016-05-10 06:05 - 00887744 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-05-15 22:06 - 2016-05-10 06:05 - 00786688 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll
2016-05-15 22:06 - 2016-05-10 06:05 - 00784640 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFThevc.dll
2016-05-15 22:06 - 2016-05-10 06:05 - 00753208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-05-15 22:06 - 2016-05-10 06:05 - 00695864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-05-15 22:06 - 2016-05-10 06:05 - 00678704 _____ C:\Windows\system32\nvfatbinaryLoader.dll
2016-05-15 22:06 - 2016-05-10 06:05 - 00632152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll
2016-05-15 22:06 - 2016-05-10 06:05 - 00630592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFThevc.dll
2016-05-15 22:06 - 2016-05-10 06:05 - 00601752 _____ C:\Windows\system32\nvmcumd.dll
2016-05-15 22:06 - 2016-05-10 06:05 - 00571912 _____ C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-05-15 22:06 - 2016-05-10 06:05 - 00545632 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-05-15 22:06 - 2016-05-10 06:05 - 00448824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-05-15 22:06 - 2016-05-10 06:05 - 00425016 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-05-15 22:06 - 2016-05-10 06:05 - 00385080 _____ (NVIDIA Corporation) C:\Windows\system32\nvDecMFTMjpeg.dll
2016-05-15 22:06 - 2016-05-10 06:05 - 00379296 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-05-15 22:06 - 2016-05-10 06:05 - 00377792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-05-15 22:06 - 2016-05-10 06:05 - 00346560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvDecMFTMjpeg.dll
2016-05-15 22:06 - 2016-05-10 06:05 - 00317472 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-05-15 22:06 - 2016-05-10 06:05 - 00175368 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-05-15 22:06 - 2016-05-10 06:05 - 00153208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-05-15 22:06 - 2016-05-10 06:05 - 00151184 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-05-15 22:06 - 2016-05-10 06:05 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-05-15 22:06 - 2016-05-10 06:05 - 00000592 _____ C:\Windows\SysWOW64\nv-vk32.json
2016-05-15 22:06 - 2016-05-10 06:05 - 00000592 _____ C:\Windows\system32\nv-vk64.json
2016-05-15 22:06 - 2016-05-10 01:35 - 06369728 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-05-15 22:06 - 2016-05-10 01:35 - 02993088 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-05-15 22:06 - 2016-05-10 01:35 - 02563128 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-05-15 22:06 - 2016-05-10 01:35 - 01201600 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2016-05-15 22:06 - 2016-05-10 01:35 - 00530880 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-05-15 22:06 - 2016-05-10 01:35 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-05-15 22:06 - 2016-05-10 01:35 - 00083512 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-05-15 22:06 - 2016-05-10 01:35 - 00071224 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-05-15 22:06 - 2016-05-07 23:24 - 06423191 _____ C:\Windows\system32\nvcoproc.bin
2016-05-15 22:06 - 2016-05-04 04:23 - 00129824 _____ C:\Windows\SysWOW64\vulkan-1.dll
2016-05-15 22:06 - 2016-05-04 04:22 - 00130848 _____ C:\Windows\system32\vulkan-1.dll
2016-05-15 22:06 - 2016-05-04 04:22 - 00045344 _____ C:\Windows\system32\vulkaninfo.exe
2016-05-15 22:06 - 2016-05-04 04:22 - 00040224 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2016-05-15 22:06 - 2016-04-14 07:38 - 00113216 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2016-05-15 22:06 - 2016-04-14 07:38 - 00102976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-05-15 22:06 - 2016-04-14 07:38 - 00056384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-05-15 22:05 - 2016-05-15 22:07 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-05-15 22:04 - 2016-05-15 22:12 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-05-15 22:04 - 2016-05-15 22:12 - 00000000 ____D C:\Intel
2016-05-15 22:04 - 2016-05-15 22:04 - 00000200 _____ C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-05-15 22:04 - 2016-05-15 22:04 - 00000000 ____D C:\Program Files (x86)\Intel
2016-05-15 22:04 - 2015-12-19 01:08 - 00099848 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL
2016-05-15 22:03 - 2016-05-15 22:07 - 00000000 ____D C:\Windows\LastGood.Tmp
2016-05-15 22:03 - 2016-05-15 22:06 - 363226232 _____ (NVIDIA Corporation) C:\Users\Matthias\Downloads\365.19-desktop-win10-64bit-international-whql.exe
2016-05-15 22:03 - 2016-05-15 22:03 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\Macromedia
2016-05-15 22:03 - 2016-05-15 22:03 - 00000000 ____D C:\Program Files\Intel
2016-05-15 22:02 - 2016-05-15 22:02 - 00002392 _____ C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-05-15 22:02 - 2016-05-15 22:02 - 00000000 ___RD C:\Users\Matthias\OneDrive
2016-05-15 22:02 - 2016-05-15 22:02 - 00000000 ____D C:\Users\Matthias\AppData\Local\MicrosoftEdge
2016-05-15 22:02 - 2016-05-15 22:02 - 00000000 ____D C:\Users\Matthias\AppData\Local\ActiveSync
2016-05-15 22:02 - 2016-05-15 22:02 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-05-15 22:00 - 2016-05-15 22:14 - 00000000 ____D C:\Users\Matthias\AppData\Local\Packages
2016-05-15 22:00 - 2016-05-15 22:12 - 00000000 ____D C:\Users\Matthias
2016-05-15 22:00 - 2016-05-15 22:00 - 00000020 ___SH C:\Users\Matthias\ntuser.ini
2016-05-15 22:00 - 2016-05-15 22:00 - 00000000 _SHDL C:\Users\Matthias\Vorlagen
2016-05-15 22:00 - 2016-05-15 22:00 - 00000000 _SHDL C:\Users\Matthias\Startmenü
2016-05-15 22:00 - 2016-05-15 22:00 - 00000000 _SHDL C:\Users\Matthias\Netzwerkumgebung
2016-05-15 22:00 - 2016-05-15 22:00 - 00000000 _SHDL C:\Users\Matthias\Lokale Einstellungen
2016-05-15 22:00 - 2016-05-15 22:00 - 00000000 _SHDL C:\Users\Matthias\Eigene Dateien
2016-05-15 22:00 - 2016-05-15 22:00 - 00000000 _SHDL C:\Users\Matthias\Druckumgebung
2016-05-15 22:00 - 2016-05-15 22:00 - 00000000 _SHDL C:\Users\Matthias\Documents\Eigene Videos
2016-05-15 22:00 - 2016-05-15 22:00 - 00000000 _SHDL C:\Users\Matthias\Documents\Eigene Musik
2016-05-15 22:00 - 2016-05-15 22:00 - 00000000 _SHDL C:\Users\Matthias\Documents\Eigene Bilder
2016-05-15 22:00 - 2016-05-15 22:00 - 00000000 _SHDL C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-05-15 22:00 - 2016-05-15 22:00 - 00000000 _SHDL C:\Users\Matthias\AppData\Local\Verlauf
2016-05-15 22:00 - 2016-05-15 22:00 - 00000000 _SHDL C:\Users\Matthias\AppData\Local\Anwendungsdaten
2016-05-15 22:00 - 2016-05-15 22:00 - 00000000 _SHDL C:\Users\Matthias\Anwendungsdaten
2016-05-15 22:00 - 2016-05-15 22:00 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-05-15 22:00 - 2016-05-15 22:00 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\Adobe
2016-05-15 22:00 - 2016-05-15 22:00 - 00000000 ____D C:\Users\Matthias\AppData\Local\VirtualStore
2016-05-15 22:00 - 2016-05-15 22:00 - 00000000 ____D C:\Users\Matthias\AppData\Local\TileDataLayer
2016-05-15 22:00 - 2016-05-15 22:00 - 00000000 ____D C:\Users\Matthias\AppData\Local\Publishers
2016-05-15 21:58 - 2016-05-15 22:18 - 01708398 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-15 21:55 - 2016-05-15 21:55 - 00000000 ____D C:\ProgramData\USOShared
2016-05-15 21:54 - 2016-05-15 22:12 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-15 21:54 - 2016-05-15 21:54 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Videos
2016-05-15 21:54 - 2016-05-15 21:54 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2016-05-15 21:54 - 2016-05-15 21:54 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2016-05-15 21:54 - 2016-05-15 21:54 - 00000000 _SHDL C:\Users\Default\Vorlagen
2016-05-15 21:54 - 2016-05-15 21:54 - 00000000 _SHDL C:\Users\Default\Startmenü
2016-05-15 21:54 - 2016-05-15 21:54 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2016-05-15 21:54 - 2016-05-15 21:54 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2016-05-15 21:54 - 2016-05-15 21:54 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2016-05-15 21:54 - 2016-05-15 21:54 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2016-05-15 21:54 - 2016-05-15 21:54 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2016-05-15 21:54 - 2016-05-15 21:54 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2016-05-15 21:54 - 2016-05-15 21:54 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2016-05-15 21:54 - 2016-05-15 21:54 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-05-15 21:54 - 2016-05-15 21:54 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2016-05-15 21:54 - 2016-05-15 21:54 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2016-05-15 21:54 - 2016-05-15 21:54 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2016-05-15 21:54 - 2016-05-15 21:54 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2016-05-15 21:54 - 2016-05-15 21:54 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2016-05-15 21:54 - 2016-05-15 21:54 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2016-05-15 21:54 - 2016-05-15 21:54 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-05-15 21:54 - 2016-05-15 21:54 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2016-05-15 21:54 - 2016-05-15 21:54 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2016-05-15 21:54 - 2016-05-15 21:54 - 00000000 _SHDL C:\Programme
2016-05-15 21:54 - 2016-05-15 21:54 - 00000000 _SHDL C:\ProgramData\Vorlagen
2016-05-15 21:54 - 2016-05-15 21:54 - 00000000 _SHDL C:\ProgramData\Startmenü
2016-05-15 21:54 - 2016-05-15 21:54 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2016-05-15 21:54 - 2016-05-15 21:54 - 00000000 _SHDL C:\ProgramData\Dokumente
2016-05-15 21:54 - 2016-05-15 21:54 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2016-05-15 21:54 - 2016-05-15 21:54 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2016-05-15 21:54 - 2016-05-15 21:54 - 00000000 _SHDL C:\Dokumente und Einstellungen
2016-05-15 21:54 - 2016-05-15 21:54 - 00000000 ____D C:\Windows\CSC
2016-05-15 21:54 - 2015-10-30 09:17 - 02718208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2016-05-15 21:53 - 2016-05-15 21:53 - 00189344 _____ C:\Windows\system32\FNTCACHE.DAT
2016-05-15 21:53 - 2016-05-15 21:53 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-05-04 04:23 - 2016-05-04 04:23 - 00129824 _____ C:\Windows\SysWOW64\vulkan-1-1-0-11-1.dll
2016-05-04 04:22 - 2016-05-04 04:22 - 00130848 _____ C:\Windows\system32\vulkan-1-1-0-11-1.dll
2016-05-04 04:22 - 2016-05-04 04:22 - 00045344 _____ C:\Windows\system32\vulkaninfo-1-1-0-11-1.exe
2016-05-04 04:22 - 2016-05-04 04:22 - 00040224 _____ C:\Windows\SysWOW64\vulkaninfo-1-1-0-11-1.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-05-15 22:52 - 2015-10-30 09:24 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2016-05-15 22:18 - 2015-10-30 20:35 - 00737872 _____ C:\Windows\system32\perfh007.dat
2016-05-15 22:18 - 2015-10-30 20:35 - 00147558 _____ C:\Windows\system32\perfc007.dat
2016-05-15 22:18 - 2015-10-30 09:21 - 00000000 ____D C:\Windows\INF
2016-05-15 22:14 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-15 22:14 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\AppReadiness
2016-05-15 22:13 - 2015-10-30 09:24 - 00000000 ___RD C:\Windows\DevicesFlow
2016-05-15 22:12 - 2015-10-30 08:28 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-05-15 22:10 - 2015-10-30 09:24 - 00000000 ___HD C:\Windows\ELAMBKUP
2016-05-15 22:10 - 2015-10-30 08:28 - 00032768 ___SH C:\Windows\system32\config\ELAM
2016-05-15 22:06 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\Help
2016-05-15 22:00 - 2015-10-30 09:24 - 00000000 ___RD C:\Windows\PurchaseDialog
2016-05-15 22:00 - 2015-10-30 09:24 - 00000000 ___RD C:\Windows\PrintDialog
2016-05-15 22:00 - 2015-10-30 09:24 - 00000000 ___RD C:\Windows\MiracastView
2016-05-15 22:00 - 2015-10-30 09:24 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2016-05-15 21:59 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\system32\oobe
2016-05-15 21:55 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\USOPrivate
2016-05-15 21:54 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-05-15 21:54 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows NT
2016-05-15 21:54 - 2015-10-30 09:11 - 00000000 ____D C:\Windows\CbsTemp
2016-05-15 21:53 - 2015-10-30 20:58 - 00000000 ____D C:\Windows\ServiceProfiles
2016-05-15 21:53 - 2015-10-30 08:28 - 00000000 ____D C:\Windows\system32\Sysprep
2016-05-10 20:11 - 2015-11-10 03:14 - 01572496 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2016-05-10 20:11 - 2015-11-10 03:14 - 00205456 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2016-05-10 06:05 - 2015-11-10 01:12 - 00038050 _____ C:\Windows\system32\nvinfo.pb
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-05-15 21:53
==================== Ende von FRST.txt ============================
Danke Geändert von park757 (15.05.2016 um 21:59 Uhr) |
|
16.05.2016, 21:54
| #2 |
| |  Tastatur schreibt von selber nach "Entf" Taste - Virus ? Weiß keiner was ?
__________________ |
|
18.05.2016, 16:11
| #3 |
| /// Malwareteam  | Tastatur schreibt von selber nach "Entf" Taste - Virus ? Mein Name ist Dennis und ich werde dir bei der Bereinigung helfen. Bitte beachte, dass es ein paar Regeln gibt:
Sollte ich nicht innerhalb von 48h antworten, schreibe mir eine PM! Posten in CODE-Tags  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Los gehts! Hast du schon mal versucht von einer Linux Live-DVD zu booten? Besteht das Problem dort auch? Also nur damit ichs richtig versteh: Wenn du die "Entf"-Taste drückst kommt "Hallo <Username> <Passwort>"?
__________________ |
|
18.05.2016, 17:01
| #4 |
| | Tastatur schreibt von selber nach "Entf" Taste - Virus ? Hallo, nein von einer Linux CD habe ich nocht nicht gebootet und geschaut ob es funktioniert. Hast du einen ISO Link dafür? JA richtig wenn ich auf "Entf" Taste drücke dann kommt: <username> Enter(nächste Zeile) <passwort>mmmmmm...... Bis ich die ESC-Taste drücke dann hört es auf. Habe es mit der Virtuellen Windows Tastatur versucht und da ging Entf ganz normal ohne diesem seltsamen Verhalten. Denke meine Freundin hat auf irgendwas geklickt - aber wie immer "Ich hab nichts angeklickt" -_- da es ihr Benutzername + PW ist. Geändert von park757 (18.05.2016 um 17:11 Uhr) |
|
18.05.2016, 17:27
| #5 |
| /// Malwareteam | Tastatur schreibt von selber nach "Entf" Taste - Virus ? Hi, LinuxDVD gibts zum Beispiel Ubuntu: Download Ubuntu Desktop | Download | Ubuntu. ISO auf DVD oder USB-Stick geben, dann auf "Betriebssystem testen" oder so ähnlich klicken (auf keinen Fall installieren). Wir machen aber mal Scans mit TDSSKILLER und MBAM. Schritt # 1: TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Schritt # 2: Bitte Posten
|
|
18.05.2016, 18:18
| #6 |
| | Tastatur schreibt von selber nach "Entf" Taste - Virus ? Ok. Werde ich jetzt testen. TDSSKiller hat leider nichts gefunden. Auf welches Format muss der USB Stick formatiert werden? NTFS oder FAT32? Und wie bekomme ich die ISO auf den USB Stick - mit welchem Programm? PS: Habe die Sucheinstellungen etwas erweitert und nun hat er eines gefunden: Edit2: Auf Ubuntu das gleiche Problem : (((((((((((((((((((((((((((( Code:
ATTFilter 19:20:14.0342 0x1588 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
19:20:14.0342 0x1588 UEFI system
19:20:17.0640 0x1588 ============================================================
19:20:17.0640 0x1588 Current date / time: 2016/05/18 19:20:17.0640
19:20:17.0640 0x1588 SystemInfo:
19:20:17.0640 0x1588
19:20:17.0640 0x1588 OS Version: 10.0.10586 ServicePack: 0.0
19:20:17.0640 0x1588 Product type: Workstation
19:20:17.0640 0x1588 ComputerName: DESKTOP-CKLBVBG
19:20:17.0640 0x1588 UserName: Matthias
19:20:17.0640 0x1588 Windows directory: C:\Windows
19:20:17.0640 0x1588 System windows directory: C:\Windows
19:20:17.0640 0x1588 Running under WOW64
19:20:17.0640 0x1588 Processor architecture: Intel x64
19:20:17.0640 0x1588 Number of processors: 8
19:20:17.0640 0x1588 Page size: 0x1000
19:20:17.0640 0x1588 Boot type: Normal boot
19:20:17.0640 0x1588 ============================================================
19:20:17.0715 0x1588 KLMD registered as C:\Windows\system32\drivers\17258686.sys
19:20:18.0672 0x1588 System UUID: {C778CA93-FD14-26D2-F2D1-FFD345E2AFEB}
19:20:21.0230 0x1588 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:20:21.0230 0x1588 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:20:21.0232 0x1588 ============================================================
19:20:21.0232 0x1588 \Device\Harddisk0\DR0:
19:20:21.0232 0x1588 GPT partitions:
19:20:21.0233 0x1588 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {FD0437B8-6D22-4D56-86B0-496FC68D42B0}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
19:20:21.0233 0x1588 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {9A2D9906-975D-401D-AC42-32EED5808CAE}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x40000
19:20:21.0233 0x1588 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {D7B9F595-B4A3-499D-ABF3-7EBD6979EA2D}, Name: Basic data partition, StartLBA 0x72800, BlocksNum 0x74BE000
19:20:21.0233 0x1588 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {E4D10EC5-8B73-4243-BF70-189721247E39}, Name: Basic data partition, StartLBA 0x7530800, BlocksNum 0x32E55000
19:20:21.0233 0x1588 MBR partitions:
19:20:21.0233 0x1588 \Device\Harddisk1\DR1:
19:20:21.0233 0x1588 GPT partitions:
19:20:21.0233 0x1588 \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {83501074-9CC0-46E0-9847-6273EA104CA7}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xD8CC000
19:20:21.0233 0x1588 \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {043833C2-E38E-4F59-8AAF-33E79F61BA62}, Name: Microsoft reserved partition, StartLBA 0xD8CC800, BlocksNum 0x8000
19:20:21.0233 0x1588 \Device\Harddisk1\DR1\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {4910BA6C-8AE6-4B73-92A4-29A4BB5DA9DA}, Name: Basic data partition, StartLBA 0xD8D4800, BlocksNum 0x2CAB1800
19:20:21.0233 0x1588 MBR partitions:
19:20:21.0233 0x1588 ============================================================
19:20:21.0234 0x1588 C: <-> \Device\Harddisk1\DR1\Partition1
19:20:21.0234 0x1588 D: <-> \Device\Harddisk0\DR0\Partition3
19:20:21.0235 0x1588 E: <-> \Device\Harddisk0\DR0\Partition4
19:20:21.0235 0x1588 H: <-> \Device\Harddisk1\DR1\Partition3
19:20:21.0235 0x1588 ============================================================
19:20:21.0235 0x1588 Initialize success
19:20:21.0235 0x1588 ============================================================
19:20:31.0229 0x0a08 ============================================================
19:20:31.0229 0x0a08 Scan started
19:20:31.0229 0x0a08 Mode: Manual; SigCheck; TDLFS;
19:20:31.0229 0x0a08 ============================================================
19:20:31.0229 0x0a08 KSN ping started
19:20:33.0907 0x0a08 KSN ping finished: true
19:20:34.0256 0x0a08 ================ Scan system memory ========================
19:20:34.0256 0x0a08 System memory - ok
19:20:34.0256 0x0a08 ================ Scan services =============================
19:20:34.0300 0x0a08 [ DF1C3D7E6C7929AD83BE22852B5B08CB, 9ECF6211CCD30273A23247E87C31B3A2ACDA623133CEF6E9B3243463C0609C5F ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys
19:20:34.0326 0x0a08 1394ohci - ok
19:20:34.0338 0x0a08 [ 2C5B3035B86770ADD2FE9BFBAF5B35A4, 19E16F9144FE3E33B5FF248CF0040AB079ACAE22290B1369CC72AE4CB5FE3A90 ] 3ware C:\Windows\system32\drivers\3ware.sys
19:20:34.0348 0x0a08 3ware - ok
19:20:34.0358 0x0a08 [ 469441BAE3FF8A16826FC62C51EF5E18, E1204677B87F47222D05F670F8DF3DB65EA0881782A8DCFBE0103478ED71187C ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:20:34.0373 0x0a08 ACPI - ok
19:20:34.0378 0x0a08 [ 7EADED8087C392876521F7EBCE846EF4, 99BF1BD948F97C1ECBC049C7F949B71D73D0B41FB505B2F75B208E655F7DC8A3 ] acpiex C:\Windows\system32\Drivers\acpiex.sys
19:20:34.0386 0x0a08 acpiex - ok
19:20:34.0390 0x0a08 [ C498887123327CDFD73A05E7A2780920, B45392C46254FCB8D79B6C3A82C8D894063199E6167D8E5F7EA7D60C75CD16EA ] acpipagr C:\Windows\System32\drivers\acpipagr.sys
19:20:34.0397 0x0a08 acpipagr - ok
19:20:34.0400 0x0a08 [ C8DBE6EFFCF014CAA010B9BDDAC833EC, 96FC29340C62A6B0910DCCBF8945F32089FC300F45B451A540B8854D53734298 ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys
19:20:34.0407 0x0a08 AcpiPmi - ok
19:20:34.0410 0x0a08 [ 17039DBEB3B7B9ADCDB4B4533AA9771F, A4D38B144639A20B8B31E4F35FB776A028DB502FAC849FC73EECEB3CCD91830B ] acpitime C:\Windows\System32\drivers\acpitime.sys
19:20:34.0417 0x0a08 acpitime - ok
19:20:34.0421 0x0a08 [ 36114214BF8D7C464D1E92E4EB6B2DD3, 8E7CB266D4ABCDF332A3D4D341753811D51B72985E36F24A7E757DCA11A65A2A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:20:34.0429 0x0a08 AdobeARMservice - ok
19:20:34.0447 0x0a08 [ F7D0CD345D2DA42E7042ABCD73662403, 03183F90A994D69066F15C3DFC1D7D7514AEAF46A5AAC059B1FB327F8C30A35C ] ADP80XX C:\Windows\system32\drivers\ADP80XX.SYS
19:20:34.0469 0x0a08 ADP80XX - ok
19:20:34.0482 0x0a08 [ 70148EFA9A562E7185B75BBE7D376BF7, 8200E3349A1AFA1040B3D956A17BAF3CDC784A1A3CA396125E7872B36C03D84A ] AFD C:\Windows\system32\drivers\afd.sys
19:20:34.0499 0x0a08 AFD - ok
19:20:34.0504 0x0a08 [ 870F1A2C936F92B5D053DF7EC75B352F, D617524FD5886D6D3BC2EFBBB5EA310E906454CD7CA7257C3D7BDEA8C4F2DA71 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:20:34.0512 0x0a08 agp440 - ok
19:20:34.0518 0x0a08 [ 3DF7751D5DC6525E7DC6617FBB45054F, 8E6D4C809DB3B66E7558C4829E01F5C227EE614AC82F33FD99DCC629770D1BE3 ] ahcache C:\Windows\system32\DRIVERS\ahcache.sys
19:20:34.0530 0x0a08 ahcache - ok
19:20:34.0533 0x0a08 [ 19707ECBCEA71080A85DB2336580DB39, A09AE69C9DE2F3765417F212453B6927C317A94801AE68FBA6A8E8A7CB16CED7 ] AJRouter C:\Windows\System32\AJRouter.dll
19:20:34.0542 0x0a08 AJRouter - ok
19:20:34.0545 0x0a08 [ AA91A5E156D0364ABA7B01658C2EB014, F61055D581745023939C741CAB3370074D1416BB5A0BE0BD47642D5A75669E12 ] ALG C:\Windows\System32\alg.exe
19:20:34.0554 0x0a08 ALG - ok
19:20:34.0558 0x0a08 [ B70F0F2F54B4A4DB6E9C830454752F5A, C882DEAC30812E5FA4479A8CB688603C6AF269EF08236688F4C5E7EBED1D4572 ] AmdK8 C:\Windows\System32\drivers\amdk8.sys
19:20:34.0567 0x0a08 AmdK8 - ok
19:20:34.0571 0x0a08 [ 35E890482C9728DD5C552B85DA8A5AB2, 1E0EB7D902AB4C38E23CAFC0BEA250E7F6E180E8814385B4F29730BFC373A191 ] AmdPPM C:\Windows\System32\drivers\amdppm.sys
19:20:34.0582 0x0a08 AmdPPM - ok
19:20:34.0586 0x0a08 [ 5B30BCFE6E02E45D3EE268FF001BC5E0, 9901DB728885CE36911F79998629B2DD42D56AF9633B5277834F498CC59B0346 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:20:34.0593 0x0a08 amdsata - ok
19:20:34.0599 0x0a08 [ F20B30F35A5C7888441B4DCA001ECF8E, 695A5BC1F18B65992EB06A202AD3CBFA17228E76DDFD1AE6977FD315724F75C2 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
19:20:34.0608 0x0a08 amdsbs - ok
19:20:34.0611 0x0a08 [ AFE838D7576C581D6483529621AB10CC, 14476A04CC64E7A0F1BBFDACCBD7A87F384BE1877C27656DBB973AF3975D4AE2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:20:34.0618 0x0a08 amdxata - ok
19:20:34.0622 0x0a08 [ EDDB0D726DBECDFC1DBCC6DB464E5A13, 98D128D1E6FA270ED9ADBFE50078F68A794C00D4CBB86E28EC6161FFAD0CA8FF ] AppID C:\Windows\system32\drivers\appid.sys
19:20:34.0632 0x0a08 AppID - ok
19:20:34.0635 0x0a08 [ 7A55F9237F726D1667073A47B0D1B90F, 7C2D9AA84F1D4CC6C1FAF6848DF9479A534E01029C4387E8C0647745F1E74603 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:20:34.0646 0x0a08 AppIDSvc - ok
19:20:34.0649 0x0a08 [ 56E219DF92BE16F62308F884739BE022, FE189EE8A52BC5A0E6B76C632021F84F60307A182F2A67C0C0C7CAA72DEFC723 ] Appinfo C:\Windows\System32\appinfo.dll
19:20:34.0660 0x0a08 Appinfo - ok
19:20:34.0665 0x0a08 [ 3B3774C868868257533EC7E715BB6D53, 4AF1DADCEDBD80BE6EDEC696DF59E65B51D31E33F4C84413CA03C7BD959FF4E5 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:20:34.0671 0x0a08 Apple Mobile Device Service - ok
19:20:34.0676 0x0a08 [ B4AE5296C9597F45E1CFE0B1DBE7739E, C9DCA8EF32720D68119CC23DF4BCD783FFB5F999D14EDCC7937D17C590323B4B ] AppMgmt C:\Windows\System32\appmgmts.dll
19:20:34.0686 0x0a08 AppMgmt - ok
19:20:34.0695 0x0a08 [ 610499A73DF3599608EBB6B3F9929052, A9CA49C4A39A825916AB3791090BCFC7044FDB6B2C3538E01F0CFBC2A9931152 ] AppReadiness C:\Windows\system32\AppReadiness.dll
19:20:34.0712 0x0a08 AppReadiness - ok
19:20:34.0745 0x0a08 [ 087FBBC026DCC0F693E91079B9901B7E, 544DEC1255923DBDC8351B6CE2220FBC9929F2FFE52C91062C23DE7734DA7A2F ] AppXSvc C:\Windows\system32\appxdeploymentserver.dll
19:20:34.0794 0x0a08 AppXSvc - ok
19:20:34.0800 0x0a08 [ E3FE8F610B1CC12BC3B2E6BC43DC97E2, 0E18542CF2095A9ADA1759AB8F986E78B0A50A3C6B2AD4EACD80A23D832A2C6D ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:20:34.0811 0x0a08 arcsas - ok
19:20:34.0814 0x0a08 [ 5E00748A1AD246CAECBBB7553BED36CC, DAD2C93F0894E7BB5E5D8D767D8286A909086B49172C504A01097C3A180998C6 ] AsyncMac C:\Windows\System32\drivers\asyncmac.sys
19:20:34.0824 0x0a08 AsyncMac - ok
19:20:34.0832 0x0a08 [ 492B99D2E3D5D7BFD5F0AE1BE7BD37DD, A3F6BFC4FDC1933FBF3145019B118689A414108B04F43E2563946B2673C89324 ] atapi C:\Windows\system32\drivers\atapi.sys
19:20:34.0838 0x0a08 atapi - ok
19:20:34.0844 0x0a08 [ 42BF7FA295F453618104B5A50BEE105B, AB44BA2AD2FC5AF3B6BE4489C444C03FD1AB02C22109BF5F39BE459294C4CB18 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
19:20:34.0857 0x0a08 AudioEndpointBuilder - ok
19:20:34.0873 0x0a08 [ 2A2C0983B6FE62F02E7183335B1F5C20, 07845269FE72894D31D3FC927EECE26333AE9A2149A995DA4AE007276B05C647 ] Audiosrv C:\Windows\System32\Audiosrv.dll
19:20:34.0903 0x0a08 Audiosrv - ok
19:20:34.0913 0x0a08 [ 50C3C62FFE6337E6E4F2F01CB07DF63C, CC9C7D2827E872F22A2A79D42195530F61DF6EA6A1C8F520E25DB35537574FAB ] AVP16.0.0 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
19:20:34.0923 0x0a08 AVP16.0.0 - ok
19:20:34.0928 0x0a08 [ 7062CE507814D5306DCA5D6A15B7B6B6, 9D60506003A66C2E516B1FCB70CC5B26FB3A9948B95D97C828DD0328E76F2C91 ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:20:34.0946 0x0a08 AxInstSV - ok
19:20:34.0956 0x0a08 [ 6447BA6FA709514B6C803D159B4C7D1E, 549DDCEAD93DF333F6BBD56A9258A867E4DA219741C00D48C68F8F230A87B11A ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
19:20:34.0970 0x0a08 b06bdrv - ok
19:20:34.0974 0x0a08 [ B4AC08B1D04D0CE085435E5CD0E663C5, 61E641388E5692B2EB351E44BA1DB86B5305DD105EE56865D59072CA9407C8AC ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys
19:20:34.0982 0x0a08 BasicDisplay - ok
19:20:34.0985 0x0a08 [ 25B5BB369DEE2BAE4BF459C978FF9035, DBC2157B2AC0BC92B4011CE5E01F2DCDAAE71E37D9D21102503C6455FAAC4DCA ] BasicRender C:\Windows\System32\drivers\BasicRender.sys
19:20:34.0994 0x0a08 BasicRender - ok
19:20:34.0998 0x0a08 [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn C:\Windows\System32\drivers\bcmfn.sys
19:20:35.0006 0x0a08 bcmfn - ok
19:20:35.0009 0x0a08 [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2 C:\Windows\System32\drivers\bcmfn2.sys
19:20:35.0016 0x0a08 bcmfn2 - ok
19:20:35.0023 0x0a08 [ F374C27099807E99A156953F8416D34A, D267B8CD837290F9FC6B4FFD2DB8F54867D808FB155698FC7713BCAB3AE475B5 ] BDESVC C:\Windows\System32\bdesvc.dll
19:20:35.0038 0x0a08 BDESVC - ok
19:20:35.0041 0x0a08 [ 5A88834AEE15D97695FAE0837B73B3E4, 03035FB51DE218B8EDB15129A0376DDED0C7E7B6DA58DD95B12E4E5C8D852ED8 ] Beep C:\Windows\system32\drivers\Beep.sys
19:20:35.0049 0x0a08 Beep - ok
19:20:35.0066 0x0a08 [ 37F5E2385CB4D10AB42186974B9C241A, D38FA2B8CE19AC32056060F04B04D031F1621C07528DEDCCD5A8C01AB0A35995 ] BFE C:\Windows\System32\bfe.dll
19:20:35.0090 0x0a08 BFE - ok
19:20:35.0108 0x0a08 [ 64582C924C48175D52AED0D0E64AB413, 75DC6BC01D26A4BABEDB8013F0C106780F0991CA63075798C7C24B66022F58E3 ] BITS C:\Windows\System32\qmgr.dll
19:20:35.0145 0x0a08 BITS - ok
19:20:35.0155 0x0a08 [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:20:35.0164 0x0a08 Bonjour Service - ok
19:20:35.0169 0x0a08 [ DA2C6F7ACE392193C424FEA975C5BFFB, 668F91F3E5F8EA170C10823D6959E0EDB32434C51FAA68BEA782EDDF5618690E ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:20:35.0179 0x0a08 bowser - ok
19:20:35.0190 0x0a08 [ 492FB85E61768950CDD27C87AED6E8FA, 1BFF11D899581E406D1AB5F2C66C9D816161ECF4B81AAACCCA3663875E86C0A5 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
19:20:35.0210 0x0a08 BrokerInfrastructure - ok
19:20:35.0217 0x0a08 [ A617BE5E429A035A1CA8217C1B16F0BB, 197EE6C6EB22FF8A626540886F5A2163CC4CB177504C5423856F54BF01EB0FF1 ] Browser C:\Windows\System32\browser.dll
19:20:35.0227 0x0a08 Browser - ok
19:20:35.0230 0x0a08 [ CAEC7BC11AF69A181AF7932E636E09E4, 503C69045F1E025CBEE2405043BB71CC58478985ECAF6587F73FCB57860F5709 ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys
19:20:35.0239 0x0a08 BthAvrcpTg - ok
19:20:35.0243 0x0a08 [ 5F2B4B32E986C058525D3BA2A475A16C, CEC5BB0B025DD9525CFBBEDF6EB6F63336534798495A4F95763CE112DF915088 ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys
19:20:35.0252 0x0a08 BthHFEnum - ok
19:20:35.0254 0x0a08 [ 5406289E8AE2CB52FC408154E0A64BA7, 0A3795F2E6E2B51198452CF69A99159D8E11650E95F41DF0B575CB72F9C6C6B5 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys
19:20:35.0262 0x0a08 bthhfhid - ok
19:20:35.0271 0x0a08 [ BAB101E7826BE287F79C4BA721621989, E6DD25C89267FE87253B8226292F2894F5E702075D3B23B09339D3B28744C060 ] BthHFSrv C:\Windows\System32\BthHFSrv.dll
19:20:35.0287 0x0a08 BthHFSrv - ok
19:20:35.0291 0x0a08 [ A76F20CCCA31895A1DA78A875E50F946, ECD4B3670DA5984AA24F4354457B4E45983938A89FF6DB03B556A633B4B37E3C ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys
19:20:35.0299 0x0a08 BTHMODEM - ok
19:20:35.0303 0x0a08 [ 7A177E18AA6A6A6365E6351C2BF8EDAE, A35224A20014B1215A6824AE5E17B8869A775EA272EF7F25EAFFA18733F8D09D ] bthserv C:\Windows\system32\bthserv.dll
19:20:35.0313 0x0a08 bthserv - ok
19:20:35.0317 0x0a08 [ BF89BDBA5D3A0B4256D3F6FC8D31880D, 940F3BF55B88261C9E9A951A092331559FC5B24FE3BA0F1E1AB3450D2CA364C1 ] buttonconverter C:\Windows\System32\drivers\buttonconverter.sys
19:20:35.0324 0x0a08 buttonconverter - ok
19:20:35.0329 0x0a08 [ C24C27FDF93B85A4EFCF25F830253AA2, 35C87518BB59663B57C2361A13AD4E57E37392598F1EB9F07F86CA5A6321AF5A ] CapImg C:\Windows\System32\drivers\capimg.sys
19:20:35.0340 0x0a08 CapImg - ok
19:20:35.0344 0x0a08 [ 7F9C7226D743B232907ED2537B8A574F, 2211AFC30E8F8FA03020DB48EE14914CD31E50BB6A63FF20AC7C6FA481E72C18 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:20:35.0351 0x0a08 cdfs - ok
19:20:35.0363 0x0a08 [ 0A92DC116CFC7F6BE8167DD25CB925CC, 50CAC7BE14FF69B10C029E049F7C441A5572540F027F95F940B185C76C689409 ] CDPSvc C:\Windows\System32\CDPSvc.dll
19:20:35.0376 0x0a08 CDPSvc - ok
19:20:35.0381 0x0a08 [ 82D97776BF982AA143BDC7DFB5054EA8, 954F56728371E6B3514586DCEAF15C4727BAED6CAFBF788654C4E03BD702942C ] cdrom C:\Windows\System32\drivers\cdrom.sys
19:20:35.0392 0x0a08 cdrom - ok
19:20:35.0397 0x0a08 [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] CertPropSvc C:\Windows\System32\certprop.dll
19:20:35.0411 0x0a08 CertPropSvc - ok
19:20:35.0414 0x0a08 [ 0505C1D991D0F9D47F3353BB98597C7E, 3B801CCF4980256327A4A9FBD98007DA1E3ACE9C94E5A4C23AB21303B46E8B5A ] circlass C:\Windows\System32\drivers\circlass.sys
19:20:35.0422 0x0a08 circlass - ok
19:20:35.0430 0x0a08 [ 8B4B39C507ABA09AAFE8E3932D1B392C, 734700155A658BC08FC96E8F99A01DE7F7251D7DDEFA79D258B2EEB370BA7AA8 ] CLFS C:\Windows\system32\drivers\CLFS.sys
19:20:35.0442 0x0a08 CLFS - ok
19:20:35.0482 0x0a08 [ 2D2F62706FB1929B926B0C70FFFE1BB0, 9F9544DE94BD0E13205647E58D48297A77BCE128B74C9E78FF4A3E74B2ECE201 ] ClickToRunSvc C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
19:20:35.0527 0x0a08 ClickToRunSvc - ok
19:20:35.0540 0x0a08 [ F7526C133AC265F283012E9CD751F873, 6AABDD92FD880F49F63C1CC478C3D8291AF670802CEC58B32730E7675D858D88 ] ClipSVC C:\Windows\System32\ClipSVC.dll
19:20:35.0556 0x0a08 ClipSVC - ok
19:20:35.0561 0x0a08 [ 95832B049E2833B9F5189823CDF946C7, 72773A42A89220B4A6AC72D1633B16F11191A44D876A44FAB5CEFB717CE3223D ] CmBatt C:\Windows\System32\drivers\CmBatt.sys
19:20:35.0569 0x0a08 CmBatt - ok
19:20:35.0577 0x0a08 [ B2A6D2A30E93B6F215F74AC7E1733C9C, 960299F7BF2501B46296EDEA050BF30313C17A9B785574B56B79C070BD1B6E1A ] cm_km C:\Windows\system32\DRIVERS\cm_km.sys
19:20:35.0586 0x0a08 cm_km - ok
19:20:35.0597 0x0a08 [ 3B866F8CB10719A5AF9E410B1B149714, B0A32B526290ED8E1DD93C70AB49DD417B82CA23D6B815163131247091D61DBA ] CNG C:\Windows\system32\Drivers\cng.sys
19:20:35.0613 0x0a08 CNG - ok
19:20:35.0616 0x0a08 [ 58D640BC2294C71BDE0953F12D4B432F, 0B3B7659FCB97791A2A1F895C8E6F9078F855C94C13EB47464492588C4B02B85 ] cnghwassist C:\Windows\system32\DRIVERS\cnghwassist.sys
19:20:35.0622 0x0a08 cnghwassist - ok
19:20:35.0629 0x0a08 [ 14F9883588398A1BDE49C75098C75DE6, D9D82DE89FAFE60BC902683BC44C7555533A030150FD5E5A35A24542FACC5CAD ] CompositeBus C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys
19:20:35.0637 0x0a08 CompositeBus - ok
19:20:35.0640 0x0a08 COMSysApp - ok
19:20:35.0643 0x0a08 [ 02B8E49148DE5E0A2F6FDF28CE94A6AC, EEA405823F441CA604BEAA44EB71A1D20BC80E124FF7B27380D0201AAF2E0849 ] condrv C:\Windows\system32\drivers\condrv.sys
19:20:35.0653 0x0a08 condrv - ok
19:20:35.0666 0x0a08 [ 86BE19C6A177AEB93302EA5C4FBE2D11, 5404AB84D270549B1A46574EBDC857525F71B117BE3BA0098FA0A696E56D5C39 ] CoreMessagingRegistrar C:\Windows\system32\coremessaging.dll
19:20:35.0684 0x0a08 CoreMessagingRegistrar - ok
19:20:35.0713 0x0a08 [ 137BC921135ECDA3E9917B56E3550D32, 6585F4FFEAB32583B867A14F7B7C09C563B1EA715AD9C3B850A7965C54A819A0 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
19:20:35.0725 0x0a08 cphs - ok
19:20:35.0729 0x0a08 [ 2CE0D74AED86A372997E9D77AE10B9F5, 1AFAA22C68FD0B81F73CE0EB763AD77AB97E78916752843A5056E1352F0FEA82 ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:20:35.0738 0x0a08 CryptSvc - ok
19:20:35.0748 0x0a08 [ 5D578EAAFB6FD4F59523E5878B541296, 73573124787B79179880AFAF9CB8427237A1605A9F13D7783228DE24D18963C0 ] CSC C:\Windows\system32\drivers\csc.sys
19:20:35.0765 0x0a08 CSC - ok
19:20:35.0778 0x0a08 [ 5F07CCEE514894C9474AEDCA50B6C2C7, 38F54897C91A2E7D80D00852CEB173B26E822D7C68F35D31228245F811E028A8 ] CscService C:\Windows\System32\cscsvc.dll
19:20:35.0799 0x0a08 CscService - ok
19:20:35.0803 0x0a08 [ 2619DC483579DB9FE804044C1ADFFD1A, 23A5420288735A980917091532BE7BB36EB51660AA4555C615AF736357EB02EC ] dam C:\Windows\system32\drivers\dam.sys
19:20:35.0809 0x0a08 dam - ok
19:20:35.0824 0x0a08 [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:20:35.0851 0x0a08 DcomLaunch - ok
19:20:35.0857 0x0a08 [ 620921E77351FB651632322AD2C195C4, 5A98971995D7A2B5AE6BEA69344FCC6687B582FEF74BDA206D32FB2E6CEB0478 ] DcpSvc C:\Windows\system32\dcpsvc.dll
19:20:35.0871 0x0a08 DcpSvc - ok
19:20:35.0881 0x0a08 [ 6129EA4294C5C69E4665801E95B16AB2, CE419186CF0F57434426FF925A09F13BE87639679CBB5F2074B0E1A243349D27 ] defragsvc C:\Windows\System32\defragsvc.dll
19:20:35.0902 0x0a08 defragsvc - ok
19:20:35.0911 0x0a08 [ D12B9B6A6C4885824876422AACC89954, 5853ED5CAF84B7AAFF3EDC5C71FE23EB121DB681D81267D77118424BA9AB6F88 ] DeviceAssociationService C:\Windows\system32\das.dll
19:20:35.0927 0x0a08 DeviceAssociationService - ok
19:20:35.0933 0x0a08 [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] DeviceInstall C:\Windows\system32\umpnpmgr.dll
19:20:35.0946 0x0a08 DeviceInstall - ok
19:20:35.0948 0x0a08 [ 5BF8BD9B19D665452494C8D56DF4B28D, E5FC649207EF42C04B6737D442FECD3383E82F8998B140319FF400773F1D0978 ] DevQueryBroker C:\Windows\system32\DevQueryBroker.dll
19:20:35.0956 0x0a08 DevQueryBroker - ok
19:20:35.0962 0x0a08 [ 935823F79CBEDB91637B63D37E3A5A36, BE9A46F1CA631B9252C71758901D55456DC3C143053003D9FA7D67811A1E5026 ] Dfsc C:\Windows\system32\Drivers\dfsc.sys
19:20:35.0971 0x0a08 Dfsc - ok
19:20:35.0980 0x0a08 [ 5841A361D28069DFC82E1E98040FDC3F, 3A48DB7ADE90654242CB54DAD07F5FF0CD5CABF372C50D5B2C4D7AED068986E1 ] Dhcp C:\Windows\system32\dhcpcore.dll
19:20:35.0995 0x0a08 Dhcp - ok
19:20:36.0005 0x0a08 [ 9F5AC03F5A0000DD96FA29CD68A6605B, 6964E077635E65DA902CA6C69E704A9DCD5856D22BA75E1CF823E63E62266AF7 ] diagnosticshub.standardcollector.service C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
19:20:36.0012 0x0a08 diagnosticshub.standardcollector.service - ok
19:20:36.0035 0x0a08 [ 15D174719872A30F2FDD6B5B1B8BA5D9, B0E6FF6FC47B731C204F110D4B768231906B144B31F602ECE8EAC24D70BA880D ] DiagTrack C:\Windows\system32\diagtrack.dll
19:20:36.0066 0x0a08 DiagTrack - ok
19:20:36.0072 0x0a08 [ 4904B152E4942BF700F2D73228B4D477, 0E5646DCA05A24C71F057C9F9F64AE992D338DA72DF3126175C2FA178854C30F ] disk C:\Windows\system32\drivers\disk.sys
19:20:36.0080 0x0a08 disk - ok
19:20:36.0087 0x0a08 [ 49F069E2D22F33955A69D44DFD1B5179, 739C52C7B961BA683E8C7CCDB0E95423C17561B2F1F506BAE923DC53DB96B067 ] DmEnrollmentSvc C:\Windows\system32\Windows.Internal.Management.dll
19:20:36.0102 0x0a08 DmEnrollmentSvc - ok
19:20:36.0106 0x0a08 [ 0197AE4B9790A4E73751CACFAA480126, 86BBB398F1A93754B2C329271F13A88FD2F285F30225C38F068F565CCA14EB9F ] dmvsc C:\Windows\System32\drivers\dmvsc.sys
19:20:36.0113 0x0a08 dmvsc - ok
19:20:36.0116 0x0a08 [ 5EF8EC71A7A91F3DF7798BEFE6786B0E, A3A56B43C72926881C66B7A17C9EAA35C2D9603C8D3849438838536BCD3F4633 ] dmwappushservice C:\Windows\system32\dmwappushsvc.dll
19:20:36.0126 0x0a08 dmwappushservice - ok
19:20:36.0132 0x0a08 [ 5839A317C25F70979433E0905DFABB1B, 7F1CD50C77A33A10259D8A208A355BE7ECAFEA69F810AD908EF8878A792741AF ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:20:36.0144 0x0a08 Dnscache - ok
19:20:36.0151 0x0a08 [ 1B15297A3A2CAB6BD586676154F389D8, 623D5F5FC8622B7D9AEEEB1787E6846C1570F0EEF94341239440B616D09D672A ] dot3svc C:\Windows\System32\dot3svc.dll
19:20:36.0164 0x0a08 dot3svc - ok
19:20:36.0169 0x0a08 [ 316C2D8B8E3C0727969F1C3790EF7193, 631F8578FDB26578C8436E4B9C4DF21E1F58FCFE6DA66E5769AAC3739005D465 ] DPS C:\Windows\system32\dps.dll
19:20:36.0180 0x0a08 DPS - ok
19:20:36.0182 0x0a08 [ 25FA06D3B49D6ADF8E874FFCDCD76B50, 9AF09B96ED79D94EA36581ABE6CC73313A72891779774B15860D018BEA2BBA0F ] drmkaud C:\Windows\System32\drivers\drmkaud.sys
19:20:36.0189 0x0a08 drmkaud - ok
19:20:36.0195 0x0a08 [ 16EE6701115BECF8C657D9D6E123F6A1, 16E115B5245C3C988F8B58B90D30F183021C7C7792D3D1C74BEC606E49672B2A ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll
19:20:36.0212 0x0a08 DsmSvc - ok
19:20:36.0216 0x0a08 [ FBC8C56814642A7CA88ACBCA8DD1121F, 108690704A359991C3D6577477E232F5F2F46B36DF6B4B0738A893EF05D7D4EB ] DsSvc C:\Windows\System32\DsSvc.dll
19:20:36.0226 0x0a08 DsSvc - ok
19:20:36.0257 0x0a08 [ 48D8729FACC784900B831212AE56F824, 6AAE1E78B84D0C12B99BE050B787AA167E6BA0B5AA621BEE0DB5312A4771DA63 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:20:36.0294 0x0a08 DXGKrnl - ok
19:20:36.0300 0x0a08 [ 0CDF6B61D7F7FFCD195AF0113B9B2C16, 828D3FA31742B54075EAED2E67BBB5166D2EF4F84B791077E96DC0BD5557F11E ] Eaphost C:\Windows\System32\eapsvc.dll
19:20:36.0311 0x0a08 Eaphost - ok
19:20:36.0356 0x0a08 [ 491275B864B704B54EC08168344E0F38, B4849400C3F819CF7809A2001EA2ECB527022483F7DFE31C3930F951EAFE50CE ] ebdrv C:\Windows\system32\drivers\evbda.sys
19:20:36.0419 0x0a08 ebdrv - ok
19:20:36.0426 0x0a08 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] EFS C:\Windows\System32\lsass.exe
19:20:36.0434 0x0a08 EFS - ok
19:20:36.0438 0x0a08 [ CEF108FCE06892CFA5F1B49527D4BF49, FA337584024B6E6EE4AF519F57FFA4C0FCA19EDC148FF309336C4CCA8F9C9CE8 ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys
19:20:36.0449 0x0a08 EhStorClass - ok
19:20:36.0453 0x0a08 [ 5B1EAAE3001A7A320C106FC3859F4111, 700BA2C7D4DFAFFEB78D3804B310A4EE5B4295C84600442665693FF661673951 ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys
19:20:36.0461 0x0a08 EhStorTcgDrv - ok
19:20:36.0465 0x0a08 [ E34DEFC09F2843C2C24C2248F1ABE6D8, 1FD67EB5820A1D2F4402DE9D95DE288DB69D421A8473074FF23491D7CA8B5ACE ] embeddedmode C:\Windows\System32\embeddedmodesvc.dll
19:20:36.0475 0x0a08 embeddedmode - ok
19:20:36.0483 0x0a08 [ 062152DD5B225518A991DFCD8536770C, 5C8EF4E0C7DE3B24387FF239A8D0CDA39C2376826F16EAFF09739A6C7EDA01E0 ] EntAppSvc C:\Windows\system32\EnterpriseAppMgmtSvc.dll
19:20:36.0498 0x0a08 EntAppSvc - ok
19:20:36.0501 0x0a08 [ 7A2705148A4BB3CA255F81624338B461, 68AC8F8D2DD8AA4E8F2224A0054DE2AF67EA199217E87CD3C7299B021048F14F ] ErrDev C:\Windows\System32\drivers\errdev.sys
19:20:36.0508 0x0a08 ErrDev - ok
19:20:36.0520 0x0a08 [ 17BE4A35829B37C742084DC02D48E5F0, 7FDA62B56DF585C3F2C6FFB10AC7C0D8F70FA921C4DEA47B2789745CFE2618CE ] EventSystem C:\Windows\system32\es.dll
19:20:36.0536 0x0a08 EventSystem - ok
19:20:36.0544 0x0a08 [ DFE8A33FBCF6F38182631A4D6097B92D, F9D06780830E74FD5309E6DC5C3EEDB9334A8AE284F381FA91EF2729297F8632 ] exfat C:\Windows\system32\drivers\exfat.sys
19:20:36.0556 0x0a08 exfat - ok
19:20:36.0563 0x0a08 [ C330883C06E2D4CE4F6982F048265D37, 26044DE176056B7F5BF2A50A659243CFD7F25CFEE035B3A3C3165B3699872926 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:20:36.0574 0x0a08 fastfat - ok
19:20:36.0585 0x0a08 [ 952F10D2116B91BA433842D07879AE7A, 9E1EC0C719877EF198AA4DDBE896E9DDEAD360AAC1FC6DF305E7C5C73C7A761D ] Fax C:\Windows\system32\fxssvc.exe
19:20:36.0605 0x0a08 Fax - ok
19:20:36.0609 0x0a08 [ 9D299AE86D671488926126A84DF77BFD, C076EEDD0524B7D88BC56C97089E0A836CC1AD725E1A544CC4F8DDBB6670C366 ] fdc C:\Windows\System32\drivers\fdc.sys
19:20:36.0617 0x0a08 fdc - ok
19:20:36.0621 0x0a08 [ 47D09B8C312658ACE433E46DDF51C3A5, E76948DA0F51C7DC6D69B7E36D63CE6E98FDE619FA30E91637F75B5084107D22 ] fdPHost C:\Windows\system32\fdPHost.dll
19:20:36.0632 0x0a08 fdPHost - ok
19:20:36.0640 0x0a08 [ 177AC945B20C81400A1525ED7B49A425, FD215A2E718EA38A95D985F53AB3DD44B50C2549AA67F44BA98C4709E492051F ] FDResPub C:\Windows\system32\fdrespub.dll
19:20:36.0651 0x0a08 FDResPub - ok
19:20:36.0656 0x0a08 [ 3E78BEC276DA5A062E4D55F3291B3463, 62983457F506C70D1F89F527AB61C1C0F4D1B002631256A2708F9AF092A8C95E ] fhsvc C:\Windows\system32\fhsvc.dll
19:20:36.0668 0x0a08 fhsvc - ok
19:20:36.0672 0x0a08 [ 8F2523C9D8F1448FF2156452AF60FA00, 1D39CA54F5F1E62385D9EC041F9445BDDCB63740859B9418AE904FDF3D8388ED ] FileCrypt C:\Windows\system32\drivers\filecrypt.sys
19:20:36.0681 0x0a08 FileCrypt - ok
19:20:36.0685 0x0a08 [ 92ECCFA58C8195B8EA33ED942469D4E6, 8DB12E8CF80ECA22182F9A1F4CA922336A430297F1F596F204ECF4D9D19F30D9 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:20:36.0693 0x0a08 FileInfo - ok
19:20:36.0697 0x0a08 [ 87C51FDD50C17882BA93E28BBABB9847, 8987D80FB77D1D3F9E89B491B1287B027DA26FFC4E4BA7B01E07D4D4FC69E236 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:20:36.0707 0x0a08 Filetrace - ok
19:20:36.0710 0x0a08 [ E99261DD76D1C9E05AF575939CAE5AC5, A789724FD2E22AFB2F921836F5C19A21D17F4BBD604771E2908C2651BD31989C ] flpydisk C:\Windows\System32\drivers\flpydisk.sys
19:20:36.0718 0x0a08 flpydisk - ok
19:20:36.0725 0x0a08 [ 25D7A58625E1453E40D36825DE74E4F1, 74119803D35E3C3CC349B44C6CD9EDF6B797F88584B847F0BF9EED542719B86B ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:20:36.0739 0x0a08 FltMgr - ok
19:20:36.0761 0x0a08 [ 4387DE200BF8DD0E2EE828E655434B9A, 9148D65E54663EEC139E754091F47ABF439A637BEA83F600D30736522DAA845D ] FontCache C:\Windows\system32\FntCache.dll
19:20:36.0801 0x0a08 FontCache - ok
19:20:36.0806 0x0a08 [ B4175E8BE60B099686FF55CA7D692316, 3158FC5B4D1A2F1FC1346754392AE24AE58999B9061B1CE78A65E785BFFADD52 ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:20:36.0814 0x0a08 FsDepends - ok
19:20:36.0817 0x0a08 [ CC71372CEB811A72F1DC99089C5CBF53, BB9DDE74D60E534A6F8A51B63DDBB441245F06A00A0AFD37DBBE86255690946D ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:20:36.0824 0x0a08 Fs_Rec - ok
19:20:36.0835 0x0a08 [ 50DFE05C698E9B0A63D95E3D669A105C, 3A7D5AE4A01B90C2ECF22AD2783A84C2329EAB9BACFA5237A7DCC3DC5995A864 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:20:36.0851 0x0a08 fvevol - ok
19:20:36.0856 0x0a08 [ B9981A4CB9F728B3312A3885BFAA7204, 12FB2EB2E5D2A912769823DD9C1B33DB358CD0B7FBFC788529EF83DD584334F8 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:20:36.0863 0x0a08 gagp30kx - ok
19:20:36.0866 0x0a08 [ 77555B11B264991DDC26872FFCF1AB97, D5F230EEF74EB869F771F8A4AB19C1E6C845BB0EF4A1234882EBDA4FDC431E44 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys
19:20:36.0874 0x0a08 gencounter - ok
19:20:36.0876 0x0a08 [ F3AC9652D88BF87BA6596CBEA28CE10F, 115F3C0A5B9903B17ADEA80E1825FE927B7361F5BDDF80CE3685EF2D327EDF4F ] genericusbfn C:\Windows\System32\drivers\genericusbfn.sys
19:20:36.0884 0x0a08 genericusbfn - ok
19:20:36.0888 0x0a08 [ F802FBABF0C4DF1BAA733187B2E476F5, E2533284CEBBB872196B013DD1FBBCA794DB1CAAA37D64849BD9264ECDD2CEE6 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys
19:20:36.0898 0x0a08 GPIOClx0101 - ok
19:20:36.0917 0x0a08 [ B55458A83395A2CFD4E745E9EC4AB5F2, EAB06B089D8A7DBC9AE2A1C919B489911690D341013A5F8F906819C68431CA85 ] gpsvc C:\Windows\System32\gpsvc.dll
19:20:36.0954 0x0a08 gpsvc - ok
19:20:36.0957 0x0a08 [ D011B0ADB15F4815310CE1BF4780B33E, 3860630917F83A89FE7A6407CC544505FA4BD754619CF273DD630ABFBAAE42EE ] GpuEnergyDrv C:\Windows\system32\drivers\gpuenergydrv.sys
19:20:36.0968 0x0a08 GpuEnergyDrv - ok
19:20:36.0976 0x0a08 [ 0F93EBE9071A6BB1548BF0F816EEA24B, 79A99544C00F59996980D299BFACA0463D86158BFA51C8045CE4FF4951779A44 ] HdAudAddService C:\Windows\system32\DRIVERS\HdAudio.sys
19:20:36.0992 0x0a08 HdAudAddService - ok
19:20:36.0996 0x0a08 [ 84BC034B6BB763733C1949B7B9BAF976, 18C2C0F15BAFA46197F0BB629C4F585D893C2A78324CA198F88A04527D524F23 ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys
19:20:37.0007 0x0a08 HDAudBus - ok
19:20:37.0009 0x0a08 [ 6B8CB114B8E64C0636EB49F7B914D1FC, 1AD7A43CC5CD99DCEF60C61242B6843D4AD925CE93BA5D75CD8395C7125EF5A7 ] HidBatt C:\Windows\System32\drivers\HidBatt.sys
19:20:37.0017 0x0a08 HidBatt - ok
19:20:37.0021 0x0a08 [ D1AD197CCDAAC0CB4819DA1D6EB17BAE, C370F974D0A1F7B60F47EAFF57B6CCABE82913187F8BFEE169B8237AE91247B1 ] HidBth C:\Windows\System32\drivers\hidbth.sys
19:20:37.0034 0x0a08 HidBth - ok
19:20:37.0039 0x0a08 [ 64909DECCFCC6FB5D9A5BAFDCCB31FEE, E19C91FD8D5102A8C4F6C6FF70CA058BB272FEC1B6E9CBA3A473C49948E6AC7E ] hidi2c C:\Windows\System32\drivers\hidi2c.sys
19:20:37.0046 0x0a08 hidi2c - ok
19:20:37.0049 0x0a08 [ F510F7B7BF61DEAAC04E65C3B65E8D59, 11566086B06FB08B6A179E3068E022DA381C762DC8962D1E1D63DC646DD4D301 ] hidinterrupt C:\Windows\System32\drivers\hidinterrupt.sys
19:20:37.0057 0x0a08 hidinterrupt - ok
19:20:37.0060 0x0a08 [ 90F3ED42D423C942BA5EA54E2FFE7AC7, BF7DE0C8141CD20A6235657BA897A019ABEFF6A01AA3FB202C73C33433CDEAF8 ] HidIr C:\Windows\System32\drivers\hidir.sys
19:20:37.0069 0x0a08 HidIr - ok
19:20:37.0074 0x0a08 [ 46DE2EF6382DD9613CB506760648F262, 419555220794380134A64E1956B83B2FD1D1B6E403C5FC729A9107E14A12E968 ] hidserv C:\Windows\system32\hidserv.dll
19:20:37.0082 0x0a08 hidserv - ok
19:20:37.0085 0x0a08 [ 128DEDDD61915DBA4D451D91D21F0513, 961A0DDA02B0879989300C15E4FF9022882A4CD895D65335C263AC0DD1918314 ] HidUsb C:\Windows\System32\drivers\hidusb.sys
19:20:37.0094 0x0a08 HidUsb - ok
19:20:37.0100 0x0a08 [ 7CEC266216126BC9A0E1072E1A7E5702, 6B2C0768C8F2590E65B9520D266C07D1A9D89B9E185CC359B0453F399836759F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:20:37.0114 0x0a08 HomeGroupListener - ok
19:20:37.0130 0x0a08 [ E2145534FB853921788F52701BED0CAB, DF71F842772FAC21DD8994C97F578A78AC43D06C5F26F752FB69B47DFE3BB112 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:20:37.0147 0x0a08 HomeGroupProvider - ok
19:20:37.0150 0x0a08 [ FF442DCDCE1F6E9FAA9C8AD0CD1D199B, A239414E97B310C9545995B0E723B5E792B08D71F651450EB006AD4D1765E4F7 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:20:37.0157 0x0a08 HpSAMD - ok
19:20:37.0161 0x0a08 [ D26D7D9D6B2B447BDC35ACE9ADBBE7E1, 7CFCF14CFCBF62AF5182A07642840BC78815360CA5143DBB7614F259021F2A17 ] HPSIService C:\Windows\system32\HPSIsvc.exe
19:20:37.0169 0x0a08 HPSIService - detected UnsignedFile.Multi.Generic ( 1 )
19:20:39.0169 0x182c Object required for P2P: [ 2619DC483579DB9FE804044C1ADFFD1A ] dam
19:20:40.0770 0x0a08 Detect skipped due to KSN trusted
19:20:40.0771 0x0a08 HPSIService - ok
19:20:40.0787 0x0a08 [ 63C3F74DC398A1C1A77E39DFB9C312CA, 283A13899838B4313BFBC406E832042696C549640A1AB11E23C0B9E499289836 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:20:40.0811 0x0a08 HTTP - ok
19:20:40.0814 0x0a08 [ CBA5E88A0F0475B7F49653BB72150BEF, 0F03560D9C30E069D117A555AEE729C81E6BCAE443FA25172D0E9E6903695C67 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:20:40.0820 0x0a08 hwpolicy - ok
19:20:40.0823 0x0a08 [ D668FAB4B0397B426EE3D41683B9A1C0, 66F3E3B2ABC3C9B25A0DADBF09818547ED301230374AC5302B4794629A95DDF8 ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys
19:20:40.0830 0x0a08 hyperkbd - ok
19:20:40.0834 0x0a08 [ 53FDD9E69189E546DE4740F8C4D8AB2F, 45ED5B229ED5FD0CEE8BF52EFF88FD8B1889BF348ED7187926F290B3AD48A76D ] i8042prt C:\Windows\System32\drivers\i8042prt.sys
19:20:40.0843 0x0a08 i8042prt - ok
19:20:40.0846 0x0a08 [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c C:\Windows\System32\drivers\iai2c.sys
19:20:40.0855 0x0a08 iai2c - ok
19:20:40.0860 0x0a08 [ 59A20F5AD9F4AE54098154359519408E, E27B7389C9D123CDDA4EC9CBDB06C4AA5000012391F940EE1492419B593608FE ] iaLPSS2i_I2C C:\Windows\System32\drivers\iaLPSS2i_I2C.sys
19:20:40.0870 0x0a08 iaLPSS2i_I2C - ok
19:20:40.0873 0x0a08 [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
19:20:40.0878 0x0a08 iaLPSSi_GPIO - ok
19:20:40.0882 0x0a08 [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C C:\Windows\System32\drivers\iaLPSSi_I2C.sys
19:20:40.0891 0x0a08 iaLPSSi_I2C - ok
19:20:40.0902 0x0a08 [ 6B0029A0253098CCE28EACCFDB9E7208, E33AD69644E1683A971DA1169B704FBCFD9F715E9550816058E420BB5DE4D946 ] iaStorAV C:\Windows\system32\drivers\iaStorAV.sys
19:20:40.0918 0x0a08 iaStorAV - ok
19:20:40.0927 0x0a08 [ 9652E1E35A92D8C75710C17A63B15796, 72F8C4A49B874226DEE9B7C9704F0E0A98DAA2DF4EAE2F2258E8324ACBD242E4 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:20:40.0938 0x0a08 iaStorV - ok
19:20:40.0947 0x0a08 [ FFADF691F7BF727AF5C863454A372723, FCF5A5595E8C9C937BE9F1C3AB5D9BD0EFE82DE1298D12085E0CCD84A186D2F2 ] ibbus C:\Windows\System32\drivers\ibbus.sys
19:20:40.0959 0x0a08 ibbus - ok
19:20:40.0964 0x0a08 [ 80BF2990E01E774D64F6E13F30661942, ADFEA2280D29F2C7B0A556C61709301D6327C288064FF5A4D29358403DF41DCE ] icssvc C:\Windows\System32\tetheringservice.dll
19:20:40.0976 0x0a08 icssvc - ok
19:20:40.0979 0x0a08 IEEtwCollectorService - ok
19:20:41.0078 0x0a08 [ 34E103A5EFF7EADA5ADE6D61294FAA7F, 29AFF3C2C03D75B55D124EBA35534C1D7E2115748C23EAC79CF0FA6CBC994C1F ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
19:20:41.0184 0x0a08 igfx - ok
19:20:41.0198 0x0a08 [ 078DE1A9D9DB0BB617D4DCF1EF925928, 6E197785DE6F83FAB5E049F24CCC3838BB9B9EB20240BD48A2768103172B6242 ] igfxCUIService2.0.0.0 C:\Windows\system32\igfxCUIService.exe
19:20:41.0208 0x0a08 igfxCUIService2.0.0.0 - ok
19:20:41.0223 0x0a08 [ 95A03F67830FDCB950E70261128D540D, D052CB703500E2871CF51E015E444F2A99FA9A7579AC422104F0E411F6107BD0 ] IKEEXT C:\Windows\System32\ikeext.dll
19:20:41.0250 0x0a08 IKEEXT - ok
19:20:41.0261 0x0a08 [ 47577F77C8DD9CF4265B944CAFE1F172, A3F48F01ECFDF8E609D26754E517C06AD6382DA231F42BF64B6746D50F02FC6A ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
19:20:41.0271 0x0a08 IntcDAud - ok
19:20:41.0274 0x0a08 [ ECDB27420D3A98424666904525A8562A, BDA98C3C95F2AD79945EF8213D5C65064052C09C82DD36F0D6724E1D21DCC30A ] intelide C:\Windows\system32\drivers\intelide.sys
19:20:41.0281 0x0a08 intelide - ok
19:20:41.0285 0x0a08 [ 8FF1978643EFD219C5BA49690191D701, 6FD78A8490107C80090D7125644B8C910855374BE1373D1D6B199307C79680BA ] intelpep C:\Windows\system32\drivers\intelpep.sys
19:20:41.0292 0x0a08 intelpep - ok
19:20:41.0296 0x0a08 [ B61B60F36E1C8022FA8166ABF0F66B07, 23161F1DA51D44D936329E62DF4C2DAEE3DDD4B3D62CC501A888C0E149788968 ] intelppm C:\Windows\System32\drivers\intelppm.sys
19:20:41.0305 0x0a08 intelppm - ok
19:20:41.0308 0x0a08 [ CA0D42029AFFC4514D295E1EF823D02D, F2A05CB2B2E8C843FD02DC37E86F23CF928A4B2F9044424A60DE4E82B87DF5C3 ] IoQos C:\Windows\system32\drivers\ioqos.sys
19:20:41.0315 0x0a08 IoQos - ok
19:20:41.0318 0x0a08 [ 6E3F9D95235DFC9417384080A216F310, 6F13D72661038A91CFABB360621F4B169D78955C3EAD64956A7C825ABAEC5121 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:20:41.0329 0x0a08 IpFilterDriver - ok
19:20:41.0343 0x0a08 [ 6E75B731A8A7EFED0821327B08DAB46D, A77B746447824BD3C68B82D7329B82D62098B2409F8AEE4738FA23CB1561E629 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:20:41.0372 0x0a08 iphlpsvc - ok
19:20:41.0377 0x0a08 [ 4F527ECB5EAB47D8EAF34A469666C469, 8FFBEEF42515B6A7758BE579ED69E3911856CBF7710D9785011332C5E3DFE495 ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys
19:20:41.0385 0x0a08 IPMIDRV - ok
19:20:41.0389 0x0a08 [ 9E5E8F2A1996F23B7E9687846AA81B01, 29E59384A4F92B3B4F2974942C91A12380113C13D3800900B5F44E2355D05455 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:20:41.0399 0x0a08 IPNAT - ok
19:20:41.0410 0x0a08 [ F96B9EDC032E61EB87652896E92ED526, F9E3CD2FA2D963C56034A4F606869467FDC6647B916CF457249270E6C337A8A5 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:20:41.0422 0x0a08 iPod Service - ok
19:20:41.0427 0x0a08 [ C317EB660138BC9CBFE37CCDE56351AE, F3AF6C573419D7F65C96A4841D4F056CA281CD5AFACDC7A5F586A390DC6E615B ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:20:41.0435 0x0a08 IRENUM - ok
19:20:41.0438 0x0a08 [ 531994A6D9399D9B74BE12B5BB58A81E, 6D5CF540C777F4828E1D4C5FE58EE41E6C2F5F399C554DC85F19D1E52229B094 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:20:41.0445 0x0a08 isapnp - ok
19:20:41.0451 0x0a08 [ 68D5354A4A9692EEC24664C60F47D4A2, 92124E98B6E286B6127DC6D0BFACC9C6D293D58EAE2B47B45532714CE6A6D0CD ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys
19:20:41.0461 0x0a08 iScsiPrt - ok
19:20:41.0464 0x0a08 [ 701D7DB13B0815E7076EF4CB4CE981F8, 02585661656C0069AC318B82DE83DAC660451A0B970FDBCA0F7A8B4CBF7D93A9 ] kbdclass C:\Windows\System32\drivers\kbdclass.sys
19:20:41.0475 0x0a08 kbdclass - ok
19:20:41.0478 0x0a08 [ 884EBBDDBF5968003B40185BD96FF0E6, E3934D0FF0BEDDF5526AF529F7D15BA8BE479383894975B1AF1A1818C394A6E3 ] kbdhid C:\Windows\System32\drivers\kbdhid.sys
19:20:41.0485 0x0a08 kbdhid - ok
19:20:41.0488 0x0a08 [ 6B3A0C7902811E6372643447E41F7048, 30667B56A306CFD5D15BC46F8E7D9E167612E71B6C8F554406E706A6330F5B94 ] kdnic C:\Windows\System32\drivers\kdnic.sys
19:20:41.0495 0x0a08 kdnic - ok
19:20:41.0498 0x0a08 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] KeyIso C:\Windows\system32\lsass.exe
19:20:41.0506 0x0a08 KeyIso - ok
19:20:41.0516 0x0a08 [ BEE1682DA217A4AD46C36896769AA580, 4D853D78E459F7BFE4F4217FCAD47CDACFAC19C2F6CF8261FBAA46BDB387FFDC ] kl1 C:\Windows\system32\DRIVERS\kl1.sys
19:20:41.0527 0x0a08 kl1 - ok
19:20:41.0531 0x0a08 [ 86F40D79CE80ACBE6BEBAC8CE89D75A0, 8B800425160D1AF3C32EF7B5CA794658EE09CD3EE782473D8D38E1C7706076B3 ] klbackupdisk C:\Windows\system32\DRIVERS\klbackupdisk.sys
19:20:41.0536 0x0a08 klbackupdisk - ok
19:20:41.0540 0x0a08 [ 2B4BC41223326FF440E2DB32B9239138, E95D5BB3388D6B219A4C175D5DA77CEB620A27A13F5AA4E7E2C05694B6E26947 ] klbackupflt C:\Windows\system32\DRIVERS\klbackupflt.sys
19:20:41.0546 0x0a08 klbackupflt - ok
19:20:41.0549 0x0a08 [ 80D7529E1CF09261FADF55E69EFDA90B, 2FE5EC38866E12D78AE3F4AD8CF647BDED616E8A36D9D737F9B6564DDA4685E7 ] kldisk C:\Windows\system32\DRIVERS\kldisk.sys
19:20:41.0554 0x0a08 kldisk - ok
19:20:41.0558 0x0a08 [ E2097C8F18F1E8E3B7D09F12B51843A3, 0506A99BD0962AAE64692BD7F080DB080F8B678DC59685CF22830A47B486430C ] klelam C:\Windows\system32\DRIVERS\klelam.sys
19:20:41.0566 0x0a08 klelam - ok
19:20:41.0571 0x0a08 [ BACE50477C184A3AA0755702C23B8B27, 5708A1B7C22702AD2E5DD4491A911A51D2FB768E46857639C0C5D8736E487D0F ] klflt C:\Windows\system32\DRIVERS\klflt.sys
19:20:41.0578 0x0a08 klflt - ok
19:20:41.0585 0x0a08 [ 0698A6918DAF5B1710F5A5170C34FC03, 15CBA4089950812A5815D7517B6C25959A793A55A66F8AA6746618D42A849351 ] klhk C:\Windows\system32\DRIVERS\klhk.sys
19:20:41.0595 0x0a08 klhk - ok
19:20:41.0609 0x0a08 [ 3DC953B77F13031C7763464FC0AD1E71, B0142B8A9FB5889D7F76E16EA26F1EA9BC7F1770226CD139B3C932671EBD802B ] KLIF C:\Windows\system32\DRIVERS\klif.sys
19:20:41.0625 0x0a08 KLIF - ok
19:20:41.0629 0x0a08 [ E62321376344231F5F488758ACC6D553, 1155C1FDD5C95B05EABBD4268A7D3FFF050D0C0921B61226179C312605AB46C3 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
19:20:41.0634 0x0a08 KLIM6 - ok
19:20:41.0637 0x0a08 [ DAE5768E6FD34A36E3B9D1AF1FCA682B, 24DA0B71E3B4AC0FABEE0BF687DF8D35283DBF808CA3AB6F86E72B37471F6B33 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
19:20:41.0641 0x0a08 klkbdflt - ok
19:20:41.0644 0x0a08 klkbdflt2 - ok
19:20:41.0647 0x0a08 [ FD47C92A63B6EADEA830BFA96C06EAEE, C15C39B6FA53CBD01A2F95243845C4B706B4229F8FFB75C7128819B9CEE5B2CB ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
19:20:41.0652 0x0a08 klmouflt - ok
19:20:41.0657 0x0a08 [ F610F5F17BC87D61EF8954CCD793BAE4, A77FE26B4A474FE799C3D569BDD7858319C57FC14C1BB43ECFAB1FDB19AF5DC6 ] klpd C:\Windows\system32\DRIVERS\klpd.sys
19:20:41.0661 0x0a08 klpd - ok
19:20:41.0665 0x0a08 [ 26D3895A519220E94D241A8858D40CD9, CBDE2B937D2897FC2F356F73D983023F7CBE3C9E8A2873877E5CAF40F3D9A680 ] klwfp C:\Windows\system32\DRIVERS\klwfp.sys
19:20:41.0670 0x0a08 klwfp - ok
19:20:41.0675 0x0a08 [ 91234D71CEED29F2DBA16942CABDCA4F, 5D71BAC86C33BC77EEBF1ECB8F372DFE631991E4C5F36EAF0C8C957150BD6D52 ] Klwtp C:\Windows\system32\DRIVERS\klwtp.sys
19:20:41.0680 0x0a08 Klwtp - ok
19:20:41.0685 0x0a08 [ 1686DE8288052316EFDD49EEA8929065, AD43D6ACCD8693BD76F218E1A4EE088BA061C1309A3E7DAA7EC94D875985D895 ] kneps C:\Windows\system32\DRIVERS\kneps.sys
19:20:41.0692 0x0a08 kneps - ok
19:20:41.0701 0x0a08 [ 982C795DE20CED7AEDD2E7899B5D9BC1, 9F4E7536DB253CD83AA2AB89E9F3311714CD70F13AFD16F9B4D4CD86A70FC164 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:20:41.0709 0x0a08 KSecDD - ok
19:20:41.0718 0x0a08 [ 7D8B9214692C4D0F1646215D9984E19A, DC73503A8CA67F4E167DEA69AADDEA5F2D756E1C1F4FF42B6ECEA7E637BB80AB ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:20:41.0726 0x0a08 KSecPkg - ok
19:20:41.0729 0x0a08 [ E9BB0023D730701BB5D9839B44F5E6B5, 19D4BAC09424D331922472CFD2D0E32BEFA9188A6AF194C8D1F93FD77CE36691 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:20:41.0736 0x0a08 ksthunk - ok
19:20:41.0743 0x0a08 [ 71DE1AD9B23661EEC4F2A6EAA5A7D33D, 3219AEF3D6AE5933AE669FD2ED9ED95A8780612E39F31DB3DB9ED6B6244C5F7B ] KtmRm C:\Windows\system32\msdtckrm.dll
19:20:41.0758 0x0a08 KtmRm - ok
19:20:41.0764 0x0a08 [ 8BBB2B4429AF340481520C20C17FC5B6, 9E32815349195FC4B1BE213600FD407F2EAEEC8368289EB3E6B769125A739C08 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:20:41.0777 0x0a08 LanmanServer - ok
19:20:41.0783 0x0a08 [ 1F5D48B1DA1B812BD2411CA44D75DD32, D1BDB8142CB13E8C6DD6F42E07C9D19BBBF6410D5122A04C01B34B95B442DD95 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:20:41.0796 0x0a08 LanmanWorkstation - ok
19:20:41.0800 0x0a08 [ 02C54C5C7EBE371EC0C59795ED22213F, 712AFE0EDF40436124F3FD55ED9B5A3A33A8761A58F4D482BB65229741B1C270 ] lfsvc C:\Windows\System32\lfsvc.dll
19:20:41.0807 0x0a08 lfsvc - ok
19:20:41.0810 0x0a08 [ 01BF128CC327A2E53898F732AF52B3DB, D62ACDA69D9942F9CEF400874DBB6EAF9811D9657CBFEF89174F88D76BB8D8EA ] LicenseManager C:\Windows\system32\LicenseManagerSvc.dll
19:20:41.0818 0x0a08 LicenseManager - ok
19:20:41.0821 0x0a08 [ EC34EED89C34B27C292166B725AC7A7B, 58F1BA0CB7743314AC012A82F8CE4072CBDD05D9570C52BC18DC551882F5B1BA ] lltdio C:\Windows\system32\drivers\lltdio.sys
19:20:41.0831 0x0a08 lltdio - ok
19:20:41.0837 0x0a08 [ 2C23283A0815B048C06D8C0ED76AAD95, 4335546939C1A98CFE9A4403CC82D79CC713439E4DFD1F4760FDD867305151E0 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:20:41.0855 0x0a08 lltdsvc - ok
19:20:41.0858 0x0a08 [ CB6365E995F4DB856866500EDD8F61C1, 717ED387F245CAC68217B0F393D7B8AB3805721AB2C4D2D43430FE6E740F0856 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:20:41.0866 0x0a08 lmhosts - ok
19:20:41.0871 0x0a08 [ 961F28D879D345BFA50AF51285C90F2E, F9931A436651F695B746BC0C07E833D9C9F64126746DF976E691E6CAE26DAC9B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:20:41.0878 0x0a08 LSI_SAS - ok
19:20:41.0881 0x0a08 [ 6BFB8D1B3407518BE06B6F81F92FA0F5, DE0818DCC0D8D1D30A29AB167C65461A78100ABE2368637CEB9D0ED2B4E88D8E ] LSI_SAS2i C:\Windows\system32\drivers\lsi_sas2i.sys
19:20:41.0888 0x0a08 LSI_SAS2i - ok
19:20:41.0892 0x0a08 [ BE0E47988D78F731DEC2C0CB03E765CB, CA0015E87A3962611DBF714253FA618A6568346BAE640884432C1D44DE4C8684 ] LSI_SAS3i C:\Windows\system32\drivers\lsi_sas3i.sys
19:20:41.0899 0x0a08 LSI_SAS3i - ok
19:20:41.0903 0x0a08 [ F99BF02BE9219986817BF094981EEB18, 4303C772366065885C5D937B2E9AC0BF80C84BFB2737716055AD57BF6AADD673 ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys
19:20:41.0913 0x0a08 LSI_SSS - ok
19:20:41.0924 0x0a08 [ FFAA37FBBDD161E8C200C83B40F7872E, 0637B3119FC220CB8E23EE6694A9F1F25CF8D61008B14F6E30FDC17DCF9E077E ] LSM C:\Windows\System32\lsm.dll
19:20:41.0946 0x0a08 LSM - ok
19:20:41.0952 0x0a08 [ 2FCF837196082864F66CFD9CAB256275, 8BE01C3BCBC1E6E5D1FD7F49E936482E61ACB805F397AB81B8D39C2F0F1083BD ] luafv C:\Windows\system32\drivers\luafv.sys
19:20:41.0963 0x0a08 luafv - ok
19:20:41.0967 0x0a08 [ 56B24B359838BE86B013C2CFD38BDFC4, 38EA2D320F0CD80E3654AA1A5CA1CCAB1CA5519A562EEE41DC2E5EDF47CEF3F4 ] MapsBroker C:\Windows\System32\moshost.dll
19:20:41.0979 0x0a08 MapsBroker - ok
19:20:41.0981 0x0a08 [ 2ED29B635F35E31A1C0D3DDB7DD2AD03, F70CC20B98C2DBCD13B0D509D92B3BC3828D1B88F3ACD60C860E163064844181 ] megasas C:\Windows\system32\drivers\megasas.sys
19:20:41.0989 0x0a08 megasas - ok
19:20:42.0000 0x0a08 [ 22E3CB85870879CBAE13C5095A8B12E3, 5FA5A8EFBA117089CFDBE09743A16BC3A7CC2042C96ABA1F57901747493106BF ] megasr C:\Windows\system32\drivers\megasr.sys
19:20:42.0015 0x0a08 megasr - ok
19:20:42.0021 0x0a08 [ 6D1671CB2E5402F01D2F13ECF764CAA1, 4778630F602FE8F9B9112DC5BB7A179632000D10D80C28E93711404108FCC6E0 ] MEIx64 C:\Windows\System32\drivers\TeeDriverW8x64.sys
19:20:42.0029 0x0a08 MEIx64 - ok
19:20:42.0032 0x0a08 [ F2C23E25636BCA3543E6AD7858E861B7, 0CAB0A037471B4858CE9477E49BF50A5E3E6685E05F8A4BD2D9238551D5073A6 ] MessagingService C:\Windows\System32\MessagingService.dll
19:20:42.0041 0x0a08 MessagingService - ok
19:20:42.0054 0x0a08 [ D41920FBFFF2BBCBBC69A5B383AD022E, E66218A8303422EA10C19BA12343740B9A1A70B11B39E185E805B4F74CD2B75E ] mlx4_bus C:\Windows\System32\drivers\mlx4_bus.sys
19:20:42.0071 0x0a08 mlx4_bus - ok
19:20:42.0075 0x0a08 [ 64BD0C87064EA20C2D3DC4199F9C239C, ED69706277A58ED2C5F2B1B4E9A4A9C7C20173D46EB57FB31D8B63340BA23193 ] MMCSS C:\Windows\system32\drivers\mmcss.sys
19:20:42.0082 0x0a08 MMCSS - ok
19:20:42.0085 0x0a08 [ 8D4B46FA84A3A3702EDADD37FAC6EDBA, E3B9E12BD324FE637C365FDC5E490C41889047004D4FC8F7D78339484F2F717B ] Modem C:\Windows\system32\drivers\modem.sys
19:20:42.0094 0x0a08 Modem - ok
19:20:42.0096 0x0a08 [ 78FEC1BDB168370F131BFBFEA0A04E9D, E07B1BC429C2CFBD6162F89A6502C67A4BAD904ADC05D3505D87A0B2BCE1061B ] monitor C:\Windows\System32\drivers\monitor.sys
19:20:42.0104 0x0a08 monitor - ok
19:20:42.0107 0x0a08 [ D1CC0833CFBC4222A95CAA5D0C8C78FF, 54F04374C6D3EFF5C1B794C069870458F10757E5773AEE911957089EAF51EC8D ] mouclass C:\Windows\System32\drivers\mouclass.sys
19:20:42.0117 0x0a08 mouclass - ok
19:20:42.0120 0x0a08 [ C2E05EC6B80BCF5AE362DA873E1BCE64, 4ABE5CA2005A54E92259EDB52205A5C59BDB83026FC0CD7CBB1E3A003C2B535B ] mouhid C:\Windows\System32\drivers\mouhid.sys
19:20:42.0127 0x0a08 mouhid - ok
19:20:42.0131 0x0a08 [ D5B7668A8F6C67C51FA5C6C513396D6C, 35985AD89344A8464BD78B8DA6A772E4E60A2EB93072AC23673A86EFD0B2270A ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:20:42.0138 0x0a08 mountmgr - ok
19:20:42.0142 0x0a08 [ 5FBCB85D127BE21E3A9DAF11A13C00EA, D00AB99CC813E26B0BD2D39161D4138AB89A06B3E3A28712F2D5BCA60905BEC4 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:20:42.0150 0x0a08 mpsdrv - ok
19:20:42.0164 0x0a08 [ 0B28F2ACE5103586D322AD98FAA01309, CE3053DEB6E452C6DCDFD371CF113EB0D740DED6C1C537CB749D1BE5E97FAB09 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:20:42.0189 0x0a08 MpsSvc - ok
19:20:42.0195 0x0a08 [ BF6CA7EA5ECD6CF72D3D76652A9B8280, 8EC031D0D8E75CB583B129CBA518701097697498621307108388FA05FBF604BB ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:20:42.0205 0x0a08 MRxDAV - ok
19:20:42.0213 0x0a08 [ 0B3B0C1D86050355676640488FA897D3, DBED9D6F7AAFB11F4C00C1F69DB7A887A3058E5FA66615A1640242439822B60C ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:20:42.0225 0x0a08 mrxsmb - ok
19:20:42.0233 0x0a08 [ 1A490555FD330CA2764D89191177C867, 1004AE2F80BEA9A6DBA3E6B5D2DDFA44FBA253F7137D60B000B094699DE1CB12 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:20:42.0245 0x0a08 mrxsmb10 - ok
19:20:42.0250 0x0a08 [ 0F47A6C09F0A7FB5513D322A2B9BE4EC, 00A17CB55D232E11F3D24D0B43FE4FA9E55F7EF5E5607B26ED84C13108AAC4FA ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:20:42.0260 0x0a08 mrxsmb20 - ok
19:20:42.0264 0x0a08 [ A4411C522D41707D5BCA817A5BB9E30B, EF7505BE475ECAB2B5E66A7419EDAF42A7E7A65BAD3BBE346A8CEE5DD69782CC ] MsBridge C:\Windows\system32\drivers\bridge.sys
19:20:42.0272 0x0a08 MsBridge - ok
19:20:42.0276 0x0a08 [ 807A6636828E5F43C10A01474B8907EE, F275645F4F0D0A796C33C03EA7FA563A0B890AB3A93E5F99C5EA166F91D249B1 ] MSDTC C:\Windows\System32\msdtc.exe
19:20:42.0286 0x0a08 MSDTC - ok
19:20:42.0290 0x0a08 [ D123343DDB02E372B02BF2C4293F835F, 8E02D9F7E5DA717B64538444B3FE1C55AA4B0F26F51DA20947E971D27EA09D12 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:20:42.0298 0x0a08 Msfs - ok
19:20:42.0301 0x0a08 [ B3358F380BA3F29F56BE0F7734C24D5F, 229D9E72C429AC51BF6E7C8306218620CB1AA50FE39BA6C11ED0F643E7AF90E5 ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys
19:20:42.0307 0x0a08 msgpiowin32 - ok
19:20:42.0311 0x0a08 [ B2044D5D125F249680508EC0B2AAEFAC, 9631FF42DA5A7CEE1F2607AA8972EF0A67616F0EEEBC95F97B1C8F5A577ED5C4 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:20:42.0317 0x0a08 mshidkmdf - ok
19:20:42.0320 0x0a08 [ 36ABE7FC80BED4FE44754AE5CFB51432, FB89DF3A50C52B69D4E831A370157D1901810093A0D7D7120A120FC5C6E14BF5 ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys
19:20:42.0328 0x0a08 mshidumdf - ok
19:20:42.0330 0x0a08 [ 59307FEAFC9E72EEEC56B7FD7D294F4C, 56576635870FC68980977FFA0E7F8E8D69A7981DECF5B52D0B2A82E3BA6685EA ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:20:42.0336 0x0a08 msisadrv - ok
19:20:42.0341 0x0a08 [ 236A38F5CB0A23BF0ACCD70ED0BD7F70, 8106B528458E6C8E4437D9064D58F10FF195E67CD308AEBBD5F860AD2D59DCC4 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:20:42.0353 0x0a08 MSiSCSI - ok
19:20:42.0355 0x0a08 msiserver - ok
19:20:42.0357 0x0a08 [ E9457EDFEBC774199F907395C6D09CA2, C3655CE83F4AD1258382722E9A99C33FDD3AA40B62CFEB8DFDD141E254E6DCE2 ] MSKSSRV C:\Windows\system32\DRIVERS\MSKSSRV.sys
19:20:42.0365 0x0a08 MSKSSRV - ok
19:20:42.0368 0x0a08 [ C85D79735641D27C5821C35ECDDC2334, C1BAFD98122B04665870171C143EC119181351D10777A83680A63BF305703FF3 ] MsLldp C:\Windows\system32\drivers\mslldp.sys
19:20:42.0380 0x0a08 MsLldp - ok
19:20:42.0381 0x0a08 [ EF75184B64356850D0F04D049C253526, 325476F53372BD70201347F044C8EFEC0DB939E1926454B6DCC0CF7864969650 ] MSPCLOCK C:\Windows\system32\DRIVERS\MSPCLOCK.sys
19:20:42.0389 0x0a08 MSPCLOCK - ok
19:20:42.0392 0x0a08 [ 543933D166C618E7588EA77707EC1683, 84A65D277E28FDD7CE2345188891093AC88B577E4C528AD39AB629E341199688 ] MSPQM C:\Windows\system32\DRIVERS\MSPQM.sys
19:20:42.0399 0x0a08 MSPQM - ok
19:20:42.0406 0x0a08 [ 182711E9DDF70121A20EBB61B2DFB9E8, 70606503F6280EA3175B9AEC8370A8F461575755DA86EF6E9C9D04EAD61481FA ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:20:42.0417 0x0a08 MsRPC - ok
19:20:42.0422 0x0a08 [ E887FFDD6734C496407E9219225CB6FF, 0EC9A79224BCE5D0A782E62CC38E3494E8FB65DFC07C66D25C5A1A351121C27D ] mssmbios C:\Windows\System32\drivers\mssmbios.sys
19:20:42.0431 0x0a08 mssmbios - ok
19:20:42.0434 0x0a08 [ 83A2AB75951000D681FABDB80C07AEFC, 3B2F582F097E3F934C4587B27CB05525350F36924B74CA6BCD364878FA8EC273 ] MSTEE C:\Windows\system32\DRIVERS\MSTEE.sys
19:20:42.0441 0x0a08 MSTEE - ok
19:20:42.0444 0x0a08 [ 4FA0483896FC16583851EFB733FCB083, BB59243ABE32FBE92EC1B04D24239BE2DF7C2354A407C2EFF97623F07DCBDA35 ] MTConfig C:\Windows\System32\drivers\MTConfig.sys
19:20:42.0452 0x0a08 MTConfig - ok
19:20:42.0456 0x0a08 [ 60F88248608315E13391C2F1C3B4473F, 99E8B74118A01FC281A1C6B323EFD1A8EA1997B81A013442205066F55327D555 ] Mup C:\Windows\system32\Drivers\mup.sys
19:20:42.0466 0x0a08 Mup - ok
19:20:42.0470 0x0a08 [ 218705233D02776AE4D19CC37D985C1B, 3D92925867B6B8FFAF78E4080139DCB3D45E1E6E1D0AFB6A4FE248B002BD8471 ] mvumis C:\Windows\system32\drivers\mvumis.sys
19:20:42.0477 0x0a08 mvumis - ok
19:20:42.0480 0x0a08 [ 705E9675014EB688BEDD967B1ABECF19, 7FA4B0A5120DD415C5D3F3BE56C69455647029332DC2E9B4E9874AF3C34F89AD ] mvusbews C:\Windows\System32\Drivers\mvusbews.sys
19:20:42.0486 0x0a08 mvusbews - ok
19:20:42.0497 0x0a08 [ AA4CD20708B7E0412A5316D7E2875103, 4E60A0865B7656735F3AB34AF5FE48304138F47DE961D4D16661617D711DEBC0 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:20:42.0513 0x0a08 NativeWifiP - ok
19:20:42.0518 0x0a08 [ A340A4B27CC7DEDDF953B7E2C9699747, 4C5AB23BD0C69B17E9BD29CAFEDC100A6EFC78BAB645B007FCAE4318C459D345 ] NcaSvc C:\Windows\System32\ncasvc.dll
19:20:42.0529 0x0a08 NcaSvc - ok
19:20:42.0536 0x0a08 [ 24146738C422814EEB2A98FF1FC5C6E1, 3C70C6768681CE63DED339822EFB36194037B987D92456B9E955061A3A3C63BC ] NcbService C:\Windows\System32\ncbservice.dll
19:20:42.0552 0x0a08 NcbService - ok
19:20:42.0555 0x0a08 [ 476466DC3AB2327E2DBFAEC11798E2EE, 9ACD74720664CF3F239601DF0BE80AC443AF0FBF666CBB8509169364FB22B95D ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll
19:20:42.0570 0x0a08 NcdAutoSetup - ok
19:20:42.0573 0x0a08 [ B57CE307DA101C739885B7CC0678077F, F7F45DB6D306060F0FE0E59F39C3B95F6A9B6173930F22C5C41B2003895D6642 ] ndfltr C:\Windows\System32\drivers\ndfltr.sys
19:20:42.0580 0x0a08 ndfltr - ok
19:20:42.0597 0x0a08 [ E582DA849A58524E645545FB68B6625D, B74E2CF078F6C575EFC4A2E4293D03FE6BA933307D656E0E57FFA17EF324948D ] NDIS C:\Windows\system32\drivers\ndis.sys
19:20:42.0620 0x0a08 NDIS - ok
19:20:42.0624 0x0a08 [ 202260E7CDD731A32AF62ABD1ABEE008, 0E019FAE09B2659CC3267756DB962CCD69172BA67E3288B491F7B455287A5392 ] NdisCap C:\Windows\system32\drivers\ndiscap.sys
19:20:42.0633 0x0a08 NdisCap - ok
19:20:42.0636 0x0a08 [ A1D473D0CF10561F29B58EA7C5412A92, 3DBFC1D769E03E30C87FF4F30A9B523A69A7E0CD4EB87F8A9ECE190FEB84C569 ] NdisImPlatform C:\Windows\system32\drivers\NdisImPlatform.sys
19:20:42.0648 0x0a08 NdisImPlatform - ok
19:20:42.0651 0x0a08 [ 1A0AE283B8DE6BB76412A0F8213D45AC, 91AFFDC7A9277EB59CD54021049BEA715078F90470B8A12F3E9F1386DF068D2D ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:20:42.0661 0x0a08 NdisTapi - ok
19:20:42.0664 0x0a08 [ A74EE2D2C0BFF5EC3A6185791868C4CA, A346320DEBEAE890575B4C6594FB3A3A9890A0E86881ADD8376E442282C88D38 ] Ndisuio C:\Windows\system32\drivers\ndisuio.sys
19:20:42.0673 0x0a08 Ndisuio - ok
19:20:42.0675 0x0a08 [ 32A9BD1342640D48AD85C8B3E812B984, B702B05A0180472139B35B105DD3B6B6F75AEDC9DD1EE342FB576259076455AE ] NdisVirtualBus C:\Windows\System32\drivers\NdisVirtualBus.sys
19:20:42.0685 0x0a08 NdisVirtualBus - ok
19:20:42.0690 0x0a08 [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] NdisWan C:\Windows\System32\drivers\ndiswan.sys
19:20:42.0703 0x0a08 NdisWan - ok
19:20:42.0707 0x0a08 [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] ndiswanlegacy C:\Windows\system32\DRIVERS\ndiswan.sys
19:20:42.0719 0x0a08 ndiswanlegacy - ok
19:20:42.0723 0x0a08 [ 50AEF8EF0064A91ABB08D858D039C9DE, 16F1CBE1EC3778D157CC054261068C8D7F8A72D85853CB70178F8DF81D238C8F ] ndproxy C:\Windows\system32\DRIVERS\NDProxy.sys
19:20:42.0732 0x0a08 ndproxy - ok
19:20:42.0736 0x0a08 [ D358DF634F52247CB43F0781218F4D6E, D375E9E681551467FC5F7AB2AC053C9F22AAC541C0BCBA57090211F45009342C ] Ndu C:\Windows\system32\drivers\Ndu.sys
19:20:42.0746 0x0a08 Ndu - ok
19:20:42.0749 0x0a08 [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl C:\Windows\System32\drivers\netaapl64.sys
19:20:42.0757 0x0a08 Netaapl - ok
19:20:42.0760 0x0a08 [ 026618ECF6C4BEBDCB7885D42EC0DBE4, 8E7E13361DCF8748FA3AD518B3DE0A3DCE932316EE32E5529E75785BC5395AD1 ] NetBIOS C:\Windows\system32\drivers\netbios.sys
19:20:42.0767 0x0a08 NetBIOS - ok
19:20:42.0775 0x0a08 [ F51C02D992A8D6BC5EC4D990F227D4C7, DBBDA422BFA82219403689637BE8D6B0D0A893895143E807FA5A007C166454CB ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:20:42.0788 0x0a08 NetBT - ok
19:20:42.0792 0x0a08 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] Netlogon C:\Windows\system32\lsass.exe
19:20:42.0800 0x0a08 Netlogon - ok
19:20:42.0806 0x0a08 [ 7FD4C3D32DAE890608F44074A3437CD8, 5B7D9E9AEE26896B818F3C5DBE4C96A33D43CE2CF7716B95AAB7203611C03BFE ] Netman C:\Windows\System32\netman.dll
19:20:42.0820 0x0a08 Netman - ok
19:20:42.0830 0x0a08 [ A059F75402710535A90A8D043674A514, E98536DF74A2B75FDBA6B866DC1909544292DFE5E14F984941470FBA6E8D810C ] netprofm C:\Windows\System32\netprofmsvc.dll
19:20:42.0849 0x0a08 netprofm - ok
19:20:42.0855 0x0a08 [ 9C6EE1DE9CF7B77FF550A737816EB6DB, 586D561E1A318778668D148B8367D1F7452E770D1743ED5F8EE6EAB03DB31916 ] NetSetupSvc C:\Windows\System32\NetSetupSvc.dll
19:20:42.0867 0x0a08 NetSetupSvc - ok
19:20:42.0874 0x0a08 [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:20:42.0883 0x0a08 NetTcpPortSharing - ok
19:20:42.0890 0x0a08 [ 0FB83658FBB2C5A18AB98C5C94DB9FAF, 2D15A49F47D8185D7914D26916D1237FCBE2F8351A64877CDDDDE26E766C3D2F ] NgcCtnrSvc C:\Windows\System32\NgcCtnrSvc.dll
19:20:42.0904 0x0a08 NgcCtnrSvc - ok
19:20:42.0916 0x0a08 [ 7AAA9916AA10F4B0E9743798A5BA6549, 2E38EEF3F487A7DD0B719A048FFA0EB36B2487A1068BB322553E9DD2FCE46711 ] NgcSvc C:\Windows\system32\ngcsvc.dll
19:20:42.0941 0x0a08 NgcSvc - ok
19:20:42.0952 0x0a08 [ 1B8F07B59F7DAE02264FB8A16088C467, 1795DA9F72C34A9F47D9AAF5E95D40C3296948EB89D9600679AB4660671A5C65 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:20:42.0971 0x0a08 NlaSvc - ok
19:20:42.0977 0x0a08 [ 465DC580170CD844206D7E3EF1DBF2A1, 5A14001029BE154C708CCA34449B280905DB79978FC7F0BE0CF20B20E47752CF ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:20:42.0986 0x0a08 Npfs - ok
19:20:42.0990 0x0a08 [ 29395C214D2CD4C81F73166AB988A797, 3631EB2EA17E455ECD151C0BC9A3DF6EC87C75B15DC9B607CFB68D7C463E04B7 ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys
19:20:42.0999 0x0a08 npsvctrig - ok
19:20:43.0011 0x0a08 [ AF8B7848E102A83AAECCD24B181CEBE5, B2AAE3567EE3A7975CDFCB3FE41D33C74D4486BFF35FF56E0516A01C744BA52B ] nsi C:\Windows\system32\nsisvc.dll
19:20:43.0022 0x0a08 nsi - ok
19:20:43.0027 0x0a08 [ 2871225495F832A8C8A7DD1A17EDB3DC, 2F6664C7F5FB2341B2AAF3C5A258FA0D7AEEE447562D7F39FD5A4EE905C18C6D ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:20:43.0037 0x0a08 nsiproxy - ok
19:20:43.0071 0x0a08 [ 19BD8A88AAC580592668B070AC0727D9, 60DB84895C40E6412BEB2D0E4D7F05891446B9DE992D70579CC90BA3FB27FC01 ] NTFS C:\Windows\system32\drivers\NTFS.sys
19:20:43.0112 0x0a08 NTFS - ok
19:20:43.0117 0x0a08 [ 6DBD703320484C37CEA9E4E2D266A8CE, 85D6F73C0E3FDE16829C9BC0D13DD89E64183EAE02F84607F6B8440CB7F366E6 ] Null C:\Windows\system32\drivers\Null.sys
19:20:43.0126 0x0a08 Null - ok
19:20:43.0131 0x0a08 [ 1F346E981A76BA8B98540B3481C1D659, 701F49AD67AD23A5B935F8A2A8A64CBEC194368889FE8CF09EEE44192D25E3E3 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
19:20:43.0139 0x0a08 NVHDA - ok
19:20:43.0286 0x0a08 [ E5613925525AEB14E5A479C5AD6C8ADB, 09782EE1D1B566DB2C1A90602D0A6795F226F22C75F41D9A0466584900AB3922 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:20:43.0365 0x182c Object send P2P result: true
19:20:43.0443 0x0a08 nvlddmkm - ok
19:20:43.0461 0x0a08 [ 604D27CC38CC23493F218D0BB834B3FF, EF5E5759CCF16DD97271C82DAF47FB2086EBCA5DE7D05177B70CA1197B95F41E ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:20:43.0469 0x0a08 nvraid - ok
19:20:43.0473 0x0a08 [ 8B50D897657AB4A15FD9E251BBF7D107, 36036130DD46D9BF105AC7176E219F3BE7D1168A660A0F8DFF76F61FBFA4B417 ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:20:43.0483 0x0a08 nvstor - ok
19:20:43.0498 0x0a08 [ 1CD8D5BF5E4058A2E12949D74A7E27FD, EB99D0451F28E20A06B9E184217B8B968C1BA968C24E1DD223C3AC648D968641 ] nvsvc C:\Windows\system32\nvvsvc.exe
19:20:43.0514 0x0a08 nvsvc - ok
19:20:43.0519 0x0a08 [ 31F990B2B6B91E9D7A667405CE12FCB1, 907E095D1E83CDAFF34BE789FC41CDD7BB4DEE23261E1D03C1CF0D4D030534AC ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:20:43.0527 0x0a08 nv_agp - ok
19:20:43.0534 0x0a08 [ 7F3A0D052B8E00E730316210B1DD092F, 14BD026EA759F6C81ED6B4DBB04E0584B7F6456725503FC73CD4347B7743005F ] OneSyncSvc C:\Windows\System32\APHostService.dll
19:20:43.0551 0x0a08 OneSyncSvc - ok
19:20:43.0582 0x0a08 [ 7D006FC340B301A1DEAFB5878C078A12, 245A4647DEB2CD5D0C3FF07B45D50D6EE039733000C7F7FEC0A1B58162594B9D ] Origin Client Service H:\Programme\Origin\OriginClientService.exe
19:20:43.0613 0x0a08 Origin Client Service - ok
19:20:43.0620 0x0a08 [ 877434CB68245171EEC946C203CB2DFD, 9CC8BEC12BA2371BD5B35F968470C93E30E6B2363F7BF46D601747663106F833 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:20:43.0634 0x0a08 ose64 - detected UnsignedFile.Multi.Generic ( 1 )
19:20:46.0105 0x0a08 ose64 ( UnsignedFile.Multi.Generic ) - warning
19:20:48.0641 0x0a08 [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:20:48.0656 0x0a08 p2pimsvc - ok
19:20:48.0664 0x0a08 [ 4A5634915AF62C983E08425905D0C04C, 09BC3F7AD9F79C5FF59520933D06FE155AC21CD0ABAFE66B81C9F87D83A2339F ] p2psvc C:\Windows\system32\p2psvc.dll
19:20:48.0681 0x0a08 p2psvc - ok
19:20:48.0686 0x0a08 [ 7D0FC96264C0F8F2C1321E33E8EB646C, 82A06437B9B096BCCF5CE31BDF3539696E2E41DFA9870C358566EEE2F7D3B447 ] Parport C:\Windows\System32\drivers\parport.sys
19:20:48.0695 0x0a08 Parport - ok
19:20:48.0700 0x0a08 [ 24AC0FD10325FBC2303B29A5F237AEB0, D94B26A36EBE4EFE8EA270FA6600811206830480BE953809F74FAB80628DF879 ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:20:48.0708 0x0a08 partmgr - ok
19:20:48.0721 0x0a08 [ 0ECA2ADD5FBCE73183A68935C71B40B7, 08CC5F2F10D1DD1A1396CC29196314003491D3AF3DE59CADB281F252577F1860 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:20:48.0737 0x0a08 PcaSvc - ok
19:20:48.0746 0x0a08 [ CFFE69B6C276A3418687109EA8AC9E7D, A516B2F4BFB0CD8B38219E3BF783C0BD99CD9EA1BACBE2284987F6DC0976BD36 ] pci C:\Windows\system32\drivers\pci.sys
19:20:48.0759 0x0a08 pci - ok
19:20:48.0762 0x0a08 [ 2B4D98DF0CA57FB9536DBC80D2449D1F, AB34FA8585A20854369C0FAEB18BF5C7734D7E3C791F644B0576E40D609FCD09 ] pciide C:\Windows\system32\drivers\pciide.sys
19:20:48.0770 0x0a08 pciide - ok
19:20:48.0773 0x0a08 [ F4D5793BF2E58AF15C6CF2FEEF9E73EB, 9B5A40AF8838063F8F0A2B1480B39A2711AAE78BD972CDA60CCA0EB2BA211A87 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:20:48.0781 0x0a08 pcmcia - ok
19:20:48.0785 0x0a08 [ 22A53744CEEADFFFD33BA010FAD95229, 30B775EC9795105B8BF785BD63115C160955E7EFF74B995D3EC288138D1825A3 ] pcw C:\Windows\system32\drivers\pcw.sys
19:20:48.0793 0x0a08 pcw - ok
19:20:48.0797 0x0a08 [ 67B9684B8272D5EBD1CCBB1DBD425EC8, 09BE2A2EB3A71E594D08B8D817820965DEEAD283029EBB0B74CCC658A2706233 ] pdc C:\Windows\system32\drivers\pdc.sys
19:20:48.0806 0x0a08 pdc - ok
19:20:48.0819 0x0a08 [ E2F8376F9731D12A009C522036C6073A, 5B8B68D3C013AAA8ED368C97042984C35E8D023542DBA404E7A03E89F2357E66 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:20:48.0845 0x0a08 PEAUTH - ok
19:20:48.0883 0x0a08 [ C7D210982B6C8454E52191D0DCF6DC52, D53D575CD9A0AB7EA94E7D1B9730ABE0A582CA3460AEAC4680D01034D69D3949 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
19:20:48.0936 0x0a08 PeerDistSvc - ok
19:20:48.0943 0x0a08 [ 1398A85E59698067CBBE1D66A9C13ADF, E3609F183068BFAED756B2F9237181D60A6F6D78691248B8BF5B0AEB6A367E3D ] percsas2i C:\Windows\system32\drivers\percsas2i.sys
19:20:48.0949 0x0a08 percsas2i - ok
19:20:48.0954 0x0a08 [ 35F7C7AD709D909D618D9EDF987FC3ED, EE713E33688E74C5A2546CC58EBD8EA8F8116F25E42DCF8DA21DCBC7C7590E0E ] percsas3i C:\Windows\system32\drivers\percsas3i.sys
19:20:48.0961 0x0a08 percsas3i - ok
19:20:48.0974 0x0624 Object required for P2P: [ 9A2A2F3C69B9A30B6E78536F6D258BAD ] iai2c
19:20:48.0984 0x0a08 [ 0DAF7B7D85F7AF38E29161460899C63F, F2609F2BD02C714857F5D5E6EF580643429C54E175AA72D38467F8F3A4E7F59F ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:20:48.0992 0x0a08 PerfHost - ok
19:20:49.0006 0x0a08 [ 57606281E23B0F53347527691E947B2B, 7030182E706CEBE6BD52BDC71CA8F2230AD445AE6554188E76F09A5E2612BD2E ] PhoneSvc C:\Windows\System32\PhoneService.dll
19:20:49.0029 0x0a08 PhoneSvc - ok
19:20:49.0037 0x0a08 [ 04F7878E7017105AB782353231561749, FB2811D98216720D4FDF0AC0EDF16C6CD33D7224B4CAFA752B4D2A839E6DD88A ] PimIndexMaintenanceSvc C:\Windows\System32\PimIndexMaintenance.dll
19:20:49.0049 0x0a08 PimIndexMaintenanceSvc - ok
19:20:49.0071 0x0a08 [ A546F72EFFE5CBBC98003A0CA19DA0F8, 89AE396676A37D851F46427E421E8E8ED5B4BADC33023F1E215CC352A4110F44 ] pla C:\Windows\system32\pla.dll
19:20:49.0110 0x0a08 pla - ok
19:20:49.0115 0x0a08 [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:20:49.0128 0x0a08 PlugPlay - ok
19:20:49.0131 0x0a08 PnkBstrA - ok
19:20:49.0134 0x0a08 PnkBstrB - ok
19:20:49.0138 0x0a08 [ 6BF7093B27EA90FD9222845D19C1BE5F, CF8A6764BB6B369258F21FD303E4CAE08632195620A0BD66B62F62F5D7B762B8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:20:50.0791 0x0a08 srvnet - ok
19:20:50.0797 0x0a08 [ 8C1786C073A496B8C0C8A5450A4FFD5B, 13BF3B42A63CE6C461259D4CE767FB0DE1F10433512A11D2B2C033E36E652542 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:20:50.0811 0x0a08 SSDPSRV - ok
19:20:50.0817 0x0a08 [ 217A982201052EFC8C3C0C88D229791C, 11509E3446ED7B75C9A05CDC4A7AF18926CB463E0D98BAE1CD5DB43E88F94F90 ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:20:50.0831 0x0a08 SstpSvc - ok
19:20:50.0868 0x0a08 [ 58863C57E4598C4F9DA967C5C36CFA5D, BB34FBC324E84E05128258CE3755241ECB63F7F2AE7F96716AC373931FAF92A8 ] StateRepository C:\Windows\system32\windows.staterepository.dll
19:20:50.0930 0x0a08 StateRepository - ok
19:20:50.0941 0x0a08 [ 044C02B6E0359B310C5881261DD9C484, 3ACAB69FC87E262C9C273EE81038F1291A1E019B309C4727E5AE4E26A855BBB2 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:20:50.0950 0x0a08 Stereo Service - ok
19:20:50.0954 0x0a08 [ CCDA497C880AD16D87EDFAEFCFB2EDF5, 622599AA35ACFF0375DA252210BE42E7E90F30EDFEFF2F62FDB14AE6E45B5F88 ] stexstor C:\Windows\system32\drivers\stexstor.sys
19:20:50.0961 0x0a08 stexstor - ok
19:20:50.0972 0x0a08 [ 75476CAA8FA0A4E573948CDE8C7F0304, 68C4405CACA77AEED71761875A9AF60BCFBDD39E356BEA1BA8226E099BAA5FA4 ] stisvc C:\Windows\System32\wiaservc.dll
19:20:50.0996 0x0a08 stisvc - ok
19:20:51.0001 0x0a08 [ BF8EA6FC3358C2F69678E3E94F764F84, D274DAD7B5756DD49CA44277C73497F1EC465C8E365CC730CD194932C3825920 ] storahci C:\Windows\system32\drivers\storahci.sys
19:20:51.0009 0x0a08 storahci - ok
19:20:51.0013 0x0a08 [ 32FF460DA8C1F370F5C08B7654899B73, 0C9D5D38D033109BA672ABAFEF0F0CD295E9FFA108ACFCA9044429D9B2CA9057 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
19:20:51.0019 0x0a08 storflt - ok
19:20:51.0023 0x0a08 [ CC21DB3EF619B9480FE31A4EFE92CBEB, 256EFCA2F231F41D34250E1460BF88894D943EAE83A0B153FCADE700AB4DE11E ] stornvme C:\Windows\system32\drivers\stornvme.sys
19:20:51.0031 0x0a08 stornvme - ok
19:20:51.0036 0x0a08 [ 390B8A75768E2689586539C224520895, D72F52E6D7AC5DC318FF9C1DF1F4E8A435D65B6BB59D7F1642222EC026BC54DB ] storqosflt C:\Windows\system32\drivers\storqosflt.sys
19:20:51.0045 0x0a08 storqosflt - ok
19:20:51.0058 0x0a08 [ FE42F8A07885E518ED1E846C93E4B78C, 264B21A5E07654F159A3E324F3B38A8C11AF619F61B5779A46367DD99EBD00A6 ] StorSvc C:\Windows\system32\storsvc.dll
19:20:51.0079 0x0a08 StorSvc - ok
19:20:51.0082 0x0a08 [ 770A92D9D3A0BF61C97C3AFCB36847D9, 21A8CC3F8E63B971C4FF8DDED5C7032E093A7B0F16E2128A9BD2E890BA76A1D9 ] storufs C:\Windows\system32\drivers\storufs.sys
19:20:51.0088 0x0a08 storufs - ok
19:20:51.0092 0x0a08 [ 736A2418E3E7F3DB3CF6EB0A55D1D581, 2D3BBC4E0C7B51EDE7479A978E4BCD5F47A7257745179F01D2D9ECFD83CCCC82 ] storvsc C:\Windows\system32\drivers\storvsc.sys
19:20:51.0100 0x0a08 storvsc - ok
19:20:51.0104 0x0a08 [ FA8F6E3AD3F92B35D2673CC9FD20429C, 62F81CBACF7E16FEF9DE3BE95FA5C9BDB51BAE4667AE5AE71399864A390FF6D5 ] svsvc C:\Windows\system32\svsvc.dll
19:20:51.0118 0x0a08 svsvc - ok
19:20:51.0121 0x0a08 [ BD98B0225BCD49E8A62F4F8EE1D1F613, CDAD11969B2DA417079547724BECC3DB4FC4711B3C01590EB0D02774B69B6D90 ] swenum C:\Windows\System32\drivers\swenum.sys
19:20:51.0128 0x0a08 swenum - ok
19:20:51.0137 0x0a08 [ 22E539A9B96C66A713583EC017562616, 210DA61DFC7AA9AD23277D9CC0239B781F4EABD322D0803AEC9434D68B81FABD ] swprv C:\Windows\System32\swprv.dll
19:20:51.0160 0x0a08 swprv - ok
19:20:51.0164 0x0a08 [ CAE4B27B469C583131EA5AAE622F5D76, 3979006EB22489D1AAD2EC2E9F32C286EEDCDB83B37B97E58BA831263EC33B84 ] Synth3dVsc C:\Windows\System32\drivers\Synth3dVsc.sys
19:20:51.0174 0x0a08 Synth3dVsc - ok
19:20:51.0192 0x0a08 [ 34A3EB84B2A830E6F450B8F885AE4E6E, E61AC6D17B815CB71F26D71CA3CCAFD9E66A170E3ED2E64A4F20D097A0C683B5 ] SysMain C:\Windows\system32\sysmain.dll
19:20:51.0225 0x0a08 SysMain - ok
19:20:51.0233 0x0a08 [ AF2C8D7C1D4DCFD5C31501F009DF42B7, 3DDF9353F014EE99B031BBC969620CA07647FBB8D78EB4697C8D633021B46B11 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
19:20:51.0250 0x0a08 SystemEventsBroker - ok
19:20:51.0258 0x0a08 [ 6979A147C0D5C5CAB621ADC394D32B80, C30B8E3D271A1591D965559EA4A11A1BE63A34D832ED53B26CE91799C888DF77 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:20:51.0272 0x0a08 TabletInputService - ok
19:20:51.0278 0x0a08 [ 86B62FC8CB89946446F9B24FE49A66FD, 7B095310D1C78B82E5ACAC4713E101DD1323A3CF6FB39218C2E78ABE2B0385B5 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:20:51.0294 0x0a08 TapiSrv - ok
19:20:51.0327 0x0a08 [ 083A727D784009F9CCFB120C7841B7AF, 14242ECC3EB17154AD856A2C5229324BA6914291F4E2CD93E6AE251A31130448 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:20:51.0370 0x0a08 Tcpip - ok
19:20:51.0403 0x0a08 [ 083A727D784009F9CCFB120C7841B7AF, 14242ECC3EB17154AD856A2C5229324BA6914291F4E2CD93E6AE251A31130448 ] Tcpip6 C:\Windows\system32\drivers\tcpip.sys
19:20:51.0448 0x0a08 Tcpip6 - ok
19:20:51.0454 0x0a08 [ 17F37EC9042D84561C550620643D9A85, B01620BA319A1383D403E6E50C7724879520F3267654556D975CAFFF91A82C78 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:20:51.0464 0x0a08 tcpipreg - ok
19:20:51.0470 0x0a08 [ 91D3F2A6253EF83EFBD7903028F58C4D, C15768CCCF734093B0F8A5E76882B35927B716E4F14D91ACEE897E1C078D43D1 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:20:51.0479 0x0a08 tdx - ok
19:20:51.0482 0x0a08 [ E730D0EB1B84EBC98423FC8D285EDBC0, 442DD433F9D22304E64EC7ACFC4E04892D4D92D8AC545A3530FC932A2EEC4767 ] terminpt C:\Windows\System32\drivers\terminpt.sys
19:20:51.0489 0x0a08 terminpt - ok
19:20:51.0505 0x0a08 [ 14307D4801C8CEF0A615907C09E886B3, C7F34C294D70DE689F673E0B5E9253B27EFEBBE6FA38B68B3B0B0374A896407E ] TermService C:\Windows\System32\termsrv.dll
19:20:51.0534 0x0a08 TermService - ok
19:20:51.0539 0x0a08 [ D009D1BC14FD5F2AC93D1878735F6C39, D8BCE505B66E05BC00075E46B38359CA4D0FA484EB7981A74221885E8A1FFB87 ] Themes C:\Windows\system32\themeservice.dll
19:20:51.0555 0x0a08 Themes - ok
19:20:51.0562 0x0a08 [ 5F27DE2082E16D4C1D6C627C8ECBD341, 08DA3EB3EF2B2006B6F9F2C8C149DF55DE6738975D556206A814096CAB5C1411 ] TieringEngineService C:\Windows\system32\TieringEngineService.exe
19:20:51.0580 0x0a08 TieringEngineService - ok
19:20:51.0589 0x0a08 [ 82BC3D304654F8EBEFABDDC2AD70AFE3, 466334A46F6579E7C3F619B15243B270AACE9D04FE06E5228B4759FD619BDDD9 ] tiledatamodelsvc C:\Windows\system32\tileobjserver.dll
19:20:51.0608 0x0a08 tiledatamodelsvc - ok
19:20:51.0613 0x0a08 [ 7E81E3E0D7F83BFE3C3975020B6C7F12, 316F9415646CC7A4E9A5F1E07310D433457E623B3E589543E4A6C73C4F77712C ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll
19:20:51.0625 0x0a08 TimeBroker - ok
19:20:51.0630 0x0a08 [ 169B0A246067457FEF8A18EED7EED9D5, BF5AC0CB29E1E456253B881CD0608B578D7343E9DFE1738A14598D1DFFE1AB66 ] TPM C:\Windows\System32\drivers\tpm.sys
19:20:51.0640 0x0a08 TPM - ok
19:20:51.0644 0x0a08 [ AA84AF93CE5AF1F05838B51D20295419, 85B3EE773C691EEDFA080CD9C59D31CB58A5BC577AEE91A929F5DFBE1368AB6D ] TrkWks C:\Windows\System32\trkwks.dll
19:20:51.0655 0x0a08 TrkWks - ok
19:20:51.0659 0x0a08 [ E50DD57F496CED8873FA3E7D38BCCD42, 36B95F6F2CF48078C6B19FB452C87BB07E95C8804A5C6B526D349AC6227CAB26 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:20:51.0668 0x0a08 TrustedInstaller - ok
19:20:51.0672 0x0a08 [ 48E828C66AB016E48F2CB4DD585315FD, 063809B610F6B177B65D62D12605FB94F108DB26A9FD3067E6D6C51F0D92E774 ] tsusbflt C:\Windows\system32\drivers\TsUsbFlt.sys
19:20:51.0681 0x0a08 tsusbflt - ok
19:20:51.0685 0x0a08 [ 267C76EE60736EA5A1811A53FA02AABE, 28D4C4CB972534204B8336D0403B70E4EFE4F8369ABDE7401FFCCF7D4E3EA165 ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys
19:20:51.0693 0x0a08 TsUsbGD - ok
19:20:51.0697 0x0a08 [ 8CE72F094B822AD5EE9C3A3AFC0C16B6, 827CCD849544E1DA364B03DBC82A848D2F93AD32BA14ED52709C609BC70CE5CA ] tunnel C:\Windows\System32\drivers\tunnel.sys
19:20:51.0708 0x0a08 tunnel - ok
19:20:51.0712 0x0a08 [ 56C238ACFE4CB020D3E38508249039EA, 172868080F07D98175229A02410FE751B5958ED5A3D567D4AE5736F4025DF432 ] tzautoupdate C:\Windows\system32\tzautoupdate.dll
19:20:51.0721 0x0a08 tzautoupdate - ok
19:20:51.0725 0x0a08 [ 42C546414F80BD6C0137FC3A106F8A69, 067FFCAF0059935851888BD984E848E4E1A6CC1941A8F4534067CCF0B2A3B2E6 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:20:51.0734 0x0a08 uagp35 - ok
19:20:51.0738 0x0a08 [ 1686DBC81748B096232B15F16C302985, 63D72D1838C42A95599AF3C0B19A069E310ADB091208011D7D6FBAC968D1A59A ] UASPStor C:\Windows\System32\drivers\uaspstor.sys
19:20:51.0745 0x0a08 UASPStor - ok
19:20:51.0749 0x0a08 [ 82D3B1F4D80057826AA649D78147DE36, 344A738F6866BFD3095BB802206DDB2F9E9AD89DC39CAA7DE96455F410683829 ] UcmCx0101 C:\Windows\system32\Drivers\UcmCx.sys
19:20:51.0760 0x0a08 UcmCx0101 - ok
19:20:51.0763 0x0a08 [ 1C95F7CE37D9EFB90EBE987A9712356C, B9EE7743ADA50276F05D735C5C29E44039D630A7DC93766A0EAF400DA037E4AF ] UcmUcsi C:\Windows\System32\drivers\UcmUcsi.sys
19:20:51.0772 0x0a08 UcmUcsi - ok
19:20:51.0778 0x0a08 [ AED081772091C98173905E2DF28C223B, 08541CF3354EBB634BD590E0019128F70A6FCA9075B7E785A9E9BD82EC234DD3 ] Ucx01000 C:\Windows\system32\drivers\ucx01000.sys
19:20:51.0790 0x0a08 Ucx01000 - ok
19:20:51.0794 0x0a08 [ DCA34A111C29E4578DF2B8CEA3C7CDBD, 86BCE4C8EC228724D5896067A85A4768B6069D10A482ECC51A8F828DBD3880C9 ] UdeCx C:\Windows\system32\drivers\udecx.sys
19:20:51.0802 0x0a08 UdeCx - ok
19:20:51.0809 0x0a08 [ 718A956AE00CE086F381044AB66CC29C, E4EED1600C72CECE1D4507827C329A93D356BBA027470FCF6C4B5C1651DED643 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:20:51.0827 0x0a08 udfs - ok
19:20:51.0829 0x0a08 [ BA760F8E66428BA9FF1E8BFBC6248136, BE7DCBB293B12672CB3653E640C46F669BD738D320F34F4FA4A26F6B248561F0 ] UEFI C:\Windows\System32\drivers\UEFI.sys
19:20:51.0837 0x0a08 UEFI - ok
19:20:51.0843 0x0a08 [ 28B8E1C6CBCF9FFE2FABFF3160C26ADF, 1C90E6C4E17C9B5555151943970BB6CC196E7EFC6665D9B9DCBB1EC51C70C715 ] Ufx01000 C:\Windows\system32\drivers\ufx01000.sys
19:20:51.0853 0x0a08 Ufx01000 - ok
19:20:51.0857 0x0a08 [ 2B1DABA97DDF5365FC66EE7DEDD86A13, 2FF3355862938B37EE63FCA149415CE5032BF54747B07517BB21460733B65AD8 ] UfxChipidea C:\Windows\System32\drivers\UfxChipidea.sys
19:20:51.0866 0x0a08 UfxChipidea - ok
19:20:51.0873 0x0a08 [ 2A87EA182EA333D79AA0B03833EA67F2, 227792A8B4E63CF60A3DEECF829448C8FD59A40DEF3F42414E432820F8D34F64 ] ufxsynopsys C:\Windows\System32\drivers\ufxsynopsys.sys
19:20:51.0881 0x0a08 ufxsynopsys - ok
19:20:51.0887 0x0a08 [ 63451BD694651307254B8DD37A3D79C7, C781E2D876AF42D5972CCDCF86B7A59F6AF8AF0C6350647F3FA1B209119B5EF9 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:20:51.0898 0x0a08 UI0Detect - ok
19:20:51.0903 0x0a08 [ 6DE78C04BF32ECA7AF3064F53687C9A5, 164D3BB24EBA3EAF613799928063FE75220A4E583D985F53A895017782C18600 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:20:51.0911 0x0a08 uliagpkx - ok
19:20:51.0914 0x0a08 [ 67D1E0E6E4D5D33AF0AEF0E33B4DA0F4, BA2E6F16B6B3B54C943F1E7B9F79A6D1332A7ED228D754CC5AE70E3CD78B1F37 ] umbus C:\Windows\System32\drivers\umbus.sys
19:20:51.0922 0x0a08 umbus - ok
19:20:51.0925 0x0a08 [ 11680607944A719EF20E0E740785712A, 1567C2B3AAD702DCC2DC9C6B7B92EE5B681C06701A39DAC3AA7E2BE9E1E04F47 ] UmPass C:\Windows\System32\drivers\umpass.sys
19:20:51.0933 0x0a08 UmPass - ok
19:20:51.0939 0x0a08 [ FD949725D9EB52C0B87435CDE1134668, 96E2B3D3379E9AE225E5A4C5251207F1E7DA573901F4F026758EDE9FAEF4F2C5 ] UmRdpService C:\Windows\System32\umrdp.dll
19:20:51.0953 0x0a08 UmRdpService - ok
19:20:51.0971 0x0a08 [ CB902A15DD21B363FECA5DCCF34F5C57, 6A0836A12A410EBD5C667982852B58CA9E9EDB11EA666C413CC0F811E01A549D ] UnistoreSvc C:\Windows\System32\unistore.dll
19:20:52.0004 0x0a08 UnistoreSvc - ok
19:20:52.0016 0x0a08 [ B85A8CF2BE74DFF1E80097AC94584112, B1DBACC33A4143FEE2CF54E567590A69580312AD7A053BCC85B487C4D451FBDA ] upnphost C:\Windows\System32\upnphost.dll
19:20:52.0036 0x0a08 upnphost - ok
19:20:52.0039 0x0a08 [ 2410A0C20D21A25E6C01979FA886BE90, DD3F92D8CF110D47B9E36BA0EB10EB34C0FDD28FE0D57E4B60F9326703388F75 ] UrsChipidea C:\Windows\System32\drivers\urschipidea.sys
19:20:52.0049 0x0a08 UrsChipidea - ok
19:20:52.0052 0x0a08 [ 6E59CE43B6BA5AA1ADCF36A4DBBB92BB, 647D66775A90F67D803043DE8C8AE8BC2F7A042A8DCF9C95BF5458C79609481B ] UrsCx01000 C:\Windows\system32\drivers\urscx01000.sys
19:20:52.0062 0x0a08 UrsCx01000 - ok
19:20:52.0065 0x0a08 [ E8A59FA109A22FC07E44BDFCC9727DBD, 0DC5928C0FF7E5B38917660D6EFECCC22172DB0BB9B23216F33E750790529C16 ] UrsSynopsys C:\Windows\System32\drivers\urssynopsys.sys
19:20:52.0071 0x0a08 UrsSynopsys - ok
19:20:52.0074 0x0a08 [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\Windows\System32\Drivers\usbaapl64.sys
19:20:52.0082 0x0a08 USBAAPL64 - ok
19:20:52.0087 0x0a08 [ D8A44550ECE102B6443F5D54DCE7DAB3, 97F5AE7B17DAC4A4F3186C77116BC8E49874FB0018C99D8E2CDA29D89E8B0912 ] usbccgp C:\Windows\System32\drivers\usbccgp.sys
19:20:52.0095 0x0a08 usbccgp - ok
19:20:52.0098 0x0a08 [ 66B3D22DAB5312FF238ABF5C6D9F8FAB, 4A644AFC1C27D692D352BEB8801398A00EA5B4055476063AF905A0A46DDBF8BB ] usbcir C:\Windows\System32\drivers\usbcir.sys
19:20:52.0108 0x0a08 usbcir - ok
19:20:52.0112 0x0a08 [ 3E4F20DB902D2E2914F3FF3DB9772200, F3D32BE06A26164B5F6E8DB67160D1DBBDC6D14666EEF84EA43C78CB7706E31C ] usbehci C:\Windows\System32\drivers\usbehci.sys
19:20:52.0120 0x0a08 usbehci - ok
19:20:52.0130 0x0a08 [ 41F7F00D76904416EF1F9EFA1A4C37A2, 7A4250EB2E2E0037B3AE1480C13B229ECFF5C575E68E4F934EE011DB1833B46A ] usbhub C:\Windows\System32\drivers\usbhub.sys
19:20:52.0143 0x0a08 usbhub - ok
19:20:52.0155 0x0a08 [ E7463CE8579A0418A98BE9BE42C647D7, 923CD51C82FCF9DC4E9EEA99E53634EE07EBF62FB5DFC337F01309D7D5C7622C ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys
19:20:52.0172 0x0a08 USBHUB3 - ok
19:20:52.0175 0x0a08 [ DAB35CCA86F5FBE77D870A40089BC4A1, 4A47D59D882D0F2B93F2EE7F10995E7D68B58009434E2CBD04C659E0D1F059D8 ] usbohci C:\Windows\System32\drivers\usbohci.sys
19:20:52.0183 0x0a08 usbohci - ok
19:20:52.0187 0x0a08 [ 21162F65C7756AAECAEBED9E67D0A5FE, DE3B43964171DB5B0464DA5E7A674A5D200A8695E6EF1AE2030681066ABA2688 ] usbprint C:\Windows\System32\drivers\usbprint.sys
19:20:52.0195 0x0a08 usbprint - ok
19:20:52.0198 0x0a08 [ 4AAD6547953D373A1EB5B2DF583D868B, 4E3DCEC9644550996C314FCC39F885DDE4AA7AD821B8596D96C5BEA5D60795F7 ] usbser C:\Windows\System32\drivers\usbser.sys
19:20:52.0207 0x0a08 usbser - ok
19:20:52.0212 0x0a08 [ 8949F77132A4F8F3BA17C6727099F002, 86AD4A2263B34983335180FDAE775D1744E042D2A11300D27DF546F15F285A25 ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS
19:20:52.0223 0x0a08 USBSTOR - ok
19:20:52.0226 0x0a08 [ 8B3E458A8851F9A3B2109B1680EE1159, 753AC8F82F65564F00EA2F60B43E4B815FEAABE0DA35B6356210A5F4B1CA3EFC ] usbuhci C:\Windows\System32\drivers\usbuhci.sys
19:20:52.0233 0x0a08 usbuhci - ok
19:20:52.0241 0x0a08 [ 9E9D58F5E1702955B2F4D62996F80E8E, 6C21C250B9D98346D0D5CB7D6C11AB120A1D195C28313BDB0CE532663F0114E2 ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS
19:20:52.0254 0x0a08 USBXHCI - ok
19:20:52.0277 0x0a08 [ 2771EBB565F5C121E66060B173991D4D, 1EB34A6262A18E47ADCA392FDB2D58E8428A1CA43EB4196D76A897F74A03CA7F ] UserDataSvc C:\Windows\System32\userdataservice.dll
19:20:52.0315 0x0a08 UserDataSvc - ok
19:20:52.0332 0x0a08 [ 36EC82F0E399F36BD25F593D63DC144A, 2A9E916A098ACD5A5074A5FD053ECAB027A0932A348C728F20CD63EF16289533 ] UserManager C:\Windows\System32\usermgr.dll
19:20:52.0359 0x0a08 UserManager - ok
19:20:52.0368 0x0a08 [ 05F4CB5991D897E4253BF61FA5E828F8, 25B5B6751B4455491E9A050DF5C12F788B5677F70FB4844E0BF851090AC1F74C ] UsoSvc C:\Windows\system32\usocore.dll
19:20:52.0369 0x0624 Object send P2P result: true
19:20:52.0369 0x0624 Object required for P2P: [ 59A20F5AD9F4AE54098154359519408E ] iaLPSS2i_I2C
19:20:52.0385 0x0a08 UsoSvc - ok
19:20:52.0388 0x0a08 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] VaultSvc C:\Windows\system32\lsass.exe
19:20:52.0396 0x0a08 VaultSvc - ok
19:20:52.0399 0x0a08 [ E1BE37312785A71862516F66B3FD24CE, D248C513DBEACB192653C6E46809209F341771B146544BBF43B86369280B4F8B ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:20:52.0406 0x0a08 vdrvroot - ok
19:20:52.0420 0x0a08 [ 67A6E949395A09914AD8B38FE14B8D15, 593F2FAA880B2E0468F98BD58B5214A170E5890907B25294D7A47C66505A3D45 ] vds C:\Windows\System32\vds.exe
19:20:52.0446 0x0a08 vds - ok
19:20:52.0453 0x0a08 [ E42C0F2850735FF9D908B9DB581E6314, E2204A56BF37FC57CD2ED96E3F908882D72B4BFF1BFB97C5172C851F1E4F9650 ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys
19:20:52.0463 0x0a08 VerifierExt - ok
19:20:52.0475 0x0a08 [ EC15FD6A28757793E2DA394CD94ABD52, DC758BBEE9C6952D7B3F7171EF67B037B4068E88189A2C4A894122D1D1209468 ] vhdmp C:\Windows\System32\drivers\vhdmp.sys
19:20:52.0493 0x0a08 vhdmp - ok
19:20:52.0497 0x0a08 [ D0C9632C350F46786643A069251BC249, CF65BA0D3F3D2B821C10E2D4F53F5B6BF6236CA9767419392A561CFA79254C3B ] vhf C:\Windows\System32\drivers\vhf.sys
19:20:52.0506 0x0a08 vhf - ok
19:20:52.0511 0x0a08 [ E886CB75DA2B6EB35469EF10135624C7, 3AFC59A0709B984F517A918D5BBEBEB1C80001BEC87C133447DCEAEDE00E516D ] vmbus C:\Windows\system32\drivers\vmbus.sys
19:20:52.0519 0x0a08 vmbus - ok
19:20:52.0522 0x0a08 [ 46D2EC27820EC0F798F85821E53C2942, D298A7D6AC16F76A069F843C8DD323ECB340D361733CB9B076BCDE8FC5F1FEFC ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys
19:20:52.0530 0x0a08 VMBusHID - ok
19:20:52.0539 0x0a08 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicguestinterface C:\Windows\System32\ICSvc.dll
19:20:52.0559 0x0a08 vmicguestinterface - ok
19:20:52.0568 0x0a08 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicheartbeat C:\Windows\System32\ICSvc.dll
19:20:52.0586 0x0a08 vmicheartbeat - ok
19:20:52.0595 0x0a08 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmickvpexchange C:\Windows\System32\ICSvc.dll
19:20:52.0613 0x0a08 vmickvpexchange - ok
19:20:52.0621 0x0a08 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicrdv C:\Windows\System32\ICSvc.dll
19:20:52.0638 0x0a08 vmicrdv - ok
19:20:52.0646 0x0a08 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicshutdown C:\Windows\System32\ICSvc.dll
19:20:52.0665 0x0a08 vmicshutdown - ok
19:20:52.0673 0x0a08 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmictimesync C:\Windows\System32\ICSvc.dll
19:20:52.0691 0x0a08 vmictimesync - ok
19:20:52.0699 0x0a08 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvmsession C:\Windows\System32\ICSvc.dll
19:20:52.0716 0x0a08 vmicvmsession - ok
19:20:52.0725 0x0a08 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvss C:\Windows\System32\ICSvc.dll
19:20:52.0742 0x0a08 vmicvss - ok
19:20:52.0746 0x0a08 [ B9265F47E7A354BAAA0AF5CBA3F8F7CE, F836E7BEDC7CAB1C01225164D171A0210D8F909F52992E4C0BF3C92B365BCD52 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:20:52.0753 0x0a08 volmgr - ok
19:20:52.0760 0x0a08 [ BEE9C8B72AB752B794F69C2B9B3678AA, 49A5093C26F3CDCD60577F7F2D7F936C7B2BD010B27F2C49A7B6AA41E42DF98D ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:20:52.0773 0x0a08 volmgrx - ok
19:20:52.0781 0x0a08 [ E1F91A727A04C9F8199D04FF3BBBF63C, 076CAEE621DBF7DE24ED92BA239C440879FDB674CF3213DF3E35AEC03D0D2031 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:20:52.0793 0x0a08 volsnap - ok
19:20:52.0797 0x0a08 [ F7B1B1101271E31F43CC76E890704F51, 2282D82B220C3D13FF980ED8E40443C83816D3DA9557EACEA137873F92BB9CF4 ] vpci C:\Windows\System32\drivers\vpci.sys
19:20:52.0805 0x0a08 vpci - ok
19:20:52.0809 0x0a08 [ D48ED0A08BD2FD25A833E6AC99623091, 6CA7580878D3893E14B4938023A00CDFC9BE215A0CE4ED59A94F95DFD9FDF4D8 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:20:52.0817 0x0a08 vsmraid - ok
19:20:52.0839 0x0a08 [ 4CF5A1E0C4FCA956ACD6C654E2A8610E, 57F3C7200C25E8717AF92AF2ED7615C6605179D3514B432220FA6EA94CAB4F2E ] VSS C:\Windows\system32\vssvc.exe
19:20:52.0886 0x0a08 VSS - ok
19:20:52.0895 0x0a08 [ 79F4D90FAA0ACC1866F2F3E03E39CA89, EE08BCBF29A7E4AFFF520B8DF067281425F433EC275F8C86CE8F20F000E92E3D ] vssbrigde64 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe
19:20:52.0900 0x0a08 vssbrigde64 - ok
19:20:52.0907 0x0a08 [ 6990D4AFDF545669D4E6C232F26DE1FB, 9B8F99A035188FD96BA79E935E8EF387BEA2223ECA0B74CF64AB993DABAA5722 ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys
19:20:52.0919 0x0a08 VSTXRAID - ok
19:20:52.0922 0x0a08 [ 1EE11F0508C58EF081F4176E66D6970B, 9069B3FC8850C7CF617909C6DBFC3753FEB59A9E708379CC57190F4097FB374E ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
19:20:52.0930 0x0a08 vwifibus - ok
19:20:52.0935 0x0a08 [ 938E4EF58E42D252B742B0E243011B90, AC0C21FBAF15924CB271CA43ACB7A86287936C78B4852BCFC59EC7EC703E036C ] vwififlt C:\Windows\system32\drivers\vwififlt.sys
19:20:52.0945 0x0a08 vwififlt - ok
19:20:52.0955 0x0a08 [ 48C1A256591297C43ECFC4E30D144EAA, 8E66833ED2CEB6D7E499EB2E4282B4F9DFA28B6D21757BB88EC52FD069D7FACE ] W32Time C:\Windows\system32\w32time.dll
19:20:52.0976 0x0a08 W32Time - ok
19:20:52.0979 0x0a08 [ 00C27B64C758C111E5D78A70DE6CA2B6, C99761B9B671B3A1FF1C52796CCA3F4F825BF50D9657D13B551E849CDD82055D ] WacomPen C:\Windows\System32\drivers\wacompen.sys
19:20:52.0988 0x0a08 WacomPen - ok
19:20:52.0998 0x0a08 [ D76D1AC4F2C642D09A68227D129A4726, D14D6C4D94E9660848C74B220359683D91A4A3D70750E781A20B6D86D46794CE ] WalletService C:\Windows\system32\WalletService.dll
19:20:53.0016 0x0a08 WalletService - ok
19:20:53.0020 0x0a08 [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarp C:\Windows\system32\DRIVERS\wanarp.sys
19:20:53.0030 0x0a08 wanarp - ok
19:20:53.0033 0x0a08 [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:20:53.0043 0x0a08 wanarpv6 - ok
19:20:53.0067 0x0a08 [ 2598BBF11C9E7D0885DCA52E7FD5BCBD, 46B1FB080A2CD88C89A0EB8BA2594A1FA2C341ED77A6C6835CBFFE42907FAC55 ] wbengine C:\Windows\system32\wbengine.exe
19:20:53.0106 0x0a08 wbengine - ok
19:20:53.0118 0x0a08 [ 642EFABF900374FA85639D83B5533AFD, 292692D6AAC2A785D237ADFBC7CA3D379E8FC79FA366A8CE7D06F5CA5CE6866B ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:20:53.0140 0x0a08 WbioSrvc - ok
19:20:53.0150 0x0a08 [ 0BF8D8C7EC9FB15D6480A12101E88B71, E7BC6A4E53D8C9D73BF83097DFE43ED8038B7BED0AE56E5AF7983F74562F15A3 ] Wcmsvc C:\Windows\System32\wcmsvc.dll
19:20:53.0173 0x0a08 Wcmsvc - ok
19:20:53.0181 0x0a08 [ 53A036CED1270F2459E708A05922FD49, 2F281A72E4B0408DE6C8153F5988C9AA38591FB1E72558767D389637D0666A85 ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:20:53.0201 0x0a08 wcncsvc - ok
19:20:53.0204 0x0a08 [ 965B6197A659782B6A0F68411A180AAD, 5541AB78B71E4FA655BCBF2D80D574B2A3B4AA8871F65D26620BDE549FA5459A ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:20:53.0213 0x0a08 WcsPlugInService - ok
19:20:53.0216 0x0a08 [ 069D3D6E20AD753B34FCE856F0436869, CF8C12295DDAA56E7350019AADBA533D7857CFB3F20DEE14E557963645A9331B ] WdBoot C:\Windows\system32\drivers\WdBoot.sys
19:20:53.0223 0x0a08 WdBoot - ok
19:20:53.0236 0x0a08 [ 6CC727E94CD84E9720FDCDA8089CABCC, BCF66056B06DED6BC2D329E910FCD3E685D627BAD3B5D7F4B0E970B45CD9CEF4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:20:53.0252 0x0a08 Wdf01000 - ok
19:20:53.0260 0x0a08 [ E3E97151A1D1E87BB2D5371F66C5F169, 0ED0B9852FE0533816F5EE2F06045B3964A00FD749A7011DB3C663AB6FA369E2 ] WdFilter C:\Windows\system32\drivers\WdFilter.sys
19:20:53.0272 0x0a08 WdFilter - ok
19:20:53.0276 0x0a08 [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiServiceHost C:\Windows\system32\wdi.dll
19:20:53.0290 0x0a08 WdiServiceHost - ok
19:20:53.0293 0x0a08 [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiSystemHost C:\Windows\system32\wdi.dll
19:20:53.0306 0x0a08 WdiSystemHost - ok
19:20:53.0317 0x0a08 [ 2BC2E99623119521EEF7910A11D0FDE0, 3F3E48A79534F0F65F961D9B170D534562E04901B630127B16DF02E6D42F2BBF ] wdiwifi C:\Windows\system32\DRIVERS\wdiwifi.sys
19:20:53.0338 0x0a08 wdiwifi - ok
19:20:53.0343 0x0a08 [ 07B043160399AF4009054E2EA3464BF4, 8D652D7CD75F8FB2B5414155355F0C970015914E1AC6522DBB8387BB8662F542 ] WdNisDrv C:\Windows\system32\Drivers\WdNisDrv.sys
19:20:53.0350 0x0a08 WdNisDrv - ok
19:20:53.0353 0x0a08 WdNisSvc - ok
19:20:53.0359 0x0a08 [ 9972D395DBD05D91DA5EDADEB9325680, 9382D846793F285721A1A0FED42F914035A53D856B902FADB0B7144C471BDA91 ] WebClient C:\Windows\System32\webclnt.dll
19:20:53.0375 0x0a08 WebClient - ok
19:20:53.0381 0x0a08 [ B6BF579761489720BCE787F723F596E5, 879B17F6A4F23F5E85A09126B7B407955DDCEB1BA4A8FFC0A418B7F47311C056 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:20:53.0395 0x0a08 Wecsvc - ok
19:20:53.0398 0x0a08 [ 10C9CF8771A2A87F575F9FB56821474E, 15E3DFFE9CF6777F67E426ECF797D2DF743EA152DEE336DCC9C2F92A0E6EB9A3 ] WEPHOSTSVC C:\Windows\system32\wephostsvc.dll
19:20:53.0409 0x0a08 WEPHOSTSVC - ok
19:20:53.0413 0x0a08 [ 357C083FE35D030D991D163AAF622A06, F301852D49DBDEF0D28F56CD74CBDC71CA003EBD07D3F46EA5C870DC1BD07896 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:20:53.0427 0x0a08 wercplsupport - ok
19:20:53.0431 0x0a08 [ 2235AF716D15D9DFE4C59DC2AC0C440C, 2DCFCEBEA77E7E40CEF9A785BE1A794B390B36E40FBCF49B494F9CEA3F6A28C4 ] WerSvc C:\Windows\System32\WerSvc.dll
19:20:53.0445 0x0a08 WerSvc - ok
19:20:53.0449 0x0a08 [ C11272713719922DE5711094333BD166, 61D4F07E02AECF04964FF51EEA31069A2B0EAA549AD2B29B5FD3E1E6BB543593 ] WFPLWFS C:\Windows\system32\drivers\wfplwfs.sys
19:20:53.0460 0x0a08 WFPLWFS - ok
19:20:53.0465 0x0a08 [ 205A1FAE910F5C493D236245850BB62A, DBA4D1D734BAA3CDEB8A7F9C81A8DAA88CEA55AF5C4C5908E76FB8E522C5EC8A ] WiaRpc C:\Windows\System32\wiarpc.dll
19:20:53.0475 0x0a08 WiaRpc - ok
19:20:53.0478 0x0a08 [ EF536C54AB9281FDC4E83B07279FCFC4, 22E4F133170682EE14413CA8FDC2DBE73AB31960D6ACB728A6B398229FDDFD3B ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:20:53.0485 0x0a08 WIMMount - ok
19:20:53.0487 0x0a08 WinDefend - ok
19:20:53.0491 0x0a08 [ D8966A76408107224C6013993135DD78, 6159F69BC26FF817078E68C70E6DFC9075FEBF9EF9F4F046C7A65BC377544AE6 ] WindowsTrustedRT C:\Windows\system32\drivers\WindowsTrustedRT.sys
19:20:53.0499 0x0a08 WindowsTrustedRT - ok
19:20:53.0502 0x0a08 [ 8B102A7B6CE326FD4208CC7C2D183343, E47C1D76CBFD2A382C3A7BB048D752FB6DD4616FADDEB1C3ADD5DDAE149742AF ] WindowsTrustedRTProxy C:\Windows\system32\drivers\WindowsTrustedRTProxy.sys
19:20:53.0508 0x0a08 WindowsTrustedRTProxy - ok
19:20:53.0521 0x0a08 [ FFD04E8263FC9CDB89BAD8C27C337223, 7021161D354F1536DA261D001524B92301466631DCFA161A7C6355AAC86BBE40 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
19:20:53.0546 0x0a08 WinHttpAutoProxySvc - ok
19:20:53.0550 0x0a08 [ 4A53441C1C4D2878BEF27E381138BB2D, C221E74491E6FD2AF472B53876B46788D5CF62F4E645457F3B3816FD0ED2BAA1 ] WinMad C:\Windows\System32\drivers\winmad.sys
19:20:53.0557 0x0a08 WinMad - ok
19:20:53.0565 0x0a08 [ 1033C37122C7404C3B926ADF84874832, 163B3A7112F13AE7BB2655A28C6B19AF9B263F2AD2FF1B75314BE3E2B9118903 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:20:53.0578 0x0a08 Winmgmt - ok
19:20:53.0615 0x0a08 [ 703D0F62C5AA4D08EE8756516C0D125D, 02015A5E62490C11EC968160C528C2AFD1D7194AACA27F407B06EB462657511F ] WinRM C:\Windows\system32\WsmSvc.dll
19:20:53.0676 0x0a08 WinRM - ok
19:20:53.0685 0x0a08 [ 260907CE034FE327AC99BDA4153AB22F, B96501F43248713C2E153B9D22B78D51412A3C6989A2FB5F53A406C6CDC98D30 ] WINUSB C:\Windows\System32\drivers\WinUSB.SYS
19:20:53.0694 0x0a08 WINUSB - ok
19:20:53.0697 0x0a08 [ 40A3E8D729F458B2C9A8BD9380FF83D5, CD42FFC138969EF8C9588FD113F0B9A98FBA282D46A5B6BCFA765F55ED6E97A1 ] WinVerbs C:\Windows\System32\drivers\winverbs.sys
19:20:53.0704 0x0a08 WinVerbs - ok
19:20:53.0736 0x0a08 [ 453740989239803FE363FF8B40EA2E08, 25499705627C38D3431B3C336E0CF3BF55ABB0C461B88DA6D3767CAAE1E2B893 ] WlanSvc C:\Windows\System32\wlansvc.dll
19:20:53.0795 0x0a08 WlanSvc - ok
19:20:53.0828 0x0a08 [ E48BBF1363F843E030757EC190DD33E6, B37199495115ED423BA99B7317377CE865BB482D4E847861E871480AC49D4A84 ] wlidsvc C:\Windows\system32\wlidsvc.dll
19:20:53.0881 0x0a08 wlidsvc - ok
19:20:53.0886 0x0a08 [ 8F010BF65238F3F822D22BA12831796E, 2CA830F259B742D2F5CDD0437960BF512D40FB4A4C2342E3BABB38D468F79694 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys
19:20:53.0893 0x0a08 WmiAcpi - ok
19:20:53.0899 0x0a08 [ 74ACA5A7880C1F0BB9D60E32E1705A70, A89817BCCBFF94D7394614DA81D1C6C4F53AF47A539E674EEF6DC3FC496BF702 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:20:53.0910 0x0a08 wmiApSrv - ok
19:20:53.0912 0x0a08 WMPNetworkSvc - ok
19:20:53.0917 0x0a08 [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof C:\Windows\system32\drivers\Wof.sys
19:20:53.0926 0x0a08 Wof - ok
19:20:53.0952 0x0a08 [ 4090C6738AA92B428220857B4D44F638, 4A3EE47494051E5BA8393F2AC8226EF434DA3AA1895CF4BADC9BC1BC378647C6 ] workfolderssvc C:\Windows\system32\workfolderssvc.dll
19:20:54.0015 0x0a08 workfolderssvc - ok
19:20:54.0020 0x0a08 [ 22C52D7EE7C7D0E02C8EFD8CAE8E3A71, 126605A12CEC9CC07DE3050F12E43CECABEAF0D00DF12300AF70F34700F7FE8E ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys
19:20:54.0027 0x0a08 wpcfltr - ok
19:20:54.0031 0x0a08 [ 45FA01F8B7971ACB65202038E34D04A3, 9B2C2ABC7DB716295B0BD0AF04DA08E6B4200D7CF1C7DB59DD8FD8FEBD56D94C ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:20:54.0042 0x0a08 WPDBusEnum - ok
19:20:54.0044 0x0a08 [ 1C08E424CBDD5065BB7266F8C048C1B1, 0452C85EDA6CBAB75C2617886C5D8117ED25D91F1BE0F8377B08D55B6629B028 ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys
19:20:54.0051 0x0a08 WpdUpFltr - ok
19:20:54.0055 0x0a08 [ 2C6EEFFBB7FB1C51CCD3737C77AB9109, 8C2ED309FAF4312512E7BCCBBC51B1353603A3499077A1DE21991F0692AF1620 ] WpnService C:\Windows\system32\WpnService.dll
19:20:54.0066 0x0a08 WpnService - ok
19:20:54.0069 0x0a08 [ 638B43D39A3D0B47024555CF1095E6F1, C7EA0A6ED227A5256EB02CA76FEC538DF196B8DC38DA2A567757D2B221C9473E ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:20:54.0079 0x0a08 ws2ifsl - ok
19:20:54.0085 0x0a08 [ 9C17CF2D05F8DA5AC66880B6BEE64E7D, 8930079A1AFA97657BE567038EE57C988D3DE9A6C24EA46160E2974837082535 ] wscsvc C:\Windows\System32\wscsvc.dll
19:20:54.0097 0x0a08 wscsvc - ok
19:20:54.0100 0x0a08 WSearch - ok
19:20:54.0149 0x0a08 [ 6E04BBE242E2889B37300C4DF5CE1126, FBDAEAC62C48A4FC5EF412AE47FF10590AE83E8871412F76F6F9BAE910542DFA ] WSService C:\Windows\System32\WSService.dll
19:20:54.0213 0x0a08 WSService - ok
19:20:54.0249 0x0a08 [ 8A88DBA247BFF23BD284C2189F41FDA5, 86A617CB7C7473306DA2889AA30B488ABB9B824F7DCA31AA675DA6EB3974887C ] wuauserv C:\Windows\system32\wuaueng.dll
19:20:54.0306 0x0a08 wuauserv - ok
19:20:54.0312 0x0a08 [ A928F25CB62232F413EE655352856E10, 1D2B278A24DDDE8792ADE7649FF90A98E186B79F13AA296C30E4180293BE906A ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:20:54.0321 0x0a08 WudfPf - ok
19:20:54.0327 0x0a08 [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFRd C:\Windows\system32\drivers\WudfRd.sys
19:20:54.0342 0x0a08 WUDFRd - ok
19:20:54.0346 0x0a08 [ 1336DA39FE006EAB2733CA4DE5B3560C, F0D6C71ADCB66D4D14EC6D09FD43F5521A3A8CA53F248DFD01696FB4F033BE77 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:20:54.0358 0x0a08 wudfsvc - ok
19:20:54.0364 0x0a08 [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdFs C:\Windows\system32\DRIVERS\WUDFRd.sys
19:20:54.0375 0x0a08 WUDFWpdFs - ok
19:20:54.0380 0x0a08 [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdMtp C:\Windows\system32\DRIVERS\WUDFRd.sys
19:20:54.0391 0x0a08 WUDFWpdMtp - ok
19:20:54.0410 0x0a08 [ 5DA95027DF2317174E8C39B4A8D1FCD8, 99B356411CB08B8BCCF2348DBF1FD5D4F417EA509D9C7CE23E5877C333F4D304 ] WwanSvc C:\Windows\System32\wwansvc.dll
19:20:54.0443 0x0a08 WwanSvc - ok
19:20:54.0459 0x0a08 [ 5DFAF8BE5A3CABAABF6795BC09EB7876, 1AFD0BC50EA5C2CCB2874E97FE5205175C80849BD6C9BDAF9FBC49174D478997 ] XblAuthManager C:\Windows\System32\XblAuthManager.dll
19:20:54.0486 0x0a08 XblAuthManager - ok
19:20:54.0504 0x0a08 [ 7118498F6E48758A2EF5A7D1982E2B62, 1FF75AE64CB6DB263E8B35515E092B325AA71A6B2210F8F2B0AD087B3BA33345 ] XblGameSave C:\Windows\System32\XblGameSave.dll
19:20:54.0535 0x0a08 XblGameSave - ok
19:20:54.0541 0x0a08 [ F279536122B83FD0D8E158AA753E1B7C, 6A542F28E24B30DBDC2EEE24DA33C2F4ADB3596AEDDD71DC1495DD40577CE4BB ] xboxgip C:\Windows\System32\drivers\xboxgip.sys
19:20:54.0554 0x0a08 xboxgip - ok
19:20:54.0571 0x0a08 [ 69E727F94BEA64E66C284F3C482F33E6, B3E0F287E7A251E0FC17C41089C45737027E54F0213BDE847356AC882B4D3700 ] XboxNetApiSvc C:\Windows\system32\XboxNetApiSvc.dll
19:20:54.0600 0x0a08 XboxNetApiSvc - ok
19:20:54.0604 0x0a08 [ DA0807D87A62D076C29C4E30F1E84F46, CA3079350038091AEE04D4DA7C06865E9DB3095120AE61AAB575AA77E86A6223 ] xinputhid C:\Windows\System32\drivers\xinputhid.sys
19:20:54.0611 0x0a08 xinputhid - ok
19:20:54.0612 0x0a08 ================ Scan global ===============================
19:20:54.0615 0x0a08 [ 82E25186617BA6C15010F0D47C705705, 5BF9E38918E6EAE86448137E2D120B80318AA1143CDDF539A2BFBEE227646816 ] C:\Windows\system32\basesrv.dll
19:20:54.0621 0x0a08 [ E2899695BD30B5F93EC626EBBEF2CB69, B190D2903A109D2C146D881F90769060A0E971942F4AA61AEAD81861032D89C3 ] C:\Windows\system32\winsrv.dll
19:20:54.0628 0x0a08 [ 09E92888FFF86F3334E59778724DCA6F, 2344763B52395EF565A9DE5F55BEDCA026AD2E8072FFD06F826BF366B3BA2AB4 ] C:\Windows\system32\sxssrv.dll
19:20:54.0638 0x0a08 [ 6FF8248F3A9D69A095C7F3F42BC29CB2, 9077B1AA0AFB8DB329FDED0E51085DE1C51B22A986162F29037FCA404A80D512 ] C:\Windows\system32\services.exe
19:20:54.0644 0x0a08 [ Global ] - ok
19:20:54.0644 0x0a08 ================ Scan MBR ==================================
19:20:54.0645 0x0a08 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
19:20:54.0683 0x0a08 \Device\Harddisk0\DR0 - ok
19:20:54.0686 0x0a08 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
19:20:54.0710 0x0a08 \Device\Harddisk1\DR1 - ok
19:20:54.0710 0x0a08 ================ Scan VBR ==================================
19:20:54.0712 0x0a08 [ 38C4EB34D6DE70AC54B677A3A3581420 ] \Device\Harddisk0\DR0\Partition1
19:20:54.0713 0x0a08 \Device\Harddisk0\DR0\Partition1 - ok
19:20:54.0714 0x0a08 [ 422ED27FF2C247438FDD681B27A63872 ] \Device\Harddisk0\DR0\Partition2
19:20:54.0714 0x0a08 \Device\Harddisk0\DR0\Partition2 - ok
19:20:54.0716 0x0a08 [ E411C8EBB489DE28FDD797D934705B97 ] \Device\Harddisk0\DR0\Partition3
19:20:54.0717 0x0a08 \Device\Harddisk0\DR0\Partition3 - ok
19:20:54.0718 0x0a08 [ 3CFC8EE278EBBC80EAACD2410784B61D ] \Device\Harddisk0\DR0\Partition4
19:20:54.0719 0x0a08 \Device\Harddisk0\DR0\Partition4 - ok
19:20:54.0721 0x0a08 [ 12182CAAA8CAC2DB07B668889B780112 ] \Device\Harddisk1\DR1\Partition1
19:20:54.0722 0x0a08 \Device\Harddisk1\DR1\Partition1 - ok
19:20:54.0724 0x0a08 [ 33AF541345FCC03A6CF6B6BAD5CC5BC5 ] \Device\Harddisk1\DR1\Partition2
19:20:54.0724 0x0a08 \Device\Harddisk1\DR1\Partition2 - ok
19:20:54.0725 0x0a08 [ 416505D5178B6E105A130793DE3EF462 ] \Device\Harddisk1\DR1\Partition3
19:20:54.0727 0x0a08 \Device\Harddisk1\DR1\Partition3 - ok
19:20:54.0727 0x0a08 ================ Scan generic autorun ======================
19:20:54.0752 0x0a08 [ 9A88F3C9B1773A676420F0F7922DD847, 01411F25DB7B981AAC8705EFD47A56CE43D84D178D629E45FC3974FAE7235997 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
19:20:54.0782 0x0a08 NvBackend - ok
19:20:54.0787 0x0a08 [ CC9823AA6E3F6229CD6DA193551314A5, 76BCD2BCA391C2114BF9D28FA290D9B39D16379C410070E0E3A6376FDEE51CE1 ] H:\Programme\iTunes\iTunesHelper.exe
19:20:54.0793 0x0a08 iTunesHelper - ok
19:20:54.0915 0x0a08 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
19:20:55.0023 0x0a08 OneDriveSetup - ok
19:20:55.0133 0x0a08 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
19:20:55.0240 0x0a08 OneDriveSetup - ok
19:20:55.0257 0x0a08 [ 2010CA459E5EC8F9D5FC8B000D130294, 058FF215A3AAD04F2A4CF23B2CC62A5EA28F5A705EFA689DCE9126720CF33229 ] C:\Users\Matthias\AppData\Local\Microsoft\OneDrive\OneDrive.exe
19:20:55.0270 0x0a08 OneDrive - ok
19:20:55.0281 0x0a08 [ 41E25E514D90E9C8BC570484DBAFF62B, E6C49F7CE186DC4C9DA2C393469B070C0F1B95A01D281AE2B89538DA453D1583 ] C:\Windows\system32\cmd.exe
19:20:55.0300 0x0a08 Uninstall C:\Users\Matthias\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64 - ok
19:20:55.0305 0x0a08 Waiting for KSN requests completion. In queue: 381
19:20:55.0650 0x0624 Object send P2P result: true
19:20:55.0656 0x0624 Object required for P2P: [ 807A6636828E5F43C10A01474B8907EE ] MSDTC
19:20:56.0306 0x0a08 Waiting for KSN requests completion. In queue: 304
19:20:57.0307 0x0a08 Waiting for KSN requests completion. In queue: 304
19:20:58.0308 0x0a08 Waiting for KSN requests completion. In queue: 304
19:20:58.0330 0x0728 Object required for P2P: [ 7C58AFEC26E9F7730A8AA7FD40225937 ] sppsvc
19:20:59.0153 0x0624 Object send P2P result: true
19:20:59.0159 0x0624 Object required for P2P: [ 1CD8D5BF5E4058A2E12949D74A7E27FD ] nvsvc
19:20:59.0308 0x0a08 Waiting for KSN requests completion. In queue: 171
19:21:00.0309 0x0a08 Waiting for KSN requests completion. In queue: 171
19:21:01.0309 0x0a08 Waiting for KSN requests completion. In queue: 171
19:21:02.0265 0x0728 Object send P2P result: true
19:21:02.0268 0x0728 Object required for P2P: [ 34A3EB84B2A830E6F450B8F885AE4E6E ] SysMain
19:21:02.0309 0x0a08 Waiting for KSN requests completion. In queue: 150
19:21:03.0275 0x0624 Object send P2P result: true
19:21:03.0275 0x0624 Object required for P2P: [ 7D006FC340B301A1DEAFB5878C078A12 ] Origin Client Service
19:21:03.0310 0x0a08 Waiting for KSN requests completion. In queue: 147
19:21:04.0310 0x0a08 Waiting for KSN requests completion. In queue: 147
19:21:05.0311 0x0a08 Waiting for KSN requests completion. In queue: 147
19:21:06.0209 0x0728 Object send P2P result: true
19:21:06.0217 0x0728 Object required for P2P: [ 4CF5A1E0C4FCA956ACD6C654E2A8610E ] VSS
19:21:06.0312 0x0a08 Waiting for KSN requests completion. In queue: 70
19:21:07.0279 0x0624 Object send P2P result: true
19:21:07.0312 0x0a08 Waiting for KSN requests completion. In queue: 69
19:21:08.0312 0x0a08 Waiting for KSN requests completion. In queue: 69
19:21:09.0313 0x0a08 Waiting for KSN requests completion. In queue: 69
19:21:10.0194 0x0728 Object send P2P result: true
19:21:10.0203 0x0728 Object required for P2P: [ 9A88F3C9B1773A676420F0F7922DD847 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
19:21:10.0313 0x0a08 Waiting for KSN requests completion. In queue: 6
19:21:11.0314 0x0a08 Waiting for KSN requests completion. In queue: 6
19:21:12.0314 0x0a08 Waiting for KSN requests completion. In queue: 6
19:21:13.0003 0x0728 Object send P2P result: true
19:21:13.0003 0x0728 Object required for P2P: [ 2010CA459E5EC8F9D5FC8B000D130294 ] C:\Users\Matthias\AppData\Local\Microsoft\OneDrive\OneDrive.exe
19:21:13.0315 0x0a08 Waiting for KSN requests completion. In queue: 2
19:21:14.0316 0x0a08 Waiting for KSN requests completion. In queue: 2
19:21:15.0316 0x0a08 Waiting for KSN requests completion. In queue: 2
19:21:15.0990 0x0728 Object send P2P result: true
19:21:15.0990 0x0728 Object required for P2P: [ 41E25E514D90E9C8BC570484DBAFF62B ] C:\Windows\system32\cmd.exe
19:21:16.0317 0x0a08 Waiting for KSN requests completion. In queue: 1
19:21:17.0318 0x0a08 Waiting for KSN requests completion. In queue: 1
19:21:18.0318 0x0a08 Waiting for KSN requests completion. In queue: 1
19:21:19.0061 0x0728 Object send P2P result: true
19:21:19.0328 0x0a08 AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41000 ( enabled : updated )
19:21:19.0329 0x0a08 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.0 ), 0x60100 ( disabled : updated )
19:21:19.0329 0x0a08 FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41010 ( enabled )
19:21:21.0913 0x0a08 ============================================================
19:21:21.0913 0x0a08 Scan finished
19:21:21.0913 0x0a08 ============================================================
19:21:21.0918 0x1a28 Detected object count: 1
19:21:21.0918 0x1a28 Actual detected object count: 1
19:21:42.0046 0x1a28 ose64 ( UnsignedFile.Multi.Generic ) - skipped by user
19:21:42.0046 0x1a28 ose64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
Geändert von park757 (18.05.2016 um 18:37 Uhr) |
|
18.05.2016, 18:46
| #7 |
| /// Malwareteam | Tastatur schreibt von selber nach "Entf" Taste - Virus ? Hi, puh, ich werd auf jeden Fall mal intern im Team nachfragen. Hast du schon mal eine andere Tastatur probiert? |
|
18.05.2016, 19:20
| #8 |
| | Tastatur schreibt von selber nach "Entf" Taste - Virus ? ok da werde ich noch probieren. Hat sich dieser Virus schon in den Tastaturtreiber engeschlichen? |
|
18.05.2016, 20:20
| #9 |
| /// Malwareteam | Tastatur schreibt von selber nach "Entf" Taste - Virus ? Also was anderes würde mir dazu nicht mehr wirklich einfallen. Hast du eine Tastatur wo man Makros definieren kann? |
|
18.05.2016, 20:30
| #10 |
| | Tastatur schreibt von selber nach "Entf" Taste - Virus ? Habe diese hier : Speedlink Virtuis Advanced Gaming Tastatur: Amazon.de: Computer & Zubehör DANKE DAS WARS! EIN BEHINDERTES MAKRO. jetzt geht wieder alles. Mein Freundin hat irgendwas gedrückt eh klar. Danke nochmal!!! |
|
19.05.2016, 00:33
| #11 |
| /// Malwareteam | Tastatur schreibt von selber nach "Entf" Taste - Virus ? Na freut mich dass es nichts allzu ernstes war  |
|
| Themen zu Tastatur schreibt von selber nach "Entf" Taste - Virus ? |
| cpu, defender, desktop, dnsapi.dll, explorer, firefox, firewall, internet, internet explorer, kaspersky, kis, mozilla, neustart, problem, problem mit dem pc, realtek, registry, rundll, security, services.exe, svchost.exe, taskmanager, tastatur, usb, virus, windows, winlogon.exe |
Hybrid-Darstellung
