Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Dhl Pdf Datei geöffnet...Trojaner eingefangen?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 07.06.2015, 09:17   #1
Virennerven!
 
Dhl Pdf Datei geöffnet...Trojaner eingefangen? - Standard

Dhl Pdf Datei geöffnet...Trojaner eingefangen?



Hallo,
meine Frau hat eine vermeintliche DHL Pdf Datei geöffnet. Es handelte sich wirklich um eine Pdf (nicht um eine Zip oder Exe Datei)
In der Datei ist ein Link, den meine Frau nicht angeklickt hat.

Bei der Überprüfung der Datei bei Virustotal sprangen mehrere Scanner an:
F-Secure Trojan:W32/FakePDF.A 20150607
Fortinet PDF/Fakedhl.A!tr 20150607
GData PDF.Trojan-Downloader.FakeInvoice.G 20150607
Kaspersky HEUR:Exploit.PDF.Generic 20150607
McAfee Artemis!1786CAA4F048 20150607
McAfee-GW-Edition Artemis 20150606
Qihoo-360 Trojan.Generic 20150607
Sophos Troj/PDFDown-J 20150607
TrendMicro-HouseCall Suspicious_GEN.F47V0606 20150607
Die Pdf Datei hat nur 16kb...Wird von den Programmen der Link mitgescannt? Oder kann das aussreichen?

Hier nun die üblichen Logfiles:
Frst
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:06-06-2015
Ran by Uta (administrator) on UTA-VAIO on 07-06-2015 09:44:38
Running from C:\Users\Uta\Downloads
Loaded Profiles: Uta (Available Profiles: Uta)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
() C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Dropbox, Inc.) C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11490408 2010-12-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2179688 2010-12-03] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [226672 2010-12-06] (Alps Electric Co., Ltd.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [673168 2010-11-17] (Sony Corporation)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => c:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [44128 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => c:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [PMBVolumeWatcher] => c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-27] (Sony Corporation)
HKLM-x32\...\Run: [VAIO Boot Manager] => C:\Program Files (x86)\Sony\VAIO Boot Manager\StartUpProcessDelayTool.exe [734608 2010-12-08] (Sony Corporation)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2099200 2014-04-13] (Dominik Reichl)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [728312 2015-05-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2805887626-409114734-3965287795-1000\...\Run: [Rainlendar2] => C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
HKU\S-1-5-21-2805887626-409114734-3965287795-1000\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\Uta\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKU\S-1-5-21-2805887626-409114734-3965287795-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31283328 2015-04-17] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-04-22]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Uta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-04-23]
ShortcutTarget: Dropbox.lnk -> C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Uta\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Uta\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Uta\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Uta\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Uta\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Uta\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Uta\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2805887626-409114734-3965287795-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=SVEF&bmod=SVEF
HKU\S-1-5-21-2805887626-409114734-3965287795-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEF&bmod=SVEF
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2805887626-409114734-3965287795-1000 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKU\S-1-5-21-2805887626-409114734-3965287795-1000 -> {543CE9B3-4B63-48D6-9742-01314C85E0F8} URL = hxxp://de.shopping.com/?linkin_id=8056363
SearchScopes: HKU\S-1-5-21-2805887626-409114734-3965287795-1000 -> {B3CBD2B7-3DD5-4428-8721-2FFD9D1C6E97} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
SearchScopes: HKU\S-1-5-21-2805887626-409114734-3965287795-1000 -> {F8504951-796B-4913-8DBA-A1D94A3E65EB} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-16/4?mpre=hxxp://shop.ebay.de/?_nkw={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-09-23] (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-2805887626-409114734-3965287795-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 82.212.62.62 78.42.43.62

FireFox:
========
FF ProfilePath: C:\Users\Uta\AppData\Roaming\Mozilla\Firefox\Profiles\6qcpqonr.default
FF SearchEngineOrder.1: Ask.com
FF Homepage: www.google.de
FF Keyword.URL: hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=AVR-4&o=APN10261&locale=de_DE&apn_uid=4bd4fd26-a0d2-4c31-a3e8-b8d432a4fda1&apn_ptnrs=%5EAGS&apn_sauid=CF16E304-3A28-4C49-9299-53DFF0E53845&apn_dtid=%5EYYYYYY%5EYY%5EDE&&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-06] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-06] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll No File
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2805887626-409114734-3965287795-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Uta\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.)
FF Extension: Adblock Plus - C:\Users\Uta\AppData\Roaming\Mozilla\Firefox\Profiles\6qcpqonr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-23]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827640 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-05-05] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1185584 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)
S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2014-04-22] (Macrovision Europe Ltd.) [File not signed]
S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [235216 2013-10-16] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-11-02] ()
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
R2 UsbService; C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe [334848 2010-08-10] () [File not signed]
R3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [864000 2010-09-27] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [152744 2015-05-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-05-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-10] (Avira Operations GmbH & Co. KG)
R3 vuhub; C:\Windows\System32\DRIVERS\vuhub.sys [47616 2007-12-17] ()

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-07 09:44 - 2015-06-07 09:44 - 00017708 _____ C:\Users\Uta\Downloads\FRST.txt
2015-06-07 09:44 - 2015-06-07 09:44 - 00000000 ____D C:\FRST
2015-06-07 09:43 - 2015-06-07 09:43 - 02108928 _____ (Farbar) C:\Users\Uta\Downloads\FRST64.exe
2015-06-07 09:42 - 2015-06-07 09:42 - 00000468 _____ C:\Users\Uta\Downloads\defogger_disable.log
2015-06-07 09:42 - 2015-06-07 09:42 - 00000000 _____ C:\Users\Uta\defogger_reenable
2015-06-07 09:41 - 2015-06-07 09:41 - 00050477 _____ C:\Users\Uta\Downloads\Defogger.exe
2015-06-06 21:00 - 2015-06-06 21:34 - 00000000 ____D C:\Users\Uta\Desktop\Johanna
2015-06-06 14:54 - 2015-06-06 20:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-05-21 10:10 - 2015-05-21 10:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-05-17 13:47 - 2015-05-23 23:13 - 00000000 ____D C:\Users\Uta\Desktop\Fallbesprechung
2015-05-12 19:53 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 19:53 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 19:51 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-12 19:51 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-12 19:51 - 2015-04-22 04:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-12 19:51 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-12 19:51 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-12 19:51 - 2015-04-21 19:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-12 19:51 - 2015-04-21 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-12 19:51 - 2015-04-21 18:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-12 19:51 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-12 19:51 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-12 19:51 - 2015-04-21 18:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-12 19:51 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-12 19:51 - 2015-04-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-12 19:51 - 2015-04-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-12 19:51 - 2015-04-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-12 19:51 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-12 19:51 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-12 19:51 - 2015-04-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-12 19:51 - 2015-04-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-12 19:51 - 2015-04-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-12 19:51 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-12 19:51 - 2015-04-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-12 19:51 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-12 19:51 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-12 19:51 - 2015-04-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-12 19:51 - 2015-04-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-12 19:51 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-12 19:51 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-12 19:51 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-12 19:51 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-12 19:51 - 2015-04-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-12 19:51 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-12 19:51 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-12 19:51 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-12 19:51 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-12 19:51 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-12 19:51 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-12 19:51 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-12 19:51 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-12 19:51 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-12 19:51 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-12 19:51 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-12 19:51 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-12 19:51 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-12 19:51 - 2015-04-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-12 19:51 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-12 19:51 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-12 19:51 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-12 19:51 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-12 19:51 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-12 19:51 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-12 19:51 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-12 19:51 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-12 19:51 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-12 19:51 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-12 19:51 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-12 19:51 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-12 19:51 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-12 19:51 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-12 19:51 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-12 19:51 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-12 19:51 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-12 19:51 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-12 19:51 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-12 19:51 - 2015-04-04 05:29 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-12 19:51 - 2015-04-04 05:29 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-12 19:51 - 2015-04-04 05:22 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-12 19:51 - 2015-04-04 05:22 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-12 19:51 - 2015-04-04 05:22 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-12 19:51 - 2015-04-04 05:22 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-12 19:51 - 2015-04-04 05:22 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-12 19:51 - 2015-04-04 05:22 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-12 19:51 - 2015-04-04 05:22 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-12 19:51 - 2015-04-04 05:22 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-12 19:51 - 2015-04-04 05:22 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-12 19:51 - 2015-04-04 05:22 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-12 19:51 - 2015-04-04 05:20 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-12 19:51 - 2015-04-04 05:20 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-12 19:51 - 2015-04-04 05:17 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-12 19:51 - 2015-04-04 05:17 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-12 19:51 - 2015-04-04 05:15 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-12 19:51 - 2015-04-04 05:05 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-12 19:51 - 2015-04-04 05:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-12 19:51 - 2015-04-04 05:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-12 19:51 - 2015-04-04 05:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-12 19:51 - 2015-04-04 05:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-12 19:51 - 2015-04-04 05:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-12 19:51 - 2015-04-04 05:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-12 19:51 - 2015-04-04 05:04 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-12 19:51 - 2015-04-04 05:04 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-12 19:51 - 2015-04-04 05:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-12 19:51 - 2015-04-04 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-12 19:51 - 2015-04-04 04:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-12 19:50 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-12 19:50 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-12 19:50 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-12 19:50 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-12 19:50 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-12 19:50 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-12 19:50 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-12 19:50 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-12 19:50 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-12 19:50 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-07 09:45 - 2014-04-23 12:31 - 00000000 ____D C:\Users\Uta\AppData\Roaming\Skype
2015-06-07 09:42 - 2014-04-22 17:08 - 00000000 ____D C:\Users\Uta
2015-06-07 09:40 - 2009-07-14 06:45 - 00013936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-07 09:40 - 2009-07-14 06:45 - 00013936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-07 09:38 - 2014-04-22 16:43 - 00711694 _____ C:\Windows\system32\perfh007.dat
2015-06-07 09:38 - 2014-04-22 16:43 - 00152902 _____ C:\Windows\system32\perfc007.dat
2015-06-07 09:38 - 2009-07-14 07:13 - 01641600 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-07 09:37 - 2014-04-23 10:40 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-07 09:35 - 2014-04-23 17:59 - 00000000 ___RD C:\Users\Uta\Dropbox
2015-06-07 09:35 - 2014-04-23 17:57 - 00000000 ____D C:\Users\Uta\AppData\Roaming\Dropbox
2015-06-07 09:35 - 2014-04-22 15:51 - 02054440 _____ C:\Windows\WindowsUpdate.log
2015-06-07 09:32 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-07 09:32 - 2009-07-14 06:51 - 00080414 _____ C:\Windows\setupact.log
2015-06-06 20:45 - 2014-07-01 18:34 - 00000000 ____D C:\Users\Uta\AppData\Local\Adobe
2015-06-06 20:45 - 2014-04-23 10:40 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-06 20:45 - 2014-04-23 10:40 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-06 20:45 - 2014-04-23 10:40 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-06 20:43 - 2014-04-23 10:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-06 20:43 - 2014-04-22 16:40 - 00312398 _____ C:\Windows\PFRO.log
2015-06-06 14:07 - 2014-04-22 17:10 - 00003922 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{64BF49EE-7E92-4011-991B-AA1B9CED6B24}
2015-05-23 16:05 - 2015-04-14 11:10 - 00080896 ___SH C:\Users\Uta\Desktop\Thumbs.db
2015-05-22 11:05 - 2014-04-23 11:44 - 00000000 ____D C:\Users\Uta\AppData\Roaming\KeePass
2015-05-21 18:12 - 2015-01-14 15:35 - 00000000 ____D C:\Users\Uta\Desktop\Leopoldschule
2015-05-20 15:16 - 2014-04-22 16:33 - 00000000 ____D C:\ProgramData\Skype
2015-05-18 22:00 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-05-14 19:48 - 2014-04-23 10:42 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-14 19:33 - 2009-07-14 06:45 - 00328592 _____ C:\Windows\system32\FNTCACHE.DAT
2015-05-12 19:58 - 2014-04-23 11:52 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-05-12 19:58 - 2014-04-23 10:44 - 00000000 ____D C:\Windows\system32\MRT
2015-05-12 19:58 - 2011-01-13 14:21 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-12 19:55 - 2014-04-23 10:44 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-09 13:59 - 2014-04-23 17:59 - 00001011 _____ C:\Users\Uta\Desktop\Dropbox.lnk
2015-05-09 13:59 - 2014-04-23 17:57 - 00000000 ____D C:\Users\Uta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

Some files in TEMP:
====================
C:\Users\Uta\AppData\Local\Temp\avgnt.exe
C:\Users\Uta\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpyavxta.dll
C:\Users\Uta\AppData\Local\Temp\ose00000.exe
C:\Users\Uta\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-18 21:53

==================== End of log ============================
         
Addition
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version:06-06-2015
Ran by Uta at 2015-06-07 09:45:13
Running from C:\Users\Uta\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2805887626-409114734-3965287795-500 - Administrator - Disabled)
Gast (S-1-5-21-2805887626-409114734-3965287795-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2805887626-409114734-3965287795-1002 - Limited - Enabled)
Uta (S-1-5-21-2805887626-409114734-3965287795-1000 - Administrator - Enabled) => C:\Users\Uta

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Acrobat  9 Standard - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-BA7E-000000000004}{AC76BA86-1033-F400-BA7E-000000000004}) (Version: 9.5.5 - Adobe Systems)
Adobe Acrobat 9.5.5 - CPSID_83708 (HKLM-x32\...\{AC76BA86-1033-F400-BA7E-000000000004}_955) (Version:  - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.83 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.2.1.650 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (HKLM-x32\...\Adobe Photoshop Elements 9) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 9 (HKLM-x32\...\PremElem90) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - ALPS ELECTRIC CO., LTD.)
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-2805887626-409114734-3965287795-1000\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{61438020-DDD4-42FA-99A2-50225441980A}) (Version: 2.0.1.134 - ArcSoft)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}) (Version: 4.0.21.369 - ArcSoft)
ATI Catalyst Install Manager (HKLM\...\{124C73A8-5C1B-EF26-867B-5B77F9BC4D07}) (Version: 3.0.808.0 - ATI Technologies, Inc.)
Avira (HKLM-x32\...\{b5675cc4-ab8b-4945-8c1d-4c5479556d6a}) (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.10.434 - Avira Operations GmbH & Co. KG)
Canon MP Navigator EX 2.0 (HKLM-x32\...\MP Navigator EX 2.0) (Version:  - )
Canon MP630 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP630_series) (Version:  - )
ccc-core-static (x32 Version: 2011.0106.1235.22490 - Ihr Firmenname) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.3.4746 - CDBurnerXP)
Complément Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-2805887626-409114734-3965287795-1000\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
Elements 9 Organizer (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Elements STI Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{AF162E20-417F-4946-A06D-65734984957F}) (Version: 14.00.0000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KeePass Password Safe 2.26 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.26 - Dominik Reichl)
Media Gallery (Version: 1.4.0.11300 - Your Company Name) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Mozilla Thunderbird 31.7.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.7.0 (x86 de)) (Version: 31.7.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.5.00.11260 - Sony Corporation)
PMB VAIO Edition Guide (x32 Version: 1.4.00.10090 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (Version: 1.4.00.11290 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.4.00.09190 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.4.00.11300 - Sony Corporation) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.40.126.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6225 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.92 - Realtek Semiconductor Corp.)
Remote Keyboard (x32 Version: 1.1.0.12170 - Sony Corporation) Hidden
Remote Play mit PlayStation®3 (HKLM-x32\...\{07441A52-E208-478A-92B7-5C337CA8C131}) (Version: 1.0.2.06210 - Sony Corporation)
Remote Play with PlayStation 3 (x32 Version: 1.0.2.06210 - Sony Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.26.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.26.0 - Renesas Electronics Corporation) Hidden
Samsung Data Migration (HKLM-x32\...\{D4DE3DB4-7734-47E5-8D92-B80146311406}) (Version: 2.0 - Samsung)
simfy (HKLM-x32\...\Simfy) (Version: 1.7.6 - simfy AG)
simfy (x32 Version: 1.7.6 - simfy AG) Hidden
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
SmartSound Quicktracks for Premiere Elements 9.0 (HKLM-x32\...\InstallShield_{6748E773-5DA0-4D19-8AA5-273B4133A09B}) (Version: 3.12.3090 - SmartSound Software Inc)
SmartSound Quicktracks for Premiere Elements 9.0 (x32 Version: 3.12.3090 - SmartSound Software Inc) Hidden
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.31064 - TeamViewer)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VAIO - Media Gallery (HKLM-x32\...\{DD88F979-FA58-41AC-980C-A6E1A82B61D9}) (Version: 1.4.0.11300 - Sony Corporation)
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{FF1FC66F-536F-46BD-98E3-D8DA127A810E}) (Version: 1.4.00.10090 - Sony Corporation)
VAIO - PMB VAIO Edition Plug-in (HKLM-x32\...\InstallShield_{270380EB-8812-42E1-8289-53700DB840D2}) (Version: 1.4.00.11300 - Sony Corporation)
VAIO - Remote-Tastatur  (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.0.0.12170 - Sony Corporation)
VAIO Care (HKLM\...\{D9FFE40D-1A85-4541-992C-5EF505F391A4}) (Version: 8.4.2.12041 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{6ED1750E-F44F-4635-8F0D-B76B9262B7FB}) (Version: 1.1.1.13230 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.4.0.11260 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.5.0.10140 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.5.0.10140 - Sony Corporation) Hidden
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.3.0.11090 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.3.0.11220 - Sony Corporation)
VAIO Hardware Diagnostics (x32 Version: 4.1.0.10120 - Sony Corporation) Hidden
VAIO Media plus (HKLM-x32\...\{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}) (Version: 2.1.0.23300 - Sony Corporation)
VAIO Media plus (Version: 2.1.0.23300 - Your Company Name) Hidden
VAIO Media plus Opening Movie (HKLM-x32\...\{9238E8A4-BEBA-43A3-B926-769BDBF194C5}) (Version: 2.1.0.13220 - Sony Corporation)
VAIO Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.4.5.1 - Sony Corporation)
VAIO Quick Web Access (x32 Version: 1.4.5.1 - Sony Corporation) Hidden
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.4.2.09010 - Sony Corporation)
VAIO screensaver (HKLM-x32\...\VAIO screensaver) (Version: 1.0.0.0 - Sony Europe)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.4.0.12090 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.1.02280 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 1.2.0.11040 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.3.0.11250 - Sony Corporation)
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6300 - Broadcom Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
Компаньон Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2805887626-409114734-3965287795-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2805887626-409114734-3965287795-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Uta\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2805887626-409114734-3965287795-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Uta\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2805887626-409114734-3965287795-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Uta\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2805887626-409114734-3965287795-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Uta\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2805887626-409114734-3965287795-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Uta\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2805887626-409114734-3965287795-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Uta\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2805887626-409114734-3965287795-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Uta\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2805887626-409114734-3965287795-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Uta\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2805887626-409114734-3965287795-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Uta\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

==================== Restore Points =========================


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {12277ABE-B9A4-4DA9-8625-36A8AED9AC9C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {15DD0A60-781E-44A5-9331-E770DBBCD762} - System32\Tasks\SONY\SUS-BCF\Level4Month => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-12-23] (Sony Corporation)
Task: {265C36D7-E549-4DA7-A84C-53CF92F172A1} - System32\Tasks\SONY\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient
Task: {2682B844-C2B1-4E16-A699-505CA871AAA2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-06] (Adobe Systems Incorporated)
Task: {2796359A-9180-41E6-87E1-271C544B4212} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {2EE85287-71A9-4B22-9387-D69627E2787D} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-28] (Sony Corporation)
Task: {359A95CE-7D33-4DD0-8144-613F814E8520} - System32\Tasks\SONY\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-12-06] (Sony Corporation)
Task: {49093969-41D6-4DD6-82EF-D21640300F50} - System32\Tasks\SONY\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2010-11-16] (Sony Corporation)
Task: {495A45A3-B46E-4F68-A847-8FCB70D021C2} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {58162095-ECA9-4169-A015-6E39485D0FD6} - System32\Tasks\Sony Corporation\VAIO Boot Manager\VAIO Boot Manager => C:\Program Files (x86)\Sony\VAIO Boot Manager\SetProcessTask.exe [2010-12-08] (Sony Corporation)
Task: {5D4ABE60-6191-42E5-888B-304E159F701E} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {8F555F47-259F-4F1D-908F-644C10372D82} - System32\Tasks\SONY\SUS-BCF\Level4Daily => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-12-23] (Sony Corporation)
Task: {931AE619-7AC8-493F-A7DF-BD76407EE88A} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {9B904434-0AA0-4C2E-9456-15E18C7F9C0E} - System32\Tasks\SONY\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-12-06] (Sony Corporation)
Task: {A52C0D2E-1021-464D-9721-E05C7DB1FBFA} - System32\Tasks\SONY\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2010-11-16] (Sony Corporation)
Task: {ACF452F0-10A6-4555-8F97-98D13AE07139} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {AD62DC60-6FAB-4EDF-8440-C6E2634616DD} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {B7CEEA89-DC92-419D-9F48-7A19FF18CE20} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {B9C448BE-5555-4891-94C8-3CFC46A327D9} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {BC4DCBDE-E4FC-428A-A470-F55C947A37B7} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {BD7361B5-628D-49A2-83E3-616D7F7F7432} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {C5494544-9217-49B9-BBA1-41E8EB790485} - System32\Tasks\SONY\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-12-06] (Sony Corporation)
Task: {CCB52ECD-F2FD-4D50-895C-46E66423F086} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {E4D1426E-AEE0-49C1-B4A9-DF4FEDE05CF0} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {E90DDD03-F668-4009-A79A-9121A040E69F} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-12-03] (Sony Corporation)
Task: {FE30BF2F-20E5-484C-98BD-8A46A1A74B6A} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-03-01] (Sony Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2010-11-02 12:58 - 2010-11-02 12:58 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2014-04-24 10:48 - 2010-08-10 21:37 - 00334848 _____ () C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe
2011-01-14 10:20 - 2011-01-14 09:03 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-11-02 12:58 - 2010-11-02 12:58 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2011-01-06 12:33 - 2011-01-06 12:33 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-12-10 10:25 - 2010-12-10 10:25 - 00016384 ____R () c:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2014-04-22 16:05 - 2010-12-23 16:24 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2014-10-25 22:08 - 2014-10-25 22:08 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\93182e9779b8be0f688fd0784df6d7fb\IsdiInterop.ni.dll
2014-04-22 15:57 - 2010-11-05 23:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2015-06-07 09:34 - 2015-06-07 09:34 - 00043008 _____ () c:\users\uta\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpyavxta.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00750080 _____ () C:\Users\Uta\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00047616 _____ () C:\Users\Uta\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00865280 _____ () C:\Users\Uta\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00200704 _____ () C:\Users\Uta\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2014-05-06 20:53 - 2009-02-27 16:39 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.deu

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2805887626-409114734-3965287795-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Uta\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 82.212.62.62 - 78.42.43.62

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{872D254D-A427-4C54-8630-5D2B68FC76E5}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{3222E02B-3170-437B-9F33-A748549AE0BF}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{2FF28E8F-DE03-4629-98D1-24469F94D1EF}] => (Allow) LPort=2869
FirewallRules: [{56221D30-0850-4A53-849D-457CE7158417}] => (Allow) LPort=1900
FirewallRules: [{32719D3E-B634-4861-81FA-CD6DF7325311}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{FF2AD911-5EE8-42F1-9292-5ED740444475}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{022CC415-9614-4762-9085-E600077ED054}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3E2C23D0-9B55-46B5-AE0E-5481B06B87C9}] => (Allow) C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{7BC94A96-FC44-4135-96DD-D1A1531A2343}] => (Allow) C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{C25EB72D-EF00-477E-8352-C27D06CEE639}] => (Allow) C:\Users\Uta\AppData\Local\Temp\pftF3D5.tmp\Printer.exe
FirewallRules: [{7AE10207-CECE-453C-ACA8-3A885B51B96E}] => (Allow) C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe
FirewallRules: [{F0D892B3-3148-4E29-8A49-FA85BC6C0FA4}] => (Allow) C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe
FirewallRules: [{3E48E3FC-39B2-4567-B65D-735779ABB9F2}] => (Allow) C:\Users\Uta\AppData\Local\Temp\pftF3D5.tmp\Printer.exe
FirewallRules: [{722D4657-8400-4749-BA69-AE9D644E434B}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{F493B5A0-15BD-43EC-8445-A5E66FF6CF6E}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{D7D671E0-A186-4FED-8B85-4E3D24F021A2}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{B7459C2B-F319-494B-8087-62CFBF56AF61}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [TCP Query User{9CC46F07-90E4-4144-A0E0-E6A640870CBB}C:\users\uta\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\uta\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{4FFD815D-00B7-4214-9C8F-BD46DFDF0A01}C:\users\uta\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\uta\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{DF429550-F10B-41C7-811A-11C5FA12C936}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AFEAE417-4CEA-4867-89B2-CDD9D3BAB546}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{84F1F09A-B73A-467B-80B0-5B452EB92A72}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe
FirewallRules: [{123BC9EA-5752-4E08-B6BB-C8F2FA533041}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
FirewallRules: [{EE055C44-5909-4C4E-A937-3EB33647327E}] => (Allow) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
FirewallRules: [{AA86529B-4BB6-4CE1-8E90-A5C1EB0D68BD}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOShell.exe
FirewallRules: [TCP Query User{71C4528B-DF17-4972-BCC9-7E93619C31BE}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{9367E812-C11F-4049-B8AB-A08B008F69F5}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/07/2015 09:29:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VCAgent.exe, Version: 8.4.2.12030, Zeitstempel: 0x5476d099
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000007ff00159a94
ID des fehlerhaften Prozesses: 0x818
Startzeit der fehlerhaften Anwendung: 0xVCAgent.exe0
Pfad der fehlerhaften Anwendung: VCAgent.exe1
Pfad des fehlerhaften Moduls: VCAgent.exe2
Berichtskennung: VCAgent.exe3

Error: (06/07/2015 09:29:32 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: VCAgent.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
Stapel:
   bei VCAgent.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   bei System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   bei System.Windows.Threading.Dispatcher.WrappedInvoke(System.Delegate, System.Object, Int32, System.Delegate)
   bei System.Windows.Threading.Dispatcher.InvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
   bei System.Windows.Threading.Dispatcher.GetMessage(System.Windows.Interop.MSG ByRef, IntPtr, Int32, Int32)
   bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   bei System.Windows.Application.RunInternal(System.Windows.Window)
   bei System.Windows.Application.Run()
   bei VCAgent.App.Main()

Error: (06/06/2015 09:35:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VCAgent.exe, Version: 8.4.2.12030, Zeitstempel: 0x5476d099
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000007ff00159624
ID des fehlerhaften Prozesses: 0x1978
Startzeit der fehlerhaften Anwendung: 0xVCAgent.exe0
Pfad der fehlerhaften Anwendung: VCAgent.exe1
Pfad des fehlerhaften Moduls: VCAgent.exe2
Berichtskennung: VCAgent.exe3

Error: (06/06/2015 09:35:28 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: VCAgent.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
Stapel:
   bei VCAgent.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   bei System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   bei System.Windows.Threading.Dispatcher.WrappedInvoke(System.Delegate, System.Object, Int32, System.Delegate)
   bei System.Windows.Threading.Dispatcher.InvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
   bei System.Windows.Threading.Dispatcher.GetMessage(System.Windows.Interop.MSG ByRef, IntPtr, Int32, Int32)
   bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   bei System.Windows.Application.RunInternal(System.Windows.Window)
   bei System.Windows.Application.Run()
   bei VCAgent.App.Main()

Error: (06/06/2015 03:24:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VCAgent.exe, Version: 8.4.2.12030, Zeitstempel: 0x5476d099
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000007ff00169d44
ID des fehlerhaften Prozesses: 0xbdc
Startzeit der fehlerhaften Anwendung: 0xVCAgent.exe0
Pfad der fehlerhaften Anwendung: VCAgent.exe1
Pfad des fehlerhaften Moduls: VCAgent.exe2
Berichtskennung: VCAgent.exe3

Error: (06/06/2015 03:24:32 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: VCAgent.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
Stapel:
   bei VCAgent.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   bei System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   bei System.Windows.Threading.Dispatcher.WrappedInvoke(System.Delegate, System.Object, Int32, System.Delegate)
   bei System.Windows.Threading.Dispatcher.InvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
   bei System.Windows.Threading.Dispatcher.GetMessage(System.Windows.Interop.MSG ByRef, IntPtr, Int32, Int32)
   bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   bei System.Windows.Application.RunInternal(System.Windows.Window)
   bei System.Windows.Application.Run()
   bei VCAgent.App.Main()

Error: (05/23/2015 11:13:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VCAgent.exe, Version: 8.4.2.12030, Zeitstempel: 0x5476d099
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000007ff00169f54
ID des fehlerhaften Prozesses: 0x964
Startzeit der fehlerhaften Anwendung: 0xVCAgent.exe0
Pfad der fehlerhaften Anwendung: VCAgent.exe1
Pfad des fehlerhaften Moduls: VCAgent.exe2
Berichtskennung: VCAgent.exe3

Error: (05/23/2015 11:13:30 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: VCAgent.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
Stapel:
   bei VCAgent.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   bei System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   bei System.Windows.Threading.Dispatcher.WrappedInvoke(System.Delegate, System.Object, Int32, System.Delegate)
   bei System.Windows.Threading.Dispatcher.InvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
   bei System.Windows.Threading.Dispatcher.GetMessage(System.Windows.Interop.MSG ByRef, IntPtr, Int32, Int32)
   bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   bei System.Windows.Application.RunInternal(System.Windows.Window)
   bei System.Windows.Application.Run()
   bei VCAgent.App.Main()

Error: (05/23/2015 04:08:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VCAgent.exe, Version: 8.4.2.12030, Zeitstempel: 0x5476d099
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000007ff00149624
ID des fehlerhaften Prozesses: 0x154c
Startzeit der fehlerhaften Anwendung: 0xVCAgent.exe0
Pfad der fehlerhaften Anwendung: VCAgent.exe1
Pfad des fehlerhaften Moduls: VCAgent.exe2
Berichtskennung: VCAgent.exe3

Error: (05/23/2015 04:08:46 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: VCAgent.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
Stapel:
   bei VCAgent.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   bei System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   bei System.Windows.Threading.Dispatcher.WrappedInvoke(System.Delegate, System.Object, Int32, System.Delegate)
   bei System.Windows.Threading.Dispatcher.InvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
   bei System.Windows.Threading.Dispatcher.GetMessage(System.Windows.Interop.MSG ByRef, IntPtr, Int32, Int32)
   bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   bei System.Windows.Application.RunInternal(System.Windows.Window)
   bei System.Windows.Application.Run()
   bei VCAgent.App.Main()


System errors:
=============
Error: (06/07/2015 09:34:27 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Energy Server Service" wurde mit folgendem Fehler beendet: 
%%268439612

Error: (06/07/2015 09:32:25 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom
PxHlpa64

Error: (06/07/2015 09:13:59 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Energy Server Service" wurde mit folgendem Fehler beendet: 
%%268439612

Error: (06/07/2015 09:11:57 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom
PxHlpa64

Error: (06/06/2015 08:45:31 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Energy Server Service" wurde mit folgendem Fehler beendet: 
%%268439612

Error: (06/06/2015 08:43:30 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom
PxHlpa64

Error: (06/06/2015 02:06:44 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Energy Server Service" wurde mit folgendem Fehler beendet: 
%%268439612

Error: (05/23/2015 09:24:56 PM) (Source: NetBT) (EventID: 4319) (User: )
Description: Ein doppelter Name wurde im TCP-Netzwerk entdeckt. Die IP-Adresse des Computers,
der die Meldung gesendet hat, steht in den Daten. Verwenden Sie NBTSTAT -n an
der Eingabeaufforderung, um den doppelten Namen zu bestimmen.

Error: (05/23/2015 09:12:56 PM) (Source: NetBT) (EventID: 4319) (User: )
Description: Ein doppelter Name wurde im TCP-Netzwerk entdeckt. Die IP-Adresse des Computers,
der die Meldung gesendet hat, steht in den Daten. Verwenden Sie NBTSTAT -n an
der Eingabeaufforderung, um den doppelten Namen zu bestimmen.

Error: (05/23/2015 09:00:56 PM) (Source: NetBT) (EventID: 4319) (User: )
Description: Ein doppelter Name wurde im TCP-Netzwerk entdeckt. Die IP-Adresse des Computers,
der die Meldung gesendet hat, steht in den Daten. Verwenden Sie NBTSTAT -n an
der Eingabeaufforderung, um den doppelten Namen zu bestimmen.


Microsoft Office:
=========================

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 49%
Total physical RAM: 4011.86 MB
Available physical RAM: 2034.78 MB
Total Pagefile: 8021.91 MB
Available Pagefile: 5506.68 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.76 GB) (Free:311.81 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 1E71EE11)
Partition 1: (Active) - (Size=400 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of log ============================
         
gmer
Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-06-07 09:57:05
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Samsung_ rev.EXT0 465,76GB
Running: Gmer-19357.exe; Driver: C:\Users\Uta\AppData\Local\Temp\pwldapow.sys


---- User code sections - GMER 2.1 ----

.text    C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1912] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExW + 17                                                                                                                                0000000077201401 2 bytes JMP 7586b1ef C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1912] C:\Windows\syswow64\psapi.dll!EnumProcessModules + 17                                                                                                                                  0000000077201419 2 bytes JMP 7586b31a C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1912] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 17                                                                                                                                0000000077201431 2 bytes JMP 758e8f09 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1912] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 42                                                                                                                                000000007720144a 2 bytes CALL 75844885 C:\Windows\syswow64\kernel32.dll
.text    ...                                                                                                                                                                                                                                                   * 9
.text    C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1912] C:\Windows\syswow64\psapi.dll!EnumDeviceDrivers + 17                                                                                                                                   00000000772014dd 2 bytes JMP 758e8802 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1912] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameA + 17                                                                                                                            00000000772014f5 2 bytes JMP 758e89d8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1912] C:\Windows\syswow64\psapi.dll!QueryWorkingSetEx + 17                                                                                                                                   000000007720150d 2 bytes JMP 758e86f8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1912] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameW + 17                                                                                                                            0000000077201525 2 bytes JMP 758e8ac2 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1912] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameW + 17                                                                                                                                  000000007720153d 2 bytes JMP 7585fc78 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1912] C:\Windows\syswow64\psapi.dll!EnumProcesses + 17                                                                                                                                       0000000077201555 2 bytes JMP 758668bf C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1912] C:\Windows\syswow64\psapi.dll!GetProcessMemoryInfo + 17                                                                                                                                000000007720156d 2 bytes JMP 758e8fc1 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1912] C:\Windows\syswow64\psapi.dll!GetPerformanceInfo + 17                                                                                                                                  0000000077201585 2 bytes JMP 758e8b22 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1912] C:\Windows\syswow64\psapi.dll!QueryWorkingSet + 17                                                                                                                                     000000007720159d 2 bytes JMP 758e86bc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1912] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameA + 17                                                                                                                                  00000000772015b5 2 bytes JMP 7585fd11 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1912] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExA + 17                                                                                                                                00000000772015cd 2 bytes JMP 7586b2b0 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1912] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 20                                                                                                                            00000000772016b2 2 bytes JMP 758e8e84 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1912] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 31                                                                                                                            00000000772016bd 2 bytes JMP 758e8651 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2304] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                                                                            0000000077201401 2 bytes JMP 7586b1ef C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2304] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                                                                              0000000077201419 2 bytes JMP 7586b31a C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2304] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                                                                            0000000077201431 2 bytes JMP 758e8f09 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2304] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                                                                            000000007720144a 2 bytes CALL 75844885 C:\Windows\syswow64\kernel32.dll
.text    ...                                                                                                                                                                                                                                                   * 9
.text    C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2304] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                                                                               00000000772014dd 2 bytes JMP 758e8802 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2304] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                                                                        00000000772014f5 2 bytes JMP 758e89d8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2304] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                                                                               000000007720150d 2 bytes JMP 758e86f8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2304] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                                                                        0000000077201525 2 bytes JMP 758e8ac2 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2304] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                                                                              000000007720153d 2 bytes JMP 7585fc78 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2304] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                                                                                   0000000077201555 2 bytes JMP 758668bf C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2304] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                                                                            000000007720156d 2 bytes JMP 758e8fc1 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2304] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                                                                              0000000077201585 2 bytes JMP 758e8b22 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2304] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                                                                                 000000007720159d 2 bytes JMP 758e86bc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2304] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                                                                              00000000772015b5 2 bytes JMP 7585fd11 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2304] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                                                                            00000000772015cd 2 bytes JMP 7586b2b0 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2304] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                                                                        00000000772016b2 2 bytes JMP 758e8e84 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2304] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                                                                        00000000772016bd 2 bytes JMP 758e8651 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Skype\Phone\Skype.exe[3572] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                                                                                            0000000077201401 2 bytes JMP 7586b1ef C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Skype\Phone\Skype.exe[3572] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                                                                                              0000000077201419 2 bytes JMP 7586b31a C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Skype\Phone\Skype.exe[3572] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                                                                                            0000000077201431 2 bytes JMP 758e8f09 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Skype\Phone\Skype.exe[3572] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                                                                                            000000007720144a 2 bytes CALL 75844885 C:\Windows\syswow64\kernel32.dll
.text    ...                                                                                                                                                                                                                                                   * 9
.text    C:\Program Files (x86)\Skype\Phone\Skype.exe[3572] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                                                                                               00000000772014dd 2 bytes JMP 758e8802 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Skype\Phone\Skype.exe[3572] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                                                                                        00000000772014f5 2 bytes JMP 758e89d8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Skype\Phone\Skype.exe[3572] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                                                                                               000000007720150d 2 bytes JMP 758e86f8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Skype\Phone\Skype.exe[3572] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                                                                                        0000000077201525 2 bytes JMP 758e8ac2 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Skype\Phone\Skype.exe[3572] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                                                                                              000000007720153d 2 bytes JMP 7585fc78 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Skype\Phone\Skype.exe[3572] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                                                                                                   0000000077201555 2 bytes JMP 758668bf C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Skype\Phone\Skype.exe[3572] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                                                                                            000000007720156d 2 bytes JMP 758e8fc1 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Skype\Phone\Skype.exe[3572] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                                                                                              0000000077201585 2 bytes JMP 758e8b22 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Skype\Phone\Skype.exe[3572] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                                                                                                 000000007720159d 2 bytes JMP 758e86bc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Skype\Phone\Skype.exe[3572] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                                                                                              00000000772015b5 2 bytes JMP 7585fd11 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Skype\Phone\Skype.exe[3572] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                                                                                            00000000772015cd 2 bytes JMP 7586b2b0 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Skype\Phone\Skype.exe[3572] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                                                                                        00000000772016b2 2 bytes JMP 758e8e84 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Skype\Phone\Skype.exe[3572] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                                                                                        00000000772016bd 2 bytes JMP 758e8651 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Skype\Phone\Skype.exe[3572] C:\Windows\SysWOW64\ksuser.dll!KsCreatePin + 35                                                                                                                                                    0000000073ec11a8 2 bytes [EC, 73]
.text    C:\Program Files (x86)\Skype\Phone\Skype.exe[3572] C:\Windows\SysWOW64\ksuser.dll!KsCreatePin + 248                                                                                                                                                   0000000073ec127d 2 bytes CALL 758414b9 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Skype\Phone\Skype.exe[3572] C:\Windows\SysWOW64\ksuser.dll!KsCreatePin + 395                                                                                                                                                   0000000073ec1310 2 bytes CALL 758414b9 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Skype\Phone\Skype.exe[3572] C:\Windows\SysWOW64\ksuser.dll!KsCreateAllocator + 21                                                                                                                                              0000000073ec13a8 2 bytes [EC, 73]
.text    C:\Program Files (x86)\Skype\Phone\Skype.exe[3572] C:\Windows\SysWOW64\ksuser.dll!KsCreateClock + 21                                                                                                                                                  0000000073ec1422 2 bytes [EC, 73]
.text    C:\Program Files (x86)\Skype\Phone\Skype.exe[3572] C:\Windows\SysWOW64\ksuser.dll!KsCreateTopologyNode + 19                                                                                                                                           0000000073ec1498 2 bytes [EC, 73]
.text    C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe[2460] C:\Windows\syswow64\Psapi.dll!GetModuleFileNameExW + 17                                                                                                                                    0000000077201401 2 bytes JMP 7586b1ef C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe[2460] C:\Windows\syswow64\Psapi.dll!EnumProcessModules + 17                                                                                                                                      0000000077201419 2 bytes JMP 7586b31a C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe[2460] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 17                                                                                                                                    0000000077201431 2 bytes JMP 758e8f09 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe[2460] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 42                                                                                                                                    000000007720144a 2 bytes CALL 75844885 C:\Windows\syswow64\kernel32.dll
.text    ...                                                                                                                                                                                                                                                   * 9
.text    C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe[2460] C:\Windows\syswow64\Psapi.dll!EnumDeviceDrivers + 17                                                                                                                                       00000000772014dd 2 bytes JMP 758e8802 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe[2460] C:\Windows\syswow64\Psapi.dll!GetDeviceDriverBaseNameA + 17                                                                                                                                00000000772014f5 2 bytes JMP 758e89d8 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe[2460] C:\Windows\syswow64\Psapi.dll!QueryWorkingSetEx + 17                                                                                                                                       000000007720150d 2 bytes JMP 758e86f8 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe[2460] C:\Windows\syswow64\Psapi.dll!GetDeviceDriverBaseNameW + 17                                                                                                                                0000000077201525 2 bytes JMP 758e8ac2 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe[2460] C:\Windows\syswow64\Psapi.dll!GetModuleBaseNameW + 17                                                                                                                                      000000007720153d 2 bytes JMP 7585fc78 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe[2460] C:\Windows\syswow64\Psapi.dll!EnumProcesses + 17                                                                                                                                           0000000077201555 2 bytes JMP 758668bf C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe[2460] C:\Windows\syswow64\Psapi.dll!GetProcessMemoryInfo + 17                                                                                                                                    000000007720156d 2 bytes JMP 758e8fc1 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe[2460] C:\Windows\syswow64\Psapi.dll!GetPerformanceInfo + 17                                                                                                                                      0000000077201585 2 bytes JMP 758e8b22 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe[2460] C:\Windows\syswow64\Psapi.dll!QueryWorkingSet + 17                                                                                                                                         000000007720159d 2 bytes JMP 758e86bc C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe[2460] C:\Windows\syswow64\Psapi.dll!GetModuleBaseNameA + 17                                                                                                                                      00000000772015b5 2 bytes JMP 7585fd11 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe[2460] C:\Windows\syswow64\Psapi.dll!GetModuleFileNameExA + 17                                                                                                                                    00000000772015cd 2 bytes JMP 7586b2b0 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe[2460] C:\Windows\syswow64\Psapi.dll!GetProcessImageFileNameW + 20                                                                                                                                00000000772016b2 2 bytes JMP 758e8e84 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe[2460] C:\Windows\syswow64\Psapi.dll!GetProcessImageFileNameW + 31                                                                                                                                00000000772016bd 2 bytes JMP 758e8651 C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\RunDll32.exe[3860] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                                                                                                        0000000077201401 2 bytes JMP 7586b1ef C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\RunDll32.exe[3860] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                                                                                                          0000000077201419 2 bytes JMP 7586b31a C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\RunDll32.exe[3860] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                                                                                                        0000000077201431 2 bytes JMP 758e8f09 C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\RunDll32.exe[3860] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                                                                                                        000000007720144a 2 bytes CALL 75844885 C:\Windows\syswow64\kernel32.dll
.text    ...                                                                                                                                                                                                                                                   * 9
.text    C:\Windows\SysWOW64\RunDll32.exe[3860] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                                                                                                           00000000772014dd 2 bytes JMP 758e8802 C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\RunDll32.exe[3860] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                                                                                                    00000000772014f5 2 bytes JMP 758e89d8 C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\RunDll32.exe[3860] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                                                                                                           000000007720150d 2 bytes JMP 758e86f8 C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\RunDll32.exe[3860] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                                                                                                    0000000077201525 2 bytes JMP 758e8ac2 C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\RunDll32.exe[3860] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                                                                                                          000000007720153d 2 bytes JMP 7585fc78 C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\RunDll32.exe[3860] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                                                                                                               0000000077201555 2 bytes JMP 758668bf C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\RunDll32.exe[3860] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                                                                                                        000000007720156d 2 bytes JMP 758e8fc1 C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\RunDll32.exe[3860] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                                                                                                          0000000077201585 2 bytes JMP 758e8b22 C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\RunDll32.exe[3860] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                                                                                                             000000007720159d 2 bytes JMP 758e86bc C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\RunDll32.exe[3860] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                                                                                                          00000000772015b5 2 bytes JMP 7585fd11 C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\RunDll32.exe[3860] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                                                                                                        00000000772015cd 2 bytes JMP 7586b2b0 C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\RunDll32.exe[3860] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                                                                                                    00000000772016b2 2 bytes JMP 758e8e84 C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\RunDll32.exe[3860] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                                                                                                    00000000772016bd 2 bytes JMP 758e8651 C:\Windows\syswow64\kernel32.dll
---- Processes - GMER 2.1 ----

Library  c:\users\uta\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpyavxta.dll (*** suspicious ***) @ C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe [2460](2015-06-07 07:34:37)                                       0000000004ed0000
Library  C:\Users\Uta\AppData\Roaming\Dropbox\bin\Qt5Core.dll (*** suspicious ***) @ C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe [2460] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:24)           0000000063a80000
Library  C:\Users\Uta\AppData\Roaming\Dropbox\bin\icuin52.dll (*** suspicious ***) @ C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe [2460] (ICU I18N DLL/The ICU Project)(2015-03-04 21:45:30)                                                           000000004a900000
Library  C:\Users\Uta\AppData\Roaming\Dropbox\bin\icuuc52.dll (*** suspicious ***) @ C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe [2460] (ICU Common DLL/The ICU Project)(2015-03-04 21:45:30)                                                         0000000005e60000
Library  C:\Users\Uta\AppData\Roaming\Dropbox\bin\icudt52.dll (*** suspicious ***) @ C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe [2460] (ICU Data DLL/The ICU Project)(2015-03-04 21:45:30)                                                           000000004ad00000
Library  C:\Users\Uta\AppData\Roaming\Dropbox\bin\Qt5Widgets.dll (*** suspicious ***) @ C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe [2460] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:28)        0000000063660000
Library  C:\Users\Uta\AppData\Roaming\Dropbox\bin\Qt5Gui.dll (*** suspicious ***) @ C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe [2460] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)            0000000063370000
Library  C:\Users\Uta\AppData\Roaming\Dropbox\bin\libGLESv2.dll (*** suspicious ***) @ C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe [2460](2015-03-04 21:45:30)                                                                                        00000000632b0000
Library  C:\Users\Uta\AppData\Roaming\Dropbox\bin\Qt5Network.dll (*** suspicious ***) @ C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe [2460] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)        00000000625e0000
Library  C:\Users\Uta\AppData\Roaming\Dropbox\bin\Qt5WebKit.dll (*** suspicious ***) @ C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe [2460] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)         00000000604c0000
Library  C:\Users\Uta\AppData\Roaming\Dropbox\bin\Qt5Quick.dll (*** suspicious ***) @ C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe [2460] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)          00000000602a0000
Library  C:\Users\Uta\AppData\Roaming\Dropbox\bin\Qt5Qml.dll (*** suspicious ***) @ C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe [2460] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)            000000005fe80000
Library  C:\Users\Uta\AppData\Roaming\Dropbox\bin\Qt5Sql.dll (*** suspicious ***) @ C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe [2460] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)            0000000064d90000
Library  C:\Users\Uta\AppData\Roaming\Dropbox\bin\libEGL.dll (*** suspicious ***) @ C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe [2460](2015-03-04 21:45:30)                                                                                           0000000074e10000
Library  C:\Users\Uta\AppData\Roaming\Dropbox\bin\Qt5WebKitWidgets.dll (*** suspicious ***) @ C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe [2460] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:28)  00000000646b0000
Library  C:\Users\Uta\AppData\Roaming\Dropbox\bin\Qt5OpenGL.dll (*** suspicious ***) @ C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe [2460] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)         000000005fa90000
Library  C:\Users\Uta\AppData\Roaming\Dropbox\bin\Qt5PrintSupport.dll (*** suspicious ***) @ C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe [2460] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)   000000005fa40000
Library  C:\Users\Uta\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll (*** suspicious ***) @ C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe [2460](2015-03-04 21:45:30)                                                                       000000005f960000
Library  C:\Users\Uta\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll (*** suspicious ***) @ C:\Users\Uta\AppData\Roaming\Dropbox\bin\Dropbox.exe [2460](2015-03-04 21:45:30)                                                                       000000005ea90000

---- Registry - GMER 2.1 ----

Reg      HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\90004ef3252f                                                                                                                                                                           
Reg      HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\90004ef3252f (not active ControlSet)                                                                                                                                                       

---- EOF - GMER 2.1 ----
         

Vielen Dank für Eure Hilfe und Euer tolles Forum!

Alt 07.06.2015, 09:19   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Dhl Pdf Datei geöffnet...Trojaner eingefangen? - Standard

Dhl Pdf Datei geöffnet...Trojaner eingefangen?



hi,


Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________

__________________

Alt 07.06.2015, 19:20   #3
Virennerven!
 
Dhl Pdf Datei geöffnet...Trojaner eingefangen? - Standard

Dhl Pdf Datei geöffnet...Trojaner eingefangen?



Vielen Dank für die schnelle Reaktion!
Wird gemacht!

Hallo Schrauber,
hier nun die Ergebnisse (Beide Programme haben keinen Fund gemeldet)
Logfile
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.06.07.01
  rootkit: v2015.06.02.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17801
Uta :: UTA-VAIO [administrator]

07.06.2015 10:26:28
mbar-log-2015-06-07 (10-26-28).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 359465
Time elapsed: 8 minute(s), 16 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
Code:
ATTFilter
10:38:16.0408 0x0e74  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
10:38:20.0838 0x0e74  ============================================================
10:38:20.0838 0x0e74  Current date / time: 2015/06/07 10:38:20.0838
10:38:20.0838 0x0e74  SystemInfo:
10:38:20.0838 0x0e74  
10:38:20.0838 0x0e74  OS Version: 6.1.7601 ServicePack: 1.0
10:38:20.0838 0x0e74  Product type: Workstation
10:38:20.0838 0x0e74  ComputerName: UTA-VAIO
10:38:20.0838 0x0e74  UserName: Uta
10:38:20.0838 0x0e74  Windows directory: C:\Windows
10:38:20.0838 0x0e74  System windows directory: C:\Windows
10:38:20.0838 0x0e74  Running under WOW64
10:38:20.0838 0x0e74  Processor architecture: Intel x64
10:38:20.0838 0x0e74  Number of processors: 4
10:38:20.0838 0x0e74  Page size: 0x1000
10:38:20.0838 0x0e74  Boot type: Normal boot
10:38:20.0838 0x0e74  ============================================================
10:38:20.0988 0x0e74  KLMD registered as C:\Windows\system32\drivers\32027564.sys
10:38:21.0038 0x0e74  System UUID: {B749F31D-C523-34C3-A75C-97B7FC7F907F}
10:38:21.0348 0x0e74  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:38:21.0348 0x0e74  ============================================================
10:38:21.0348 0x0e74  \Device\Harddisk0\DR0:
10:38:21.0348 0x0e74  MBR partitions:
10:38:21.0348 0x0e74  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xC8000
10:38:21.0348 0x0e74  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC8800, BlocksNum 0x3A384800
10:38:21.0348 0x0e74  ============================================================
10:38:21.0348 0x0e74  C: <-> \Device\Harddisk0\DR0\Partition2
10:38:21.0348 0x0e74  ============================================================
10:38:21.0348 0x0e74  Initialize success
10:38:21.0348 0x0e74  ============================================================
10:40:05.0110 0x07f8  ============================================================
10:40:05.0110 0x07f8  Scan started
10:40:05.0120 0x07f8  Mode: Manual; SigCheck; TDLFS; 
10:40:05.0120 0x07f8  ============================================================
10:40:05.0120 0x07f8  KSN ping started
10:40:30.0875 0x07f8  KSN ping finished: true
10:40:31.0025 0x07f8  ================ Scan system memory ========================
10:40:31.0025 0x07f8  System memory - ok
10:40:31.0025 0x07f8  ================ Scan services =============================
10:40:31.0065 0x07f8  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
10:40:31.0135 0x07f8  1394ohci - ok
10:40:31.0155 0x07f8  [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon        C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
10:40:31.0185 0x07f8  ACDaemon - ok
10:40:31.0195 0x07f8  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
10:40:31.0215 0x07f8  ACPI - ok
10:40:31.0215 0x07f8  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
10:40:31.0245 0x07f8  AcpiPmi - ok
10:40:31.0255 0x07f8  [ 1474F121C3DF1232D3E7239C03691EE6, 26D0F55010CB7C51269D94ECB5C5AA94802607685B9E9791A78B643C6227214F ] AdobeActiveFileMonitor9.0 c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
10:40:31.0265 0x07f8  AdobeActiveFileMonitor9.0 - ok
10:40:31.0265 0x07f8  [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:40:31.0275 0x07f8  AdobeARMservice - ok
10:40:31.0295 0x07f8  [ 00CC35F515079F5F94FABC3AC5C7D363, 7CE8B1715009602059DEDD6CBCA9C18EF079EDA344E7809813D6C0A395622B82 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:40:31.0305 0x07f8  AdobeFlashPlayerUpdateSvc - ok
10:40:31.0325 0x07f8  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
10:40:31.0345 0x07f8  adp94xx - ok
10:40:31.0365 0x07f8  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
10:40:31.0385 0x07f8  adpahci - ok
10:40:31.0395 0x07f8  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
10:40:31.0405 0x07f8  adpu320 - ok
10:40:31.0415 0x07f8  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
10:40:31.0525 0x07f8  AeLookupSvc - ok
10:40:31.0545 0x07f8  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
10:40:31.0565 0x07f8  AFD - ok
10:40:31.0575 0x07f8  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
10:40:31.0585 0x07f8  agp440 - ok
10:40:31.0585 0x07f8  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
10:40:31.0605 0x07f8  ALG - ok
10:40:31.0615 0x07f8  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
10:40:31.0615 0x07f8  aliide - ok
10:40:31.0625 0x07f8  [ 27886774FF03FCA3A6C1A7E7E15E771B, DA3665D403D4F0461135479EDF79E78A05258784AF377C95340EBF5227DE4FB6 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
10:40:31.0685 0x07f8  AMD External Events Utility - ok
10:40:31.0695 0x07f8  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
10:40:31.0705 0x07f8  amdide - ok
10:40:31.0705 0x07f8  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
10:40:31.0715 0x07f8  AmdK8 - ok
10:40:32.0025 0x07f8  [ D39BB7315C0F5FDF8258BDBFC4268AF0, A1FB0D1C9534290E6CFD62DF3ADCD95412560DF16D1BB86AE0BD7FC768D7334D ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
10:40:32.0345 0x07f8  amdkmdag - ok
10:40:32.0365 0x07f8  [ 4AEDBEDB288E6A32FD48F2768D59826D, B1ABB708C8AF7155CF724343D75C96EF035ABB1B0C62283A19E44AF7C9DA747F ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
10:40:32.0395 0x07f8  amdkmdap - ok
10:40:32.0395 0x07f8  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
10:40:32.0415 0x07f8  AmdPPM - ok
10:40:32.0415 0x07f8  [ 6EC6D772EAE38DC17C14AED9B178D24B, B4FB936B31B1265B8CC6B426C64965C34D0CCF1638E645ACD65E88F4AFFC57A6 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
10:40:32.0435 0x07f8  amdsata - ok
10:40:32.0445 0x07f8  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
10:40:32.0455 0x07f8  amdsbs - ok
10:40:32.0465 0x07f8  [ 1142A21DB581A84EA5597B03A26EBAA0, F94EB140D0CD068760D7EB081FF75154C75DAC75E5E24B6DE4E4F9CE65A70343 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
10:40:32.0465 0x07f8  amdxata - ok
10:40:32.0495 0x07f8  [ D908096B873B940BB438CE63BA35BD1E, F1C79C907E6CDBC2770C16AFFAE0D6F9B9B7DA21F5074D602AC5FE1597975748 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
10:40:32.0515 0x07f8  AntiVirMailService - ok
10:40:32.0535 0x07f8  [ EC705D6ED3A7F3D9AE42F6239707D9FE, B50F6BB0FC308E7403B1807DF2AAF87BEDE0B044128C580970A26801CCABC43F ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
10:40:32.0545 0x07f8  AntiVirSchedulerService - ok
10:40:32.0555 0x07f8  [ EC705D6ED3A7F3D9AE42F6239707D9FE, B50F6BB0FC308E7403B1807DF2AAF87BEDE0B044128C580970A26801CCABC43F ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
10:40:32.0575 0x07f8  AntiVirService - ok
10:40:32.0605 0x07f8  [ 0F3D12E5FAE0082DB3F306095CA6B027, 726D054357031F45B43C87D798E84FA93439ECA6C691EB8C76FE524B50C25B32 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
10:40:32.0635 0x07f8  AntiVirWebService - ok
10:40:32.0655 0x07f8  [ 9DC1A45BA81C923DB68A162B0F0D0149, 0B3EC531651B22DFC3F4EB0A19F4F5B5C094F77BFC245FBB1A1BE28DD8B6516D ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
10:40:32.0665 0x07f8  ApfiltrService - ok
10:40:32.0675 0x07f8  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
10:40:32.0685 0x07f8  AppID - ok
10:40:32.0695 0x07f8  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
10:40:32.0705 0x07f8  AppIDSvc - ok
10:40:32.0705 0x07f8  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
10:40:32.0725 0x07f8  Appinfo - ok
10:40:32.0725 0x07f8  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
10:40:32.0735 0x07f8  arc - ok
10:40:32.0745 0x07f8  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
10:40:32.0755 0x07f8  arcsas - ok
10:40:32.0755 0x07f8  [ C130BC4A51B1382B2BE8E44579EC4C0A, CC1FD33ED7CAD87A504D8678F8482CAECACD18C727BB97FFB86F39255563EEF2 ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
10:40:32.0765 0x07f8  ArcSoftKsUFilter - ok
10:40:32.0775 0x07f8  [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:40:32.0785 0x07f8  aspnet_state - ok
10:40:32.0785 0x07f8  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
10:40:32.0815 0x07f8  AsyncMac - ok
10:40:32.0825 0x07f8  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
10:40:32.0835 0x07f8  atapi - ok
10:40:32.0855 0x07f8  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:40:32.0885 0x07f8  AudioEndpointBuilder - ok
10:40:32.0905 0x07f8  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
10:40:32.0925 0x07f8  AudioSrv - ok
10:40:32.0935 0x07f8  [ 43B6D229C7DBA9F0FC0FC0C318DB5350, F5A525DBD71FC4A323E92839C6D27F323FB304B7E9FFA35E89E9B419570AA4C8 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
10:40:32.0945 0x07f8  avgntflt - ok
10:40:32.0945 0x07f8  [ 626D1BAD7A1975A8FEE8876A8AD0EEA7, 59772746A2DF3B7E8D021756B8A64569AC8468CA1C802EB594494224354F1E60 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
10:40:32.0965 0x07f8  avipbb - ok
10:40:32.0965 0x07f8  [ 0D32033DCB359FD98B4C3513EF849FE6, 5870D67526BC29D888DAF8DBAB04B1E97ED5C7C51484ED400A5E65D0EB61576A ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
10:40:32.0975 0x07f8  Avira.OE.ServiceHost - ok
10:40:32.0985 0x07f8  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
10:40:32.0995 0x07f8  avkmgr - ok
10:40:32.0995 0x07f8  [ 13253E5E3B6BDF945B63B336A8C9489B, 671C716E43F89D4BDDAA2BE045CDEBBB569C85BC2BA334E1F550187B79A7740D ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
10:40:33.0005 0x07f8  avnetflt - ok
10:40:33.0015 0x07f8  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
10:40:33.0035 0x07f8  AxInstSV - ok
10:40:33.0055 0x07f8  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
10:40:33.0075 0x07f8  b06bdrv - ok
10:40:33.0095 0x07f8  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
10:40:33.0105 0x07f8  b57nd60a - ok
10:40:33.0115 0x07f8  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
10:40:33.0135 0x07f8  BDESVC - ok
10:40:33.0135 0x07f8  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
10:40:33.0165 0x07f8  Beep - ok
10:40:33.0195 0x07f8  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
10:40:33.0225 0x07f8  BFE - ok
10:40:33.0245 0x07f8  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
10:40:33.0325 0x07f8  BITS - ok
10:40:33.0325 0x07f8  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
10:40:33.0335 0x07f8  blbdrive - ok
10:40:33.0345 0x07f8  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
10:40:33.0355 0x07f8  bowser - ok
10:40:33.0365 0x07f8  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:40:33.0385 0x07f8  BrFiltLo - ok
10:40:33.0395 0x07f8  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:40:33.0405 0x07f8  BrFiltUp - ok
10:40:33.0415 0x07f8  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
10:40:33.0425 0x07f8  Browser - ok
10:40:33.0435 0x07f8  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
10:40:33.0455 0x07f8  Brserid - ok
10:40:33.0465 0x07f8  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
10:40:33.0475 0x07f8  BrSerWdm - ok
10:40:33.0475 0x07f8  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
10:40:33.0485 0x07f8  BrUsbMdm - ok
10:40:33.0495 0x07f8  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
10:40:33.0505 0x07f8  BrUsbSer - ok
10:40:33.0505 0x07f8  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
10:40:33.0525 0x07f8  BthEnum - ok
10:40:33.0525 0x07f8  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
10:40:33.0545 0x07f8  BTHMODEM - ok
10:40:33.0545 0x07f8  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
10:40:33.0565 0x07f8  BthPan - ok
10:40:33.0595 0x07f8  [ 64C198198501F7560EE41D8D1EFA7952, 53CE5FDD1866FC8A0B91C7A620F7555D197488C4C8F3DEFD4398D8E3ED2AEBD0 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
10:40:33.0645 0x07f8  BTHPORT - ok
10:40:33.0645 0x07f8  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
10:40:33.0685 0x07f8  bthserv - ok
10:40:33.0685 0x07f8  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
10:40:33.0705 0x07f8  BTHUSB - ok
10:40:33.0715 0x07f8  [ 7A2CE8C1BF4DAA1F2766E21E9CA11078, 2AF02D206F60F95185894D829D7CC322C4986847153269DE186E11EE2353FBBC ] btwampfl        C:\Windows\system32\drivers\btwampfl.sys
10:40:33.0735 0x07f8  btwampfl - ok
10:40:33.0745 0x07f8  [ A75BF6802A967F5AACECC3C67FEBDF55, 7FD561C3817ABE48121926361ED12943A1EF5C0006689DCE3813697868D763B4 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
10:40:33.0755 0x07f8  btwaudio - ok
10:40:33.0755 0x07f8  [ D895DC213EDBDA5FCC53AAD1F1E0E63B, FF3B483752E45911C267367B102EA0901BE13840FDBA083D0B7FF3379C37B898 ] btwavdt         C:\Windows\system32\drivers\btwavdt.sys
10:40:33.0765 0x07f8  btwavdt - ok
10:40:33.0795 0x07f8  [ 692F8648D7686D91E34A65AC698019D8, CC7544513AA089BDB0FCE74156C88CBB4182C96F97785A64ED5D3061B039516E ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
10:40:33.0825 0x07f8  btwdins - ok
10:40:33.0825 0x07f8  [ 07096D2BC22CCB6CEA5A532DF0BE8A75, A9B7F2EFFDF1E4EC0A5DC098F0ED2BE44E271844A4F1CBAD2FA1655DE1E03F6E ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
10:40:33.0835 0x07f8  btwl2cap - ok
10:40:33.0835 0x07f8  [ 6D7AA2BDE0135599C5F230D69DB3B420, 5179F57976B3903B5D45C5B383C691BCB26411B5C98296F99C1F79EF863E1E0A ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
10:40:33.0845 0x07f8  btwrchid - ok
10:40:33.0855 0x07f8  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
10:40:33.0885 0x07f8  cdfs - ok
10:40:33.0885 0x07f8  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\drivers\cdrom.sys
10:40:33.0905 0x07f8  cdrom - ok
10:40:33.0905 0x07f8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
10:40:33.0935 0x07f8  CertPropSvc - ok
10:40:33.0945 0x07f8  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
10:40:33.0955 0x07f8  circlass - ok
10:40:33.0965 0x07f8  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
10:40:33.0985 0x07f8  CLFS - ok
10:40:33.0985 0x07f8  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:40:34.0005 0x07f8  clr_optimization_v2.0.50727_32 - ok
10:40:34.0005 0x07f8  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:40:34.0015 0x07f8  clr_optimization_v2.0.50727_64 - ok
10:40:34.0025 0x07f8  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:40:34.0045 0x07f8  clr_optimization_v4.0.30319_32 - ok
10:40:34.0045 0x07f8  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:40:34.0065 0x07f8  clr_optimization_v4.0.30319_64 - ok
10:40:34.0065 0x07f8  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
10:40:34.0075 0x07f8  CmBatt - ok
10:40:34.0085 0x07f8  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
10:40:34.0095 0x07f8  cmdide - ok
10:40:34.0105 0x07f8  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
10:40:34.0135 0x07f8  CNG - ok
10:40:34.0135 0x07f8  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
10:40:34.0145 0x07f8  Compbatt - ok
10:40:34.0155 0x07f8  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
10:40:34.0165 0x07f8  CompositeBus - ok
10:40:34.0165 0x07f8  COMSysApp - ok
10:40:34.0175 0x07f8  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
10:40:34.0185 0x07f8  crcdisk - ok
10:40:34.0185 0x07f8  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
10:40:34.0205 0x07f8  CryptSvc - ok
10:40:34.0225 0x07f8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
10:40:34.0265 0x07f8  DcomLaunch - ok
10:40:34.0265 0x07f8  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
10:40:34.0305 0x07f8  defragsvc - ok
10:40:34.0315 0x07f8  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
10:40:34.0345 0x07f8  DfsC - ok
10:40:34.0355 0x07f8  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
10:40:34.0385 0x07f8  Dhcp - ok
10:40:34.0395 0x07f8  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
10:40:34.0425 0x07f8  discache - ok
10:40:34.0425 0x07f8  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
10:40:34.0435 0x07f8  Disk - ok
10:40:34.0445 0x07f8  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
10:40:34.0455 0x07f8  Dnscache - ok
10:40:34.0465 0x07f8  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
10:40:34.0505 0x07f8  dot3svc - ok
10:40:34.0505 0x07f8  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
10:40:34.0535 0x07f8  DPS - ok
10:40:34.0545 0x07f8  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
10:40:34.0555 0x07f8  drmkaud - ok
10:40:34.0585 0x07f8  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
10:40:34.0625 0x07f8  DXGKrnl - ok
10:40:34.0645 0x07f8  [ 50AD8FC1DC800FF36087994C8F7FDFF2, E3DA8DCE76599E0E1F0D80AA1483D6BECFE0F7242147D986A6AF3A4362FC2C80 ] e1yexpress      C:\Windows\system32\DRIVERS\e1y60x64.sys
10:40:34.0665 0x07f8  e1yexpress - ok
10:40:34.0665 0x07f8  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
10:40:34.0705 0x07f8  EapHost - ok
10:40:34.0795 0x07f8  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
10:40:34.0895 0x07f8  ebdrv - ok
10:40:34.0895 0x07f8  [ 4C3FAC816925F73A34AD52F1F7C0A7EA, 7E9B4F68E2ADABA3A9324DA16CF680D77CF2812D4BD0BFCFF0173CA61260A3FE ] EFS             C:\Windows\System32\lsass.exe
10:40:34.0915 0x07f8  EFS - ok
10:40:34.0945 0x07f8  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
10:40:34.0985 0x07f8  ehRecvr - ok
10:40:34.0995 0x07f8  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
10:40:35.0005 0x07f8  ehSched - ok
10:40:35.0025 0x07f8  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
10:40:35.0045 0x07f8  elxstor - ok
10:40:35.0055 0x07f8  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
10:40:35.0065 0x07f8  ErrDev - ok
10:40:35.0085 0x07f8  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
10:40:35.0115 0x07f8  EventSystem - ok
10:40:35.0165 0x07f8  [ F8F610093E1D7FDFA477FC34D15D5C60, 9CBBCEEA7ED6CA6C09B60CD8A2EA6744F4F701B76E235287CEBCE8BD744B0BD7 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
10:40:35.0205 0x07f8  EvtEng - ok
10:40:35.0215 0x07f8  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
10:40:35.0245 0x07f8  exfat - ok
10:40:35.0255 0x07f8  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
10:40:35.0295 0x07f8  fastfat - ok
10:40:35.0305 0x07f8  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
10:40:35.0335 0x07f8  Fax - ok
10:40:35.0335 0x07f8  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
10:40:35.0355 0x07f8  fdc - ok
10:40:35.0355 0x07f8  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
10:40:35.0385 0x07f8  fdPHost - ok
10:40:35.0385 0x07f8  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
10:40:35.0415 0x07f8  FDResPub - ok
10:40:35.0425 0x07f8  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
10:40:35.0435 0x07f8  FileInfo - ok
10:40:35.0435 0x07f8  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
10:40:35.0465 0x07f8  Filetrace - ok
10:40:35.0495 0x07f8  [ F76D04F7413B07DAA029F6520B64B4E8, 3EB13C0EFE737880853FB8952381E7A57723F9472E0E4ED7CDA8A0D7DE8DC90D ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
10:40:35.0525 0x07f8  FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
10:40:38.0195 0x07f8  Detect skipped due to KSN trusted
10:40:38.0195 0x07f8  FLEXnet Licensing Service - ok
10:40:38.0205 0x07f8  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
10:40:38.0235 0x07f8  flpydisk - ok
10:40:38.0255 0x07f8  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
10:40:38.0265 0x07f8  FltMgr - ok
10:40:38.0295 0x07f8  [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache       C:\Windows\system32\FntCache.dll
10:40:38.0335 0x07f8  FontCache - ok
10:40:38.0345 0x07f8  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:40:38.0345 0x07f8  FontCache3.0.0.0 - ok
10:40:38.0355 0x07f8  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
10:40:38.0365 0x07f8  FsDepends - ok
10:40:38.0365 0x07f8  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
10:40:38.0375 0x07f8  Fs_Rec - ok
10:40:38.0385 0x07f8  [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
10:40:38.0405 0x07f8  fvevol - ok
10:40:38.0415 0x07f8  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
10:40:38.0425 0x07f8  gagp30kx - ok
10:40:38.0455 0x07f8  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
10:40:38.0515 0x07f8  gpsvc - ok
10:40:38.0515 0x07f8  [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
10:40:38.0535 0x07f8  gusvc - ok
10:40:38.0535 0x07f8  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
10:40:38.0545 0x07f8  hcw85cir - ok
10:40:38.0565 0x07f8  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:40:38.0595 0x07f8  HdAudAddService - ok
10:40:38.0595 0x07f8  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
10:40:38.0615 0x07f8  HDAudBus - ok
10:40:38.0615 0x07f8  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
10:40:38.0625 0x07f8  HidBatt - ok
10:40:38.0635 0x07f8  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
10:40:38.0645 0x07f8  HidBth - ok
10:40:38.0655 0x07f8  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
10:40:38.0665 0x07f8  HidIr - ok
10:40:38.0665 0x07f8  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
10:40:38.0695 0x07f8  hidserv - ok
10:40:38.0705 0x07f8  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
10:40:38.0715 0x07f8  HidUsb - ok
10:40:38.0715 0x07f8  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
10:40:38.0745 0x07f8  hkmsvc - ok
10:40:38.0755 0x07f8  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:40:38.0775 0x07f8  HomeGroupListener - ok
10:40:38.0775 0x07f8  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:40:38.0795 0x07f8  HomeGroupProvider - ok
10:40:38.0805 0x07f8  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
10:40:38.0815 0x07f8  HpSAMD - ok
10:40:38.0835 0x07f8  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
10:40:38.0865 0x07f8  HTTP - ok
10:40:38.0865 0x07f8  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
10:40:38.0875 0x07f8  hwpolicy - ok
10:40:38.0885 0x07f8  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
10:40:38.0905 0x07f8  i8042prt - ok
10:40:38.0915 0x07f8  [ D7921D5A870B11CC1ADAB198A519D50A, 5DF99EB5D5504E9D9EB21658E8B4A58DEE2AD143A1875DB7F9B7BF4877FCB57F ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
10:40:38.0935 0x07f8  iaStor - ok
10:40:38.0935 0x07f8  [ 8FFF9083252C16FE3960173722605E9E, 6546FDA34B9AF94C5E86E5269BBC2F02F1E78D6D4BE5B5EC01F4B284CC934994 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
10:40:38.0945 0x07f8  IAStorDataMgrSvc - ok
10:40:38.0965 0x07f8  [ 3DF4395A7CF8B7A72A5F4606366B8C2D, 483588B8FC6E05488ED631C4E1CFC398553FEBFA2CD2BB527B4DF12D19774F80 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
10:40:38.0985 0x07f8  iaStorV - ok
10:40:39.0105 0x07f8  [ 3CC7B3BB1A9EA201A040883EDFAA67A0, F543A779BA8CBFD5E0B939844B9CB47A2C05A400C693635F520438C18FFDFAF1 ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
10:40:39.0165 0x07f8  IconMan_R - ok
10:40:39.0195 0x07f8  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:40:39.0235 0x07f8  idsvc - ok
10:40:39.0235 0x07f8  IEEtwCollectorService - ok
10:40:39.0685 0x07f8  [ 0AC9E321D604BE48A0D72B69BA484BDC, CAB41D696F86105ABC660DB66EFC602E81F725B809E821DE48912F2452EA8BEC ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
10:40:40.0145 0x07f8  igfx - ok
10:40:40.0165 0x07f8  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
10:40:40.0175 0x07f8  iirsp - ok
10:40:40.0205 0x07f8  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
10:40:40.0245 0x07f8  IKEEXT - ok
10:40:40.0335 0x07f8  [ CDB772F707AC24B43A20C821852CA61F, E9C7D1026A99BCCB7908ED370E86C1DADE1594A00BC9B9B6B89B383ED21D080B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:40:40.0435 0x07f8  IntcAzAudAddService - ok
10:40:40.0445 0x07f8  [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
10:40:40.0455 0x07f8  IntcDAud - ok
10:40:40.0465 0x07f8  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
10:40:40.0475 0x07f8  intelide - ok
10:40:40.0895 0x07f8  [ 0AC9E321D604BE48A0D72B69BA484BDC, CAB41D696F86105ABC660DB66EFC602E81F725B809E821DE48912F2452EA8BEC ] intelkmd        C:\Windows\system32\DRIVERS\igdpmd64.sys
10:40:41.0325 0x07f8  intelkmd - ok
10:40:41.0345 0x07f8  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
10:40:41.0355 0x07f8  intelppm - ok
10:40:41.0355 0x07f8  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
10:40:41.0385 0x07f8  IPBusEnum - ok
10:40:41.0395 0x07f8  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:40:41.0425 0x07f8  IpFilterDriver - ok
10:40:41.0445 0x07f8  [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
10:40:41.0485 0x07f8  iphlpsvc - ok
10:40:41.0485 0x07f8  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
10:40:41.0505 0x07f8  IPMIDRV - ok
10:40:41.0505 0x07f8  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
10:40:41.0535 0x07f8  IPNAT - ok
10:40:41.0545 0x07f8  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
10:40:41.0565 0x07f8  IRENUM - ok
10:40:41.0565 0x07f8  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
10:40:41.0575 0x07f8  isapnp - ok
10:40:41.0595 0x07f8  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
10:40:41.0615 0x07f8  iScsiPrt - ok
10:40:41.0615 0x07f8  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
10:40:41.0625 0x07f8  kbdclass - ok
10:40:41.0635 0x07f8  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
10:40:41.0645 0x07f8  kbdhid - ok
10:40:41.0645 0x07f8  [ 4C3FAC816925F73A34AD52F1F7C0A7EA, 7E9B4F68E2ADABA3A9324DA16CF680D77CF2812D4BD0BFCFF0173CA61260A3FE ] KeyIso          C:\Windows\system32\lsass.exe
10:40:41.0655 0x07f8  KeyIso - ok
10:40:41.0665 0x07f8  [ C93EB3A92540830168F2057ECA7DE49A, 91DAEAD52B517E1E7CE9AAAE478493732156AA3122E6D16F7E8BD37116BB501C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
10:40:41.0675 0x07f8  KSecDD - ok
10:40:41.0685 0x07f8  [ 43F45C59A472993E5063F2DB2D22C509, E21B48733619B49272F46E01432D76072AC9241F55CDF08E84AF6277E3BF972A ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
10:40:41.0695 0x07f8  KSecPkg - ok
10:40:41.0695 0x07f8  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
10:40:41.0735 0x07f8  ksthunk - ok
10:40:41.0755 0x07f8  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
10:40:41.0795 0x07f8  KtmRm - ok
10:40:41.0795 0x07f8  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
10:40:41.0835 0x07f8  LanmanServer - ok
10:40:41.0835 0x07f8  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:40:41.0875 0x07f8  LanmanWorkstation - ok
10:40:41.0875 0x07f8  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
10:40:41.0905 0x07f8  lltdio - ok
10:40:41.0925 0x07f8  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
10:40:41.0965 0x07f8  lltdsvc - ok
10:40:41.0965 0x07f8  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
10:40:41.0995 0x07f8  lmhosts - ok
10:40:42.0005 0x07f8  [ 2ED1786B7542CDA261029F6B526EDF44, C6131B65B045EF5B4F62CF6CF089DF0921BA6A8EFC83BCBA45D5DDE78E9D78E2 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
10:40:42.0025 0x07f8  LMS - ok
10:40:42.0035 0x07f8  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
10:40:42.0045 0x07f8  LSI_FC - ok
10:40:42.0045 0x07f8  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
10:40:42.0065 0x07f8  LSI_SAS - ok
10:40:42.0065 0x07f8  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:40:42.0075 0x07f8  LSI_SAS2 - ok
10:40:42.0085 0x07f8  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:40:42.0095 0x07f8  LSI_SCSI - ok
10:40:42.0105 0x07f8  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
10:40:42.0135 0x07f8  luafv - ok
10:40:42.0145 0x07f8  [ 77AB66599EAFF797744D17C502FECDB9, E3A356AC3D6958B08C126D2C4231F2F7A655348606AE53FB95C6DA17908B32D1 ] McComponentHostServiceSony C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe
10:40:42.0165 0x07f8  McComponentHostServiceSony - ok
10:40:42.0165 0x07f8  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
10:40:42.0185 0x07f8  Mcx2Svc - ok
10:40:42.0185 0x07f8  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
10:40:42.0195 0x07f8  megasas - ok
10:40:42.0205 0x07f8  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
10:40:42.0225 0x07f8  MegaSR - ok
10:40:42.0225 0x07f8  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
10:40:42.0235 0x07f8  MEIx64 - ok
10:40:42.0235 0x07f8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
10:40:42.0265 0x07f8  MMCSS - ok
10:40:42.0275 0x07f8  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
10:40:42.0305 0x07f8  Modem - ok
10:40:42.0305 0x07f8  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
10:40:42.0315 0x07f8  monitor - ok
10:40:42.0325 0x07f8  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
10:40:42.0335 0x07f8  mouclass - ok
10:40:42.0335 0x07f8  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
10:40:42.0345 0x07f8  mouhid - ok
10:40:42.0355 0x07f8  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
10:40:42.0365 0x07f8  mountmgr - ok
10:40:42.0365 0x07f8  [ 9FC679D10A7377BB04ECC3D0E2E26B53, 24ACD4EC1618A052C29E4463138B28F62C8B78D442DB82F4925E64FC5849A096 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:40:42.0385 0x07f8  MozillaMaintenance - ok
10:40:42.0395 0x07f8  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
10:40:42.0415 0x07f8  mpio - ok
10:40:42.0415 0x07f8  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
10:40:42.0445 0x07f8  mpsdrv - ok
10:40:42.0475 0x07f8  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
10:40:42.0535 0x07f8  MpsSvc - ok
10:40:42.0535 0x07f8  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
10:40:42.0555 0x07f8  MRxDAV - ok
10:40:42.0565 0x07f8  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
10:40:42.0575 0x07f8  mrxsmb - ok
10:40:42.0595 0x07f8  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:40:42.0605 0x07f8  mrxsmb10 - ok
10:40:42.0615 0x07f8  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:40:42.0625 0x07f8  mrxsmb20 - ok
10:40:42.0635 0x07f8  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
10:40:42.0645 0x07f8  msahci - ok
10:40:42.0655 0x07f8  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
10:40:42.0665 0x07f8  msdsm - ok
10:40:42.0675 0x07f8  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
10:40:42.0695 0x07f8  MSDTC - ok
10:40:42.0695 0x07f8  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
10:40:42.0725 0x07f8  Msfs - ok
10:40:42.0725 0x07f8  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
10:40:42.0755 0x07f8  mshidkmdf - ok
10:40:42.0765 0x07f8  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
10:40:42.0775 0x07f8  msisadrv - ok
10:40:42.0785 0x07f8  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
10:40:42.0815 0x07f8  MSiSCSI - ok
10:40:42.0815 0x07f8  msiserver - ok
10:40:42.0825 0x07f8  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
10:40:42.0845 0x07f8  MSKSSRV - ok
10:40:42.0855 0x07f8  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
10:40:42.0875 0x07f8  MSPCLOCK - ok
10:40:42.0885 0x07f8  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
10:40:42.0915 0x07f8  MSPQM - ok
10:40:42.0925 0x07f8  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
10:40:42.0945 0x07f8  MsRPC - ok
10:40:42.0945 0x07f8  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
10:40:42.0955 0x07f8  mssmbios - ok
10:40:42.0955 0x07f8  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
10:40:42.0985 0x07f8  MSTEE - ok
10:40:42.0985 0x07f8  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
10:40:43.0005 0x07f8  MTConfig - ok
10:40:43.0005 0x07f8  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
10:40:43.0015 0x07f8  Mup - ok
10:40:43.0025 0x07f8  [ F6EA50DBC391F04CA49427010657CCB3, 4D45B7CF42E090416F6702CF47C69094FE1D98AA3D2279AAFCC934FE091417AE ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
10:40:43.0045 0x07f8  MyWiFiDHCPDNS - ok
10:40:43.0055 0x07f8  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
10:40:43.0095 0x07f8  napagent - ok
10:40:43.0105 0x07f8  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
10:40:43.0135 0x07f8  NativeWifiP - ok
10:40:43.0165 0x07f8  [ 79B47FD40D9A817E932F9D26FAC0A81C, 53E260B8BFC50BA45FA73BFCF4E58C233890D0EAA9DEFDCCBB55FD3EB992FF2D ] NDIS            C:\Windows\system32\drivers\ndis.sys
10:40:43.0215 0x07f8  NDIS - ok
10:40:43.0215 0x07f8  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
10:40:43.0245 0x07f8  NdisCap - ok
10:40:43.0245 0x07f8  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
10:40:43.0275 0x07f8  NdisTapi - ok
10:40:43.0285 0x07f8  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
10:40:43.0315 0x07f8  Ndisuio - ok
10:40:43.0325 0x07f8  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
10:40:43.0355 0x07f8  NdisWan - ok
10:40:43.0365 0x07f8  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
10:40:43.0395 0x07f8  NDProxy - ok
10:40:43.0395 0x07f8  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
10:40:43.0425 0x07f8  NetBIOS - ok
10:40:43.0435 0x07f8  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
10:40:43.0465 0x07f8  NetBT - ok
10:40:43.0475 0x07f8  [ 4C3FAC816925F73A34AD52F1F7C0A7EA, 7E9B4F68E2ADABA3A9324DA16CF680D77CF2812D4BD0BFCFF0173CA61260A3FE ] Netlogon        C:\Windows\system32\lsass.exe
10:40:43.0485 0x07f8  Netlogon - ok
10:40:43.0495 0x07f8  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
10:40:43.0525 0x07f8  Netman - ok
10:40:43.0535 0x07f8  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:40:43.0545 0x07f8  NetMsmqActivator - ok
10:40:43.0555 0x07f8  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:40:43.0565 0x07f8  NetPipeActivator - ok
10:40:43.0585 0x07f8  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
10:40:43.0635 0x07f8  netprofm - ok
10:40:43.0645 0x07f8  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:40:43.0655 0x07f8  NetTcpActivator - ok
10:40:43.0655 0x07f8  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:40:43.0665 0x07f8  NetTcpPortSharing - ok
10:40:43.0805 0x07f8  [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys
10:40:43.0955 0x07f8  netw5v64 - ok
10:40:44.0145 0x07f8  [ 30933BB56FB611D0252BAD488ADFB533, 660B96A1BB6158224E518E6847E16C5A876C516C39FACFF87ABC9A200447B809 ] NETwNs64        C:\Windows\system32\DRIVERS\NETwNs64.sys
10:40:44.0355 0x07f8  NETwNs64 - ok
10:40:44.0365 0x07f8  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
10:40:44.0375 0x07f8  nfrd960 - ok
10:40:44.0385 0x07f8  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
10:40:44.0405 0x07f8  NlaSvc - ok
10:40:44.0405 0x07f8  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
10:40:44.0435 0x07f8  Npfs - ok
10:40:44.0445 0x07f8  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
10:40:44.0475 0x07f8  nsi - ok
10:40:44.0475 0x07f8  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
10:40:44.0505 0x07f8  nsiproxy - ok
10:40:44.0555 0x07f8  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
10:40:44.0605 0x07f8  Ntfs - ok
10:40:44.0615 0x07f8  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
10:40:44.0645 0x07f8  Null - ok
10:40:44.0645 0x07f8  [ 786DB821BFD57C0551DBBE4F75384A7D, F956D636F834F2BA5F019E187FDB9CC33940363C75A60E53CD81310A4DB6A6AB ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
10:40:44.0655 0x07f8  nusb3hub - ok
10:40:44.0665 0x07f8  [ DAA8005CAF745042BB427A1ED7433354, 3019002F174783B76D5D8AA47F7A465B7FEC7C14235B70E5C9277FE534839226 ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
10:40:44.0685 0x07f8  nusb3xhc - ok
10:40:44.0695 0x07f8  [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48, 7738785DE8B50D69993F4408498B812D0283FEE5C04FF5B89C20F149B44E9737 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
10:40:44.0705 0x07f8  nvraid - ok
10:40:44.0725 0x07f8  [ F7CD50FE7139F07E77DA8AC8033D1832, DA96F4B15C8165E6AE1D00E03A062C66CA3A3089E4FF0E9E11CE00B154DD12EC ] nvstor          C:\Windows\system32\drivers\nvstor.sys
10:40:44.0735 0x07f8  nvstor - ok
10:40:44.0745 0x07f8  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
10:40:44.0755 0x07f8  nv_agp - ok
10:40:44.0775 0x07f8  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:40:44.0795 0x07f8  odserv - ok
10:40:44.0805 0x07f8  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
10:40:44.0825 0x07f8  ohci1394 - ok
10:40:44.0825 0x07f8  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:40:44.0845 0x07f8  ose - ok
10:40:44.0855 0x07f8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
10:40:44.0875 0x07f8  p2pimsvc - ok
10:40:44.0885 0x07f8  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
10:40:44.0915 0x07f8  p2psvc - ok
10:40:44.0915 0x07f8  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
10:40:44.0935 0x07f8  Parport - ok
10:40:44.0935 0x07f8  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
10:40:44.0945 0x07f8  partmgr - ok
10:40:44.0955 0x07f8  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
10:40:44.0965 0x07f8  PcaSvc - ok
10:40:44.0975 0x07f8  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
10:40:44.0995 0x07f8  pci - ok
10:40:44.0995 0x07f8  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
10:40:45.0005 0x07f8  pciide - ok
10:40:45.0015 0x07f8  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
10:40:45.0025 0x07f8  pcmcia - ok
10:40:45.0035 0x07f8  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
10:40:45.0045 0x07f8  pcw - ok
10:40:45.0065 0x07f8  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
10:40:45.0085 0x07f8  PEAUTH - ok
10:40:45.0105 0x07f8  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
10:40:45.0115 0x07f8  PerfHost - ok
10:40:45.0155 0x07f8  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
10:40:45.0215 0x07f8  pla - ok
10:40:45.0235 0x07f8  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
10:40:45.0255 0x07f8  PlugPlay - ok
10:40:45.0265 0x07f8  [ 63694C307273062A2167AE4CE80730EF, 788E762D02A8BE9802143361A5768364A994B20E769A9733FA5827F526432893 ] PMBDeviceInfoProvider c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
10:40:45.0285 0x07f8  PMBDeviceInfoProvider - ok
10:40:45.0285 0x07f8  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
10:40:45.0295 0x07f8  PNRPAutoReg - ok
10:40:45.0305 0x07f8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
10:40:45.0325 0x07f8  PNRPsvc - ok
10:40:45.0345 0x07f8  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
10:40:45.0385 0x07f8  PolicyAgent - ok
10:40:45.0395 0x07f8  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
10:40:45.0425 0x07f8  Power - ok
10:40:45.0435 0x07f8  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
10:40:45.0465 0x07f8  PptpMiniport - ok
10:40:45.0475 0x07f8  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
10:40:45.0485 0x07f8  Processor - ok
10:40:45.0495 0x07f8  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
10:40:45.0505 0x07f8  ProfSvc - ok
10:40:45.0515 0x07f8  [ 4C3FAC816925F73A34AD52F1F7C0A7EA, 7E9B4F68E2ADABA3A9324DA16CF680D77CF2812D4BD0BFCFF0173CA61260A3FE ] ProtectedStorage C:\Windows\system32\lsass.exe
10:40:45.0525 0x07f8  ProtectedStorage - ok
10:40:45.0525 0x07f8  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
10:40:45.0565 0x07f8  Psched - ok
10:40:45.0565 0x07f8  [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
10:40:45.0575 0x07f8  PxHlpa64 - ok
10:40:45.0615 0x07f8  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
10:40:45.0665 0x07f8  ql2300 - ok
10:40:45.0675 0x07f8  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
10:40:45.0685 0x07f8  ql40xx - ok
10:40:45.0695 0x07f8  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
10:40:45.0715 0x07f8  QWAVE - ok
10:40:45.0725 0x07f8  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
10:40:45.0735 0x07f8  QWAVEdrv - ok
10:40:45.0745 0x07f8  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
10:40:45.0775 0x07f8  RasAcd - ok
10:40:45.0775 0x07f8  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
10:40:45.0805 0x07f8  RasAgileVpn - ok
10:40:45.0815 0x07f8  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
10:40:45.0845 0x07f8  RasAuto - ok
10:40:45.0855 0x07f8  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
10:40:45.0885 0x07f8  Rasl2tp - ok
10:40:45.0905 0x07f8  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
10:40:45.0945 0x07f8  RasMan - ok
10:40:45.0955 0x07f8  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
10:40:45.0985 0x07f8  RasPppoe - ok
10:40:45.0985 0x07f8  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
10:40:46.0015 0x07f8  RasSstp - ok
10:40:46.0035 0x07f8  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
10:40:46.0075 0x07f8  rdbss - ok
10:40:46.0075 0x07f8  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
10:40:46.0085 0x07f8  rdpbus - ok
10:40:46.0095 0x07f8  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
10:40:46.0115 0x07f8  RDPCDD - ok
10:40:46.0125 0x07f8  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
10:40:46.0155 0x07f8  RDPENCDD - ok
10:40:46.0165 0x07f8  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
10:40:46.0195 0x07f8  RDPREFMP - ok
10:40:46.0205 0x07f8  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
10:40:46.0225 0x07f8  RDPWD - ok
10:40:46.0225 0x07f8  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
10:40:46.0245 0x07f8  rdyboost - ok
10:40:46.0265 0x07f8  [ 9276F4D4109FC349925D28E00E533146, 581645CA9EF3F46378001C54D058BF1EB075FF256F110A09734DB5DA6EBA7A7B ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
10:40:46.0295 0x07f8  RegSrvc - ok
10:40:46.0305 0x07f8  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
10:40:46.0335 0x07f8  RemoteAccess - ok
10:40:46.0345 0x07f8  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
10:40:46.0375 0x07f8  RemoteRegistry - ok
10:40:46.0385 0x07f8  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
10:40:46.0395 0x07f8  RFCOMM - ok
10:40:46.0405 0x07f8  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
10:40:46.0435 0x07f8  RpcEptMapper - ok
10:40:46.0435 0x07f8  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
10:40:46.0445 0x07f8  RpcLocator - ok
10:40:46.0465 0x07f8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
10:40:46.0505 0x07f8  RpcSs - ok
10:40:46.0515 0x07f8  [ EBBFA2B4E317AF86E93FEC4C04D7A9B3, 29480CCA0ACAB2D53D664042A0D7713247EDEBBBD4734783348669EFDE579CA9 ] RSPCIESTOR      C:\Windows\system32\DRIVERS\RtsPStor.sys
10:40:46.0525 0x07f8  RSPCIESTOR - ok
10:40:46.0535 0x07f8  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
10:40:46.0565 0x07f8  rspndr - ok
10:40:46.0585 0x07f8  [ EA5532868BA76923D75BCB2A1448D810, C1489714C9BC95BB76134E6B8F28C5A3D044E9B2857F01BFEEEE7C8A25C74E7D ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
10:40:46.0605 0x07f8  RTL8167 - ok
10:40:46.0605 0x07f8  [ 4C3FAC816925F73A34AD52F1F7C0A7EA, 7E9B4F68E2ADABA3A9324DA16CF680D77CF2812D4BD0BFCFF0173CA61260A3FE ] SamSs           C:\Windows\system32\lsass.exe
10:40:46.0615 0x07f8  SamSs - ok
10:40:46.0625 0x07f8  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
10:40:46.0635 0x07f8  sbp2port - ok
10:40:46.0645 0x07f8  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
10:40:46.0685 0x07f8  SCardSvr - ok
10:40:46.0685 0x07f8  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
10:40:46.0715 0x07f8  scfilter - ok
10:40:46.0755 0x07f8  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
10:40:46.0825 0x07f8  Schedule - ok
10:40:46.0825 0x07f8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
10:40:46.0855 0x07f8  SCPolicySvc - ok
10:40:46.0865 0x07f8  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\drivers\sdbus.sys
10:40:46.0875 0x07f8  sdbus - ok
10:40:46.0885 0x07f8  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
10:40:46.0905 0x07f8  SDRSVC - ok
10:40:46.0915 0x07f8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
10:40:46.0945 0x07f8  secdrv - ok
10:40:46.0945 0x07f8  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
10:40:46.0975 0x07f8  seclogon - ok
10:40:46.0975 0x07f8  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
10:40:47.0005 0x07f8  SENS - ok
10:40:47.0015 0x07f8  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
10:40:47.0025 0x07f8  SensrSvc - ok
10:40:47.0025 0x07f8  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
10:40:47.0035 0x07f8  Serenum - ok
10:40:47.0045 0x07f8  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
10:40:47.0055 0x07f8  Serial - ok
10:40:47.0065 0x07f8  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
10:40:47.0075 0x07f8  sermouse - ok
10:40:47.0085 0x07f8  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
10:40:47.0115 0x07f8  SessionEnv - ok
10:40:47.0115 0x07f8  [ 286D3889E6AB5589646FF8A63CB928AE, 98D9D34521328F4F0B0B7C2CAB97BA0EC998B9F3F996B5ED08E17292F1CD9452 ] SFEP            C:\Windows\system32\DRIVERS\SFEP.sys
10:40:47.0125 0x07f8  SFEP - ok
10:40:47.0125 0x07f8  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
10:40:47.0135 0x07f8  sffdisk - ok
10:40:47.0145 0x07f8  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
10:40:47.0155 0x07f8  sffp_mmc - ok
10:40:47.0155 0x07f8  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
10:40:47.0175 0x07f8  sffp_sd - ok
10:40:47.0175 0x07f8  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
10:40:47.0185 0x07f8  sfloppy - ok
10:40:47.0195 0x07f8  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
10:40:47.0235 0x07f8  SharedAccess - ok
10:40:47.0245 0x07f8  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:40:47.0285 0x07f8  ShellHWDetection - ok
10:40:47.0285 0x07f8  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:40:47.0295 0x07f8  SiSRaid2 - ok
10:40:47.0305 0x07f8  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
10:40:47.0315 0x07f8  SiSRaid4 - ok
10:40:47.0315 0x07f8  [ 704B4F81729F676BBF034529FC334D82, 1E50DAF97836807A500284385D99272780A8B69CA88761250451060B207824F8 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
10:40:47.0335 0x07f8  SkypeUpdate - ok
10:40:47.0345 0x07f8  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
10:40:47.0375 0x07f8  Smb - ok
10:40:47.0375 0x07f8  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
10:40:47.0395 0x07f8  SNMPTRAP - ok
10:40:47.0405 0x07f8  [ C3E69DB0A4E59564230E053232F39AC7, D7E4AC42C0731F69869E96F3AE9021ABD968E17C92283A54F265E73E6BD60ED5 ] SOHCImp         C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
10:40:47.0415 0x07f8  SOHCImp - ok
10:40:47.0425 0x07f8  [ 65CC4779A29C3E82B987BD4961790DFF, 91D072ADBCD4AEB2E10D0CC97E89E92099E8061A601F1A88425B4A20FC50FF78 ] SOHDms          C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
10:40:47.0445 0x07f8  SOHDms - ok
10:40:47.0445 0x07f8  [ F47D75CEE1844EEF4A9EA6EE768828FB, 242550EB5879476DD2CFC0E38FAF3C6D0263FEA7504BD73ED3B004E274D7CDF6 ] SOHDs           C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
10:40:47.0455 0x07f8  SOHDs - ok
10:40:47.0475 0x07f8  [ B8047E776E50FC2384801083A77900E0, 74439D81AA9841960503B9D04359FCE1733EF011E6863F295487BBCF199AB92F ] SpfService      C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
10:40:47.0495 0x07f8  SpfService - ok
10:40:47.0495 0x07f8  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
10:40:47.0505 0x07f8  spldr - ok
10:40:47.0535 0x07f8  [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler         C:\Windows\System32\spoolsv.exe
10:40:47.0585 0x07f8  Spooler - ok
10:40:47.0735 0x07f8  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
10:40:47.0915 0x07f8  sppsvc - ok
10:40:47.0925 0x07f8  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
10:40:47.0955 0x07f8  sppuinotify - ok
10:40:47.0965 0x07f8  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
10:40:47.0995 0x07f8  srv - ok
10:40:48.0005 0x07f8  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
10:40:48.0025 0x07f8  srv2 - ok
10:40:48.0035 0x07f8  [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
10:40:48.0055 0x07f8  SrvHsfHDA - ok
10:40:48.0095 0x07f8  [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
10:40:48.0145 0x07f8  SrvHsfV92 - ok
10:40:48.0175 0x07f8  [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
10:40:48.0205 0x07f8  SrvHsfWinac - ok
10:40:48.0215 0x07f8  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
10:40:48.0225 0x07f8  srvnet - ok
10:40:48.0235 0x07f8  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
10:40:48.0275 0x07f8  SSDPSRV - ok
10:40:48.0275 0x07f8  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
10:40:48.0305 0x07f8  SstpSvc - ok
10:40:48.0315 0x07f8  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
10:40:48.0325 0x07f8  stexstor - ok
10:40:48.0335 0x07f8  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
10:40:48.0365 0x07f8  stisvc - ok
10:40:48.0365 0x07f8  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
10:40:48.0375 0x07f8  swenum - ok
10:40:48.0395 0x07f8  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
10:40:48.0435 0x07f8  swprv - ok
10:40:48.0505 0x07f8  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
10:40:48.0585 0x07f8  SysMain - ok
10:40:48.0595 0x07f8  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:40:48.0605 0x07f8  TabletInputService - ok
10:40:48.0625 0x07f8  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
10:40:48.0675 0x07f8  TapiSrv - ok
10:40:48.0675 0x07f8  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
10:40:48.0705 0x07f8  TBS - ok
10:40:48.0765 0x07f8  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
10:40:48.0825 0x07f8  Tcpip - ok
10:40:48.0875 0x07f8  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
10:40:48.0935 0x07f8  TCPIP6 - ok
10:40:48.0945 0x07f8  [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
10:40:48.0965 0x07f8  tcpipreg - ok
10:40:48.0975 0x07f8  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
10:40:48.0985 0x07f8  TDPIPE - ok
10:40:48.0995 0x07f8  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
10:40:48.0995 0x07f8  TDTCP - ok
10:40:49.0005 0x07f8  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
10:40:49.0035 0x07f8  tdx - ok
10:40:49.0205 0x07f8  [ 5CEF407E235885DB5421DF79C843F2DF, B85D7C8A137B15BDF14DB9588CEDB09C67B0C7965F8E79121E2BA7796B16777C ] TeamViewer9     C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
10:40:49.0315 0x07f8  TeamViewer9 - ok
10:40:49.0325 0x07f8  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
10:40:49.0345 0x07f8  TermDD - ok
10:40:49.0355 0x07f8  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
10:40:49.0385 0x07f8  TermService - ok
10:40:49.0385 0x07f8  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
10:40:49.0405 0x07f8  Themes - ok
10:40:49.0405 0x07f8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
10:40:49.0435 0x07f8  THREADORDER - ok
10:40:49.0445 0x07f8  [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM             C:\Windows\system32\drivers\tpm.sys
10:40:49.0455 0x07f8  TPM - ok
10:40:49.0465 0x07f8  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
10:40:49.0495 0x07f8  TrkWks - ok
10:40:49.0505 0x07f8  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:40:49.0535 0x07f8  TrustedInstaller - ok
10:40:49.0535 0x07f8  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
10:40:49.0555 0x07f8  tssecsrv - ok
10:40:49.0555 0x07f8  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
10:40:49.0565 0x07f8  TsUsbFlt - ok
10:40:49.0575 0x07f8  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
10:40:49.0605 0x07f8  tunnel - ok
10:40:49.0605 0x07f8  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
10:40:49.0615 0x07f8  uagp35 - ok
10:40:49.0625 0x07f8  [ 63F6D08C54D5B3C1B12A6172032055C7, 87D872731D2C85E1A0ED3128CB7AB91AF00D830B0E4307054ABFD1D3900C990D ] uCamMonitor     C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
10:40:49.0635 0x07f8  uCamMonitor - ok
10:40:49.0645 0x07f8  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
10:40:49.0675 0x07f8  udfs - ok
10:40:49.0685 0x07f8  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
10:40:49.0695 0x07f8  UI0Detect - ok
10:40:49.0705 0x07f8  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
10:40:49.0715 0x07f8  uliagpkx - ok
10:40:49.0715 0x07f8  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
10:40:49.0735 0x07f8  umbus - ok
10:40:49.0735 0x07f8  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
10:40:49.0745 0x07f8  UmPass - ok
10:40:49.0825 0x07f8  [ 7E5E1603D0FF2D240AE70295C5C3FEFC, 1E5F8E415ACE3C6DFBE636473DBE051329174F2A085516B6FC1515A54014D02B ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
10:40:49.0885 0x07f8  UNS - ok
10:40:49.0895 0x07f8  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
10:40:49.0935 0x07f8  upnphost - ok
10:40:49.0945 0x07f8  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
10:40:49.0955 0x07f8  usbccgp - ok
10:40:49.0965 0x07f8  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
10:40:49.0985 0x07f8  usbcir - ok
10:40:49.0985 0x07f8  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
10:40:49.0995 0x07f8  usbehci - ok
10:40:50.0015 0x07f8  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
10:40:50.0035 0x07f8  usbhub - ok
10:40:50.0045 0x07f8  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
10:40:50.0055 0x07f8  usbohci - ok
10:40:50.0055 0x07f8  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
10:40:50.0075 0x07f8  usbprint - ok
10:40:50.0075 0x07f8  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
10:40:50.0085 0x07f8  usbscan - ok
10:40:50.0095 0x07f8  [ C9DF9F9F76C3737EE8715F959857E246, 5826371E5B46650B1F1F61A0A9B59DA2155901209D2E529E79A9AA38E7871D1F ] UsbService      C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe
10:40:50.0105 0x07f8  UsbService - detected UnsignedFile.Multi.Generic ( 1 )
10:40:53.0865 0x07f8  Detect skipped due to KSN trusted
10:40:53.0865 0x07f8  UsbService - ok
10:40:53.0885 0x07f8  [ D76510CFA0FC09023077F22C2F979D86, 5662281C6D515423255D3C262EA368DBAFC250235E535FBFA3E59D3487695439 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:40:53.0925 0x07f8  USBSTOR - ok
10:40:53.0925 0x07f8  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
10:40:53.0945 0x07f8  usbuhci - ok
10:40:53.0955 0x07f8  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
10:40:53.0965 0x07f8  usbvideo - ok
10:40:53.0985 0x07f8  [ 34349E7B488FA61B639117F6BF1EBF99, A7A7E60511F7D6370473D41867F5323695308CC27D3EEB0286687D3A9E0084E9 ] USER_ESRV_SVC   C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
10:40:54.0005 0x07f8  USER_ESRV_SVC - ok
10:40:54.0015 0x07f8  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
10:40:54.0035 0x07f8  UxSms - ok
10:40:54.0045 0x07f8  [ 2C9732B39F81395CC9FE40F181CD3433, AEC8D7B2E8E96CEA2F7A9D01F909520FF95C1C95D34632D7D5BB7C64C22E738B ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
10:40:54.0055 0x07f8  VAIO Event Service - ok
10:40:54.0065 0x07f8  [ C994F2B3B45C9987049CA511EE1F2768, 9429D3BB66A272A27C9C3BCDA1A9EAFE7BF781BCAF49148C9D9085E8D6403489 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
10:40:54.0085 0x07f8  VAIO Power Management - ok
10:40:54.0095 0x07f8  [ 4C3FAC816925F73A34AD52F1F7C0A7EA, 7E9B4F68E2ADABA3A9324DA16CF680D77CF2812D4BD0BFCFF0173CA61260A3FE ] VaultSvc        C:\Windows\system32\lsass.exe
10:40:54.0105 0x07f8  VaultSvc - ok
10:40:54.0135 0x07f8  [ 6888526AEB8DDABDE6F778FD40FC0693, 1559979A440559C1227F5CE30CC6351A3DE12E49B7222DC94A571CF61ADC9BEA ] VCFw            C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
10:40:54.0175 0x07f8  VCFw - ok
10:40:54.0195 0x07f8  [ F0672B2368E859284A4C44AE2CCA4C72, D7C8CF82658FE2BC040EF842AA682AC4BF9A9D006D36490B7A09083E7F8E1E3D ] VcmIAlzMgr      C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
10:40:54.0225 0x07f8  VcmIAlzMgr - ok
10:40:54.0235 0x07f8  [ CBB9F0D1017E0BED4CB5BBC0EBF26DC1, C64F9DE0A48A56EDDAB6FEB58F6EEE0A792DE5C669A2DB0776E9E374724F0AFE ] VcmINSMgr       C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
10:40:54.0255 0x07f8  VcmINSMgr - ok
10:40:54.0265 0x07f8  [ C8E3BA694CC5EACEC4C01660ACE40D56, 3090D939B8A6CB67E3393EE9B6EB3375A7EC8F6E9F0A350803C0EE4E7FD3B3BF ] VcmXmlIfHelper  C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
10:40:54.0285 0x07f8  VcmXmlIfHelper - ok
10:40:54.0285 0x07f8  [ 0D53D30C8473EEDC1757FDA3C511103B, 54E1AE2CCD71AD446F373DD8E19382D81CA2BC9AEEE326CF5BF020AD3C5F58AB ] VCService       C:\Program Files\Sony\VAIO Care\VCService.exe
10:40:54.0295 0x07f8  VCService - ok
10:40:54.0295 0x07f8  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
10:40:54.0305 0x07f8  vdrvroot - ok
10:40:54.0325 0x07f8  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
10:40:54.0365 0x07f8  vds - ok
10:40:54.0365 0x07f8  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
10:40:54.0375 0x07f8  vga - ok
10:40:54.0385 0x07f8  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
10:40:54.0415 0x07f8  VgaSave - ok
10:40:54.0425 0x07f8  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
10:40:54.0435 0x07f8  vhdmp - ok
10:40:54.0435 0x07f8  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
10:40:54.0445 0x07f8  viaide - ok
10:40:54.0455 0x07f8  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
10:40:54.0465 0x07f8  volmgr - ok
10:40:54.0485 0x07f8  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
10:40:54.0505 0x07f8  volmgrx - ok
10:40:54.0515 0x07f8  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
10:40:54.0535 0x07f8  volsnap - ok
10:40:54.0545 0x07f8  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
10:40:54.0555 0x07f8  vsmraid - ok
10:40:54.0585 0x07f8  [ 028E420B12654492D25625688055108C, 04DFBBB8170FD63E25F9C78622F1F487A9F2C3AF7A3E9C5E42C53674BF2B60E6 ] VSNService      C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
10:40:54.0615 0x07f8  VSNService - ok
10:40:54.0655 0x07f8  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
10:40:54.0715 0x07f8  VSS - ok
10:40:54.0805 0x07f8  [ C1FAE2E81955DCCD79034A23EC4F3F37, 61B6477C6068B5542D3EE9C6336FBD7589F1CFFD3E850473A539619033533286 ] VUAgent         C:\Program Files\Sony\VAIO Update\vuagent.exe
10:40:54.0855 0x07f8  VUAgent - ok
10:40:54.0855 0x07f8  [ E07D31EE76EE18BFCA49AD9A89782D43, 9BC789D72BAB5263AC29F0E77767588A9C499F1A91BDD3B83CC421C52E174326 ] vuhub           C:\Windows\system32\DRIVERS\vuhub.sys
10:40:54.0865 0x07f8  vuhub - ok
10:40:54.0875 0x07f8  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
10:40:54.0885 0x07f8  vwifibus - ok
10:40:54.0885 0x07f8  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
10:40:54.0905 0x07f8  vwififlt - ok
10:40:54.0905 0x07f8  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
10:40:54.0925 0x07f8  vwifimp - ok
10:40:54.0935 0x07f8  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
10:40:54.0975 0x07f8  W32Time - ok
10:40:54.0975 0x07f8  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
10:40:54.0995 0x07f8  WacomPen - ok
10:40:54.0995 0x07f8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
10:40:55.0025 0x07f8  WANARP - ok
10:40:55.0035 0x07f8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
10:40:55.0065 0x07f8  Wanarpv6 - ok
10:40:55.0115 0x07f8  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
10:40:55.0185 0x07f8  wbengine - ok
10:40:55.0195 0x07f8  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
10:40:55.0215 0x07f8  WbioSrvc - ok
10:40:55.0225 0x07f8  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
10:40:55.0245 0x07f8  wcncsvc - ok
10:40:55.0255 0x07f8  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:40:55.0265 0x07f8  WcsPlugInService - ok
10:40:55.0265 0x07f8  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
10:40:55.0275 0x07f8  Wd - ok
10:40:55.0305 0x07f8  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
10:40:55.0335 0x07f8  Wdf01000 - ok
10:40:55.0345 0x07f8  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
10:40:55.0385 0x07f8  WdiServiceHost - ok
10:40:55.0385 0x07f8  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
10:40:55.0405 0x07f8  WdiSystemHost - ok
10:40:55.0415 0x07f8  [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient       C:\Windows\System32\webclnt.dll
10:40:55.0445 0x07f8  WebClient - ok
10:40:55.0445 0x07f8  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
10:40:55.0485 0x07f8  Wecsvc - ok
10:40:55.0485 0x07f8  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
10:40:55.0515 0x07f8  wercplsupport - ok
10:40:55.0525 0x07f8  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
10:40:55.0555 0x07f8  WerSvc - ok
10:40:55.0555 0x07f8  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
10:40:55.0585 0x07f8  WfpLwf - ok
10:40:55.0595 0x07f8  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
10:40:55.0605 0x07f8  WIMMount - ok
10:40:55.0605 0x07f8  WinDefend - ok
10:40:55.0605 0x07f8  WinHttpAutoProxySvc - ok
10:40:55.0625 0x07f8  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
10:40:55.0655 0x07f8  Winmgmt - ok
10:40:55.0705 0x07f8  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
10:40:55.0775 0x07f8  WinRM - ok
10:40:55.0815 0x07f8  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
10:40:55.0855 0x07f8  Wlansvc - ok
10:40:55.0865 0x07f8  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
10:40:55.0875 0x07f8  wlcrasvc - ok
10:40:55.0955 0x07f8  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:40:56.0015 0x07f8  wlidsvc - ok
10:40:56.0015 0x07f8  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
10:40:56.0025 0x07f8  WmiAcpi - ok
10:40:56.0035 0x07f8  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
10:40:56.0055 0x07f8  wmiApSrv - ok
10:40:56.0055 0x07f8  WMPNetworkSvc - ok
10:40:56.0065 0x07f8  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
10:40:56.0075 0x07f8  WPCSvc - ok
10:40:56.0085 0x07f8  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
10:40:56.0095 0x07f8  WPDBusEnum - ok
10:40:56.0105 0x07f8  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
10:40:56.0135 0x07f8  ws2ifsl - ok
10:40:56.0135 0x07f8  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
10:40:56.0155 0x07f8  wscsvc - ok
10:40:56.0155 0x07f8  WSearch - ok
10:40:56.0215 0x07f8  [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv        C:\Windows\system32\wuaueng.dll
10:40:56.0285 0x07f8  wuauserv - ok
10:40:56.0295 0x07f8  [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
10:40:56.0325 0x07f8  WudfPf - ok
10:40:56.0335 0x07f8  [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
10:40:56.0365 0x07f8  WUDFRd - ok
10:40:56.0375 0x07f8  [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
10:40:56.0405 0x07f8  wudfsvc - ok
10:40:56.0405 0x07f8  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
10:40:56.0425 0x07f8  WwanSvc - ok
10:40:56.0435 0x07f8  ================ Scan global ===============================
10:40:56.0435 0x07f8  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
10:40:56.0445 0x07f8  [ EA32F4EA3AE06EDD122FBCD5A489E457, C6E464170121D1714A367CFC80C5EA15D42AD34909039FDB114EAD3B878A47F6 ] C:\Windows\system32\winsrv.dll
10:40:56.0455 0x07f8  [ EA32F4EA3AE06EDD122FBCD5A489E457, C6E464170121D1714A367CFC80C5EA15D42AD34909039FDB114EAD3B878A47F6 ] C:\Windows\system32\winsrv.dll
10:40:56.0465 0x07f8  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
10:40:56.0475 0x07f8  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
10:40:56.0485 0x07f8  [ Global ] - ok
10:40:56.0485 0x07f8  ================ Scan MBR ==================================
10:40:56.0485 0x07f8  [ B1F7D7F6E4FBE98E578562A22A94D02C ] \Device\Harddisk0\DR0
10:40:56.0645 0x07f8  \Device\Harddisk0\DR0 - ok
10:40:56.0645 0x07f8  ================ Scan VBR ==================================
10:40:56.0645 0x07f8  [ 8613B13912EC5057B52358CB4C9AFE00 ] \Device\Harddisk0\DR0\Partition1
10:40:56.0645 0x07f8  \Device\Harddisk0\DR0\Partition1 - ok
10:40:56.0655 0x07f8  [ 55615CAF883EF1034B7F47A5D7009A1D ] \Device\Harddisk0\DR0\Partition2
10:40:56.0655 0x07f8  \Device\Harddisk0\DR0\Partition2 - ok
10:40:56.0655 0x07f8  ================ Scan generic autorun ======================
10:40:56.0965 0x07f8  [ DD1B53C48C1A4F17C1FC6CEE4617B237, 7B86830FDD2131E9CA7FB68DA1920BC34D54DD7651CA2701885DC75E0FB6C671 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
10:40:57.0305 0x07f8  RtHDVCpl - ok
10:40:57.0375 0x07f8  [ 23F14DC143572911A57097D5457A8A56, 9BC1E606EAD74667214D7CB5F57F8DC79FC9F05425420E7CD761A3A46C30B337 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
10:40:57.0425 0x07f8  RtHDVBg - ok
10:40:57.0435 0x07f8  [ C31D2FEE0417586F292754C2673F64CE, 9B923C8A25755714A069FA03E501E6CD0904C57A49163E67A5A002BB3C1F3744 ] C:\Windows\system32\igfxtray.exe
10:40:57.0445 0x07f8  IgfxTray - ok
10:40:57.0465 0x07f8  [ BE26CE0AAA988B2AFD88E246868AAD90, 20E60A9779F9EA0270EBF68E69D10AF4169732037DE2EA6ED217B6F764A35FAA ] C:\Windows\system32\igfxpers.exe
10:40:57.0475 0x07f8  Persistence - ok
10:40:57.0475 0x07f8  Apoint - ok
10:40:57.0495 0x07f8  [ BB7481A1306823D1B6592263F1AB8DD7, 2D48A5DD217D81E99D134580721A1BC65EEFFB22FE9D2C03EAA3D9879F86A5D5 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
10:40:57.0515 0x07f8  AdobeAAMUpdater-1.0 - ok
10:40:57.0535 0x07f8  [ 7A4B09A0CA8425276452931CA5EC4AC5, 558CD7976859A6DCBF3AFE426F60C3DFE61341C18618D2383CE0C1AA1EA91A2E ] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
10:40:57.0555 0x07f8  ISBMgr.exe - ok
10:40:57.0555 0x07f8  [ AEB3E8A6308604C3490A36D06D6685DC, CAFAE7697261CDA6934E324FC45D893BB452F23A1196FECC6930B72FFA8A2738 ] c:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe
10:40:57.0565 0x07f8  Adobe Acrobat Speed Launcher - ok
10:40:57.0605 0x07f8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:40:57.0665 0x07f8  Sidebar - ok
10:40:57.0665 0x07f8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:40:57.0685 0x07f8  mctadmin - ok
10:40:57.0725 0x07f8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:40:57.0755 0x07f8  Sidebar - ok
10:40:57.0765 0x07f8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:40:57.0775 0x07f8  mctadmin - ok
10:40:57.0785 0x07f8  Rainlendar2 - ok
10:40:57.0795 0x07f8  [ E8405C87CD06FF5D69BC6F3B24D766D0, C82171BEDBFE593A04D09C2E20B0528AA3CEC722D6919F8A5C70C6EFFB9EFEAE ] C:\Users\Uta\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
10:40:57.0815 0x07f8  AmazonMP3DownloaderHelper - ok
10:40:57.0815 0x07f8  Skype - ok
10:40:57.0815 0x07f8  Waiting for KSN requests completion. In queue: 75
10:40:58.0815 0x07f8  Waiting for KSN requests completion. In queue: 75
10:40:59.0815 0x07f8  Waiting for KSN requests completion. In queue: 75
10:41:00.0865 0x07f8  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.10.414 ), 0x41000 ( enabled : updated )
10:41:00.0875 0x07f8  Win FW state via NFP2: enabled
10:41:03.0575 0x07f8  ============================================================
10:41:03.0575 0x07f8  Scan finished
10:41:03.0575 0x07f8  ============================================================
10:41:03.0595 0x0acc  Detected object count: 0
10:41:03.0595 0x0acc  Actual detected object count: 0
         
Ist damit nun alles OK?
Vielen Dank für die Hilfe

Noch ein kleiner Nachtrag....
Vielleicht ist das oben nicht ganz klar geworden...
Bis jetzt ist es nur eine Vermutung, dass ein Trojaner in dem System sein könnte, weil diese Verseuchte Pdf Datei geöffnet wurde.
Das installierte Avira-was auch immer Ihr von solchen Programmen haltet- ist jedenfalls noch nicht angesprungen und hat noch keinen Befall gemeldet.
Ist es mit den Ergebnissen der zwei Scans nun Erledigt und das System Virenfrei?
Vielen Dank
__________________

Alt 08.06.2015, 10:33   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Dhl Pdf Datei geöffnet...Trojaner eingefangen? - Standard

Dhl Pdf Datei geöffnet...Trojaner eingefangen?



sieht alles gut aus
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.06.2015, 16:15   #5
Virennerven!
 
Dhl Pdf Datei geöffnet...Trojaner eingefangen? - Standard

Dhl Pdf Datei geöffnet...Trojaner eingefangen?



Vielen Dank für die Hilfe!
Tolles Forum!


Alt 09.06.2015, 10:02   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Dhl Pdf Datei geöffnet...Trojaner eingefangen? - Standard

Dhl Pdf Datei geöffnet...Trojaner eingefangen?



Gern Geschehen
__________________
--> Dhl Pdf Datei geöffnet...Trojaner eingefangen?

Antwort

Themen zu Dhl Pdf Datei geöffnet...Trojaner eingefangen?
adware, antivir, antivirus, avira, branding, browser, cpu, defender, desktop, dhl pdf win 7, exe, firefox, firefox 38.0.5, flash player, home, homepage, mozilla, realtek, registry, rundll, scan, security, software, svchost.exe, system, udp, virus, windows



Ähnliche Themen: Dhl Pdf Datei geöffnet...Trojaner eingefangen?


  1. DHL Fake Link geöffnet, ZIP extrahiert und .exe Datei geöffnet
    Plagegeister aller Art und deren Bekämpfung - 02.06.2015 (10)
  2. Zip-Datei mit Malware auf iPad geöffnet - kann ich mir was eingefangen haben?
    Smartphone, Tablet & Handy Security - 06.05.2015 (9)
  3. Zip datei mit I Phone geöffnet- Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 06.05.2015 (3)
  4. DHL Trojaner - zib heruntergeladen und geöffnet - Datei ist verschwunden
    Log-Analyse und Auswertung - 30.04.2015 (13)
  5. Zip-Datei mit Trojaner: Crypt3.CDYN geöffnet
    Log-Analyse und Auswertung - 06.03.2015 (16)
  6. .scr datei geöffnet - angst vor trojaner und anderer virensoftware
    Log-Analyse und Auswertung - 05.11.2014 (11)
  7. Falsche paypal Mahnung geöffnet, Zip Datei mit Trojaner geöffnet, Avira hat Trojaner gefunden, Ist dann alles sauber?
    Log-Analyse und Auswertung - 18.09.2014 (13)
  8. Winzip Datei geöffnet, Trojaner schläft weiter?
    Plagegeister aller Art und deren Bekämpfung - 10.12.2013 (1)
  9. Trojaner Datei auf PC, allerdings noch nicht geöffnet.
    Plagegeister aller Art und deren Bekämpfung - 14.11.2013 (3)
  10. Inkasso Zip-Datei geöffnet, Trojaner TR/Agent.131072.V eingefangen
    Plagegeister aller Art und deren Bekämpfung - 28.08.2013 (10)
  11. Zip-Datei geöffnet, Trojaner TR/Agent.131072.V eingefangen
    Log-Analyse und Auswertung - 17.05.2013 (26)
  12. Mail mit ZIP-Datei im Anhang geöffnet - Trojaner?
    Log-Analyse und Auswertung - 14.05.2013 (9)
  13. Groupon-EMail mit Trojaner-zip-Datei geöffnet
    Log-Analyse und Auswertung - 08.04.2013 (8)
  14. ZIP-Datei aus Email geöffnet, seitdem spinnt Task-Manager. Trojaner eingefangen?
    Log-Analyse und Auswertung - 27.03.2013 (9)
  15. Trojaner aus .zip Datei geöffnet: PWS-Zbot-FAQC!237F86451BBF
    Plagegeister aller Art und deren Bekämpfung - 22.03.2013 (22)
  16. exe datei geöffnet vermute trojaner? HILFE
    Log-Analyse und Auswertung - 01.08.2009 (9)
  17. Datei geöffnet, nun Trojaner?
    Log-Analyse und Auswertung - 03.03.2006 (6)

Zum Thema Dhl Pdf Datei geöffnet...Trojaner eingefangen? - Hallo, meine Frau hat eine vermeintliche DHL Pdf Datei geöffnet. Es handelte sich wirklich um eine Pdf (nicht um eine Zip oder Exe Datei) In der Datei ist ein Link, - Dhl Pdf Datei geöffnet...Trojaner eingefangen?...
Archiv
Du betrachtest: Dhl Pdf Datei geöffnet...Trojaner eingefangen? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.