| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Zu viele ProzesseWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
05.05.2015, 17:52
| #1 |
 |  Zu viele Prozesse Hallo, ich habe seit heute viel zu viele Prozesse im Task Manager. Sind beim starten plötzlich 4 mal soviele wie normalerweise. Auch laufen einige wie z.B. svchost mehrmals einmal LOKALER DIENST und auch mal unter SYSTEM. Sieht ganz nach einem Virus aus. Habe AVG mal drüber laufen lassen aber konnte nichts finden. Kann mir jemand sagen, was ich da tun könnte? Vielen Dank im Vorraus :-) MfG: Markus PS: Ich habe Windows 7 Home Premium, falls das benötigt wird. Falls noch mehr gebraucht wird teile ich dies auch gerne mit. Geändert von Inuyasha2008 (05.05.2015 um 18:48 Uhr) |
|
06.05.2015, 07:06
| #2 |
| /// the machine /// TB-Ausbilder    | Zu viele Prozesse hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
06.05.2015, 07:22
| #3 |
| | Zu viele Prozesse Vielen Dank für die rasche Antwort
__________________FRST: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-05-2015
Ran by Samsung (administrator) on SAMSUNG-PC on 06-05-2015 08:17:49
Running from C:\Users\Samsung\Downloads
Loaded Profiles: Samsung (Available profiles: Samsung)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE
(ABBYY) C:\Program Files\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe
(LSoft Technologies Inc) C:\Program Files\LSoft Technologies Inc\Active@ Hard Disk Monitor\DiskMonitorService.exe
(Anvisoft) C:\Program Files\Anvisoft\Anvi Smart Defender\ASDSrv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe
(AVM Berlin) C:\Program Files\avmwlanstick\WLanNetService.exe
(Apple Computer, Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Guard-ICQ\GuardICQ.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
() C:\Program Files\ICQ6Toolbar\ICQ Service.exe
() C:\Program Files\Samsung\Samsung Update Plus\SUPBackGround.exe
(SEC) C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
() C:\Windows\System32\Rezip.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Rocket Division Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(Anvisoft) C:\Program Files\Anvisoft\Anvi Smart Defender\ASDTray.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe
(Dropbox, Inc.) C:\Users\Samsung\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgemcx.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Anvi Smart Defender] => C:\Program Files\Anvisoft\Anvi Smart Defender\ASDTray.exe [1229104 2012-08-23] (Anvisoft)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3723728 2015-03-25] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-2339853823-2107313754-116825072-1000\...\Run: [TVPlanet] => [X]
HKU\S-1-5-21-2339853823-2107313754-116825072-1000\...\MountPoints2: {1bb57eb8-d97f-11e0-9728-00245482ab37} - F:\AUTOSTARTER.EXE
HKU\S-1-5-21-2339853823-2107313754-116825072-1000\...\MountPoints2: {4e03fa01-834d-11df-a7da-00245482ab37} - F:\LaunchU3.exe -a
HKU\S-1-5-21-2339853823-2107313754-116825072-1000\...\MountPoints2: {7bcccf13-3186-11e1-902e-00245482ab37} - G:\pushinst.exe
HKU\S-1-5-21-2339853823-2107313754-116825072-1000\...\Winlogon: [Shell] C:\windows\Explorer.exe [2616320 2011-02-25] (Microsoft Corporation) <==== ATTENTION
Startup: C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-12-15]
ShortcutTarget: Dropbox.lnk -> C:\Users\Samsung\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Samsung\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Samsung\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Samsung\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Samsung\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Samsung\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Samsung\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Samsung\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Samsung\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2339853823-2107313754-116825072-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.avira.com/?l=dis&o=APN10265&gct=hp&dc=EU&locale=de_BE
HKU\S-1-5-21-2339853823-2107313754-116825072-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
HKU\S-1-5-21-2339853823-2107313754-116825072-1000\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM - ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
URLSearchHook: HKLM - MessengerPlusLive Germany TB Toolbar - {76aeea42-e04a-4b62-83ab-df4b2be2541e} - C:\Program Files\MessengerPlusLive_Germany_TB\prxtbMes0.dll (Conduit Ltd.)
URLSearchHook: HKU\S-1-5-21-2339853823-2107313754-116825072-1000 - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll No File
URLSearchHook: HKU\S-1-5-21-2339853823-2107313754-116825072-1000 - ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
URLSearchHook: HKU\S-1-5-21-2339853823-2107313754-116825072-1000 - MessengerPlusLive Germany TB Toolbar - {76aeea42-e04a-4b62-83ab-df4b2be2541e} - C:\Program Files\MessengerPlusLive_Germany_TB\prxtbMes0.dll (Conduit Ltd.)
SearchScopes: HKLM -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
SearchScopes: HKU\S-1-5-21-2339853823-2107313754-116825072-1000 -> DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=109958&tt=060612_8_&babsrc=SP_ss&mntrId=42cad5fe00000000000000245482ab37
SearchScopes: HKU\S-1-5-21-2339853823-2107313754-116825072-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=109958&tt=060612_8_&babsrc=SP_ss&mntrId=42cad5fe00000000000000245482ab37
SearchScopes: HKU\S-1-5-21-2339853823-2107313754-116825072-1000 -> {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
SearchScopes: HKU\S-1-5-21-2339853823-2107313754-116825072-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKU\S-1-5-21-2339853823-2107313754-116825072-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-2339853823-2107313754-116825072-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={F1388C1E-2CF2-4313-9CB7-060A1FFF918B}&mid=f4d1b201e6e247d096cfd94961e4257a-4acbc2a7fa269486901d671589a43986cb6ee6e1&lang=de&ds=is015&pr=sa&d=2012-06-07 22:31:05&v=11.1.0.7&sap=dsp&q={searchTerms}
BHO: ContributeBHO Class -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll No File
BHO: Babylon toolbar helper -> {2EECD738-5844-4a99-B4B6-146BF802613B} -> C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll [2011-08-14] (Babylon BHO)
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-07-27] (RealPlayer)
BHO: Conduit Engine -> {30F9B915-B755-4826-820B-08FBA6BD249D} -> C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17] (Conduit Ltd.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-04-14] (Oracle Corporation)
BHO: MessengerPlusLive Germany TB Toolbar -> {76aeea42-e04a-4b62-83ab-df4b2be2541e} -> C:\Program Files\MessengerPlusLive_Germany_TB\prxtbMes0.dll [2011-01-17] (Conduit Ltd.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10] (Adobe Systems Incorporated)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10] (Skype Technologies S.A.)
BHO: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files\Ask.com\GenericAskToolbar.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-04-14] (Oracle Corporation)
BHO: Microsoft Web Test Recorder 10.0 Helper -> {DDA57003-0068-4ed2-9D32-4D1EC707D94D} -> c:\Program Files\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2010-03-19] (Microsoft Corporation)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10] (Adobe Systems Incorporated)
Toolbar: HKLM - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll No File
Toolbar: HKLM - MessengerPlusLive Germany TB Toolbar - {76aeea42-e04a-4b62-83ab-df4b2be2541e} - C:\Program Files\MessengerPlusLive_Germany_TB\prxtbMes0.dll [2011-01-17] (Conduit Ltd.)
Toolbar: HKLM - ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2011-08-17] (ICQ)
Toolbar: HKLM - Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll [2011-08-14] (Babylon Ltd.)
Toolbar: HKLM - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll No File
Toolbar: HKU\S-1-5-21-2339853823-2107313754-116825072-1000 -> MessengerPlusLive Germany TB Toolbar - {76AEEA42-E04A-4B62-83AB-DF4B2BE2541E} - C:\Program Files\MessengerPlusLive_Germany_TB\prxtbMes0.dll [2011-01-17] (Conduit Ltd.)
Toolbar: HKU\S-1-5-21-2339853823-2107313754-116825072-1000 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10] (Adobe Systems Incorporated)
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} hxxp://www6.king.com/ctl/kingcomie.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-09] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10] (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [94208 2006-02-28] (Apple Computer, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
FireFox:
========
FF ProfilePath: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default
FF Homepage: https://www.google.de/?gws_rd=ssl
FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3297931&SearchSource=2&CUI=UN20523875117953152&UM=1&q=
FF NetworkProxy: "backup.ftp", " 200.16.117.62 "
FF NetworkProxy: "backup.ftp_port", 3128
FF NetworkProxy: "backup.socks", " 200.16.117.62 "
FF NetworkProxy: "backup.socks_port", 3128
FF NetworkProxy: "backup.ssl", " 200.16.117.62 "
FF NetworkProxy: "backup.ssl_port", 3128
FF NetworkProxy: "ftp", " 58.213.19.134 "
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "http", " 58.213.19.134 "
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "no_proxies_on", ""
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", " 58.213.19.134 "
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "ssl", " 58.213.19.134 "
FF NetworkProxy: "ssl_port", 3128
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\windows\system32\Adobe\Director\np32dsw_1202122.dll [2013-04-03] (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-04-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-04-14] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @oberon-media.com/ONCAdapter -> C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll [2010-09-01] (Oberon-Media )
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @real.com/nppl3260;version=12.0.1.647 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll [2011-07-27] (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=12.0.1.647 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll [2011-07-27] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=12.0.1.660 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2011-07-27] (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=12.0.1.660 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2011-07-27] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=12.0.1.660 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll [2011-07-27] (RealNetworks, Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2339853823-2107313754-116825072-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Samsung\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2012-03-28] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\user.js [2012-12-12]
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2011-07-27] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2010-11-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2010-11-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2010-11-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2010-11-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2010-11-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2010-11-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2010-11-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll [2011-07-27] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll [2011-07-27] (RealNetworks, Inc.)
FF SearchPlugin: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\searchplugins\game-master-21-b2-customized-web-search.xml [2013-05-24]
FF SearchPlugin: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\searchplugins\icq-search.xml [2012-02-18]
FF SearchPlugin: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\searchplugins\icqplugin-1.xml [2012-06-07]
FF SearchPlugin: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\searchplugins\icqplugin-10.xml [2013-02-06]
FF SearchPlugin: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\searchplugins\icqplugin-11.xml [2013-02-27]
FF SearchPlugin: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\searchplugins\icqplugin-12.xml [2013-03-08]
FF SearchPlugin: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\searchplugins\icqplugin-13.xml [2013-04-12]
FF SearchPlugin: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\searchplugins\icqplugin-14.xml [2013-05-20]
FF SearchPlugin: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\searchplugins\icqplugin-15.xml [2013-05-24]
FF SearchPlugin: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\searchplugins\icqplugin-16.xml [2013-08-19]
FF SearchPlugin: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\searchplugins\icqplugin-2.xml [2012-06-29]
FF SearchPlugin: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\searchplugins\icqplugin-3.xml [2012-07-18]
FF SearchPlugin: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\searchplugins\icqplugin-4.xml [2012-09-08]
FF SearchPlugin: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\searchplugins\icqplugin-5.xml [2012-10-27]
FF SearchPlugin: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\searchplugins\icqplugin-6.xml [2012-10-28]
FF SearchPlugin: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\searchplugins\icqplugin-7.xml [2012-12-11]
FF SearchPlugin: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\searchplugins\icqplugin-8.xml [2013-01-13]
FF SearchPlugin: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\searchplugins\icqplugin-9.xml [2013-01-19]
FF SearchPlugin: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\searchplugins\icqplugin.gif [2012-07-24]
FF SearchPlugin: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\searchplugins\icqplugin.src [2012-07-24]
FF SearchPlugin: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\searchplugins\icqplugin.xml [2012-02-18]
FF Extension: Avira Browser Safety - C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\Extensions\abs@avira.com [2015-04-27]
FF Extension: ICQ Toolbar - C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\Extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2012-07-25]
FF Extension: iMacros for Firefox - C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2015-04-12]
FF Extension: Cliqz Beta - C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\Extensions\cliqz@cliqz.com.xpi [2014-10-07]
FF Extension: Firebug - C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\Extensions\firebug@software.joehewitt.com.xpi [2013-10-24]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-20]
FF Extension: Modify Headers - C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\Extensions\{b749fc7c-e949-447f-926c-3f4eed6accfe}.xpi [2011-11-29]
FF Extension: Fast Video Download - C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\Extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}.xpi [2015-03-07]
FF Extension: Adblock Plus - C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-05-16]
FF Extension: Disable Anti-Adblock - C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\Extensions\{d49a148e-817e-4025-bee3-5d541376de3b}.xpi [2013-07-21]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com [2015-04-04]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-04-04]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF} [2015-04-04]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-07-27]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKU\S-1-5-21-2339853823-2107313754-116825072-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\extensions\cliqz@cliqz.com
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Users\Samsung\AppData\Roaming\BabylonToolbar\CR\BabylonChrome1.crx [2012-05-30]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files\DealPly\DealPly.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2011-07-27]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-10-10]
CHR HKU\S-1-5-21-2339853823-2107313754-116825072-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files\DealPly\DealPly.crx [Not Found]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ABBYY.Licensing.PDFTransformer.Classic.3.0; C:\Program Files\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe [759048 2010-02-01] (ABBYY)
R2 Active@ Disk Monitor; C:\Program Files\LSoft Technologies Inc\Active@ Hard Disk Monitor\DiskMonitorService.exe [1127944 2009-09-02] (LSoft Technologies Inc)
S3 Adobe Version Cue CS3; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe [153792 2007-03-20] (Adobe Systems Incorporated)
R2 asdsrv; C:\Program Files\Anvisoft\Anvi Smart Defender\ASDSrv.exe [686896 2012-08-23] (Anvisoft)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3416016 2015-03-25] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [309232 2015-03-25] (AVG Technologies CZ, s.r.o.)
R2 AVM WLAN Connection Service; C:\Program Files\avmwlanstick\WlanNetService.exe [364544 2008-02-25] (AVM Berlin) [File not signed]
R2 Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2010-09-26] (Macrovision Europe Ltd.) [File not signed]
R2 Guard.Mail.ru; C:\Program Files\Guard-ICQ\GuardICQ.exe [1564368 2012-02-18] ()
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1385896 2012-06-27] (LogMeIn Inc.)
R2 ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [247872 2011-08-17] ()
S3 npggsvc; C:\windows\system32\GameMon.des [3996760 2010-09-14] (INCA Internet Co., Ltd.) [File not signed]
R2 Rezip; C:\windows\SYSTEM32\Rezip.exe [311296 2009-03-05] () [File not signed]
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] ()
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software) [File not signed]
S3 Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [569024 2014-02-08] (Valve Corporation) [File not signed]
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 vpnagent; C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [558480 2013-10-10] (Cisco Systems, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [4261888 2010-07-07] (Broadcom Corporation) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 acsock; C:\windows\System32\DRIVERS\acsock.sys [92528 2013-10-10] (Cisco Systems, Inc.)
R1 asdrm; C:\windows\System32\DRIVERS\asdrm.sys [16208 2012-08-20] (Anvisoft)
R2 asdrs; C:\windows\system32\DRIVERS\asdrs.sys [22864 2012-08-20] (Anvisoft)
R2 asdws; C:\windows\system32\DRIVERS\asdws.sys [14160 2012-08-20] ()
R2 aswHwid; C:\windows\system32\drivers\aswHwid.sys [24184 2014-10-03] ()
R2 atksgt; C:\windows\System32\DRIVERS\atksgt.sys [281760 2011-09-07] ()
R1 Avgdiskx; C:\windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\windows\System32\DRIVERS\avgidsdriverx.sys [224736 2015-03-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\windows\System32\DRIVERS\avgidshx.sys [154904 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\windows\System32\DRIVERS\avgldx86.sys [192792 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\windows\System32\DRIVERS\avglogx.sys [265184 2015-02-03] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\windows\System32\DRIVERS\avgmfx86.sys [107488 2015-02-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\windows\System32\DRIVERS\avgtdix.sys [210912 2015-02-25] (AVG Technologies CZ, s.r.o.)
S3 avmeject; C:\windows\System32\drivers\avmeject.sys [4352 2007-11-07] (AVM Berlin) [File not signed]
R3 BCM42RLY; C:\windows\System32\drivers\BCM42RLY.sys [18496 2010-07-07] (Broadcom Corporation)
S3 fwlanusbn; C:\windows\System32\DRIVERS\fwlanusbn.sys [401920 2007-12-19] (AVM GmbH)
R3 hamachi; C:\windows\System32\DRIVERS\hamachi.sys [26176 2010-02-03] (LogMeIn, Inc.)
S3 HPZid412; C:\windows\System32\DRIVERS\HPZid412.sys [51024 2003-03-09] (HP)
S3 HPZipr12; C:\windows\System32\DRIVERS\HPZipr12.sys [16080 2003-03-09] (HP)
S3 HPZius12; C:\windows\System32\DRIVERS\HPZius12.sys [21456 2003-03-09] (HP)
R0 iaStorA; C:\windows\System32\DRIVERS\iaStorA.sys [508184 2012-03-26] (Intel Corporation)
R0 iaStorF; C:\windows\System32\DRIVERS\iaStorF.sys [22808 2012-03-26] (Intel Corporation)
R2 lirsgt; C:\windows\System32\DRIVERS\lirsgt.sys [25888 2011-09-07] ()
R0 sptd; C:\windows\System32\Drivers\sptd.sys [477240 2012-05-20] (Duplex Secure Ltd.)
S3 SSMO3v2Filter; C:\windows\System32\drivers\MO3v2Driver.sys [17920 2010-11-22] (Sagatek Co. Ltd.)
R2 SVKP; C:\windows\system32\SVKP.sys [2368 2015-01-30] (AntiCracking) [File not signed]
S3 vpnva; C:\windows\System32\DRIVERS\vpnva-6.sys [43376 2013-10-10] (Cisco Systems, Inc.)
S3 VSPerfDrv100; c:\Program Files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys [54144 2011-01-18] (Microsoft Corporation)
R3 WinDriver6; C:\windows\System32\drivers\windrvr6.sys [195968 2010-08-31] (Jungo)
U3 a2i35axp; C:\windows\system32\Drivers\a2i35axp.sys [0 ] (Intel Corporation) <==== ATTENTION (zero size file/folder)
U3 a3ckws4n; C:\windows\system32\Drivers\a3ckws4n.sys [0 ] (Intel Corporation) <==== ATTENTION (zero size file/folder)
S3 EagleXNt; \??\C:\windows\system32\drivers\EagleXNt.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-06 08:17 - 2015-05-06 08:18 - 00032880 _____ () C:\Users\Samsung\Downloads\FRST.txt
2015-05-06 08:16 - 2015-05-06 08:17 - 00000000 ____D () C:\FRST
2015-05-06 08:16 - 2015-05-06 08:16 - 01140736 _____ (Farbar) C:\Users\Samsung\Downloads\FRST.exe
2015-05-05 19:54 - 2015-05-05 22:53 - 00005489 _____ () C:\Users\Samsung\Desktop\waslos.txt
2015-04-30 15:07 - 2015-04-30 15:07 - 00155153 _____ () C:\Users\Samsung\Downloads\WWM(1).zip
2015-04-29 22:27 - 2015-04-29 22:27 - 00153313 _____ () C:\Users\Samsung\Downloads\WWM.zip
2015-04-29 17:21 - 2015-04-29 17:21 - 00000000 ____D () C:\Users\Samsung\workspace
2015-04-29 16:17 - 2015-04-29 16:17 - 01203488 _____ () C:\Users\Samsung\Downloads\Eclipse - CHIP-Installer.exe
2015-04-16 11:33 - 2015-04-16 11:33 - 00000000 ____D () C:\windows\system32\appraiser
2015-04-15 14:43 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-04-15 14:43 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-04-15 14:43 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-04-15 14:43 - 2015-03-13 05:42 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-04-15 14:43 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-04-15 14:43 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-04-15 14:43 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-04-15 14:43 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-04-15 14:43 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-04-15 14:43 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-04-15 14:43 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-04-15 14:43 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-04-15 14:43 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-04-15 14:43 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-04-15 14:43 - 2015-03-13 05:16 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-04-15 14:43 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-04-15 14:43 - 2015-03-13 05:09 - 00667648 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-04-15 14:43 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-04-15 14:43 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 14:43 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-04-15 14:43 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-04-15 14:43 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-04-15 14:43 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-04-15 14:43 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-04-15 14:43 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-04-15 14:43 - 2015-03-13 04:43 - 00685568 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-04-15 14:43 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-04-15 14:43 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-04-15 14:43 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-04-15 14:43 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-04-15 14:43 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-04-15 14:42 - 2015-03-25 05:00 - 03088384 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-04-15 14:42 - 2015-03-25 05:00 - 02020864 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-04-15 14:42 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-04-15 14:42 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-04-15 14:42 - 2015-03-25 05:00 - 00131584 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-04-15 14:42 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-04-15 14:42 - 2015-03-25 05:00 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-04-15 14:42 - 2015-03-25 05:00 - 00035328 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-04-15 14:42 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-04-15 14:42 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-04-15 14:42 - 2015-03-25 05:00 - 00011776 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-04-15 14:42 - 2015-03-23 05:06 - 00860160 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-04-15 14:42 - 2015-03-23 05:06 - 00630784 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-04-15 14:42 - 2015-03-23 05:06 - 00576000 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-04-15 14:42 - 2015-03-23 05:06 - 00331264 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-04-15 14:42 - 2015-03-23 05:06 - 00202752 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-04-15 14:42 - 2015-03-23 05:06 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-04-15 14:42 - 2015-03-23 05:06 - 00026112 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-04-15 14:42 - 2015-03-23 04:59 - 00896000 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-04-15 14:42 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2015-04-15 14:42 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-04-15 14:42 - 2015-03-17 07:01 - 00137656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-04-15 14:42 - 2015-03-17 07:01 - 00067512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-04-15 14:42 - 2015-03-17 06:59 - 01306112 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-04-15 14:42 - 2015-03-17 06:57 - 01061376 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-04-15 14:42 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-04-15 14:42 - 2015-03-17 06:57 - 00400896 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-04-15 14:42 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-04-15 14:42 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-04-15 14:42 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-04-15 14:42 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-04-15 14:42 - 2015-03-17 06:57 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-04-15 14:42 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-04-15 14:42 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-04-15 14:42 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-04-15 14:42 - 2015-03-17 06:57 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-04-15 14:42 - 2015-03-17 06:56 - 00262656 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-04-15 14:42 - 2015-03-17 06:56 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-04-15 14:42 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-04-15 14:42 - 2015-03-17 06:56 - 00038912 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-04-15 14:42 - 2015-03-17 06:56 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-04-15 14:42 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-04-15 14:42 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-04-15 14:42 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-04-15 14:42 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-04-15 14:42 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-04-15 14:42 - 2015-03-05 06:06 - 00305152 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2015-04-15 14:42 - 2015-03-04 06:16 - 00249784 _____ (Microsoft Corporation) C:\windows\system32\clfs.sys
2015-04-15 14:42 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\windows\system32\clfsw32.dll
2015-04-15 14:42 - 2015-02-25 05:03 - 00514560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
2015-04-15 14:42 - 2015-01-28 01:36 - 01167520 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2015-04-15 14:40 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2015-04-15 14:40 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2015-04-14 23:35 - 2015-04-14 23:35 - 00002826 _____ () C:\Users\Samsung\Desktop\matz.txt
2015-04-12 22:38 - 2015-04-12 22:38 - 00000000 ____D () C:\Users\Samsung\Documents\iMacros
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-06 08:16 - 2010-03-05 06:29 - 01196770 _____ () C:\windows\WindowsUpdate.log
2015-05-06 08:15 - 2014-11-24 20:26 - 00000000 ____D () C:\ProgramData\MFAData
2015-05-06 08:15 - 2012-10-31 16:14 - 00000000 ___RD () C:\Dropbox
2015-05-06 08:15 - 2010-11-04 16:41 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Dropbox
2015-05-06 08:08 - 2009-07-14 06:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-05-06 08:08 - 2009-07-14 06:39 - 00162533 _____ () C:\windows\setupact.log
2015-05-05 23:08 - 2013-04-28 19:37 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-05-05 22:50 - 2011-03-26 19:37 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Skype
2015-05-05 22:42 - 2010-10-01 11:55 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\FileZilla
2015-05-05 22:42 - 2009-07-14 06:34 - 00014736 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-05 22:42 - 2009-07-14 06:34 - 00014736 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-05 20:54 - 2011-03-26 19:36 - 00000000 ____D () C:\ProgramData\Skype
2015-05-05 17:42 - 2009-07-14 06:53 - 00032632 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2015-05-03 16:02 - 2011-11-28 16:32 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\TS3Client
2015-05-02 16:30 - 2011-08-25 09:57 - 00000000 ____D () C:\Users\Samsung\Desktop\Desktop2
2015-05-02 12:17 - 2015-04-03 17:09 - 00000000 ____D () C:\Users\Samsung\AppData\Local\Gameo
2015-04-30 11:45 - 2009-07-14 06:46 - 00001515 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-04-29 17:21 - 2010-05-20 22:04 - 00000000 ____D () C:\Users\Samsung
2015-04-27 17:55 - 2010-11-04 16:41 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-25 09:22 - 2014-07-30 19:13 - 00000000 ____D () C:\Users\Samsung\Desktop\desk5
2015-04-22 13:24 - 2015-04-04 08:25 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-04-22 13:24 - 2012-06-24 22:31 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-04-22 13:24 - 2010-03-05 07:55 - 01159334 _____ () C:\windows\PFRO.log
2015-04-18 00:41 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\AppCompat
2015-04-18 00:05 - 2013-11-23 13:40 - 00000000 ____D () C:\windows\rescache
2015-04-17 14:19 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\Microsoft.NET
2015-04-16 11:33 - 2014-05-08 23:12 - 00000000 ___SD () C:\windows\system32\CompatTel
2015-04-16 11:33 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\de-DE
2015-04-15 22:52 - 2013-07-15 07:14 - 00000000 ____D () C:\windows\system32\MRT
2015-04-15 22:40 - 2011-11-24 15:19 - 125832184 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-04-15 22:40 - 2010-05-20 22:12 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-15 22:38 - 2009-07-26 22:06 - 01839406 _____ () C:\windows\system32\PerfStringBackup.INI
2015-04-15 19:08 - 2013-04-28 19:37 - 00778416 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2015-04-15 19:08 - 2013-04-28 19:37 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2015-04-13 13:21 - 2015-03-26 20:00 - 00001020 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2015-04-12 12:57 - 2011-07-19 20:28 - 00000000 ___RD () C:\Program Files\Skype
2015-04-09 00:27 - 2014-02-11 23:01 - 00000000 ____D () C:\Users\Samsung\AppData\Local\Battle.net
==================== Files in the root of some directories =======
2010-09-11 22:26 - 2010-09-11 22:26 - 0138304 _____ (Phoenix Technologies) C:\Program Files\Common Files\osdinst.dll
2010-09-11 22:26 - 2010-09-11 22:26 - 1097038 _____ () C:\Program Files\Common Files\ptlosd.cab
2010-10-19 13:09 - 2010-10-19 13:09 - 0000006 _____ () C:\Program Files\Common Files\UnInstallCompleted.tmp
2010-09-11 22:26 - 2010-09-03 23:13 - 4870208 _____ (Phoenix Technologies Ltd.) C:\Program Files\Common Files\xsignal.exe
2013-07-13 03:06 - 2014-04-24 03:28 - 0000100 _____ () C:\Users\Samsung\AppData\Roaming\Camdata.ini
2013-07-13 03:06 - 2014-04-24 03:28 - 0000408 _____ () C:\Users\Samsung\AppData\Roaming\CamLayout.ini
2013-07-13 03:06 - 2014-04-24 03:28 - 0000408 _____ () C:\Users\Samsung\AppData\Roaming\CamShapes.ini
2013-07-13 03:06 - 2014-04-24 03:28 - 0004520 _____ () C:\Users\Samsung\AppData\Roaming\CamStudio.cfg
2013-07-13 03:12 - 2014-04-23 12:38 - 0000098 _____ () C:\Users\Samsung\AppData\Roaming\CamStudio.Producer.command
2013-07-13 03:13 - 2014-04-23 12:53 - 0000000 _____ () C:\Users\Samsung\AppData\Roaming\CamStudio.Producer.Data.ini
2013-07-13 03:13 - 2014-04-23 12:53 - 0001206 _____ () C:\Users\Samsung\AppData\Roaming\CamStudio.Producer.ini
2010-06-07 23:23 - 2015-03-16 18:42 - 0008080 _____ () C:\Users\Samsung\AppData\Roaming\wklnhst.dat
2010-12-22 19:42 - 2012-01-02 23:05 - 0006656 _____ () C:\Users\Samsung\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-01-17 13:14 - 2011-01-17 13:14 - 0000095 _____ () C:\Users\Samsung\AppData\Local\fusioncache.dat
2012-05-09 09:22 - 2012-05-09 09:22 - 0000337 _____ () C:\Users\Samsung\AppData\Local\Perfmon.PerfmonCfg
2014-12-09 18:56 - 2014-12-09 18:56 - 0002128 _____ () C:\Users\Samsung\AppData\Local\recently-used.xbel
2010-12-25 21:19 - 2014-10-28 08:55 - 0007598 _____ () C:\Users\Samsung\AppData\Local\Resmon.ResmonCfg
2012-09-08 18:40 - 2012-09-08 23:31 - 4503728 ____T () C:\ProgramData\dsgsdgdsgdsgw.pad
2010-05-20 22:06 - 2009-08-17 06:54 - 0131368 _____ () C:\ProgramData\FullRemove.exe
2011-10-13 10:09 - 2011-10-13 10:16 - 0000191 _____ () C:\ProgramData\hpzinstall.log
2012-09-11 12:45 - 2012-09-11 12:45 - 0000051 _____ () C:\ProgramData\ozodoedgvbizogb
2010-03-05 06:36 - 2010-03-05 06:37 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2010-03-05 06:35 - 2010-03-05 06:35 - 0000106 _____ () C:\ProgramData\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}.log
2010-03-05 06:32 - 2010-03-05 06:33 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2010-03-05 06:36 - 2010-03-05 06:36 - 0000110 _____ () C:\ProgramData\{B7A0CE06-068E-11D6-97FD-0050BACBF861}.log
2010-03-05 06:31 - 2010-03-05 06:32 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2010-03-05 06:33 - 2010-03-05 06:35 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
ZeroAccess:
C:\Users\Samsung\AppData\Local\f358ee3b
Files to move or delete:
====================
C:\ProgramData\dsgsdgdsgdsgw.pad
C:\Users\Samsung\timer.js
Some content of TEMP:
====================
C:\Users\Samsung\AppData\Local\Temp\AutoRun.exe
C:\Users\Samsung\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Samsung\AppData\Local\Temp\avgnt.exe
C:\Users\Samsung\AppData\Local\Temp\avguidx.dll
C:\Users\Samsung\AppData\Local\Temp\CmdLineExt02.dll
C:\Users\Samsung\AppData\Local\Temp\CmdLineExt03.dll
C:\Users\Samsung\AppData\Local\Temp\CommonInstaller.exe
C:\Users\Samsung\AppData\Local\Temp\contentDATs.exe
C:\Users\Samsung\AppData\Local\Temp\DeltaTB.exe
C:\Users\Samsung\AppData\Local\Temp\dj0xwiez.dll
C:\Users\Samsung\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Samsung\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpeodipj.dll
C:\Users\Samsung\AppData\Local\Temp\firefoxjre_exe.exe
C:\Users\Samsung\AppData\Local\Temp\hpzscr01.exe
C:\Users\Samsung\AppData\Local\Temp\iGearedHelper.dll
C:\Users\Samsung\AppData\Local\Temp\InstallAX.exe
C:\Users\Samsung\AppData\Local\Temp\InstallPlugin.exe
C:\Users\Samsung\AppData\Local\Temp\install_flash_player_ax.exe
C:\Users\Samsung\AppData\Local\Temp\instloffer.exe
C:\Users\Samsung\AppData\Local\Temp\InstStub.exe
C:\Users\Samsung\AppData\Local\Temp\JavaRa.exe
C:\Users\Samsung\AppData\Local\Temp\jli.dll
C:\Users\Samsung\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Samsung\AppData\Local\Temp\jre-7u40-windows-i586-iftw.exe
C:\Users\Samsung\AppData\Local\Temp\jre-7u51-windows-i586.exe
C:\Users\Samsung\AppData\Local\Temp\kchjfwj2.dll
C:\Users\Samsung\AppData\Local\Temp\keytool.exe
C:\Users\Samsung\AppData\Local\Temp\MachineIdCreator.exe
C:\Users\Samsung\AppData\Local\Temp\MessengerPlusLive_Germany_TB.exe
C:\Users\Samsung\AppData\Local\Temp\mirc722.exe
C:\Users\Samsung\AppData\Local\Temp\msvcr100.dll
C:\Users\Samsung\AppData\Local\Temp\node.exe
C:\Users\Samsung\AppData\Local\Temp\nsc6DB1.tmp.ConduitEngineEmbbed.exe
C:\Users\Samsung\AppData\Local\Temp\oi_{1FFC6D2A-713D-4D6D-8535-E6BB9DD9CA26}.exe
C:\Users\Samsung\AppData\Local\Temp\OptimizerPro.exe
C:\Users\Samsung\AppData\Local\Temp\PCCheckupInstaller.exe
C:\Users\Samsung\AppData\Local\Temp\perplex.dll
C:\Users\Samsung\AppData\Local\Temp\pyl76CB.tmp.exe
C:\Users\Samsung\AppData\Local\Temp\pyl811A.tmp.exe
C:\Users\Samsung\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\Samsung\AppData\Local\Temp\SGSFB00.EXE
C:\Users\Samsung\AppData\Local\Temp\SIntf16.dll
C:\Users\Samsung\AppData\Local\Temp\SIntf32.dll
C:\Users\Samsung\AppData\Local\Temp\SIntfNT.dll
C:\Users\Samsung\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Samsung\AppData\Local\Temp\sqlite3.exe
C:\Users\Samsung\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Samsung\AppData\Local\Temp\ToolbarInstaller.exe
C:\Users\Samsung\AppData\Local\Temp\UNINSTALL.exe
C:\Users\Samsung\AppData\Local\Temp\Uninstaller-14216.exe
C:\Users\Samsung\AppData\Local\Temp\war3_Install.exe
C:\Users\Samsung\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Samsung\AppData\Local\Temp\_is5154.exe
C:\Users\Samsung\AppData\Local\Temp\_unps.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-26 00:48
==================== End Of Log ============================
|
|
06.05.2015, 07:23
| #4 |
| | Zu viele Prozesse Addition: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 05-05-2015
Ran by Samsung at 2015-05-06 08:19:49
Running from C:\Users\Samsung\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2339853823-2107313754-116825072-500 - Administrator - Disabled)
ASPNET (S-1-5-21-2339853823-2107313754-116825072-1004 - Limited - Enabled)
Gast (S-1-5-21-2339853823-2107313754-116825072-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2339853823-2107313754-116825072-1002 - Limited - Enabled)
Samsung (S-1-5-21-2339853823-2107313754-116825072-1000 - Administrator - Enabled) => C:\Users\Samsung
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ABBYY PDF Transformer 3.0 (HKLM\...\ABBYY PDF Transformer 3.0) (Version: 3.00.317.68010 - ABBYY)
ABBYY PDF Transformer 3.0 (Version: 3.00.317.68010 - ABBYY) Hidden
Active@ Hard Disk Monitor (HKLM\...\{BF52A2EB-92BB-473E-9070-9E7BBF568791}) (Version: 1.5.20 - LSoft Technologies Inc)
Add or Remove Adobe Creative Suite 3 Master Collection (HKLM\...\Adobe_4dcfd9b7e901b57f81f667144603236) (Version: 1.0 - Adobe Systems Incorporated)
Adobe Acrobat 8.1.3 Professional (HKLM\...\Adobe Acrobat 8 Professional) (Version: 8.1.3 - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Age of Empires II: HD Edition (HKLM\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios)
AHV content for Acrobat and Flash (Version: 1 - Adobe Systems Incorporated) Hidden
AION Free-to-Play (HKLM\...\{82E73E8D-E1E7-45A4-A311-6D31492AA913}_is1) (Version: - Gameforge)
Akamai NetSession Interface (HKU\S-1-5-21-2339853823-2107313754-116825072-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Anvi Smart Defender 1.6 (HKLM\...\Anvi Smart Defender) (Version: 1.6 - Anvisoft)
Apple Application Support (HKLM\...\{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}) (Version: 1.3.2 - Apple Inc.)
Apple Software Update (HKLM\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
Atheros Client Installation Program (HKLM\...\{D1434266-0486-4469-B338-A60082CC04E1}) (Version: 1.0.2.1119 - Atheros)
Audacity 2.0.5 (HKLM\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5863 - AVG Technologies)
AVG 2015 (Version: 15.0.4342 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5863 - AVG Technologies) Hidden
AVM FRITZ!WLAN (HKLM\...\AVMWLANCLI) (Version: - AVM Berlin)
AVR Jungo USB (HKLM\...\{E8F8861D-98E0-43FF-9E48-AC236CC3BE4E}) (Version: 10.2 - Atmel)
AVR Studio 4.19 (HKLM\...\{D5D88F8F-FDA4-4CF4-9F3E-3F40118C2120}) (Version: 4.19.730 - Atmel)
AVR Studio 4.19 (Version: 4.19.730 - Atmel) Hidden
AVR Toolchain (HKLM\...\{2CE5E313-EC49-4527-A752-6DC89FE51C0D}) (Version: 3.3.0.710 - Atmel)
Babylon toolbar on IE (HKLM\...\BabylonToolbar) (Version: - ) <==== ATTENTION
BabylonObjectInstaller (HKLM\...\{83AA2913-C123-4146-85BD-AD8F93971D39}) (Version: 2.0.0.2 - Babylon Ltd) <==== ATTENTION
Battle.net (HKLM\...\Battle.net) (Version: - Blizzard Entertainment)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.55 - Broadcom Corporation)
Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version: 5.60.48.55 - Broadcom Corporation)
CamStudio version 2.7 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7 - CamStudio Open Source)
CCleaner (HKLM\...\CCleaner) (Version: 3.05 - Piriform)
Cisco AnyConnect Secure Mobility Client (HKLM\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.04072 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (Version: 3.1.04072 - Cisco Systems, Inc.) Hidden
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Client (HKLM\...\Client) (Version: - )
Cliqz (HKLM\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.22 - Cliqz.com)
CodeBlocks (HKU\S-1-5-21-2339853823-2107313754-116825072-1000\...\CodeBlocks) (Version: 10.05 - The Code::Blocks Team)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Crystal Reports for Visual Studio (Version: 12.51.0.240 - SAP) Hidden
CyberLink DVD Suite (HKLM\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2806 - CyberLink Corp.)
CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1916 - CyberLink Corp.)
CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3108a - CyberLink Corp.)
CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3213 - CyberLink Corp.)
CyberLink PowerDVD 8 (HKLM\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.2815b - CyberLink Corp.)
CyberLink PowerProducer (HKLM\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.1.1812 - CyberLink Corp.)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3625 - CyberLink Corp.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.45.4.0314 - DT Soft Ltd)
Dev-C++ 5 beta 9 release (4.9.9.2) (HKLM\...\Dev-C++) (Version: - )
Dotfuscator Software Services - Community Edition (HKLM\...\{1AA5BD63-6614-44B2-88A7-605191EDB835}) (Version: 5.0.2500.0 - PreEmptive Solutions)
Dropbox (HKU\S-1-5-21-2339853823-2107313754-116825072-1000\...\Dropbox) (Version: 3.4.4 - Dropbox, Inc.)
Easy Display Manager (HKLM\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.0 - Samsung Electronics Co., Ltd.)
Easy Network Manager (HKLM\...\{34B76DCB-BF7C-440F-B058-C84172C1E338}) (Version: 4.2.8 - Samsung)
EasyBatteryManager (HKLM\...\{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}) (Version: 4.0.0.3 - Samsung)
Fraps (HKLM\...\Fraps) (Version: - )
Free YouTube to MP3 Converter version 3.12.2.430 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.2.430 - DVDVideoSoft Ltd.)
FreePDF (Remove only) (HKLM\...\FreePDF_XP) (Version: - )
Gameforge Live 2.0.4 (HKLM\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.4 - Gameforge)
Gameo (HKU\S-1-5-21-2339853823-2107313754-116825072-1000\...\Gameo) (Version: 0.13.7 - IronSource Ltd.) <==== ATTENTION!
GDMO (HKLM\...\DMO) (Version: - )
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
Git version 1.9.5-preview20141217 (HKLM\...\Git_is1) (Version: 1.9.5-preview20141217 - The Git Development Community)
Gothic II (HKLM\...\Gothic II) (Version: - JoWooD Productions Software AG)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.04) (Version: 9.04 - Artifex Software Inc.)
Guard.ICQ (HKLM\...\Guard.Mail.ru) (Version: - Mail.ru) <==== ATTENTION
Hearthstone (HKLM\...\Hearthstone) (Version: - Blizzard Entertainment)
HeidiSQL (HKLM\...\HeidiSQL_is1) (Version: - Ansgar Becker)
Hotfix für Microsoft Visual C++ 2010 Express - DEU (KB2635973) (HKLM\...\{DEEB5FE3-40F5-3C5B-8F85-5306EF3C08F4}.KB2635973) (Version: 1 - Microsoft Corporation)
HP Deskjet 1050 J410 series - Grundlegende Software für das Gerät (HKLM\...\{FE19B8A3-C79D-4A90-8F7C-1B206DB00CFC}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
ICQ Toolbar (HKLM\...\ICQToolbar) (Version: 3.0.0 - ICQ)
ICQ7.7 (HKLM\...\{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}) (Version: 7.7 - ICQ)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.4.1001 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.00.01.1003 - Intel Corporation)
Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle)
Java DB 10.5.3.0 (HKLM\...\{00BA866C-F2A2-4BB9-A308-3DFA695B6F7C}) (Version: 10.5.3.0 - Sun Microsystems, Inc)
Java(TM) 6 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
Java(TM) SE Development Kit 6 Update 21 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0160210}) (Version: 1.6.0.210 - Oracle)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Katawa Shoujo (HKLM\...\Katawa Shoujo) (Version: - )
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version: - )
Left 4 Dead (HKLM\...\Steam App 500) (Version: - Valve)
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.1.0.166 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.1.0.166 - LogMeIn, Inc.) Hidden
Messenger Plus! Live (HKLM\...\Messenger Plus! Live) (Version: 4.85.0.386 - Yuna Software)
MessengerPlusLive Germany TB Toolbar (HKLM\...\MessengerPlusLive_Germany_TB Toolbar) (Version: 5.7.2.2 - MessengerPlusLive Germany TB)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK (HKLM\...\{2012098D-EEE9-4769-8DD3-B038050854D4}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK (HKLM\...\{05855322-BE43-41FE-B583-D3AE0C326D58}) (Version: 4.0.50826.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (HKLM\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{4F44B5AE-82A6-4A8A-A3E3-E24D489728E3}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Framework (HKLM\...\{BC537AE0-88AF-47ED-B762-33B0D62B5188}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM\...\{7A56D81D-6406-40E7-9184-8AC1769C4D69}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM\...\{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM\...\{09C52940-A4D1-4409-A7CC-1AAE630CF578}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{D441BD04-E548-4F8E-97A4-1B66135BAAA8}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM\...\{877B76B2-F83F-4F5A-B28D-3F398641ADB6}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B857D868-F8B0-43EE-BC2B-D9E5ED21F237}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x86) (HKLM\...\{C6DD625F-4B61-4561-8286-87CA0275CEA1}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 SP1 (HKLM\...\{97CE8B73-AA5A-4987-A1BE-50DD1A187478}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x86) (HKLM\...\{F990B526-8F7C-46E0-B1F1-6C893A8B478F}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x86) (HKLM\...\{DC3D6AFB-78B4-489F-81D7-30B66E0C2417}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft Team Foundation Server 2010 Object Model - ENU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - ENU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (HKLM\...\Microsoft Visual C++ 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010 Ultimate - ENU (HKLM\...\Microsoft Visual Studio 2010 Ultimate - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (HKLM\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
mIRC (HKLM\...\mIRC) (Version: 7.22 - mIRC Co. Ltd.)
Mount & Blade: Warband (HKLM\...\Steam App 48700) (Version: - Taleworlds Entertainment)
Mouse Recorder Pro 2.0.7.5 (HKLM\...\{889E44CE-435C-4D37-B302-A7E43339E5FA}_is1) (Version: - Nemex Studios)
Mozilla Firefox 37.0.2 (x86 de) (HKLM\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Notepad++ (HKLM\...\Notepad++) (Version: 5.9.8 - )
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
NVIDIA PhysX (HKLM\...\{B4F3A360-E1E2-479D-ADE7-9BE3B07F4539}) (Version: 9.10.0223 - NVIDIA Corporation)
OpenOffice.org 3.2 (HKLM\...\{8D1E61D1-1395-4E97-997F-D002DB3A5074}) (Version: 3.2.9502 - OpenOffice.org)
Oracle VM VirtualBox 4.1.12 (HKLM\...\{BD2DF5E1-0B64-40EB-93CC-77F984ADB408}) (Version: 4.1.12 - Oracle Corporation)
Patrizier II Gold (HKLM\...\Patrizier II Gold_is1) (Version: - )
PDF Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS5 (Version: 10.0 - Adobe Systems Incorporated) Hidden
Pokémon Trading Card Game Online (HKLM\...\{496D7B7E-EBDC-4E2B-B021-4FF03B188B69}) (Version: 1.0.0 - The Pokémon Company International)
PokerStars.be (HKLM\...\PokerStars.be) (Version: - PokerStars.be)
PremiumSoft Navicat Lite 10.0 (HKLM\...\PremiumSoft Navicat Lite_is1) (Version: - PremiumSoft CyberTech Ltd.)
QuickTime (HKLM\...\{E7004147-2CCA-431C-AA05-2AB166B9785D}) (Version: 7.68.75.0 - Apple Inc.)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 12.0) (Version: - RealNetworks)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6003 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Software (HKLM\...\{F2BC3383-F000-410C-A038-3846ADBE8D90}) (Version: 1.01.0088 - REALTEK Semiconductor Corp.)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: - )
Remotedesktopverbindung (HKLM\...\{62C4121D-CA64-413E-8444-0525FF7E8EF9}) (Version: 5.1.2600.2180 - Microsoft)
Revo Uninstaller 1.94 (HKLM\...\Revo Uninstaller) (Version: 1.94 - VS Revo Group)
Samsung Recovery Solution 4 (HKLM\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 4.0.0.6 - Samsung)
Samsung R-Series (HKLM\...\{3EED7541-55F8-4DC6-B9CD-28762D71310E}) (Version: 1.0 - Samsung)
Samsung Support Center (HKLM\...\{0A353130-D22C-41DD-8C67-1B02A05F2CE0}) (Version: 1.1.0 - Samsung)
Samsung Update Plus (HKLM\...\{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}) (Version: 2.0 - Samsung Electronics Co., Ltd.)
Service Pack 1 for SQL Server 2008 (KB968369) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
SimpleScreenshot 1.40 (HKLM\...\SimpleScreenshot) (Version: - )
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.6.8442 - Skype Technologies S.A.)
Skype™ 7.4 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Steam (HKLM\...\Steam) (Version: - Valve Corporation)
Stronghold (HKLM\...\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}) (Version: 1.20.0000 - Firefly Studios)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.10.0 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13.1 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.41110 - TeamViewer)
thriXXX 3DSexVilla2-135.001 (HKLM\...\3DSexVilla2-135.001) (Version: - )
TIPP10 Version 2.1.0 (HKLM\...\TIPP10_is1) (Version: - (c) 2006-2011, Tom Thielicke IT Solutions)
TreeSize Free V2.5 (HKLM\...\TreeSize Free_is1) (Version: 2.5 - JAM Software)
Tunatic (HKLM\...\Tunatic) (Version: - )
Uninstall 1.0.0.1 (HKLM\...\Uninstall_is1) (Version: - )
Unity Web Player (HKU\S-1-5-21-2339853823-2107313754-116825072-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
User Guide (HKLM\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
Vampires Dawn: Reign of Blood (HKLM\...\{CF55095E-07AA-432E-8376-CEF71D70746A}_is1) (Version: Vampires Dawn: Reign of Blood 1.31 - Brianum)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 1.1.9 (HKLM\...\VLC media player) (Version: 1.1.9 - VideoLAN)
Warcraft III (HKLM\...\Warcraft III) (Version: - )
Warcraft III: All Products (HKU\S-1-5-21-2339853823-2107313754-116825072-1000\...\Warcraft III) (Version: - )
WCF RIA Services V1.0 SP1 (HKLM\...\{D9E6001A-5DC3-4620-AF7A-80B6CD48645D}) (Version: 4.1.60114.0 - Microsoft Corporation)
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
WinAVR 20100110 (remove only) (HKLM\...\WinAVR-20100110) (Version: 20100110 - )
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live OneCare safety scanner (HKLM\...\Windows Live OneCare safety scanner) (Version: - Microsoft Corporation)
Windows Live Sync (HKLM\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
Worms Reloaded (HKLM\...\Steam App 22600) (Version: - Team17 Software Ltd.)
YTD Video Downloader 4.5.1 (HKLM\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.5.1 - GreenTree Applications SRL) <==== ATTENTION
Yugioh Virtual Dueling (HKLM\...\{B2E3A2C8-283C-4871-A499-B2711F48D64B}) (Version: 9.0 - Xero Creative)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2339853823-2107313754-116825072-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Samsung\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2339853823-2107313754-116825072-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\ProgramData\EasyBits GO\ezGameXN.dll No File
CustomCLSID: HKU\S-1-5-21-2339853823-2107313754-116825072-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\ProgramData\EasyBits GO\ezGameXN.dll No File
CustomCLSID: HKU\S-1-5-21-2339853823-2107313754-116825072-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Samsung\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-2339853823-2107313754-116825072-1000_Classes\CLSID\{A2EB5E06-4426-B017-98D3-F8F6838F2331}\InprocServer32 -> C:\windows\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2339853823-2107313754-116825072-1000_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\ProgramData\EasyBits GO\ezGameXN.dll No File
CustomCLSID: HKU\S-1-5-21-2339853823-2107313754-116825072-1000_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\ProgramData\EasyBits GO\ezGameXN.dll No File
CustomCLSID: HKU\S-1-5-21-2339853823-2107313754-116825072-1000_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files\Git\git-cheetah\git_shell_ext.dll ()
CustomCLSID: HKU\S-1-5-21-2339853823-2107313754-116825072-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-2339853823-2107313754-116825072-1000_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\ProgramData\EasyBits GO\ezGameXN.dll No File
CustomCLSID: HKU\S-1-5-21-2339853823-2107313754-116825072-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Samsung\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2339853823-2107313754-116825072-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Samsung\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2339853823-2107313754-116825072-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Samsung\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2339853823-2107313754-116825072-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Samsung\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2339853823-2107313754-116825072-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Samsung\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2339853823-2107313754-116825072-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Samsung\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2339853823-2107313754-116825072-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Samsung\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2339853823-2107313754-116825072-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Samsung\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2339853823-2107313754-116825072-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Samsung\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
==================== Restore Points =========================
12-04-2015 19:01:22 Windows-Sicherung
15-04-2015 22:33:00 Windows Update
19-04-2015 19:00:57 Windows-Sicherung
26-04-2015 19:02:35 Windows-Sicherung
03-05-2015 21:55:08 Windows-Sicherung
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0892159B-AEA7-4F81-9B36-530795DEC179} - System32\Tasks\{DFCC44DF-8A99-4D41-AD73-AA3BF1912A94} => Firefox.exe hxxp://ui.skype.com/ui/0/5.8.0.158/en/abandoninstall?page=tsMain
Task: {25B852AF-0F08-417D-A112-DD474B4238F8} - System32\Tasks\EasyBatteryManager => C:\Program Files\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2009-10-16] (SAMSUNG Electronics co., LTD.)
Task: {263D05FE-6088-48EB-A49F-8ADB28691086} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {3141A285-6669-4F1F-A0D8-A64EF715D987} - System32\Tasks\{BE365EAF-1CDB-4975-898B-08CE06250DA4} => D:\Program Files\JoWooD\Gothic II\System\gothic2.exe
Task: {39E35084-FCF5-468E-AFEB-94F0F425130F} - System32\Tasks\{5977AA73-B2DA-4F7D-9027-82467467A610} => Firefox.exe hxxp://ui.skype.com/ui/0/5.3.0.120/de/exitsurvey?uhash1=07b696a8eb651b75e225a8b1ea3a38cc&uhash2=8dd4e88582519557af344768024330bd&uhash3=c36ad720e2cfb9b2444c1a4b35f42b1d&uhash4=ed9193c3689edb480ee776d249faeeba&uhash5=2de0efb91021c3330608029f09e92ba3
Task: {4203F7D5-A321-42C2-B071-6EFC8718E2B0} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {489EECD9-31EC-4AC5-BB39-DB4AEC22828B} - System32\Tasks\RealCreateProcessScheduledTask84947349S-1-5-21-2339853823-2107313754-116825072-1000 => C:\Program Files\Real\RealPlayer\update\realsched.exe [2011-07-27] (RealNetworks, Inc.)
Task: {5C4F670D-1E23-4D35-AAE1-00234ECAE931} - System32\Tasks\{FBEB910D-F010-4537-90D1-B24405FEF499} => Firefox.exe hxxp://ui.skype.com/ui/0/5.9.0.123/en/abandoninstall?page=tsMain
Task: {5E94A94D-EAFA-4AC3-A439-155690BFD88E} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2339853823-2107313754-116825072-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2011-03-29] (RealNetworks, Inc.)
Task: {6378EDF5-B3D1-4A49-A0C8-B161AED57A67} - System32\Tasks\SUPBackground => C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe [2010-04-20] ()
Task: {728D9677-5243-442B-810B-51032FD5432E} - System32\Tasks\{5C5CE030-EEAD-4047-B815-B28F00454A85} => C:\Program Files\Skype\\Phone\Skype.exe [2015-04-17] (Skype Technologies S.A.)
Task: {760F1D58-512E-464B-9AA5-F3DC3AA58ED0} - System32\Tasks\{53CC0B06-633B-47D4-9B02-731A96F92B0D} => D:\Program Files\JoWooD\Gothic II\System\gothic2.exe
Task: {76D7A1E9-7A9F-40DC-8D4B-AA3722B300B5} - System32\Tasks\{21CBA18E-CC02-41C6-9FDB-1C485D67ED42} => C:\Program Files\JoWooD\Gothic II\UNWISE.EXE [2002-07-19] ()
Task: {7E32E7F8-66EA-4820-882C-D9BCFE8E8FBC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30] (Apple Inc.)
Task: {8F2FCF76-C1FF-45A0-8A9D-65693B1435AA} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {8FF92432-A49A-4649-B383-97E5891990CF} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {907C18EC-75C8-4C6F-B211-13AA9BA7B892} - No Task path could be read. Access denied.
Task: {9360AB4D-99A3-4A1A-9304-3AFB1A20297C} - System32\Tasks\{7E4BFBC7-BF48-4E5E-9F8E-006838B78067} => C:\Program Files\JoWooD\Gothic II\UNWISE.EXE [2002-07-19] ()
Task: {9BE31E4A-C568-46B8-9B77-FF4832D62FC4} - System32\Tasks\{066DE9F6-A3E3-422D-AA4F-D59AD2CD0E0C} => D:\Program Files\JoWooD\Gothic II\System\gothic2.exe
Task: {A5661CCA-C699-432A-94E9-601FBE966893} - System32\Tasks\{47A6F38F-0C19-48EE-8633-C06BD1414C6C} => Firefox.exe
Task: {AAF84C8D-07AF-4F08-A745-A4CF28FB0D35} - System32\Tasks\RealCreateProcessScheduledTask271365470S-1-5-21-2339853823-2107313754-116825072-1000 => C:\Program Files\Real\RealPlayer\update\realsched.exe [2011-07-27] (RealNetworks, Inc.)
Task: {ABBD9D07-2039-4ABA-BF5D-9417D0864C17} - System32\Tasks\{6C37B6E6-78B0-40DC-B432-CABA31B4F0FE} => pcalua.exe -a "C:\Program Files\Electronic Arts\Harry Potter und der Feuerkelch\EAUninstall.exe"
Task: {B19666F0-67B2-4532-92D9-DC17749B2D32} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2339853823-2107313754-116825072-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2011-03-29] (RealNetworks, Inc.)
Task: {B277C0A4-5F72-4B16-9F66-16D65D9598CE} - \DealPlyUpdate No Task File <==== ATTENTION
Task: {B81E9DDA-1B74-4908-89AC-BED382C18B98} - System32\Tasks\gameo_update => C:\Users\Samsung\AppData\Roaming\Gameo\gameo.exe [2015-02-22] ()
Task: {C0A65AE6-9C11-4E75-945A-24BF3E9BA085} - System32\Tasks\{CFA5333A-E16E-474D-A43B-641D15968D60} => pcalua.exe -a C:\Users\Samsung\Downloads\escw_97_sa_sfx.exe -d "C:\Program Files\Mozilla Firefox"
Task: {C581C1C4-6635-413F-9502-7C5F8FC699C2} - System32\Tasks\RealCreateProcessScheduledTask690994432S-1-5-21-2339853823-2107313754-116825072-1000 => C:\Program Files\Real\RealPlayer\update\realsched.exe [2011-07-27] (RealNetworks, Inc.)
Task: {C653CBBB-78D5-46AA-B7BA-99E64B7FF124} - System32\Tasks\EasyDisplayMgr => C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [2009-11-04] (Samsung Electronics Co., Ltd.)
Task: {CC9DF44D-CBB5-4AE5-8A89-DEDA5CF44EF5} - System32\Tasks\SamsungSupportCenter => C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe [2009-12-14] (SAMSUNG Electronics)
Task: {CEEA1937-5644-4F73-ACCF-F96476C92D0D} - System32\Tasks\{3CECFE6E-F5D3-4756-BB85-59ABE1046913} => pcalua.exe -a E:\Patch_Game\Install2.exe -d E:\Patch_Game
Task: {D907D439-A03E-4D08-B861-C10484AFFAE1} - System32\Tasks\advSRS4 => C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2010-01-19] (SEC)
Task: {E0B94096-92CC-4CE5-8F1D-42A016CB7549} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {E30836DE-842A-44DF-9CE6-72A1EE3672AF} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {E7C87683-C160-4F94-B4C1-1E7F917D187E} - System32\Tasks\{656F27AA-3B35-4D3A-B9A3-4D873C3983E1} => pcalua.exe -a D:\Skyrim\install.exe -d D:\Skyrim
Task: {F0010C41-C13F-4D2B-8E8A-DC0C08B90CE3} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2339853823-2107313754-116825072-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2011-03-29] (RealNetworks, Inc.)
Task: {F8090752-FE81-4490-9C93-3B2550C52AEE} - System32\Tasks\{A4813A57-31E9-453F-A5DD-C91DE74386EB} => C:\Program Files\Skype\\Phone\Skype.exe [2015-04-17] (Skype Technologies S.A.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) ==============
2012-06-17 02:03 - 2012-05-15 11:27 - 00079168 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2013-10-10 23:48 - 2013-10-10 23:48 - 00063376 _____ () C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2013-04-29 18:49 - 2012-08-18 11:31 - 00116224 _____ () C:\windows\System32\redmonnt.dll
2012-08-23 12:42 - 2012-08-23 12:42 - 00784688 _____ () C:\Program Files\Anvisoft\Anvi Smart Defender\sqlite3.dll
2012-02-18 02:23 - 2012-02-18 02:23 - 01564368 _____ () C:\Program Files\Guard-ICQ\GuardICQ.exe
2012-02-18 02:23 - 2011-08-17 12:04 - 00247872 _____ () C:\Program Files\ICQ6Toolbar\ICQ Service.exe
2010-03-05 06:31 - 2010-04-20 14:26 - 00300912 _____ () C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe
2010-03-05 06:31 - 2010-04-16 14:11 - 00155648 _____ () C:\Program Files\Samsung\Samsung Update Plus\HMXML.dll
2010-03-05 06:38 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
2010-03-05 06:29 - 2009-03-05 11:54 - 00311296 _____ () C:\windows\SYSTEM32\Rezip.exe
2010-03-05 06:34 - 2009-07-07 20:23 - 00247152 _____ () C:\Program Files\CyberLink\Shared files\RichVideo.exe
2015-05-06 08:14 - 2015-05-06 08:14 - 00043008 _____ () c:\users\samsung\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpeodipj.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00750080 _____ () C:\Users\Samsung\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00047616 _____ () C:\Users\Samsung\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00865280 _____ () C:\Users\Samsung\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00200704 _____ () C:\Users\Samsung\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:39413AC3
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54
AlternateDataStreams: C:\ProgramData\Temp:A42A9F39
AlternateDataStreams: C:\ProgramData\Temp:ABE89FFE
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2339853823-2107313754-116825072-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1 - 192.168.0.2
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Users^Samsung^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Samsung^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk => C:\windows\pss\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Samsung^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk => C:\windows\pss\OpenOffice.org 3.2.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Samsung^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Wecker für Windows 6.lnk => C:\windows\pss\Wecker für Windows 6.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Adobe_ID0EYTHM => C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
MSCONFIG\startupreg: AlcoholAutomount => "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
MSCONFIG\startupreg: AVMWlanClient => C:\Program Files\avmwlanstick\wlangui.exe
MSCONFIG\startupreg: Broadcom Wireless Manager UI => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe
MSCONFIG\startupreg: Cisco AnyConnect Secure Mobility Agent for Windows => "C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
MSCONFIG\startupreg: CLMLServer => "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: fsn => C:\Program Files\Phoenix Technologies Ltd\FailSafe\FailSafeNotifier.exe
MSCONFIG\startupreg: Guard.Mail.ru.gui => "C:\Program Files\Guard-ICQ\GuardICQ.exe" /gui
MSCONFIG\startupreg: ICQ => "C:\Program Files\ICQ7.7\ICQ.exe" silent loginmode=4
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: msnmsgr => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: PDVD8LanguageShortcut => "C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RemoteControl8 => "C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
MSCONFIG\startupreg: Steam => "D:\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SwitchBoard => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: TkBellExe => "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
MSCONFIG\startupreg: UCam_Menu => "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
MSCONFIG\startupreg: UpdateLBPShortCut => "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
MSCONFIG\startupreg: UpdateP2GoShortCut => "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
MSCONFIG\startupreg: UpdatePDRShortCut => "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\7.0"
MSCONFIG\startupreg: UpdatePPShortCut => "C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0"
MSCONFIG\startupreg: UpdatePSTShortCut => "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
==================== FirewallRules (whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
FirewallRules: [{50AD84C6-CB9F-4960-975D-204E09E70424}] => (Allow) C:\Program Files\CyberLink\PowerDirector\PDR.EXE
FirewallRules: [{73A89CE8-C770-4A9C-AA94-515609E7CA3D}] => (Allow) C:\Program Files\CyberLink\PowerDVD8\PowerDVD8.EXE
FirewallRules: [{610C72CF-4019-4359-AF51-45BEA3677334}] => (Allow) C:\Program Files\Common Files\Mcafee\MNA\McNaSvc.exe
FirewallRules: [{B907223B-F43D-4BDC-AAE4-5231F9F13384}] => (Allow) C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE
FirewallRules: [{C21C3A70-49E3-4E2A-BE9E-825C8397E3E9}] => (Allow) C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE
FirewallRules: [{B6250E2F-8E93-4BC3-A68E-CAA52113A433}] => (Allow) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
FirewallRules: [{79EF64DB-B6A3-45E7-8D92-CF41C43F509F}] => (Allow) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
FirewallRules: [{E373302B-ABF5-4AB0-898F-19A48E36F95B}] => (Allow) D:\StarCraft II\StarCraft II.exe
FirewallRules: [{C9C073BC-D080-4FC8-9B0B-57FC8FE51C54}] => (Allow) D:\StarCraft II\StarCraft II.exe
FirewallRules: [{3040F5D3-4C06-416D-9760-3E0679AFB7AA}] => (Allow) LPort=3703
FirewallRules: [{9B421B41-0AF2-4EB9-8D29-891B095A1584}] => (Allow) LPort=3704
FirewallRules: [{4534F3C2-275E-4DF4-8DF1-24ED0C5FEFAE}] => (Allow) LPort=50900
FirewallRules: [{A2AEE7C8-A419-464A-A83B-8A0A2B0818A1}] => (Allow) LPort=50901
FirewallRules: [{77B50A77-9825-43A2-A317-3EF644E7F979}] => (Allow) C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
FirewallRules: [{AFF5D610-0E39-44EB-97A4-24FFE4AB8A43}] => (Allow) C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
FirewallRules: [{9F95DDC8-18CC-4E0B-A286-4B749E1A06E5}] => (Allow) C:\Users\Samsung\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{3D64D103-9C28-4DBC-97FE-1089B9BB18C3}] => (Allow) C:\Users\Samsung\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{D9D83360-8BA1-49F0-A3C9-E4919B94AC46}] => (Allow) C:\Program Files\ICQ7.2\aolload.exe
FirewallRules: [{050B1FD9-5FCC-42C9-B4DB-1A0ADF346898}] => (Allow) C:\Program Files\ICQ7.2\aolload.exe
FirewallRules: [{68CC7AC1-5E2C-407C-911A-B413040E16C8}] => (Allow) C:\Program Files\ICQ7.2\aolload.exe
FirewallRules: [{5212EADA-FD9C-466A-A756-54ADF222A50F}] => (Allow) C:\Program Files\ICQ7.2\aolload.exe
FirewallRules: [{6C7535A5-9149-4DB4-B1D0-E520FF009DE3}] => (Allow) C:\Program Files\ICQ7.2\aolload.exe
FirewallRules: [{32CE985D-9234-4D83-B7F1-94A93315D0DC}] => (Allow) C:\Program Files\ICQ7.2\aolload.exe
FirewallRules: [{819976E7-04B3-4E50-95C3-6C5528D6F2E4}] => (Allow) svchost.exe
FirewallRules: [{62021A4D-A467-4454-8B2A-B8223EBA1813}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{CAA8D7E6-4BD4-410D-9F32-6566C80FE070}] => (Allow) c:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{5275F80E-9672-4CD8-BFC0-501A02C37281}C:\users\samsung\desktop\divine wind\eu3game.exe] => (Allow) C:\users\samsung\desktop\divine wind\eu3game.exe
FirewallRules: [UDP Query User{9B075805-5705-46D5-AF34-7005C24394A8}C:\users\samsung\desktop\divine wind\eu3game.exe] => (Allow) C:\users\samsung\desktop\divine wind\eu3game.exe
FirewallRules: [{54ADF217-B5A8-45D8-B2E2-5BF9896DAF10}] => (Allow) C:\Program Files\Skype\Plugin Manager\skypePM.exe
FirewallRules: [TCP Query User{DEB192F7-BC96-4F47-B6A5-B94A6416EF95}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{BFAC0ABD-A8A9-4FA6-89E2-275B822A6CF0}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [{32736982-6C4B-4902-9277-F705EA47928C}] => (Block) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [{4865E525-73C4-4894-B0F6-5A03015B0AD9}] => (Block) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [{04634560-8423-4023-8B91-5664FE1E1AB4}] => (Allow) C:\Program Files\Firefly Studios\Stronghold\Stronghold.exe
FirewallRules: [{C9280906-70A7-467A-ADEB-9B4591F0BBDF}] => (Allow) C:\Program Files\Firefly Studios\Stronghold\Stronghold.exe
FirewallRules: [{AC626B63-2254-4A56-9484-14F6D445EFAD}] => (Allow) %USERPROFILE%\Desktop\Minecraft Server 1.6\Minecraft_Server.exe
FirewallRules: [{DE1A6375-5664-419D-B32A-52C503C2D988}] => (Allow) %USERPROFILE%\Desktop\Minecraft Server 1.6\Minecraft_Server.exe
FirewallRules: [{B80F9CA5-6C9C-45E3-8B71-4070D19203FF}] => (Allow) C:\Users\Samsung\Desktop\Minecraft Server 1.6\Minecraft_Server.exe
FirewallRules: [{A91B58B2-F65A-4915-AD45-3F36A9A0D23F}] => (Allow) C:\Users\Samsung\Desktop\Minecraft Server 1.6\Minecraft_Server.exe
FirewallRules: [{D4011FEB-8937-4635-915A-B691BB651B2C}] => (Allow) C:\Users\Samsung\Desktop\Minecraft Server 1.6\Minecraft_Server.exe
FirewallRules: [{A6D451C1-AC8F-4940-B219-A251921F7640}] => (Allow) C:\Users\Samsung\Desktop\Minecraft Server 1.6\Minecraft_Server.exe
FirewallRules: [TCP Query User{B5E6EBE6-DD27-4673-A081-D0BCA767F55D}C:\program files\runes of magic\client.exe] => (Allow) C:\program files\runes of magic\client.exe
FirewallRules: [UDP Query User{3D1ACC50-1CC2-462C-860F-C99B4D06B318}C:\program files\runes of magic\client.exe] => (Allow) C:\program files\runes of magic\client.exe
FirewallRules: [{CEAD3EAE-EF01-42D7-8034-3BE11D1BD4A7}] => (Block) C:\program files\runes of magic\client.exe
FirewallRules: [{37722B93-1534-47C1-9354-BB88AD50AF7E}] => (Block) C:\program files\runes of magic\client.exe
FirewallRules: [TCP Query User{CA6E3A25-CCD6-4182-B075-CD3F3F7C89B4}D:\warcraft iii\war3.exe] => (Block) D:\warcraft iii\war3.exe
FirewallRules: [UDP Query User{26F470AB-79FF-44CA-B9C3-166D145C0548}D:\warcraft iii\war3.exe] => (Block) D:\warcraft iii\war3.exe
FirewallRules: [{6FC2470B-C421-49A5-A1F6-6D1AA5474360}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{7C6D2F13-AD84-462F-B9D0-1DF89D2810C4}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{77082EA4-257B-44A1-A330-6571AAA7A7A9}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [{B32F9DD4-8924-4ADA-9459-069185D908C4}] => (Block) C:\xampp\apache\bin\httpd.exe
FirewallRules: [{BB2B9703-40A4-4AB3-B843-2F1EB54D774A}] => (Block) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{958437BE-3382-4190-A13B-F2A1E19D1375}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{00A23553-1B73-4FAC-BA11-6153494DB67C}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{A6F91CDD-A251-49CB-AA4F-915C854A7A52}] => (Block) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{6D81DEA7-725A-4700-9C80-FC9110550F02}] => (Block) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{C71D52A9-F5AE-404E-AC72-EFD498436B9B}C:\xampp\filezillaftp\filezilla server.exe] => (Allow) C:\xampp\filezillaftp\filezilla server.exe
FirewallRules: [UDP Query User{F293816B-94F2-4EFB-8D3E-A468DB1A7F09}C:\xampp\filezillaftp\filezilla server.exe] => (Allow) C:\xampp\filezillaftp\filezilla server.exe
FirewallRules: [{267BFD91-6FAA-4742-A922-825CF3C48221}] => (Block) C:\xampp\filezillaftp\filezilla server.exe
FirewallRules: [{0CEF2119-4399-45DB-AA1D-C937C33076CE}] => (Block) C:\xampp\filezillaftp\filezilla server.exe
FirewallRules: [TCP Query User{1007FC01-AB44-456C-BE53-5BD610F4C0B6}C:\xampp\mercurymail\mercury.exe] => (Block) C:\xampp\mercurymail\mercury.exe
FirewallRules: [UDP Query User{2DC5430D-22F1-433C-AB46-6741E5A5AD57}C:\xampp\mercurymail\mercury.exe] => (Block) C:\xampp\mercurymail\mercury.exe
FirewallRules: [TCP Query User{64BB0EF3-BB4F-45F6-BC7D-3F1B7A890E1A}C:\users\samsung\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\samsung\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{A81BEADF-7D9B-470C-8671-9F26D47EF215}C:\users\samsung\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\samsung\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{6E0F738B-0521-4AF7-9604-D110D1FC6D73}] => (Allow) LPort=995
FirewallRules: [TCP Query User{CDBC959F-3E63-46CA-A005-91C221E13095}D:\winamp\winamp.exe] => (Allow) D:\winamp\winamp.exe
FirewallRules: [UDP Query User{1B355CBF-88F7-40D1-AB60-316ED193174C}D:\winamp\winamp.exe] => (Allow) D:\winamp\winamp.exe
FirewallRules: [{EF7859E4-3EB1-4EF6-B91B-B3787311380A}] => (Block) D:\winamp\winamp.exe
FirewallRules: [{B1DF7B35-ACEB-4441-A069-5504672AE36B}] => (Block) D:\winamp\winamp.exe
FirewallRules: [TCP Query User{17756F3D-8F3D-45E8-9F6B-3C5F14026A58}C:\users\samsung\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\samsung\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{0EDFE612-495F-4FF6-8121-15A38A06E237}C:\users\samsung\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\samsung\appdata\local\akamai\netsession_win.exe
FirewallRules: [{2BEC82A1-A28C-4965-BD21-009AC5121CC4}] => (Allow) D:\World of Warcraft\Launcher.exe
FirewallRules: [{9B98FA0E-E27C-4D57-93F4-BB6043282032}] => (Allow) D:\World of Warcraft\Launcher.exe
FirewallRules: [{1141949A-8BAA-4A7B-8818-155F534E2D9F}] => (Allow) D:\World of Warcraft\Launcher.patch.exe
FirewallRules: [{8FC63B82-5ADD-4BC3-8536-B4E5969039E7}] => (Allow) D:\World of Warcraft\Launcher.patch.exe
FirewallRules: [TCP Query User{2B59DC65-1FC6-4332-A6A2-AA6A5E7C3D88}D:\world of warcraft\backgrounddownloader.exe] => (Allow) D:\world of warcraft\backgrounddownloader.exe
FirewallRules: [UDP Query User{9319F7AB-9F21-4630-9D99-3A4DC815B280}D:\world of warcraft\backgrounddownloader.exe] => (Allow) D:\world of warcraft\backgrounddownloader.exe
FirewallRules: [{C7E11855-59DD-4DEC-BE9C-513FA19C8594}] => (Block) D:\world of warcraft\backgrounddownloader.exe
FirewallRules: [{D968D504-25CE-4A5B-B4B4-3CBF2B9BA471}] => (Block) D:\world of warcraft\backgrounddownloader.exe
FirewallRules: [{C9FD69FB-CCEA-419F-9356-D854A003906A}] => (Allow) LPort=2082
FirewallRules: [{1178D0CF-35D5-4D44-BC32-8948D786D516}] => (Allow) LPort=5000
FirewallRules: [{071E16F0-1AD7-4682-A93F-C3F5CAEFB709}] => (Allow) C:\Program Files\ICQ7.7\ICQ.exe
FirewallRules: [{B636112C-5E8F-4967-85CA-941AA80A1B93}] => (Allow) C:\Program Files\ICQ7.7\ICQ.exe
FirewallRules: [{76E2625E-BC10-4AAB-A2DF-BB336D28DE96}] => (Allow) C:\Program Files\ICQ7.7\ICQ.exe
FirewallRules: [{8B24F3FD-CCE5-43BD-9A42-EB665063ABF7}] => (Allow) C:\Program Files\ICQ7.7\ICQ.exe
FirewallRules: [{BC14BE52-9AB6-4781-A3AA-654CA0E35394}] => (Allow) C:\Program Files\ICQ7.7\ICQ.exe
FirewallRules: [{91D0EBC5-496C-4AD5-8561-5D9DA3B5E080}] => (Allow) C:\Program Files\ICQ7.7\ICQ.exe
FirewallRules: [TCP Query User{BECB157F-3E6F-4001-A068-030150758FA2}C:\users\samsung\appdata\local\temp\rar$ex17.081\dmpc 3.1.3-3.exe] => (Block) C:\users\samsung\appdata\local\temp\rar$ex17.081\dmpc 3.1.3-3.exe
FirewallRules: [UDP Query User{E05D5972-9C86-44DB-BE55-1E8AFFF499EF}C:\users\samsung\appdata\local\temp\rar$ex17.081\dmpc 3.1.3-3.exe] => (Block) C:\users\samsung\appdata\local\temp\rar$ex17.081\dmpc 3.1.3-3.exe
FirewallRules: [TCP Query User{45923EFD-572D-40E4-AAA9-87DC8ED6687E}D:\irc\mirc\mirc.exe] => (Allow) D:\irc\mirc\mirc.exe
FirewallRules: [UDP Query User{8B83C37C-C37B-40E0-B79D-F3477A98E9FC}D:\irc\mirc\mirc.exe] => (Allow) D:\irc\mirc\mirc.exe
FirewallRules: [TCP Query User{A57ADFB7-CF70-4B4C-B459-ED4A51DB64D5}D:\yugioh\yugioh virtual desktop 9.exe] => (Allow) D:\yugioh\yugioh virtual desktop 9.exe
FirewallRules: [UDP Query User{3710DBC6-2487-471F-85DD-E70970E6D595}D:\yugioh\yugioh virtual desktop 9.exe] => (Allow) D:\yugioh\yugioh virtual desktop 9.exe
FirewallRules: [{44A16A7A-1AF6-4C0B-BB6F-88F26119C29A}] => (Allow) C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe
FirewallRules: [{81A05CA6-A9EE-4D47-B75A-122BB7C59E23}] => (Allow) C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe
FirewallRules: [{A342196E-5844-4651-922E-AE0C67DEC553}] => (Allow) D:\starcraft\StarCraft II\StarCraft II.exe
FirewallRules: [{FA40883C-3625-4388-B2EE-28B821ADF691}] => (Allow) D:\starcraft\StarCraft II\StarCraft II.exe
FirewallRules: [{F1A15031-3892-497F-B326-DB48FBCB863E}] => (Allow) D:\Skyrim\Skyrim\Steam.exe
FirewallRules: [{3B686F01-0A99-400D-97CA-B0CBB8FAA0FC}] => (Allow) D:\Skyrim\Skyrim\Steam.exe
FirewallRules: [{98213B05-1F47-4A4C-BDC9-B75260D574F2}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{DCF723BF-C0C3-4244-91E5-AA6B3300D915}] => (Allow) LPort=2869
FirewallRules: [{09B98318-FD6C-4776-AAB3-18A3BE82AD51}] => (Allow) LPort=1900
FirewallRules: [{8332E16B-AF5E-462F-B71A-6C7214B89497}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{8764D3D2-A637-4267-8AFA-1AEDE33D9DD1}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [TCP Query User{90923743-A0BF-4792-8F9E-3CE5537A9F29}D:\dvuniverse\unreal3\binaries\win32\dcgame.exe] => (Block) D:\dvuniverse\unreal3\binaries\win32\dcgame.exe
FirewallRules: [UDP Query User{6D0BCE92-9BA8-4E76-A26D-C44A0728AF14}D:\dvuniverse\unreal3\binaries\win32\dcgame.exe] => (Block) D:\dvuniverse\unreal3\binaries\win32\dcgame.exe
FirewallRules: [{A2BB5DDE-C02D-4B5D-9F02-355EF8B916BB}] => (Allow) D:\pokemon\Pokemon World Online\PWO.exe
FirewallRules: [{E29D0177-0651-4E90-9B0C-7F868BCA3948}] => (Allow) D:\pokemon\Pokemon World Online\PWO.exe
FirewallRules: [{A2F7443C-DBC7-4164-B83C-458F2C228AA9}] => (Allow) D:\pokemon\Pokemon World Online\PWO.exe
FirewallRules: [{CB9498F0-0CC3-45C2-A62D-9A1A3D7F7BC6}] => (Allow) D:\pokemon\Pokemon World Online\PWO.exe
FirewallRules: [TCP Query User{0CCCD86E-1C09-4B45-B5B8-53700C5E8716}C:\windows\system32\taskhost.exe] => (Block) C:\windows\system32\taskhost.exe
FirewallRules: [UDP Query User{1ACE15CB-CE57-4BEB-BC6C-3C670468C574}C:\windows\system32\taskhost.exe] => (Block) C:\windows\system32\taskhost.exe
FirewallRules: [{CCE2DA67-7BCA-418B-BD8D-B2629E636455}] => (Allow) D:\Steam\SteamApps\common\mountblade warband\mb_warband.exe
FirewallRules: [{7F7173F4-6A94-4951-AD9B-3FE4A2AAE107}] => (Allow) D:\Steam\SteamApps\common\mountblade warband\mb_warband.exe
FirewallRules: [TCP Query User{9AE1790C-0EA1-413F-84CF-818A6F640279}D:\byond\bin\byond.exe] => (Allow) D:\byond\bin\byond.exe
FirewallRules: [UDP Query User{2C257080-F531-491B-BCAA-A487D8B91C64}D:\byond\bin\byond.exe] => (Allow) D:\byond\bin\byond.exe
FirewallRules: [{CECBBEE6-E4E1-42F3-AF53-341E51769C74}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{D5005FBB-2D78-49A6-B83E-6462657A95FC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{5C400CA8-5966-4133-B335-591E61075C33}] => (Allow) D:\heartstone\Battle.net\Battle.net.exe
FirewallRules: [{A3AB8D5E-A41D-44D7-A817-361118BAB35B}] => (Allow) D:\heartstone\Battle.net\Battle.net.exe
FirewallRules: [{C63B5771-D94B-4C28-97A9-492B926FED5F}] => (Allow) D:\heartstone\Hearthstone\Hearthstone.exe
FirewallRules: [{829F03F3-A3F2-4B39-AFA5-4ECCE09B9F20}] => (Allow) D:\heartstone\Hearthstone\Hearthstone.exe
FirewallRules: [{C2D6CECC-9E6C-4BB4-A9A0-D4A310DB1687}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe
FirewallRules: [{23073F24-FB1C-4645-9BAE-985D7DF7FE7A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe
FirewallRules: [{0C082841-B633-4C3E-BB92-05F78A0BFEE4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{2C514A5F-6331-475F-B4BC-78A99BF13229}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{D1FBE048-C7F5-444A-9BD7-E2CA63C55D33}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{BB04BA22-DCB4-4885-8714-835792E228A1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{2AD1BC98-0A23-4DB8-9A8B-5A39AD7A2153}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{09F50DA5-45D5-4278-B772-525049654DFF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{1F32B49E-0A6F-4C4B-88BD-B3FC5E749295}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{9B50BABD-83A4-4AF7-9C39-A09C068042F0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{65A28DCC-2ECA-4C61-8836-A275DF9E257B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{D26C2922-1569-4354-90CE-E4BC9C24B398}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{2E543131-5FDF-4793-B712-97A4F9C91688}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{71570369-B310-4A38-BA62-BC89F7577663}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{7CAE524B-D461-46BB-A19B-BB77CBF4AF4A}] => (Allow) C:\Program Files\GameforgeLive\gfl_client.exe
FirewallRules: [TCP Query User{891CD3F4-456D-43FC-9002-0EB4B58D468D}C:\program files\gameforgelive\games\deu_deu\aion\nclauncher.exe] => (Allow) C:\program files\gameforgelive\games\deu_deu\aion\nclauncher.exe
FirewallRules: [UDP Query User{AB8DD565-734D-4013-98DC-FD91DF4152FA}C:\program files\gameforgelive\games\deu_deu\aion\nclauncher.exe] => (Allow) C:\program files\gameforgelive\games\deu_deu\aion\nclauncher.exe
FirewallRules: [TCP Query User{F90A706F-1F58-4C8F-8CBB-F0167346E9F6}D:\deu_deu\aion\nclauncher.exe] => (Allow) D:\deu_deu\aion\nclauncher.exe
FirewallRules: [UDP Query User{AABD4549-76D0-41B5-A20C-3ACA26EE1C2D}D:\deu_deu\aion\nclauncher.exe] => (Allow) D:\deu_deu\aion\nclauncher.exe
FirewallRules: [{3C4BD632-6E07-43AE-B2C3-6EE5DEB9502A}] => (Allow) D:\Wow\World of Warcraft - Retail\Launcher.exe
FirewallRules: [{34C7289E-2FE9-40A2-9BC2-8B172417B156}] => (Allow) D:\Wow\World of Warcraft - Retail\Launcher.exe
FirewallRules: [{2E2D947A-BAAE-4A69-BD1D-0E56833524F0}] => (Allow) D:\Wow\World of Warcraft - Retail\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe
FirewallRules: [{C4B8220E-AAC4-43BC-9BD0-235985026B3C}] => (Allow) D:\Wow\World of Warcraft - Retail\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe
FirewallRules: [{CDDC61AE-B5FE-4555-B9AA-F2269926BC46}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{2E807844-0FB7-434C-B31B-C9D100A10EE6}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{20C9C315-A550-463D-BF10-7EB6C903AF81}] => (Allow) D:\Steam\SteamApps\common\left 4 dead\left4dead.exe
FirewallRules: [{1C0D2EAD-75E7-40EA-B5D6-F645965E07A2}] => (Allow) D:\Steam\SteamApps\common\left 4 dead\left4dead.exe
FirewallRules: [{C23C3CEA-C6D1-440C-A9F3-B8DE38536054}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{968D0247-DB68-4115-9F11-F0F89D38E871}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{7F32328F-BEF5-4922-AA1D-2358C3E9219B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{FB4B93F9-743A-4C62-89CC-CD644CFBD37D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{204CD363-5AAC-4139-B25C-75429A888046}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{0925E5C3-D54D-425D-8CEC-70D3A18AC057}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{153B8081-7491-45B0-9130-82A38D13DE9B}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{F2B76713-7494-43CC-88DE-7CE341F52CF2}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe
FirewallRules: [TCP Query User{F75CA4AF-DC31-4BE2-9085-CC4836862653}D:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) D:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [UDP Query User{93A1CD92-84F5-4A44-B27F-743CDFF088AE}D:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) D:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [TCP Query User{1755E384-16EB-4E0B-8183-5678DC79562F}D:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) D:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [UDP Query User{7444361E-1183-46AC-B7B2-BCF7A2094733}D:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) D:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [{50784F98-6B25-4CBD-9066-F94D1B7F81EA}] => (Block) D:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [{AA3A8459-C02C-4252-858E-26B603A79B92}] => (Block) D:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [{691A0DFD-16F0-48DB-82F8-AD48ED092BAA}] => (Block) D:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [{A595D1EA-177C-46C5-BFB7-59FFCA082296}] => (Block) D:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [{28C07B4A-49DF-41E6-9C55-205EA4F07581}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{39516D12-2681-40AF-BC43-C77DFB6B9772}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{06B4EA14-B777-448B-98E6-78C8D28744BA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{C14E4D43-C215-4931-9890-D977B33C2CA8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{4F377563-324B-44B5-9FB3-CCAA6AF9621C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{CB2CE00F-E3B7-4B0A-A650-9928DF453056}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{EC055550-3ACC-4C67-8699-124B189DAE5E}] => (Allow) D:\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{A2A676E8-6B09-4DFB-85AC-C88FBDBCF919}] => (Allow) D:\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{14C54D6D-CFBC-4C97-912A-17F60A499D50}] => (Allow) D:\Steam\SteamApps\common\Worms Reloaded\WormsReloaded.exe
FirewallRules: [{757F1B91-45F7-4807-8DE5-C1F2A20C5378}] => (Allow) D:\Steam\SteamApps\common\Worms Reloaded\WormsReloaded.exe
FirewallRules: [TCP Query User{9C03EB4D-D966-4FCE-80A4-27704D752F4B}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{58ADF6F0-905E-4963-B1D5-C469DF4AE81A}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{5973461E-3351-44DE-ABE2-E2EBC4C320AB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{9EC3B809-6551-4350-940E-B5588F8D8423}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{FCAABD1F-ADBA-4AC9-A5F6-AF6F32F9E8FD}] => (Allow) C:\Program Files\AVG\AVG2015\avgnsx.exe
FirewallRules: [{2C6BF7EB-E981-4D6B-83B8-1435A39E8E54}] => (Allow) C:\Program Files\AVG\AVG2015\avgnsx.exe
FirewallRules: [{A25FFB53-5D49-41E2-9664-A38266101E3A}] => (Allow) C:\Program Files\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{D641A948-801D-42FB-A4EC-27CC9CB91B42}] => (Allow) C:\Program Files\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{F85074AD-0D33-4CB6-9A69-580DB552925E}] => (Allow) C:\Program Files\AVG\AVG2015\avgemcx.exe
FirewallRules: [{A52485D3-BCEE-4007-99A0-3658E3995090}] => (Allow) C:\Program Files\AVG\AVG2015\avgemcx.exe
FirewallRules: [{35A7D2C7-3CDD-41E2-BE0C-538880500B3D}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{256023CC-D397-4D43-AA6D-4B60EC24DEFE}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{994A9577-D6C5-440F-821E-138F7A4C497D}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{588AFBF2-6836-4441-98ED-F239581525C9}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
==================== Faulty Device Manager Devices =============
Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/06/2015 08:14:03 AM) (Source: MsiInstaller) (EventID: 11714) (User: NT-AUTORITÄT)
Description: Product: LogMeIn Hamachi -- Error 1714. The older version of LogMeIn Hamachi cannot be removed. Contact your technical support group. System Error 1612.
Error: (05/05/2015 11:04:59 PM) (Source: MsiInstaller) (EventID: 11714) (User: NT-AUTORITÄT)
Description: Product: LogMeIn Hamachi -- Error 1714. The older version of LogMeIn Hamachi cannot be removed. Contact your technical support group. System Error 1612.
Error: (05/05/2015 07:46:00 PM) (Source: MsiInstaller) (EventID: 11714) (User: NT-AUTORITÄT)
Description: Product: LogMeIn Hamachi -- Error 1714. The older version of LogMeIn Hamachi cannot be removed. Contact your technical support group. System Error 1612.
Error: (05/05/2015 06:58:31 PM) (Source: Wininit) (EventID: 1015) (User: )
Description: Ein kritischer Systemprozess C:\windows\system32\lsass.exe ist fehlgeschlagen mit den Statuscode 1. Der Computer muss neu gestartet werden.
Error: (05/05/2015 06:38:18 PM) (Source: Wininit) (EventID: 1015) (User: )
Description: Ein kritischer Systemprozess C:\windows\system32\lsm.exe ist fehlgeschlagen mit den Statuscode 1. Der Computer muss neu gestartet werden.
Error: (05/05/2015 05:36:00 PM) (Source: MsiInstaller) (EventID: 11714) (User: NT-AUTORITÄT)
Description: Product: LogMeIn Hamachi -- Error 1714. The older version of LogMeIn Hamachi cannot be removed. Contact your technical support group. System Error 1612.
Error: (05/04/2015 05:37:11 PM) (Source: MsiInstaller) (EventID: 11714) (User: NT-AUTORITÄT)
Description: Product: LogMeIn Hamachi -- Error 1714. The older version of LogMeIn Hamachi cannot be removed. Contact your technical support group. System Error 1612.
Error: (05/03/2015 09:47:04 PM) (Source: MsiInstaller) (EventID: 11714) (User: NT-AUTORITÄT)
Description: Product: LogMeIn Hamachi -- Error 1714. The older version of LogMeIn Hamachi cannot be removed. Contact your technical support group. System Error 1612.
Error: (05/02/2015 11:35:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: hamachi-2.exe, Version: 2.1.0.210, Zeitstempel: 0x4feae035
Name des fehlerhaften Moduls: hamachi-2.exe, Version: 2.1.0.210, Zeitstempel: 0x4feae035
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000b46d6
ID des fehlerhaften Prozesses: 0x8cc
Startzeit der fehlerhaften Anwendung: 0xhamachi-2.exe0
Pfad der fehlerhaften Anwendung: hamachi-2.exe1
Pfad des fehlerhaften Moduls: hamachi-2.exe2
Berichtskennung: hamachi-2.exe3
Error: (05/02/2015 11:03:42 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
System errors:
=============
Error: (05/06/2015 08:12:58 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "TeamViewer 9" wurde nicht richtig gestartet.
Error: (05/06/2015 08:08:44 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 05.05.2015 um 23:08:18 unerwartet heruntergefahren.
Error: (05/05/2015 11:03:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Live ID Sign-in Assistant" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (05/05/2015 11:03:04 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Live ID Sign-in Assistant erreicht.
Error: (05/05/2015 07:01:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Überwachung verteilter Verknüpfungen (Client)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1115
Error: (05/05/2015 07:01:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "TeamViewer 9" wurde aufgrund folgenden Fehlers nicht gestartet:
%%109
Error: (05/05/2015 07:01:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Telefonie" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (05/05/2015 07:01:40 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "TapiSrv" konnte sich nicht als "NT AUTHORITY\NetworkService" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%50
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (05/05/2015 07:01:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows-Bilderfassung (WIA)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (05/05/2015 07:01:40 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "StiSvc" konnte sich nicht als "NT Authority\LocalService" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%50
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz
Percentage of memory in use: 51%
Total physical RAM: 3060.55 MB
Available physical RAM: 1477.53 MB
Total Pagefile: 6119.39 MB
Available Pagefile: 3973.73 MB
Total Virtual: 2047.88 MB
Available Virtual: 1891.06 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:141.49 GB) (Free:8.47 GB) NTFS
Drive d: () (Fixed) (Total:141.5 GB) (Free:18.31 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: B0FD1CB0)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=141.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=141.5 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
06.05.2015, 09:06
| #5 |
| /// the machine /// TB-Ausbilder | Zu viele Prozesse Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
06.05.2015, 13:13
| #6 |
| | Zu viele Prozesse Log Mbar Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
Database version:
main: v2015.05.06.01
rootkit: v2015.04.21.01
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.17728
Samsung :: SAMSUNG-PC [administrator]
06.05.2015 10:30:37
mbar-log-2015-05-06 (10-30-37).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Kernel memory modifications detected. Deep Anti-Rootkit Scan engaged.
Objects scanned: 379162
Time elapsed: 47 minute(s), 2 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 2
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\npggsvc (Trojan.Agent.FSA76) -> Delete on reboot. [b4b538589dedb284671351fd58a95da3]
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SVKP (Trojan.Agent) -> Delete on reboot. [82e79cf4dfab3ff732218f4f828254ac]
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 4
c:\windows\$ntuninstallkb58012$\4082691643\l (Backdoor.0Access) -> Delete on reboot. [1a4f4b45ccbe37ff8a6b8a7626da2ad6]
c:\windows\$ntuninstallkb58012$\4082691643\u (Backdoor.0Access) -> Delete on reboot. [aabf127e97f3a294b64047b9e31d43bd]
c:\windows\$ntuninstallkb58012$\2040268888 (Backdoor.0Access) -> Delete on reboot. [4821117f7c0e5dd936c16b9516ea50b0]
c:\windows\$ntuninstallkb58012$\4082691643 (Backdoor.0Access) -> Delete on reboot. [8cdd256b4c3e83b3e611ce3202fe669a]
Files Detected: 14
C:\Windows\System32\GameMon.des (Trojan.Agent.FSA76) -> Delete on reboot. [b4b538589dedb284671351fd58a95da3]
c:\windows\$ntuninstallkb58012$\4082691643\l\xadqgnnk (Backdoor.0Access) -> Delete on reboot. [75f4ade31179ec4a1ad5be42ca36fa06]
c:\windows\$ntuninstallkb58012$\4082691643\u\@00000001 (Backdoor.0Access) -> Delete on reboot. [ce9b8e02e5a5f145727bb64a41bf6e92]
c:\windows\$ntuninstallkb58012$\4082691643\u\@000000c0 (Backdoor.0Access) -> Delete on reboot. [4029d7b9b2d849ed05e80ef2ac54ea16]
c:\windows\$ntuninstallkb58012$\4082691643\u\@000000cb (Backdoor.0Access) -> Delete on reboot. [f772f69a71193bfb1ad38c74867a9868]
c:\windows\$ntuninstallkb58012$\4082691643\u\@000000cf (Backdoor.0Access) -> Delete on reboot. [85e42d63e3a79b9b638a25dbef1116ea]
c:\windows\$ntuninstallkb58012$\4082691643\u\@80000000 (Backdoor.0Access) -> Delete on reboot. [e881424e65250d296984cb358a76649c]
c:\windows\$ntuninstallkb58012$\4082691643\u\@800000c0 (Backdoor.0Access) -> Delete on reboot. [c5a4622eccbed462866740c0cf31e719]
c:\windows\$ntuninstallkb58012$\4082691643\u\@800000cb (Backdoor.0Access) -> Delete on reboot. [5b0ef59bd4b6fc3a816cce3260a01fe1]
c:\windows\$ntuninstallkb58012$\4082691643\u\@800000cf (Backdoor.0Access) -> Delete on reboot. [73f68d0326647bbbbc313dc3a759c739]
C:\ProgramData\dsgsdgdsgdsgw.pad (Exploit.Drop.GSA) -> Delete on reboot. [a7c2523e3258a1950bd8102b4fb546ba]
C:\Windows\System32\SVKP.sys (Trojan.Agent) -> Delete on reboot. [82e79cf4dfab3ff732218f4f828254ac]
c:\windows\$ntuninstallkb58012$\4082691643\@ (Backdoor.0Access) -> Delete on reboot. [8cdd256b4c3e83b3e611ce3202fe669a]
c:\windows\$ntuninstallkb58012$\4082691643\loader.tlb (Backdoor.0Access) -> Delete on reboot. [8cdd256b4c3e83b3e611ce3202fe669a]
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 14:01:57.0322 0x0310 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
14:02:32.0624 0x0310 ============================================================
14:02:32.0624 0x0310 Current date / time: 2015/05/06 14:02:32.0624
14:02:32.0624 0x0310 SystemInfo:
14:02:32.0624 0x0310
14:02:32.0624 0x0310 OS Version: 6.1.7601 ServicePack: 1.0
14:02:32.0624 0x0310 Product type: Workstation
14:02:32.0625 0x0310 ComputerName: SAMSUNG-PC
14:02:32.0625 0x0310 UserName: Samsung
14:02:32.0625 0x0310 Windows directory: C:\windows
14:02:32.0625 0x0310 System windows directory: C:\windows
14:02:32.0625 0x0310 Processor architecture: Intel x86
14:02:32.0625 0x0310 Number of processors: 4
14:02:32.0625 0x0310 Page size: 0x1000
14:02:32.0625 0x0310 Boot type: Normal boot
14:02:32.0625 0x0310 ============================================================
14:02:42.0870 0x0310 KLMD registered as C:\windows\system32\drivers\53241886.sys
14:02:45.0537 0x0310 System UUID: {5EB7D5DB-5B9C-9A43-66A4-67E9DC50BE1A}
14:02:49.0050 0x0310 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:02:49.0053 0x0310 ============================================================
14:02:49.0053 0x0310 \Device\Harddisk0\DR0:
14:02:49.0053 0x0310 MBR partitions:
14:02:49.0053 0x0310 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000
14:02:49.0053 0x0310 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x11AFD000
14:02:49.0053 0x0310 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1392F800, BlocksNum 0x11AFE800
14:02:49.0053 0x0310 ============================================================
14:02:49.0091 0x0310 C: <-> \Device\Harddisk0\DR0\Partition2
14:02:49.0159 0x0310 D: <-> \Device\Harddisk0\DR0\Partition3
14:02:49.0318 0x0310 ============================================================
14:02:49.0319 0x0310 Initialize success
14:02:49.0319 0x0310 ============================================================
14:03:24.0417 0x0638 ============================================================
14:03:24.0417 0x0638 Scan started
14:03:24.0417 0x0638 Mode: Manual; SigCheck; TDLFS;
14:03:24.0417 0x0638 ============================================================
14:03:24.0417 0x0638 KSN ping started
14:03:52.0428 0x0638 KSN ping finished: true
14:03:57.0916 0x0638 ================ Scan system memory ========================
14:03:57.0916 0x0638 System memory - ok
14:03:57.0920 0x0638 ================ Scan services =============================
14:03:58.0133 0x0638 [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
14:03:58.0552 0x0638 1394ohci - ok
14:03:58.0768 0x0638 [ BBC496CC995FE6AA0524FBFC3C39A878, 7AB01DF636CFE4E8EE156399EC044E64B0875F2A54045A64BC8389B5D383A430 ] ABBYY.Licensing.PDFTransformer.Classic.3.0 C:\Program Files\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe
14:03:58.0905 0x0638 ABBYY.Licensing.PDFTransformer.Classic.3.0 - ok
14:03:59.0019 0x0638 [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\windows\system32\drivers\ACPI.sys
14:03:59.0045 0x0638 ACPI - ok
14:03:59.0093 0x0638 [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
14:03:59.0233 0x0638 AcpiPmi - ok
14:03:59.0295 0x0638 [ 27A563BEEFCE364823EAAA789A3F7EAE, 371EF141AEBDD00F9CCAD62B742B59A4D0C97EA449E9C14E3BE66EC7FFFF9D2C ] acsock C:\windows\system32\DRIVERS\acsock.sys
14:03:59.0339 0x0638 acsock - ok
14:03:59.0519 0x0638 [ 0465625CC5804192E412D5C122A79732, 1AFFD1B70AA3A6A3673A583AACC407BE9FA895F05A47FE37C5D17AEE50C42711 ] Active@ Disk Monitor C:\Program Files\LSoft Technologies Inc\Active@ Hard Disk Monitor\DiskMonitorService.exe
14:03:59.0569 0x0638 Active@ Disk Monitor - ok
14:03:59.0781 0x0638 [ 14C23516C990DCD6052152CF034DDE40, 1EC8AAD6AA6D68A17A9D04AECDB716BD0DD4BFF93641BD96D01855AF1232A5FB ] Adobe Version Cue CS3 C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
14:03:59.0815 0x0638 Adobe Version Cue CS3 - ok
14:03:59.0898 0x0638 [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
14:03:59.0928 0x0638 AdobeARMservice - ok
14:04:00.0057 0x0638 [ B04A4810C6CC205F9DC72DC22E4AB236, 547321F5C28C80D4818372D65E2A33D4BAC593015DD6613B24586FE4B4A95D5D ] AdobeFlashPlayerUpdateSvc C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
14:04:00.0089 0x0638 AdobeFlashPlayerUpdateSvc - ok
14:04:00.0127 0x0638 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
14:04:00.0162 0x0638 adp94xx - ok
14:04:00.0193 0x0638 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
14:04:00.0220 0x0638 adpahci - ok
14:04:00.0244 0x0638 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
14:04:00.0271 0x0638 adpu320 - ok
14:04:00.0308 0x0638 [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc C:\windows\System32\aelupsvc.dll
14:04:00.0480 0x0638 AeLookupSvc - ok
14:04:00.0621 0x0638 [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD C:\windows\system32\drivers\afd.sys
14:04:00.0723 0x0638 AFD - ok
14:04:00.0797 0x0638 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\windows\system32\drivers\agp440.sys
14:04:00.0830 0x0638 agp440 - ok
14:04:00.0855 0x0638 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\windows\system32\DRIVERS\djsvs.sys
14:04:00.0872 0x0638 aic78xx - ok
14:04:00.0902 0x0638 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\windows\System32\alg.exe
14:04:00.0951 0x0638 ALG - ok
14:04:00.0990 0x0638 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\windows\system32\drivers\aliide.sys
14:04:01.0006 0x0638 aliide - ok
14:04:01.0023 0x0638 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\windows\system32\drivers\amdagp.sys
14:04:01.0040 0x0638 amdagp - ok
14:04:01.0055 0x0638 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\windows\system32\drivers\amdide.sys
14:04:01.0071 0x0638 amdide - ok
14:04:01.0090 0x0638 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
14:04:01.0178 0x0638 AmdK8 - ok
14:04:01.0194 0x0638 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
14:04:01.0248 0x0638 AmdPPM - ok
14:04:01.0308 0x0638 [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata C:\windows\system32\drivers\amdsata.sys
14:04:01.0344 0x0638 amdsata - ok
14:04:01.0372 0x0638 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
14:04:01.0397 0x0638 amdsbs - ok
14:04:01.0411 0x0638 [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata C:\windows\system32\drivers\amdxata.sys
14:04:01.0426 0x0638 amdxata - ok
14:04:01.0480 0x0638 [ 81F97D8F8B3FB94A451CC6F7CF8B2965, 8DEBA4E47E1016D69740C0BB7CDD23852D86E0D42C1C1EA5A847ECB115C38CB1 ] AppID C:\windows\system32\drivers\appid.sys
14:04:01.0590 0x0638 AppID - ok
14:04:01.0623 0x0638 [ F5090F8FA6757C58E17BAEAA86093636, 5E14CF3032DF5801240F45C59AA93962EA41AA5648A0C6458D16D9B9D95A131F ] AppIDSvc C:\windows\System32\appidsvc.dll
14:04:01.0674 0x0638 AppIDSvc - ok
14:04:01.0750 0x0638 [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo C:\windows\System32\appinfo.dll
14:04:01.0930 0x0638 Appinfo - ok
14:04:01.0958 0x0638 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\windows\system32\DRIVERS\arc.sys
14:04:01.0975 0x0638 arc - ok
14:04:01.0989 0x0638 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
14:04:02.0006 0x0638 arcsas - ok
14:04:02.0069 0x0638 [ 16CDE6977CC88433BF3767C4D42B22D3, 4C9F386C244EEA98FA240817339D8E5BF1365A25B784442DB735268E6AEBEE1B ] asdrm C:\windows\system32\DRIVERS\asdrm.sys
14:04:02.0096 0x0638 asdrm - ok
14:04:02.0113 0x0638 [ 3E62E3122E534254DD314FA8A7B6BF48, D9C496F05A173D4F5E9175A33BAF34581D1A99315BFB23D43D0EBCE112D0FC99 ] asdrs C:\windows\system32\DRIVERS\asdrs.sys
14:04:02.0130 0x0638 asdrs - ok
14:04:02.0231 0x0638 [ 3F9CA1ACFCB7CFF153B4B3DDB7E29373, CD1B61C1714BD2EBB00B92BB926DB1892875C2ACB8330BC756C1A80B4F7A1330 ] asdsrv C:\Program Files\Anvisoft\Anvi Smart Defender\ASDSrv.exe
14:04:02.0270 0x0638 asdsrv - ok
14:04:02.0282 0x0638 [ 9AFCF85708576F3EF6FB868B6C604C01, 93B7A91CDAF502A5994DE9486A614A592F12B683BDF9F6F84D6083FF3F414BC7 ] asdws C:\windows\system32\DRIVERS\asdws.sys
14:04:02.0311 0x0638 asdws - ok
14:04:02.0588 0x0638 [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
14:04:02.0689 0x0638 aspnet_state - ok
14:04:02.0785 0x0638 [ 3BFBB5DAE801CB893B8B46345FED6437, 2C2B71C1294585265D4871E74F17541500CA20DE34AC516F2A906DD81964C833 ] aswHwid C:\windows\system32\drivers\aswHwid.sys
14:04:02.0817 0x0638 aswHwid - ok
14:04:02.0877 0x0638 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
14:04:02.0974 0x0638 AsyncMac - ok
14:04:03.0021 0x0638 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\windows\system32\drivers\atapi.sys
14:04:03.0050 0x0638 atapi - ok
14:04:03.0275 0x0638 [ DE0FBCCCD6AF0F0E7BF12E8D041CC48F, FF6A43CA5E0001FA99D18A62FB3B15A53FCB616B98CA10349E43BC0BA13F534D ] athr C:\windows\system32\DRIVERS\athr.sys
14:04:03.0401 0x0638 athr - ok
14:04:03.0477 0x0638 [ F0D933B42CD0594048E4D5200AE9E417, FF53E843A99948568515964C3C97107FA875BBC3F2906BADEE0B29ACE5532F0D ] atksgt C:\windows\system32\DRIVERS\atksgt.sys
14:04:03.0539 0x0638 atksgt - ok
14:04:03.0596 0x0638 [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
14:04:03.0680 0x0638 AudioEndpointBuilder - ok
14:04:03.0701 0x0638 [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv C:\windows\System32\Audiosrv.dll
14:04:03.0737 0x0638 Audiosrv - ok
14:04:03.0817 0x0638 [ CB2C2B24BD7E64CFB2B24D401FF5BBC0, F48ABD9F5BF91BF5F25E6D5EE02647F7DD8E1C1A11FEEE2C1C1B3BD34E3D0F85 ] Avgdiskx C:\windows\system32\DRIVERS\avgdiskx.sys
14:04:03.0848 0x0638 Avgdiskx - ok
14:04:04.0075 0x0638 [ E2FDE8691C03525F095C8D01F005FA97, B234D8642F528550FB246127CBA24A2A115F8EAF8ED1BC8FD37562AFEBEF4978 ] AVGIDSAgent C:\Program Files\AVG\AVG2015\avgidsagent.exe
14:04:04.0195 0x0638 AVGIDSAgent - ok
14:04:04.0239 0x0638 [ DF448F0C0ABEF60F553FEC5B53A9F540, 4B8ED5BDF7C599530C6E64558D92AFE6DBC5ED960AC3E1483D62C99858F9471D ] AVGIDSDriver C:\windows\system32\DRIVERS\avgidsdriverx.sys
14:04:04.0262 0x0638 AVGIDSDriver - ok
14:04:04.0303 0x0638 [ D1663A0114691080C624D857A8343D5B, 8E7029A8FE7A62F4BED7687C54699D0709876D05D93CAA499B4BC69BF8C59091 ] AVGIDSHX C:\windows\system32\DRIVERS\avgidshx.sys
14:04:04.0322 0x0638 AVGIDSHX - ok
14:04:04.0397 0x0638 [ 2429F7F025F63532B6B264D97E4ECA49, EDE2C88B3B4B2A3AC59A3AB0B2FEC1D2CC75AA8AFFF0F5011D07AB4F053390D9 ] AVGIDSShim C:\windows\system32\DRIVERS\avgidsshimx.sys
14:04:04.0421 0x0638 AVGIDSShim - ok
14:04:04.0487 0x0638 [ 9AFD535116E986D49877B811F3665E8E, 6843415ED638BB26A17BE9AB7A49D36070A588088256D4D0D1B4789FBDA6730B ] Avgldx86 C:\windows\system32\DRIVERS\avgldx86.sys
14:04:04.0510 0x0638 Avgldx86 - ok
14:04:04.0572 0x0638 [ B97A84EE582A0241E6E08AD07DFE2F74, C3362B9261B4DA099AFC544A2C7F2B3659AE0BDA5DC9DCBD5E383464F9F56A4D ] Avglogx C:\windows\system32\DRIVERS\avglogx.sys
14:04:04.0599 0x0638 Avglogx - ok
14:04:04.0664 0x0638 [ 99D968295470D3DE76CADD876F4090F0, FAA00C5AE99FA3B3CB6A1F815DC80579101E627206694304FB6BA3F9F4E60E76 ] Avgmfx86 C:\windows\system32\DRIVERS\avgmfx86.sys
14:04:04.0701 0x0638 Avgmfx86 - ok
14:04:04.0752 0x0638 [ F016B95273E0B1961F204F7FD2FFD811, 9F89323177B68DEDE6B1F09790E6A978376B4FCBDC029283B297A3C4D9B242FF ] Avgrkx86 C:\windows\system32\DRIVERS\avgrkx86.sys
14:04:04.0769 0x0638 Avgrkx86 - ok
14:04:04.0866 0x0638 [ B2E8473C080FEFB41E984CB6034112F0, 34DEC37A6A61BD7C643AC9CABA9105B15DE201117FEBB238C3DD713A0833A3CF ] Avgtdix C:\windows\system32\DRIVERS\avgtdix.sys
14:04:04.0890 0x0638 Avgtdix - ok
14:04:04.0952 0x0638 [ DCF350D917112A03D3CDC33C8ADEA87A, 78E7B8E6575EEB07C993EA71D699443C428B3258A748236264F75571FE23D796 ] avgwd C:\Program Files\AVG\AVG2015\avgwdsvc.exe
14:04:04.0978 0x0638 avgwd - ok
14:04:05.0099 0x0638 [ 06C3528E0686A58701367749B0145A4A, 9C31CEB1F6C8E327B962F5465DBF8147437F2614DEE78D4D31FA8E04555B2AC2 ] AVM WLAN Connection Service C:\Program Files\avmwlanstick\WlanNetService.exe
14:04:05.0163 0x0638 AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic ( 1 )
14:04:11.0081 0x0638 Detect skipped due to KSN trusted
14:04:11.0081 0x0638 AVM WLAN Connection Service - ok
14:04:11.0190 0x0638 [ 263CF9D248FD5E020A1333ED4F7EAA88, 04F944C2B284172A7917389A83C525FA9A3ACB026F370EB886B48759FE81A5E1 ] avmeject C:\windows\system32\drivers\avmeject.sys
14:04:11.0247 0x0638 avmeject - detected UnsignedFile.Multi.Generic ( 1 )
14:04:17.0094 0x0638 Detect skipped due to KSN trusted
14:04:17.0094 0x0638 avmeject - ok
14:04:17.0207 0x0638 [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\windows\System32\AxInstSV.dll
14:04:17.0355 0x0638 AxInstSV - ok
14:04:17.0435 0x0638 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\windows\system32\DRIVERS\bxvbdx.sys
14:04:17.0605 0x0638 b06bdrv - ok
14:04:17.0630 0x0638 [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\windows\system32\DRIVERS\b57nd60x.sys
14:04:17.0723 0x0638 b57nd60x - ok
14:04:17.0873 0x0638 [ 5508197A31A19BBD14BA3338F03A4720, 179BF97E0B6EAF4FB47595CB376B447D251CE2112948B12B4993B2FCEF58FC20 ] BCM42RLY C:\windows\system32\drivers\BCM42RLY.sys
14:04:17.0916 0x0638 BCM42RLY - ok
14:04:18.0088 0x0638 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\windows\System32\bdesvc.dll
14:04:18.0323 0x0638 BDESVC - ok
14:04:18.0510 0x0638 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\windows\system32\drivers\Beep.sys
14:04:18.0601 0x0638 Beep - ok
14:04:18.0681 0x0638 [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\windows\System32\bfe.dll
14:04:18.0837 0x0638 BFE - ok
14:04:18.0992 0x0638 [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\windows\System32\qmgr.dll
14:04:19.0301 0x0638 BITS - ok
14:04:19.0365 0x0638 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
14:04:19.0399 0x0638 blbdrive - ok
14:04:19.0482 0x0638 [ 73686FE0B2E0469F89FD2075BE724704, 4BC5BBA7ACB5BDA77251B82B9CF16C6A9EBBCC29760860A0F37ABDDF9288143F ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:04:19.0518 0x0638 Bonjour Service - detected UnsignedFile.Multi.Generic ( 1 )
14:04:25.0351 0x0638 Detect skipped due to KSN trusted
14:04:25.0351 0x0638 Bonjour Service - ok
14:04:25.0444 0x0638 [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser C:\windows\system32\DRIVERS\bowser.sys
14:04:25.0537 0x0638 bowser - ok
14:04:25.0556 0x0638 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
14:04:25.0627 0x0638 BrFiltLo - ok
14:04:25.0667 0x0638 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
14:04:25.0718 0x0638 BrFiltUp - ok
14:04:25.0766 0x0638 [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\windows\System32\browser.dll
14:04:25.0916 0x0638 Browser - ok
14:04:25.0961 0x0638 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\windows\System32\Drivers\Brserid.sys
14:04:26.0060 0x0638 Brserid - ok
14:04:26.0081 0x0638 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
14:04:26.0113 0x0638 BrSerWdm - ok
14:04:26.0124 0x0638 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
14:04:26.0160 0x0638 BrUsbMdm - ok
14:04:26.0171 0x0638 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
14:04:26.0205 0x0638 BrUsbSer - ok
14:04:26.0268 0x0638 [ 2865A5C8E98C70C605F417908CEBB3A4, B1C5AC228BD7072AF8668C009C6CDC13EE9FCB9481F57524300F37C40BF1E935 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
14:04:26.0415 0x0638 BthEnum - ok
14:04:26.0426 0x0638 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
14:04:26.0447 0x0638 BTHMODEM - ok
14:04:26.0495 0x0638 [ AD1872E5829E8A2C3B5B4B641C3EAB0E, 8C2DBCAC08DDB41E2B44E257C55FA2D0272959B308EFF9EAF5FF9AE1E4A0AA39 ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
14:04:26.0517 0x0638 BthPan - ok
14:04:26.0571 0x0638 [ 1153DE2E4F5941E10C399CB5592F78A1, 2B88AF246D62F72FA9F5B921B0375AE59A0F263672472D5EC9FDB5CA5EF51C31 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
14:04:26.0621 0x0638 BTHPORT - ok
14:04:26.0647 0x0638 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\windows\system32\bthserv.dll
14:04:26.0693 0x0638 bthserv - ok
14:04:26.0741 0x0638 [ C81E9413A25A439F436B1D4B6A0CF9E9, A4C290163207AED22C70C7F90B28F6FC24892889643D60D915059405AC5A4A72 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
14:04:26.0760 0x0638 BTHUSB - ok
14:04:26.0825 0x0638 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
14:04:26.0879 0x0638 cdfs - ok
14:04:26.0940 0x0638 [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
14:04:26.0963 0x0638 cdrom - ok
14:04:27.0010 0x0638 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\windows\System32\certprop.dll
14:04:27.0048 0x0638 CertPropSvc - ok
14:04:27.0061 0x0638 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\windows\system32\DRIVERS\circlass.sys
14:04:27.0091 0x0638 circlass - ok
14:04:27.0166 0x0638 [ 33A60554882FDF59CDA3E1806370BBA1, 3DE5451E1CB84AAEBD03F54BEFC670C401447B4881A8B022748B6ECF0F500F01 ] CLFS C:\windows\system32\CLFS.sys
14:04:27.0197 0x0638 CLFS - ok
14:04:27.0271 0x0638 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:04:27.0288 0x0638 clr_optimization_v2.0.50727_32 - ok
14:04:27.0353 0x0638 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:04:27.0406 0x0638 clr_optimization_v4.0.30319_32 - ok
14:04:27.0452 0x0638 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
14:04:27.0513 0x0638 CmBatt - ok
14:04:27.0559 0x0638 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\windows\system32\drivers\cmdide.sys
14:04:27.0578 0x0638 cmdide - ok
14:04:27.0656 0x0638 [ 3051724F223EA48968B19567DE2A81F4, DCC27DE1B2B35866FC6DBDE95A368E7D0D346B6C3F31D0BACA63DD39B0A8874E ] CNG C:\windows\system32\Drivers\cng.sys
14:04:27.0695 0x0638 CNG - ok
14:04:27.0737 0x0638 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
14:04:27.0752 0x0638 Compbatt - ok
14:04:27.0795 0x0638 [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
14:04:27.0815 0x0638 CompositeBus - ok
14:04:27.0822 0x0638 COMSysApp - ok
14:04:27.0841 0x0638 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
14:04:27.0856 0x0638 crcdisk - ok
14:04:27.0949 0x0638 [ 49474B3E37969AF4B5C076F42B623AFF, BDA6B57E9B60EF1B67C74099263D33A367AAA035667239F76AB8B268FD3E8F23 ] CryptSvc C:\windows\system32\cryptsvc.dll
14:04:27.0988 0x0638 CryptSvc - ok
14:04:28.0051 0x0638 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch C:\windows\system32\rpcss.dll
14:04:28.0124 0x0638 DcomLaunch - ok
14:04:28.0159 0x0638 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\windows\System32\defragsvc.dll
14:04:28.0216 0x0638 defragsvc - ok
14:04:28.0282 0x0638 [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC C:\windows\system32\Drivers\dfsc.sys
14:04:28.0344 0x0638 DfsC - ok
14:04:28.0393 0x0638 [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\windows\system32\dhcpcore.dll
14:04:28.0496 0x0638 Dhcp - ok
14:04:28.0567 0x0638 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\windows\system32\drivers\discache.sys
14:04:28.0622 0x0638 discache - ok
14:04:28.0675 0x0638 [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\windows\system32\DRIVERS\disk.sys
14:04:28.0698 0x0638 Disk - ok
14:04:28.0745 0x0638 [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\windows\System32\dnsrslvr.dll
14:04:28.0833 0x0638 Dnscache - ok
14:04:28.0886 0x0638 [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\windows\System32\dot3svc.dll
14:04:28.0935 0x0638 dot3svc - ok
14:04:28.0974 0x0638 [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\windows\system32\dps.dll
14:04:29.0043 0x0638 DPS - ok
14:04:29.0101 0x0638 [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\windows\system32\drivers\drmkaud.sys
14:04:29.0193 0x0638 drmkaud - ok
14:04:29.0265 0x0638 [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
14:04:29.0312 0x0638 DXGKrnl - ok
14:04:29.0368 0x0638 EagleXNt - ok
14:04:29.0419 0x0638 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\windows\System32\eapsvc.dll
14:04:29.0473 0x0638 EapHost - ok
14:04:29.0625 0x0638 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\windows\system32\DRIVERS\evbdx.sys
14:04:29.0774 0x0638 ebdrv - ok
14:04:29.0820 0x0638 [ 981CE3E3A653511799F4A862494B66A8, 414D975387A118535E39636413969A7D4C98A85E542A44B8FA515C8A20D6093F ] EFS C:\windows\System32\lsass.exe
14:04:29.0903 0x0638 EFS - ok
14:04:29.0985 0x0638 [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\windows\ehome\ehRecvr.exe
14:04:30.0084 0x0638 ehRecvr - ok
14:04:30.0110 0x0638 [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\windows\ehome\ehsched.exe
14:04:30.0178 0x0638 ehSched - ok
14:04:30.0219 0x0638 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
14:04:30.0249 0x0638 elxstor - ok
14:04:30.0289 0x0638 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\windows\system32\drivers\errdev.sys
14:04:30.0310 0x0638 ErrDev - ok
14:04:30.0374 0x0638 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\windows\system32\es.dll
14:04:30.0430 0x0638 EventSystem - ok
14:04:30.0447 0x0638 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\windows\system32\drivers\exfat.sys
14:04:30.0502 0x0638 exfat - ok
14:04:30.0563 0x0638 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\windows\system32\drivers\fastfat.sys
14:04:30.0604 0x0638 fastfat - ok
14:04:30.0658 0x0638 [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\windows\system32\fxssvc.exe
14:04:30.0758 0x0638 Fax - ok
14:04:30.0773 0x0638 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\windows\system32\DRIVERS\fdc.sys
14:04:30.0792 0x0638 fdc - ok
14:04:30.0818 0x0638 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\windows\system32\fdPHost.dll
14:04:30.0866 0x0638 fdPHost - ok
14:04:30.0907 0x0638 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\windows\system32\fdrespub.dll
14:04:30.0959 0x0638 FDResPub - ok
14:04:31.0000 0x0638 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
14:04:31.0016 0x0638 FileInfo - ok
14:04:31.0043 0x0638 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\windows\system32\drivers\filetrace.sys
14:04:31.0093 0x0638 Filetrace - ok
14:04:31.0173 0x0638 [ 227846995AFEEFA70D328BF5334A86A5, B8EF22DE552B44E7DC352742C775BB6B4992B653AF4B66B231A60182CE7A7201 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
14:04:31.0249 0x0638 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
14:04:37.0242 0x0638 Detect skipped due to KSN trusted
14:04:37.0242 0x0638 FLEXnet Licensing Service - ok
14:04:37.0285 0x0638 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
14:04:37.0318 0x0638 flpydisk - ok
14:04:37.0372 0x0638 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
14:04:37.0394 0x0638 FltMgr - ok
14:04:37.0484 0x0638 [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache C:\windows\system32\FntCache.dll
14:04:37.0577 0x0638 FontCache - ok
14:04:37.0622 0x0638 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
14:04:37.0639 0x0638 FontCache3.0.0.0 - ok
14:04:37.0665 0x0638 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\windows\system32\drivers\FsDepends.sys
14:04:37.0682 0x0638 FsDepends - ok
14:04:37.0729 0x0638 [ B0082808A6856A252F7CDD939892CE50, 3A069239629C4F54049A2CFC6642AC5102ECEAA74470BAA9DDB1AB108D1060EE ] fssfltr C:\windows\system32\DRIVERS\fssfltr.sys
14:04:37.0746 0x0638 fssfltr - ok
14:04:37.0862 0x0638 [ 28DDEEEC44E988657B732CF404D504CB, 47F83018E5449CDCED3DD447991788EBAAC92C418D4513FBA9408C45E9AB8E7E ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
14:04:37.0927 0x0638 fsssvc - ok
14:04:37.0995 0x0638 [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
14:04:38.0013 0x0638 Fs_Rec - ok
14:04:38.0087 0x0638 [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
14:04:38.0132 0x0638 fvevol - ok
14:04:38.0211 0x0638 [ FC06A5BE1AB381CD47AF3D69006E88F0, EFEB3F5735A7FEDF36C95182228CDD898D59180434F372D12DC0704AE129F5EF ] fwlanusbn C:\windows\system32\DRIVERS\fwlanusbn.sys
14:04:38.0301 0x0638 fwlanusbn - ok
14:04:38.0382 0x0638 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
14:04:38.0413 0x0638 gagp30kx - ok
14:04:38.0474 0x0638 [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc C:\windows\System32\gpsvc.dll
14:04:38.0547 0x0638 gpsvc - ok
14:04:38.0604 0x0638 [ 833051C6C6C42117191935F734CFBD97, 5EB5672ABC7994A4AFF855A572158B8BE4FC6E541CFD4B9BE4FF2739A9A6AFB8 ] hamachi C:\windows\system32\DRIVERS\hamachi.sys
14:04:38.0620 0x0638 hamachi - ok
14:04:38.0764 0x0638 [ F31D7F8A7699575DBB3B3A3AB4AA6216, 8D926CF1B6609DE9F1C9D315CA4547597D01FB90F78FF45F158DE0D5D88B6108 ] Hamachi2Svc C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
14:04:38.0824 0x0638 Hamachi2Svc - ok
14:04:38.0860 0x0638 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
14:04:38.0943 0x0638 hcw85cir - ok
14:04:38.0995 0x0638 [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
14:04:39.0046 0x0638 HdAudAddService - ok
14:04:39.0085 0x0638 [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
14:04:39.0110 0x0638 HDAudBus - ok
14:04:39.0123 0x0638 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
14:04:39.0152 0x0638 HidBatt - ok
14:04:39.0171 0x0638 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
14:04:39.0196 0x0638 HidBth - ok
14:04:39.0217 0x0638 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\windows\system32\DRIVERS\hidir.sys
14:04:39.0237 0x0638 HidIr - ok
14:04:39.0255 0x0638 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\windows\system32\hidserv.dll
14:04:39.0302 0x0638 hidserv - ok
14:04:39.0334 0x0638 [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
14:04:39.0434 0x0638 HidUsb - ok
14:04:39.0480 0x0638 [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\windows\system32\kmsvc.dll
14:04:39.0518 0x0638 hkmsvc - ok
14:04:39.0571 0x0638 [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\windows\system32\ListSvc.dll
14:04:39.0645 0x0638 HomeGroupListener - ok
14:04:39.0694 0x0638 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\windows\system32\provsvc.dll
14:04:39.0725 0x0638 HomeGroupProvider - ok
14:04:39.0766 0x0638 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
14:04:39.0784 0x0638 HpSAMD - ok
14:04:39.0839 0x0638 [ 863CC3A82C63C9F60ACF2E85D5310620, 51CBC73D696BB87FBF3F4CD31ADE38DF9B8476DFAC38356A5C0ABD8CA63A5494 ] HPZid412 C:\windows\system32\DRIVERS\HPZid412.sys
14:04:39.0913 0x0638 HPZid412 - ok
14:04:39.0967 0x0638 [ 08CB72E95DD75B61F2966B311D0E4366, 3C4CBCA84B67DBFD00C3A2470EE0CBE1F66AF549E9579B016C659BEE40219D24 ] HPZipr12 C:\windows\system32\DRIVERS\HPZipr12.sys
14:04:40.0018 0x0638 HPZipr12 - ok
14:04:40.0062 0x0638 [ CA990306ED4EF732AF9695BFF24FC96F, 083532116547447D4A82CA02181AB4099944082405036EE38D7A3FB09CFDDC95 ] HPZius12 C:\windows\system32\DRIVERS\HPZius12.sys
14:04:40.0123 0x0638 HPZius12 - ok
14:04:40.0196 0x0638 [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP C:\windows\system32\drivers\HTTP.sys
14:04:40.0320 0x0638 HTTP - ok
14:04:40.0378 0x0638 [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
14:04:40.0408 0x0638 hwpolicy - ok
14:04:40.0451 0x0638 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
14:04:40.0485 0x0638 i8042prt - ok
14:04:40.0527 0x0638 [ EDF5ECC965FAAA533D35E02F47B9132E, 09CF93344C399A5F3C3984557EE09A70072727579D3EFEE5D442940D679CF35A ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
14:04:40.0555 0x0638 iaStor - ok
14:04:40.0620 0x0638 [ 807737C9CC11ACF18D9761FD7BCFEDA0, 38E926DB7A8EB07D6DDA6C7FDBD4C12AC0D965412115D2D1F9C9F013A3D9CED9 ] iaStorA C:\windows\system32\DRIVERS\iaStorA.sys
14:04:40.0647 0x0638 iaStorA - ok
14:04:40.0691 0x0638 [ 0CCFE6C9C7470201DA6C1A3A3CB99161, BAB988DB459DC898AE42CF723187C7B843B75D62C3AC599C60189A8427FBA57C ] iaStorF C:\windows\system32\DRIVERS\iaStorF.sys
14:04:40.0704 0x0638 iaStorF - ok
14:04:40.0724 0x0638 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
14:04:40.0749 0x0638 iaStorV - ok
14:04:40.0862 0x0638 [ 58BD7551B0445F3673D96CA380F21822, F5123B90F6D249FCA7AD985199E85AB4D8110F3CDA102BD1863D5BD569F22353 ] ICQ Service C:\Program Files\ICQ6Toolbar\ICQ Service.exe
14:04:40.0892 0x0638 ICQ Service - ok
14:04:40.0963 0x0638 [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:04:41.0011 0x0638 idsvc - ok
14:04:41.0051 0x0638 IEEtwCollectorService - ok
14:04:41.0261 0x0638 [ AD626F6964F4D364D226C39E06872DD3, 5D52F89930BB07D4D2D0FC12143BD233B5D2C238527B3B4CAD74736D1EC84218 ] igfx C:\windows\system32\DRIVERS\igdkmd32.sys
14:04:41.0499 0x0638 igfx - ok
14:04:41.0540 0x0638 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
14:04:41.0555 0x0638 iirsp - ok
14:04:41.0634 0x0638 [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT C:\windows\System32\ikeext.dll
14:04:41.0707 0x0638 IKEEXT - ok
14:04:41.0772 0x0638 [ 4A31216A5E97D46EE06069D9E06428FA, 90DA208F12EBB12324B62A982F077447A31A696612C36CB65488B9F342299D4B ] Impcd C:\windows\system32\DRIVERS\Impcd.sys
14:04:41.0823 0x0638 Impcd - ok
14:04:41.0980 0x0638 [ 96282FBCE4534C9BF147CFFE9E1FA8DB, 91801002545FFF336A46A6D8B365491D2A21DD561DC8C7FA1EF6A1D9CFE1893C ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHDA.sys
14:04:42.0104 0x0638 IntcAzAudAddService - ok
14:04:42.0149 0x0638 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\windows\system32\drivers\intelide.sys
14:04:42.0165 0x0638 intelide - ok
14:04:42.0221 0x0638 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
14:04:42.0251 0x0638 intelppm - ok
14:04:42.0278 0x0638 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\windows\system32\ipbusenum.dll
14:04:42.0331 0x0638 IPBusEnum - ok
14:04:42.0353 0x0638 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
14:04:42.0412 0x0638 IpFilterDriver - ok
14:04:42.0493 0x0638 [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
14:04:42.0622 0x0638 iphlpsvc - ok
14:04:42.0668 0x0638 [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
14:04:42.0706 0x0638 IPMIDRV - ok
14:04:42.0736 0x0638 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\windows\system32\drivers\ipnat.sys
14:04:42.0774 0x0638 IPNAT - ok
14:04:42.0790 0x0638 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\windows\system32\drivers\irenum.sys
14:04:42.0847 0x0638 IRENUM - ok
14:04:42.0890 0x0638 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\windows\system32\drivers\isapnp.sys
14:04:42.0920 0x0638 isapnp - ok
14:04:42.0972 0x0638 [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
14:04:42.0995 0x0638 iScsiPrt - ok
14:04:43.0028 0x0638 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
14:04:43.0044 0x0638 kbdclass - ok
14:04:43.0090 0x0638 [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
14:04:43.0123 0x0638 kbdhid - ok
14:04:43.0150 0x0638 [ 981CE3E3A653511799F4A862494B66A8, 414D975387A118535E39636413969A7D4C98A85E542A44B8FA515C8A20D6093F ] KeyIso C:\windows\system32\lsass.exe
14:04:43.0167 0x0638 KeyIso - ok
14:04:43.0195 0x0638 [ 746F89CE0C6569C589E6AC4D3DA82D41, 6D41311CBA8BB7C9C09C1757D7947539B67FE3EFF6299502176C673809BAEAD8 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
14:04:43.0211 0x0638 KSecDD - ok
14:04:43.0239 0x0638 [ D800E1EAF33630A1636BB21E8256AA92, D07542A242E0D52B494BE63A6A141207D0A59CF66ABEBA9CE33877594BF7BA5D ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
14:04:43.0258 0x0638 KSecPkg - ok
14:04:43.0309 0x0638 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\windows\system32\msdtckrm.dll
14:04:43.0368 0x0638 KtmRm - ok
14:04:43.0410 0x0638 [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\windows\system32\srvsvc.dll
14:04:43.0458 0x0638 LanmanServer - ok
14:04:43.0480 0x0638 [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
14:04:43.0531 0x0638 LanmanWorkstation - ok
14:04:43.0589 0x0638 [ F8A7212D0864EF5E9185FB95E6623F4D, 277EAA06BD3D1CB31E6CD7B9ECD3A4B7D4AB7A369DB5FFF04EC7D749DF26E3D2 ] lirsgt C:\windows\system32\DRIVERS\lirsgt.sys
14:04:43.0603 0x0638 lirsgt - ok
14:04:43.0662 0x0638 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
14:04:43.0746 0x0638 lltdio - ok
14:04:43.0773 0x0638 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\windows\System32\lltdsvc.dll
14:04:43.0815 0x0638 lltdsvc - ok
14:04:43.0829 0x0638 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\windows\System32\lmhsvc.dll
14:04:43.0870 0x0638 lmhosts - ok
14:04:43.0895 0x0638 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
14:04:43.0914 0x0638 LSI_FC - ok
14:04:43.0932 0x0638 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
14:04:43.0949 0x0638 LSI_SAS - ok
14:04:43.0966 0x0638 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
14:04:43.0983 0x0638 LSI_SAS2 - ok
14:04:43.0991 0x0638 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
14:04:44.0010 0x0638 LSI_SCSI - ok
14:04:44.0081 0x0638 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\windows\system32\drivers\luafv.sys
14:04:44.0139 0x0638 luafv - ok
14:04:44.0176 0x0638 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
14:04:44.0216 0x0638 Mcx2Svc - ok
14:04:44.0234 0x0638 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\windows\system32\DRIVERS\megasas.sys
14:04:44.0252 0x0638 megasas - ok
14:04:44.0279 0x0638 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
14:04:44.0304 0x0638 MegaSR - ok
14:04:44.0338 0x0638 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\windows\system32\mmcss.dll
14:04:44.0390 0x0638 MMCSS - ok
14:04:44.0434 0x0638 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\windows\system32\drivers\modem.sys
14:04:44.0474 0x0638 Modem - ok
14:04:44.0519 0x0638 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\windows\system32\DRIVERS\monitor.sys
14:04:44.0557 0x0638 monitor - ok
14:04:44.0602 0x0638 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
14:04:44.0617 0x0638 mouclass - ok
14:04:44.0638 0x0638 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
14:04:44.0667 0x0638 mouhid - ok
14:04:44.0714 0x0638 [ 644905A19D0F37F2233DFCE53BC4BC19, F52CB40AA0FD1EBF8CBF0F3BFB20C47142C637719840877FB93F10D085EB8C2B ] mountmgr C:\windows\system32\drivers\mountmgr.sys
14:04:44.0731 0x0638 mountmgr - ok
14:04:44.0827 0x0638 [ 03D14BF1DC59130002F6B8BA3AD89DB9, 1729CCD8AAF51CDB86ED67569974D0B6B1CFFA5F90EF6E6004B0D8A305D88C27 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
14:04:44.0885 0x0638 MozillaMaintenance - ok
14:04:44.0922 0x0638 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\windows\system32\drivers\mpio.sys
14:04:44.0946 0x0638 mpio - ok
14:04:44.0993 0x0638 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
14:04:45.0054 0x0638 mpsdrv - ok
14:04:45.0114 0x0638 [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\windows\system32\mpssvc.dll
14:04:45.0172 0x0638 MpsSvc - ok
14:04:45.0235 0x0638 [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
14:04:45.0276 0x0638 MRxDAV - ok
14:04:45.0334 0x0638 [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
14:04:45.0440 0x0638 mrxsmb - ok
14:04:45.0530 0x0638 [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
14:04:45.0570 0x0638 mrxsmb10 - ok
14:04:45.0605 0x0638 [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
14:04:45.0634 0x0638 mrxsmb20 - ok
14:04:45.0687 0x0638 [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\windows\system32\drivers\msahci.sys
14:04:45.0702 0x0638 msahci - ok
14:04:45.0720 0x0638 [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\windows\system32\drivers\msdsm.sys
14:04:45.0740 0x0638 msdsm - ok
14:04:45.0758 0x0638 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\windows\System32\msdtc.exe
14:04:45.0796 0x0638 MSDTC - ok
14:04:45.0854 0x0638 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\windows\system32\drivers\Msfs.sys
14:04:45.0896 0x0638 Msfs - ok
14:04:45.0907 0x0638 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
14:04:45.0955 0x0638 mshidkmdf - ok
14:04:45.0996 0x0638 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
14:04:46.0011 0x0638 msisadrv - ok
14:04:46.0041 0x0638 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\windows\system32\iscsiexe.dll
14:04:46.0086 0x0638 MSiSCSI - ok
14:04:46.0093 0x0638 msiserver - ok
14:04:46.0130 0x0638 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
14:04:46.0171 0x0638 MSKSSRV - ok
14:04:46.0184 0x0638 [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
14:04:46.0228 0x0638 MSPCLOCK - ok
14:04:46.0241 0x0638 [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
14:04:46.0291 0x0638 MSPQM - ok
14:04:46.0309 0x0638 [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
14:04:46.0329 0x0638 MsRPC - ok
14:04:46.0370 0x0638 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\windows\system32\drivers\mssmbios.sys
14:04:46.0385 0x0638 mssmbios - ok
14:04:46.0466 0x0638 MSSQL$SQLEXPRESS - ok
14:04:46.0562 0x0638 [ F1761C8FB2B25A32C6D63E36BB88C3AE, C88F5EF7B547DAA2394888362916FA18F07241E0BF2B938297428A1C04FFD806 ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
14:04:46.0579 0x0638 MSSQLServerADHelper100 - ok
14:04:46.0624 0x0638 [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\windows\system32\drivers\MSTEE.sys
14:04:46.0664 0x0638 MSTEE - ok
14:04:46.0684 0x0638 [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
14:04:46.0706 0x0638 MTConfig - ok
14:04:46.0727 0x0638 [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\windows\system32\Drivers\mup.sys
14:04:46.0743 0x0638 Mup - ok
14:04:46.0810 0x0638 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\windows\system32\qagentRT.dll
14:04:46.0857 0x0638 napagent - ok
14:04:46.0895 0x0638 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
14:04:46.0941 0x0638 NativeWifiP - ok
14:04:46.0999 0x0638 [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS C:\windows\system32\drivers\ndis.sys
14:04:47.0038 0x0638 NDIS - ok
14:04:47.0061 0x0638 [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
14:04:47.0097 0x0638 NdisCap - ok
14:04:47.0150 0x0638 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
14:04:47.0193 0x0638 NdisTapi - ok
14:04:47.0238 0x0638 [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
14:04:47.0289 0x0638 Ndisuio - ok
14:04:47.0339 0x0638 [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
14:04:47.0402 0x0638 NdisWan - ok
14:04:47.0449 0x0638 [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\windows\system32\drivers\NDProxy.sys
14:04:47.0519 0x0638 NDProxy - ok
14:04:47.0578 0x0638 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
14:04:47.0624 0x0638 NetBIOS - ok
14:04:47.0671 0x0638 [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
14:04:47.0715 0x0638 NetBT - ok
14:04:47.0744 0x0638 [ 981CE3E3A653511799F4A862494B66A8, 414D975387A118535E39636413969A7D4C98A85E542A44B8FA515C8A20D6093F ] Netlogon C:\windows\system32\lsass.exe
14:04:47.0762 0x0638 Netlogon - ok
14:04:47.0800 0x0638 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\windows\System32\netman.dll
14:04:47.0846 0x0638 Netman - ok
14:04:47.0916 0x0638 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:04:47.0947 0x0638 NetMsmqActivator - ok
14:04:47.0971 0x0638 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:04:47.0992 0x0638 NetPipeActivator - ok
14:04:48.0032 0x0638 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\windows\System32\netprofm.dll
14:04:48.0089 0x0638 netprofm - ok
14:04:48.0114 0x0638 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:04:48.0149 0x0638 NetTcpActivator - ok
14:04:48.0180 0x0638 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:04:48.0213 0x0638 NetTcpPortSharing - ok
14:04:48.0251 0x0638 [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
14:04:48.0268 0x0638 nfrd960 - ok
14:04:48.0331 0x0638 [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc C:\windows\System32\nlasvc.dll
14:04:48.0400 0x0638 NlaSvc - ok
14:04:48.0462 0x0638 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\windows\system32\drivers\Npfs.sys
14:04:48.0542 0x0638 Npfs - ok
14:04:48.0571 0x0638 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\windows\system32\nsisvc.dll
14:04:48.0614 0x0638 nsi - ok
14:04:48.0640 0x0638 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
14:04:48.0680 0x0638 nsiproxy - ok
14:04:48.0785 0x0638 [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs C:\windows\system32\drivers\Ntfs.sys
14:04:48.0845 0x0638 Ntfs - ok
14:04:48.0889 0x0638 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\windows\system32\drivers\Null.sys
14:04:48.0939 0x0638 Null - ok
14:04:48.0999 0x0638 [ D2F4C4B22969236382CA853B8DAA2D4E, 83950153451140AC54CF95F0ED03C165DD5E8B7E8F3869B1746CDDDF9DFE1F11 ] NVHDA C:\windows\system32\drivers\nvhda32v.sys
14:04:49.0027 0x0638 NVHDA - ok
14:04:49.0495 0x0638 [ AFB33A823AABC112FC7BD62AFBCDB0CD, B267AA94024363B1C4A26D853094F84895D7EA232B8A6690C315D99D3D4C79BD ] nvlddmkm C:\windows\system32\DRIVERS\nvlddmkm.sys
14:04:50.0039 0x0638 nvlddmkm - ok
14:04:50.0103 0x0638 [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid C:\windows\system32\drivers\nvraid.sys
14:04:50.0132 0x0638 nvraid - ok
14:04:50.0155 0x0638 [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor C:\windows\system32\drivers\nvstor.sys
14:04:50.0175 0x0638 nvstor - ok
14:04:50.0232 0x0638 [ 782945716AD010AC3D41758E8E52C735, 5A2B869B697D5BCD31F59BF39E3B0C8C570DD01B1FC82063CD9530F2FC49C7D6 ] nvsvc C:\windows\system32\nvvsvc.exe
14:04:50.0267 0x0638 nvsvc - ok
14:04:50.0316 0x0638 [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
14:04:50.0334 0x0638 nv_agp - ok
14:04:50.0449 0x0638 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:04:50.0478 0x0638 odserv - ok
14:04:50.0503 0x0638 [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
14:04:50.0535 0x0638 ohci1394 - ok
14:04:50.0560 0x0638 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:04:50.0587 0x0638 ose - ok
14:04:50.0625 0x0638 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\windows\system32\pnrpsvc.dll
14:04:50.0701 0x0638 p2pimsvc - ok
14:04:50.0729 0x0638 [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\windows\system32\p2psvc.dll
14:04:50.0775 0x0638 p2psvc - ok
14:04:50.0834 0x0638 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\windows\system32\DRIVERS\parport.sys
14:04:50.0879 0x0638 Parport - ok
14:04:50.0914 0x0638 [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\windows\system32\drivers\partmgr.sys
14:04:50.0936 0x0638 partmgr - ok
14:04:50.0959 0x0638 [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\windows\system32\DRIVERS\parvdm.sys
14:04:50.0984 0x0638 Parvdm - ok
14:04:51.0037 0x0638 [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc C:\windows\System32\pcasvc.dll
14:04:51.0136 0x0638 PcaSvc - ok
14:04:51.0190 0x0638 [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\windows\system32\drivers\pci.sys
14:04:51.0211 0x0638 pci - ok
14:04:51.0247 0x0638 [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\windows\system32\drivers\pciide.sys
14:04:51.0262 0x0638 pciide - ok
14:04:51.0293 0x0638 [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
14:04:51.0314 0x0638 pcmcia - ok
14:04:51.0361 0x0638 [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\windows\system32\drivers\pcw.sys
14:04:51.0377 0x0638 pcw - ok
14:04:51.0409 0x0638 [ AEBC369F7DC72AB3F5B9BDF34FA0D43F, 2A819154AC6C23E97C583D90B4D0C112188B7AE9D8D9B3F88811BFCED124E551 ] PEAUTH C:\windows\system32\drivers\peauth.sys
14:04:51.0459 0x0638 PEAUTH - ok
14:04:51.0565 0x0638 [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\windows\system32\pla.dll
14:04:51.0664 0x0638 pla - ok
14:04:51.0724 0x0638 [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\windows\system32\umpnpmgr.dll
14:04:51.0767 0x0638 PlugPlay - ok
14:04:51.0789 0x0638 [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
14:04:51.0814 0x0638 PNRPAutoReg - ok
14:04:51.0841 0x0638 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\windows\system32\pnrpsvc.dll
14:04:51.0877 0x0638 PNRPsvc - ok
14:04:51.0937 0x0638 [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
14:04:51.0996 0x0638 PolicyAgent - ok
14:04:52.0039 0x0638 [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\windows\system32\umpo.dll
14:04:52.0096 0x0638 Power - ok
14:04:52.0160 0x0638 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
14:04:52.0215 0x0638 PptpMiniport - ok
14:04:52.0234 0x0638 [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\windows\system32\DRIVERS\processr.sys
14:04:52.0260 0x0638 Processor - ok
14:04:52.0307 0x0638 [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc C:\windows\system32\profsvc.dll
14:04:52.0338 0x0638 ProfSvc - ok
14:04:52.0360 0x0638 [ 981CE3E3A653511799F4A862494B66A8, 414D975387A118535E39636413969A7D4C98A85E542A44B8FA515C8A20D6093F ] ProtectedStorage C:\windows\system32\lsass.exe
14:04:52.0382 0x0638 ProtectedStorage - ok
14:04:52.0427 0x0638 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\windows\system32\DRIVERS\pacer.sys
14:04:52.0479 0x0638 Psched - ok
14:04:52.0549 0x0638 [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
14:04:52.0612 0x0638 ql2300 - ok
14:04:52.0638 0x0638 [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
14:04:52.0658 0x0638 ql40xx - ok
14:04:52.0688 0x0638 [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\windows\system32\qwave.dll
14:04:52.0727 0x0638 QWAVE - ok
14:04:52.0743 0x0638 [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
14:04:52.0765 0x0638 QWAVEdrv - ok
14:04:52.0778 0x0638 [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
14:04:52.0825 0x0638 RasAcd - ok
14:04:52.0845 0x0638 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
14:04:52.0886 0x0638 RasAgileVpn - ok
14:04:52.0901 0x0638 [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\windows\System32\rasauto.dll
14:04:52.0959 0x0638 RasAuto - ok
14:04:53.0022 0x0638 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
14:04:53.0069 0x0638 Rasl2tp - ok
14:04:53.0117 0x0638 [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\windows\System32\rasmans.dll
14:04:53.0162 0x0638 RasMan - ok
14:04:53.0213 0x0638 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
14:04:53.0284 0x0638 RasPppoe - ok
14:04:53.0317 0x0638 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
14:04:53.0353 0x0638 RasSstp - ok
14:04:53.0409 0x0638 [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
14:04:53.0466 0x0638 rdbss - ok
14:04:53.0492 0x0638 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
14:04:53.0512 0x0638 rdpbus - ok
14:04:53.0549 0x0638 [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
14:04:53.0594 0x0638 RDPCDD - ok
14:04:53.0607 0x0638 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
14:04:53.0654 0x0638 RDPENCDD - ok
14:04:53.0667 0x0638 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
14:04:53.0713 0x0638 RDPREFMP - ok
14:04:53.0766 0x0638 [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
14:04:53.0852 0x0638 RDPWD - ok
14:04:53.0935 0x0638 [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
14:04:53.0959 0x0638 rdyboost - ok
14:04:53.0983 0x0638 [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\windows\System32\mprdim.dll
14:04:54.0041 0x0638 RemoteAccess - ok
14:04:54.0071 0x0638 [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\windows\system32\regsvc.dll
14:04:54.0123 0x0638 RemoteRegistry - ok
14:04:54.0175 0x0638 [ F85AE59A52885F4B09AADAFB23001A3B, CE722F19C0F916BC9EC1B7B28A479C71504190271B54B4B9ACA82922B484FEA0 ] Rezip C:\windows\SYSTEM32\Rezip.exe
14:04:54.0200 0x0638 Rezip - detected UnsignedFile.Multi.Generic ( 1 )
14:05:04.0272 0x0638 Rezip ( UnsignedFile.Multi.Generic ) - warning
14:05:23.0297 0x0638 [ CB928D9E6DAF51879DD6BA8D02F01321, DFD263B67DDF98AE09AF6D6986CBC7BE3206BCE8403AAC51BCF9459E78233D12 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
14:05:23.0325 0x0638 RFCOMM - ok
14:05:23.0392 0x0638 [ 7CCAEBCAB6FC1ED0206C07E083E79207, 40BFA1BEDFF093652279494EDD397FC094794B76916C2681D0544D6793314DFE ] RichVideo C:\Program Files\CyberLink\Shared files\RichVideo.exe
14:05:23.0415 0x0638 RichVideo - ok
14:05:23.0449 0x0638 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
14:05:23.0503 0x0638 RpcEptMapper - ok
14:05:23.0532 0x0638 [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\windows\system32\locator.exe
14:05:23.0568 0x0638 RpcLocator - ok
14:05:23.0624 0x0638 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs C:\windows\system32\rpcss.dll
14:05:23.0671 0x0638 RpcSs - ok
14:05:23.0746 0x0638 [ FD692C6FFADE58F7C4C3C3C9A0EC35BD, 0168F61220999B2D084EDEF87079C1970BC53A9AFE4241B08931F9408FF58013 ] RsFx0103 C:\windows\system32\DRIVERS\RsFx0103.sys
14:05:23.0767 0x0638 RsFx0103 - ok
14:05:23.0821 0x0638 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
14:05:23.0869 0x0638 rspndr - ok
14:05:23.0917 0x0638 [ 7DFD48E24479B68B258D8770121155A0, 3B5F7309403C46855DB888CF2058B07C9029690DBC7FB3224BAC7BE5547D2D57 ] RTL8167 C:\windows\system32\DRIVERS\Rt86win7.sys
14:05:23.0949 0x0638 RTL8167 - ok
14:05:24.0006 0x0638 [ 6E5FBB7CBAEC47038B945D5E9B144A64, B2AA2F39DAA841FCA470846CC07C580464E2F07C3EFAA64AF783144718F09C13 ] SABI C:\windows\system32\Drivers\SABI.sys
14:05:24.0050 0x0638 SABI - ok
14:05:24.0068 0x0638 [ 981CE3E3A653511799F4A862494B66A8, 414D975387A118535E39636413969A7D4C98A85E542A44B8FA515C8A20D6093F ] SamSs C:\windows\system32\lsass.exe
14:05:24.0085 0x0638 SamSs - ok
14:05:24.0154 0x0638 [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\windows\system32\drivers\sbp2port.sys
14:05:24.0172 0x0638 sbp2port - ok
14:05:24.0209 0x0638 [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\windows\System32\SCardSvr.dll
14:05:24.0267 0x0638 SCardSvr - ok
14:05:24.0288 0x0638 [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
14:05:24.0336 0x0638 scfilter - ok
14:05:24.0409 0x0638 [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule C:\windows\system32\schedsvc.dll
14:05:24.0478 0x0638 Schedule - ok
14:05:24.0527 0x0638 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\windows\System32\certprop.dll
14:05:24.0561 0x0638 SCPolicySvc - ok
14:05:24.0596 0x0638 [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\windows\System32\SDRSVC.dll
14:05:24.0664 0x0638 SDRSVC - ok
14:05:24.0693 0x0638 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\windows\system32\drivers\secdrv.sys
14:05:24.0729 0x0638 secdrv - ok
14:05:24.0750 0x0638 [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\windows\system32\seclogon.dll
14:05:24.0799 0x0638 seclogon - ok
14:05:24.0821 0x0638 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\windows\System32\sens.dll
14:05:24.0858 0x0638 SENS - ok
14:05:24.0916 0x0638 [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\windows\system32\sensrsvc.dll
14:05:25.0007 0x0638 SensrSvc - ok
14:05:25.0023 0x0638 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\windows\system32\DRIVERS\serenum.sys
14:05:25.0048 0x0638 Serenum - ok
14:05:25.0072 0x0638 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\windows\system32\DRIVERS\serial.sys
14:05:25.0100 0x0638 Serial - ok
14:05:25.0115 0x0638 [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
14:05:25.0153 0x0638 sermouse - ok
14:05:25.0204 0x0638 [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\windows\system32\sessenv.dll
14:05:25.0244 0x0638 SessionEnv - ok
14:05:25.0279 0x0638 [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\windows\system32\drivers\sffdisk.sys
14:05:25.0348 0x0638 sffdisk - ok
14:05:25.0389 0x0638 [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
14:05:25.0411 0x0638 sffp_mmc - ok
14:05:25.0423 0x0638 [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
14:05:25.0446 0x0638 sffp_sd - ok
14:05:25.0473 0x0638 [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
14:05:25.0491 0x0638 sfloppy - ok
14:05:25.0567 0x0638 [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\windows\System32\ipnathlp.dll
14:05:25.0669 0x0638 SharedAccess - ok
14:05:25.0701 0x0638 [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\windows\System32\shsvcs.dll
14:05:25.0750 0x0638 ShellHWDetection - ok
14:05:25.0772 0x0638 [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\windows\system32\drivers\sisagp.sys
14:05:25.0788 0x0638 sisagp - ok
14:05:25.0798 0x0638 [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
14:05:25.0814 0x0638 SiSRaid2 - ok
14:05:25.0829 0x0638 [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
14:05:25.0851 0x0638 SiSRaid4 - ok
14:05:25.0961 0x0638 [ 704B4F81729F676BBF034529FC334D82, 1E50DAF97836807A500284385D99272780A8B69CA88761250451060B207824F8 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
14:05:25.0990 0x0638 SkypeUpdate - ok
14:05:26.0004 0x0638 [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\windows\system32\DRIVERS\smb.sys
14:05:26.0049 0x0638 Smb - ok
14:05:26.0083 0x0638 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\windows\System32\snmptrap.exe
14:05:26.0110 0x0638 SNMPTRAP - ok
14:05:26.0150 0x0638 [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\windows\system32\drivers\spldr.sys
14:05:26.0165 0x0638 spldr - ok
14:05:26.0221 0x0638 [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler C:\windows\System32\spoolsv.exe
14:05:26.0330 0x0638 Spooler - ok
14:05:26.0483 0x0638 [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\windows\system32\sppsvc.exe
14:05:26.0643 0x0638 sppsvc - ok
14:05:26.0699 0x0638 [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\windows\system32\sppuinotify.dll
14:05:26.0750 0x0638 sppuinotify - ok
14:05:26.0814 0x0638 [ 0022CFFF1A41E5CE3A764050A7DDF22A, A5B3DE389043E60A677CF807F19EDFE2B07A849E83BA23E89E05AE85B43AECAE ] sptd C:\windows\System32\Drivers\sptd.sys
14:05:26.0845 0x0638 sptd - ok
14:05:26.0897 0x0638 [ A687B5B326AFCFCF182C4931D1FF9771, B8447F9FFB87A2B891D9FE29BA5182ED1129B718FB27990CE79E6CDCA6023A59 ] SQLAgent$SQLEXPRESS C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
14:05:26.0923 0x0638 SQLAgent$SQLEXPRESS - ok
14:05:27.0021 0x0638 [ B54B48F6D92423440C264E91225C5FF1, 7484D90CE309555E1FB54F011A2980D8491354223111B7AA16D1D2473570DC19 ] SQLBrowser C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
14:05:27.0052 0x0638 SQLBrowser - ok
14:05:27.0077 0x0638 [ 637A0F23F9012358E92E6F99835494D1, 5399EF5C35D58B6902F470BF5F851C96CBD83CAD77658917C46867B91D7D9442 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
14:05:27.0095 0x0638 SQLWriter - ok
14:05:27.0155 0x0638 [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv C:\windows\system32\DRIVERS\srv.sys
14:05:27.0235 0x0638 srv - ok
14:05:27.0301 0x0638 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
14:05:27.0366 0x0638 srv2 - ok
14:05:27.0391 0x0638 [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
14:05:27.0438 0x0638 srvnet - ok
14:05:27.0495 0x0638 [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\windows\System32\ssdpsrv.dll
14:05:27.0547 0x0638 SSDPSRV - ok
14:05:27.0613 0x0638 [ E98C0EEE2AAA630FC2D814B37AD16C29, 5227C5F551011B946A01EE88B864DD12FCA33C6B14AD2BE73EA4D30F1CEF8147 ] SSMO3v2Filter C:\windows\system32\drivers\MO3v2Driver.sys
14:05:27.0711 0x0638 SSMO3v2Filter - ok
14:05:27.0735 0x0638 [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\windows\system32\sstpsvc.dll
14:05:27.0780 0x0638 SstpSvc - ok
14:05:27.0889 0x0638 [ B1691AF4A072CB674D600DB16DD7308E, 214E35001E7BA10E8C329CE8904E900AA54F9B35C5329F2FF20E3156D6F21A8E ] StarWindServiceAE C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
14:05:27.0921 0x0638 StarWindServiceAE - detected UnsignedFile.Multi.Generic ( 1 )
14:05:33.0760 0x0638 Detect skipped due to KSN trusted
14:05:33.0760 0x0638 StarWindServiceAE - ok
14:05:33.0837 0x0638 [ 3F0826F632F66906CB3ED62202A6BAD7, CA21B038DD1A1BED7293A8DEEBE19D43D1C12378ED5C6B82D36900CD4FFF23B7 ] Steam Client Service C:\Program Files\Common Files\Steam\SteamService.exe
14:05:34.0033 0x0638 Steam Client Service - ok
14:05:34.0125 0x0638 [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
14:05:34.0172 0x0638 stexstor - ok
14:05:34.0241 0x0638 [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\windows\System32\wiaservc.dll
14:05:34.0306 0x0638 StiSvc - ok
14:05:34.0351 0x0638 [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\windows\system32\drivers\swenum.sys
14:05:34.0366 0x0638 swenum - ok
14:05:34.0505 0x0638 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
14:05:34.0541 0x0638 SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
14:05:40.0376 0x0638 Detect skipped due to KSN trusted
14:05:40.0376 0x0638 SwitchBoard - ok
14:05:40.0423 0x0638 [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\windows\System32\swprv.dll
14:05:40.0486 0x0638 swprv - ok
14:05:40.0555 0x0638 [ 215A45246C6E2D0A9C263CE1786C8D8A, 619D3A836C6D6DCD9739F128E8B4863308A66FF474B31A2CBC4A94FBBEC47D0C ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
14:05:40.0575 0x0638 SynTP - ok
14:05:40.0665 0x0638 [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain C:\windows\system32\sysmain.dll
14:05:40.0736 0x0638 SysMain - ok
14:05:40.0793 0x0638 [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\windows\System32\TabSvc.dll
14:05:40.0839 0x0638 TabletInputService - ok
14:05:40.0899 0x0638 [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\windows\System32\tapisrv.dll
14:05:40.0955 0x0638 TapiSrv - ok
14:05:40.0983 0x0638 [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\windows\System32\tbssvc.dll
14:05:41.0035 0x0638 TBS - ok
14:05:41.0142 0x0638 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip C:\windows\system32\drivers\tcpip.sys
14:05:41.0206 0x0638 Tcpip - ok
14:05:41.0250 0x0638 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
14:05:41.0308 0x0638 TCPIP6 - ok
14:05:41.0358 0x0638 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
14:05:41.0386 0x0638 tcpipreg - ok
14:05:41.0433 0x0638 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
14:05:41.0517 0x0638 TDPIPE - ok
14:05:41.0558 0x0638 [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
14:05:41.0593 0x0638 TDTCP - ok
14:05:41.0652 0x0638 [ 7FE680A3DFA421C4A8E4879AE4C5AAB0, A4C64E155AB2843823CD3586756BA7681CFDEA50812095468221503BBAD30DCD ] tdx C:\windows\system32\DRIVERS\tdx.sys
14:05:41.0720 0x0638 tdx - ok
14:05:42.0737 0x0638 [ E99CD4524662A2DA7C73372C626669D8, 694DF29BF6CFF8CA06B8C701BBD148DCF58D6A6ECE3CF6CC900B0D0E5A3DFDF2 ] TeamViewer9 C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
14:05:42.0934 0x0638 TeamViewer9 - ok
14:05:42.0994 0x0638 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\windows\system32\drivers\termdd.sys
14:05:43.0012 0x0638 TermDD - ok
14:05:43.0075 0x0638 [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService C:\windows\System32\termsrv.dll
14:05:43.0130 0x0638 TermService - ok
14:05:43.0157 0x0638 [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\windows\system32\themeservice.dll
14:05:43.0220 0x0638 Themes - ok
14:05:43.0235 0x0638 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\windows\system32\mmcss.dll
14:05:43.0274 0x0638 THREADORDER - ok
14:05:43.0287 0x0638 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\windows\System32\trkwks.dll
14:05:43.0327 0x0638 TrkWks - ok
14:05:43.0402 0x0638 [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
14:05:43.0455 0x0638 TrustedInstaller - ok
14:05:43.0511 0x0638 [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
14:05:43.0557 0x0638 tssecsrv - ok
14:05:43.0653 0x0638 [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
14:05:43.0754 0x0638 TsUsbFlt - ok
14:05:43.0824 0x0638 [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
14:05:43.0902 0x0638 tunnel - ok
14:05:43.0928 0x0638 [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
14:05:43.0947 0x0638 uagp35 - ok
14:05:43.0974 0x0638 [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\windows\system32\DRIVERS\udfs.sys
14:05:44.0015 0x0638 udfs - ok
14:05:44.0049 0x0638 [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\windows\system32\UI0Detect.exe
14:05:44.0117 0x0638 UI0Detect - ok
14:05:44.0164 0x0638 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
14:05:44.0192 0x0638 uliagpkx - ok
14:05:44.0252 0x0638 [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\windows\system32\drivers\umbus.sys
14:05:44.0283 0x0638 umbus - ok
14:05:44.0296 0x0638 [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\windows\system32\DRIVERS\umpass.sys
14:05:44.0320 0x0638 UmPass - ok
14:05:44.0345 0x0638 [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\windows\System32\upnphost.dll
14:05:44.0396 0x0638 upnphost - ok
14:05:44.0464 0x0638 [ A1977C315BF5691DA99235AA4A6907AF, 34B52FBA83F0E1C6B001D0AD1808B00152F731D18AAECC3C53B9918AA89BACEC ] usbaudio C:\windows\system32\drivers\usbaudio.sys
14:05:44.0533 0x0638 usbaudio - ok
14:05:44.0583 0x0638 [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
14:05:44.0650 0x0638 usbccgp - ok
14:05:44.0696 0x0638 [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir C:\windows\system32\drivers\usbcir.sys
14:05:44.0730 0x0638 usbcir - ok
14:05:44.0772 0x0638 [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci C:\windows\system32\drivers\usbehci.sys
14:05:44.0803 0x0638 usbehci - ok
14:05:44.0888 0x0638 [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
14:05:44.0942 0x0638 usbhub - ok
14:05:44.0997 0x0638 [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci C:\windows\system32\drivers\usbohci.sys
14:05:45.0028 0x0638 usbohci - ok
14:05:45.0081 0x0638 [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
14:05:45.0109 0x0638 usbprint - ok
14:05:45.0163 0x0638 [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan C:\windows\system32\drivers\usbscan.sys
14:05:45.0246 0x0638 usbscan - ok
14:05:45.0295 0x0638 [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
14:05:45.0374 0x0638 USBSTOR - ok
14:05:45.0425 0x0638 [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci C:\windows\system32\drivers\usbuhci.sys
14:05:45.0451 0x0638 usbuhci - ok
14:05:45.0510 0x0638 [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
14:05:45.0546 0x0638 usbvideo - ok
14:05:45.0590 0x0638 [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\windows\System32\uxsms.dll
14:05:45.0631 0x0638 UxSms - ok
14:05:45.0681 0x0638 [ 981CE3E3A653511799F4A862494B66A8, 414D975387A118535E39636413969A7D4C98A85E542A44B8FA515C8A20D6093F ] VaultSvc C:\windows\system32\lsass.exe
14:05:45.0699 0x0638 VaultSvc - ok
14:05:45.0736 0x0638 [ 9EBB5A19746196660722310A1E26F9DA, 76850165D23FAADDBC73DFED3FD2B4C2387424F6A646F5E3FD0C416FEAB9E38A ] VBoxDrv C:\windows\system32\DRIVERS\VBoxDrv.sys
14:05:45.0756 0x0638 VBoxDrv - ok
14:05:45.0805 0x0638 [ 4A92B7923BA53260C41A88649E388E4F, 3916A99C3373125DBFD946E15A4615C7A177A4E6AB4A5312DD66093E1A20A141 ] VBoxNetAdp C:\windows\system32\DRIVERS\VBoxNetAdp.sys
14:05:45.0822 0x0638 VBoxNetAdp - ok
14:05:45.0878 0x0638 [ DEB3856B4CF455594356E40C7EBA3766, 57B1EE6DAC4A0839F4744B19B17CAC3DA9AF64AA3B34A4D791BC06693F3C357D ] VBoxNetFlt C:\windows\system32\DRIVERS\VBoxNetFlt.sys
14:05:45.0894 0x0638 VBoxNetFlt - ok
14:05:45.0936 0x0638 [ 4C1D1D36D847C4C23DDBD30402A3EE5F, AF301A7062BC2E6B413CA7E2955B76A24DE2A4D967F4A0F8CA0273E430C4E032 ] VBoxUSBMon C:\windows\system32\DRIVERS\VBoxUSBMon.sys
14:05:45.0952 0x0638 VBoxUSBMon - ok
14:05:46.0010 0x0638 [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
14:05:46.0042 0x0638 vdrvroot - ok
14:05:46.0093 0x0638 [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\windows\System32\vds.exe
14:05:46.0157 0x0638 vds - ok
14:05:46.0185 0x0638 [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
14:05:46.0210 0x0638 vga - ok
14:05:46.0256 0x0638 [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\windows\System32\drivers\vga.sys
14:05:46.0303 0x0638 VgaSave - ok
14:05:46.0325 0x0638 [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\windows\system32\drivers\vhdmp.sys
14:05:46.0350 0x0638 vhdmp - ok
14:05:46.0365 0x0638 [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\windows\system32\drivers\viaagp.sys
14:05:46.0381 0x0638 viaagp - ok
14:05:46.0399 0x0638 [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\windows\system32\DRIVERS\viac7.sys
14:05:46.0418 0x0638 ViaC7 - ok
14:05:46.0461 0x0638 [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\windows\system32\drivers\viaide.sys
14:05:46.0477 0x0638 viaide - ok
14:05:46.0514 0x0638 [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\windows\system32\drivers\volmgr.sys
14:05:46.0532 0x0638 volmgr - ok
14:05:46.0583 0x0638 [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\windows\system32\drivers\volmgrx.sys
14:05:46.0608 0x0638 volmgrx - ok
14:05:46.0657 0x0638 [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\windows\system32\drivers\volsnap.sys
14:05:46.0683 0x0638 volsnap - ok
14:05:46.0787 0x0638 [ 86C96C079293E2E06708E146A011F4C4, 10F8DBA78B76B304525FC72C83990F10133936010E26D2F9AEB2FB747F8B75C2 ] vpnagent C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
14:05:46.0818 0x0638 vpnagent - ok
14:05:46.0868 0x0638 [ B4A71B5E7F83BE22064891D503BF82F6, 37872EABDB6D7CB60BC36FE4117BD4D5F83F35009BA2515BF2D15D3ECCED6957 ] vpnva C:\windows\system32\DRIVERS\vpnva-6.sys
14:05:46.0883 0x0638 vpnva - ok
14:05:46.0916 0x0638 [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
14:05:46.0938 0x0638 vsmraid - ok
14:05:47.0044 0x0638 [ 143C873A90E834F38733BB05D686A9E7, EBBC2A11B751E4C869D08CD35FFB1B54A3BC1EDDDD436CFD6026892460BC842E ] VSPerfDrv100 c:\Program Files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys
14:05:47.0064 0x0638 VSPerfDrv100 - ok
14:05:47.0136 0x0638 [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\windows\system32\vssvc.exe
14:05:47.0234 0x0638 VSS - ok
14:05:47.0249 0x0638 [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
14:05:47.0268 0x0638 vwifibus - ok
14:05:47.0308 0x0638 [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
14:05:47.0349 0x0638 vwififlt - ok
14:05:47.0388 0x0638 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\windows\system32\w32time.dll
14:05:47.0440 0x0638 W32Time - ok
14:05:47.0464 0x0638 [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
14:05:47.0482 0x0638 WacomPen - ok
14:05:47.0523 0x0638 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
14:05:47.0560 0x0638 WANARP - ok
14:05:47.0592 0x0638 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
14:05:47.0631 0x0638 Wanarpv6 - ok
14:05:47.0757 0x0638 [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
14:05:47.0819 0x0638 WatAdminSvc - ok
14:05:47.0902 0x0638 [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\windows\system32\wbengine.exe
14:05:48.0030 0x0638 wbengine - ok
14:05:48.0065 0x0638 [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
14:05:48.0093 0x0638 WbioSrvc - ok
14:05:48.0144 0x0638 [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\windows\System32\wcncsvc.dll
14:05:48.0178 0x0638 wcncsvc - ok
14:05:48.0195 0x0638 [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
14:05:48.0260 0x0638 WcsPlugInService - ok
14:05:48.0278 0x0638 [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\windows\system32\DRIVERS\wd.sys
14:05:48.0298 0x0638 Wd - ok
14:05:48.0372 0x0638 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
14:05:48.0409 0x0638 Wdf01000 - ok
14:05:48.0452 0x0638 [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost C:\windows\system32\wdi.dll
14:05:48.0503 0x0638 WdiServiceHost - ok
14:05:48.0510 0x0638 [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost C:\windows\system32\wdi.dll
14:05:48.0533 0x0638 WdiSystemHost - ok
14:05:48.0582 0x0638 [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient C:\windows\System32\webclnt.dll
14:05:48.0714 0x0638 WebClient - ok
14:05:48.0747 0x0638 [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\windows\system32\wecsvc.dll
14:05:48.0800 0x0638 Wecsvc - ok
14:05:48.0823 0x0638 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\windows\System32\wercplsupport.dll
14:05:48.0865 0x0638 wercplsupport - ok
14:05:48.0881 0x0638 [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\windows\System32\WerSvc.dll
14:05:48.0934 0x0638 WerSvc - ok
14:05:48.0991 0x0638 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
14:05:49.0065 0x0638 WfpLwf - ok
14:05:49.0080 0x0638 [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\windows\system32\drivers\wimmount.sys
14:05:49.0095 0x0638 WIMMount - ok
14:05:49.0199 0x0638 [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
14:05:49.0276 0x0638 WinDefend - ok
14:05:49.0367 0x0638 [ 0A597F84BC8AF4229B529F655BB2BA14, 2243728CC9B52CF39EBB08F75E7057D771C71C32B64248AC44BD5D123ACBC037 ] WinDriver6 C:\windows\system32\drivers\windrvr6.sys
14:05:49.0398 0x0638 WinDriver6 - ok
14:05:49.0426 0x0638 WinHttpAutoProxySvc - ok
14:05:49.0500 0x0638 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
14:05:49.0554 0x0638 Winmgmt - ok
14:05:49.0632 0x0638 [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM C:\windows\system32\WsmSvc.dll
14:05:49.0737 0x0638 WinRM - ok
14:05:49.0783 0x0638 [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
14:05:49.0804 0x0638 WinUsb - ok
14:05:49.0854 0x0638 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\windows\System32\wlansvc.dll
14:05:49.0949 0x0638 Wlansvc - ok
14:05:50.0123 0x0638 [ FB01D4AE207B9EFDBABFC55DC95C7E31, E0EFDBBE0BAC275230C8C1A053948C21BCF20B99B92E50939E95FFB9DC87F6BA ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:05:50.0200 0x0638 wlidsvc - ok
14:05:50.0319 0x0638 [ 325E4C5FC6B30C69B302DF650B9BB083, 4DF53A12F39A16DDF2AA22A0194873D0671CEBFBFB53EB2300186B45EAF8DB4D ] wltrysvc C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
14:05:50.0326 0x0638 wltrysvc - detected UnsignedFile.Multi.Generic ( 1 )
14:05:56.0196 0x0638 Detect skipped due to KSN trusted
14:05:56.0196 0x0638 wltrysvc - ok
14:05:56.0245 0x0638 [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
14:05:56.0271 0x0638 WmiAcpi - ok
14:05:56.0307 0x0638 [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
14:05:56.0329 0x0638 wmiApSrv - ok
14:05:56.0465 0x0638 [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
14:05:56.0591 0x0638 WMPNetworkSvc - ok
14:05:56.0624 0x0638 [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\windows\System32\wpcsvc.dll
14:05:56.0678 0x0638 WPCSvc - ok
14:05:56.0720 0x0638 [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
14:05:56.0772 0x0638 WPDBusEnum - ok
14:05:56.0794 0x0638 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
14:05:56.0832 0x0638 ws2ifsl - ok
14:05:56.0853 0x0638 [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\windows\System32\wscsvc.dll
14:05:56.0891 0x0638 wscsvc - ok
14:05:56.0912 0x0638 WSearch - ok
14:05:57.0023 0x0638 [ 7E5C454A3F986FEBAD075DB8D915917E, 9E9147DDACD075958689523130DB92FC4ED0E38433461D8AB8792BCFBD9376DA ] wuauserv C:\windows\system32\wuaueng.dll
14:05:57.0167 0x0638 wuauserv - ok
14:05:57.0238 0x0638 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
14:05:57.0321 0x0638 WudfPf - ok
14:05:57.0368 0x0638 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
14:05:57.0392 0x0638 WUDFRd - ok
14:05:57.0415 0x0638 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\windows\System32\WUDFSvc.dll
14:05:57.0459 0x0638 wudfsvc - ok
14:05:57.0500 0x0638 [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc C:\windows\System32\wwansvc.dll
14:05:57.0541 0x0638 WwanSvc - ok
14:05:57.0619 0x0638 [ B79B9DBC3C974F165B5D8054A8A932A6, 9A745DEEEAF07BC6ABB3ACDBA81BE1E4783E378412AF32D6E6AC3DF4442D45AF ] yukonw7 C:\windows\system32\DRIVERS\yk62x86.sys
14:05:57.0642 0x0638 yukonw7 - ok
14:05:57.0713 0x0638 ================ Scan global ===============================
14:05:57.0821 0x0638 [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\windows\system32\basesrv.dll
14:05:57.0869 0x0638 [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\windows\system32\winsrv.dll
14:05:57.0886 0x0638 [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\windows\system32\winsrv.dll
14:05:57.0923 0x0638 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\windows\system32\sxssrv.dll
14:05:57.0958 0x0638 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\windows\system32\services.exe
14:05:57.0968 0x0638 [ Global ] - ok
14:05:57.0969 0x0638 ================ Scan MBR ==================================
14:05:57.0990 0x0638 [ 2E5DEBB2116B3417023E0D6562D7ED07 ] \Device\Harddisk0\DR0
14:05:58.0563 0x0638 \Device\Harddisk0\DR0 - ok
14:05:58.0564 0x0638 ================ Scan VBR ==================================
14:05:58.0583 0x0638 [ 21CA5D1E9D7B400A90E47C6EB81DADE8 ] \Device\Harddisk0\DR0\Partition1
14:05:58.0585 0x0638 \Device\Harddisk0\DR0\Partition1 - ok
14:05:58.0594 0x0638 [ 9E781046B2E9F074CE1E7175D45CC8EE ] \Device\Harddisk0\DR0\Partition2
14:05:58.0596 0x0638 \Device\Harddisk0\DR0\Partition2 - ok
14:05:58.0623 0x0638 [ EAE45601D3E06586699E2ACB1CE1F6F5 ] \Device\Harddisk0\DR0\Partition3
14:05:58.0625 0x0638 \Device\Harddisk0\DR0\Partition3 - ok
14:05:58.0628 0x0638 ================ Scan generic autorun ======================
14:05:58.0739 0x0638 [ 4C5440275C0CC16B7387E0B76CF5A530, C5BD631C4BB7422D87290C05D20A146F1CCB46B41B14DF19A58C9957D1B223B7 ] C:\Program Files\Anvisoft\Anvi Smart Defender\ASDTray.exe
14:05:58.0791 0x0638 Anvi Smart Defender - ok
14:05:58.0995 0x0638 [ 9F22AF691BB098BA98951BC3DFDD779A, E52F319D82A40A3A016C9A3624B940B97FF15C6A26229B69645C279704DDD0C9 ] C:\Program Files\AVG\AVG2015\avgui.exe
14:05:59.0142 0x0638 AVG_UI - ok
14:05:59.0258 0x0638 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
14:05:59.0357 0x0638 Sidebar - ok
14:05:59.0390 0x0638 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
14:05:59.0417 0x0638 mctadmin - ok
14:05:59.0455 0x0638 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
14:05:59.0506 0x0638 Sidebar - ok
14:05:59.0513 0x0638 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
14:05:59.0537 0x0638 mctadmin - ok
14:05:59.0575 0x0638 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\sidebar.exe
14:05:59.0626 0x0638 Sidebar - ok
14:05:59.0629 0x0638 Waiting for KSN requests completion. In queue: 20
14:06:00.0629 0x0638 Waiting for KSN requests completion. In queue: 20
14:06:01.0629 0x0638 Waiting for KSN requests completion. In queue: 20
14:06:02.0629 0x0638 Waiting for KSN requests completion. In queue: 20
14:06:03.0629 0x0638 Waiting for KSN requests completion. In queue: 20
14:06:04.0629 0x0638 Waiting for KSN requests completion. In queue: 20
14:06:05.0836 0x0638 AV detected via SS2: AVG AntiVirus Free Edition 2015, C:\Program Files\AVG\AVG2015\avgwsc.exe ( 15.0.0.5863 ), 0x41000 ( enabled : updated )
14:06:05.0947 0x0638 Win FW state via NFP2: enabled
14:06:11.0800 0x0638 ============================================================
14:06:11.0800 0x0638 Scan finished
14:06:11.0800 0x0638 ============================================================
14:06:11.0810 0x0754 Detected object count: 1
14:06:11.0810 0x0754 Actual detected object count: 1
14:10:37.0019 0x0754 Rezip ( UnsignedFile.Multi.Generic ) - skipped by user
14:10:37.0019 0x0754 Rezip ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:10:45.0445 0x1174 Deinitialize success
Nach dem Neustart nach mbar waren die Prozesse, die zuviel waren shcon weg Vielen Dank für die Hilfe!  |
|
06.05.2015, 14:40
| #7 |
| /// the machine /// TB-Ausbilder | Zu viele Prozesse hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
16.05.2015, 07:39
| #8 |
| | Zu viele Prozesse Hallo, also ich habe Combofix heruntergeladen fand es unter downloads und hab es auf den Desktop kopiert. Nach dem starten der exe hab ich nichts bewegt und gewartet. Folgendes kam während diesem Pozess:  Nachdem es durchgelaufen ist hab ich nach combofix gesucht jedoch nur die exe und keine log Datei gefunden. Jedoch war folgendes im Odner:  |
|
16.05.2015, 14:21
| #9 |
| /// the machine /// TB-Ausbilder | Zu viele Prozesse AV Programm komplett abschalten, dann nochmal Combofix 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
17.05.2015, 02:12
| #10 |
| | Zu viele Prozesse Der Prozess lässt sich nicht beenden. Hatte mit rechtsklick den Schutz vorübergehend deaktiviert jedoch ging es damit auch nicht. |
|
17.05.2015, 11:46
| #11 |
| /// the machine /// TB-Ausbilder | Zu viele Prozesse AVG dann bitte deinstallieren, das wird uns bei jedem Schritt reinfunken.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Zu viele Prozesse |
| arten, avg, beim starten, dienst, heute, konnte, laufe, laufen, lokaler, mehrmals, nichts, plötzlich, prozess, prozesse, starte, starten, svchost, viele prozesse, virus |
dann auf 
und dann auf 
. 
WARNUNG an die MITLESER: 
Linear-Darstellung
