| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: DHL Mail mit pdfWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
30.05.2015, 11:17
| #1 |
| |  DHL Mail mit pdf Hallo! Gut das es euch gibt! Meine Mutter hat auf ihren Mailaccount gestern eine dieser DHL Trojanermail bekommen und natürlich gleich das pdf geöffnet. Nach ihrer Aussage hat sie auf keinen Link geklickt. Avira hat auch nix gefunden. aber um auf nummer sicher zu gehen hab ich mich bei euch im Forum schlau gemacht und mal FRST durchlaufen lassen Jetzt komme ich allein nicht mehr weiter Bitte vielelicht könnte mir jemand helfen abzuklären ob wir verseucht sind  FRST log Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-05-2015 Ran by sylvia (administrator) on SYLVIA-PC on 30-05-2015 12:04:52 Running from C:\Users\sylvia\Downloads\Desktop Loaded Profiles: sylvia (Available Profiles: sylvia) Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Teruten) C:\Windows\System32\FsUsbExService.Exe () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe (RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe () C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe (TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe (Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Dritek System Inc.) C:\Program Files\Launch Manager\LManager.EXE (Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe (Realtek Semiconductor Corp.) C:\Users\sylvia\AppData\Local\Temp\RtkBtMnt.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe () C:\Program Files\RealNetworks\RealDownloader\downloader2.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Macrovision Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe (Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation) HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-07-07] (Advanced Micro Devices, Inc.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7600672 2009-07-06] (Realtek Semiconductor) HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-07-06] (Realtek Semiconductor Corp.) HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.EXE [842248 2009-09-15] (Dritek System Inc.) HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.) HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard) HKLM\...\Run: [NPSStartup] => [X] HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [728312 2015-05-12] (Avira Operations GmbH & Co. KG) HKLM\...\Run: [] => [X] HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.) HKLM\...\Run: [TkBellExe] => c:\program files\real\realplayer\Update\realsched.exe [296520 2015-02-09] (RealNetworks, Inc.) HKLM\...\Run: [RealDownloader] => C:\Program Files\RealNetworks\RealDownloader\downloader2.exe [560192 2014-10-29] () HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2015-04-07] (Apple Inc.) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated) HKU\S-1-5-21-1540189368-1180668933-4107768583-1000\...\Run: [AutoStartNPSAgent] => C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [102400 2009-04-02] (Samsung Electronics Co., Ltd.) HKU\S-1-5-21-1540189368-1180668933-4107768583-1000\...\Run: [ISUSPM] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [218032 2006-09-11] (Macrovision Corporation) HKU\S-1-5-21-1540189368-1180668933-4107768583-1000\...\Run: [MobileDocuments] => C:\Program Files\Common Files\Apple\Internet Services\ubd.exe HKU\S-1-5-21-1540189368-1180668933-4107768583-1000\...\Run: [TomTomHOME.exe] => C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [247768 2012-12-05] (TomTom) HKU\S-1-5-21-1540189368-1180668933-4107768583-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.) HKU\S-1-5-21-1540189368-1180668933-4107768583-1000\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.) HKU\S-1-5-21-1540189368-1180668933-4107768583-1000\...\Run: [ApplePhotoStreams] => C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.) HKU\S-1-5-21-1540189368-1180668933-4107768583-1000\...\MountPoints2: F - F:\OpenFiles.exe HKU\S-1-5-21-1540189368-1180668933-4107768583-1000\...\MountPoints2: {713310e1-5723-11e2-88f4-00238be5f39c} - F:\OpenFiles.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2011-10-24] ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) Startup: C:\Users\sylvia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk [2013-09-27] ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\sylvia\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\sylvia\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\sylvia\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-1540189368-1180668933-4107768583-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.upc.at/upcmail/ HKU\S-1-5-21-1540189368-1180668933-4107768583-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.) BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-10-27] (RealDownloader) BHO: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-02] (Google Inc.) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation) BHO: WOT Helper -> {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} -> C:\Program Files\WOT\WOT.dll [2012-08-02] () BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.) Toolbar: HKLM - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll [2012-08-02] () Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-02] (Google Inc.) Toolbar: HKU\S-1-5-21-1540189368-1180668933-4107768583-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File Toolbar: HKU\S-1-5-21-1540189368-1180668933-4107768583-1000 -> WOT - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll [2012-08-02] () Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation) Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll [2012-08-02] () Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\sylvia\AppData\Roaming\Mozilla\Firefox\Profiles\69npgaob.default FF SearchEngineOrder.1: Ask.com FF SearchEngineOrder.3: Bing FF SelectedSearchEngine: Bing FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&dt=071413&q= FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-16] () FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] () FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.) FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation) FF Plugin: @real.com/nppl3260;version=17.0.15.10 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2015-02-09] (RealNetworks, Inc.) FF Plugin: @real.com/nprndlhtml5videoshim;version=17.0.15 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-10-27] (RealNetworks, Inc.) FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-06-08] (RealNetworks, Inc.) FF Plugin: @real.com/nprphtml5videoshim;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-06-08] (RealNetworks, Inc.) FF Plugin: @real.com/nprpplugin;version=17.0.15.10 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2015-02-09] (RealPlayer Cloud) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1540189368-1180668933-4107768583-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll [2012-10-30] (Amazon.com, Inc.) FF SearchPlugin: C:\Users\sylvia\AppData\Roaming\Mozilla\Firefox\Profiles\69npgaob.default\searchplugins\askcom.xml [2012-08-02] FF SearchPlugin: C:\Users\sylvia\AppData\Roaming\Mozilla\Firefox\Profiles\69npgaob.default\searchplugins\bingp.xml [2013-07-14] FF Extension: 20-20 3D Viewer - IKEA - C:\Users\sylvia\AppData\Roaming\Mozilla\Firefox\Profiles\69npgaob.default\Extensions\2020Player_IKEA@2020Technologies.com [2014-06-05] FF Extension: Avira Browser Safety - C:\Users\sylvia\AppData\Roaming\Mozilla\Firefox\Profiles\69npgaob.default\Extensions\abs@avira.com [2015-05-30] FF Extension: Ghostery - C:\Users\sylvia\AppData\Roaming\Mozilla\Firefox\Profiles\69npgaob.default\Extensions\firefox@ghostery.com.xpi [2013-08-19] FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-02] FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-10-24] FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2015-02-09] FF HKLM\...\Firefox\Extensions: [{338950EA-82DB-44C1-930D-0C28E023C9F0}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF HKU\S-1-5-21-1540189368-1180668933-4107768583-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-05-02] Chrome: ======= CHR DefaultSearchKeyword: Default -> bing.com CHR DefaultSearchURL: Default -> https://www.bing.com/search?setmkt=de-AT&q={searchTerms} CHR DefaultNewTabURL: Default -> https://www.bing.com/chrome/newtab?setmkt=de-AT CHR DefaultSuggestURL: Default -> hxxp://api.bing.com/osjson.aspx?query={searchTerms}&language={language} CHR Profile: C:\Users\sylvia\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\sylvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-02-09] CHR Extension: (RealPlayer Downloader) - C:\Users\sylvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-02-26] CHR Extension: (Skype Click to Call) - C:\Users\sylvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-08-28] CHR Extension: (Google Wallet) - C:\Users\sylvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-04] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe [827640 2015-05-12] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [434424 2015-05-12] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [434424 2015-05-12] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [1185584 2015-05-12] (Avira Operations GmbH & Co. KG) R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG) R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation) R2 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [233472 2009-03-31] (Teruten) [File not signed] R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed] R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed] R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed] R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed] R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-10-26] () R2 RealPlayer Cloud Service; c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2015-02-09] (RealNetworks, Inc.) R2 RealPlayerUpdateSvc; C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe [31856 2014-10-30] () S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [430592 2008-04-07] (Nokia.) [File not signed] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [107400 2015-05-12] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2015-05-12] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37896 2015-05-12] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [37896 2015-03-10] (Avira Operations GmbH & Co. KG) R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2009-03-31] () [File not signed] R3 L1E; C:\Windows\System32\DRIVERS\L1E62x86.sys [48640 2009-08-23] (Atheros Communications, Inc.) R3 nuvotoncir; C:\Windows\System32\DRIVERS\nuvotoncir.sys [44544 2009-08-31] (Nuvoton Technology Corporation) R3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [159776 2009-06-24] (Realtek Semiconductor Corp.) R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH) S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2009-09-19] (MCCI) S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14848 2009-09-19] (MCCI Corporation) S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [123648 2009-09-19] (MCCI Corporation) S3 winbondcir; C:\Windows\System32\DRIVERS\winbondcir.sys [43008 2007-03-28] (Winbond Electronics Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-05-30 12:04 - 2015-05-30 12:05 - 00000000 ____D () C:\FRST 2015-05-30 12:03 - 2015-05-30 12:03 - 01147392 _____ (Farbar) C:\Users\sylvia\Downloads\FRST.exe 2015-05-13 10:48 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2015-05-13 08:53 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2015-05-13 08:53 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-05-13 08:53 - 2015-04-27 21:11 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-05-13 08:53 - 2015-04-27 21:11 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-05-13 08:53 - 2015-04-27 21:08 - 01307648 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-05-13 08:53 - 2015-04-27 21:05 - 00851456 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2015-05-13 08:53 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2015-05-13 08:53 - 2015-04-27 21:05 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-05-13 08:53 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-05-13 08:53 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-05-13 08:53 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-05-13 08:53 - 2015-04-27 21:05 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-05-13 08:53 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll 2015-05-13 08:53 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-05-13 08:53 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-05-13 08:53 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-05-13 08:53 - 2015-04-27 21:05 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-05-13 08:53 - 2015-04-27 21:04 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-05-13 08:53 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2015-05-13 08:53 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-05-13 08:53 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe 2015-05-13 08:53 - 2015-04-27 21:04 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-05-13 08:53 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe 2015-05-13 08:53 - 2015-04-27 21:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-05-13 08:53 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe 2015-05-13 08:53 - 2015-04-27 21:04 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-05-13 08:53 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe 2015-05-13 08:53 - 2015-04-27 21:04 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-05-13 08:53 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-05-13 08:53 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-05-13 08:53 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe 2015-05-13 08:53 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-05-13 08:53 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-05-13 08:53 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-05-13 08:53 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-05-13 08:53 - 2015-04-27 20:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll 2015-05-13 08:53 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2015-05-13 08:53 - 2015-04-20 04:56 - 00909312 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2015-05-13 08:53 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll 2015-05-13 08:52 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-05-13 08:52 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-05-13 08:52 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-05-13 08:52 - 2015-04-21 18:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-05-13 08:52 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-05-13 08:52 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-05-13 08:52 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-05-13 08:52 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-05-13 08:52 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-05-13 08:52 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-05-13 08:52 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-05-13 08:52 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-05-13 08:52 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-05-13 08:52 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-05-13 08:52 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-05-13 08:52 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-05-13 08:52 - 2015-04-21 17:58 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-05-13 08:52 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-05-13 08:52 - 2015-04-21 17:51 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-05-13 08:52 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-05-13 08:52 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-05-13 08:52 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-05-13 08:52 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-05-13 08:52 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-05-13 08:52 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-05-13 08:52 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-05-13 08:52 - 2015-04-21 17:26 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-05-13 08:52 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-05-13 08:52 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-05-13 08:52 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-05-13 08:52 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-05-13 08:52 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-05-13 08:52 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-05-13 08:52 - 2015-04-20 04:03 - 02382336 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-05-13 08:52 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2015-05-13 08:52 - 2015-04-13 05:19 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\services.exe 2015-05-13 08:51 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll 2015-05-13 08:51 - 2015-04-08 05:14 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll 2015-05-13 08:51 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll 2015-05-13 08:51 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll 2015-05-13 08:51 - 2015-03-04 06:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll 2015-05-13 08:51 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe 2015-05-13 08:51 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2015-05-06 15:11 - 2015-05-06 15:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud 2015-05-02 16:00 - 2015-05-02 16:00 - 00000000 ____D () C:\Program Files\Mozilla Firefox ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-05-30 11:40 - 2012-02-28 17:49 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-05-30 11:29 - 2012-04-04 13:34 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-05-30 11:26 - 2012-04-26 16:32 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2015-05-30 11:17 - 2011-10-24 18:52 - 01619973 _____ () C:\Windows\WindowsUpdate.log 2015-05-30 09:26 - 2011-10-24 19:49 - 00000000 ____D () C:\Users\sylvia\AppData\Roaming\Skype 2015-05-30 09:25 - 2011-11-21 12:02 - 00000000 ___RD () C:\Users\sylvia\Dropbox 2015-05-30 09:14 - 2009-07-14 06:34 - 00023376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-05-30 09:14 - 2009-07-14 06:34 - 00023376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-05-30 09:02 - 2011-11-21 12:00 - 00000000 ____D () C:\Users\sylvia\AppData\Roaming\Dropbox 2015-05-30 08:59 - 2012-02-28 17:49 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-05-30 08:59 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-05-30 08:59 - 2009-07-14 06:39 - 00160641 _____ () C:\Windows\setupact.log 2015-05-28 18:52 - 2011-10-24 19:49 - 00000000 ___RD () C:\Program Files\Skype 2015-05-26 15:42 - 2012-08-28 09:40 - 00002125 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2015-05-23 13:16 - 2014-06-14 10:18 - 00000000 ____D () C:\Users\sylvia\AppData\Local\Adobe 2015-05-23 13:13 - 2012-04-04 13:34 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2015-05-23 13:13 - 2011-10-25 18:02 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2015-05-20 11:20 - 2015-04-04 20:08 - 00000000 ___SD () C:\Windows\system32\GWX 2015-05-15 13:35 - 2013-08-20 10:12 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2015-05-14 15:23 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache 2015-05-13 19:04 - 2009-07-14 10:56 - 00000000 ____D () C:\Program Files\Windows Journal 2015-05-13 16:35 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET 2015-05-13 15:00 - 2011-10-24 19:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-05-13 14:54 - 2009-07-14 06:33 - 00303816 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-05-13 14:51 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE 2015-05-13 14:51 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers 2015-05-13 14:50 - 2011-10-24 19:29 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2015-05-13 10:48 - 2011-10-24 19:40 - 00000000 ____D () C:\ProgramData\Microsoft Help 2015-05-13 10:46 - 2013-08-14 14:23 - 00000000 ____D () C:\Windows\system32\MRT 2015-05-13 10:40 - 2011-10-24 20:27 - 137310008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-05-13 10:35 - 2011-10-24 19:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-05-12 12:57 - 2012-11-15 22:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-05-12 12:54 - 2012-11-15 22:08 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2015-05-12 12:54 - 2012-11-15 22:08 - 00107400 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2015-05-12 12:54 - 2012-11-15 22:08 - 00037896 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2015-05-09 07:59 - 2011-11-21 12:01 - 00000000 ____D () C:\Users\sylvia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-05-06 15:20 - 2011-10-24 19:52 - 00000000 ____D () C:\Users\sylvia\AppData\Roaming\Apple Computer ==================== Files in the root of some directories ======= 2011-12-21 12:05 - 2011-12-21 12:05 - 0002528 _____ () C:\Users\sylvia\AppData\Roaming\$_hpcst$.hpc 2012-01-07 20:48 - 2012-01-07 20:48 - 3893824 _____ () C:\Users\sylvia\AppData\Roaming\UserTile.png 2011-10-24 22:44 - 2011-10-24 22:54 - 0001244 _____ () C:\ProgramData\hpzinstall.log Some files in TEMP: ==================== C:\Users\sylvia\AppData\Local\Temp\AskSLib.dll C:\Users\sylvia\AppData\Local\Temp\avgnt.exe C:\Users\sylvia\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmppb7vej.dll C:\Users\sylvia\AppData\Local\Temp\FlashPlayerUpdate.exe C:\Users\sylvia\AppData\Local\Temp\FP_AX_MSI_INSTALLER.exe C:\Users\sylvia\AppData\Local\Temp\FP_PL_PFS_INSTALLER.exe C:\Users\sylvia\AppData\Local\Temp\install_reader10_de_gtba_aih.exe C:\Users\sylvia\AppData\Local\Temp\ose00000.exe C:\Users\sylvia\AppData\Local\Temp\RtkBtMnt.exe C:\Users\sylvia\AppData\Local\Temp\SkypeSetup.exe C:\Users\sylvia\AppData\Local\Temp\stubhelper.dll C:\Users\sylvia\AppData\Local\Temp\_is473C.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-05-24 12:19 ==================== End of log ============================ und addition: Additional scan result of Farbar Recovery Scan Tool (x86) Version: 29-05-2015 Ran by sylvia at 2015-05-30 12:07:07 Running from C:\Users\sylvia\Downloads\Desktop Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1540189368-1180668933-4107768583-500 - Administrator - Disabled) Gast (S-1-5-21-1540189368-1180668933-4107768583-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1540189368-1180668933-4107768583-1002 - Limited - Enabled) sylvia (S-1-5-21-1540189368-1180668933-4107768583-1000 - Administrator - Enabled) => C:\Users\sylvia ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.188 - Adobe Systems Incorporated) Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated) Adobe Reader XI (11.0.11) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated) Amazon MP3-Downloader 1.0.17 (HKLM\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC) Apple Application Support (32-Bit) (HKLM\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{E1DB0812-2D60-43DB-AE09-6C7027D93B28}) (Version: 8.1.1.3 - Apple Inc.) Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ATI Catalyst Install Manager (HKLM\...\{2DEEAFDD-46A9-577A-9EB7-A0B3896A6F77}) (Version: 3.0.732.0 - ATI Technologies, Inc.) Avira (HKLM\...\{b5675cc4-ab8b-4945-8c1d-4c5479556d6a}) (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG) Avira (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG) Hidden Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.10.434 - Avira Operations GmbH & Co. KG) Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.) BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden ccc-core-static (Version: 2009.0707.2224.38408 - Ihr Firmenname) Hidden Copy (Version: 130.0.366.000 - Hewlett-Packard) Hidden Destinations (Version: 130.0.0.0 - Hewlett-Packard) Hidden DeviceDiscovery (Version: 130.0.372.000 - Hewlett-Packard) Hidden DJ_AIO_06_F2400_SW_Min (Version: 130.0.373.000 - Hewlett-Packard) Hidden Dropbox (HKU\S-1-5-21-1540189368-1180668933-4107768583-1000\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.) F2400 (Version: 130.0.373.000 - Hewlett-Packard) Hidden Google Chrome (HKLM\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.) Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.) Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (Version: 1.3.27.5 - Google Inc.) Hidden GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: 7.80.4.55 - Conexant Systems) Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000 - Hewlett-Packard) Hidden HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP) HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6 (HKLM\...\{CDBF8C2D-04B0-4F9B-9AE1-7422F7F0EC94}) (Version: 13.0 - HP) HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP) HP Print Projects 1.0 (HKLM\...\HP Print Projects) (Version: 1.0 - HP) HP Product Detection (HKLM\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP) HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP) HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP) HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden HPPhotoGadget (Version: 130.0.282.000 - Hewlett-Packard) Hidden hpPrintProjects (Version: 130.0.303.000 - Hewlett-Packard) Hidden HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden HPSSupply (Version: 130.0.371.000 - Hewlett-Packard) Hidden hpWLPGInstaller (Version: 130.0.303.000 - Hewlett-Packard) Hidden iCloud (HKLM\...\{9A07AB4F-6B53-43E9-B7FC-7892E8C26BE3}) (Version: 4.1.1.53 - Apple Inc.) ImageJ 1.45s (HKLM\...\ImageJ_is1) (Version: - NIH) Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation) iTunes (HKLM\...\{CE1F04C7-79BC-4219-BE6A-BA490224D4B5}) (Version: 12.1.2.27 - Apple Inc.) Launch Manager (HKLM\...\LManager) (Version: 3.0.04 - Acer Inc.) MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Mozilla Firefox 37.0.2 (x86 de) (HKLM\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.2.0 - Mozilla) Mozilla Thunderbird 31.2.0 (x86 de) (HKLM\...\Mozilla Thunderbird 31.2.0 (x86 de)) (Version: 31.2.0 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Nuvoton CIR Device Driver (HKLM\...\{2D3858B1-226A-420D-9C9D-B51864E85429}) (Version: 8.60.1000 - Nuvoton Technology Corporation) PC Connectivity Solution (HKLM\...\{AC599724-5755-48C1-ABE7-ABB857652930}) (Version: 8.15.0.0 - Nokia) QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.) RealDownloader (Version: 17.0.15.4 - RealNetworks, Inc.) Hidden RealDownloader (Version: 17.0.15.7 - RealNetworks) Hidden RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden RealPlayer Cloud (HKLM\...\RealPlayer 17.0) (Version: 17.0.15 - RealNetworks) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5888 - Realtek Semiconductor Corp.) Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30102 - Realtek Semiconductor Corp.) RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.) SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version: - ) Samsung Mobile Modem Device Software (HKLM\...\Samsung Mobile Modem Device) (Version: - ) SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - ) Samsung Mobile phone USB driver Software (HKLM\...\Samsung Mobile phone USB driver) (Version: - ) SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - ) SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - ) Samsung New PC Studio (HKLM\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Samsung New PC Studio (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Mobile Device Software (HKLM\...\SAMSUNG USB Mobile Device) (Version: - ) SamsungConnectivityCableDriver (HKLM\...\{7E84FAC8-C518-40F9-9807-7455301D6D25}) (Version: 6.83.6.2.1 - Samsung) Scan (Version: 13.0.0.0 - Hewlett-Packard) Hidden Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP) Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation) Skype™ 7.4 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.) SmartWebPrinting (Version: 130.0.373.000 - Hewlett-Packard) Hidden SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden Status (Version: 130.0.373.000 - Hewlett-Packard) Hidden TomTom HOME (HKLM\...\{9017CEAF-BE5A-4F73-8A0E-C87E26971E55}) (Version: 2.9.3 - Ihr Firmenname) TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.) Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden TrayApp (Version: 130.0.376.000 - Hewlett-Packard) Hidden Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft) Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft) Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft) UpdateService (Version: 1.0.0 - RealNetworks, Inc.) Hidden Upgrade Kit (HKLM\...\{1D0FDD6D-3C5E-4588-8ED0-02DC88014BF2}) (Version: 1.00.3002 - Acer Inc.) Video Downloader (Version: 1.0.0 - RealNetworks) Hidden VoiceOver Kit (HKLM\...\{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}) (Version: 1.42.128.0 - Apple Inc.) WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden Windows Live Anmelde-Assistent (HKLM\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation) Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation) Windows Live Sync (HKLM\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation) Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation) Windows-Treiberpaket - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0) (HKLM\...\6194C28A8F62DD817EA1B918E6E46E806A21B452) (Version: 02/23/2007 2.5.0.0 - MobileTop) Windows-Treiberpaket - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0) (HKLM\...\65B6FE5418CE28F4D72543FB2D964C3CEC83F161) (Version: 02/23/2007 2.5.0.0 - MobileTop) Windows-Treiberpaket - Nokia pccsmcfd (10/12/2007 6.85.4.0) (HKLM\...\3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F) (Version: 10/12/2007 6.85.4.0 - Nokia) Winmail Opener 1.4 (HKLM\...\Winmail Opener) (Version: 1.4 - Eolsoft) WOT for Internet Explorer (HKLM\...\{DCAEC601-735C-41AE-B84F-D792F09FB7D1}) (Version: 12.8.2.0 - WOT Services Oy) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1540189368-1180668933-4107768583-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\sylvia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1540189368-1180668933-4107768583-1000_Classes\CLSID\{047466F1-82AE-455A-AFC4-D3AC463FBF6B}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1540189368-1180668933-4107768583-1000_Classes\CLSID\{3f04dadf-6ea4-44d1-a507-03cad176f443}\InprocServer32 -> C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll (Amazon.com, Inc.) CustomCLSID: HKU\S-1-5-21-1540189368-1180668933-4107768583-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\sylvia\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1540189368-1180668933-4107768583-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\sylvia\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1540189368-1180668933-4107768583-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\sylvia\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1540189368-1180668933-4107768583-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\sylvia\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1540189368-1180668933-4107768583-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\sylvia\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1540189368-1180668933-4107768583-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\sylvia\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1540189368-1180668933-4107768583-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\sylvia\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1540189368-1180668933-4107768583-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\sylvia\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1540189368-1180668933-4107768583-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\sylvia\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.) ==================== Restore Points ========================= 05-05-2015 18:07:08 Windows Update 08-05-2015 18:12:19 Windows Update 12-05-2015 10:41:22 Windows Update 13-05-2015 10:31:30 Windows Update 13-05-2015 19:03:19 Windows Update 19-05-2015 16:55:39 Windows Update 20-05-2015 11:20:18 Windows Update 27-05-2015 19:08:42 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0476AA3B-0D35-45BF-8EF7-4A9211E8F74D} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1540189368-1180668933-4107768583-1000 => C:\Program Files\RealNetworks\RealDownloader\RealUpgrade.exe [2014-10-27] (RealNetworks, Inc.) Task: {137DA91D-6483-46E5-8272-4D02744DA2BD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {294D32AD-E6C0-4CA5-B310-AC77105EDC0E} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation) Task: {2C7FF1EC-C823-4356-A252-B392910CD80C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-26] (Google Inc.) Task: {30DD0AFD-4C82-4186-A103-1B95F21C414B} - System32\Tasks\{C76A3C4A-183F-4EAC-ADE6-EA29C2AB7267} => pcalua.exe -a C:\Users\sylvia\Downloads\AmazonMP3DownloaderInstall(1).exe -d "C:\Program Files\Mozilla Firefox" Task: {32E00739-0BD1-4BD5-96AA-AC7967391434} - System32\Tasks\{24F406EF-22D5-4BF6-B9F1-E86292215A64} => C:\Program Files\Microsoft Office\Office12\WINWORD.EXE [2015-03-18] (Microsoft Corporation) Task: {35B4069D-DB43-4D55-B66F-D9125BC5B340} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks Task: {4ACF0D2E-ECC0-4E56-BA6B-6C885CB6D518} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {50784325-8306-4129-857D-B9813DBCCB5C} - System32\Tasks\RealDownloader Update Check => C:\Program Files\RealNetworks\RealDownloader\downloader2.exe [2014-10-29] () Task: {66C35102-163B-478B-ABAC-3853AF307441} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1540189368-1180668933-4107768583-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.) Task: {7648187B-A282-4D3D-B15C-B977D19F4382} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-23] (Adobe Systems Incorporated) Task: {9100CD2B-624D-46D0-A66F-CFB47C5034C2} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1540189368-1180668933-4107768583-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.) Task: {99F3AF60-EEA1-4CDE-93A3-7865CB6F8CCE} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation) Task: {A097EF16-24CA-46C7-AFF4-9A6A737C5060} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1540189368-1180668933-4107768583-1000 => C:\Program Files\RealNetworks\RealDownloader\RealUpgrade.exe [2014-10-27] (RealNetworks, Inc.) Task: {B28363CA-D937-4878-9555-8CAB135DFD20} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1540189368-1180668933-4107768583-1000 => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe [2014-10-26] (RealNetworks, Inc.) Task: {D050E0F3-BE4E-423B-A6F4-A651902F149A} - System32\Tasks\{1997BC41-FD26-401B-8ACE-39BB93A085B8} => pcalua.exe -a E:\Install.exe -d E:\ Task: {D4CA90F2-9930-40D6-B7F4-6FE057C29C92} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1540189368-1180668933-4107768583-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.) Task: {DB000F81-8613-49BB-8FE7-DF29B59D1390} - System32\Tasks\{AB38123C-A674-4033-8D22-00A7AEC3E018} => pcalua.exe -a C:\Users\sylvia\Downloads\AmazonMP3DownloaderInstall(4).exe -d "C:\Program Files\Mozilla Firefox" Task: {DD7A576E-1451-45C0-96A4-4A5909A82867} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-26] (Google Inc.) Task: {FA1EFD2D-17B5-4D7D-8CA8-EB75B765941C} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1540189368-1180668933-4107768583-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.) Task: {FDF21FE0-F6C0-44BB-92F5-76BF64B82B65} - System32\Tasks\{C45205F9-38E3-4ECD-AAA4-34F94EB3C63E} => pcalua.exe -a C:\Users\sylvia\Downloads\AmazonMP3DownloaderInstall(2).exe -d "C:\Program Files\Mozilla Firefox" (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-01-20 23:35 - 2015-01-20 23:35 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2009-06-19 10:49 - 2009-06-19 10:49 - 00016384 ____R () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll 2011-10-24 19:15 - 2011-10-24 19:15 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll 2014-10-26 23:59 - 2014-10-26 23:59 - 00039568 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe 2014-04-24 14:15 - 2015-02-09 14:45 - 00865880 _____ () c:\program files\real\realplayer\RPDS\Plugins\cldplin.dll 2014-10-30 06:41 - 2014-10-30 06:41 - 00031856 _____ () C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe 2014-10-30 06:41 - 2014-10-30 06:41 - 00035976 _____ () C:\Program Files\Real\UpdateService\DL2UpdatePlugin.dll 2014-10-30 06:41 - 2014-10-30 06:41 - 00039560 _____ () C:\Program Files\Real\UpdateService\RealDownloaderUpdatePlugin.dll 2014-10-30 06:41 - 2014-10-30 06:41 - 00032888 _____ () C:\Program Files\Real\UpdateService\RPDSUpdatePlugin.dll 2014-10-29 20:06 - 2014-10-29 20:06 - 00560192 _____ () C:\Program Files\RealNetworks\RealDownloader\downloader2.exe 2014-10-29 20:01 - 2014-10-29 20:01 - 01382048 _____ () C:\Program Files\RealNetworks\RealDownloader\cpprest100_1_2.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1540189368-1180668933-4107768583-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\sylvia\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.0.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{09D59D15-10A6-4E72-A681-FDCACB1CCCB5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{98FBD873-248F-4C01-A4C7-B09D28F70124}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{060E8629-69E5-4D66-9B31-B54BFB5D30D5}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe FirewallRules: [{2F47614E-FCA2-4783-8A15-8A182189FE95}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe FirewallRules: [{F0E41B12-0C19-4AAD-9860-C46D3C5E5EE5}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe FirewallRules: [{AEBF7E79-9BA4-4A9A-AE46-05C4A04383F7}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe FirewallRules: [{FC00AF4F-C572-41A1-BAF8-397A11E9E3C1}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe FirewallRules: [{71C1605B-992D-4789-8E15-74D2CD407BC3}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe FirewallRules: [{C16A9BD9-5F87-426D-9B69-355C374B0776}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe FirewallRules: [{1039A7C4-2FEC-415B-B698-75E26CFB54D7}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe FirewallRules: [{A50864AA-2F97-4573-A88E-2E6E278E5D57}] => (Allow) C:\Program Files\common files\hp\digital imaging\bin\hpqphotocrm.exe FirewallRules: [{708D5766-2E80-4899-9C67-B0AEDC63E3B6}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe FirewallRules: [{39316030-949B-4B19-840F-BC7738602DDA}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe FirewallRules: [{8A92317B-200C-4038-B863-D88F7A959314}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe FirewallRules: [{1E9F8050-EB98-4FDA-B375-A5F7ED231C0E}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe FirewallRules: [{82ECBDB2-E90D-4B5C-BF47-F3B844F06049}] => (Allow) C:\Program Files\HP\hp software update\hpwucli.exe FirewallRules: [{F18D0676-2B59-49C3-9540-98568028938E}] => (Allow) C:\Program Files\HP\digital imaging\smart web printing\smartwebprintexe.exe FirewallRules: [{7F336D38-BDC3-4670-ABFD-EF0F18222D61}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe FirewallRules: [{4748E6B3-DD2E-4D77-AD3B-5E68F7ED5ECC}] => (Allow) C:\Users\sylvia\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{F252793E-9774-4BFC-8F5B-D549029CD0C8}] => (Allow) C:\Users\sylvia\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{7E2401C0-8EF1-4561-93C9-977A638D499A}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe FirewallRules: [{1C94AFE6-D650-4854-A28A-784D4D2733E7}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe FirewallRules: [{3BF5F563-A758-4602-BF97-FBDEB5170BAE}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe FirewallRules: [{3AE34172-BF2C-4D4B-9FE5-6F216F20CA88}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe FirewallRules: [TCP Query User{DC978B86-3DCA-4251-978E-129FDFC7E260}C:\program files\imagej\jre\bin\javaw.exe] => (Allow) C:\program files\imagej\jre\bin\javaw.exe FirewallRules: [UDP Query User{7042A848-BAC6-4710-807E-47225B636215}C:\program files\imagej\jre\bin\javaw.exe] => (Allow) C:\program files\imagej\jre\bin\javaw.exe FirewallRules: [TCP Query User{CFC0CE90-5393-4BF3-8EBD-F4A1ED9ECC2E}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe FirewallRules: [UDP Query User{212957E6-BA42-4D4D-9DA0-E22630AE7840}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe FirewallRules: [{4A12B621-7F92-4EBD-AFB6-DC2482E436B4}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe FirewallRules: [{BA0661CF-BA2A-4A0E-AE77-37CF9B665963}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe FirewallRules: [TCP Query User{EFF5771D-2605-4002-A39A-DDB4FD70DD2D}C:\users\sylvia\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\sylvia\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{F0FF6767-2D57-44AA-96E0-B88DB286AFBF}C:\users\sylvia\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\sylvia\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [TCP Query User{CB3C9C2D-E882-48BF-8DB1-F05A8D45B959}C:\program files\imagej\jre\bin\javaw.exe] => (Allow) C:\program files\imagej\jre\bin\javaw.exe FirewallRules: [UDP Query User{53F63091-BD78-49E5-819E-F12192E69C3F}C:\program files\imagej\jre\bin\javaw.exe] => (Allow) C:\program files\imagej\jre\bin\javaw.exe FirewallRules: [{4F523644-9408-434D-B993-EAFE10E4E852}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{5599C6C0-9644-463D-8845-F19ECD9DCF29}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{6C31E036-E604-4CE8-904B-21DA356CE067}] => (Allow) c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe FirewallRules: [{6F6367A5-F43C-4EBA-B68C-53E17A82937D}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{978B0062-96E7-4697-88AC-7ECC30D6920C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (05/27/2015 08:15:37 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm iexplore.exe, Version 11.0.9600.17801 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1898 Startzeit: 01d098a8fa81a7f2 Endzeit: 30 Anwendungspfad: C:\Program Files\Internet Explorer\iexplore.exe Berichts-ID: Error: (05/26/2015 06:30:16 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 589028 Error: (05/26/2015 06:30:16 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 589028 Error: (05/26/2015 06:30:16 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (05/26/2015 06:30:14 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 587422 Error: (05/26/2015 06:30:14 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 587422 Error: (05/26/2015 06:30:14 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (05/26/2015 06:30:09 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 582039 Error: (05/26/2015 06:30:09 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 582039 Error: (05/26/2015 06:30:09 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second System errors: ============= Error: (05/30/2015 09:07:14 AM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Der Dienst "Windows Update" wurde nicht richtig gestartet. Error: (05/30/2015 09:03:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Volumeschattenkopie" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (05/30/2015 09:03:17 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Volumeschattenkopie erreicht. Error: (05/30/2015 09:03:17 AM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1053VSS{E579AB5F-1CC4-44B4-BED9-DE0991FF0623} Error: (05/30/2015 09:02:46 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Microsoft .NET Framework NGEN v4.0.30319_X86 erreicht. Error: (05/29/2015 05:49:29 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Der Dienst "Windows Update" wurde nicht richtig gestartet. Error: (05/29/2015 05:46:17 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Microsoft .NET Framework NGEN v4.0.30319_X86 erreicht. Error: (05/29/2015 02:56:11 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT) Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Definition Update for Windows Defender - KB915597 (Definition 1.199.1150.0) Error: (05/28/2015 04:57:10 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Der Dienst "Windows Update" wurde nicht richtig gestartet. Error: (05/27/2015 07:35:55 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252. Microsoft Office: ========================= ==================== Memory info =========================== Processor: Intel(R) Core(TM)2 Duo CPU T6400 @ 2.00GHz Percentage of memory in use: 49% Total physical RAM: 3036.87 MB Available physical RAM: 1536.04 MB Total Pagefile: 6072.05 MB Available Pagefile: 3940.97 MB Total Virtual: 2047.88 MB Available Virtual: 1894.42 MB ==================== Drives ================================ Drive c: (ACER) (Fixed) (Total:226.88 GB) (Free:93.02 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (DATA) (Fixed) (Total:223.4 GB) (Free:223.3 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 767E32CA) Partition 1: (Not Active) - (Size=12 GB) - (Type=27) Partition 2: (Active) - (Size=226.9 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=223.4 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=3.5 GB) - (Type=12) ==================== End of log ============================ |
|
30.05.2015, 11:24
| #2 |
| /// the machine /// TB-Ausbilder    | DHL Mail mit pdf hi,
__________________ So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
30.05.2015, 12:07
| #3 |
| | DHL Mail mit pdf Also schauen wir mal:
__________________Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
Database version:
main: v2015.05.30.01
rootkit: v2015.05.24.01
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.17801
sylvia :: SYLVIA-PC [administrator]
30.05.2015 12:31:39
mbar-log-2015-05-30 (12-31-39).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 339133
Time elapsed: 27 minute(s), 13 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 13:03:57.0576 0x068c TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
13:04:09.0319 0x068c ============================================================
13:04:09.0319 0x068c Current date / time: 2015/05/30 13:04:09.0319
13:04:09.0319 0x068c SystemInfo:
13:04:09.0319 0x068c
13:04:09.0319 0x068c OS Version: 6.1.7601 ServicePack: 1.0
13:04:09.0319 0x068c Product type: Workstation
13:04:09.0319 0x068c ComputerName: SYLVIA-PC
13:04:09.0320 0x068c UserName: sylvia
13:04:09.0320 0x068c Windows directory: C:\Windows
13:04:09.0320 0x068c System windows directory: C:\Windows
13:04:09.0320 0x068c Processor architecture: Intel x86
13:04:09.0320 0x068c Number of processors: 2
13:04:09.0320 0x068c Page size: 0x1000
13:04:09.0320 0x068c Boot type: Normal boot
13:04:09.0320 0x068c ============================================================
13:04:09.0876 0x068c KLMD registered as C:\Windows\system32\drivers\12565440.sys
13:04:10.0186 0x068c System UUID: {02AB8571-4462-4A98-3B6F-8DD9CE5EDEB8}
13:04:11.0125 0x068c Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:04:11.0127 0x068c ============================================================
13:04:11.0127 0x068c \Device\Harddisk0\DR0:
13:04:11.0127 0x068c MBR partitions:
13:04:11.0127 0x068c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1800800, BlocksNum 0x1C5C2000
13:04:11.0128 0x068c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1DDC2800, BlocksNum 0x1BECC800
13:04:11.0128 0x068c ============================================================
13:04:11.0163 0x068c C: <-> \Device\Harddisk0\DR0\Partition1
13:04:11.0210 0x068c D: <-> \Device\Harddisk0\DR0\Partition2
13:04:11.0210 0x068c ============================================================
13:04:11.0211 0x068c Initialize success
13:04:11.0211 0x068c ============================================================
13:04:47.0096 0x1c94 ============================================================
13:04:47.0096 0x1c94 Scan started
13:04:47.0096 0x1c94 Mode: Manual; SigCheck; TDLFS;
13:04:47.0096 0x1c94 ============================================================
13:04:47.0096 0x1c94 KSN ping started
13:04:49.0530 0x1c94 KSN ping finished: true
13:04:50.0482 0x1c94 ================ Scan system memory ========================
13:04:50.0482 0x1c94 System memory - ok
13:04:50.0482 0x1c94 ================ Scan services =============================
13:04:50.0747 0x1c94 [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
13:04:50.0918 0x1c94 1394ohci - ok
13:04:50.0981 0x1c94 [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\Windows\system32\drivers\ACPI.sys
13:04:51.0028 0x1c94 ACPI - ok
13:04:51.0090 0x1c94 [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
13:04:51.0184 0x1c94 AcpiPmi - ok
13:04:51.0324 0x1c94 [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
13:04:51.0340 0x1c94 AdobeARMservice - ok
13:04:51.0433 0x1c94 [ 00CC35F515079F5F94FABC3AC5C7D363, 7CE8B1715009602059DEDD6CBCA9C18EF079EDA344E7809813D6C0A395622B82 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:04:51.0449 0x1c94 AdobeFlashPlayerUpdateSvc - ok
13:04:51.0511 0x1c94 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
13:04:51.0605 0x1c94 adp94xx - ok
13:04:51.0698 0x1c94 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
13:04:51.0745 0x1c94 adpahci - ok
13:04:51.0761 0x1c94 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
13:04:51.0776 0x1c94 adpu320 - ok
13:04:51.0823 0x1c94 [ 12E6A172D72AFC626727B8635DD17E39, 33B3D109C39DF6EA86AFC3C89A93657906E981D3D22FF854401BC7326990CC08 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:04:51.0901 0x1c94 AeLookupSvc - ok
13:04:51.0964 0x1c94 [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD C:\Windows\system32\drivers\afd.sys
13:04:52.0088 0x1c94 AFD - ok
13:04:52.0135 0x1c94 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\drivers\agp440.sys
13:04:52.0151 0x1c94 agp440 - ok
13:04:52.0213 0x1c94 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
13:04:52.0276 0x1c94 aic78xx - ok
13:04:52.0322 0x1c94 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe
13:04:52.0385 0x1c94 ALG - ok
13:04:52.0447 0x1c94 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\drivers\aliide.sys
13:04:52.0463 0x1c94 aliide - ok
13:04:52.0510 0x1c94 [ EBE2D697884A1FFF96505CDBE954EDCF, 23ED79F6E8810E1C899B857DA62E4CBE55637C4238C36DB7E7186D774648BE97 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
13:04:52.0603 0x1c94 AMD External Events Utility - ok
13:04:52.0619 0x1c94 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
13:04:52.0650 0x1c94 amdagp - ok
13:04:52.0697 0x1c94 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\drivers\amdide.sys
13:04:52.0712 0x1c94 amdide - ok
13:04:52.0759 0x1c94 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
13:04:52.0822 0x1c94 AmdK8 - ok
13:04:52.0837 0x1c94 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
13:04:52.0868 0x1c94 AmdPPM - ok
13:04:52.0931 0x1c94 [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata C:\Windows\system32\drivers\amdsata.sys
13:04:52.0946 0x1c94 amdsata - ok
13:04:52.0993 0x1c94 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
13:04:53.0024 0x1c94 amdsbs - ok
13:04:53.0056 0x1c94 [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
13:04:53.0071 0x1c94 amdxata - ok
13:04:53.0196 0x1c94 [ D908096B873B940BB438CE63BA35BD1E, F1C79C907E6CDBC2770C16AFFAE0D6F9B9B7DA21F5074D602AC5FE1597975748 ] AntiVirMailService C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe
13:04:53.0243 0x1c94 AntiVirMailService - ok
13:04:53.0321 0x1c94 [ EC705D6ED3A7F3D9AE42F6239707D9FE, B50F6BB0FC308E7403B1807DF2AAF87BEDE0B044128C580970A26801CCABC43F ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
13:04:53.0336 0x1c94 AntiVirSchedulerService - ok
13:04:53.0383 0x1c94 [ EC705D6ED3A7F3D9AE42F6239707D9FE, B50F6BB0FC308E7403B1807DF2AAF87BEDE0B044128C580970A26801CCABC43F ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
13:04:53.0414 0x1c94 AntiVirService - ok
13:04:53.0524 0x1c94 [ 0F3D12E5FAE0082DB3F306095CA6B027, 726D054357031F45B43C87D798E84FA93439ECA6C691EB8C76FE524B50C25B32 ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe
13:04:53.0586 0x1c94 AntiVirWebService - ok
13:04:53.0680 0x1c94 [ 81F97D8F8B3FB94A451CC6F7CF8B2965, 8DEBA4E47E1016D69740C0BB7CDD23852D86E0D42C1C1EA5A847ECB115C38CB1 ] AppID C:\Windows\system32\drivers\appid.sys
13:04:53.0758 0x1c94 AppID - ok
13:04:53.0789 0x1c94 [ F5090F8FA6757C58E17BAEAA86093636, 5E14CF3032DF5801240F45C59AA93962EA41AA5648A0C6458D16D9B9D95A131F ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:04:53.0836 0x1c94 AppIDSvc - ok
13:04:53.0882 0x1c94 [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo C:\Windows\System32\appinfo.dll
13:04:53.0929 0x1c94 Appinfo - ok
13:04:54.0007 0x1c94 [ D2B87FC03BE28CD0B33C2B5C1119FD8E, 97EB74CB7F62C0D06D45CB250E3A90657A0F107C2FC20738FF6B2C87B0240080 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:04:54.0038 0x1c94 Apple Mobile Device - ok
13:04:54.0085 0x1c94 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\DRIVERS\arc.sys
13:04:54.0101 0x1c94 arc - ok
13:04:54.0132 0x1c94 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
13:04:54.0148 0x1c94 arcsas - ok
13:04:54.0257 0x1c94 [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
13:04:54.0288 0x1c94 aspnet_state - ok
13:04:54.0304 0x1c94 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:04:54.0428 0x1c94 AsyncMac - ok
13:04:54.0491 0x1c94 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\drivers\atapi.sys
13:04:54.0506 0x1c94 atapi - ok
13:04:54.0803 0x1c94 [ EE6A111E33CC13913AC620F5AD3F1E75, A0E878A66BAC22E0FF59D87D13D59E8D528CE0AFC438F0E6E078CC0739A893AE ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
13:04:55.0099 0x1c94 atikmdag - ok
13:04:55.0177 0x1c94 [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:04:55.0224 0x1c94 AudioEndpointBuilder - ok
13:04:55.0255 0x1c94 [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv C:\Windows\System32\Audiosrv.dll
13:04:55.0286 0x1c94 Audiosrv - ok
13:04:55.0333 0x1c94 [ EC17E91BC9026C5ED580FB2B13E341AB, 2D9421AE05F3D4A8DBD69D73B4B562EA4F93FBD12AB2F77C52DA8B411626EBF1 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
13:04:55.0349 0x1c94 avgntflt - ok
13:04:55.0427 0x1c94 [ 7BAA36ED6C6098899D9E1269A61085C3, 2D101F1C6C79B0BD722BDB5939344F65728EC2F5B747B6619640775E6FDEFC0A ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
13:04:55.0458 0x1c94 avipbb - ok
13:04:55.0567 0x1c94 [ 0D32033DCB359FD98B4C3513EF849FE6, 5870D67526BC29D888DAF8DBAB04B1E97ED5C7C51484ED400A5E65D0EB61576A ] Avira.OE.ServiceHost C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
13:04:55.0598 0x1c94 Avira.OE.ServiceHost - ok
13:04:55.0708 0x1c94 [ F80F5DCA8A5D9D93CC5BE933D20CAF05, 2AFBB2D62127FACBCABBB3E78F3568A6BA016ED4A97A1490BAA29A1EFB7A4408 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
13:04:55.0723 0x1c94 avkmgr - ok
13:04:55.0786 0x1c94 [ 3303FB85532093FC6723632B5947E8C4, F8301069A8EAD7303CAE5B7CAE3F119747E7B7B4402178018EB5254087238A42 ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
13:04:55.0801 0x1c94 avnetflt - ok
13:04:55.0864 0x1c94 [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:04:55.0957 0x1c94 AxInstSV - ok
13:04:56.0004 0x1c94 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
13:04:56.0067 0x1c94 b06bdrv - ok
13:04:56.0113 0x1c94 [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
13:04:56.0145 0x1c94 b57nd60x - ok
13:04:56.0191 0x1c94 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll
13:04:56.0269 0x1c94 BDESVC - ok
13:04:56.0285 0x1c94 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys
13:04:56.0316 0x1c94 Beep - ok
13:04:56.0410 0x1c94 [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\Windows\System32\bfe.dll
13:04:56.0566 0x1c94 BFE - ok
13:04:56.0613 0x1c94 [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\Windows\System32\qmgr.dll
13:04:56.0815 0x1c94 BITS - ok
13:04:56.0847 0x1c94 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
13:04:56.0878 0x1c94 blbdrive - ok
13:04:56.0956 0x1c94 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:04:56.0971 0x1c94 Bonjour Service - ok
13:04:57.0003 0x1c94 [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:04:57.0065 0x1c94 bowser - ok
13:04:57.0081 0x1c94 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:04:57.0159 0x1c94 BrFiltLo - ok
13:04:57.0190 0x1c94 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:04:57.0237 0x1c94 BrFiltUp - ok
13:04:57.0268 0x1c94 [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\Windows\System32\browser.dll
13:04:57.0346 0x1c94 Browser - ok
13:04:57.0377 0x1c94 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:04:57.0471 0x1c94 Brserid - ok
13:04:57.0486 0x1c94 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:04:57.0517 0x1c94 BrSerWdm - ok
13:04:57.0533 0x1c94 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:04:57.0549 0x1c94 BrUsbMdm - ok
13:04:57.0580 0x1c94 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:04:57.0595 0x1c94 BrUsbSer - ok
13:04:57.0673 0x1c94 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
13:04:57.0705 0x1c94 BTHMODEM - ok
13:04:57.0751 0x1c94 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll
13:04:57.0814 0x1c94 bthserv - ok
13:04:57.0985 0x1c94 [ FECA9F830A5C6BAB9978E6781A26AE2B, CA1681A2F4FA849815B8E823805E078DB9C050CEE86E9E394B2A37B57CC474A6 ] c2cautoupdatesvc C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
13:04:58.0048 0x1c94 c2cautoupdatesvc - ok
13:04:58.0157 0x1c94 [ 5B33709F7FE59BB625F113EED86AFC5C, 8D29FE242D55526FDEB2CB4009B5DE19C93972E872BE6328AD3305E360A3D44B ] c2cpnrsvc C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
13:04:58.0219 0x1c94 c2cpnrsvc - ok
13:04:58.0282 0x1c94 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:04:58.0313 0x1c94 cdfs - ok
13:04:58.0391 0x1c94 [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:04:58.0438 0x1c94 cdrom - ok
13:04:58.0485 0x1c94 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\Windows\System32\certprop.dll
13:04:58.0547 0x1c94 CertPropSvc - ok
13:04:58.0594 0x1c94 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
13:04:58.0625 0x1c94 circlass - ok
13:04:58.0703 0x1c94 [ 33A60554882FDF59CDA3E1806370BBA1, 3DE5451E1CB84AAEBD03F54BEFC670C401447B4881A8B022748B6ECF0F500F01 ] CLFS C:\Windows\system32\CLFS.sys
13:04:58.0750 0x1c94 CLFS - ok
13:04:58.0812 0x1c94 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:04:58.0828 0x1c94 clr_optimization_v2.0.50727_32 - ok
13:04:58.0890 0x1c94 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:04:58.0937 0x1c94 clr_optimization_v4.0.30319_32 - ok
13:04:58.0953 0x1c94 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
13:04:58.0984 0x1c94 CmBatt - ok
13:04:59.0015 0x1c94 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:04:59.0031 0x1c94 cmdide - ok
13:04:59.0093 0x1c94 [ 3051724F223EA48968B19567DE2A81F4, DCC27DE1B2B35866FC6DBDE95A368E7D0D346B6C3F31D0BACA63DD39B0A8874E ] CNG C:\Windows\system32\Drivers\cng.sys
13:04:59.0140 0x1c94 CNG - ok
13:04:59.0171 0x1c94 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
13:04:59.0187 0x1c94 Compbatt - ok
13:04:59.0233 0x1c94 [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
13:04:59.0265 0x1c94 CompositeBus - ok
13:04:59.0296 0x1c94 COMSysApp - ok
13:04:59.0311 0x1c94 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
13:04:59.0327 0x1c94 crcdisk - ok
13:04:59.0358 0x1c94 [ 49474B3E37969AF4B5C076F42B623AFF, BDA6B57E9B60EF1B67C74099263D33A367AAA035667239F76AB8B268FD3E8F23 ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:04:59.0389 0x1c94 CryptSvc - ok
13:04:59.0452 0x1c94 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch C:\Windows\system32\rpcss.dll
13:04:59.0514 0x1c94 DcomLaunch - ok
13:04:59.0545 0x1c94 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll
13:04:59.0608 0x1c94 defragsvc - ok
13:04:59.0717 0x1c94 [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:04:59.0764 0x1c94 DfsC - ok
13:04:59.0842 0x1c94 [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\Windows\system32\dhcpcore.dll
13:04:59.0935 0x1c94 Dhcp - ok
13:05:00.0045 0x1c94 [ E95DE5B790B2D16706DAC8472E51F31A, 9D7A72742D369B9F0E4ACEC9C1850D0D60E975AEBEFF5BA06B954EA3AB3E9FF6 ] DiagTrack C:\Windows\system32\diagtrack.dll
13:05:00.0169 0x1c94 DiagTrack - ok
13:05:00.0201 0x1c94 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys
13:05:00.0263 0x1c94 discache - ok
13:05:00.0294 0x1c94 [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\Windows\system32\DRIVERS\disk.sys
13:05:00.0325 0x1c94 Disk - ok
13:05:00.0357 0x1c94 [ C701324C9E0C25DD9D60311BD87FBC84, 86BE238FCC60A55C92D303452A9D5DFA838AE560BDC03A5C6F0F9ABE92062B5A ] DKbFltr C:\Windows\system32\DRIVERS\DKbFltr.sys
13:05:00.0372 0x1c94 DKbFltr - ok
13:05:00.0403 0x1c94 [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:05:00.0466 0x1c94 Dnscache - ok
13:05:00.0559 0x1c94 [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\Windows\System32\dot3svc.dll
13:05:00.0637 0x1c94 dot3svc - ok
13:05:00.0747 0x1c94 [ B5E479EB83707DD698F66953E922042C, 82891A4699F180A20EB25A0EC49A7E008B007A374BAA3279483AC1C95D125FE8 ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
13:05:00.0809 0x1c94 Dot4 - ok
13:05:00.0840 0x1c94 [ CAEFD09B6A6249C53A67D55A9A9FCABF, A76C951EA8A830E5BA22D8D393A946BBAEEDB76478539F647E58199B383F786B ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
13:05:00.0887 0x1c94 Dot4Print - ok
13:05:00.0934 0x1c94 [ CF491FF38D62143203C065260567E2F7, 4315FD8FC88CF627EBE469A2DF0F280B17C95D3004FC7A93D6F8E47F0D91A037 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
13:05:00.0996 0x1c94 dot4usb - ok
13:05:01.0059 0x1c94 [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\Windows\system32\dps.dll
13:05:01.0105 0x1c94 DPS - ok
13:05:01.0137 0x1c94 [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:05:01.0199 0x1c94 drmkaud - ok
13:05:01.0261 0x1c94 [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:05:01.0324 0x1c94 DXGKrnl - ok
13:05:01.0371 0x1c94 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll
13:05:01.0417 0x1c94 EapHost - ok
13:05:01.0573 0x1c94 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
13:05:01.0761 0x1c94 ebdrv - ok
13:05:01.0807 0x1c94 [ 1667D76FBF42B24B9DE3E8B0A7CF06BE, AB9FD4F7B007633FEC552D14932CDEB56DBCE56D152C0EDC91FAFD08E636AADC ] EFS C:\Windows\System32\lsass.exe
13:05:01.0854 0x1c94 EFS - ok
13:05:01.0948 0x1c94 [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:05:02.0073 0x1c94 ehRecvr - ok
13:05:02.0119 0x1c94 [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe
13:05:02.0182 0x1c94 ehSched - ok
13:05:02.0244 0x1c94 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
13:05:02.0307 0x1c94 elxstor - ok
13:05:02.0353 0x1c94 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:05:02.0369 0x1c94 ErrDev - ok
13:05:02.0431 0x1c94 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll
13:05:02.0494 0x1c94 EventSystem - ok
13:05:02.0525 0x1c94 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys
13:05:02.0556 0x1c94 exfat - ok
13:05:02.0587 0x1c94 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:05:02.0619 0x1c94 fastfat - ok
13:05:02.0759 0x1c94 [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\Windows\system32\fxssvc.exe
13:05:02.0853 0x1c94 Fax - ok
13:05:02.0868 0x1c94 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
13:05:02.0899 0x1c94 fdc - ok
13:05:02.0931 0x1c94 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll
13:05:02.0977 0x1c94 fdPHost - ok
13:05:02.0993 0x1c94 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll
13:05:03.0040 0x1c94 FDResPub - ok
13:05:03.0071 0x1c94 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:05:03.0087 0x1c94 FileInfo - ok
13:05:03.0102 0x1c94 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:05:03.0149 0x1c94 Filetrace - ok
13:05:03.0165 0x1c94 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
13:05:03.0196 0x1c94 flpydisk - ok
13:05:03.0243 0x1c94 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:05:03.0258 0x1c94 FltMgr - ok
13:05:03.0321 0x1c94 [ 6EC244F102C7F129678E5F7309D1366D, C30DA201AC623DA440B0A0716534557C578218C2A591FA8893CCCBD96B4518F9 ] FontCache C:\Windows\system32\FntCache.dll
13:05:03.0414 0x1c94 FontCache - ok
13:05:03.0477 0x1c94 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
13:05:03.0492 0x1c94 FontCache3.0.0.0 - ok
13:05:03.0523 0x1c94 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:05:03.0539 0x1c94 FsDepends - ok
13:05:03.0617 0x1c94 [ 790A4CA68F44BE35967B3DF61F3E4675, 7CBC77C620ABA75FEF4BA8AD9C38766D50CD18106EBA4693F162F2C5A7D46AA8 ] FsUsbExDisk C:\Windows\system32\FsUsbExDisk.SYS
13:05:03.0695 0x1c94 FsUsbExDisk - detected UnsignedFile.Multi.Generic ( 1 )
13:05:06.0082 0x1c94 Detect skipped due to KSN trusted
13:05:06.0082 0x1c94 FsUsbExDisk - ok
13:05:06.0175 0x1c94 [ D3F9205CC4CB07553F2F9472C767EA87, B1DF2B8D718CF7958E5E0B367859EEFB45CC9042B1B88E0C4DA884DF2608B59A ] FsUsbExService C:\Windows\system32\FsUsbExService.Exe
13:05:06.0253 0x1c94 FsUsbExService - detected UnsignedFile.Multi.Generic ( 1 )
13:05:08.0625 0x1c94 Detect skipped due to KSN trusted
13:05:08.0625 0x1c94 FsUsbExService - ok
13:05:08.0671 0x1c94 [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:05:08.0687 0x1c94 Fs_Rec - ok
13:05:08.0734 0x1c94 [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:05:08.0765 0x1c94 fvevol - ok
13:05:08.0781 0x1c94 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
13:05:08.0796 0x1c94 gagp30kx - ok
13:05:08.0859 0x1c94 [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:05:08.0874 0x1c94 GEARAspiWDM - ok
13:05:08.0937 0x1c94 [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc C:\Windows\System32\gpsvc.dll
13:05:09.0015 0x1c94 gpsvc - ok
13:05:09.0139 0x1c94 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
13:05:09.0171 0x1c94 gupdate - ok
13:05:09.0186 0x1c94 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
13:05:09.0202 0x1c94 gupdatem - ok
13:05:09.0264 0x1c94 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
13:05:09.0280 0x1c94 gusvc - ok
13:05:09.0327 0x1c94 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:05:09.0405 0x1c94 hcw85cir - ok
13:05:09.0467 0x1c94 [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:05:09.0514 0x1c94 HdAudAddService - ok
13:05:09.0545 0x1c94 [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
13:05:09.0576 0x1c94 HDAudBus - ok
13:05:09.0607 0x1c94 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
13:05:09.0670 0x1c94 HidBatt - ok
13:05:09.0701 0x1c94 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
13:05:09.0732 0x1c94 HidBth - ok
13:05:09.0748 0x1c94 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
13:05:09.0763 0x1c94 HidIr - ok
13:05:09.0795 0x1c94 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\system32\hidserv.dll
13:05:09.0841 0x1c94 hidserv - ok
13:05:09.0904 0x1c94 [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
13:05:09.0982 0x1c94 HidUsb - ok
13:05:10.0029 0x1c94 [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\Windows\system32\kmsvc.dll
13:05:10.0091 0x1c94 hkmsvc - ok
13:05:10.0138 0x1c94 [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:05:10.0231 0x1c94 HomeGroupListener - ok
13:05:10.0278 0x1c94 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:05:10.0341 0x1c94 HomeGroupProvider - ok
13:05:10.0450 0x1c94 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05, 7B3F117C1D606DDA7623BEC0BFBC362C33A12213E899F049AC56A55826984134 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
13:05:10.0497 0x1c94 hpqcxs08 - detected UnsignedFile.Multi.Generic ( 1 )
13:05:12.0883 0x1c94 Detect skipped due to KSN trusted
13:05:12.0883 0x1c94 hpqcxs08 - ok
13:05:12.0930 0x1c94 [ F3F72A2A86C22610BCA5439FA789DD52, DA5A8F09DCC512AA1558863AD4FAC12F72DD83CA8FB4D8D9831E4AFBB6B3C616 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
13:05:12.0961 0x1c94 hpqddsvc - detected UnsignedFile.Multi.Generic ( 1 )
13:05:15.0411 0x1c94 Detect skipped due to KSN trusted
13:05:15.0411 0x1c94 hpqddsvc - ok
13:05:15.0489 0x1c94 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
13:05:15.0504 0x1c94 HpSAMD - ok
13:05:15.0551 0x1c94 [ 210388FD8225B02BD83D77628AAE64A9, EFB755244CDF8344E14528CF46A6D43C1E8266A307603A63023D8955925FE0C3 ] HsfXAudioService C:\Windows\system32\XAudio32.dll
13:05:15.0660 0x1c94 HsfXAudioService - ok
13:05:15.0738 0x1c94 [ 227C3BA25012752BB7450235392C719F, 95C57347FDCD44D06325778EA2B451A26FF9F2BAB3092244102026E8FF20B03F ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
13:05:15.0816 0x1c94 HSF_DPV - ok
13:05:15.0847 0x1c94 [ 4DF5C76302DC2F8F3465966C8426A292, D5A7C1DB3E282A11936EEE75E3ACEF07599962E0EEC5726233B3A741B783550E ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
13:05:15.0879 0x1c94 HSXHWAZL - ok
13:05:15.0925 0x1c94 [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:05:16.0003 0x1c94 HTTP - ok
13:05:16.0050 0x1c94 [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:05:16.0066 0x1c94 hwpolicy - ok
13:05:16.0113 0x1c94 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
13:05:16.0128 0x1c94 i8042prt - ok
13:05:16.0206 0x1c94 [ 7548066DF68A8A1A56B043359F915F37, 6225DDE554E45858374CBD284A85A00F773089A667C08492187A637232B8BD9A ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
13:05:16.0222 0x1c94 IAANTMON - ok
13:05:16.0269 0x1c94 [ D483687EACE0C065EE772481A96E05F5, A22200E90C78DFE73FE0FBEED5331AB43CD7133651FD125595C4DB604AD71B29 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
13:05:16.0284 0x1c94 iaStor - ok
13:05:16.0362 0x1c94 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
13:05:16.0409 0x1c94 iaStorV - ok
13:05:16.0471 0x1c94 [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:05:16.0549 0x1c94 idsvc - ok
13:05:16.0581 0x1c94 IEEtwCollectorService - ok
13:05:16.0612 0x1c94 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
13:05:16.0643 0x1c94 iirsp - ok
13:05:16.0737 0x1c94 [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT C:\Windows\System32\ikeext.dll
13:05:16.0783 0x1c94 IKEEXT - ok
13:05:16.0924 0x1c94 [ F2BAA4FF548F7F0317F7638951C1CD9C, C5B35FCEE8AC7C3BE4D4F834A49A0B71A17E751AFB02DE84ECB9774AA49B2879 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
13:05:17.0080 0x1c94 IntcAzAudAddService - ok
13:05:17.0127 0x1c94 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\drivers\intelide.sys
13:05:17.0142 0x1c94 intelide - ok
13:05:17.0173 0x1c94 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:05:17.0205 0x1c94 intelppm - ok
13:05:17.0236 0x1c94 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:05:17.0267 0x1c94 IPBusEnum - ok
13:05:17.0298 0x1c94 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:05:17.0345 0x1c94 IpFilterDriver - ok
13:05:17.0407 0x1c94 [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:05:17.0502 0x1c94 iphlpsvc - ok
13:05:17.0533 0x1c94 [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
13:05:17.0564 0x1c94 IPMIDRV - ok
13:05:17.0596 0x1c94 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:05:17.0642 0x1c94 IPNAT - ok
13:05:17.0736 0x1c94 [ FB7679FD086C60597F8C6929FF66FAC2, 6333339CB052D2A64CFBE5916D6D8F2A4D6CA84A31B549F70733A91F3C4D6EB8 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
13:05:17.0783 0x1c94 iPod Service - ok
13:05:17.0798 0x1c94 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:05:17.0845 0x1c94 IRENUM - ok
13:05:17.0876 0x1c94 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:05:17.0892 0x1c94 isapnp - ok
13:05:17.0939 0x1c94 [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
13:05:17.0986 0x1c94 iScsiPrt - ok
13:05:18.0017 0x1c94 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
13:05:18.0032 0x1c94 kbdclass - ok
13:05:18.0095 0x1c94 [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
13:05:18.0126 0x1c94 kbdhid - ok
13:05:18.0142 0x1c94 [ 1667D76FBF42B24B9DE3E8B0A7CF06BE, AB9FD4F7B007633FEC552D14932CDEB56DBCE56D152C0EDC91FAFD08E636AADC ] KeyIso C:\Windows\system32\lsass.exe
13:05:18.0173 0x1c94 KeyIso - ok
13:05:18.0204 0x1c94 [ 6DD2A1064DD8AFBED22E71176E2AF59B, 915F36860DAA72DA89E906A7F6F255A854A2A91EEA536A7C2EDB4A63250F66CC ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:05:18.0220 0x1c94 KSecDD - ok
13:05:18.0266 0x1c94 [ 76C0D35167B1369C68388FEDB56A3048, 2788962AB21DBB0A4D130AE5F822E9FDB96D7FF6320E2798714BF18BCB9CAE4F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:05:18.0298 0x1c94 KSecPkg - ok
13:05:18.0329 0x1c94 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll
13:05:18.0407 0x1c94 KtmRm - ok
13:05:18.0454 0x1c94 [ F7CDABA15C7E853F0A11AF6D77FCA990, 14486B8C9535D62AD8FA98A21DA76E793B3FB275D82FAF4423526D340ABCD785 ] L1E C:\Windows\system32\DRIVERS\L1E62x86.sys
13:05:18.0500 0x1c94 L1E - ok
13:05:18.0547 0x1c94 [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\Windows\system32\srvsvc.dll
13:05:18.0610 0x1c94 LanmanServer - ok
13:05:18.0688 0x1c94 [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:05:18.0766 0x1c94 LanmanWorkstation - ok
13:05:18.0812 0x1c94 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:05:18.0875 0x1c94 lltdio - ok
13:05:18.0906 0x1c94 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:05:18.0953 0x1c94 lltdsvc - ok
13:05:18.0984 0x1c94 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:05:19.0031 0x1c94 lmhosts - ok
13:05:19.0046 0x1c94 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
13:05:19.0078 0x1c94 LSI_FC - ok
13:05:19.0093 0x1c94 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
13:05:19.0109 0x1c94 LSI_SAS - ok
13:05:19.0124 0x1c94 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:05:19.0140 0x1c94 LSI_SAS2 - ok
13:05:19.0156 0x1c94 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:05:19.0171 0x1c94 LSI_SCSI - ok
13:05:19.0218 0x1c94 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys
13:05:19.0265 0x1c94 luafv - ok
13:05:19.0312 0x1c94 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:05:19.0343 0x1c94 Mcx2Svc - ok
13:05:19.0374 0x1c94 [ 0CEA2D0D3FA284B85ED5B68365114F76, E6FF0EC98FDC3F628438B613C356C237E68686E3B5B17A58A60C16F4B9A2B968 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
13:05:19.0390 0x1c94 mdmxsdk - ok
13:05:19.0405 0x1c94 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
13:05:19.0421 0x1c94 megasas - ok
13:05:19.0436 0x1c94 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
13:05:19.0452 0x1c94 MegaSR - ok
13:05:19.0483 0x1c94 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll
13:05:19.0530 0x1c94 MMCSS - ok
13:05:19.0546 0x1c94 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys
13:05:19.0592 0x1c94 Modem - ok
13:05:19.0670 0x1c94 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:05:19.0702 0x1c94 monitor - ok
13:05:19.0764 0x1c94 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:05:19.0780 0x1c94 mouclass - ok
13:05:19.0826 0x1c94 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:05:19.0858 0x1c94 mouhid - ok
13:05:19.0889 0x1c94 [ 644905A19D0F37F2233DFCE53BC4BC19, F52CB40AA0FD1EBF8CBF0F3BFB20C47142C637719840877FB93F10D085EB8C2B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:05:19.0920 0x1c94 mountmgr - ok
13:05:20.0014 0x1c94 [ 03D14BF1DC59130002F6B8BA3AD89DB9, 1729CCD8AAF51CDB86ED67569974D0B6B1CFFA5F90EF6E6004B0D8A305D88C27 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
13:05:20.0045 0x1c94 MozillaMaintenance - ok
13:05:20.0060 0x1c94 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\Windows\system32\drivers\mpio.sys
13:05:20.0076 0x1c94 mpio - ok
13:05:20.0123 0x1c94 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:05:20.0170 0x1c94 mpsdrv - ok
13:05:20.0216 0x1c94 [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\Windows\system32\mpssvc.dll
13:05:20.0310 0x1c94 MpsSvc - ok
13:05:20.0372 0x1c94 [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:05:20.0450 0x1c94 MRxDAV - ok
13:05:20.0497 0x1c94 [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:05:20.0560 0x1c94 mrxsmb - ok
13:05:20.0591 0x1c94 [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:05:20.0606 0x1c94 mrxsmb10 - ok
13:05:20.0684 0x1c94 [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:05:20.0716 0x1c94 mrxsmb20 - ok
13:05:20.0762 0x1c94 [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\Windows\system32\drivers\msahci.sys
13:05:20.0778 0x1c94 msahci - ok
13:05:20.0825 0x1c94 [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:05:20.0856 0x1c94 msdsm - ok
13:05:20.0872 0x1c94 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe
13:05:20.0903 0x1c94 MSDTC - ok
13:05:20.0950 0x1c94 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:05:20.0996 0x1c94 Msfs - ok
13:05:21.0028 0x1c94 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:05:21.0059 0x1c94 mshidkmdf - ok
13:05:21.0090 0x1c94 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:05:21.0106 0x1c94 msisadrv - ok
13:05:21.0137 0x1c94 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:05:21.0168 0x1c94 MSiSCSI - ok
13:05:21.0184 0x1c94 msiserver - ok
13:05:21.0230 0x1c94 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:05:21.0277 0x1c94 MSKSSRV - ok
13:05:21.0308 0x1c94 [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:05:21.0340 0x1c94 MSPCLOCK - ok
13:05:21.0371 0x1c94 [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:05:21.0418 0x1c94 MSPQM - ok
13:05:21.0433 0x1c94 [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:05:21.0464 0x1c94 MsRPC - ok
13:05:21.0480 0x1c94 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
13:05:21.0496 0x1c94 mssmbios - ok
13:05:21.0511 0x1c94 [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:05:21.0558 0x1c94 MSTEE - ok
13:05:21.0574 0x1c94 [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
13:05:21.0620 0x1c94 MTConfig - ok
13:05:21.0667 0x1c94 [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys
13:05:21.0683 0x1c94 Mup - ok
13:05:21.0730 0x1c94 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\Windows\system32\qagentRT.dll
13:05:21.0792 0x1c94 napagent - ok
13:05:21.0854 0x1c94 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:05:21.0901 0x1c94 NativeWifiP - ok
13:05:21.0995 0x1c94 [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS C:\Windows\system32\drivers\ndis.sys
13:05:22.0057 0x1c94 NDIS - ok
13:05:22.0088 0x1c94 [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:05:22.0135 0x1c94 NdisCap - ok
13:05:22.0166 0x1c94 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:05:22.0213 0x1c94 NdisTapi - ok
13:05:22.0291 0x1c94 [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:05:22.0322 0x1c94 Ndisuio - ok
13:05:22.0369 0x1c94 [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:05:22.0416 0x1c94 NdisWan - ok
13:05:22.0447 0x1c94 [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:05:22.0494 0x1c94 NDProxy - ok
13:05:22.0541 0x1c94 [ A081CB6FB9A12668F233EB5414BE3A0E, EE2A1311B51D1FEBAF79F45E568A927D8EA7704AFC8495AED2D26927566F61E3 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
13:05:22.0572 0x1c94 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
13:05:24.0959 0x1c94 Detect skipped due to KSN trusted
13:05:24.0959 0x1c94 Net Driver HPZ12 - ok
13:05:25.0021 0x1c94 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:05:25.0084 0x1c94 NetBIOS - ok
13:05:25.0115 0x1c94 [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:05:25.0146 0x1c94 NetBT - ok
13:05:25.0162 0x1c94 [ 1667D76FBF42B24B9DE3E8B0A7CF06BE, AB9FD4F7B007633FEC552D14932CDEB56DBCE56D152C0EDC91FAFD08E636AADC ] Netlogon C:\Windows\system32\lsass.exe
13:05:25.0177 0x1c94 Netlogon - ok
13:05:25.0208 0x1c94 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll
13:05:25.0286 0x1c94 Netman - ok
13:05:25.0349 0x1c94 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:05:25.0380 0x1c94 NetMsmqActivator - ok
13:05:25.0442 0x1c94 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:05:25.0474 0x1c94 NetPipeActivator - ok
13:05:25.0489 0x1c94 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll
13:05:25.0552 0x1c94 netprofm - ok
13:05:25.0567 0x1c94 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:05:25.0598 0x1c94 NetTcpActivator - ok
13:05:25.0598 0x1c94 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:05:25.0614 0x1c94 NetTcpPortSharing - ok
13:05:25.0942 0x1c94 [ EF51B405AD8ACAAE6F0231290D20F516, 2BBD53127E1375E36590ECBA9DA6AAD133E850A90D5B5610DED99D37987CAADD ] NETw5s32 C:\Windows\system32\DRIVERS\NETw5s32.sys
13:05:26.0285 0x1c94 NETw5s32 - ok
13:05:26.0472 0x1c94 [ 58218EC6B61B1169CF54AAB0D00F5FE2, B76ABB2AD78CE68D30F0F08563B0593D658298CDCF1B138B6E9FB0D64CBCC3C2 ] netw5v32 C:\Windows\system32\DRIVERS\netw5v32.sys
13:05:26.0675 0x1c94 netw5v32 - ok
13:05:26.0737 0x1c94 [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
13:05:26.0753 0x1c94 nfrd960 - ok
13:05:26.0800 0x1c94 [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc C:\Windows\System32\nlasvc.dll
13:05:26.0878 0x1c94 NlaSvc - ok
13:05:26.0893 0x1c94 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:05:26.0940 0x1c94 Npfs - ok
13:05:26.0971 0x1c94 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll
13:05:27.0002 0x1c94 nsi - ok
13:05:27.0018 0x1c94 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:05:27.0049 0x1c94 nsiproxy - ok
13:05:27.0143 0x1c94 [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:05:27.0221 0x1c94 Ntfs - ok
13:05:27.0252 0x1c94 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys
13:05:27.0299 0x1c94 Null - ok
13:05:27.0346 0x1c94 [ 97564839DC47131BB5E1EAFD1F884415, 96DA889AE004DBB7F79AE7435E9863A649175634133B4B55AB6B66E8B64CC9ED ] nuvotoncir C:\Windows\system32\DRIVERS\nuvotoncir.sys
13:05:27.0408 0x1c94 nuvotoncir - ok
13:05:27.0439 0x1c94 [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:05:27.0470 0x1c94 nvraid - ok
13:05:27.0517 0x1c94 [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:05:27.0548 0x1c94 nvstor - ok
13:05:27.0595 0x1c94 [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:05:27.0611 0x1c94 nv_agp - ok
13:05:27.0736 0x1c94 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:05:27.0782 0x1c94 odserv - ok
13:05:27.0814 0x1c94 [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
13:05:27.0829 0x1c94 ohci1394 - ok
13:05:27.0892 0x1c94 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:05:27.0923 0x1c94 ose - ok
13:05:27.0970 0x1c94 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:05:28.0063 0x1c94 p2pimsvc - ok
13:05:28.0126 0x1c94 [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll
13:05:28.0188 0x1c94 p2psvc - ok
13:05:28.0219 0x1c94 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\DRIVERS\parport.sys
13:05:28.0266 0x1c94 Parport - ok
13:05:28.0282 0x1c94 [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:05:28.0313 0x1c94 partmgr - ok
13:05:28.0328 0x1c94 [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
13:05:28.0360 0x1c94 Parvdm - ok
13:05:28.0406 0x1c94 [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc C:\Windows\System32\pcasvc.dll
13:05:28.0453 0x1c94 PcaSvc - ok
13:05:28.0500 0x1c94 [ 175CC28DCF819F78CAA3FBD44AD9E52A, C00F17040440E5C10439FF8110368A7813BD197E96338FD3703C86E399E27128 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfd.sys
13:05:28.0578 0x1c94 pccsmcfd - ok
13:05:28.0625 0x1c94 [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\Windows\system32\drivers\pci.sys
13:05:28.0656 0x1c94 pci - ok
13:05:28.0687 0x1c94 [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\drivers\pciide.sys
13:05:28.0703 0x1c94 pciide - ok
13:05:28.0750 0x1c94 [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
13:05:28.0765 0x1c94 pcmcia - ok
13:05:28.0781 0x1c94 [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys
13:05:28.0796 0x1c94 pcw - ok
13:05:28.0859 0x1c94 [ AEBC369F7DC72AB3F5B9BDF34FA0D43F, 2A819154AC6C23E97C583D90B4D0C112188B7AE9D8D9B3F88811BFCED124E551 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:05:28.0906 0x1c94 PEAUTH - ok
13:05:29.0015 0x1c94 [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\Windows\system32\pla.dll
13:05:29.0124 0x1c94 pla - ok
13:05:29.0186 0x1c94 [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:05:29.0264 0x1c94 PlugPlay - ok
13:05:29.0342 0x1c94 [ 65BC271F337637731D3C71455AE1F476, DAD32B61FE0147F8D2DA4C8F016920CD6BB2098F16E3CC2768009763E71DEFBC ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
13:05:29.0342 0x1c94 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
13:05:32.0010 0x1c94 Detect skipped due to KSN trusted
13:05:32.0010 0x1c94 Pml Driver HPZ12 - ok
13:05:32.0057 0x1c94 [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:05:32.0072 0x1c94 PNRPAutoReg - ok
13:05:32.0104 0x1c94 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:05:32.0135 0x1c94 PNRPsvc - ok
13:05:32.0197 0x1c94 [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:05:32.0244 0x1c94 PolicyAgent - ok
13:05:32.0291 0x1c94 [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\Windows\system32\umpo.dll
13:05:32.0338 0x1c94 Power - ok
13:05:32.0384 0x1c94 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:05:32.0431 0x1c94 PptpMiniport - ok
13:05:32.0447 0x1c94 [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\DRIVERS\processr.sys
13:05:32.0462 0x1c94 Processor - ok
13:05:32.0509 0x1c94 [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc C:\Windows\system32\profsvc.dll
13:05:32.0572 0x1c94 ProfSvc - ok
13:05:32.0587 0x1c94 [ 1667D76FBF42B24B9DE3E8B0A7CF06BE, AB9FD4F7B007633FEC552D14932CDEB56DBCE56D152C0EDC91FAFD08E636AADC ] ProtectedStorage C:\Windows\system32\lsass.exe
13:05:32.0603 0x1c94 ProtectedStorage - ok
13:05:32.0681 0x1c94 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:05:32.0743 0x1c94 Psched - ok
13:05:32.0821 0x1c94 [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
13:05:32.0915 0x1c94 ql2300 - ok
13:05:32.0930 0x1c94 [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
13:05:32.0962 0x1c94 ql40xx - ok
13:05:32.0993 0x1c94 [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll
13:05:33.0024 0x1c94 QWAVE - ok
13:05:33.0055 0x1c94 [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:05:33.0071 0x1c94 QWAVEdrv - ok
13:05:33.0086 0x1c94 [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:05:33.0133 0x1c94 RasAcd - ok
13:05:33.0164 0x1c94 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:05:33.0211 0x1c94 RasAgileVpn - ok
13:05:33.0227 0x1c94 [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll
13:05:33.0258 0x1c94 RasAuto - ok
13:05:33.0289 0x1c94 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:05:33.0320 0x1c94 Rasl2tp - ok
13:05:33.0367 0x1c94 [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\Windows\System32\rasmans.dll
13:05:33.0445 0x1c94 RasMan - ok
13:05:33.0476 0x1c94 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:05:33.0508 0x1c94 RasPppoe - ok
13:05:33.0586 0x1c94 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:05:33.0617 0x1c94 RasSstp - ok
13:05:33.0679 0x1c94 [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:05:33.0757 0x1c94 rdbss - ok
13:05:33.0773 0x1c94 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
13:05:33.0804 0x1c94 rdpbus - ok
13:05:33.0835 0x1c94 [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:05:33.0882 0x1c94 RDPCDD - ok
13:05:33.0913 0x1c94 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:05:33.0944 0x1c94 RDPENCDD - ok
13:05:33.0960 0x1c94 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:05:33.0991 0x1c94 RDPREFMP - ok
13:05:34.0085 0x1c94 [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
13:05:34.0163 0x1c94 RdpVideoMiniport - ok
13:05:34.0194 0x1c94 [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:05:34.0256 0x1c94 RDPWD - ok
13:05:34.0303 0x1c94 [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:05:34.0319 0x1c94 rdyboost - ok
13:05:34.0428 0x1c94 [ 590DE2C0FF4E367050239BD1DDC912C1, B8D1D01C276C15EDA5B6BE5F1FD16315063D1C9BA6D22D51AED51FC93D417A17 ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
13:05:34.0459 0x1c94 RealNetworks Downloader Resolver Service - ok
13:05:34.0693 0x1c94 [ AC36A47C010100B7EDFB2A70114D3E89, 3051841EB4FC8A9CDA5B1B9168D459A639F7E588E859F51D6B865CD073CFCE13 ] RealPlayer Cloud Service c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe
13:05:34.0740 0x1c94 RealPlayer Cloud Service - ok
13:05:34.0802 0x1c94 [ A650FA927A4D1D71C53E317A0DDD6B7E, F1D476213CE15E0060440CDBF36806649F172408EC0977A35AEE67F30C43B15A ] RealPlayerUpdateSvc C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe
13:05:34.0834 0x1c94 RealPlayerUpdateSvc - ok
13:05:34.0865 0x1c94 [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:05:34.0927 0x1c94 RemoteAccess - ok
13:05:34.0958 0x1c94 [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:05:35.0005 0x1c94 RemoteRegistry - ok
13:05:35.0036 0x1c94 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:05:35.0068 0x1c94 RpcEptMapper - ok
13:05:35.0083 0x1c94 [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe
13:05:35.0114 0x1c94 RpcLocator - ok
13:05:35.0146 0x1c94 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs C:\Windows\system32\rpcss.dll
13:05:35.0192 0x1c94 RpcSs - ok
13:05:35.0208 0x1c94 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:05:35.0255 0x1c94 rspndr - ok
13:05:35.0286 0x1c94 [ 31D45ECA63884FF5F7AECC50F7D1BAE0, A485B602F1210902AD5505F1B846667A6EAE9AF8BB661DAF3C0272442CC840FF ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
13:05:35.0348 0x1c94 RSUSBSTOR - ok
13:05:35.0380 0x1c94 [ 87407B31EA6FF0DC4765258164B98BEA, 44C606DB6A404B06417762CB60F2B6ED5EC662F0F4312F54A4FF5BC3D5AEF3F8 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIV.sys
13:05:35.0395 0x1c94 RTHDMIAzAudService - ok
13:05:35.0411 0x1c94 [ 1667D76FBF42B24B9DE3E8B0A7CF06BE, AB9FD4F7B007633FEC552D14932CDEB56DBCE56D152C0EDC91FAFD08E636AADC ] SamSs C:\Windows\system32\lsass.exe
13:05:35.0426 0x1c94 SamSs - ok
13:05:35.0473 0x1c94 [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:05:35.0489 0x1c94 sbp2port - ok
13:05:35.0520 0x1c94 [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:05:35.0551 0x1c94 SCardSvr - ok
13:05:35.0582 0x1c94 [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:05:35.0614 0x1c94 scfilter - ok
13:05:35.0754 0x1c94 [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule C:\Windows\system32\schedsvc.dll
13:05:35.0832 0x1c94 Schedule - ok
13:05:35.0879 0x1c94 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\Windows\System32\certprop.dll
13:05:35.0926 0x1c94 SCPolicySvc - ok
13:05:35.0957 0x1c94 [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:05:36.0035 0x1c94 SDRSVC - ok
13:05:36.0066 0x1c94 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:05:36.0128 0x1c94 secdrv - ok
13:05:36.0160 0x1c94 [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\Windows\system32\seclogon.dll
13:05:36.0206 0x1c94 seclogon - ok
13:05:36.0238 0x1c94 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\System32\sens.dll
13:05:36.0269 0x1c94 SENS - ok
13:05:36.0300 0x1c94 [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:05:36.0347 0x1c94 SensrSvc - ok
13:05:36.0378 0x1c94 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
13:05:36.0409 0x1c94 Serenum - ok
13:05:36.0440 0x1c94 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\DRIVERS\serial.sys
13:05:36.0472 0x1c94 Serial - ok
13:05:36.0487 0x1c94 [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
13:05:36.0518 0x1c94 sermouse - ok
13:05:36.0612 0x1c94 [ 9D38320BB32230349379DF5DDBBF7FCE, 8AAA8B0B60E65F596C3276DCCD0D8146B40172B6D509B597EDFDA46AC8A72A4C ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
13:05:36.0659 0x1c94 ServiceLayer - detected UnsignedFile.Multi.Generic ( 1 )
13:05:39.0046 0x1c94 Detect skipped due to KSN trusted
13:05:39.0046 0x1c94 ServiceLayer - ok
13:05:39.0124 0x1c94 [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\Windows\system32\sessenv.dll
13:05:39.0155 0x1c94 SessionEnv - ok
13:05:39.0202 0x1c94 [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:05:39.0248 0x1c94 sffdisk - ok
13:05:39.0264 0x1c94 [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:05:39.0311 0x1c94 sffp_mmc - ok
13:05:39.0326 0x1c94 [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:05:39.0373 0x1c94 sffp_sd - ok
13:05:39.0389 0x1c94 [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
13:05:39.0420 0x1c94 sfloppy - ok
13:05:39.0467 0x1c94 [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:05:39.0545 0x1c94 SharedAccess - ok
13:05:39.0576 0x1c94 [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:05:39.0638 0x1c94 ShellHWDetection - ok
13:05:39.0654 0x1c94 [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\drivers\sisagp.sys
13:05:39.0670 0x1c94 sisagp - ok
13:05:39.0716 0x1c94 [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:05:39.0732 0x1c94 SiSRaid2 - ok
13:05:39.0748 0x1c94 [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
13:05:39.0763 0x1c94 SiSRaid4 - ok
13:05:39.0888 0x1c94 [ 704B4F81729F676BBF034529FC334D82, 1E50DAF97836807A500284385D99272780A8B69CA88761250451060B207824F8 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
13:05:39.0966 0x1c94 SkypeUpdate - ok
13:05:39.0997 0x1c94 [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:05:40.0044 0x1c94 Smb - ok
13:05:40.0091 0x1c94 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:05:40.0122 0x1c94 SNMPTRAP - ok
13:05:40.0122 0x1c94 [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys
13:05:40.0138 0x1c94 spldr - ok
13:05:40.0184 0x1c94 [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler C:\Windows\System32\spoolsv.exe
13:05:40.0247 0x1c94 Spooler - ok
13:05:40.0418 0x1c94 [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\Windows\system32\sppsvc.exe
13:05:40.0621 0x1c94 sppsvc - ok
13:05:40.0699 0x1c94 [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:05:40.0777 0x1c94 sppuinotify - ok
13:05:40.0808 0x1c94 [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv C:\Windows\system32\DRIVERS\srv.sys
13:05:40.0871 0x1c94 srv - ok
13:05:40.0918 0x1c94 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:05:40.0964 0x1c94 srv2 - ok
13:05:41.0011 0x1c94 [ E00FDFAFF025E94F9821153750C35A6D, 6ECDC5F314A29B859B0DCB7FF114CACE0718612556299B16412C21F9539DC9B5 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL3.SYS
13:05:41.0058 0x1c94 SrvHsfHDA - ok
13:05:41.0136 0x1c94 [ CEB4E3B6890E1E42DCA6694D9E59E1A0, 00D841690A88F1051A238F67AACCE905E8A59C86070F215A8D31FA3E68C6BF35 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV3.SYS
13:05:41.0198 0x1c94 SrvHsfV92 - ok
13:05:41.0245 0x1c94 [ BC0C7EA89194C299F051C24119000E17, F5FB21F7AD7370F3D5DF7C23F33118ECF19865B995AF12E9A8A8D893E7E6264F ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
13:05:41.0292 0x1c94 SrvHsfWinac - ok
13:05:41.0323 0x1c94 [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:05:41.0339 0x1c94 srvnet - ok
13:05:41.0370 0x1c94 [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:05:41.0432 0x1c94 SSDPSRV - ok
13:05:41.0479 0x1c94 [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
13:05:41.0495 0x1c94 ssmdrv - ok
13:05:41.0510 0x1c94 [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:05:41.0542 0x1c94 SstpSvc - ok
13:05:41.0573 0x1c94 [ 3F0164FBC0BD1ADBD02DF9759181451A, 8BDAA0373BD16B38407F93FE5C697481D4D88C72B1931D6A7B9F80C0276242B9 ] ss_bbus C:\Windows\system32\DRIVERS\ss_bbus.sys
13:05:41.0588 0x1c94 ss_bbus - ok
13:05:41.0604 0x1c94 [ B89D62206034E5FE573C80A24DD55675, 26D12E2A7CB538DDEEA7B764242E9EAE25E0A46293AE3608E6B7DD71AECBA901 ] ss_bmdfl C:\Windows\system32\DRIVERS\ss_bmdfl.sys
13:05:41.0620 0x1c94 ss_bmdfl - ok
13:05:41.0635 0x1c94 [ 1ED0FCEA586FE2A416EE15196E5631DD, AF1EBAD7D580BF85ACD6C6287892DE4E7A679852887B9E866A032B1DDCF26183 ] ss_bmdm C:\Windows\system32\DRIVERS\ss_bmdm.sys
13:05:41.0651 0x1c94 ss_bmdm - ok
13:05:41.0682 0x1c94 [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
13:05:41.0698 0x1c94 stexstor - ok
13:05:41.0760 0x1c94 [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\Windows\System32\wiaservc.dll
13:05:41.0822 0x1c94 StiSvc - ok
13:05:41.0854 0x1c94 [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\drivers\swenum.sys
13:05:41.0869 0x1c94 swenum - ok
13:05:41.0900 0x1c94 [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll
13:05:41.0978 0x1c94 swprv - ok
13:05:42.0056 0x1c94 [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain C:\Windows\system32\sysmain.dll
13:05:42.0134 0x1c94 SysMain - ok
13:05:42.0166 0x1c94 [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
13:05:42.0181 0x1c94 TabletInputService - ok
13:05:42.0228 0x1c94 [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\Windows\System32\tapisrv.dll
13:05:42.0275 0x1c94 TapiSrv - ok
13:05:42.0306 0x1c94 [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\Windows\System32\tbssvc.dll
13:05:42.0353 0x1c94 TBS - ok
13:05:42.0446 0x1c94 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:05:42.0524 0x1c94 Tcpip - ok
13:05:42.0587 0x1c94 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:05:42.0634 0x1c94 TCPIP6 - ok
13:05:42.0680 0x1c94 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:05:42.0696 0x1c94 tcpipreg - ok
13:05:42.0727 0x1c94 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:05:42.0774 0x1c94 TDPIPE - ok
13:05:42.0821 0x1c94 [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:05:42.0852 0x1c94 TDTCP - ok
13:05:42.0883 0x1c94 [ 7FE680A3DFA421C4A8E4879AE4C5AAB0, A4C64E155AB2843823CD3586756BA7681CFDEA50812095468221503BBAD30DCD ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:05:42.0914 0x1c94 tdx - ok
13:05:42.0930 0x1c94 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\Windows\system32\drivers\termdd.sys
13:05:42.0946 0x1c94 TermDD - ok
13:05:43.0008 0x1c94 [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService C:\Windows\System32\termsrv.dll
13:05:43.0070 0x1c94 TermService - ok
13:05:43.0102 0x1c94 [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll
13:05:43.0133 0x1c94 Themes - ok
13:05:43.0148 0x1c94 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll
13:05:43.0180 0x1c94 THREADORDER - ok
13:05:43.0273 0x1c94 [ F620772888B6E3EDEF5C3E71E3D447F0, 67CFC8E94ACCA0B31E7D2062D587C1BD37911F95A02C8CCB1B4A3E0EBDADC8B0 ] TomTomHOMEService C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
13:05:43.0289 0x1c94 TomTomHOMEService - ok
13:05:43.0320 0x1c94 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll
13:05:43.0351 0x1c94 TrkWks - ok
13:05:43.0414 0x1c94 [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:05:43.0476 0x1c94 TrustedInstaller - ok
13:05:43.0507 0x1c94 [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:05:43.0523 0x1c94 tssecsrv - ok
13:05:43.0554 0x1c94 [ C6A5FBD4977305E1FA23E02C042DB463, A6EB5E4B8051A258D40A385609E930318EAA3494C8466F48542B806FE6A7C47A ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
13:05:43.0601 0x1c94 TsUsbFlt - ok
13:05:43.0648 0x1c94 [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:05:43.0694 0x1c94 tunnel - ok
13:05:43.0726 0x1c94 [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
13:05:43.0741 0x1c94 uagp35 - ok
13:05:43.0772 0x1c94 [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:05:43.0804 0x1c94 udfs - ok
13:05:43.0835 0x1c94 [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:05:43.0850 0x1c94 UI0Detect - ok
13:05:43.0897 0x1c94 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:05:43.0928 0x1c94 uliagpkx - ok
13:05:43.0991 0x1c94 [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\Windows\system32\drivers\umbus.sys
13:05:44.0022 0x1c94 umbus - ok
13:05:44.0069 0x1c94 [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
13:05:44.0100 0x1c94 UmPass - ok
13:05:44.0131 0x1c94 [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll
13:05:44.0178 0x1c94 upnphost - ok
13:05:44.0225 0x1c94 [ EC1C23779BB41A8B2AB2AA6FCE308BDE, D027A2B472CAE97AECB16F69BE52E06CB61E1C61AE196C22662050B711C1C72D ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
13:05:44.0272 0x1c94 USBAAPL - ok
13:05:44.0318 0x1c94 [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:05:44.0365 0x1c94 usbccgp - ok
13:05:44.0396 0x1c94 [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:05:44.0443 0x1c94 usbcir - ok
13:05:44.0474 0x1c94 [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci C:\Windows\system32\drivers\usbehci.sys
13:05:44.0490 0x1c94 usbehci - ok
13:05:44.0552 0x1c94 [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:05:44.0584 0x1c94 usbhub - ok
13:05:44.0630 0x1c94 [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci C:\Windows\system32\drivers\usbohci.sys
13:05:44.0662 0x1c94 usbohci - ok
13:05:44.0677 0x1c94 [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:05:44.0708 0x1c94 usbprint - ok
13:05:44.0755 0x1c94 [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan C:\Windows\system32\drivers\usbscan.sys
13:05:44.0786 0x1c94 usbscan - ok
13:05:44.0802 0x1c94 [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:05:44.0818 0x1c94 USBSTOR - ok
13:05:44.0864 0x1c94 [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
13:05:44.0880 0x1c94 usbuhci - ok
13:05:44.0927 0x1c94 [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
13:05:44.0958 0x1c94 usbvideo - ok
13:05:44.0989 0x1c94 [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll
13:05:45.0020 0x1c94 UxSms - ok
13:05:45.0052 0x1c94 [ 1667D76FBF42B24B9DE3E8B0A7CF06BE, AB9FD4F7B007633FEC552D14932CDEB56DBCE56D152C0EDC91FAFD08E636AADC ] VaultSvc C:\Windows\system32\lsass.exe
13:05:45.0067 0x1c94 VaultSvc - ok
13:05:45.0083 0x1c94 [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
13:05:45.0098 0x1c94 vdrvroot - ok
13:05:45.0145 0x1c94 [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\Windows\System32\vds.exe
13:05:45.0208 0x1c94 vds - ok
13:05:45.0239 0x1c94 [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:05:45.0270 0x1c94 vga - ok
13:05:45.0286 0x1c94 [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys
13:05:45.0317 0x1c94 VgaSave - ok
13:05:45.0348 0x1c94 [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
13:05:45.0364 0x1c94 vhdmp - ok
13:05:45.0410 0x1c94 [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\drivers\viaagp.sys
13:05:45.0426 0x1c94 viaagp - ok
13:05:45.0442 0x1c94 [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
13:05:45.0457 0x1c94 ViaC7 - ok
13:05:45.0488 0x1c94 [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\drivers\viaide.sys
13:05:45.0504 0x1c94 viaide - ok
13:05:45.0535 0x1c94 [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:05:45.0566 0x1c94 volmgr - ok
13:05:45.0598 0x1c94 [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:05:45.0660 0x1c94 volmgrx - ok
13:05:45.0676 0x1c94 [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:05:45.0707 0x1c94 volsnap - ok
13:05:45.0722 0x1c94 [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
13:05:45.0754 0x1c94 vsmraid - ok
13:05:45.0816 0x1c94 [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\Windows\system32\vssvc.exe
13:05:45.0925 0x1c94 VSS - ok
13:05:45.0941 0x1c94 [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
13:05:45.0956 0x1c94 vwifibus - ok
13:05:45.0972 0x1c94 [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
13:05:46.0003 0x1c94 vwififlt - ok
13:05:46.0050 0x1c94 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll
13:05:46.0128 0x1c94 W32Time - ok
13:05:46.0159 0x1c94 [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
13:05:46.0190 0x1c94 WacomPen - ok
13:05:46.0206 0x1c94 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:05:46.0315 0x1c94 WANARP - ok
13:05:46.0315 0x1c94 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:05:46.0346 0x1c94 Wanarpv6 - ok
13:05:46.0471 0x1c94 [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
13:05:46.0596 0x1c94 WatAdminSvc - ok
13:05:46.0658 0x1c94 [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\Windows\system32\wbengine.exe
13:05:46.0799 0x1c94 wbengine - ok
13:05:46.0830 0x1c94 [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:05:46.0892 0x1c94 WbioSrvc - ok
13:05:46.0939 0x1c94 [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:05:47.0017 0x1c94 wcncsvc - ok
13:05:47.0048 0x1c94 [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:05:47.0095 0x1c94 WcsPlugInService - ok
13:05:47.0126 0x1c94 [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\DRIVERS\wd.sys
13:05:47.0142 0x1c94 Wd - ok
13:05:47.0204 0x1c94 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:05:47.0267 0x1c94 Wdf01000 - ok
13:05:47.0314 0x1c94 [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:05:47.0329 0x1c94 WdiServiceHost - ok
13:05:47.0345 0x1c94 [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:05:47.0360 0x1c94 WdiSystemHost - ok
13:05:47.0407 0x1c94 [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient C:\Windows\System32\webclnt.dll
13:05:47.0470 0x1c94 WebClient - ok
13:05:47.0485 0x1c94 [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:05:47.0532 0x1c94 Wecsvc - ok
13:05:47.0548 0x1c94 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:05:47.0579 0x1c94 wercplsupport - ok
13:05:47.0610 0x1c94 [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll
13:05:47.0641 0x1c94 WerSvc - ok
13:05:47.0657 0x1c94 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:05:47.0688 0x1c94 WfpLwf - ok
13:05:47.0719 0x1c94 [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:05:47.0735 0x1c94 WIMMount - ok
13:05:47.0782 0x1c94 [ 8B976D4CA270110111DF4F313DA0E6E8, 7A70CBACF65D8A8CB4FE0667B6F7FC1E57AF939A0319CC4CC13BB24F193E759F ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
13:05:47.0860 0x1c94 winachsf - ok
13:05:47.0891 0x1c94 [ 3FA87D56769838AAC82FAFC3E78FC732, E1D942D59A7EDB1768D39D87D637C6F87C84711D0776FF2C69161350D037663B ] winbondcir C:\Windows\system32\DRIVERS\winbondcir.sys
13:05:47.0906 0x1c94 winbondcir - ok
13:05:48.0000 0x1c94 [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
13:05:48.0109 0x1c94 WinDefend - ok
13:05:48.0109 0x1c94 WinHttpAutoProxySvc - ok
13:05:48.0172 0x1c94 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:05:48.0218 0x1c94 Winmgmt - ok
13:05:48.0312 0x1c94 [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM C:\Windows\system32\WsmSvc.dll
13:05:48.0437 0x1c94 WinRM - ok
13:05:48.0530 0x1c94 [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb C:\Windows\system32\drivers\WinUsb.sys
13:05:48.0562 0x1c94 WinUsb - ok
13:05:48.0640 0x1c94 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll
13:05:48.0733 0x1c94 Wlansvc - ok
13:05:48.0780 0x1c94 [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
13:05:48.0811 0x1c94 WmiAcpi - ok
13:05:48.0842 0x1c94 [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:05:48.0889 0x1c94 wmiApSrv - ok
13:05:48.0998 0x1c94 [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
13:05:49.0092 0x1c94 WMPNetworkSvc - ok
13:05:49.0108 0x1c94 [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:05:49.0154 0x1c94 WPCSvc - ok
13:05:49.0186 0x1c94 [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:05:49.0232 0x1c94 WPDBusEnum - ok
13:05:49.0264 0x1c94 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:05:49.0310 0x1c94 ws2ifsl - ok
13:05:49.0342 0x1c94 [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\System32\wscsvc.dll
13:05:49.0373 0x1c94 wscsvc - ok
13:05:49.0388 0x1c94 WSearch - ok
13:05:49.0513 0x1c94 [ 7E5C454A3F986FEBAD075DB8D915917E, 9E9147DDACD075958689523130DB92FC4ED0E38433461D8AB8792BCFBD9376DA ] wuauserv C:\Windows\system32\wuaueng.dll
13:05:49.0669 0x1c94 wuauserv - ok
13:05:49.0716 0x1c94 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:05:49.0778 0x1c94 WudfPf - ok
13:05:49.0810 0x1c94 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\drivers\WUDFRd.sys
13:05:49.0856 0x1c94 WUDFRd - ok
13:05:49.0903 0x1c94 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:05:49.0950 0x1c94 wudfsvc - ok
13:05:49.0997 0x1c94 [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc C:\Windows\System32\wwansvc.dll
13:05:50.0075 0x1c94 WwanSvc - ok
13:05:50.0106 0x1c94 [ 894F963BE999BA9DB5AAC3AED55B115D, F4ECDD57FC5F6E295414745C2B8A2D9F9074C7035A6902456EE4447560863710 ] XAudio C:\Windows\system32\DRIVERS\XAudio32.sys
13:05:50.0137 0x1c94 XAudio - ok
13:05:50.0153 0x1c94 ================ Scan global ===============================
13:05:50.0184 0x1c94 [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
13:05:50.0231 0x1c94 [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
13:05:50.0262 0x1c94 [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
13:05:50.0293 0x1c94 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
13:05:50.0356 0x1c94 [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\system32\services.exe
13:05:50.0387 0x1c94 [ Global ] - ok
13:05:50.0387 0x1c94 ================ Scan MBR ==================================
13:05:50.0402 0x1c94 [ BB9D3A6A13C5010348DA7C900BB6AF50 ] \Device\Harddisk0\DR0
13:05:51.0198 0x1c94 \Device\Harddisk0\DR0 - ok
13:05:51.0198 0x1c94 ================ Scan VBR ==================================
13:05:51.0198 0x1c94 [ EC956A800F1D5940F6F02979CDAC4132 ] \Device\Harddisk0\DR0\Partition1
13:05:51.0198 0x1c94 \Device\Harddisk0\DR0\Partition1 - ok
13:05:51.0214 0x1c94 [ 2C2D1119052656AD0AC6BE40E3AA70E9 ] \Device\Harddisk0\DR0\Partition2
13:05:51.0260 0x1c94 \Device\Harddisk0\DR0\Partition2 - ok
13:05:51.0260 0x1c94 ================ Scan generic autorun ======================
13:05:51.0323 0x1c94 [ 5AF1E9600E3FF841E522703A4993ED0C, 5189530793747C40B0E3548DA40058989C88A69C593C3E54E6548CFB89B9CE10 ] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
13:05:51.0354 0x1c94 IAAnotif - ok
13:05:51.0401 0x1c94 [ 865B9B19A6B27E4B6AB6F095FA700BA3, 116F1DB3D84D1150BAC065468DE6A7BC4DBE66661ABC0AEA066C0FA5079565C3 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
13:05:51.0432 0x1c94 StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
13:05:53.0850 0x1c94 Detect skipped due to KSN trusted
13:05:53.0850 0x1c94 StartCCC - ok
13:05:54.0193 0x1c94 [ E3F058D8721EA53BEAB9079A8FB53FD7, F59216700DD402E7C8A79D15D67B25C37EF0C37394D44DA63832C2EE7B3C73EB ] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
13:05:54.0474 0x1c94 RtHDVCpl - ok
13:05:54.0614 0x1c94 [ 41A8099991DE93CC01DAA12274775693, 71ADB78EA79D3BFC66CBE047DC107949D2DBF015638F9F7A85298D7FDBEEF6AE ] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
13:05:54.0739 0x1c94 Skytel - ok
13:05:54.0817 0x1c94 [ CB5BB1CDE1D0EB534ECFEEFA58858AA8, 1B3079987FC60F1A862DBABC5EE2E997B5AAA9AAF314708DDC3483B4C0E142BD ] C:\Program Files\Launch Manager\LManager.EXE
13:05:54.0848 0x1c94 LManager - ok
13:05:54.0942 0x1c94 [ 4275C55AA440DC08EA0267AED31D9654, A5EF4505960D9CECC45376026A8B51FF43282AE811C88617CCD8F7F1E6E56A7B ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
13:05:54.0958 0x1c94 APSDaemon - ok
13:05:55.0004 0x1c94 [ C637FC4638A96165256B28D38DE7B953, CD658543610F151C7860DBDCF36596C9B5417D87E598FA50A435392D4AED1C14 ] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
13:05:55.0020 0x1c94 HP Software Update - ok
13:05:55.0082 0x1c94 [ 66177D4C99FD8B578C7C56DE445E4D5D, 003D0254D7C693A72DE84CB76858F8D67D9FD62206F1B56DF7F5D0FA834C3BA7 ] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
13:05:55.0129 0x1c94 avgnt - ok
13:05:55.0238 0x1c94 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
13:05:55.0316 0x1c94 Sidebar - ok
13:05:55.0363 0x1c94 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
13:05:55.0379 0x1c94 mctadmin - ok
13:05:55.0410 0x1c94 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
13:05:55.0457 0x1c94 Sidebar - ok
13:05:55.0472 0x1c94 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
13:05:55.0488 0x1c94 mctadmin - ok
13:05:55.0566 0x1c94 [ 9D4A8FAE8F6B262C49313067818DA8BE, E30D84B2C511367108F0D4615443EFBB4D28B2F1B42948B1D3E00D1B96D77763 ] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
13:05:55.0613 0x1c94 AutoStartNPSAgent - detected UnsignedFile.Multi.Generic ( 1 )
13:05:58.0000 0x1c94 Detect skipped due to KSN trusted
13:05:58.0000 0x1c94 AutoStartNPSAgent - ok
13:05:58.0078 0x1c94 [ 43D083268A0919F3527A2837390BAF63, 58B62697B01B8C9396271A64424178691FA85D4625DAF2AC8DE7F06A64F64C2A ] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
13:05:58.0124 0x1c94 ISUSPM - ok
13:05:58.0156 0x1c94 MobileDocuments - ok
13:05:58.0202 0x1c94 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\sidebar.exe
13:05:58.0249 0x1c94 Sidebar - ok
13:05:58.0296 0x1c94 [ D5D8A5E87D3C32C516E5B5E2BA5B0DBF, 85A89E3EDD9452838CFDB306C6415384E64151B739587C49F3922F52C5BA489D ] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
13:05:58.0327 0x1c94 TomTomHOME.exe - ok
13:05:58.0358 0x1c94 Skype - ok
13:05:58.0390 0x1c94 [ F341DD6145F779CE5B732BC6BC6A3370, 67CE7E6DD5969C8DE34473E01D60D52FABC740B056287C2E261A36F97993ED0D ] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
13:05:58.0421 0x1c94 iCloudServices - ok
13:05:58.0468 0x1c94 [ 944E77A49DBAF8F6BB473118C116E59E, 0DA67736F1841A270AB24C13BA8FF4021A8950EB58B4985774F4B224B832B0DA ] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
13:05:58.0483 0x1c94 ApplePhotoStreams - ok
13:05:58.0483 0x1c94 Waiting for KSN requests completion. In queue: 311
13:05:59.0497 0x1c94 Waiting for KSN requests completion. In queue: 311
13:06:00.0511 0x1c94 Waiting for KSN requests completion. In queue: 311
13:06:01.0556 0x1c94 AV detected via SS2: Avira Antivirus, C:\Program Files\Avira\AntiVir Desktop\wsctool.exe ( 15.0.10.414 ), 0x41000 ( enabled : updated )
13:06:01.0572 0x1c94 Win FW state via NFP2: enabled
13:06:04.0006 0x1c94 ============================================================
13:06:04.0006 0x1c94 Scan finished
13:06:04.0006 0x1c94 ============================================================
13:06:04.0021 0x1940 Detected object count: 0
13:06:04.0021 0x1940 Actual detected object count: 0
Auf jedenfall schonmal vorweg |
|
31.05.2015, 05:38
| #4 |
| /// the machine /// TB-Ausbilder | DHL Mail mit pdf sieht so aus 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu DHL Mail mit pdf |
| adware, antivir, antivirus, avira, bonjour, branding, browser, cpu, defender, device driver, excel, firefox, flash player, google, home, iexplore.exe, install.exe, launch, mozilla, realtek, registry, secur, security, software, svchost.exe, system, udp, warnung, windows |
Linear-Darstellung
