Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Verlangsamter Rechner, hängt sich öfter auf, Microsoft updates lassen sich nicht mehr aktualisieren (https://www.trojaner-board.de/182105-verlangsamter-rechner-haengt-oefter-microsoft-updates-lassen-mehr-aktualisieren.html)

humphrey24 02.10.2016 13:43
Verlangsamter Rechner, hängt sich öfter auf, Microsoft updates lassen sich nicht mehr aktualisieren
 
Wie beschrieben, lassen sich updates definitionen nicht mehr realisieren, da ein "Problem mit der Internetverbindung vorläge. Habe damit aber sonst keine Probleme.

Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version: 30-09-2016
durchgeführt von Boris (02-10-2016 14:39:36)
Gestartet von C:\Users\Boris\Downloads
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) (2008-06-20 02:43:31)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1411231321-3497987553-1682086313-500 - Administrator - Disabled)
Boris (S-1-5-21-1411231321-3497987553-1682086313-1003 - Administrator - Enabled) => C:\Users\Boris
Gast (S-1-5-21-1411231321-3497987553-1682086313-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 23 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Agere Systems HDA Modem (HKLM\...\Agere Systems Soft Modem) (Version:  - Agere Systems)
ANSTOSS 2 (HKLM\...\ANSTOSS 2) (Version:  - )
Atheros WLAN Client (HKLM\...\{04983D37-2202-4295-94A2-8B547C66133F}) (Version: 1.00.000 - )
ATI Catalyst Install Manager (HKLM\...\{9DCC214C-CD1A-1115-6775-A9056185FE4E}) (Version: 3.0.664.0 - ATI Technologies, Inc.)
AVStation Now (HKLM\...\InstallShield_{FD53302C-8E7B-4730-8AD8-86A889BDBFAB}) (Version: 4.0.10.6 - Ihr Firmenname)
AVStation Now (Version: 4.0.10.6 - Ihr Firmenname) Hidden
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 2.3.35.6237 - BlueStack Systems, Inc.)
Catalyst Control Center - Branding (HKLM\...\{2433BAD7-453F-473D-BE81-455E68940DEB}) (Version: 1.00.0000 - ATI)
ccc-core-static (Version: 2008.0318.2139.36886 - Ihr Firmenname) Hidden
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
doPDF (Version: 8.1.922 - Softland) Hidden
doPDF 8 (HKLM\...\{203db349-8f91-4d14-8a94-0966e8933881}) (Version: 8.1.922 - Softland)
DVD Suite (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.0.2103 - CyberLink Corporation)
Easy Battery Manager (HKLM\...\{6F730513-8688-4C3C-90A3-6B9792CE2EF3}) (Version: 3.2.1.1 - )
Easy Display Manager (HKLM\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 2.0.0.0 - Samsung)
Easy Network Manager 3.0 (HKLM\...\InstallShield_{4EA8EA5D-8E46-4698-9BF7-2F2AD8E1C185}) (Version: 3.0.0.0 - Ihr Firmenname)
Easy Network Manager 3.0 (Version: 3.0.0.0 - Ihr Firmenname) Hidden
Easy SpeedUp Manager (HKLM\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 2.0.0.14 - )
Free PDF to Word Doc Converter v1.1 (HKLM\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Freemake Video Converter Version 4.1.5 (HKLM\...\Freemake Video Converter_is1) (Version: 4.1.5 - Ellora Assets Corporation)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.31.5 - Google Inc.) Hidden
HP Deskjet 2540 series Basic Device Software (HKLM\...\{516046F1-6F81-4967-8E63-32273AE2A929}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
imagine digital freedom - Samsung (HKLM\...\{00AF10C1-44BD-4862-9D7F-24E6BA3E87FD}) (Version: 1.0.2.0 - Samsung Electronics Co., LTD)
LabelPrint 2.0 (HKLM\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version:  - )
LightScribe  1.8.15.1 (Version: 1.8.15.1 - hxxp://www.lightscribe.com) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.266.3 - McAfee, Inc.)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM\...\{90850407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office XP Professional mit FrontPage (HKLM\...\{90280407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SOAP Toolkit 2.0 SP2 (HKLM\...\{36BEAD11-8577-49AD-9250-E06A50AE87B0}) (Version: 623.1 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{547DCEC7-DD2A-47E9-82C7-5CF1EAB526DA}) (Version: 9.00.2047.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{2DFB5485-A3EF-4298-9280-4AF80C9F4BE9}) (Version: 9.00.2047.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 49.0.1 (x86 de) (HKLM\...\Mozilla Firefox 49.0.1 (x86 de)) (Version: 49.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 49.0.1.6109 - Mozilla)
novaPDF 8 add-in for Microsoft Office (x86) (HKLM\...\{7187CC63-D4F5-4854-9946-BBC8AF45D45C}) (Version: 8.1.922 - Softland)
novaPDF 8 Printer Driver (HKLM\...\{70EB3A38-9B31-4978-9EA9-C5E73527052D}) (Version: 8.1.922 - Softland)
Play AVStation (HKLM\...\InstallShield_{955597D8-E5E1-474D-B647-60AC44566D24}) (Version: 4.1.20.47 - Ihr Firmenname)
Play AVStation (Version: 4.1.20.47 - Ihr Firmenname) Hidden
PlayCamera (HKLM\...\{804F1285-8CBF-408D-8CDC-D4D40003B2E4}) (Version: 1.0.1.1 - )
PlayMemories Home (HKLM\...\{E03CD71A-F595-49DF-9ADC-0CFC93B1B211}) (Version: 6.0.02.14151 - Sony Corporation)
Power2Go 5.0 (HKLM\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version:  - )
PowerDirector (HKLM\...\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version:  - )
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.2802.0 - CyberLink Corporation)
PowerProducer (HKLM\...\{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 074429(3.7)_Vista_SSPC - CyberLink Corp.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5433 - Realtek Semiconductor Corp.)
Samsung Magic Doctor (HKLM\...\{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}) (Version: 5.00 - Samsung Electronics Co., LTD)
Samsung Recovery Solution II (HKLM\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 1.0.3.21 - Samsung)
Samsung Update Plus (HKLM\...\InstallShield_{685707A4-911C-468D-BFC4-64A50E5E3A0C}) (Version: 1.3.0.11 - Samsung Electronics Co., LTD)
Samsung Update Plus (Version: 1.3.0.11 - Samsung Electronics Co., LTD) Hidden
Skins (Version: 2008.0318.2139.36886 - ATI) Hidden
Skype™ 7.4 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
SMART Common Files (HKLM\...\{9057211D-439A-4C0D-95DE-498CF54ADF8C}) (Version: 11.3.267.0 - SMART Technologies ULC)
SMART English (United Kingdom) Language Pack (HKLM\...\{2B2404AA-35DF-4BF3-A8F2-BAFC8F7174C5}) (Version: 11.2.29.0 - SMART Technologies ULC)
SMART German Language Pack (HKLM\...\{FE34C5E6-CC3D-4C26-969A-0C2CAFB34658}) (Version: 11.2.29.0 - SMART Technologies ULC)
SMART Ink (HKLM\...\{F0E390A2-AB03-4077-83C4-F12D3A65493D}) (Version: 1.1.549.1 - SMART Technologies ULC)
SMART Notebook (HKLM\...\{82E3F365-86BD-4EA8-80CA-F498EBE89537}) (Version: 11.2.637.0 - SMART Technologies ULC)
SMART Product Drivers (HKLM\...\{E91FBB79-D736-4834-A1AB-2A5CDD2DB7E7}) (Version: 11.1.669.0 - SMART Technologies ULC)
SMART Sync Teacher (HKLM\...\{9D81615E-B150-488B-90CA-1159E2113BE3}) (Version: 10.0.576.0 - SMART Technologies ULC)
Steuer 2013 (HKLM\...\{05AEF487-8926-48A9-B5BA-9BED72BC6B1C}) (Version: 21.00.8480 - Buhl Data Service GmbH)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 10.1.2.0 - Synaptics)
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (HKLM\...\{07629207-FAA0-4F1A-8092-BF5085BE511F}) (Version: 9.00.2047.00 - Microsoft Corporation)
User Guide (HKLM\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WIDCOMM Bluetooth Software 6.0.1.5000 (HKLM\...\{03D1988F-469F-4843-8E6E-E5FE9D17889D}) (Version: 6.0.1.5000 - WIDCOMM, Inc.)
WinRAR 5.10 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
WINZD 2013-08 Rev. 2 (HKLM\...\WINZD_is1) (Version:  - R. Aquila, F. Ostermeier)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1411231321-3497987553-1682086313-1003_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Boris\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Keine Datei
CustomCLSID: HKU\S-1-5-21-1411231321-3497987553-1682086313-1003_Classes\CLSID\{A0359AE6-F410-4425-A975-684AAB785ABD}\InprocServer32 -> C:\Users\Boris\AppData\Local\ASKTOO~1\DOWNLO~1\AVIRAB~1.DLL => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {19364531-E37E-4E76-8647-1C4C806D7F61} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files\AVG\AVG PC TuneUp\tuscanx.exe
Task: {2AA082C7-4803-4954-B360-FF0E5BC76E68} - System32\Tasks\EasyBatteryManager => C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe [2008-01-02] (SAMSUNG Electronics co., LTD.)
Task: {363EAC71-3177-46E4-BC1D-BF3A95D66F63} - System32\Tasks\doPDF Update => C:\Program Files\Softland\novaPDF 8\Driver\UpdateApplication.exe [2015-01-09] ()
Task: {502ABAE2-A3CC-4D88-BE25-88B61A02AE97} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {6A7187F4-5645-4BA3-98BA-0E147CF2DD42} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {82583C58-CBA8-4AC1-A74E-8CE24ADE034E} - System32\Tasks\EasySpeedUpManager => C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [2007-12-28] (Samsung Electronics Co., Ltd.)
Task: {892E0D52-AE03-47D7-AF89-5B50DF16F46D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-14] (Adobe Systems Incorporated)
Task: {A728AE6B-5AB8-4223-AD3E-E6341441A01C} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => Rundll32.exe %windir%\system32\pla.dll,PlaConvertLogEntries
Task: {C66E8DD8-A324-45BA-999D-B635600D72CD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {E99D3AFB-F7A8-4342-83DF-318615AF5CEB} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\VistaSP1CEIP => C:\Windows\servicing\vsp1ceip.exe [2008-01-19] (Microsoft Corporation)
Task: {EC7BFDA4-4533-4C92-95E6-2AFF5B0DDB81} - System32\Tasks\SamsungMagicDoctor => C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe [2007-07-05] (Samsung Electronics Co., Ltd.)
Task: {F8A5340B-69BF-4AEE-9F50-6E30203EF659} - System32\Tasks\EasyDisplayMgr => C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [2007-06-01] (SAMSUNG Electronics)
Task: {FE114039-ADE6-4B13-8E0E-095655FF0D95} - System32\Tasks\{B56416D4-2ECB-427D-9578-EA8B77933930} => Firefox.exe hxxp://ui.skype.com/ui/0/7.0.80.102/de/abandoninstall?page=tsMain

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2008-04-15 07:40 - 2008-03-18 15:04 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll
2008-04-16 01:43 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files\SAMSUNG\EasySpeedUpManager\HookDllPS2.dll
2008-04-16 03:14 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files\Samsung\Samsung Magic Doctor\HookDllPS2.dll
2008-04-16 01:37 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
2008-04-16 01:37 - 2006-09-19 02:52 - 00028672 _____ () C:\Program Files\Samsung\Easy Display Manager\WinMove.dll
2015-01-09 14:35 - 2015-01-09 14:35 - 00129304 _____ () C:\Program Files\Softland\novaPDF 8\Server\AgileDotNetRT.dll
2008-04-16 01:22 - 2006-12-19 15:23 - 00272024 _____ () C:\Program Files\CyberLink\Shared Files\RichVideo.exe
2008-03-18 05:21 - 2008-03-18 05:21 - 00016384 ____R () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [119]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)

HKLM\...\cmdfile\DefaultIcon: %SystemRoot%\System32\imageres.dll,-68 <===== ACHTUNG

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\...\100sexlinks.com -> 100sexlinks.com

Da befinden sich 5968 mehr Seiten.


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2006-11-02 12:23 - 2015-12-18 12:22 - 00000767 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1      localhost
::1            localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Boris\Pictures\Unbenannt.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk => C:\Windows\pss\BTTray.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk => C:\Windows\pss\Microsoft Office.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Boris^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: PMBVolumeWatcher => C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe
MSCONFIG\startupreg: RemoteControl => "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
MSCONFIG\startupreg: sbsdk-server => "C:\Program Files\SMART Technologies\Education Software\sbsdk-server\NodeLauncher.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SMART Board Service => "C:\Program Files\SMART Technologies\Education Software\SMARTBoardService.exe" -d
MSCONFIG\startupreg: SMART Board Tools => "C:\Program Files\SMART Technologies\Education Software\SMARTBoardTools.exe"
MSCONFIG\startupreg: SMART Ink => "C:\Program Files\SMART Technologies\Education Software\SMARTInk.exe" -a
MSCONFIG\startupreg: SMART SNMP Agent => "C:\Program Files\SMART Technologies\Education Software\SMARTSNMPAgent.exe" -e
MSCONFIG\startupreg: SMARTClassroomCoordinator.exe => "C:\Program Files\SMART Technologies\Education Software\SMARTClassroomCoordinator.exe"
MSCONFIG\startupreg: VantageService => "C:\Program Files\SMART Technologies\Education Software\VantageService.exe"

==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [{363FD5FE-625A-48E2-9C24-9A2958B5E415}] => (Allow) C:\Program Files\CyberLink\PowerDVD\PowerDVD.EXE
FirewallRules: [{F73EF69F-978F-4BB1-9C41-B449AB7EF792}] => (Allow) C:\Program Files\CyberLink\PowerDirector\PDR.EXE
FirewallRules: [TCP Query User{369E448A-D8F7-4BA0-9DFE-538158E67071}C:\users\boris\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\boris\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{F7880D89-7C9D-471D-A100-A64E6667B713}C:\users\boris\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\boris\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{EA9E3BA5-0C6D-4AC6-A611-9389435C59BA}C:\program files\tvuplayer\tvuplayer.exe] => (Allow) C:\program files\tvuplayer\tvuplayer.exe
FirewallRules: [UDP Query User{972B5D3D-D968-42EE-A585-BF8352039899}C:\program files\tvuplayer\tvuplayer.exe] => (Allow) C:\program files\tvuplayer\tvuplayer.exe
FirewallRules: [{4CDA5B6D-1758-4634-A7FD-0A4A4883D7F3}] => (Allow) LPort=80
FirewallRules: [{70908495-9F51-4D56-B4D9-E420EE25A7EB}] => (Allow) LPort=80
FirewallRules: [{9D0F47CA-BDB4-4577-8347-26367C373B51}] => (Allow) LPort=80
FirewallRules: [TCP Query User{DEAAEB4C-D44D-43B6-9604-1A44DB8EA580}C:\program files\smart technologies\education software\vantageservice.exe] => (Block) C:\program files\smart technologies\education software\vantageservice.exe
FirewallRules: [UDP Query User{2DC16E83-CF15-430B-9B0F-F8E0D2FB7056}C:\program files\smart technologies\education software\vantageservice.exe] => (Block) C:\program files\smart technologies\education software\vantageservice.exe
FirewallRules: [TCP Query User{ADEA3ADC-25D9-49CA-9BA1-BE5B0BFF2D3A}C:\program files\smart technologies\education software\smartsnmpagent.exe] => (Block) C:\program files\smart technologies\education software\smartsnmpagent.exe
FirewallRules: [UDP Query User{060867F9-9894-4EE6-B99B-CCD6C7DFC45F}C:\program files\smart technologies\education software\smartsnmpagent.exe] => (Block) C:\program files\smart technologies\education software\smartsnmpagent.exe
FirewallRules: [{A5134779-AB27-48FF-9E31-8F673CEB5D1A}] => (Allow) C:\Program Files\SMART Technologies\Education Software\SMARTSyncTeacher.exe
FirewallRules: [{27165A7D-1928-4AB9-9A9D-AEBC3CE927EC}] => (Allow) C:\Program Files\SMART Technologies\Education Software\SMARTSyncTeacher.exe
FirewallRules: [{53B9088F-04EA-4A10-AEFE-690AB04E23E5}] => (Allow) C:\Program Files\SMART Technologies\Education Software\UCGui.exe
FirewallRules: [{0B985889-957B-441A-830A-402F0BA50A48}] => (Allow) C:\Program Files\SMART Technologies\Education Software\UCGui.exe
FirewallRules: [{5463188D-1BEF-4141-80B1-0F4A33EE53E9}] => (Allow) C:\Program Files\SMART Technologies\Education Software\SMARTSNMPAgent.exe
FirewallRules: [{941306F9-CD40-48A7-8A8D-00C65D4AF217}] => (Allow) C:\Program Files\SMART Technologies\Education Software\SMARTSNMPAgent.exe
FirewallRules: [{F3845559-260E-4878-86AB-92E29080E577}] => (Allow) C:\Program Files\SMART Technologies\Education Software\UCService.exe
FirewallRules: [{02BE2363-1B5E-4A0C-A590-5C799AC14613}] => (Allow) C:\Program Files\SMART Technologies\Education Software\UCService.exe
FirewallRules: [{AA091F8E-5968-4068-9779-81CE1319020D}] => (Allow) C:\Program Files\SMART Technologies\Education Software\VantageService.exe
FirewallRules: [{3DC02466-FDD0-4ADB-82E0-6AA29EBA5AC5}] => (Allow) C:\Program Files\SMART Technologies\Education Software\VantageService.exe
FirewallRules: [TCP Query User{A8C27D0E-EA68-4D0E-982C-264B14BF3731}C:\program files\smart technologies\education software\responsesoftwareservice.exe] => (Block) C:\program files\smart technologies\education software\responsesoftwareservice.exe
FirewallRules: [UDP Query User{99D748DD-4E51-4F52-8582-CF1E231DCF1A}C:\program files\smart technologies\education software\responsesoftwareservice.exe] => (Block) C:\program files\smart technologies\education software\responsesoftwareservice.exe
FirewallRules: [{D249E997-65F8-4591-A762-96C710C09B94}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{9499DEEF-5760-4E22-AB04-526C2A22FC63}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{96965F50-58EE-4DDD-8B0C-51DCE0C1D671}] => (Allow) LPort=8501
FirewallRules: [{2E9792F4-5793-4435-8BC0-75D2024B2E87}] => (Allow) LPort=8501
FirewallRules: [TCP Query User{A9B767FD-FE00-4538-BF7D-B15E297ED7D9}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{01732457-95C3-4E92-BF7B-63A5BACF5500}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{B28C0FE3-0D7C-47DD-B49F-6A12E10C3A25}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{23590C37-414B-4E7A-9713-87709133D492}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{085ABC44-CBDB-45E7-89BE-6244A7BD71A3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{20E22162-C834-4277-A236-91A0BF7F0C2B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{A8969CC7-8C5F-4A32-A03A-1F654B6A48A4}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe
FirewallRules: [{A60A21DF-A00E-4090-81A8-7D47E448242C}] => (Allow) LPort=5357
FirewallRules: [{1ACC0A69-0DCC-4C77-9E11-020CA77F436A}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{F98C31DD-6B29-4ACF-9201-12AD3345AF80}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

27-07-2016 07:33:43 Geplanter Prüfpunkt
27-07-2016 09:58:33 Windows Update
28-07-2016 01:24:31 Geplanter Prüfpunkt
28-07-2016 12:07:03 Windows Update
29-07-2016 11:57:12 Geplanter Prüfpunkt
29-07-2016 12:29:41 Windows Update
01-08-2016 18:04:57 Windows Update
02-08-2016 08:05:55 Windows Update
02-08-2016 10:35:02 Windows Update
02-08-2016 21:26:46 Windows Update
03-08-2016 11:46:35 Windows Update
04-08-2016 10:09:14 Geplanter Prüfpunkt
04-08-2016 17:00:55 Windows Update
05-08-2016 12:10:45 Windows Update
07-08-2016 03:00:13 Windows Update
07-08-2016 13:35:00 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (10/01/2016 11:48:04 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\BORIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\BK86VV7L.BORIS\SAFEBROWSING-BACKUP> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog

Details:
        Ein an das System angeschlossenes Gerät funktioniert nicht.  (0x8007001f)

Error: (10/01/2016 11:46:47 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "WmiApRpl" in der DLL "C:\Windows\system32\wbem\wmiaprpl.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (10/01/2016 11:46:03 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "PNRPsvc" in der DLL "C:\Windows\system32\pnrpperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (10/01/2016 11:45:56 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "MSDTC" in der DLL "C:\Windows\system32\msdtcuiu.DLL" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (10/01/2016 11:45:54 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "Lsa" in der DLL "C:\Windows\system32\Secur32.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (10/01/2016 11:45:54 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "ESENT" in der DLL "C:\Windows\system32\esentprf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (10/01/2016 11:45:43 PM) (Source: Perflib) (EventID: 1010) (User: )
Description: Die Collect-Prozedur für den "EmdCache"-Dienst in der DLL "C:\Windows\system32\emdmgmt.dll" hat eine Ausnahme verursacht oder einen ungültigen Status zurückgegeben. Die von der Leistungsindikatoren-DLL zurückgegebenen Leistungsdaten werden nicht im Perf Data Block zurückgegeben. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Ausnahmecode oder den Statuscode.

Error: (10/01/2016 11:45:43 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\system32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (10/01/2016 09:07:51 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\BORIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\BK86VV7L.BORIS\SAFEBROWSING> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog

Details:
        Ein an das System angeschlossenes Gerät funktioniert nicht.  (0x8007001f)

Error: (10/01/2016 09:07:51 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\BORIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\BK86VV7L.BORIS\SAFEBROWSING> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog

Details:
        Ein an das System angeschlossenes Gerät funktioniert nicht.  (0x8007001f)


Systemfehler:
=============
Error: (10/02/2016 02:17:24 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von Microsoft-Antischadsoftware ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 0.0.0.0

        Aktualisierungsquelle: Microsoft Malware Protection Center

        Aktualisierungsphase: Installieren

        Quellpfad: hxxp://go.microsoft.com/fwlink/?LinkID=260974&clcid=0x409&NRI=true&arch=x86&eng=0.0.0.0&sig=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094

        Signaturtyp: Network Inspection System

        Aktualisierungstyp: Vollständig

        Benutzer: Boris-PC\Boris

        Aktuelle Modulversion:

        Vorherige Modulversion: 0.0.0.0

        Fehlercode: 0x8007042c

        Fehlerbeschreibung: Der Abhängigkeitsdienst oder die Abhängigkeitsgruppe konnte nicht gestartet werden.

Error: (10/02/2016 02:17:21 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von Microsoft-Antischadsoftware ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion:

        Aktualisierungsquelle: Benutzer

        Aktualisierungsphase: Installieren

        Quellpfad:

        Signaturtyp: Network Inspection System

        Aktualisierungstyp: Vollständig

        Benutzer: Boris-PC\Boris

        Aktuelle Modulversion:

        Vorherige Modulversion:

        Fehlercode: 0x8007042c

        Fehlerbeschreibung: Der Abhängigkeitsdienst oder die Abhängigkeitsgruppe konnte nicht gestartet werden.

Error: (10/01/2016 11:45:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Parallel port driver" wurde aufgrund folgenden Fehlers nicht gestartet:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.

Error: (09/30/2016 09:30:19 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von Microsoft-Antischadsoftware ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 0.0.0.0

        Aktualisierungsquelle: Microsoft Malware Protection Center

        Aktualisierungsphase: Installieren

        Quellpfad: hxxp://go.microsoft.com/fwlink/?LinkID=260974&clcid=0x409&NRI=true&arch=x86&eng=0.0.0.0&sig=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094

        Signaturtyp: Network Inspection System

        Aktualisierungstyp: Vollständig

        Benutzer: NT-AUTORITÄT\NETZWERKDIENST

        Aktuelle Modulversion:

        Vorherige Modulversion: 0.0.0.0

        Fehlercode: 0x8007042c

        Fehlerbeschreibung: Der Abhängigkeitsdienst oder die Abhängigkeitsgruppe konnte nicht gestartet werden.

Error: (09/30/2016 09:30:16 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von Microsoft-Antischadsoftware ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion:

        Aktualisierungsquelle: Benutzer

        Aktualisierungsphase: Installieren

        Quellpfad:

        Signaturtyp: Network Inspection System

        Aktualisierungstyp: Vollständig

        Benutzer: NT-AUTORITÄT\NETZWERKDIENST

        Aktuelle Modulversion:

        Vorherige Modulversion:

        Fehlercode: 0x8007042c

        Fehlerbeschreibung: Der Abhängigkeitsdienst oder die Abhängigkeitsgruppe konnte nicht gestartet werden.

Error: (09/28/2016 06:24:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (09/28/2016 06:24:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Media Player-Netzwerkfreigabedienst erreicht.

Error: (09/28/2016 06:20:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Parallel port driver" wurde aufgrund folgenden Fehlers nicht gestartet:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.

Error: (09/28/2016 09:53:50 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von Microsoft-Antischadsoftware ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.229.210.0

        Aktualisierungsquelle: Microsoft Update Server

        Aktualisierungsphase: Suchen

        Quellpfad: hxxp://www.microsoft.com

        Signaturtyp: AntiVirus

        Aktualisierungstyp: Vollständig

        Benutzer: NT-AUTORITÄT\SYSTEM

        Aktuelle Modulversion:

        Vorherige Modulversion: 1.1.13103.0

        Fehlercode: 0x8024001e

        Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support".

Error: (09/26/2016 06:02:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Parallel port driver" wurde aufgrund folgenden Fehlers nicht gestartet:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.


CodeIntegrity:
===================================
  Date: 2016-09-15 11:13:04.419
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-09-15 11:13:03.452
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-09-15 11:13:02.501
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-09-15 11:13:01.549
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-09-15 11:13:00.597
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-09-15 11:12:59.646
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-09-15 11:12:58.491
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-09-15 11:12:57.540
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-09-15 11:12:56.557
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-09-15 11:12:55.605
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: Intel(R) Pentium(R) Dual CPU T2370 @ 1.73GHz
Prozentuale Nutzung des RAM: 58%
Installierter physikalischer RAM: 3069.45 MB
Verfügbarer physikalischer RAM: 1285.13 MB
Summe virtueller Speicher: 6371.29 MB
Verfügbarer virtueller Speicher: 4423.39 MB

==================== Laufwerke ================================

Drive c: (System) (Fixed) (Total:111.88 GB) (Free:36.36 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: () (Fixed) (Total:111 GB) (Free:110.9 GB) NTFS
Drive g: () (Removable) (Total:7.37 GB) (Free:3.19 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: BD17C37C)
Partition 1: (Not Active) - (Size=10 GB) - (Type=27)
Partition 2: (Active) - (Size=111.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=111 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 7.4 GB) (Disk ID: ECEDD285)
Partition 1: (Not Active) - (Size=7.4 GB) - (Type=0B)

==================== Ende vom Addition.txt ============================
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version: 30-09-2016
durchgeführt von Boris (Administrator) auf BORIS-PC (02-10-2016 14:38:27)
Gestartet von C:\Users\Boris\Downloads
Geladene Profile: Boris (Verfügbare Profile: Boris)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(BlueStack Systems, Inc.) C:\Program Files\Bluestacks\HD-Agent.exe
(SAMSUNG Electronics co., LTD.) C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(BlueStack Systems, Inc.) C:\Program Files\Bluestacks\HD-LogRotatorService.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Microsoft) C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe
(Sony Corporation) C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(SMART Technologies) C:\Program Files\SMART Technologies\Education Software\SMARTHelperService.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\Boris\Downloads\FRST(3).exe


==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-01-21] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4489216 2007-06-13] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1029416 2007-10-26] (Synaptics, Inc.)
HKLM\...\Run: [LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [52256 2007-01-08] ()
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [986872 2016-01-29] (Microsoft Corporation)
HKLM\...\Policies\Explorer: [RestrictRun] 0
HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\...\Run: [BlueStacks Agent] => C:\Program Files\Bluestacks\HD-Agent.exe [970264 2016-06-30] (BlueStack Systems, Inc.)
HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\...\Policies\Explorer: [RestrictRun] 0

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{7044E990-DB48-44BA-B743-E604CF9DB3DB}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{D50B5A7C-D504-4B31-9E88-09767AD9B79C}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.samsungcomputer.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: SMART Notebook Download Utility -> {67BCF957-85FC-4036-8DC4-D4D80E00A77B} -> C:\Program Files\SMART Technologies\Education Software\Win32\NotebookPlugin.dll [2013-05-23] (SMART Technologies ULC.)
Toolbar: HKLM - SMART Sync - {8E1233B3-485A-4E51-B77E-9E075A68C588} - C:\Program Files\SMART Technologies\Education Software\SyncIEToolbar.dll [2011-06-22] (SMART Technologies ULC.)

FireFox:
========
FF ProfilePath: C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\bk86vv7l.boris
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @pages.tvunetworks.com/WebPlayer -> C:\Program Files\TVUPlayer\npTVUAx.dll [Keine Datei]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\bk86vv7l.boris\searchplugins\google-images.xml [2014-11-30]
FF SearchPlugin: C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\bk86vv7l.boris\searchplugins\google-maps.xml [2014-11-30]
FF Extension: (Test Pilot) - C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\pwqe3lw3.default\Extensions\testpilot@labs.mozilla.com.xpi [2012-11-13] [ist nicht signiert]
FF Extension: (GMX MailCheck) - C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\pwqe3lw3.default\Extensions\toolbar@gmx.net.xpi [2012-10-16] [ist nicht signiert]
FF Extension: (Adblock Plus) - C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\bk86vv7l.boris\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-08-03] [ist nicht signiert]

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default [2016-04-29]
CHR Extension: (Google Präsentationen) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-14]
CHR Extension: (Google Docs) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-14]
CHR Extension: (Google Drive) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-29]
CHR Extension: (YouTube) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-29]
CHR Extension: (Google-Suche) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-29]
CHR Extension: (Google Tabellen) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-14]
CHR Extension: (Google Docs Offline) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-29]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-29]
CHR Extension: (Google Mail) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-29]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BstHdAndroidSvc; C:\Program Files\Bluestacks\HD-Service.exe [441880 2016-06-30] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files\Bluestacks\HD-LogRotatorService.exe [421400 2016-06-30] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files\Bluestacks\HD-Plus-Service.exe [458264 2016-06-30] (BlueStack Systems, Inc.)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1074480 2013-08-15] (Flexera Software LLC)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-11-13] (Freemake) [Datei ist nicht signiert]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [235696 2015-12-02] (McAfee, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2016-01-29] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [292816 2016-01-29] (Microsoft Corporation)
R2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [35616 2015-01-09] (Microsoft)
R2 PMBDeviceInfoProvider; C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [459832 2012-02-15] (Sony Corporation)
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2006-12-19] ()
S2 Samsung Update Plus; C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe [73728 2007-06-28] () [Datei ist nicht signiert]
R2 SMARTHelperService; C:\Program Files\SMART Technologies\Education Software\SMARTHelperService.exe [582992 2013-03-07] (SMART Technologies)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BstHdDrv; C:\Program Files\Bluestacks\HD-Hypervisor-x86.sys [139360 2016-06-30] (BlueStack Systems)
S3 BstkDrv; C:\Program Files\Bluestacks\BstkDrv.sys [220216 2016-06-30] (Bluestack System Inc. )
S3 eapihdrv; C:\Users\Boris\AppData\Local\Temp\ehdrv.sys [135760 2015-06-16] (ESET)
R2 KMDFMEMIO; C:\Windows\System32\DRIVERS\kmdfmemio.sys [13312 2008-04-16] (SAMSUNG ELECTRONICS CO., LTD.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [253704 2015-11-13] (Microsoft Corporation)
S3 NETw2v32; C:\Windows\System32\DRIVERS\NETw2v32.sys [2589184 2006-11-02] (Intel® Corporation)
R3 SMARTMouseFilterx86; C:\Windows\System32\DRIVERS\SMARTMouseFilterx86.sys [8192 2013-03-07] (SMART Technologies)
R3 SMARTVHidMini2000x86; C:\Windows\System32\DRIVERS\SMARTVHidMini2000x86.sys [7680 2013-03-07] (SMART Technologies)
R3 SMARTVTabletPCx86; C:\Windows\System32\DRIVERS\SMARTVTabletPCx86.sys [15872 2013-03-07] (SMART Technologies ULC)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 catchme; \??\C:\Users\Boris\AppData\Local\Temp\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 VMC302; System32\Drivers\VMC302.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-10-02 14:38 - 2016-10-02 14:38 - 01754624 _____ (Farbar) C:\Users\Boris\Downloads\FRST(3).exe
2016-09-27 12:50 - 2016-09-27 12:50 - 00010495 _____ C:\Users\Boris\Downloads\BoGruber_elster_27.09.2016_12.48.pfx
2016-09-25 23:16 - 2016-09-25 23:18 - 123776784 _____ (Microsoft Corporation) C:\Users\Boris\Downloads\mpam-fe.exe
2016-09-24 20:03 - 2016-09-25 11:53 - 00000000 ____D C:\Program Files\Mozilla Firefox

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-10-02 14:39 - 2015-06-01 13:13 - 00014618 _____ C:\Users\Boris\Downloads\FRST.txt
2016-10-02 14:38 - 2015-06-01 13:13 - 00000000 ____D C:\FRST
2016-10-02 14:07 - 2014-12-27 22:28 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-02 14:06 - 2012-07-30 16:44 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-10-02 13:58 - 2006-11-02 14:47 - 00003168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-02 13:58 - 2006-11-02 14:47 - 00003168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-02 01:34 - 2014-12-27 22:28 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-01 23:44 - 2008-08-02 17:23 - 00000000 ____D C:\Users\Boris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2016-10-01 23:44 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-01 11:39 - 2008-04-16 01:00 - 00000012 _____ C:\Windows\bthservsdp.dat
2016-10-01 11:39 - 2006-11-02 15:01 - 00032530 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-09-30 13:31 - 2016-04-29 20:22 - 00000000 ____D C:\Program Files\AVG
2016-09-30 13:30 - 2016-04-29 20:22 - 00000000 ____D C:\ProgramData\Avg
2016-09-30 13:30 - 2016-04-29 20:21 - 00000000 ____D C:\Users\Boris\AppData\Local\AvgSetupLog
2016-09-27 13:01 - 2008-04-15 07:48 - 00674032 _____ C:\Windows\system32\perfh007.dat
2016-09-27 13:01 - 2008-04-15 07:48 - 00145818 _____ C:\Windows\system32\perfc007.dat
2016-09-27 13:01 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\inf
2016-09-27 13:01 - 2006-11-02 12:33 - 01566310 _____ C:\Windows\system32\PerfStringBackup.INI
2016-09-25 11:53 - 2012-11-12 18:57 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-09-15 11:30 - 2015-06-11 22:03 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-09-15 11:00 - 2015-06-11 22:03 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-09-14 08:06 - 2012-07-30 16:44 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-09-14 08:06 - 2012-07-30 16:44 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-09-14 08:06 - 2008-04-16 01:27 - 00000000 ____D C:\Windows\system32\Macromed
2016-09-02 10:26 - 2012-08-03 14:15 - 00001812 _____ C:\Windows\system32\dmlg.dat

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2012-11-03 03:27 - 2012-11-03 03:27 - 0017089 _____ () C:\Users\Boris\AppData\Roaming\UserTile.png
2013-09-11 18:37 - 2016-07-18 19:11 - 0000680 _____ () C:\Users\Boris\AppData\Local\d3d9caps.dat
2012-10-11 09:30 - 2016-05-08 12:57 - 0009216 _____ () C:\Users\Boris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Boris\BlueScreenView.exe


Einige Dateien in TEMP:
====================
C:\Users\Boris\AppData\Local\Temp\avguirn_081040260140.exe
C:\Users\Boris\AppData\Local\Temp\avguirn_081268246580.exe
C:\Users\Boris\AppData\Local\Temp\avguirn_081301186681.exe
C:\Users\Boris\AppData\Local\Temp\avguirn_082083109615.exe
C:\Users\Boris\AppData\Local\Temp\avguirn_0876034616.exe
C:\Users\Boris\AppData\Local\Temp\DefaultPack.EXE
C:\Users\Boris\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmph9ppo1.dll
C:\Users\Boris\AppData\Local\Temp\Quarantine.exe
C:\Users\Boris\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-10-01 23:52

==================== Ende vom FRST.txt ============================

deeprybka 06.10.2016 10:21
:hallo:

Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...:abklatsch:
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lies die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
  • Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
  • Poste die Logfiles direkt in Deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean :daumenhoc bekommst.


Los geht's:

Schritt 1
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

humphrey24 07.10.2016 15:05
Code:
15:55:59.0359 0x1748  TDSS rootkit removing tool 3.1.0.11 Aug  5 2016 12:13:31
15:56:04.0778 0x1748  EULA was not accepted, exiting. For auto accept you could use -accepteula command line parameter.
15:56:04.0781 0x0650  Deinitialize success
Übrigens: das update hat schon davor wieder funktioniert. lag wohl an avg. was mir noch einfällt: ich habe in regelmäßigen abständen gescheiterte versuche, sich in mein email account einzuloggen. kann da diesbezüglich vielleicht auch etwas auf dem rechner sein?
es verbleibt so oder so das langsame arbeiten des rechners und scheiternde java scrips.

danke

Code:
15:56:24.0303 0x16c8  TDSS rootkit removing tool 3.1.0.11 Aug  5 2016 12:13:31
15:56:29.0513 0x16c8  ============================================================
15:56:29.0513 0x16c8  Current date / time: 2016/10/07 15:56:29.0513
15:56:29.0513 0x16c8  SystemInfo:
15:56:29.0513 0x16c8 
15:56:29.0513 0x16c8  OS Version: 6.0.6002 ServicePack: 2.0
15:56:29.0513 0x16c8  Product type: Workstation
15:56:29.0513 0x16c8  ComputerName: BORIS-PC
15:56:29.0513 0x16c8  UserName: Boris
15:56:29.0513 0x16c8  Windows directory: C:\Windows
15:56:29.0513 0x16c8  System windows directory: C:\Windows
15:56:29.0513 0x16c8  Processor architecture: Intel x86
15:56:29.0513 0x16c8  Number of processors: 2
15:56:29.0513 0x16c8  Page size: 0x1000
15:56:29.0513 0x16c8  Boot type: Normal boot
15:56:29.0513 0x16c8  CodeIntegrityOptions = 0x00000000
15:56:29.0513 0x16c8  ============================================================
15:56:32.0087 0x16c8  KLMD registered as C:\Windows\system32\drivers\64228482.sys
15:56:32.0087 0x16c8  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 6002.19636, osProperties = 0x0
15:56:35.0457 0x16c8  System UUID: {E796C9A5-E8C5-A6BE-0E02-449C6CA6F918}
15:56:36.0595 0x16c8  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:56:36.0611 0x16c8  ============================================================
15:56:36.0611 0x16c8  \Device\Harddisk0\DR0:
15:56:36.0611 0x16c8  MBR partitions:
15:56:36.0611 0x16c8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1400800, BlocksNum 0xDFC5000
15:56:36.0611 0x16c8  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xF3C5800, BlocksNum 0xDDFF800
15:56:36.0611 0x16c8  ============================================================
15:56:36.0642 0x16c8  C: <-> \Device\Harddisk0\DR0\Partition1
15:56:36.0736 0x16c8  D: <-> \Device\Harddisk0\DR0\Partition2
15:56:36.0751 0x16c8  ============================================================
15:56:36.0751 0x16c8  Initialize success
15:56:36.0751 0x16c8  ============================================================
15:57:03.0209 0x12b8  ============================================================
15:57:03.0209 0x12b8  Scan started
15:57:03.0209 0x12b8  Mode: Manual; SigCheck; TDLFS;
15:57:03.0209 0x12b8  ============================================================
15:57:03.0209 0x12b8  KSN ping started
15:57:03.0349 0x12b8  KSN ping finished: true
15:57:04.0395 0x12b8  ================ Scan system memory ========================
15:57:04.0395 0x12b8  System memory - ok
15:57:04.0410 0x12b8  ================ Scan services =============================
15:57:04.0613 0x12b8  [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys
15:57:04.0738 0x12b8  ACPI - ok
15:57:04.0847 0x12b8  [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
15:57:04.0863 0x12b8  AdobeARMservice - ok
15:57:04.0956 0x12b8  [ 8FC33A20D54FB5CC7FBBA814B4E42A22, 707F61F0CEB9467D9BD1782868403BD53DB46EAB0342772661F370E5174AAD8C ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:57:04.0972 0x12b8  AdobeFlashPlayerUpdateSvc - ok
15:57:05.0034 0x12b8  [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB, 0342700760874683A6DF4F149DACACEF0569D40C45FC5958C67100B3C5D9BBBC ] adp94xx        C:\Windows\system32\drivers\adp94xx.sys
15:57:05.0065 0x12b8  adp94xx - ok
15:57:05.0112 0x12b8  [ B84088CA3CDCA97DA44A984C6CE1CCAD, 87009809FB101BF51483FA32318CBCD209386582880C82417BE4FFAD1B04C8C1 ] adpahci        C:\Windows\system32\drivers\adpahci.sys
15:57:05.0143 0x12b8  adpahci - ok
15:57:05.0159 0x12b8  [ 7880C67BCCC27C86FD05AA2AFB5EA469, C8B06E203EEA6EAD19651F212432005ABADFF21E2AA5699E34040527394F2677 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
15:57:05.0190 0x12b8  adpu160m - ok
15:57:05.0221 0x12b8  [ 9AE713F8E30EFC2ABCCD84904333DF4D, B0C7801AC6E0811C38F0474703F34283914C8873D851F59EE232834F7C0D8087 ] adpu320        C:\Windows\system32\drivers\adpu320.sys
15:57:05.0237 0x12b8  adpu320 - ok
15:57:05.0284 0x12b8  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc    C:\Windows\System32\aelupsvc.dll
15:57:05.0393 0x12b8  AeLookupSvc - ok
15:57:05.0455 0x12b8  [ 4A0978779958D8FE8F5849F452BCC812, C57002A721F3DCAFB00CF4DEC57E9E761393BDB471ACEAFFDBD1ABA9AE308598 ] AFD            C:\Windows\system32\drivers\afd.sys
15:57:05.0596 0x12b8  AFD - ok
15:57:05.0705 0x12b8  [ CE91B158FA490CF4C4D487A4130F4660, C343AEB125B15E6FC8428499E1C48390EF5073FACB0DC9BAB9040EFB170D04A5 ] AgereSoftModem  C:\Windows\system32\DRIVERS\AGRSM.sys
15:57:05.0845 0x12b8  AgereSoftModem - ok
15:57:05.0892 0x12b8  [ EF23439CDD587F64C2C1B8825CEAD7D8, 762665CFC202B3E16CA2338887896FDF996331A363DC709F1EC088BF927133A3 ] agp440          C:\Windows\system32\drivers\agp440.sys
15:57:05.0908 0x12b8  agp440 - ok
15:57:05.0939 0x12b8  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx        C:\Windows\system32\drivers\djsvs.sys
15:57:05.0955 0x12b8  aic78xx - ok
15:57:05.0986 0x12b8  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG            C:\Windows\System32\alg.exe
15:57:06.0095 0x12b8  ALG - ok
15:57:06.0126 0x12b8  [ 90395B64600EBB4552E26E178C94B2E4, 73095893964DC7915983B58A567184FC51949C99341E7E0D04D70CC4C4F95E37 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:57:06.0142 0x12b8  aliide - ok
15:57:06.0173 0x12b8  [ 2B13E304C9DFDFA5EB582F6A149FA2C7, 196CCE13E0376526B79D9C43D4071990576C4DD210A48E9E922B438AA11C95E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
15:57:06.0189 0x12b8  amdagp - ok
15:57:06.0204 0x12b8  [ 0577DF1D323FE75A739C787893D300EA, 079EF3CA18FB847DB7E62929071BFF007FAF390E1DBF4C59F28DAAC6B9C2DE51 ] amdide          C:\Windows\system32\drivers\amdide.sys
15:57:06.0220 0x12b8  amdide - ok
15:57:06.0235 0x12b8  [ DC487885BCEF9F28EECE6FAC0E5DDFC5, 24A62F6E628AD46273BC226F7BC3453A9C7B76F81ABB9FB801EBEFADB2AB7C9B ] AmdK7          C:\Windows\system32\drivers\amdk7.sys
15:57:06.0391 0x12b8  AmdK7 - ok
15:57:06.0407 0x12b8  [ 0CA0071DA4315B00FC1328CA86B425DA, 4F816FA2197166A83A266084F9D5ED68876D0521D378F90F1314DD53C6FB8814 ] AmdK8          C:\Windows\system32\drivers\amdk8.sys
15:57:06.0485 0x12b8  AmdK8 - ok
15:57:06.0532 0x12b8  [ 8F7D200717A58E9800D391F4C2101577, F07CF0F5636F46D8F3D5133284943E991E8739E5A644BCA5F18BB896B374620D ] Appinfo        C:\Windows\System32\appinfo.dll
15:57:06.0563 0x12b8  Appinfo - ok
15:57:06.0610 0x12b8  [ 5F673180268BB1FDB69C99B6619FE379, C4307A861163F96648109046A6C7D53AB1C9B10D0B841DD1A7D147D22F462649 ] arc            C:\Windows\system32\drivers\arc.sys
15:57:06.0625 0x12b8  arc - ok
15:57:06.0672 0x12b8  [ 957F7540B5E7F602E44648C7DE5A1C05, F03C7708A6C9D2579ECE5A7413AFA068E1067D7191EC653A78BA4FEDE76CFBD8 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
15:57:06.0703 0x12b8  arcsas - ok
15:57:06.0813 0x12b8  [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
15:57:06.0844 0x12b8  aspnet_state - ok
15:57:06.0875 0x12b8  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:57:06.0937 0x12b8  AsyncMac - ok
15:57:06.0969 0x12b8  [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi          C:\Windows\system32\drivers\atapi.sys
15:57:07.0000 0x12b8  atapi - ok
15:57:07.0062 0x12b8  [ 91E15B0A1D6F7B99ACE55D04C6D1544A, 23988261D07D009437F6AD78641E44E690058E85A5C81568DAE999679EE58112 ] athr            C:\Windows\system32\DRIVERS\athr.sys
15:57:07.0140 0x12b8  athr - ok
15:57:07.0203 0x12b8  [ A80ECB306802572FD2D6659DA010B037, 3CCD8CBA18787C8FBAE33C6B5351D6CCC7D1E37843E7487233E1CCF650845E87 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
15:57:07.0312 0x12b8  Ati External Event Utility - ok
15:57:07.0515 0x12b8  [ 976D32226FC4DD1187110B763F913A69, 003CC47DCB27C3148C219E9B830992BDEB9B5B3C33E36468DB3C2F303E937874 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
15:57:07.0795 0x12b8  atikmdag - ok
15:57:07.0842 0x12b8  [ 4AA1EB65481C392955939E735D27118B, 167F91B0F48C13FA4B976EAB2DC0B29C31A2A98E276B2BF80323E051D54934CB ] AtiPcie        C:\Windows\system32\DRIVERS\AtiPcie.sys
15:57:07.0858 0x12b8  AtiPcie - ok
15:57:07.0936 0x12b8  [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:57:07.0998 0x12b8  AudioEndpointBuilder - ok
15:57:08.0014 0x12b8  [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
15:57:08.0045 0x12b8  Audiosrv - ok
15:57:08.0107 0x12b8  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:57:08.0154 0x12b8  Beep - ok
15:57:08.0201 0x12b8  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE            C:\Windows\System32\bfe.dll
15:57:08.0357 0x12b8  BFE - ok
15:57:08.0451 0x12b8  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS            C:\Windows\System32\qmgr.dll
15:57:08.0544 0x12b8  BITS - ok
15:57:08.0560 0x12b8  blbdrive - ok
15:57:08.0591 0x12b8  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:57:08.0638 0x12b8  bowser - ok
15:57:08.0685 0x12b8  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
15:57:08.0731 0x12b8  BrFiltLo - ok
15:57:08.0763 0x12b8  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
15:57:08.0841 0x12b8  BrFiltUp - ok
15:57:08.0887 0x12b8  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser        C:\Windows\System32\browser.dll
15:57:08.0950 0x12b8  Browser - ok
15:57:08.0997 0x12b8  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid        C:\Windows\system32\drivers\brserid.sys
15:57:09.0059 0x12b8  Brserid - ok
15:57:09.0090 0x12b8  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
15:57:09.0153 0x12b8  BrSerWdm - ok
15:57:09.0184 0x12b8  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
15:57:09.0277 0x12b8  BrUsbMdm - ok
15:57:09.0309 0x12b8  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
15:57:09.0371 0x12b8  BrUsbSer - ok
15:57:09.0480 0x12b8  [ 9832143D5B3D6DF0D32CBC7A472596A6, 4C523D97F5503F74B493F379F15E1241506D176D82347B4A3A1FBD10E5626676 ] BstHdAndroidSvc C:\Program Files\Bluestacks\HD-Service.exe
15:57:09.0574 0x12b8  BstHdAndroidSvc - ok
15:57:09.0621 0x12b8  [ 3F8544C9F1B04961200CD883C86EBEBF, FE19862498A0803BCB598315516B243383A1339DFDEC239B7653DD1D46106ECD ] BstHdDrv        C:\Program Files\Bluestacks\HD-Hypervisor-x86.sys
15:57:09.0636 0x12b8  BstHdDrv - ok
15:57:09.0683 0x12b8  [ 5D4F461554DEF19E9DF95E221C8E504D, 9FED67DA9824BAC64A1B57795B0C55B1598B45A7F03955540CD62BAF3F2CF156 ] BstHdLogRotatorSvc C:\Program Files\Bluestacks\HD-LogRotatorService.exe
15:57:09.0777 0x12b8  BstHdLogRotatorSvc - ok
15:57:09.0823 0x12b8  [ 59F43F0E66447E941C932B26DFF7C307, D87790B9BEB67BF656EC0D35917BD586E589D60730756EA93411421993FDEF91 ] BstHdPlusAndroidSvc C:\Program Files\Bluestacks\HD-Plus-Service.exe
15:57:09.0917 0x12b8  BstHdPlusAndroidSvc - ok
15:57:09.0964 0x12b8  [ BD80C60757A5D677F7A90E6E7D8FB403, 238A67C4C5ABF37BAB87CCE45F4C44E6C5167A875B18D2521665F0B000DFA67B ] BstkDrv        C:\Program Files\Bluestacks\BstkDrv.sys
15:57:09.0979 0x12b8  BstkDrv - ok
15:57:10.0026 0x12b8  [ 064FBC56921051DE1075495D628B815F, 4CFB6088423A99BC2D8F8EE22F761AC4168D0C37B86C3196D19E477FD25177DE ] BthEnum        C:\Windows\system32\DRIVERS\BthEnum.sys
15:57:10.0089 0x12b8  BthEnum - ok
15:57:10.0120 0x12b8  [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
15:57:10.0198 0x12b8  BTHMODEM - ok
15:57:10.0229 0x12b8  [ B8C3D9DDF85FD197C3E5F849FEF71144, 9DA9D7D4970814051E93288F06A6676BC4B09EF52C1E4E70541E0D9937729E84 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
15:57:10.0307 0x12b8  BthPan - ok
15:57:10.0369 0x12b8  [ B24757D9154CCA035E1BBD3DB92966D7, 49B5863EF8D2E1B380A4F58A77A4A9D32412120BDE603894033090E741D56ABA ] BTHPORT        C:\Windows\system32\Drivers\BTHport.sys
15:57:10.0401 0x12b8  BTHPORT - ok
15:57:10.0447 0x12b8  [ A4C8377FA4A994E07075107DBE2E3DCE, C3CDAA7B83D130100044341C23897CC6C257FA075A8D08B8551F4A28AE8CE6C4 ] BthServ        C:\Windows\System32\bthserv.dll
15:57:10.0494 0x12b8  BthServ - ok
15:57:10.0510 0x12b8  [ D42CF5F0C7635B3F1578810FE34D9E41, 41E33B6D113E717CC4B1B7DF4E684F4C1AD3FD29E5A1F11E9739CA819FB6A9DC ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
15:57:10.0557 0x12b8  BTHUSB - ok
15:57:10.0619 0x12b8  [ 636F45A8500C1438CFA7DEE15FC5C184, 5AC0FD976751615589AA052562C610F3ED2B84D9AF8D954E3FEC13EB156483D3 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
15:57:10.0635 0x12b8  btwaudio - ok
15:57:10.0666 0x12b8  [ BF9256FF01B093A5D90BB7A35EC90410, D334C1D46EEC1FBC7206D9AE561D046D73E9DA75DE4434D308605A155958B9D6 ] btwavdt        C:\Windows\system32\drivers\btwavdt.sys
15:57:10.0681 0x12b8  btwavdt - ok
15:57:10.0775 0x12b8  [ 7FE64B44B0249A64597F5588BC2A09BE, 2593DB6AABF8C24136E3ED37B7DA89188D941A8FCF2211723568AB4995C94160 ] btwdins        C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
15:57:10.0806 0x12b8  btwdins - ok
15:57:10.0837 0x12b8  [ 0AB8C1AC177AFB27309E1072FAF34A37, 54318740132895A3D9230D82CC7B0765ED2DEF4DA3F4B0D256FD3B44137A1E21 ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
15:57:10.0853 0x12b8  btwrchid - ok
15:57:10.0962 0x12b8  catchme - ok
15:57:11.0009 0x12b8  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:57:11.0040 0x12b8  cdfs - ok
15:57:11.0087 0x12b8  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom          C:\Windows\system32\DRIVERS\cdrom.sys
15:57:11.0134 0x12b8  cdrom - ok
15:57:11.0181 0x12b8  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc    C:\Windows\System32\certprop.dll
15:57:11.0227 0x12b8  CertPropSvc - ok
15:57:11.0259 0x12b8  [ DA8E0AFC7BAA226C538EF53AC2F90897, 2BBB9966671A3B8325D215DBC29FBD7D912C13ADC562A0D4521D1FF9A6F445C0 ] circlass        C:\Windows\system32\drivers\circlass.sys
15:57:11.0321 0x12b8  circlass - ok
15:57:11.0352 0x12b8  [ 5D9311526801643000D7032A83B18B12, C5A98868A41446617B3A27C6C4AAFA4E7C093E253E8C1DD5DBFE6FAE21991209 ] CLFS            C:\Windows\system32\CLFS.sys
15:57:11.0383 0x12b8  CLFS - ok
15:57:11.0446 0x12b8  [ 6B6943A0CA56B47D6FB2EE476890854F, 6DA779879487F4A187DF54B0362642643D7871AA8F7E30992D781F558C50F052 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:57:11.0461 0x12b8  clr_optimization_v2.0.50727_32 - ok
15:57:11.0539 0x12b8  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:57:11.0555 0x12b8  clr_optimization_v4.0.30319_32 - ok
15:57:11.0602 0x12b8  [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
15:57:11.0664 0x12b8  CmBatt - ok
15:57:11.0695 0x12b8  [ 45201046C776FFDAF3FC8A0029C581C8, 68A68CF2B76598BC8610EB5B2D3FD5BDC9D51CFC6F51FB7A0B0C92A2BE910FC6 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:57:11.0727 0x12b8  cmdide - ok
15:57:11.0758 0x12b8  [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
15:57:11.0773 0x12b8  Compbatt - ok
15:57:11.0789 0x12b8  COMSysApp - ok
15:57:11.0789 0x12b8  [ 2A213AE086BBEC5E937553C7D9A2B22C, 1F91ACC0426E0ED1717555B282F65629EF15021375B24A63C29C89ADE916EE2A ] crcdisk        C:\Windows\system32\drivers\crcdisk.sys
15:57:11.0820 0x12b8  crcdisk - ok
15:57:11.0836 0x12b8  [ 22A7F883508176489F559EE745B5BF5D, D6341E3FBC8A46D2D1F0477FA60EC4828B585D35B14609CD02868FD04ECD14DB ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
15:57:11.0914 0x12b8  Crusoe - ok
15:57:11.0961 0x12b8  [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:57:12.0023 0x12b8  CryptSvc - ok
15:57:12.0101 0x12b8  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:57:12.0179 0x12b8  DcomLaunch - ok
15:57:12.0226 0x12b8  [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:57:12.0273 0x12b8  DfsC - ok
15:57:12.0413 0x12b8  [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe
15:57:12.0616 0x12b8  DFSR - ok
15:57:12.0694 0x12b8  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
15:57:12.0741 0x12b8  Dhcp - ok
15:57:12.0787 0x12b8  [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys
15:57:12.0819 0x12b8  disk - ok
15:57:12.0881 0x12b8  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:57:12.0912 0x12b8  Dnscache - ok
15:57:12.0959 0x12b8  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc        C:\Windows\System32\dot3svc.dll
15:57:13.0021 0x12b8  dot3svc - ok
15:57:13.0068 0x12b8  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS            C:\Windows\system32\dps.dll
15:57:13.0131 0x12b8  DPS - ok
15:57:13.0162 0x12b8  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud        C:\Windows\system32\drivers\drmkaud.sys
15:57:13.0271 0x12b8  drmkaud - ok
15:57:13.0333 0x12b8  [ 6D2A164686B15F590DF012ABA4735888, 8A7A2656571FCFE0B56F64E5FDF48B37D101C0D3CE50A8A22481DC440CAB46D9 ] DXGKrnl        C:\Windows\System32\drivers\dxgkrnl.sys
15:57:13.0380 0x12b8  DXGKrnl - ok
15:57:13.0427 0x12b8  [ F88FB26547FD2CE6D0A5AF2985892C48, F02E06E16830F5D3FAF61991F5A91E54BB3461F58AFE3BFB7A9066CD302B879F ] E1G60          C:\Windows\system32\DRIVERS\E1G60I32.sys
15:57:13.0489 0x12b8  E1G60 - ok
15:57:13.0521 0x12b8  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost        C:\Windows\System32\eapsvc.dll
15:57:13.0583 0x12b8  EapHost - ok
15:57:13.0645 0x12b8  [ 560EDC0912BDB68290930E2542823A24, CB9578A19F717FBD388F2BE8179CF2D4755DF11AD246E13AF1D43E25CA026386 ] eapihdrv        C:\Users\Boris\AppData\Local\Temp\ehdrv.sys
15:57:13.0661 0x12b8  eapihdrv - ok
15:57:13.0739 0x12b8  [ 9BAB89DBB27891DEEF6E1F1B589A6ED4, 61BE4A6394ED5C99CB84B720F6AA6B97C7FE71A7A04D822F6EE99AB084C55606 ] Ecache          C:\Windows\system32\drivers\ecache.sys
15:57:13.0755 0x12b8  Ecache - ok
15:57:13.0833 0x12b8  [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr        C:\Windows\ehome\ehRecvr.exe
15:57:13.0895 0x12b8  ehRecvr - ok
15:57:13.0926 0x12b8  [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched        C:\Windows\ehome\ehsched.exe
15:57:13.0989 0x12b8  ehSched - ok
15:57:14.0004 0x12b8  [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart        C:\Windows\ehome\ehstart.dll
15:57:14.0035 0x12b8  ehstart - ok
15:57:14.0082 0x12b8  [ E8F3F21A71720C84BCF423B80028359F, 63114E6120F634224A0E83A5047B37C7D6F26CF99FE3C01CFC0AB8B1763BB084 ] elxstor        C:\Windows\system32\drivers\elxstor.sys
15:57:14.0113 0x12b8  elxstor - ok
15:57:14.0176 0x12b8  [ E798C0BDFA4913CCF8A646D29BB34796, 7CDB2BCCDD8A8A70C6248C327A357EA3488C7ADED32D4F89B933ED72AE12B73B ] EMDMgmt        C:\Windows\system32\emdmgmt.dll
15:57:14.0254 0x12b8  EMDMgmt - ok
15:57:14.0301 0x12b8  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem    C:\Windows\system32\es.dll
15:57:14.0363 0x12b8  EventSystem - ok
15:57:14.0410 0x12b8  [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat          C:\Windows\system32\drivers\exfat.sys
15:57:14.0472 0x12b8  exfat - ok
15:57:14.0503 0x12b8  [ 4E404505B3F62ECFBDBCBBCF0A72DBC5, 9F446ED06A31BFE52C4F1E8ACC400B8E3F47A3CC02FFC950DB861B2B3BA4C5B9 ] fastfat        C:\Windows\system32\drivers\fastfat.sys
15:57:14.0535 0x12b8  fastfat - ok
15:57:14.0581 0x12b8  [ 63BDADA84951B9C03E641800E176898A, AD3EA20CAD0E0C438422D5D39AEA9E0AAD9E1DC866A696AE503C76F5FAC4BE6E ] fdc            C:\Windows\system32\DRIVERS\fdc.sys
15:57:14.0644 0x12b8  fdc - ok
15:57:14.0675 0x12b8  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost        C:\Windows\system32\fdPHost.dll
15:57:14.0722 0x12b8  fdPHost - ok
15:57:14.0737 0x12b8  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:57:14.0815 0x12b8  FDResPub - ok
15:57:14.0847 0x12b8  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:57:14.0862 0x12b8  FileInfo - ok
15:57:14.0878 0x12b8  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace      C:\Windows\system32\drivers\filetrace.sys
15:57:14.0925 0x12b8  Filetrace - ok
15:57:15.0003 0x12b8  [ DFADECE1B66095F3F247ACC0EBDC5F8D, 65D8CCCE382554A4DD197AFC323D591B3D0B1C4BF13134ED6A09C9CB843E061F ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
15:57:15.0065 0x12b8  FLEXnet Licensing Service - ok
15:57:15.0096 0x12b8  [ 6603957EFF5EC62D25075EA8AC27DE68, B52D112301A6BFBD60959D7D2502AB2E1EB6BB7F5DCED46899F1F006C7F1E887 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
15:57:15.0174 0x12b8  flpydisk - ok
15:57:15.0221 0x12b8  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:57:15.0252 0x12b8  FltMgr - ok
15:57:15.0315 0x12b8  [ 61AC5BF24A155C95F865290F046F91EF, 89F6A96F5CBD04390CF0509DDC22E4FDC1F8AB862F23957D583A757C1E51C20B ] FontCache      C:\Windows\system32\FntCache.dll
15:57:15.0424 0x12b8  FontCache - ok
15:57:15.0502 0x12b8  [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:57:15.0517 0x12b8  FontCache3.0.0.0 - ok
15:57:15.0627 0x12b8  [ 5C89EF3DDAFB3AE71091C956C3F1AFCE, ACEE0D3BB178B1999E4B8167EBED0D09C57CE1587A2C3486CDD3BC57D60DE088 ] Freemake Improver C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
15:57:15.0736 0x12b8  Freemake Improver - detected UnsignedFile.Multi.Generic ( 1 )
15:57:15.0861 0x12b8  Freemake Improver ( UnsignedFile.Multi.Generic ) - warning
15:57:16.0079 0x12b8  [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:57:16.0110 0x12b8  Fs_Rec - ok
15:57:16.0141 0x12b8  [ 4E1CD0A45C50A8882616CAE5BF82F3C5, 1B909AF150F7119A5685999451A85012F4A92F15F38390A281EA507E2D247BAE ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
15:57:16.0173 0x12b8  gagp30kx - ok
15:57:16.0235 0x12b8  [ 1E74AA0D84B3AF74B39D63142DB0D2AA, EFA23EA053FB2CF2A374201F662680712F475C2461A84643755E9BC2E066E0A2 ] gpsvc          C:\Windows\System32\gpsvc.dll
15:57:16.0469 0x12b8  gpsvc - ok
15:57:16.0563 0x12b8  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate        C:\Program Files\Google\Update\GoogleUpdate.exe
15:57:16.0578 0x12b8  gupdate - ok
15:57:16.0594 0x12b8  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
15:57:16.0609 0x12b8  gupdatem - ok
15:57:16.0672 0x12b8  [ CB04C744BE0A61B1D648FAED182C3B59, 61DC0FF94325DAFCCB7B3980A48727EFBF1283FCF753EC16EF04C730525994C0 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:57:16.0734 0x12b8  HdAudAddService - ok
15:57:16.0781 0x12b8  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
15:57:16.0859 0x12b8  HDAudBus - ok
15:57:16.0890 0x12b8  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys
15:57:16.0968 0x12b8  HidBth - ok
15:57:16.0999 0x12b8  [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr          C:\Windows\system32\drivers\hidir.sys
15:57:17.0077 0x12b8  HidIr - ok
15:57:17.0109 0x12b8  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv        C:\Windows\System32\hidserv.dll
15:57:17.0140 0x12b8  hidserv - ok
15:57:17.0171 0x12b8  [ 01E7971E9F4BD6AC6A08DB52D0EA0418, CBB348043750340B7B6873B3FEF6FB47E1B222CB5C5EA7E96C68AE9F2431D856 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:57:17.0202 0x12b8  HidUsb - ok
15:57:17.0249 0x12b8  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:57:17.0296 0x12b8  hkmsvc - ok
15:57:17.0311 0x12b8  [ DF353B401001246853763C4B7AAA6F50, 05C043493BDD99DEFBB0F5C3D8C475B06C2BF5629565ACF6F3B754002519B836 ] HpCISSs        C:\Windows\system32\drivers\hpcisss.sys
15:57:17.0327 0x12b8  HpCISSs - ok
15:57:17.0374 0x12b8  [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:57:17.0452 0x12b8  HTTP - ok
15:57:17.0483 0x12b8  [ 324C2152FF2C61ABAE92D09F3CCA4D63, 2D09964C8003277F7DB1FFAA0DAEF15B205F3C4100FF601950BC9E544DC0B91F ] i2omp          C:\Windows\system32\drivers\i2omp.sys
15:57:17.0499 0x12b8  i2omp - ok
15:57:17.0561 0x12b8  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
15:57:17.0608 0x12b8  i8042prt - ok
15:57:17.0655 0x12b8  [ C957BF4B5D80B46C5017BF0101E6C906, 6B9186335E50E7E0DBAF574A224E524EC526B57AA02F509E4A8D0F905C9CE880 ] iaStorV        C:\Windows\system32\drivers\iastorv.sys
15:57:17.0686 0x12b8  iaStorV - ok
15:57:17.0795 0x12b8  [ DD386C45D2B5863740166783448A2E7A, 10B912BA70306644BE73A53AF4DCDFF63880C4C5860FF6DBA92B0914EB566718 ] idsvc          C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:57:17.0857 0x12b8  idsvc - ok
15:57:17.0904 0x12b8  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp          C:\Windows\system32\drivers\iirsp.sys
15:57:17.0920 0x12b8  iirsp - ok
15:57:17.0982 0x12b8  [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT          C:\Windows\System32\ikeext.dll
15:57:18.0029 0x12b8  IKEEXT - ok
15:57:18.0138 0x12b8  [ 7BD4E0428776D11C8E8E26F9F5508690, 64108320A3AFC4F7E207B2F4A9BA52E6F4A0A71606C0FEC44F0CE1C343BC2D3E ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
15:57:18.0450 0x12b8  IntcAzAudAddService - ok
15:57:18.0481 0x12b8  [ 97469037714070E45194ED318D636401, DDB5AE39BE0BD37ECB44969A5FA740E5B1169342347D0DB3E5DF0353A6708271 ] intelide        C:\Windows\system32\drivers\intelide.sys
15:57:18.0497 0x12b8  intelide - ok
15:57:18.0528 0x12b8  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:57:18.0591 0x12b8  intelppm - ok
15:57:18.0622 0x12b8  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum      C:\Windows\system32\ipbusenum.dll
15:57:18.0684 0x12b8  IPBusEnum - ok
15:57:18.0731 0x12b8  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:57:18.0778 0x12b8  IpFilterDriver - ok
15:57:18.0825 0x12b8  [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:57:18.0856 0x12b8  iphlpsvc - ok
15:57:18.0871 0x12b8  IpInIp - ok
15:57:18.0903 0x12b8  [ 40F34F8ABA2A015D780E4B09138B6C17, 22F86888C6B4F76836E863A90730D8F0DBD518305D87A399A159387E79E9D2F7 ] IPMIDRV        C:\Windows\system32\drivers\ipmidrv.sys
15:57:18.0965 0x12b8  IPMIDRV - ok
15:57:18.0996 0x12b8  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT          C:\Windows\system32\DRIVERS\ipnat.sys
15:57:19.0059 0x12b8  IPNAT - ok
15:57:19.0090 0x12b8  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:57:19.0137 0x12b8  IRENUM - ok
15:57:19.0168 0x12b8  [ 350FCA7E73CF65BCEF43FAE1E4E91293, 68403FE3F4DC40919CD26A2CC42BE4386AE6874F47DD382348FFD79080721A13 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:57:19.0183 0x12b8  isapnp - ok
15:57:19.0230 0x12b8  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
15:57:19.0261 0x12b8  iScsiPrt - ok
15:57:19.0293 0x12b8  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
15:57:19.0308 0x12b8  iteatapi - ok
15:57:19.0339 0x12b8  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid        C:\Windows\system32\drivers\iteraid.sys
15:57:19.0355 0x12b8  iteraid - ok
15:57:19.0386 0x12b8  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:57:19.0417 0x12b8  kbdclass - ok
15:57:19.0433 0x12b8  [ D2600CB17B7408B4A83F231DC9A11AC3, C3025C2ED3541F58E8C1D792B0683949286BE583AB17B0C48F7362B4FA512BC0 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
15:57:19.0495 0x12b8  kbdhid - ok
15:57:19.0558 0x12b8  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso          C:\Windows\system32\lsass.exe
15:57:19.0636 0x12b8  KeyIso - ok
15:57:19.0667 0x12b8  [ EBC507F129DF8F0E0CA270DCFC0CF87F, 232E2C4118A3177019E111E23D02F669338AE251308DE9BEDE3869C1208D7F0B ] KMDFMEMIO      C:\Windows\system32\DRIVERS\kmdfmemio.sys
15:57:19.0714 0x12b8  KMDFMEMIO - ok
15:57:19.0776 0x12b8  [ FBBC2D3579E6CF8279D46B44C89C49FF, C7188643CDB7DADAD944241F554266BEFA2239ED4AD7E85F4D37319D3FAC4FFE ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:57:19.0807 0x12b8  KSecDD - ok
15:57:19.0870 0x12b8  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm          C:\Windows\system32\msdtckrm.dll
15:57:19.0948 0x12b8  KtmRm - ok
15:57:19.0995 0x12b8  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\System32\srvsvc.dll
15:57:20.0041 0x12b8  LanmanServer - ok
15:57:20.0088 0x12b8  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:57:20.0119 0x12b8  LanmanWorkstation - ok
15:57:20.0182 0x12b8  [ F34B35F6F74E28A460749DA11D1117F8, 1D5764ACF90899076D736D7AB33BD4C30D51F2C463E337029B56B1C3F224BB1F ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
15:57:20.0197 0x12b8  LightScribeService - ok
15:57:20.0229 0x12b8  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:57:20.0275 0x12b8  lltdio - ok
15:57:20.0307 0x12b8  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc        C:\Windows\System32\lltdsvc.dll
15:57:20.0353 0x12b8  lltdsvc - ok
15:57:20.0385 0x12b8  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts        C:\Windows\System32\lmhsvc.dll
15:57:20.0463 0x12b8  lmhosts - ok
15:57:20.0509 0x12b8  [ A2262FB9F28935E862B4DB46438C80D2, 792684A68726BC007ACABB584682FDF4F059AE60888FB5B47ED68A97EA0BB5E6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
15:57:20.0525 0x12b8  LSI_FC - ok
15:57:20.0556 0x12b8  [ 30D73327D390F72A62F32C103DAF1D6D, 7BB5BFB0DCF33AF9907539B52DF7BA1943C1E75A17715B58DBC702ACA6D406EA ] LSI_SAS        C:\Windows\system32\drivers\lsi_sas.sys
15:57:20.0572 0x12b8  LSI_SAS - ok
15:57:20.0603 0x12b8  [ E1E36FEFD45849A95F1AB81DE0159FE3, DA02B23A881D156A02D3874B41E6D042F84AD558B434280A6A6AC6B619668647 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
15:57:20.0619 0x12b8  LSI_SCSI - ok
15:57:20.0650 0x12b8  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv          C:\Windows\system32\drivers\luafv.sys
15:57:20.0697 0x12b8  luafv - ok
15:57:20.0837 0x12b8  [ D1BD09F008932579DB07E75147D4C5F2, BB4F1F6B61D334B554F92924B2986B4965EE826270BBCB1AE1571C055825A97C ] McComponentHostService C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe
15:57:20.0868 0x12b8  McComponentHostService - ok
15:57:20.0899 0x12b8  [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc        C:\Windows\system32\Mcx2Svc.dll
15:57:20.0931 0x12b8  Mcx2Svc - ok
15:57:20.0977 0x12b8  [ D153B14FC6598EAE8422A2037553ADCE, D5408B07B6EBA0146A605F11106497DC3DF8EC72E0DCC44BE1366A2A58ABE478 ] megasas        C:\Windows\system32\drivers\megasas.sys
15:57:20.0993 0x12b8  megasas - ok
15:57:21.0024 0x12b8  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS          C:\Windows\system32\mmcss.dll
15:57:21.0071 0x12b8  MMCSS - ok
15:57:21.0102 0x12b8  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem          C:\Windows\system32\drivers\modem.sys
15:57:21.0149 0x12b8  Modem - ok
15:57:21.0211 0x12b8  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor        C:\Windows\system32\DRIVERS\monitor.sys
15:57:21.0258 0x12b8  monitor - ok
15:57:21.0289 0x12b8  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:57:21.0305 0x12b8  mouclass - ok
15:57:21.0336 0x12b8  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:57:21.0383 0x12b8  mouhid - ok
15:57:21.0399 0x12b8  [ 3EAE06B0D9E32A3D45DC3E07F1FBFA97, 0C56D92C5131D60AF2FCCF071976F2932A2C544C5EC4C2A5476E99CDE17FF08C ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
15:57:21.0430 0x12b8  MountMgr - ok
15:57:21.0477 0x12b8  [ CBCC3A1E47A664CCCBC7A25081C4D88B, BDE4510CED8EF3BB091118FEA8AEB61F0DB402C9B53615A4824896DF9DE3030E ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
15:57:21.0508 0x12b8  MozillaMaintenance - ok
15:57:21.0586 0x12b8  [ 7F7FD183AEFC2F302EF1BF1CFCCB82CE, B13D8E8C92EDF1E885AF7E6FA5DD63978C3F319F200B59A955FE6AC3C9D26C32 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
15:57:21.0617 0x12b8  MpFilter - ok
15:57:21.0679 0x12b8  [ 583A41F26278D9E0EA548163D6139397, 1F09D2FEEE1A8D4F1D9E53596158154099FD436A408F7E72E40F50778A3838A1 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:57:21.0695 0x12b8  mpio - ok
15:57:21.0742 0x12b8  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:57:21.0773 0x12b8  mpsdrv - ok
15:57:21.0835 0x12b8  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:57:21.0898 0x12b8  MpsSvc - ok
15:57:21.0929 0x12b8  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
15:57:21.0945 0x12b8  Mraid35x - ok
15:57:21.0976 0x12b8  [ DADF6D90942C198CD15D345A9F6CF4CD, 993240684DA9EC5B45B28EEEB36B4676A0ADE5CA385C231DF7F94B81F6A69DD3 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:57:22.0085 0x12b8  MRxDAV - ok
15:57:22.0116 0x12b8  [ 1B864548B2ACEC1C0BB29B615CC42978, E1DA3E6764A2C7072D99F2F093E5F40DB6DC809701B59C155C6B4EE327AB9E41 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:57:22.0179 0x12b8  mrxsmb - ok
15:57:22.0210 0x12b8  [ 3F39B02EEDC5B8A0ED896EA1CDF7245F, 41C1DCD82F964A398B7C3D44178DBF7C8AF1C2DBC5F2D944BE6B00E909FE083B ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:57:22.0241 0x12b8  mrxsmb10 - ok
15:57:22.0257 0x12b8  [ D0670EC8E5AD3FA5BE372BF70AC0EABF, BD2D1BA151FD5409EAA41ECCBEB863FE52FF7C2D92349961FEE736D66970748E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:57:22.0288 0x12b8  mrxsmb20 - ok
15:57:22.0319 0x12b8  [ 742AED7939E734C36B7E8D6228CE26B7, 6F727144BBD42C9C5555087CA51DE8D501B5CBEFB9967866CC578733E3C5E681 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:57:22.0335 0x12b8  msahci - ok
15:57:22.0350 0x12b8  [ 3FC82A2AE4CC149165A94699183D3028, 8575BE62A209672A5D8C68D75BBBB4FF06220CA73A939B0793442DAD2272598C ] msdsm          C:\Windows\system32\drivers\msdsm.sys
15:57:22.0366 0x12b8  msdsm - ok
15:57:22.0413 0x12b8  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC          C:\Windows\System32\msdtc.exe
15:57:22.0459 0x12b8  MSDTC - ok
15:57:22.0506 0x12b8  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:57:22.0537 0x12b8  Msfs - ok
15:57:22.0584 0x12b8  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:57:22.0600 0x12b8  msisadrv - ok
15:57:22.0647 0x12b8  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI        C:\Windows\system32\iscsiexe.dll
15:57:22.0693 0x12b8  MSiSCSI - ok
15:57:22.0709 0x12b8  msiserver - ok
15:57:22.0756 0x12b8  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV        C:\Windows\system32\drivers\MSKSSRV.sys
15:57:22.0803 0x12b8  MSKSSRV - ok
15:57:22.0896 0x12b8  [ DC8B329D6B4026D2D6E957BC79336022, B1EC02B57F2F7AFACDD498C21E3CD7F32F798ABE7C8041A2824DECAB8276520F ] MsMpSvc        C:\Program Files\Microsoft Security Client\MsMpEng.exe
15:57:22.0912 0x12b8  MsMpSvc - ok
15:57:22.0943 0x12b8  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:57:22.0990 0x12b8  MSPCLOCK - ok
15:57:23.0021 0x12b8  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM          C:\Windows\system32\drivers\MSPQM.sys
15:57:23.0083 0x12b8  MSPQM - ok
15:57:23.0115 0x12b8  [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC          C:\Windows\system32\drivers\MsRPC.sys
15:57:23.0146 0x12b8  MsRPC - ok
15:57:23.0177 0x12b8  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
15:57:23.0208 0x12b8  mssmbios - ok
15:57:23.0239 0x12b8  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE          C:\Windows\system32\drivers\MSTEE.sys
15:57:23.0286 0x12b8  MSTEE - ok
15:57:23.0317 0x12b8  [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup            C:\Windows\system32\Drivers\mup.sys
15:57:23.0333 0x12b8  Mup - ok
15:57:23.0380 0x12b8  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll
15:57:23.0442 0x12b8  napagent - ok
15:57:23.0489 0x12b8  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP    C:\Windows\system32\DRIVERS\nwifi.sys
15:57:23.0536 0x12b8  NativeWifiP - ok
15:57:23.0614 0x12b8  [ DEC4B200C459FA929B0A764E79904B79, 40261D7D0BEE45E6E3F4F25D7ACAB00744BAF5D515B6D84B41A25ED22380DC13 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:57:23.0661 0x12b8  NDIS - ok
15:57:23.0692 0x12b8  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:57:23.0723 0x12b8  NdisTapi - ok
15:57:23.0739 0x12b8  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio        C:\Windows\system32\DRIVERS\ndisuio.sys
15:57:23.0785 0x12b8  Ndisuio - ok
15:57:23.0817 0x12b8  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan        C:\Windows\system32\DRIVERS\ndiswan.sys
15:57:23.0863 0x12b8  NdisWan - ok
15:57:23.0895 0x12b8  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy        C:\Windows\system32\drivers\NDProxy.sys
15:57:23.0957 0x12b8  NDProxy - ok
15:57:23.0973 0x12b8  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS        C:\Windows\system32\DRIVERS\netbios.sys
15:57:24.0051 0x12b8  NetBIOS - ok
15:57:24.0097 0x12b8  [ BF84E55A9B3AD3CBAB4AAE3BE043E579, A01D03836E67C6B434687FF3388DB0BD935BCF81A611728C32E7392694E7689C ] netbt          C:\Windows\system32\DRIVERS\netbt.sys
15:57:24.0269 0x12b8  netbt - ok
15:57:24.0300 0x12b8  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon        C:\Windows\system32\lsass.exe
15:57:24.0316 0x12b8  Netlogon - ok
15:57:24.0363 0x12b8  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
15:57:24.0409 0x12b8  Netman - ok
15:57:24.0456 0x12b8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:57:24.0487 0x12b8  NetMsmqActivator - ok
15:57:24.0503 0x12b8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:57:24.0534 0x12b8  NetPipeActivator - ok
15:57:24.0565 0x12b8  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
15:57:24.0628 0x12b8  netprofm - ok
15:57:24.0659 0x12b8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:57:24.0690 0x12b8  NetTcpActivator - ok
15:57:24.0706 0x12b8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:57:24.0721 0x12b8  NetTcpPortSharing - ok
15:57:24.0877 0x12b8  [ 6E9EDC1020B319E7676387B8CDF2398C, EF9B26369A845FC1E96ADD4051E52DA13CAA54158956F36CB10CBF3610D2B678 ] NETw2v32        C:\Windows\system32\DRIVERS\NETw2v32.sys
15:57:25.0143 0x12b8  NETw2v32 - ok
15:57:25.0174 0x12b8  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960        C:\Windows\system32\drivers\nfrd960.sys
15:57:25.0189 0x12b8  nfrd960 - ok
15:57:25.0252 0x12b8  [ BFD3B47A46BF2BB6BB0CEC7127EE929E, 6DD73FD0AC57D025A1290D494BC4405A6A5D89AE76A3EC4E3F20C3F8A45A5E24 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:57:25.0283 0x12b8  NisDrv - ok
15:57:25.0330 0x12b8  [ F36D4743BCB636F1779E7CB36E950525, 176E3547B30579CE2D8901B5F9AE06C5BF493E81253A4A351FD304A561C8B3F1 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
15:57:25.0361 0x12b8  NisSrv - ok
15:57:25.0408 0x12b8  [ C96411DD46AABC0D6F3CF06D0E0E7E14, 0D36F322AF1B923D96735BFFCAC3FDB0B282E59220BADAB8B49AC178A6765380 ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:57:25.0470 0x12b8  NlaSvc - ok
15:57:25.0548 0x12b8  [ 36CC8B2FD964C97BD2E2AB8BA7FFE384, C1DAB1872A5867DA4D7F8A8D3DBDDC81BAC3D9C0092442F12D0493306CF39306 ] NovaPdfServer  C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe
15:57:25.0564 0x12b8  NovaPdfServer - ok
15:57:25.0626 0x12b8  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:57:25.0642 0x12b8  Npfs - ok
15:57:25.0673 0x12b8  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi            C:\Windows\system32\nsisvc.dll
15:57:25.0735 0x12b8  nsi - ok
15:57:25.0751 0x12b8  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:57:25.0813 0x12b8  nsiproxy - ok
15:57:25.0891 0x12b8  [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:57:25.0969 0x12b8  Ntfs - ok
15:57:26.0016 0x12b8  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi      C:\Windows\system32\drivers\ntrigdigi.sys
15:57:26.0079 0x12b8  ntrigdigi - ok
15:57:26.0110 0x12b8  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
15:57:26.0157 0x12b8  Null - ok
15:57:26.0188 0x12b8  [ E69E946F80C1C31C53003BFBF50CBB7C, A0A4BC57822B2CBC75602A969E28DCEDE04B41CC084E1EF1532B1BCDAEAA43BB ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:57:26.0203 0x12b8  nvraid - ok
15:57:26.0235 0x12b8  [ 9E0BA19A28C498A6D323D065DB76DFFC, EA9E33ED2820ED39932FAE114A9CF1D87780ED6605D0260A6F22F920B48F34E9 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:57:26.0250 0x12b8  nvstor - ok
15:57:26.0281 0x12b8  [ 07C186427EB8FCC3D8D7927187F260F7, 9AFDE1CB7B7232BD019804BFC691580B9CC2E51A5BC0E5584B23907D532600D8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:57:26.0297 0x12b8  nv_agp - ok
15:57:26.0313 0x12b8  NwlnkFlt - ok
15:57:26.0313 0x12b8  NwlnkFwd - ok
15:57:26.0359 0x12b8  [ 953C1BA621F4DA9DC7D268AE839A51FB, 2405F4520764C0772F9BB6142722592CC845813A8E95BE4334799EACB243036E ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
15:57:26.0422 0x12b8  ohci1394 - ok
15:57:26.0469 0x12b8  [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose            C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:57:26.0484 0x12b8  ose - ok
15:57:26.0562 0x12b8  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
15:57:26.0671 0x12b8  p2pimsvc - ok
15:57:26.0687 0x12b8  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll
15:57:26.0749 0x12b8  p2psvc - ok
15:57:26.0781 0x12b8  [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport        C:\Windows\system32\drivers\parport.sys
15:57:26.0859 0x12b8  Parport - ok
15:57:26.0890 0x12b8  [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr        C:\Windows\system32\drivers\partmgr.sys
15:57:26.0905 0x12b8  partmgr - ok
15:57:26.0921 0x12b8  [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
15:57:26.0999 0x12b8  Parvdm - ok
15:57:27.0030 0x12b8  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:57:27.0093 0x12b8  PcaSvc - ok
15:57:27.0139 0x12b8  [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci            C:\Windows\system32\drivers\pci.sys
15:57:27.0155 0x12b8  pci - ok
15:57:27.0202 0x12b8  [ 1636D43F10416AEB483BC6001097B26C, 36E61A993693A46538FE0F726D67BB28886F61D53384AD600D1282296A27662E ] pciide          C:\Windows\system32\drivers\pciide.sys
15:57:27.0217 0x12b8  pciide - ok
15:57:27.0264 0x12b8  [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
15:57:27.0280 0x12b8  pcmcia - ok
15:57:27.0358 0x12b8  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:57:27.0483 0x12b8  PEAUTH - ok
15:57:27.0623 0x12b8  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla            C:\Windows\system32\pla.dll
15:57:27.0763 0x12b8  pla - ok
15:57:27.0810 0x12b8  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:57:27.0857 0x12b8  PlugPlay - ok
15:57:27.0935 0x12b8  [ B597C2C966B447E011B4AE1B4D053677, F5749A45AA96DD8567789B3EAE38137A414371A9977D1317742141DCEDEB31C3 ] PMBDeviceInfoProvider C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
15:57:27.0982 0x12b8  PMBDeviceInfoProvider - ok
15:57:28.0044 0x12b8  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg    C:\Windows\system32\p2psvc.dll
15:57:28.0107 0x12b8  PNRPAutoReg - ok
15:57:28.0138 0x12b8  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc        C:\Windows\system32\p2psvc.dll
15:57:28.0185 0x12b8  PNRPsvc - ok
15:57:28.0247 0x12b8  [ E16D328D6C5382916C1F7925E2A20662, D904E886614E9C18B1FE0FDE884777F01FAE7CD1688C5DB3CEE772E6BDEF1516 ] PolicyAgent    C:\Windows\System32\ipsecsvc.dll
15:57:28.0372 0x12b8  PolicyAgent - ok
15:57:28.0419 0x12b8  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:57:28.0481 0x12b8  PptpMiniport - ok
15:57:28.0512 0x12b8  [ 0E3CEF5D28B40CF273281D620C50700A, 8ADA99B4563AE2129B95136295EE92A94102B035EBBC83D4C8587ECE8B0DEE60 ] Processor      C:\Windows\system32\drivers\processr.sys
15:57:28.0575 0x12b8  Processor - ok
15:57:28.0621 0x12b8  [ 0D5DAD610D7EA1627581ED06FB2BAA9A, 6E27CF3A1624AE10EECB8B5F38E03D76A6AABE4E75DD66DEDD67E0773935A396 ] ProfSvc        C:\Windows\system32\profsvc.dll
15:57:28.0668 0x12b8  ProfSvc - ok
15:57:28.0684 0x12b8  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
15:57:28.0699 0x12b8  ProtectedStorage - ok
15:57:28.0746 0x12b8  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
15:57:28.0777 0x12b8  PSched - ok
15:57:28.0855 0x12b8  [ CCDAC889326317792480C0A67156A1EC, 3D3B561B6D4E12DE442C98993C929765F002AF5CFB5A00EFACE6ABE957F7E8AF ] ql2300          C:\Windows\system32\drivers\ql2300.sys
15:57:28.0918 0x12b8  ql2300 - ok
15:57:28.0949 0x12b8  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
15:57:28.0965 0x12b8  ql40xx - ok
15:57:29.0027 0x12b8  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE          C:\Windows\system32\qwave.dll
15:57:29.0058 0x12b8  QWAVE - ok
15:57:29.0089 0x12b8  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:57:29.0121 0x12b8  QWAVEdrv - ok
15:57:29.0323 0x12b8  [ 976D32226FC4DD1187110B763F913A69, 003CC47DCB27C3148C219E9B830992BDEB9B5B3C33E36468DB3C2F303E937874 ] R300            C:\Windows\system32\DRIVERS\atikmdag.sys
15:57:29.0620 0x12b8  R300 - ok
15:57:29.0667 0x12b8  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:57:29.0698 0x12b8  RasAcd - ok
15:57:29.0729 0x12b8  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto        C:\Windows\System32\rasauto.dll
15:57:29.0776 0x12b8  RasAuto - ok
15:57:29.0823 0x12b8  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp        C:\Windows\system32\DRIVERS\rasl2tp.sys
15:57:29.0885 0x12b8  Rasl2tp - ok
15:57:29.0916 0x12b8  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll
15:57:29.0979 0x12b8  RasMan - ok
15:57:29.0994 0x12b8  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:57:30.0025 0x12b8  RasPppoe - ok
15:57:30.0057 0x12b8  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp        C:\Windows\system32\DRIVERS\rassstp.sys
15:57:30.0088 0x12b8  RasSstp - ok
15:57:30.0119 0x12b8  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss          C:\Windows\system32\DRIVERS\rdbss.sys
15:57:30.0181 0x12b8  rdbss - ok
15:57:30.0213 0x12b8  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:57:30.0259 0x12b8  RDPCDD - ok
15:57:30.0306 0x12b8  [ E8BD98D46F2ED77132BA927FCCB47D8B, 5187CF8F00AD67EDDF27DF675F3210C0D72E552578A89C58DF6953B1D5BEBCB8 ] rdpdr          C:\Windows\system32\drivers\rdpdr.sys
15:57:30.0400 0x12b8  rdpdr - ok
15:57:30.0400 0x12b8  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:57:30.0447 0x12b8  RDPENCDD - ok
15:57:30.0493 0x12b8  [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD          C:\Windows\system32\drivers\RDPWD.sys
15:57:30.0571 0x12b8  RDPWD - ok
15:57:30.0603 0x12b8  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:57:30.0649 0x12b8  RemoteAccess - ok
15:57:30.0696 0x12b8  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:57:30.0743 0x12b8  RemoteRegistry - ok
15:57:30.0774 0x12b8  [ 7EC90C316177BA3F1BCE92005264B447, C588611E4BD68F8220B189CBA72929A9C4143932FEF673D2676D83B2821237C2 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
15:57:30.0852 0x12b8  RFCOMM - ok
15:57:30.0930 0x12b8  [ 4D05898896EC49CF663DDA61041AB096, 1218A0AD84946F2555773D529F3D55D7B675780EC1E79A634ED0FECF8D5C9C6D ] RichVideo      C:\Program Files\CyberLink\Shared Files\RichVideo.exe
15:57:30.0961 0x12b8  RichVideo - ok
15:57:30.0977 0x12b8  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
15:57:31.0024 0x12b8  RpcLocator - ok
15:57:31.0086 0x12b8  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs          C:\Windows\system32\rpcss.dll
15:57:31.0133 0x12b8  RpcSs - ok
15:57:31.0180 0x12b8  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:57:31.0227 0x12b8  rspndr - ok
15:57:31.0258 0x12b8  [ 959EF612D2CCFDB6D9E443F8E3655013, 24735ADE348A687E4CE34F544C0655DBC1380C7B9A420165FF2C07D1908B5A7D ] RTL8023xp      C:\Windows\system32\DRIVERS\Rtnicxp.sys
15:57:31.0336 0x12b8  RTL8023xp - ok
15:57:31.0351 0x12b8  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs          C:\Windows\system32\lsass.exe
15:57:31.0367 0x12b8  SamSs - ok
15:57:31.0429 0x12b8  [ 4BFB51CDB25D4D4B9E8FCCAB635F262E, 17C43AE2CF44A7C8FDBFE33F1BAE785456F4D3E2EE71ECD0E63B20E8A972152E ] Samsung Update Plus C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe
15:57:31.0461 0x12b8  Samsung Update Plus - detected UnsignedFile.Multi.Generic ( 1 )
15:57:31.0461 0x12b8  Samsung Update Plus ( UnsignedFile.Multi.Generic ) - warning
15:57:31.0461 0x12b8  Force sending object to P2P due to detect: Samsung Update Plus
15:57:31.0726 0x12b8  Object send P2P result: true
15:57:31.0897 0x12b8  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:57:31.0913 0x12b8  sbp2port - ok
15:57:31.0960 0x12b8  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:57:32.0007 0x12b8  SCardSvr - ok
15:57:32.0069 0x12b8  [ F79CC0F814748E15538BF4D808030739, 396E94A309AFB163791095A25950CB7D85EEC43B416E1E7F056F430E1B719F4D ] Schedule        C:\Windows\system32\schedsvc.dll
15:57:32.0163 0x12b8  Schedule - ok
15:57:32.0194 0x12b8  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc    C:\Windows\System32\certprop.dll
15:57:32.0225 0x12b8  SCPolicySvc - ok
15:57:32.0272 0x12b8  [ 4339A2585708C7D9B0C0CE5AAD3DD6FF, 1B764838EC90A4F5A8130630BA32C014C033BF39C0DE1C114298F254580F0983 ] sdbus          C:\Windows\system32\DRIVERS\sdbus.sys
15:57:32.0334 0x12b8  sdbus - ok
15:57:32.0381 0x12b8  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:57:32.0443 0x12b8  SDRSVC - ok
15:57:32.0475 0x12b8  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:57:32.0521 0x12b8  secdrv - ok
15:57:32.0553 0x12b8  [ 7D7A5D3CB5AB4B394E03BDE27E6114E8, 590644469036B9C2DF3D6E56D41FD7D09D0AE5021B0FA96A8CBA873F923865C8 ] seclogon        C:\Windows\system32\seclogon.dll
15:57:32.0631 0x12b8  seclogon - ok
15:57:32.0662 0x12b8  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\system32\sens.dll
15:57:32.0724 0x12b8  SENS - ok
15:57:32.0755 0x12b8  [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum        C:\Windows\system32\drivers\serenum.sys
15:57:32.0818 0x12b8  Serenum - ok
15:57:32.0833 0x12b8  [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial          C:\Windows\system32\drivers\serial.sys
15:57:32.0911 0x12b8  Serial - ok
15:57:32.0943 0x12b8  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
15:57:32.0974 0x12b8  sermouse - ok
15:57:33.0021 0x12b8  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
15:57:33.0067 0x12b8  SessionEnv - ok
15:57:33.0083 0x12b8  [ 103B79418DA647736EE95645F305F68A, E4D356FD8C62B616D3584FE84905995A1CEE452288E3A456CC358FF41FEAB1B7 ] sffdisk        C:\Windows\system32\drivers\sffdisk.sys
15:57:33.0145 0x12b8  sffdisk - ok
15:57:33.0177 0x12b8  [ 8FD08A310645FE872EEEC6E08C6BF3EE, 702A148C9DE172E7B5E331F057487255E0729FD42F949BB0FF2D5A01775933CF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:57:33.0255 0x12b8  sffp_mmc - ok
15:57:33.0270 0x12b8  [ 9CFA05FCFCB7124E69CFC812B72F9614, E9CFCE695E4D1AF146781CFAA295878536E573F06AEA65438878DE29EC9959AD ] sffp_sd        C:\Windows\system32\drivers\sffp_sd.sys
15:57:33.0348 0x12b8  sffp_sd - ok
15:57:33.0364 0x12b8  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy        C:\Windows\system32\drivers\sfloppy.sys
15:57:33.0426 0x12b8  sfloppy - ok
15:57:33.0457 0x12b8  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:57:33.0535 0x12b8  SharedAccess - ok
15:57:33.0567 0x12b8  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:57:33.0613 0x12b8  ShellHWDetection - ok
15:57:33.0629 0x12b8  [ D2A595D6EEBEEAF4334F8E50EFBC9931, 851B8205C657BF806C4D815DC75356E99B4246016B6E1C1F51BAF8AD1E6D5299 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
15:57:33.0660 0x12b8  sisagp - ok
15:57:33.0676 0x12b8  [ CEDD6F4E7D84E9F98B34B3FE988373AA, E102977E6FAC30B5ABEEC0B412A9F2A10C5C42F4D9C3AD69296BF9E1E88B6141 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
15:57:33.0691 0x12b8  SiSRaid2 - ok
15:57:33.0723 0x12b8  [ DF843C528C4F69D12CE41CE462E973A7, A2BEC74FCB8D8B6B9D8DD4746C013DFDF1DD662AEFE9B88CA495E5B83B4A76F9 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
15:57:33.0738 0x12b8  SiSRaid4 - ok
15:57:33.0801 0x12b8  [ 704B4F81729F676BBF034529FC334D82, 1E50DAF97836807A500284385D99272780A8B69CA88761250451060B207824F8 ] SkypeUpdate    C:\Program Files\Skype\Updater\Updater.exe
15:57:33.0832 0x12b8  SkypeUpdate - ok
15:57:34.0019 0x12b8  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc          C:\Windows\system32\SLsvc.exe
15:57:34.0269 0x12b8  slsvc - ok
15:57:34.0331 0x12b8  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll
15:57:34.0378 0x12b8  SLUINotify - ok
15:57:34.0471 0x12b8  [ 60047D1C836A8B744D4404F798EDB2BD, 7B349C26DCE0FE36CAA70C1984CAD975558749524321ED7F6107EA4CACC13513 ] SMARTHelperService C:\Program Files\SMART Technologies\Education Software\SMARTHelperService.exe
15:57:34.0503 0x12b8  SMARTHelperService - ok
15:57:34.0581 0x12b8  [ E78ED320AA4AFC8087E1B51A64A116E3, 957AB7B41E1779E4AC8450581A003D19854584B13FC7DEC4E5E6EB95091B6658 ] SMARTMouseFilterx86 C:\Windows\system32\DRIVERS\SMARTMouseFilterx86.sys
15:57:34.0612 0x12b8  SMARTMouseFilterx86 - ok
15:57:34.0643 0x12b8  [ D4F15E6BD6E8A60EF0A82FAB76ADB6B0, 932AD2B559C07116D618257202E66AAD71CD76EDDA4F099A6D5A449F7D3F0059 ] SMARTVHidMini2000x86 C:\Windows\system32\DRIVERS\SMARTVHidMini2000x86.sys
15:57:34.0674 0x12b8  SMARTVHidMini2000x86 - ok
15:57:34.0705 0x12b8  [ 1F7C57F9843813B41768E969558AD035, 19A2AB36BACD1059A967F2D5C77C85B92907DF13BBD2A5FA8D8EAACA21602AC0 ] SMARTVTabletPCx86 C:\Windows\system32\DRIVERS\SMARTVTabletPCx86.sys
15:57:34.0752 0x12b8  SMARTVTabletPCx86 - ok
15:57:34.0799 0x12b8  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb            C:\Windows\system32\DRIVERS\smb.sys
15:57:34.0846 0x12b8  Smb - ok
15:57:34.0877 0x12b8  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:57:34.0908 0x12b8  SNMPTRAP - ok
15:57:34.0939 0x12b8  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr          C:\Windows\system32\drivers\spldr.sys
15:57:34.0955 0x12b8  spldr - ok
15:57:35.0002 0x12b8  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler        C:\Windows\System32\spoolsv.exe
15:57:35.0033 0x12b8  Spooler - ok
15:57:35.0095 0x12b8  [ 9263C8898732E2B890F7E954E7729AB7, DEBFD81E702893427972A6565A9AAA54A09B9F7F30CA9391011C6F7FB758A3F4 ] SQLWriter      C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
15:57:35.0127 0x12b8  SQLWriter - ok
15:57:35.0173 0x12b8  [ E822F009416F6CC21C6545D58E8F9B62, 8536F4386303137BF3618E640F66EE2DA272BA3E7CDCD68C761BA74204A29608 ] srv            C:\Windows\system32\DRIVERS\srv.sys
15:57:35.0298 0x12b8  srv - ok
15:57:35.0314 0x12b8  [ 37DBD18CDC429690F34862F39BFEBDA5, 43EA2A23A36271CDFED93823822D7DDE550EC7492412ECBE8931ED6D2BEC632B ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:57:35.0423 0x12b8  srv2 - ok
15:57:35.0454 0x12b8  [ 40CD9883E862BF84A35D58A10652C0E0, B4205536ADC4BE98F076751DFC8F86EC070F03A4B15EE133391498A3FDEC2798 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:57:35.0563 0x12b8  srvnet - ok
15:57:35.0610 0x12b8  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV        C:\Windows\System32\ssdpsrv.dll
15:57:35.0673 0x12b8  SSDPSRV - ok
15:57:35.0719 0x12b8  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc        C:\Windows\system32\sstpsvc.dll
15:57:35.0751 0x12b8  SstpSvc - ok
15:57:35.0844 0x12b8  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll
15:57:35.0907 0x12b8  stisvc - ok
15:57:35.0953 0x12b8  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
15:57:35.0969 0x12b8  swenum - ok
15:57:36.0016 0x12b8  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv          C:\Windows\System32\swprv.dll
15:57:36.0078 0x12b8  swprv - ok
15:57:36.0125 0x12b8  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx        C:\Windows\system32\drivers\symc8xx.sys
15:57:36.0141 0x12b8  Symc8xx - ok
15:57:36.0172 0x12b8  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
15:57:36.0187 0x12b8  Sym_hi - ok
15:57:36.0203 0x12b8  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
15:57:36.0219 0x12b8  Sym_u3 - ok
15:57:36.0265 0x12b8  [ 451E8037E2EB6DA6BDF0A66F65D1810B, 98E94486560A00B33E19902BB1B5CE51168E583E9303B3A2F7337D3501887B34 ] SynTP          C:\Windows\system32\DRIVERS\SynTP.sys
15:57:36.0297 0x12b8  SynTP - ok
15:57:36.0359 0x12b8  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain        C:\Windows\system32\sysmain.dll
15:57:36.0453 0x12b8  SysMain - ok
15:57:36.0484 0x12b8  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:57:36.0499 0x12b8  TabletInputService - ok
15:57:36.0546 0x12b8  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv        C:\Windows\System32\tapisrv.dll
15:57:36.0609 0x12b8  TapiSrv - ok
15:57:36.0624 0x12b8  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS            C:\Windows\System32\tbssvc.dll
15:57:36.0687 0x12b8  TBS - ok
15:57:36.0749 0x12b8  [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip          C:\Windows\system32\drivers\tcpip.sys
15:57:36.0811 0x12b8  Tcpip - ok
15:57:36.0858 0x12b8  [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
15:57:36.0905 0x12b8  Tcpip6 - ok
15:57:36.0952 0x12b8  [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:57:36.0999 0x12b8  tcpipreg - ok
15:57:37.0045 0x12b8  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:57:37.0092 0x12b8  TDPIPE - ok
15:57:37.0123 0x12b8  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP          C:\Windows\system32\drivers\tdtcp.sys
15:57:37.0170 0x12b8  TDTCP - ok
15:57:37.0217 0x12b8  [ EC565DFA3D9C45D8083B72DEC5B33710, BC4F41795AF98FD87F8CC92F946E6896BAC1925A35C3E5E159E8BF4E6A34A35D ] tdx            C:\Windows\system32\DRIVERS\tdx.sys
15:57:37.0326 0x12b8  tdx - ok
15:57:37.0357 0x12b8  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
15:57:37.0389 0x12b8  TermDD - ok
15:57:37.0435 0x12b8  [ DBD84E59D631569EC3E756EF144E8431, 9E58629EC762584A2D294A619593620626F7CBE467045AD0F920B6CF1D4B4724 ] TermService    C:\Windows\System32\termsrv.dll
15:57:37.0513 0x12b8  TermService - ok
15:57:37.0560 0x12b8  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll
15:57:37.0591 0x12b8  Themes - ok
15:57:37.0607 0x12b8  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER    C:\Windows\system32\mmcss.dll
15:57:37.0638 0x12b8  THREADORDER - ok
15:57:37.0685 0x12b8  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
15:57:37.0732 0x12b8  TrkWks - ok
15:57:37.0794 0x12b8  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:57:37.0825 0x12b8  TrustedInstaller - ok
15:57:37.0872 0x12b8  [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:57:37.0919 0x12b8  tssecsrv - ok
15:57:37.0950 0x12b8  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp          C:\Windows\system32\DRIVERS\tunmp.sys
15:57:37.0981 0x12b8  tunmp - ok
15:57:38.0013 0x12b8  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:57:38.0059 0x12b8  tunnel - ok
15:57:38.0122 0x12b8  [ C3ADE15414120033A36C0F293D4A4121, 74A002C4B5EBD94E33EDEACB6639AF44ED72A8DDE3083C6DE71C1EE937EF1A9C ] uagp35          C:\Windows\system32\drivers\uagp35.sys
15:57:38.0137 0x12b8  uagp35 - ok
15:57:38.0184 0x12b8  [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:57:38.0231 0x12b8  udfs - ok
15:57:38.0278 0x12b8  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect      C:\Windows\system32\UI0Detect.exe
15:57:38.0340 0x12b8  UI0Detect - ok
15:57:38.0371 0x12b8  [ 75E6890EBFCE0841D3291B02E7A8BDB0, FDF9CDCCCCC0AA2A52623C5A67AC5F5224557EE4C8F6487CB13CAEB012575E2A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:57:38.0387 0x12b8  uliagpkx - ok
15:57:38.0434 0x12b8  [ 3CD4EA35A6221B85DCC25DAA46313F8D, 100A7E12B8EA395F70A00874328E87B930CE88FF442F3576FE88B105A22E04C5 ] uliahci        C:\Windows\system32\drivers\uliahci.sys
15:57:38.0449 0x12b8  uliahci - ok
15:57:38.0481 0x12b8  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
15:57:38.0496 0x12b8  UlSata - ok
15:57:38.0527 0x12b8  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2        C:\Windows\system32\drivers\ulsata2.sys
15:57:38.0543 0x12b8  ulsata2 - ok
15:57:38.0574 0x12b8  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus          C:\Windows\system32\DRIVERS\umbus.sys
15:57:38.0637 0x12b8  umbus - ok
15:57:38.0683 0x12b8  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
15:57:38.0746 0x12b8  upnphost - ok
15:57:38.0777 0x12b8  [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp        C:\Windows\system32\DRIVERS\usbccgp.sys
15:57:38.0871 0x12b8  usbccgp - ok
15:57:38.0917 0x12b8  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:57:38.0980 0x12b8  usbcir - ok
15:57:39.0027 0x12b8  [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci        C:\Windows\system32\DRIVERS\usbehci.sys
15:57:39.0073 0x12b8  usbehci - ok
15:57:39.0105 0x12b8  [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:57:39.0151 0x12b8  usbhub - ok
15:57:39.0183 0x12b8  [ D457EBD0C3A8B3A3A144355B5EE91CBC, 6AD52BDBB1607A48F0B02E663B97C3A00E3345B1B12C259608A5AE728C1C06B2 ] usbohci        C:\Windows\system32\DRIVERS\usbohci.sys
15:57:39.0214 0x12b8  usbohci - ok
15:57:39.0261 0x12b8  [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:57:39.0339 0x12b8  usbprint - ok
15:57:39.0385 0x12b8  [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan        C:\Windows\system32\DRIVERS\usbscan.sys
15:57:39.0463 0x12b8  usbscan - ok
15:57:39.0495 0x12b8  [ 234F76D9337BBD25D849C3860418723A, 8AC74D4FFFDEF5CCAA34BA185B45D252BAC15FE37E00515F9365878325764E7F ] USBSTOR        C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:57:39.0604 0x12b8  USBSTOR - ok
15:57:39.0635 0x12b8  [ 325DBBACB8A36AF9988CCF40EAC228CC, 22FE5658A12296634FBE9D8565485BEE8CB200C47182F70DC9D2B0442E10C4AA ] usbuhci        C:\Windows\system32\DRIVERS\usbuhci.sys
15:57:39.0713 0x12b8  usbuhci - ok
15:57:39.0760 0x12b8  [ 73FF24E21B690625A58109637DDA0DF7, 62B1F9CD82678E2110D4BB5CC86EE8A7AB0757681443916620B6AAA1EF0DECEB ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
15:57:39.0885 0x12b8  usbvideo - ok
15:57:39.0916 0x12b8  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms          C:\Windows\System32\uxsms.dll
15:57:39.0963 0x12b8  UxSms - ok
15:57:39.0994 0x12b8  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds            C:\Windows\System32\vds.exe
15:57:40.0041 0x12b8  vds - ok
15:57:40.0087 0x12b8  [ 7D92BE0028ECDEDEC74617009084B5EF, D0749CE6FA3415BA4364299F8D6D53F133E8D2F44C6F1057996243415A540A53 ] vga            C:\Windows\system32\DRIVERS\vgapnp.sys
15:57:40.0165 0x12b8  vga - ok
15:57:40.0197 0x12b8  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave        C:\Windows\System32\drivers\vga.sys
15:57:40.0275 0x12b8  VgaSave - ok
15:57:40.0290 0x12b8  [ 045D9961E591CF0674A920B6BA3BA5CB, EBF498A0424CEA0F7ECBAAE144A8669CE6B5DD67115DE22CEC5A46AED26CD90B ] viaagp          C:\Windows\system32\drivers\viaagp.sys
15:57:40.0321 0x12b8  viaagp - ok
15:57:40.0353 0x12b8  [ 56A4DE5F02F2E88182B0981119B4DD98, 36FC94BCFD41907838DBCB02E6EA24065FDED4224239CD19E90D14433BE9108B ] ViaC7          C:\Windows\system32\drivers\viac7.sys
15:57:40.0415 0x12b8  ViaC7 - ok
15:57:40.0446 0x12b8  [ FD2E3175FCADA350C7AB4521DCA187EC, 1C914B184478611A27E0141F90EBC34FC63DFB2A83441DD36DFA43D945FB1C52 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:57:40.0462 0x12b8  viaide - ok
15:57:40.0462 0x12b8  VMC302 - ok
15:57:40.0493 0x12b8  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:57:40.0524 0x12b8  volmgr - ok
15:57:40.0555 0x12b8  [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx        C:\Windows\system32\drivers\volmgrx.sys
15:57:40.0587 0x12b8  volmgrx - ok
15:57:40.0633 0x12b8  [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap        C:\Windows\system32\drivers\volsnap.sys
15:57:40.0649 0x12b8  volsnap - ok
15:57:40.0696 0x12b8  [ D984439746D42B30FC65A4C3546C6829, B134A9890638C2B4964A9C30812A2828A3E0CC641690CBF22D9FCE65EE3C2385 ] vsmraid        C:\Windows\system32\drivers\vsmraid.sys
15:57:40.0711 0x12b8  vsmraid - ok
15:57:40.0774 0x12b8  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS            C:\Windows\system32\vssvc.exe
15:57:40.0883 0x12b8  VSS - ok
15:57:40.0914 0x12b8  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time        C:\Windows\system32\w32time.dll
15:57:40.0977 0x12b8  W32Time - ok
15:57:41.0008 0x12b8  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
15:57:41.0070 0x12b8  WacomPen - ok
15:57:41.0101 0x12b8  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
15:57:41.0164 0x12b8  Wanarp - ok
15:57:41.0179 0x12b8  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:57:41.0211 0x12b8  Wanarpv6 - ok
15:57:41.0257 0x12b8  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc        C:\Windows\System32\wcncsvc.dll
15:57:41.0320 0x12b8  wcncsvc - ok
15:57:41.0367 0x12b8  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:57:41.0413 0x12b8  WcsPlugInService - ok
15:57:41.0445 0x12b8  [ AFC5AD65B991C1E205CF25CFDBF7A6F4, 544173AE85A11B99B9221DB30B6803DAEB3EB7FCA57FE62F0D13EF70B9C69A89 ] Wd              C:\Windows\system32\drivers\wd.sys
15:57:41.0460 0x12b8  Wd - ok
15:57:41.0523 0x12b8  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:57:41.0569 0x12b8  Wdf01000 - ok
15:57:41.0601 0x12b8  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:57:41.0710 0x12b8  WdiServiceHost - ok
15:57:41.0725 0x12b8  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost  C:\Windows\system32\wdi.dll
15:57:41.0757 0x12b8  WdiSystemHost - ok
15:57:41.0819 0x12b8  [ BB77BAA3E7FD8F1A5D092A96D37B5A2D, 880C37347091224DFB7C442252FE4A29FD7002DA6A8BA994B8CEAABC5E535593 ] WebClient      C:\Windows\System32\webclnt.dll
15:57:41.0881 0x12b8  WebClient - ok
15:57:41.0913 0x12b8  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:57:41.0975 0x12b8  Wecsvc - ok
15:57:42.0022 0x12b8  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport  C:\Windows\System32\wercplsupport.dll
15:57:42.0084 0x12b8  wercplsupport - ok
15:57:42.0115 0x12b8  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:57:42.0162 0x12b8  WerSvc - ok
15:57:42.0225 0x12b8  [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend      C:\Program Files\Windows Defender\mpsvc.dll
15:57:42.0271 0x12b8  WinDefend - ok
15:57:42.0287 0x12b8  WinHttpAutoProxySvc - ok
15:57:42.0365 0x12b8  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
15:57:42.0396 0x12b8  Winmgmt - ok
15:57:42.0490 0x12b8  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM          C:\Windows\system32\WsmSvc.dll
15:57:42.0599 0x12b8  WinRM - ok
15:57:42.0661 0x12b8  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc        C:\Windows\System32\wlansvc.dll
15:57:42.0739 0x12b8  Wlansvc - ok
15:57:42.0786 0x12b8  [ 701A9F884A294327E9141D73746EE279, C8A46B8C32F9EAC7848D385473F6B5C4B6DA719A941A75AD5F081757FC07A09D ] WmiAcpi        C:\Windows\system32\drivers\wmiacpi.sys
15:57:42.0849 0x12b8  WmiAcpi - ok
15:57:42.0880 0x12b8  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:57:42.0927 0x12b8  wmiApSrv - ok
15:57:43.0020 0x12b8  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc  C:\Program Files\Windows Media Player\wmpnetwk.exe
15:57:43.0145 0x12b8  WMPNetworkSvc - ok
15:57:43.0207 0x12b8  [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:57:43.0254 0x12b8  WPCSvc - ok
15:57:43.0301 0x12b8  [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:57:43.0379 0x12b8  WPDBusEnum - ok
15:57:43.0535 0x12b8  [ C108DC20ACE05072350DBB6934E277FB, 548E6ABE4C4ADE48260FFDC7BADFD1697972EA3AE94D6576498C8A183D8CE0C8 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
15:57:43.0597 0x12b8  WPFFontCache_v0400 - ok
15:57:43.0629 0x12b8  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
15:57:43.0660 0x12b8  ws2ifsl - ok
15:57:43.0707 0x12b8  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc          C:\Windows\system32\wscsvc.dll
15:57:43.0738 0x12b8  wscsvc - ok
15:57:43.0753 0x12b8  WSearch - ok
15:57:43.0878 0x12b8  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:57:43.0987 0x12b8  wuauserv - ok
15:57:44.0065 0x12b8  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:57:44.0097 0x12b8  WudfPf - ok
15:57:44.0143 0x12b8  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:57:44.0159 0x12b8  WUDFRd - ok
15:57:44.0206 0x12b8  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
15:57:44.0237 0x12b8  wudfsvc - ok
15:57:44.0315 0x12b8  [ ADE7A4943003020216952B56A6741EC7, BC3B9145C4C1A7A236B5B91EF2A61E310A01FD3366A47CB0C802811C8158603E ] yukonwlh        C:\Windows\system32\DRIVERS\yk60x86.sys
15:57:44.0362 0x12b8  yukonwlh - ok
15:57:44.0377 0x12b8  ================ Scan global ===============================
15:57:44.0424 0x12b8  [ 2F2DFC846D75D680B9018823A8B5EF07, DBC823CF0C659B6D7482CB080CD042EC6BBAEDB6297DB712CADA1BCEAA8A95C8 ] C:\Windows\system32\basesrv.dll
15:57:44.0471 0x12b8  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
15:57:44.0518 0x12b8  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
15:57:44.0565 0x12b8  [ 4F0A7910FC7D8A66433FA9961EEF8BB5, 2086EDEE8CF9CC9BDBDC03018F7C28BB56172F941CB4D6F3D857BCF82B32FB6B ] C:\Windows\system32\services.exe
15:57:44.0580 0x12b8  [ Global ] - ok
15:57:44.0596 0x12b8  ================ Scan MBR ==================================
15:57:44.0611 0x12b8  [ 61A349592C4728853F4A90FF78F7628E ] \Device\Harddisk0\DR0
15:57:45.0064 0x12b8  \Device\Harddisk0\DR0 - ok
15:57:45.0064 0x12b8  ================ Scan VBR ==================================
15:57:45.0079 0x12b8  [ 45BE513C99773C2629DF270E975AD206 ] \Device\Harddisk0\DR0\Partition1
15:57:45.0079 0x12b8  \Device\Harddisk0\DR0\Partition1 - ok
15:57:45.0079 0x12b8  [ B12B90E5E27D7DF54B240E01B4F3EF57 ] \Device\Harddisk0\DR0\Partition2
15:57:45.0079 0x12b8  \Device\Harddisk0\DR0\Partition2 - ok
15:57:45.0095 0x12b8  ================ Scan generic autorun ======================
15:57:45.0189 0x12b8  [ E1E71D80D078C576801B6FE2A29FCF85, 7A8911FF626E5EEC01D7C1922F8AD6901EFC75952ADB3FAF606506C7DB4BC54A ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
15:57:45.0220 0x12b8  StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
15:57:45.0220 0x12b8  StartCCC ( UnsignedFile.Multi.Generic ) - warning
15:57:45.0220 0x12b8  Force sending object to P2P due to detect: C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
15:57:45.0423 0x12b8  Object send P2P result: true
15:57:45.0781 0x12b8  [ 82EAD5A5804BB2937416254A45B6C3C0, 68479A5FFB932C72BADDB003E7AF7253859A1BD6DDCC000EE43BEEFA8273C198 ] C:\Windows\RtHDVCpl.exe
15:57:46.0452 0x12b8  RtHDVCpl - ok
15:57:46.0780 0x12b8  [ A37B2AB33BFF3C6705DC2C016328DD2F, C6F14E81FD9001048B178576FA01A4F77BF3F0A05DE443EB6AAC4982EE763D69 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
15:57:46.0858 0x12b8  SynTPEnh - ok
15:57:46.0998 0x12b8  [ A4E85BDA66CF4DE8070D6F744D181C12, ACF577B0CE6EA1E167389BB32E7F07E0D8CF487B22828455698B042A37CF15B4 ] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe
15:57:47.0045 0x12b8  LanguageShortcut - detected UnsignedFile.Multi.Generic ( 1 )
15:57:47.0045 0x12b8  LanguageShortcut ( UnsignedFile.Multi.Generic ) - warning
15:57:47.0045 0x12b8  Force sending object to P2P due to detect: C:\Program Files\CyberLink\PowerDVD\Language\Language.exe
15:57:47.0248 0x12b8  Object send P2P result: true
15:57:47.0575 0x12b8  [ EE4223FEE8AB8B9202FCA18036F157AE, 1B81391127BAB64E47DFC3C82143D8C370B80D4166CE5FFE30B96321C4DCCD51 ] C:\Program Files\Microsoft Security Client\msseces.exe
15:57:47.0716 0x12b8  MSC - ok
15:57:47.0950 0x12b8  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\sidebar.exe
15:57:48.0106 0x12b8  Sidebar - ok
15:57:48.0215 0x12b8  [ BF08674925F151BD4537B89A493E3E0C, 6A97562E998A2B90649FF7986313AD33823053FF98BBE163AD39AAA5E01FC545 ] C:\Windows\ehome\ehTray.exe
15:57:48.0262 0x12b8  ehTray.exe - ok
15:57:48.0433 0x12b8  [ EFAF5CFDB067579B26971CB5A621996D, A141FFE3D6033FAAE827560C68C1F32F9AAC9CC312D0968D9CAE55AD63494F04 ] C:\Program Files\Bluestacks\HD-Agent.exe
15:57:48.0480 0x12b8  BlueStacks Agent - ok
15:57:48.0511 0x12b8  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.9.218.0 ), 0x61000 ( enabled : updated )
15:57:48.0543 0x12b8  Win FW state via NFP2: enabled ( trusted )
15:57:48.0667 0x12b8  ============================================================
15:57:48.0667 0x12b8  Scan finished
15:57:48.0667 0x12b8  ============================================================
15:57:48.0683 0x12b0  Detected object count: 4
15:57:48.0683 0x12b0  Actual detected object count: 4
15:58:31.0053 0x12b0  Freemake Improver ( UnsignedFile.Multi.Generic ) - skipped by user
15:58:31.0053 0x12b0  Freemake Improver ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:58:31.0053 0x12b0  Samsung Update Plus ( UnsignedFile.Multi.Generic ) - skipped by user
15:58:31.0053 0x12b0  Samsung Update Plus ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:58:31.0053 0x12b0  StartCCC ( UnsignedFile.Multi.Generic ) - skipped by user
15:58:31.0053 0x12b0  StartCCC ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:58:31.0068 0x12b0  LanguageShortcut ( UnsignedFile.Multi.Generic ) - skipped by user
15:58:31.0068 0x12b0  LanguageShortcut ( UnsignedFile.Multi.Generic ) - User select action: Skip

deeprybka 08.10.2016 14:15
Naja, im April 2017 ist es eh vorbei mit dem Support für Vista. Spätestens dann musst Dir ne Alternative überlegen.

Jetzt bitte Suchscan durchführen:

Schritt 1

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


humphrey24 09.10.2016 15:42
ach ja. doch so bald schon. was würdest du empfehlen als alternative? windows 10 erfordert glaube ich eine höhere rechnerleistung als ich sie bersitze?!

den rest mach ich gerne. und danke vielmals

Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=8587809f51c2eb4b82932ffe0d0abe22
# end=init
# utc_time=2016-10-09 12:37:42
# local_time=2016-10-09 02:37:42 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.0.6002 NT Service Pack 2
Update Init
Update Download
Update Finalize
Updated modules version: 31018
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=8587809f51c2eb4b82932ffe0d0abe22
# end=updated
# utc_time=2016-10-09 12:40:30
# local_time=2016-10-09 02:40:30 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.0.6002 NT Service Pack 2
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=8587809f51c2eb4b82932ffe0d0abe22
# engine=31018
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2016-10-09 02:34:24
# local_time=2016-10-09 04:34:24 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 19723821 147313686 0 0
# scanned=179680
# found=4
# cleaned=0
# scan_time=6833
sh=42E37CBFA37877D247EBD37D9553CB6224D6BEE6 ft=1 fh=f28c0d11334dc659 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Boris\AppData\Local\Temp\DMR\dmr_72.exe"
sh=A2B2802EC3EF74D6E9B76F97ED803CEFFAD8C532 ft=1 fh=72a24c9d47ce990b vn="Variante von Win32/Bundled.Toolbar.Ask.M potenziell unsichere Anwendung" ac=I fn="C:\Users\Boris\AppData\LocalLow\Sun\Java\jre1.8.0_25\java_sp.dll"
sh=58CF8F4E4CE1C7D4B807297C5D0C469E20D744D6 ft=1 fh=ccf19c606a52c7cc vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Boris\Downloads\MTS Converter - CHIP-Installer.exe"
sh=D01D6E198B2FE563C608B58D7EE3EB724CFC9022 ft=0 fh=0000000000000000 vn="Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung" ac=I fn="C:\Windows\Installer\2a2469.msi"

deeprybka 09.10.2016 16:56
Zitat:
was würdest du empfehlen als alternative?
Na das kommt darauf an ob Du Kohle hast oder nicht...:D

Wie wäre es mit einen schönen Win10 Laptop oder gar einem Surface? :)
Für den kleineren Geldbeutel kann man auf den PC hier auch eine Linux-Distri wie Ubuntu etc. installieren.

humphrey24 26.10.2016 09:08
Hi. Ich hab den Eset laufen lassen. Wie kann ich fortfahren?

Grüße

deeprybka 26.10.2016 19:00
Die Funde von ESET sind alle irrelevant und nicht die Ursache für die Problematik...

humphrey24 11.11.2016 10:02
Ok. Und was hältst du für die Ursache?

Grüße

Was kann ich noch unternehmen?

deeprybka 12.11.2016 16:44
War Vista jemals schnell? :D

Wie gesagt, ab April ist es mit Vista eh vorbei. Da würde ich mir eher eine Alternative überlegen.

Schritt 1
Lade dir TFC (TempFileCleaner von Oldtimer) herunter und speichere es auf den Desktop.
  • Öffne die TFC.exe.
    Vista und Win 7 User mit Rechtsklick "als Administrator starten".
  • Schließe alle anderen Programme.
  • Drücke auf den Button Start.
  • Falls du zu einem Neustart aufgefordert wirst, bestätige diesen.


humphrey24 13.11.2016 13:53
ok. eingedenk dessen kann ich mit dem tempo leben. nur die updates bis dahin wären schon noch schön wenn die gingen. also ich mach mal und danke

deeprybka 13.11.2016 19:52
OK. :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 12:21 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132