Trojaner-Board - Microsoft Security Essentials bringt jeden Tag Backdoor:PHP/ Meldungen

In der alten Firma kenn ich das auch so das man das meist auf einem Linux System aufsetzt, na gut nicht desto trotz hier die Ergebnisse:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:26-07-2015

Ran by Administrator (administrator) on ROOT212250 (28-07-2015 11:36:28)

Running from C:\Users\Administrator\Desktop

Loaded Profiles: Plesk Administrator & Administrator & MSSQLFDLauncher & MSSQLSERVER & Classic .NET AppPool (Available Profiles: Plesk Administrator & Administrator & ReportServer & MSSQLFDLauncher & MSSQLSERVER & Classic .NET AppPool)

Platform: Windows Server 2008 R2 Datacenter Service Pack 1 (X64) Language: Englisch (USA)

Internet Explorer Version 11 (Default browser: FF)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Processes (Whitelisted) =================
 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 

(Microsoft Corporation) C:\Windows\System32\LogonUI.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe

(Microsoft Corporation) C:\Windows\System32\cmd.exe

(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe

(MailEnable Pty Ltd) C:\Program Files (x86)\Parallels\Plesk\Mail Servers\Mail Enable\Bin\MEIMAPS.EXE

(MailEnable Pty Ltd) C:\Program Files (x86)\Parallels\Plesk\Mail Servers\Mail Enable\Bin64\MELSC.exe

(MailEnable Pty Ltd) C:\Program Files (x86)\Parallels\Plesk\Mail Servers\Mail Enable\Bin64\MEMTA.exe

(MailEnable Pty Ltd) C:\Program Files (x86)\Parallels\Plesk\Mail Servers\Mail Enable\Bin64\MEPOC.exe

(MailEnable Pty Ltd) C:\Program Files (x86)\Parallels\Plesk\Mail Servers\Mail Enable\Bin64\MEPOPS.exe

(MailEnable Pty Ltd) C:\Program Files (x86)\Parallels\Plesk\Mail Servers\Mail Enable\Bin64\MESMTPC.exe

(Microsoft Corporation) C:\Windows\System32\mqsvc.exe

(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\sqlservr.exe

() C:\Program Files (x86)\Parallels\Plesk\Databases\MySQL51\bin\mysqld.exe

() C:\Program Files (x86)\Parallels\Plesk\dns\bin\named.exe

(Microsoft Corporation) C:\Windows\System32\PING.EXE

(NCP engineering GmbH) C:\Program Files (x86)\NCP\SecureClient\ncpclcfg.exe

(NCP Engineering GmbH) C:\Program Files (x86)\NCP\SecureClient\ncprwsnt.exe

() C:\Program Files (x86)\NCP\SecureClient\NCPSEC.EXE

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

(Parallels Holdings, Ltd. and its affiliates.) C:\Program Files (x86)\Parallels\Parallels Tools\Services\prl_tools_service.exe

(Parallels Holdings, Ltd. and its affiliates.) C:\Program Files (x86)\Parallels\Parallels Tools\Services\prl_tools.exe

() C:\Program Files (x86)\Parallels\Plesk\MySQL\bin\mysqld.exe

(Parallels, Inc.) C:\Program Files (x86)\Parallels\Plesk\admin\bin\plesksrv.exe

(NCP engineering GmbH) C:\Program Files (x86)\NCP\SecureClient\rwsrsu.exe

(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

(Parallels, Inc.) C:\Program Files (x86)\Parallels\Plesk\admin\bin\PopPassD.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe

(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\fdhost.exe

(Parallels Holdings, Ltd. and its affiliates.) C:\Program Files (x86)\Parallels\Parallels Tools\Services\prl_tools.exe

(Microsoft Corporation) C:\Windows\System32\rdpclip.exe

(Parallels, Inc.) C:\Program Files (x86)\Parallels\Plesk\admin\bin\traymonitor.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe

(Sysinternals - www.sysinternals.com) C:\Users\Administrator\Downloads\ProcessExplorer\procexp.exe

(Sysinternals - www.sysinternals.com) C:\Users\Administrator\AppData\Local\Temp\2\procexp64.exe

(Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(The PHP Group) C:\Program Files (x86)\Parallels\Plesk\Additional\PleskPHP54\php-cgi.exe

(The PHP Group) C:\Program Files (x86)\Parallels\Plesk\Additional\PleskPHP54\php-cgi.exe

(The PHP Group) C:\Program Files (x86)\Parallels\Plesk\Additional\PleskPHP54\php-cgi.exe

(The PHP Group) C:\Program Files (x86)\Parallels\Plesk\Additional\PleskPHP54\php-cgi.exe

(Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe

(The PHP Group) C:\Program Files (x86)\Parallels\Plesk\Additional\PleskPHP54\php-cgi.exe

(The PHP Group) C:\Program Files (x86)\Parallels\Plesk\Additional\PleskPHP54\php-cgi.exe

(Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe

(Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe

(The PHP Group) C:\Program Files (x86)\Parallels\Plesk\Additional\PleskPHP54\php-cgi.exe

(Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe

(The PHP Group) C:\Program Files (x86)\Parallels\Plesk\Additional\PleskPHP54\php-cgi.exe

(Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe

(Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe

(Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe

(The PHP Group) C:\Program Files (x86)\Parallels\Plesk\Additional\PleskPHP54\php-cgi.exe

(Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe

(The PHP Group) C:\Program Files (x86)\Parallels\Plesk\Additional\PleskPHP54\php-cgi.exe

(The PHP Group) C:\Program Files (x86)\Parallels\Plesk\Additional\PleskPHP54\php-cgi.exe

(Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe

(Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe

(The PHP Group) C:\Program Files (x86)\Parallels\Plesk\Additional\PleskPHP54\php-cgi.exe

(Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe

(The PHP Group) C:\Program Files (x86)\Parallels\Plesk\Additional\PleskPHP54\php-cgi.exe

(Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe

(The PHP Group) C:\Program Files (x86)\Parallels\Plesk\Additional\PleskPHP54\php-cgi.exe

(Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe

(Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe

(The PHP Group) C:\Program Files (x86)\Parallels\Plesk\Additional\PleskPHP54\php-cgi.exe

(Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe

(The PHP Group) C:\Program Files (x86)\Parallels\Plesk\Additional\PleskPHP54\php-cgi.exe

(Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe

(The PHP Group) C:\Program Files (x86)\Parallels\Plesk\Additional\PleskPHP54\php-cgi.exe

(Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe

(The PHP Group) C:\Program Files (x86)\Parallels\Plesk\Additional\PleskPHP54\php-cgi.exe

(The PHP Group) C:\Program Files (x86)\Parallels\Plesk\Additional\PleskPHP54\php-cgi.exe

(The PHP Group) C:\Program Files (x86)\Parallels\Plesk\Additional\PleskPHP54\php-cgi.exe

(The PHP Group) C:\Program Files (x86)\Parallels\Plesk\Additional\PleskPHP54\php-cgi.exe

(Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe

(The PHP Group) C:\Program Files (x86)\Parallels\Plesk\Additional\PleskPHP54\php-cgi.exe

(Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe

(The PHP Group) C:\Program Files (x86)\Parallels\Plesk\Additional\PleskPHP54\php-cgi.exe

(The PHP Group) C:\Program Files (x86)\Parallels\Plesk\Additional\PleskPHP54\php-cgi.exe

(Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe

(The PHP Group) C:\Program Files (x86)\Parallels\Plesk\Additional\PleskPHP54\php-cgi.exe
 
 

==================== Registry (Whitelisted) ==================
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 

HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)

HKLM-x32\...\Run: [Parallels Shared Internet Applications] => C:\Program Files (x86)\Parallels\Parallels Tools\SIA\SharedIntApp.exe [131816 2013-09-18] (Parallels Holdings, Ltd. and its affiliates.)

HKLM-x32\...\Run: [Parallels Tools Center] => C:\Program Files (x86)\Parallels\Parallels Tools\prl_cc.exe [266472 2013-09-18] (Parallels Holdings, Ltd. and its affiliates.)

HKLM\...\Policies\Explorer: [ShowSuperHidden] 1

Lsa: [Notification Packages] scecli rassfm

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Plesk Services Monitor.lnk [2014-04-30]

ShortcutTarget: Plesk Services Monitor.lnk -> C:\Program Files (x86)\Parallels\Plesk\admin\bin\traymonitor.exe (Parallels, Inc.)

ShellIconOverlayIdentifiers: [PrlToolsShellExt] -> {456C7CE2-DAAA-4333-A715-898D4671BBD4} => C:\Program Files (x86)\Parallels\Parallels Tools\ShellExtentions\PrlToolsShellExt.dll [2013-09-18] (Parallels Holdings, Ltd. and its affiliates.)

GroupPolicyScripts: Group Policy detected <======= ATTENTION

GroupPolicyScripts\User: Group Policy detected <======= ATTENTION
 

==================== Internet (Whitelisted) ====================
 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 

HKU\S-1-5-21-1879197662-1193557218-2322404272-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/

SearchScopes: HKU\S-1-5-21-1879197662-1193557218-2322404272-500 -> DefaultScope {EE8C233B-466E-4274-ADFD-15F64A0776D2} URL = https://www.google.com/search?q={searchTerms}

SearchScopes: HKU\S-1-5-21-1879197662-1193557218-2322404272-500 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-21-1879197662-1193557218-2322404272-500 -> {EE8C233B-466E-4274-ADFD-15F64A0776D2} URL = https://www.google.com/search?q={searchTerms}

BHO-x32: SSVHelper Class -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Parallels\Plesk\Additional\JDK\jre1.5.0_10\bin\ssv.dll [2006-11-09] (Sun Microsystems, Inc.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

Tcpip\..\Interfaces\{045763E1-DDF7-4991-B54B-EC3BD328697C}: [NameServer] 80.237.128.144

Tcpip\..\Interfaces\{753833FD-254A-47FA-8B87-AB4537875F98}: [NameServer] 80.237.128.144,80.237.128.145
 

FireFox:

========

FF ProfilePath: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\f9is74nv.default

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)

FF Extension: Firebug - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\f9is74nv.default\Extensions\firebug@software.joehewitt.com.xpi [2014-05-20]
 

==================== Services (Whitelisted) =================
 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 

S4 DrWebCom; C:\Program Files (x86)\Parallels\Plesk\DrWeb\drwebcom.exe [419328 2013-06-10] (Doctor Web Ltd.) [File not signed]

S3 FCRegSvc; C:\Windows\system32\FCRegSvc.dll [25600 2009-07-14] (Microsoft Corporation)

R2 ftpsvc; C:\Windows\system32\inetsrv\ftpsvc.dll [350720 2012-06-01] (Microsoft Corporation)

R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-21] (Microsoft Corporation)

R2 MEIMAPS; C:\Program Files (x86)\Parallels\Plesk\Mail Servers\Mail Enable\Bin\MEIMAPS.exe [1773568 2011-10-24] (MailEnable Pty Ltd) [File not signed]

R2 MELCS; C:\Program Files (x86)\Parallels\Plesk\Mail Servers\Mail Enable\Bin64\MELSC.EXE [145408 2011-10-24] (MailEnable Pty Ltd) [File not signed]

R2 MEMTAS; C:\Program Files (x86)\Parallels\Plesk\Mail Servers\Mail Enable\Bin64\MEMTA.EXE [147968 2011-10-24] (MailEnable Pty Ltd) [File not signed]

R2 MEPOCS; C:\Program Files (x86)\Parallels\Plesk\Mail Servers\Mail Enable\Bin64\MEPOC.EXE [731136 2011-10-24] (MailEnable Pty Ltd) [File not signed]

R2 MEPOPS; C:\Program Files (x86)\Parallels\Plesk\Mail Servers\Mail Enable\Bin64\MEPOPS.EXE [512512 2011-10-24] (MailEnable Pty Ltd) [File not signed]

R2 MESMTPCS; C:\Program Files (x86)\Parallels\Plesk\Mail Servers\Mail Enable\Bin64\MESMTPC.EXE [732672 2011-10-24] (MailEnable Pty Ltd) [File not signed]

R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)

R2 MSMQ; C:\Windows\system32\mqsvc.exe [9216 2009-07-14] (Microsoft Corporation)

R3 MSSQLFDLauncher; C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [50880 2014-02-21] (Microsoft Corporation)

R2 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [372416 2015-06-09] (Microsoft Corporation)

R2 MySQL; C:\Program Files (x86)\Parallels\Plesk\Databases\MySQL51\bin\mysqld.exe [6107136 2013-01-08] () [File not signed]

R2 named; C:\Program Files (x86)\Parallels\Plesk\dns\bin\named.exe [393216 2013-10-16] () [File not signed]

R2 ncpclcfg; C:\Program Files (x86)\NCP\SecureClient\ncpclcfg.exe [150800 2013-10-28] (NCP engineering GmbH)

R2 ncprwsnt; C:\Program Files (x86)\NCP\SecureClient\ncprwsnt.exe [1721096 2014-02-28] (NCP Engineering GmbH)

R2 NcpSec; C:\Program Files (x86)\NCP\SecureClient\ncpsec.exe [119808 2011-04-21] () [File not signed]

S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)

R2 PleskSQLServer; C:\Program Files (x86)\Parallels\Plesk\MySQL\bin\mysqld.exe [8146432 2013-03-25] () [File not signed]

R2 plesksrv; C:\Program Files (x86)\Parallels\Plesk\admin\bin\plesksrv.exe [2082816 2014-04-15] (Parallels, Inc.) [File not signed]

R2 PopPassD; C:\Program Files (x86)\Parallels\Plesk\admin\bin\PopPassD.exe [788480 2014-04-15] (Parallels, Inc.) [File not signed]

S3 ReportServer; C:\Program Files\Microsoft SQL Server\MSRS12.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2467008 2015-04-20] (Microsoft Corporation)

S3 rqs; C:\Windows\system32\rqs.exe [41472 2010-11-21] (Microsoft Corporation)

S3 RSoPProv; C:\Windows\system32\RSoPProv.exe [91648 2009-07-14] (Microsoft Corporation)

R2 rwsrsu; C:\Program Files (x86)\NCP\SecureClient\rwsrsu.exe [902920 2014-01-29] (NCP engineering GmbH)

S3 sacsvr; C:\Windows\system32\sacsvr.dll [14848 2009-07-14] (Microsoft Corporation)

S4 SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [613056 2015-06-09] (Microsoft Corporation)

S3 stunnel; C:\Program Files (x86)\Parallels\Plesk\stunnel\stunnel.exe [89088 2006-12-01] () [File not signed]

S3 Tomcat5; C:\Program Files (x86)\Parallels\Plesk\Additional\Tomcat\bin\tomcat5.exe [102400 2004-10-29] (Apache Software Foundation) [File not signed]

R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation)

S2 PrlVssProvider; C:\Windows\system32\dllhost.exe /Processid:{35E0AEE7-FD3C-422A-A156-64A84BF17FEF}
 

==================== Drivers (Whitelisted) ====================
 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 

S3 ioatdma; C:\Windows\System32\Drivers\qd260x64.sys [35328 2009-06-10] (Intel Corporation)

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)

R3 MQAC; C:\Windows\System32\drivers\mqac.sys [189440 2009-07-14] (Microsoft Corporation)

S3 ncpfilt; C:\Windows\System32\DRIVERS\ncplelhp.sys [108112 2014-02-28] (NCP Engineering GmbH)

R3 ncplelhp; C:\Windows\System32\DRIVERS\ncplelhp.sys [108112 2014-02-28] (NCP Engineering GmbH)

S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)

R3 prl_eth5; C:\Windows\System32\DRIVERS\prl_eth5.sys [22760 2013-09-18] (Parallels Holdings, Ltd. and its affiliates.)

R3 prl_memdev; C:\Windows\System32\DRIVERS\prl_memdev.sys [20200 2013-09-18] ()

S4 RsFx0310; C:\Windows\System32\DRIVERS\RsFx0310.sys [249024 2015-04-20] (Microsoft Corporation)

S0 sacdrv; C:\Windows\System32\DRIVERS\sacdrv.sys [96320 2009-07-14] (Microsoft Corporation)
 

==================== NetSvcs (Whitelisted) ===================
 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 

NETSVC: sacsvr -> C:\Windows\system32\sacsvr.dll (Microsoft Corporation)
 

==================== One Month Created files and folders ========
 

(If an entry is included in the fixlist, the file/folder will be moved.)
 

2015-07-28 11:36 - 2015-07-28 11:36 - 00016523 _____ C:\Users\Administrator\Desktop\FRST.txt

2015-07-28 11:36 - 2015-07-28 11:36 - 00000000 ____D C:\FRST

2015-07-28 11:35 - 2015-07-28 11:35 - 02146816 _____ (Farbar) C:\Users\Administrator\Desktop\FRST64.exe

2015-07-27 12:58 - 2015-07-27 12:58 - 175320344 _____ (Microsoft Corporation) C:\Users\Administrator\Downloads\msert.exe

2015-07-22 07:23 - 2015-07-28 11:36 - 00000000 ____D C:\Users\Administrator\AppData\Local\Temp\2

2015-07-21 05:10 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll

2015-07-21 05:10 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll

2015-07-21 05:10 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll

2015-07-21 05:10 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll

2015-07-21 05:10 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll

2015-07-21 05:10 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll

2015-07-21 05:10 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll

2015-07-21 05:10 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll

2015-07-21 05:10 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll

2015-07-21 05:10 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll

2015-07-15 15:19 - 2015-07-15 15:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImageMagick 6.9.1 Q16 (64-bit)

2015-07-15 15:11 - 2015-07-15 15:11 - 00000043 _____ C:\Windows\gswin64.ini

2015-07-15 15:05 - 2015-07-15 15:05 - 00017364 _____ C:\Ausgabe.txt

2015-07-15 14:22 - 2015-07-15 14:22 - 00788624 _____ C:\Users\Administrator\AppData\Local\Temp\tmp97B0.tmp

2015-07-15 14:19 - 2014-02-21 05:20 - 00248512 _____ (Microsoft Corporation) C:\Windows\system32\SQSRVRES.DLL

2015-07-15 14:19 - 2014-02-21 05:20 - 00052416 _____ (Microsoft Corporation) C:\Windows\system32\perf-ReportServer-rsctr12.1.4100.1.dll

2015-07-15 14:19 - 2014-02-21 05:20 - 00045760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perf-ReportServer-rsctr12.1.4100.1.dll

2015-07-15 14:07 - 2015-07-15 14:22 - 00158450 _____ C:\Users\Administrator\AppData\Local\Temp\SqlSetup.log

2015-07-15 13:52 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll

2015-07-15 13:52 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll

2015-07-15 13:52 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll

2015-07-15 13:52 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll

2015-07-15 13:52 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe

2015-07-15 13:52 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll

2015-07-15 13:52 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll

2015-07-15 13:52 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll

2015-07-15 13:52 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe

2015-07-15 13:52 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll

2015-07-15 13:52 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll

2015-07-15 13:52 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll

2015-07-15 13:52 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll

2015-07-15 13:52 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll

2015-07-15 13:52 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll

2015-07-15 13:52 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

2015-07-15 13:51 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll

2015-07-15 13:51 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll

2015-07-15 13:51 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2015-07-15 13:51 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2015-07-15 13:51 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2015-07-15 13:51 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2015-07-15 13:51 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2015-07-15 13:51 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2015-07-15 13:51 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2015-07-15 13:51 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2015-07-15 13:51 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2015-07-15 13:51 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2015-07-15 13:51 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2015-07-15 13:51 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2015-07-15 13:51 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2015-07-15 13:51 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2015-07-15 13:51 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2015-07-15 13:51 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll

2015-07-15 13:51 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2015-07-15 13:51 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2015-07-15 13:51 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2015-07-15 13:51 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2015-07-15 13:51 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2015-07-15 13:51 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

2015-07-15 13:51 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2015-07-15 13:51 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

2015-07-15 13:51 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll

2015-07-15 13:51 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll

2015-07-15 13:51 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2015-07-15 13:51 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe

2015-07-15 13:51 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

2015-07-15 13:51 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll

2015-07-15 13:51 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll

2015-07-15 13:51 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll

2015-07-15 13:51 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2015-07-15 13:51 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

2015-07-15 13:51 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2015-07-15 13:51 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

2015-07-15 13:51 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll

2015-07-15 13:51 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

2015-07-15 13:51 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll

2015-07-15 13:51 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2015-07-15 13:51 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll

2015-07-15 13:51 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll

2015-07-15 13:51 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2015-07-15 13:51 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe

2015-07-15 13:51 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll

2015-07-15 13:51 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll

2015-07-15 13:51 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll

2015-07-15 13:51 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys

2015-07-15 13:51 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys

2015-07-15 13:51 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys

2015-07-15 13:51 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2015-07-15 13:51 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2015-07-15 13:51 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2015-07-15 13:51 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2015-07-15 13:51 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2015-07-15 13:51 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2015-07-15 13:51 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2015-07-15 13:51 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2015-07-15 13:51 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2015-07-15 13:51 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2015-07-15 13:51 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2015-07-15 13:51 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2015-07-15 13:51 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2015-07-15 13:51 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2015-07-15 13:51 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2015-07-15 13:51 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2015-07-15 13:51 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2015-07-15 13:51 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2015-07-15 13:51 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2015-07-15 13:51 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2015-07-15 13:51 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2015-07-15 13:51 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2015-07-15 13:51 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2015-07-15 13:51 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2015-07-15 13:51 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2015-07-15 13:51 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2015-07-15 13:51 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2015-07-15 13:51 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2015-07-15 13:51 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2015-07-15 13:51 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2015-07-15 13:51 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2015-07-15 13:51 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2015-07-15 13:51 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2015-07-15 13:51 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2015-07-15 13:51 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2015-07-15 13:51 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2015-07-15 13:51 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2015-07-15 13:51 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2015-07-15 13:51 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2015-07-15 13:51 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2015-07-15 13:51 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2015-07-15 13:51 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2015-07-15 13:51 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2015-07-15 13:51 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2015-07-15 13:51 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2015-07-15 13:51 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2015-07-15 13:51 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2015-07-15 13:51 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2015-07-15 13:51 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2015-07-15 13:51 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

2015-07-15 13:51 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll

2015-07-15 13:51 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe

2015-07-15 13:51 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll

2015-07-15 13:51 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll

2015-07-15 13:51 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll

2015-07-15 13:51 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll

2015-07-15 13:51 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe

2015-07-15 13:51 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll

2015-07-15 13:51 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll

2015-07-15 13:51 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll

2015-07-15 13:51 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe

2015-07-15 13:51 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll

2015-07-15 13:51 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll

2015-07-15 13:51 - 2015-06-11 19:57 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll

2015-07-15 13:51 - 2015-06-11 19:57 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll

2015-07-15 13:51 - 2015-06-11 19:57 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll

2015-07-15 13:51 - 2015-06-11 19:56 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll

2015-07-15 13:51 - 2015-06-11 19:56 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll

2015-07-15 13:51 - 2015-06-11 19:56 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll

2015-07-15 13:51 - 2015-06-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe

2015-07-15 13:51 - 2015-06-09 21:34 - 00565760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll

2015-07-15 13:51 - 2015-06-09 20:03 - 00696832 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll

2015-07-10 14:05 - 2015-07-10 14:05 - 00002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Web Platform Installer.lnk

2015-07-08 00:08 - 2015-07-15 09:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2015-07-02 10:58 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll

2015-07-02 10:58 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll

2015-07-02 10:58 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll

2015-07-02 10:58 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll

2015-07-02 10:58 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll

2015-07-02 10:58 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll

2015-07-02 10:58 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll

2015-07-02 10:58 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll

2015-07-02 10:58 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll

2015-07-02 10:57 - 2015-04-14 05:27 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\EsdSip.dll

2015-07-02 10:57 - 2015-04-14 05:05 - 00019456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EsdSip.dll

2015-06-30 08:35 - 2015-01-08 16:45 - 00267610 _____ C:\Users\Administrator\Desktop\PreisblattAktion.odt

2015-06-30 08:35 - 2015-01-07 12:05 - 00265240 _____ C:\Users\Administrator\Desktop\PreisblattAktion_old.odt
 

==================== One Month Modified files and folders ========
 

(If an entry is included in the fixlist, the file/folder will be moved.)
 

2015-07-28 11:37 - 2014-04-30 11:37 - 00000312 _____ C:\Windows\Tasks\Backup of vital Plesk settings.job

2015-07-28 10:47 - 2009-07-14 06:49 - 00021344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2015-07-28 10:47 - 2009-07-14 06:49 - 00021344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2015-07-28 10:36 - 2012-02-06 12:19 - 01699061 _____ C:\Windows\WindowsUpdate.log

2015-07-28 10:35 - 2015-06-24 04:16 - 00190192 _____ C:\Users\Administrator\AppData\Local\Temp\ArmUI.ini

2015-07-28 10:35 - 2015-06-24 04:16 - 00000227 _____ C:\Users\Administrator\AppData\Local\Temp\AdobeARM_NotLocked.log

2015-07-28 10:35 - 2014-09-25 13:58 - 00285756 _____ C:\Users\Administrator\AppData\Local\Temp\AdobeARM.log

2015-07-28 10:08 - 2014-05-07 10:28 - 00000000 ____D C:\Users\Administrator\Documents\SQL Server Management Studio

2015-07-28 08:52 - 2014-04-30 11:44 - 00001005 _____ C:\Windows\Tasks\Plesk Scheduler Task #C6586631-C086-43FE-9B96-BA28E52FDCD6.job

2015-07-28 03:52 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Registration

2015-07-28 03:49 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\inetsrv

2015-07-27 13:01 - 2014-05-20 16:35 - 00000000 ____D C:\Users\Administrator\Downloads\ProcessMonitor

2015-07-27 11:37 - 2014-04-30 11:37 - 00003256 _____ C:\Windows\System32\Tasks\Backup of vital Plesk settings

2015-07-26 01:04 - 2014-04-30 11:37 - 00001065 _____ C:\Windows\Tasks\Plesk Scheduler Task #{99254CDC-8EA7-49ee-8A49-FC2A169843B7}.job

2015-07-22 03:22 - 2014-05-06 10:31 - 00891856 _____ C:\Windows\system32\perfh007.dat

2015-07-22 03:22 - 2014-05-06 10:31 - 00225300 _____ C:\Windows\system32\perfc007.dat

2015-07-22 03:22 - 2009-07-14 07:10 - 02113910 _____ C:\Windows\system32\PerfStringBackup.INI

2015-07-22 03:18 - 2014-05-07 10:28 - 00000000 ____D C:\Users\MSSQLFDLauncher

2015-07-22 03:17 - 2014-05-07 10:28 - 00000000 ____D C:\Users\MSSQLSERVER

2015-07-22 03:16 - 2009-07-14 07:06 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2015-07-22 03:16 - 2009-07-14 06:49 - 00326184 _____ C:\Windows\system32\FNTCACHE.DAT

2015-07-17 10:30 - 2014-05-23 11:30 - 00003720 _____ C:\Windows\System32\Tasks\PHP Robot

2015-07-16 03:04 - 2014-05-07 10:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2014

2015-07-16 03:02 - 2014-04-30 11:38 - 00000000 ____D C:\Program Files\Microsoft SQL Server

2015-07-16 03:02 - 2014-04-30 11:38 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server

2015-07-15 18:08 - 2014-04-30 12:08 - 00000000 ____D C:\Windows\rescache

2015-07-15 15:19 - 2015-06-02 10:08 - 00001714 _____ C:\Users\Administrator\Desktop\ImageMagick Display.lnk

2015-07-15 14:08 - 2014-06-19 17:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2015-07-15 14:05 - 2014-04-30 16:43 - 00000000 ____D C:\Windows\system32\MRT

2015-07-15 13:15 - 2014-05-21 08:18 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

2015-07-15 13:14 - 2014-12-30 10:16 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task

2015-07-05 12:08 - 2014-05-06 15:02 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

2015-07-03 08:43 - 2012-02-23 13:34 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2015-07-01 04:14 - 2014-04-30 11:37 - 00001069 _____ C:\Windows\Tasks\Plesk Scheduler Task #{7F9CD2FC-8C81-4f3c-AE0B-BB8C9BA560A7}.job
 

==================== Files in the root of some directories =======
 

2014-05-06 10:55 - 2014-05-06 10:55 - 0430090 _____ () C:\Users\Administrator\AppData\Local\dd_vcredistMSI3B8F.txt

2014-05-06 10:55 - 2014-05-06 10:55 - 0442354 _____ () C:\Users\Administrator\AppData\Local\dd_vcredistMSI3BC0.txt

2014-05-06 10:55 - 2014-05-06 10:55 - 0014300 _____ () C:\Users\Administrator\AppData\Local\dd_vcredistUI3B8F.txt

2014-05-06 10:55 - 2014-05-06 10:55 - 0014300 _____ () C:\Users\Administrator\AppData\Local\dd_vcredistUI3BC0.txt

2014-05-06 10:46 - 2015-06-03 10:27 - 0007621 _____ () C:\Users\Administrator\AppData\Local\Resmon.ResmonCfg
 

Some files in TEMP:

====================

C:\Users\Administrator\AppData\Local\Temp\2\procexp64.exe
 
 

==================== Bamital & volsnap Check =================
 

(There is no automatic fix for files that do not pass verification.)
 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2015-07-23 00:15
 

==================== End of log ============================

--- --- ---

und die additional.txt:

[CODE]Additional
FRST Logfile:

Code:

scan result of Farbar Recovery Scan Tool (x64) Version:26-07-2015

Ran by Administrator at 2015-07-28 11:37:07

Running from C:\Users\Administrator\Desktop

Boot Mode: Normal

==========================================================
 
 

==================== Accounts: =============================
 

admHost (S-1-5-21-1879197662-1193557218-2322404272-1026 - Limited - Enabled)

admin (S-1-5-21-1879197662-1193557218-2322404272-1016 - Limited - Enabled)

Administrator (S-1-5-21-1879197662-1193557218-2322404272-500 - Administrator - Enabled) => C:\Users\Administrator

C033 (S-1-5-21-1879197662-1193557218-2322404272-1039 - Limited - Enabled)

C464 (S-1-5-21-1879197662-1193557218-2322404272-1040 - Limited - Enabled)

Guest (S-1-5-21-1879197662-1193557218-2322404272-501 - Limited - Disabled)

IME_ADMIN (S-1-5-21-1879197662-1193557218-2322404272-1019 - Limited - Enabled)

IME_USER (S-1-5-21-1879197662-1193557218-2322404272-1018 - Limited - Enabled)

IUSRPLESK_atmail (S-1-5-21-1879197662-1193557218-2322404272-1006 - Limited - Enabled)

IUSRPLESK_horde (S-1-5-21-1879197662-1193557218-2322404272-1005 - Limited - Enabled)

IUSR_admHost (S-1-5-21-1879197662-1193557218-2322404272-1027 - Limited - Enabled)

IUSR_FS_PUBLIC (S-1-5-21-1879197662-1193557218-2322404272-1014 - Limited - Enabled)

IUSR_FS_UNLISTED (S-1-5-21-1879197662-1193557218-2322404272-1015 - Limited - Enabled)

IWAM_FILESHARING (S-1-5-21-1879197662-1193557218-2322404272-1013 - Limited - Enabled)

IWAM_plesk(default) (S-1-5-21-1879197662-1193557218-2322404272-1002 - Limited - Enabled)

KreativWolke (S-1-5-21-1879197662-1193557218-2322404272-1044 - Limited - Enabled)

Marketing (S-1-5-21-1879197662-1193557218-2322404272-1043 - Limited - Enabled)

MSFTP7_0141853605 (S-1-5-21-1879197662-1193557218-2322404272-1029 - Limited - Enabled)

MSFTP7_0141864082 (S-1-5-21-1879197662-1193557218-2322404272-1031 - Limited - Enabled)

MSFTP7_0142404311 (S-1-5-21-1879197662-1193557218-2322404272-1036 - Limited - Enabled)

Plesk Administrator (S-1-5-21-1879197662-1193557218-2322404272-1004 - Administrator - Enabled) => C:\Users\Plesk Administrator

protected (S-1-5-21-1879197662-1193557218-2322404272-1034 - Limited - Enabled)

psaadm (S-1-5-21-1879197662-1193557218-2322404272-1003 - Limited - Enabled)
 

==================== Security Center ========================
 

(If an entry is included in the fixlist, it will be removed.)
 
 

==================== Installed Programs ======================
 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 

ActivePerl 5.10.1 Build 1007 (x32 Version: 5.10.1007 - ActiveState) Hidden

ActiveState ActivePython 2.6.5.12 (32-bit) (x32 Version: 2.6.5.12 - ActiveState Software Inc.) Hidden

Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)

Akamai NetSession Interface (HKU\S-1-5-21-1879197662-1193557218-2322404272-500\...\Akamai) (Version:  - Akamai Technologies, Inc)

Apache Tomcat 5.5 (remove only) (HKLM-x32\...\Apache Tomcat 5.5) (Version:  - )

Apache Tomcat Java server (x32 Version: 5.5.400 - Parallels) Hidden

AWStats (x32 Version: 7.1.1 - Parallels) Hidden

BIND DNS Server (x32 Version: 9.9.401 - Parallels) Hidden

Dr.Web anti-virus (x32 Version: 6.0.0 - Parallels) Hidden

GDR 4213 für SQL Server*2014 (KB3070446) (64-bit) (HKLM\...\KB3070446) (Version: 12.1.4213.0 - Microsoft Corporation)

GPL Ghostscript (HKLM\...\GPL Ghostscript 9.16) (Version: 9.16 - Artifex Software Inc.)

Horde webmail (x32 Version: 5.1.6 - Parallels) Hidden

IIS URL Rewrite Module 2 (HKLM\...\{EB675D0A-2C95-405B-BEE8-B42A65D23E11}) (Version: 7.2.2 - Microsoft Corporation)

ImageMagick 6.9.1-8 Q16 (64-bit) (2015-07-11) (HKLM\...\ImageMagick 6.9.1 Q16 (64-bit)_is1) (Version: 6.9.1 - ImageMagick Studio LLC)

J2SE Development Kit 5.0 Update 1 (x32 Version: 1.5.0.10 - Sun Microsystems, Inc.) Hidden

J2SE Runtime Environment 5.0 Update 10 (x32 Version: 1.5.0.100 - Sun Microsystems, Inc.) Hidden

LibreOffice 4.2.4.2 (HKLM-x32\...\{6B4977CB-5B9F-4B24-8310-3BA527A8AF22}) (Version: 4.2.4.2 - The Document Foundation)

MailEnable Messaging Services for Microsoft Windows (HKLM-x32\...\MailEnable Messaging Services for Microsoft Windows) (Version: 6.0 - MailEnable)

Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)

Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)

Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)

Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)

Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{AF5F5289-DF1E-4A8E-8A94-34CA78900CD3}) (Version: 12.1.4100.1 - Microsoft Corporation)

Microsoft Report Viewer 2014-Laufzeit (HKLM-x32\...\{30956415-84C1-4F0C-B2AD-BC8944730DDA}) (Version: 12.0.2000.8 - Microsoft Corporation)

Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)

Microsoft SQL Server 2008 Management Objects (HKLM\...\{D9473D19-26F1-4B91-BBAC-4089CB41BC48}) (Version: 10.0.1600.22 - Microsoft Corporation)

Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{5973B12E-5FC1-4EF6-B63B-49C1C4AF2AAA}) (Version: 10.51.2500.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Native Client  (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)

Microsoft SQL Server 2014 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2014) (Version:  - Microsoft Corporation)

Microsoft SQL Server 2014 Setup (English) (HKLM\...\{2975950A-6723-4FD2-9719-78DD9C30A7F4}) (Version: 12.1.4213.0 - Microsoft Corporation)

Microsoft SQL Server 2014 Transact-SQL Compiler Service  (HKLM\...\{5BC5068F-1F64-4D2D-948F-E75F30B850CB}) (Version: 12.1.4213.0 - Microsoft Corporation)

Microsoft SQL Server System CLR Types (HKLM-x32\...\{A282A232-780C-45E2-A5E5-9B61D74DCC6E}) (Version: 10.51.2500.0 - Microsoft Corporation)

Microsoft SQL Server*2014 Policies  (HKLM-x32\...\{B23A3E56-8859-4F60-B3FA-FA14DE9050B5}) (Version: 12.0.2000.8 - Microsoft Corporation)

Microsoft SQL Server*2014 Transact-SQL ScriptDom  (HKLM\...\{795A5CC6-05AE-4413-BE9B-81EA902B5086}) (Version: 12.1.4100.1 - Microsoft Corporation)

Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{99AC7F47-A4E0-4706-9C65-8948775C2652}) (Version: 11.1.3000.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual Studio 2010 Shell (Isolated) - DEU (HKLM-x32\...\{987AE03F-234A-3623-BD28-6B31FD1D3AB3}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft VSS Writer für SQL Server 2014 (HKLM\...\{D390AADD-C825-4B31-8C79-83A9461D5524}) (Version: 12.1.4100.1 - Microsoft Corporation)

Microsoft Web Platform Installer 5.0 (HKLM\...\{4D84C195-86F0-4B34-8FDE-4A17EB41306A}) (Version: 5.0.50430.0 - Microsoft Corporation)

Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{346FD26F-E575-4A11-B854-451DA62C96C4}) (Version: 12.1.4100.1 - Microsoft Corporation)

Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)

MySQL Connector/ODBC 3.51 (x32 Version: 3.51.25 - MySQL AB) Hidden

MySQL Installer (HKLM-x32\...\{88359D24-F64F-477E-B080-50FB024BA6F7}) (Version: 1.3.3.0 - Oracle Corporation)

MySQL Server 5.1 (x32 Version: 5.1.68 - Oracle Corporation) Hidden

MySQL Server Configurator (x32 Version: 11.5.23 - Parallels) Hidden

MySQL Workbench 6.1 CE (HKLM-x32\...\{625991FA-1A48-4AD8-95D5-84A0C9896C9A}) (Version: 6.1.4 - Oracle Corporation)

NCP Secure Entry Client (HKLM-x32\...\NCP RWS/GA) (Version: 9.32 Build 218 - NCP engineering GmbH)

Parallels Panel additional locale (x32 Version: 11.5.20357 - Parallels) Hidden

Parallels Panel base locale (x32 Version: 11.5.13709 - Parallels) Hidden

Parallels Panel Core module (x32 Version: 11.5.36 - Parallels) Hidden

Parallels Panel Desktop (x32 Version: 11.5.30 - Parallels) Hidden

Parallels Panel Engine (x32 Version: 11.5.32 - Parallels) Hidden

Parallels Panel Management (x32 Version: 11.5.30 - Parallels) Hidden

Parallels Panel Migration Manager (x32 Version: 11.5.31 - Parallels) Hidden

Parallels Panel module (x32 Version: 11.5.30 - Parallels) Hidden

Parallels Panel Service Node (x32 Version: 11.5.30 - Parallels) Hidden

Parallels Panel Service Node Utilities (x32 Version: 11.5.38 - Parallels) Hidden

Parallels Panel SiteBuilder (x32 Version: 11.5.10 - Parallels) Hidden

Parallels Panel Skins (x32 Version: 11.5.13325 - Parallels) Hidden

Parallels Panel SQL Server (x32 Version: 5.5.3100 - Parallels) Hidden

Parallels Panel SSL Wrapper (x32 Version: 4.20.0 - Parallels) Hidden

Parallels Panel upgrade assistant (x32 Version: 11.1.0 - Parallels) Hidden

Parallels Panel WebSite (x32 Version: 11.5.30 - Parallels) Hidden

Parallels Panel Zend Framework (x32 Version: 11.5.12344 - Parallels) Hidden

Parallels Plesk Panel (HKLM-x32\...\Parallels Plesk Panel) (Version: 11.5.30 - Parallels)

Parallels Tools (HKLM\...\{26314E88-5841-4C12-8B31-0F98BDE4FA43}) (Version: 7.0.19471 - Ihr Firmenname)

Perl Configurator (x32 Version: 1.0 - Parallels) Hidden

Perl modules (x32 Version: 5.10.1008 - Parallels) Hidden

PHP 5.4 script engine (x32 Version: 5.4.2300 - Parallels) Hidden

PHP4 script engine (x32 Version: 4.4.9 - Parallels) Hidden

PHP5 script engine (x32 Version: 5.2.1703 - Parallels) Hidden

PHPMyAdmin (x32 Version: 4.1.1200 - Parallels) Hidden

PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version:  - Jan Fiala)

Python Configurator (x32 Version: 1.0 - Parallels) Hidden

Service Pack 1 für SQL Server*2014 (KB3058865) (64-bit) (HKLM\...\KB3058865) (Version: 12.1.4100.1 - Microsoft Corporation)

SpamAssassin (x32 Version: 3.3.20 - Parallels) Hidden

SPAW Editor (x32 Version: 11.5.23 - Parallels) Hidden

SQL Server 2014 Client Tools (Version: 12.1.4100.1 - Microsoft Corporation) Hidden

SQL Server 2014 Common Files (Version: 12.1.4100.1 - Microsoft Corporation) Hidden

SQL Server 2014 Database Engine Services (Version: 12.1.4100.1 - Microsoft Corporation) Hidden

SQL Server 2014 Database Engine Shared (Version: 12.1.4100.1 - Microsoft Corporation) Hidden

SQL Server 2014 Documentation Components (Version: 12.0.2000.8 - Microsoft Corporation) Hidden

SQL Server 2014 Full text search (Version: 12.0.2000.8 - Microsoft Corporation) Hidden

SQL Server 2014 Management Studio (Version: 12.1.4100.1 - Microsoft Corporation) Hidden

SQL Server 2014 Reporting Services (Version: 12.1.4100.1 - Microsoft Corporation) Hidden

Sql Server Customer Experience Improvement Program (Version: 12.1.4100.1 - Microsoft Corporation) Hidden

SQL Server System CLR Types (HKLM\...\{F4264106-F90E-4076-98CF-1B878DB14513}) (Version: 10.0.1600.22 - Microsoft Corporation)

SQL Server-Browser für SQL Server 2014 (HKLM-x32\...\{B7312B95-77C6-497E-A63F-596A77B20F31}) (Version: 12.1.4100.1 - Microsoft Corporation)

Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (HKLM\...\{D8125A39-ADEE-4187-B04D-DB6CF489AF61}) (Version: 10.3.5500.0 - Microsoft Corporation)

Visual Studio 2010 Prerequisites - English (HKLM\...\{53952792-BF16-300E-ADF2-E7E4367E00CF}) (Version: 10.0.40219 - Microsoft Corporation)

Webalizer (x32 Version: 2.01.11 - Webalizer) Hidden

WinDirStat 1.1.2 (HKU\S-1-5-21-1879197662-1193557218-2322404272-500\...\WinDirStat) (Version:  - )

WinRAR 4.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
 

==================== Custom CLSID (Whitelisted): ==========================
 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 

==================== Restore Points =========================
 

ATTENTION: System Restore is disabled

Check "winmgmt" service or repair WMI.
 
 

==================== Hosts content: ==========================
 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 

2009-07-14 04:34 - 2014-05-14 10:06 - 00000963 ____A C:\Windows\system32\Drivers\etc\hosts

0.0.0.0         .psf

0.0.0.0         psf

127.0.0.1        www.schneidergruppe.de

127.0.0.1        mein.schneidergruppe.de

127.0.0.1        www.letsrent.de
 
 

==================== Scheduled Tasks (Whitelisted) =============
 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 

Task: {4407FDF0-1AF2-4E8B-8DEA-52D3B74FB9C6} - System32\Tasks\VPN-Firma => cmd.exe /C Ping -t 172.17.1.1

Task: {54440A9B-1A9A-4634-9951-6D8AFE4B2C1B} - System32\Tasks\SQL Sicherung => D:\SQLSicherung\Sicherung.bat [2015-05-26] ()

Task: {60AA274F-159A-4CD8-A118-5E908F6660DE} - System32\Tasks\Plesk Scheduler Task #{99254CDC-8EA7-49ee-8A49-FC2A169843B7} => cmd.exe /c ""C:\Program Files (x86)\Parallels\Plesk\admin\bin\runtask.exe" "--application=C:\Program Files (x86)\Parallels\Plesk\admin\bin\php.exe" "--parameters=-q -dauto_prepend_file=\"\" -c php.ini \"C:\Program Files ^(x86^)\Parallels\Plesk\admin\plib\report\autoreport.php\" --auto weekly""

Task: {63EE8552-A444-4BA2-8E1E-C8350D6D412A} - System32\Tasks\Microsoft\Windows\Server Manager\ServerManager => C:\Windows\system32\ServerManagerLauncher.exe [2009-07-14] (Microsoft Corporation)

Task: {69110D7B-41DC-4E9D-BDD3-C826C7DB613B} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Server\ServerRoleUsageCollector => C:\Windows\system32\ceipdata.exe [2010-11-21] (Microsoft Corporation)

Task: {74675479-ABB3-4AF9-A32C-B1EA78A3D284} - System32\Tasks\Plesk Scheduler Task #{9b734460-76dc-44ce-8ead-f2a6f19a707e} => cmd.exe /c ""C:\Program Files (x86)\Parallels\Plesk\admin\bin\runtask.exe" --defaultmail "--application=C:\Program Files (x86)\Parallels\Plesk\admin\bin\web_statistics_executor.exe" "--parameters=""

Task: {8573E056-C23F-4D97-A9FE-8AF4593B15F6} - System32\Tasks\PHP Robot => Iexplore.exe https://www.dieschneidergruppe.de/Robot

Task: {8F94BCC3-504B-4AB0-8026-FFDBDED7BCA1} - System32\Tasks\Plesk Scheduler Task #{7F9CD2FC-8C81-4f3c-AE0B-BB8C9BA560A7} => cmd.exe /c ""C:\Program Files (x86)\Parallels\Plesk\admin\bin\runtask.exe" "--application=C:\Program Files (x86)\Parallels\Plesk\admin\bin\php.exe" "--parameters=-q -dauto_prepend_file=\"\" -c php.ini \"C:\Program Files ^(x86^)\Parallels\Plesk\admin\plib\report\autoreport.php\" --auto monthly""

Task: {AF2C8033-9CF3-48C7-B1E1-48A3FC351DEB} - System32\Tasks\Backup of vital Plesk settings => C:\Program Files (x86)\Parallels\Plesk\admin\bin\sshost.exe [2014-05-24] (Parallels, Inc.)

Task: {AFECE848-8DA2-461B-B5E6-CBEF57A4DF7D} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Server\ServerRoleCollector => C:\Windows\system32\ceiprole.exe [2010-11-21] (Microsoft Corporation)

Task: {B9CE2D85-24D4-4D44-851B-4259FBCF074D} - System32\Tasks\Plesk Scheduler Task #{712D7996-58AA-4a36-B64D-1809F3794A21} => cmd.exe /c ""C:\Program Files (x86)\Parallels\Plesk\admin\bin\runtask.exe" --defaultmail "--application=C:\Program Files (x86)\Parallels\Plesk\admin\bin\php.exe" "--parameters=-q -dauto_prepend_file=\"\" -c php.ini \"C:\Program Files ^(x86^)\Parallels\Plesk\admin\plib\DailyMaintainance\script.php\"""

Task: {D49A10DA-0F70-4779-BD96-B2D976A4F2E3} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Server\ServerCeipAssistant => C:\Windows\system32\ceipdata.exe [2010-11-21] (Microsoft Corporation)

Task: {E546B837-B1D3-48D5-9A9E-51EC48F74C62} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)

Task: {F2153CA4-24E1-44D7-B9FF-BDC0EE28EDE4} - System32\Tasks\Plesk Scheduler Task #C6586631-C086-43FE-9B96-BA28E52FDCD6 => cmd.exe /c ""C:\Program Files (x86)\Parallels\Plesk\admin\bin\runtask.exe" "--application=\"C:\Program Files ^(x86^)\Parallels\Plesk\DrWeb\drwebupw.exe\"" "--parameters= /GO /ST \"/RPC:\Program Files ^(x86^)\Parallels\Plesk\DrWeb\DrWebUpW.log\" \"/DIR:C:\Program Files ^(x86^)\Parallels\Plesk\DrWeb\\\"""
 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 

Task: C:\Windows\Tasks\Backup of vital Plesk settings.job => C:\Program Files (x86)\Parallels\Plesk\admin\bin\sshost.exe

Task: C:\Windows\Tasks\Plesk Scheduler Task #C6586631-C086-43FE-9B96-BA28E52FDCD6.job => C:\Windows\system32\cmd.exeĩ/c C:\Program Files (x86)\Parallels\Plesk\admin\bin\runtask.exe --application=\C:\Program Files ^(x86^)\Parallels\Plesk\DrWeb\drwebupw.exe\ --parameters= /GO /ST \/RPC:\Program Files ^(x86^)\Parallels\Plesk\DrWeb\DrWebUpW.log

Task: C:\Windows\Tasks\Plesk Scheduler Task #{712D7996-58AA-4a36-B64D-1809F3794A21}.job => C:\Windows\system32\cmd.exeĦ/c C:\Program Files (x86)\Parallels\Plesk\admin\bin\runtask.exe --defaultmail --application=C:\Program Files (x86)\Parallels\Plesk\admin\bin\php.exe --parameters=-q -dauto_prepend_file=\\ -c php.ini \C:\Program Files ^(x86^)\Parallels\Plesk\admin\plib\DailyMaintainance\script.php

Task: C:\Windows\Tasks\Plesk Scheduler Task #{7F9CD2FC-8C81-4f3c-AE0B-BB8C9BA560A7}.job => C:\Windows\system32\cmd.exeĠ/c C:\Program Files (x86)\Parallels\Plesk\admin\bin\runtask.exe --application=C:\Program Files (x86)\Parallels\Plesk\admin\bin\php.exe --parameters=-q -dauto_prepend_file=\\ -c php.ini \C:\Program Files ^(x86^)\Parallels\Plesk\admin\plib\report\autoreport.php

Task: C:\Windows\Tasks\Plesk Scheduler Task #{99254CDC-8EA7-49ee-8A49-FC2A169843B7}.job => C:\Windows\system32\cmd.exeğ/c C:\Program Files (x86)\Parallels\Plesk\admin\bin\runtask.exe --application=C:\Program Files (x86)\Parallels\Plesk\admin\bin\php.exe --parameters=-q -dauto_prepend_file=\\ -c php.ini \C:\Program Files ^(x86^)\Parallels\Plesk\admin\plib\report\autoreport.php

Task: C:\Windows\Tasks\Plesk Scheduler Task #{9b734460-76dc-44ce-8ead-f2a6f19a707e}.job => C:\Windows\system32\cmd.exe¿/c C:\Program Files (x86)\Parallels\Plesk\admin\bin\runtask.exe --defaultmail --application=C:\Program Files (x86)\Parallels\Plesk\admin\bin\web_statistics_executor.exe
 

==================== Loaded Modules (Whitelisted) ==============
 

2014-04-30 11:39 - 2011-10-24 10:01 - 00052224 _____ () C:\Program Files (x86)\Parallels\Plesk\Mail Servers\Mail Enable\Bin64\MEAILSTD.DLL

2014-04-30 11:39 - 2011-10-24 10:03 - 00031232 _____ () C:\Program Files (x86)\Parallels\Plesk\Mail Servers\Mail Enable\Bin64\MEAIAMTD.DLL

2014-04-30 11:39 - 2011-10-24 10:00 - 00061440 _____ () C:\Program Files (x86)\Parallels\Plesk\Mail Servers\Mail Enable\Bin64\MEAIPOTD.DLL

2014-04-30 11:39 - 2011-10-24 09:59 - 00053760 _____ () C:\Program Files (x86)\Parallels\Plesk\Mail Servers\Mail Enable\Bin64\MEAISMTD.DLL

2014-04-30 11:39 - 2011-10-24 10:00 - 00090624 _____ () C:\Program Files (x86)\Parallels\Plesk\Mail Servers\Mail Enable\Bin64\MEAIPO.DLL

2014-04-30 11:39 - 2011-10-24 09:58 - 00592384 _____ () C:\Program Files (x86)\Parallels\Plesk\Mail Servers\Mail Enable\Bin64\MEAISP.DLL

2014-04-30 11:39 - 2011-10-24 09:58 - 00197120 _____ () C:\Program Files (x86)\Parallels\Plesk\Mail Servers\Mail Enable\Bin64\MEAISO.DLL

2014-04-30 11:39 - 2011-10-24 09:58 - 00013312 _____ () C:\Program Files (x86)\Parallels\Plesk\Mail Servers\Mail Enable\Bin64\MEAISOTD.DLL

2014-04-30 11:39 - 2011-10-24 10:00 - 00073216 _____ () C:\Program Files (x86)\Parallels\Plesk\Mail Servers\Mail Enable\Bin64\MEAINFY.DLL

2014-04-30 11:39 - 2011-10-24 09:59 - 00087040 _____ () C:\Program Files (x86)\Parallels\Plesk\Mail Servers\Mail Enable\Bin64\MEAISM.DLL

2014-04-30 11:39 - 2011-10-24 10:03 - 00054272 _____ () C:\Program Files (x86)\Parallels\Plesk\Mail Servers\Mail Enable\Bin64\MEAIAM.DLL

2014-04-30 11:39 - 2011-10-24 10:00 - 00060416 _____ () C:\Program Files (x86)\Parallels\Plesk\Mail Servers\Mail Enable\Bin64\MEAIPS.DLL

2014-04-30 11:39 - 2011-10-24 10:00 - 00036352 _____ () C:\Program Files (x86)\Parallels\Plesk\Mail Servers\Mail Enable\Bin64\MEAIPSTD.DLL

2014-04-30 11:39 - 2011-10-24 10:03 - 00158208 _____ () C:\Program Files (x86)\Parallels\Plesk\Mail Servers\Mail Enable\Bin64\MEAIAU.DLL

2014-04-30 11:39 - 2011-10-24 10:03 - 00042496 _____ () C:\Program Files (x86)\Parallels\Plesk\Mail Servers\Mail Enable\Bin64\MEAIAUTD.DLL

2014-04-30 11:39 - 2011-10-24 10:03 - 00094720 _____ () C:\Program Files (x86)\Parallels\Plesk\Mail Servers\Mail Enable\Bin64\MEAIDP.DLL

2014-04-30 11:39 - 2011-10-24 10:03 - 00035840 _____ () C:\Program Files (x86)\Parallels\Plesk\Mail Servers\Mail Enable\Bin64\MEAIDPTD.DLL

2014-04-30 11:39 - 2011-10-24 10:01 - 00053248 _____ () C:\Program Files (x86)\Parallels\Plesk\Mail Servers\Mail Enable\Bin64\MEAILS.DLL

2014-04-30 11:39 - 2011-10-24 10:00 - 00010752 _____ () C:\Program Files (x86)\Parallels\Plesk\Mail Servers\Mail Enable\Bin64\MEWINDNS.DLL

2014-04-30 11:39 - 2011-10-24 10:00 - 00026112 _____ () C:\Program Files (x86)\Parallels\Plesk\Mail Servers\Mail Enable\Bin64\MEW2KDNS.DLL

2013-01-08 22:14 - 2013-01-08 22:14 - 06107136 _____ () C:\Program Files (x86)\Parallels\Plesk\Databases\MySQL51\bin\mysqld.exe

2013-10-16 00:34 - 2013-10-16 00:34 - 00393216 _____ () C:\Program Files (x86)\Parallels\Plesk\dns\bin\named.exe

2014-05-06 14:25 - 2012-04-26 10:03 - 01409024 _____ () C:\Program Files (x86)\NCP\SecureClient\x64\libeay32.dll

2014-05-06 13:24 - 2011-10-12 15:43 - 00165888 _____ () C:\Program Files (x86)\NCP\SecureClient\x64\ncpbudget2008.dll

2014-05-06 13:24 - 2014-02-28 13:02 - 00121856 _____ () C:\Program Files (x86)\NCP\SecureClient\x64\ncpmif32.dll

2014-05-06 13:24 - 2011-04-21 07:11 - 00119808 _____ () C:\Program Files (x86)\NCP\SecureClient\ncpsec.exe

2013-03-25 14:54 - 2013-03-25 14:54 - 08146432 _____ () C:\Program Files (x86)\Parallels\Plesk\MySQL\bin\mysqld.exe

2014-05-13 11:00 - 2011-03-02 12:40 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll

2014-04-30 11:39 - 2011-10-24 09:42 - 00058368 _____ () C:\Program Files (x86)\Parallels\Plesk\Mail Servers\Mail Enable\Bin\MEAINFY.DLL

2014-04-30 11:39 - 2011-10-24 09:41 - 00449536 _____ () C:\Program Files (x86)\Parallels\Plesk\Mail Servers\Mail Enable\Bin\MEAISP.DLL

2014-04-30 11:39 - 2011-10-24 09:41 - 00155648 _____ () C:\Program Files (x86)\Parallels\Plesk\Mail Servers\Mail Enable\Bin\MEAISO.DLL

2014-04-30 11:39 - 2011-10-24 09:41 - 00011776 _____ () C:\Program Files (x86)\Parallels\Plesk\Mail Servers\Mail Enable\Bin\MEAISOTD.DLL

2014-04-30 11:39 - 2011-10-24 09:41 - 00072704 _____ () C:\Program Files (x86)\Parallels\Plesk\Mail Servers\Mail Enable\Bin\MEAIPO.DLL

2014-04-30 11:39 - 2011-10-24 09:41 - 00052224 _____ () C:\Program Files (x86)\Parallels\Plesk\Mail Servers\Mail Enable\Bin\MEAIPOTD.DLL

2014-04-30 11:39 - 2011-10-24 09:44 - 00121856 _____ () C:\Program Files (x86)\Parallels\Plesk\Mail Servers\Mail Enable\Bin\MEAIAU.DLL

2014-04-30 11:39 - 2011-10-24 09:44 - 00035840 _____ () C:\Program Files (x86)\Parallels\Plesk\Mail Servers\Mail Enable\Bin\MEAIAUTD.DLL

2014-04-30 11:39 - 2011-10-24 09:41 - 00068096 _____ () C:\Program Files (x86)\Parallels\Plesk\Mail Servers\Mail Enable\Bin\MEAISM.DLL

2014-04-30 11:39 - 2011-10-24 09:41 - 00045056 _____ () C:\Program Files (x86)\Parallels\Plesk\Mail Servers\Mail Enable\Bin\MEAISMTD.DLL

2014-04-30 11:39 - 2011-10-24 09:44 - 00041984 _____ () C:\Program Files (x86)\Parallels\Plesk\Mail Servers\Mail Enable\Bin\MEAIAM.DLL

2014-04-30 11:39 - 2011-10-24 09:44 - 00027648 _____ () C:\Program Files (x86)\Parallels\Plesk\Mail Servers\Mail Enable\Bin\MEAIAMTD.DLL

2009-07-03 04:20 - 2009-07-03 04:20 - 00975872 _____ () C:\Program Files (x86)\Parallels\Plesk\dns\bin\libxml2.dll

2013-10-16 00:27 - 2013-10-16 00:27 - 00249856 _____ () C:\Program Files (x86)\Parallels\Plesk\dns\bin\libisc.dll

2013-10-16 00:30 - 2013-10-16 00:30 - 01269760 _____ () C:\Program Files (x86)\Parallels\Plesk\dns\bin\libdns.dll

2013-10-16 00:30 - 2013-10-16 00:30 - 00023040 _____ () C:\Program Files (x86)\Parallels\Plesk\dns\bin\libisccc.dll

2013-10-16 00:31 - 2013-10-16 00:31 - 00034304 _____ () C:\Program Files (x86)\Parallels\Plesk\dns\bin\liblwres.dll

2013-10-16 00:30 - 2013-10-16 00:30 - 00073728 _____ () C:\Program Files (x86)\Parallels\Plesk\dns\bin\libisccfg.dll

2013-10-16 00:31 - 2013-10-16 00:31 - 00053248 _____ () C:\Program Files (x86)\Parallels\Plesk\dns\bin\libbind9.dll

2014-05-06 13:24 - 2014-02-18 12:51 - 01817088 _____ () C:\Program Files (x86)\NCP\SecureClient\ncpgacc.dll

2014-05-06 13:24 - 2014-02-28 13:02 - 00108032 _____ () C:\Program Files (x86)\NCP\SecureClient\ncpmif32.dll

2012-12-07 12:41 - 2012-12-07 12:41 - 00265216 _____ () C:\Program Files (x86)\Parallels\Plesk\admin\bin\libmariadb.dll

2014-05-06 13:24 - 2013-06-12 11:00 - 00964608 _____ () C:\Program Files (x86)\NCP\SecureClient\rsussl.dll

2012-06-26 21:17 - 2012-06-26 21:17 - 00626176 _____ () C:\Program Files (x86)\Parallels\Plesk\Additional\PleskPHP54\ext\ioncube_loader_win_5.4.dll
 

==================== Alternate Data Streams (Whitelisted) =========
 

(If an entry is included in the fixlist, only the ADS will be removed.)
 
 

==================== Safe Mode (Whitelisted) ===================
 

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 

==================== EXE Association (Whitelisted) ===============
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 

==================== Internet Explorer trusted/restricted ===============
 

(If an entry is included in the fixlist, it will be removed from the registry.)
 
 

==================== Other Areas ============================
 

(Currently there is no automatic fix for this section.)
 

HKU\S-1-5-21-1879197662-1193557218-2322404272-500\Control Panel\Desktop\\Wallpaper -> 

DNS Servers: 80.237.128.144 - 80.237.128.145

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Windows Firewall is enabled.
 

==================== MSCONFIG/TASK MANAGER disabled items ==
 

(Currently there is no automatic fix for this section.)
 

MSCONFIG\Services: DrWebCom => 2

MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Administrator\AppData\Local\Akamai\netsession_win.exe"

MSCONFIG\startupreg: NcpBudgetGui => "C:\Program Files (x86)\NCP\SecureClient\NcpBudgetGui.exe" -start

MSCONFIG\startupreg: NcpMonitor => "C:\Program Files (x86)\NCP\SecureClient\ncpmon.exe" AUTORUN

MSCONFIG\startupreg: NcpPopup => "C:\Program Files (x86)\NCP\SecureClient\ncppopup.exe" noerrmsg

MSCONFIG\startupreg: NcpRsuGui => "C:\Program Files (x86)\NCP\SecureClient\rwsrsu.exe" -gui
 

==================== FirewallRules (Whitelisted) ===============
 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe

FirewallRules: [ComPlusRemoteAdministration-DCOM-In] => (Allow) %systemroot%\system32\dllhost.exe

FirewallRules: [SCW-Allow-Inbound-Access-To-ScsHost-TCP-RPC-EndPointMapper] => (Allow) %systemroot%\system32\scshost.exe

FirewallRules: [SCW-Allow-Inbound-Access-To-ScsHost-TCP-RPC] => (Allow) %systemroot%\system32\scshost.exe

FirewallRules: [DfsMgmt-In-TCP] => (Allow) %systemroot%\system32\dfsfrsHost.exe

FirewallRules: [{19568150-E1F0-4FBE-B6AE-FF03254792D7}] => (Allow) LPort=3389

FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe

FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe

FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe

FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe

FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) %systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

FirewallRules: [{BC386AA9-4A3A-4F84-A16A-774CACA74BCC}] => (Allow) LPort=53

FirewallRules: [{8DEC4A7B-96B1-41EA-9332-5ADD3B87FC03}] => (Allow) LPort=53

FirewallRules: [{E1E0BDE0-3D9E-4083-B0DD-3033C3139845}] => (Allow) LPort=21

FirewallRules: [{7B7655D3-DD57-4E4B-97B4-E150EE84BE38}] => (Allow) LPort=80

FirewallRules: [{D49412E0-34C6-4042-95A7-DF6C65B0AA84}] => (Allow) LPort=443

FirewallRules: [{D4BB1FC8-7A1C-4DA7-B12F-69A101CD5EAC}] => (Allow) LPort=25

FirewallRules: [{3F037794-CF95-4D88-B467-FA8AB49BCC55}] => (Allow) LPort=110

FirewallRules: [{15539648-048F-48B4-9327-E49DB8F4471D}] => (Allow) LPort=143

FirewallRules: [{53CCCA57-4C99-4DDD-B486-3A34A8C3ADFF}] => (Allow) LPort=220

FirewallRules: [{F7899DEA-B2C8-423A-94AC-AE37F192765E}] => (Allow) LPort=465

FirewallRules: [{B63FA419-F13B-4B51-BF56-26C44E2F9E85}] => (Allow) LPort=995

FirewallRules: [{950CBBB8-93EB-4899-9324-CDD4179E497E}] => (Allow) LPort=23

FirewallRules: [{F8E37DBD-6D23-47B6-B96D-9FD0A7336789}] => (Allow) LPort=22

FirewallRules: [{A1873CF5-5DF2-4BD8-8E53-32DEA547ED75}] => (Allow) LPort=3389

FirewallRules: [{E5623DD5-5BDD-4537-A68E-31E737638670}] => (Allow) LPort=8306

FirewallRules: [{E73925FE-9378-401E-BD5A-17ACBA0CF4AC}] => (Allow) LPort=3306

FirewallRules: [{678A0FCB-A3F7-48CC-9CAA-2EC65939E681}] => (Allow) LPort=13000

FirewallRules: [{295ADD58-26EF-4BA6-8CE0-809404179DC2}] => (Allow) LPort=1434

FirewallRules: [{B92E7F30-0C64-4A55-B6C3-F4B3F11B8971}] => (Allow) LPort=8443

FirewallRules: [{EB6FE158-E248-486C-81E3-D54E20AD2D53}] => (Allow) LPort=8447

FirewallRules: [{34FC70EF-B5EA-42C9-8785-6D21C3D7DB23}] => (Allow) LPort=8401

FirewallRules: [{2CCA8F9C-498D-4626-9D7F-79A1E708020F}] => (Allow) LPort=8880

FirewallRules: [{50335FFA-F08F-4415-90EC-048AF5C6D69D}] => (Allow) LPort=32000

FirewallRules: [Remrras-In-RPC] => (Allow) %systemroot%\system32\remrras.exe

FirewallRules: [RQS-In-TCP] => (Allow) %systemroot%\system32\rqs.exe

FirewallRules: [TCP Query User{BEEC6997-C5EF-410F-B093-223FACDD16F4}C:\program files (x86)\ncp\secureclient\ncpmon.exe] => (Allow) C:\program files (x86)\ncp\secureclient\ncpmon.exe

FirewallRules: [UDP Query User{7A1B24A8-B657-49AD-A75F-5E9D5F34E116}C:\program files (x86)\ncp\secureclient\ncpmon.exe] => (Allow) C:\program files (x86)\ncp\secureclient\ncpmon.exe

FirewallRules: [{650381EC-5128-40AC-AE30-01966D98C454}] => (Allow) LPort=3389

FirewallRules: [TCP Query User{7797F580-3F53-43B5-A0A8-15E1B818A9D3}C:\users\administrator\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\administrator\appdata\local\akamai\netsession_win.exe

FirewallRules: [UDP Query User{A3B3CF22-34C0-478C-803A-4CC71B4F28AD}C:\users\administrator\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\administrator\appdata\local\akamai\netsession_win.exe

FirewallRules: [TCP Query User{E5BEB688-97E8-4E28-8AD5-9AF83531B738}C:\windows\system32\ftp.exe] => (Allow) C:\windows\system32\ftp.exe

FirewallRules: [UDP Query User{A7DF7E80-2FDC-4609-9170-349807B8395A}C:\windows\system32\ftp.exe] => (Allow) C:\windows\system32\ftp.exe

FirewallRules: [{45DAA182-9A27-4896-B93B-E7A8EF80E4EF}] => (Allow) LPort=1021

FirewallRules: [{C9D563D7-7234-4326-A8FB-8D8CDC7EA2D5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{44F482AB-005E-4DF9-AA9B-85A75CA55A1B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{8EBEEDE3-8802-43E5-97DA-5F0E8518B8D8}] => (Allow) LPort=3306
 

==================== Faulty Device Manager Devices =============
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (07/28/2015 03:49:16 AM) (Source: SQLWRITER) (EventID: 24583) (User: )

Description: Sqllib-Fehler: OLE DB-Fehler beim Aufrufen von ICommandText::Execute. hr = 0x80040e14.

SQLSTATE: 42000, Native Error: 3013

Error state: 1, Severity: 16

Source: Microsoft SQL Server Native Client 11.0

Error message: BACKUP DATABASE wird fehlerbedingt beendet.

SQLSTATE: 42000, Native Error: 3271

Error state: 1, Severity: 16

Source: Microsoft SQL Server Native Client 11.0

Error message: Nicht behebbarer E/A-Fehler für die Datei '{CB8A49DA-ABE2-4912-8E54-A296B62DA11A}8:' 995(Der E/A-Vorgang wurde wegen eines Threadendes oder einer Anwendungsanforderung abgebrochen.).

SQLSTATE: 01000, Native Error: 4035

Error state: 1, Severity: 0

Source: Microsoft SQL Server Native Client 11.0

Error message: 0 Seiten wurden für die master-Datenbank, Datei 'master' für Datei 1, verarbeitet.
 

Error: (07/28/2015 03:49:16 AM) (Source: SQLWRITER) (EventID: 24583) (User: )

Description: Sqllib-Fehler: OLE DB-Fehler beim Aufrufen von ICommandText::Execute. hr = 0x80040e14.

SQLSTATE: 42000, Native Error: 3013

Error state: 1, Severity: 16

Source: Microsoft SQL Server Native Client 11.0

Error message: BACKUP DATABASE wird fehlerbedingt beendet.

SQLSTATE: 42000, Native Error: 3271

Error state: 1, Severity: 16

Source: Microsoft SQL Server Native Client 11.0

Error message: Nicht behebbarer E/A-Fehler für die Datei '{CB8A49DA-ABE2-4912-8E54-A296B62DA11A}7:' 995(Der E/A-Vorgang wurde wegen eines Threadendes oder einer Anwendungsanforderung abgebrochen.).

SQLSTATE: 01000, Native Error: 4035

Error state: 1, Severity: 0

Source: Microsoft SQL Server Native Client 11.0

Error message: 0 Seiten wurden für die http_dieschneidergruppe_de-Datenbank, Datei 'http_dieschneidergruppe_de' für Datei 1, verarbeitet.
 

Error: (07/28/2015 03:49:16 AM) (Source: SQLWRITER) (EventID: 24583) (User: )

Description: Sqllib-Fehler: OLE DB-Fehler beim Aufrufen von ICommandText::Execute. hr = 0x80040e14.

SQLSTATE: 42000, Native Error: 3013

Error state: 1, Severity: 16

Source: Microsoft SQL Server Native Client 11.0

Error message: BACKUP DATABASE wird fehlerbedingt beendet.

SQLSTATE: 42000, Native Error: 3271

Error state: 1, Severity: 16

Source: Microsoft SQL Server Native Client 11.0

Error message: Nicht behebbarer E/A-Fehler für die Datei '{CB8A49DA-ABE2-4912-8E54-A296B62DA11A}6:' 995(Der E/A-Vorgang wurde wegen eines Threadendes oder einer Anwendungsanforderung abgebrochen.).

SQLSTATE: 01000, Native Error: 4035

Error state: 1, Severity: 0

Source: Microsoft SQL Server Native Client 11.0

Error message: 0 Seiten wurden für die dsg_migra-Datenbank, Datei 'dieschneidergruppe' für Datei 1, verarbeitet.
 

Error: (07/28/2015 03:49:16 AM) (Source: SQLVDI) (EventID: 1) (User: )

Description: SQLVDI: Loc=TriggerAbort. Desc=invoked. ErrorCode=(0). Process=1264. Thread=3280. Server. Instance=MSSQLSERVER. VD=Global\{CB8A49DA-ABE2-4912-8E54-A296B62DA11A}8_SQLVDIMemoryName_0.
 

Error: (07/28/2015 03:49:16 AM) (Source: MSSQLSERVER) (EventID: 18210) (User: NT-AUTORITÄT)

Description: BackupVirtualDeviceFile::SendFileInfoBegin: Fehler bei  beim Sicherungsmedium '{CB8A49DA-ABE2-4912-8E54-A296B62DA11A}8'. Betriebssystemfehler = 995(Der E/A-Vorgang wurde wegen eines Threadendes oder einer Anwendungsanforderung abgebrochen.).
 

Error: (07/28/2015 03:49:16 AM) (Source: MSSQLSERVER) (EventID: 3041) (User: NT-AUTORITÄT)

Description: BACKUP-Fehler beim Abschließen des BACKUP DATABASE master-Befehls. Ausführliche Informationen finden Sie im Sicherungsanwendungsprotokoll.
 

Error: (07/28/2015 03:49:16 AM) (Source: SQLVDI) (EventID: 1) (User: )

Description: SQLVDI: Loc=TriggerAbort. Desc=invoked. ErrorCode=(0). Process=1264. Thread=2924. Server. Instance=MSSQLSERVER. VD=Global\{CB8A49DA-ABE2-4912-8E54-A296B62DA11A}7_SQLVDIMemoryName_0.
 

Error: (07/28/2015 03:49:16 AM) (Source: SQLWRITER) (EventID: 24583) (User: )

Description: Sqllib-Fehler: OLE DB-Fehler beim Aufrufen von ICommandText::Execute. hr = 0x80040e14.

SQLSTATE: 42000, Native Error: 3013

Error state: 1, Severity: 16

Source: Microsoft SQL Server Native Client 11.0

Error message: BACKUP DATABASE wird fehlerbedingt beendet.

SQLSTATE: 42000, Native Error: 3271

Error state: 1, Severity: 16

Source: Microsoft SQL Server Native Client 11.0

Error message: Nicht behebbarer E/A-Fehler für die Datei '{CB8A49DA-ABE2-4912-8E54-A296B62DA11A}5:' 995(Der E/A-Vorgang wurde wegen eines Threadendes oder einer Anwendungsanforderung abgebrochen.).

SQLSTATE: 01000, Native Error: 4035

Error state: 1, Severity: 0

Source: Microsoft SQL Server Native Client 11.0

Error message: 0 Seiten wurden für die dieschneidergruppe-Datenbank, Datei 'dieschneidergruppe' für Datei 1, verarbeitet.
 

Error: (07/28/2015 03:49:16 AM) (Source: MSSQLSERVER) (EventID: 18210) (User: NT-AUTORITÄT)

Description: BackupVirtualDeviceFile::SendFileInfoBegin: Fehler bei  beim Sicherungsmedium '{CB8A49DA-ABE2-4912-8E54-A296B62DA11A}7'. Betriebssystemfehler = 995(Der E/A-Vorgang wurde wegen eines Threadendes oder einer Anwendungsanforderung abgebrochen.).
 

Error: (07/28/2015 03:49:16 AM) (Source: MSSQLSERVER) (EventID: 3041) (User: NT-AUTORITÄT)

Description: BACKUP-Fehler beim Abschließen des BACKUP DATABASE http_dieschneidergruppe_de-Befehls. Ausführliche Informationen finden Sie im Sicherungsanwendungsprotokoll.
 
 

System errors:

=============

Error: (07/28/2015 11:10:20 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)

Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
 

Error: (07/28/2015 09:46:52 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)

Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 1205.
 

Error: (07/28/2015 09:46:52 AM) (Source: Schannel) (EventID: 4106) (User: NT-AUTORITÄT)

Description: Eine TLS 1.0-Verbindungsanforderung wurde von einer Remoteclientanwendung übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung.
 

Error: (07/28/2015 07:50:42 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)

Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 1205.
 

Error: (07/28/2015 07:50:42 AM) (Source: Schannel) (EventID: 4106) (User: NT-AUTORITÄT)

Description: Eine TLS 1.0-Verbindungsanforderung wurde von einer Remoteclientanwendung übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung.
 

Error: (07/28/2015 07:04:10 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)

Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
 

Error: (07/28/2015 04:03:11 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)

Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
 

Error: (07/27/2015 11:36:25 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)

Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 1203.
 

Error: (07/27/2015 11:36:22 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)

Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 1203.
 

Error: (07/27/2015 11:05:30 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)

Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 1203.
 
 

Microsoft Office:

=========================

Error: (07/28/2015 03:49:16 AM) (Source: SQLWRITER) (EventID: 24583) (User: )

Description: ICommandText::Execute0x80040e14SQLSTATE: 42000, Native Error: 3013

Error state: 1, Severity: 16

Source: Microsoft SQL Server Native Client 11.0

Error message: BACKUP DATABASE wird fehlerbedingt beendet.

SQLSTATE: 42000, Native Error: 3271

Error state: 1, Severity: 16

Source: Microsoft SQL Server Native Client 11.0

Error message: Nicht behebbarer E/A-Fehler für die Datei '{CB8A49DA-ABE2-4912-8E54-A296B62DA11A}8:' 995(Der E/A-Vorgang wurde wegen eines Threadendes oder einer Anwendungsanforderung abgebrochen.).

SQLSTATE: 01000, Native Error: 4035

Error state: 1, Severity: 0

Source: Microsoft SQL Server Native Client 11.0

Error message: 0 Seiten wurden für die master-Datenbank, Datei 'master' für Datei 1, verarbeitet.
 

Error: (07/28/2015 03:49:16 AM) (Source: SQLWRITER) (EventID: 24583) (User: )

Description: ICommandText::Execute0x80040e14SQLSTATE: 42000, Native Error: 3013

Error state: 1, Severity: 16

Source: Microsoft SQL Server Native Client 11.0

Error message: BACKUP DATABASE wird fehlerbedingt beendet.

SQLSTATE: 42000, Native Error: 3271

Error state: 1, Severity: 16

Source: Microsoft SQL Server Native Client 11.0

Error message: Nicht behebbarer E/A-Fehler für die Datei '{CB8A49DA-ABE2-4912-8E54-A296B62DA11A}7:' 995(Der E/A-Vorgang wurde wegen eines Threadendes oder einer Anwendungsanforderung abgebrochen.).

SQLSTATE: 01000, Native Error: 4035

Error state: 1, Severity: 0

Source: Microsoft SQL Server Native Client 11.0

Error message: 0 Seiten wurden für die http_dieschneidergruppe_de-Datenbank, Datei 'http_dieschneidergruppe_de' für Datei 1, verarbeitet.
 

Error: (07/28/2015 03:49:16 AM) (Source: SQLWRITER) (EventID: 24583) (User: )

Description: ICommandText::Execute0x80040e14SQLSTATE: 42000, Native Error: 3013

Error state: 1, Severity: 16

Source: Microsoft SQL Server Native Client 11.0

Error message: BACKUP DATABASE wird fehlerbedingt beendet.

SQLSTATE: 42000, Native Error: 3271

Error state: 1, Severity: 16

Source: Microsoft SQL Server Native Client 11.0

Error message: Nicht behebbarer E/A-Fehler für die Datei '{CB8A49DA-ABE2-4912-8E54-A296B62DA11A}6:' 995(Der E/A-Vorgang wurde wegen eines Threadendes oder einer Anwendungsanforderung abgebrochen.).

SQLSTATE: 01000, Native Error: 4035

Error state: 1, Severity: 0

Source: Microsoft SQL Server Native Client 11.0

Error message: 0 Seiten wurden für die dsg_migra-Datenbank, Datei 'dieschneidergruppe' für Datei 1, verarbeitet.
 

Error: (07/28/2015 03:49:16 AM) (Source: SQLVDI) (EventID: 1) (User: )

Description: TriggerAbortinvoked012643280ServerMSSQLSERVERGlobal\{CB8A49DA-ABE2-4912-8E54-A296B62DA11A}8_SQLVDIMemoryName_0
 

Error: (07/28/2015 03:49:16 AM) (Source: MSSQLSERVER) (EventID: 18210) (User: NT-AUTORITÄT)

Description: BackupVirtualDeviceFile::SendFileInfoBegin{CB8A49DA-ABE2-4912-8E54-A296B62DA11A}8995(Der E/A-Vorgang wurde wegen eines Threadendes oder einer Anwendungsanforderung abgebrochen.)
 

Error: (07/28/2015 03:49:16 AM) (Source: MSSQLSERVER) (EventID: 3041) (User: NT-AUTORITÄT)

Description: BACKUP DATABASE master
 

Error: (07/28/2015 03:49:16 AM) (Source: SQLVDI) (EventID: 1) (User: )

Description: TriggerAbortinvoked012642924ServerMSSQLSERVERGlobal\{CB8A49DA-ABE2-4912-8E54-A296B62DA11A}7_SQLVDIMemoryName_0
 

Error: (07/28/2015 03:49:16 AM) (Source: SQLWRITER) (EventID: 24583) (User: )

Description: ICommandText::Execute0x80040e14SQLSTATE: 42000, Native Error: 3013

Error state: 1, Severity: 16

Source: Microsoft SQL Server Native Client 11.0

Error message: BACKUP DATABASE wird fehlerbedingt beendet.

SQLSTATE: 42000, Native Error: 3271

Error state: 1, Severity: 16

Source: Microsoft SQL Server Native Client 11.0

Error message: Nicht behebbarer E/A-Fehler für die Datei '{CB8A49DA-ABE2-4912-8E54-A296B62DA11A}5:' 995(Der E/A-Vorgang wurde wegen eines Threadendes oder einer Anwendungsanforderung abgebrochen.).

SQLSTATE: 01000, Native Error: 4035

Error state: 1, Severity: 0

Source: Microsoft SQL Server Native Client 11.0

Error message: 0 Seiten wurden für die dieschneidergruppe-Datenbank, Datei 'dieschneidergruppe' für Datei 1, verarbeitet.
 

Error: (07/28/2015 03:49:16 AM) (Source: MSSQLSERVER) (EventID: 18210) (User: NT-AUTORITÄT)

Description: BackupVirtualDeviceFile::SendFileInfoBegin{CB8A49DA-ABE2-4912-8E54-A296B62DA11A}7995(Der E/A-Vorgang wurde wegen eines Threadendes oder einer Anwendungsanforderung abgebrochen.)
 

Error: (07/28/2015 03:49:16 AM) (Source: MSSQLSERVER) (EventID: 3041) (User: NT-AUTORITÄT)

Description: BACKUP DATABASE http_dieschneidergruppe_de
 
 

==================== Memory info =========================== 
 

Processor: Intel(R) Xeon(R) CPU E5-2620 0 @ 2.00GHz

Percentage of memory in use: 26%

Total physical RAM: 24575.55 MB

Available physical RAM: 18003.69 MB

Total Virtual: 49149.32 MB

Available Virtual: 43041.99 MB
 

==================== Drives ================================
 

Drive c: () (Fixed) (Total:100 GB) (Free:26.93 GB) NTFS ==>[drive with boot components (obtained from BCD)]

Drive d: () (Fixed) (Total:767.97 GB) (Free:657.05 GB) NTFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 100 GB) (Disk ID: 21B47730)

Partition 1: (Active) - (Size=100 GB) - (Type=07 NTFS)

Partition 00: (Not Active) - (Size=0) - (Type=00) ATTENTION ===> 0 byte partition bootkit.

Partition 00: (Not Active) - (Size=0) - (Type=00) ATTENTION ===> 0 byte partition bootkit.

Partition 00: (Not Active) - (Size=0) - (Type=00) ATTENTION ===> 0 byte partition bootkit.
 

========================================================

Disk: 1 (MBR Code: Windows 7 or 8) (Size: 768 GB) (Disk ID: 23DA6E99)
 

Partition: GPT Partition Type.
 

==================== End of log ============================

--- --- ---

so ich habe das Tool auch durchlaufen lassen. Ja ich verstehe dich mit dem Server, ich habe gestern nocheinmal geschaut ob ich Unterlagen finde. Ich habe das gebuchte Paket zumindest gefunden. Über Alfahosting.de kann man auch wählen aus Linux und Windwos. Das ist ein Root Server Paket M. Leider steht da nix von Firewall. Ich werde wohl nächste Woche da anrufen und genaueres Erfragen.

Code:

10:13:15.0682 0x014c  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57

10:13:20.0744 0x014c  ============================================================

10:13:20.0744 0x014c  Current date / time: 2015/07/29 10:13:20.0744

10:13:20.0744 0x014c  SystemInfo:

10:13:20.0744 0x014c  

10:13:20.0744 0x014c  OS Version: 6.1.7601 ServicePack: 1.0

10:13:20.0744 0x014c  Product type: Server

10:13:20.0744 0x014c  ComputerName: ROOT212250

10:13:20.0744 0x014c  UserName: Administrator

10:13:20.0744 0x014c  Windows directory: C:\Windows

10:13:20.0744 0x014c  System windows directory: C:\Windows

10:13:20.0744 0x014c  Running under WOW64

10:13:20.0744 0x014c  Processor architecture: Intel x64

10:13:20.0744 0x014c  Number of processors: 4

10:13:20.0744 0x014c  Page size: 0x1000

10:13:20.0744 0x014c  Boot type: Normal boot

10:13:20.0744 0x014c  ============================================================

10:13:20.0869 0x014c  KLMD registered as C:\Windows\system32\drivers\63135301.sys

10:13:21.0651 0x014c  System UUID: {574BE3E5-3ED3-C947-8761-14AC8414D141}

10:13:23.0198 0x014c  Drive \Device\Harddisk0\DR0 - Size: 0x1900000000 ( 100.00 Gb ), SectorSize: 0x200, Cylinders: 0x32FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

10:13:23.0213 0x014c  Drive \Device\Harddisk1\DR1 - Size: 0xC000000000 ( 768.00 Gb ), SectorSize: 0x200, Cylinders: 0x187A0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

10:13:23.0213 0x014c  ============================================================

10:13:23.0213 0x014c  \Device\Harddisk0\DR0:

10:13:23.0213 0x014c  MBR partitions:

10:13:23.0213 0x014c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xC7FF800

10:13:23.0213 0x014c  \Device\Harddisk1\DR1:

10:13:23.0213 0x014c  GPT partitions:

10:13:23.0213 0x014c  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {9393C2C4-B741-4268-AA10-4C2236993385}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x10000

10:13:23.0213 0x014c  \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {6EC4EDE1-0C0A-482E-842D-3F562F1B4A69}, Name: Basic data partition, StartLBA 0x10800, BlocksNum 0x5FFEF000

10:13:23.0213 0x014c  MBR partitions:

10:13:23.0213 0x014c  ============================================================

10:13:23.0213 0x014c  C: <-> \Device\Harddisk0\DR0\Partition1

10:13:23.0244 0x014c  D: <-> \Device\Harddisk1\DR1\Partition2

10:13:23.0244 0x014c  ============================================================

10:13:23.0244 0x014c  Initialize success

10:13:23.0244 0x014c  ============================================================

10:13:47.0073 0x1080  ============================================================

10:13:47.0073 0x1080  Scan started

10:13:47.0073 0x1080  Mode: Manual; SigCheck; TDLFS; 

10:13:47.0073 0x1080  ============================================================

10:13:47.0073 0x1080  KSN ping started

10:13:49.0526 0x1080  KSN ping finished: true

10:13:52.0744 0x1080  ================ Scan system memory ========================

10:13:52.0744 0x1080  System memory - ok

10:13:52.0744 0x1080  ================ Scan services =============================

10:13:52.0916 0x1080  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys

10:13:52.0994 0x1080  1394ohci - ok

10:13:53.0026 0x1080  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys

10:13:53.0041 0x1080  ACPI - ok

10:13:53.0057 0x1080  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys

10:13:53.0057 0x1080  AcpiPmi - ok

10:13:53.0151 0x1080  [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

10:13:53.0166 0x1080  AdobeARMservice - ok

10:13:53.0213 0x1080  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys

10:13:53.0229 0x1080  adp94xx - ok

10:13:53.0260 0x1080  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys

10:13:53.0276 0x1080  adpahci - ok

10:13:53.0291 0x1080  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys

10:13:53.0307 0x1080  adpu320 - ok

10:13:53.0354 0x1080  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll

10:13:53.0369 0x1080  AeLookupSvc - ok

10:13:53.0448 0x1080  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys

10:13:53.0479 0x1080  AFD - ok

10:13:53.0494 0x1080  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys

10:13:53.0510 0x1080  agp440 - ok

10:13:53.0526 0x1080  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe

10:13:53.0541 0x1080  ALG - ok

10:13:53.0557 0x1080  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys

10:13:53.0573 0x1080  aliide - ok

10:13:53.0588 0x1080  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys

10:13:53.0604 0x1080  amdide - ok

10:13:53.0604 0x1080  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys

10:13:53.0619 0x1080  AmdK8 - ok

10:13:53.0635 0x1080  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys

10:13:53.0651 0x1080  AmdPPM - ok

10:13:53.0682 0x1080  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys

10:13:53.0698 0x1080  amdsata - ok

10:13:53.0713 0x1080  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys

10:13:53.0729 0x1080  amdsbs - ok

10:13:53.0744 0x1080  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys

10:13:53.0744 0x1080  amdxata - ok

10:13:53.0854 0x1080  [ 59D01FA91962C9C1E9B4022B2D3B46DB, 3A111588538B77F010B5C900FB8425DDE55A08DBAC308CA7FB7BD9FCCCDEC69F ] AppHostSvc      C:\Windows\system32\inetsrv\apphostsvc.dll

10:13:53.0869 0x1080  AppHostSvc - ok

10:13:53.0901 0x1080  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys

10:13:53.0916 0x1080  AppID - ok

10:13:53.0932 0x1080  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll

10:13:53.0948 0x1080  AppIDSvc - ok

10:13:53.0979 0x1080  [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo         C:\Windows\System32\appinfo.dll

10:13:53.0994 0x1080  Appinfo - ok

10:13:54.0026 0x1080  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll

10:13:54.0057 0x1080  AppMgmt - ok

10:13:54.0057 0x1080  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys

10:13:54.0073 0x1080  arc - ok

10:13:54.0088 0x1080  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys

10:13:54.0104 0x1080  arcsas - ok

10:13:54.0323 0x1080  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

10:13:54.0323 0x1080  aspnet_state - ok

10:13:54.0338 0x1080  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys

10:13:54.0494 0x1080  AsyncMac - ok

10:13:54.0526 0x1080  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys

10:13:54.0541 0x1080  atapi - ok

10:13:54.0588 0x1080  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

10:13:54.0619 0x1080  AudioEndpointBuilder - ok

10:13:54.0635 0x1080  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll

10:13:54.0666 0x1080  AudioSrv - ok

10:13:54.0698 0x1080  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys

10:13:54.0729 0x1080  b06bdrv - ok

10:13:54.0760 0x1080  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys

10:13:54.0791 0x1080  b57nd60a - ok

10:13:54.0791 0x1080  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys

10:13:54.0838 0x1080  Beep - ok

10:13:54.0901 0x1080  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll

10:13:54.0932 0x1080  BFE - ok

10:13:54.0979 0x1080  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll

10:13:55.0104 0x1080  BITS - ok

10:13:55.0119 0x1080  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys

10:13:55.0135 0x1080  blbdrive - ok

10:13:55.0151 0x1080  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys

10:13:55.0166 0x1080  bowser - ok

10:13:55.0166 0x1080  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys

10:13:55.0182 0x1080  BrFiltLo - ok

10:13:55.0182 0x1080  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys

10:13:55.0198 0x1080  BrFiltUp - ok

10:13:55.0229 0x1080  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll

10:13:55.0244 0x1080  Browser - ok

10:13:55.0260 0x1080  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys

10:13:55.0276 0x1080  Brserid - ok

10:13:55.0291 0x1080  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys

10:13:55.0307 0x1080  BrSerWdm - ok

10:13:55.0307 0x1080  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys

10:13:55.0323 0x1080  BrUsbMdm - ok

10:13:55.0338 0x1080  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys

10:13:55.0354 0x1080  BrUsbSer - ok

10:13:55.0354 0x1080  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys

10:13:55.0401 0x1080  cdfs - ok

10:13:55.0401 0x1080  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys

10:13:55.0416 0x1080  cdrom - ok

10:13:55.0432 0x1080  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll

10:13:55.0479 0x1080  CertPropSvc - ok

10:13:55.0510 0x1080  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys

10:13:55.0541 0x1080  CLFS - ok

10:13:55.0619 0x1080  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

10:13:55.0635 0x1080  clr_optimization_v2.0.50727_32 - ok

10:13:55.0713 0x1080  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

10:13:55.0713 0x1080  clr_optimization_v2.0.50727_64 - ok

10:13:55.0854 0x1080  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

10:13:55.0869 0x1080  clr_optimization_v4.0.30319_32 - ok

10:13:55.0885 0x1080  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

10:13:55.0901 0x1080  clr_optimization_v4.0.30319_64 - ok

10:13:55.0916 0x1080  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys

10:13:55.0916 0x1080  CmBatt - ok

10:13:55.0948 0x1080  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys

10:13:55.0963 0x1080  cmdide - ok

10:13:55.0994 0x1080  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys

10:13:56.0026 0x1080  CNG - ok

10:13:56.0041 0x1080  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys

10:13:56.0057 0x1080  Compbatt - ok

10:13:56.0073 0x1080  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys

10:13:56.0088 0x1080  CompositeBus - ok

10:13:56.0088 0x1080  COMSysApp - ok

10:13:56.0088 0x1080  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys

10:13:56.0104 0x1080  crcdisk - ok

10:13:56.0135 0x1080  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll

10:13:56.0151 0x1080  CryptSvc - ok

10:13:56.0182 0x1080  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll

10:13:56.0260 0x1080  DcomLaunch - ok

10:13:56.0276 0x1080  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll

10:13:56.0338 0x1080  defragsvc - ok

10:13:56.0354 0x1080  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys

10:13:56.0416 0x1080  DfsC - ok

10:13:56.0448 0x1080  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll

10:13:56.0494 0x1080  Dhcp - ok

10:13:56.0635 0x1080  [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack       C:\Windows\system32\diagtrack.dll

10:13:56.0698 0x1080  DiagTrack - ok

10:13:56.0698 0x1080  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys

10:13:56.0744 0x1080  discache - ok

10:13:56.0744 0x1080  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys

10:13:56.0760 0x1080  Disk - ok

10:13:56.0776 0x1080  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys

10:13:56.0791 0x1080  dmvsc - ok

10:13:56.0838 0x1080  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll

10:13:56.0869 0x1080  Dnscache - ok

10:13:56.0901 0x1080  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll

10:13:56.0948 0x1080  dot3svc - ok

10:13:56.0963 0x1080  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll

10:13:57.0010 0x1080  DPS - ok

10:13:57.0151 0x1080  [ 712FC5E6CE32E94CEF793FE4ED1E6778, C2FF9FE3F8AE9665A6D7FBD1815B34354EE81028D6A04F501231ED7C78CB8AE8 ] DrWebCom        C:\Program Files (x86)\Parallels\Plesk\DrWeb\drwebcom.exe

10:13:57.0166 0x1080  DrWebCom - detected UnsignedFile.Multi.Generic ( 1 )

10:14:00.0323 0x1080  Detect skipped due to KSN trusted

10:14:00.0323 0x1080  DrWebCom - ok

10:14:00.0401 0x1080  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys

10:14:00.0432 0x1080  DXGKrnl - ok

10:14:00.0463 0x1080  [ EDC6E9C057C9D7F83EEA22B4CEF5DCAD, 967829CE37158020F6026C588260FCFC6F9852DDDACD622FAF7AB75121DF5B3D ] E1G60           C:\Windows\system32\DRIVERS\E1G6032E.sys

10:14:00.0479 0x1080  E1G60 - ok

10:14:00.0494 0x1080  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll

10:14:00.0541 0x1080  EapHost - ok

10:14:00.0666 0x1080  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys

10:14:00.0776 0x1080  ebdrv - ok

10:14:00.0807 0x1080  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] EFS             C:\Windows\System32\lsass.exe

10:14:00.0823 0x1080  EFS - ok

10:14:00.0885 0x1080  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys

10:14:00.0901 0x1080  elxstor - ok

10:14:00.0916 0x1080  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys

10:14:00.0932 0x1080  ErrDev - ok

10:14:00.0963 0x1080  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll

10:14:01.0010 0x1080  EventSystem - ok

10:14:01.0026 0x1080  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys

10:14:01.0073 0x1080  exfat - ok

10:14:01.0073 0x1080  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys

10:14:01.0119 0x1080  fastfat - ok

10:14:01.0151 0x1080  [ F30A540AF561BAD1DD1A074738ED1CDA, B26400F54DB40A658DEAA4B1B877093B84036A0EB451C060BAD12EA869D6B1DB ] FCRegSvc        C:\Windows\system32\FCRegSvc.dll

10:14:01.0166 0x1080  FCRegSvc - ok

10:14:01.0166 0x1080  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys

10:14:01.0182 0x1080  fdc - ok

10:14:01.0182 0x1080  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll

10:14:01.0229 0x1080  fdPHost - ok

10:14:01.0244 0x1080  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll

10:14:01.0276 0x1080  FDResPub - ok

10:14:01.0291 0x1080  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys

10:14:01.0291 0x1080  FileInfo - ok

10:14:01.0307 0x1080  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys

10:14:01.0338 0x1080  Filetrace - ok

10:14:01.0354 0x1080  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys

10:14:01.0369 0x1080  flpydisk - ok

10:14:01.0401 0x1080  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys

10:14:01.0416 0x1080  FltMgr - ok

10:14:01.0479 0x1080  [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache       C:\Windows\system32\FntCache.dll

10:14:01.0526 0x1080  FontCache - ok

10:14:01.0557 0x1080  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

10:14:01.0573 0x1080  FontCache3.0.0.0 - ok

10:14:01.0588 0x1080  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys

10:14:01.0604 0x1080  FsDepends - ok

10:14:01.0619 0x1080  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys

10:14:01.0635 0x1080  Fs_Rec - ok

10:14:01.0666 0x1080  [ D225864F6FD96575A303A20BD42383ED, 291ECE0E6D9756EBC7D9D80DC4B1458957DB284D3927034B1C36FA4425C50FD0 ] ftpsvc          C:\Windows\system32\inetsrv\ftpsvc.dll

10:14:01.0698 0x1080  ftpsvc - ok

10:14:01.0713 0x1080  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys

10:14:01.0729 0x1080  gagp30kx - ok

10:14:01.0776 0x1080  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll

10:14:01.0838 0x1080  gpsvc - ok

10:14:01.0854 0x1080  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys

10:14:01.0885 0x1080  HDAudBus - ok

10:14:01.0885 0x1080  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys

10:14:01.0901 0x1080  HidBatt - ok

10:14:01.0932 0x1080  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll

10:14:01.0979 0x1080  hidserv - ok

10:14:01.0994 0x1080  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys

10:14:02.0010 0x1080  HidUsb - ok

10:14:02.0041 0x1080  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll

10:14:02.0088 0x1080  hkmsvc - ok

10:14:02.0104 0x1080  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys

10:14:02.0119 0x1080  HpSAMD - ok

10:14:02.0182 0x1080  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys

10:14:02.0213 0x1080  HTTP - ok

10:14:02.0229 0x1080  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys

10:14:02.0229 0x1080  hwpolicy - ok

10:14:02.0244 0x1080  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys

10:14:02.0260 0x1080  i8042prt - ok

10:14:02.0291 0x1080  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys

10:14:02.0323 0x1080  iaStorV - ok

10:14:02.0401 0x1080  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

10:14:02.0432 0x1080  idsvc - ok

10:14:02.0432 0x1080  IEEtwCollectorService - ok

10:14:02.0463 0x1080  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys

10:14:02.0479 0x1080  iirsp - ok

10:14:02.0510 0x1080  [ AB55B8A9B13130F638546881CE4425F8, 8427E67BE02ECABAA3F0C48BD4205BCBD4C978B48AE4E7336DA5821DFC49029E ] IISADMIN        C:\Windows\system32\inetsrv\inetinfo.exe

10:14:02.0526 0x1080  IISADMIN - ok

10:14:02.0573 0x1080  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll

10:14:02.0604 0x1080  IKEEXT - ok

10:14:02.0635 0x1080  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys

10:14:02.0651 0x1080  intelide - ok

10:14:02.0666 0x1080  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys

10:14:02.0682 0x1080  intelppm - ok

10:14:02.0698 0x1080  [ FF0FB51A0ACC2E2D0D412138A05A0B59, 6F4DAE1DF486FF6893683568D0342F201356844727C94147B18D147886574C72 ] ioatdma         C:\Windows\System32\Drivers\qd260x64.sys

10:14:02.0713 0x1080  ioatdma - ok

10:14:02.0729 0x1080  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll

10:14:02.0776 0x1080  IPBusEnum - ok

10:14:02.0776 0x1080  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys

10:14:02.0823 0x1080  IpFilterDriver - ok

10:14:02.0869 0x1080  [ F49F39620FDCAB02D12F5F28602CA636, 2686DDF20A9F962F8AC7986322A0DD89ECA99D8F27ACEB093A5862A44A1AAF88 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll

10:14:02.0885 0x1080  iphlpsvc - ok

10:14:02.0901 0x1080  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys

10:14:02.0916 0x1080  IPMIDRV - ok

10:14:02.0916 0x1080  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys

10:14:02.0963 0x1080  IPNAT - ok

10:14:02.0963 0x1080  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys

10:14:02.0979 0x1080  isapnp - ok

10:14:03.0010 0x1080  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys

10:14:03.0041 0x1080  iScsiPrt - ok

10:14:03.0041 0x1080  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys

10:14:03.0057 0x1080  kbdclass - ok

10:14:03.0057 0x1080  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys

10:14:03.0073 0x1080  kbdhid - ok

10:14:03.0088 0x1080  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] KeyIso          C:\Windows\system32\lsass.exe

10:14:03.0104 0x1080  KeyIso - ok

10:14:03.0119 0x1080  [ C0A6C3D6E02B61B5D100FE17306C276F, F57C7BCC39B30F1DF739D07B76BA18EB68D12D8D1BD13B6AC8DC712C29119495 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys

10:14:03.0135 0x1080  KSecDD - ok

10:14:03.0166 0x1080  [ 7A7328E427694CC7244235C3BC299F80, 7FC2E1F3F93B3334C3A8961CA58B4F38524650F6D8DA9FFA1FB43E1A2B86B710 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys

10:14:03.0182 0x1080  KSecPkg - ok

10:14:03.0182 0x1080  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys

10:14:03.0244 0x1080  ksthunk - ok

10:14:03.0260 0x1080  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll

10:14:03.0323 0x1080  KtmRm - ok

10:14:03.0354 0x1080  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll

10:14:03.0401 0x1080  LanmanServer - ok

10:14:03.0416 0x1080  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

10:14:03.0463 0x1080  LanmanWorkstation - ok

10:14:03.0479 0x1080  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys

10:14:03.0526 0x1080  lltdio - ok

10:14:03.0557 0x1080  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll

10:14:03.0604 0x1080  lltdsvc - ok

10:14:03.0604 0x1080  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll

10:14:03.0651 0x1080  lmhosts - ok

10:14:03.0651 0x1080  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys

10:14:03.0666 0x1080  LSI_FC - ok

10:14:03.0682 0x1080  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys

10:14:03.0698 0x1080  LSI_SAS - ok

10:14:03.0713 0x1080  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys

10:14:03.0713 0x1080  LSI_SAS2 - ok

10:14:03.0744 0x1080  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys

10:14:03.0760 0x1080  LSI_SCSI - ok

10:14:03.0760 0x1080  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys

10:14:03.0807 0x1080  luafv - ok

10:14:03.0823 0x1080  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys

10:14:03.0838 0x1080  megasas - ok

10:14:03.0869 0x1080  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys

10:14:03.0885 0x1080  MegaSR - ok

10:14:04.0057 0x1080  [ 713EFB4CB90798FF08072C9C8AB61418, 68A55384C74DF151FDCA447AFF35AC2F4EE6BBCED4BB27DC4BB80C8843B10EF3 ] MEIMAPS         C:\Program Files (x86)\Parallels\Plesk\Mail Servers\Mail Enable\Bin\MEIMAPS.exe

10:14:04.0119 0x1080  MEIMAPS - detected UnsignedFile.Multi.Generic ( 1 )

10:14:07.0104 0x1080  Detect skipped due to KSN trusted

10:14:07.0104 0x1080  MEIMAPS - ok

10:14:07.0151 0x1080  [ 91AEBAA2D5E66B0603C08210FA7B2D3C, 995D93DAD2DA7D94C4015F10C075820B91A2FB0F70F41091D955C29F116EC37F ] MELCS           C:\Program Files (x86)\Parallels\Plesk\Mail Servers\Mail Enable\Bin64\MELSC.EXE

10:14:07.0166 0x1080  MELCS - detected UnsignedFile.Multi.Generic ( 1 )

10:14:09.0541 0x1080  Detect skipped due to KSN trusted

10:14:09.0541 0x1080  MELCS - ok

10:14:09.0573 0x1080  [ B2FF70590990D374CD662FC34296C1DA, 5BC5AD12D6F1EFF38FF9C52C1DD16ABA7FA4969B99581C563763F9CF5E92AB4C ] MEMTAS          C:\Program Files (x86)\Parallels\Plesk\Mail Servers\Mail Enable\Bin64\MEMTA.EXE

10:14:09.0588 0x1080  MEMTAS - detected UnsignedFile.Multi.Generic ( 1 )

10:14:12.0104 0x1080  Detect skipped due to KSN trusted

10:14:12.0104 0x1080  MEMTAS - ok

10:14:12.0151 0x1080  [ C7771D939196C4F21732EA727565F8BA, 2023D3DFC52A3442A6C77445489D8AC55DC6828BC8606CBB6A1E4F7EE8343588 ] MEPOCS          C:\Program Files (x86)\Parallels\Plesk\Mail Servers\Mail Enable\Bin64\MEPOC.EXE

10:14:12.0182 0x1080  MEPOCS - detected UnsignedFile.Multi.Generic ( 1 )

10:14:14.0510 0x1080  Detect skipped due to KSN trusted

10:14:14.0510 0x1080  MEPOCS - ok

10:14:14.0557 0x1080  [ 3BB6AA34901C4930AC07D82F69A93FDE, 64226A2ABD4D799C0AD1711CD9AB14DFF77926A64DCE97F0033FECACA08D10F2 ] MEPOPS          C:\Program Files (x86)\Parallels\Plesk\Mail Servers\Mail Enable\Bin64\MEPOPS.EXE

10:14:14.0573 0x1080  MEPOPS - detected UnsignedFile.Multi.Generic ( 1 )

10:14:17.0088 0x1080  Detect skipped due to KSN trusted

10:14:17.0088 0x1080  MEPOPS - ok

10:14:17.0151 0x1080  [ 35A68E17E590B85F6390BD0D8403FDC7, ED9F239C24B3173195A233FBF57DBF927E1CC2266EDAE99E99029C2A3CCF1705 ] MESMTPCS        C:\Program Files (x86)\Parallels\Plesk\Mail Servers\Mail Enable\Bin64\MESMTPC.EXE

10:14:17.0182 0x1080  MESMTPCS - detected UnsignedFile.Multi.Generic ( 1 )

10:14:19.0479 0x1080  Detect skipped due to KSN trusted

10:14:19.0479 0x1080  MESMTPCS - ok

10:14:19.0510 0x1080  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll

10:14:19.0557 0x1080  MMCSS - ok

10:14:19.0557 0x1080  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys

10:14:19.0604 0x1080  Modem - ok

10:14:19.0619 0x1080  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys

10:14:19.0635 0x1080  monitor - ok

10:14:19.0635 0x1080  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys

10:14:19.0651 0x1080  mouclass - ok

10:14:19.0666 0x1080  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys

10:14:19.0682 0x1080  mouhid - ok

10:14:19.0698 0x1080  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys

10:14:19.0713 0x1080  mountmgr - ok

10:14:19.0791 0x1080  [ 22A7042C70F90F8261840740DDBB5176, AD0075C97D2D7C568D5CFB1C3A02DCE3BC01941844A759B29CD4DE4AF2F5FC45 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

10:14:19.0807 0x1080  MozillaMaintenance - ok

10:14:19.0854 0x1080  [ 73150F67D20270FF95A021A22E64F28A, A8878DEFBE437FB453F8E9243FB5C787D07AC7415A4475388D479C10417C524F ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys

10:14:19.0885 0x1080  MpFilter - ok

10:14:19.0901 0x1080  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys

10:14:19.0916 0x1080  mpio - ok

10:14:19.0916 0x1080  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys

10:14:19.0963 0x1080  mpsdrv - ok

10:14:20.0010 0x1080  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll

10:14:20.0057 0x1080  MpsSvc - ok

10:14:20.0088 0x1080  [ CD22D2563039DDA6793F7624719363A7, 82C91467EDCB61B1DD086A1D25925E4D89E43EF6EFAE3C59AFF3D73280119AF6 ] MQAC            C:\Windows\system32\drivers\mqac.sys

10:14:20.0104 0x1080  MQAC - ok

10:14:20.0119 0x1080  [ 1877EB1495CFBDAB27D6A32F6DDF3818, 3818055C66AB12A335A905CFFE5D05347F15AE488861C5C183E62E8E0881DA86 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys

10:14:20.0135 0x1080  mrxsmb - ok

10:14:20.0166 0x1080  [ 21AF322605D8C7F2A627C22634D1C9C9, 6B783F95D093FEFB260EA9568926BBB3CB8ED0783184DB3A18733E211933BADD ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys

10:14:20.0198 0x1080  mrxsmb10 - ok

10:14:20.0198 0x1080  [ 45A03A0B6461EFBEE77E0A6AC2816EDA, CFB0C11387F2EC49FD6B69EF747962114EBA6F8B4B4DEC3627E9E969775C4D7E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys

10:14:20.0213 0x1080  mrxsmb20 - ok

10:14:20.0244 0x1080  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys

10:14:20.0260 0x1080  msahci - ok

10:14:20.0276 0x1080  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys

10:14:20.0291 0x1080  msdsm - ok

10:14:20.0307 0x1080  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe

10:14:20.0323 0x1080  MSDTC - ok

10:14:20.0338 0x1080  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys

10:14:20.0369 0x1080  Msfs - ok

10:14:20.0385 0x1080  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys

10:14:20.0432 0x1080  mshidkmdf - ok

10:14:20.0432 0x1080  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys

10:14:20.0448 0x1080  msisadrv - ok

10:14:20.0479 0x1080  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll

10:14:20.0526 0x1080  MSiSCSI - ok

10:14:20.0526 0x1080  msiserver - ok

10:14:20.0573 0x1080  [ CE996C1821021ADF8E28E80A54E846A8, 99042E895B6C2EA80F3BA65563A12C8EBA882E3AD6A21DD8E799B0112C75DDD2 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe

10:14:20.0588 0x1080  MsMpSvc - ok

10:14:20.0619 0x1080  [ FAAEAEF99E53561BEEE58F946CA56F0D, 78AC692C4B80616E4C44ED20954B8D2FCE2215056C2ED3522123E5B50A7CE67A ] MSMQ            C:\Windows\system32\mqsvc.exe

10:14:20.0635 0x1080  MSMQ - ok

10:14:20.0651 0x1080  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys

10:14:20.0682 0x1080  MsRPC - ok

10:14:20.0682 0x1080  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys

10:14:20.0698 0x1080  mssmbios - ok

10:14:20.0823 0x1080  [ C5E1FE7DB2202D37BA9A634E7F230A44, 14C14FF1748FD28C7B1AC5F97C10D1680189F9F678950AE10001A859AD89BF1D ] MSSQLFDLauncher C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe

10:14:20.0838 0x1080  MSSQLFDLauncher - ok

10:14:20.0885 0x1080  [ 2BF33397621FBB9360B05B0D20ABEB37, 4DC52F2E3DB1FF4F4958B2255BDD6AFD195A8A0AA2D944C35C4EDAA4DD4FC45C ] MSSQLSERVER     C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\sqlservr.exe

10:14:20.0916 0x1080  MSSQLSERVER - ok

10:14:20.0916 0x1080  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys

10:14:20.0932 0x1080  MTConfig - ok

10:14:20.0932 0x1080  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys

10:14:20.0948 0x1080  Mup - ok

10:14:21.0229 0x1080  [ 3B0E66ACF35594F509682BF4AC5D7347, 55293A3C205FCF2AC17431B6D55BD7C5D7B99ABD5CCB118C81C8141D05E95B7A ] MySQL           C:\Program Files (x86)\Parallels\Plesk\Databases\MySQL51\bin\mysqld.exe

10:14:21.0416 0x1080  MySQL - detected UnsignedFile.Multi.Generic ( 1 )

10:14:23.0807 0x1080  Detect skipped due to KSN trusted

10:14:23.0807 0x1080  MySQL - ok

10:14:24.0041 0x1080  [ 8B89F13A1275A803EC4599587184E498, C83877E20AE3A91EA285252856E3DF59F2C039C65EC655D19B8449FC6F46D4DB ] named           C:\Program Files (x86)\Parallels\Plesk\dns\bin\named.exe

10:14:24.0057 0x1080  named - detected UnsignedFile.Multi.Generic ( 1 )

10:14:26.0635 0x1080  named ( UnsignedFile.Multi.Generic ) - warning

10:14:29.0166 0x1080  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll

10:14:29.0229 0x1080  napagent - ok

10:14:29.0338 0x1080  [ 08CAD63958E532359631F96A0FB994A4, 9C6F81FDCF3863A8B9BD2277381F1C358238EF8105A872075DB5B277F82A4015 ] ncpclcfg        C:\Program Files (x86)\NCP\SecureClient\ncpclcfg.exe

10:14:29.0354 0x1080  ncpclcfg - ok

10:14:29.0385 0x1080  [ F091C09CD1170639968DE9218E38F8D2, C6FC6C0F1428758D927309B9B502467183AC48268A201B76BBEAED25D1F14A22 ] ncpfilt         C:\Windows\system32\DRIVERS\ncplelhp.sys

10:14:29.0401 0x1080  ncpfilt - ok

10:14:29.0416 0x1080  [ F091C09CD1170639968DE9218E38F8D2, C6FC6C0F1428758D927309B9B502467183AC48268A201B76BBEAED25D1F14A22 ] ncplelhp        C:\Windows\system32\DRIVERS\ncplelhp.sys

10:14:29.0432 0x1080  ncplelhp - ok

10:14:29.0526 0x1080  [ 097B844D91A2EA4F8E721DFF6893F100, FCE6696AAE73304592F4666D218599E5060D93AF55A084CC5042B6A798EC4DED ] ncprwsnt        C:\Program Files (x86)\NCP\SecureClient\ncprwsnt.exe

10:14:29.0588 0x1080  ncprwsnt - ok

10:14:29.0619 0x1080  [ 2297DFFA323B0EF542F0EC623276E94C, 2D92456BC087F9705F44AFEC44C67B1CFC5BD5EDD88A5C8C4FEF8C00716DEEFE ] NcpSec          C:\Program Files (x86)\NCP\SecureClient\ncpsec.exe

10:14:29.0635 0x1080  NcpSec - detected UnsignedFile.Multi.Generic ( 1 )

10:14:32.0026 0x1080  Detect skipped due to KSN trusted

10:14:32.0026 0x1080  NcpSec - ok

10:14:32.0088 0x1080  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys

10:14:32.0119 0x1080  NDIS - ok

10:14:32.0135 0x1080  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys

10:14:32.0198 0x1080  NdisCap - ok

10:14:32.0213 0x1080  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys

10:14:32.0260 0x1080  NdisTapi - ok

10:14:32.0260 0x1080  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys

10:14:32.0307 0x1080  Ndisuio - ok

10:14:32.0307 0x1080  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys

10:14:32.0354 0x1080  NdisWan - ok

10:14:32.0369 0x1080  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys

10:14:32.0416 0x1080  NDProxy - ok

10:14:32.0432 0x1080  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys

10:14:32.0479 0x1080  NetBIOS - ok

10:14:32.0494 0x1080  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys

10:14:32.0541 0x1080  NetBT - ok

10:14:32.0557 0x1080  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] Netlogon        C:\Windows\system32\lsass.exe

10:14:32.0557 0x1080  Netlogon - ok

10:14:32.0604 0x1080  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll

10:14:32.0651 0x1080  Netman - ok

10:14:32.0682 0x1080  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

10:14:32.0698 0x1080  NetMsmqActivator - ok

10:14:32.0713 0x1080  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

10:14:32.0729 0x1080  NetPipeActivator - ok

10:14:32.0760 0x1080  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll

10:14:32.0807 0x1080  netprofm - ok

10:14:32.0807 0x1080  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

10:14:32.0823 0x1080  NetTcpActivator - ok

10:14:32.0838 0x1080  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

10:14:32.0854 0x1080  NetTcpPortSharing - ok

10:14:32.0854 0x1080  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys

10:14:32.0869 0x1080  nfrd960 - ok

10:14:32.0901 0x1080  [ 4774AD83C650001B337B92E5E5DA337B, 138ECC7F556D8A12AE58B78B68F6515BE4C00F9F062596B48B6CA6C010F13035 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys

10:14:32.0916 0x1080  NisDrv - ok

10:14:32.0948 0x1080  [ 96B7D15161A778B359E707796CCEA646, 9E4A25D9848FAECC517474EAD548E7975CBE3F41AAA964E5245E78F2A723925E ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe

10:14:32.0963 0x1080  NisSrv - ok

10:14:32.0994 0x1080  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll

10:14:33.0026 0x1080  NlaSvc - ok

10:14:33.0026 0x1080  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys

10:14:33.0073 0x1080  Npfs - ok

10:14:33.0088 0x1080  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll

10:14:33.0119 0x1080  nsi - ok

10:14:33.0135 0x1080  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys

10:14:33.0166 0x1080  nsiproxy - ok

10:14:33.0244 0x1080  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys

10:14:33.0307 0x1080  Ntfs - ok

10:14:33.0307 0x1080  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys

10:14:33.0354 0x1080  Null - ok

10:14:33.0369 0x1080  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys

10:14:33.0385 0x1080  nvraid - ok

10:14:33.0401 0x1080  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys

10:14:33.0416 0x1080  nvstor - ok

10:14:33.0432 0x1080  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys

10:14:33.0448 0x1080  nv_agp - ok

10:14:33.0463 0x1080  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys

10:14:33.0463 0x1080  ohci1394 - ok

10:14:33.0494 0x1080  [ FE91226FB4DCB86E1CCAEB1422AE81F1, AD7841D9FFB35A135CBDE4660E36EFB536A8B9924DC9B8792AF07E4A6798D6DC ] Parallels Coherence Service C:\Program Files (x86)\Parallels\Parallels Tools\Services\coherence.exe

10:14:33.0510 0x1080  Parallels Coherence Service - ok

10:14:33.0541 0x1080  [ 25FE374525611DF9EEB5E3C29420F1F7, 801E130E55E6093FA5C6F256596B8BCCDFBCDF78C257BE6A2EB2A2DA33CFFD7B ] Parallels Tools Service C:\Program Files (x86)\Parallels\Parallels Tools\Services\prl_tools_service.exe

10:14:33.0557 0x1080  Parallels Tools Service - ok

10:14:33.0573 0x1080  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys

10:14:33.0588 0x1080  Parport - ok

10:14:33.0619 0x1080  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys

10:14:33.0635 0x1080  partmgr - ok

10:14:33.0635 0x1080  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys

10:14:33.0651 0x1080  pci - ok

10:14:33.0682 0x1080  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys

10:14:33.0682 0x1080  pciide - ok

10:14:33.0698 0x1080  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys

10:14:33.0713 0x1080  pcmcia - ok

10:14:33.0729 0x1080  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys

10:14:33.0729 0x1080  pcw - ok

10:14:33.0791 0x1080  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys

10:14:33.0823 0x1080  PEAUTH - ok

10:14:34.0010 0x1080  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe

10:14:34.0026 0x1080  PerfHost - ok

10:14:34.0104 0x1080  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll

10:14:34.0198 0x1080  pla - ok

10:14:34.0541 0x1080  [ 607A34AC249240EFAC2394943731980D, E762753A1B0D87D39CC8F1B26EA95EE934984EFDB2E2B3D22BF7E55E51BB53E8 ] PleskSQLServer  C:\Program Files (x86)\Parallels\Plesk\MySQL\bin\mysqld.exe

10:14:34.0776 0x1080  PleskSQLServer - detected UnsignedFile.Multi.Generic ( 1 )

10:14:37.0682 0x1080  Detect skipped due to KSN trusted

10:14:37.0682 0x1080  PleskSQLServer - ok

10:14:37.0807 0x1080  plesksrv - ok

10:14:37.0854 0x1080  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll

10:14:37.0885 0x1080  PlugPlay - ok

10:14:37.0916 0x1080  [ F485770EEC8959684CC4C4786B63C06C, 34ECC6D83782A2F8E9E32456F3C6C527999283775626C772D0354D232A10604A ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll

10:14:37.0932 0x1080  Pml Driver HPZ12 - ok

10:14:37.0963 0x1080  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll

10:14:38.0026 0x1080  PolicyAgent - ok

10:14:38.0073 0x1080  [ 7A3B4B2F43E37B8FF33CC03F52E274F2, 3F0BFD55AB3769EF2BA581E73169C2E7CE7E1C25F1AAB37BC94857368DD59202 ] PopPassD        C:\Program Files (x86)\Parallels\Plesk\admin\bin\PopPassD.exe

10:14:38.0088 0x1080  PopPassD - detected UnsignedFile.Multi.Generic ( 1 )

10:14:40.0401 0x1080  PopPassD ( UnsignedFile.Multi.Generic ) - warning

10:14:42.0948 0x1080  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll

10:14:42.0994 0x1080  Power - ok

10:14:43.0010 0x1080  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys

10:14:43.0057 0x1080  PptpMiniport - ok

10:14:43.0057 0x1080  PrlVssProvider - ok

10:14:43.0088 0x1080  [ B1E110262670D3FE803C53431BA022C7, 10106A469F291765B0E2F4E29EC4397C3D6B3ADEEDED0BFAFDE5915A614F06A4 ] prl_boot        C:\Windows\system32\Drivers\prl_boot.sys

10:14:43.0088 0x1080  prl_boot - ok

10:14:43.0119 0x1080  [ 679424C6475FB2C8BDE778A5C8291538, 6D390C66D6DA8813D714CBD2D3B32FD06C218D4399EFDEE784DC2FD8F80911C4 ] prl_dd          C:\Windows\system32\DRIVERS\prl_kmdd.sys

10:14:43.0119 0x1080  prl_dd - ok

10:14:43.0151 0x1080  [ EA19341AACAF9F0BDEAEA8BB6C246042, 07DAB3A830F9A5342D4A4000737A2FE078538CF428325FC149750C20596262F9 ] prl_eth5        C:\Windows\system32\DRIVERS\prl_eth5.sys

10:14:43.0151 0x1080  prl_eth5 - ok

10:14:43.0182 0x1080  [ B1517259551AD2990570530420D92D0E, DDC5BD3DA36838456FDEF3DA16FA6AB20532C77C4BD47F84467DEDB5F97E18D9 ] prl_fs          C:\Windows\system32\DRIVERS\prl_fs.sys

10:14:43.0198 0x1080  prl_fs - ok

10:14:43.0244 0x1080  [ 376EE6BF1CB2970D7C95C30C3D06B6A6, 288722236B73C95CA712425A9DFB7B5A634E037DB7C04ECD1C2EDF9226E82DB3 ] prl_memdev      C:\Windows\system32\DRIVERS\prl_memdev.sys

10:14:43.0260 0x1080  prl_memdev - ok

10:14:43.0276 0x1080  [ D2D836248B600D6EFF524397AB797ABB, 7B74E9D3948AF65E90C20FA9BBA681036AE76346C33FD271F59B6940AF1788BF ] prl_mouf        C:\Windows\system32\DRIVERS\prl_mouf.sys

10:14:43.0291 0x1080  prl_mouf - ok

10:14:43.0307 0x1080  [ EB9A3AA8FEE21F58F7CB9937256A9367, B0731D99E51F7F0668CB6363CED9995330C3377DA970B0EF7429C5BC309FE63A ] prl_pv64        C:\Windows\system32\DRIVERS\prl_pv64.sys

10:14:43.0323 0x1080  prl_pv64 - ok

10:14:43.0338 0x1080  [ C8FAECFD376E1A04ABDFC88C09DC861F, 63929C78858A05026E216C3EA2D86948736369F3643A2C3DF8158F783B2236EA ] prl_strg        C:\Windows\system32\DRIVERS\prl_strg.sys

10:14:43.0354 0x1080  prl_strg - ok

10:14:43.0369 0x1080  [ 3F56A475BE41FC1CFAFC67ED9552548C, BA406D2D29490C8F2C3D08409E1FA9F9EFBD1D9CE045C73A3C6A66108D78219B ] prl_tg          C:\Windows\system32\DRIVERS\prl_tg.sys

10:14:43.0385 0x1080  prl_tg - ok

10:14:43.0401 0x1080  [ 231EBD9C11ACB12B63BAEED7095B3685, 6A64A0571AE0EE43FFA435B5F40D0A9A2F52E38929E9C8D5D20C1249FE2B2412 ] prl_time        C:\Windows\system32\drivers\prl_time.sys

10:14:43.0416 0x1080  prl_time - ok

10:14:43.0432 0x1080  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys

10:14:43.0448 0x1080  Processor - ok

10:14:43.0479 0x1080  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll

10:14:43.0510 0x1080  ProfSvc - ok

10:14:43.0541 0x1080  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] ProtectedStorage C:\Windows\system32\lsass.exe

10:14:43.0557 0x1080  ProtectedStorage - ok

10:14:43.0573 0x1080  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys

10:14:43.0619 0x1080  Psched - ok

10:14:43.0698 0x1080  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys

10:14:43.0760 0x1080  ql2300 - ok

10:14:43.0791 0x1080  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys

10:14:43.0807 0x1080  ql40xx - ok

10:14:43.0807 0x1080  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys

10:14:43.0869 0x1080  RasAcd - ok

10:14:43.0885 0x1080  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys

10:14:43.0948 0x1080  RasAgileVpn - ok

10:14:43.0963 0x1080  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll

10:14:44.0010 0x1080  RasAuto - ok

10:14:44.0026 0x1080  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys

10:14:44.0073 0x1080  Rasl2tp - ok

10:14:44.0088 0x1080  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll

10:14:44.0151 0x1080  RasMan - ok

10:14:44.0166 0x1080  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys

10:14:44.0213 0x1080  RasPppoe - ok

10:14:44.0213 0x1080  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys

10:14:44.0276 0x1080  RasSstp - ok

10:14:44.0291 0x1080  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys

10:14:44.0354 0x1080  rdbss - ok

10:14:44.0354 0x1080  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys

10:14:44.0369 0x1080  rdpbus - ok

10:14:44.0385 0x1080  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys

10:14:44.0448 0x1080  RDPCDD - ok

10:14:44.0448 0x1080  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys

10:14:44.0479 0x1080  RDPDR - ok

10:14:44.0494 0x1080  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys

10:14:44.0541 0x1080  RDPENCDD - ok

10:14:44.0557 0x1080  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys

10:14:44.0588 0x1080  RDPREFMP - ok

10:14:44.0619 0x1080  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys

10:14:44.0666 0x1080  RDPWD - ok

10:14:44.0682 0x1080  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll

10:14:44.0729 0x1080  RemoteAccess - ok

10:14:44.0760 0x1080  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll

10:14:44.0823 0x1080  RemoteRegistry - ok

10:14:45.0041 0x1080  [ 813B179ABA2E31CA2B146ACFFAB2AF1C, 82CF1E7EC6E62F423CDA4B67F310B7BBBBEEFA9856D31F4BE031FF3455D53A37 ] ReportServer    C:\Program Files\Microsoft SQL Server\MSRS12.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe

10:14:45.0135 0x1080  ReportServer - ok

10:14:45.0151 0x1080  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll

10:14:45.0198 0x1080  RpcEptMapper - ok

10:14:45.0213 0x1080  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe

10:14:45.0244 0x1080  RpcLocator - ok

10:14:45.0276 0x1080  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll

10:14:45.0338 0x1080  RpcSs - ok

10:14:45.0385 0x1080  [ 8476B8A95DEA96BC7A5C4338958261C3, 0CC5A8463A6FD3F6B29A0D31DFEA9698F366460750139504C0B944E0F4AC8FC7 ] rqs             C:\Windows\system32\rqs.exe

10:14:45.0401 0x1080  rqs - ok

10:14:45.0448 0x1080  [ E2319BDFF45DC9600E3751BE690F044D, 93F7A1EB1DB5F5CD41846F8D1DD5F08569DDE55AB125A01131B4ED20C322B956 ] RsFx0310        C:\Windows\system32\DRIVERS\RsFx0310.sys

10:14:45.0463 0x1080  RsFx0310 - ok

10:14:45.0479 0x1080  [ 551EF8EFA329F5E27A16D2793123943A, 2F11CB51AD7CE79245382D67515A3083251941406E4CCB5FB858B07ABDF7BDC2 ] RSoPProv        C:\Windows\system32\RSoPProv.exe

10:14:45.0494 0x1080  RSoPProv - ok

10:14:45.0494 0x1080  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys

10:14:45.0557 0x1080  rspndr - ok

10:14:45.0729 0x1080  [ 110C764C4F9C06A535166A236CCAEADB, F7C384DC6C90E67B906F38C3D45F099A9156FA6470446BACD9FE15534EE3407D ] rwsrsu          C:\Program Files (x86)\NCP\SecureClient\rwsrsu.exe

10:14:45.0760 0x1080  rwsrsu - ok

10:14:45.0776 0x1080  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys

10:14:45.0791 0x1080  s3cap - ok

10:14:45.0791 0x1080  [ D65E5E5C59F70516E856F5350106CDAB, 0064EA6C6C18A3286180B1BCFFED15A8091960710B47CE7C9C1A5C144E773C10 ] sacdrv          C:\Windows\system32\DRIVERS\sacdrv.sys

10:14:45.0807 0x1080  sacdrv - ok

10:14:45.0823 0x1080  [ 1F8597C49E2F6FEAE04ED4E3D978465B, 88BBB8DBD1369B33F1D662CD7F2214282CD6E2AE8809D88AE63D9D80660549A3 ] sacsvr          C:\Windows\system32\sacsvr.dll

10:14:45.0838 0x1080  sacsvr - ok

10:14:45.0854 0x1080  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] SamSs           C:\Windows\system32\lsass.exe

10:14:45.0869 0x1080  SamSs - ok

10:14:45.0885 0x1080  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys

10:14:45.0901 0x1080  sbp2port - ok

10:14:45.0916 0x1080  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll

10:14:45.0963 0x1080  SCardSvr - ok

10:14:45.0963 0x1080  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys

10:14:46.0010 0x1080  scfilter - ok

10:14:46.0057 0x1080  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll

10:14:46.0166 0x1080  Schedule - ok

10:14:46.0182 0x1080  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll

10:14:46.0229 0x1080  SCPolicySvc - ok

10:14:46.0244 0x1080  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys

10:14:46.0291 0x1080  secdrv - ok

10:14:46.0307 0x1080  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll

10:14:46.0354 0x1080  seclogon - ok

10:14:46.0369 0x1080  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll

10:14:46.0416 0x1080  SENS - ok

10:14:46.0432 0x1080  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys

10:14:46.0448 0x1080  Serenum - ok

10:14:46.0463 0x1080  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys

10:14:46.0479 0x1080  Serial - ok

10:14:46.0479 0x1080  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys

10:14:46.0494 0x1080  sermouse - ok

10:14:46.0526 0x1080  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll

10:14:46.0573 0x1080  SessionEnv - ok

10:14:46.0573 0x1080  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys

10:14:46.0588 0x1080  sffdisk - ok

10:14:46.0604 0x1080  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys

10:14:46.0619 0x1080  sffp_mmc - ok

10:14:46.0619 0x1080  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys

10:14:46.0635 0x1080  sffp_sd - ok

10:14:46.0635 0x1080  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys

10:14:46.0651 0x1080  sfloppy - ok

10:14:46.0682 0x1080  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll

10:14:46.0729 0x1080  SharedAccess - ok

10:14:46.0760 0x1080  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

10:14:46.0807 0x1080  ShellHWDetection - ok

10:14:46.0823 0x1080  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys

10:14:46.0823 0x1080  SiSRaid2 - ok

10:14:46.0838 0x1080  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys

10:14:46.0854 0x1080  SiSRaid4 - ok

10:14:46.0869 0x1080  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys

10:14:46.0916 0x1080  Smb - ok

10:14:46.0948 0x1080  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe

10:14:46.0963 0x1080  SNMPTRAP - ok

10:14:46.0963 0x1080  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys

10:14:46.0979 0x1080  spldr - ok

10:14:47.0026 0x1080  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe

10:14:47.0041 0x1080  Spooler - ok

10:14:47.0198 0x1080  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe

10:14:47.0338 0x1080  sppsvc - ok

10:14:47.0338 0x1080  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll

10:14:47.0385 0x1080  sppuinotify - ok

10:14:47.0479 0x1080  [ 774C1D27B9ED5A420E11C2343B0FFF7B, 6C291CF9C9205D6F9BA43156E1EBB370CA11DD1656694F1B434E2E7F8AFBC6A4 ] SQLBrowser      C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe

10:14:47.0494 0x1080  SQLBrowser - ok

10:14:47.0604 0x1080  [ DBC6CB6619C0741CF5C49F12FC692234, 7B82FAE61AF1A29297EF405F9271FDB551ED0950AF4DA04E007C2DE7D889CBD4 ] SQLSERVERAGENT  C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE

10:14:47.0635 0x1080  SQLSERVERAGENT - ok

10:14:47.0698 0x1080  [ C386F811A5E2F87DCF3EA4A527A20AA6, D68DF4E237AC6CBE193DE3A5C48F473F332A1D3CFC7BC21AFDE3EF922DA08279 ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

10:14:47.0713 0x1080  SQLWriter - ok

10:14:47.0760 0x1080  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys

10:14:47.0791 0x1080  srv - ok

10:14:47.0807 0x1080  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys

10:14:47.0838 0x1080  srv2 - ok

10:14:47.0869 0x1080  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys

10:14:47.0885 0x1080  srvnet - ok

10:14:47.0916 0x1080  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll

10:14:47.0963 0x1080  SSDPSRV - ok

10:14:47.0963 0x1080  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll

10:14:48.0010 0x1080  SstpSvc - ok

10:14:48.0026 0x1080  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys

10:14:48.0041 0x1080  stexstor - ok

10:14:48.0041 0x1080  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys

10:14:48.0073 0x1080  storflt - ok

10:14:48.0088 0x1080  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys

10:14:48.0088 0x1080  storvsc - ok

10:14:48.0119 0x1080  [ 3F863F5A957305E30EFCFF7742F9B5C9, 77B41F714A4AB16D47924CE8D4C0571A1B7B1B027D8E310669D64D1E23CA3698 ] storvsp         C:\Windows\system32\drivers\storvsp.sys

10:14:48.0151 0x1080  storvsp - ok

10:14:48.0166 0x1080  [ 80ADE9E5A7CB72A2DD9B8FE768A9602D, 1A07C65121C1B3BAA5D10EA1D84FC4C8B26BC23167EA265A206876A989C2C32A ] stunnel         C:\Program Files (x86)\Parallels\Plesk\stunnel\stunnel.exe

10:14:48.0182 0x1080  stunnel - detected UnsignedFile.Multi.Generic ( 1 )

10:14:50.0682 0x1080  Detect skipped due to KSN trusted

10:14:50.0682 0x1080  stunnel - ok

10:14:50.0713 0x1080  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys

10:14:50.0713 0x1080  swenum - ok

10:14:50.0760 0x1080  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll

10:14:50.0807 0x1080  swprv - ok

10:14:50.0823 0x1080  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll

10:14:50.0885 0x1080  TapiSrv - ok

10:14:50.0901 0x1080  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll

10:14:50.0948 0x1080  TBS - ok

10:14:51.0104 0x1080  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys

10:14:51.0151 0x1080  Tcpip - ok

10:14:51.0213 0x1080  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys

10:14:51.0276 0x1080  TCPIP6 - ok

10:14:51.0307 0x1080  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys

10:14:51.0323 0x1080  tcpipreg - ok

10:14:51.0338 0x1080  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys

10:14:51.0354 0x1080  TDPIPE - ok

10:14:51.0369 0x1080  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys

10:14:51.0385 0x1080  TDTCP - ok

10:14:51.0401 0x1080  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys

10:14:51.0416 0x1080  tdx - ok

10:14:51.0432 0x1080  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys

10:14:51.0432 0x1080  TermDD - ok

10:14:51.0494 0x1080  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll

10:14:51.0526 0x1080  TermService - ok

10:14:51.0557 0x1080  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll

10:14:51.0604 0x1080  THREADORDER - ok

10:14:51.0635 0x1080  [ 2FB6B2523EF0E359BCC45E779B6FD5CB, 4D7C5553BE6BA9D8DAE5354C3E3D5EC55C6B322E6CA42436948A0A9053D94709 ] Tomcat5         C:\Program Files (x86)\Parallels\Plesk\Additional\Tomcat\bin\tomcat5.exe

10:14:51.0651 0x1080  Tomcat5 - detected UnsignedFile.Multi.Generic ( 1 )

10:14:54.0151 0x1080  Detect skipped due to KSN trusted

10:14:54.0151 0x1080  Tomcat5 - ok

10:14:54.0166 0x1080  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll

10:14:54.0213 0x1080  TrkWks - ok

10:14:54.0244 0x1080  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

10:14:54.0291 0x1080  TrustedInstaller - ok

10:14:54.0323 0x1080  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys

10:14:54.0338 0x1080  tssecsrv - ok

10:14:54.0369 0x1080  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys

10:14:54.0385 0x1080  TsUsbFlt - ok

10:14:54.0416 0x1080  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys

10:14:54.0432 0x1080  TsUsbGD - ok

10:14:54.0432 0x1080  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys

10:14:54.0479 0x1080  tunnel - ok

10:14:54.0479 0x1080  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys

10:14:54.0494 0x1080  uagp35 - ok

10:14:54.0526 0x1080  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys

10:14:54.0573 0x1080  udfs - ok

10:14:54.0588 0x1080  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe

10:14:54.0604 0x1080  UI0Detect - ok

10:14:54.0619 0x1080  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys

10:14:54.0635 0x1080  uliagpkx - ok

10:14:54.0651 0x1080  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys

10:14:54.0666 0x1080  umbus - ok

10:14:54.0666 0x1080  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys

10:14:54.0682 0x1080  UmPass - ok

10:14:54.0713 0x1080  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll

10:14:54.0729 0x1080  UmRdpService - ok

10:14:54.0744 0x1080  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll

10:14:54.0807 0x1080  upnphost - ok

10:14:54.0823 0x1080  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\drivers\usbccgp.sys

10:14:54.0838 0x1080  usbccgp - ok

10:14:54.0854 0x1080  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys

10:14:54.0854 0x1080  usbehci - ok

10:14:54.0885 0x1080  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\drivers\usbhub.sys

10:14:54.0901 0x1080  usbhub - ok

10:14:54.0932 0x1080  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys

10:14:54.0948 0x1080  usbohci - ok

10:14:54.0963 0x1080  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys

10:14:54.0979 0x1080  usbprint - ok

10:14:54.0994 0x1080  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\drivers\USBSTOR.SYS

10:14:55.0010 0x1080  USBSTOR - ok

10:14:55.0026 0x1080  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys

10:14:55.0041 0x1080  usbuhci - ok

10:14:55.0057 0x1080  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll

10:14:55.0104 0x1080  UxSms - ok

10:14:55.0119 0x1080  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] VaultSvc        C:\Windows\system32\lsass.exe

10:14:55.0135 0x1080  VaultSvc - ok

10:14:55.0135 0x1080  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys

10:14:55.0151 0x1080  vdrvroot - ok

10:14:55.0182 0x1080  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe

10:14:55.0244 0x1080  vds - ok

10:14:55.0260 0x1080  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys

10:14:55.0276 0x1080  vga - ok

10:14:55.0276 0x1080  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys

10:14:55.0307 0x1080  VgaSave - ok

10:14:55.0323 0x1080  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys

10:14:55.0338 0x1080  vhdmp - ok

10:14:55.0369 0x1080  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys

10:14:55.0369 0x1080  viaide - ok

10:14:55.0385 0x1080  [ 1720D283BDB1EAA7F21976586FF52B95, B5B8C33EC9C7D4EB18FA1C590AE873344FB04289D7CECF4AC320F2843C66CE13 ] Vid             C:\Windows\system32\drivers\Vid.sys

10:14:55.0401 0x1080  Vid - ok

10:14:55.0416 0x1080  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys

10:14:55.0432 0x1080  vmbus - ok

10:14:55.0432 0x1080  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys

10:14:55.0448 0x1080  VMBusHID - ok

10:14:55.0448 0x1080  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys

10:14:55.0463 0x1080  volmgr - ok

10:14:55.0479 0x1080  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys

10:14:55.0494 0x1080  volmgrx - ok

10:14:55.0510 0x1080  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys

10:14:55.0526 0x1080  volsnap - ok

10:14:55.0526 0x1080  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys

10:14:55.0541 0x1080  vsmraid - ok

10:14:55.0619 0x1080  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe

10:14:55.0713 0x1080  VSS - ok

10:14:55.0744 0x1080  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll

10:14:55.0791 0x1080  W32Time - ok

10:14:55.0869 0x1080  [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] W3SVC           C:\Windows\system32\inetsrv\iisw3adm.dll

10:14:55.0901 0x1080  W3SVC - ok

10:14:55.0901 0x1080  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys

10:14:55.0916 0x1080  WacomPen - ok

10:14:55.0916 0x1080  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys

10:14:55.0963 0x1080  WANARP - ok

10:14:55.0979 0x1080  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys

10:14:56.0026 0x1080  Wanarpv6 - ok

10:14:56.0041 0x1080  [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] WAS             C:\Windows\system32\inetsrv\iisw3adm.dll

10:14:56.0073 0x1080  WAS - ok

10:14:56.0088 0x1080  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

10:14:56.0104 0x1080  WcsPlugInService - ok

10:14:56.0104 0x1080  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys

10:14:56.0119 0x1080  Wd - ok

10:14:56.0166 0x1080  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys

10:14:56.0198 0x1080  Wdf01000 - ok

10:14:56.0213 0x1080  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll

10:14:56.0260 0x1080  WdiServiceHost - ok

10:14:56.0276 0x1080  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll

10:14:56.0291 0x1080  WdiSystemHost - ok

10:14:56.0323 0x1080  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll

10:14:56.0385 0x1080  Wecsvc - ok

10:14:56.0385 0x1080  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll

10:14:56.0432 0x1080  wercplsupport - ok

10:14:56.0448 0x1080  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll

10:14:56.0494 0x1080  WerSvc - ok

10:14:56.0494 0x1080  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys

10:14:56.0526 0x1080  WfpLwf - ok

10:14:56.0541 0x1080  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys

10:14:56.0541 0x1080  WIMMount - ok

10:14:56.0541 0x1080  WinHttpAutoProxySvc - ok

10:14:56.0619 0x1080  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll

10:14:56.0682 0x1080  Winmgmt - ok

10:14:56.0791 0x1080  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll

10:14:56.0854 0x1080  WinRM - ok

10:14:56.0869 0x1080  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys

10:14:56.0885 0x1080  WmiAcpi - ok

10:14:56.0916 0x1080  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe

10:14:56.0932 0x1080  wmiApSrv - ok

10:14:56.0948 0x1080  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll

10:14:56.0963 0x1080  WPDBusEnum - ok

10:14:56.0963 0x1080  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys

10:14:57.0010 0x1080  ws2ifsl - ok

10:14:57.0151 0x1080  [ AA3E844A2595B1AA5825C70CA50D963E, F9C7D64D9563CA5167EC9B0D957473B55C02E9456E041AE2CDA6ABFA9641D176 ] wuauserv        C:\Windows\system32\wuaueng.dll

10:14:57.0229 0x1080  wuauserv - ok

10:14:57.0260 0x1080  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys

10:14:57.0276 0x1080  WudfPf - ok

10:14:57.0291 0x1080  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll

10:14:57.0307 0x1080  wudfsvc - ok

10:14:57.0323 0x1080  ================ Scan global ===============================

10:14:57.0338 0x1080  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll

10:14:57.0369 0x1080  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll

10:14:57.0385 0x1080  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll

10:14:57.0401 0x1080  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll

10:14:57.0448 0x1080  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe

10:14:57.0448 0x1080  [ Global ] - ok

10:14:57.0448 0x1080  ================ Scan MBR ==================================

10:14:57.0463 0x1080  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

10:14:57.0635 0x1080  \Device\Harddisk0\DR0 - ok

10:14:57.0635 0x1080  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1

10:14:57.0666 0x1080  \Device\Harddisk1\DR1 - ok

10:14:57.0666 0x1080  ================ Scan VBR ==================================

10:14:57.0682 0x1080  [ 042A7CF638158B9635BE838A7D44622D ] \Device\Harddisk0\DR0\Partition1

10:14:57.0682 0x1080  \Device\Harddisk0\DR0\Partition1 - ok

10:14:57.0682 0x1080  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition1

10:14:57.0682 0x1080  \Device\Harddisk1\DR1\Partition1 - ok

10:14:57.0682 0x1080  [ 11B096629BE6BB098B13B1F41226CC3E ] \Device\Harddisk1\DR1\Partition2

10:14:57.0682 0x1080  \Device\Harddisk1\DR1\Partition2 - ok

10:14:57.0682 0x1080  ================ Scan generic autorun ======================

10:14:57.0760 0x1080  [ 35BA4E6632BA690EA6421C1E03537D0E, 99D6B4DB12ABE3A7F44AB1B2D626978E85231185AE280D9516986027BC8385CB ] C:\Program Files\Microsoft Security Client\msseces.exe

10:14:57.0823 0x1080  MSC - ok

10:14:57.0869 0x1080  [ A5306D9F3D29C8BAC744BCAD3299B3BD, AF49FEBB689CF8183E01BA56E52F8B2A23464A39F4B36058E312C172A4D6082F ] C:\Program Files (x86)\Parallels\Parallels Tools\SIA\SharedIntApp.exe

10:14:57.0869 0x1080  Parallels Shared Internet Applications - ok

10:14:57.0948 0x1080  [ CDECF0785B6B77011D58D4EC54A33BCA, 7AAF2E74629CA64883C98D78BCF7401A41AD872455526C97ADD33FF37F5BF77E ] C:\Program Files (x86)\Parallels\Parallels Tools\prl_cc.exe

10:14:57.0963 0x1080  Parallels Tools Center - ok

10:14:57.0963 0x1080  Waiting for KSN requests completion. In queue: 157

10:14:58.0963 0x1080  Waiting for KSN requests completion. In queue: 157

10:14:59.0963 0x1080  Waiting for KSN requests completion. In queue: 157

10:15:00.0979 0x1080  Win FW state via NFP2: enabled ( trusted )

10:15:03.0354 0x1080  ============================================================

10:15:03.0354 0x1080  Scan finished

10:15:03.0354 0x1080  ============================================================

10:15:03.0354 0x176c  Detected object count: 2

10:15:03.0354 0x176c  Actual detected object count: 2

10:15:53.0885 0x176c  named ( UnsignedFile.Multi.Generic ) - skipped by user

10:15:53.0885 0x176c  named ( UnsignedFile.Multi.Generic ) - User select action: Skip 

10:15:53.0885 0x176c  PopPassD ( UnsignedFile.Multi.Generic ) - skipped by user

10:15:53.0885 0x176c  PopPassD ( UnsignedFile.Multi.Generic ) - User select action: Skip