| |
| |||||||
Log-Analyse und Auswertung: Dhl Pdf Datei geöffnet...Trojaner eingefangen?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
07.06.2015, 09:17
| #1 |
| |  Dhl Pdf Datei geöffnet...Trojaner eingefangen? Hallo, meine Frau hat eine vermeintliche DHL Pdf Datei geöffnet. Es handelte sich wirklich um eine Pdf (nicht um eine Zip oder Exe Datei) In der Datei ist ein Link, den meine Frau nicht angeklickt hat. Bei der Überprüfung der Datei bei Virustotal sprangen mehrere Scanner an: F-Secure Trojan:W32/FakePDF.A 20150607 Fortinet PDF/Fakedhl.A!tr 20150607 GData PDF.Trojan-Downloader.FakeInvoice.G 20150607 Kaspersky HEUR:Exploit.PDF.Generic 20150607 McAfee Artemis!1786CAA4F048 20150607 McAfee-GW-Edition Artemis 20150606 Qihoo-360 Trojan.Generic 20150607 Sophos Troj/PDFDown-J 20150607 TrendMicro-HouseCall Suspicious_GEN.F47V0606 20150607 Die Pdf Datei hat nur 16kb...Wird von den Programmen der Link mitgescannt? Oder kann das aussreichen? Hier nun die üblichen Logfiles: Frst Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:06-06-2015
Ran by Uta (administrator) on UTA-VAIO on 07-06-2015 09:44:38
Running from C:\Users\Uta\Downloads
Loaded Profiles: Uta (Available Profiles: Uta)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
() C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Dropbox, Inc.) C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11490408 2010-12-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2179688 2010-12-03] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [226672 2010-12-06] (Alps Electric Co., Ltd.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [673168 2010-11-17] (Sony Corporation)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => c:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [44128 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => c:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [PMBVolumeWatcher] => c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-27] (Sony Corporation)
HKLM-x32\...\Run: [VAIO Boot Manager] => C:\Program Files (x86)\Sony\VAIO Boot Manager\StartUpProcessDelayTool.exe [734608 2010-12-08] (Sony Corporation)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2099200 2014-04-13] (Dominik Reichl)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [728312 2015-05-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2805887626-409114734-3965287795-1000\...\Run: [Rainlendar2] => C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
HKU\S-1-5-21-2805887626-409114734-3965287795-1000\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\Uta\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKU\S-1-5-21-2805887626-409114734-3965287795-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31283328 2015-04-17] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-04-22]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Uta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-04-23]
ShortcutTarget: Dropbox.lnk -> C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Uta\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Uta\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Uta\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Uta\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Uta\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Uta\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Uta\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2805887626-409114734-3965287795-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=SVEF&bmod=SVEF
HKU\S-1-5-21-2805887626-409114734-3965287795-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEF&bmod=SVEF
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2805887626-409114734-3965287795-1000 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-2805887626-409114734-3965287795-1000 -> {543CE9B3-4B63-48D6-9742-01314C85E0F8} URL = hxxp://de.shopping.com/?linkin_id=8056363
SearchScopes: HKU\S-1-5-21-2805887626-409114734-3965287795-1000 -> {B3CBD2B7-3DD5-4428-8721-2FFD9D1C6E97} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
SearchScopes: HKU\S-1-5-21-2805887626-409114734-3965287795-1000 -> {F8504951-796B-4913-8DBA-A1D94A3E65EB} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-16/4?mpre=hxxp://shop.ebay.de/?_nkw={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-09-23] (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-2805887626-409114734-3965287795-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 82.212.62.62 78.42.43.62
FireFox:
========
FF ProfilePath: C:\Users\Uta\AppData\Roaming\Mozilla\Firefox\Profiles\6qcpqonr.default
FF SearchEngineOrder.1: Ask.com
FF Homepage: www.google.de
FF Keyword.URL: hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=AVR-4&o=APN10261&locale=de_DE&apn_uid=4bd4fd26-a0d2-4c31-a3e8-b8d432a4fda1&apn_ptnrs=%5EAGS&apn_sauid=CF16E304-3A28-4C49-9299-53DFF0E53845&apn_dtid=%5EYYYYYY%5EYY%5EDE&&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-06] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-06] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll No File
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2805887626-409114734-3965287795-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Uta\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.)
FF Extension: Adblock Plus - C:\Users\Uta\AppData\Roaming\Mozilla\Firefox\Profiles\6qcpqonr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-23]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827640 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-05-05] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1185584 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)
S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2014-04-22] (Macrovision Europe Ltd.) [File not signed]
S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [235216 2013-10-16] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-11-02] ()
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
R2 UsbService; C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe [334848 2010-08-10] () [File not signed]
R3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [864000 2010-09-27] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [152744 2015-05-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-05-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-10] (Avira Operations GmbH & Co. KG)
R3 vuhub; C:\Windows\System32\DRIVERS\vuhub.sys [47616 2007-12-17] ()
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-07 09:44 - 2015-06-07 09:44 - 00017708 _____ C:\Users\Uta\Downloads\FRST.txt
2015-06-07 09:44 - 2015-06-07 09:44 - 00000000 ____D C:\FRST
2015-06-07 09:43 - 2015-06-07 09:43 - 02108928 _____ (Farbar) C:\Users\Uta\Downloads\FRST64.exe
2015-06-07 09:42 - 2015-06-07 09:42 - 00000468 _____ C:\Users\Uta\Downloads\defogger_disable.log
2015-06-07 09:42 - 2015-06-07 09:42 - 00000000 _____ C:\Users\Uta\defogger_reenable
2015-06-07 09:41 - 2015-06-07 09:41 - 00050477 _____ C:\Users\Uta\Downloads\Defogger.exe
2015-06-06 21:00 - 2015-06-06 21:34 - 00000000 ____D C:\Users\Uta\Desktop\Johanna
2015-06-06 14:54 - 2015-06-06 20:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-05-21 10:10 - 2015-05-21 10:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-05-17 13:47 - 2015-05-23 23:13 - 00000000 ____D C:\Users\Uta\Desktop\Fallbesprechung
2015-05-12 19:53 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 19:53 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 19:51 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-12 19:51 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-12 19:51 - 2015-04-22 04:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-12 19:51 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-12 19:51 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-12 19:51 - 2015-04-21 19:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-12 19:51 - 2015-04-21 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-12 19:51 - 2015-04-21 18:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-12 19:51 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-12 19:51 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-12 19:51 - 2015-04-21 18:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-12 19:51 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-12 19:51 - 2015-04-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-12 19:51 - 2015-04-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-12 19:51 - 2015-04-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-12 19:51 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-12 19:51 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-12 19:51 - 2015-04-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-12 19:51 - 2015-04-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-12 19:51 - 2015-04-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-12 19:51 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-12 19:51 - 2015-04-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-12 19:51 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-12 19:51 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-12 19:51 - 2015-04-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-12 19:51 - 2015-04-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-12 19:51 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-12 19:51 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-12 19:51 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-12 19:51 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-12 19:51 - 2015-04-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-12 19:51 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-12 19:51 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-12 19:51 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-12 19:51 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-12 19:51 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-12 19:51 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-12 19:51 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-12 19:51 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-12 19:51 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-12 19:51 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-12 19:51 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-12 19:51 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-12 19:51 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-12 19:51 - 2015-04-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-12 19:51 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-12 19:51 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-12 19:51 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-12 19:51 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-12 19:51 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-12 19:51 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-12 19:51 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-12 19:51 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-12 19:51 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-12 19:51 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-12 19:51 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-12 19:51 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-12 19:51 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-12 19:51 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-12 19:51 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-12 19:51 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-12 19:51 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-12 19:51 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-12 19:51 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-12 19:51 - 2015-04-04 05:29 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-12 19:51 - 2015-04-04 05:29 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-12 19:51 - 2015-04-04 05:22 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-12 19:51 - 2015-04-04 05:22 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-12 19:51 - 2015-04-04 05:22 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-12 19:51 - 2015-04-04 05:22 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-12 19:51 - 2015-04-04 05:22 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-12 19:51 - 2015-04-04 05:22 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-12 19:51 - 2015-04-04 05:22 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-12 19:51 - 2015-04-04 05:22 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-12 19:51 - 2015-04-04 05:22 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-12 19:51 - 2015-04-04 05:22 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-12 19:51 - 2015-04-04 05:20 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-12 19:51 - 2015-04-04 05:20 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-12 19:51 - 2015-04-04 05:17 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-12 19:51 - 2015-04-04 05:17 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-12 19:51 - 2015-04-04 05:15 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-12 19:51 - 2015-04-04 05:05 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-12 19:51 - 2015-04-04 05:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-12 19:51 - 2015-04-04 05:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-12 19:51 - 2015-04-04 05:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-12 19:51 - 2015-04-04 05:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-12 19:51 - 2015-04-04 05:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-12 19:51 - 2015-04-04 05:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-12 19:51 - 2015-04-04 05:04 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-12 19:51 - 2015-04-04 05:04 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-12 19:51 - 2015-04-04 05:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-12 19:51 - 2015-04-04 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-12 19:51 - 2015-04-04 04:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-12 19:50 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-12 19:50 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-12 19:50 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-12 19:50 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-12 19:50 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-12 19:50 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-12 19:50 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-12 19:50 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-12 19:50 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-12 19:50 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-07 09:45 - 2014-04-23 12:31 - 00000000 ____D C:\Users\Uta\AppData\Roaming\Skype
2015-06-07 09:42 - 2014-04-22 17:08 - 00000000 ____D C:\Users\Uta
2015-06-07 09:40 - 2009-07-14 06:45 - 00013936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-07 09:40 - 2009-07-14 06:45 - 00013936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-07 09:38 - 2014-04-22 16:43 - 00711694 _____ C:\Windows\system32\perfh007.dat
2015-06-07 09:38 - 2014-04-22 16:43 - 00152902 _____ C:\Windows\system32\perfc007.dat
2015-06-07 09:38 - 2009-07-14 07:13 - 01641600 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-07 09:37 - 2014-04-23 10:40 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-07 09:35 - 2014-04-23 17:59 - 00000000 ___RD C:\Users\Uta\Dropbox
2015-06-07 09:35 - 2014-04-23 17:57 - 00000000 ____D C:\Users\Uta\AppData\Roaming\Dropbox
2015-06-07 09:35 - 2014-04-22 15:51 - 02054440 _____ C:\Windows\WindowsUpdate.log
2015-06-07 09:32 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-07 09:32 - 2009-07-14 06:51 - 00080414 _____ C:\Windows\setupact.log
2015-06-06 20:45 - 2014-07-01 18:34 - 00000000 ____D C:\Users\Uta\AppData\Local\Adobe
2015-06-06 20:45 - 2014-04-23 10:40 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-06 20:45 - 2014-04-23 10:40 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-06 20:45 - 2014-04-23 10:40 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-06 20:43 - 2014-04-23 10:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-06 20:43 - 2014-04-22 16:40 - 00312398 _____ C:\Windows\PFRO.log
2015-06-06 14:07 - 2014-04-22 17:10 - 00003922 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{64BF49EE-7E92-4011-991B-AA1B9CED6B24}
2015-05-23 16:05 - 2015-04-14 11:10 - 00080896 ___SH C:\Users\Uta\Desktop\Thumbs.db
2015-05-22 11:05 - 2014-04-23 11:44 - 00000000 ____D C:\Users\Uta\AppData\Roaming\KeePass
2015-05-21 18:12 - 2015-01-14 15:35 - 00000000 ____D C:\Users\Uta\Desktop\Leopoldschule
2015-05-20 15:16 - 2014-04-22 16:33 - 00000000 ____D C:\ProgramData\Skype
2015-05-18 22:00 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-05-14 19:48 - 2014-04-23 10:42 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-14 19:33 - 2009-07-14 06:45 - 00328592 _____ C:\Windows\system32\FNTCACHE.DAT
2015-05-12 19:58 - 2014-04-23 11:52 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-05-12 19:58 - 2014-04-23 10:44 - 00000000 ____D C:\Windows\system32\MRT
2015-05-12 19:58 - 2011-01-13 14:21 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-12 19:55 - 2014-04-23 10:44 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-09 13:59 - 2014-04-23 17:59 - 00001011 _____ C:\Users\Uta\Desktop\Dropbox.lnk
2015-05-09 13:59 - 2014-04-23 17:57 - 00000000 ____D C:\Users\Uta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
Some files in TEMP:
====================
C:\Users\Uta\AppData\Local\Temp\avgnt.exe
C:\Users\Uta\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpyavxta.dll
C:\Users\Uta\AppData\Local\Temp\ose00000.exe
C:\Users\Uta\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-18 21:53
==================== End of log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version:06-06-2015
Ran by Uta at 2015-06-07 09:45:13
Running from C:\Users\Uta\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2805887626-409114734-3965287795-500 - Administrator - Disabled)
Gast (S-1-5-21-2805887626-409114734-3965287795-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2805887626-409114734-3965287795-1002 - Limited - Enabled)
Uta (S-1-5-21-2805887626-409114734-3965287795-1000 - Administrator - Enabled) => C:\Users\Uta
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Acrobat 9 Standard - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-BA7E-000000000004}{AC76BA86-1033-F400-BA7E-000000000004}) (Version: 9.5.5 - Adobe Systems)
Adobe Acrobat 9.5.5 - CPSID_83708 (HKLM-x32\...\{AC76BA86-1033-F400-BA7E-000000000004}_955) (Version: - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.83 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.2.1.650 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (HKLM-x32\...\Adobe Photoshop Elements 9) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 9 (HKLM-x32\...\PremElem90) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - ALPS ELECTRIC CO., LTD.)
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-2805887626-409114734-3965287795-1000\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{61438020-DDD4-42FA-99A2-50225441980A}) (Version: 2.0.1.134 - ArcSoft)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}) (Version: 4.0.21.369 - ArcSoft)
ATI Catalyst Install Manager (HKLM\...\{124C73A8-5C1B-EF26-867B-5B77F9BC4D07}) (Version: 3.0.808.0 - ATI Technologies, Inc.)
Avira (HKLM-x32\...\{b5675cc4-ab8b-4945-8c1d-4c5479556d6a}) (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.10.434 - Avira Operations GmbH & Co. KG)
Canon MP Navigator EX 2.0 (HKLM-x32\...\MP Navigator EX 2.0) (Version: - )
Canon MP630 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP630_series) (Version: - )
ccc-core-static (x32 Version: 2011.0106.1235.22490 - Ihr Firmenname) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.3.4746 - CDBurnerXP)
Complément Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-2805887626-409114734-3965287795-1000\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
Elements 9 Organizer (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Elements STI Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{AF162E20-417F-4946-A06D-65734984957F}) (Version: 14.00.0000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KeePass Password Safe 2.26 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.26 - Dominik Reichl)
Media Gallery (Version: 1.4.0.11300 - Your Company Name) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Mozilla Thunderbird 31.7.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.7.0 (x86 de)) (Version: 31.7.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.5.00.11260 - Sony Corporation)
PMB VAIO Edition Guide (x32 Version: 1.4.00.10090 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (Version: 1.4.00.11290 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.4.00.09190 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.4.00.11300 - Sony Corporation) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.40.126.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6225 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.92 - Realtek Semiconductor Corp.)
Remote Keyboard (x32 Version: 1.1.0.12170 - Sony Corporation) Hidden
Remote Play mit PlayStation®3 (HKLM-x32\...\{07441A52-E208-478A-92B7-5C337CA8C131}) (Version: 1.0.2.06210 - Sony Corporation)
Remote Play with PlayStation 3 (x32 Version: 1.0.2.06210 - Sony Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.26.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.26.0 - Renesas Electronics Corporation) Hidden
Samsung Data Migration (HKLM-x32\...\{D4DE3DB4-7734-47E5-8D92-B80146311406}) (Version: 2.0 - Samsung)
simfy (HKLM-x32\...\Simfy) (Version: 1.7.6 - simfy AG)
simfy (x32 Version: 1.7.6 - simfy AG) Hidden
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
SmartSound Quicktracks for Premiere Elements 9.0 (HKLM-x32\...\InstallShield_{6748E773-5DA0-4D19-8AA5-273B4133A09B}) (Version: 3.12.3090 - SmartSound Software Inc)
SmartSound Quicktracks for Premiere Elements 9.0 (x32 Version: 3.12.3090 - SmartSound Software Inc) Hidden
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.31064 - TeamViewer)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VAIO - Media Gallery (HKLM-x32\...\{DD88F979-FA58-41AC-980C-A6E1A82B61D9}) (Version: 1.4.0.11300 - Sony Corporation)
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{FF1FC66F-536F-46BD-98E3-D8DA127A810E}) (Version: 1.4.00.10090 - Sony Corporation)
VAIO - PMB VAIO Edition Plug-in (HKLM-x32\...\InstallShield_{270380EB-8812-42E1-8289-53700DB840D2}) (Version: 1.4.00.11300 - Sony Corporation)
VAIO - Remote-Tastatur (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.0.0.12170 - Sony Corporation)
VAIO Care (HKLM\...\{D9FFE40D-1A85-4541-992C-5EF505F391A4}) (Version: 8.4.2.12041 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{6ED1750E-F44F-4635-8F0D-B76B9262B7FB}) (Version: 1.1.1.13230 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.4.0.11260 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.5.0.10140 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.5.0.10140 - Sony Corporation) Hidden
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.3.0.11090 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.3.0.11220 - Sony Corporation)
VAIO Hardware Diagnostics (x32 Version: 4.1.0.10120 - Sony Corporation) Hidden
VAIO Media plus (HKLM-x32\...\{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}) (Version: 2.1.0.23300 - Sony Corporation)
VAIO Media plus (Version: 2.1.0.23300 - Your Company Name) Hidden
VAIO Media plus Opening Movie (HKLM-x32\...\{9238E8A4-BEBA-43A3-B926-769BDBF194C5}) (Version: 2.1.0.13220 - Sony Corporation)
VAIO Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.4.5.1 - Sony Corporation)
VAIO Quick Web Access (x32 Version: 1.4.5.1 - Sony Corporation) Hidden
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.4.2.09010 - Sony Corporation)
VAIO screensaver (HKLM-x32\...\VAIO screensaver) (Version: 1.0.0.0 - Sony Europe)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.4.0.12090 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.1.02280 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 1.2.0.11040 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.3.0.11250 - Sony Corporation)
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6300 - Broadcom Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
Компаньон Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2805887626-409114734-3965287795-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2805887626-409114734-3965287795-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Uta\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2805887626-409114734-3965287795-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Uta\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2805887626-409114734-3965287795-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Uta\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2805887626-409114734-3965287795-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Uta\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2805887626-409114734-3965287795-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Uta\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2805887626-409114734-3965287795-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Uta\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2805887626-409114734-3965287795-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Uta\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2805887626-409114734-3965287795-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Uta\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2805887626-409114734-3965287795-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Uta\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
==================== Restore Points =========================
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {12277ABE-B9A4-4DA9-8625-36A8AED9AC9C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {15DD0A60-781E-44A5-9331-E770DBBCD762} - System32\Tasks\SONY\SUS-BCF\Level4Month => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-12-23] (Sony Corporation)
Task: {265C36D7-E549-4DA7-A84C-53CF92F172A1} - System32\Tasks\SONY\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient
Task: {2682B844-C2B1-4E16-A699-505CA871AAA2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-06] (Adobe Systems Incorporated)
Task: {2796359A-9180-41E6-87E1-271C544B4212} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {2EE85287-71A9-4B22-9387-D69627E2787D} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-28] (Sony Corporation)
Task: {359A95CE-7D33-4DD0-8144-613F814E8520} - System32\Tasks\SONY\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-12-06] (Sony Corporation)
Task: {49093969-41D6-4DD6-82EF-D21640300F50} - System32\Tasks\SONY\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2010-11-16] (Sony Corporation)
Task: {495A45A3-B46E-4F68-A847-8FCB70D021C2} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {58162095-ECA9-4169-A015-6E39485D0FD6} - System32\Tasks\Sony Corporation\VAIO Boot Manager\VAIO Boot Manager => C:\Program Files (x86)\Sony\VAIO Boot Manager\SetProcessTask.exe [2010-12-08] (Sony Corporation)
Task: {5D4ABE60-6191-42E5-888B-304E159F701E} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {8F555F47-259F-4F1D-908F-644C10372D82} - System32\Tasks\SONY\SUS-BCF\Level4Daily => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-12-23] (Sony Corporation)
Task: {931AE619-7AC8-493F-A7DF-BD76407EE88A} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {9B904434-0AA0-4C2E-9456-15E18C7F9C0E} - System32\Tasks\SONY\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-12-06] (Sony Corporation)
Task: {A52C0D2E-1021-464D-9721-E05C7DB1FBFA} - System32\Tasks\SONY\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2010-11-16] (Sony Corporation)
Task: {ACF452F0-10A6-4555-8F97-98D13AE07139} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {AD62DC60-6FAB-4EDF-8440-C6E2634616DD} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {B7CEEA89-DC92-419D-9F48-7A19FF18CE20} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {B9C448BE-5555-4891-94C8-3CFC46A327D9} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {BC4DCBDE-E4FC-428A-A470-F55C947A37B7} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {BD7361B5-628D-49A2-83E3-616D7F7F7432} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {C5494544-9217-49B9-BBA1-41E8EB790485} - System32\Tasks\SONY\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-12-06] (Sony Corporation)
Task: {CCB52ECD-F2FD-4D50-895C-46E66423F086} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {E4D1426E-AEE0-49C1-B4A9-DF4FEDE05CF0} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {E90DDD03-F668-4009-A79A-9121A040E69F} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-12-03] (Sony Corporation)
Task: {FE30BF2F-20E5-484C-98BD-8A46A1A74B6A} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-03-01] (Sony Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (Whitelisted) ==============
2010-11-02 12:58 - 2010-11-02 12:58 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2014-04-24 10:48 - 2010-08-10 21:37 - 00334848 _____ () C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe
2011-01-14 10:20 - 2011-01-14 09:03 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-11-02 12:58 - 2010-11-02 12:58 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2011-01-06 12:33 - 2011-01-06 12:33 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-12-10 10:25 - 2010-12-10 10:25 - 00016384 ____R () c:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2014-04-22 16:05 - 2010-12-23 16:24 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2014-10-25 22:08 - 2014-10-25 22:08 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\93182e9779b8be0f688fd0784df6d7fb\IsdiInterop.ni.dll
2014-04-22 15:57 - 2010-11-05 23:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2015-06-07 09:34 - 2015-06-07 09:34 - 00043008 _____ () c:\users\uta\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpyavxta.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00750080 _____ () C:\Users\Uta\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00047616 _____ () C:\Users\Uta\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00865280 _____ () C:\Users\Uta\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00200704 _____ () C:\Users\Uta\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2014-05-06 20:53 - 2009-02-27 16:39 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.deu
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2805887626-409114734-3965287795-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Uta\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 82.212.62.62 - 78.42.43.62
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{872D254D-A427-4C54-8630-5D2B68FC76E5}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{3222E02B-3170-437B-9F33-A748549AE0BF}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{2FF28E8F-DE03-4629-98D1-24469F94D1EF}] => (Allow) LPort=2869
FirewallRules: [{56221D30-0850-4A53-849D-457CE7158417}] => (Allow) LPort=1900
FirewallRules: [{32719D3E-B634-4861-81FA-CD6DF7325311}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{FF2AD911-5EE8-42F1-9292-5ED740444475}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{022CC415-9614-4762-9085-E600077ED054}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3E2C23D0-9B55-46B5-AE0E-5481B06B87C9}] => (Allow) C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{7BC94A96-FC44-4135-96DD-D1A1531A2343}] => (Allow) C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{C25EB72D-EF00-477E-8352-C27D06CEE639}] => (Allow) C:\Users\Uta\AppData\Local\Temp\pftF3D5.tmp\Printer.exe
FirewallRules: [{7AE10207-CECE-453C-ACA8-3A885B51B96E}] => (Allow) C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe
FirewallRules: [{F0D892B3-3148-4E29-8A49-FA85BC6C0FA4}] => (Allow) C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe
FirewallRules: [{3E48E3FC-39B2-4567-B65D-735779ABB9F2}] => (Allow) C:\Users\Uta\AppData\Local\Temp\pftF3D5.tmp\Printer.exe
FirewallRules: [{722D4657-8400-4749-BA69-AE9D644E434B}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{F493B5A0-15BD-43EC-8445-A5E66FF6CF6E}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{D7D671E0-A186-4FED-8B85-4E3D24F021A2}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{B7459C2B-F319-494B-8087-62CFBF56AF61}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [TCP Query User{9CC46F07-90E4-4144-A0E0-E6A640870CBB}C:\users\uta\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\uta\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{4FFD815D-00B7-4214-9C8F-BD46DFDF0A01}C:\users\uta\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\uta\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{DF429550-F10B-41C7-811A-11C5FA12C936}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AFEAE417-4CEA-4867-89B2-CDD9D3BAB546}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{84F1F09A-B73A-467B-80B0-5B452EB92A72}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe
FirewallRules: [{123BC9EA-5752-4E08-B6BB-C8F2FA533041}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
FirewallRules: [{EE055C44-5909-4C4E-A937-3EB33647327E}] => (Allow) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
FirewallRules: [{AA86529B-4BB6-4CE1-8E90-A5C1EB0D68BD}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOShell.exe
FirewallRules: [TCP Query User{71C4528B-DF17-4972-BCC9-7E93619C31BE}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{9367E812-C11F-4049-B8AB-A08B008F69F5}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/07/2015 09:29:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VCAgent.exe, Version: 8.4.2.12030, Zeitstempel: 0x5476d099
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000007ff00159a94
ID des fehlerhaften Prozesses: 0x818
Startzeit der fehlerhaften Anwendung: 0xVCAgent.exe0
Pfad der fehlerhaften Anwendung: VCAgent.exe1
Pfad des fehlerhaften Moduls: VCAgent.exe2
Berichtskennung: VCAgent.exe3
Error: (06/07/2015 09:29:32 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: VCAgent.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
Stapel:
bei VCAgent.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.Dispatcher.WrappedInvoke(System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.Dispatcher.InvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
bei System.Windows.Threading.Dispatcher.GetMessage(System.Windows.Interop.MSG ByRef, IntPtr, Int32, Int32)
bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Application.RunInternal(System.Windows.Window)
bei System.Windows.Application.Run()
bei VCAgent.App.Main()
Error: (06/06/2015 09:35:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VCAgent.exe, Version: 8.4.2.12030, Zeitstempel: 0x5476d099
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000007ff00159624
ID des fehlerhaften Prozesses: 0x1978
Startzeit der fehlerhaften Anwendung: 0xVCAgent.exe0
Pfad der fehlerhaften Anwendung: VCAgent.exe1
Pfad des fehlerhaften Moduls: VCAgent.exe2
Berichtskennung: VCAgent.exe3
Error: (06/06/2015 09:35:28 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: VCAgent.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
Stapel:
bei VCAgent.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.Dispatcher.WrappedInvoke(System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.Dispatcher.InvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
bei System.Windows.Threading.Dispatcher.GetMessage(System.Windows.Interop.MSG ByRef, IntPtr, Int32, Int32)
bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Application.RunInternal(System.Windows.Window)
bei System.Windows.Application.Run()
bei VCAgent.App.Main()
Error: (06/06/2015 03:24:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VCAgent.exe, Version: 8.4.2.12030, Zeitstempel: 0x5476d099
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000007ff00169d44
ID des fehlerhaften Prozesses: 0xbdc
Startzeit der fehlerhaften Anwendung: 0xVCAgent.exe0
Pfad der fehlerhaften Anwendung: VCAgent.exe1
Pfad des fehlerhaften Moduls: VCAgent.exe2
Berichtskennung: VCAgent.exe3
Error: (06/06/2015 03:24:32 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: VCAgent.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
Stapel:
bei VCAgent.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.Dispatcher.WrappedInvoke(System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.Dispatcher.InvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
bei System.Windows.Threading.Dispatcher.GetMessage(System.Windows.Interop.MSG ByRef, IntPtr, Int32, Int32)
bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Application.RunInternal(System.Windows.Window)
bei System.Windows.Application.Run()
bei VCAgent.App.Main()
Error: (05/23/2015 11:13:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VCAgent.exe, Version: 8.4.2.12030, Zeitstempel: 0x5476d099
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000007ff00169f54
ID des fehlerhaften Prozesses: 0x964
Startzeit der fehlerhaften Anwendung: 0xVCAgent.exe0
Pfad der fehlerhaften Anwendung: VCAgent.exe1
Pfad des fehlerhaften Moduls: VCAgent.exe2
Berichtskennung: VCAgent.exe3
Error: (05/23/2015 11:13:30 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: VCAgent.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
Stapel:
bei VCAgent.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.Dispatcher.WrappedInvoke(System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.Dispatcher.InvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
bei System.Windows.Threading.Dispatcher.GetMessage(System.Windows.Interop.MSG ByRef, IntPtr, Int32, Int32)
bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Application.RunInternal(System.Windows.Window)
bei System.Windows.Application.Run()
bei VCAgent.App.Main()
Error: (05/23/2015 04:08:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VCAgent.exe, Version: 8.4.2.12030, Zeitstempel: 0x5476d099
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000007ff00149624
ID des fehlerhaften Prozesses: 0x154c
Startzeit der fehlerhaften Anwendung: 0xVCAgent.exe0
Pfad der fehlerhaften Anwendung: VCAgent.exe1
Pfad des fehlerhaften Moduls: VCAgent.exe2
Berichtskennung: VCAgent.exe3
Error: (05/23/2015 04:08:46 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: VCAgent.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
Stapel:
bei VCAgent.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.Dispatcher.WrappedInvoke(System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.Dispatcher.InvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
bei System.Windows.Threading.Dispatcher.GetMessage(System.Windows.Interop.MSG ByRef, IntPtr, Int32, Int32)
bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Application.RunInternal(System.Windows.Window)
bei System.Windows.Application.Run()
bei VCAgent.App.Main()
System errors:
=============
Error: (06/07/2015 09:34:27 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Energy Server Service" wurde mit folgendem Fehler beendet:
%%268439612
Error: (06/07/2015 09:32:25 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
PxHlpa64
Error: (06/07/2015 09:13:59 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Energy Server Service" wurde mit folgendem Fehler beendet:
%%268439612
Error: (06/07/2015 09:11:57 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
PxHlpa64
Error: (06/06/2015 08:45:31 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Energy Server Service" wurde mit folgendem Fehler beendet:
%%268439612
Error: (06/06/2015 08:43:30 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
PxHlpa64
Error: (06/06/2015 02:06:44 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Energy Server Service" wurde mit folgendem Fehler beendet:
%%268439612
Error: (05/23/2015 09:24:56 PM) (Source: NetBT) (EventID: 4319) (User: )
Description: Ein doppelter Name wurde im TCP-Netzwerk entdeckt. Die IP-Adresse des Computers,
der die Meldung gesendet hat, steht in den Daten. Verwenden Sie NBTSTAT -n an
der Eingabeaufforderung, um den doppelten Namen zu bestimmen.
Error: (05/23/2015 09:12:56 PM) (Source: NetBT) (EventID: 4319) (User: )
Description: Ein doppelter Name wurde im TCP-Netzwerk entdeckt. Die IP-Adresse des Computers,
der die Meldung gesendet hat, steht in den Daten. Verwenden Sie NBTSTAT -n an
der Eingabeaufforderung, um den doppelten Namen zu bestimmen.
Error: (05/23/2015 09:00:56 PM) (Source: NetBT) (EventID: 4319) (User: )
Description: Ein doppelter Name wurde im TCP-Netzwerk entdeckt. Die IP-Adresse des Computers,
der die Meldung gesendet hat, steht in den Daten. Verwenden Sie NBTSTAT -n an
der Eingabeaufforderung, um den doppelten Namen zu bestimmen.
Microsoft Office:
=========================
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 49%
Total physical RAM: 4011.86 MB
Available physical RAM: 2034.78 MB
Total Pagefile: 8021.91 MB
Available Pagefile: 5506.68 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.76 GB) (Free:311.81 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 1E71EE11)
Partition 1: (Active) - (Size=400 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== End of log ============================
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-06-07 09:57:05
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Samsung_ rev.EXT0 465,76GB
Running: Gmer-19357.exe; Driver: C:\Users\Uta\AppData\Local\Temp\pwldapow.sys
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1912] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExW + 17 0000000077201401 2 bytes JMP 7586b1ef C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1912] C:\Windows\syswow64\psapi.dll!EnumProcessModules + 17 0000000077201419 2 bytes JMP 7586b31a C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1912] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 17 0000000077201431 2 bytes JMP 758e8f09 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1912] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 42 000000007720144a 2 bytes CALL 75844885 C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1912] C:\Windows\syswow64\psapi.dll!EnumDeviceDrivers + 17 00000000772014dd 2 bytes JMP 758e8802 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1912] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameA + 17 00000000772014f5 2 bytes JMP 758e89d8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1912] C:\Windows\syswow64\psapi.dll!QueryWorkingSetEx + 17 000000007720150d 2 bytes JMP 758e86f8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1912] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameW + 17 0000000077201525 2 bytes JMP 758e8ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1912] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameW + 17 000000007720153d 2 bytes JMP 7585fc78 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1912] C:\Windows\syswow64\psapi.dll!EnumProcesses + 17 0000000077201555 2 bytes JMP 758668bf C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1912] C:\Windows\syswow64\psapi.dll!GetProcessMemoryInfo + 17 000000007720156d 2 bytes JMP 758e8fc1 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1912] C:\Windows\syswow64\psapi.dll!GetPerformanceInfo + 17 0000000077201585 2 bytes JMP 758e8b22 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1912] C:\Windows\syswow64\psapi.dll!QueryWorkingSet + 17 000000007720159d 2 bytes JMP 758e86bc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1912] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameA + 17 00000000772015b5 2 bytes JMP 7585fd11 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1912] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExA + 17 00000000772015cd 2 bytes JMP 7586b2b0 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1912] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 20 00000000772016b2 2 bytes JMP 758e8e84 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1912] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 31 00000000772016bd 2 bytes JMP 758e8651 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2304] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000077201401 2 bytes JMP 7586b1ef C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2304] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000077201419 2 bytes JMP 7586b31a C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2304] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000077201431 2 bytes JMP 758e8f09 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2304] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007720144a 2 bytes CALL 75844885 C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2304] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000772014dd 2 bytes JMP 758e8802 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2304] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000772014f5 2 bytes JMP 758e89d8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2304] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007720150d 2 bytes JMP 758e86f8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2304] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000077201525 2 bytes JMP 758e8ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2304] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007720153d 2 bytes JMP 7585fc78 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2304] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000077201555 2 bytes JMP 758668bf C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2304] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007720156d 2 bytes JMP 758e8fc1 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2304] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000077201585 2 bytes JMP 758e8b22 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2304] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007720159d 2 bytes JMP 758e86bc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2304] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000772015b5 2 bytes JMP 7585fd11 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2304] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000772015cd 2 bytes JMP 7586b2b0 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2304] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000772016b2 2 bytes JMP 758e8e84 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2304] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000772016bd 2 bytes JMP 758e8651 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Skype\Phone\Skype.exe[3572] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000077201401 2 bytes JMP 7586b1ef C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Skype\Phone\Skype.exe[3572] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000077201419 2 bytes JMP 7586b31a C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Skype\Phone\Skype.exe[3572] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000077201431 2 bytes JMP 758e8f09 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Skype\Phone\Skype.exe[3572] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007720144a 2 bytes CALL 75844885 C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Program Files (x86)\Skype\Phone\Skype.exe[3572] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000772014dd 2 bytes JMP 758e8802 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Skype\Phone\Skype.exe[3572] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000772014f5 2 bytes JMP 758e89d8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Skype\Phone\Skype.exe[3572] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007720150d 2 bytes JMP 758e86f8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Skype\Phone\Skype.exe[3572] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000077201525 2 bytes JMP 758e8ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Skype\Phone\Skype.exe[3572] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007720153d 2 bytes JMP 7585fc78 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Skype\Phone\Skype.exe[3572] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000077201555 2 bytes JMP 758668bf C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Skype\Phone\Skype.exe[3572] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007720156d 2 bytes JMP 758e8fc1 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Skype\Phone\Skype.exe[3572] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000077201585 2 bytes JMP 758e8b22 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Skype\Phone\Skype.exe[3572] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007720159d 2 bytes JMP 758e86bc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Skype\Phone\Skype.exe[3572] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000772015b5 2 bytes JMP 7585fd11 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Skype\Phone\Skype.exe[3572] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000772015cd 2 bytes JMP 7586b2b0 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Skype\Phone\Skype.exe[3572] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000772016b2 2 bytes JMP 758e8e84 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Skype\Phone\Skype.exe[3572] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000772016bd 2 bytes JMP 758e8651 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Skype\Phone\Skype.exe[3572] C:\Windows\SysWOW64\ksuser.dll!KsCreatePin + 35 0000000073ec11a8 2 bytes [EC, 73]
.text C:\Program Files (x86)\Skype\Phone\Skype.exe[3572] C:\Windows\SysWOW64\ksuser.dll!KsCreatePin + 248 0000000073ec127d 2 bytes CALL 758414b9 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Skype\Phone\Skype.exe[3572] C:\Windows\SysWOW64\ksuser.dll!KsCreatePin + 395 0000000073ec1310 2 bytes CALL 758414b9 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Skype\Phone\Skype.exe[3572] C:\Windows\SysWOW64\ksuser.dll!KsCreateAllocator + 21 0000000073ec13a8 2 bytes [EC, 73]
.text C:\Program Files (x86)\Skype\Phone\Skype.exe[3572] C:\Windows\SysWOW64\ksuser.dll!KsCreateClock + 21 0000000073ec1422 2 bytes [EC, 73]
.text C:\Program Files (x86)\Skype\Phone\Skype.exe[3572] C:\Windows\SysWOW64\ksuser.dll!KsCreateTopologyNode + 19 0000000073ec1498 2 bytes [EC, 73]
.text C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe[2460] C:\Windows\syswow64\Psapi.dll!GetModuleFileNameExW + 17 0000000077201401 2 bytes JMP 7586b1ef C:\Windows\syswow64\kernel32.dll
.text C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe[2460] C:\Windows\syswow64\Psapi.dll!EnumProcessModules + 17 0000000077201419 2 bytes JMP 7586b31a C:\Windows\syswow64\kernel32.dll
.text C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe[2460] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 17 0000000077201431 2 bytes JMP 758e8f09 C:\Windows\syswow64\kernel32.dll
.text C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe[2460] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 42 000000007720144a 2 bytes CALL 75844885 C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe[2460] C:\Windows\syswow64\Psapi.dll!EnumDeviceDrivers + 17 00000000772014dd 2 bytes JMP 758e8802 C:\Windows\syswow64\kernel32.dll
.text C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe[2460] C:\Windows\syswow64\Psapi.dll!GetDeviceDriverBaseNameA + 17 00000000772014f5 2 bytes JMP 758e89d8 C:\Windows\syswow64\kernel32.dll
.text C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe[2460] C:\Windows\syswow64\Psapi.dll!QueryWorkingSetEx + 17 000000007720150d 2 bytes JMP 758e86f8 C:\Windows\syswow64\kernel32.dll
.text C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe[2460] C:\Windows\syswow64\Psapi.dll!GetDeviceDriverBaseNameW + 17 0000000077201525 2 bytes JMP 758e8ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe[2460] C:\Windows\syswow64\Psapi.dll!GetModuleBaseNameW + 17 000000007720153d 2 bytes JMP 7585fc78 C:\Windows\syswow64\kernel32.dll
.text C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe[2460] C:\Windows\syswow64\Psapi.dll!EnumProcesses + 17 0000000077201555 2 bytes JMP 758668bf C:\Windows\syswow64\kernel32.dll
.text C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe[2460] C:\Windows\syswow64\Psapi.dll!GetProcessMemoryInfo + 17 000000007720156d 2 bytes JMP 758e8fc1 C:\Windows\syswow64\kernel32.dll
.text C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe[2460] C:\Windows\syswow64\Psapi.dll!GetPerformanceInfo + 17 0000000077201585 2 bytes JMP 758e8b22 C:\Windows\syswow64\kernel32.dll
.text C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe[2460] C:\Windows\syswow64\Psapi.dll!QueryWorkingSet + 17 000000007720159d 2 bytes JMP 758e86bc C:\Windows\syswow64\kernel32.dll
.text C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe[2460] C:\Windows\syswow64\Psapi.dll!GetModuleBaseNameA + 17 00000000772015b5 2 bytes JMP 7585fd11 C:\Windows\syswow64\kernel32.dll
.text C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe[2460] C:\Windows\syswow64\Psapi.dll!GetModuleFileNameExA + 17 00000000772015cd 2 bytes JMP 7586b2b0 C:\Windows\syswow64\kernel32.dll
.text C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe[2460] C:\Windows\syswow64\Psapi.dll!GetProcessImageFileNameW + 20 00000000772016b2 2 bytes JMP 758e8e84 C:\Windows\syswow64\kernel32.dll
.text C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe[2460] C:\Windows\syswow64\Psapi.dll!GetProcessImageFileNameW + 31 00000000772016bd 2 bytes JMP 758e8651 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\RunDll32.exe[3860] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000077201401 2 bytes JMP 7586b1ef C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\RunDll32.exe[3860] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000077201419 2 bytes JMP 7586b31a C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\RunDll32.exe[3860] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000077201431 2 bytes JMP 758e8f09 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\RunDll32.exe[3860] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007720144a 2 bytes CALL 75844885 C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Windows\SysWOW64\RunDll32.exe[3860] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000772014dd 2 bytes JMP 758e8802 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\RunDll32.exe[3860] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000772014f5 2 bytes JMP 758e89d8 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\RunDll32.exe[3860] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007720150d 2 bytes JMP 758e86f8 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\RunDll32.exe[3860] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000077201525 2 bytes JMP 758e8ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\RunDll32.exe[3860] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007720153d 2 bytes JMP 7585fc78 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\RunDll32.exe[3860] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000077201555 2 bytes JMP 758668bf C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\RunDll32.exe[3860] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007720156d 2 bytes JMP 758e8fc1 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\RunDll32.exe[3860] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000077201585 2 bytes JMP 758e8b22 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\RunDll32.exe[3860] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007720159d 2 bytes JMP 758e86bc C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\RunDll32.exe[3860] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000772015b5 2 bytes JMP 7585fd11 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\RunDll32.exe[3860] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000772015cd 2 bytes JMP 7586b2b0 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\RunDll32.exe[3860] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000772016b2 2 bytes JMP 758e8e84 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\RunDll32.exe[3860] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000772016bd 2 bytes JMP 758e8651 C:\Windows\syswow64\kernel32.dll
---- Processes - GMER 2.1 ----
Library c:\users\uta\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpyavxta.dll (*** suspicious ***) @ C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe [2460](2015-06-07 07:34:37) 0000000004ed0000
Library C:\Users\Uta\AppData\Roaming\Dropbox\bin\Qt5Core.dll (*** suspicious ***) @ C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe [2460] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:24) 0000000063a80000
Library C:\Users\Uta\AppData\Roaming\Dropbox\bin\icuin52.dll (*** suspicious ***) @ C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe [2460] (ICU I18N DLL/The ICU Project)(2015-03-04 21:45:30) 000000004a900000
Library C:\Users\Uta\AppData\Roaming\Dropbox\bin\icuuc52.dll (*** suspicious ***) @ C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe [2460] (ICU Common DLL/The ICU Project)(2015-03-04 21:45:30) 0000000005e60000
Library C:\Users\Uta\AppData\Roaming\Dropbox\bin\icudt52.dll (*** suspicious ***) @ C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe [2460] (ICU Data DLL/The ICU Project)(2015-03-04 21:45:30) 000000004ad00000
Library C:\Users\Uta\AppData\Roaming\Dropbox\bin\Qt5Widgets.dll (*** suspicious ***) @ C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe [2460] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:28) 0000000063660000
Library C:\Users\Uta\AppData\Roaming\Dropbox\bin\Qt5Gui.dll (*** suspicious ***) @ C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe [2460] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26) 0000000063370000
Library C:\Users\Uta\AppData\Roaming\Dropbox\bin\libGLESv2.dll (*** suspicious ***) @ C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe [2460](2015-03-04 21:45:30) 00000000632b0000
Library C:\Users\Uta\AppData\Roaming\Dropbox\bin\Qt5Network.dll (*** suspicious ***) @ C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe [2460] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26) 00000000625e0000
Library C:\Users\Uta\AppData\Roaming\Dropbox\bin\Qt5WebKit.dll (*** suspicious ***) @ C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe [2460] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26) 00000000604c0000
Library C:\Users\Uta\AppData\Roaming\Dropbox\bin\Qt5Quick.dll (*** suspicious ***) @ C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe [2460] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26) 00000000602a0000
Library C:\Users\Uta\AppData\Roaming\Dropbox\bin\Qt5Qml.dll (*** suspicious ***) @ C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe [2460] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26) 000000005fe80000
Library C:\Users\Uta\AppData\Roaming\Dropbox\bin\Qt5Sql.dll (*** suspicious ***) @ C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe [2460] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26) 0000000064d90000
Library C:\Users\Uta\AppData\Roaming\Dropbox\bin\libEGL.dll (*** suspicious ***) @ C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe [2460](2015-03-04 21:45:30) 0000000074e10000
Library C:\Users\Uta\AppData\Roaming\Dropbox\bin\Qt5WebKitWidgets.dll (*** suspicious ***) @ C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe [2460] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:28) 00000000646b0000
Library C:\Users\Uta\AppData\Roaming\Dropbox\bin\Qt5OpenGL.dll (*** suspicious ***) @ C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe [2460] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26) 000000005fa90000
Library C:\Users\Uta\AppData\Roaming\Dropbox\bin\Qt5PrintSupport.dll (*** suspicious ***) @ C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe [2460] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26) 000000005fa40000
Library C:\Users\Uta\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll (*** suspicious ***) @ C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe [2460](2015-03-04 21:45:30) 000000005f960000
Library C:\Users\Uta\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll (*** suspicious ***) @ C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe [2460](2015-03-04 21:45:30) 000000005ea90000
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\90004ef3252f
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\90004ef3252f (not active ControlSet)
---- EOF - GMER 2.1 ----
Vielen Dank für Eure Hilfe und Euer tolles Forum! |
|
07.06.2015, 09:19
| #2 |
| /// the machine /// TB-Ausbilder    | Dhl Pdf Datei geöffnet...Trojaner eingefangen? hi,
__________________Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
07.06.2015, 19:20
| #3 |
| | Dhl Pdf Datei geöffnet...Trojaner eingefangen? Vielen Dank für die schnelle Reaktion!
__________________Wird gemacht! Hallo Schrauber, hier nun die Ergebnisse (Beide Programme haben keinen Fund gemeldet) Logfile Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
Database version:
main: v2015.06.07.01
rootkit: v2015.06.02.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17801
Uta :: UTA-VAIO [administrator]
07.06.2015 10:26:28
mbar-log-2015-06-07 (10-26-28).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 359465
Time elapsed: 8 minute(s), 16 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 10:38:16.0408 0x0e74 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
10:38:20.0838 0x0e74 ============================================================
10:38:20.0838 0x0e74 Current date / time: 2015/06/07 10:38:20.0838
10:38:20.0838 0x0e74 SystemInfo:
10:38:20.0838 0x0e74
10:38:20.0838 0x0e74 OS Version: 6.1.7601 ServicePack: 1.0
10:38:20.0838 0x0e74 Product type: Workstation
10:38:20.0838 0x0e74 ComputerName: UTA-VAIO
10:38:20.0838 0x0e74 UserName: Uta
10:38:20.0838 0x0e74 Windows directory: C:\Windows
10:38:20.0838 0x0e74 System windows directory: C:\Windows
10:38:20.0838 0x0e74 Running under WOW64
10:38:20.0838 0x0e74 Processor architecture: Intel x64
10:38:20.0838 0x0e74 Number of processors: 4
10:38:20.0838 0x0e74 Page size: 0x1000
10:38:20.0838 0x0e74 Boot type: Normal boot
10:38:20.0838 0x0e74 ============================================================
10:38:20.0988 0x0e74 KLMD registered as C:\Windows\system32\drivers\32027564.sys
10:38:21.0038 0x0e74 System UUID: {B749F31D-C523-34C3-A75C-97B7FC7F907F}
10:38:21.0348 0x0e74 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:38:21.0348 0x0e74 ============================================================
10:38:21.0348 0x0e74 \Device\Harddisk0\DR0:
10:38:21.0348 0x0e74 MBR partitions:
10:38:21.0348 0x0e74 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xC8000
10:38:21.0348 0x0e74 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC8800, BlocksNum 0x3A384800
10:38:21.0348 0x0e74 ============================================================
10:38:21.0348 0x0e74 C: <-> \Device\Harddisk0\DR0\Partition2
10:38:21.0348 0x0e74 ============================================================
10:38:21.0348 0x0e74 Initialize success
10:38:21.0348 0x0e74 ============================================================
10:40:05.0110 0x07f8 ============================================================
10:40:05.0110 0x07f8 Scan started
10:40:05.0120 0x07f8 Mode: Manual; SigCheck; TDLFS;
10:40:05.0120 0x07f8 ============================================================
10:40:05.0120 0x07f8 KSN ping started
10:40:30.0875 0x07f8 KSN ping finished: true
10:40:31.0025 0x07f8 ================ Scan system memory ========================
10:40:31.0025 0x07f8 System memory - ok
10:40:31.0025 0x07f8 ================ Scan services =============================
10:40:31.0065 0x07f8 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:40:31.0135 0x07f8 1394ohci - ok
10:40:31.0155 0x07f8 [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
10:40:31.0185 0x07f8 ACDaemon - ok
10:40:31.0195 0x07f8 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:40:31.0215 0x07f8 ACPI - ok
10:40:31.0215 0x07f8 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:40:31.0245 0x07f8 AcpiPmi - ok
10:40:31.0255 0x07f8 [ 1474F121C3DF1232D3E7239C03691EE6, 26D0F55010CB7C51269D94ECB5C5AA94802607685B9E9791A78B643C6227214F ] AdobeActiveFileMonitor9.0 c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
10:40:31.0265 0x07f8 AdobeActiveFileMonitor9.0 - ok
10:40:31.0265 0x07f8 [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:40:31.0275 0x07f8 AdobeARMservice - ok
10:40:31.0295 0x07f8 [ 00CC35F515079F5F94FABC3AC5C7D363, 7CE8B1715009602059DEDD6CBCA9C18EF079EDA344E7809813D6C0A395622B82 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:40:31.0305 0x07f8 AdobeFlashPlayerUpdateSvc - ok
10:40:31.0325 0x07f8 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
10:40:31.0345 0x07f8 adp94xx - ok
10:40:31.0365 0x07f8 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
10:40:31.0385 0x07f8 adpahci - ok
10:40:31.0395 0x07f8 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
10:40:31.0405 0x07f8 adpu320 - ok
10:40:31.0415 0x07f8 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:40:31.0525 0x07f8 AeLookupSvc - ok
10:40:31.0545 0x07f8 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
10:40:31.0565 0x07f8 AFD - ok
10:40:31.0575 0x07f8 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
10:40:31.0585 0x07f8 agp440 - ok
10:40:31.0585 0x07f8 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
10:40:31.0605 0x07f8 ALG - ok
10:40:31.0615 0x07f8 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
10:40:31.0615 0x07f8 aliide - ok
10:40:31.0625 0x07f8 [ 27886774FF03FCA3A6C1A7E7E15E771B, DA3665D403D4F0461135479EDF79E78A05258784AF377C95340EBF5227DE4FB6 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
10:40:31.0685 0x07f8 AMD External Events Utility - ok
10:40:31.0695 0x07f8 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
10:40:31.0705 0x07f8 amdide - ok
10:40:31.0705 0x07f8 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
10:40:31.0715 0x07f8 AmdK8 - ok
10:40:32.0025 0x07f8 [ D39BB7315C0F5FDF8258BDBFC4268AF0, A1FB0D1C9534290E6CFD62DF3ADCD95412560DF16D1BB86AE0BD7FC768D7334D ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
10:40:32.0345 0x07f8 amdkmdag - ok
10:40:32.0365 0x07f8 [ 4AEDBEDB288E6A32FD48F2768D59826D, B1ABB708C8AF7155CF724343D75C96EF035ABB1B0C62283A19E44AF7C9DA747F ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
10:40:32.0395 0x07f8 amdkmdap - ok
10:40:32.0395 0x07f8 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
10:40:32.0415 0x07f8 AmdPPM - ok
10:40:32.0415 0x07f8 [ 6EC6D772EAE38DC17C14AED9B178D24B, B4FB936B31B1265B8CC6B426C64965C34D0CCF1638E645ACD65E88F4AFFC57A6 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:40:32.0435 0x07f8 amdsata - ok
10:40:32.0445 0x07f8 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
10:40:32.0455 0x07f8 amdsbs - ok
10:40:32.0465 0x07f8 [ 1142A21DB581A84EA5597B03A26EBAA0, F94EB140D0CD068760D7EB081FF75154C75DAC75E5E24B6DE4E4F9CE65A70343 ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:40:32.0465 0x07f8 amdxata - ok
10:40:32.0495 0x07f8 [ D908096B873B940BB438CE63BA35BD1E, F1C79C907E6CDBC2770C16AFFAE0D6F9B9B7DA21F5074D602AC5FE1597975748 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
10:40:32.0515 0x07f8 AntiVirMailService - ok
10:40:32.0535 0x07f8 [ EC705D6ED3A7F3D9AE42F6239707D9FE, B50F6BB0FC308E7403B1807DF2AAF87BEDE0B044128C580970A26801CCABC43F ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
10:40:32.0545 0x07f8 AntiVirSchedulerService - ok
10:40:32.0555 0x07f8 [ EC705D6ED3A7F3D9AE42F6239707D9FE, B50F6BB0FC308E7403B1807DF2AAF87BEDE0B044128C580970A26801CCABC43F ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
10:40:32.0575 0x07f8 AntiVirService - ok
10:40:32.0605 0x07f8 [ 0F3D12E5FAE0082DB3F306095CA6B027, 726D054357031F45B43C87D798E84FA93439ECA6C691EB8C76FE524B50C25B32 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
10:40:32.0635 0x07f8 AntiVirWebService - ok
10:40:32.0655 0x07f8 [ 9DC1A45BA81C923DB68A162B0F0D0149, 0B3EC531651B22DFC3F4EB0A19F4F5B5C094F77BFC245FBB1A1BE28DD8B6516D ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
10:40:32.0665 0x07f8 ApfiltrService - ok
10:40:32.0675 0x07f8 [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
10:40:32.0685 0x07f8 AppID - ok
10:40:32.0695 0x07f8 [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:40:32.0705 0x07f8 AppIDSvc - ok
10:40:32.0705 0x07f8 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
10:40:32.0725 0x07f8 Appinfo - ok
10:40:32.0725 0x07f8 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
10:40:32.0735 0x07f8 arc - ok
10:40:32.0745 0x07f8 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
10:40:32.0755 0x07f8 arcsas - ok
10:40:32.0755 0x07f8 [ C130BC4A51B1382B2BE8E44579EC4C0A, CC1FD33ED7CAD87A504D8678F8482CAECACD18C727BB97FFB86F39255563EEF2 ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
10:40:32.0765 0x07f8 ArcSoftKsUFilter - ok
10:40:32.0775 0x07f8 [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:40:32.0785 0x07f8 aspnet_state - ok
10:40:32.0785 0x07f8 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:40:32.0815 0x07f8 AsyncMac - ok
10:40:32.0825 0x07f8 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
10:40:32.0835 0x07f8 atapi - ok
10:40:32.0855 0x07f8 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:40:32.0885 0x07f8 AudioEndpointBuilder - ok
10:40:32.0905 0x07f8 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:40:32.0925 0x07f8 AudioSrv - ok
10:40:32.0935 0x07f8 [ 43B6D229C7DBA9F0FC0FC0C318DB5350, F5A525DBD71FC4A323E92839C6D27F323FB304B7E9FFA35E89E9B419570AA4C8 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
10:40:32.0945 0x07f8 avgntflt - ok
10:40:32.0945 0x07f8 [ 626D1BAD7A1975A8FEE8876A8AD0EEA7, 59772746A2DF3B7E8D021756B8A64569AC8468CA1C802EB594494224354F1E60 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
10:40:32.0965 0x07f8 avipbb - ok
10:40:32.0965 0x07f8 [ 0D32033DCB359FD98B4C3513EF849FE6, 5870D67526BC29D888DAF8DBAB04B1E97ED5C7C51484ED400A5E65D0EB61576A ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
10:40:32.0975 0x07f8 Avira.OE.ServiceHost - ok
10:40:32.0985 0x07f8 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
10:40:32.0995 0x07f8 avkmgr - ok
10:40:32.0995 0x07f8 [ 13253E5E3B6BDF945B63B336A8C9489B, 671C716E43F89D4BDDAA2BE045CDEBBB569C85BC2BA334E1F550187B79A7740D ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
10:40:33.0005 0x07f8 avnetflt - ok
10:40:33.0015 0x07f8 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:40:33.0035 0x07f8 AxInstSV - ok
10:40:33.0055 0x07f8 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
10:40:33.0075 0x07f8 b06bdrv - ok
10:40:33.0095 0x07f8 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:40:33.0105 0x07f8 b57nd60a - ok
10:40:33.0115 0x07f8 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
10:40:33.0135 0x07f8 BDESVC - ok
10:40:33.0135 0x07f8 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
10:40:33.0165 0x07f8 Beep - ok
10:40:33.0195 0x07f8 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
10:40:33.0225 0x07f8 BFE - ok
10:40:33.0245 0x07f8 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
10:40:33.0325 0x07f8 BITS - ok
10:40:33.0325 0x07f8 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:40:33.0335 0x07f8 blbdrive - ok
10:40:33.0345 0x07f8 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:40:33.0355 0x07f8 bowser - ok
10:40:33.0365 0x07f8 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:40:33.0385 0x07f8 BrFiltLo - ok
10:40:33.0395 0x07f8 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:40:33.0405 0x07f8 BrFiltUp - ok
10:40:33.0415 0x07f8 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
10:40:33.0425 0x07f8 Browser - ok
10:40:33.0435 0x07f8 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:40:33.0455 0x07f8 Brserid - ok
10:40:33.0465 0x07f8 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:40:33.0475 0x07f8 BrSerWdm - ok
10:40:33.0475 0x07f8 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:40:33.0485 0x07f8 BrUsbMdm - ok
10:40:33.0495 0x07f8 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:40:33.0505 0x07f8 BrUsbSer - ok
10:40:33.0505 0x07f8 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
10:40:33.0525 0x07f8 BthEnum - ok
10:40:33.0525 0x07f8 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
10:40:33.0545 0x07f8 BTHMODEM - ok
10:40:33.0545 0x07f8 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
10:40:33.0565 0x07f8 BthPan - ok
10:40:33.0595 0x07f8 [ 64C198198501F7560EE41D8D1EFA7952, 53CE5FDD1866FC8A0B91C7A620F7555D197488C4C8F3DEFD4398D8E3ED2AEBD0 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
10:40:33.0645 0x07f8 BTHPORT - ok
10:40:33.0645 0x07f8 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
10:40:33.0685 0x07f8 bthserv - ok
10:40:33.0685 0x07f8 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
10:40:33.0705 0x07f8 BTHUSB - ok
10:40:33.0715 0x07f8 [ 7A2CE8C1BF4DAA1F2766E21E9CA11078, 2AF02D206F60F95185894D829D7CC322C4986847153269DE186E11EE2353FBBC ] btwampfl C:\Windows\system32\drivers\btwampfl.sys
10:40:33.0735 0x07f8 btwampfl - ok
10:40:33.0745 0x07f8 [ A75BF6802A967F5AACECC3C67FEBDF55, 7FD561C3817ABE48121926361ED12943A1EF5C0006689DCE3813697868D763B4 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
10:40:33.0755 0x07f8 btwaudio - ok
10:40:33.0755 0x07f8 [ D895DC213EDBDA5FCC53AAD1F1E0E63B, FF3B483752E45911C267367B102EA0901BE13840FDBA083D0B7FF3379C37B898 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
10:40:33.0765 0x07f8 btwavdt - ok
10:40:33.0795 0x07f8 [ 692F8648D7686D91E34A65AC698019D8, CC7544513AA089BDB0FCE74156C88CBB4182C96F97785A64ED5D3061B039516E ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
10:40:33.0825 0x07f8 btwdins - ok
10:40:33.0825 0x07f8 [ 07096D2BC22CCB6CEA5A532DF0BE8A75, A9B7F2EFFDF1E4EC0A5DC098F0ED2BE44E271844A4F1CBAD2FA1655DE1E03F6E ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
10:40:33.0835 0x07f8 btwl2cap - ok
10:40:33.0835 0x07f8 [ 6D7AA2BDE0135599C5F230D69DB3B420, 5179F57976B3903B5D45C5B383C691BCB26411B5C98296F99C1F79EF863E1E0A ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
10:40:33.0845 0x07f8 btwrchid - ok
10:40:33.0855 0x07f8 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:40:33.0885 0x07f8 cdfs - ok
10:40:33.0885 0x07f8 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys
10:40:33.0905 0x07f8 cdrom - ok
10:40:33.0905 0x07f8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
10:40:33.0935 0x07f8 CertPropSvc - ok
10:40:33.0945 0x07f8 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
10:40:33.0955 0x07f8 circlass - ok
10:40:33.0965 0x07f8 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
10:40:33.0985 0x07f8 CLFS - ok
10:40:33.0985 0x07f8 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:40:34.0005 0x07f8 clr_optimization_v2.0.50727_32 - ok
10:40:34.0005 0x07f8 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:40:34.0015 0x07f8 clr_optimization_v2.0.50727_64 - ok
10:40:34.0025 0x07f8 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:40:34.0045 0x07f8 clr_optimization_v4.0.30319_32 - ok
10:40:34.0045 0x07f8 [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:40:34.0065 0x07f8 clr_optimization_v4.0.30319_64 - ok
10:40:34.0065 0x07f8 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:40:34.0075 0x07f8 CmBatt - ok
10:40:34.0085 0x07f8 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:40:34.0095 0x07f8 cmdide - ok
10:40:34.0105 0x07f8 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
10:40:34.0135 0x07f8 CNG - ok
10:40:34.0135 0x07f8 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
10:40:34.0145 0x07f8 Compbatt - ok
10:40:34.0155 0x07f8 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
10:40:34.0165 0x07f8 CompositeBus - ok
10:40:34.0165 0x07f8 COMSysApp - ok
10:40:34.0175 0x07f8 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
10:40:34.0185 0x07f8 crcdisk - ok
10:40:34.0185 0x07f8 [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:40:34.0205 0x07f8 CryptSvc - ok
10:40:34.0225 0x07f8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:40:34.0265 0x07f8 DcomLaunch - ok
10:40:34.0265 0x07f8 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
10:40:34.0305 0x07f8 defragsvc - ok
10:40:34.0315 0x07f8 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:40:34.0345 0x07f8 DfsC - ok
10:40:34.0355 0x07f8 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
10:40:34.0385 0x07f8 Dhcp - ok
10:40:34.0395 0x07f8 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
10:40:34.0425 0x07f8 discache - ok
10:40:34.0425 0x07f8 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
10:40:34.0435 0x07f8 Disk - ok
10:40:34.0445 0x07f8 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:40:34.0455 0x07f8 Dnscache - ok
10:40:34.0465 0x07f8 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
10:40:34.0505 0x07f8 dot3svc - ok
10:40:34.0505 0x07f8 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
10:40:34.0535 0x07f8 DPS - ok
10:40:34.0545 0x07f8 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:40:34.0555 0x07f8 drmkaud - ok
10:40:34.0585 0x07f8 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:40:34.0625 0x07f8 DXGKrnl - ok
10:40:34.0645 0x07f8 [ 50AD8FC1DC800FF36087994C8F7FDFF2, E3DA8DCE76599E0E1F0D80AA1483D6BECFE0F7242147D986A6AF3A4362FC2C80 ] e1yexpress C:\Windows\system32\DRIVERS\e1y60x64.sys
10:40:34.0665 0x07f8 e1yexpress - ok
10:40:34.0665 0x07f8 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
10:40:34.0705 0x07f8 EapHost - ok
10:40:34.0795 0x07f8 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
10:40:34.0895 0x07f8 ebdrv - ok
10:40:34.0895 0x07f8 [ 4C3FAC816925F73A34AD52F1F7C0A7EA, 7E9B4F68E2ADABA3A9324DA16CF680D77CF2812D4BD0BFCFF0173CA61260A3FE ] EFS C:\Windows\System32\lsass.exe
10:40:34.0915 0x07f8 EFS - ok
10:40:34.0945 0x07f8 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:40:34.0985 0x07f8 ehRecvr - ok
10:40:34.0995 0x07f8 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
10:40:35.0005 0x07f8 ehSched - ok
10:40:35.0025 0x07f8 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
10:40:35.0045 0x07f8 elxstor - ok
10:40:35.0055 0x07f8 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:40:35.0065 0x07f8 ErrDev - ok
10:40:35.0085 0x07f8 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
10:40:35.0115 0x07f8 EventSystem - ok
10:40:35.0165 0x07f8 [ F8F610093E1D7FDFA477FC34D15D5C60, 9CBBCEEA7ED6CA6C09B60CD8A2EA6744F4F701B76E235287CEBCE8BD744B0BD7 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
10:40:35.0205 0x07f8 EvtEng - ok
10:40:35.0215 0x07f8 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
10:40:35.0245 0x07f8 exfat - ok
10:40:35.0255 0x07f8 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:40:35.0295 0x07f8 fastfat - ok
10:40:35.0305 0x07f8 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
10:40:35.0335 0x07f8 Fax - ok
10:40:35.0335 0x07f8 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
10:40:35.0355 0x07f8 fdc - ok
10:40:35.0355 0x07f8 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
10:40:35.0385 0x07f8 fdPHost - ok
10:40:35.0385 0x07f8 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
10:40:35.0415 0x07f8 FDResPub - ok
10:40:35.0425 0x07f8 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:40:35.0435 0x07f8 FileInfo - ok
10:40:35.0435 0x07f8 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:40:35.0465 0x07f8 Filetrace - ok
10:40:35.0495 0x07f8 [ F76D04F7413B07DAA029F6520B64B4E8, 3EB13C0EFE737880853FB8952381E7A57723F9472E0E4ED7CDA8A0D7DE8DC90D ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
10:40:35.0525 0x07f8 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
10:40:38.0195 0x07f8 Detect skipped due to KSN trusted
10:40:38.0195 0x07f8 FLEXnet Licensing Service - ok
10:40:38.0205 0x07f8 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
10:40:38.0235 0x07f8 flpydisk - ok
10:40:38.0255 0x07f8 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:40:38.0265 0x07f8 FltMgr - ok
10:40:38.0295 0x07f8 [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache C:\Windows\system32\FntCache.dll
10:40:38.0335 0x07f8 FontCache - ok
10:40:38.0345 0x07f8 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:40:38.0345 0x07f8 FontCache3.0.0.0 - ok
10:40:38.0355 0x07f8 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:40:38.0365 0x07f8 FsDepends - ok
10:40:38.0365 0x07f8 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:40:38.0375 0x07f8 Fs_Rec - ok
10:40:38.0385 0x07f8 [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:40:38.0405 0x07f8 fvevol - ok
10:40:38.0415 0x07f8 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
10:40:38.0425 0x07f8 gagp30kx - ok
10:40:38.0455 0x07f8 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
10:40:38.0515 0x07f8 gpsvc - ok
10:40:38.0515 0x07f8 [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
10:40:38.0535 0x07f8 gusvc - ok
10:40:38.0535 0x07f8 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:40:38.0545 0x07f8 hcw85cir - ok
10:40:38.0565 0x07f8 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:40:38.0595 0x07f8 HdAudAddService - ok
10:40:38.0595 0x07f8 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
10:40:38.0615 0x07f8 HDAudBus - ok
10:40:38.0615 0x07f8 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
10:40:38.0625 0x07f8 HidBatt - ok
10:40:38.0635 0x07f8 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
10:40:38.0645 0x07f8 HidBth - ok
10:40:38.0655 0x07f8 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
10:40:38.0665 0x07f8 HidIr - ok
10:40:38.0665 0x07f8 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
10:40:38.0695 0x07f8 hidserv - ok
10:40:38.0705 0x07f8 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:40:38.0715 0x07f8 HidUsb - ok
10:40:38.0715 0x07f8 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:40:38.0745 0x07f8 hkmsvc - ok
10:40:38.0755 0x07f8 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:40:38.0775 0x07f8 HomeGroupListener - ok
10:40:38.0775 0x07f8 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:40:38.0795 0x07f8 HomeGroupProvider - ok
10:40:38.0805 0x07f8 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:40:38.0815 0x07f8 HpSAMD - ok
10:40:38.0835 0x07f8 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:40:38.0865 0x07f8 HTTP - ok
10:40:38.0865 0x07f8 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:40:38.0875 0x07f8 hwpolicy - ok
10:40:38.0885 0x07f8 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
10:40:38.0905 0x07f8 i8042prt - ok
10:40:38.0915 0x07f8 [ D7921D5A870B11CC1ADAB198A519D50A, 5DF99EB5D5504E9D9EB21658E8B4A58DEE2AD143A1875DB7F9B7BF4877FCB57F ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
10:40:38.0935 0x07f8 iaStor - ok
10:40:38.0935 0x07f8 [ 8FFF9083252C16FE3960173722605E9E, 6546FDA34B9AF94C5E86E5269BBC2F02F1E78D6D4BE5B5EC01F4B284CC934994 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
10:40:38.0945 0x07f8 IAStorDataMgrSvc - ok
10:40:38.0965 0x07f8 [ 3DF4395A7CF8B7A72A5F4606366B8C2D, 483588B8FC6E05488ED631C4E1CFC398553FEBFA2CD2BB527B4DF12D19774F80 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:40:38.0985 0x07f8 iaStorV - ok
10:40:39.0105 0x07f8 [ 3CC7B3BB1A9EA201A040883EDFAA67A0, F543A779BA8CBFD5E0B939844B9CB47A2C05A400C693635F520438C18FFDFAF1 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
10:40:39.0165 0x07f8 IconMan_R - ok
10:40:39.0195 0x07f8 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:40:39.0235 0x07f8 idsvc - ok
10:40:39.0235 0x07f8 IEEtwCollectorService - ok
10:40:39.0685 0x07f8 [ 0AC9E321D604BE48A0D72B69BA484BDC, CAB41D696F86105ABC660DB66EFC602E81F725B809E821DE48912F2452EA8BEC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
10:40:40.0145 0x07f8 igfx - ok
10:40:40.0165 0x07f8 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
10:40:40.0175 0x07f8 iirsp - ok
10:40:40.0205 0x07f8 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
10:40:40.0245 0x07f8 IKEEXT - ok
10:40:40.0335 0x07f8 [ CDB772F707AC24B43A20C821852CA61F, E9C7D1026A99BCCB7908ED370E86C1DADE1594A00BC9B9B6B89B383ED21D080B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:40:40.0435 0x07f8 IntcAzAudAddService - ok
10:40:40.0445 0x07f8 [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
10:40:40.0455 0x07f8 IntcDAud - ok
10:40:40.0465 0x07f8 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
10:40:40.0475 0x07f8 intelide - ok
10:40:40.0895 0x07f8 [ 0AC9E321D604BE48A0D72B69BA484BDC, CAB41D696F86105ABC660DB66EFC602E81F725B809E821DE48912F2452EA8BEC ] intelkmd C:\Windows\system32\DRIVERS\igdpmd64.sys
10:40:41.0325 0x07f8 intelkmd - ok
10:40:41.0345 0x07f8 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:40:41.0355 0x07f8 intelppm - ok
10:40:41.0355 0x07f8 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:40:41.0385 0x07f8 IPBusEnum - ok
10:40:41.0395 0x07f8 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:40:41.0425 0x07f8 IpFilterDriver - ok
10:40:41.0445 0x07f8 [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:40:41.0485 0x07f8 iphlpsvc - ok
10:40:41.0485 0x07f8 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:40:41.0505 0x07f8 IPMIDRV - ok
10:40:41.0505 0x07f8 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:40:41.0535 0x07f8 IPNAT - ok
10:40:41.0545 0x07f8 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:40:41.0565 0x07f8 IRENUM - ok
10:40:41.0565 0x07f8 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:40:41.0575 0x07f8 isapnp - ok
10:40:41.0595 0x07f8 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:40:41.0615 0x07f8 iScsiPrt - ok
10:40:41.0615 0x07f8 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:40:41.0625 0x07f8 kbdclass - ok
10:40:41.0635 0x07f8 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
10:40:41.0645 0x07f8 kbdhid - ok
10:40:41.0645 0x07f8 [ 4C3FAC816925F73A34AD52F1F7C0A7EA, 7E9B4F68E2ADABA3A9324DA16CF680D77CF2812D4BD0BFCFF0173CA61260A3FE ] KeyIso C:\Windows\system32\lsass.exe
10:40:41.0655 0x07f8 KeyIso - ok
10:40:41.0665 0x07f8 [ C93EB3A92540830168F2057ECA7DE49A, 91DAEAD52B517E1E7CE9AAAE478493732156AA3122E6D16F7E8BD37116BB501C ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:40:41.0675 0x07f8 KSecDD - ok
10:40:41.0685 0x07f8 [ 43F45C59A472993E5063F2DB2D22C509, E21B48733619B49272F46E01432D76072AC9241F55CDF08E84AF6277E3BF972A ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:40:41.0695 0x07f8 KSecPkg - ok
10:40:41.0695 0x07f8 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:40:41.0735 0x07f8 ksthunk - ok
10:40:41.0755 0x07f8 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
10:40:41.0795 0x07f8 KtmRm - ok
10:40:41.0795 0x07f8 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
10:40:41.0835 0x07f8 LanmanServer - ok
10:40:41.0835 0x07f8 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:40:41.0875 0x07f8 LanmanWorkstation - ok
10:40:41.0875 0x07f8 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:40:41.0905 0x07f8 lltdio - ok
10:40:41.0925 0x07f8 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:40:41.0965 0x07f8 lltdsvc - ok
10:40:41.0965 0x07f8 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:40:41.0995 0x07f8 lmhosts - ok
10:40:42.0005 0x07f8 [ 2ED1786B7542CDA261029F6B526EDF44, C6131B65B045EF5B4F62CF6CF089DF0921BA6A8EFC83BCBA45D5DDE78E9D78E2 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
10:40:42.0025 0x07f8 LMS - ok
10:40:42.0035 0x07f8 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
10:40:42.0045 0x07f8 LSI_FC - ok
10:40:42.0045 0x07f8 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
10:40:42.0065 0x07f8 LSI_SAS - ok
10:40:42.0065 0x07f8 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:40:42.0075 0x07f8 LSI_SAS2 - ok
10:40:42.0085 0x07f8 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:40:42.0095 0x07f8 LSI_SCSI - ok
10:40:42.0105 0x07f8 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
10:40:42.0135 0x07f8 luafv - ok
10:40:42.0145 0x07f8 [ 77AB66599EAFF797744D17C502FECDB9, E3A356AC3D6958B08C126D2C4231F2F7A655348606AE53FB95C6DA17908B32D1 ] McComponentHostServiceSony C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe
10:40:42.0165 0x07f8 McComponentHostServiceSony - ok
10:40:42.0165 0x07f8 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:40:42.0185 0x07f8 Mcx2Svc - ok
10:40:42.0185 0x07f8 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
10:40:42.0195 0x07f8 megasas - ok
10:40:42.0205 0x07f8 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
10:40:42.0225 0x07f8 MegaSR - ok
10:40:42.0225 0x07f8 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
10:40:42.0235 0x07f8 MEIx64 - ok
10:40:42.0235 0x07f8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
10:40:42.0265 0x07f8 MMCSS - ok
10:40:42.0275 0x07f8 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
10:40:42.0305 0x07f8 Modem - ok
10:40:42.0305 0x07f8 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:40:42.0315 0x07f8 monitor - ok
10:40:42.0325 0x07f8 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:40:42.0335 0x07f8 mouclass - ok
10:40:42.0335 0x07f8 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:40:42.0345 0x07f8 mouhid - ok
10:40:42.0355 0x07f8 [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:40:42.0365 0x07f8 mountmgr - ok
10:40:42.0365 0x07f8 [ 9FC679D10A7377BB04ECC3D0E2E26B53, 24ACD4EC1618A052C29E4463138B28F62C8B78D442DB82F4925E64FC5849A096 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:40:42.0385 0x07f8 MozillaMaintenance - ok
10:40:42.0395 0x07f8 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
10:40:42.0415 0x07f8 mpio - ok
10:40:42.0415 0x07f8 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:40:42.0445 0x07f8 mpsdrv - ok
10:40:42.0475 0x07f8 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:40:42.0535 0x07f8 MpsSvc - ok
10:40:42.0535 0x07f8 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:40:42.0555 0x07f8 MRxDAV - ok
10:40:42.0565 0x07f8 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:40:42.0575 0x07f8 mrxsmb - ok
10:40:42.0595 0x07f8 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:40:42.0605 0x07f8 mrxsmb10 - ok
10:40:42.0615 0x07f8 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:40:42.0625 0x07f8 mrxsmb20 - ok
10:40:42.0635 0x07f8 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
10:40:42.0645 0x07f8 msahci - ok
10:40:42.0655 0x07f8 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:40:42.0665 0x07f8 msdsm - ok
10:40:42.0675 0x07f8 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
10:40:42.0695 0x07f8 MSDTC - ok
10:40:42.0695 0x07f8 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:40:42.0725 0x07f8 Msfs - ok
10:40:42.0725 0x07f8 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:40:42.0755 0x07f8 mshidkmdf - ok
10:40:42.0765 0x07f8 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:40:42.0775 0x07f8 msisadrv - ok
10:40:42.0785 0x07f8 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:40:42.0815 0x07f8 MSiSCSI - ok
10:40:42.0815 0x07f8 msiserver - ok
10:40:42.0825 0x07f8 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:40:42.0845 0x07f8 MSKSSRV - ok
10:40:42.0855 0x07f8 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:40:42.0875 0x07f8 MSPCLOCK - ok
10:40:42.0885 0x07f8 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:40:42.0915 0x07f8 MSPQM - ok
10:40:42.0925 0x07f8 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:40:42.0945 0x07f8 MsRPC - ok
10:40:42.0945 0x07f8 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
10:40:42.0955 0x07f8 mssmbios - ok
10:40:42.0955 0x07f8 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:40:42.0985 0x07f8 MSTEE - ok
10:40:42.0985 0x07f8 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
10:40:43.0005 0x07f8 MTConfig - ok
10:40:43.0005 0x07f8 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
10:40:43.0015 0x07f8 Mup - ok
10:40:43.0025 0x07f8 [ F6EA50DBC391F04CA49427010657CCB3, 4D45B7CF42E090416F6702CF47C69094FE1D98AA3D2279AAFCC934FE091417AE ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
10:40:43.0045 0x07f8 MyWiFiDHCPDNS - ok
10:40:43.0055 0x07f8 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
10:40:43.0095 0x07f8 napagent - ok
10:40:43.0105 0x07f8 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:40:43.0135 0x07f8 NativeWifiP - ok
10:40:43.0165 0x07f8 [ 79B47FD40D9A817E932F9D26FAC0A81C, 53E260B8BFC50BA45FA73BFCF4E58C233890D0EAA9DEFDCCBB55FD3EB992FF2D ] NDIS C:\Windows\system32\drivers\ndis.sys
10:40:43.0215 0x07f8 NDIS - ok
10:40:43.0215 0x07f8 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:40:43.0245 0x07f8 NdisCap - ok
10:40:43.0245 0x07f8 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:40:43.0275 0x07f8 NdisTapi - ok
10:40:43.0285 0x07f8 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:40:43.0315 0x07f8 Ndisuio - ok
10:40:43.0325 0x07f8 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:40:43.0355 0x07f8 NdisWan - ok
10:40:43.0365 0x07f8 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:40:43.0395 0x07f8 NDProxy - ok
10:40:43.0395 0x07f8 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:40:43.0425 0x07f8 NetBIOS - ok
10:40:43.0435 0x07f8 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:40:43.0465 0x07f8 NetBT - ok
10:40:43.0475 0x07f8 [ 4C3FAC816925F73A34AD52F1F7C0A7EA, 7E9B4F68E2ADABA3A9324DA16CF680D77CF2812D4BD0BFCFF0173CA61260A3FE ] Netlogon C:\Windows\system32\lsass.exe
10:40:43.0485 0x07f8 Netlogon - ok
10:40:43.0495 0x07f8 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
10:40:43.0525 0x07f8 Netman - ok
10:40:43.0535 0x07f8 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:40:43.0545 0x07f8 NetMsmqActivator - ok
10:40:43.0555 0x07f8 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:40:43.0565 0x07f8 NetPipeActivator - ok
10:40:43.0585 0x07f8 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
10:40:43.0635 0x07f8 netprofm - ok
10:40:43.0645 0x07f8 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:40:43.0655 0x07f8 NetTcpActivator - ok
10:40:43.0655 0x07f8 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:40:43.0665 0x07f8 NetTcpPortSharing - ok
10:40:43.0805 0x07f8 [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
10:40:43.0955 0x07f8 netw5v64 - ok
10:40:44.0145 0x07f8 [ 30933BB56FB611D0252BAD488ADFB533, 660B96A1BB6158224E518E6847E16C5A876C516C39FACFF87ABC9A200447B809 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
10:40:44.0355 0x07f8 NETwNs64 - ok
10:40:44.0365 0x07f8 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
10:40:44.0375 0x07f8 nfrd960 - ok
10:40:44.0385 0x07f8 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
10:40:44.0405 0x07f8 NlaSvc - ok
10:40:44.0405 0x07f8 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:40:44.0435 0x07f8 Npfs - ok
10:40:44.0445 0x07f8 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
10:40:44.0475 0x07f8 nsi - ok
10:40:44.0475 0x07f8 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:40:44.0505 0x07f8 nsiproxy - ok
10:40:44.0555 0x07f8 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:40:44.0605 0x07f8 Ntfs - ok
10:40:44.0615 0x07f8 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
10:40:44.0645 0x07f8 Null - ok
10:40:44.0645 0x07f8 [ 786DB821BFD57C0551DBBE4F75384A7D, F956D636F834F2BA5F019E187FDB9CC33940363C75A60E53CD81310A4DB6A6AB ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
10:40:44.0655 0x07f8 nusb3hub - ok
10:40:44.0665 0x07f8 [ DAA8005CAF745042BB427A1ED7433354, 3019002F174783B76D5D8AA47F7A465B7FEC7C14235B70E5C9277FE534839226 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
10:40:44.0685 0x07f8 nusb3xhc - ok
10:40:44.0695 0x07f8 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48, 7738785DE8B50D69993F4408498B812D0283FEE5C04FF5B89C20F149B44E9737 ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:40:44.0705 0x07f8 nvraid - ok
10:40:44.0725 0x07f8 [ F7CD50FE7139F07E77DA8AC8033D1832, DA96F4B15C8165E6AE1D00E03A062C66CA3A3089E4FF0E9E11CE00B154DD12EC ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:40:44.0735 0x07f8 nvstor - ok
10:40:44.0745 0x07f8 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:40:44.0755 0x07f8 nv_agp - ok
10:40:44.0775 0x07f8 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:40:44.0795 0x07f8 odserv - ok
10:40:44.0805 0x07f8 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:40:44.0825 0x07f8 ohci1394 - ok
10:40:44.0825 0x07f8 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:40:44.0845 0x07f8 ose - ok
10:40:44.0855 0x07f8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:40:44.0875 0x07f8 p2pimsvc - ok
10:40:44.0885 0x07f8 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
10:40:44.0915 0x07f8 p2psvc - ok
10:40:44.0915 0x07f8 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
10:40:44.0935 0x07f8 Parport - ok
10:40:44.0935 0x07f8 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:40:44.0945 0x07f8 partmgr - ok
10:40:44.0955 0x07f8 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
10:40:44.0965 0x07f8 PcaSvc - ok
10:40:44.0975 0x07f8 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
10:40:44.0995 0x07f8 pci - ok
10:40:44.0995 0x07f8 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
10:40:45.0005 0x07f8 pciide - ok
10:40:45.0015 0x07f8 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
10:40:45.0025 0x07f8 pcmcia - ok
10:40:45.0035 0x07f8 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
10:40:45.0045 0x07f8 pcw - ok
10:40:45.0065 0x07f8 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:40:45.0085 0x07f8 PEAUTH - ok
10:40:45.0105 0x07f8 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:40:45.0115 0x07f8 PerfHost - ok
10:40:45.0155 0x07f8 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
10:40:45.0215 0x07f8 pla - ok
10:40:45.0235 0x07f8 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:40:45.0255 0x07f8 PlugPlay - ok
10:40:45.0265 0x07f8 [ 63694C307273062A2167AE4CE80730EF, 788E762D02A8BE9802143361A5768364A994B20E769A9733FA5827F526432893 ] PMBDeviceInfoProvider c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
10:40:45.0285 0x07f8 PMBDeviceInfoProvider - ok
10:40:45.0285 0x07f8 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:40:45.0295 0x07f8 PNRPAutoReg - ok
10:40:45.0305 0x07f8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:40:45.0325 0x07f8 PNRPsvc - ok
10:40:45.0345 0x07f8 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:40:45.0385 0x07f8 PolicyAgent - ok
10:40:45.0395 0x07f8 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
10:40:45.0425 0x07f8 Power - ok
10:40:45.0435 0x07f8 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:40:45.0465 0x07f8 PptpMiniport - ok
10:40:45.0475 0x07f8 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
10:40:45.0485 0x07f8 Processor - ok
10:40:45.0495 0x07f8 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
10:40:45.0505 0x07f8 ProfSvc - ok
10:40:45.0515 0x07f8 [ 4C3FAC816925F73A34AD52F1F7C0A7EA, 7E9B4F68E2ADABA3A9324DA16CF680D77CF2812D4BD0BFCFF0173CA61260A3FE ] ProtectedStorage C:\Windows\system32\lsass.exe
10:40:45.0525 0x07f8 ProtectedStorage - ok
10:40:45.0525 0x07f8 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:40:45.0565 0x07f8 Psched - ok
10:40:45.0565 0x07f8 [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
10:40:45.0575 0x07f8 PxHlpa64 - ok
10:40:45.0615 0x07f8 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
10:40:45.0665 0x07f8 ql2300 - ok
10:40:45.0675 0x07f8 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
10:40:45.0685 0x07f8 ql40xx - ok
10:40:45.0695 0x07f8 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
10:40:45.0715 0x07f8 QWAVE - ok
10:40:45.0725 0x07f8 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:40:45.0735 0x07f8 QWAVEdrv - ok
10:40:45.0745 0x07f8 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:40:45.0775 0x07f8 RasAcd - ok
10:40:45.0775 0x07f8 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:40:45.0805 0x07f8 RasAgileVpn - ok
10:40:45.0815 0x07f8 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
10:40:45.0845 0x07f8 RasAuto - ok
10:40:45.0855 0x07f8 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:40:45.0885 0x07f8 Rasl2tp - ok
10:40:45.0905 0x07f8 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
10:40:45.0945 0x07f8 RasMan - ok
10:40:45.0955 0x07f8 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:40:45.0985 0x07f8 RasPppoe - ok
10:40:45.0985 0x07f8 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:40:46.0015 0x07f8 RasSstp - ok
10:40:46.0035 0x07f8 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:40:46.0075 0x07f8 rdbss - ok
10:40:46.0075 0x07f8 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
10:40:46.0085 0x07f8 rdpbus - ok
10:40:46.0095 0x07f8 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:40:46.0115 0x07f8 RDPCDD - ok
10:40:46.0125 0x07f8 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:40:46.0155 0x07f8 RDPENCDD - ok
10:40:46.0165 0x07f8 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:40:46.0195 0x07f8 RDPREFMP - ok
10:40:46.0205 0x07f8 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:40:46.0225 0x07f8 RDPWD - ok
10:40:46.0225 0x07f8 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:40:46.0245 0x07f8 rdyboost - ok
10:40:46.0265 0x07f8 [ 9276F4D4109FC349925D28E00E533146, 581645CA9EF3F46378001C54D058BF1EB075FF256F110A09734DB5DA6EBA7A7B ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
10:40:46.0295 0x07f8 RegSrvc - ok
10:40:46.0305 0x07f8 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:40:46.0335 0x07f8 RemoteAccess - ok
10:40:46.0345 0x07f8 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:40:46.0375 0x07f8 RemoteRegistry - ok
10:40:46.0385 0x07f8 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
10:40:46.0395 0x07f8 RFCOMM - ok
10:40:46.0405 0x07f8 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:40:46.0435 0x07f8 RpcEptMapper - ok
10:40:46.0435 0x07f8 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
10:40:46.0445 0x07f8 RpcLocator - ok
10:40:46.0465 0x07f8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
10:40:46.0505 0x07f8 RpcSs - ok
10:40:46.0515 0x07f8 [ EBBFA2B4E317AF86E93FEC4C04D7A9B3, 29480CCA0ACAB2D53D664042A0D7713247EDEBBBD4734783348669EFDE579CA9 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
10:40:46.0525 0x07f8 RSPCIESTOR - ok
10:40:46.0535 0x07f8 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:40:46.0565 0x07f8 rspndr - ok
10:40:46.0585 0x07f8 [ EA5532868BA76923D75BCB2A1448D810, C1489714C9BC95BB76134E6B8F28C5A3D044E9B2857F01BFEEEE7C8A25C74E7D ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
10:40:46.0605 0x07f8 RTL8167 - ok
10:40:46.0605 0x07f8 [ 4C3FAC816925F73A34AD52F1F7C0A7EA, 7E9B4F68E2ADABA3A9324DA16CF680D77CF2812D4BD0BFCFF0173CA61260A3FE ] SamSs C:\Windows\system32\lsass.exe
10:40:46.0615 0x07f8 SamSs - ok
10:40:46.0625 0x07f8 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:40:46.0635 0x07f8 sbp2port - ok
10:40:46.0645 0x07f8 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:40:46.0685 0x07f8 SCardSvr - ok
10:40:46.0685 0x07f8 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:40:46.0715 0x07f8 scfilter - ok
10:40:46.0755 0x07f8 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
10:40:46.0825 0x07f8 Schedule - ok
10:40:46.0825 0x07f8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
10:40:46.0855 0x07f8 SCPolicySvc - ok
10:40:46.0865 0x07f8 [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\Windows\system32\drivers\sdbus.sys
10:40:46.0875 0x07f8 sdbus - ok
10:40:46.0885 0x07f8 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:40:46.0905 0x07f8 SDRSVC - ok
10:40:46.0915 0x07f8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:40:46.0945 0x07f8 secdrv - ok
10:40:46.0945 0x07f8 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
10:40:46.0975 0x07f8 seclogon - ok
10:40:46.0975 0x07f8 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
10:40:47.0005 0x07f8 SENS - ok
10:40:47.0015 0x07f8 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:40:47.0025 0x07f8 SensrSvc - ok
10:40:47.0025 0x07f8 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
10:40:47.0035 0x07f8 Serenum - ok
10:40:47.0045 0x07f8 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
10:40:47.0055 0x07f8 Serial - ok
10:40:47.0065 0x07f8 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
10:40:47.0075 0x07f8 sermouse - ok
10:40:47.0085 0x07f8 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
10:40:47.0115 0x07f8 SessionEnv - ok
10:40:47.0115 0x07f8 [ 286D3889E6AB5589646FF8A63CB928AE, 98D9D34521328F4F0B0B7C2CAB97BA0EC998B9F3F996B5ED08E17292F1CD9452 ] SFEP C:\Windows\system32\DRIVERS\SFEP.sys
10:40:47.0125 0x07f8 SFEP - ok
10:40:47.0125 0x07f8 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:40:47.0135 0x07f8 sffdisk - ok
10:40:47.0145 0x07f8 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:40:47.0155 0x07f8 sffp_mmc - ok
10:40:47.0155 0x07f8 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:40:47.0175 0x07f8 sffp_sd - ok
10:40:47.0175 0x07f8 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
10:40:47.0185 0x07f8 sfloppy - ok
10:40:47.0195 0x07f8 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:40:47.0235 0x07f8 SharedAccess - ok
10:40:47.0245 0x07f8 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:40:47.0285 0x07f8 ShellHWDetection - ok
10:40:47.0285 0x07f8 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:40:47.0295 0x07f8 SiSRaid2 - ok
10:40:47.0305 0x07f8 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
10:40:47.0315 0x07f8 SiSRaid4 - ok
10:40:47.0315 0x07f8 [ 704B4F81729F676BBF034529FC334D82, 1E50DAF97836807A500284385D99272780A8B69CA88761250451060B207824F8 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
10:40:47.0335 0x07f8 SkypeUpdate - ok
10:40:47.0345 0x07f8 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:40:47.0375 0x07f8 Smb - ok
10:40:47.0375 0x07f8 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:40:47.0395 0x07f8 SNMPTRAP - ok
10:40:47.0405 0x07f8 [ C3E69DB0A4E59564230E053232F39AC7, D7E4AC42C0731F69869E96F3AE9021ABD968E17C92283A54F265E73E6BD60ED5 ] SOHCImp C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
10:40:47.0415 0x07f8 SOHCImp - ok
10:40:47.0425 0x07f8 [ 65CC4779A29C3E82B987BD4961790DFF, 91D072ADBCD4AEB2E10D0CC97E89E92099E8061A601F1A88425B4A20FC50FF78 ] SOHDms C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
10:40:47.0445 0x07f8 SOHDms - ok
10:40:47.0445 0x07f8 [ F47D75CEE1844EEF4A9EA6EE768828FB, 242550EB5879476DD2CFC0E38FAF3C6D0263FEA7504BD73ED3B004E274D7CDF6 ] SOHDs C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
10:40:47.0455 0x07f8 SOHDs - ok
10:40:47.0475 0x07f8 [ B8047E776E50FC2384801083A77900E0, 74439D81AA9841960503B9D04359FCE1733EF011E6863F295487BBCF199AB92F ] SpfService C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
10:40:47.0495 0x07f8 SpfService - ok
10:40:47.0495 0x07f8 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
10:40:47.0505 0x07f8 spldr - ok
10:40:47.0535 0x07f8 [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler C:\Windows\System32\spoolsv.exe
10:40:47.0585 0x07f8 Spooler - ok
10:40:47.0735 0x07f8 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
10:40:47.0915 0x07f8 sppsvc - ok
10:40:47.0925 0x07f8 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:40:47.0955 0x07f8 sppuinotify - ok
10:40:47.0965 0x07f8 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
10:40:47.0995 0x07f8 srv - ok
10:40:48.0005 0x07f8 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:40:48.0025 0x07f8 srv2 - ok
10:40:48.0035 0x07f8 [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
10:40:48.0055 0x07f8 SrvHsfHDA - ok
10:40:48.0095 0x07f8 [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
10:40:48.0145 0x07f8 SrvHsfV92 - ok
10:40:48.0175 0x07f8 [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
10:40:48.0205 0x07f8 SrvHsfWinac - ok
10:40:48.0215 0x07f8 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:40:48.0225 0x07f8 srvnet - ok
10:40:48.0235 0x07f8 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:40:48.0275 0x07f8 SSDPSRV - ok
10:40:48.0275 0x07f8 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:40:48.0305 0x07f8 SstpSvc - ok
10:40:48.0315 0x07f8 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
10:40:48.0325 0x07f8 stexstor - ok
10:40:48.0335 0x07f8 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
10:40:48.0365 0x07f8 stisvc - ok
10:40:48.0365 0x07f8 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
10:40:48.0375 0x07f8 swenum - ok
10:40:48.0395 0x07f8 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
10:40:48.0435 0x07f8 swprv - ok
10:40:48.0505 0x07f8 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
10:40:48.0585 0x07f8 SysMain - ok
10:40:48.0595 0x07f8 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:40:48.0605 0x07f8 TabletInputService - ok
10:40:48.0625 0x07f8 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
10:40:48.0675 0x07f8 TapiSrv - ok
10:40:48.0675 0x07f8 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
10:40:48.0705 0x07f8 TBS - ok
10:40:48.0765 0x07f8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:40:48.0825 0x07f8 Tcpip - ok
10:40:48.0875 0x07f8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:40:48.0935 0x07f8 TCPIP6 - ok
10:40:48.0945 0x07f8 [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:40:48.0965 0x07f8 tcpipreg - ok
10:40:48.0975 0x07f8 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:40:48.0985 0x07f8 TDPIPE - ok
10:40:48.0995 0x07f8 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:40:48.0995 0x07f8 TDTCP - ok
10:40:49.0005 0x07f8 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:40:49.0035 0x07f8 tdx - ok
10:40:49.0205 0x07f8 [ 5CEF407E235885DB5421DF79C843F2DF, B85D7C8A137B15BDF14DB9588CEDB09C67B0C7965F8E79121E2BA7796B16777C ] TeamViewer9 C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
10:40:49.0315 0x07f8 TeamViewer9 - ok
10:40:49.0325 0x07f8 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
10:40:49.0345 0x07f8 TermDD - ok
10:40:49.0355 0x07f8 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
10:40:49.0385 0x07f8 TermService - ok
10:40:49.0385 0x07f8 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
10:40:49.0405 0x07f8 Themes - ok
10:40:49.0405 0x07f8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
10:40:49.0435 0x07f8 THREADORDER - ok
10:40:49.0445 0x07f8 [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM C:\Windows\system32\drivers\tpm.sys
10:40:49.0455 0x07f8 TPM - ok
10:40:49.0465 0x07f8 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
10:40:49.0495 0x07f8 TrkWks - ok
10:40:49.0505 0x07f8 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:40:49.0535 0x07f8 TrustedInstaller - ok
10:40:49.0535 0x07f8 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:40:49.0555 0x07f8 tssecsrv - ok
10:40:49.0555 0x07f8 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:40:49.0565 0x07f8 TsUsbFlt - ok
10:40:49.0575 0x07f8 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:40:49.0605 0x07f8 tunnel - ok
10:40:49.0605 0x07f8 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
10:40:49.0615 0x07f8 uagp35 - ok
10:40:49.0625 0x07f8 [ 63F6D08C54D5B3C1B12A6172032055C7, 87D872731D2C85E1A0ED3128CB7AB91AF00D830B0E4307054ABFD1D3900C990D ] uCamMonitor C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
10:40:49.0635 0x07f8 uCamMonitor - ok
10:40:49.0645 0x07f8 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:40:49.0675 0x07f8 udfs - ok
10:40:49.0685 0x07f8 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:40:49.0695 0x07f8 UI0Detect - ok
10:40:49.0705 0x07f8 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:40:49.0715 0x07f8 uliagpkx - ok
10:40:49.0715 0x07f8 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
10:40:49.0735 0x07f8 umbus - ok
10:40:49.0735 0x07f8 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
10:40:49.0745 0x07f8 UmPass - ok
10:40:49.0825 0x07f8 [ 7E5E1603D0FF2D240AE70295C5C3FEFC, 1E5F8E415ACE3C6DFBE636473DBE051329174F2A085516B6FC1515A54014D02B ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
10:40:49.0885 0x07f8 UNS - ok
10:40:49.0895 0x07f8 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
10:40:49.0935 0x07f8 upnphost - ok
10:40:49.0945 0x07f8 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:40:49.0955 0x07f8 usbccgp - ok
10:40:49.0965 0x07f8 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:40:49.0985 0x07f8 usbcir - ok
10:40:49.0985 0x07f8 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
10:40:49.0995 0x07f8 usbehci - ok
10:40:50.0015 0x07f8 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:40:50.0035 0x07f8 usbhub - ok
10:40:50.0045 0x07f8 [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
10:40:50.0055 0x07f8 usbohci - ok
10:40:50.0055 0x07f8 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:40:50.0075 0x07f8 usbprint - ok
10:40:50.0075 0x07f8 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
10:40:50.0085 0x07f8 usbscan - ok
10:40:50.0095 0x07f8 [ C9DF9F9F76C3737EE8715F959857E246, 5826371E5B46650B1F1F61A0A9B59DA2155901209D2E529E79A9AA38E7871D1F ] UsbService C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe
10:40:50.0105 0x07f8 UsbService - detected UnsignedFile.Multi.Generic ( 1 )
10:40:53.0865 0x07f8 Detect skipped due to KSN trusted
10:40:53.0865 0x07f8 UsbService - ok
10:40:53.0885 0x07f8 [ D76510CFA0FC09023077F22C2F979D86, 5662281C6D515423255D3C262EA368DBAFC250235E535FBFA3E59D3487695439 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:40:53.0925 0x07f8 USBSTOR - ok
10:40:53.0925 0x07f8 [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
10:40:53.0945 0x07f8 usbuhci - ok
10:40:53.0955 0x07f8 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
10:40:53.0965 0x07f8 usbvideo - ok
10:40:53.0985 0x07f8 [ 34349E7B488FA61B639117F6BF1EBF99, A7A7E60511F7D6370473D41867F5323695308CC27D3EEB0286687D3A9E0084E9 ] USER_ESRV_SVC C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
10:40:54.0005 0x07f8 USER_ESRV_SVC - ok
10:40:54.0015 0x07f8 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
10:40:54.0035 0x07f8 UxSms - ok
10:40:54.0045 0x07f8 [ 2C9732B39F81395CC9FE40F181CD3433, AEC8D7B2E8E96CEA2F7A9D01F909520FF95C1C95D34632D7D5BB7C64C22E738B ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
10:40:54.0055 0x07f8 VAIO Event Service - ok
10:40:54.0065 0x07f8 [ C994F2B3B45C9987049CA511EE1F2768, 9429D3BB66A272A27C9C3BCDA1A9EAFE7BF781BCAF49148C9D9085E8D6403489 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
10:40:54.0085 0x07f8 VAIO Power Management - ok
10:40:54.0095 0x07f8 [ 4C3FAC816925F73A34AD52F1F7C0A7EA, 7E9B4F68E2ADABA3A9324DA16CF680D77CF2812D4BD0BFCFF0173CA61260A3FE ] VaultSvc C:\Windows\system32\lsass.exe
10:40:54.0105 0x07f8 VaultSvc - ok
10:40:54.0135 0x07f8 [ 6888526AEB8DDABDE6F778FD40FC0693, 1559979A440559C1227F5CE30CC6351A3DE12E49B7222DC94A571CF61ADC9BEA ] VCFw C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
10:40:54.0175 0x07f8 VCFw - ok
10:40:54.0195 0x07f8 [ F0672B2368E859284A4C44AE2CCA4C72, D7C8CF82658FE2BC040EF842AA682AC4BF9A9D006D36490B7A09083E7F8E1E3D ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
10:40:54.0225 0x07f8 VcmIAlzMgr - ok
10:40:54.0235 0x07f8 [ CBB9F0D1017E0BED4CB5BBC0EBF26DC1, C64F9DE0A48A56EDDAB6FEB58F6EEE0A792DE5C669A2DB0776E9E374724F0AFE ] VcmINSMgr C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
10:40:54.0255 0x07f8 VcmINSMgr - ok
10:40:54.0265 0x07f8 [ C8E3BA694CC5EACEC4C01660ACE40D56, 3090D939B8A6CB67E3393EE9B6EB3375A7EC8F6E9F0A350803C0EE4E7FD3B3BF ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
10:40:54.0285 0x07f8 VcmXmlIfHelper - ok
10:40:54.0285 0x07f8 [ 0D53D30C8473EEDC1757FDA3C511103B, 54E1AE2CCD71AD446F373DD8E19382D81CA2BC9AEEE326CF5BF020AD3C5F58AB ] VCService C:\Program Files\Sony\VAIO Care\VCService.exe
10:40:54.0295 0x07f8 VCService - ok
10:40:54.0295 0x07f8 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:40:54.0305 0x07f8 vdrvroot - ok
10:40:54.0325 0x07f8 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
10:40:54.0365 0x07f8 vds - ok
10:40:54.0365 0x07f8 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:40:54.0375 0x07f8 vga - ok
10:40:54.0385 0x07f8 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
10:40:54.0415 0x07f8 VgaSave - ok
10:40:54.0425 0x07f8 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:40:54.0435 0x07f8 vhdmp - ok
10:40:54.0435 0x07f8 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
10:40:54.0445 0x07f8 viaide - ok
10:40:54.0455 0x07f8 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:40:54.0465 0x07f8 volmgr - ok
10:40:54.0485 0x07f8 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:40:54.0505 0x07f8 volmgrx - ok
10:40:54.0515 0x07f8 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:40:54.0535 0x07f8 volsnap - ok
10:40:54.0545 0x07f8 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
10:40:54.0555 0x07f8 vsmraid - ok
10:40:54.0585 0x07f8 [ 028E420B12654492D25625688055108C, 04DFBBB8170FD63E25F9C78622F1F487A9F2C3AF7A3E9C5E42C53674BF2B60E6 ] VSNService C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
10:40:54.0615 0x07f8 VSNService - ok
10:40:54.0655 0x07f8 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
10:40:54.0715 0x07f8 VSS - ok
10:40:54.0805 0x07f8 [ C1FAE2E81955DCCD79034A23EC4F3F37, 61B6477C6068B5542D3EE9C6336FBD7589F1CFFD3E850473A539619033533286 ] VUAgent C:\Program Files\Sony\VAIO Update\vuagent.exe
10:40:54.0855 0x07f8 VUAgent - ok
10:40:54.0855 0x07f8 [ E07D31EE76EE18BFCA49AD9A89782D43, 9BC789D72BAB5263AC29F0E77767588A9C499F1A91BDD3B83CC421C52E174326 ] vuhub C:\Windows\system32\DRIVERS\vuhub.sys
10:40:54.0865 0x07f8 vuhub - ok
10:40:54.0875 0x07f8 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
10:40:54.0885 0x07f8 vwifibus - ok
10:40:54.0885 0x07f8 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
10:40:54.0905 0x07f8 vwififlt - ok
10:40:54.0905 0x07f8 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
10:40:54.0925 0x07f8 vwifimp - ok
10:40:54.0935 0x07f8 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
10:40:54.0975 0x07f8 W32Time - ok
10:40:54.0975 0x07f8 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
10:40:54.0995 0x07f8 WacomPen - ok
10:40:54.0995 0x07f8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:40:55.0025 0x07f8 WANARP - ok
10:40:55.0035 0x07f8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:40:55.0065 0x07f8 Wanarpv6 - ok
10:40:55.0115 0x07f8 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
10:40:55.0185 0x07f8 wbengine - ok
10:40:55.0195 0x07f8 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:40:55.0215 0x07f8 WbioSrvc - ok
10:40:55.0225 0x07f8 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:40:55.0245 0x07f8 wcncsvc - ok
10:40:55.0255 0x07f8 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:40:55.0265 0x07f8 WcsPlugInService - ok
10:40:55.0265 0x07f8 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
10:40:55.0275 0x07f8 Wd - ok
10:40:55.0305 0x07f8 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:40:55.0335 0x07f8 Wdf01000 - ok
10:40:55.0345 0x07f8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:40:55.0385 0x07f8 WdiServiceHost - ok
10:40:55.0385 0x07f8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:40:55.0405 0x07f8 WdiSystemHost - ok
10:40:55.0415 0x07f8 [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient C:\Windows\System32\webclnt.dll
10:40:55.0445 0x07f8 WebClient - ok
10:40:55.0445 0x07f8 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:40:55.0485 0x07f8 Wecsvc - ok
10:40:55.0485 0x07f8 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:40:55.0515 0x07f8 wercplsupport - ok
10:40:55.0525 0x07f8 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
10:40:55.0555 0x07f8 WerSvc - ok
10:40:55.0555 0x07f8 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:40:55.0585 0x07f8 WfpLwf - ok
10:40:55.0595 0x07f8 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:40:55.0605 0x07f8 WIMMount - ok
10:40:55.0605 0x07f8 WinDefend - ok
10:40:55.0605 0x07f8 WinHttpAutoProxySvc - ok
10:40:55.0625 0x07f8 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:40:55.0655 0x07f8 Winmgmt - ok
10:40:55.0705 0x07f8 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
10:40:55.0775 0x07f8 WinRM - ok
10:40:55.0815 0x07f8 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
10:40:55.0855 0x07f8 Wlansvc - ok
10:40:55.0865 0x07f8 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
10:40:55.0875 0x07f8 wlcrasvc - ok
10:40:55.0955 0x07f8 [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:40:56.0015 0x07f8 wlidsvc - ok
10:40:56.0015 0x07f8 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:40:56.0025 0x07f8 WmiAcpi - ok
10:40:56.0035 0x07f8 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:40:56.0055 0x07f8 wmiApSrv - ok
10:40:56.0055 0x07f8 WMPNetworkSvc - ok
10:40:56.0065 0x07f8 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:40:56.0075 0x07f8 WPCSvc - ok
10:40:56.0085 0x07f8 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:40:56.0095 0x07f8 WPDBusEnum - ok
10:40:56.0105 0x07f8 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:40:56.0135 0x07f8 ws2ifsl - ok
10:40:56.0135 0x07f8 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
10:40:56.0155 0x07f8 wscsvc - ok
10:40:56.0155 0x07f8 WSearch - ok
10:40:56.0215 0x07f8 [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv C:\Windows\system32\wuaueng.dll
10:40:56.0285 0x07f8 wuauserv - ok
10:40:56.0295 0x07f8 [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:40:56.0325 0x07f8 WudfPf - ok
10:40:56.0335 0x07f8 [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:40:56.0365 0x07f8 WUDFRd - ok
10:40:56.0375 0x07f8 [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:40:56.0405 0x07f8 wudfsvc - ok
10:40:56.0405 0x07f8 [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll
10:40:56.0425 0x07f8 WwanSvc - ok
10:40:56.0435 0x07f8 ================ Scan global ===============================
10:40:56.0435 0x07f8 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
10:40:56.0445 0x07f8 [ EA32F4EA3AE06EDD122FBCD5A489E457, C6E464170121D1714A367CFC80C5EA15D42AD34909039FDB114EAD3B878A47F6 ] C:\Windows\system32\winsrv.dll
10:40:56.0455 0x07f8 [ EA32F4EA3AE06EDD122FBCD5A489E457, C6E464170121D1714A367CFC80C5EA15D42AD34909039FDB114EAD3B878A47F6 ] C:\Windows\system32\winsrv.dll
10:40:56.0465 0x07f8 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
10:40:56.0475 0x07f8 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
10:40:56.0485 0x07f8 [ Global ] - ok
10:40:56.0485 0x07f8 ================ Scan MBR ==================================
10:40:56.0485 0x07f8 [ B1F7D7F6E4FBE98E578562A22A94D02C ] \Device\Harddisk0\DR0
10:40:56.0645 0x07f8 \Device\Harddisk0\DR0 - ok
10:40:56.0645 0x07f8 ================ Scan VBR ==================================
10:40:56.0645 0x07f8 [ 8613B13912EC5057B52358CB4C9AFE00 ] \Device\Harddisk0\DR0\Partition1
10:40:56.0645 0x07f8 \Device\Harddisk0\DR0\Partition1 - ok
10:40:56.0655 0x07f8 [ 55615CAF883EF1034B7F47A5D7009A1D ] \Device\Harddisk0\DR0\Partition2
10:40:56.0655 0x07f8 \Device\Harddisk0\DR0\Partition2 - ok
10:40:56.0655 0x07f8 ================ Scan generic autorun ======================
10:40:56.0965 0x07f8 [ DD1B53C48C1A4F17C1FC6CEE4617B237, 7B86830FDD2131E9CA7FB68DA1920BC34D54DD7651CA2701885DC75E0FB6C671 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
10:40:57.0305 0x07f8 RtHDVCpl - ok
10:40:57.0375 0x07f8 [ 23F14DC143572911A57097D5457A8A56, 9BC1E606EAD74667214D7CB5F57F8DC79FC9F05425420E7CD761A3A46C30B337 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
10:40:57.0425 0x07f8 RtHDVBg - ok
10:40:57.0435 0x07f8 [ C31D2FEE0417586F292754C2673F64CE, 9B923C8A25755714A069FA03E501E6CD0904C57A49163E67A5A002BB3C1F3744 ] C:\Windows\system32\igfxtray.exe
10:40:57.0445 0x07f8 IgfxTray - ok
10:40:57.0465 0x07f8 [ BE26CE0AAA988B2AFD88E246868AAD90, 20E60A9779F9EA0270EBF68E69D10AF4169732037DE2EA6ED217B6F764A35FAA ] C:\Windows\system32\igfxpers.exe
10:40:57.0475 0x07f8 Persistence - ok
10:40:57.0475 0x07f8 Apoint - ok
10:40:57.0495 0x07f8 [ BB7481A1306823D1B6592263F1AB8DD7, 2D48A5DD217D81E99D134580721A1BC65EEFFB22FE9D2C03EAA3D9879F86A5D5 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
10:40:57.0515 0x07f8 AdobeAAMUpdater-1.0 - ok
10:40:57.0535 0x07f8 [ 7A4B09A0CA8425276452931CA5EC4AC5, 558CD7976859A6DCBF3AFE426F60C3DFE61341C18618D2383CE0C1AA1EA91A2E ] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
10:40:57.0555 0x07f8 ISBMgr.exe - ok
10:40:57.0555 0x07f8 [ AEB3E8A6308604C3490A36D06D6685DC, CAFAE7697261CDA6934E324FC45D893BB452F23A1196FECC6930B72FFA8A2738 ] c:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe
10:40:57.0565 0x07f8 Adobe Acrobat Speed Launcher - ok
10:40:57.0605 0x07f8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:40:57.0665 0x07f8 Sidebar - ok
10:40:57.0665 0x07f8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:40:57.0685 0x07f8 mctadmin - ok
10:40:57.0725 0x07f8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:40:57.0755 0x07f8 Sidebar - ok
10:40:57.0765 0x07f8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:40:57.0775 0x07f8 mctadmin - ok
10:40:57.0785 0x07f8 Rainlendar2 - ok
10:40:57.0795 0x07f8 [ E8405C87CD06FF5D69BC6F3B24D766D0, C82171BEDBFE593A04D09C2E20B0528AA3CEC722D6919F8A5C70C6EFFB9EFEAE ] C:\Users\Uta\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
10:40:57.0815 0x07f8 AmazonMP3DownloaderHelper - ok
10:40:57.0815 0x07f8 Skype - ok
10:40:57.0815 0x07f8 Waiting for KSN requests completion. In queue: 75
10:40:58.0815 0x07f8 Waiting for KSN requests completion. In queue: 75
10:40:59.0815 0x07f8 Waiting for KSN requests completion. In queue: 75
10:41:00.0865 0x07f8 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.10.414 ), 0x41000 ( enabled : updated )
10:41:00.0875 0x07f8 Win FW state via NFP2: enabled
10:41:03.0575 0x07f8 ============================================================
10:41:03.0575 0x07f8 Scan finished
10:41:03.0575 0x07f8 ============================================================
10:41:03.0595 0x0acc Detected object count: 0
10:41:03.0595 0x0acc Actual detected object count: 0
Vielen Dank für die Hilfe Noch ein kleiner Nachtrag.... Vielleicht ist das oben nicht ganz klar geworden... Bis jetzt ist es nur eine Vermutung, dass ein Trojaner in dem System sein könnte, weil diese Verseuchte Pdf Datei geöffnet wurde. Das installierte Avira-was auch immer Ihr von solchen Programmen haltet- ist jedenfalls noch nicht angesprungen und hat noch keinen Befall gemeldet. Ist es mit den Ergebnissen der zwei Scans nun Erledigt und das System Virenfrei? Vielen Dank |
|
08.06.2015, 10:33
| #4 |
| /// the machine /// TB-Ausbilder | Dhl Pdf Datei geöffnet...Trojaner eingefangen? sieht alles gut aus 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
08.06.2015, 16:15
| #5 |
| | Dhl Pdf Datei geöffnet...Trojaner eingefangen? Vielen Dank für die Hilfe! Tolles Forum! |
|
09.06.2015, 10:02
| #6 |
| /// the machine /// TB-Ausbilder | Dhl Pdf Datei geöffnet...Trojaner eingefangen? Gern Geschehen
__________________ --> Dhl Pdf Datei geöffnet...Trojaner eingefangen? |
|
| Themen zu Dhl Pdf Datei geöffnet...Trojaner eingefangen? |
| adware, antivir, antivirus, avira, branding, browser, cpu, defender, desktop, dhl pdf win 7, exe, firefox, firefox 38.0.5, flash player, home, homepage, mozilla, realtek, registry, rundll, scan, security, software, svchost.exe, system, udp, virus, windows |
Linear-Darstellung
