Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 26.01.2014, 09:41   #1
eiskorn
 
Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject - Standard

Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject



Hallo liebe Trojanerboard-Gemeinde,
ihr habt mir schonmal sehr geholfen und nun brauche ich wieder eure Hilfe.


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-01-2014 01
Ran by Jonas (administrator) on SANDWICH on 25-01-2014 19:37:26
Running from C:\Users\Jonas\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
() C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe
(Fujitsu Technology Solutions) C:\Program Files (x86)\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
(CSR, plc) C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe
() C:\Program Files\Fujitsu\WirelessSelector\WSUService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CSR, plc) C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHndHkb.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(David Harris) D:\PMAIL\Programs\winpm-32.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1861416 2009-10-09] (Synaptics Incorporated)
HKLM\...\Run: [PSUTility] - C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [188264 2009-07-30] (FUJITSU LIMITED)
HKLM\...\Run: [FDM7] - C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe [164712 2009-11-26] (FUJITSU LIMITED)
HKLM\...\Run: [LoadFujitsuQuickTouch] - C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [157544 2009-10-15] (FUJITSU LIMITED)
HKLM\...\Run: [LoadBtnHnd] - C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [35176 2009-10-15] (FUJITSU LIMITED)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8312352 2009-10-28] (Realtek Semiconductor)
HKLM\...\Run: [ConMgr] - C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe [535440 2009-12-24] (CSR, plc)
HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [LoadFUJ02E3] - C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe [36712 2009-10-08] (FUJITSU LIMITED)
HKLM-x32\...\Run: [IndicatorUtility] - C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [47976 2009-10-09] (FUJITSU LIMITED)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-09] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://fi.search.yahoo.com?type=902615&fr=spigot-yhp-ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=FTSF&bmod=FTSF
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - DefaultScope {828C7727-01C2-42AC-A24B-6A139986C36E} URL = hxxp://fi.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=902615&p={searchTerms}
SearchScopes: HKCU - {828C7727-01C2-42AC-A24B-6A139986C36E} URL = hxxp://fi.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=902615&p={searchTerms}
SearchScopes: HKCU - {9770A850-5BCC-44A8-B701-B798F7714A31} URL = 
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -  No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - D:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - d:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 84.2.46.1 84.2.44.1
Tcpip\..\Interfaces\{6637010D-FE57-40B9-AF26-FDD8DB274CAA}: [NameServer]192.168.1.8,192.168.1.7

FireFox:
========
FF ProfilePath: C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-303729831-1353264561-2017775160-1001\FireFox
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @java.com/DTPlugin,version=1.6.0_39 - C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 - d:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 - d:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2013-04-09]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2013-04-09]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com
FF Extension: Content Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2013-04-09]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2013-04-09]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2013-04-09]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-11-12]

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.260.3) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U26) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\pdf.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Google Drive) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-11-15]
CHR Extension: (YouTube) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-15]
CHR Extension: (Google-Suche) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-15]
CHR Extension: (avast! WebRep) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [2012-11-15]
CHR Extension: (Google Mail) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-15]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2012-11-15]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx [2013-03-06]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx [2013-03-06]
CHR HKLM-x32\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.0.crx [2013-03-06]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\content_blocker_chrome.crx [2013-03-06]
CHR HKLM-x32\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files (x86)\Common Files\Spigot\GC\errorassistant_1.1.crx [2013-03-06]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx [2013-03-06]
CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx [2013-03-06]
CHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx [2013-03-06]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx [2013-03-06]

==================== Services (Whitelisted) =================

R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-09] (Kaspersky Lab ZAO)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 OMSI download service; C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112 2009-04-30] ()
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [63336 2009-07-30] (FUJITSU LIMITED)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [99048 2010-08-09] (SANDBOXIE L.T.D)
R2 TestHandler; C:\Program Files (x86)\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe [341264 2009-02-19] (Fujitsu Technology Solutions)
R2 VFPRadioSupportService; C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe [145840 2009-12-24] (CSR, plc)
R2 WirelessSelectorService; C:\Program Files\Fujitsu\WirelessSelector\WSUService.exe [62312 2009-07-21] ()

==================== Drivers (Whitelisted) ====================

S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [32768 2010-04-29] (Google Inc)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-12-05] (DT Soft Ltd)
R3 FUJ02B1; C:\Windows\System32\DRIVERS\FUJ02B1.sys [7808 2006-11-01] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\System32\DRIVERS\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-12-17] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [626272 2013-10-09] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-12-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-09] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-09] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-06-17] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-04-22] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2012-06-18] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2012-06-18] ()
S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [115240 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [19496 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [158760 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [137256 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [34344 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [136744 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [151592 2008-05-16] (MCCI Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [143464 2010-08-09] (SANDBOXIE L.T.D)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [17720 2013-05-22] ()
S3 Spyder3; C:\Windows\System32\DRIVERS\Spyder3.sys [15360 2008-09-08] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [x]
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [90208 2013-04-22] (Kaspersky Lab ZAO)
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [x]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-25 19:37 - 2014-01-25 19:38 - 00023799 _____ C:\Users\Jonas\Desktop\FRST.txt
2014-01-25 19:37 - 2014-01-25 19:37 - 00000000 ____D C:\FRST
2014-01-25 19:36 - 2014-01-25 19:36 - 00000472 _____ C:\Users\Jonas\Downloads\defogger_disable.log
2014-01-25 19:36 - 2014-01-25 19:36 - 00000000 _____ C:\Users\Jonas\defogger_reenable
2014-01-25 19:34 - 2014-01-25 19:34 - 00370971 _____ C:\Users\Jonas\Desktop\gmer_2.1.19355.zip
2014-01-25 19:33 - 2014-01-25 19:34 - 02077696 _____ (Farbar) C:\Users\Jonas\Desktop\FRST64.exe
2014-01-25 19:33 - 2014-01-25 19:33 - 00050477 _____ C:\Users\Jonas\Desktop\Defogger.exe
2014-01-24 10:19 - 2014-01-24 10:19 - 00001985 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-01-20 17:03 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-20 17:03 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-20 17:03 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-20 17:03 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-20 17:02 - 2014-01-20 17:03 - 00005327 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-19 00:25 - 2014-01-19 00:25 - 11428320 _____ (Tech Soft GmbH                                              ) C:\Users\Jonas\Downloads\w32-463-de1(1).exe
2014-01-18 17:32 - 2014-01-19 00:27 - 00020396 _____ C:\Windows\unins000.dat
2014-01-18 17:32 - 2014-01-19 00:26 - 00993347 _____ C:\Windows\unins000.exe
2014-01-18 17:32 - 2014-01-18 17:32 - 00000715 _____ C:\Users\Jonas\Desktop\Pegasus Mail.LNK
2014-01-18 17:32 - 2014-01-18 17:32 - 00000715 _____ C:\Users\Administrator\Desktop\Pegasus Mail.LNK
2014-01-18 17:32 - 2014-01-18 17:32 - 00000000 ____D C:\Users\Jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pegasus Mail
2014-01-18 17:18 - 2014-01-18 17:18 - 11428320 _____ (Tech Soft GmbH                                              ) C:\Users\Jonas\Downloads\w32-463-de1.exe
2014-01-18 14:25 - 2014-01-18 14:26 - 07624424 _____ (IObit                                                       ) C:\Users\Jonas\Downloads\smart-defrag-v3.exe
2014-01-15 02:15 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 02:15 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 02:15 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 02:15 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 02:15 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 02:15 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 02:15 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 02:15 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 02:15 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-10 11:54 - 2014-01-10 11:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2014-01-25 19:38 - 2014-01-25 19:37 - 00023799 _____ C:\Users\Jonas\Desktop\FRST.txt
2014-01-25 19:37 - 2014-01-25 19:37 - 00000000 ____D C:\FRST
2014-01-25 19:36 - 2014-01-25 19:36 - 00000472 _____ C:\Users\Jonas\Downloads\defogger_disable.log
2014-01-25 19:36 - 2014-01-25 19:36 - 00000000 _____ C:\Users\Jonas\defogger_reenable
2014-01-25 19:36 - 2010-09-22 16:12 - 00000000 ____D C:\Users\Jonas
2014-01-25 19:35 - 2010-09-23 10:19 - 00000000 ____D C:\Users\Jonas\AppData\Roaming\Skype
2014-01-25 19:34 - 2014-01-25 19:34 - 00370971 _____ C:\Users\Jonas\Desktop\gmer_2.1.19355.zip
2014-01-25 19:34 - 2014-01-25 19:33 - 02077696 _____ (Farbar) C:\Users\Jonas\Desktop\FRST64.exe
2014-01-25 19:33 - 2014-01-25 19:33 - 00050477 _____ C:\Users\Jonas\Desktop\Defogger.exe
2014-01-25 19:10 - 2012-04-18 12:51 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-25 19:03 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2014-01-25 18:57 - 2013-04-09 19:20 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2014-01-25 18:57 - 2010-09-22 16:00 - 02005730 _____ C:\Windows\WindowsUpdate.log
2014-01-25 10:37 - 2009-07-14 05:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-25 10:37 - 2009-07-14 05:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-25 10:30 - 2013-11-14 00:03 - 00002610 _____ C:\Windows\setupact.log
2014-01-25 10:30 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-24 10:21 - 2010-09-22 16:07 - 00000000 ____D C:\ProgramData\Adobe
2014-01-24 10:20 - 2010-09-22 16:12 - 00000000 ____D C:\Users\Jonas\AppData\Local\Adobe
2014-01-24 10:19 - 2014-01-24 10:19 - 00001985 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-01-24 10:19 - 2010-09-22 16:07 - 00000000 ____D C:\Program Files (x86)\Adobe
2014-01-20 22:38 - 2013-07-27 17:58 - 00000000 ___RD C:\Program Files (x86)\Skype
2014-01-20 22:38 - 2010-09-23 10:19 - 00000000 ____D C:\ProgramData\Skype
2014-01-20 22:19 - 2013-11-18 14:47 - 00000000 ____D C:\ProgramData\Oracle
2014-01-20 17:03 - 2014-01-20 17:02 - 00005327 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-20 17:03 - 2013-03-06 11:11 - 00000000 ____D C:\Program Files (x86)\Java
2014-01-19 00:27 - 2014-01-18 17:32 - 00020396 _____ C:\Windows\unins000.dat
2014-01-19 00:26 - 2014-01-18 17:32 - 00993347 _____ C:\Windows\unins000.exe
2014-01-19 00:25 - 2014-01-19 00:25 - 11428320 _____ (Tech Soft GmbH                                              ) C:\Users\Jonas\Downloads\w32-463-de1(1).exe
2014-01-18 22:54 - 2012-10-20 18:34 - 00000000 ____D C:\Users\Jonas\AppData\Roaming\foobar2000
2014-01-18 17:32 - 2014-01-18 17:32 - 00000715 _____ C:\Users\Jonas\Desktop\Pegasus Mail.LNK
2014-01-18 17:32 - 2014-01-18 17:32 - 00000715 _____ C:\Users\Administrator\Desktop\Pegasus Mail.LNK
2014-01-18 17:32 - 2014-01-18 17:32 - 00000000 ____D C:\Users\Jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pegasus Mail
2014-01-18 17:18 - 2014-01-18 17:18 - 11428320 _____ (Tech Soft GmbH                                              ) C:\Users\Jonas\Downloads\w32-463-de1.exe
2014-01-18 17:18 - 2012-04-18 12:51 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-18 17:18 - 2012-04-18 12:51 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-18 17:18 - 2012-04-18 12:51 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-18 14:26 - 2014-01-18 14:25 - 07624424 _____ (IObit                                                       ) C:\Users\Jonas\Downloads\smart-defrag-v3.exe
2014-01-15 20:22 - 2013-11-14 00:02 - 03017952 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-15 03:03 - 2010-09-23 11:27 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-15 03:02 - 2013-07-27 18:57 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 03:00 - 2010-09-28 11:41 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-11 02:57 - 2012-05-05 08:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-10 11:54 - 2014-01-10 11:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

Files to move or delete:
====================
C:\ProgramData\hpe52B2.dll


Some content of TEMP:
====================
C:\Users\Jonas\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-20 17:34

==================== End Of Log ============================
         
--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-01-2014 01
Ran by Jonas at 2014-01-25 19:38:22
Running from C:\Users\Jonas\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Kaspersky Internet Security (Enabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AS: Kaspersky Internet Security (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (x32 Version:  - Microsoft) <==== ATTENTION
64 Bit HP CIO Components Installer (Version: 4.2.1 - Hewlett-Packard) Hidden
7-Zip 9.20 (x32 Version:  - )
Adobe ExtendScript Toolkit 2 (x32 Version: 2.0.2 - Adobe Systems Incorporated)
Adobe ExtendScript Toolkit 2 (x32 Version: 2.0.2 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 ActiveX (x32 Version: 10.0.2.54 - Adobe Systems, Inc.)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.43 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (x32 Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Setup (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Shockwave Player 11.6 (x32 Version: 11.6.7.637 - Adobe Systems, Inc.)
AIS Connect (x32 Version: 1.1.1.6 - Fujitsu Technology Solutions GmbH)
AIS Connect (x32 Version: 1.1.1.6 - Fujitsu Technology Solutions GmbH) Hidden
AllDup 3.4.12 (x32 Version: 3.4.12 - Michael Thummerer Software Design)
Apple Application Support (x32 Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (Version: 6.1.0.13 - Apple Inc.) <==== ATTENTION
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Biet-O-Matic v2.14.12 (x32 Version: 2.14.12 - BOM Development Team)
Bluetooth Feature Pack 5.0 (Version: 5.0.14 - CSR Plc.)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
CCleaner (Version: 4.04 - Piriform)
CyberLink YouCam (x32 Version: 3.0.1908.7636 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.0.1908.7636 - CyberLink Corp.) Hidden
DAEMON Tools Lite (x32 Version: 4.46.1.0327 - DT Soft Ltd)
Dropbox (HKCU Version: 2.0.22 - Dropbox, Inc.)
DVBViewer TERRATEC Edition (x32 Version:  - CM&V)
ESET Online Scanner v3 (x32 Version:  - )
Evernote v. 4.6.2 (x32 Version: 4.6.2.7927 - Evernote Corp.)
FileZilla Client 3.5.3 (x32 Version: 3.5.3 - FileZilla Project)
foobar2000 v1.1.16 (x32 Version: 1.1.16 - Peter Pawlowski)
Free Download Manager 3.9.2 (x32 Version:  - FreeDownloadManager.ORG)
Fujitsu Display Manager (Version: 7.01.00.210 - FUJITSU LIMITED) Hidden
Fujitsu Display Manager (x32 Version:  - )
Fujitsu Hotkey Utility (x32 Version: 3.60.1.0 - FUJITSU LIMITED)
Fujitsu Hotkey Utility (x32 Version: 3.60.1.0 - FUJITSU LIMITED) Hidden
Fujitsu MobilityCenter Extension Utility (Version: 3.01.00.000 - Ihr Firmenname) Hidden <==== ATTENTION
Fujitsu MobilityCenter Extension Utility (x32 Version:  - ) <==== ATTENTION
Fujitsu System Extension Utility (Version: 3.1.1.0 - FUJITSU LIMITED) Hidden
Fujitsu System Extension Utility (x32 Version:  - )
inSSIDer 3 (x32 Version: 3.0.7.48 - MetaGeek, LLC)
Intel(R) Graphics Media Accelerator Driver (x32 Version: 8.15.10.2025 - Intel Corporation) <==== ATTENTION
Intel(R) Management Engine Components (x32 Version: 6.0.0.1179 - Intel Corporation)
iTunes (Version: 11.0.3.42 - Apple Inc.)
Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 0.9 (x32 Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Kaspersky Internet Security 2013 (x32 Version: 13.0.1.4190 - Kaspersky Lab)
Kaspersky Internet Security 2013 (x32 Version: 13.0.1.4190 - Kaspersky Lab) Hidden
K-Lite Codec Pack 9.5.0 (64-bit) (Version: 9.5.0 - )
K-Lite Codec Pack 9.5.0 (Basic) (x32 Version: 9.5.0 - )
LifeBook Application Panel (Version: 8.1.0.0 - FUJITSU LIMITED) Hidden
LifeBook Application Panel (x32 Version:  - )
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
mediscript_gk1_0312 (x32 Version: 2.59 - Elsevier)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Default Manager (x32 Version: 2.1.55.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden <==== ATTENTION
Microsoft Office 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) <==== ATTENTION
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) <==== ATTENTION
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation) <==== ATTENTION
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1 - Microsoft Corporation) <==== ATTENTION
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden <==== ATTENTION
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1 - Nokia) Hidden
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1 - Nokia) Hidden
MiniTool Partition Wizard Home Edition 7.5 (x32 Version:  - MiniTool Solution Ltd.)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla) <==== ATTENTION
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
MyPhoneExplorer (x32 Version: 1.8.4 - F.J. Wechselberger)
PDF Architect (x32 Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (x32 Version: 1.7.1 - pdfforge)
Pegasus Mail (x32 Version:  - David Harris)
Pegasus Mail HTML Renderer 2.4.7.2 (x32 Version:  - Micha's Midnight Manufacture)
Pegasus Mail v4.63 Release 1, Build 325 (Deutsche Komplettversi (x32 Version:  - Tech Soft GmbH)
Power Saving Utility (Version: 31.01.11.013 - FUJITSU LIMITED) Hidden
Power Saving Utility (x32 Version:  - )
Realtek High Definition Audio Driver (x32 Version: 6.0.1.5969 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7100.30087 - Realtek Semiconductor Corp.)
Remote Control Server (x32 Version: 1.6.0.5 - Steppschuh)
Sandboxie 3.48 (64-bit) (Version:  - )
SDFormatter (x32 Version: 3.1.0 - SD Association)
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
Smart Defrag 2 (x32 Version: 2.8 - IObit)
Sony Ericsson PC Suite 6.011.00 (x32 Version: 6.011.00 - Sony Ericsson)
SpeedFan (remove only) (x32 Version:  - )
Spyder3Pro (x32 Version:  - )
StreamTransport version: 1.0.2.2171 (x32 Version:  - )
Stronghold (x32 Version:  - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (Version: 14.0.10.0 - Synaptics Incorporated) <==== ATTENTION
SystemDiagnostics (x32 Version: 2.04.0006 - Fujitsu Technology Solutions)
TERRATEC H6 (64 Bit) (x32 Version: 5.09.1202.00 - TERRATEC)
TreeSize Free V2.7 (x32 Version: 2.7 - JAM Software)
Update for 2007 Microsoft Office System (KB967642) (x32 Version:  - Microsoft) <==== ATTENTION
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32 Version:  - Microsoft) <==== ATTENTION
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32 Version:  - Microsoft) <==== ATTENTION
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32 Version:  - Microsoft) <==== ATTENTION
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32 Version:  - Microsoft) <==== ATTENTION
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32 Version:  - Microsoft) <==== ATTENTION
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (x32 Version:  - Microsoft) <==== ATTENTION
Update für Microsoft Office Excel 2007 Help (KB963678) (x32 Version:  - Microsoft) <==== ATTENTION
Update für Microsoft Office Outlook 2007 Help (KB963677) (x32 Version:  - Microsoft) <==== ATTENTION
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version:  - Microsoft) <==== ATTENTION
Update für Microsoft Office Word 2007 Help (KB963665) (x32 Version:  - Microsoft) <==== ATTENTION
utility version 2.05.03 (x32 Version:  - )
Visual C++ 2008 x86 Runtime - (v9.0.30729) (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (x32 Version: 9.0.30729.01 - Microsoft Corporation)
VLC media player 2.0.2 (Version: 2.0.2 - VideoLAN)
VLC media player 2.0.4 (x32 Version: 2.0.4 - VideoLAN)
Walter de Gruyter - Pschyrembel (x32 Version:  - )
Windows Live Call (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Mail (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Sync (x32 Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (x32 Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Mobile-Gerätecenter (Version: 6.1.6965.0 - Microsoft Corporation) <==== ATTENTION
Windows-Treiberpaket - TERRATEC  (USB28xxBGA) Media  (12/02/2009 5.09.1202.00) (Version: 12/02/2009 5.09.1202.00 - TERRATEC )
WinRAR 4.20 (64-Bit) (Version: 4.20.0 - win.rar GmbH)
Wireless Selector (Version: 4.01.00.101 - FUJITSU LIMITED) Hidden
Wireless Selector (x32 Version:  - )
ZENcast Organizer (x32 Version:  - )

==================== Restore Points  =========================

25-01-2014 11:50:42 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2009-07-14 03:34 - 2013-11-10 11:29 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {1B7138B2-E1A4-492A-AF21-5CF8BD373EC4} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {1C85CBAD-38E9-46DF-951B-33AB5F7AB87D} - System32\Tasks\{FA46A87F-A937-465C-97F9-B700920641BE} => Firefox.exe hxxp://ui.skype.com/ui/0/5.5.0.114.259/en/abandoninstall?page=tsPlugin&amp;installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;userlevelpresent
Task: {510B51DA-0B88-475B-94CE-560823739814} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-18] (Adobe Systems Incorporated)
Task: {5DDF0FCD-233F-4E65-BDF8-5A06C91AE8A4} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {6A6EC652-C59D-4829-9367-C3D42F98FC86} - System32\Tasks\SmartDefragUpdate => C:\Program Files (x86)\IObit\Smart Defrag 2\AutoUpdate.exe [2013-05-22] (IObit)
Task: {73267FFA-C627-4399-8DFD-4C66A4C1B66C} - System32\Tasks\CCleanerSkipUAC => D:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)
Task: {7EA2747A-4681-48A8-8E53-EAD1F0AF2072} - System32\Tasks\{D0D938DB-DE23-445F-8A68-C7F7BF41CFFF} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {972089C4-742E-454B-83BF-A242825B72A4} - System32\Tasks\{6F54EEE4-5FAB-40D5-BAE7-24C788D13342} => Firefox.exe hxxp://ui.skype.com/ui/0/5.1.0.112.259/en/abandoninstall?page=tsMain&amp;installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;alreadyoffered
Task: {E96A91AA-7623-4EDF-95BF-53E330F9F810} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe [2013-06-14] (IObit)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-11-28 13:13 - 2012-11-28 13:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 13:13 - 2012-11-28 13:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-03-06 12:24 - 2013-03-06 12:24 - 01310136 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\kpcengine.2.2.dll
2009-09-01 20:40 - 2009-09-01 20:40 - 00135168 _____ () C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility Libs\Appearance Pak.dll
2009-09-01 20:40 - 2009-09-01 20:40 - 00147456 _____ () C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility Libs\RegEx.dll
2009-09-01 20:40 - 2009-09-01 20:40 - 00892928 _____ () C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility Libs\RBScript.dll
2009-09-01 20:40 - 2009-09-01 20:40 - 00098304 _____ () C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility Libs\Shell.dll
2009-09-01 20:40 - 2009-09-01 20:40 - 01167312 _____ () C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility Libs\XML.dll
2009-09-01 20:40 - 2009-09-01 20:40 - 00335872 _____ () C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility Libs\CGamma.dll
2009-09-01 20:40 - 2009-09-01 20:40 - 00131072 _____ () C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility Libs\CSensor.dll
2009-09-01 20:40 - 2009-09-01 20:40 - 00028672 _____ () C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility Libs\MBSRegistrationPlugin15968.dll
2009-09-01 20:40 - 2009-09-01 20:40 - 00025600 _____ () C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility Libs\MBSPluginVersionPlugin15968.dll
2012-08-17 20:38 - 2012-08-17 20:38 - 00479160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll
2014-01-10 11:54 - 2014-01-10 11:54 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-01-19 00:27 - 2011-05-19 10:37 - 00565827 _____ () D:\PMAIL\Programs\sqlite3.dll
2014-01-18 17:18 - 2014-01-18 17:18 - 16287624 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/25/2014 04:31:53 PM) (Source: Application Hang) (User: )
Description: Programm winpm-32.exe, Version 4.6.3.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: af8

Startzeit: 01cf19e27887548c

Endzeit: 4

Anwendungspfad: D:\PMAIL\Programs\winpm-32.exe

Berichts-ID: ccebb23f-85d5-11e3-a888-b482fe9d84ea

Error: (01/25/2014 00:22:37 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (01/25/2014 02:24:08 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15260454

Error: (01/25/2014 02:24:08 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15260454

Error: (01/25/2014 02:24:08 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/24/2014 10:09:51 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4071

Error: (01/24/2014 10:09:51 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4071

Error: (01/24/2014 10:09:51 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/24/2014 10:09:50 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3042

Error: (01/24/2014 10:09:50 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3042


System errors:
=============
Error: (01/25/2014 02:35:08 AM) (Source: DCOM) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (01/24/2014 01:40:15 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (01/24/2014 08:34:30 AM) (Source: BROWSER) (User: )
Description: Das Einlesen der Sicherungsliste durch den Suchdienst schlug auf Transport "\Device\NetBT_Tcpip_{D7A43002-C446-490F-B4F6-FD5F276E834F}" zu oft fehl.
Der Sicherungssuchdienst wird beendet.

Error: (01/23/2014 03:20:51 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (01/23/2014 07:07:53 AM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (01/22/2014 11:32:02 PM) (Source: DCOM) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (01/22/2014 10:27:13 AM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (01/21/2014 10:05:57 AM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (01/18/2014 11:06:52 PM) (Source: NetBT) (User: )
Description: Der Name "SANDWICH       :20" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.1.222
registriert werden. Der Computer mit IP-Adresse 192.168.1.231 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (01/18/2014 11:06:52 PM) (Source: Server) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{D7A43002-C446-490F-B4F6-FD5F276E834F} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.


Microsoft Office Sessions:
=========================
Error: (11/12/2013 05:20:18 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 344 seconds with 0 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-01-25 12:22:19.863
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-25 12:22:19.863
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-25 12:22:19.863
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-25 12:22:19.853
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-25 12:22:19.843
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-25 12:22:19.843
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-24 09:02:11.374
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-24 09:02:11.372
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-24 09:02:11.370
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-24 09:02:11.357
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 58%
Total physical RAM: 3892.55 MB
Available physical RAM: 1624.85 MB
Total Pagefile: 7783.29 MB
Available Pagefile: 5185.96 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:50 GB) (Free:2.09 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:246.08 GB) (Free:95.82 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 8E760A6D)
Partition 1: (Active) - (Size=2 GB) - (Type=27)
Partition 2: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=246 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
Code:
ATTFilter
GMER 2.1.19355 - hxxp://www.gmer.net
Rootkit scan 2014-01-26 10:31:56
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST932032 rev.0001 298,09GB
Running: gmer.exe; Driver: C:\Users\Jonas\AppData\Local\Temp\kgtcypob.sys


---- User code sections - GMER 2.1 ----

.text    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[3808] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                00000000759b1465 2 bytes [9B, 75]
.text    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[3808] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                               00000000759b14bb 2 bytes [9B, 75]
.text    ...                                                                                                                                                                                         * 2
---- Processes - GMER 2.1 ----

Library  C:\Users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (*** suspicious ***) @ C:\Windows\Explorer.EXE [3680]                                                                        000007fef66e0000
Process  C:\Users\Jonas\AppData\Local\Temp\Temp1_gmer_2.1.19355.zip\gmer.exe (*** suspicious ***) @ C:\Users\Jonas\AppData\Local\Temp\Temp1_gmer_2.1.19355.zip\gmer.exe [1496](2014-01-21 20:56:24)  0000000000400000

---- Registry - GMER 2.1 ----

Reg      HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\b482fe9d84ea                                                                                                                 
Reg      HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\b482fe9d84ea@58b035980427                                                                                                    0x63 0x1E 0xCC 0x6B ...
Reg      HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\b482fe9d84ea@00164e5dc685                                                                                                    0xFF 0x03 0x2B 0x6E ...
Reg      HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\b482fe9d84ea@60a10a8a2fb7                                                                                                    0x66 0x04 0xE6 0x04 ...
Reg      HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\b482fe9d84ea@001e45be0619                                                                                                    0x6D 0x95 0x92 0x31 ...
Reg      HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\b482fe9d84ea@002376649d5c                                                                                                    0x09 0xEE 0x46 0x51 ...
Reg      HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\b482fe9d84ea (not active ControlSet)                                                                                             
Reg      HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\b482fe9d84ea@58b035980427                                                                                                        0x63 0x1E 0xCC 0x6B ...
Reg      HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\b482fe9d84ea@00164e5dc685                                                                                                        0xFF 0x03 0x2B 0x6E ...
Reg      HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\b482fe9d84ea@60a10a8a2fb7                                                                                                        0x66 0x04 0xE6 0x04 ...
Reg      HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\b482fe9d84ea@001e45be0619                                                                                                        0x6D 0x95 0x92 0x31 ...
Reg      HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\b482fe9d84ea@002376649d5c                                                                                                        0x09 0xEE 0x46 0x51 ...

---- EOF - GMER 2.1 ----
         
Code:
ATTFilter
Type: Trojan program (21)	
Trojan-Ransom.Win32.Gimemo.bmdz	Detected; not processed	22.01.2014 11:53:17	D:\PMAIL\MAIL\ADMIN20h34\PDQ9U5BP.CNM//message/rfc822//text/plain//[Subj Payroll Invoice]/invoice.zip//	invoice_23874612912312_26891223pao.pdf.exe	
Backdoor.Win32.ZAccess.ewjg	Detected; not processed	22.01.2014 11:53:16	D:\PMAIL\MAIL\ADMIN20h34\PDIY88E5.CNM//message/rfc822//text/plain//[Subj Hello]/DSC_0178(copy).jpg.zip//	DSC_0178(copy).jpg.exe	
Backdoor.Win32.ZAccess.evqp	Detected; not processed	22.01.2014 11:53:50	D:\PMAIL\MAIL\ADMIN20h34\PLUUAJF3.CNM//message/rfc822//text/plain//[Subj Payroll Invoice]/invoice.zip//	invoice_2397414914891203_289342ap.pdf.exe	
Trojan-Ransom.Win32.Gimemo.bmdz	Detected; not processed	22.01.2014 12:01:28	D:\usb\PMAIL\MAIL\ADMIN\PDQ9U5BP.CNM//message/rfc822//text/plain//[Subj Payroll Invoice]/invoice.zip//	invoice_23874612912312_26891223pao.pdf.exe	
Backdoor.Win32.ZAccess.evlz	Detected; not processed	22.01.2014 12:02:47	D:\usb\PMAIL\MAIL\ADMIN\PQBKMU6Z.CNM//message/rfc822//text/plain//[Subj Payroll Invoice]/invoice.zip//	invoice_23942312841029_23973odf.pdf.exe	
Backdoor.Win32.ZAccess.evlz	Detected; not processed	22.01.2014 11:54:05	D:\PMAIL\MAIL\ADMIN20h34\PQBKMU6Z.CNM//message/rfc822//text/plain//[Subj Payroll Invoice]/invoice.zip//	invoice_23942312841029_23973odf.pdf.exe	
Backdoor.Win32.ZAccess.eweg	Detected; not processed	22.01.2014 11:53:36	D:\PMAIL\MAIL\ADMIN20h34\PIV1YT75.CNM//message/rfc822//text/plain//[Subj Hello]/DSC_0492(copy).jpg.zip//	DSC_0492(copy).jpg.exe	
Backdoor.Win32.ZAccess.eykc	Detected; not processed	22.01.2014 11:53:23	D:\PMAIL\MAIL\ADMIN20h34\PF9KOTH7.CNM//message/rfc822//text/plain//[Subj Payroll Invoice]/invoice.zip//	invoice_23479102487120_9412049102op.pdf.exe	
Trojan-Ransom.Win32.Gimemo.bmdz	Detected; not processed	22.01.2014 12:00:32	D:\usb\PMAIL\MAIL\ADMIN\P6I92XCT.CNM//message/rfc822//text/plain//[Subj Payroll Invoice]/invoice.zip//	invoice_23874612912312_26891223pao.pdf.exe	
Backdoor.Win32.ZAccess.etmp	Detected; not processed	22.01.2014 12:00:54	D:\usb\PMAIL\MAIL\ADMIN\P81YGYEL.CNM//message/rfc822//text/plain//[Subj Payroll Invoice]/invoice.zip//	invoice_231094781247_164912812039iop.pdf.exe	
Backdoor.Win32.ZAccess.eykc	Detected; not processed	22.01.2014 12:01:37	D:\usb\PMAIL\MAIL\ADMIN\PF9KOTH7.CNM//message/rfc822//text/plain//[Subj Payroll Invoice]/invoice.zip//	invoice_23479102487120_9412049102op.pdf.exe	
Backdoor.Win32.ZAccess.eweg	Detected; not processed	22.01.2014 12:02:00	D:\usb\PMAIL\MAIL\ADMIN\PIV1YT75.CNM//message/rfc822//text/plain//[Subj Hello]/DSC_0492(copy).jpg.zip//	DSC_0492(copy).jpg.exe	
Backdoor.Win32.ZAccess.eweg	Detected; not processed	22.01.2014 11:53:54	D:\PMAIL\MAIL\ADMIN20h34\PN4YP8U8.CNM//message/rfc822//text/plain//[Subj Hello]/DSC_0492(copy).jpg.zip//	DSC_0492(copy).jpg.exe	
Trojan-Ransom.Win32.Gimemo.bmdz	Detected; not processed	22.01.2014 11:52:50	D:\PMAIL\MAIL\ADMIN20h34\P6I92XCT.CNM//message/rfc822//text/plain//[Subj Payroll Invoice]/invoice.zip//	invoice_23874612912312_26891223pao.pdf.exe	
Backdoor.Win32.ZAccess.etmp	Detected; not processed	22.01.2014 11:52:56	D:\PMAIL\MAIL\ADMIN20h34\P81YGYEL.CNM//message/rfc822//text/plain//[Subj Payroll Invoice]/invoice.zip//	invoice_231094781247_164912812039iop.pdf.exe	
Backdoor.Win32.ZAccess.evqp	Detected; not processed	22.01.2014 12:02:22	D:\usb\PMAIL\MAIL\ADMIN\PLUUAJF3.CNM//message/rfc822//text/plain//[Subj Payroll Invoice]/invoice.zip//	invoice_2397414914891203_289342ap.pdf.exe	
Backdoor.Win32.ZAccess.eweg	Detected; not processed	22.01.2014 12:02:29	D:\usb\PMAIL\MAIL\ADMIN\PN4YP8U8.CNM//message/rfc822//text/plain//[Subj Hello]/DSC_0492(copy).jpg.zip//	DSC_0492(copy).jpg.exe	
Backdoor.Win32.ZAccess.ewjg	Detected; not processed	22.01.2014 12:01:27	D:\usb\PMAIL\MAIL\ADMIN\PDIY88E5.CNM//message/rfc822//text/plain//[Subj Hello]/DSC_0178(copy).jpg.zip//	DSC_0178(copy).jpg.exe	
Trojan.Win32.Inject.hhnv	Deleted	22.01.2014 11:50:54	D:\PMAIL\MAIL\ADMIN\P9VIKNLK.CNM//2014_01rechnung_8825477220.pdf.zip//	2014_01rechnung_8740094773.pdf.exe	
Trojan.Win32.Inject.hhnv	Deleted	22.01.2014 11:52:08	D:\PMAIL\MAIL\ADMIN\PWUAAN7T.CNM//2014_01rechnung_6441889933.pdf.zip//	2014_01rechnung_8740094773.pdf.exe	
Trojan.Win32.Inject.hhnv	Deleted	22.01.2014 11:50:58	D:\PMAIL\MAIL\ADMIN\PB2USQYK.CNM//2014_01rechnung_4446867251.pdf.zip//	2014_01rechnung_8740094773.pdf.exe	
Type: Unknown (3)	
P9VIKNLK.CNM	Disinfected	22.01.2014 11:50:54	D:\PMAIL\MAIL\ADMIN\	P9VIKNLK.CNM	
PB2USQYK.CNM	Disinfected	22.01.2014 11:50:58	D:\PMAIL\MAIL\ADMIN\	PB2USQYK.CNM	
PWUAAN7T.CNM	Disinfected	22.01.2014 11:52:08	D:\PMAIL\MAIL\ADMIN\	PWUAAN7T.CNM
         
Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.01.26.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Jonas :: SANDWICH [Administrator]

26.01.2014 10:42:03
mbam-log-2014-01-26 (10-42-03).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 336247
Laufzeit: 6 Minute(n), 53 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         
Vielen, vielen, vielen Dank!
eiskorn.

Geändert von eiskorn (26.01.2014 um 09:50 Uhr)

Alt 26.01.2014, 10:23   #2
Larusso
/// Selecta Jahrusso
 
Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject - Standard

Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject





Diese Funde sind als Anhang via Email gekommen. Irgendwelche dieser gefakten PDF Dateien geöffnet, welche eigentlich exe Dateien sind.
Die FRST logs sehen eigentlich ok aus. Macht der Rechner Probleme?
__________________

__________________

Alt 26.01.2014, 14:32   #3
eiskorn
 
Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject - Standard

Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject



Lahmt ein wenig ehrlich gesagt.
__________________

Alt 26.01.2014, 15:43   #4
Larusso
/// Selecta Jahrusso
 
Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject - Standard

Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject



Hy. Sehen wir mal genauer nach.

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Alt 26.01.2014, 16:33   #5
eiskorn
 
Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject - Standard

Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject



Hi,

Code:
ATTFilter
17:28:59.0289 0x02a8  TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
17:29:05.0976 0x02a8  ============================================================
17:29:05.0976 0x02a8  Current date / time: 2014/01/26 17:29:05.0976
17:29:05.0976 0x02a8  SystemInfo:
17:29:05.0976 0x02a8  
17:29:05.0976 0x02a8  OS Version: 6.1.7601 ServicePack: 1.0
17:29:05.0976 0x02a8  Product type: Workstation
17:29:05.0976 0x02a8  ComputerName: SANDWICH
17:29:05.0976 0x02a8  UserName: Jonas
17:29:05.0976 0x02a8  Windows directory: C:\Windows
17:29:05.0977 0x02a8  System windows directory: C:\Windows
17:29:05.0977 0x02a8  Running under WOW64
17:29:05.0977 0x02a8  Processor architecture: Intel x64
17:29:05.0977 0x02a8  Number of processors: 4
17:29:05.0977 0x02a8  Page size: 0x1000
17:29:05.0977 0x02a8  Boot type: Normal boot
17:29:05.0977 0x02a8  ============================================================
17:29:07.0161 0x02a8  KLMD registered as C:\Windows\system32\drivers\22436534.sys
17:29:07.0392 0x02a8  System UUID: {C7D7F9F2-F9CD-13CF-38CA-651F7F236B65}
17:29:08.0002 0x02a8  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:29:08.0035 0x02a8  ============================================================
17:29:08.0035 0x02a8  \Device\Harddisk0\DR0:
17:29:08.0035 0x02a8  MBR partitions:
17:29:08.0035 0x02a8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x40466C, BlocksNum 0x6400800
17:29:08.0035 0x02a8  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x6805000, BlocksNum 0x1EC29000
17:29:08.0035 0x02a8  ============================================================
17:29:08.0104 0x02a8  C: <-> \Device\Harddisk0\DR0\Partition1
17:29:08.0143 0x02a8  D: <-> \Device\Harddisk0\DR0\Partition2
17:29:08.0144 0x02a8  ============================================================
17:29:08.0144 0x02a8  Initialize success
17:29:08.0144 0x02a8  ============================================================
17:30:39.0989 0x0cec  ============================================================
17:30:39.0989 0x0cec  Scan started
17:30:39.0989 0x0cec  Mode: Manual; SigCheck; TDLFS; 
17:30:39.0989 0x0cec  ============================================================
17:30:39.0989 0x0cec  KSN ping started
17:30:42.0724 0x0cec  KSN ping finished: true
17:30:43.0151 0x0cec  ================ Scan system memory ========================
17:30:43.0151 0x0cec  System memory - ok
17:30:43.0152 0x0cec  ================ Scan services =============================
17:30:43.0306 0x0cec  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
17:30:43.0438 0x0cec  1394ohci - ok
17:30:43.0465 0x0cec  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
17:30:43.0486 0x0cec  ACPI - ok
17:30:43.0505 0x0cec  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
17:30:43.0578 0x0cec  AcpiPmi - ok
17:30:43.0625 0x0cec  [ 2F0683FD2DF1D92E891CACA14B45A8C1, B4A8D6A183FA0B7D642FAD6B51C19FEC998481E1C49480D2B391E5D8B55F5BBD ] adfs            C:\Windows\system32\drivers\adfs.sys
17:30:43.0646 0x0cec  adfs - ok
17:30:43.0813 0x0cec  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:30:43.0827 0x0cec  AdobeARMservice - ok
17:30:43.0935 0x0cec  [ 8D268693A6DCE3D7319DF14834841BAF, 229C95FE2E6A692EBC2842823A1C7D438F8DF18F44691BD7AFE79DB76F092F9D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:30:43.0952 0x0cec  AdobeFlashPlayerUpdateSvc - ok
17:30:44.0005 0x0cec  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
17:30:44.0041 0x0cec  adp94xx - ok
17:30:44.0087 0x0cec  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
17:30:44.0108 0x0cec  adpahci - ok
17:30:44.0124 0x0cec  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
17:30:44.0141 0x0cec  adpu320 - ok
17:30:44.0167 0x0cec  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
17:30:44.0292 0x0cec  AeLookupSvc - ok
17:30:44.0341 0x0cec  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
17:30:44.0444 0x0cec  AFD - ok
17:30:44.0500 0x0cec  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
17:30:44.0512 0x0cec  agp440 - ok
17:30:44.0546 0x0cec  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
17:30:44.0597 0x0cec  ALG - ok
17:30:44.0629 0x0cec  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
17:30:44.0648 0x0cec  aliide - ok
17:30:44.0673 0x0cec  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
17:30:44.0691 0x0cec  amdide - ok
17:30:44.0712 0x0cec  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
17:30:44.0777 0x0cec  AmdK8 - ok
17:30:44.0794 0x0cec  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
17:30:44.0837 0x0cec  AmdPPM - ok
17:30:44.0906 0x0cec  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
17:30:44.0922 0x0cec  amdsata - ok
17:30:44.0975 0x0cec  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
17:30:44.0994 0x0cec  amdsbs - ok
17:30:45.0014 0x0cec  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
17:30:45.0025 0x0cec  amdxata - ok
17:30:45.0083 0x0cec  [ 363571BC0C79E394E69300D1F2E3DDAE, 4C9DDB848900081D95C14026B0E7B84419867685506E616E1FDA1B79B1FD224B ] androidusb      C:\Windows\system32\Drivers\androidusb.sys
17:30:45.0147 0x0cec  androidusb - ok
17:30:45.0203 0x0cec  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
17:30:45.0398 0x0cec  AppID - ok
17:30:45.0423 0x0cec  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
17:30:45.0488 0x0cec  AppIDSvc - ok
17:30:45.0560 0x0cec  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
17:30:45.0616 0x0cec  Appinfo - ok
17:30:45.0715 0x0cec  [ 4FE5C6D40664AE07BE5105874357D2ED, 70DD05EE80B77EB2F781E0919885D1BBB1119EA1A8955935AF5AECD05E30F14A ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:30:45.0780 0x0cec  Apple Mobile Device - ok
17:30:45.0849 0x0cec  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
17:30:45.0892 0x0cec  AppMgmt - ok
17:30:45.0920 0x0cec  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
17:30:45.0934 0x0cec  arc - ok
17:30:45.0965 0x0cec  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
17:30:45.0985 0x0cec  arcsas - ok
17:30:46.0015 0x0cec  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
17:30:46.0081 0x0cec  AsyncMac - ok
17:30:46.0139 0x0cec  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
17:30:46.0151 0x0cec  atapi - ok
17:30:46.0234 0x0cec  [ D6CAD7E5B05055BB8226BDCB1644DA27, 053DBE95BE044C2674825561619A188660865AFCC4FD3C1D1E4F08972F5CC8DF ] athr            C:\Windows\system32\DRIVERS\athrx.sys
17:30:46.0406 0x0cec  athr - ok
17:30:46.0470 0x0cec  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:30:46.0574 0x0cec  AudioEndpointBuilder - ok
17:30:46.0624 0x0cec  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
17:30:46.0675 0x0cec  AudioSrv - ok
17:30:46.0745 0x0cec  [ 15D2DB9BFA8E833ED31FAB2BB088FDDA, 6198C0A5DA01DA146A9A054C3C882A1DBF9BA84466EBFDDA1C1062EF36F9B34B ] AVP             C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
17:30:46.0784 0x0cec  AVP - ok
17:30:46.0837 0x0cec  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
17:30:47.0018 0x0cec  AxInstSV - ok
17:30:47.0070 0x0cec  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
17:30:47.0137 0x0cec  b06bdrv - ok
17:30:47.0188 0x0cec  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
17:30:47.0237 0x0cec  b57nd60a - ok
17:30:47.0291 0x0cec  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
17:30:47.0339 0x0cec  BDESVC - ok
17:30:47.0370 0x0cec  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
17:30:47.0431 0x0cec  Beep - ok
17:30:47.0518 0x0cec  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
17:30:47.0603 0x0cec  BFE - ok
17:30:47.0670 0x0cec  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
17:30:47.0761 0x0cec  BITS - ok
17:30:47.0810 0x0cec  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
17:30:47.0845 0x0cec  blbdrive - ok
17:30:47.0948 0x0cec  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:30:47.0980 0x0cec  Bonjour Service - ok
17:30:48.0036 0x0cec  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:30:48.0086 0x0cec  bowser - ok
17:30:48.0127 0x0cec  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:30:48.0198 0x0cec  BrFiltLo - ok
17:30:48.0216 0x0cec  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:30:48.0251 0x0cec  BrFiltUp - ok
17:30:48.0322 0x0cec  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
17:30:48.0385 0x0cec  BridgeMP - ok
17:30:48.0444 0x0cec  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
17:30:48.0499 0x0cec  Browser - ok
17:30:48.0525 0x0cec  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
17:30:48.0591 0x0cec  Brserid - ok
17:30:48.0611 0x0cec  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
17:30:48.0649 0x0cec  BrSerWdm - ok
17:30:48.0678 0x0cec  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
17:30:48.0720 0x0cec  BrUsbMdm - ok
17:30:48.0752 0x0cec  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
17:30:48.0785 0x0cec  BrUsbSer - ok
17:30:48.0846 0x0cec  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
17:30:48.0912 0x0cec  BthEnum - ok
17:30:48.0961 0x0cec  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
17:30:48.0993 0x0cec  BTHMODEM - ok
17:30:49.0035 0x0cec  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
17:30:49.0073 0x0cec  BthPan - ok
17:30:49.0140 0x0cec  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
17:30:49.0239 0x0cec  BTHPORT - ok
17:30:49.0278 0x0cec  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
17:30:49.0332 0x0cec  bthserv - ok
17:30:49.0384 0x0cec  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
17:30:49.0427 0x0cec  BTHUSB - ok
17:30:49.0477 0x0cec  catchme - ok
17:30:49.0510 0x0cec  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:30:49.0574 0x0cec  cdfs - ok
17:30:49.0633 0x0cec  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
17:30:49.0676 0x0cec  cdrom - ok
17:30:49.0726 0x0cec  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
17:30:49.0784 0x0cec  CertPropSvc - ok
17:30:49.0820 0x0cec  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
17:30:49.0850 0x0cec  circlass - ok
17:30:49.0892 0x0cec  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
17:30:49.0915 0x0cec  CLFS - ok
17:30:50.0002 0x0cec  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:30:50.0014 0x0cec  clr_optimization_v2.0.50727_32 - ok
17:30:50.0061 0x0cec  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:30:50.0082 0x0cec  clr_optimization_v2.0.50727_64 - ok
17:30:50.0159 0x0cec  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:30:50.0175 0x0cec  clr_optimization_v4.0.30319_32 - ok
17:30:50.0218 0x0cec  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:30:50.0241 0x0cec  clr_optimization_v4.0.30319_64 - ok
17:30:50.0285 0x0cec  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
17:30:50.0318 0x0cec  CmBatt - ok
17:30:50.0351 0x0cec  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
17:30:50.0369 0x0cec  cmdide - ok
17:30:50.0411 0x0cec  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
17:30:50.0448 0x0cec  CNG - ok
17:30:50.0466 0x0cec  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
17:30:50.0477 0x0cec  Compbatt - ok
17:30:50.0542 0x0cec  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
17:30:50.0577 0x0cec  CompositeBus - ok
17:30:50.0598 0x0cec  COMSysApp - ok
17:30:50.0625 0x0cec  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
17:30:50.0643 0x0cec  crcdisk - ok
17:30:50.0696 0x0cec  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:30:50.0764 0x0cec  CryptSvc - ok
17:30:50.0805 0x0cec  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
17:30:50.0885 0x0cec  CSC - ok
17:30:50.0943 0x0cec  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
17:30:51.0006 0x0cec  CscService - ok
17:30:51.0060 0x0cec  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:30:51.0140 0x0cec  DcomLaunch - ok
17:30:51.0172 0x0cec  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
17:30:51.0221 0x0cec  defragsvc - ok
17:30:51.0274 0x0cec  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
17:30:51.0327 0x0cec  DfsC - ok
17:30:51.0391 0x0cec  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
17:30:51.0459 0x0cec  Dhcp - ok
17:30:51.0488 0x0cec  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
17:30:51.0526 0x0cec  discache - ok
17:30:51.0584 0x0cec  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
17:30:51.0598 0x0cec  Disk - ok
17:30:51.0644 0x0cec  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:30:51.0700 0x0cec  Dnscache - ok
17:30:51.0741 0x0cec  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
17:30:51.0804 0x0cec  dot3svc - ok
17:30:51.0876 0x0cec  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
17:30:51.0936 0x0cec  DPS - ok
17:30:51.0964 0x0cec  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
17:30:52.0007 0x0cec  drmkaud - ok
17:30:52.0059 0x0cec  [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
17:30:52.0079 0x0cec  dtsoftbus01 - ok
17:30:52.0136 0x0cec  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
17:30:52.0186 0x0cec  DXGKrnl - ok
17:30:52.0220 0x0cec  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
17:30:52.0276 0x0cec  EapHost - ok
17:30:52.0420 0x0cec  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
17:30:52.0608 0x0cec  ebdrv - ok
17:30:52.0645 0x0cec  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\Windows\System32\lsass.exe
17:30:52.0668 0x0cec  EFS - ok
17:30:52.0756 0x0cec  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
17:30:52.0844 0x0cec  ehRecvr - ok
17:30:52.0869 0x0cec  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
17:30:52.0935 0x0cec  ehSched - ok
17:30:52.0983 0x0cec  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
17:30:53.0018 0x0cec  elxstor - ok
17:30:53.0049 0x0cec  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
17:30:53.0078 0x0cec  ErrDev - ok
17:30:53.0127 0x0cec  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
17:30:53.0196 0x0cec  EventSystem - ok
17:30:53.0246 0x0cec  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
17:30:53.0299 0x0cec  exfat - ok
17:30:53.0333 0x0cec  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
17:30:53.0396 0x0cec  fastfat - ok
17:30:53.0459 0x0cec  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
17:30:53.0556 0x0cec  Fax - ok
17:30:53.0614 0x0cec  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
17:30:53.0647 0x0cec  fdc - ok
17:30:53.0685 0x0cec  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
17:30:53.0750 0x0cec  fdPHost - ok
17:30:53.0782 0x0cec  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
17:30:53.0842 0x0cec  FDResPub - ok
17:30:53.0885 0x0cec  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:30:53.0901 0x0cec  FileInfo - ok
17:30:53.0918 0x0cec  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
17:30:53.0955 0x0cec  Filetrace - ok
17:30:53.0970 0x0cec  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
17:30:54.0003 0x0cec  flpydisk - ok
17:30:54.0040 0x0cec  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:30:54.0059 0x0cec  FltMgr - ok
17:30:54.0148 0x0cec  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
17:30:54.0251 0x0cec  FontCache - ok
17:30:54.0313 0x0cec  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:30:54.0325 0x0cec  FontCache3.0.0.0 - ok
17:30:54.0348 0x0cec  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
17:30:54.0360 0x0cec  FsDepends - ok
17:30:54.0408 0x0cec  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:30:54.0429 0x0cec  Fs_Rec - ok
17:30:54.0462 0x0cec  [ BA0C1FFDA496D8BCBCAC63F8D98D20E3, 28D37F07A58D5AFA48A18BB4A780A36A3F8D49E94DE8CA5071071CCF16C0C090 ] FUJ02B1         C:\Windows\system32\DRIVERS\FUJ02B1.sys
17:30:54.0513 0x0cec  FUJ02B1 - ok
17:30:54.0527 0x0cec  [ 7135030CBF87D724B6037BB023923730, 1F6D9A7D7033226507DEDD53CB686C0F3CDC15FD7E77DBC5263256E8EB541E4E ] FUJ02E3         C:\Windows\system32\DRIVERS\FUJ02E3.sys
17:30:54.0549 0x0cec  FUJ02E3 - ok
17:30:54.0605 0x0cec  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
17:30:54.0626 0x0cec  fvevol - ok
17:30:54.0658 0x0cec  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
17:30:54.0671 0x0cec  gagp30kx - ok
17:30:54.0699 0x0cec  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:30:54.0710 0x0cec  GEARAspiWDM - ok
17:30:54.0767 0x0cec  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
17:30:54.0863 0x0cec  gpsvc - ok
17:30:54.0922 0x0cec  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
17:30:54.0934 0x0cec  hamachi - ok
17:30:54.0952 0x0cec  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
17:30:55.0003 0x0cec  hcw85cir - ok
17:30:55.0063 0x0cec  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:30:55.0127 0x0cec  HdAudAddService - ok
17:30:55.0174 0x0cec  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
17:30:55.0212 0x0cec  HDAudBus - ok
17:30:55.0266 0x0cec  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
17:30:55.0283 0x0cec  HECIx64 - ok
17:30:55.0314 0x0cec  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
17:30:55.0338 0x0cec  HidBatt - ok
17:30:55.0369 0x0cec  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
17:30:55.0389 0x0cec  HidBth - ok
17:30:55.0424 0x0cec  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
17:30:55.0456 0x0cec  HidIr - ok
17:30:55.0493 0x0cec  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
17:30:55.0545 0x0cec  hidserv - ok
17:30:55.0594 0x0cec  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
17:30:55.0622 0x0cec  HidUsb - ok
17:30:55.0653 0x0cec  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:30:55.0722 0x0cec  hkmsvc - ok
17:30:55.0768 0x0cec  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:30:55.0816 0x0cec  HomeGroupListener - ok
17:30:55.0853 0x0cec  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:30:55.0888 0x0cec  HomeGroupProvider - ok
17:30:55.0945 0x0cec  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
17:30:55.0960 0x0cec  HpSAMD - ok
17:30:56.0030 0x0cec  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:30:56.0125 0x0cec  HTTP - ok
17:30:56.0145 0x0cec  hwdatacard - ok
17:30:56.0186 0x0cec  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
17:30:56.0198 0x0cec  hwpolicy - ok
17:30:56.0221 0x0cec  hwusbdev - ok
17:30:56.0261 0x0cec  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
17:30:56.0278 0x0cec  i8042prt - ok
17:30:56.0326 0x0cec  [ ABBF174CB394F5C437410A788B7E404A, 95554F675329E7062F0936E4E902FEFF2456CAD95D6C9B60DCC213EF6E4C62D8 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
17:30:56.0347 0x0cec  iaStor - ok
17:30:56.0458 0x0cec  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
17:30:56.0483 0x0cec  iaStorV - ok
17:30:56.0565 0x0cec  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:30:56.0622 0x0cec  idsvc - ok
17:30:56.0640 0x0cec  IEEtwCollectorService - ok
17:30:56.0915 0x0cec  [ 8E509DE232CFA4F8A5B34F01802F500E, D7641C91BC359CF9A430811236DB4F12CCA4386CD62E7CB50FF0F8FA2F9FF2E7 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
17:30:57.0292 0x0cec  igfx - ok
17:30:57.0332 0x0cec  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
17:30:57.0344 0x0cec  iirsp - ok
17:30:57.0388 0x0cec  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
17:30:57.0475 0x0cec  IKEEXT - ok
17:30:57.0504 0x0cec  [ 36FDF367A1DABFF903E2214023D71368, 60468692C1D048428AF25ED87DE23DAE756C7BA2B6CF6AF5EFD2E53C80F5FC68 ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
17:30:57.0535 0x0cec  Impcd - ok
17:30:57.0669 0x0cec  [ 42943BB3AB7A405B30EFF7C8283CC129, B914B5610565B794BE28664DE605C5726A0587F15034A026509885771C63B0D5 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:30:57.0788 0x0cec  IntcAzAudAddService - ok
17:30:57.0834 0x0cec  [ D248AAE81C156C0D47A77CD61BC24CD4, 0601FD06C85C5ADA8EE32A195FC4FB53F76E7E46E5504DE925E4292AF1D5C4B8 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
17:30:57.0935 0x0cec  IntcDAud - ok
17:30:57.0955 0x0cec  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
17:30:57.0966 0x0cec  intelide - ok
17:30:57.0994 0x0cec  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
17:30:58.0009 0x0cec  intelppm - ok
17:30:58.0044 0x0cec  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
17:30:58.0099 0x0cec  IPBusEnum - ok
17:30:58.0123 0x0cec  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:30:58.0180 0x0cec  IpFilterDriver - ok
17:30:58.0238 0x0cec  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
17:30:58.0320 0x0cec  iphlpsvc - ok
17:30:58.0351 0x0cec  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
17:30:58.0380 0x0cec  IPMIDRV - ok
17:30:58.0401 0x0cec  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
17:30:58.0461 0x0cec  IPNAT - ok
17:30:58.0549 0x0cec  [ 2872B90D57C8310194A78A9787406467, 1BD326E8E59330E07D6B93E514EC3E6629A2046316BC9371AB82FE62F0DA2E94 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
17:30:58.0598 0x0cec  iPod Service - ok
17:30:58.0616 0x0cec  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:30:58.0721 0x0cec  IRENUM - ok
17:30:58.0781 0x0cec  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
17:30:58.0793 0x0cec  isapnp - ok
17:30:58.0828 0x0cec  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
17:30:58.0876 0x0cec  iScsiPrt - ok
17:30:58.0918 0x0cec  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
17:30:58.0930 0x0cec  kbdclass - ok
17:30:58.0967 0x0cec  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
17:30:59.0040 0x0cec  kbdhid - ok
17:30:59.0061 0x0cec  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe
17:30:59.0074 0x0cec  KeyIso - ok
17:30:59.0139 0x0cec  [ 795EC29BA21F1D948FD6FD740C00B599, 780900717A812C5DB78C67057010BD62DF2C756C087599A6F8C67CB4EFA7518C ] kl1             C:\Windows\system32\DRIVERS\kl1.sys
17:30:59.0174 0x0cec  kl1 - ok
17:30:59.0246 0x0cec  [ 788E5F92721849A17BD64883C49EB825, CEBCE3D9A84D31F597F8592F0E62C2E6ED8A492087F121B151E64903A86CAC52 ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
17:30:59.0286 0x0cec  KLIF - ok
17:30:59.0327 0x0cec  [ 31B69BFF28348503E4BD10C2A4F66D05, 891318C2DDF85E43DFCEE73717AEFCE79BC3DCD83FCD58E6F794AB6BF1739688 ] KLIM6           C:\Windows\system32\DRIVERS\klim6.sys
17:30:59.0339 0x0cec  KLIM6 - ok
17:30:59.0390 0x0cec  [ AEB50941C6D67128B14F88DB9917C4E0, 2ACE46665DE298CC197660A442A3172B1FB460A40BD18AECEA786ACB011FDA43 ] klkbdflt        C:\Windows\system32\DRIVERS\klkbdflt.sys
17:30:59.0402 0x0cec  klkbdflt - ok
17:30:59.0415 0x0cec  [ 72CF64FBF38CD681FA7F37176047E967, BE5683C119DCEF7E678EE477D6CADF873E32D42372A253B7E86B8C335DF28E1C ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
17:30:59.0427 0x0cec  klmouflt - ok
17:30:59.0455 0x0cec  [ 45ECF097BC6330C2054D7D43B7AD822B, 41684ED54E75FE6BEEA322E7CE888DFDD53EE1F45016E01CE10B84ABB02CBDA8 ] kltdi           C:\Windows\system32\DRIVERS\kltdi.sys
17:30:59.0468 0x0cec  kltdi - ok
17:30:59.0501 0x0cec  [ 1FCB657B581CC4DF17FD6571F93602DE, D5D95773D19AA47BA619D149FD6068198E2AA05C219C3936E327B3DFFDE6B10C ] kneps           C:\Windows\system32\DRIVERS\kneps.sys
17:30:59.0520 0x0cec  kneps - ok
17:30:59.0544 0x0cec  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:30:59.0560 0x0cec  KSecDD - ok
17:30:59.0575 0x0cec  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
17:30:59.0592 0x0cec  KSecPkg - ok
17:30:59.0630 0x0cec  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
17:30:59.0678 0x0cec  ksthunk - ok
17:30:59.0732 0x0cec  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
17:30:59.0851 0x0cec  KtmRm - ok
17:30:59.0895 0x0cec  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
17:30:59.0959 0x0cec  LanmanServer - ok
17:31:00.0016 0x0cec  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:31:00.0074 0x0cec  LanmanWorkstation - ok
17:31:00.0126 0x0cec  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:31:00.0180 0x0cec  lltdio - ok
17:31:00.0231 0x0cec  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
17:31:00.0278 0x0cec  lltdsvc - ok
17:31:00.0296 0x0cec  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
17:31:00.0347 0x0cec  lmhosts - ok
17:31:00.0448 0x0cec  [ A1C148801B4AF64847AEB9F3AD9594EF, FF6ED89EA47DF74C33CD8BFAC48FAED1B979348ABA6B6D94EE07CBD21810F37B ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:31:00.0544 0x0cec  LMS - detected UnsignedFile.Multi.Generic ( 1 )
17:31:00.0620 0x0cec  LMS ( UnsignedFile.Multi.Generic ) - warning
17:31:03.0432 0x0cec  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
17:31:03.0448 0x0cec  LSI_FC - ok
17:31:03.0465 0x0cec  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
17:31:03.0481 0x0cec  LSI_SAS - ok
17:31:03.0493 0x0cec  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:31:03.0507 0x0cec  LSI_SAS2 - ok
17:31:03.0531 0x0cec  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:31:03.0546 0x0cec  LSI_SCSI - ok
17:31:03.0575 0x0cec  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
17:31:03.0631 0x0cec  luafv - ok
17:31:03.0675 0x0cec  [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
17:31:03.0687 0x0cec  MBAMProtector - ok
17:31:03.0743 0x0cec  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
17:31:03.0767 0x0cec  MBAMScheduler - ok
17:31:03.0828 0x0cec  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
17:31:03.0861 0x0cec  MBAMService - ok
17:31:03.0907 0x0cec  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
17:31:03.0925 0x0cec  Mcx2Svc - ok
17:31:03.0951 0x0cec  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
17:31:03.0963 0x0cec  megasas - ok
17:31:04.0002 0x0cec  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
17:31:04.0022 0x0cec  MegaSR - ok
17:31:04.0119 0x0cec  [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
17:31:04.0132 0x0cec  Microsoft Office Groove Audit Service - ok
17:31:04.0152 0x0cec  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
17:31:04.0209 0x0cec  MMCSS - ok
17:31:04.0248 0x0cec  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
17:31:04.0301 0x0cec  Modem - ok
17:31:04.0326 0x0cec  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
17:31:04.0363 0x0cec  monitor - ok
17:31:04.0424 0x0cec  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
17:31:04.0435 0x0cec  mouclass - ok
17:31:04.0466 0x0cec  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
17:31:04.0500 0x0cec  mouhid - ok
17:31:04.0567 0x0cec  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
17:31:04.0582 0x0cec  mountmgr - ok
17:31:04.0679 0x0cec  [ 3B9398E0146855B1DC0E3D9769C80F01, DF69DB5CA30A5577648635C27DD468AF98515D07DF379B3FFDCC6B40744EDE66 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:31:04.0695 0x0cec  MozillaMaintenance - ok
17:31:04.0733 0x0cec  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
17:31:04.0791 0x0cec  mpio - ok
17:31:04.0830 0x0cec  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:31:04.0868 0x0cec  mpsdrv - ok
17:31:04.0926 0x0cec  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
17:31:05.0019 0x0cec  MpsSvc - ok
17:31:05.0052 0x0cec  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:31:05.0098 0x0cec  MRxDAV - ok
17:31:05.0134 0x0cec  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:31:05.0183 0x0cec  mrxsmb - ok
17:31:05.0223 0x0cec  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:31:05.0262 0x0cec  mrxsmb10 - ok
17:31:05.0281 0x0cec  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:31:05.0298 0x0cec  mrxsmb20 - ok
17:31:05.0331 0x0cec  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
17:31:05.0343 0x0cec  msahci - ok
17:31:05.0358 0x0cec  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
17:31:05.0375 0x0cec  msdsm - ok
17:31:05.0401 0x0cec  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
17:31:05.0433 0x0cec  MSDTC - ok
17:31:05.0475 0x0cec  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:31:05.0512 0x0cec  Msfs - ok
17:31:05.0547 0x0cec  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
17:31:05.0604 0x0cec  mshidkmdf - ok
17:31:05.0627 0x0cec  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
17:31:05.0639 0x0cec  msisadrv - ok
17:31:05.0673 0x0cec  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
17:31:05.0731 0x0cec  MSiSCSI - ok
17:31:05.0734 0x0cec  msiserver - ok
17:31:05.0775 0x0cec  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
17:31:05.0823 0x0cec  MSKSSRV - ok
17:31:05.0841 0x0cec  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:31:05.0886 0x0cec  MSPCLOCK - ok
17:31:05.0910 0x0cec  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
17:31:05.0963 0x0cec  MSPQM - ok
17:31:06.0003 0x0cec  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
17:31:06.0025 0x0cec  MsRPC - ok
17:31:06.0070 0x0cec  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
17:31:06.0082 0x0cec  mssmbios - ok
17:31:06.0115 0x0cec  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
17:31:06.0168 0x0cec  MSTEE - ok
17:31:06.0189 0x0cec  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
17:31:06.0202 0x0cec  MTConfig - ok
17:31:06.0220 0x0cec  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
17:31:06.0232 0x0cec  Mup - ok
17:31:06.0287 0x0cec  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
17:31:06.0363 0x0cec  napagent - ok
17:31:06.0417 0x0cec  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
17:31:06.0466 0x0cec  NativeWifiP - ok
17:31:06.0583 0x0cec  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:31:06.0641 0x0cec  NDIS - ok
17:31:06.0678 0x0cec  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
17:31:06.0736 0x0cec  NdisCap - ok
17:31:06.0783 0x0cec  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:31:06.0841 0x0cec  NdisTapi - ok
17:31:06.0922 0x0cec  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
17:31:06.0979 0x0cec  Ndisuio - ok
17:31:07.0043 0x0cec  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
17:31:07.0106 0x0cec  NdisWan - ok
17:31:07.0142 0x0cec  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
17:31:07.0193 0x0cec  NDProxy - ok
17:31:07.0257 0x0cec  [ DC6530A291D4BDF6DF399F1F128E7F8F, 85123D802063383646EEBC60F4ABBCDBA2AE3180E99A8A99C024B1EBB0C6690E ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
17:31:07.0286 0x0cec  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
17:31:07.0286 0x0cec  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
17:31:21.0097 0x0cec  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
17:31:21.0152 0x0cec  NetBIOS - ok
17:31:21.0192 0x0cec  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
17:31:21.0236 0x0cec  NetBT - ok
17:31:21.0252 0x0cec  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe
17:31:21.0265 0x0cec  Netlogon - ok
17:31:21.0300 0x0cec  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
17:31:21.0361 0x0cec  Netman - ok
17:31:21.0396 0x0cec  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
17:31:21.0474 0x0cec  netprofm - ok
17:31:21.0504 0x0cec  [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF62333B33B60045B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:31:21.0518 0x0cec  NetTcpPortSharing - ok
17:31:21.0560 0x0cec  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
17:31:21.0572 0x0cec  nfrd960 - ok
17:31:21.0611 0x0cec  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:31:21.0654 0x0cec  NlaSvc - ok
17:31:21.0678 0x0cec  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:31:21.0728 0x0cec  Npfs - ok
17:31:21.0767 0x0cec  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
17:31:21.0824 0x0cec  nsi - ok
17:31:21.0839 0x0cec  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:31:21.0891 0x0cec  nsiproxy - ok
17:31:21.0971 0x0cec  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:31:22.0045 0x0cec  Ntfs - ok
17:31:22.0062 0x0cec  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
17:31:22.0098 0x0cec  Null - ok
17:31:22.0147 0x0cec  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:31:22.0164 0x0cec  nvraid - ok
17:31:22.0196 0x0cec  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:31:22.0214 0x0cec  nvstor - ok
17:31:22.0234 0x0cec  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
17:31:22.0251 0x0cec  nv_agp - ok
17:31:22.0332 0x0cec  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:31:22.0368 0x0cec  odserv - ok
17:31:22.0405 0x0cec  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
17:31:22.0433 0x0cec  ohci1394 - ok
17:31:22.0493 0x0cec  [ DA345DE3B450E9E1691E7B9956D8FFC3, 23115188E82F7D2681D697D306F64B3CC4AF43F0AFDFAB73E1BB570115B9D84E ] OMSI download service C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
17:31:22.0534 0x0cec  OMSI download service - detected UnsignedFile.Multi.Generic ( 1 )
17:31:22.0534 0x0cec  OMSI download service ( UnsignedFile.Multi.Generic ) - warning
17:31:22.0534 0x0cec  Force sending object to P2P due to detect: C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
17:31:25.0480 0x0cec  Object send P2P result: false
17:31:28.0260 0x0cec  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:31:28.0276 0x0cec  ose - ok
17:31:28.0313 0x0cec  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
17:31:28.0374 0x0cec  p2pimsvc - ok
17:31:28.0402 0x0cec  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
17:31:28.0458 0x0cec  p2psvc - ok
17:31:28.0487 0x0cec  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
17:31:28.0510 0x0cec  Parport - ok
17:31:28.0549 0x0cec  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
17:31:28.0563 0x0cec  partmgr - ok
17:31:28.0595 0x0cec  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:31:28.0641 0x0cec  PcaSvc - ok
17:31:28.0685 0x0cec  pccsmcfd - ok
17:31:28.0730 0x0cec  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
17:31:28.0747 0x0cec  pci - ok
17:31:28.0784 0x0cec  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
17:31:28.0794 0x0cec  pciide - ok
17:31:28.0835 0x0cec  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
17:31:28.0854 0x0cec  pcmcia - ok
17:31:28.0879 0x0cec  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
17:31:28.0891 0x0cec  pcw - ok
17:31:29.0001 0x0cec  [ 20372BE109FEE1C37E2D5216680DB9EB, 2C3737FB3C6BCF81D0A7293667412DDEA649A8AEA40B7ADCFCB9893E8B3C4AF3 ] PDF Architect Helper Service C:\Program Files (x86)\PDF Architect\HelperService.exe
17:31:29.0279 0x0cec  PDF Architect Helper Service - ok
17:31:29.0373 0x0cec  [ B90A279073A815A4AA2C45A09EE004FA, 9EA27630C47F5FF99CBBE513C113F3ED01FABA0D59B9D9637764027BCC6EA24A ] PDF Architect Service C:\Program Files (x86)\PDF Architect\ConversionService.exe
17:31:29.0440 0x0cec  PDF Architect Service - ok
17:31:29.0468 0x0cec  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:31:29.0555 0x0cec  PEAUTH - ok
17:31:29.0642 0x0cec  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
17:31:29.0783 0x0cec  PeerDistSvc - ok
17:31:29.0870 0x0cec  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
17:31:29.0902 0x0cec  PerfHost - ok
17:31:29.0978 0x0cec  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
17:31:30.0118 0x0cec  pla - ok
17:31:30.0170 0x0cec  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:31:30.0206 0x0cec  PlugPlay - ok
17:31:30.0277 0x0cec  [ 71F62C51DFDFBC04C83C5C64B2B8058E, CAB12E6D27BE421BD5A3CB04066EA50303A3210332ECC4B5C03B5F19735FC857 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
17:31:30.0300 0x0cec  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
17:31:30.0300 0x0cec  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
17:31:33.0084 0x0cec  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
17:31:33.0116 0x0cec  PNRPAutoReg - ok
17:31:33.0144 0x0cec  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
17:31:33.0165 0x0cec  PNRPsvc - ok
17:31:33.0214 0x0cec  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
17:31:33.0291 0x0cec  PolicyAgent - ok
17:31:33.0331 0x0cec  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
17:31:33.0386 0x0cec  Power - ok
17:31:33.0448 0x0cec  [ 843BA5F09A391D52AC1F8486C5FC3D4F, 55952EB06CA88955F8A33856E161D808918B05B143287E267EB69963238F1B98 ] PowerSavingUtilityService C:\Program Files\Fujitsu\PSUtility\PSUService.exe
17:31:33.0460 0x0cec  PowerSavingUtilityService - ok
17:31:33.0498 0x0cec  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
17:31:33.0537 0x0cec  PptpMiniport - ok
17:31:33.0572 0x0cec  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
17:31:33.0597 0x0cec  Processor - ok
17:31:33.0641 0x0cec  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
17:31:33.0752 0x0cec  ProfSvc - ok
17:31:33.0766 0x0cec  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
17:31:33.0780 0x0cec  ProtectedStorage - ok
17:31:33.0832 0x0cec  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
17:31:33.0889 0x0cec  Psched - ok
17:31:33.0927 0x0cec  [ D8589A43B352E7F2317194C98447149F, CFEC6F28FDF946D310133817423FB4FE9C20560B6F89F936913F2C7C9853F4BA ] pwdrvio         C:\Windows\system32\pwdrvio.sys
17:31:33.0942 0x0cec  pwdrvio - ok
17:31:33.0984 0x0cec  [ 4B8FDA635F4D2E7D638B2B3817B5AFC8, 8B72446B02CC1657785E06DD2E5E199F76778433491765BDE57E9F3C59AA4877 ] pwdspio         C:\Windows\system32\pwdspio.sys
17:31:33.0997 0x0cec  pwdspio - ok
17:31:34.0060 0x0cec  [ A73512132ECB2CD721E163ABCEAC359F, 872C706A6358FC879C42D491D5211E3BFA92D901981097371FE3236CE3235BE4 ] qicflt          C:\Windows\system32\DRIVERS\qicflt.sys
17:31:34.0070 0x0cec  qicflt - ok
17:31:34.0159 0x0cec  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
17:31:34.0321 0x0cec  ql2300 - ok
17:31:34.0353 0x0cec  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
17:31:34.0369 0x0cec  ql40xx - ok
17:31:34.0396 0x0cec  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
17:31:34.0440 0x0cec  QWAVE - ok
17:31:34.0469 0x0cec  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:31:34.0500 0x0cec  QWAVEdrv - ok
17:31:34.0582 0x0cec  [ A55E7D0D873B2C97585B3B5926AC6ADE, 3BE3895DA7F0888E85B1941525878BA0846A8F215AD39ED8138BB39615468E32 ] RapiMgr         C:\Windows\WindowsMobile\rapimgr.dll
17:31:34.0599 0x0cec  RapiMgr - ok
17:31:34.0617 0x0cec  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:31:34.0674 0x0cec  RasAcd - ok
17:31:34.0696 0x0cec  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
17:31:34.0770 0x0cec  RasAgileVpn - ok
17:31:34.0813 0x0cec  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
17:31:34.0854 0x0cec  RasAuto - ok
17:31:34.0889 0x0cec  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
17:31:34.0945 0x0cec  Rasl2tp - ok
17:31:34.0990 0x0cec  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
17:31:35.0053 0x0cec  RasMan - ok
17:31:35.0093 0x0cec  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:31:35.0132 0x0cec  RasPppoe - ok
17:31:35.0150 0x0cec  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
17:31:35.0211 0x0cec  RasSstp - ok
17:31:35.0252 0x0cec  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
17:31:35.0313 0x0cec  rdbss - ok
17:31:35.0343 0x0cec  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
17:31:35.0359 0x0cec  rdpbus - ok
17:31:35.0389 0x0cec  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
17:31:35.0425 0x0cec  RDPCDD - ok
17:31:35.0456 0x0cec  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
17:31:35.0491 0x0cec  RDPDR - ok
17:31:35.0507 0x0cec  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
17:31:35.0554 0x0cec  RDPENCDD - ok
17:31:35.0577 0x0cec  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
17:31:35.0632 0x0cec  RDPREFMP - ok
17:31:35.0666 0x0cec  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
17:31:35.0724 0x0cec  RDPWD - ok
17:31:35.0769 0x0cec  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
17:31:35.0787 0x0cec  rdyboost - ok
17:31:35.0818 0x0cec  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:31:35.0859 0x0cec  RemoteAccess - ok
17:31:35.0893 0x0cec  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:31:35.0953 0x0cec  RemoteRegistry - ok
17:31:35.0987 0x0cec  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
17:31:36.0029 0x0cec  RFCOMM - ok
17:31:36.0050 0x0cec  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
17:31:36.0105 0x0cec  RpcEptMapper - ok
17:31:36.0138 0x0cec  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
17:31:36.0154 0x0cec  RpcLocator - ok
17:31:36.0198 0x0cec  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
17:31:36.0247 0x0cec  RpcSs - ok
17:31:36.0276 0x0cec  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:31:36.0315 0x0cec  rspndr - ok
17:31:36.0373 0x0cec  [ 4A25DC970C58104602ED274DACAFD784, 38377570346385E9035568694638719475607B62968C5E3D0D9CBCDD04A5BD52 ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
17:31:36.0435 0x0cec  RSUSBSTOR - ok
17:31:36.0483 0x0cec  [ 4B42BC58294E83A6A92EC8B88C14C4A3, 80885CFF021F7BC85647224863A83D444EA7848CBB4F06DFDFADE58F47307D21 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
17:31:36.0539 0x0cec  RTL8167 - ok
17:31:36.0569 0x0cec  RtsUIR - ok
17:31:36.0607 0x0cec  [ EA268BCE30691C2DD24F02E617FD2EB5, DD95E7C1C60C773953CE9DB77D8441508CE4A21820AAEDE455A3A6C373278DA4 ] s0016bus        C:\Windows\system32\DRIVERS\s0016bus.sys
17:31:36.0623 0x0cec  s0016bus - ok
17:31:36.0645 0x0cec  [ F5F9DEB89996D333EF976624D37E24E3, 88DE296EFA6CA2F32318F1807D633C8949D237FB33BA320551B71089CF5EB73B ] s0016mdfl       C:\Windows\system32\DRIVERS\s0016mdfl.sys
17:31:36.0655 0x0cec  s0016mdfl - ok
17:31:36.0664 0x0cec  [ C17CE2AEE67480FEBCC36ECCB54C0BE8, E13F83608B29988CCDB5A462AA3E56D26222427066651EEDF48223664D3FAFEA ] s0016mdm        C:\Windows\system32\DRIVERS\s0016mdm.sys
17:31:36.0680 0x0cec  s0016mdm - ok
17:31:36.0716 0x0cec  [ CC267F04C54C5EC5B7BD658D7628469F, 66F2283C8CE15BEED0B933EA82158C91FC77B1BF9FEF057D0E291922D07A8E53 ] s0016mgmt       C:\Windows\system32\DRIVERS\s0016mgmt.sys
17:31:36.0731 0x0cec  s0016mgmt - ok
17:31:36.0747 0x0cec  [ 30A35BBCE09D9FE67482FD62C61911FC, 8E8B0910F2A4C7DCFF0F8A83AAA8F9B38D53CEB7B7E7DC5B64350A09CBE6F557 ] s0016nd5        C:\Windows\system32\DRIVERS\s0016nd5.sys
17:31:36.0758 0x0cec  s0016nd5 - ok
17:31:36.0781 0x0cec  [ CA394DCC38579C7AD82E83EE64D798A0, A56DB0C67EF6CF1A95BB8E7FBFFBC7926D3E3A0511DD4389D2002312E72703A9 ] s0016obex       C:\Windows\system32\DRIVERS\s0016obex.sys
17:31:36.0797 0x0cec  s0016obex - ok
17:31:36.0812 0x0cec  [ EB267CCEA84E6E8598D92F73332AC67B, 3C7F0FDD825D2C50B13E78FB742B09A5E636820C6F47778F1C5E6900B3C9B905 ] s0016unic       C:\Windows\system32\DRIVERS\s0016unic.sys
17:31:36.0829 0x0cec  s0016unic - ok
17:31:36.0863 0x0cec  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
17:31:36.0909 0x0cec  s3cap - ok
17:31:36.0925 0x0cec  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\Windows\system32\lsass.exe
17:31:36.0937 0x0cec  SamSs - ok
17:31:36.0982 0x0cec  [ B7E1FF02C6A9BCDE9A34DE801E379844, AA4E422956044BDFA7404AA9F195595AB8840EB60B91808068D2F8C3859B6DB8 ] SbieDrv         C:\Program Files\Sandboxie\SbieDrv.sys
17:31:37.0035 0x0cec  SbieDrv - ok
17:31:37.0067 0x0cec  [ 4B30590ABBBE4138BD4999FDF586AE53, 3B0428D35A0B6314E2F29F08F961291469090AF1C31B94DB7D45E64CED34B0A2 ] SbieSvc         C:\Program Files\Sandboxie\SbieSvc.exe
17:31:37.0083 0x0cec  SbieSvc - ok
17:31:37.0127 0x0cec  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
17:31:37.0202 0x0cec  sbp2port - ok
17:31:37.0247 0x0cec  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:31:37.0292 0x0cec  SCardSvr - ok
17:31:37.0339 0x0cec  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
17:31:37.0388 0x0cec  scfilter - ok
17:31:37.0464 0x0cec  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
17:31:37.0587 0x0cec  Schedule - ok
17:31:37.0616 0x0cec  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
17:31:37.0653 0x0cec  SCPolicySvc - ok
17:31:37.0700 0x0cec  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
17:31:37.0756 0x0cec  SDRSVC - ok
17:31:37.0796 0x0cec  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:31:37.0845 0x0cec  secdrv - ok
17:31:37.0882 0x0cec  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
17:31:37.0937 0x0cec  seclogon - ok
17:31:37.0962 0x0cec  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
17:31:38.0020 0x0cec  SENS - ok
17:31:38.0039 0x0cec  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
17:31:38.0063 0x0cec  SensrSvc - ok
17:31:38.0094 0x0cec  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
17:31:38.0108 0x0cec  Serenum - ok
17:31:38.0123 0x0cec  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
17:31:38.0139 0x0cec  Serial - ok
17:31:38.0181 0x0cec  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
17:31:38.0207 0x0cec  sermouse - ok
17:31:38.0247 0x0cec  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
17:31:38.0304 0x0cec  SessionEnv - ok
17:31:38.0339 0x0cec  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
17:31:38.0380 0x0cec  sffdisk - ok
17:31:38.0394 0x0cec  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
17:31:38.0427 0x0cec  sffp_mmc - ok
17:31:38.0431 0x0cec  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
17:31:38.0522 0x0cec  sffp_sd - ok
17:31:38.0549 0x0cec  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
17:31:38.0590 0x0cec  sfloppy - ok
17:31:38.0703 0x0cec  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:31:38.0764 0x0cec  SharedAccess - ok
17:31:38.0823 0x0cec  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:31:38.0889 0x0cec  ShellHWDetection - ok
17:31:38.0932 0x0cec  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:31:39.0013 0x0cec  SiSRaid2 - ok
17:31:39.0062 0x0cec  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
17:31:39.0077 0x0cec  SiSRaid4 - ok
17:31:39.0147 0x0cec  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
17:31:39.0166 0x0cec  SkypeUpdate - ok
17:31:39.0242 0x0cec  [ DD0443BC6CC78A19FD399817F8C51401, 06D945DB1E2C45C01D9900A4C9A557269CCD7F0AD5F1864E31E03879BC4CDF7F ] SmartDefragDriver C:\Windows\system32\Drivers\SmartDefragDriver.sys
17:31:39.0254 0x0cec  SmartDefragDriver - ok
17:31:39.0290 0x0cec  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
17:31:39.0341 0x0cec  Smb - ok
17:31:39.0378 0x0cec  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:31:39.0414 0x0cec  SNMPTRAP - ok
17:31:39.0507 0x0cec  [ 12583AF6CBE0050651EAF2723B3AD7B3, 965D4F981B54669A96C5AB02D09BF0A9850D13862425B8981F1A9271350F28BB ] speedfan        C:\Windows\syswow64\speedfan.sys
17:31:39.0556 0x0cec  speedfan - ok
17:31:39.0582 0x0cec  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
17:31:39.0594 0x0cec  spldr - ok
17:31:39.0658 0x0cec  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
17:31:39.0743 0x0cec  Spooler - ok
17:31:39.0891 0x0cec  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
17:31:40.0094 0x0cec  sppsvc - ok
17:31:40.0117 0x0cec  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
17:31:40.0178 0x0cec  sppuinotify - ok
17:31:40.0226 0x0cec  [ D8B882C520FC83547E22014FF5EC66D7, FC239052E74EEEC9B3CCE21B0D1D2127662ED68367D08C51F3D040AC368E1CAE ] Spyder3         C:\Windows\system32\DRIVERS\Spyder3.sys
17:31:40.0316 0x0cec  Spyder3 - ok
17:31:40.0369 0x0cec  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
17:31:40.0446 0x0cec  srv - ok
17:31:40.0478 0x0cec  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:31:40.0534 0x0cec  srv2 - ok
17:31:40.0560 0x0cec  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:31:40.0598 0x0cec  srvnet - ok
17:31:40.0644 0x0cec  [ 8F8324ED1DE63FFC7B1A02CD2D963C72, E58603F81DEAFF1D45CB83FB6E625E6A13868741B833B1C9E60D672179D18EE0 ] ssadbus         C:\Windows\system32\DRIVERS\ssadbus.sys
17:31:40.0693 0x0cec  ssadbus - ok
17:31:40.0754 0x0cec  [ 58221EFCB74167B73667F0024C661CE0, D9B67A8897B4DC3E4729187F17ABEB4710CF57440D718E17ED828439198D34DB ] ssadmdfl        C:\Windows\system32\DRIVERS\ssadmdfl.sys
17:31:40.0845 0x0cec  ssadmdfl - ok
17:31:40.0892 0x0cec  [ 4DA7C71BFAC5AD71255B7E4CAB980163, 4CC0F9C8E96ECEF36EEB021E448A9734B63512D030516DC38B1A2EEAA1043AEC ] ssadmdm         C:\Windows\system32\DRIVERS\ssadmdm.sys
17:31:40.0930 0x0cec  ssadmdm - ok
17:31:40.0982 0x0cec  [ D33D1BD3EC0E766211A234F56A12726D, 53EEAA94865554F8422D111D717B548DF553B5B8647D2A45F3718BF4AEEBEC27 ] ssadserd        C:\Windows\system32\DRIVERS\ssadserd.sys
17:31:41.0039 0x0cec  ssadserd - ok
17:31:41.0076 0x0cec  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
17:31:41.0142 0x0cec  SSDPSRV - ok
17:31:41.0164 0x0cec  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
17:31:41.0204 0x0cec  SstpSvc - ok
17:31:41.0220 0x0cec  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
17:31:41.0232 0x0cec  stexstor - ok
17:31:41.0267 0x0cec  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
17:31:41.0316 0x0cec  StillCam - ok
17:31:41.0371 0x0cec  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
17:31:41.0438 0x0cec  stisvc - ok
17:31:41.0486 0x0cec  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
17:31:41.0498 0x0cec  storflt - ok
17:31:41.0528 0x0cec  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
17:31:41.0576 0x0cec  StorSvc - ok
17:31:41.0589 0x0cec  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
17:31:41.0601 0x0cec  storvsc - ok
17:31:41.0623 0x0cec  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
17:31:41.0634 0x0cec  swenum - ok
17:31:41.0662 0x0cec  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
17:31:41.0758 0x0cec  swprv - ok
17:31:41.0806 0x0cec  [ 2F827BB08CC7F1A17DF2EAD7B424D731, A4F58318A3439A734425C95A2ABC6D7A8B816BD8563DF272EBB5B7420A7D99BE ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
17:31:41.0867 0x0cec  SynTP - ok
17:31:41.0960 0x0cec  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
17:31:42.0076 0x0cec  SysMain - ok
17:31:42.0102 0x0cec  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:31:42.0145 0x0cec  TabletInputService - ok
17:31:42.0175 0x0cec  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
17:31:42.0223 0x0cec  TapiSrv - ok
17:31:42.0250 0x0cec  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
17:31:42.0290 0x0cec  TBS - ok
17:31:42.0387 0x0cec  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
17:31:42.0475 0x0cec  Tcpip - ok
17:31:42.0564 0x0cec  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
17:31:42.0617 0x0cec  TCPIP6 - ok
17:31:42.0656 0x0cec  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:31:42.0691 0x0cec  tcpipreg - ok
17:31:42.0729 0x0cec  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
17:31:42.0750 0x0cec  TDPIPE - ok
17:31:42.0784 0x0cec  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
17:31:42.0810 0x0cec  TDTCP - ok
17:31:42.0858 0x0cec  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
17:31:42.0918 0x0cec  tdx - ok
17:31:42.0962 0x0cec  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
17:31:42.0974 0x0cec  TermDD - ok
17:31:43.0013 0x0cec  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
17:31:43.0104 0x0cec  TermService - ok
17:31:43.0206 0x0cec  [ 76468DF7A7A92413A57C998DE5C39290, E2F2F2803FBB94443B5F0E8845348CFC8ECAC92FD188D3038B78FAEC14D34BC8 ] TestHandler     C:\Program Files (x86)\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
17:31:43.0228 0x0cec  TestHandler - ok
17:31:43.0262 0x0cec  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
17:31:43.0283 0x0cec  Themes - ok
17:31:43.0304 0x0cec  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
17:31:43.0340 0x0cec  THREADORDER - ok
17:31:43.0373 0x0cec  [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM             C:\Windows\system32\drivers\tpm.sys
17:31:43.0406 0x0cec  TPM - ok
17:31:43.0436 0x0cec  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
17:31:43.0489 0x0cec  TrkWks - ok
17:31:43.0565 0x0cec  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:31:43.0621 0x0cec  TrustedInstaller - ok
17:31:43.0676 0x0cec  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
17:31:43.0715 0x0cec  tssecsrv - ok
17:31:43.0767 0x0cec  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
17:31:43.0789 0x0cec  TsUsbFlt - ok
17:31:43.0824 0x0cec  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:31:43.0877 0x0cec  tunnel - ok
17:31:43.0909 0x0cec  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
17:31:43.0921 0x0cec  uagp35 - ok
17:31:43.0972 0x0cec  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:31:44.0020 0x0cec  udfs - ok
17:31:44.0085 0x0cec  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
17:31:44.0102 0x0cec  UI0Detect - ok
17:31:44.0156 0x0cec  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
17:31:44.0169 0x0cec  uliagpkx - ok
17:31:44.0204 0x0cec  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
17:31:44.0219 0x0cec  umbus - ok
17:31:44.0259 0x0cec  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
17:31:44.0325 0x0cec  UmPass - ok
17:31:44.0368 0x0cec  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
17:31:44.0405 0x0cec  UmRdpService - ok
17:31:44.0565 0x0cec  [ 41118D920B2B268C0ADC36421248CDCF, 4F99C4913DCFE02B0783FD97F02558E4DD4D7C98553D95A8E26FAAA0C0D67616 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
17:31:44.0717 0x0cec  UNS - detected UnsignedFile.Multi.Generic ( 1 )
17:31:44.0717 0x0cec  UNS ( UnsignedFile.Multi.Generic ) - warning
17:31:47.0507 0x0cec  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
17:31:47.0567 0x0cec  upnphost - ok
17:31:47.0645 0x0cec  [ 9EAB5A83D17D47D6BBEC7C46D690D0F3, B02D27CA8E2FC3A4973D83F0354AFE093A882C6052D08F196AD0911463025FE2 ] USB28xxBGA      C:\Windows\system32\DRIVERS\emBDA64.sys
17:31:47.0692 0x0cec  USB28xxBGA - ok
17:31:47.0723 0x0cec  [ 6565BE5F2511426D4ABD32A97A1787CE, F01C6586371C651DE4E42DCAA67C97584155071C21C2AD26F63305746A86438C ] USB28xxOEM      C:\Windows\system32\DRIVERS\emOEM64.sys
17:31:47.0762 0x0cec  USB28xxOEM - ok
17:31:47.0818 0x0cec  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
17:31:47.0845 0x0cec  USBAAPL64 - ok
17:31:47.0887 0x0cec  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
17:31:47.0941 0x0cec  usbaudio - ok
17:31:47.0975 0x0cec  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
17:31:48.0021 0x0cec  usbccgp - ok
17:31:48.0039 0x0cec  USBCCID - ok
17:31:48.0078 0x0cec  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
17:31:48.0129 0x0cec  usbcir - ok
17:31:48.0170 0x0cec  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
17:31:48.0267 0x0cec  usbehci - ok
17:31:48.0296 0x0cec  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
17:31:48.0337 0x0cec  usbhub - ok
17:31:48.0373 0x0cec  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
17:31:48.0397 0x0cec  usbohci - ok
17:31:48.0439 0x0cec  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
17:31:48.0472 0x0cec  usbprint - ok
17:31:48.0504 0x0cec  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
17:31:48.0536 0x0cec  usbscan - ok
17:31:48.0556 0x0cec  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:31:48.0694 0x0cec  USBSTOR - ok
17:31:48.0728 0x0cec  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
17:31:48.0754 0x0cec  usbuhci - ok
17:31:48.0805 0x0cec  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
17:31:48.0824 0x0cec  usbvideo - ok
17:31:48.0851 0x0cec  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
17:31:48.0912 0x0cec  UxSms - ok
17:31:48.0943 0x0cec  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe
17:31:48.0955 0x0cec  VaultSvc - ok
17:31:48.0998 0x0cec  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
17:31:49.0010 0x0cec  vdrvroot - ok
17:31:49.0056 0x0cec  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
17:31:49.0129 0x0cec  vds - ok
17:31:49.0177 0x0cec  [ D9656445499625B0ED88C0B203F3C16F, D8F9BD924A7200A09C2866C9FB39FE000CCC9F96DA4336903A5EDFF1D33E6627 ] VFPRadioSupportService C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe
17:31:49.0198 0x0cec  VFPRadioSupportService - ok
17:31:49.0238 0x0cec  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
17:31:49.0254 0x0cec  vga - ok
17:31:49.0269 0x0cec  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
17:31:49.0306 0x0cec  VgaSave - ok
17:31:49.0385 0x0cec  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
17:31:49.0446 0x0cec  vhdmp - ok
17:31:49.0479 0x0cec  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
17:31:49.0490 0x0cec  viaide - ok
17:31:49.0515 0x0cec  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
17:31:49.0532 0x0cec  vmbus - ok
17:31:49.0544 0x0cec  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
17:31:49.0677 0x0cec  VMBusHID - ok
17:31:49.0752 0x0cec  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
17:31:49.0766 0x0cec  volmgr - ok
17:31:49.0811 0x0cec  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
17:31:49.0833 0x0cec  volmgrx - ok
17:31:49.0877 0x0cec  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
17:31:49.0897 0x0cec  volsnap - ok
17:31:49.0932 0x0cec  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
17:31:49.0948 0x0cec  vsmraid - ok
17:31:50.0024 0x0cec  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
17:31:50.0161 0x0cec  VSS - ok
17:31:50.0188 0x0cec  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
17:31:50.0204 0x0cec  vwifibus - ok
17:31:50.0222 0x0cec  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
17:31:50.0270 0x0cec  vwififlt - ok
17:31:50.0320 0x0cec  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
17:31:50.0338 0x0cec  vwifimp - ok
17:31:50.0371 0x0cec  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
17:31:50.0420 0x0cec  W32Time - ok
17:31:50.0454 0x0cec  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
17:31:50.0516 0x0cec  WacomPen - ok
17:31:50.0565 0x0cec  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
17:31:50.0604 0x0cec  WANARP - ok
17:31:50.0609 0x0cec  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
17:31:50.0645 0x0cec  Wanarpv6 - ok
17:31:50.0743 0x0cec  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
17:31:50.0837 0x0cec  WatAdminSvc - ok
17:31:50.0918 0x0cec  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
17:31:51.0022 0x0cec  wbengine - ok
17:31:51.0061 0x0cec  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
17:31:51.0103 0x0cec  WbioSrvc - ok
17:31:51.0178 0x0cec  [ 8BDA6DB43AA54E8BB5E0794541DDC209, 8753C507BE77B019A3403AF5252434A01DB9F9332E58AC3783ABCE3D21AD9DD4 ] WcesComm        C:\Windows\WindowsMobile\wcescomm.dll
17:31:51.0211 0x0cec  WcesComm - ok
17:31:51.0248 0x0cec  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
17:31:51.0296 0x0cec  wcncsvc - ok
17:31:51.0327 0x0cec  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:31:51.0357 0x0cec  WcsPlugInService - ok
17:31:51.0370 0x0cec  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
17:31:51.0381 0x0cec  Wd - ok
17:31:51.0443 0x0cec  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:31:51.0492 0x0cec  Wdf01000 - ok
17:31:51.0505 0x0cec  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:31:51.0632 0x0cec  WdiServiceHost - ok
17:31:51.0636 0x0cec  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
17:31:51.0658 0x0cec  WdiSystemHost - ok
17:31:51.0703 0x0cec  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
17:31:51.0740 0x0cec  WebClient - ok
17:31:51.0773 0x0cec  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:31:51.0837 0x0cec  Wecsvc - ok
17:31:51.0855 0x0cec  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
17:31:51.0917 0x0cec  wercplsupport - ok
17:31:51.0953 0x0cec  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
17:31:51.0994 0x0cec  WerSvc - ok
17:31:52.0019 0x0cec  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
17:31:52.0138 0x0cec  WfpLwf - ok
17:31:52.0166 0x0cec  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
17:31:52.0178 0x0cec  WIMMount - ok
17:31:52.0207 0x0cec  WinDefend - ok
17:31:52.0211 0x0cec  WinHttpAutoProxySvc - ok
17:31:52.0268 0x0cec  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
17:31:52.0313 0x0cec  Winmgmt - ok
17:31:52.0407 0x0cec  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
17:31:52.0550 0x0cec  WinRM - ok
17:31:52.0604 0x0cec  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
17:31:52.0632 0x0cec  WinUsb - ok
17:31:52.0677 0x0cec  [ C2208229A0761B05E874E10FFB341A64, 0AF349594A2E47A6DED00E062043EE5F3E413A4DFBDBDDDE6F40C3D35B40BAE6 ] WirelessSelectorService C:\Program Files\Fujitsu\WirelessSelector\WSUService.exe
17:31:52.0727 0x0cec  WirelessSelectorService - ok
17:31:52.0803 0x0cec  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
17:31:52.0883 0x0cec  Wlansvc - ok
17:31:53.0018 0x0cec  [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:31:53.0147 0x0cec  wlidsvc - ok
17:31:53.0174 0x0cec  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
17:31:53.0204 0x0cec  WmiAcpi - ok
17:31:53.0246 0x0cec  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:31:53.0282 0x0cec  wmiApSrv - ok
17:31:53.0327 0x0cec  WMPNetworkSvc - ok
17:31:53.0351 0x0cec  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:31:53.0377 0x0cec  WPCSvc - ok
17:31:53.0416 0x0cec  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:31:53.0452 0x0cec  WPDBusEnum - ok
17:31:53.0479 0x0cec  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
17:31:53.0554 0x0cec  ws2ifsl - ok
17:31:53.0598 0x0cec  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
17:31:53.0643 0x0cec  wscsvc - ok
17:31:53.0646 0x0cec  WSearch - ok
17:31:53.0759 0x0cec  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
17:31:53.0886 0x0cec  wuauserv - ok
17:31:53.0923 0x0cec  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
17:31:53.0947 0x0cec  WudfPf - ok
17:31:53.0978 0x0cec  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
17:31:53.0998 0x0cec  WUDFRd - ok
17:31:54.0023 0x0cec  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
17:31:54.0054 0x0cec  wudfsvc - ok
17:31:54.0084 0x0cec  [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc         C:\Windows\System32\wwansvc.dll
17:31:54.0117 0x0cec  WwanSvc - ok
17:31:54.0145 0x0cec  ================ Scan global ===============================
17:31:54.0172 0x0cec  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
17:31:54.0202 0x0cec  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
17:31:54.0219 0x0cec  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
17:31:54.0254 0x0cec  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
17:31:54.0294 0x0cec  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
17:31:54.0305 0x0cec  [ Global ] - ok
17:31:54.0305 0x0cec  ================ Scan MBR ==================================
17:31:54.0320 0x0cec  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:31:55.0090 0x0cec  \Device\Harddisk0\DR0 - ok
17:31:55.0091 0x0cec  ================ Scan VBR ==================================
17:31:55.0125 0x0cec  [ 0071FA840A4ECBD48CCF90736CEF6FD6 ] \Device\Harddisk0\DR0\Partition1
17:31:55.0129 0x0cec  \Device\Harddisk0\DR0\Partition1 - ok
17:31:55.0154 0x0cec  [ 5DCCD8F148ACCD1E03680568C7F34D94 ] \Device\Harddisk0\DR0\Partition2
17:31:55.0157 0x0cec  \Device\Harddisk0\DR0\Partition2 - ok
17:31:55.0204 0x0cec  AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\wmiav.exe ( 13.0.1.4190 ), 0x41000 ( enabled : updated )
17:31:55.0254 0x0cec  FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\wmifw.exe ( 13.0.1.4190 ), 0x41010 ( enabled )
17:31:57.0963 0x0cec  ============================================================
17:31:57.0963 0x0cec  Scan finished
17:31:57.0963 0x0cec  ============================================================
17:31:57.0972 0x0938  Detected object count: 5
17:31:57.0972 0x0938  Actual detected object count: 5
17:32:15.0291 0x0938  LMS ( UnsignedFile.Multi.Generic ) - skipped by user
17:32:15.0291 0x0938  LMS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:32:15.0291 0x0938  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
17:32:15.0291 0x0938  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:32:15.0291 0x0938  OMSI download service ( UnsignedFile.Multi.Generic ) - skipped by user
17:32:15.0291 0x0938  OMSI download service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:32:15.0301 0x0938  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
17:32:15.0301 0x0938  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:32:15.0301 0x0938  UNS ( UnsignedFile.Multi.Generic ) - skipped by user
17:32:15.0301 0x0938  UNS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:32:21.0512 0x0f04  Deinitialize success
         
Danke!


Alt 26.01.2014, 17:52   #6
Larusso
/// Selecta Jahrusso
 
Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject - Standard

Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject



Sieht auch ganz gut aus. Nichts was mich jetzt wirklich beunruhigen würde

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
--> Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject

Alt 26.01.2014, 18:37   #7
eiskorn
 
Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject - Standard

Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject



Hi, log im Anhang. Wären sonst 11 Posts geworden. Ich denke so ist es einfacher.
Danke!!
eiskorn.

Alt 26.01.2014, 18:46   #8
Larusso
/// Selecta Jahrusso
 
Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject - Standard

Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject



Sieht alles okay aus.
Du hast erwähnt, er lahmt ein bisschen. Geht das etwas detailierter ?
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Alt 26.01.2014, 20:40   #9
eiskorn
 
Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject - Standard

Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject



Vor allem beim Starten von Programmen. Firefox teilweise auch etwas lahm.
Danke!!!

Alt 27.01.2014, 07:04   #10
Larusso
/// Selecta Jahrusso
 
Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject - Standard

Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject



Morgen. Ich hab heute den ganzen Tag was zum erledigen ( Umzug )
Sehe mir das dann am Abend nochmal genauer an. Danke für deine Geduld
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Alt 27.01.2014, 08:44   #11
eiskorn
 
Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject - Standard

Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject



Guten Wirkungsgrad wünsche ich!

Alt 27.01.2014, 18:17   #12
Larusso
/// Selecta Jahrusso
 
Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject - Standard

Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject



Danke. Leider nicht alles wie geplant geschaft. Naja morgen ist auch noch ein Tag

Ist diese Startseite im Internet Explorer gewollt ? fi.search.yahoo.com
Ne Sprache die ich nicht verstehe

Prüfen wir einmal die Festplatte auf Fehler.
Computer --> Rechtsklick auf C: --> Eigenschaften --> Reiter Tools --> Jetzt Prüfen -> Haken bei "automatisch Dateisystemfehler beheben" setzen --> Starten.

Das ganze kann schon mal 2 Stunden dauern
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Alt 28.01.2014, 19:30   #13
eiskorn
 
Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject - Standard

Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject



Das hier wäre dann /c. War während des scans nicht da, hab den rechner nur am ende hochgefahren vorgefunden. /d mach ich noch hinterher.

Code:
ATTFilter
Protokollname: Application
Quelle:        Microsoft-Windows-Wininit
Datum:         28.01.2014 12:14:20
Ereignis-ID:   1001
Aufgabenkategorie:Keine
Ebene:         Informationen
Schlüsselwörter:Klassisch
Benutzer:      Nicht zutreffend
Computer:      Sandwich
Beschreibung:


Dateisystem auf C: wird überprüft.
Der Typ des Dateisystems ist NTFS.
Die Volumebezeichnung lautet System.


Eine Datenträgerüberprüfung ist geplant.
Die Datenträgerüberprüfung wird jetzt ausgeführt.        

CHKDSK überprüft Dateien (Phase 1 von 3)...
  267776 Datensätze verarbeitet.                                         

Dateiüberprüfung beendet.
  894 große Datensätze verarbeitet.                                   

  0 ungültige Datensätze verarbeitet.                               

  2 E/A-Datensätze verarbeitet.                                     

  77 Analysedatensätze verarbeitet.                                  

CHKDSK überprüft Indizes (Phase 2 von 3)...
  333956 Indexeinträge verarbeitet.                                      

Indexüberprüfung beendet.
  0 nicht indizierte Dateien überprüft.                             

  0 nicht indizierte Dateien wiederhergestellt.                     

CHKDSK überprüft Sicherheitsbeschreibungen (Phase 3 von 3)...
  267776 SDs/SIDs verarbeitet.                                           

6 nicht verwendete Indexeinträge aus Index $SII der Datei 0x9 werden aufgeräumt.
6 nicht verwendete Indexeinträge aus Index $SDH der Datei 0x9 werden aufgeräumt.
6 nicht verwendete Sicherheitsbeschreibungen werden aufgeräumt.
Überprüfung der Sicherheitsbeschreibungen beendet.
  33091 Datendateien verarbeitet.                                       

CHKDSK überprüft USN-Journal...
  35375240 USN-Bytes verarbeitet.                                          

Die Überprüfung von USN-Journal ist abgeschlossen.
Das Dateisystem wurde überprüft. Es wurden keine Probleme festgestellt.

  52429823 KB Speicherplatz auf dem Datenträger insgesamt
  48961496 KB in 191096 Dateien
    121796 KB in 33092 Indizes
         0 KB in fehlerhaften Sektoren
    372159 KB vom System benutzt
     65536 KB von der Protokolldatei belegt
   2974372 KB auf dem Datenträger verfügbar

      4096 Bytes in jeder Zuordnungseinheit
  13107455 Zuordnungseinheiten auf dem Datenträger insgesamt
    743593 Zuordnungseinheiten auf dem Datenträger verfügbar

Interne Informationen:
00 16 04 00 c6 6b 03 00 3c c8 05 00 00 00 00 00  .....k..<.......
e3 03 00 00 4d 00 00 00 00 00 00 00 00 00 00 00  ....M...........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

Die Überprüfung des Datenträgers wurde abgeschlossen.
Bitte warten Sie bis der Computer neu gestartet wurde.

Ereignis-XML:
<Event xmlns="hxxp://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Microsoft-Windows-Wininit" Guid="{206f6dea-d3c5-4d10-bc72-989f03c8b84b}" EventSourceName="Wininit" />
    <EventID Qualifiers="16384">1001</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2014-01-28T11:14:20.000000000Z" />
    <EventRecordID>28983089</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>Application</Channel>
    <Computer>Sandwich</Computer>
    <Security />
  </System>
  <EventData>
    <Data>

Dateisystem auf C: wird überprüft.
Der Typ des Dateisystems ist NTFS.
Die Volumebezeichnung lautet System.


Eine Datenträgerüberprüfung ist geplant.
Die Datenträgerüberprüfung wird jetzt ausgeführt.        

CHKDSK überprüft Dateien (Phase 1 von 3)...
  267776 Datensätze verarbeitet.                                         

Dateiüberprüfung beendet.
  894 große Datensätze verarbeitet.                                   

  0 ungültige Datensätze verarbeitet.                               

  2 E/A-Datensätze verarbeitet.                                     

  77 Analysedatensätze verarbeitet.                                  

CHKDSK überprüft Indizes (Phase 2 von 3)...
  333956 Indexeinträge verarbeitet.                                      

Indexüberprüfung beendet.
  0 nicht indizierte Dateien überprüft.                             

  0 nicht indizierte Dateien wiederhergestellt.                     

CHKDSK überprüft Sicherheitsbeschreibungen (Phase 3 von 3)...
  267776 SDs/SIDs verarbeitet.                                           

6 nicht verwendete Indexeinträge aus Index $SII der Datei 0x9 werden aufgeräumt.
6 nicht verwendete Indexeinträge aus Index $SDH der Datei 0x9 werden aufgeräumt.
6 nicht verwendete Sicherheitsbeschreibungen werden aufgeräumt.
Überprüfung der Sicherheitsbeschreibungen beendet.
  33091 Datendateien verarbeitet.                                       

CHKDSK überprüft USN-Journal...
  35375240 USN-Bytes verarbeitet.                                          

Die Überprüfung von USN-Journal ist abgeschlossen.
Das Dateisystem wurde überprüft. Es wurden keine Probleme festgestellt.

  52429823 KB Speicherplatz auf dem Datenträger insgesamt
  48961496 KB in 191096 Dateien
    121796 KB in 33092 Indizes
         0 KB in fehlerhaften Sektoren
    372159 KB vom System benutzt
     65536 KB von der Protokolldatei belegt
   2974372 KB auf dem Datenträger verfügbar

      4096 Bytes in jeder Zuordnungseinheit
  13107455 Zuordnungseinheiten auf dem Datenträger insgesamt
    743593 Zuordnungseinheiten auf dem Datenträger verfügbar

Interne Informationen:
00 16 04 00 c6 6b 03 00 3c c8 05 00 00 00 00 00  .....k..&lt;.......
e3 03 00 00 4d 00 00 00 00 00 00 00 00 00 00 00  ....M...........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

Die Überprüfung des Datenträgers wurde abgeschlossen.
Bitte warten Sie bis der Computer neu gestartet wurde.
</Data>
  </EventData>
</Event>
         

Alt 29.01.2014, 19:04   #14
Larusso
/// Selecta Jahrusso
 
Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject - Standard

Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject



Any Updates ?
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Alt 30.01.2014, 10:21   #15
eiskorn
 
Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject - Standard

Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject



Das hier wäre dann /D

Code:
ATTFilter
Protokollname: Application
Quelle:        Microsoft-Windows-Wininit
Datum:         28.01.2014 22:56:52
Ereignis-ID:   1001
Aufgabenkategorie:Keine
Ebene:         Informationen
Schlüsselwörter:Klassisch
Benutzer:      Nicht zutreffend
Computer:      Sandwich
Beschreibung:


Dateisystem auf D: wird überprüft.
Der Typ des Dateisystems ist NTFS.
Die Volumebezeichnung lautet Data.


Eine Datenträgerüberprüfung ist geplant.
Die Datenträgerüberprüfung wird jetzt ausgeführt.        

CHKDSK überprüft Dateien (Phase 1 von 3)...
  73216 Datensätze verarbeitet.                                         

Dateiüberprüfung beendet.
  364 große Datensätze verarbeitet.                                   

  0 ungültige Datensätze verarbeitet.                               

  0 E/A-Datensätze verarbeitet.                                     

  0 Analysedatensätze verarbeitet.                                  

CHKDSK überprüft Indizes (Phase 2 von 3)...
  86028 Indexeinträge verarbeitet.                                      

Indexüberprüfung beendet.
  0 nicht indizierte Dateien überprüft.                             

  0 nicht indizierte Dateien wiederhergestellt.                     

CHKDSK überprüft Sicherheitsbeschreibungen (Phase 3 von 3)...
  73216 SDs/SIDs verarbeitet.                                           

618 nicht verwendete Indexeinträge aus Index $SII der Datei 0x9 werden aufgeräumt.
618 nicht verwendete Indexeinträge aus Index $SDH der Datei 0x9 werden aufgeräumt.
618 nicht verwendete Sicherheitsbeschreibungen werden aufgeräumt.
Überprüfung der Sicherheitsbeschreibungen beendet.
  6407 Datendateien verarbeitet.                                       

CHKDSK überprüft USN-Journal...
  275697352 USN-Bytes verarbeitet.                                          

Die Überprüfung von USN-Journal ist abgeschlossen.
Das Dateisystem wurde überprüft. Es wurden keine Probleme festgestellt.

 258033663 KB Speicherplatz auf dem Datenträger insgesamt
 152283656 KB in 46501 Dateien
     22044 KB in 6408 Indizes
         0 KB in fehlerhaften Sektoren
    416847 KB vom System benutzt
     65536 KB von der Protokolldatei belegt
 105311116 KB auf dem Datenträger verfügbar

      4096 Bytes in jeder Zuordnungseinheit
  64508415 Zuordnungseinheiten auf dem Datenträger insgesamt
  26327779 Zuordnungseinheiten auf dem Datenträger verfügbar

Interne Informationen:
00 1e 01 00 b9 ce 00 00 7d 41 01 00 00 00 00 00  ........}A......
b6 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

Ereignis-XML:
<Event xmlns="hxxp://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Microsoft-Windows-Wininit" Guid="{206f6dea-d3c5-4d10-bc72-989f03c8b84b}" EventSourceName="Wininit" />
    <EventID Qualifiers="16384">1001</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2014-01-28T21:56:52.000000000Z" />
    <EventRecordID>28983132</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>Application</Channel>
    <Computer>Sandwich</Computer>
    <Security />
  </System>
  <EventData>
    <Data>

Dateisystem auf D: wird überprüft.
Der Typ des Dateisystems ist NTFS.
Die Volumebezeichnung lautet Data.


Eine Datenträgerüberprüfung ist geplant.
Die Datenträgerüberprüfung wird jetzt ausgeführt.        

CHKDSK überprüft Dateien (Phase 1 von 3)...
  73216 Datensätze verarbeitet.                                         

Dateiüberprüfung beendet.
  364 große Datensätze verarbeitet.                                   

  0 ungültige Datensätze verarbeitet.                               

  0 E/A-Datensätze verarbeitet.                                     

  0 Analysedatensätze verarbeitet.                                  

CHKDSK überprüft Indizes (Phase 2 von 3)...
  86028 Indexeinträge verarbeitet.                                      

Indexüberprüfung beendet.
  0 nicht indizierte Dateien überprüft.                             

  0 nicht indizierte Dateien wiederhergestellt.                     

CHKDSK überprüft Sicherheitsbeschreibungen (Phase 3 von 3)...
  73216 SDs/SIDs verarbeitet.                                           

618 nicht verwendete Indexeinträge aus Index $SII der Datei 0x9 werden aufgeräumt.
618 nicht verwendete Indexeinträge aus Index $SDH der Datei 0x9 werden aufgeräumt.
618 nicht verwendete Sicherheitsbeschreibungen werden aufgeräumt.
Überprüfung der Sicherheitsbeschreibungen beendet.
  6407 Datendateien verarbeitet.                                       

CHKDSK überprüft USN-Journal...
  275697352 USN-Bytes verarbeitet.                                          

Die Überprüfung von USN-Journal ist abgeschlossen.
Das Dateisystem wurde überprüft. Es wurden keine Probleme festgestellt.

 258033663 KB Speicherplatz auf dem Datenträger insgesamt
 152283656 KB in 46501 Dateien
     22044 KB in 6408 Indizes
         0 KB in fehlerhaften Sektoren
    416847 KB vom System benutzt
     65536 KB von der Protokolldatei belegt
 105311116 KB auf dem Datenträger verfügbar

      4096 Bytes in jeder Zuordnungseinheit
  64508415 Zuordnungseinheiten auf dem Datenträger insgesamt
  26327779 Zuordnungseinheiten auf dem Datenträger verfügbar

Interne Informationen:
00 1e 01 00 b9 ce 00 00 7d 41 01 00 00 00 00 00  ........}A......
b6 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
</Data>
  </EventData>
</Event>
         

Antwort

Themen zu Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject
ad-aware, association, bonjour, browser, combofix, converter, device driver, ebanking, email, excel, fehler, firefox, flash player, free download, ftp, homepage, iexplore.exe, kaspersky, klelam.sys, mozilla, netzwerk, programm, realtek, registry, rundll, scan, security, sehr geholfen, services.exe, software, svchost.exe



Ähnliche Themen: Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject


  1. Microsoft Security Essentials findet wiederholt Trojan:Win32 und BrowserModifier:Win32
    Plagegeister aller Art und deren Bekämpfung - 15.08.2015 (13)
  2. Win 7, Zonealarm findet Trojan-Spy.Win32.VB.qu und Worm.Win32.VB.fp auf externer Festplatte
    Plagegeister aller Art und deren Bekämpfung - 02.03.2014 (9)
  3. Windows 8.1: Trojan:Win32/Meredrop, Trojan:Win32/Malagent, Trojan:Win32/Matsnu.L und Worm:Win32/Ainslot.A
    Log-Analyse und Auswertung - 19.01.2014 (5)
  4. Desinfizierung durch Kaspersky nicht möglich: Trojan.Win32.Bromngr.k, HEUR:Trojan.Win32.Generic, Trojan-Downloader.Win32.MultiDL.I
    Plagegeister aller Art und deren Bekämpfung - 28.11.2013 (1)
  5. Win7 ransomware wgsdgsdgdsgsd.dll, Win32/Reveton!lnk (runctf.lnk), Trojan.Ransom.Win32.Foreign.AMN (A)
    Plagegeister aller Art und deren Bekämpfung - 30.12.2012 (9)
  6. Exploit.Script.Generic, Exploit.JS.Pdfka.gfa, Backdoor.Win32.ZAccess.ypw, Backdoor.Win32.ZAccess.yqi, Trojan.Win32.Miner.dw und weitere
    Log-Analyse und Auswertung - 02.10.2012 (7)
  7. TR/Ransom.294912 (Antivir) / Trojan-Ransom.Win32.Gimemo.vyp (Kaspersky)
    Log-Analyse und Auswertung - 20.07.2012 (18)
  8. Backdoor.Win32.ZAccess.mbg und Trojan.Win32.Small.bmph
    Log-Analyse und Auswertung - 10.07.2012 (28)
  9. Trojan:Win32/Alureon.FL | PWS:Win32/Fareit.A | Trojan:Win32/Sirefef.P....Auch MBR infiziert?
    Plagegeister aller Art und deren Bekämpfung - 06.01.2012 (7)
  10. Backdoor:Win32/Cbot.B - Trojan:Win32/FakeSysdef
    Log-Analyse und Auswertung - 04.05.2011 (32)
  11. Kaspersky findet trojanisches Programm Trojan.Win32.FakeAV.tcu
    Plagegeister aller Art und deren Bekämpfung - 09.01.2011 (21)
  12. Probleme beim Online-Banking: Trojan.Win32.Generic!BT, Win32.Backdoor.Papras/A und andere...
    Log-Analyse und Auswertung - 06.11.2010 (19)
  13. Trojan-Spy.Win32.Pophot.gzv / Trojan.Win32.Buzus.alwl / Virus.Win32.Virut.ce
    Plagegeister aller Art und deren Bekämpfung - 19.02.2009 (1)
  14. eventuell noch trojaner? Trojan-PSW.Win32.Delf.cqp, Backdoor.Win32.Poison.jmo
    Log-Analyse und Auswertung - 21.11.2008 (0)
  15. Kaspersky findet Trojaner Trojan-Downloader.Win32-Zlob.xjd
    Plagegeister aller Art und deren Bekämpfung - 02.09.2008 (7)
  16. Trojan.Win32.Sphinx.a+Backdoor.Win32.agent.zq+HJT-log
    Plagegeister aller Art und deren Bekämpfung - 01.12.2006 (1)
  17. brauch hilfe bei: Win32/Oleloa.gen!, Trojan.Win32.Golid.g, Trojan.Win32.Small.ev
    Plagegeister aller Art und deren Bekämpfung - 28.11.2005 (1)

Zum Thema Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject - Hallo liebe Trojanerboard-Gemeinde, ihr habt mir schonmal sehr geholfen und nun brauche ich wieder eure Hilfe. FRST Logfile: Code: Alles auswählen Aufklappen ATTFilter Scan result of Farbar Recovery Scan Tool - Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject...
Archiv
Du betrachtest: Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.