| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Verlangsamter Rechner, hängt sich öfter auf, Microsoft updates lassen sich nicht mehr aktualisierenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
02.10.2016, 13:43
| #1 |
 |  Verlangsamter Rechner, hängt sich öfter auf, Microsoft updates lassen sich nicht mehr aktualisieren Wie beschrieben, lassen sich updates definitionen nicht mehr realisieren, da ein "Problem mit der Internetverbindung vorläge. Habe damit aber sonst keine Probleme. Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version: 30-09-2016
durchgeführt von Boris (02-10-2016 14:39:36)
Gestartet von C:\Users\Boris\Downloads
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) (2008-06-20 02:43:31)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1411231321-3497987553-1682086313-500 - Administrator - Disabled)
Boris (S-1-5-21-1411231321-3497987553-1682086313-1003 - Administrator - Enabled) => C:\Users\Boris
Gast (S-1-5-21-1411231321-3497987553-1682086313-501 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Flash Player 23 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Agere Systems HDA Modem (HKLM\...\Agere Systems Soft Modem) (Version: - Agere Systems)
ANSTOSS 2 (HKLM\...\ANSTOSS 2) (Version: - )
Atheros WLAN Client (HKLM\...\{04983D37-2202-4295-94A2-8B547C66133F}) (Version: 1.00.000 - )
ATI Catalyst Install Manager (HKLM\...\{9DCC214C-CD1A-1115-6775-A9056185FE4E}) (Version: 3.0.664.0 - ATI Technologies, Inc.)
AVStation Now (HKLM\...\InstallShield_{FD53302C-8E7B-4730-8AD8-86A889BDBFAB}) (Version: 4.0.10.6 - Ihr Firmenname)
AVStation Now (Version: 4.0.10.6 - Ihr Firmenname) Hidden
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 2.3.35.6237 - BlueStack Systems, Inc.)
Catalyst Control Center - Branding (HKLM\...\{2433BAD7-453F-473D-BE81-455E68940DEB}) (Version: 1.00.0000 - ATI)
ccc-core-static (Version: 2008.0318.2139.36886 - Ihr Firmenname) Hidden
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
doPDF (Version: 8.1.922 - Softland) Hidden
doPDF 8 (HKLM\...\{203db349-8f91-4d14-8a94-0966e8933881}) (Version: 8.1.922 - Softland)
DVD Suite (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.0.2103 - CyberLink Corporation)
Easy Battery Manager (HKLM\...\{6F730513-8688-4C3C-90A3-6B9792CE2EF3}) (Version: 3.2.1.1 - )
Easy Display Manager (HKLM\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 2.0.0.0 - Samsung)
Easy Network Manager 3.0 (HKLM\...\InstallShield_{4EA8EA5D-8E46-4698-9BF7-2F2AD8E1C185}) (Version: 3.0.0.0 - Ihr Firmenname)
Easy Network Manager 3.0 (Version: 3.0.0.0 - Ihr Firmenname) Hidden
Easy SpeedUp Manager (HKLM\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 2.0.0.14 - )
Free PDF to Word Doc Converter v1.1 (HKLM\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Freemake Video Converter Version 4.1.5 (HKLM\...\Freemake Video Converter_is1) (Version: 4.1.5 - Ellora Assets Corporation)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.31.5 - Google Inc.) Hidden
HP Deskjet 2540 series Basic Device Software (HKLM\...\{516046F1-6F81-4967-8E63-32273AE2A929}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
imagine digital freedom - Samsung (HKLM\...\{00AF10C1-44BD-4862-9D7F-24E6BA3E87FD}) (Version: 1.0.2.0 - Samsung Electronics Co., LTD)
LabelPrint 2.0 (HKLM\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: - )
LightScribe 1.8.15.1 (Version: 1.8.15.1 - hxxp://www.lightscribe.com) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.266.3 - McAfee, Inc.)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM\...\{90850407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office XP Professional mit FrontPage (HKLM\...\{90280407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SOAP Toolkit 2.0 SP2 (HKLM\...\{36BEAD11-8577-49AD-9250-E06A50AE87B0}) (Version: 623.1 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{547DCEC7-DD2A-47E9-82C7-5CF1EAB526DA}) (Version: 9.00.2047.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{2DFB5485-A3EF-4298-9280-4AF80C9F4BE9}) (Version: 9.00.2047.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 49.0.1 (x86 de) (HKLM\...\Mozilla Firefox 49.0.1 (x86 de)) (Version: 49.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 49.0.1.6109 - Mozilla)
novaPDF 8 add-in for Microsoft Office (x86) (HKLM\...\{7187CC63-D4F5-4854-9946-BBC8AF45D45C}) (Version: 8.1.922 - Softland)
novaPDF 8 Printer Driver (HKLM\...\{70EB3A38-9B31-4978-9EA9-C5E73527052D}) (Version: 8.1.922 - Softland)
Play AVStation (HKLM\...\InstallShield_{955597D8-E5E1-474D-B647-60AC44566D24}) (Version: 4.1.20.47 - Ihr Firmenname)
Play AVStation (Version: 4.1.20.47 - Ihr Firmenname) Hidden
PlayCamera (HKLM\...\{804F1285-8CBF-408D-8CDC-D4D40003B2E4}) (Version: 1.0.1.1 - )
PlayMemories Home (HKLM\...\{E03CD71A-F595-49DF-9ADC-0CFC93B1B211}) (Version: 6.0.02.14151 - Sony Corporation)
Power2Go 5.0 (HKLM\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: - )
PowerDirector (HKLM\...\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: - )
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.2802.0 - CyberLink Corporation)
PowerProducer (HKLM\...\{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 074429(3.7)_Vista_SSPC - CyberLink Corp.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5433 - Realtek Semiconductor Corp.)
Samsung Magic Doctor (HKLM\...\{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}) (Version: 5.00 - Samsung Electronics Co., LTD)
Samsung Recovery Solution II (HKLM\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 1.0.3.21 - Samsung)
Samsung Update Plus (HKLM\...\InstallShield_{685707A4-911C-468D-BFC4-64A50E5E3A0C}) (Version: 1.3.0.11 - Samsung Electronics Co., LTD)
Samsung Update Plus (Version: 1.3.0.11 - Samsung Electronics Co., LTD) Hidden
Skins (Version: 2008.0318.2139.36886 - ATI) Hidden
Skype™ 7.4 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
SMART Common Files (HKLM\...\{9057211D-439A-4C0D-95DE-498CF54ADF8C}) (Version: 11.3.267.0 - SMART Technologies ULC)
SMART English (United Kingdom) Language Pack (HKLM\...\{2B2404AA-35DF-4BF3-A8F2-BAFC8F7174C5}) (Version: 11.2.29.0 - SMART Technologies ULC)
SMART German Language Pack (HKLM\...\{FE34C5E6-CC3D-4C26-969A-0C2CAFB34658}) (Version: 11.2.29.0 - SMART Technologies ULC)
SMART Ink (HKLM\...\{F0E390A2-AB03-4077-83C4-F12D3A65493D}) (Version: 1.1.549.1 - SMART Technologies ULC)
SMART Notebook (HKLM\...\{82E3F365-86BD-4EA8-80CA-F498EBE89537}) (Version: 11.2.637.0 - SMART Technologies ULC)
SMART Product Drivers (HKLM\...\{E91FBB79-D736-4834-A1AB-2A5CDD2DB7E7}) (Version: 11.1.669.0 - SMART Technologies ULC)
SMART Sync Teacher (HKLM\...\{9D81615E-B150-488B-90CA-1159E2113BE3}) (Version: 10.0.576.0 - SMART Technologies ULC)
Steuer 2013 (HKLM\...\{05AEF487-8926-48A9-B5BA-9BED72BC6B1C}) (Version: 21.00.8480 - Buhl Data Service GmbH)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 10.1.2.0 - Synaptics)
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (HKLM\...\{07629207-FAA0-4F1A-8092-BF5085BE511F}) (Version: 9.00.2047.00 - Microsoft Corporation)
User Guide (HKLM\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WIDCOMM Bluetooth Software 6.0.1.5000 (HKLM\...\{03D1988F-469F-4843-8E6E-E5FE9D17889D}) (Version: 6.0.1.5000 - WIDCOMM, Inc.)
WinRAR 5.10 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
WINZD 2013-08 Rev. 2 (HKLM\...\WINZD_is1) (Version: - R. Aquila, F. Ostermeier)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1411231321-3497987553-1682086313-1003_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Boris\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Keine Datei
CustomCLSID: HKU\S-1-5-21-1411231321-3497987553-1682086313-1003_Classes\CLSID\{A0359AE6-F410-4425-A975-684AAB785ABD}\InprocServer32 -> C:\Users\Boris\AppData\Local\ASKTOO~1\DOWNLO~1\AVIRAB~1.DLL => Keine Datei
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {19364531-E37E-4E76-8647-1C4C806D7F61} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files\AVG\AVG PC TuneUp\tuscanx.exe
Task: {2AA082C7-4803-4954-B360-FF0E5BC76E68} - System32\Tasks\EasyBatteryManager => C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe [2008-01-02] (SAMSUNG Electronics co., LTD.)
Task: {363EAC71-3177-46E4-BC1D-BF3A95D66F63} - System32\Tasks\doPDF Update => C:\Program Files\Softland\novaPDF 8\Driver\UpdateApplication.exe [2015-01-09] ()
Task: {502ABAE2-A3CC-4D88-BE25-88B61A02AE97} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {6A7187F4-5645-4BA3-98BA-0E147CF2DD42} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {82583C58-CBA8-4AC1-A74E-8CE24ADE034E} - System32\Tasks\EasySpeedUpManager => C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [2007-12-28] (Samsung Electronics Co., Ltd.)
Task: {892E0D52-AE03-47D7-AF89-5B50DF16F46D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-14] (Adobe Systems Incorporated)
Task: {A728AE6B-5AB8-4223-AD3E-E6341441A01C} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => Rundll32.exe %windir%\system32\pla.dll,PlaConvertLogEntries
Task: {C66E8DD8-A324-45BA-999D-B635600D72CD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {E99D3AFB-F7A8-4342-83DF-318615AF5CEB} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\VistaSP1CEIP => C:\Windows\servicing\vsp1ceip.exe [2008-01-19] (Microsoft Corporation)
Task: {EC7BFDA4-4533-4C92-95E6-2AFF5B0DDB81} - System32\Tasks\SamsungMagicDoctor => C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe [2007-07-05] (Samsung Electronics Co., Ltd.)
Task: {F8A5340B-69BF-4AEE-9F50-6E30203EF659} - System32\Tasks\EasyDisplayMgr => C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [2007-06-01] (SAMSUNG Electronics)
Task: {FE114039-ADE6-4B13-8E0E-095655FF0D95} - System32\Tasks\{B56416D4-2ECB-427D-9578-EA8B77933930} => Firefox.exe hxxp://ui.skype.com/ui/0/7.0.80.102/de/abandoninstall?page=tsMain
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2008-04-15 07:40 - 2008-03-18 15:04 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll
2008-04-16 01:43 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files\SAMSUNG\EasySpeedUpManager\HookDllPS2.dll
2008-04-16 03:14 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files\Samsung\Samsung Magic Doctor\HookDllPS2.dll
2008-04-16 01:37 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
2008-04-16 01:37 - 2006-09-19 02:52 - 00028672 _____ () C:\Program Files\Samsung\Easy Display Manager\WinMove.dll
2015-01-09 14:35 - 2015-01-09 14:35 - 00129304 _____ () C:\Program Files\Softland\novaPDF 8\Server\AgileDotNetRT.dll
2008-04-16 01:22 - 2006-12-19 15:23 - 00272024 _____ () C:\Program Files\CyberLink\Shared Files\RichVideo.exe
2008-03-18 05:21 - 2008-03-18 05:21 - 00016384 ____R () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [119]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
HKLM\...\cmdfile\DefaultIcon: %SystemRoot%\System32\imageres.dll,-68 <===== ACHTUNG
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\...\100sexlinks.com -> 100sexlinks.com
Da befinden sich 5968 mehr Seiten.
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2006-11-02 12:23 - 2015-12-18 12:22 - 00000767 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Boris\Pictures\Unbenannt.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk => C:\Windows\pss\BTTray.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk => C:\Windows\pss\Microsoft Office.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Boris^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: PMBVolumeWatcher => C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe
MSCONFIG\startupreg: RemoteControl => "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
MSCONFIG\startupreg: sbsdk-server => "C:\Program Files\SMART Technologies\Education Software\sbsdk-server\NodeLauncher.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SMART Board Service => "C:\Program Files\SMART Technologies\Education Software\SMARTBoardService.exe" -d
MSCONFIG\startupreg: SMART Board Tools => "C:\Program Files\SMART Technologies\Education Software\SMARTBoardTools.exe"
MSCONFIG\startupreg: SMART Ink => "C:\Program Files\SMART Technologies\Education Software\SMARTInk.exe" -a
MSCONFIG\startupreg: SMART SNMP Agent => "C:\Program Files\SMART Technologies\Education Software\SMARTSNMPAgent.exe" -e
MSCONFIG\startupreg: SMARTClassroomCoordinator.exe => "C:\Program Files\SMART Technologies\Education Software\SMARTClassroomCoordinator.exe"
MSCONFIG\startupreg: VantageService => "C:\Program Files\SMART Technologies\Education Software\VantageService.exe"
==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [{363FD5FE-625A-48E2-9C24-9A2958B5E415}] => (Allow) C:\Program Files\CyberLink\PowerDVD\PowerDVD.EXE
FirewallRules: [{F73EF69F-978F-4BB1-9C41-B449AB7EF792}] => (Allow) C:\Program Files\CyberLink\PowerDirector\PDR.EXE
FirewallRules: [TCP Query User{369E448A-D8F7-4BA0-9DFE-538158E67071}C:\users\boris\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\boris\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{F7880D89-7C9D-471D-A100-A64E6667B713}C:\users\boris\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\boris\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{EA9E3BA5-0C6D-4AC6-A611-9389435C59BA}C:\program files\tvuplayer\tvuplayer.exe] => (Allow) C:\program files\tvuplayer\tvuplayer.exe
FirewallRules: [UDP Query User{972B5D3D-D968-42EE-A585-BF8352039899}C:\program files\tvuplayer\tvuplayer.exe] => (Allow) C:\program files\tvuplayer\tvuplayer.exe
FirewallRules: [{4CDA5B6D-1758-4634-A7FD-0A4A4883D7F3}] => (Allow) LPort=80
FirewallRules: [{70908495-9F51-4D56-B4D9-E420EE25A7EB}] => (Allow) LPort=80
FirewallRules: [{9D0F47CA-BDB4-4577-8347-26367C373B51}] => (Allow) LPort=80
FirewallRules: [TCP Query User{DEAAEB4C-D44D-43B6-9604-1A44DB8EA580}C:\program files\smart technologies\education software\vantageservice.exe] => (Block) C:\program files\smart technologies\education software\vantageservice.exe
FirewallRules: [UDP Query User{2DC16E83-CF15-430B-9B0F-F8E0D2FB7056}C:\program files\smart technologies\education software\vantageservice.exe] => (Block) C:\program files\smart technologies\education software\vantageservice.exe
FirewallRules: [TCP Query User{ADEA3ADC-25D9-49CA-9BA1-BE5B0BFF2D3A}C:\program files\smart technologies\education software\smartsnmpagent.exe] => (Block) C:\program files\smart technologies\education software\smartsnmpagent.exe
FirewallRules: [UDP Query User{060867F9-9894-4EE6-B99B-CCD6C7DFC45F}C:\program files\smart technologies\education software\smartsnmpagent.exe] => (Block) C:\program files\smart technologies\education software\smartsnmpagent.exe
FirewallRules: [{A5134779-AB27-48FF-9E31-8F673CEB5D1A}] => (Allow) C:\Program Files\SMART Technologies\Education Software\SMARTSyncTeacher.exe
FirewallRules: [{27165A7D-1928-4AB9-9A9D-AEBC3CE927EC}] => (Allow) C:\Program Files\SMART Technologies\Education Software\SMARTSyncTeacher.exe
FirewallRules: [{53B9088F-04EA-4A10-AEFE-690AB04E23E5}] => (Allow) C:\Program Files\SMART Technologies\Education Software\UCGui.exe
FirewallRules: [{0B985889-957B-441A-830A-402F0BA50A48}] => (Allow) C:\Program Files\SMART Technologies\Education Software\UCGui.exe
FirewallRules: [{5463188D-1BEF-4141-80B1-0F4A33EE53E9}] => (Allow) C:\Program Files\SMART Technologies\Education Software\SMARTSNMPAgent.exe
FirewallRules: [{941306F9-CD40-48A7-8A8D-00C65D4AF217}] => (Allow) C:\Program Files\SMART Technologies\Education Software\SMARTSNMPAgent.exe
FirewallRules: [{F3845559-260E-4878-86AB-92E29080E577}] => (Allow) C:\Program Files\SMART Technologies\Education Software\UCService.exe
FirewallRules: [{02BE2363-1B5E-4A0C-A590-5C799AC14613}] => (Allow) C:\Program Files\SMART Technologies\Education Software\UCService.exe
FirewallRules: [{AA091F8E-5968-4068-9779-81CE1319020D}] => (Allow) C:\Program Files\SMART Technologies\Education Software\VantageService.exe
FirewallRules: [{3DC02466-FDD0-4ADB-82E0-6AA29EBA5AC5}] => (Allow) C:\Program Files\SMART Technologies\Education Software\VantageService.exe
FirewallRules: [TCP Query User{A8C27D0E-EA68-4D0E-982C-264B14BF3731}C:\program files\smart technologies\education software\responsesoftwareservice.exe] => (Block) C:\program files\smart technologies\education software\responsesoftwareservice.exe
FirewallRules: [UDP Query User{99D748DD-4E51-4F52-8582-CF1E231DCF1A}C:\program files\smart technologies\education software\responsesoftwareservice.exe] => (Block) C:\program files\smart technologies\education software\responsesoftwareservice.exe
FirewallRules: [{D249E997-65F8-4591-A762-96C710C09B94}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{9499DEEF-5760-4E22-AB04-526C2A22FC63}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{96965F50-58EE-4DDD-8B0C-51DCE0C1D671}] => (Allow) LPort=8501
FirewallRules: [{2E9792F4-5793-4435-8BC0-75D2024B2E87}] => (Allow) LPort=8501
FirewallRules: [TCP Query User{A9B767FD-FE00-4538-BF7D-B15E297ED7D9}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{01732457-95C3-4E92-BF7B-63A5BACF5500}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{B28C0FE3-0D7C-47DD-B49F-6A12E10C3A25}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{23590C37-414B-4E7A-9713-87709133D492}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{085ABC44-CBDB-45E7-89BE-6244A7BD71A3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{20E22162-C834-4277-A236-91A0BF7F0C2B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{A8969CC7-8C5F-4A32-A03A-1F654B6A48A4}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe
FirewallRules: [{A60A21DF-A00E-4090-81A8-7D47E448242C}] => (Allow) LPort=5357
FirewallRules: [{1ACC0A69-0DCC-4C77-9E11-020CA77F436A}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{F98C31DD-6B29-4ACF-9201-12AD3345AF80}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
27-07-2016 07:33:43 Geplanter Prüfpunkt
27-07-2016 09:58:33 Windows Update
28-07-2016 01:24:31 Geplanter Prüfpunkt
28-07-2016 12:07:03 Windows Update
29-07-2016 11:57:12 Geplanter Prüfpunkt
29-07-2016 12:29:41 Windows Update
01-08-2016 18:04:57 Windows Update
02-08-2016 08:05:55 Windows Update
02-08-2016 10:35:02 Windows Update
02-08-2016 21:26:46 Windows Update
03-08-2016 11:46:35 Windows Update
04-08-2016 10:09:14 Geplanter Prüfpunkt
04-08-2016 17:00:55 Windows Update
05-08-2016 12:10:45 Windows Update
07-08-2016 03:00:13 Windows Update
07-08-2016 13:35:00 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (10/01/2016 11:48:04 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\BORIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\BK86VV7L.BORIS\SAFEBROWSING-BACKUP> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (10/01/2016 11:46:47 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "WmiApRpl" in der DLL "C:\Windows\system32\wbem\wmiaprpl.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (10/01/2016 11:46:03 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "PNRPsvc" in der DLL "C:\Windows\system32\pnrpperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (10/01/2016 11:45:56 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "MSDTC" in der DLL "C:\Windows\system32\msdtcuiu.DLL" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (10/01/2016 11:45:54 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "Lsa" in der DLL "C:\Windows\system32\Secur32.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (10/01/2016 11:45:54 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "ESENT" in der DLL "C:\Windows\system32\esentprf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (10/01/2016 11:45:43 PM) (Source: Perflib) (EventID: 1010) (User: )
Description: Die Collect-Prozedur für den "EmdCache"-Dienst in der DLL "C:\Windows\system32\emdmgmt.dll" hat eine Ausnahme verursacht oder einen ungültigen Status zurückgegeben. Die von der Leistungsindikatoren-DLL zurückgegebenen Leistungsdaten werden nicht im Perf Data Block zurückgegeben. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Ausnahmecode oder den Statuscode.
Error: (10/01/2016 11:45:43 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\system32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (10/01/2016 09:07:51 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\BORIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\BK86VV7L.BORIS\SAFEBROWSING> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (10/01/2016 09:07:51 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\BORIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\BK86VV7L.BORIS\SAFEBROWSING> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Systemfehler:
=============
Error: (10/02/2016 02:17:24 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von Microsoft-Antischadsoftware ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 0.0.0.0
Aktualisierungsquelle: Microsoft Malware Protection Center
Aktualisierungsphase: Installieren
Quellpfad: hxxp://go.microsoft.com/fwlink/?LinkID=260974&clcid=0x409&NRI=true&arch=x86&eng=0.0.0.0&sig=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094
Signaturtyp: Network Inspection System
Aktualisierungstyp: Vollständig
Benutzer: Boris-PC\Boris
Aktuelle Modulversion:
Vorherige Modulversion: 0.0.0.0
Fehlercode: 0x8007042c
Fehlerbeschreibung: Der Abhängigkeitsdienst oder die Abhängigkeitsgruppe konnte nicht gestartet werden.
Error: (10/02/2016 02:17:21 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von Microsoft-Antischadsoftware ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion:
Aktualisierungsquelle: Benutzer
Aktualisierungsphase: Installieren
Quellpfad:
Signaturtyp: Network Inspection System
Aktualisierungstyp: Vollständig
Benutzer: Boris-PC\Boris
Aktuelle Modulversion:
Vorherige Modulversion:
Fehlercode: 0x8007042c
Fehlerbeschreibung: Der Abhängigkeitsdienst oder die Abhängigkeitsgruppe konnte nicht gestartet werden.
Error: (10/01/2016 11:45:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Parallel port driver" wurde aufgrund folgenden Fehlers nicht gestartet:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (09/30/2016 09:30:19 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von Microsoft-Antischadsoftware ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 0.0.0.0
Aktualisierungsquelle: Microsoft Malware Protection Center
Aktualisierungsphase: Installieren
Quellpfad: hxxp://go.microsoft.com/fwlink/?LinkID=260974&clcid=0x409&NRI=true&arch=x86&eng=0.0.0.0&sig=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094
Signaturtyp: Network Inspection System
Aktualisierungstyp: Vollständig
Benutzer: NT-AUTORITÄT\NETZWERKDIENST
Aktuelle Modulversion:
Vorherige Modulversion: 0.0.0.0
Fehlercode: 0x8007042c
Fehlerbeschreibung: Der Abhängigkeitsdienst oder die Abhängigkeitsgruppe konnte nicht gestartet werden.
Error: (09/30/2016 09:30:16 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von Microsoft-Antischadsoftware ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion:
Aktualisierungsquelle: Benutzer
Aktualisierungsphase: Installieren
Quellpfad:
Signaturtyp: Network Inspection System
Aktualisierungstyp: Vollständig
Benutzer: NT-AUTORITÄT\NETZWERKDIENST
Aktuelle Modulversion:
Vorherige Modulversion:
Fehlercode: 0x8007042c
Fehlerbeschreibung: Der Abhängigkeitsdienst oder die Abhängigkeitsgruppe konnte nicht gestartet werden.
Error: (09/28/2016 06:24:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (09/28/2016 06:24:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Media Player-Netzwerkfreigabedienst erreicht.
Error: (09/28/2016 06:20:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Parallel port driver" wurde aufgrund folgenden Fehlers nicht gestartet:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (09/28/2016 09:53:50 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von Microsoft-Antischadsoftware ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 1.229.210.0
Aktualisierungsquelle: Microsoft Update Server
Aktualisierungsphase: Suchen
Quellpfad: hxxp://www.microsoft.com
Signaturtyp: AntiVirus
Aktualisierungstyp: Vollständig
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
Vorherige Modulversion: 1.1.13103.0
Fehlercode: 0x8024001e
Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support".
Error: (09/26/2016 06:02:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Parallel port driver" wurde aufgrund folgenden Fehlers nicht gestartet:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
CodeIntegrity:
===================================
Date: 2016-09-15 11:13:04.419
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-09-15 11:13:03.452
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-09-15 11:13:02.501
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-09-15 11:13:01.549
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-09-15 11:13:00.597
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-09-15 11:12:59.646
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-09-15 11:12:58.491
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-09-15 11:12:57.540
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-09-15 11:12:56.557
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-09-15 11:12:55.605
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) Dual CPU T2370 @ 1.73GHz
Prozentuale Nutzung des RAM: 58%
Installierter physikalischer RAM: 3069.45 MB
Verfügbarer physikalischer RAM: 1285.13 MB
Summe virtueller Speicher: 6371.29 MB
Verfügbarer virtueller Speicher: 4423.39 MB
==================== Laufwerke ================================
Drive c: (System) (Fixed) (Total:111.88 GB) (Free:36.36 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: () (Fixed) (Total:111 GB) (Free:110.9 GB) NTFS
Drive g: () (Removable) (Total:7.37 GB) (Free:3.19 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: BD17C37C)
Partition 1: (Not Active) - (Size=10 GB) - (Type=27)
Partition 2: (Active) - (Size=111.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=111 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 7.4 GB) (Disk ID: ECEDD285)
Partition 1: (Not Active) - (Size=7.4 GB) - (Type=0B)
==================== Ende vom Addition.txt ============================
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version: 30-09-2016
durchgeführt von Boris (Administrator) auf BORIS-PC (02-10-2016 14:38:27)
Gestartet von C:\Users\Boris\Downloads
Geladene Profile: Boris (Verfügbare Profile: Boris)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(BlueStack Systems, Inc.) C:\Program Files\Bluestacks\HD-Agent.exe
(SAMSUNG Electronics co., LTD.) C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(BlueStack Systems, Inc.) C:\Program Files\Bluestacks\HD-LogRotatorService.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Microsoft) C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe
(Sony Corporation) C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(SMART Technologies) C:\Program Files\SMART Technologies\Education Software\SMARTHelperService.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\Boris\Downloads\FRST(3).exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-01-21] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4489216 2007-06-13] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1029416 2007-10-26] (Synaptics, Inc.)
HKLM\...\Run: [LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [52256 2007-01-08] ()
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [986872 2016-01-29] (Microsoft Corporation)
HKLM\...\Policies\Explorer: [RestrictRun] 0
HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\...\Run: [BlueStacks Agent] => C:\Program Files\Bluestacks\HD-Agent.exe [970264 2016-06-30] (BlueStack Systems, Inc.)
HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\...\Policies\Explorer: [RestrictRun] 0
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{7044E990-DB48-44BA-B743-E604CF9DB3DB}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{D50B5A7C-D504-4B31-9E88-09767AD9B79C}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.samsungcomputer.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: SMART Notebook Download Utility -> {67BCF957-85FC-4036-8DC4-D4D80E00A77B} -> C:\Program Files\SMART Technologies\Education Software\Win32\NotebookPlugin.dll [2013-05-23] (SMART Technologies ULC.)
Toolbar: HKLM - SMART Sync - {8E1233B3-485A-4E51-B77E-9E075A68C588} - C:\Program Files\SMART Technologies\Education Software\SyncIEToolbar.dll [2011-06-22] (SMART Technologies ULC.)
FireFox:
========
FF ProfilePath: C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\bk86vv7l.boris
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @pages.tvunetworks.com/WebPlayer -> C:\Program Files\TVUPlayer\npTVUAx.dll [Keine Datei]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\bk86vv7l.boris\searchplugins\google-images.xml [2014-11-30]
FF SearchPlugin: C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\bk86vv7l.boris\searchplugins\google-maps.xml [2014-11-30]
FF Extension: (Test Pilot) - C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\pwqe3lw3.default\Extensions\testpilot@labs.mozilla.com.xpi [2012-11-13] [ist nicht signiert]
FF Extension: (GMX MailCheck) - C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\pwqe3lw3.default\Extensions\toolbar@gmx.net.xpi [2012-10-16] [ist nicht signiert]
FF Extension: (Adblock Plus) - C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\bk86vv7l.boris\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-08-03] [ist nicht signiert]
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default [2016-04-29]
CHR Extension: (Google Präsentationen) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-14]
CHR Extension: (Google Docs) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-14]
CHR Extension: (Google Drive) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-29]
CHR Extension: (YouTube) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-29]
CHR Extension: (Google-Suche) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-29]
CHR Extension: (Google Tabellen) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-14]
CHR Extension: (Google Docs Offline) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-29]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-29]
CHR Extension: (Google Mail) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-29]
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 BstHdAndroidSvc; C:\Program Files\Bluestacks\HD-Service.exe [441880 2016-06-30] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files\Bluestacks\HD-LogRotatorService.exe [421400 2016-06-30] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files\Bluestacks\HD-Plus-Service.exe [458264 2016-06-30] (BlueStack Systems, Inc.)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1074480 2013-08-15] (Flexera Software LLC)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-11-13] (Freemake) [Datei ist nicht signiert]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [235696 2015-12-02] (McAfee, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2016-01-29] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [292816 2016-01-29] (Microsoft Corporation)
R2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [35616 2015-01-09] (Microsoft)
R2 PMBDeviceInfoProvider; C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [459832 2012-02-15] (Sony Corporation)
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2006-12-19] ()
S2 Samsung Update Plus; C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe [73728 2007-06-28] () [Datei ist nicht signiert]
R2 SMARTHelperService; C:\Program Files\SMART Technologies\Education Software\SMARTHelperService.exe [582992 2013-03-07] (SMART Technologies)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 BstHdDrv; C:\Program Files\Bluestacks\HD-Hypervisor-x86.sys [139360 2016-06-30] (BlueStack Systems)
S3 BstkDrv; C:\Program Files\Bluestacks\BstkDrv.sys [220216 2016-06-30] (Bluestack System Inc. )
S3 eapihdrv; C:\Users\Boris\AppData\Local\Temp\ehdrv.sys [135760 2015-06-16] (ESET)
R2 KMDFMEMIO; C:\Windows\System32\DRIVERS\kmdfmemio.sys [13312 2008-04-16] (SAMSUNG ELECTRONICS CO., LTD.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [253704 2015-11-13] (Microsoft Corporation)
S3 NETw2v32; C:\Windows\System32\DRIVERS\NETw2v32.sys [2589184 2006-11-02] (Intel® Corporation)
R3 SMARTMouseFilterx86; C:\Windows\System32\DRIVERS\SMARTMouseFilterx86.sys [8192 2013-03-07] (SMART Technologies)
R3 SMARTVHidMini2000x86; C:\Windows\System32\DRIVERS\SMARTVHidMini2000x86.sys [7680 2013-03-07] (SMART Technologies)
R3 SMARTVTabletPCx86; C:\Windows\System32\DRIVERS\SMARTVTabletPCx86.sys [15872 2013-03-07] (SMART Technologies ULC)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 catchme; \??\C:\Users\Boris\AppData\Local\Temp\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 VMC302; System32\Drivers\VMC302.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-10-02 14:38 - 2016-10-02 14:38 - 01754624 _____ (Farbar) C:\Users\Boris\Downloads\FRST(3).exe
2016-09-27 12:50 - 2016-09-27 12:50 - 00010495 _____ C:\Users\Boris\Downloads\BoGruber_elster_27.09.2016_12.48.pfx
2016-09-25 23:16 - 2016-09-25 23:18 - 123776784 _____ (Microsoft Corporation) C:\Users\Boris\Downloads\mpam-fe.exe
2016-09-24 20:03 - 2016-09-25 11:53 - 00000000 ____D C:\Program Files\Mozilla Firefox
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-10-02 14:39 - 2015-06-01 13:13 - 00014618 _____ C:\Users\Boris\Downloads\FRST.txt
2016-10-02 14:38 - 2015-06-01 13:13 - 00000000 ____D C:\FRST
2016-10-02 14:07 - 2014-12-27 22:28 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-02 14:06 - 2012-07-30 16:44 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-10-02 13:58 - 2006-11-02 14:47 - 00003168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-02 13:58 - 2006-11-02 14:47 - 00003168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-02 01:34 - 2014-12-27 22:28 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-01 23:44 - 2008-08-02 17:23 - 00000000 ____D C:\Users\Boris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2016-10-01 23:44 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-01 11:39 - 2008-04-16 01:00 - 00000012 _____ C:\Windows\bthservsdp.dat
2016-10-01 11:39 - 2006-11-02 15:01 - 00032530 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-09-30 13:31 - 2016-04-29 20:22 - 00000000 ____D C:\Program Files\AVG
2016-09-30 13:30 - 2016-04-29 20:22 - 00000000 ____D C:\ProgramData\Avg
2016-09-30 13:30 - 2016-04-29 20:21 - 00000000 ____D C:\Users\Boris\AppData\Local\AvgSetupLog
2016-09-27 13:01 - 2008-04-15 07:48 - 00674032 _____ C:\Windows\system32\perfh007.dat
2016-09-27 13:01 - 2008-04-15 07:48 - 00145818 _____ C:\Windows\system32\perfc007.dat
2016-09-27 13:01 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\inf
2016-09-27 13:01 - 2006-11-02 12:33 - 01566310 _____ C:\Windows\system32\PerfStringBackup.INI
2016-09-25 11:53 - 2012-11-12 18:57 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-09-15 11:30 - 2015-06-11 22:03 - 00000000 ____D C:\Program Files\ Malwarebytes Anti-Malware
2016-09-15 11:00 - 2015-06-11 22:03 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-09-14 08:06 - 2012-07-30 16:44 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-09-14 08:06 - 2012-07-30 16:44 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-09-14 08:06 - 2008-04-16 01:27 - 00000000 ____D C:\Windows\system32\Macromed
2016-09-02 10:26 - 2012-08-03 14:15 - 00001812 _____ C:\Windows\system32\dmlg.dat
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2012-11-03 03:27 - 2012-11-03 03:27 - 0017089 _____ () C:\Users\Boris\AppData\Roaming\UserTile.png
2013-09-11 18:37 - 2016-07-18 19:11 - 0000680 _____ () C:\Users\Boris\AppData\Local\d3d9caps.dat
2012-10-11 09:30 - 2016-05-08 12:57 - 0009216 _____ () C:\Users\Boris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Boris\BlueScreenView.exe
Einige Dateien in TEMP:
====================
C:\Users\Boris\AppData\Local\Temp\avguirn_081040260140.exe
C:\Users\Boris\AppData\Local\Temp\avguirn_081268246580.exe
C:\Users\Boris\AppData\Local\Temp\avguirn_081301186681.exe
C:\Users\Boris\AppData\Local\Temp\avguirn_082083109615.exe
C:\Users\Boris\AppData\Local\Temp\avguirn_0876034616.exe
C:\Users\Boris\AppData\Local\Temp\DefaultPack.EXE
C:\Users\Boris\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmph9ppo1.dll
C:\Users\Boris\AppData\Local\Temp\Quarantine.exe
C:\Users\Boris\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-10-01 23:52
==================== Ende vom FRST.txt ============================
|
|
06.10.2016, 10:21
| #2 |
| /// TB-Ausbilder /// Anleitungs-Guru  | Verlangsamter Rechner, hängt sich öfter auf, Microsoft updates lassen sich nicht mehr aktualisieren Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das... 
 Hinweis:Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden. Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert. Adware & Co. können wir sehr gut entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean  bekommst.Los geht's: Schritt 1 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
07.10.2016, 15:05
| #3 |
| | Verlangsamter Rechner, hängt sich öfter auf, Microsoft updates lassen sich nicht mehr aktualisierenCode:
ATTFilter 15:55:59.0359 0x1748 TDSS rootkit removing tool 3.1.0.11 Aug 5 2016 12:13:31
15:56:04.0778 0x1748 EULA was not accepted, exiting. For auto accept you could use -accepteula command line parameter.
15:56:04.0781 0x0650 Deinitialize success
es verbleibt so oder so das langsame arbeiten des rechners und scheiternde java scrips. danke Code:
ATTFilter 15:56:24.0303 0x16c8 TDSS rootkit removing tool 3.1.0.11 Aug 5 2016 12:13:31
15:56:29.0513 0x16c8 ============================================================
15:56:29.0513 0x16c8 Current date / time: 2016/10/07 15:56:29.0513
15:56:29.0513 0x16c8 SystemInfo:
15:56:29.0513 0x16c8
15:56:29.0513 0x16c8 OS Version: 6.0.6002 ServicePack: 2.0
15:56:29.0513 0x16c8 Product type: Workstation
15:56:29.0513 0x16c8 ComputerName: BORIS-PC
15:56:29.0513 0x16c8 UserName: Boris
15:56:29.0513 0x16c8 Windows directory: C:\Windows
15:56:29.0513 0x16c8 System windows directory: C:\Windows
15:56:29.0513 0x16c8 Processor architecture: Intel x86
15:56:29.0513 0x16c8 Number of processors: 2
15:56:29.0513 0x16c8 Page size: 0x1000
15:56:29.0513 0x16c8 Boot type: Normal boot
15:56:29.0513 0x16c8 CodeIntegrityOptions = 0x00000000
15:56:29.0513 0x16c8 ============================================================
15:56:32.0087 0x16c8 KLMD registered as C:\Windows\system32\drivers\64228482.sys
15:56:32.0087 0x16c8 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 6002.19636, osProperties = 0x0
15:56:35.0457 0x16c8 System UUID: {E796C9A5-E8C5-A6BE-0E02-449C6CA6F918}
15:56:36.0595 0x16c8 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:56:36.0611 0x16c8 ============================================================
15:56:36.0611 0x16c8 \Device\Harddisk0\DR0:
15:56:36.0611 0x16c8 MBR partitions:
15:56:36.0611 0x16c8 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1400800, BlocksNum 0xDFC5000
15:56:36.0611 0x16c8 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xF3C5800, BlocksNum 0xDDFF800
15:56:36.0611 0x16c8 ============================================================
15:56:36.0642 0x16c8 C: <-> \Device\Harddisk0\DR0\Partition1
15:56:36.0736 0x16c8 D: <-> \Device\Harddisk0\DR0\Partition2
15:56:36.0751 0x16c8 ============================================================
15:56:36.0751 0x16c8 Initialize success
15:56:36.0751 0x16c8 ============================================================
15:57:03.0209 0x12b8 ============================================================
15:57:03.0209 0x12b8 Scan started
15:57:03.0209 0x12b8 Mode: Manual; SigCheck; TDLFS;
15:57:03.0209 0x12b8 ============================================================
15:57:03.0209 0x12b8 KSN ping started
15:57:03.0349 0x12b8 KSN ping finished: true
15:57:04.0395 0x12b8 ================ Scan system memory ========================
15:57:04.0395 0x12b8 System memory - ok
15:57:04.0410 0x12b8 ================ Scan services =============================
15:57:04.0613 0x12b8 [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI C:\Windows\system32\drivers\acpi.sys
15:57:04.0738 0x12b8 ACPI - ok
15:57:04.0847 0x12b8 [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
15:57:04.0863 0x12b8 AdobeARMservice - ok
15:57:04.0956 0x12b8 [ 8FC33A20D54FB5CC7FBBA814B4E42A22, 707F61F0CEB9467D9BD1782868403BD53DB46EAB0342772661F370E5174AAD8C ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:57:04.0972 0x12b8 AdobeFlashPlayerUpdateSvc - ok
15:57:05.0034 0x12b8 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB, 0342700760874683A6DF4F149DACACEF0569D40C45FC5958C67100B3C5D9BBBC ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
15:57:05.0065 0x12b8 adp94xx - ok
15:57:05.0112 0x12b8 [ B84088CA3CDCA97DA44A984C6CE1CCAD, 87009809FB101BF51483FA32318CBCD209386582880C82417BE4FFAD1B04C8C1 ] adpahci C:\Windows\system32\drivers\adpahci.sys
15:57:05.0143 0x12b8 adpahci - ok
15:57:05.0159 0x12b8 [ 7880C67BCCC27C86FD05AA2AFB5EA469, C8B06E203EEA6EAD19651F212432005ABADFF21E2AA5699E34040527394F2677 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
15:57:05.0190 0x12b8 adpu160m - ok
15:57:05.0221 0x12b8 [ 9AE713F8E30EFC2ABCCD84904333DF4D, B0C7801AC6E0811C38F0474703F34283914C8873D851F59EE232834F7C0D8087 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
15:57:05.0237 0x12b8 adpu320 - ok
15:57:05.0284 0x12b8 [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:57:05.0393 0x12b8 AeLookupSvc - ok
15:57:05.0455 0x12b8 [ 4A0978779958D8FE8F5849F452BCC812, C57002A721F3DCAFB00CF4DEC57E9E761393BDB471ACEAFFDBD1ABA9AE308598 ] AFD C:\Windows\system32\drivers\afd.sys
15:57:05.0596 0x12b8 AFD - ok
15:57:05.0705 0x12b8 [ CE91B158FA490CF4C4D487A4130F4660, C343AEB125B15E6FC8428499E1C48390EF5073FACB0DC9BAB9040EFB170D04A5 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
15:57:05.0845 0x12b8 AgereSoftModem - ok
15:57:05.0892 0x12b8 [ EF23439CDD587F64C2C1B8825CEAD7D8, 762665CFC202B3E16CA2338887896FDF996331A363DC709F1EC088BF927133A3 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:57:05.0908 0x12b8 agp440 - ok
15:57:05.0939 0x12b8 [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
15:57:05.0955 0x12b8 aic78xx - ok
15:57:05.0986 0x12b8 [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG C:\Windows\System32\alg.exe
15:57:06.0095 0x12b8 ALG - ok
15:57:06.0126 0x12b8 [ 90395B64600EBB4552E26E178C94B2E4, 73095893964DC7915983B58A567184FC51949C99341E7E0D04D70CC4C4F95E37 ] aliide C:\Windows\system32\drivers\aliide.sys
15:57:06.0142 0x12b8 aliide - ok
15:57:06.0173 0x12b8 [ 2B13E304C9DFDFA5EB582F6A149FA2C7, 196CCE13E0376526B79D9C43D4071990576C4DD210A48E9E922B438AA11C95E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
15:57:06.0189 0x12b8 amdagp - ok
15:57:06.0204 0x12b8 [ 0577DF1D323FE75A739C787893D300EA, 079EF3CA18FB847DB7E62929071BFF007FAF390E1DBF4C59F28DAAC6B9C2DE51 ] amdide C:\Windows\system32\drivers\amdide.sys
15:57:06.0220 0x12b8 amdide - ok
15:57:06.0235 0x12b8 [ DC487885BCEF9F28EECE6FAC0E5DDFC5, 24A62F6E628AD46273BC226F7BC3453A9C7B76F81ABB9FB801EBEFADB2AB7C9B ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
15:57:06.0391 0x12b8 AmdK7 - ok
15:57:06.0407 0x12b8 [ 0CA0071DA4315B00FC1328CA86B425DA, 4F816FA2197166A83A266084F9D5ED68876D0521D378F90F1314DD53C6FB8814 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
15:57:06.0485 0x12b8 AmdK8 - ok
15:57:06.0532 0x12b8 [ 8F7D200717A58E9800D391F4C2101577, F07CF0F5636F46D8F3D5133284943E991E8739E5A644BCA5F18BB896B374620D ] Appinfo C:\Windows\System32\appinfo.dll
15:57:06.0563 0x12b8 Appinfo - ok
15:57:06.0610 0x12b8 [ 5F673180268BB1FDB69C99B6619FE379, C4307A861163F96648109046A6C7D53AB1C9B10D0B841DD1A7D147D22F462649 ] arc C:\Windows\system32\drivers\arc.sys
15:57:06.0625 0x12b8 arc - ok
15:57:06.0672 0x12b8 [ 957F7540B5E7F602E44648C7DE5A1C05, F03C7708A6C9D2579ECE5A7413AFA068E1067D7191EC653A78BA4FEDE76CFBD8 ] arcsas C:\Windows\system32\drivers\arcsas.sys
15:57:06.0703 0x12b8 arcsas - ok
15:57:06.0813 0x12b8 [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
15:57:06.0844 0x12b8 aspnet_state - ok
15:57:06.0875 0x12b8 [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:57:06.0937 0x12b8 AsyncMac - ok
15:57:06.0969 0x12b8 [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi C:\Windows\system32\drivers\atapi.sys
15:57:07.0000 0x12b8 atapi - ok
15:57:07.0062 0x12b8 [ 91E15B0A1D6F7B99ACE55D04C6D1544A, 23988261D07D009437F6AD78641E44E690058E85A5C81568DAE999679EE58112 ] athr C:\Windows\system32\DRIVERS\athr.sys
15:57:07.0140 0x12b8 athr - ok
15:57:07.0203 0x12b8 [ A80ECB306802572FD2D6659DA010B037, 3CCD8CBA18787C8FBAE33C6B5351D6CCC7D1E37843E7487233E1CCF650845E87 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
15:57:07.0312 0x12b8 Ati External Event Utility - ok
15:57:07.0515 0x12b8 [ 976D32226FC4DD1187110B763F913A69, 003CC47DCB27C3148C219E9B830992BDEB9B5B3C33E36468DB3C2F303E937874 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
15:57:07.0795 0x12b8 atikmdag - ok
15:57:07.0842 0x12b8 [ 4AA1EB65481C392955939E735D27118B, 167F91B0F48C13FA4B976EAB2DC0B29C31A2A98E276B2BF80323E051D54934CB ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
15:57:07.0858 0x12b8 AtiPcie - ok
15:57:07.0936 0x12b8 [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:57:07.0998 0x12b8 AudioEndpointBuilder - ok
15:57:08.0014 0x12b8 [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] Audiosrv C:\Windows\System32\Audiosrv.dll
15:57:08.0045 0x12b8 Audiosrv - ok
15:57:08.0107 0x12b8 [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep C:\Windows\system32\drivers\Beep.sys
15:57:08.0154 0x12b8 Beep - ok
15:57:08.0201 0x12b8 [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE C:\Windows\System32\bfe.dll
15:57:08.0357 0x12b8 BFE - ok
15:57:08.0451 0x12b8 [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS C:\Windows\System32\qmgr.dll
15:57:08.0544 0x12b8 BITS - ok
15:57:08.0560 0x12b8 blbdrive - ok
15:57:08.0591 0x12b8 [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:57:08.0638 0x12b8 bowser - ok
15:57:08.0685 0x12b8 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
15:57:08.0731 0x12b8 BrFiltLo - ok
15:57:08.0763 0x12b8 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
15:57:08.0841 0x12b8 BrFiltUp - ok
15:57:08.0887 0x12b8 [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser C:\Windows\System32\browser.dll
15:57:08.0950 0x12b8 Browser - ok
15:57:08.0997 0x12b8 [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid C:\Windows\system32\drivers\brserid.sys
15:57:09.0059 0x12b8 Brserid - ok
15:57:09.0090 0x12b8 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
15:57:09.0153 0x12b8 BrSerWdm - ok
15:57:09.0184 0x12b8 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
15:57:09.0277 0x12b8 BrUsbMdm - ok
15:57:09.0309 0x12b8 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
15:57:09.0371 0x12b8 BrUsbSer - ok
15:57:09.0480 0x12b8 [ 9832143D5B3D6DF0D32CBC7A472596A6, 4C523D97F5503F74B493F379F15E1241506D176D82347B4A3A1FBD10E5626676 ] BstHdAndroidSvc C:\Program Files\Bluestacks\HD-Service.exe
15:57:09.0574 0x12b8 BstHdAndroidSvc - ok
15:57:09.0621 0x12b8 [ 3F8544C9F1B04961200CD883C86EBEBF, FE19862498A0803BCB598315516B243383A1339DFDEC239B7653DD1D46106ECD ] BstHdDrv C:\Program Files\Bluestacks\HD-Hypervisor-x86.sys
15:57:09.0636 0x12b8 BstHdDrv - ok
15:57:09.0683 0x12b8 [ 5D4F461554DEF19E9DF95E221C8E504D, 9FED67DA9824BAC64A1B57795B0C55B1598B45A7F03955540CD62BAF3F2CF156 ] BstHdLogRotatorSvc C:\Program Files\Bluestacks\HD-LogRotatorService.exe
15:57:09.0777 0x12b8 BstHdLogRotatorSvc - ok
15:57:09.0823 0x12b8 [ 59F43F0E66447E941C932B26DFF7C307, D87790B9BEB67BF656EC0D35917BD586E589D60730756EA93411421993FDEF91 ] BstHdPlusAndroidSvc C:\Program Files\Bluestacks\HD-Plus-Service.exe
15:57:09.0917 0x12b8 BstHdPlusAndroidSvc - ok
15:57:09.0964 0x12b8 [ BD80C60757A5D677F7A90E6E7D8FB403, 238A67C4C5ABF37BAB87CCE45F4C44E6C5167A875B18D2521665F0B000DFA67B ] BstkDrv C:\Program Files\Bluestacks\BstkDrv.sys
15:57:09.0979 0x12b8 BstkDrv - ok
15:57:10.0026 0x12b8 [ 064FBC56921051DE1075495D628B815F, 4CFB6088423A99BC2D8F8EE22F761AC4168D0C37B86C3196D19E477FD25177DE ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
15:57:10.0089 0x12b8 BthEnum - ok
15:57:10.0120 0x12b8 [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
15:57:10.0198 0x12b8 BTHMODEM - ok
15:57:10.0229 0x12b8 [ B8C3D9DDF85FD197C3E5F849FEF71144, 9DA9D7D4970814051E93288F06A6676BC4B09EF52C1E4E70541E0D9937729E84 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
15:57:10.0307 0x12b8 BthPan - ok
15:57:10.0369 0x12b8 [ B24757D9154CCA035E1BBD3DB92966D7, 49B5863EF8D2E1B380A4F58A77A4A9D32412120BDE603894033090E741D56ABA ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
15:57:10.0401 0x12b8 BTHPORT - ok
15:57:10.0447 0x12b8 [ A4C8377FA4A994E07075107DBE2E3DCE, C3CDAA7B83D130100044341C23897CC6C257FA075A8D08B8551F4A28AE8CE6C4 ] BthServ C:\Windows\System32\bthserv.dll
15:57:10.0494 0x12b8 BthServ - ok
15:57:10.0510 0x12b8 [ D42CF5F0C7635B3F1578810FE34D9E41, 41E33B6D113E717CC4B1B7DF4E684F4C1AD3FD29E5A1F11E9739CA819FB6A9DC ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
15:57:10.0557 0x12b8 BTHUSB - ok
15:57:10.0619 0x12b8 [ 636F45A8500C1438CFA7DEE15FC5C184, 5AC0FD976751615589AA052562C610F3ED2B84D9AF8D954E3FEC13EB156483D3 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
15:57:10.0635 0x12b8 btwaudio - ok
15:57:10.0666 0x12b8 [ BF9256FF01B093A5D90BB7A35EC90410, D334C1D46EEC1FBC7206D9AE561D046D73E9DA75DE4434D308605A155958B9D6 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
15:57:10.0681 0x12b8 btwavdt - ok
15:57:10.0775 0x12b8 [ 7FE64B44B0249A64597F5588BC2A09BE, 2593DB6AABF8C24136E3ED37B7DA89188D941A8FCF2211723568AB4995C94160 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
15:57:10.0806 0x12b8 btwdins - ok
15:57:10.0837 0x12b8 [ 0AB8C1AC177AFB27309E1072FAF34A37, 54318740132895A3D9230D82CC7B0765ED2DEF4DA3F4B0D256FD3B44137A1E21 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
15:57:10.0853 0x12b8 btwrchid - ok
15:57:10.0962 0x12b8 catchme - ok
15:57:11.0009 0x12b8 [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:57:11.0040 0x12b8 cdfs - ok
15:57:11.0087 0x12b8 [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:57:11.0134 0x12b8 cdrom - ok
15:57:11.0181 0x12b8 [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc C:\Windows\System32\certprop.dll
15:57:11.0227 0x12b8 CertPropSvc - ok
15:57:11.0259 0x12b8 [ DA8E0AFC7BAA226C538EF53AC2F90897, 2BBB9966671A3B8325D215DBC29FBD7D912C13ADC562A0D4521D1FF9A6F445C0 ] circlass C:\Windows\system32\drivers\circlass.sys
15:57:11.0321 0x12b8 circlass - ok
15:57:11.0352 0x12b8 [ 5D9311526801643000D7032A83B18B12, C5A98868A41446617B3A27C6C4AAFA4E7C093E253E8C1DD5DBFE6FAE21991209 ] CLFS C:\Windows\system32\CLFS.sys
15:57:11.0383 0x12b8 CLFS - ok
15:57:11.0446 0x12b8 [ 6B6943A0CA56B47D6FB2EE476890854F, 6DA779879487F4A187DF54B0362642643D7871AA8F7E30992D781F558C50F052 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:57:11.0461 0x12b8 clr_optimization_v2.0.50727_32 - ok
15:57:11.0539 0x12b8 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:57:11.0555 0x12b8 clr_optimization_v4.0.30319_32 - ok
15:57:11.0602 0x12b8 [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:57:11.0664 0x12b8 CmBatt - ok
15:57:11.0695 0x12b8 [ 45201046C776FFDAF3FC8A0029C581C8, 68A68CF2B76598BC8610EB5B2D3FD5BDC9D51CFC6F51FB7A0B0C92A2BE910FC6 ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:57:11.0727 0x12b8 cmdide - ok
15:57:11.0758 0x12b8 [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:57:11.0773 0x12b8 Compbatt - ok
15:57:11.0789 0x12b8 COMSysApp - ok
15:57:11.0789 0x12b8 [ 2A213AE086BBEC5E937553C7D9A2B22C, 1F91ACC0426E0ED1717555B282F65629EF15021375B24A63C29C89ADE916EE2A ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
15:57:11.0820 0x12b8 crcdisk - ok
15:57:11.0836 0x12b8 [ 22A7F883508176489F559EE745B5BF5D, D6341E3FBC8A46D2D1F0477FA60EC4828B585D35B14609CD02868FD04ECD14DB ] Crusoe C:\Windows\system32\drivers\crusoe.sys
15:57:11.0914 0x12b8 Crusoe - ok
15:57:11.0961 0x12b8 [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:57:12.0023 0x12b8 CryptSvc - ok
15:57:12.0101 0x12b8 [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:57:12.0179 0x12b8 DcomLaunch - ok
15:57:12.0226 0x12b8 [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:57:12.0273 0x12b8 DfsC - ok
15:57:12.0413 0x12b8 [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR C:\Windows\system32\DFSR.exe
15:57:12.0616 0x12b8 DFSR - ok
15:57:12.0694 0x12b8 [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp C:\Windows\System32\dhcpcsvc.dll
15:57:12.0741 0x12b8 Dhcp - ok
15:57:12.0787 0x12b8 [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk C:\Windows\system32\drivers\disk.sys
15:57:12.0819 0x12b8 disk - ok
15:57:12.0881 0x12b8 [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:57:12.0912 0x12b8 Dnscache - ok
15:57:12.0959 0x12b8 [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc C:\Windows\System32\dot3svc.dll
15:57:13.0021 0x12b8 dot3svc - ok
15:57:13.0068 0x12b8 [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS C:\Windows\system32\dps.dll
15:57:13.0131 0x12b8 DPS - ok
15:57:13.0162 0x12b8 [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:57:13.0271 0x12b8 drmkaud - ok
15:57:13.0333 0x12b8 [ 6D2A164686B15F590DF012ABA4735888, 8A7A2656571FCFE0B56F64E5FDF48B37D101C0D3CE50A8A22481DC440CAB46D9 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:57:13.0380 0x12b8 DXGKrnl - ok
15:57:13.0427 0x12b8 [ F88FB26547FD2CE6D0A5AF2985892C48, F02E06E16830F5D3FAF61991F5A91E54BB3461F58AFE3BFB7A9066CD302B879F ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
15:57:13.0489 0x12b8 E1G60 - ok
15:57:13.0521 0x12b8 [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost C:\Windows\System32\eapsvc.dll
15:57:13.0583 0x12b8 EapHost - ok
15:57:13.0645 0x12b8 [ 560EDC0912BDB68290930E2542823A24, CB9578A19F717FBD388F2BE8179CF2D4755DF11AD246E13AF1D43E25CA026386 ] eapihdrv C:\Users\Boris\AppData\Local\Temp\ehdrv.sys
15:57:13.0661 0x12b8 eapihdrv - ok
15:57:13.0739 0x12b8 [ 9BAB89DBB27891DEEF6E1F1B589A6ED4, 61BE4A6394ED5C99CB84B720F6AA6B97C7FE71A7A04D822F6EE99AB084C55606 ] Ecache C:\Windows\system32\drivers\ecache.sys
15:57:13.0755 0x12b8 Ecache - ok
15:57:13.0833 0x12b8 [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:57:13.0895 0x12b8 ehRecvr - ok
15:57:13.0926 0x12b8 [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched C:\Windows\ehome\ehsched.exe
15:57:13.0989 0x12b8 ehSched - ok
15:57:14.0004 0x12b8 [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart C:\Windows\ehome\ehstart.dll
15:57:14.0035 0x12b8 ehstart - ok
15:57:14.0082 0x12b8 [ E8F3F21A71720C84BCF423B80028359F, 63114E6120F634224A0E83A5047B37C7D6F26CF99FE3C01CFC0AB8B1763BB084 ] elxstor C:\Windows\system32\drivers\elxstor.sys
15:57:14.0113 0x12b8 elxstor - ok
15:57:14.0176 0x12b8 [ E798C0BDFA4913CCF8A646D29BB34796, 7CDB2BCCDD8A8A70C6248C327A357EA3488C7ADED32D4F89B933ED72AE12B73B ] EMDMgmt C:\Windows\system32\emdmgmt.dll
15:57:14.0254 0x12b8 EMDMgmt - ok
15:57:14.0301 0x12b8 [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem C:\Windows\system32\es.dll
15:57:14.0363 0x12b8 EventSystem - ok
15:57:14.0410 0x12b8 [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat C:\Windows\system32\drivers\exfat.sys
15:57:14.0472 0x12b8 exfat - ok
15:57:14.0503 0x12b8 [ 4E404505B3F62ECFBDBCBBCF0A72DBC5, 9F446ED06A31BFE52C4F1E8ACC400B8E3F47A3CC02FFC950DB861B2B3BA4C5B9 ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:57:14.0535 0x12b8 fastfat - ok
15:57:14.0581 0x12b8 [ 63BDADA84951B9C03E641800E176898A, AD3EA20CAD0E0C438422D5D39AEA9E0AAD9E1DC866A696AE503C76F5FAC4BE6E ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:57:14.0644 0x12b8 fdc - ok
15:57:14.0675 0x12b8 [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost C:\Windows\system32\fdPHost.dll
15:57:14.0722 0x12b8 fdPHost - ok
15:57:14.0737 0x12b8 [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub C:\Windows\system32\fdrespub.dll
15:57:14.0815 0x12b8 FDResPub - ok
15:57:14.0847 0x12b8 [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:57:14.0862 0x12b8 FileInfo - ok
15:57:14.0878 0x12b8 [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:57:14.0925 0x12b8 Filetrace - ok
15:57:15.0003 0x12b8 [ DFADECE1B66095F3F247ACC0EBDC5F8D, 65D8CCCE382554A4DD197AFC323D591B3D0B1C4BF13134ED6A09C9CB843E061F ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
15:57:15.0065 0x12b8 FLEXnet Licensing Service - ok
15:57:15.0096 0x12b8 [ 6603957EFF5EC62D25075EA8AC27DE68, B52D112301A6BFBD60959D7D2502AB2E1EB6BB7F5DCED46899F1F006C7F1E887 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:57:15.0174 0x12b8 flpydisk - ok
15:57:15.0221 0x12b8 [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:57:15.0252 0x12b8 FltMgr - ok
15:57:15.0315 0x12b8 [ 61AC5BF24A155C95F865290F046F91EF, 89F6A96F5CBD04390CF0509DDC22E4FDC1F8AB862F23957D583A757C1E51C20B ] FontCache C:\Windows\system32\FntCache.dll
15:57:15.0424 0x12b8 FontCache - ok
15:57:15.0502 0x12b8 [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:57:15.0517 0x12b8 FontCache3.0.0.0 - ok
15:57:15.0627 0x12b8 [ 5C89EF3DDAFB3AE71091C956C3F1AFCE, ACEE0D3BB178B1999E4B8167EBED0D09C57CE1587A2C3486CDD3BC57D60DE088 ] Freemake Improver C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
15:57:15.0736 0x12b8 Freemake Improver - detected UnsignedFile.Multi.Generic ( 1 )
15:57:15.0861 0x12b8 Freemake Improver ( UnsignedFile.Multi.Generic ) - warning
15:57:16.0079 0x12b8 [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:57:16.0110 0x12b8 Fs_Rec - ok
15:57:16.0141 0x12b8 [ 4E1CD0A45C50A8882616CAE5BF82F3C5, 1B909AF150F7119A5685999451A85012F4A92F15F38390A281EA507E2D247BAE ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
15:57:16.0173 0x12b8 gagp30kx - ok
15:57:16.0235 0x12b8 [ 1E74AA0D84B3AF74B39D63142DB0D2AA, EFA23EA053FB2CF2A374201F662680712F475C2461A84643755E9BC2E066E0A2 ] gpsvc C:\Windows\System32\gpsvc.dll
15:57:16.0469 0x12b8 gpsvc - ok
15:57:16.0563 0x12b8 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
15:57:16.0578 0x12b8 gupdate - ok
15:57:16.0594 0x12b8 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
15:57:16.0609 0x12b8 gupdatem - ok
15:57:16.0672 0x12b8 [ CB04C744BE0A61B1D648FAED182C3B59, 61DC0FF94325DAFCCB7B3980A48727EFBF1283FCF753EC16EF04C730525994C0 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:57:16.0734 0x12b8 HdAudAddService - ok
15:57:16.0781 0x12b8 [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:57:16.0859 0x12b8 HDAudBus - ok
15:57:16.0890 0x12b8 [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth C:\Windows\system32\drivers\hidbth.sys
15:57:16.0968 0x12b8 HidBth - ok
15:57:16.0999 0x12b8 [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr C:\Windows\system32\drivers\hidir.sys
15:57:17.0077 0x12b8 HidIr - ok
15:57:17.0109 0x12b8 [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv C:\Windows\System32\hidserv.dll
15:57:17.0140 0x12b8 hidserv - ok
15:57:17.0171 0x12b8 [ 01E7971E9F4BD6AC6A08DB52D0EA0418, CBB348043750340B7B6873B3FEF6FB47E1B222CB5C5EA7E96C68AE9F2431D856 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:57:17.0202 0x12b8 HidUsb - ok
15:57:17.0249 0x12b8 [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc C:\Windows\system32\kmsvc.dll
15:57:17.0296 0x12b8 hkmsvc - ok
15:57:17.0311 0x12b8 [ DF353B401001246853763C4B7AAA6F50, 05C043493BDD99DEFBB0F5C3D8C475B06C2BF5629565ACF6F3B754002519B836 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
15:57:17.0327 0x12b8 HpCISSs - ok
15:57:17.0374 0x12b8 [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:57:17.0452 0x12b8 HTTP - ok
15:57:17.0483 0x12b8 [ 324C2152FF2C61ABAE92D09F3CCA4D63, 2D09964C8003277F7DB1FFAA0DAEF15B205F3C4100FF601950BC9E544DC0B91F ] i2omp C:\Windows\system32\drivers\i2omp.sys
15:57:17.0499 0x12b8 i2omp - ok
15:57:17.0561 0x12b8 [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
15:57:17.0608 0x12b8 i8042prt - ok
15:57:17.0655 0x12b8 [ C957BF4B5D80B46C5017BF0101E6C906, 6B9186335E50E7E0DBAF574A224E524EC526B57AA02F509E4A8D0F905C9CE880 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
15:57:17.0686 0x12b8 iaStorV - ok
15:57:17.0795 0x12b8 [ DD386C45D2B5863740166783448A2E7A, 10B912BA70306644BE73A53AF4DCDFF63880C4C5860FF6DBA92B0914EB566718 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:57:17.0857 0x12b8 idsvc - ok
15:57:17.0904 0x12b8 [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp C:\Windows\system32\drivers\iirsp.sys
15:57:17.0920 0x12b8 iirsp - ok
15:57:17.0982 0x12b8 [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT C:\Windows\System32\ikeext.dll
15:57:18.0029 0x12b8 IKEEXT - ok
15:57:18.0138 0x12b8 [ 7BD4E0428776D11C8E8E26F9F5508690, 64108320A3AFC4F7E207B2F4A9BA52E6F4A0A71606C0FEC44F0CE1C343BC2D3E ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
15:57:18.0450 0x12b8 IntcAzAudAddService - ok
15:57:18.0481 0x12b8 [ 97469037714070E45194ED318D636401, DDB5AE39BE0BD37ECB44969A5FA740E5B1169342347D0DB3E5DF0353A6708271 ] intelide C:\Windows\system32\drivers\intelide.sys
15:57:18.0497 0x12b8 intelide - ok
15:57:18.0528 0x12b8 [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:57:18.0591 0x12b8 intelppm - ok
15:57:18.0622 0x12b8 [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:57:18.0684 0x12b8 IPBusEnum - ok
15:57:18.0731 0x12b8 [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:57:18.0778 0x12b8 IpFilterDriver - ok
15:57:18.0825 0x12b8 [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:57:18.0856 0x12b8 iphlpsvc - ok
15:57:18.0871 0x12b8 IpInIp - ok
15:57:18.0903 0x12b8 [ 40F34F8ABA2A015D780E4B09138B6C17, 22F86888C6B4F76836E863A90730D8F0DBD518305D87A399A159387E79E9D2F7 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
15:57:18.0965 0x12b8 IPMIDRV - ok
15:57:18.0996 0x12b8 [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
15:57:19.0059 0x12b8 IPNAT - ok
15:57:19.0090 0x12b8 [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:57:19.0137 0x12b8 IRENUM - ok
15:57:19.0168 0x12b8 [ 350FCA7E73CF65BCEF43FAE1E4E91293, 68403FE3F4DC40919CD26A2CC42BE4386AE6874F47DD382348FFD79080721A13 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:57:19.0183 0x12b8 isapnp - ok
15:57:19.0230 0x12b8 [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
15:57:19.0261 0x12b8 iScsiPrt - ok
15:57:19.0293 0x12b8 [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
15:57:19.0308 0x12b8 iteatapi - ok
15:57:19.0339 0x12b8 [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid C:\Windows\system32\drivers\iteraid.sys
15:57:19.0355 0x12b8 iteraid - ok
15:57:19.0386 0x12b8 [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:57:19.0417 0x12b8 kbdclass - ok
15:57:19.0433 0x12b8 [ D2600CB17B7408B4A83F231DC9A11AC3, C3025C2ED3541F58E8C1D792B0683949286BE583AB17B0C48F7362B4FA512BC0 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
15:57:19.0495 0x12b8 kbdhid - ok
15:57:19.0558 0x12b8 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso C:\Windows\system32\lsass.exe
15:57:19.0636 0x12b8 KeyIso - ok
15:57:19.0667 0x12b8 [ EBC507F129DF8F0E0CA270DCFC0CF87F, 232E2C4118A3177019E111E23D02F669338AE251308DE9BEDE3869C1208D7F0B ] KMDFMEMIO C:\Windows\system32\DRIVERS\kmdfmemio.sys
15:57:19.0714 0x12b8 KMDFMEMIO - ok
15:57:19.0776 0x12b8 [ FBBC2D3579E6CF8279D46B44C89C49FF, C7188643CDB7DADAD944241F554266BEFA2239ED4AD7E85F4D37319D3FAC4FFE ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:57:19.0807 0x12b8 KSecDD - ok
15:57:19.0870 0x12b8 [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm C:\Windows\system32\msdtckrm.dll
15:57:19.0948 0x12b8 KtmRm - ok
15:57:19.0995 0x12b8 [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer C:\Windows\System32\srvsvc.dll
15:57:20.0041 0x12b8 LanmanServer - ok
15:57:20.0088 0x12b8 [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:57:20.0119 0x12b8 LanmanWorkstation - ok
15:57:20.0182 0x12b8 [ F34B35F6F74E28A460749DA11D1117F8, 1D5764ACF90899076D736D7AB33BD4C30D51F2C463E337029B56B1C3F224BB1F ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
15:57:20.0197 0x12b8 LightScribeService - ok
15:57:20.0229 0x12b8 [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:57:20.0275 0x12b8 lltdio - ok
15:57:20.0307 0x12b8 [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:57:20.0353 0x12b8 lltdsvc - ok
15:57:20.0385 0x12b8 [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:57:20.0463 0x12b8 lmhosts - ok
15:57:20.0509 0x12b8 [ A2262FB9F28935E862B4DB46438C80D2, 792684A68726BC007ACABB584682FDF4F059AE60888FB5B47ED68A97EA0BB5E6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
15:57:20.0525 0x12b8 LSI_FC - ok
15:57:20.0556 0x12b8 [ 30D73327D390F72A62F32C103DAF1D6D, 7BB5BFB0DCF33AF9907539B52DF7BA1943C1E75A17715B58DBC702ACA6D406EA ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
15:57:20.0572 0x12b8 LSI_SAS - ok
15:57:20.0603 0x12b8 [ E1E36FEFD45849A95F1AB81DE0159FE3, DA02B23A881D156A02D3874B41E6D042F84AD558B434280A6A6AC6B619668647 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
15:57:20.0619 0x12b8 LSI_SCSI - ok
15:57:20.0650 0x12b8 [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv C:\Windows\system32\drivers\luafv.sys
15:57:20.0697 0x12b8 luafv - ok
15:57:20.0837 0x12b8 [ D1BD09F008932579DB07E75147D4C5F2, BB4F1F6B61D334B554F92924B2986B4965EE826270BBCB1AE1571C055825A97C ] McComponentHostService C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe
15:57:20.0868 0x12b8 McComponentHostService - ok
15:57:20.0899 0x12b8 [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:57:20.0931 0x12b8 Mcx2Svc - ok
15:57:20.0977 0x12b8 [ D153B14FC6598EAE8422A2037553ADCE, D5408B07B6EBA0146A605F11106497DC3DF8EC72E0DCC44BE1366A2A58ABE478 ] megasas C:\Windows\system32\drivers\megasas.sys
15:57:20.0993 0x12b8 megasas - ok
15:57:21.0024 0x12b8 [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS C:\Windows\system32\mmcss.dll
15:57:21.0071 0x12b8 MMCSS - ok
15:57:21.0102 0x12b8 [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem C:\Windows\system32\drivers\modem.sys
15:57:21.0149 0x12b8 Modem - ok
15:57:21.0211 0x12b8 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:57:21.0258 0x12b8 monitor - ok
15:57:21.0289 0x12b8 [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:57:21.0305 0x12b8 mouclass - ok
15:57:21.0336 0x12b8 [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:57:21.0383 0x12b8 mouhid - ok
15:57:21.0399 0x12b8 [ 3EAE06B0D9E32A3D45DC3E07F1FBFA97, 0C56D92C5131D60AF2FCCF071976F2932A2C544C5EC4C2A5476E99CDE17FF08C ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
15:57:21.0430 0x12b8 MountMgr - ok
15:57:21.0477 0x12b8 [ CBCC3A1E47A664CCCBC7A25081C4D88B, BDE4510CED8EF3BB091118FEA8AEB61F0DB402C9B53615A4824896DF9DE3030E ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
15:57:21.0508 0x12b8 MozillaMaintenance - ok
15:57:21.0586 0x12b8 [ 7F7FD183AEFC2F302EF1BF1CFCCB82CE, B13D8E8C92EDF1E885AF7E6FA5DD63978C3F319F200B59A955FE6AC3C9D26C32 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
15:57:21.0617 0x12b8 MpFilter - ok
15:57:21.0679 0x12b8 [ 583A41F26278D9E0EA548163D6139397, 1F09D2FEEE1A8D4F1D9E53596158154099FD436A408F7E72E40F50778A3838A1 ] mpio C:\Windows\system32\drivers\mpio.sys
15:57:21.0695 0x12b8 mpio - ok
15:57:21.0742 0x12b8 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:57:21.0773 0x12b8 mpsdrv - ok
15:57:21.0835 0x12b8 [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:57:21.0898 0x12b8 MpsSvc - ok
15:57:21.0929 0x12b8 [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
15:57:21.0945 0x12b8 Mraid35x - ok
15:57:21.0976 0x12b8 [ DADF6D90942C198CD15D345A9F6CF4CD, 993240684DA9EC5B45B28EEEB36B4676A0ADE5CA385C231DF7F94B81F6A69DD3 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:57:22.0085 0x12b8 MRxDAV - ok
15:57:22.0116 0x12b8 [ 1B864548B2ACEC1C0BB29B615CC42978, E1DA3E6764A2C7072D99F2F093E5F40DB6DC809701B59C155C6B4EE327AB9E41 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:57:22.0179 0x12b8 mrxsmb - ok
15:57:22.0210 0x12b8 [ 3F39B02EEDC5B8A0ED896EA1CDF7245F, 41C1DCD82F964A398B7C3D44178DBF7C8AF1C2DBC5F2D944BE6B00E909FE083B ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:57:22.0241 0x12b8 mrxsmb10 - ok
15:57:22.0257 0x12b8 [ D0670EC8E5AD3FA5BE372BF70AC0EABF, BD2D1BA151FD5409EAA41ECCBEB863FE52FF7C2D92349961FEE736D66970748E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:57:22.0288 0x12b8 mrxsmb20 - ok
15:57:22.0319 0x12b8 [ 742AED7939E734C36B7E8D6228CE26B7, 6F727144BBD42C9C5555087CA51DE8D501B5CBEFB9967866CC578733E3C5E681 ] msahci C:\Windows\system32\drivers\msahci.sys
15:57:22.0335 0x12b8 msahci - ok
15:57:22.0350 0x12b8 [ 3FC82A2AE4CC149165A94699183D3028, 8575BE62A209672A5D8C68D75BBBB4FF06220CA73A939B0793442DAD2272598C ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:57:22.0366 0x12b8 msdsm - ok
15:57:22.0413 0x12b8 [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC C:\Windows\System32\msdtc.exe
15:57:22.0459 0x12b8 MSDTC - ok
15:57:22.0506 0x12b8 [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:57:22.0537 0x12b8 Msfs - ok
15:57:22.0584 0x12b8 [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:57:22.0600 0x12b8 msisadrv - ok
15:57:22.0647 0x12b8 [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:57:22.0693 0x12b8 MSiSCSI - ok
15:57:22.0709 0x12b8 msiserver - ok
15:57:22.0756 0x12b8 [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:57:22.0803 0x12b8 MSKSSRV - ok
15:57:22.0896 0x12b8 [ DC8B329D6B4026D2D6E957BC79336022, B1EC02B57F2F7AFACDD498C21E3CD7F32F798ABE7C8041A2824DECAB8276520F ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
15:57:22.0912 0x12b8 MsMpSvc - ok
15:57:22.0943 0x12b8 [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:57:22.0990 0x12b8 MSPCLOCK - ok
15:57:23.0021 0x12b8 [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:57:23.0083 0x12b8 MSPQM - ok
15:57:23.0115 0x12b8 [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:57:23.0146 0x12b8 MsRPC - ok
15:57:23.0177 0x12b8 [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
15:57:23.0208 0x12b8 mssmbios - ok
15:57:23.0239 0x12b8 [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:57:23.0286 0x12b8 MSTEE - ok
15:57:23.0317 0x12b8 [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup C:\Windows\system32\Drivers\mup.sys
15:57:23.0333 0x12b8 Mup - ok
15:57:23.0380 0x12b8 [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent C:\Windows\system32\qagentRT.dll
15:57:23.0442 0x12b8 napagent - ok
15:57:23.0489 0x12b8 [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:57:23.0536 0x12b8 NativeWifiP - ok
15:57:23.0614 0x12b8 [ DEC4B200C459FA929B0A764E79904B79, 40261D7D0BEE45E6E3F4F25D7ACAB00744BAF5D515B6D84B41A25ED22380DC13 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:57:23.0661 0x12b8 NDIS - ok
15:57:23.0692 0x12b8 [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:57:23.0723 0x12b8 NdisTapi - ok
15:57:23.0739 0x12b8 [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:57:23.0785 0x12b8 Ndisuio - ok
15:57:23.0817 0x12b8 [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:57:23.0863 0x12b8 NdisWan - ok
15:57:23.0895 0x12b8 [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:57:23.0957 0x12b8 NDProxy - ok
15:57:23.0973 0x12b8 [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:57:24.0051 0x12b8 NetBIOS - ok
15:57:24.0097 0x12b8 [ BF84E55A9B3AD3CBAB4AAE3BE043E579, A01D03836E67C6B434687FF3388DB0BD935BCF81A611728C32E7392694E7689C ] netbt C:\Windows\system32\DRIVERS\netbt.sys
15:57:24.0269 0x12b8 netbt - ok
15:57:24.0300 0x12b8 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon C:\Windows\system32\lsass.exe
15:57:24.0316 0x12b8 Netlogon - ok
15:57:24.0363 0x12b8 [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman C:\Windows\System32\netman.dll
15:57:24.0409 0x12b8 Netman - ok
15:57:24.0456 0x12b8 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:57:24.0487 0x12b8 NetMsmqActivator - ok
15:57:24.0503 0x12b8 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:57:24.0534 0x12b8 NetPipeActivator - ok
15:57:24.0565 0x12b8 [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm C:\Windows\System32\netprofm.dll
15:57:24.0628 0x12b8 netprofm - ok
15:57:24.0659 0x12b8 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:57:24.0690 0x12b8 NetTcpActivator - ok
15:57:24.0706 0x12b8 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:57:24.0721 0x12b8 NetTcpPortSharing - ok
15:57:24.0877 0x12b8 [ 6E9EDC1020B319E7676387B8CDF2398C, EF9B26369A845FC1E96ADD4051E52DA13CAA54158956F36CB10CBF3610D2B678 ] NETw2v32 C:\Windows\system32\DRIVERS\NETw2v32.sys
15:57:25.0143 0x12b8 NETw2v32 - ok
15:57:25.0174 0x12b8 [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
15:57:25.0189 0x12b8 nfrd960 - ok
15:57:25.0252 0x12b8 [ BFD3B47A46BF2BB6BB0CEC7127EE929E, 6DD73FD0AC57D025A1290D494BC4405A6A5D89AE76A3EC4E3F20C3F8A45A5E24 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:57:25.0283 0x12b8 NisDrv - ok
15:57:25.0330 0x12b8 [ F36D4743BCB636F1779E7CB36E950525, 176E3547B30579CE2D8901B5F9AE06C5BF493E81253A4A351FD304A561C8B3F1 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
15:57:25.0361 0x12b8 NisSrv - ok
15:57:25.0408 0x12b8 [ C96411DD46AABC0D6F3CF06D0E0E7E14, 0D36F322AF1B923D96735BFFCAC3FDB0B282E59220BADAB8B49AC178A6765380 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:57:25.0470 0x12b8 NlaSvc - ok
15:57:25.0548 0x12b8 [ 36CC8B2FD964C97BD2E2AB8BA7FFE384, C1DAB1872A5867DA4D7F8A8D3DBDDC81BAC3D9C0092442F12D0493306CF39306 ] NovaPdfServer C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe
15:57:25.0564 0x12b8 NovaPdfServer - ok
15:57:25.0626 0x12b8 [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:57:25.0642 0x12b8 Npfs - ok
15:57:25.0673 0x12b8 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi C:\Windows\system32\nsisvc.dll
15:57:25.0735 0x12b8 nsi - ok
15:57:25.0751 0x12b8 [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:57:25.0813 0x12b8 nsiproxy - ok
15:57:25.0891 0x12b8 [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:57:25.0969 0x12b8 Ntfs - ok
15:57:26.0016 0x12b8 [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
15:57:26.0079 0x12b8 ntrigdigi - ok
15:57:26.0110 0x12b8 [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null C:\Windows\system32\drivers\Null.sys
15:57:26.0157 0x12b8 Null - ok
15:57:26.0188 0x12b8 [ E69E946F80C1C31C53003BFBF50CBB7C, A0A4BC57822B2CBC75602A969E28DCEDE04B41CC084E1EF1532B1BCDAEAA43BB ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:57:26.0203 0x12b8 nvraid - ok
15:57:26.0235 0x12b8 [ 9E0BA19A28C498A6D323D065DB76DFFC, EA9E33ED2820ED39932FAE114A9CF1D87780ED6605D0260A6F22F920B48F34E9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:57:26.0250 0x12b8 nvstor - ok
15:57:26.0281 0x12b8 [ 07C186427EB8FCC3D8D7927187F260F7, 9AFDE1CB7B7232BD019804BFC691580B9CC2E51A5BC0E5584B23907D532600D8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:57:26.0297 0x12b8 nv_agp - ok
15:57:26.0313 0x12b8 NwlnkFlt - ok
15:57:26.0313 0x12b8 NwlnkFwd - ok
15:57:26.0359 0x12b8 [ 953C1BA621F4DA9DC7D268AE839A51FB, 2405F4520764C0772F9BB6142722592CC845813A8E95BE4334799EACB243036E ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
15:57:26.0422 0x12b8 ohci1394 - ok
15:57:26.0469 0x12b8 [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:57:26.0484 0x12b8 ose - ok
15:57:26.0562 0x12b8 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc C:\Windows\system32\p2psvc.dll
15:57:26.0671 0x12b8 p2pimsvc - ok
15:57:26.0687 0x12b8 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc C:\Windows\system32\p2psvc.dll
15:57:26.0749 0x12b8 p2psvc - ok
15:57:26.0781 0x12b8 [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport C:\Windows\system32\drivers\parport.sys
15:57:26.0859 0x12b8 Parport - ok
15:57:26.0890 0x12b8 [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:57:26.0905 0x12b8 partmgr - ok
15:57:26.0921 0x12b8 [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
15:57:26.0999 0x12b8 Parvdm - ok
15:57:27.0030 0x12b8 [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc C:\Windows\System32\pcasvc.dll
15:57:27.0093 0x12b8 PcaSvc - ok
15:57:27.0139 0x12b8 [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci C:\Windows\system32\drivers\pci.sys
15:57:27.0155 0x12b8 pci - ok
15:57:27.0202 0x12b8 [ 1636D43F10416AEB483BC6001097B26C, 36E61A993693A46538FE0F726D67BB28886F61D53384AD600D1282296A27662E ] pciide C:\Windows\system32\drivers\pciide.sys
15:57:27.0217 0x12b8 pciide - ok
15:57:27.0264 0x12b8 [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:57:27.0280 0x12b8 pcmcia - ok
15:57:27.0358 0x12b8 [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:57:27.0483 0x12b8 PEAUTH - ok
15:57:27.0623 0x12b8 [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla C:\Windows\system32\pla.dll
15:57:27.0763 0x12b8 pla - ok
15:57:27.0810 0x12b8 [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:57:27.0857 0x12b8 PlugPlay - ok
15:57:27.0935 0x12b8 [ B597C2C966B447E011B4AE1B4D053677, F5749A45AA96DD8567789B3EAE38137A414371A9977D1317742141DCEDEB31C3 ] PMBDeviceInfoProvider C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
15:57:27.0982 0x12b8 PMBDeviceInfoProvider - ok
15:57:28.0044 0x12b8 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
15:57:28.0107 0x12b8 PNRPAutoReg - ok
15:57:28.0138 0x12b8 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc C:\Windows\system32\p2psvc.dll
15:57:28.0185 0x12b8 PNRPsvc - ok
15:57:28.0247 0x12b8 [ E16D328D6C5382916C1F7925E2A20662, D904E886614E9C18B1FE0FDE884777F01FAE7CD1688C5DB3CEE772E6BDEF1516 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:57:28.0372 0x12b8 PolicyAgent - ok
15:57:28.0419 0x12b8 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:57:28.0481 0x12b8 PptpMiniport - ok
15:57:28.0512 0x12b8 [ 0E3CEF5D28B40CF273281D620C50700A, 8ADA99B4563AE2129B95136295EE92A94102B035EBBC83D4C8587ECE8B0DEE60 ] Processor C:\Windows\system32\drivers\processr.sys
15:57:28.0575 0x12b8 Processor - ok
15:57:28.0621 0x12b8 [ 0D5DAD610D7EA1627581ED06FB2BAA9A, 6E27CF3A1624AE10EECB8B5F38E03D76A6AABE4E75DD66DEDD67E0773935A396 ] ProfSvc C:\Windows\system32\profsvc.dll
15:57:28.0668 0x12b8 ProfSvc - ok
15:57:28.0684 0x12b8 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
15:57:28.0699 0x12b8 ProtectedStorage - ok
15:57:28.0746 0x12b8 [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
15:57:28.0777 0x12b8 PSched - ok
15:57:28.0855 0x12b8 [ CCDAC889326317792480C0A67156A1EC, 3D3B561B6D4E12DE442C98993C929765F002AF5CFB5A00EFACE6ABE957F7E8AF ] ql2300 C:\Windows\system32\drivers\ql2300.sys
15:57:28.0918 0x12b8 ql2300 - ok
15:57:28.0949 0x12b8 [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
15:57:28.0965 0x12b8 ql40xx - ok
15:57:29.0027 0x12b8 [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE C:\Windows\system32\qwave.dll
15:57:29.0058 0x12b8 QWAVE - ok
15:57:29.0089 0x12b8 [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:57:29.0121 0x12b8 QWAVEdrv - ok
15:57:29.0323 0x12b8 [ 976D32226FC4DD1187110B763F913A69, 003CC47DCB27C3148C219E9B830992BDEB9B5B3C33E36468DB3C2F303E937874 ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys
15:57:29.0620 0x12b8 R300 - ok
15:57:29.0667 0x12b8 [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:57:29.0698 0x12b8 RasAcd - ok
15:57:29.0729 0x12b8 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto C:\Windows\System32\rasauto.dll
15:57:29.0776 0x12b8 RasAuto - ok
15:57:29.0823 0x12b8 [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:57:29.0885 0x12b8 Rasl2tp - ok
15:57:29.0916 0x12b8 [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan C:\Windows\System32\rasmans.dll
15:57:29.0979 0x12b8 RasMan - ok
15:57:29.0994 0x12b8 [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:57:30.0025 0x12b8 RasPppoe - ok
15:57:30.0057 0x12b8 [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:57:30.0088 0x12b8 RasSstp - ok
15:57:30.0119 0x12b8 [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:57:30.0181 0x12b8 rdbss - ok
15:57:30.0213 0x12b8 [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:57:30.0259 0x12b8 RDPCDD - ok
15:57:30.0306 0x12b8 [ E8BD98D46F2ED77132BA927FCCB47D8B, 5187CF8F00AD67EDDF27DF675F3210C0D72E552578A89C58DF6953B1D5BEBCB8 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
15:57:30.0400 0x12b8 rdpdr - ok
15:57:30.0400 0x12b8 [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:57:30.0447 0x12b8 RDPENCDD - ok
15:57:30.0493 0x12b8 [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:57:30.0571 0x12b8 RDPWD - ok
15:57:30.0603 0x12b8 [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess C:\Windows\System32\mprdim.dll
15:57:30.0649 0x12b8 RemoteAccess - ok
15:57:30.0696 0x12b8 [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:57:30.0743 0x12b8 RemoteRegistry - ok
15:57:30.0774 0x12b8 [ 7EC90C316177BA3F1BCE92005264B447, C588611E4BD68F8220B189CBA72929A9C4143932FEF673D2676D83B2821237C2 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
15:57:30.0852 0x12b8 RFCOMM - ok
15:57:30.0930 0x12b8 [ 4D05898896EC49CF663DDA61041AB096, 1218A0AD84946F2555773D529F3D55D7B675780EC1E79A634ED0FECF8D5C9C6D ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe
15:57:30.0961 0x12b8 RichVideo - ok
15:57:30.0977 0x12b8 [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator C:\Windows\system32\locator.exe
15:57:31.0024 0x12b8 RpcLocator - ok
15:57:31.0086 0x12b8 [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs C:\Windows\system32\rpcss.dll
15:57:31.0133 0x12b8 RpcSs - ok
15:57:31.0180 0x12b8 [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:57:31.0227 0x12b8 rspndr - ok
15:57:31.0258 0x12b8 [ 959EF612D2CCFDB6D9E443F8E3655013, 24735ADE348A687E4CE34F544C0655DBC1380C7B9A420165FF2C07D1908B5A7D ] RTL8023xp C:\Windows\system32\DRIVERS\Rtnicxp.sys
15:57:31.0336 0x12b8 RTL8023xp - ok
15:57:31.0351 0x12b8 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs C:\Windows\system32\lsass.exe
15:57:31.0367 0x12b8 SamSs - ok
15:57:31.0429 0x12b8 [ 4BFB51CDB25D4D4B9E8FCCAB635F262E, 17C43AE2CF44A7C8FDBFE33F1BAE785456F4D3E2EE71ECD0E63B20E8A972152E ] Samsung Update Plus C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe
15:57:31.0461 0x12b8 Samsung Update Plus - detected UnsignedFile.Multi.Generic ( 1 )
15:57:31.0461 0x12b8 Samsung Update Plus ( UnsignedFile.Multi.Generic ) - warning
15:57:31.0461 0x12b8 Force sending object to P2P due to detect: Samsung Update Plus
15:57:31.0726 0x12b8 Object send P2P result: true
15:57:31.0897 0x12b8 [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:57:31.0913 0x12b8 sbp2port - ok
15:57:31.0960 0x12b8 [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:57:32.0007 0x12b8 SCardSvr - ok
15:57:32.0069 0x12b8 [ F79CC0F814748E15538BF4D808030739, 396E94A309AFB163791095A25950CB7D85EEC43B416E1E7F056F430E1B719F4D ] Schedule C:\Windows\system32\schedsvc.dll
15:57:32.0163 0x12b8 Schedule - ok
15:57:32.0194 0x12b8 [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc C:\Windows\System32\certprop.dll
15:57:32.0225 0x12b8 SCPolicySvc - ok
15:57:32.0272 0x12b8 [ 4339A2585708C7D9B0C0CE5AAD3DD6FF, 1B764838EC90A4F5A8130630BA32C014C033BF39C0DE1C114298F254580F0983 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
15:57:32.0334 0x12b8 sdbus - ok
15:57:32.0381 0x12b8 [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:57:32.0443 0x12b8 SDRSVC - ok
15:57:32.0475 0x12b8 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:57:32.0521 0x12b8 secdrv - ok
15:57:32.0553 0x12b8 [ 7D7A5D3CB5AB4B394E03BDE27E6114E8, 590644469036B9C2DF3D6E56D41FD7D09D0AE5021B0FA96A8CBA873F923865C8 ] seclogon C:\Windows\system32\seclogon.dll
15:57:32.0631 0x12b8 seclogon - ok
15:57:32.0662 0x12b8 [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS C:\Windows\system32\sens.dll
15:57:32.0724 0x12b8 SENS - ok
15:57:32.0755 0x12b8 [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum C:\Windows\system32\drivers\serenum.sys
15:57:32.0818 0x12b8 Serenum - ok
15:57:32.0833 0x12b8 [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial C:\Windows\system32\drivers\serial.sys
15:57:32.0911 0x12b8 Serial - ok
15:57:32.0943 0x12b8 [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse C:\Windows\system32\drivers\sermouse.sys
15:57:32.0974 0x12b8 sermouse - ok
15:57:33.0021 0x12b8 [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv C:\Windows\system32\sessenv.dll
15:57:33.0067 0x12b8 SessionEnv - ok
15:57:33.0083 0x12b8 [ 103B79418DA647736EE95645F305F68A, E4D356FD8C62B616D3584FE84905995A1CEE452288E3A456CC358FF41FEAB1B7 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:57:33.0145 0x12b8 sffdisk - ok
15:57:33.0177 0x12b8 [ 8FD08A310645FE872EEEC6E08C6BF3EE, 702A148C9DE172E7B5E331F057487255E0729FD42F949BB0FF2D5A01775933CF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:57:33.0255 0x12b8 sffp_mmc - ok
15:57:33.0270 0x12b8 [ 9CFA05FCFCB7124E69CFC812B72F9614, E9CFCE695E4D1AF146781CFAA295878536E573F06AEA65438878DE29EC9959AD ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:57:33.0348 0x12b8 sffp_sd - ok
15:57:33.0364 0x12b8 [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
15:57:33.0426 0x12b8 sfloppy - ok
15:57:33.0457 0x12b8 [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:57:33.0535 0x12b8 SharedAccess - ok
15:57:33.0567 0x12b8 [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:57:33.0613 0x12b8 ShellHWDetection - ok
15:57:33.0629 0x12b8 [ D2A595D6EEBEEAF4334F8E50EFBC9931, 851B8205C657BF806C4D815DC75356E99B4246016B6E1C1F51BAF8AD1E6D5299 ] sisagp C:\Windows\system32\drivers\sisagp.sys
15:57:33.0660 0x12b8 sisagp - ok
15:57:33.0676 0x12b8 [ CEDD6F4E7D84E9F98B34B3FE988373AA, E102977E6FAC30B5ABEEC0B412A9F2A10C5C42F4D9C3AD69296BF9E1E88B6141 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
15:57:33.0691 0x12b8 SiSRaid2 - ok
15:57:33.0723 0x12b8 [ DF843C528C4F69D12CE41CE462E973A7, A2BEC74FCB8D8B6B9D8DD4746C013DFDF1DD662AEFE9B88CA495E5B83B4A76F9 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
15:57:33.0738 0x12b8 SiSRaid4 - ok
15:57:33.0801 0x12b8 [ 704B4F81729F676BBF034529FC334D82, 1E50DAF97836807A500284385D99272780A8B69CA88761250451060B207824F8 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
15:57:33.0832 0x12b8 SkypeUpdate - ok
15:57:34.0019 0x12b8 [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc C:\Windows\system32\SLsvc.exe
15:57:34.0269 0x12b8 slsvc - ok
15:57:34.0331 0x12b8 [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify C:\Windows\system32\SLUINotify.dll
15:57:34.0378 0x12b8 SLUINotify - ok
15:57:34.0471 0x12b8 [ 60047D1C836A8B744D4404F798EDB2BD, 7B349C26DCE0FE36CAA70C1984CAD975558749524321ED7F6107EA4CACC13513 ] SMARTHelperService C:\Program Files\SMART Technologies\Education Software\SMARTHelperService.exe
15:57:34.0503 0x12b8 SMARTHelperService - ok
15:57:34.0581 0x12b8 [ E78ED320AA4AFC8087E1B51A64A116E3, 957AB7B41E1779E4AC8450581A003D19854584B13FC7DEC4E5E6EB95091B6658 ] SMARTMouseFilterx86 C:\Windows\system32\DRIVERS\SMARTMouseFilterx86.sys
15:57:34.0612 0x12b8 SMARTMouseFilterx86 - ok
15:57:34.0643 0x12b8 [ D4F15E6BD6E8A60EF0A82FAB76ADB6B0, 932AD2B559C07116D618257202E66AAD71CD76EDDA4F099A6D5A449F7D3F0059 ] SMARTVHidMini2000x86 C:\Windows\system32\DRIVERS\SMARTVHidMini2000x86.sys
15:57:34.0674 0x12b8 SMARTVHidMini2000x86 - ok
15:57:34.0705 0x12b8 [ 1F7C57F9843813B41768E969558AD035, 19A2AB36BACD1059A967F2D5C77C85B92907DF13BBD2A5FA8D8EAACA21602AC0 ] SMARTVTabletPCx86 C:\Windows\system32\DRIVERS\SMARTVTabletPCx86.sys
15:57:34.0752 0x12b8 SMARTVTabletPCx86 - ok
15:57:34.0799 0x12b8 [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:57:34.0846 0x12b8 Smb - ok
15:57:34.0877 0x12b8 [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:57:34.0908 0x12b8 SNMPTRAP - ok
15:57:34.0939 0x12b8 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr C:\Windows\system32\drivers\spldr.sys
15:57:34.0955 0x12b8 spldr - ok
15:57:35.0002 0x12b8 [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler C:\Windows\System32\spoolsv.exe
15:57:35.0033 0x12b8 Spooler - ok
15:57:35.0095 0x12b8 [ 9263C8898732E2B890F7E954E7729AB7, DEBFD81E702893427972A6565A9AAA54A09B9F7F30CA9391011C6F7FB758A3F4 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
15:57:35.0127 0x12b8 SQLWriter - ok
15:57:35.0173 0x12b8 [ E822F009416F6CC21C6545D58E8F9B62, 8536F4386303137BF3618E640F66EE2DA272BA3E7CDCD68C761BA74204A29608 ] srv C:\Windows\system32\DRIVERS\srv.sys
15:57:35.0298 0x12b8 srv - ok
15:57:35.0314 0x12b8 [ 37DBD18CDC429690F34862F39BFEBDA5, 43EA2A23A36271CDFED93823822D7DDE550EC7492412ECBE8931ED6D2BEC632B ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:57:35.0423 0x12b8 srv2 - ok
15:57:35.0454 0x12b8 [ 40CD9883E862BF84A35D58A10652C0E0, B4205536ADC4BE98F076751DFC8F86EC070F03A4B15EE133391498A3FDEC2798 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:57:35.0563 0x12b8 srvnet - ok
15:57:35.0610 0x12b8 [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:57:35.0673 0x12b8 SSDPSRV - ok
15:57:35.0719 0x12b8 [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:57:35.0751 0x12b8 SstpSvc - ok
15:57:35.0844 0x12b8 [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc C:\Windows\System32\wiaservc.dll
15:57:35.0907 0x12b8 stisvc - ok
15:57:35.0953 0x12b8 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum C:\Windows\system32\DRIVERS\swenum.sys
15:57:35.0969 0x12b8 swenum - ok
15:57:36.0016 0x12b8 [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv C:\Windows\System32\swprv.dll
15:57:36.0078 0x12b8 swprv - ok
15:57:36.0125 0x12b8 [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
15:57:36.0141 0x12b8 Symc8xx - ok
15:57:36.0172 0x12b8 [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
15:57:36.0187 0x12b8 Sym_hi - ok
15:57:36.0203 0x12b8 [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
15:57:36.0219 0x12b8 Sym_u3 - ok
15:57:36.0265 0x12b8 [ 451E8037E2EB6DA6BDF0A66F65D1810B, 98E94486560A00B33E19902BB1B5CE51168E583E9303B3A2F7337D3501887B34 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
15:57:36.0297 0x12b8 SynTP - ok
15:57:36.0359 0x12b8 [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain C:\Windows\system32\sysmain.dll
15:57:36.0453 0x12b8 SysMain - ok
15:57:36.0484 0x12b8 [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:57:36.0499 0x12b8 TabletInputService - ok
15:57:36.0546 0x12b8 [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:57:36.0609 0x12b8 TapiSrv - ok
15:57:36.0624 0x12b8 [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS C:\Windows\System32\tbssvc.dll
15:57:36.0687 0x12b8 TBS - ok
15:57:36.0749 0x12b8 [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:57:36.0811 0x12b8 Tcpip - ok
15:57:36.0858 0x12b8 [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
15:57:36.0905 0x12b8 Tcpip6 - ok
15:57:36.0952 0x12b8 [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:57:36.0999 0x12b8 tcpipreg - ok
15:57:37.0045 0x12b8 [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:57:37.0092 0x12b8 TDPIPE - ok
15:57:37.0123 0x12b8 [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:57:37.0170 0x12b8 TDTCP - ok
15:57:37.0217 0x12b8 [ EC565DFA3D9C45D8083B72DEC5B33710, BC4F41795AF98FD87F8CC92F946E6896BAC1925A35C3E5E159E8BF4E6A34A35D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:57:37.0326 0x12b8 tdx - ok
15:57:37.0357 0x12b8 [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
15:57:37.0389 0x12b8 TermDD - ok
15:57:37.0435 0x12b8 [ DBD84E59D631569EC3E756EF144E8431, 9E58629EC762584A2D294A619593620626F7CBE467045AD0F920B6CF1D4B4724 ] TermService C:\Windows\System32\termsrv.dll
15:57:37.0513 0x12b8 TermService - ok
15:57:37.0560 0x12b8 [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes C:\Windows\system32\shsvcs.dll
15:57:37.0591 0x12b8 Themes - ok
15:57:37.0607 0x12b8 [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER C:\Windows\system32\mmcss.dll
15:57:37.0638 0x12b8 THREADORDER - ok
15:57:37.0685 0x12b8 [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks C:\Windows\System32\trkwks.dll
15:57:37.0732 0x12b8 TrkWks - ok
15:57:37.0794 0x12b8 [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:57:37.0825 0x12b8 TrustedInstaller - ok
15:57:37.0872 0x12b8 [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:57:37.0919 0x12b8 tssecsrv - ok
15:57:37.0950 0x12b8 [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
15:57:37.0981 0x12b8 tunmp - ok
15:57:38.0013 0x12b8 [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:57:38.0059 0x12b8 tunnel - ok
15:57:38.0122 0x12b8 [ C3ADE15414120033A36C0F293D4A4121, 74A002C4B5EBD94E33EDEACB6639AF44ED72A8DDE3083C6DE71C1EE937EF1A9C ] uagp35 C:\Windows\system32\drivers\uagp35.sys
15:57:38.0137 0x12b8 uagp35 - ok
15:57:38.0184 0x12b8 [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:57:38.0231 0x12b8 udfs - ok
15:57:38.0278 0x12b8 [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:57:38.0340 0x12b8 UI0Detect - ok
15:57:38.0371 0x12b8 [ 75E6890EBFCE0841D3291B02E7A8BDB0, FDF9CDCCCCC0AA2A52623C5A67AC5F5224557EE4C8F6487CB13CAEB012575E2A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:57:38.0387 0x12b8 uliagpkx - ok
15:57:38.0434 0x12b8 [ 3CD4EA35A6221B85DCC25DAA46313F8D, 100A7E12B8EA395F70A00874328E87B930CE88FF442F3576FE88B105A22E04C5 ] uliahci C:\Windows\system32\drivers\uliahci.sys
15:57:38.0449 0x12b8 uliahci - ok
15:57:38.0481 0x12b8 [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata C:\Windows\system32\drivers\ulsata.sys
15:57:38.0496 0x12b8 UlSata - ok
15:57:38.0527 0x12b8 [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
15:57:38.0543 0x12b8 ulsata2 - ok
15:57:38.0574 0x12b8 [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:57:38.0637 0x12b8 umbus - ok
15:57:38.0683 0x12b8 [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost C:\Windows\System32\upnphost.dll
15:57:38.0746 0x12b8 upnphost - ok
15:57:38.0777 0x12b8 [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:57:38.0871 0x12b8 usbccgp - ok
15:57:38.0917 0x12b8 [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:57:38.0980 0x12b8 usbcir - ok
15:57:39.0027 0x12b8 [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:57:39.0073 0x12b8 usbehci - ok
15:57:39.0105 0x12b8 [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:57:39.0151 0x12b8 usbhub - ok
15:57:39.0183 0x12b8 [ D457EBD0C3A8B3A3A144355B5EE91CBC, 6AD52BDBB1607A48F0B02E663B97C3A00E3345B1B12C259608A5AE728C1C06B2 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
15:57:39.0214 0x12b8 usbohci - ok
15:57:39.0261 0x12b8 [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:57:39.0339 0x12b8 usbprint - ok
15:57:39.0385 0x12b8 [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:57:39.0463 0x12b8 usbscan - ok
15:57:39.0495 0x12b8 [ 234F76D9337BBD25D849C3860418723A, 8AC74D4FFFDEF5CCAA34BA185B45D252BAC15FE37E00515F9365878325764E7F ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:57:39.0604 0x12b8 USBSTOR - ok
15:57:39.0635 0x12b8 [ 325DBBACB8A36AF9988CCF40EAC228CC, 22FE5658A12296634FBE9D8565485BEE8CB200C47182F70DC9D2B0442E10C4AA ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
15:57:39.0713 0x12b8 usbuhci - ok
15:57:39.0760 0x12b8 [ 73FF24E21B690625A58109637DDA0DF7, 62B1F9CD82678E2110D4BB5CC86EE8A7AB0757681443916620B6AAA1EF0DECEB ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
15:57:39.0885 0x12b8 usbvideo - ok
15:57:39.0916 0x12b8 [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms C:\Windows\System32\uxsms.dll
15:57:39.0963 0x12b8 UxSms - ok
15:57:39.0994 0x12b8 [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds C:\Windows\System32\vds.exe
15:57:40.0041 0x12b8 vds - ok
15:57:40.0087 0x12b8 [ 7D92BE0028ECDEDEC74617009084B5EF, D0749CE6FA3415BA4364299F8D6D53F133E8D2F44C6F1057996243415A540A53 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:57:40.0165 0x12b8 vga - ok
15:57:40.0197 0x12b8 [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave C:\Windows\System32\drivers\vga.sys
15:57:40.0275 0x12b8 VgaSave - ok
15:57:40.0290 0x12b8 [ 045D9961E591CF0674A920B6BA3BA5CB, EBF498A0424CEA0F7ECBAAE144A8669CE6B5DD67115DE22CEC5A46AED26CD90B ] viaagp C:\Windows\system32\drivers\viaagp.sys
15:57:40.0321 0x12b8 viaagp - ok
15:57:40.0353 0x12b8 [ 56A4DE5F02F2E88182B0981119B4DD98, 36FC94BCFD41907838DBCB02E6EA24065FDED4224239CD19E90D14433BE9108B ] ViaC7 C:\Windows\system32\drivers\viac7.sys
15:57:40.0415 0x12b8 ViaC7 - ok
15:57:40.0446 0x12b8 [ FD2E3175FCADA350C7AB4521DCA187EC, 1C914B184478611A27E0141F90EBC34FC63DFB2A83441DD36DFA43D945FB1C52 ] viaide C:\Windows\system32\drivers\viaide.sys
15:57:40.0462 0x12b8 viaide - ok
15:57:40.0462 0x12b8 VMC302 - ok
15:57:40.0493 0x12b8 [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:57:40.0524 0x12b8 volmgr - ok
15:57:40.0555 0x12b8 [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:57:40.0587 0x12b8 volmgrx - ok
15:57:40.0633 0x12b8 [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:57:40.0649 0x12b8 volsnap - ok
15:57:40.0696 0x12b8 [ D984439746D42B30FC65A4C3546C6829, B134A9890638C2B4964A9C30812A2828A3E0CC641690CBF22D9FCE65EE3C2385 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
15:57:40.0711 0x12b8 vsmraid - ok
15:57:40.0774 0x12b8 [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS C:\Windows\system32\vssvc.exe
15:57:40.0883 0x12b8 VSS - ok
15:57:40.0914 0x12b8 [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time C:\Windows\system32\w32time.dll
15:57:40.0977 0x12b8 W32Time - ok
15:57:41.0008 0x12b8 [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
15:57:41.0070 0x12b8 WacomPen - ok
15:57:41.0101 0x12b8 [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
15:57:41.0164 0x12b8 Wanarp - ok
15:57:41.0179 0x12b8 [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:57:41.0211 0x12b8 Wanarpv6 - ok
15:57:41.0257 0x12b8 [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:57:41.0320 0x12b8 wcncsvc - ok
15:57:41.0367 0x12b8 [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:57:41.0413 0x12b8 WcsPlugInService - ok
15:57:41.0445 0x12b8 [ AFC5AD65B991C1E205CF25CFDBF7A6F4, 544173AE85A11B99B9221DB30B6803DAEB3EB7FCA57FE62F0D13EF70B9C69A89 ] Wd C:\Windows\system32\drivers\wd.sys
15:57:41.0460 0x12b8 Wd - ok
15:57:41.0523 0x12b8 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:57:41.0569 0x12b8 Wdf01000 - ok
15:57:41.0601 0x12b8 [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:57:41.0710 0x12b8 WdiServiceHost - ok
15:57:41.0725 0x12b8 [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:57:41.0757 0x12b8 WdiSystemHost - ok
15:57:41.0819 0x12b8 [ BB77BAA3E7FD8F1A5D092A96D37B5A2D, 880C37347091224DFB7C442252FE4A29FD7002DA6A8BA994B8CEAABC5E535593 ] WebClient C:\Windows\System32\webclnt.dll
15:57:41.0881 0x12b8 WebClient - ok
15:57:41.0913 0x12b8 [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:57:41.0975 0x12b8 Wecsvc - ok
15:57:42.0022 0x12b8 [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:57:42.0084 0x12b8 wercplsupport - ok
15:57:42.0115 0x12b8 [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc C:\Windows\System32\WerSvc.dll
15:57:42.0162 0x12b8 WerSvc - ok
15:57:42.0225 0x12b8 [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
15:57:42.0271 0x12b8 WinDefend - ok
15:57:42.0287 0x12b8 WinHttpAutoProxySvc - ok
15:57:42.0365 0x12b8 [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:57:42.0396 0x12b8 Winmgmt - ok
15:57:42.0490 0x12b8 [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM C:\Windows\system32\WsmSvc.dll
15:57:42.0599 0x12b8 WinRM - ok
15:57:42.0661 0x12b8 [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc C:\Windows\System32\wlansvc.dll
15:57:42.0739 0x12b8 Wlansvc - ok
15:57:42.0786 0x12b8 [ 701A9F884A294327E9141D73746EE279, C8A46B8C32F9EAC7848D385473F6B5C4B6DA719A941A75AD5F081757FC07A09D ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:57:42.0849 0x12b8 WmiAcpi - ok
15:57:42.0880 0x12b8 [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:57:42.0927 0x12b8 wmiApSrv - ok
15:57:43.0020 0x12b8 [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
15:57:43.0145 0x12b8 WMPNetworkSvc - ok
15:57:43.0207 0x12b8 [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:57:43.0254 0x12b8 WPCSvc - ok
15:57:43.0301 0x12b8 [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:57:43.0379 0x12b8 WPDBusEnum - ok
15:57:43.0535 0x12b8 [ C108DC20ACE05072350DBB6934E277FB, 548E6ABE4C4ADE48260FFDC7BADFD1697972EA3AE94D6576498C8A183D8CE0C8 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
15:57:43.0597 0x12b8 WPFFontCache_v0400 - ok
15:57:43.0629 0x12b8 [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:57:43.0660 0x12b8 ws2ifsl - ok
15:57:43.0707 0x12b8 [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc C:\Windows\system32\wscsvc.dll
15:57:43.0738 0x12b8 wscsvc - ok
15:57:43.0753 0x12b8 WSearch - ok
15:57:43.0878 0x12b8 [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv C:\Windows\system32\wuaueng.dll
15:57:43.0987 0x12b8 wuauserv - ok
15:57:44.0065 0x12b8 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:57:44.0097 0x12b8 WudfPf - ok
15:57:44.0143 0x12b8 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:57:44.0159 0x12b8 WUDFRd - ok
15:57:44.0206 0x12b8 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:57:44.0237 0x12b8 wudfsvc - ok
15:57:44.0315 0x12b8 [ ADE7A4943003020216952B56A6741EC7, BC3B9145C4C1A7A236B5B91EF2A61E310A01FD3366A47CB0C802811C8158603E ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
15:57:44.0362 0x12b8 yukonwlh - ok
15:57:44.0377 0x12b8 ================ Scan global ===============================
15:57:44.0424 0x12b8 [ 2F2DFC846D75D680B9018823A8B5EF07, DBC823CF0C659B6D7482CB080CD042EC6BBAEDB6297DB712CADA1BCEAA8A95C8 ] C:\Windows\system32\basesrv.dll
15:57:44.0471 0x12b8 [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
15:57:44.0518 0x12b8 [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
15:57:44.0565 0x12b8 [ 4F0A7910FC7D8A66433FA9961EEF8BB5, 2086EDEE8CF9CC9BDBDC03018F7C28BB56172F941CB4D6F3D857BCF82B32FB6B ] C:\Windows\system32\services.exe
15:57:44.0580 0x12b8 [ Global ] - ok
15:57:44.0596 0x12b8 ================ Scan MBR ==================================
15:57:44.0611 0x12b8 [ 61A349592C4728853F4A90FF78F7628E ] \Device\Harddisk0\DR0
15:57:45.0064 0x12b8 \Device\Harddisk0\DR0 - ok
15:57:45.0064 0x12b8 ================ Scan VBR ==================================
15:57:45.0079 0x12b8 [ 45BE513C99773C2629DF270E975AD206 ] \Device\Harddisk0\DR0\Partition1
15:57:45.0079 0x12b8 \Device\Harddisk0\DR0\Partition1 - ok
15:57:45.0079 0x12b8 [ B12B90E5E27D7DF54B240E01B4F3EF57 ] \Device\Harddisk0\DR0\Partition2
15:57:45.0079 0x12b8 \Device\Harddisk0\DR0\Partition2 - ok
15:57:45.0095 0x12b8 ================ Scan generic autorun ======================
15:57:45.0189 0x12b8 [ E1E71D80D078C576801B6FE2A29FCF85, 7A8911FF626E5EEC01D7C1922F8AD6901EFC75952ADB3FAF606506C7DB4BC54A ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
15:57:45.0220 0x12b8 StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
15:57:45.0220 0x12b8 StartCCC ( UnsignedFile.Multi.Generic ) - warning
15:57:45.0220 0x12b8 Force sending object to P2P due to detect: C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
15:57:45.0423 0x12b8 Object send P2P result: true
15:57:45.0781 0x12b8 [ 82EAD5A5804BB2937416254A45B6C3C0, 68479A5FFB932C72BADDB003E7AF7253859A1BD6DDCC000EE43BEEFA8273C198 ] C:\Windows\RtHDVCpl.exe
15:57:46.0452 0x12b8 RtHDVCpl - ok
15:57:46.0780 0x12b8 [ A37B2AB33BFF3C6705DC2C016328DD2F, C6F14E81FD9001048B178576FA01A4F77BF3F0A05DE443EB6AAC4982EE763D69 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
15:57:46.0858 0x12b8 SynTPEnh - ok
15:57:46.0998 0x12b8 [ A4E85BDA66CF4DE8070D6F744D181C12, ACF577B0CE6EA1E167389BB32E7F07E0D8CF487B22828455698B042A37CF15B4 ] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe
15:57:47.0045 0x12b8 LanguageShortcut - detected UnsignedFile.Multi.Generic ( 1 )
15:57:47.0045 0x12b8 LanguageShortcut ( UnsignedFile.Multi.Generic ) - warning
15:57:47.0045 0x12b8 Force sending object to P2P due to detect: C:\Program Files\CyberLink\PowerDVD\Language\Language.exe
15:57:47.0248 0x12b8 Object send P2P result: true
15:57:47.0575 0x12b8 [ EE4223FEE8AB8B9202FCA18036F157AE, 1B81391127BAB64E47DFC3C82143D8C370B80D4166CE5FFE30B96321C4DCCD51 ] C:\Program Files\Microsoft Security Client\msseces.exe
15:57:47.0716 0x12b8 MSC - ok
15:57:47.0950 0x12b8 [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\sidebar.exe
15:57:48.0106 0x12b8 Sidebar - ok
15:57:48.0215 0x12b8 [ BF08674925F151BD4537B89A493E3E0C, 6A97562E998A2B90649FF7986313AD33823053FF98BBE163AD39AAA5E01FC545 ] C:\Windows\ehome\ehTray.exe
15:57:48.0262 0x12b8 ehTray.exe - ok
15:57:48.0433 0x12b8 [ EFAF5CFDB067579B26971CB5A621996D, A141FFE3D6033FAAE827560C68C1F32F9AAC9CC312D0968D9CAE55AD63494F04 ] C:\Program Files\Bluestacks\HD-Agent.exe
15:57:48.0480 0x12b8 BlueStacks Agent - ok
15:57:48.0511 0x12b8 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.9.218.0 ), 0x61000 ( enabled : updated )
15:57:48.0543 0x12b8 Win FW state via NFP2: enabled ( trusted )
15:57:48.0667 0x12b8 ============================================================
15:57:48.0667 0x12b8 Scan finished
15:57:48.0667 0x12b8 ============================================================
15:57:48.0683 0x12b0 Detected object count: 4
15:57:48.0683 0x12b0 Actual detected object count: 4
15:58:31.0053 0x12b0 Freemake Improver ( UnsignedFile.Multi.Generic ) - skipped by user
15:58:31.0053 0x12b0 Freemake Improver ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:58:31.0053 0x12b0 Samsung Update Plus ( UnsignedFile.Multi.Generic ) - skipped by user
15:58:31.0053 0x12b0 Samsung Update Plus ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:58:31.0053 0x12b0 StartCCC ( UnsignedFile.Multi.Generic ) - skipped by user
15:58:31.0053 0x12b0 StartCCC ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:58:31.0068 0x12b0 LanguageShortcut ( UnsignedFile.Multi.Generic ) - skipped by user
15:58:31.0068 0x12b0 LanguageShortcut ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
08.10.2016, 14:15
| #4 |
| /// TB-Ausbilder /// Anleitungs-Guru | Verlangsamter Rechner, hängt sich öfter auf, Microsoft updates lassen sich nicht mehr aktualisieren Naja, im April 2017 ist es eh vorbei mit dem Support für Vista. Spätestens dann musst Dir ne Alternative überlegen. Jetzt bitte Suchscan durchführen: Schritt 1 ESET Online Scanner
__________________ Gruß deeprybka  Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
09.10.2016, 15:42
| #5 |
| | Verlangsamter Rechner, hängt sich öfter auf, Microsoft updates lassen sich nicht mehr aktualisieren ach ja. doch so bald schon. was würdest du empfehlen als alternative? windows 10 erfordert glaube ich eine höhere rechnerleistung als ich sie bersitze?! den rest mach ich gerne. und danke vielmals Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=8587809f51c2eb4b82932ffe0d0abe22
# end=init
# utc_time=2016-10-09 12:37:42
# local_time=2016-10-09 02:37:42 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.0.6002 NT Service Pack 2
Update Init
Update Download
Update Finalize
Updated modules version: 31018
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=8587809f51c2eb4b82932ffe0d0abe22
# end=updated
# utc_time=2016-10-09 12:40:30
# local_time=2016-10-09 02:40:30 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.0.6002 NT Service Pack 2
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=8587809f51c2eb4b82932ffe0d0abe22
# engine=31018
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2016-10-09 02:34:24
# local_time=2016-10-09 04:34:24 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 19723821 147313686 0 0
# scanned=179680
# found=4
# cleaned=0
# scan_time=6833
sh=42E37CBFA37877D247EBD37D9553CB6224D6BEE6 ft=1 fh=f28c0d11334dc659 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Boris\AppData\Local\Temp\DMR\dmr_72.exe"
sh=A2B2802EC3EF74D6E9B76F97ED803CEFFAD8C532 ft=1 fh=72a24c9d47ce990b vn="Variante von Win32/Bundled.Toolbar.Ask.M potenziell unsichere Anwendung" ac=I fn="C:\Users\Boris\AppData\LocalLow\Sun\Java\jre1.8.0_25\java_sp.dll"
sh=58CF8F4E4CE1C7D4B807297C5D0C469E20D744D6 ft=1 fh=ccf19c606a52c7cc vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Boris\Downloads\MTS Converter - CHIP-Installer.exe"
sh=D01D6E198B2FE563C608B58D7EE3EB724CFC9022 ft=0 fh=0000000000000000 vn="Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung" ac=I fn="C:\Windows\Installer\2a2469.msi"
|
|
09.10.2016, 16:56
| #6 | |
| /// TB-Ausbilder /// Anleitungs-Guru | Verlangsamter Rechner, hängt sich öfter auf, Microsoft updates lassen sich nicht mehr aktualisierenZitat:
 Wie wäre es mit einen schönen Win10 Laptop oder gar einem Surface?  Für den kleineren Geldbeutel kann man auf den PC hier auch eine Linux-Distri wie Ubuntu etc. installieren.
__________________ --> Verlangsamter Rechner, hängt sich öfter auf, Microsoft updates lassen sich nicht mehr aktualisieren |
|
26.10.2016, 09:08
| #7 |
| | Verlangsamter Rechner, hängt sich öfter auf, Microsoft updates lassen sich nicht mehr aktualisieren Hi. Ich hab den Eset laufen lassen. Wie kann ich fortfahren? Grüße |
|
26.10.2016, 19:00
| #8 |
| /// TB-Ausbilder /// Anleitungs-Guru | Verlangsamter Rechner, hängt sich öfter auf, Microsoft updates lassen sich nicht mehr aktualisieren Die Funde von ESET sind alle irrelevant und nicht die Ursache für die Problematik...
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
11.11.2016, 10:02
| #9 |
| | Verlangsamter Rechner, hängt sich öfter auf, Microsoft updates lassen sich nicht mehr aktualisieren Ok. Und was hältst du für die Ursache? Grüße Was kann ich noch unternehmen? |
|
12.11.2016, 16:44
| #10 |
| /// TB-Ausbilder /// Anleitungs-Guru | Verlangsamter Rechner, hängt sich öfter auf, Microsoft updates lassen sich nicht mehr aktualisieren War Vista jemals schnell? Wie gesagt, ab April ist es mit Vista eh vorbei. Da würde ich mir eher eine Alternative überlegen. Schritt 1 Lade dir  TFC (TempFileCleaner von Oldtimer) herunter und speichere es auf den Desktop.
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
13.11.2016, 13:53
| #11 |
| | Verlangsamter Rechner, hängt sich öfter auf, Microsoft updates lassen sich nicht mehr aktualisieren ok. eingedenk dessen kann ich mit dem tempo leben. nur die updates bis dahin wären schon noch schön wenn die gingen. also ich mach mal und danke |
|
13.11.2016, 19:52
| #12 |
| /// TB-Ausbilder /// Anleitungs-Guru | Verlangsamter Rechner, hängt sich öfter auf, Microsoft updates lassen sich nicht mehr aktualisieren OK.
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
| Themen zu Verlangsamter Rechner, hängt sich öfter auf, Microsoft updates lassen sich nicht mehr aktualisieren |
| aktualisieren, definitionen, device driver, hängt, inter, interne, internetverbindung, microsoft, nicht, nicht mehr, problem, probleme, rechner, updates, verbindung, öfter |
