| |
| |||||||
Log-Analyse und Auswertung: Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.InjectWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
26.01.2014, 10:41
| #1 |
 |  Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject Hallo liebe Trojanerboard-Gemeinde, ihr habt mir schonmal sehr geholfen und nun brauche ich wieder eure Hilfe. FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-01-2014 01
Ran by Jonas (administrator) on SANDWICH on 25-01-2014 19:37:26
Running from C:\Users\Jonas\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
() C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe
(Fujitsu Technology Solutions) C:\Program Files (x86)\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
(CSR, plc) C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe
() C:\Program Files\Fujitsu\WirelessSelector\WSUService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CSR, plc) C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHndHkb.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(David Harris) D:\PMAIL\Programs\winpm-32.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1861416 2009-10-09] (Synaptics Incorporated)
HKLM\...\Run: [PSUTility] - C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [188264 2009-07-30] (FUJITSU LIMITED)
HKLM\...\Run: [FDM7] - C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe [164712 2009-11-26] (FUJITSU LIMITED)
HKLM\...\Run: [LoadFujitsuQuickTouch] - C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [157544 2009-10-15] (FUJITSU LIMITED)
HKLM\...\Run: [LoadBtnHnd] - C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [35176 2009-10-15] (FUJITSU LIMITED)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8312352 2009-10-28] (Realtek Semiconductor)
HKLM\...\Run: [ConMgr] - C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe [535440 2009-12-24] (CSR, plc)
HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [LoadFUJ02E3] - C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe [36712 2009-10-08] (FUJITSU LIMITED)
HKLM-x32\...\Run: [IndicatorUtility] - C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [47976 2009-10-09] (FUJITSU LIMITED)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-09] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://fi.search.yahoo.com?type=902615&fr=spigot-yhp-ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=FTSF&bmod=FTSF
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {828C7727-01C2-42AC-A24B-6A139986C36E} URL = hxxp://fi.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=902615&p={searchTerms}
SearchScopes: HKCU - {828C7727-01C2-42AC-A24B-6A139986C36E} URL = hxxp://fi.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=902615&p={searchTerms}
SearchScopes: HKCU - {9770A850-5BCC-44A8-B701-B798F7714A31} URL =
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - D:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - d:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 84.2.46.1 84.2.44.1
Tcpip\..\Interfaces\{6637010D-FE57-40B9-AF26-FDD8DB274CAA}: [NameServer]192.168.1.8,192.168.1.7
FireFox:
========
FF ProfilePath: C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-303729831-1353264561-2017775160-1001\FireFox
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @java.com/DTPlugin,version=1.6.0_39 - C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 - d:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 - d:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2013-04-09]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2013-04-09]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com
FF Extension: Content Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2013-04-09]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2013-04-09]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2013-04-09]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-11-12]
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.260.3) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U26) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\pdf.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Google Drive) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-11-15]
CHR Extension: (YouTube) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-15]
CHR Extension: (Google-Suche) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-15]
CHR Extension: (avast! WebRep) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [2012-11-15]
CHR Extension: (Google Mail) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-15]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2012-11-15]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx [2013-03-06]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx [2013-03-06]
CHR HKLM-x32\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.0.crx [2013-03-06]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\content_blocker_chrome.crx [2013-03-06]
CHR HKLM-x32\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files (x86)\Common Files\Spigot\GC\errorassistant_1.1.crx [2013-03-06]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx [2013-03-06]
CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx [2013-03-06]
CHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx [2013-03-06]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx [2013-03-06]
==================== Services (Whitelisted) =================
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-09] (Kaspersky Lab ZAO)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 OMSI download service; C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112 2009-04-30] ()
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [63336 2009-07-30] (FUJITSU LIMITED)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [99048 2010-08-09] (SANDBOXIE L.T.D)
R2 TestHandler; C:\Program Files (x86)\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe [341264 2009-02-19] (Fujitsu Technology Solutions)
R2 VFPRadioSupportService; C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe [145840 2009-12-24] (CSR, plc)
R2 WirelessSelectorService; C:\Program Files\Fujitsu\WirelessSelector\WSUService.exe [62312 2009-07-21] ()
==================== Drivers (Whitelisted) ====================
S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [32768 2010-04-29] (Google Inc)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-12-05] (DT Soft Ltd)
R3 FUJ02B1; C:\Windows\System32\DRIVERS\FUJ02B1.sys [7808 2006-11-01] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\System32\DRIVERS\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-12-17] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [626272 2013-10-09] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-12-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-09] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-09] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-06-17] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-04-22] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2012-06-18] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2012-06-18] ()
S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [115240 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [19496 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [158760 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [137256 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [34344 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [136744 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [151592 2008-05-16] (MCCI Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [143464 2010-08-09] (SANDBOXIE L.T.D)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [17720 2013-05-22] ()
S3 Spyder3; C:\Windows\System32\DRIVERS\Spyder3.sys [15360 2008-09-08] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [x]
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [90208 2013-04-22] (Kaspersky Lab ZAO)
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [x]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-25 19:37 - 2014-01-25 19:38 - 00023799 _____ C:\Users\Jonas\Desktop\FRST.txt
2014-01-25 19:37 - 2014-01-25 19:37 - 00000000 ____D C:\FRST
2014-01-25 19:36 - 2014-01-25 19:36 - 00000472 _____ C:\Users\Jonas\Downloads\defogger_disable.log
2014-01-25 19:36 - 2014-01-25 19:36 - 00000000 _____ C:\Users\Jonas\defogger_reenable
2014-01-25 19:34 - 2014-01-25 19:34 - 00370971 _____ C:\Users\Jonas\Desktop\gmer_2.1.19355.zip
2014-01-25 19:33 - 2014-01-25 19:34 - 02077696 _____ (Farbar) C:\Users\Jonas\Desktop\FRST64.exe
2014-01-25 19:33 - 2014-01-25 19:33 - 00050477 _____ C:\Users\Jonas\Desktop\Defogger.exe
2014-01-24 10:19 - 2014-01-24 10:19 - 00001985 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-01-20 17:03 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-20 17:03 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-20 17:03 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-20 17:03 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-20 17:02 - 2014-01-20 17:03 - 00005327 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-19 00:25 - 2014-01-19 00:25 - 11428320 _____ (Tech Soft GmbH ) C:\Users\Jonas\Downloads\w32-463-de1(1).exe
2014-01-18 17:32 - 2014-01-19 00:27 - 00020396 _____ C:\Windows\unins000.dat
2014-01-18 17:32 - 2014-01-19 00:26 - 00993347 _____ C:\Windows\unins000.exe
2014-01-18 17:32 - 2014-01-18 17:32 - 00000715 _____ C:\Users\Jonas\Desktop\Pegasus Mail.LNK
2014-01-18 17:32 - 2014-01-18 17:32 - 00000715 _____ C:\Users\Administrator\Desktop\Pegasus Mail.LNK
2014-01-18 17:32 - 2014-01-18 17:32 - 00000000 ____D C:\Users\Jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pegasus Mail
2014-01-18 17:18 - 2014-01-18 17:18 - 11428320 _____ (Tech Soft GmbH ) C:\Users\Jonas\Downloads\w32-463-de1.exe
2014-01-18 14:25 - 2014-01-18 14:26 - 07624424 _____ (IObit ) C:\Users\Jonas\Downloads\smart-defrag-v3.exe
2014-01-15 02:15 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 02:15 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 02:15 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 02:15 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 02:15 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 02:15 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 02:15 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 02:15 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 02:15 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-10 11:54 - 2014-01-10 11:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== One Month Modified Files and Folders =======
2014-01-25 19:38 - 2014-01-25 19:37 - 00023799 _____ C:\Users\Jonas\Desktop\FRST.txt
2014-01-25 19:37 - 2014-01-25 19:37 - 00000000 ____D C:\FRST
2014-01-25 19:36 - 2014-01-25 19:36 - 00000472 _____ C:\Users\Jonas\Downloads\defogger_disable.log
2014-01-25 19:36 - 2014-01-25 19:36 - 00000000 _____ C:\Users\Jonas\defogger_reenable
2014-01-25 19:36 - 2010-09-22 16:12 - 00000000 ____D C:\Users\Jonas
2014-01-25 19:35 - 2010-09-23 10:19 - 00000000 ____D C:\Users\Jonas\AppData\Roaming\Skype
2014-01-25 19:34 - 2014-01-25 19:34 - 00370971 _____ C:\Users\Jonas\Desktop\gmer_2.1.19355.zip
2014-01-25 19:34 - 2014-01-25 19:33 - 02077696 _____ (Farbar) C:\Users\Jonas\Desktop\FRST64.exe
2014-01-25 19:33 - 2014-01-25 19:33 - 00050477 _____ C:\Users\Jonas\Desktop\Defogger.exe
2014-01-25 19:10 - 2012-04-18 12:51 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-25 19:03 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2014-01-25 18:57 - 2013-04-09 19:20 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2014-01-25 18:57 - 2010-09-22 16:00 - 02005730 _____ C:\Windows\WindowsUpdate.log
2014-01-25 10:37 - 2009-07-14 05:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-25 10:37 - 2009-07-14 05:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-25 10:30 - 2013-11-14 00:03 - 00002610 _____ C:\Windows\setupact.log
2014-01-25 10:30 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-24 10:21 - 2010-09-22 16:07 - 00000000 ____D C:\ProgramData\Adobe
2014-01-24 10:20 - 2010-09-22 16:12 - 00000000 ____D C:\Users\Jonas\AppData\Local\Adobe
2014-01-24 10:19 - 2014-01-24 10:19 - 00001985 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-01-24 10:19 - 2010-09-22 16:07 - 00000000 ____D C:\Program Files (x86)\Adobe
2014-01-20 22:38 - 2013-07-27 17:58 - 00000000 ___RD C:\Program Files (x86)\Skype
2014-01-20 22:38 - 2010-09-23 10:19 - 00000000 ____D C:\ProgramData\Skype
2014-01-20 22:19 - 2013-11-18 14:47 - 00000000 ____D C:\ProgramData\Oracle
2014-01-20 17:03 - 2014-01-20 17:02 - 00005327 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-20 17:03 - 2013-03-06 11:11 - 00000000 ____D C:\Program Files (x86)\Java
2014-01-19 00:27 - 2014-01-18 17:32 - 00020396 _____ C:\Windows\unins000.dat
2014-01-19 00:26 - 2014-01-18 17:32 - 00993347 _____ C:\Windows\unins000.exe
2014-01-19 00:25 - 2014-01-19 00:25 - 11428320 _____ (Tech Soft GmbH ) C:\Users\Jonas\Downloads\w32-463-de1(1).exe
2014-01-18 22:54 - 2012-10-20 18:34 - 00000000 ____D C:\Users\Jonas\AppData\Roaming\foobar2000
2014-01-18 17:32 - 2014-01-18 17:32 - 00000715 _____ C:\Users\Jonas\Desktop\Pegasus Mail.LNK
2014-01-18 17:32 - 2014-01-18 17:32 - 00000715 _____ C:\Users\Administrator\Desktop\Pegasus Mail.LNK
2014-01-18 17:32 - 2014-01-18 17:32 - 00000000 ____D C:\Users\Jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pegasus Mail
2014-01-18 17:18 - 2014-01-18 17:18 - 11428320 _____ (Tech Soft GmbH ) C:\Users\Jonas\Downloads\w32-463-de1.exe
2014-01-18 17:18 - 2012-04-18 12:51 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-18 17:18 - 2012-04-18 12:51 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-18 17:18 - 2012-04-18 12:51 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-18 14:26 - 2014-01-18 14:25 - 07624424 _____ (IObit ) C:\Users\Jonas\Downloads\smart-defrag-v3.exe
2014-01-15 20:22 - 2013-11-14 00:02 - 03017952 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-15 03:03 - 2010-09-23 11:27 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-15 03:02 - 2013-07-27 18:57 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 03:00 - 2010-09-28 11:41 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-11 02:57 - 2012-05-05 08:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-10 11:54 - 2014-01-10 11:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
Files to move or delete:
====================
C:\ProgramData\hpe52B2.dll
Some content of TEMP:
====================
C:\Users\Jonas\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-20 17:34
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-01-2014 01
Ran by Jonas at 2014-01-25 19:38:22
Running from C:\Users\Jonas\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Kaspersky Internet Security (Enabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AS: Kaspersky Internet Security (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
==================== Installed Programs ======================
Update for Microsoft Office 2007 (KB2508958) (x32 Version: - Microsoft) <==== ATTENTION
64 Bit HP CIO Components Installer (Version: 4.2.1 - Hewlett-Packard) Hidden
7-Zip 9.20 (x32 Version: - )
Adobe ExtendScript Toolkit 2 (x32 Version: 2.0.2 - Adobe Systems Incorporated)
Adobe ExtendScript Toolkit 2 (x32 Version: 2.0.2 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 ActiveX (x32 Version: 10.0.2.54 - Adobe Systems, Inc.)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.43 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (x32 Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Setup (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Shockwave Player 11.6 (x32 Version: 11.6.7.637 - Adobe Systems, Inc.)
AIS Connect (x32 Version: 1.1.1.6 - Fujitsu Technology Solutions GmbH)
AIS Connect (x32 Version: 1.1.1.6 - Fujitsu Technology Solutions GmbH) Hidden
AllDup 3.4.12 (x32 Version: 3.4.12 - Michael Thummerer Software Design)
Apple Application Support (x32 Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (Version: 6.1.0.13 - Apple Inc.) <==== ATTENTION
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Biet-O-Matic v2.14.12 (x32 Version: 2.14.12 - BOM Development Team)
Bluetooth Feature Pack 5.0 (Version: 5.0.14 - CSR Plc.)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
CCleaner (Version: 4.04 - Piriform)
CyberLink YouCam (x32 Version: 3.0.1908.7636 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.0.1908.7636 - CyberLink Corp.) Hidden
DAEMON Tools Lite (x32 Version: 4.46.1.0327 - DT Soft Ltd)
Dropbox (HKCU Version: 2.0.22 - Dropbox, Inc.)
DVBViewer TERRATEC Edition (x32 Version: - CM&V)
ESET Online Scanner v3 (x32 Version: - )
Evernote v. 4.6.2 (x32 Version: 4.6.2.7927 - Evernote Corp.)
FileZilla Client 3.5.3 (x32 Version: 3.5.3 - FileZilla Project)
foobar2000 v1.1.16 (x32 Version: 1.1.16 - Peter Pawlowski)
Free Download Manager 3.9.2 (x32 Version: - FreeDownloadManager.ORG)
Fujitsu Display Manager (Version: 7.01.00.210 - FUJITSU LIMITED) Hidden
Fujitsu Display Manager (x32 Version: - )
Fujitsu Hotkey Utility (x32 Version: 3.60.1.0 - FUJITSU LIMITED)
Fujitsu Hotkey Utility (x32 Version: 3.60.1.0 - FUJITSU LIMITED) Hidden
Fujitsu MobilityCenter Extension Utility (Version: 3.01.00.000 - Ihr Firmenname) Hidden <==== ATTENTION
Fujitsu MobilityCenter Extension Utility (x32 Version: - ) <==== ATTENTION
Fujitsu System Extension Utility (Version: 3.1.1.0 - FUJITSU LIMITED) Hidden
Fujitsu System Extension Utility (x32 Version: - )
inSSIDer 3 (x32 Version: 3.0.7.48 - MetaGeek, LLC)
Intel(R) Graphics Media Accelerator Driver (x32 Version: 8.15.10.2025 - Intel Corporation) <==== ATTENTION
Intel(R) Management Engine Components (x32 Version: 6.0.0.1179 - Intel Corporation)
iTunes (Version: 11.0.3.42 - Apple Inc.)
Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 0.9 (x32 Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Kaspersky Internet Security 2013 (x32 Version: 13.0.1.4190 - Kaspersky Lab)
Kaspersky Internet Security 2013 (x32 Version: 13.0.1.4190 - Kaspersky Lab) Hidden
K-Lite Codec Pack 9.5.0 (64-bit) (Version: 9.5.0 - )
K-Lite Codec Pack 9.5.0 (Basic) (x32 Version: 9.5.0 - )
LifeBook Application Panel (Version: 8.1.0.0 - FUJITSU LIMITED) Hidden
LifeBook Application Panel (x32 Version: - )
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
mediscript_gk1_0312 (x32 Version: 2.59 - Elsevier)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Default Manager (x32 Version: 2.1.55.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden <==== ATTENTION
Microsoft Office 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) <==== ATTENTION
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) <==== ATTENTION
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation) <==== ATTENTION
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1 - Microsoft Corporation) <==== ATTENTION
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden <==== ATTENTION
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1 - Nokia) Hidden
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1 - Nokia) Hidden
MiniTool Partition Wizard Home Edition 7.5 (x32 Version: - MiniTool Solution Ltd.)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla) <==== ATTENTION
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
MyPhoneExplorer (x32 Version: 1.8.4 - F.J. Wechselberger)
PDF Architect (x32 Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (x32 Version: 1.7.1 - pdfforge)
Pegasus Mail (x32 Version: - David Harris)
Pegasus Mail HTML Renderer 2.4.7.2 (x32 Version: - Micha's Midnight Manufacture)
Pegasus Mail v4.63 Release 1, Build 325 (Deutsche Komplettversi (x32 Version: - Tech Soft GmbH)
Power Saving Utility (Version: 31.01.11.013 - FUJITSU LIMITED) Hidden
Power Saving Utility (x32 Version: - )
Realtek High Definition Audio Driver (x32 Version: 6.0.1.5969 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7100.30087 - Realtek Semiconductor Corp.)
Remote Control Server (x32 Version: 1.6.0.5 - Steppschuh)
Sandboxie 3.48 (64-bit) (Version: - )
SDFormatter (x32 Version: 3.1.0 - SD Association)
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
Smart Defrag 2 (x32 Version: 2.8 - IObit)
Sony Ericsson PC Suite 6.011.00 (x32 Version: 6.011.00 - Sony Ericsson)
SpeedFan (remove only) (x32 Version: - )
Spyder3Pro (x32 Version: - )
StreamTransport version: 1.0.2.2171 (x32 Version: - )
Stronghold (x32 Version: - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (Version: 14.0.10.0 - Synaptics Incorporated) <==== ATTENTION
SystemDiagnostics (x32 Version: 2.04.0006 - Fujitsu Technology Solutions)
TERRATEC H6 (64 Bit) (x32 Version: 5.09.1202.00 - TERRATEC)
TreeSize Free V2.7 (x32 Version: 2.7 - JAM Software)
Update for 2007 Microsoft Office System (KB967642) (x32 Version: - Microsoft) <==== ATTENTION
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32 Version: - Microsoft) <==== ATTENTION
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32 Version: - Microsoft) <==== ATTENTION
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32 Version: - Microsoft) <==== ATTENTION
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32 Version: - Microsoft) <==== ATTENTION
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32 Version: - Microsoft) <==== ATTENTION
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (x32 Version: - Microsoft) <==== ATTENTION
Update für Microsoft Office Excel 2007 Help (KB963678) (x32 Version: - Microsoft) <==== ATTENTION
Update für Microsoft Office Outlook 2007 Help (KB963677) (x32 Version: - Microsoft) <==== ATTENTION
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version: - Microsoft) <==== ATTENTION
Update für Microsoft Office Word 2007 Help (KB963665) (x32 Version: - Microsoft) <==== ATTENTION
utility version 2.05.03 (x32 Version: - )
Visual C++ 2008 x86 Runtime - (v9.0.30729) (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (x32 Version: 9.0.30729.01 - Microsoft Corporation)
VLC media player 2.0.2 (Version: 2.0.2 - VideoLAN)
VLC media player 2.0.4 (x32 Version: 2.0.4 - VideoLAN)
Walter de Gruyter - Pschyrembel (x32 Version: - )
Windows Live Call (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Mail (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Sync (x32 Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (x32 Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Mobile-Gerätecenter (Version: 6.1.6965.0 - Microsoft Corporation) <==== ATTENTION
Windows-Treiberpaket - TERRATEC (USB28xxBGA) Media (12/02/2009 5.09.1202.00) (Version: 12/02/2009 5.09.1202.00 - TERRATEC )
WinRAR 4.20 (64-Bit) (Version: 4.20.0 - win.rar GmbH)
Wireless Selector (Version: 4.01.00.101 - FUJITSU LIMITED) Hidden
Wireless Selector (x32 Version: - )
ZENcast Organizer (x32 Version: - )
==================== Restore Points =========================
25-01-2014 11:50:42 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2009-07-14 03:34 - 2013-11-10 11:29 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {1B7138B2-E1A4-492A-AF21-5CF8BD373EC4} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {1C85CBAD-38E9-46DF-951B-33AB5F7AB87D} - System32\Tasks\{FA46A87F-A937-465C-97F9-B700920641BE} => Firefox.exe hxxp://ui.skype.com/ui/0/5.5.0.114.259/en/abandoninstall?page=tsPlugin&installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;userlevelpresent
Task: {510B51DA-0B88-475B-94CE-560823739814} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-18] (Adobe Systems Incorporated)
Task: {5DDF0FCD-233F-4E65-BDF8-5A06C91AE8A4} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {6A6EC652-C59D-4829-9367-C3D42F98FC86} - System32\Tasks\SmartDefragUpdate => C:\Program Files (x86)\IObit\Smart Defrag 2\AutoUpdate.exe [2013-05-22] (IObit)
Task: {73267FFA-C627-4399-8DFD-4C66A4C1B66C} - System32\Tasks\CCleanerSkipUAC => D:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)
Task: {7EA2747A-4681-48A8-8E53-EAD1F0AF2072} - System32\Tasks\{D0D938DB-DE23-445F-8A68-C7F7BF41CFFF} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {972089C4-742E-454B-83BF-A242825B72A4} - System32\Tasks\{6F54EEE4-5FAB-40D5-BAE7-24C788D13342} => Firefox.exe hxxp://ui.skype.com/ui/0/5.1.0.112.259/en/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;alreadyoffered
Task: {E96A91AA-7623-4EDF-95BF-53E330F9F810} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe [2013-06-14] (IObit)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-11-28 13:13 - 2012-11-28 13:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 13:13 - 2012-11-28 13:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-03-06 12:24 - 2013-03-06 12:24 - 01310136 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\kpcengine.2.2.dll
2009-09-01 20:40 - 2009-09-01 20:40 - 00135168 _____ () C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility Libs\Appearance Pak.dll
2009-09-01 20:40 - 2009-09-01 20:40 - 00147456 _____ () C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility Libs\RegEx.dll
2009-09-01 20:40 - 2009-09-01 20:40 - 00892928 _____ () C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility Libs\RBScript.dll
2009-09-01 20:40 - 2009-09-01 20:40 - 00098304 _____ () C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility Libs\Shell.dll
2009-09-01 20:40 - 2009-09-01 20:40 - 01167312 _____ () C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility Libs\XML.dll
2009-09-01 20:40 - 2009-09-01 20:40 - 00335872 _____ () C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility Libs\CGamma.dll
2009-09-01 20:40 - 2009-09-01 20:40 - 00131072 _____ () C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility Libs\CSensor.dll
2009-09-01 20:40 - 2009-09-01 20:40 - 00028672 _____ () C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility Libs\MBSRegistrationPlugin15968.dll
2009-09-01 20:40 - 2009-09-01 20:40 - 00025600 _____ () C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility Libs\MBSPluginVersionPlugin15968.dll
2012-08-17 20:38 - 2012-08-17 20:38 - 00479160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll
2014-01-10 11:54 - 2014-01-10 11:54 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-01-19 00:27 - 2011-05-19 10:37 - 00565827 _____ () D:\PMAIL\Programs\sqlite3.dll
2014-01-18 17:18 - 2014-01-18 17:18 - 16287624 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/25/2014 04:31:53 PM) (Source: Application Hang) (User: )
Description: Programm winpm-32.exe, Version 4.6.3.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: af8
Startzeit: 01cf19e27887548c
Endzeit: 4
Anwendungspfad: D:\PMAIL\Programs\winpm-32.exe
Berichts-ID: ccebb23f-85d5-11e3-a888-b482fe9d84ea
Error: (01/25/2014 00:22:37 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (01/25/2014 02:24:08 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15260454
Error: (01/25/2014 02:24:08 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15260454
Error: (01/25/2014 02:24:08 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (01/24/2014 10:09:51 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4071
Error: (01/24/2014 10:09:51 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4071
Error: (01/24/2014 10:09:51 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (01/24/2014 10:09:50 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3042
Error: (01/24/2014 10:09:50 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3042
System errors:
=============
Error: (01/25/2014 02:35:08 AM) (Source: DCOM) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (01/24/2014 01:40:15 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (01/24/2014 08:34:30 AM) (Source: BROWSER) (User: )
Description: Das Einlesen der Sicherungsliste durch den Suchdienst schlug auf Transport "\Device\NetBT_Tcpip_{D7A43002-C446-490F-B4F6-FD5F276E834F}" zu oft fehl.
Der Sicherungssuchdienst wird beendet.
Error: (01/23/2014 03:20:51 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (01/23/2014 07:07:53 AM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (01/22/2014 11:32:02 PM) (Source: DCOM) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (01/22/2014 10:27:13 AM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (01/21/2014 10:05:57 AM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (01/18/2014 11:06:52 PM) (Source: NetBT) (User: )
Description: Der Name "SANDWICH :20" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.1.222
registriert werden. Der Computer mit IP-Adresse 192.168.1.231 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (01/18/2014 11:06:52 PM) (Source: Server) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{D7A43002-C446-490F-B4F6-FD5F276E834F} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Microsoft Office Sessions:
=========================
Error: (11/12/2013 05:20:18 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 344 seconds with 0 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2014-01-25 12:22:19.863
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-25 12:22:19.863
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-25 12:22:19.863
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-25 12:22:19.853
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-25 12:22:19.843
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-25 12:22:19.843
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-24 09:02:11.374
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-24 09:02:11.372
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-24 09:02:11.370
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-24 09:02:11.357
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 58%
Total physical RAM: 3892.55 MB
Available physical RAM: 1624.85 MB
Total Pagefile: 7783.29 MB
Available Pagefile: 5185.96 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:50 GB) (Free:2.09 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:246.08 GB) (Free:95.82 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 8E760A6D)
Partition 1: (Active) - (Size=2 GB) - (Type=27)
Partition 2: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=246 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19355 - hxxp://www.gmer.net
Rootkit scan 2014-01-26 10:31:56
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST932032 rev.0001 298,09GB
Running: gmer.exe; Driver: C:\Users\Jonas\AppData\Local\Temp\kgtcypob.sys
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[3808] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000759b1465 2 bytes [9B, 75]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[3808] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000759b14bb 2 bytes [9B, 75]
.text ... * 2
---- Processes - GMER 2.1 ----
Library C:\Users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (*** suspicious ***) @ C:\Windows\Explorer.EXE [3680] 000007fef66e0000
Process C:\Users\Jonas\AppData\Local\Temp\Temp1_gmer_2.1.19355.zip\gmer.exe (*** suspicious ***) @ C:\Users\Jonas\AppData\Local\Temp\Temp1_gmer_2.1.19355.zip\gmer.exe [1496](2014-01-21 20:56:24) 0000000000400000
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\b482fe9d84ea
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\b482fe9d84ea@58b035980427 0x63 0x1E 0xCC 0x6B ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\b482fe9d84ea@00164e5dc685 0xFF 0x03 0x2B 0x6E ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\b482fe9d84ea@60a10a8a2fb7 0x66 0x04 0xE6 0x04 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\b482fe9d84ea@001e45be0619 0x6D 0x95 0x92 0x31 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\b482fe9d84ea@002376649d5c 0x09 0xEE 0x46 0x51 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\b482fe9d84ea (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\b482fe9d84ea@58b035980427 0x63 0x1E 0xCC 0x6B ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\b482fe9d84ea@00164e5dc685 0xFF 0x03 0x2B 0x6E ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\b482fe9d84ea@60a10a8a2fb7 0x66 0x04 0xE6 0x04 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\b482fe9d84ea@001e45be0619 0x6D 0x95 0x92 0x31 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\b482fe9d84ea@002376649d5c 0x09 0xEE 0x46 0x51 ...
---- EOF - GMER 2.1 ----
Code:
ATTFilter Type: Trojan program (21)
Trojan-Ransom.Win32.Gimemo.bmdz Detected; not processed 22.01.2014 11:53:17 D:\PMAIL\MAIL\ADMIN20h34\PDQ9U5BP.CNM//message/rfc822//text/plain//[Subj Payroll Invoice]/invoice.zip// invoice_23874612912312_26891223pao.pdf.exe
Backdoor.Win32.ZAccess.ewjg Detected; not processed 22.01.2014 11:53:16 D:\PMAIL\MAIL\ADMIN20h34\PDIY88E5.CNM//message/rfc822//text/plain//[Subj Hello]/DSC_0178(copy).jpg.zip// DSC_0178(copy).jpg.exe
Backdoor.Win32.ZAccess.evqp Detected; not processed 22.01.2014 11:53:50 D:\PMAIL\MAIL\ADMIN20h34\PLUUAJF3.CNM//message/rfc822//text/plain//[Subj Payroll Invoice]/invoice.zip// invoice_2397414914891203_289342ap.pdf.exe
Trojan-Ransom.Win32.Gimemo.bmdz Detected; not processed 22.01.2014 12:01:28 D:\usb\PMAIL\MAIL\ADMIN\PDQ9U5BP.CNM//message/rfc822//text/plain//[Subj Payroll Invoice]/invoice.zip// invoice_23874612912312_26891223pao.pdf.exe
Backdoor.Win32.ZAccess.evlz Detected; not processed 22.01.2014 12:02:47 D:\usb\PMAIL\MAIL\ADMIN\PQBKMU6Z.CNM//message/rfc822//text/plain//[Subj Payroll Invoice]/invoice.zip// invoice_23942312841029_23973odf.pdf.exe
Backdoor.Win32.ZAccess.evlz Detected; not processed 22.01.2014 11:54:05 D:\PMAIL\MAIL\ADMIN20h34\PQBKMU6Z.CNM//message/rfc822//text/plain//[Subj Payroll Invoice]/invoice.zip// invoice_23942312841029_23973odf.pdf.exe
Backdoor.Win32.ZAccess.eweg Detected; not processed 22.01.2014 11:53:36 D:\PMAIL\MAIL\ADMIN20h34\PIV1YT75.CNM//message/rfc822//text/plain//[Subj Hello]/DSC_0492(copy).jpg.zip// DSC_0492(copy).jpg.exe
Backdoor.Win32.ZAccess.eykc Detected; not processed 22.01.2014 11:53:23 D:\PMAIL\MAIL\ADMIN20h34\PF9KOTH7.CNM//message/rfc822//text/plain//[Subj Payroll Invoice]/invoice.zip// invoice_23479102487120_9412049102op.pdf.exe
Trojan-Ransom.Win32.Gimemo.bmdz Detected; not processed 22.01.2014 12:00:32 D:\usb\PMAIL\MAIL\ADMIN\P6I92XCT.CNM//message/rfc822//text/plain//[Subj Payroll Invoice]/invoice.zip// invoice_23874612912312_26891223pao.pdf.exe
Backdoor.Win32.ZAccess.etmp Detected; not processed 22.01.2014 12:00:54 D:\usb\PMAIL\MAIL\ADMIN\P81YGYEL.CNM//message/rfc822//text/plain//[Subj Payroll Invoice]/invoice.zip// invoice_231094781247_164912812039iop.pdf.exe
Backdoor.Win32.ZAccess.eykc Detected; not processed 22.01.2014 12:01:37 D:\usb\PMAIL\MAIL\ADMIN\PF9KOTH7.CNM//message/rfc822//text/plain//[Subj Payroll Invoice]/invoice.zip// invoice_23479102487120_9412049102op.pdf.exe
Backdoor.Win32.ZAccess.eweg Detected; not processed 22.01.2014 12:02:00 D:\usb\PMAIL\MAIL\ADMIN\PIV1YT75.CNM//message/rfc822//text/plain//[Subj Hello]/DSC_0492(copy).jpg.zip// DSC_0492(copy).jpg.exe
Backdoor.Win32.ZAccess.eweg Detected; not processed 22.01.2014 11:53:54 D:\PMAIL\MAIL\ADMIN20h34\PN4YP8U8.CNM//message/rfc822//text/plain//[Subj Hello]/DSC_0492(copy).jpg.zip// DSC_0492(copy).jpg.exe
Trojan-Ransom.Win32.Gimemo.bmdz Detected; not processed 22.01.2014 11:52:50 D:\PMAIL\MAIL\ADMIN20h34\P6I92XCT.CNM//message/rfc822//text/plain//[Subj Payroll Invoice]/invoice.zip// invoice_23874612912312_26891223pao.pdf.exe
Backdoor.Win32.ZAccess.etmp Detected; not processed 22.01.2014 11:52:56 D:\PMAIL\MAIL\ADMIN20h34\P81YGYEL.CNM//message/rfc822//text/plain//[Subj Payroll Invoice]/invoice.zip// invoice_231094781247_164912812039iop.pdf.exe
Backdoor.Win32.ZAccess.evqp Detected; not processed 22.01.2014 12:02:22 D:\usb\PMAIL\MAIL\ADMIN\PLUUAJF3.CNM//message/rfc822//text/plain//[Subj Payroll Invoice]/invoice.zip// invoice_2397414914891203_289342ap.pdf.exe
Backdoor.Win32.ZAccess.eweg Detected; not processed 22.01.2014 12:02:29 D:\usb\PMAIL\MAIL\ADMIN\PN4YP8U8.CNM//message/rfc822//text/plain//[Subj Hello]/DSC_0492(copy).jpg.zip// DSC_0492(copy).jpg.exe
Backdoor.Win32.ZAccess.ewjg Detected; not processed 22.01.2014 12:01:27 D:\usb\PMAIL\MAIL\ADMIN\PDIY88E5.CNM//message/rfc822//text/plain//[Subj Hello]/DSC_0178(copy).jpg.zip// DSC_0178(copy).jpg.exe
Trojan.Win32.Inject.hhnv Deleted 22.01.2014 11:50:54 D:\PMAIL\MAIL\ADMIN\P9VIKNLK.CNM//2014_01rechnung_8825477220.pdf.zip// 2014_01rechnung_8740094773.pdf.exe
Trojan.Win32.Inject.hhnv Deleted 22.01.2014 11:52:08 D:\PMAIL\MAIL\ADMIN\PWUAAN7T.CNM//2014_01rechnung_6441889933.pdf.zip// 2014_01rechnung_8740094773.pdf.exe
Trojan.Win32.Inject.hhnv Deleted 22.01.2014 11:50:58 D:\PMAIL\MAIL\ADMIN\PB2USQYK.CNM//2014_01rechnung_4446867251.pdf.zip// 2014_01rechnung_8740094773.pdf.exe
Type: Unknown (3)
P9VIKNLK.CNM Disinfected 22.01.2014 11:50:54 D:\PMAIL\MAIL\ADMIN\ P9VIKNLK.CNM
PB2USQYK.CNM Disinfected 22.01.2014 11:50:58 D:\PMAIL\MAIL\ADMIN\ PB2USQYK.CNM
PWUAAN7T.CNM Disinfected 22.01.2014 11:52:08 D:\PMAIL\MAIL\ADMIN\ PWUAAN7T.CNM
Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.01.26.03 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16476 Jonas :: SANDWICH [Administrator] 26.01.2014 10:42:03 mbam-log-2014-01-26 (10-42-03).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 336247 Laufzeit: 6 Minute(n), 53 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) eiskorn. Geändert von eiskorn (26.01.2014 um 10:50 Uhr) |
|
26.01.2014, 11:23
| #2 |
| /// Selecta Jahrusso   | Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject Diese Funde sind als Anhang via Email gekommen. Irgendwelche dieser gefakten PDF Dateien geöffnet, welche eigentlich exe Dateien sind. Die FRST logs sehen eigentlich ok aus. Macht der Rechner Probleme?
__________________ |
|
26.01.2014, 15:32
| #3 |
| | Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject Lahmt ein wenig ehrlich gesagt.
__________________ |
|
26.01.2014, 16:43
| #4 |
| /// Selecta Jahrusso | Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject Hy. Sehen wir mal genauer nach. Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
26.01.2014, 17:33
| #5 |
| | Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject Hi, Code:
ATTFilter 17:28:59.0289 0x02a8 TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
17:29:05.0976 0x02a8 ============================================================
17:29:05.0976 0x02a8 Current date / time: 2014/01/26 17:29:05.0976
17:29:05.0976 0x02a8 SystemInfo:
17:29:05.0976 0x02a8
17:29:05.0976 0x02a8 OS Version: 6.1.7601 ServicePack: 1.0
17:29:05.0976 0x02a8 Product type: Workstation
17:29:05.0976 0x02a8 ComputerName: SANDWICH
17:29:05.0976 0x02a8 UserName: Jonas
17:29:05.0976 0x02a8 Windows directory: C:\Windows
17:29:05.0977 0x02a8 System windows directory: C:\Windows
17:29:05.0977 0x02a8 Running under WOW64
17:29:05.0977 0x02a8 Processor architecture: Intel x64
17:29:05.0977 0x02a8 Number of processors: 4
17:29:05.0977 0x02a8 Page size: 0x1000
17:29:05.0977 0x02a8 Boot type: Normal boot
17:29:05.0977 0x02a8 ============================================================
17:29:07.0161 0x02a8 KLMD registered as C:\Windows\system32\drivers\22436534.sys
17:29:07.0392 0x02a8 System UUID: {C7D7F9F2-F9CD-13CF-38CA-651F7F236B65}
17:29:08.0002 0x02a8 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:29:08.0035 0x02a8 ============================================================
17:29:08.0035 0x02a8 \Device\Harddisk0\DR0:
17:29:08.0035 0x02a8 MBR partitions:
17:29:08.0035 0x02a8 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x40466C, BlocksNum 0x6400800
17:29:08.0035 0x02a8 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x6805000, BlocksNum 0x1EC29000
17:29:08.0035 0x02a8 ============================================================
17:29:08.0104 0x02a8 C: <-> \Device\Harddisk0\DR0\Partition1
17:29:08.0143 0x02a8 D: <-> \Device\Harddisk0\DR0\Partition2
17:29:08.0144 0x02a8 ============================================================
17:29:08.0144 0x02a8 Initialize success
17:29:08.0144 0x02a8 ============================================================
17:30:39.0989 0x0cec ============================================================
17:30:39.0989 0x0cec Scan started
17:30:39.0989 0x0cec Mode: Manual; SigCheck; TDLFS;
17:30:39.0989 0x0cec ============================================================
17:30:39.0989 0x0cec KSN ping started
17:30:42.0724 0x0cec KSN ping finished: true
17:30:43.0151 0x0cec ================ Scan system memory ========================
17:30:43.0151 0x0cec System memory - ok
17:30:43.0152 0x0cec ================ Scan services =============================
17:30:43.0306 0x0cec [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:30:43.0438 0x0cec 1394ohci - ok
17:30:43.0465 0x0cec [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:30:43.0486 0x0cec ACPI - ok
17:30:43.0505 0x0cec [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:30:43.0578 0x0cec AcpiPmi - ok
17:30:43.0625 0x0cec [ 2F0683FD2DF1D92E891CACA14B45A8C1, B4A8D6A183FA0B7D642FAD6B51C19FEC998481E1C49480D2B391E5D8B55F5BBD ] adfs C:\Windows\system32\drivers\adfs.sys
17:30:43.0646 0x0cec adfs - ok
17:30:43.0813 0x0cec [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:30:43.0827 0x0cec AdobeARMservice - ok
17:30:43.0935 0x0cec [ 8D268693A6DCE3D7319DF14834841BAF, 229C95FE2E6A692EBC2842823A1C7D438F8DF18F44691BD7AFE79DB76F092F9D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:30:43.0952 0x0cec AdobeFlashPlayerUpdateSvc - ok
17:30:44.0005 0x0cec [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:30:44.0041 0x0cec adp94xx - ok
17:30:44.0087 0x0cec [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:30:44.0108 0x0cec adpahci - ok
17:30:44.0124 0x0cec [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:30:44.0141 0x0cec adpu320 - ok
17:30:44.0167 0x0cec [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:30:44.0292 0x0cec AeLookupSvc - ok
17:30:44.0341 0x0cec [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\Windows\system32\drivers\afd.sys
17:30:44.0444 0x0cec AFD - ok
17:30:44.0500 0x0cec [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
17:30:44.0512 0x0cec agp440 - ok
17:30:44.0546 0x0cec [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
17:30:44.0597 0x0cec ALG - ok
17:30:44.0629 0x0cec [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
17:30:44.0648 0x0cec aliide - ok
17:30:44.0673 0x0cec [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
17:30:44.0691 0x0cec amdide - ok
17:30:44.0712 0x0cec [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:30:44.0777 0x0cec AmdK8 - ok
17:30:44.0794 0x0cec [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:30:44.0837 0x0cec AmdPPM - ok
17:30:44.0906 0x0cec [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:30:44.0922 0x0cec amdsata - ok
17:30:44.0975 0x0cec [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:30:44.0994 0x0cec amdsbs - ok
17:30:45.0014 0x0cec [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:30:45.0025 0x0cec amdxata - ok
17:30:45.0083 0x0cec [ 363571BC0C79E394E69300D1F2E3DDAE, 4C9DDB848900081D95C14026B0E7B84419867685506E616E1FDA1B79B1FD224B ] androidusb C:\Windows\system32\Drivers\androidusb.sys
17:30:45.0147 0x0cec androidusb - ok
17:30:45.0203 0x0cec [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
17:30:45.0398 0x0cec AppID - ok
17:30:45.0423 0x0cec [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:30:45.0488 0x0cec AppIDSvc - ok
17:30:45.0560 0x0cec [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
17:30:45.0616 0x0cec Appinfo - ok
17:30:45.0715 0x0cec [ 4FE5C6D40664AE07BE5105874357D2ED, 70DD05EE80B77EB2F781E0919885D1BBB1119EA1A8955935AF5AECD05E30F14A ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:30:45.0780 0x0cec Apple Mobile Device - ok
17:30:45.0849 0x0cec [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
17:30:45.0892 0x0cec AppMgmt - ok
17:30:45.0920 0x0cec [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
17:30:45.0934 0x0cec arc - ok
17:30:45.0965 0x0cec [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:30:45.0985 0x0cec arcsas - ok
17:30:46.0015 0x0cec [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:30:46.0081 0x0cec AsyncMac - ok
17:30:46.0139 0x0cec [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
17:30:46.0151 0x0cec atapi - ok
17:30:46.0234 0x0cec [ D6CAD7E5B05055BB8226BDCB1644DA27, 053DBE95BE044C2674825561619A188660865AFCC4FD3C1D1E4F08972F5CC8DF ] athr C:\Windows\system32\DRIVERS\athrx.sys
17:30:46.0406 0x0cec athr - ok
17:30:46.0470 0x0cec [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:30:46.0574 0x0cec AudioEndpointBuilder - ok
17:30:46.0624 0x0cec [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:30:46.0675 0x0cec AudioSrv - ok
17:30:46.0745 0x0cec [ 15D2DB9BFA8E833ED31FAB2BB088FDDA, 6198C0A5DA01DA146A9A054C3C882A1DBF9BA84466EBFDDA1C1062EF36F9B34B ] AVP C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
17:30:46.0784 0x0cec AVP - ok
17:30:46.0837 0x0cec [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:30:47.0018 0x0cec AxInstSV - ok
17:30:47.0070 0x0cec [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
17:30:47.0137 0x0cec b06bdrv - ok
17:30:47.0188 0x0cec [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:30:47.0237 0x0cec b57nd60a - ok
17:30:47.0291 0x0cec [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
17:30:47.0339 0x0cec BDESVC - ok
17:30:47.0370 0x0cec [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
17:30:47.0431 0x0cec Beep - ok
17:30:47.0518 0x0cec [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
17:30:47.0603 0x0cec BFE - ok
17:30:47.0670 0x0cec [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
17:30:47.0761 0x0cec BITS - ok
17:30:47.0810 0x0cec [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:30:47.0845 0x0cec blbdrive - ok
17:30:47.0948 0x0cec [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:30:47.0980 0x0cec Bonjour Service - ok
17:30:48.0036 0x0cec [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:30:48.0086 0x0cec bowser - ok
17:30:48.0127 0x0cec [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:30:48.0198 0x0cec BrFiltLo - ok
17:30:48.0216 0x0cec [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:30:48.0251 0x0cec BrFiltUp - ok
17:30:48.0322 0x0cec [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
17:30:48.0385 0x0cec BridgeMP - ok
17:30:48.0444 0x0cec [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
17:30:48.0499 0x0cec Browser - ok
17:30:48.0525 0x0cec [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:30:48.0591 0x0cec Brserid - ok
17:30:48.0611 0x0cec [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:30:48.0649 0x0cec BrSerWdm - ok
17:30:48.0678 0x0cec [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:30:48.0720 0x0cec BrUsbMdm - ok
17:30:48.0752 0x0cec [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:30:48.0785 0x0cec BrUsbSer - ok
17:30:48.0846 0x0cec [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
17:30:48.0912 0x0cec BthEnum - ok
17:30:48.0961 0x0cec [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:30:48.0993 0x0cec BTHMODEM - ok
17:30:49.0035 0x0cec [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
17:30:49.0073 0x0cec BthPan - ok
17:30:49.0140 0x0cec [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
17:30:49.0239 0x0cec BTHPORT - ok
17:30:49.0278 0x0cec [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
17:30:49.0332 0x0cec bthserv - ok
17:30:49.0384 0x0cec [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
17:30:49.0427 0x0cec BTHUSB - ok
17:30:49.0477 0x0cec catchme - ok
17:30:49.0510 0x0cec [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:30:49.0574 0x0cec cdfs - ok
17:30:49.0633 0x0cec [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:30:49.0676 0x0cec cdrom - ok
17:30:49.0726 0x0cec [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
17:30:49.0784 0x0cec CertPropSvc - ok
17:30:49.0820 0x0cec [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:30:49.0850 0x0cec circlass - ok
17:30:49.0892 0x0cec [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
17:30:49.0915 0x0cec CLFS - ok
17:30:50.0002 0x0cec [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:30:50.0014 0x0cec clr_optimization_v2.0.50727_32 - ok
17:30:50.0061 0x0cec [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:30:50.0082 0x0cec clr_optimization_v2.0.50727_64 - ok
17:30:50.0159 0x0cec [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:30:50.0175 0x0cec clr_optimization_v4.0.30319_32 - ok
17:30:50.0218 0x0cec [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:30:50.0241 0x0cec clr_optimization_v4.0.30319_64 - ok
17:30:50.0285 0x0cec [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:30:50.0318 0x0cec CmBatt - ok
17:30:50.0351 0x0cec [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:30:50.0369 0x0cec cmdide - ok
17:30:50.0411 0x0cec [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
17:30:50.0448 0x0cec CNG - ok
17:30:50.0466 0x0cec [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:30:50.0477 0x0cec Compbatt - ok
17:30:50.0542 0x0cec [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
17:30:50.0577 0x0cec CompositeBus - ok
17:30:50.0598 0x0cec COMSysApp - ok
17:30:50.0625 0x0cec [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:30:50.0643 0x0cec crcdisk - ok
17:30:50.0696 0x0cec [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:30:50.0764 0x0cec CryptSvc - ok
17:30:50.0805 0x0cec [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
17:30:50.0885 0x0cec CSC - ok
17:30:50.0943 0x0cec [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
17:30:51.0006 0x0cec CscService - ok
17:30:51.0060 0x0cec [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:30:51.0140 0x0cec DcomLaunch - ok
17:30:51.0172 0x0cec [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
17:30:51.0221 0x0cec defragsvc - ok
17:30:51.0274 0x0cec [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:30:51.0327 0x0cec DfsC - ok
17:30:51.0391 0x0cec [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
17:30:51.0459 0x0cec Dhcp - ok
17:30:51.0488 0x0cec [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
17:30:51.0526 0x0cec discache - ok
17:30:51.0584 0x0cec [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:30:51.0598 0x0cec Disk - ok
17:30:51.0644 0x0cec [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:30:51.0700 0x0cec Dnscache - ok
17:30:51.0741 0x0cec [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
17:30:51.0804 0x0cec dot3svc - ok
17:30:51.0876 0x0cec [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
17:30:51.0936 0x0cec DPS - ok
17:30:51.0964 0x0cec [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:30:52.0007 0x0cec drmkaud - ok
17:30:52.0059 0x0cec [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
17:30:52.0079 0x0cec dtsoftbus01 - ok
17:30:52.0136 0x0cec [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:30:52.0186 0x0cec DXGKrnl - ok
17:30:52.0220 0x0cec [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
17:30:52.0276 0x0cec EapHost - ok
17:30:52.0420 0x0cec [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
17:30:52.0608 0x0cec ebdrv - ok
17:30:52.0645 0x0cec [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS C:\Windows\System32\lsass.exe
17:30:52.0668 0x0cec EFS - ok
17:30:52.0756 0x0cec [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:30:52.0844 0x0cec ehRecvr - ok
17:30:52.0869 0x0cec [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
17:30:52.0935 0x0cec ehSched - ok
17:30:52.0983 0x0cec [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:30:53.0018 0x0cec elxstor - ok
17:30:53.0049 0x0cec [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:30:53.0078 0x0cec ErrDev - ok
17:30:53.0127 0x0cec [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
17:30:53.0196 0x0cec EventSystem - ok
17:30:53.0246 0x0cec [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
17:30:53.0299 0x0cec exfat - ok
17:30:53.0333 0x0cec [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:30:53.0396 0x0cec fastfat - ok
17:30:53.0459 0x0cec [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
17:30:53.0556 0x0cec Fax - ok
17:30:53.0614 0x0cec [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:30:53.0647 0x0cec fdc - ok
17:30:53.0685 0x0cec [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
17:30:53.0750 0x0cec fdPHost - ok
17:30:53.0782 0x0cec [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
17:30:53.0842 0x0cec FDResPub - ok
17:30:53.0885 0x0cec [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:30:53.0901 0x0cec FileInfo - ok
17:30:53.0918 0x0cec [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:30:53.0955 0x0cec Filetrace - ok
17:30:53.0970 0x0cec [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:30:54.0003 0x0cec flpydisk - ok
17:30:54.0040 0x0cec [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:30:54.0059 0x0cec FltMgr - ok
17:30:54.0148 0x0cec [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
17:30:54.0251 0x0cec FontCache - ok
17:30:54.0313 0x0cec [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:30:54.0325 0x0cec FontCache3.0.0.0 - ok
17:30:54.0348 0x0cec [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:30:54.0360 0x0cec FsDepends - ok
17:30:54.0408 0x0cec [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:30:54.0429 0x0cec Fs_Rec - ok
17:30:54.0462 0x0cec [ BA0C1FFDA496D8BCBCAC63F8D98D20E3, 28D37F07A58D5AFA48A18BB4A780A36A3F8D49E94DE8CA5071071CCF16C0C090 ] FUJ02B1 C:\Windows\system32\DRIVERS\FUJ02B1.sys
17:30:54.0513 0x0cec FUJ02B1 - ok
17:30:54.0527 0x0cec [ 7135030CBF87D724B6037BB023923730, 1F6D9A7D7033226507DEDD53CB686C0F3CDC15FD7E77DBC5263256E8EB541E4E ] FUJ02E3 C:\Windows\system32\DRIVERS\FUJ02E3.sys
17:30:54.0549 0x0cec FUJ02E3 - ok
17:30:54.0605 0x0cec [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:30:54.0626 0x0cec fvevol - ok
17:30:54.0658 0x0cec [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:30:54.0671 0x0cec gagp30kx - ok
17:30:54.0699 0x0cec [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:30:54.0710 0x0cec GEARAspiWDM - ok
17:30:54.0767 0x0cec [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
17:30:54.0863 0x0cec gpsvc - ok
17:30:54.0922 0x0cec [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
17:30:54.0934 0x0cec hamachi - ok
17:30:54.0952 0x0cec [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:30:55.0003 0x0cec hcw85cir - ok
17:30:55.0063 0x0cec [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:30:55.0127 0x0cec HdAudAddService - ok
17:30:55.0174 0x0cec [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
17:30:55.0212 0x0cec HDAudBus - ok
17:30:55.0266 0x0cec [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
17:30:55.0283 0x0cec HECIx64 - ok
17:30:55.0314 0x0cec [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:30:55.0338 0x0cec HidBatt - ok
17:30:55.0369 0x0cec [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:30:55.0389 0x0cec HidBth - ok
17:30:55.0424 0x0cec [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:30:55.0456 0x0cec HidIr - ok
17:30:55.0493 0x0cec [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
17:30:55.0545 0x0cec hidserv - ok
17:30:55.0594 0x0cec [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:30:55.0622 0x0cec HidUsb - ok
17:30:55.0653 0x0cec [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:30:55.0722 0x0cec hkmsvc - ok
17:30:55.0768 0x0cec [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:30:55.0816 0x0cec HomeGroupListener - ok
17:30:55.0853 0x0cec [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:30:55.0888 0x0cec HomeGroupProvider - ok
17:30:55.0945 0x0cec [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:30:55.0960 0x0cec HpSAMD - ok
17:30:56.0030 0x0cec [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:30:56.0125 0x0cec HTTP - ok
17:30:56.0145 0x0cec hwdatacard - ok
17:30:56.0186 0x0cec [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:30:56.0198 0x0cec hwpolicy - ok
17:30:56.0221 0x0cec hwusbdev - ok
17:30:56.0261 0x0cec [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
17:30:56.0278 0x0cec i8042prt - ok
17:30:56.0326 0x0cec [ ABBF174CB394F5C437410A788B7E404A, 95554F675329E7062F0936E4E902FEFF2456CAD95D6C9B60DCC213EF6E4C62D8 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
17:30:56.0347 0x0cec iaStor - ok
17:30:56.0458 0x0cec [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:30:56.0483 0x0cec iaStorV - ok
17:30:56.0565 0x0cec [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:30:56.0622 0x0cec idsvc - ok
17:30:56.0640 0x0cec IEEtwCollectorService - ok
17:30:56.0915 0x0cec [ 8E509DE232CFA4F8A5B34F01802F500E, D7641C91BC359CF9A430811236DB4F12CCA4386CD62E7CB50FF0F8FA2F9FF2E7 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
17:30:57.0292 0x0cec igfx - ok
17:30:57.0332 0x0cec [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:30:57.0344 0x0cec iirsp - ok
17:30:57.0388 0x0cec [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
17:30:57.0475 0x0cec IKEEXT - ok
17:30:57.0504 0x0cec [ 36FDF367A1DABFF903E2214023D71368, 60468692C1D048428AF25ED87DE23DAE756C7BA2B6CF6AF5EFD2E53C80F5FC68 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
17:30:57.0535 0x0cec Impcd - ok
17:30:57.0669 0x0cec [ 42943BB3AB7A405B30EFF7C8283CC129, B914B5610565B794BE28664DE605C5726A0587F15034A026509885771C63B0D5 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:30:57.0788 0x0cec IntcAzAudAddService - ok
17:30:57.0834 0x0cec [ D248AAE81C156C0D47A77CD61BC24CD4, 0601FD06C85C5ADA8EE32A195FC4FB53F76E7E46E5504DE925E4292AF1D5C4B8 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
17:30:57.0935 0x0cec IntcDAud - ok
17:30:57.0955 0x0cec [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
17:30:57.0966 0x0cec intelide - ok
17:30:57.0994 0x0cec [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:30:58.0009 0x0cec intelppm - ok
17:30:58.0044 0x0cec [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:30:58.0099 0x0cec IPBusEnum - ok
17:30:58.0123 0x0cec [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:30:58.0180 0x0cec IpFilterDriver - ok
17:30:58.0238 0x0cec [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:30:58.0320 0x0cec iphlpsvc - ok
17:30:58.0351 0x0cec [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:30:58.0380 0x0cec IPMIDRV - ok
17:30:58.0401 0x0cec [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:30:58.0461 0x0cec IPNAT - ok
17:30:58.0549 0x0cec [ 2872B90D57C8310194A78A9787406467, 1BD326E8E59330E07D6B93E514EC3E6629A2046316BC9371AB82FE62F0DA2E94 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
17:30:58.0598 0x0cec iPod Service - ok
17:30:58.0616 0x0cec [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:30:58.0721 0x0cec IRENUM - ok
17:30:58.0781 0x0cec [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:30:58.0793 0x0cec isapnp - ok
17:30:58.0828 0x0cec [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:30:58.0876 0x0cec iScsiPrt - ok
17:30:58.0918 0x0cec [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:30:58.0930 0x0cec kbdclass - ok
17:30:58.0967 0x0cec [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:30:59.0040 0x0cec kbdhid - ok
17:30:59.0061 0x0cec [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso C:\Windows\system32\lsass.exe
17:30:59.0074 0x0cec KeyIso - ok
17:30:59.0139 0x0cec [ 795EC29BA21F1D948FD6FD740C00B599, 780900717A812C5DB78C67057010BD62DF2C756C087599A6F8C67CB4EFA7518C ] kl1 C:\Windows\system32\DRIVERS\kl1.sys
17:30:59.0174 0x0cec kl1 - ok
17:30:59.0246 0x0cec [ 788E5F92721849A17BD64883C49EB825, CEBCE3D9A84D31F597F8592F0E62C2E6ED8A492087F121B151E64903A86CAC52 ] KLIF C:\Windows\system32\DRIVERS\klif.sys
17:30:59.0286 0x0cec KLIF - ok
17:30:59.0327 0x0cec [ 31B69BFF28348503E4BD10C2A4F66D05, 891318C2DDF85E43DFCEE73717AEFCE79BC3DCD83FCD58E6F794AB6BF1739688 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
17:30:59.0339 0x0cec KLIM6 - ok
17:30:59.0390 0x0cec [ AEB50941C6D67128B14F88DB9917C4E0, 2ACE46665DE298CC197660A442A3172B1FB460A40BD18AECEA786ACB011FDA43 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
17:30:59.0402 0x0cec klkbdflt - ok
17:30:59.0415 0x0cec [ 72CF64FBF38CD681FA7F37176047E967, BE5683C119DCEF7E678EE477D6CADF873E32D42372A253B7E86B8C335DF28E1C ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
17:30:59.0427 0x0cec klmouflt - ok
17:30:59.0455 0x0cec [ 45ECF097BC6330C2054D7D43B7AD822B, 41684ED54E75FE6BEEA322E7CE888DFDD53EE1F45016E01CE10B84ABB02CBDA8 ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys
17:30:59.0468 0x0cec kltdi - ok
17:30:59.0501 0x0cec [ 1FCB657B581CC4DF17FD6571F93602DE, D5D95773D19AA47BA619D149FD6068198E2AA05C219C3936E327B3DFFDE6B10C ] kneps C:\Windows\system32\DRIVERS\kneps.sys
17:30:59.0520 0x0cec kneps - ok
17:30:59.0544 0x0cec [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:30:59.0560 0x0cec KSecDD - ok
17:30:59.0575 0x0cec [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:30:59.0592 0x0cec KSecPkg - ok
17:30:59.0630 0x0cec [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:30:59.0678 0x0cec ksthunk - ok
17:30:59.0732 0x0cec [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
17:30:59.0851 0x0cec KtmRm - ok
17:30:59.0895 0x0cec [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
17:30:59.0959 0x0cec LanmanServer - ok
17:31:00.0016 0x0cec [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:31:00.0074 0x0cec LanmanWorkstation - ok
17:31:00.0126 0x0cec [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:31:00.0180 0x0cec lltdio - ok
17:31:00.0231 0x0cec [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:31:00.0278 0x0cec lltdsvc - ok
17:31:00.0296 0x0cec [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:31:00.0347 0x0cec lmhosts - ok
17:31:00.0448 0x0cec [ A1C148801B4AF64847AEB9F3AD9594EF, FF6ED89EA47DF74C33CD8BFAC48FAED1B979348ABA6B6D94EE07CBD21810F37B ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:31:00.0544 0x0cec LMS - detected UnsignedFile.Multi.Generic ( 1 )
17:31:00.0620 0x0cec LMS ( UnsignedFile.Multi.Generic ) - warning
17:31:03.0432 0x0cec [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:31:03.0448 0x0cec LSI_FC - ok
17:31:03.0465 0x0cec [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:31:03.0481 0x0cec LSI_SAS - ok
17:31:03.0493 0x0cec [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:31:03.0507 0x0cec LSI_SAS2 - ok
17:31:03.0531 0x0cec [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:31:03.0546 0x0cec LSI_SCSI - ok
17:31:03.0575 0x0cec [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
17:31:03.0631 0x0cec luafv - ok
17:31:03.0675 0x0cec [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
17:31:03.0687 0x0cec MBAMProtector - ok
17:31:03.0743 0x0cec [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
17:31:03.0767 0x0cec MBAMScheduler - ok
17:31:03.0828 0x0cec [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
17:31:03.0861 0x0cec MBAMService - ok
17:31:03.0907 0x0cec [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:31:03.0925 0x0cec Mcx2Svc - ok
17:31:03.0951 0x0cec [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:31:03.0963 0x0cec megasas - ok
17:31:04.0002 0x0cec [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:31:04.0022 0x0cec MegaSR - ok
17:31:04.0119 0x0cec [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
17:31:04.0132 0x0cec Microsoft Office Groove Audit Service - ok
17:31:04.0152 0x0cec [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
17:31:04.0209 0x0cec MMCSS - ok
17:31:04.0248 0x0cec [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
17:31:04.0301 0x0cec Modem - ok
17:31:04.0326 0x0cec [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:31:04.0363 0x0cec monitor - ok
17:31:04.0424 0x0cec [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:31:04.0435 0x0cec mouclass - ok
17:31:04.0466 0x0cec [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:31:04.0500 0x0cec mouhid - ok
17:31:04.0567 0x0cec [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:31:04.0582 0x0cec mountmgr - ok
17:31:04.0679 0x0cec [ 3B9398E0146855B1DC0E3D9769C80F01, DF69DB5CA30A5577648635C27DD468AF98515D07DF379B3FFDCC6B40744EDE66 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:31:04.0695 0x0cec MozillaMaintenance - ok
17:31:04.0733 0x0cec [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
17:31:04.0791 0x0cec mpio - ok
17:31:04.0830 0x0cec [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:31:04.0868 0x0cec mpsdrv - ok
17:31:04.0926 0x0cec [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:31:05.0019 0x0cec MpsSvc - ok
17:31:05.0052 0x0cec [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:31:05.0098 0x0cec MRxDAV - ok
17:31:05.0134 0x0cec [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:31:05.0183 0x0cec mrxsmb - ok
17:31:05.0223 0x0cec [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:31:05.0262 0x0cec mrxsmb10 - ok
17:31:05.0281 0x0cec [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:31:05.0298 0x0cec mrxsmb20 - ok
17:31:05.0331 0x0cec [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
17:31:05.0343 0x0cec msahci - ok
17:31:05.0358 0x0cec [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:31:05.0375 0x0cec msdsm - ok
17:31:05.0401 0x0cec [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
17:31:05.0433 0x0cec MSDTC - ok
17:31:05.0475 0x0cec [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:31:05.0512 0x0cec Msfs - ok
17:31:05.0547 0x0cec [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:31:05.0604 0x0cec mshidkmdf - ok
17:31:05.0627 0x0cec [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:31:05.0639 0x0cec msisadrv - ok
17:31:05.0673 0x0cec [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:31:05.0731 0x0cec MSiSCSI - ok
17:31:05.0734 0x0cec msiserver - ok
17:31:05.0775 0x0cec [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:31:05.0823 0x0cec MSKSSRV - ok
17:31:05.0841 0x0cec [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:31:05.0886 0x0cec MSPCLOCK - ok
17:31:05.0910 0x0cec [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:31:05.0963 0x0cec MSPQM - ok
17:31:06.0003 0x0cec [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:31:06.0025 0x0cec MsRPC - ok
17:31:06.0070 0x0cec [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
17:31:06.0082 0x0cec mssmbios - ok
17:31:06.0115 0x0cec [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:31:06.0168 0x0cec MSTEE - ok
17:31:06.0189 0x0cec [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:31:06.0202 0x0cec MTConfig - ok
17:31:06.0220 0x0cec [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
17:31:06.0232 0x0cec Mup - ok
17:31:06.0287 0x0cec [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
17:31:06.0363 0x0cec napagent - ok
17:31:06.0417 0x0cec [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:31:06.0466 0x0cec NativeWifiP - ok
17:31:06.0583 0x0cec [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
17:31:06.0641 0x0cec NDIS - ok
17:31:06.0678 0x0cec [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:31:06.0736 0x0cec NdisCap - ok
17:31:06.0783 0x0cec [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:31:06.0841 0x0cec NdisTapi - ok
17:31:06.0922 0x0cec [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:31:06.0979 0x0cec Ndisuio - ok
17:31:07.0043 0x0cec [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:31:07.0106 0x0cec NdisWan - ok
17:31:07.0142 0x0cec [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:31:07.0193 0x0cec NDProxy - ok
17:31:07.0257 0x0cec [ DC6530A291D4BDF6DF399F1F128E7F8F, 85123D802063383646EEBC60F4ABBCDBA2AE3180E99A8A99C024B1EBB0C6690E ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
17:31:07.0286 0x0cec Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
17:31:07.0286 0x0cec Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
17:31:21.0097 0x0cec [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:31:21.0152 0x0cec NetBIOS - ok
17:31:21.0192 0x0cec [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:31:21.0236 0x0cec NetBT - ok
17:31:21.0252 0x0cec [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon C:\Windows\system32\lsass.exe
17:31:21.0265 0x0cec Netlogon - ok
17:31:21.0300 0x0cec [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
17:31:21.0361 0x0cec Netman - ok
17:31:21.0396 0x0cec [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
17:31:21.0474 0x0cec netprofm - ok
17:31:21.0504 0x0cec [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF62333B33B60045B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:31:21.0518 0x0cec NetTcpPortSharing - ok
17:31:21.0560 0x0cec [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:31:21.0572 0x0cec nfrd960 - ok
17:31:21.0611 0x0cec [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:31:21.0654 0x0cec NlaSvc - ok
17:31:21.0678 0x0cec [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:31:21.0728 0x0cec Npfs - ok
17:31:21.0767 0x0cec [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
17:31:21.0824 0x0cec nsi - ok
17:31:21.0839 0x0cec [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:31:21.0891 0x0cec nsiproxy - ok
17:31:21.0971 0x0cec [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:31:22.0045 0x0cec Ntfs - ok
17:31:22.0062 0x0cec [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
17:31:22.0098 0x0cec Null - ok
17:31:22.0147 0x0cec [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:31:22.0164 0x0cec nvraid - ok
17:31:22.0196 0x0cec [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:31:22.0214 0x0cec nvstor - ok
17:31:22.0234 0x0cec [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:31:22.0251 0x0cec nv_agp - ok
17:31:22.0332 0x0cec [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:31:22.0368 0x0cec odserv - ok
17:31:22.0405 0x0cec [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:31:22.0433 0x0cec ohci1394 - ok
17:31:22.0493 0x0cec [ DA345DE3B450E9E1691E7B9956D8FFC3, 23115188E82F7D2681D697D306F64B3CC4AF43F0AFDFAB73E1BB570115B9D84E ] OMSI download service C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
17:31:22.0534 0x0cec OMSI download service - detected UnsignedFile.Multi.Generic ( 1 )
17:31:22.0534 0x0cec OMSI download service ( UnsignedFile.Multi.Generic ) - warning
17:31:22.0534 0x0cec Force sending object to P2P due to detect: C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
17:31:25.0480 0x0cec Object send P2P result: false
17:31:28.0260 0x0cec [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:31:28.0276 0x0cec ose - ok
17:31:28.0313 0x0cec [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:31:28.0374 0x0cec p2pimsvc - ok
17:31:28.0402 0x0cec [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
17:31:28.0458 0x0cec p2psvc - ok
17:31:28.0487 0x0cec [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:31:28.0510 0x0cec Parport - ok
17:31:28.0549 0x0cec [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:31:28.0563 0x0cec partmgr - ok
17:31:28.0595 0x0cec [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
17:31:28.0641 0x0cec PcaSvc - ok
17:31:28.0685 0x0cec pccsmcfd - ok
17:31:28.0730 0x0cec [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
17:31:28.0747 0x0cec pci - ok
17:31:28.0784 0x0cec [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
17:31:28.0794 0x0cec pciide - ok
17:31:28.0835 0x0cec [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:31:28.0854 0x0cec pcmcia - ok
17:31:28.0879 0x0cec [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
17:31:28.0891 0x0cec pcw - ok
17:31:29.0001 0x0cec [ 20372BE109FEE1C37E2D5216680DB9EB, 2C3737FB3C6BCF81D0A7293667412DDEA649A8AEA40B7ADCFCB9893E8B3C4AF3 ] PDF Architect Helper Service C:\Program Files (x86)\PDF Architect\HelperService.exe
17:31:29.0279 0x0cec PDF Architect Helper Service - ok
17:31:29.0373 0x0cec [ B90A279073A815A4AA2C45A09EE004FA, 9EA27630C47F5FF99CBBE513C113F3ED01FABA0D59B9D9637764027BCC6EA24A ] PDF Architect Service C:\Program Files (x86)\PDF Architect\ConversionService.exe
17:31:29.0440 0x0cec PDF Architect Service - ok
17:31:29.0468 0x0cec [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:31:29.0555 0x0cec PEAUTH - ok
17:31:29.0642 0x0cec [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
17:31:29.0783 0x0cec PeerDistSvc - ok
17:31:29.0870 0x0cec [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:31:29.0902 0x0cec PerfHost - ok
17:31:29.0978 0x0cec [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
17:31:30.0118 0x0cec pla - ok
17:31:30.0170 0x0cec [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:31:30.0206 0x0cec PlugPlay - ok
17:31:30.0277 0x0cec [ 71F62C51DFDFBC04C83C5C64B2B8058E, CAB12E6D27BE421BD5A3CB04066EA50303A3210332ECC4B5C03B5F19735FC857 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
17:31:30.0300 0x0cec Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
17:31:30.0300 0x0cec Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
17:31:33.0084 0x0cec [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:31:33.0116 0x0cec PNRPAutoReg - ok
17:31:33.0144 0x0cec [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:31:33.0165 0x0cec PNRPsvc - ok
17:31:33.0214 0x0cec [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:31:33.0291 0x0cec PolicyAgent - ok
17:31:33.0331 0x0cec [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
17:31:33.0386 0x0cec Power - ok
17:31:33.0448 0x0cec [ 843BA5F09A391D52AC1F8486C5FC3D4F, 55952EB06CA88955F8A33856E161D808918B05B143287E267EB69963238F1B98 ] PowerSavingUtilityService C:\Program Files\Fujitsu\PSUtility\PSUService.exe
17:31:33.0460 0x0cec PowerSavingUtilityService - ok
17:31:33.0498 0x0cec [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:31:33.0537 0x0cec PptpMiniport - ok
17:31:33.0572 0x0cec [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:31:33.0597 0x0cec Processor - ok
17:31:33.0641 0x0cec [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
17:31:33.0752 0x0cec ProfSvc - ok
17:31:33.0766 0x0cec [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
17:31:33.0780 0x0cec ProtectedStorage - ok
17:31:33.0832 0x0cec [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:31:33.0889 0x0cec Psched - ok
17:31:33.0927 0x0cec [ D8589A43B352E7F2317194C98447149F, CFEC6F28FDF946D310133817423FB4FE9C20560B6F89F936913F2C7C9853F4BA ] pwdrvio C:\Windows\system32\pwdrvio.sys
17:31:33.0942 0x0cec pwdrvio - ok
17:31:33.0984 0x0cec [ 4B8FDA635F4D2E7D638B2B3817B5AFC8, 8B72446B02CC1657785E06DD2E5E199F76778433491765BDE57E9F3C59AA4877 ] pwdspio C:\Windows\system32\pwdspio.sys
17:31:33.0997 0x0cec pwdspio - ok
17:31:34.0060 0x0cec [ A73512132ECB2CD721E163ABCEAC359F, 872C706A6358FC879C42D491D5211E3BFA92D901981097371FE3236CE3235BE4 ] qicflt C:\Windows\system32\DRIVERS\qicflt.sys
17:31:34.0070 0x0cec qicflt - ok
17:31:34.0159 0x0cec [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
17:31:34.0321 0x0cec ql2300 - ok
17:31:34.0353 0x0cec [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
17:31:34.0369 0x0cec ql40xx - ok
17:31:34.0396 0x0cec [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
17:31:34.0440 0x0cec QWAVE - ok
17:31:34.0469 0x0cec [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:31:34.0500 0x0cec QWAVEdrv - ok
17:31:34.0582 0x0cec [ A55E7D0D873B2C97585B3B5926AC6ADE, 3BE3895DA7F0888E85B1941525878BA0846A8F215AD39ED8138BB39615468E32 ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
17:31:34.0599 0x0cec RapiMgr - ok
17:31:34.0617 0x0cec [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:31:34.0674 0x0cec RasAcd - ok
17:31:34.0696 0x0cec [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:31:34.0770 0x0cec RasAgileVpn - ok
17:31:34.0813 0x0cec [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
17:31:34.0854 0x0cec RasAuto - ok
17:31:34.0889 0x0cec [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:31:34.0945 0x0cec Rasl2tp - ok
17:31:34.0990 0x0cec [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
17:31:35.0053 0x0cec RasMan - ok
17:31:35.0093 0x0cec [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:31:35.0132 0x0cec RasPppoe - ok
17:31:35.0150 0x0cec [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:31:35.0211 0x0cec RasSstp - ok
17:31:35.0252 0x0cec [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:31:35.0313 0x0cec rdbss - ok
17:31:35.0343 0x0cec [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:31:35.0359 0x0cec rdpbus - ok
17:31:35.0389 0x0cec [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:31:35.0425 0x0cec RDPCDD - ok
17:31:35.0456 0x0cec [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
17:31:35.0491 0x0cec RDPDR - ok
17:31:35.0507 0x0cec [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:31:35.0554 0x0cec RDPENCDD - ok
17:31:35.0577 0x0cec [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:31:35.0632 0x0cec RDPREFMP - ok
17:31:35.0666 0x0cec [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:31:35.0724 0x0cec RDPWD - ok
17:31:35.0769 0x0cec [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:31:35.0787 0x0cec rdyboost - ok
17:31:35.0818 0x0cec [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:31:35.0859 0x0cec RemoteAccess - ok
17:31:35.0893 0x0cec [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:31:35.0953 0x0cec RemoteRegistry - ok
17:31:35.0987 0x0cec [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
17:31:36.0029 0x0cec RFCOMM - ok
17:31:36.0050 0x0cec [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:31:36.0105 0x0cec RpcEptMapper - ok
17:31:36.0138 0x0cec [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
17:31:36.0154 0x0cec RpcLocator - ok
17:31:36.0198 0x0cec [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
17:31:36.0247 0x0cec RpcSs - ok
17:31:36.0276 0x0cec [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:31:36.0315 0x0cec rspndr - ok
17:31:36.0373 0x0cec [ 4A25DC970C58104602ED274DACAFD784, 38377570346385E9035568694638719475607B62968C5E3D0D9CBCDD04A5BD52 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
17:31:36.0435 0x0cec RSUSBSTOR - ok
17:31:36.0483 0x0cec [ 4B42BC58294E83A6A92EC8B88C14C4A3, 80885CFF021F7BC85647224863A83D444EA7848CBB4F06DFDFADE58F47307D21 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
17:31:36.0539 0x0cec RTL8167 - ok
17:31:36.0569 0x0cec RtsUIR - ok
17:31:36.0607 0x0cec [ EA268BCE30691C2DD24F02E617FD2EB5, DD95E7C1C60C773953CE9DB77D8441508CE4A21820AAEDE455A3A6C373278DA4 ] s0016bus C:\Windows\system32\DRIVERS\s0016bus.sys
17:31:36.0623 0x0cec s0016bus - ok
17:31:36.0645 0x0cec [ F5F9DEB89996D333EF976624D37E24E3, 88DE296EFA6CA2F32318F1807D633C8949D237FB33BA320551B71089CF5EB73B ] s0016mdfl C:\Windows\system32\DRIVERS\s0016mdfl.sys
17:31:36.0655 0x0cec s0016mdfl - ok
17:31:36.0664 0x0cec [ C17CE2AEE67480FEBCC36ECCB54C0BE8, E13F83608B29988CCDB5A462AA3E56D26222427066651EEDF48223664D3FAFEA ] s0016mdm C:\Windows\system32\DRIVERS\s0016mdm.sys
17:31:36.0680 0x0cec s0016mdm - ok
17:31:36.0716 0x0cec [ CC267F04C54C5EC5B7BD658D7628469F, 66F2283C8CE15BEED0B933EA82158C91FC77B1BF9FEF057D0E291922D07A8E53 ] s0016mgmt C:\Windows\system32\DRIVERS\s0016mgmt.sys
17:31:36.0731 0x0cec s0016mgmt - ok
17:31:36.0747 0x0cec [ 30A35BBCE09D9FE67482FD62C61911FC, 8E8B0910F2A4C7DCFF0F8A83AAA8F9B38D53CEB7B7E7DC5B64350A09CBE6F557 ] s0016nd5 C:\Windows\system32\DRIVERS\s0016nd5.sys
17:31:36.0758 0x0cec s0016nd5 - ok
17:31:36.0781 0x0cec [ CA394DCC38579C7AD82E83EE64D798A0, A56DB0C67EF6CF1A95BB8E7FBFFBC7926D3E3A0511DD4389D2002312E72703A9 ] s0016obex C:\Windows\system32\DRIVERS\s0016obex.sys
17:31:36.0797 0x0cec s0016obex - ok
17:31:36.0812 0x0cec [ EB267CCEA84E6E8598D92F73332AC67B, 3C7F0FDD825D2C50B13E78FB742B09A5E636820C6F47778F1C5E6900B3C9B905 ] s0016unic C:\Windows\system32\DRIVERS\s0016unic.sys
17:31:36.0829 0x0cec s0016unic - ok
17:31:36.0863 0x0cec [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
17:31:36.0909 0x0cec s3cap - ok
17:31:36.0925 0x0cec [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs C:\Windows\system32\lsass.exe
17:31:36.0937 0x0cec SamSs - ok
17:31:36.0982 0x0cec [ B7E1FF02C6A9BCDE9A34DE801E379844, AA4E422956044BDFA7404AA9F195595AB8840EB60B91808068D2F8C3859B6DB8 ] SbieDrv C:\Program Files\Sandboxie\SbieDrv.sys
17:31:37.0035 0x0cec SbieDrv - ok
17:31:37.0067 0x0cec [ 4B30590ABBBE4138BD4999FDF586AE53, 3B0428D35A0B6314E2F29F08F961291469090AF1C31B94DB7D45E64CED34B0A2 ] SbieSvc C:\Program Files\Sandboxie\SbieSvc.exe
17:31:37.0083 0x0cec SbieSvc - ok
17:31:37.0127 0x0cec [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:31:37.0202 0x0cec sbp2port - ok
17:31:37.0247 0x0cec [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:31:37.0292 0x0cec SCardSvr - ok
17:31:37.0339 0x0cec [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:31:37.0388 0x0cec scfilter - ok
17:31:37.0464 0x0cec [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
17:31:37.0587 0x0cec Schedule - ok
17:31:37.0616 0x0cec [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
17:31:37.0653 0x0cec SCPolicySvc - ok
17:31:37.0700 0x0cec [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:31:37.0756 0x0cec SDRSVC - ok
17:31:37.0796 0x0cec [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:31:37.0845 0x0cec secdrv - ok
17:31:37.0882 0x0cec [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
17:31:37.0937 0x0cec seclogon - ok
17:31:37.0962 0x0cec [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
17:31:38.0020 0x0cec SENS - ok
17:31:38.0039 0x0cec [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:31:38.0063 0x0cec SensrSvc - ok
17:31:38.0094 0x0cec [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:31:38.0108 0x0cec Serenum - ok
17:31:38.0123 0x0cec [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:31:38.0139 0x0cec Serial - ok
17:31:38.0181 0x0cec [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
17:31:38.0207 0x0cec sermouse - ok
17:31:38.0247 0x0cec [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
17:31:38.0304 0x0cec SessionEnv - ok
17:31:38.0339 0x0cec [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:31:38.0380 0x0cec sffdisk - ok
17:31:38.0394 0x0cec [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:31:38.0427 0x0cec sffp_mmc - ok
17:31:38.0431 0x0cec [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:31:38.0522 0x0cec sffp_sd - ok
17:31:38.0549 0x0cec [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:31:38.0590 0x0cec sfloppy - ok
17:31:38.0703 0x0cec [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:31:38.0764 0x0cec SharedAccess - ok
17:31:38.0823 0x0cec [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:31:38.0889 0x0cec ShellHWDetection - ok
17:31:38.0932 0x0cec [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:31:39.0013 0x0cec SiSRaid2 - ok
17:31:39.0062 0x0cec [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
17:31:39.0077 0x0cec SiSRaid4 - ok
17:31:39.0147 0x0cec [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
17:31:39.0166 0x0cec SkypeUpdate - ok
17:31:39.0242 0x0cec [ DD0443BC6CC78A19FD399817F8C51401, 06D945DB1E2C45C01D9900A4C9A557269CCD7F0AD5F1864E31E03879BC4CDF7F ] SmartDefragDriver C:\Windows\system32\Drivers\SmartDefragDriver.sys
17:31:39.0254 0x0cec SmartDefragDriver - ok
17:31:39.0290 0x0cec [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:31:39.0341 0x0cec Smb - ok
17:31:39.0378 0x0cec [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:31:39.0414 0x0cec SNMPTRAP - ok
17:31:39.0507 0x0cec [ 12583AF6CBE0050651EAF2723B3AD7B3, 965D4F981B54669A96C5AB02D09BF0A9850D13862425B8981F1A9271350F28BB ] speedfan C:\Windows\syswow64\speedfan.sys
17:31:39.0556 0x0cec speedfan - ok
17:31:39.0582 0x0cec [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
17:31:39.0594 0x0cec spldr - ok
17:31:39.0658 0x0cec [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
17:31:39.0743 0x0cec Spooler - ok
17:31:39.0891 0x0cec [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
17:31:40.0094 0x0cec sppsvc - ok
17:31:40.0117 0x0cec [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:31:40.0178 0x0cec sppuinotify - ok
17:31:40.0226 0x0cec [ D8B882C520FC83547E22014FF5EC66D7, FC239052E74EEEC9B3CCE21B0D1D2127662ED68367D08C51F3D040AC368E1CAE ] Spyder3 C:\Windows\system32\DRIVERS\Spyder3.sys
17:31:40.0316 0x0cec Spyder3 - ok
17:31:40.0369 0x0cec [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:31:40.0446 0x0cec srv - ok
17:31:40.0478 0x0cec [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:31:40.0534 0x0cec srv2 - ok
17:31:40.0560 0x0cec [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:31:40.0598 0x0cec srvnet - ok
17:31:40.0644 0x0cec [ 8F8324ED1DE63FFC7B1A02CD2D963C72, E58603F81DEAFF1D45CB83FB6E625E6A13868741B833B1C9E60D672179D18EE0 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
17:31:40.0693 0x0cec ssadbus - ok
17:31:40.0754 0x0cec [ 58221EFCB74167B73667F0024C661CE0, D9B67A8897B4DC3E4729187F17ABEB4710CF57440D718E17ED828439198D34DB ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
17:31:40.0845 0x0cec ssadmdfl - ok
17:31:40.0892 0x0cec [ 4DA7C71BFAC5AD71255B7E4CAB980163, 4CC0F9C8E96ECEF36EEB021E448A9734B63512D030516DC38B1A2EEAA1043AEC ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
17:31:40.0930 0x0cec ssadmdm - ok
17:31:40.0982 0x0cec [ D33D1BD3EC0E766211A234F56A12726D, 53EEAA94865554F8422D111D717B548DF553B5B8647D2A45F3718BF4AEEBEC27 ] ssadserd C:\Windows\system32\DRIVERS\ssadserd.sys
17:31:41.0039 0x0cec ssadserd - ok
17:31:41.0076 0x0cec [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:31:41.0142 0x0cec SSDPSRV - ok
17:31:41.0164 0x0cec [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:31:41.0204 0x0cec SstpSvc - ok
17:31:41.0220 0x0cec [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
17:31:41.0232 0x0cec stexstor - ok
17:31:41.0267 0x0cec [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
17:31:41.0316 0x0cec StillCam - ok
17:31:41.0371 0x0cec [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
17:31:41.0438 0x0cec stisvc - ok
17:31:41.0486 0x0cec [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
17:31:41.0498 0x0cec storflt - ok
17:31:41.0528 0x0cec [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
17:31:41.0576 0x0cec StorSvc - ok
17:31:41.0589 0x0cec [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
17:31:41.0601 0x0cec storvsc - ok
17:31:41.0623 0x0cec [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
17:31:41.0634 0x0cec swenum - ok
17:31:41.0662 0x0cec [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
17:31:41.0758 0x0cec swprv - ok
17:31:41.0806 0x0cec [ 2F827BB08CC7F1A17DF2EAD7B424D731, A4F58318A3439A734425C95A2ABC6D7A8B816BD8563DF272EBB5B7420A7D99BE ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
17:31:41.0867 0x0cec SynTP - ok
17:31:41.0960 0x0cec [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
17:31:42.0076 0x0cec SysMain - ok
17:31:42.0102 0x0cec [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:31:42.0145 0x0cec TabletInputService - ok
17:31:42.0175 0x0cec [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
17:31:42.0223 0x0cec TapiSrv - ok
17:31:42.0250 0x0cec [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
17:31:42.0290 0x0cec TBS - ok
17:31:42.0387 0x0cec [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:31:42.0475 0x0cec Tcpip - ok
17:31:42.0564 0x0cec [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:31:42.0617 0x0cec TCPIP6 - ok
17:31:42.0656 0x0cec [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:31:42.0691 0x0cec tcpipreg - ok
17:31:42.0729 0x0cec [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:31:42.0750 0x0cec TDPIPE - ok
17:31:42.0784 0x0cec [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:31:42.0810 0x0cec TDTCP - ok
17:31:42.0858 0x0cec [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:31:42.0918 0x0cec tdx - ok
17:31:42.0962 0x0cec [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
17:31:42.0974 0x0cec TermDD - ok
17:31:43.0013 0x0cec [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
17:31:43.0104 0x0cec TermService - ok
17:31:43.0206 0x0cec [ 76468DF7A7A92413A57C998DE5C39290, E2F2F2803FBB94443B5F0E8845348CFC8ECAC92FD188D3038B78FAEC14D34BC8 ] TestHandler C:\Program Files (x86)\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
17:31:43.0228 0x0cec TestHandler - ok
17:31:43.0262 0x0cec [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
17:31:43.0283 0x0cec Themes - ok
17:31:43.0304 0x0cec [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
17:31:43.0340 0x0cec THREADORDER - ok
17:31:43.0373 0x0cec [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM C:\Windows\system32\drivers\tpm.sys
17:31:43.0406 0x0cec TPM - ok
17:31:43.0436 0x0cec [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
17:31:43.0489 0x0cec TrkWks - ok
17:31:43.0565 0x0cec [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:31:43.0621 0x0cec TrustedInstaller - ok
17:31:43.0676 0x0cec [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:31:43.0715 0x0cec tssecsrv - ok
17:31:43.0767 0x0cec [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:31:43.0789 0x0cec TsUsbFlt - ok
17:31:43.0824 0x0cec [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:31:43.0877 0x0cec tunnel - ok
17:31:43.0909 0x0cec [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
17:31:43.0921 0x0cec uagp35 - ok
17:31:43.0972 0x0cec [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:31:44.0020 0x0cec udfs - ok
17:31:44.0085 0x0cec [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:31:44.0102 0x0cec UI0Detect - ok
17:31:44.0156 0x0cec [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:31:44.0169 0x0cec uliagpkx - ok
17:31:44.0204 0x0cec [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:31:44.0219 0x0cec umbus - ok
17:31:44.0259 0x0cec [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:31:44.0325 0x0cec UmPass - ok
17:31:44.0368 0x0cec [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
17:31:44.0405 0x0cec UmRdpService - ok
17:31:44.0565 0x0cec [ 41118D920B2B268C0ADC36421248CDCF, 4F99C4913DCFE02B0783FD97F02558E4DD4D7C98553D95A8E26FAAA0C0D67616 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
17:31:44.0717 0x0cec UNS - detected UnsignedFile.Multi.Generic ( 1 )
17:31:44.0717 0x0cec UNS ( UnsignedFile.Multi.Generic ) - warning
17:31:47.0507 0x0cec [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
17:31:47.0567 0x0cec upnphost - ok
17:31:47.0645 0x0cec [ 9EAB5A83D17D47D6BBEC7C46D690D0F3, B02D27CA8E2FC3A4973D83F0354AFE093A882C6052D08F196AD0911463025FE2 ] USB28xxBGA C:\Windows\system32\DRIVERS\emBDA64.sys
17:31:47.0692 0x0cec USB28xxBGA - ok
17:31:47.0723 0x0cec [ 6565BE5F2511426D4ABD32A97A1787CE, F01C6586371C651DE4E42DCAA67C97584155071C21C2AD26F63305746A86438C ] USB28xxOEM C:\Windows\system32\DRIVERS\emOEM64.sys
17:31:47.0762 0x0cec USB28xxOEM - ok
17:31:47.0818 0x0cec [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
17:31:47.0845 0x0cec USBAAPL64 - ok
17:31:47.0887 0x0cec [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
17:31:47.0941 0x0cec usbaudio - ok
17:31:47.0975 0x0cec [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:31:48.0021 0x0cec usbccgp - ok
17:31:48.0039 0x0cec USBCCID - ok
17:31:48.0078 0x0cec [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:31:48.0129 0x0cec usbcir - ok
17:31:48.0170 0x0cec [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
17:31:48.0267 0x0cec usbehci - ok
17:31:48.0296 0x0cec [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:31:48.0337 0x0cec usbhub - ok
17:31:48.0373 0x0cec [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:31:48.0397 0x0cec usbohci - ok
17:31:48.0439 0x0cec [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:31:48.0472 0x0cec usbprint - ok
17:31:48.0504 0x0cec [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\drivers\usbscan.sys
17:31:48.0536 0x0cec usbscan - ok
17:31:48.0556 0x0cec [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:31:48.0694 0x0cec USBSTOR - ok
17:31:48.0728 0x0cec [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:31:48.0754 0x0cec usbuhci - ok
17:31:48.0805 0x0cec [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
17:31:48.0824 0x0cec usbvideo - ok
17:31:48.0851 0x0cec [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
17:31:48.0912 0x0cec UxSms - ok
17:31:48.0943 0x0cec [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc C:\Windows\system32\lsass.exe
17:31:48.0955 0x0cec VaultSvc - ok
17:31:48.0998 0x0cec [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:31:49.0010 0x0cec vdrvroot - ok
17:31:49.0056 0x0cec [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
17:31:49.0129 0x0cec vds - ok
17:31:49.0177 0x0cec [ D9656445499625B0ED88C0B203F3C16F, D8F9BD924A7200A09C2866C9FB39FE000CCC9F96DA4336903A5EDFF1D33E6627 ] VFPRadioSupportService C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe
17:31:49.0198 0x0cec VFPRadioSupportService - ok
17:31:49.0238 0x0cec [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:31:49.0254 0x0cec vga - ok
17:31:49.0269 0x0cec [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
17:31:49.0306 0x0cec VgaSave - ok
17:31:49.0385 0x0cec [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:31:49.0446 0x0cec vhdmp - ok
17:31:49.0479 0x0cec [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
17:31:49.0490 0x0cec viaide - ok
17:31:49.0515 0x0cec [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
17:31:49.0532 0x0cec vmbus - ok
17:31:49.0544 0x0cec [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
17:31:49.0677 0x0cec VMBusHID - ok
17:31:49.0752 0x0cec [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:31:49.0766 0x0cec volmgr - ok
17:31:49.0811 0x0cec [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:31:49.0833 0x0cec volmgrx - ok
17:31:49.0877 0x0cec [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:31:49.0897 0x0cec volsnap - ok
17:31:49.0932 0x0cec [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
17:31:49.0948 0x0cec vsmraid - ok
17:31:50.0024 0x0cec [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
17:31:50.0161 0x0cec VSS - ok
17:31:50.0188 0x0cec [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:31:50.0204 0x0cec vwifibus - ok
17:31:50.0222 0x0cec [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:31:50.0270 0x0cec vwififlt - ok
17:31:50.0320 0x0cec [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
17:31:50.0338 0x0cec vwifimp - ok
17:31:50.0371 0x0cec [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
17:31:50.0420 0x0cec W32Time - ok
17:31:50.0454 0x0cec [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
17:31:50.0516 0x0cec WacomPen - ok
17:31:50.0565 0x0cec [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:31:50.0604 0x0cec WANARP - ok
17:31:50.0609 0x0cec [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:31:50.0645 0x0cec Wanarpv6 - ok
17:31:50.0743 0x0cec [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
17:31:50.0837 0x0cec WatAdminSvc - ok
17:31:50.0918 0x0cec [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
17:31:51.0022 0x0cec wbengine - ok
17:31:51.0061 0x0cec [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:31:51.0103 0x0cec WbioSrvc - ok
17:31:51.0178 0x0cec [ 8BDA6DB43AA54E8BB5E0794541DDC209, 8753C507BE77B019A3403AF5252434A01DB9F9332E58AC3783ABCE3D21AD9DD4 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
17:31:51.0211 0x0cec WcesComm - ok
17:31:51.0248 0x0cec [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:31:51.0296 0x0cec wcncsvc - ok
17:31:51.0327 0x0cec [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:31:51.0357 0x0cec WcsPlugInService - ok
17:31:51.0370 0x0cec [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
17:31:51.0381 0x0cec Wd - ok
17:31:51.0443 0x0cec [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:31:51.0492 0x0cec Wdf01000 - ok
17:31:51.0505 0x0cec [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:31:51.0632 0x0cec WdiServiceHost - ok
17:31:51.0636 0x0cec [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:31:51.0658 0x0cec WdiSystemHost - ok
17:31:51.0703 0x0cec [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
17:31:51.0740 0x0cec WebClient - ok
17:31:51.0773 0x0cec [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:31:51.0837 0x0cec Wecsvc - ok
17:31:51.0855 0x0cec [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:31:51.0917 0x0cec wercplsupport - ok
17:31:51.0953 0x0cec [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
17:31:51.0994 0x0cec WerSvc - ok
17:31:52.0019 0x0cec [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:31:52.0138 0x0cec WfpLwf - ok
17:31:52.0166 0x0cec [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:31:52.0178 0x0cec WIMMount - ok
17:31:52.0207 0x0cec WinDefend - ok
17:31:52.0211 0x0cec WinHttpAutoProxySvc - ok
17:31:52.0268 0x0cec [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:31:52.0313 0x0cec Winmgmt - ok
17:31:52.0407 0x0cec [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
17:31:52.0550 0x0cec WinRM - ok
17:31:52.0604 0x0cec [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:31:52.0632 0x0cec WinUsb - ok
17:31:52.0677 0x0cec [ C2208229A0761B05E874E10FFB341A64, 0AF349594A2E47A6DED00E062043EE5F3E413A4DFBDBDDDE6F40C3D35B40BAE6 ] WirelessSelectorService C:\Program Files\Fujitsu\WirelessSelector\WSUService.exe
17:31:52.0727 0x0cec WirelessSelectorService - ok
17:31:52.0803 0x0cec [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:31:52.0883 0x0cec Wlansvc - ok
17:31:53.0018 0x0cec [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:31:53.0147 0x0cec wlidsvc - ok
17:31:53.0174 0x0cec [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:31:53.0204 0x0cec WmiAcpi - ok
17:31:53.0246 0x0cec [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:31:53.0282 0x0cec wmiApSrv - ok
17:31:53.0327 0x0cec WMPNetworkSvc - ok
17:31:53.0351 0x0cec [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:31:53.0377 0x0cec WPCSvc - ok
17:31:53.0416 0x0cec [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:31:53.0452 0x0cec WPDBusEnum - ok
17:31:53.0479 0x0cec [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:31:53.0554 0x0cec ws2ifsl - ok
17:31:53.0598 0x0cec [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
17:31:53.0643 0x0cec wscsvc - ok
17:31:53.0646 0x0cec WSearch - ok
17:31:53.0759 0x0cec [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
17:31:53.0886 0x0cec wuauserv - ok
17:31:53.0923 0x0cec [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:31:53.0947 0x0cec WudfPf - ok
17:31:53.0978 0x0cec [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:31:53.0998 0x0cec WUDFRd - ok
17:31:54.0023 0x0cec [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:31:54.0054 0x0cec wudfsvc - ok
17:31:54.0084 0x0cec [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc C:\Windows\System32\wwansvc.dll
17:31:54.0117 0x0cec WwanSvc - ok
17:31:54.0145 0x0cec ================ Scan global ===============================
17:31:54.0172 0x0cec [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
17:31:54.0202 0x0cec [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
17:31:54.0219 0x0cec [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
17:31:54.0254 0x0cec [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
17:31:54.0294 0x0cec [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
17:31:54.0305 0x0cec [ Global ] - ok
17:31:54.0305 0x0cec ================ Scan MBR ==================================
17:31:54.0320 0x0cec [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:31:55.0090 0x0cec \Device\Harddisk0\DR0 - ok
17:31:55.0091 0x0cec ================ Scan VBR ==================================
17:31:55.0125 0x0cec [ 0071FA840A4ECBD48CCF90736CEF6FD6 ] \Device\Harddisk0\DR0\Partition1
17:31:55.0129 0x0cec \Device\Harddisk0\DR0\Partition1 - ok
17:31:55.0154 0x0cec [ 5DCCD8F148ACCD1E03680568C7F34D94 ] \Device\Harddisk0\DR0\Partition2
17:31:55.0157 0x0cec \Device\Harddisk0\DR0\Partition2 - ok
17:31:55.0204 0x0cec AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\wmiav.exe ( 13.0.1.4190 ), 0x41000 ( enabled : updated )
17:31:55.0254 0x0cec FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\wmifw.exe ( 13.0.1.4190 ), 0x41010 ( enabled )
17:31:57.0963 0x0cec ============================================================
17:31:57.0963 0x0cec Scan finished
17:31:57.0963 0x0cec ============================================================
17:31:57.0972 0x0938 Detected object count: 5
17:31:57.0972 0x0938 Actual detected object count: 5
17:32:15.0291 0x0938 LMS ( UnsignedFile.Multi.Generic ) - skipped by user
17:32:15.0291 0x0938 LMS ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:32:15.0291 0x0938 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
17:32:15.0291 0x0938 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:32:15.0291 0x0938 OMSI download service ( UnsignedFile.Multi.Generic ) - skipped by user
17:32:15.0291 0x0938 OMSI download service ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:32:15.0301 0x0938 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
17:32:15.0301 0x0938 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:32:15.0301 0x0938 UNS ( UnsignedFile.Multi.Generic ) - skipped by user
17:32:15.0301 0x0938 UNS ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:32:21.0512 0x0f04 Deinitialize success
|
|
26.01.2014, 18:52
| #6 |
| /// Selecta Jahrusso | Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject Sieht auch ganz gut aus. Nichts was mich jetzt wirklich beunruhigen würde  Scan mit Combofix
__________________ --> Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject |
|
26.01.2014, 19:37
| #7 |
| | Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject Hi, log im Anhang. Wären sonst 11 Posts geworden. Ich denke so ist es einfacher. Danke!! eiskorn. |
|
26.01.2014, 19:46
| #8 |
| /// Selecta Jahrusso | Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject Sieht alles okay aus. Du hast erwähnt, er lahmt ein bisschen. Geht das etwas detailierter ?
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
26.01.2014, 21:40
| #9 |
| | Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject Vor allem beim Starten von Programmen. Firefox teilweise auch etwas lahm. Danke!!! |
|
27.01.2014, 08:04
| #10 |
| /// Selecta Jahrusso | Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject Morgen. Ich hab heute den ganzen Tag was zum erledigen ( Umzug  )Sehe mir das dann am Abend nochmal genauer an. Danke für deine Geduld
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
27.01.2014, 09:44
| #11 |
| | Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject Guten Wirkungsgrad wünsche ich! |
|
27.01.2014, 19:17
| #12 |
| /// Selecta Jahrusso | Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject Danke. Leider nicht alles wie geplant geschaft. Naja morgen ist auch noch ein Tag Ist diese Startseite im Internet Explorer gewollt ? fi.search.yahoo.com Ne Sprache die ich nicht verstehe  Prüfen wir einmal die Festplatte auf Fehler. Computer --> Rechtsklick auf C: --> Eigenschaften --> Reiter Tools --> Jetzt Prüfen -> Haken bei "automatisch Dateisystemfehler beheben" setzen --> Starten. Das ganze kann schon mal 2 Stunden dauern
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
28.01.2014, 20:30
| #13 |
| | Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject Das hier wäre dann /c. War während des scans nicht da, hab den rechner nur am ende hochgefahren vorgefunden. /d mach ich noch hinterher.  Code:
ATTFilter Protokollname: Application
Quelle: Microsoft-Windows-Wininit
Datum: 28.01.2014 12:14:20
Ereignis-ID: 1001
Aufgabenkategorie:Keine
Ebene: Informationen
Schlüsselwörter:Klassisch
Benutzer: Nicht zutreffend
Computer: Sandwich
Beschreibung:
Dateisystem auf C: wird überprüft.
Der Typ des Dateisystems ist NTFS.
Die Volumebezeichnung lautet System.
Eine Datenträgerüberprüfung ist geplant.
Die Datenträgerüberprüfung wird jetzt ausgeführt.
CHKDSK überprüft Dateien (Phase 1 von 3)...
267776 Datensätze verarbeitet.
Dateiüberprüfung beendet.
894 große Datensätze verarbeitet.
0 ungültige Datensätze verarbeitet.
2 E/A-Datensätze verarbeitet.
77 Analysedatensätze verarbeitet.
CHKDSK überprüft Indizes (Phase 2 von 3)...
333956 Indexeinträge verarbeitet.
Indexüberprüfung beendet.
0 nicht indizierte Dateien überprüft.
0 nicht indizierte Dateien wiederhergestellt.
CHKDSK überprüft Sicherheitsbeschreibungen (Phase 3 von 3)...
267776 SDs/SIDs verarbeitet.
6 nicht verwendete Indexeinträge aus Index $SII der Datei 0x9 werden aufgeräumt.
6 nicht verwendete Indexeinträge aus Index $SDH der Datei 0x9 werden aufgeräumt.
6 nicht verwendete Sicherheitsbeschreibungen werden aufgeräumt.
Überprüfung der Sicherheitsbeschreibungen beendet.
33091 Datendateien verarbeitet.
CHKDSK überprüft USN-Journal...
35375240 USN-Bytes verarbeitet.
Die Überprüfung von USN-Journal ist abgeschlossen.
Das Dateisystem wurde überprüft. Es wurden keine Probleme festgestellt.
52429823 KB Speicherplatz auf dem Datenträger insgesamt
48961496 KB in 191096 Dateien
121796 KB in 33092 Indizes
0 KB in fehlerhaften Sektoren
372159 KB vom System benutzt
65536 KB von der Protokolldatei belegt
2974372 KB auf dem Datenträger verfügbar
4096 Bytes in jeder Zuordnungseinheit
13107455 Zuordnungseinheiten auf dem Datenträger insgesamt
743593 Zuordnungseinheiten auf dem Datenträger verfügbar
Interne Informationen:
00 16 04 00 c6 6b 03 00 3c c8 05 00 00 00 00 00 .....k..<.......
e3 03 00 00 4d 00 00 00 00 00 00 00 00 00 00 00 ....M...........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
Die Überprüfung des Datenträgers wurde abgeschlossen.
Bitte warten Sie bis der Computer neu gestartet wurde.
Ereignis-XML:
<Event xmlns="hxxp://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Wininit" Guid="{206f6dea-d3c5-4d10-bc72-989f03c8b84b}" EventSourceName="Wininit" />
<EventID Qualifiers="16384">1001</EventID>
<Version>0</Version>
<Level>4</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2014-01-28T11:14:20.000000000Z" />
<EventRecordID>28983089</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>Application</Channel>
<Computer>Sandwich</Computer>
<Security />
</System>
<EventData>
<Data>
Dateisystem auf C: wird überprüft.
Der Typ des Dateisystems ist NTFS.
Die Volumebezeichnung lautet System.
Eine Datenträgerüberprüfung ist geplant.
Die Datenträgerüberprüfung wird jetzt ausgeführt.
CHKDSK überprüft Dateien (Phase 1 von 3)...
267776 Datensätze verarbeitet.
Dateiüberprüfung beendet.
894 große Datensätze verarbeitet.
0 ungültige Datensätze verarbeitet.
2 E/A-Datensätze verarbeitet.
77 Analysedatensätze verarbeitet.
CHKDSK überprüft Indizes (Phase 2 von 3)...
333956 Indexeinträge verarbeitet.
Indexüberprüfung beendet.
0 nicht indizierte Dateien überprüft.
0 nicht indizierte Dateien wiederhergestellt.
CHKDSK überprüft Sicherheitsbeschreibungen (Phase 3 von 3)...
267776 SDs/SIDs verarbeitet.
6 nicht verwendete Indexeinträge aus Index $SII der Datei 0x9 werden aufgeräumt.
6 nicht verwendete Indexeinträge aus Index $SDH der Datei 0x9 werden aufgeräumt.
6 nicht verwendete Sicherheitsbeschreibungen werden aufgeräumt.
Überprüfung der Sicherheitsbeschreibungen beendet.
33091 Datendateien verarbeitet.
CHKDSK überprüft USN-Journal...
35375240 USN-Bytes verarbeitet.
Die Überprüfung von USN-Journal ist abgeschlossen.
Das Dateisystem wurde überprüft. Es wurden keine Probleme festgestellt.
52429823 KB Speicherplatz auf dem Datenträger insgesamt
48961496 KB in 191096 Dateien
121796 KB in 33092 Indizes
0 KB in fehlerhaften Sektoren
372159 KB vom System benutzt
65536 KB von der Protokolldatei belegt
2974372 KB auf dem Datenträger verfügbar
4096 Bytes in jeder Zuordnungseinheit
13107455 Zuordnungseinheiten auf dem Datenträger insgesamt
743593 Zuordnungseinheiten auf dem Datenträger verfügbar
Interne Informationen:
00 16 04 00 c6 6b 03 00 3c c8 05 00 00 00 00 00 .....k..<.......
e3 03 00 00 4d 00 00 00 00 00 00 00 00 00 00 00 ....M...........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
Die Überprüfung des Datenträgers wurde abgeschlossen.
Bitte warten Sie bis der Computer neu gestartet wurde.
</Data>
</EventData>
</Event>
|
|
29.01.2014, 20:04
| #14 |
| /// Selecta Jahrusso | Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject Any Updates ?
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
30.01.2014, 11:21
| #15 |
| | Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject Das hier wäre dann /D Code:
ATTFilter Protokollname: Application
Quelle: Microsoft-Windows-Wininit
Datum: 28.01.2014 22:56:52
Ereignis-ID: 1001
Aufgabenkategorie:Keine
Ebene: Informationen
Schlüsselwörter:Klassisch
Benutzer: Nicht zutreffend
Computer: Sandwich
Beschreibung:
Dateisystem auf D: wird überprüft.
Der Typ des Dateisystems ist NTFS.
Die Volumebezeichnung lautet Data.
Eine Datenträgerüberprüfung ist geplant.
Die Datenträgerüberprüfung wird jetzt ausgeführt.
CHKDSK überprüft Dateien (Phase 1 von 3)...
73216 Datensätze verarbeitet.
Dateiüberprüfung beendet.
364 große Datensätze verarbeitet.
0 ungültige Datensätze verarbeitet.
0 E/A-Datensätze verarbeitet.
0 Analysedatensätze verarbeitet.
CHKDSK überprüft Indizes (Phase 2 von 3)...
86028 Indexeinträge verarbeitet.
Indexüberprüfung beendet.
0 nicht indizierte Dateien überprüft.
0 nicht indizierte Dateien wiederhergestellt.
CHKDSK überprüft Sicherheitsbeschreibungen (Phase 3 von 3)...
73216 SDs/SIDs verarbeitet.
618 nicht verwendete Indexeinträge aus Index $SII der Datei 0x9 werden aufgeräumt.
618 nicht verwendete Indexeinträge aus Index $SDH der Datei 0x9 werden aufgeräumt.
618 nicht verwendete Sicherheitsbeschreibungen werden aufgeräumt.
Überprüfung der Sicherheitsbeschreibungen beendet.
6407 Datendateien verarbeitet.
CHKDSK überprüft USN-Journal...
275697352 USN-Bytes verarbeitet.
Die Überprüfung von USN-Journal ist abgeschlossen.
Das Dateisystem wurde überprüft. Es wurden keine Probleme festgestellt.
258033663 KB Speicherplatz auf dem Datenträger insgesamt
152283656 KB in 46501 Dateien
22044 KB in 6408 Indizes
0 KB in fehlerhaften Sektoren
416847 KB vom System benutzt
65536 KB von der Protokolldatei belegt
105311116 KB auf dem Datenträger verfügbar
4096 Bytes in jeder Zuordnungseinheit
64508415 Zuordnungseinheiten auf dem Datenträger insgesamt
26327779 Zuordnungseinheiten auf dem Datenträger verfügbar
Interne Informationen:
00 1e 01 00 b9 ce 00 00 7d 41 01 00 00 00 00 00 ........}A......
b6 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
Ereignis-XML:
<Event xmlns="hxxp://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Wininit" Guid="{206f6dea-d3c5-4d10-bc72-989f03c8b84b}" EventSourceName="Wininit" />
<EventID Qualifiers="16384">1001</EventID>
<Version>0</Version>
<Level>4</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2014-01-28T21:56:52.000000000Z" />
<EventRecordID>28983132</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>Application</Channel>
<Computer>Sandwich</Computer>
<Security />
</System>
<EventData>
<Data>
Dateisystem auf D: wird überprüft.
Der Typ des Dateisystems ist NTFS.
Die Volumebezeichnung lautet Data.
Eine Datenträgerüberprüfung ist geplant.
Die Datenträgerüberprüfung wird jetzt ausgeführt.
CHKDSK überprüft Dateien (Phase 1 von 3)...
73216 Datensätze verarbeitet.
Dateiüberprüfung beendet.
364 große Datensätze verarbeitet.
0 ungültige Datensätze verarbeitet.
0 E/A-Datensätze verarbeitet.
0 Analysedatensätze verarbeitet.
CHKDSK überprüft Indizes (Phase 2 von 3)...
86028 Indexeinträge verarbeitet.
Indexüberprüfung beendet.
0 nicht indizierte Dateien überprüft.
0 nicht indizierte Dateien wiederhergestellt.
CHKDSK überprüft Sicherheitsbeschreibungen (Phase 3 von 3)...
73216 SDs/SIDs verarbeitet.
618 nicht verwendete Indexeinträge aus Index $SII der Datei 0x9 werden aufgeräumt.
618 nicht verwendete Indexeinträge aus Index $SDH der Datei 0x9 werden aufgeräumt.
618 nicht verwendete Sicherheitsbeschreibungen werden aufgeräumt.
Überprüfung der Sicherheitsbeschreibungen beendet.
6407 Datendateien verarbeitet.
CHKDSK überprüft USN-Journal...
275697352 USN-Bytes verarbeitet.
Die Überprüfung von USN-Journal ist abgeschlossen.
Das Dateisystem wurde überprüft. Es wurden keine Probleme festgestellt.
258033663 KB Speicherplatz auf dem Datenträger insgesamt
152283656 KB in 46501 Dateien
22044 KB in 6408 Indizes
0 KB in fehlerhaften Sektoren
416847 KB vom System benutzt
65536 KB von der Protokolldatei belegt
105311116 KB auf dem Datenträger verfügbar
4096 Bytes in jeder Zuordnungseinheit
64508415 Zuordnungseinheiten auf dem Datenträger insgesamt
26327779 Zuordnungseinheiten auf dem Datenträger verfügbar
Interne Informationen:
00 1e 01 00 b9 ce 00 00 7d 41 01 00 00 00 00 00 ........}A......
b6 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
</Data>
</EventData>
</Event>
|
|
| Themen zu Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject |
| ad-aware, association, bonjour, browser, combofix, converter, coupons, device driver, ebanking, email, excel, fehler, firefox, flash player, free download, ftp, homepage, iexplore.exe, kaspersky, klelam.sys, mozilla, netzwerk, programm, realtek, registry, rundll, scan, security, sehr geholfen, services.exe, software, svchost.exe |
WARNUNG an die MITLESER: 
Linear-Darstellung
