Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Zu viele Prozesse

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 05.05.2015, 17:52   #1
Inuyasha2008
 
Zu viele Prozesse - Standard

Zu viele Prozesse



Hallo, ich habe seit heute viel zu viele Prozesse im Task Manager. Sind beim starten plötzlich 4 mal soviele wie normalerweise. Auch laufen einige wie z.B. svchost mehrmals einmal LOKALER DIENST und auch mal unter SYSTEM.

Sieht ganz nach einem Virus aus. Habe AVG mal drüber laufen lassen aber konnte nichts finden. Kann mir jemand sagen, was ich da tun könnte?

Vielen Dank im Vorraus :-)

MfG: Markus


PS: Ich habe Windows 7 Home Premium, falls das benötigt wird. Falls noch mehr gebraucht wird teile ich dies auch gerne mit.

Geändert von Inuyasha2008 (05.05.2015 um 18:48 Uhr)

Alt 06.05.2015, 07:06   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Zu viele Prozesse - Standard

Zu viele Prozesse



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 06.05.2015, 07:22   #3
Inuyasha2008
 
Zu viele Prozesse - Standard

Zu viele Prozesse



Vielen Dank für die rasche Antwort

FRST:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-05-2015
Ran by Samsung (administrator) on SAMSUNG-PC on 06-05-2015 08:17:49
Running from C:\Users\Samsung\Downloads
Loaded Profiles: Samsung (Available profiles: Samsung)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE
(ABBYY) C:\Program Files\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe
(LSoft Technologies Inc) C:\Program Files\LSoft Technologies Inc\Active@ Hard Disk Monitor\DiskMonitorService.exe
(Anvisoft) C:\Program Files\Anvisoft\Anvi Smart Defender\ASDSrv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe
(AVM Berlin) C:\Program Files\avmwlanstick\WLanNetService.exe
(Apple Computer, Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Guard-ICQ\GuardICQ.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
() C:\Program Files\ICQ6Toolbar\ICQ Service.exe
() C:\Program Files\Samsung\Samsung Update Plus\SUPBackGround.exe
(SEC) C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
() C:\Windows\System32\Rezip.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Rocket Division Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(Anvisoft) C:\Program Files\Anvisoft\Anvi Smart Defender\ASDTray.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe
(Dropbox, Inc.) C:\Users\Samsung\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgemcx.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Anvi Smart Defender] => C:\Program Files\Anvisoft\Anvi Smart Defender\ASDTray.exe [1229104 2012-08-23] (Anvisoft)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3723728 2015-03-25] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-2339853823-2107313754-116825072-1000\...\Run: [TVPlanet] => [X]
HKU\S-1-5-21-2339853823-2107313754-116825072-1000\...\MountPoints2: {1bb57eb8-d97f-11e0-9728-00245482ab37} - F:\AUTOSTARTER.EXE
HKU\S-1-5-21-2339853823-2107313754-116825072-1000\...\MountPoints2: {4e03fa01-834d-11df-a7da-00245482ab37} - F:\LaunchU3.exe -a
HKU\S-1-5-21-2339853823-2107313754-116825072-1000\...\MountPoints2: {7bcccf13-3186-11e1-902e-00245482ab37} - G:\pushinst.exe
HKU\S-1-5-21-2339853823-2107313754-116825072-1000\...\Winlogon: [Shell] C:\windows\Explorer.exe [2616320 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
Startup: C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-12-15]
ShortcutTarget: Dropbox.lnk -> C:\Users\Samsung\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Samsung\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Samsung\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Samsung\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Samsung\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Samsung\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Samsung\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Samsung\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Samsung\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2339853823-2107313754-116825072-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.avira.com/?l=dis&o=APN10265&gct=hp&dc=EU&locale=de_BE
HKU\S-1-5-21-2339853823-2107313754-116825072-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
HKU\S-1-5-21-2339853823-2107313754-116825072-1000\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM - ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
URLSearchHook: HKLM - MessengerPlusLive Germany TB Toolbar - {76aeea42-e04a-4b62-83ab-df4b2be2541e} - C:\Program Files\MessengerPlusLive_Germany_TB\prxtbMes0.dll (Conduit Ltd.)
URLSearchHook: HKU\S-1-5-21-2339853823-2107313754-116825072-1000 - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll No File
URLSearchHook: HKU\S-1-5-21-2339853823-2107313754-116825072-1000 - ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
URLSearchHook: HKU\S-1-5-21-2339853823-2107313754-116825072-1000 - MessengerPlusLive Germany TB Toolbar - {76aeea42-e04a-4b62-83ab-df4b2be2541e} - C:\Program Files\MessengerPlusLive_Germany_TB\prxtbMes0.dll (Conduit Ltd.)
SearchScopes: HKLM -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
SearchScopes: HKU\S-1-5-21-2339853823-2107313754-116825072-1000 -> DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=109958&tt=060612_8_&babsrc=SP_ss&mntrId=42cad5fe00000000000000245482ab37
SearchScopes: HKU\S-1-5-21-2339853823-2107313754-116825072-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=109958&tt=060612_8_&babsrc=SP_ss&mntrId=42cad5fe00000000000000245482ab37
SearchScopes: HKU\S-1-5-21-2339853823-2107313754-116825072-1000 -> {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
SearchScopes: HKU\S-1-5-21-2339853823-2107313754-116825072-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = 
SearchScopes: HKU\S-1-5-21-2339853823-2107313754-116825072-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKU\S-1-5-21-2339853823-2107313754-116825072-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={F1388C1E-2CF2-4313-9CB7-060A1FFF918B}&mid=f4d1b201e6e247d096cfd94961e4257a-4acbc2a7fa269486901d671589a43986cb6ee6e1&lang=de&ds=is015&pr=sa&d=2012-06-07 22:31:05&v=11.1.0.7&sap=dsp&q={searchTerms}
BHO: ContributeBHO Class -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll No File
BHO: Babylon toolbar helper -> {2EECD738-5844-4a99-B4B6-146BF802613B} -> C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll [2011-08-14] (Babylon BHO)
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-07-27] (RealPlayer)
BHO: Conduit Engine  -> {30F9B915-B755-4826-820B-08FBA6BD249D} -> C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17] (Conduit Ltd.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-04-14] (Oracle Corporation)
BHO: MessengerPlusLive Germany TB Toolbar -> {76aeea42-e04a-4b62-83ab-df4b2be2541e} -> C:\Program Files\MessengerPlusLive_Germany_TB\prxtbMes0.dll [2011-01-17] (Conduit Ltd.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10] (Adobe Systems Incorporated)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10] (Skype Technologies S.A.)
BHO: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files\Ask.com\GenericAskToolbar.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-04-14] (Oracle Corporation)
BHO: Microsoft Web Test Recorder 10.0 Helper -> {DDA57003-0068-4ed2-9D32-4D1EC707D94D} -> c:\Program Files\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2010-03-19] (Microsoft Corporation)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10] (Adobe Systems Incorporated)
Toolbar: HKLM - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll No File
Toolbar: HKLM - MessengerPlusLive Germany TB Toolbar - {76aeea42-e04a-4b62-83ab-df4b2be2541e} - C:\Program Files\MessengerPlusLive_Germany_TB\prxtbMes0.dll [2011-01-17] (Conduit Ltd.)
Toolbar: HKLM - ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2011-08-17] (ICQ)
Toolbar: HKLM - Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll [2011-08-14] (Babylon Ltd.)
Toolbar: HKLM - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll No File
Toolbar: HKU\S-1-5-21-2339853823-2107313754-116825072-1000 -> MessengerPlusLive Germany TB Toolbar - {76AEEA42-E04A-4B62-83AB-DF4B2BE2541E} - C:\Program Files\MessengerPlusLive_Germany_TB\prxtbMes0.dll [2011-01-17] (Conduit Ltd.)
Toolbar: HKU\S-1-5-21-2339853823-2107313754-116825072-1000 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10] (Adobe Systems Incorporated)
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} hxxp://www6.king.com/ctl/kingcomie.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-09] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10] (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [94208 2006-02-28] (Apple Computer, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2

FireFox:
========
FF ProfilePath: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default
FF Homepage: https://www.google.de/?gws_rd=ssl
FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3297931&SearchSource=2&CUI=UN20523875117953152&UM=1&q=
FF NetworkProxy: "backup.ftp", " 200.16.117.62 "
FF NetworkProxy: "backup.ftp_port", 3128
FF NetworkProxy: "backup.socks", " 200.16.117.62 "
FF NetworkProxy: "backup.socks_port", 3128
FF NetworkProxy: "backup.ssl", " 200.16.117.62 "
FF NetworkProxy: "backup.ssl_port", 3128
FF NetworkProxy: "ftp", " 58.213.19.134 "
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "http", " 58.213.19.134 "
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "no_proxies_on", ""
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", " 58.213.19.134 "
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "ssl", " 58.213.19.134 "
FF NetworkProxy: "ssl_port", 3128
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\windows\system32\Adobe\Director\np32dsw_1202122.dll [2013-04-03] (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-04-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-04-14] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @oberon-media.com/ONCAdapter -> C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll [2010-09-01] (Oberon-Media )
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @real.com/nppl3260;version=12.0.1.647 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll [2011-07-27] (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=12.0.1.647 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll [2011-07-27] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=12.0.1.660 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2011-07-27] (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=12.0.1.660 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2011-07-27] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=12.0.1.660 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll [2011-07-27] (RealNetworks, Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2339853823-2107313754-116825072-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Samsung\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2012-03-28] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\user.js [2012-12-12]
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2011-07-27] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2010-11-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2010-11-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2010-11-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2010-11-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2010-11-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2010-11-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2010-11-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll [2011-07-27] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll [2011-07-27] (RealNetworks, Inc.)
FF SearchPlugin: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\searchplugins\game-master-21-b2-customized-web-search.xml [2013-05-24]
FF SearchPlugin: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\searchplugins\icq-search.xml [2012-02-18]
FF SearchPlugin: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\searchplugins\icqplugin-1.xml [2012-06-07]
FF SearchPlugin: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\searchplugins\icqplugin-10.xml [2013-02-06]
FF SearchPlugin: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\searchplugins\icqplugin-11.xml [2013-02-27]
FF SearchPlugin: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\searchplugins\icqplugin-12.xml [2013-03-08]
FF SearchPlugin: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\searchplugins\icqplugin-13.xml [2013-04-12]
FF SearchPlugin: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\searchplugins\icqplugin-14.xml [2013-05-20]
FF SearchPlugin: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\searchplugins\icqplugin-15.xml [2013-05-24]
FF SearchPlugin: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\searchplugins\icqplugin-16.xml [2013-08-19]
FF SearchPlugin: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\searchplugins\icqplugin-2.xml [2012-06-29]
FF SearchPlugin: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\searchplugins\icqplugin-3.xml [2012-07-18]
FF SearchPlugin: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\searchplugins\icqplugin-4.xml [2012-09-08]
FF SearchPlugin: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\searchplugins\icqplugin-5.xml [2012-10-27]
FF SearchPlugin: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\searchplugins\icqplugin-6.xml [2012-10-28]
FF SearchPlugin: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\searchplugins\icqplugin-7.xml [2012-12-11]
FF SearchPlugin: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\searchplugins\icqplugin-8.xml [2013-01-13]
FF SearchPlugin: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\searchplugins\icqplugin-9.xml [2013-01-19]
FF SearchPlugin: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\searchplugins\icqplugin.gif [2012-07-24]
FF SearchPlugin: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\searchplugins\icqplugin.src [2012-07-24]
FF SearchPlugin: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\searchplugins\icqplugin.xml [2012-02-18]
FF Extension: Avira Browser Safety - C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\Extensions\abs@avira.com [2015-04-27]
FF Extension: ICQ Toolbar - C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\Extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2012-07-25]
FF Extension: iMacros for Firefox - C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2015-04-12]
FF Extension: Cliqz Beta - C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\Extensions\cliqz@cliqz.com.xpi [2014-10-07]
FF Extension: Firebug - C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\Extensions\firebug@software.joehewitt.com.xpi [2013-10-24]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-20]
FF Extension: Modify Headers - C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\Extensions\{b749fc7c-e949-447f-926c-3f4eed6accfe}.xpi [2011-11-29]
FF Extension: Fast Video Download - C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\Extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}.xpi [2015-03-07]
FF Extension: Adblock Plus - C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-05-16]
FF Extension: Disable Anti-Adblock - C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\Extensions\{d49a148e-817e-4025-bee3-5d541376de3b}.xpi [2013-07-21]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com [2015-04-04]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-04-04]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF} [2015-04-04]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-07-27]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKU\S-1-5-21-2339853823-2107313754-116825072-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5tgt3b9q.default\extensions\cliqz@cliqz.com

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Users\Samsung\AppData\Roaming\BabylonToolbar\CR\BabylonChrome1.crx [2012-05-30]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files\DealPly\DealPly.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2011-07-27]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-10-10]
CHR HKU\S-1-5-21-2339853823-2107313754-116825072-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files\DealPly\DealPly.crx [Not Found]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.PDFTransformer.Classic.3.0; C:\Program Files\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe [759048 2010-02-01] (ABBYY)
R2 Active@ Disk Monitor; C:\Program Files\LSoft Technologies Inc\Active@ Hard Disk Monitor\DiskMonitorService.exe [1127944 2009-09-02] (LSoft Technologies Inc)
S3 Adobe Version Cue CS3; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe [153792 2007-03-20] (Adobe Systems Incorporated)
R2 asdsrv; C:\Program Files\Anvisoft\Anvi Smart Defender\ASDSrv.exe [686896 2012-08-23] (Anvisoft)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3416016 2015-03-25] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [309232 2015-03-25] (AVG Technologies CZ, s.r.o.)
R2 AVM WLAN Connection Service; C:\Program Files\avmwlanstick\WlanNetService.exe [364544 2008-02-25] (AVM Berlin) [File not signed]
R2 Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2010-09-26] (Macrovision Europe Ltd.) [File not signed]
R2 Guard.Mail.ru; C:\Program Files\Guard-ICQ\GuardICQ.exe [1564368 2012-02-18] ()
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1385896 2012-06-27] (LogMeIn Inc.)
R2 ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [247872 2011-08-17] ()
S3 npggsvc; C:\windows\system32\GameMon.des [3996760 2010-09-14] (INCA Internet Co., Ltd.) [File not signed]
R2 Rezip; C:\windows\SYSTEM32\Rezip.exe [311296 2009-03-05] () [File not signed]
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] ()
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software) [File not signed]
S3 Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [569024 2014-02-08] (Valve Corporation) [File not signed]
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 vpnagent; C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [558480 2013-10-10] (Cisco Systems, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [4261888 2010-07-07] (Broadcom Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 acsock; C:\windows\System32\DRIVERS\acsock.sys [92528 2013-10-10] (Cisco Systems, Inc.)
R1 asdrm; C:\windows\System32\DRIVERS\asdrm.sys [16208 2012-08-20] (Anvisoft)
R2 asdrs; C:\windows\system32\DRIVERS\asdrs.sys [22864 2012-08-20] (Anvisoft)
R2 asdws; C:\windows\system32\DRIVERS\asdws.sys [14160 2012-08-20] ()
R2 aswHwid; C:\windows\system32\drivers\aswHwid.sys [24184 2014-10-03] ()
R2 atksgt; C:\windows\System32\DRIVERS\atksgt.sys [281760 2011-09-07] ()
R1 Avgdiskx; C:\windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\windows\System32\DRIVERS\avgidsdriverx.sys [224736 2015-03-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\windows\System32\DRIVERS\avgidshx.sys [154904 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\windows\System32\DRIVERS\avgldx86.sys [192792 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\windows\System32\DRIVERS\avglogx.sys [265184 2015-02-03] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\windows\System32\DRIVERS\avgmfx86.sys [107488 2015-02-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\windows\System32\DRIVERS\avgtdix.sys [210912 2015-02-25] (AVG Technologies CZ, s.r.o.)
S3 avmeject; C:\windows\System32\drivers\avmeject.sys [4352 2007-11-07] (AVM Berlin) [File not signed]
R3 BCM42RLY; C:\windows\System32\drivers\BCM42RLY.sys [18496 2010-07-07] (Broadcom Corporation)
S3 fwlanusbn; C:\windows\System32\DRIVERS\fwlanusbn.sys [401920 2007-12-19] (AVM GmbH)
R3 hamachi; C:\windows\System32\DRIVERS\hamachi.sys [26176 2010-02-03] (LogMeIn, Inc.)
S3 HPZid412; C:\windows\System32\DRIVERS\HPZid412.sys [51024 2003-03-09] (HP)
S3 HPZipr12; C:\windows\System32\DRIVERS\HPZipr12.sys [16080 2003-03-09] (HP)
S3 HPZius12; C:\windows\System32\DRIVERS\HPZius12.sys [21456 2003-03-09] (HP)
R0 iaStorA; C:\windows\System32\DRIVERS\iaStorA.sys [508184 2012-03-26] (Intel Corporation)
R0 iaStorF; C:\windows\System32\DRIVERS\iaStorF.sys [22808 2012-03-26] (Intel Corporation)
R2 lirsgt; C:\windows\System32\DRIVERS\lirsgt.sys [25888 2011-09-07] ()
R0 sptd; C:\windows\System32\Drivers\sptd.sys [477240 2012-05-20] (Duplex Secure Ltd.)
S3 SSMO3v2Filter; C:\windows\System32\drivers\MO3v2Driver.sys [17920 2010-11-22] (Sagatek Co. Ltd.)
R2 SVKP; C:\windows\system32\SVKP.sys [2368 2015-01-30] (AntiCracking) [File not signed]
S3 vpnva; C:\windows\System32\DRIVERS\vpnva-6.sys [43376 2013-10-10] (Cisco Systems, Inc.)
S3 VSPerfDrv100; c:\Program Files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys [54144 2011-01-18] (Microsoft Corporation)
R3 WinDriver6; C:\windows\System32\drivers\windrvr6.sys [195968 2010-08-31] (Jungo)
U3 a2i35axp; C:\windows\system32\Drivers\a2i35axp.sys [0 ] (Intel Corporation) <==== ATTENTION (zero size file/folder)
U3 a3ckws4n; C:\windows\system32\Drivers\a3ckws4n.sys [0 ] (Intel Corporation) <==== ATTENTION (zero size file/folder)
S3 EagleXNt; \??\C:\windows\system32\drivers\EagleXNt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-06 08:17 - 2015-05-06 08:18 - 00032880 _____ () C:\Users\Samsung\Downloads\FRST.txt
2015-05-06 08:16 - 2015-05-06 08:17 - 00000000 ____D () C:\FRST
2015-05-06 08:16 - 2015-05-06 08:16 - 01140736 _____ (Farbar) C:\Users\Samsung\Downloads\FRST.exe
2015-05-05 19:54 - 2015-05-05 22:53 - 00005489 _____ () C:\Users\Samsung\Desktop\waslos.txt
2015-04-30 15:07 - 2015-04-30 15:07 - 00155153 _____ () C:\Users\Samsung\Downloads\WWM(1).zip
2015-04-29 22:27 - 2015-04-29 22:27 - 00153313 _____ () C:\Users\Samsung\Downloads\WWM.zip
2015-04-29 17:21 - 2015-04-29 17:21 - 00000000 ____D () C:\Users\Samsung\workspace
2015-04-29 16:17 - 2015-04-29 16:17 - 01203488 _____ () C:\Users\Samsung\Downloads\Eclipse - CHIP-Installer.exe
2015-04-16 11:33 - 2015-04-16 11:33 - 00000000 ____D () C:\windows\system32\appraiser
2015-04-15 14:43 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-04-15 14:43 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-04-15 14:43 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-04-15 14:43 - 2015-03-13 05:42 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-04-15 14:43 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-04-15 14:43 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-04-15 14:43 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-04-15 14:43 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-04-15 14:43 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-04-15 14:43 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-04-15 14:43 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-04-15 14:43 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-04-15 14:43 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-04-15 14:43 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-04-15 14:43 - 2015-03-13 05:16 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-04-15 14:43 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-04-15 14:43 - 2015-03-13 05:09 - 00667648 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-04-15 14:43 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-04-15 14:43 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 14:43 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-04-15 14:43 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-04-15 14:43 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-04-15 14:43 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-04-15 14:43 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-04-15 14:43 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-04-15 14:43 - 2015-03-13 04:43 - 00685568 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-04-15 14:43 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-04-15 14:43 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-04-15 14:43 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-04-15 14:43 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-04-15 14:43 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-04-15 14:42 - 2015-03-25 05:00 - 03088384 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-04-15 14:42 - 2015-03-25 05:00 - 02020864 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-04-15 14:42 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-04-15 14:42 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-04-15 14:42 - 2015-03-25 05:00 - 00131584 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-04-15 14:42 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-04-15 14:42 - 2015-03-25 05:00 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-04-15 14:42 - 2015-03-25 05:00 - 00035328 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-04-15 14:42 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-04-15 14:42 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-04-15 14:42 - 2015-03-25 05:00 - 00011776 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-04-15 14:42 - 2015-03-23 05:06 - 00860160 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-04-15 14:42 - 2015-03-23 05:06 - 00630784 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-04-15 14:42 - 2015-03-23 05:06 - 00576000 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-04-15 14:42 - 2015-03-23 05:06 - 00331264 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-04-15 14:42 - 2015-03-23 05:06 - 00202752 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-04-15 14:42 - 2015-03-23 05:06 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-04-15 14:42 - 2015-03-23 05:06 - 00026112 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-04-15 14:42 - 2015-03-23 04:59 - 00896000 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-04-15 14:42 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2015-04-15 14:42 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-04-15 14:42 - 2015-03-17 07:01 - 00137656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-04-15 14:42 - 2015-03-17 07:01 - 00067512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-04-15 14:42 - 2015-03-17 06:59 - 01306112 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-04-15 14:42 - 2015-03-17 06:57 - 01061376 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-04-15 14:42 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-04-15 14:42 - 2015-03-17 06:57 - 00400896 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-04-15 14:42 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-04-15 14:42 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-04-15 14:42 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-04-15 14:42 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-04-15 14:42 - 2015-03-17 06:57 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-04-15 14:42 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-04-15 14:42 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-04-15 14:42 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-04-15 14:42 - 2015-03-17 06:57 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-04-15 14:42 - 2015-03-17 06:56 - 00262656 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-04-15 14:42 - 2015-03-17 06:56 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-04-15 14:42 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-04-15 14:42 - 2015-03-17 06:56 - 00038912 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-04-15 14:42 - 2015-03-17 06:56 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-04-15 14:42 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-04-15 14:42 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-04-15 14:42 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-04-15 14:42 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-04-15 14:42 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-04-15 14:42 - 2015-03-05 06:06 - 00305152 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2015-04-15 14:42 - 2015-03-04 06:16 - 00249784 _____ (Microsoft Corporation) C:\windows\system32\clfs.sys
2015-04-15 14:42 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\windows\system32\clfsw32.dll
2015-04-15 14:42 - 2015-02-25 05:03 - 00514560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
2015-04-15 14:42 - 2015-01-28 01:36 - 01167520 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2015-04-15 14:40 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2015-04-15 14:40 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2015-04-14 23:35 - 2015-04-14 23:35 - 00002826 _____ () C:\Users\Samsung\Desktop\matz.txt
2015-04-12 22:38 - 2015-04-12 22:38 - 00000000 ____D () C:\Users\Samsung\Documents\iMacros

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-06 08:16 - 2010-03-05 06:29 - 01196770 _____ () C:\windows\WindowsUpdate.log
2015-05-06 08:15 - 2014-11-24 20:26 - 00000000 ____D () C:\ProgramData\MFAData
2015-05-06 08:15 - 2012-10-31 16:14 - 00000000 ___RD () C:\Dropbox
2015-05-06 08:15 - 2010-11-04 16:41 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Dropbox
2015-05-06 08:08 - 2009-07-14 06:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-05-06 08:08 - 2009-07-14 06:39 - 00162533 _____ () C:\windows\setupact.log
2015-05-05 23:08 - 2013-04-28 19:37 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-05-05 22:50 - 2011-03-26 19:37 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Skype
2015-05-05 22:42 - 2010-10-01 11:55 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\FileZilla
2015-05-05 22:42 - 2009-07-14 06:34 - 00014736 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-05 22:42 - 2009-07-14 06:34 - 00014736 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-05 20:54 - 2011-03-26 19:36 - 00000000 ____D () C:\ProgramData\Skype
2015-05-05 17:42 - 2009-07-14 06:53 - 00032632 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2015-05-03 16:02 - 2011-11-28 16:32 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\TS3Client
2015-05-02 16:30 - 2011-08-25 09:57 - 00000000 ____D () C:\Users\Samsung\Desktop\Desktop2
2015-05-02 12:17 - 2015-04-03 17:09 - 00000000 ____D () C:\Users\Samsung\AppData\Local\Gameo
2015-04-30 11:45 - 2009-07-14 06:46 - 00001515 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-04-29 17:21 - 2010-05-20 22:04 - 00000000 ____D () C:\Users\Samsung
2015-04-27 17:55 - 2010-11-04 16:41 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-25 09:22 - 2014-07-30 19:13 - 00000000 ____D () C:\Users\Samsung\Desktop\desk5
2015-04-22 13:24 - 2015-04-04 08:25 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-04-22 13:24 - 2012-06-24 22:31 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-04-22 13:24 - 2010-03-05 07:55 - 01159334 _____ () C:\windows\PFRO.log
2015-04-18 00:41 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\AppCompat
2015-04-18 00:05 - 2013-11-23 13:40 - 00000000 ____D () C:\windows\rescache
2015-04-17 14:19 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\Microsoft.NET
2015-04-16 11:33 - 2014-05-08 23:12 - 00000000 ___SD () C:\windows\system32\CompatTel
2015-04-16 11:33 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\de-DE
2015-04-15 22:52 - 2013-07-15 07:14 - 00000000 ____D () C:\windows\system32\MRT
2015-04-15 22:40 - 2011-11-24 15:19 - 125832184 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-04-15 22:40 - 2010-05-20 22:12 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-15 22:38 - 2009-07-26 22:06 - 01839406 _____ () C:\windows\system32\PerfStringBackup.INI
2015-04-15 19:08 - 2013-04-28 19:37 - 00778416 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2015-04-15 19:08 - 2013-04-28 19:37 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2015-04-13 13:21 - 2015-03-26 20:00 - 00001020 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2015-04-12 12:57 - 2011-07-19 20:28 - 00000000 ___RD () C:\Program Files\Skype
2015-04-09 00:27 - 2014-02-11 23:01 - 00000000 ____D () C:\Users\Samsung\AppData\Local\Battle.net

==================== Files in the root of some directories =======

2010-09-11 22:26 - 2010-09-11 22:26 - 0138304 _____ (Phoenix Technologies) C:\Program Files\Common Files\osdinst.dll
2010-09-11 22:26 - 2010-09-11 22:26 - 1097038 _____ () C:\Program Files\Common Files\ptlosd.cab
2010-10-19 13:09 - 2010-10-19 13:09 - 0000006 _____ () C:\Program Files\Common Files\UnInstallCompleted.tmp
2010-09-11 22:26 - 2010-09-03 23:13 - 4870208 _____ (Phoenix Technologies Ltd.) C:\Program Files\Common Files\xsignal.exe
2013-07-13 03:06 - 2014-04-24 03:28 - 0000100 _____ () C:\Users\Samsung\AppData\Roaming\Camdata.ini
2013-07-13 03:06 - 2014-04-24 03:28 - 0000408 _____ () C:\Users\Samsung\AppData\Roaming\CamLayout.ini
2013-07-13 03:06 - 2014-04-24 03:28 - 0000408 _____ () C:\Users\Samsung\AppData\Roaming\CamShapes.ini
2013-07-13 03:06 - 2014-04-24 03:28 - 0004520 _____ () C:\Users\Samsung\AppData\Roaming\CamStudio.cfg
2013-07-13 03:12 - 2014-04-23 12:38 - 0000098 _____ () C:\Users\Samsung\AppData\Roaming\CamStudio.Producer.command
2013-07-13 03:13 - 2014-04-23 12:53 - 0000000 _____ () C:\Users\Samsung\AppData\Roaming\CamStudio.Producer.Data.ini
2013-07-13 03:13 - 2014-04-23 12:53 - 0001206 _____ () C:\Users\Samsung\AppData\Roaming\CamStudio.Producer.ini
2010-06-07 23:23 - 2015-03-16 18:42 - 0008080 _____ () C:\Users\Samsung\AppData\Roaming\wklnhst.dat
2010-12-22 19:42 - 2012-01-02 23:05 - 0006656 _____ () C:\Users\Samsung\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-01-17 13:14 - 2011-01-17 13:14 - 0000095 _____ () C:\Users\Samsung\AppData\Local\fusioncache.dat
2012-05-09 09:22 - 2012-05-09 09:22 - 0000337 _____ () C:\Users\Samsung\AppData\Local\Perfmon.PerfmonCfg
2014-12-09 18:56 - 2014-12-09 18:56 - 0002128 _____ () C:\Users\Samsung\AppData\Local\recently-used.xbel
2010-12-25 21:19 - 2014-10-28 08:55 - 0007598 _____ () C:\Users\Samsung\AppData\Local\Resmon.ResmonCfg
2012-09-08 18:40 - 2012-09-08 23:31 - 4503728 ____T () C:\ProgramData\dsgsdgdsgdsgw.pad
2010-05-20 22:06 - 2009-08-17 06:54 - 0131368 _____ () C:\ProgramData\FullRemove.exe
2011-10-13 10:09 - 2011-10-13 10:16 - 0000191 _____ () C:\ProgramData\hpzinstall.log
2012-09-11 12:45 - 2012-09-11 12:45 - 0000051 _____ () C:\ProgramData\ozodoedgvbizogb
2010-03-05 06:36 - 2010-03-05 06:37 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2010-03-05 06:35 - 2010-03-05 06:35 - 0000106 _____ () C:\ProgramData\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}.log
2010-03-05 06:32 - 2010-03-05 06:33 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2010-03-05 06:36 - 2010-03-05 06:36 - 0000110 _____ () C:\ProgramData\{B7A0CE06-068E-11D6-97FD-0050BACBF861}.log
2010-03-05 06:31 - 2010-03-05 06:32 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2010-03-05 06:33 - 2010-03-05 06:35 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log

ZeroAccess:
C:\Users\Samsung\AppData\Local\f358ee3b

Files to move or delete:
====================
C:\ProgramData\dsgsdgdsgdsgw.pad
C:\Users\Samsung\timer.js


Some content of TEMP:
====================
C:\Users\Samsung\AppData\Local\Temp\AutoRun.exe
C:\Users\Samsung\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Samsung\AppData\Local\Temp\avgnt.exe
C:\Users\Samsung\AppData\Local\Temp\avguidx.dll
C:\Users\Samsung\AppData\Local\Temp\CmdLineExt02.dll
C:\Users\Samsung\AppData\Local\Temp\CmdLineExt03.dll
C:\Users\Samsung\AppData\Local\Temp\CommonInstaller.exe
C:\Users\Samsung\AppData\Local\Temp\contentDATs.exe
C:\Users\Samsung\AppData\Local\Temp\DeltaTB.exe
C:\Users\Samsung\AppData\Local\Temp\dj0xwiez.dll
C:\Users\Samsung\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Samsung\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpeodipj.dll
C:\Users\Samsung\AppData\Local\Temp\firefoxjre_exe.exe
C:\Users\Samsung\AppData\Local\Temp\hpzscr01.exe
C:\Users\Samsung\AppData\Local\Temp\iGearedHelper.dll
C:\Users\Samsung\AppData\Local\Temp\InstallAX.exe
C:\Users\Samsung\AppData\Local\Temp\InstallPlugin.exe
C:\Users\Samsung\AppData\Local\Temp\install_flash_player_ax.exe
C:\Users\Samsung\AppData\Local\Temp\instloffer.exe
C:\Users\Samsung\AppData\Local\Temp\InstStub.exe
C:\Users\Samsung\AppData\Local\Temp\JavaRa.exe
C:\Users\Samsung\AppData\Local\Temp\jli.dll
C:\Users\Samsung\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Samsung\AppData\Local\Temp\jre-7u40-windows-i586-iftw.exe
C:\Users\Samsung\AppData\Local\Temp\jre-7u51-windows-i586.exe
C:\Users\Samsung\AppData\Local\Temp\kchjfwj2.dll
C:\Users\Samsung\AppData\Local\Temp\keytool.exe
C:\Users\Samsung\AppData\Local\Temp\MachineIdCreator.exe
C:\Users\Samsung\AppData\Local\Temp\MessengerPlusLive_Germany_TB.exe
C:\Users\Samsung\AppData\Local\Temp\mirc722.exe
C:\Users\Samsung\AppData\Local\Temp\msvcr100.dll
C:\Users\Samsung\AppData\Local\Temp\node.exe
C:\Users\Samsung\AppData\Local\Temp\nsc6DB1.tmp.ConduitEngineEmbbed.exe
C:\Users\Samsung\AppData\Local\Temp\oi_{1FFC6D2A-713D-4D6D-8535-E6BB9DD9CA26}.exe
C:\Users\Samsung\AppData\Local\Temp\OptimizerPro.exe
C:\Users\Samsung\AppData\Local\Temp\PCCheckupInstaller.exe
C:\Users\Samsung\AppData\Local\Temp\perplex.dll
C:\Users\Samsung\AppData\Local\Temp\pyl76CB.tmp.exe
C:\Users\Samsung\AppData\Local\Temp\pyl811A.tmp.exe
C:\Users\Samsung\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\Samsung\AppData\Local\Temp\SGSFB00.EXE
C:\Users\Samsung\AppData\Local\Temp\SIntf16.dll
C:\Users\Samsung\AppData\Local\Temp\SIntf32.dll
C:\Users\Samsung\AppData\Local\Temp\SIntfNT.dll
C:\Users\Samsung\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Samsung\AppData\Local\Temp\sqlite3.exe
C:\Users\Samsung\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Samsung\AppData\Local\Temp\ToolbarInstaller.exe
C:\Users\Samsung\AppData\Local\Temp\UNINSTALL.exe
C:\Users\Samsung\AppData\Local\Temp\Uninstaller-14216.exe
C:\Users\Samsung\AppData\Local\Temp\war3_Install.exe
C:\Users\Samsung\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Samsung\AppData\Local\Temp\_is5154.exe
C:\Users\Samsung\AppData\Local\Temp\_unps.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-26 00:48

==================== End Of Log ============================
         
--- --- ---
__________________

Alt 06.05.2015, 07:23   #4
Inuyasha2008
 
Zu viele Prozesse - Standard

Zu viele Prozesse



Addition:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 05-05-2015
Ran by Samsung at 2015-05-06 08:19:49
Running from C:\Users\Samsung\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2339853823-2107313754-116825072-500 - Administrator - Disabled)
ASPNET (S-1-5-21-2339853823-2107313754-116825072-1004 - Limited - Enabled)
Gast (S-1-5-21-2339853823-2107313754-116825072-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2339853823-2107313754-116825072-1002 - Limited - Enabled)
Samsung (S-1-5-21-2339853823-2107313754-116825072-1000 - Administrator - Enabled) => C:\Users\Samsung

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ABBYY PDF Transformer 3.0 (HKLM\...\ABBYY PDF Transformer 3.0) (Version: 3.00.317.68010 - ABBYY)
ABBYY PDF Transformer 3.0 (Version: 3.00.317.68010 - ABBYY) Hidden
Active@ Hard Disk Monitor (HKLM\...\{BF52A2EB-92BB-473E-9070-9E7BBF568791}) (Version: 1.5.20 - LSoft Technologies Inc)
Add or Remove Adobe Creative Suite 3 Master Collection (HKLM\...\Adobe_4dcfd9b7e901b57f81f667144603236) (Version: 1.0 - Adobe Systems Incorporated)
Adobe Acrobat 8.1.3 Professional (HKLM\...\Adobe Acrobat 8 Professional) (Version: 8.1.3 - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Age of Empires II: HD Edition (HKLM\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
AHV content for Acrobat and Flash (Version: 1 - Adobe Systems Incorporated) Hidden
AION Free-to-Play (HKLM\...\{82E73E8D-E1E7-45A4-A311-6D31492AA913}_is1) (Version:  - Gameforge)
Akamai NetSession Interface (HKU\S-1-5-21-2339853823-2107313754-116825072-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Anvi Smart Defender 1.6 (HKLM\...\Anvi Smart Defender) (Version: 1.6 - Anvisoft)
Apple Application Support (HKLM\...\{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}) (Version: 1.3.2 - Apple Inc.)
Apple Software Update (HKLM\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
Atheros Client Installation Program (HKLM\...\{D1434266-0486-4469-B338-A60082CC04E1}) (Version: 1.0.2.1119 - Atheros)
Audacity 2.0.5 (HKLM\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5863 - AVG Technologies)
AVG 2015 (Version: 15.0.4342 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5863 - AVG Technologies) Hidden
AVM FRITZ!WLAN (HKLM\...\AVMWLANCLI) (Version:  - AVM Berlin)
AVR Jungo USB (HKLM\...\{E8F8861D-98E0-43FF-9E48-AC236CC3BE4E}) (Version: 10.2 - Atmel)
AVR Studio 4.19 (HKLM\...\{D5D88F8F-FDA4-4CF4-9F3E-3F40118C2120}) (Version: 4.19.730 - Atmel)
AVR Studio 4.19 (Version: 4.19.730 - Atmel) Hidden
AVR Toolchain (HKLM\...\{2CE5E313-EC49-4527-A752-6DC89FE51C0D}) (Version: 3.3.0.710 - Atmel)
Babylon toolbar on IE (HKLM\...\BabylonToolbar) (Version:  - ) <==== ATTENTION
BabylonObjectInstaller (HKLM\...\{83AA2913-C123-4146-85BD-AD8F93971D39}) (Version: 2.0.0.2 - Babylon Ltd) <==== ATTENTION
Battle.net (HKLM\...\Battle.net) (Version:  - Blizzard Entertainment)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.55 - Broadcom Corporation)
Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version: 5.60.48.55 - Broadcom Corporation)
CamStudio version 2.7 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7 - CamStudio Open Source)
CCleaner (HKLM\...\CCleaner) (Version: 3.05 - Piriform)
Cisco AnyConnect Secure Mobility Client  (HKLM\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.04072 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (Version: 3.1.04072 - Cisco Systems, Inc.) Hidden
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Client (HKLM\...\Client) (Version:  - )
Cliqz (HKLM\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.22 - Cliqz.com)
CodeBlocks (HKU\S-1-5-21-2339853823-2107313754-116825072-1000\...\CodeBlocks) (Version: 10.05 - The Code::Blocks Team)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Crystal Reports for Visual Studio (Version: 12.51.0.240 - SAP) Hidden
CyberLink DVD Suite (HKLM\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2806 - CyberLink Corp.)
CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1916 - CyberLink Corp.)
CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3108a - CyberLink Corp.)
CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3213 - CyberLink Corp.)
CyberLink PowerDVD 8 (HKLM\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.2815b - CyberLink Corp.)
CyberLink PowerProducer (HKLM\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.1.1812 - CyberLink Corp.)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3625 - CyberLink Corp.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.45.4.0314 - DT Soft Ltd)
Dev-C++ 5 beta 9 release (4.9.9.2) (HKLM\...\Dev-C++) (Version:  - )
Dotfuscator Software Services - Community Edition (HKLM\...\{1AA5BD63-6614-44B2-88A7-605191EDB835}) (Version: 5.0.2500.0 - PreEmptive Solutions)
Dropbox (HKU\S-1-5-21-2339853823-2107313754-116825072-1000\...\Dropbox) (Version: 3.4.4 - Dropbox, Inc.)
Easy Display Manager (HKLM\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.0 - Samsung Electronics Co., Ltd.)
Easy Network Manager (HKLM\...\{34B76DCB-BF7C-440F-B058-C84172C1E338}) (Version: 4.2.8 - Samsung)
EasyBatteryManager (HKLM\...\{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}) (Version: 4.0.0.3 - Samsung)
Fraps (HKLM\...\Fraps) (Version:  - )
Free YouTube to MP3 Converter version 3.12.2.430 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.2.430 - DVDVideoSoft Ltd.)
FreePDF (Remove only) (HKLM\...\FreePDF_XP) (Version:  - )
Gameforge Live 2.0.4 (HKLM\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.4 - Gameforge)
Gameo (HKU\S-1-5-21-2339853823-2107313754-116825072-1000\...\Gameo) (Version: 0.13.7 - IronSource Ltd.) <==== ATTENTION!
GDMO (HKLM\...\DMO) (Version:  - )
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
Git version 1.9.5-preview20141217 (HKLM\...\Git_is1) (Version: 1.9.5-preview20141217 - The Git Development Community)
Gothic II (HKLM\...\Gothic II) (Version:  - JoWooD Productions Software AG)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.04) (Version: 9.04 - Artifex Software Inc.)
Guard.ICQ (HKLM\...\Guard.Mail.ru) (Version:  - Mail.ru) <==== ATTENTION
Hearthstone (HKLM\...\Hearthstone) (Version:  - Blizzard Entertainment)
HeidiSQL (HKLM\...\HeidiSQL_is1) (Version:  - Ansgar Becker)
Hotfix für Microsoft Visual C++ 2010 Express - DEU (KB2635973) (HKLM\...\{DEEB5FE3-40F5-3C5B-8F85-5306EF3C08F4}.KB2635973) (Version: 1 - Microsoft Corporation)
HP Deskjet 1050 J410 series - Grundlegende Software für das Gerät (HKLM\...\{FE19B8A3-C79D-4A90-8F7C-1B206DB00CFC}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
ICQ Toolbar (HKLM\...\ICQToolbar) (Version: 3.0.0 - ICQ)
ICQ7.7 (HKLM\...\{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}) (Version: 7.7 - ICQ)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.4.1001 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.00.01.1003 - Intel Corporation)
Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle)
Java DB 10.5.3.0 (HKLM\...\{00BA866C-F2A2-4BB9-A308-3DFA695B6F7C}) (Version: 10.5.3.0 - Sun Microsystems, Inc)
Java(TM) 6 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
Java(TM) SE Development Kit 6 Update 21 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0160210}) (Version: 1.6.0.210 - Oracle)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Katawa Shoujo (HKLM\...\Katawa Shoujo) (Version:  - )
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version:  - )
Left 4 Dead (HKLM\...\Steam App 500) (Version:  - Valve)
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.1.0.166 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.1.0.166 - LogMeIn, Inc.) Hidden
Messenger Plus! Live (HKLM\...\Messenger Plus! Live) (Version: 4.85.0.386 - Yuna Software)
MessengerPlusLive Germany TB Toolbar (HKLM\...\MessengerPlusLive_Germany_TB Toolbar) (Version: 5.7.2.2 - MessengerPlusLive Germany TB)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK (HKLM\...\{2012098D-EEE9-4769-8DD3-B038050854D4}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK (HKLM\...\{05855322-BE43-41FE-B583-D3AE0C326D58}) (Version: 4.0.50826.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{4F44B5AE-82A6-4A8A-A3E3-E24D489728E3}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Framework (HKLM\...\{BC537AE0-88AF-47ED-B762-33B0D62B5188}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM\...\{7A56D81D-6406-40E7-9184-8AC1769C4D69}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM\...\{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM\...\{09C52940-A4D1-4409-A7CC-1AAE630CF578}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{D441BD04-E548-4F8E-97A4-1B66135BAAA8}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM\...\{877B76B2-F83F-4F5A-B28D-3F398641ADB6}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B857D868-F8B0-43EE-BC2B-D9E5ED21F237}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x86) (HKLM\...\{C6DD625F-4B61-4561-8286-87CA0275CEA1}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 SP1 (HKLM\...\{97CE8B73-AA5A-4987-A1BE-50DD1A187478}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x86) (HKLM\...\{F990B526-8F7C-46E0-B1F1-6C893A8B478F}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x86) (HKLM\...\{DC3D6AFB-78B4-489F-81D7-30B66E0C2417}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft Team Foundation Server 2010 Object Model - ENU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - ENU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (HKLM\...\Microsoft Visual C++ 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010 Ultimate - ENU (HKLM\...\Microsoft Visual Studio 2010 Ultimate - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (HKLM\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
mIRC (HKLM\...\mIRC) (Version: 7.22 - mIRC Co. Ltd.)
Mount & Blade: Warband (HKLM\...\Steam App 48700) (Version:  - Taleworlds Entertainment)
Mouse Recorder Pro 2.0.7.5 (HKLM\...\{889E44CE-435C-4D37-B302-A7E43339E5FA}_is1) (Version:  - Nemex Studios)
Mozilla Firefox 37.0.2 (x86 de) (HKLM\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Notepad++ (HKLM\...\Notepad++) (Version: 5.9.8 - )
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
NVIDIA PhysX (HKLM\...\{B4F3A360-E1E2-479D-ADE7-9BE3B07F4539}) (Version: 9.10.0223 - NVIDIA Corporation)
OpenOffice.org 3.2 (HKLM\...\{8D1E61D1-1395-4E97-997F-D002DB3A5074}) (Version: 3.2.9502 - OpenOffice.org)
Oracle VM VirtualBox 4.1.12 (HKLM\...\{BD2DF5E1-0B64-40EB-93CC-77F984ADB408}) (Version: 4.1.12 - Oracle Corporation)
Patrizier II Gold (HKLM\...\Patrizier II Gold_is1) (Version:  - )
PDF Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS5 (Version: 10.0 - Adobe Systems Incorporated) Hidden
Pokémon Trading Card Game Online (HKLM\...\{496D7B7E-EBDC-4E2B-B021-4FF03B188B69}) (Version: 1.0.0 - The Pokémon Company International)
PokerStars.be (HKLM\...\PokerStars.be) (Version:  - PokerStars.be)
PremiumSoft Navicat Lite 10.0 (HKLM\...\PremiumSoft Navicat Lite_is1) (Version:  - PremiumSoft CyberTech Ltd.)
QuickTime (HKLM\...\{E7004147-2CCA-431C-AA05-2AB166B9785D}) (Version: 7.68.75.0 - Apple Inc.)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 12.0) (Version:  - RealNetworks)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6003 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Software (HKLM\...\{F2BC3383-F000-410C-A038-3846ADBE8D90}) (Version: 1.01.0088 - REALTEK Semiconductor Corp.)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
Remotedesktopverbindung (HKLM\...\{62C4121D-CA64-413E-8444-0525FF7E8EF9}) (Version: 5.1.2600.2180 - Microsoft)
Revo Uninstaller 1.94 (HKLM\...\Revo Uninstaller) (Version: 1.94 - VS Revo Group)
Samsung Recovery Solution 4 (HKLM\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 4.0.0.6 - Samsung)
Samsung R-Series (HKLM\...\{3EED7541-55F8-4DC6-B9CD-28762D71310E}) (Version: 1.0 - Samsung)
Samsung Support Center (HKLM\...\{0A353130-D22C-41DD-8C67-1B02A05F2CE0}) (Version: 1.1.0 - Samsung)
Samsung Update Plus (HKLM\...\{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}) (Version: 2.0 - Samsung Electronics Co., Ltd.)
Service Pack 1 for SQL Server 2008 (KB968369) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
SimpleScreenshot 1.40 (HKLM\...\SimpleScreenshot) (Version:  - )
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.6.8442 - Skype Technologies S.A.)
Skype™ 7.4 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Steam (HKLM\...\Steam) (Version:  - Valve Corporation)
Stronghold (HKLM\...\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}) (Version: 1.20.0000 - Firefly Studios)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.10.0 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13.1 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.41110 - TeamViewer)
thriXXX 3DSexVilla2-135.001 (HKLM\...\3DSexVilla2-135.001) (Version:  - )
TIPP10 Version 2.1.0 (HKLM\...\TIPP10_is1) (Version:  - (c) 2006-2011, Tom Thielicke IT Solutions)
TreeSize Free V2.5 (HKLM\...\TreeSize Free_is1) (Version: 2.5 - JAM Software)
Tunatic (HKLM\...\Tunatic) (Version:  - )
Uninstall 1.0.0.1 (HKLM\...\Uninstall_is1) (Version:  - )
Unity Web Player (HKU\S-1-5-21-2339853823-2107313754-116825072-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
User Guide (HKLM\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
Vampires Dawn: Reign of Blood (HKLM\...\{CF55095E-07AA-432E-8376-CEF71D70746A}_is1) (Version: Vampires Dawn: Reign of Blood 1.31 - Brianum)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 1.1.9 (HKLM\...\VLC media player) (Version: 1.1.9 - VideoLAN)
Warcraft III (HKLM\...\Warcraft III) (Version:  - )
Warcraft III: All Products (HKU\S-1-5-21-2339853823-2107313754-116825072-1000\...\Warcraft III) (Version:  - )
WCF RIA Services V1.0 SP1 (HKLM\...\{D9E6001A-5DC3-4620-AF7A-80B6CD48645D}) (Version: 4.1.60114.0 - Microsoft Corporation)
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
WinAVR 20100110 (remove only) (HKLM\...\WinAVR-20100110) (Version: 20100110 - )
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live OneCare safety scanner (HKLM\...\Windows Live OneCare safety scanner) (Version:  - Microsoft Corporation)
Windows Live Sync (HKLM\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )
Worms Reloaded (HKLM\...\Steam App 22600) (Version:  - Team17 Software Ltd.)
YTD Video Downloader 4.5.1 (HKLM\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.5.1 - GreenTree Applications SRL) <==== ATTENTION
Yugioh Virtual Dueling (HKLM\...\{B2E3A2C8-283C-4871-A499-B2711F48D64B}) (Version: 9.0 - Xero Creative)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2339853823-2107313754-116825072-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Samsung\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2339853823-2107313754-116825072-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\ProgramData\EasyBits GO\ezGameXN.dll No File
CustomCLSID: HKU\S-1-5-21-2339853823-2107313754-116825072-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\ProgramData\EasyBits GO\ezGameXN.dll No File
CustomCLSID: HKU\S-1-5-21-2339853823-2107313754-116825072-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Samsung\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-2339853823-2107313754-116825072-1000_Classes\CLSID\{A2EB5E06-4426-B017-98D3-F8F6838F2331}\InprocServer32 -> C:\windows\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2339853823-2107313754-116825072-1000_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\ProgramData\EasyBits GO\ezGameXN.dll No File
CustomCLSID: HKU\S-1-5-21-2339853823-2107313754-116825072-1000_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\ProgramData\EasyBits GO\ezGameXN.dll No File
CustomCLSID: HKU\S-1-5-21-2339853823-2107313754-116825072-1000_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files\Git\git-cheetah\git_shell_ext.dll ()
CustomCLSID: HKU\S-1-5-21-2339853823-2107313754-116825072-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-2339853823-2107313754-116825072-1000_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\ProgramData\EasyBits GO\ezGameXN.dll No File
CustomCLSID: HKU\S-1-5-21-2339853823-2107313754-116825072-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Samsung\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2339853823-2107313754-116825072-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Samsung\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2339853823-2107313754-116825072-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Samsung\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2339853823-2107313754-116825072-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Samsung\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2339853823-2107313754-116825072-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Samsung\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2339853823-2107313754-116825072-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Samsung\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2339853823-2107313754-116825072-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Samsung\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2339853823-2107313754-116825072-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Samsung\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2339853823-2107313754-116825072-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Samsung\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

==================== Restore Points  =========================

12-04-2015 19:01:22 Windows-Sicherung
15-04-2015 22:33:00 Windows Update
19-04-2015 19:00:57 Windows-Sicherung
26-04-2015 19:02:35 Windows-Sicherung
03-05-2015 21:55:08 Windows-Sicherung

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0892159B-AEA7-4F81-9B36-530795DEC179} - System32\Tasks\{DFCC44DF-8A99-4D41-AD73-AA3BF1912A94} => Firefox.exe hxxp://ui.skype.com/ui/0/5.8.0.158/en/abandoninstall?page=tsMain
Task: {25B852AF-0F08-417D-A112-DD474B4238F8} - System32\Tasks\EasyBatteryManager => C:\Program Files\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2009-10-16] (SAMSUNG Electronics co., LTD.)
Task: {263D05FE-6088-48EB-A49F-8ADB28691086} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {3141A285-6669-4F1F-A0D8-A64EF715D987} - System32\Tasks\{BE365EAF-1CDB-4975-898B-08CE06250DA4} => D:\Program Files\JoWooD\Gothic II\System\gothic2.exe
Task: {39E35084-FCF5-468E-AFEB-94F0F425130F} - System32\Tasks\{5977AA73-B2DA-4F7D-9027-82467467A610} => Firefox.exe hxxp://ui.skype.com/ui/0/5.3.0.120/de/exitsurvey?uhash1=07b696a8eb651b75e225a8b1ea3a38cc&amp;uhash2=8dd4e88582519557af344768024330bd&amp;uhash3=c36ad720e2cfb9b2444c1a4b35f42b1d&amp;uhash4=ed9193c3689edb480ee776d249faeeba&amp;uhash5=2de0efb91021c3330608029f09e92ba3
Task: {4203F7D5-A321-42C2-B071-6EFC8718E2B0} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {489EECD9-31EC-4AC5-BB39-DB4AEC22828B} - System32\Tasks\RealCreateProcessScheduledTask84947349S-1-5-21-2339853823-2107313754-116825072-1000 => C:\Program Files\Real\RealPlayer\update\realsched.exe [2011-07-27] (RealNetworks, Inc.)
Task: {5C4F670D-1E23-4D35-AAE1-00234ECAE931} - System32\Tasks\{FBEB910D-F010-4537-90D1-B24405FEF499} => Firefox.exe hxxp://ui.skype.com/ui/0/5.9.0.123/en/abandoninstall?page=tsMain
Task: {5E94A94D-EAFA-4AC3-A439-155690BFD88E} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2339853823-2107313754-116825072-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2011-03-29] (RealNetworks, Inc.)
Task: {6378EDF5-B3D1-4A49-A0C8-B161AED57A67} - System32\Tasks\SUPBackground => C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe [2010-04-20] ()
Task: {728D9677-5243-442B-810B-51032FD5432E} - System32\Tasks\{5C5CE030-EEAD-4047-B815-B28F00454A85} => C:\Program Files\Skype\\Phone\Skype.exe [2015-04-17] (Skype Technologies S.A.)
Task: {760F1D58-512E-464B-9AA5-F3DC3AA58ED0} - System32\Tasks\{53CC0B06-633B-47D4-9B02-731A96F92B0D} => D:\Program Files\JoWooD\Gothic II\System\gothic2.exe
Task: {76D7A1E9-7A9F-40DC-8D4B-AA3722B300B5} - System32\Tasks\{21CBA18E-CC02-41C6-9FDB-1C485D67ED42} => C:\Program Files\JoWooD\Gothic II\UNWISE.EXE [2002-07-19] ()
Task: {7E32E7F8-66EA-4820-882C-D9BCFE8E8FBC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30] (Apple Inc.)
Task: {8F2FCF76-C1FF-45A0-8A9D-65693B1435AA} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {8FF92432-A49A-4649-B383-97E5891990CF} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {907C18EC-75C8-4C6F-B211-13AA9BA7B892} - No Task path could be read. Access denied. 
Task: {9360AB4D-99A3-4A1A-9304-3AFB1A20297C} - System32\Tasks\{7E4BFBC7-BF48-4E5E-9F8E-006838B78067} => C:\Program Files\JoWooD\Gothic II\UNWISE.EXE [2002-07-19] ()
Task: {9BE31E4A-C568-46B8-9B77-FF4832D62FC4} - System32\Tasks\{066DE9F6-A3E3-422D-AA4F-D59AD2CD0E0C} => D:\Program Files\JoWooD\Gothic II\System\gothic2.exe
Task: {A5661CCA-C699-432A-94E9-601FBE966893} - System32\Tasks\{47A6F38F-0C19-48EE-8633-C06BD1414C6C} => Firefox.exe 
Task: {AAF84C8D-07AF-4F08-A745-A4CF28FB0D35} - System32\Tasks\RealCreateProcessScheduledTask271365470S-1-5-21-2339853823-2107313754-116825072-1000 => C:\Program Files\Real\RealPlayer\update\realsched.exe [2011-07-27] (RealNetworks, Inc.)
Task: {ABBD9D07-2039-4ABA-BF5D-9417D0864C17} - System32\Tasks\{6C37B6E6-78B0-40DC-B432-CABA31B4F0FE} => pcalua.exe -a "C:\Program Files\Electronic Arts\Harry Potter und der Feuerkelch\EAUninstall.exe"
Task: {B19666F0-67B2-4532-92D9-DC17749B2D32} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2339853823-2107313754-116825072-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2011-03-29] (RealNetworks, Inc.)
Task: {B277C0A4-5F72-4B16-9F66-16D65D9598CE} - \DealPlyUpdate No Task File <==== ATTENTION
Task: {B81E9DDA-1B74-4908-89AC-BED382C18B98} - System32\Tasks\gameo_update => C:\Users\Samsung\AppData\Roaming\Gameo\gameo.exe [2015-02-22] ()
Task: {C0A65AE6-9C11-4E75-945A-24BF3E9BA085} - System32\Tasks\{CFA5333A-E16E-474D-A43B-641D15968D60} => pcalua.exe -a C:\Users\Samsung\Downloads\escw_97_sa_sfx.exe -d "C:\Program Files\Mozilla Firefox"
Task: {C581C1C4-6635-413F-9502-7C5F8FC699C2} - System32\Tasks\RealCreateProcessScheduledTask690994432S-1-5-21-2339853823-2107313754-116825072-1000 => C:\Program Files\Real\RealPlayer\update\realsched.exe [2011-07-27] (RealNetworks, Inc.)
Task: {C653CBBB-78D5-46AA-B7BA-99E64B7FF124} - System32\Tasks\EasyDisplayMgr => C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [2009-11-04] (Samsung Electronics Co., Ltd.)
Task: {CC9DF44D-CBB5-4AE5-8A89-DEDA5CF44EF5} - System32\Tasks\SamsungSupportCenter => C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe [2009-12-14] (SAMSUNG Electronics)
Task: {CEEA1937-5644-4F73-ACCF-F96476C92D0D} - System32\Tasks\{3CECFE6E-F5D3-4756-BB85-59ABE1046913} => pcalua.exe -a E:\Patch_Game\Install2.exe -d E:\Patch_Game
Task: {D907D439-A03E-4D08-B861-C10484AFFAE1} - System32\Tasks\advSRS4 => C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2010-01-19] (SEC)
Task: {E0B94096-92CC-4CE5-8F1D-42A016CB7549} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {E30836DE-842A-44DF-9CE6-72A1EE3672AF} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {E7C87683-C160-4F94-B4C1-1E7F917D187E} - System32\Tasks\{656F27AA-3B35-4D3A-B9A3-4D873C3983E1} => pcalua.exe -a D:\Skyrim\install.exe -d D:\Skyrim
Task: {F0010C41-C13F-4D2B-8E8A-DC0C08B90CE3} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2339853823-2107313754-116825072-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2011-03-29] (RealNetworks, Inc.)
Task: {F8090752-FE81-4490-9C93-3B2550C52AEE} - System32\Tasks\{A4813A57-31E9-453F-A5DD-C91DE74386EB} => C:\Program Files\Skype\\Phone\Skype.exe [2015-04-17] (Skype Technologies S.A.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) ==============

2012-06-17 02:03 - 2012-05-15 11:27 - 00079168 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2013-10-10 23:48 - 2013-10-10 23:48 - 00063376 _____ () C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2013-04-29 18:49 - 2012-08-18 11:31 - 00116224 _____ () C:\windows\System32\redmonnt.dll
2012-08-23 12:42 - 2012-08-23 12:42 - 00784688 _____ () C:\Program Files\Anvisoft\Anvi Smart Defender\sqlite3.dll
2012-02-18 02:23 - 2012-02-18 02:23 - 01564368 _____ () C:\Program Files\Guard-ICQ\GuardICQ.exe
2012-02-18 02:23 - 2011-08-17 12:04 - 00247872 _____ () C:\Program Files\ICQ6Toolbar\ICQ Service.exe
2010-03-05 06:31 - 2010-04-20 14:26 - 00300912 _____ () C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe
2010-03-05 06:31 - 2010-04-16 14:11 - 00155648 _____ () C:\Program Files\Samsung\Samsung Update Plus\HMXML.dll
2010-03-05 06:38 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
2010-03-05 06:29 - 2009-03-05 11:54 - 00311296 _____ () C:\windows\SYSTEM32\Rezip.exe
2010-03-05 06:34 - 2009-07-07 20:23 - 00247152 _____ () C:\Program Files\CyberLink\Shared files\RichVideo.exe
2015-05-06 08:14 - 2015-05-06 08:14 - 00043008 _____ () c:\users\samsung\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpeodipj.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00750080 _____ () C:\Users\Samsung\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00047616 _____ () C:\Users\Samsung\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00865280 _____ () C:\Users\Samsung\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00200704 _____ () C:\Users\Samsung\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:39413AC3
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54
AlternateDataStreams: C:\ProgramData\Temp:A42A9F39
AlternateDataStreams: C:\ProgramData\Temp:ABE89FFE

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2339853823-2107313754-116825072-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1 - 192.168.0.2

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^Samsung^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Samsung^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk => C:\windows\pss\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Samsung^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk => C:\windows\pss\OpenOffice.org 3.2.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Samsung^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Wecker für Windows 6.lnk => C:\windows\pss\Wecker für Windows 6.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Adobe_ID0EYTHM => C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
MSCONFIG\startupreg: AlcoholAutomount => "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
MSCONFIG\startupreg: AVMWlanClient => C:\Program Files\avmwlanstick\wlangui.exe
MSCONFIG\startupreg: Broadcom Wireless Manager UI => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe
MSCONFIG\startupreg: Cisco AnyConnect Secure Mobility Agent for Windows => "C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
MSCONFIG\startupreg: CLMLServer => "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: fsn => C:\Program Files\Phoenix Technologies Ltd\FailSafe\FailSafeNotifier.exe
MSCONFIG\startupreg: Guard.Mail.ru.gui => "C:\Program Files\Guard-ICQ\GuardICQ.exe" /gui
MSCONFIG\startupreg: ICQ => "C:\Program Files\ICQ7.7\ICQ.exe" silent loginmode=4
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: msnmsgr => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: PDVD8LanguageShortcut => "C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RemoteControl8 => "C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
MSCONFIG\startupreg: Steam => "D:\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SwitchBoard => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: TkBellExe => "C:\Program Files\Real\RealPlayer\update\realsched.exe"  -osboot
MSCONFIG\startupreg: UCam_Menu => "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
MSCONFIG\startupreg: UpdateLBPShortCut => "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
MSCONFIG\startupreg: UpdateP2GoShortCut => "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
MSCONFIG\startupreg: UpdatePDRShortCut => "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\7.0"
MSCONFIG\startupreg: UpdatePPShortCut => "C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0"
MSCONFIG\startupreg: UpdatePSTShortCut => "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [{50AD84C6-CB9F-4960-975D-204E09E70424}] => (Allow) C:\Program Files\CyberLink\PowerDirector\PDR.EXE
FirewallRules: [{73A89CE8-C770-4A9C-AA94-515609E7CA3D}] => (Allow) C:\Program Files\CyberLink\PowerDVD8\PowerDVD8.EXE
FirewallRules: [{610C72CF-4019-4359-AF51-45BEA3677334}] => (Allow) C:\Program Files\Common Files\Mcafee\MNA\McNaSvc.exe
FirewallRules: [{B907223B-F43D-4BDC-AAE4-5231F9F13384}] => (Allow) C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE
FirewallRules: [{C21C3A70-49E3-4E2A-BE9E-825C8397E3E9}] => (Allow) C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE
FirewallRules: [{B6250E2F-8E93-4BC3-A68E-CAA52113A433}] => (Allow) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
FirewallRules: [{79EF64DB-B6A3-45E7-8D92-CF41C43F509F}] => (Allow) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
FirewallRules: [{E373302B-ABF5-4AB0-898F-19A48E36F95B}] => (Allow) D:\StarCraft II\StarCraft II.exe
FirewallRules: [{C9C073BC-D080-4FC8-9B0B-57FC8FE51C54}] => (Allow) D:\StarCraft II\StarCraft II.exe
FirewallRules: [{3040F5D3-4C06-416D-9760-3E0679AFB7AA}] => (Allow) LPort=3703
FirewallRules: [{9B421B41-0AF2-4EB9-8D29-891B095A1584}] => (Allow) LPort=3704
FirewallRules: [{4534F3C2-275E-4DF4-8DF1-24ED0C5FEFAE}] => (Allow) LPort=50900
FirewallRules: [{A2AEE7C8-A419-464A-A83B-8A0A2B0818A1}] => (Allow) LPort=50901
FirewallRules: [{77B50A77-9825-43A2-A317-3EF644E7F979}] => (Allow) C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
FirewallRules: [{AFF5D610-0E39-44EB-97A4-24FFE4AB8A43}] => (Allow) C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
FirewallRules: [{9F95DDC8-18CC-4E0B-A286-4B749E1A06E5}] => (Allow) C:\Users\Samsung\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{3D64D103-9C28-4DBC-97FE-1089B9BB18C3}] => (Allow) C:\Users\Samsung\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{D9D83360-8BA1-49F0-A3C9-E4919B94AC46}] => (Allow) C:\Program Files\ICQ7.2\aolload.exe
FirewallRules: [{050B1FD9-5FCC-42C9-B4DB-1A0ADF346898}] => (Allow) C:\Program Files\ICQ7.2\aolload.exe
FirewallRules: [{68CC7AC1-5E2C-407C-911A-B413040E16C8}] => (Allow) C:\Program Files\ICQ7.2\aolload.exe
FirewallRules: [{5212EADA-FD9C-466A-A756-54ADF222A50F}] => (Allow) C:\Program Files\ICQ7.2\aolload.exe
FirewallRules: [{6C7535A5-9149-4DB4-B1D0-E520FF009DE3}] => (Allow) C:\Program Files\ICQ7.2\aolload.exe
FirewallRules: [{32CE985D-9234-4D83-B7F1-94A93315D0DC}] => (Allow) C:\Program Files\ICQ7.2\aolload.exe
FirewallRules: [{819976E7-04B3-4E50-95C3-6C5528D6F2E4}] => (Allow) svchost.exe
FirewallRules: [{62021A4D-A467-4454-8B2A-B8223EBA1813}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{CAA8D7E6-4BD4-410D-9F32-6566C80FE070}] => (Allow) c:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{5275F80E-9672-4CD8-BFC0-501A02C37281}C:\users\samsung\desktop\divine wind\eu3game.exe] => (Allow) C:\users\samsung\desktop\divine wind\eu3game.exe
FirewallRules: [UDP Query User{9B075805-5705-46D5-AF34-7005C24394A8}C:\users\samsung\desktop\divine wind\eu3game.exe] => (Allow) C:\users\samsung\desktop\divine wind\eu3game.exe
FirewallRules: [{54ADF217-B5A8-45D8-B2E2-5BF9896DAF10}] => (Allow) C:\Program Files\Skype\Plugin Manager\skypePM.exe
FirewallRules: [TCP Query User{DEB192F7-BC96-4F47-B6A5-B94A6416EF95}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{BFAC0ABD-A8A9-4FA6-89E2-275B822A6CF0}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [{32736982-6C4B-4902-9277-F705EA47928C}] => (Block) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [{4865E525-73C4-4894-B0F6-5A03015B0AD9}] => (Block) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [{04634560-8423-4023-8B91-5664FE1E1AB4}] => (Allow) C:\Program Files\Firefly Studios\Stronghold\Stronghold.exe
FirewallRules: [{C9280906-70A7-467A-ADEB-9B4591F0BBDF}] => (Allow) C:\Program Files\Firefly Studios\Stronghold\Stronghold.exe
FirewallRules: [{AC626B63-2254-4A56-9484-14F6D445EFAD}] => (Allow) %USERPROFILE%\Desktop\Minecraft Server 1.6\Minecraft_Server.exe
FirewallRules: [{DE1A6375-5664-419D-B32A-52C503C2D988}] => (Allow) %USERPROFILE%\Desktop\Minecraft Server 1.6\Minecraft_Server.exe
FirewallRules: [{B80F9CA5-6C9C-45E3-8B71-4070D19203FF}] => (Allow) C:\Users\Samsung\Desktop\Minecraft Server 1.6\Minecraft_Server.exe
FirewallRules: [{A91B58B2-F65A-4915-AD45-3F36A9A0D23F}] => (Allow) C:\Users\Samsung\Desktop\Minecraft Server 1.6\Minecraft_Server.exe
FirewallRules: [{D4011FEB-8937-4635-915A-B691BB651B2C}] => (Allow) C:\Users\Samsung\Desktop\Minecraft Server 1.6\Minecraft_Server.exe
FirewallRules: [{A6D451C1-AC8F-4940-B219-A251921F7640}] => (Allow) C:\Users\Samsung\Desktop\Minecraft Server 1.6\Minecraft_Server.exe
FirewallRules: [TCP Query User{B5E6EBE6-DD27-4673-A081-D0BCA767F55D}C:\program files\runes of magic\client.exe] => (Allow) C:\program files\runes of magic\client.exe
FirewallRules: [UDP Query User{3D1ACC50-1CC2-462C-860F-C99B4D06B318}C:\program files\runes of magic\client.exe] => (Allow) C:\program files\runes of magic\client.exe
FirewallRules: [{CEAD3EAE-EF01-42D7-8034-3BE11D1BD4A7}] => (Block) C:\program files\runes of magic\client.exe
FirewallRules: [{37722B93-1534-47C1-9354-BB88AD50AF7E}] => (Block) C:\program files\runes of magic\client.exe
FirewallRules: [TCP Query User{CA6E3A25-CCD6-4182-B075-CD3F3F7C89B4}D:\warcraft iii\war3.exe] => (Block) D:\warcraft iii\war3.exe
FirewallRules: [UDP Query User{26F470AB-79FF-44CA-B9C3-166D145C0548}D:\warcraft iii\war3.exe] => (Block) D:\warcraft iii\war3.exe
FirewallRules: [{6FC2470B-C421-49A5-A1F6-6D1AA5474360}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{7C6D2F13-AD84-462F-B9D0-1DF89D2810C4}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{77082EA4-257B-44A1-A330-6571AAA7A7A9}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [{B32F9DD4-8924-4ADA-9459-069185D908C4}] => (Block) C:\xampp\apache\bin\httpd.exe
FirewallRules: [{BB2B9703-40A4-4AB3-B843-2F1EB54D774A}] => (Block) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{958437BE-3382-4190-A13B-F2A1E19D1375}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{00A23553-1B73-4FAC-BA11-6153494DB67C}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{A6F91CDD-A251-49CB-AA4F-915C854A7A52}] => (Block) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{6D81DEA7-725A-4700-9C80-FC9110550F02}] => (Block) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{C71D52A9-F5AE-404E-AC72-EFD498436B9B}C:\xampp\filezillaftp\filezilla server.exe] => (Allow) C:\xampp\filezillaftp\filezilla server.exe
FirewallRules: [UDP Query User{F293816B-94F2-4EFB-8D3E-A468DB1A7F09}C:\xampp\filezillaftp\filezilla server.exe] => (Allow) C:\xampp\filezillaftp\filezilla server.exe
FirewallRules: [{267BFD91-6FAA-4742-A922-825CF3C48221}] => (Block) C:\xampp\filezillaftp\filezilla server.exe
FirewallRules: [{0CEF2119-4399-45DB-AA1D-C937C33076CE}] => (Block) C:\xampp\filezillaftp\filezilla server.exe
FirewallRules: [TCP Query User{1007FC01-AB44-456C-BE53-5BD610F4C0B6}C:\xampp\mercurymail\mercury.exe] => (Block) C:\xampp\mercurymail\mercury.exe
FirewallRules: [UDP Query User{2DC5430D-22F1-433C-AB46-6741E5A5AD57}C:\xampp\mercurymail\mercury.exe] => (Block) C:\xampp\mercurymail\mercury.exe
FirewallRules: [TCP Query User{64BB0EF3-BB4F-45F6-BC7D-3F1B7A890E1A}C:\users\samsung\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\samsung\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{A81BEADF-7D9B-470C-8671-9F26D47EF215}C:\users\samsung\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\samsung\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{6E0F738B-0521-4AF7-9604-D110D1FC6D73}] => (Allow) LPort=995
FirewallRules: [TCP Query User{CDBC959F-3E63-46CA-A005-91C221E13095}D:\winamp\winamp.exe] => (Allow) D:\winamp\winamp.exe
FirewallRules: [UDP Query User{1B355CBF-88F7-40D1-AB60-316ED193174C}D:\winamp\winamp.exe] => (Allow) D:\winamp\winamp.exe
FirewallRules: [{EF7859E4-3EB1-4EF6-B91B-B3787311380A}] => (Block) D:\winamp\winamp.exe
FirewallRules: [{B1DF7B35-ACEB-4441-A069-5504672AE36B}] => (Block) D:\winamp\winamp.exe
FirewallRules: [TCP Query User{17756F3D-8F3D-45E8-9F6B-3C5F14026A58}C:\users\samsung\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\samsung\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{0EDFE612-495F-4FF6-8121-15A38A06E237}C:\users\samsung\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\samsung\appdata\local\akamai\netsession_win.exe
FirewallRules: [{2BEC82A1-A28C-4965-BD21-009AC5121CC4}] => (Allow) D:\World of Warcraft\Launcher.exe
FirewallRules: [{9B98FA0E-E27C-4D57-93F4-BB6043282032}] => (Allow) D:\World of Warcraft\Launcher.exe
FirewallRules: [{1141949A-8BAA-4A7B-8818-155F534E2D9F}] => (Allow) D:\World of Warcraft\Launcher.patch.exe
FirewallRules: [{8FC63B82-5ADD-4BC3-8536-B4E5969039E7}] => (Allow) D:\World of Warcraft\Launcher.patch.exe
FirewallRules: [TCP Query User{2B59DC65-1FC6-4332-A6A2-AA6A5E7C3D88}D:\world of warcraft\backgrounddownloader.exe] => (Allow) D:\world of warcraft\backgrounddownloader.exe
FirewallRules: [UDP Query User{9319F7AB-9F21-4630-9D99-3A4DC815B280}D:\world of warcraft\backgrounddownloader.exe] => (Allow) D:\world of warcraft\backgrounddownloader.exe
FirewallRules: [{C7E11855-59DD-4DEC-BE9C-513FA19C8594}] => (Block) D:\world of warcraft\backgrounddownloader.exe
FirewallRules: [{D968D504-25CE-4A5B-B4B4-3CBF2B9BA471}] => (Block) D:\world of warcraft\backgrounddownloader.exe
FirewallRules: [{C9FD69FB-CCEA-419F-9356-D854A003906A}] => (Allow) LPort=2082
FirewallRules: [{1178D0CF-35D5-4D44-BC32-8948D786D516}] => (Allow) LPort=5000
FirewallRules: [{071E16F0-1AD7-4682-A93F-C3F5CAEFB709}] => (Allow) C:\Program Files\ICQ7.7\ICQ.exe
FirewallRules: [{B636112C-5E8F-4967-85CA-941AA80A1B93}] => (Allow) C:\Program Files\ICQ7.7\ICQ.exe
FirewallRules: [{76E2625E-BC10-4AAB-A2DF-BB336D28DE96}] => (Allow) C:\Program Files\ICQ7.7\ICQ.exe
FirewallRules: [{8B24F3FD-CCE5-43BD-9A42-EB665063ABF7}] => (Allow) C:\Program Files\ICQ7.7\ICQ.exe
FirewallRules: [{BC14BE52-9AB6-4781-A3AA-654CA0E35394}] => (Allow) C:\Program Files\ICQ7.7\ICQ.exe
FirewallRules: [{91D0EBC5-496C-4AD5-8561-5D9DA3B5E080}] => (Allow) C:\Program Files\ICQ7.7\ICQ.exe
FirewallRules: [TCP Query User{BECB157F-3E6F-4001-A068-030150758FA2}C:\users\samsung\appdata\local\temp\rar$ex17.081\dmpc 3.1.3-3.exe] => (Block) C:\users\samsung\appdata\local\temp\rar$ex17.081\dmpc 3.1.3-3.exe
FirewallRules: [UDP Query User{E05D5972-9C86-44DB-BE55-1E8AFFF499EF}C:\users\samsung\appdata\local\temp\rar$ex17.081\dmpc 3.1.3-3.exe] => (Block) C:\users\samsung\appdata\local\temp\rar$ex17.081\dmpc 3.1.3-3.exe
FirewallRules: [TCP Query User{45923EFD-572D-40E4-AAA9-87DC8ED6687E}D:\irc\mirc\mirc.exe] => (Allow) D:\irc\mirc\mirc.exe
FirewallRules: [UDP Query User{8B83C37C-C37B-40E0-B79D-F3477A98E9FC}D:\irc\mirc\mirc.exe] => (Allow) D:\irc\mirc\mirc.exe
FirewallRules: [TCP Query User{A57ADFB7-CF70-4B4C-B459-ED4A51DB64D5}D:\yugioh\yugioh virtual desktop 9.exe] => (Allow) D:\yugioh\yugioh virtual desktop 9.exe
FirewallRules: [UDP Query User{3710DBC6-2487-471F-85DD-E70970E6D595}D:\yugioh\yugioh virtual desktop 9.exe] => (Allow) D:\yugioh\yugioh virtual desktop 9.exe
FirewallRules: [{44A16A7A-1AF6-4C0B-BB6F-88F26119C29A}] => (Allow) C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe
FirewallRules: [{81A05CA6-A9EE-4D47-B75A-122BB7C59E23}] => (Allow) C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe
FirewallRules: [{A342196E-5844-4651-922E-AE0C67DEC553}] => (Allow) D:\starcraft\StarCraft II\StarCraft II.exe
FirewallRules: [{FA40883C-3625-4388-B2EE-28B821ADF691}] => (Allow) D:\starcraft\StarCraft II\StarCraft II.exe
FirewallRules: [{F1A15031-3892-497F-B326-DB48FBCB863E}] => (Allow) D:\Skyrim\Skyrim\Steam.exe
FirewallRules: [{3B686F01-0A99-400D-97CA-B0CBB8FAA0FC}] => (Allow) D:\Skyrim\Skyrim\Steam.exe
FirewallRules: [{98213B05-1F47-4A4C-BDC9-B75260D574F2}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{DCF723BF-C0C3-4244-91E5-AA6B3300D915}] => (Allow) LPort=2869
FirewallRules: [{09B98318-FD6C-4776-AAB3-18A3BE82AD51}] => (Allow) LPort=1900
FirewallRules: [{8332E16B-AF5E-462F-B71A-6C7214B89497}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{8764D3D2-A637-4267-8AFA-1AEDE33D9DD1}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [TCP Query User{90923743-A0BF-4792-8F9E-3CE5537A9F29}D:\dvuniverse\unreal3\binaries\win32\dcgame.exe] => (Block) D:\dvuniverse\unreal3\binaries\win32\dcgame.exe
FirewallRules: [UDP Query User{6D0BCE92-9BA8-4E76-A26D-C44A0728AF14}D:\dvuniverse\unreal3\binaries\win32\dcgame.exe] => (Block) D:\dvuniverse\unreal3\binaries\win32\dcgame.exe
FirewallRules: [{A2BB5DDE-C02D-4B5D-9F02-355EF8B916BB}] => (Allow) D:\pokemon\Pokemon World Online\PWO.exe
FirewallRules: [{E29D0177-0651-4E90-9B0C-7F868BCA3948}] => (Allow) D:\pokemon\Pokemon World Online\PWO.exe
FirewallRules: [{A2F7443C-DBC7-4164-B83C-458F2C228AA9}] => (Allow) D:\pokemon\Pokemon World Online\PWO.exe
FirewallRules: [{CB9498F0-0CC3-45C2-A62D-9A1A3D7F7BC6}] => (Allow) D:\pokemon\Pokemon World Online\PWO.exe
FirewallRules: [TCP Query User{0CCCD86E-1C09-4B45-B5B8-53700C5E8716}C:\windows\system32\taskhost.exe] => (Block) C:\windows\system32\taskhost.exe
FirewallRules: [UDP Query User{1ACE15CB-CE57-4BEB-BC6C-3C670468C574}C:\windows\system32\taskhost.exe] => (Block) C:\windows\system32\taskhost.exe
FirewallRules: [{CCE2DA67-7BCA-418B-BD8D-B2629E636455}] => (Allow) D:\Steam\SteamApps\common\mountblade warband\mb_warband.exe
FirewallRules: [{7F7173F4-6A94-4951-AD9B-3FE4A2AAE107}] => (Allow) D:\Steam\SteamApps\common\mountblade warband\mb_warband.exe
FirewallRules: [TCP Query User{9AE1790C-0EA1-413F-84CF-818A6F640279}D:\byond\bin\byond.exe] => (Allow) D:\byond\bin\byond.exe
FirewallRules: [UDP Query User{2C257080-F531-491B-BCAA-A487D8B91C64}D:\byond\bin\byond.exe] => (Allow) D:\byond\bin\byond.exe
FirewallRules: [{CECBBEE6-E4E1-42F3-AF53-341E51769C74}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{D5005FBB-2D78-49A6-B83E-6462657A95FC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{5C400CA8-5966-4133-B335-591E61075C33}] => (Allow) D:\heartstone\Battle.net\Battle.net.exe
FirewallRules: [{A3AB8D5E-A41D-44D7-A817-361118BAB35B}] => (Allow) D:\heartstone\Battle.net\Battle.net.exe
FirewallRules: [{C63B5771-D94B-4C28-97A9-492B926FED5F}] => (Allow) D:\heartstone\Hearthstone\Hearthstone.exe
FirewallRules: [{829F03F3-A3F2-4B39-AFA5-4ECCE09B9F20}] => (Allow) D:\heartstone\Hearthstone\Hearthstone.exe
FirewallRules: [{C2D6CECC-9E6C-4BB4-A9A0-D4A310DB1687}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe
FirewallRules: [{23073F24-FB1C-4645-9BAE-985D7DF7FE7A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe
FirewallRules: [{0C082841-B633-4C3E-BB92-05F78A0BFEE4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{2C514A5F-6331-475F-B4BC-78A99BF13229}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{D1FBE048-C7F5-444A-9BD7-E2CA63C55D33}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{BB04BA22-DCB4-4885-8714-835792E228A1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{2AD1BC98-0A23-4DB8-9A8B-5A39AD7A2153}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{09F50DA5-45D5-4278-B772-525049654DFF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{1F32B49E-0A6F-4C4B-88BD-B3FC5E749295}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{9B50BABD-83A4-4AF7-9C39-A09C068042F0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{65A28DCC-2ECA-4C61-8836-A275DF9E257B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{D26C2922-1569-4354-90CE-E4BC9C24B398}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{2E543131-5FDF-4793-B712-97A4F9C91688}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{71570369-B310-4A38-BA62-BC89F7577663}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{7CAE524B-D461-46BB-A19B-BB77CBF4AF4A}] => (Allow) C:\Program Files\GameforgeLive\gfl_client.exe
FirewallRules: [TCP Query User{891CD3F4-456D-43FC-9002-0EB4B58D468D}C:\program files\gameforgelive\games\deu_deu\aion\nclauncher.exe] => (Allow) C:\program files\gameforgelive\games\deu_deu\aion\nclauncher.exe
FirewallRules: [UDP Query User{AB8DD565-734D-4013-98DC-FD91DF4152FA}C:\program files\gameforgelive\games\deu_deu\aion\nclauncher.exe] => (Allow) C:\program files\gameforgelive\games\deu_deu\aion\nclauncher.exe
FirewallRules: [TCP Query User{F90A706F-1F58-4C8F-8CBB-F0167346E9F6}D:\deu_deu\aion\nclauncher.exe] => (Allow) D:\deu_deu\aion\nclauncher.exe
FirewallRules: [UDP Query User{AABD4549-76D0-41B5-A20C-3ACA26EE1C2D}D:\deu_deu\aion\nclauncher.exe] => (Allow) D:\deu_deu\aion\nclauncher.exe
FirewallRules: [{3C4BD632-6E07-43AE-B2C3-6EE5DEB9502A}] => (Allow) D:\Wow\World of Warcraft - Retail\Launcher.exe
FirewallRules: [{34C7289E-2FE9-40A2-9BC2-8B172417B156}] => (Allow) D:\Wow\World of Warcraft - Retail\Launcher.exe
FirewallRules: [{2E2D947A-BAAE-4A69-BD1D-0E56833524F0}] => (Allow) D:\Wow\World of Warcraft - Retail\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe
FirewallRules: [{C4B8220E-AAC4-43BC-9BD0-235985026B3C}] => (Allow) D:\Wow\World of Warcraft - Retail\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe
FirewallRules: [{CDDC61AE-B5FE-4555-B9AA-F2269926BC46}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{2E807844-0FB7-434C-B31B-C9D100A10EE6}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{20C9C315-A550-463D-BF10-7EB6C903AF81}] => (Allow) D:\Steam\SteamApps\common\left 4 dead\left4dead.exe
FirewallRules: [{1C0D2EAD-75E7-40EA-B5D6-F645965E07A2}] => (Allow) D:\Steam\SteamApps\common\left 4 dead\left4dead.exe
FirewallRules: [{C23C3CEA-C6D1-440C-A9F3-B8DE38536054}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{968D0247-DB68-4115-9F11-F0F89D38E871}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{7F32328F-BEF5-4922-AA1D-2358C3E9219B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{FB4B93F9-743A-4C62-89CC-CD644CFBD37D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{204CD363-5AAC-4139-B25C-75429A888046}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{0925E5C3-D54D-425D-8CEC-70D3A18AC057}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{153B8081-7491-45B0-9130-82A38D13DE9B}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{F2B76713-7494-43CC-88DE-7CE341F52CF2}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe
FirewallRules: [TCP Query User{F75CA4AF-DC31-4BE2-9085-CC4836862653}D:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) D:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [UDP Query User{93A1CD92-84F5-4A44-B27F-743CDFF088AE}D:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) D:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [TCP Query User{1755E384-16EB-4E0B-8183-5678DC79562F}D:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) D:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [UDP Query User{7444361E-1183-46AC-B7B2-BCF7A2094733}D:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) D:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [{50784F98-6B25-4CBD-9066-F94D1B7F81EA}] => (Block) D:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [{AA3A8459-C02C-4252-858E-26B603A79B92}] => (Block) D:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [{691A0DFD-16F0-48DB-82F8-AD48ED092BAA}] => (Block) D:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [{A595D1EA-177C-46C5-BFB7-59FFCA082296}] => (Block) D:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [{28C07B4A-49DF-41E6-9C55-205EA4F07581}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{39516D12-2681-40AF-BC43-C77DFB6B9772}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{06B4EA14-B777-448B-98E6-78C8D28744BA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{C14E4D43-C215-4931-9890-D977B33C2CA8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{4F377563-324B-44B5-9FB3-CCAA6AF9621C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{CB2CE00F-E3B7-4B0A-A650-9928DF453056}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{EC055550-3ACC-4C67-8699-124B189DAE5E}] => (Allow) D:\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{A2A676E8-6B09-4DFB-85AC-C88FBDBCF919}] => (Allow) D:\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{14C54D6D-CFBC-4C97-912A-17F60A499D50}] => (Allow) D:\Steam\SteamApps\common\Worms Reloaded\WormsReloaded.exe
FirewallRules: [{757F1B91-45F7-4807-8DE5-C1F2A20C5378}] => (Allow) D:\Steam\SteamApps\common\Worms Reloaded\WormsReloaded.exe
FirewallRules: [TCP Query User{9C03EB4D-D966-4FCE-80A4-27704D752F4B}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{58ADF6F0-905E-4963-B1D5-C469DF4AE81A}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{5973461E-3351-44DE-ABE2-E2EBC4C320AB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{9EC3B809-6551-4350-940E-B5588F8D8423}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{FCAABD1F-ADBA-4AC9-A5F6-AF6F32F9E8FD}] => (Allow) C:\Program Files\AVG\AVG2015\avgnsx.exe
FirewallRules: [{2C6BF7EB-E981-4D6B-83B8-1435A39E8E54}] => (Allow) C:\Program Files\AVG\AVG2015\avgnsx.exe
FirewallRules: [{A25FFB53-5D49-41E2-9664-A38266101E3A}] => (Allow) C:\Program Files\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{D641A948-801D-42FB-A4EC-27CC9CB91B42}] => (Allow) C:\Program Files\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{F85074AD-0D33-4CB6-9A69-580DB552925E}] => (Allow) C:\Program Files\AVG\AVG2015\avgemcx.exe
FirewallRules: [{A52485D3-BCEE-4007-99A0-3658E3995090}] => (Allow) C:\Program Files\AVG\AVG2015\avgemcx.exe
FirewallRules: [{35A7D2C7-3CDD-41E2-BE0C-538880500B3D}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{256023CC-D397-4D43-AA6D-4B60EC24DEFE}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{994A9577-D6C5-440F-821E-138F7A4C497D}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{588AFBF2-6836-4441-98ED-F239581525C9}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe

==================== Faulty Device Manager Devices =============

Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/06/2015 08:14:03 AM) (Source: MsiInstaller) (EventID: 11714) (User: NT-AUTORITÄT)
Description: Product: LogMeIn Hamachi -- Error 1714. The older version of LogMeIn Hamachi cannot be removed.  Contact your technical support group.  System Error 1612.

Error: (05/05/2015 11:04:59 PM) (Source: MsiInstaller) (EventID: 11714) (User: NT-AUTORITÄT)
Description: Product: LogMeIn Hamachi -- Error 1714. The older version of LogMeIn Hamachi cannot be removed.  Contact your technical support group.  System Error 1612.

Error: (05/05/2015 07:46:00 PM) (Source: MsiInstaller) (EventID: 11714) (User: NT-AUTORITÄT)
Description: Product: LogMeIn Hamachi -- Error 1714. The older version of LogMeIn Hamachi cannot be removed.  Contact your technical support group.  System Error 1612.

Error: (05/05/2015 06:58:31 PM) (Source: Wininit) (EventID: 1015) (User: )
Description: Ein kritischer Systemprozess C:\windows\system32\lsass.exe ist fehlgeschlagen mit den Statuscode 1. Der Computer muss neu gestartet werden.

Error: (05/05/2015 06:38:18 PM) (Source: Wininit) (EventID: 1015) (User: )
Description: Ein kritischer Systemprozess C:\windows\system32\lsm.exe ist fehlgeschlagen mit den Statuscode 1. Der Computer muss neu gestartet werden.

Error: (05/05/2015 05:36:00 PM) (Source: MsiInstaller) (EventID: 11714) (User: NT-AUTORITÄT)
Description: Product: LogMeIn Hamachi -- Error 1714. The older version of LogMeIn Hamachi cannot be removed.  Contact your technical support group.  System Error 1612.

Error: (05/04/2015 05:37:11 PM) (Source: MsiInstaller) (EventID: 11714) (User: NT-AUTORITÄT)
Description: Product: LogMeIn Hamachi -- Error 1714. The older version of LogMeIn Hamachi cannot be removed.  Contact your technical support group.  System Error 1612.

Error: (05/03/2015 09:47:04 PM) (Source: MsiInstaller) (EventID: 11714) (User: NT-AUTORITÄT)
Description: Product: LogMeIn Hamachi -- Error 1714. The older version of LogMeIn Hamachi cannot be removed.  Contact your technical support group.  System Error 1612.

Error: (05/02/2015 11:35:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: hamachi-2.exe, Version: 2.1.0.210, Zeitstempel: 0x4feae035
Name des fehlerhaften Moduls: hamachi-2.exe, Version: 2.1.0.210, Zeitstempel: 0x4feae035
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000b46d6
ID des fehlerhaften Prozesses: 0x8cc
Startzeit der fehlerhaften Anwendung: 0xhamachi-2.exe0
Pfad der fehlerhaften Anwendung: hamachi-2.exe1
Pfad des fehlerhaften Moduls: hamachi-2.exe2
Berichtskennung: hamachi-2.exe3

Error: (05/02/2015 11:03:42 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


System errors:
=============
Error: (05/06/2015 08:12:58 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "TeamViewer 9" wurde nicht richtig gestartet.

Error: (05/06/2015 08:08:44 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎05.‎05.‎2015 um 23:08:18 unerwartet heruntergefahren.

Error: (05/05/2015 11:03:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Live ID Sign-in Assistant" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (05/05/2015 11:03:04 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Live ID Sign-in Assistant erreicht.

Error: (05/05/2015 07:01:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Überwachung verteilter Verknüpfungen (Client)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1115

Error: (05/05/2015 07:01:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "TeamViewer 9" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%109

Error: (05/05/2015 07:01:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Telefonie" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (05/05/2015 07:01:40 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "TapiSrv" konnte sich nicht als "NT AUTHORITY\NetworkService" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%50

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (05/05/2015 07:01:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows-Bilderfassung (WIA)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (05/05/2015 07:01:40 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "StiSvc" konnte sich nicht als "NT Authority\LocalService" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%50

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz
Percentage of memory in use: 51%
Total physical RAM: 3060.55 MB
Available physical RAM: 1477.53 MB
Total Pagefile: 6119.39 MB
Available Pagefile: 3973.73 MB
Total Virtual: 2047.88 MB
Available Virtual: 1891.06 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:141.49 GB) (Free:8.47 GB) NTFS
Drive d: () (Fixed) (Total:141.5 GB) (Free:18.31 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: B0FD1CB0)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=141.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=141.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Alt 06.05.2015, 09:06   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Zu viele Prozesse - Standard

Zu viele Prozesse



Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    Babylon toolbar on IE

    BabylonObjectInstaller

    Gameo

    Guard.ICQ

    YTD Video Downloader 4.5.1


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 





Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 06.05.2015, 13:13   #6
Inuyasha2008
 
Zu viele Prozesse - Standard

Zu viele Prozesse



Log Mbar

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.05.06.01
  rootkit: v2015.04.21.01

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.17728
Samsung :: SAMSUNG-PC [administrator]

06.05.2015 10:30:37
mbar-log-2015-05-06 (10-30-37).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Kernel memory modifications detected. Deep Anti-Rootkit Scan engaged.
Objects scanned: 379162
Time elapsed: 47 minute(s), 2 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 2
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\npggsvc (Trojan.Agent.FSA76) -> Delete on reboot. [b4b538589dedb284671351fd58a95da3]
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SVKP (Trojan.Agent) -> Delete on reboot. [82e79cf4dfab3ff732218f4f828254ac]

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 4
c:\windows\$ntuninstallkb58012$\4082691643\l (Backdoor.0Access) -> Delete on reboot. [1a4f4b45ccbe37ff8a6b8a7626da2ad6]
c:\windows\$ntuninstallkb58012$\4082691643\u (Backdoor.0Access) -> Delete on reboot. [aabf127e97f3a294b64047b9e31d43bd]
c:\windows\$ntuninstallkb58012$\2040268888 (Backdoor.0Access) -> Delete on reboot. [4821117f7c0e5dd936c16b9516ea50b0]
c:\windows\$ntuninstallkb58012$\4082691643 (Backdoor.0Access) -> Delete on reboot. [8cdd256b4c3e83b3e611ce3202fe669a]

Files Detected: 14
C:\Windows\System32\GameMon.des (Trojan.Agent.FSA76) -> Delete on reboot. [b4b538589dedb284671351fd58a95da3]
c:\windows\$ntuninstallkb58012$\4082691643\l\xadqgnnk (Backdoor.0Access) -> Delete on reboot. [75f4ade31179ec4a1ad5be42ca36fa06]
c:\windows\$ntuninstallkb58012$\4082691643\u\@00000001 (Backdoor.0Access) -> Delete on reboot. [ce9b8e02e5a5f145727bb64a41bf6e92]
c:\windows\$ntuninstallkb58012$\4082691643\u\@000000c0 (Backdoor.0Access) -> Delete on reboot. [4029d7b9b2d849ed05e80ef2ac54ea16]
c:\windows\$ntuninstallkb58012$\4082691643\u\@000000cb (Backdoor.0Access) -> Delete on reboot. [f772f69a71193bfb1ad38c74867a9868]
c:\windows\$ntuninstallkb58012$\4082691643\u\@000000cf (Backdoor.0Access) -> Delete on reboot. [85e42d63e3a79b9b638a25dbef1116ea]
c:\windows\$ntuninstallkb58012$\4082691643\u\@80000000 (Backdoor.0Access) -> Delete on reboot. [e881424e65250d296984cb358a76649c]
c:\windows\$ntuninstallkb58012$\4082691643\u\@800000c0 (Backdoor.0Access) -> Delete on reboot. [c5a4622eccbed462866740c0cf31e719]
c:\windows\$ntuninstallkb58012$\4082691643\u\@800000cb (Backdoor.0Access) -> Delete on reboot. [5b0ef59bd4b6fc3a816cce3260a01fe1]
c:\windows\$ntuninstallkb58012$\4082691643\u\@800000cf (Backdoor.0Access) -> Delete on reboot. [73f68d0326647bbbbc313dc3a759c739]
C:\ProgramData\dsgsdgdsgdsgw.pad (Exploit.Drop.GSA) -> Delete on reboot. [a7c2523e3258a1950bd8102b4fb546ba]
C:\Windows\System32\SVKP.sys (Trojan.Agent) -> Delete on reboot. [82e79cf4dfab3ff732218f4f828254ac]
c:\windows\$ntuninstallkb58012$\4082691643\@ (Backdoor.0Access) -> Delete on reboot. [8cdd256b4c3e83b3e611ce3202fe669a]
c:\windows\$ntuninstallkb58012$\4082691643\loader.tlb (Backdoor.0Access) -> Delete on reboot. [8cdd256b4c3e83b3e611ce3202fe669a]

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
Log TDSSKiller


Code:
ATTFilter
14:01:57.0322 0x0310  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
14:02:32.0624 0x0310  ============================================================
14:02:32.0624 0x0310  Current date / time: 2015/05/06 14:02:32.0624
14:02:32.0624 0x0310  SystemInfo:
14:02:32.0624 0x0310  
14:02:32.0624 0x0310  OS Version: 6.1.7601 ServicePack: 1.0
14:02:32.0624 0x0310  Product type: Workstation
14:02:32.0625 0x0310  ComputerName: SAMSUNG-PC
14:02:32.0625 0x0310  UserName: Samsung
14:02:32.0625 0x0310  Windows directory: C:\windows
14:02:32.0625 0x0310  System windows directory: C:\windows
14:02:32.0625 0x0310  Processor architecture: Intel x86
14:02:32.0625 0x0310  Number of processors: 4
14:02:32.0625 0x0310  Page size: 0x1000
14:02:32.0625 0x0310  Boot type: Normal boot
14:02:32.0625 0x0310  ============================================================
14:02:42.0870 0x0310  KLMD registered as C:\windows\system32\drivers\53241886.sys
14:02:45.0537 0x0310  System UUID: {5EB7D5DB-5B9C-9A43-66A4-67E9DC50BE1A}
14:02:49.0050 0x0310  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:02:49.0053 0x0310  ============================================================
14:02:49.0053 0x0310  \Device\Harddisk0\DR0:
14:02:49.0053 0x0310  MBR partitions:
14:02:49.0053 0x0310  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000
14:02:49.0053 0x0310  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x11AFD000
14:02:49.0053 0x0310  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1392F800, BlocksNum 0x11AFE800
14:02:49.0053 0x0310  ============================================================
14:02:49.0091 0x0310  C: <-> \Device\Harddisk0\DR0\Partition2
14:02:49.0159 0x0310  D: <-> \Device\Harddisk0\DR0\Partition3
14:02:49.0318 0x0310  ============================================================
14:02:49.0319 0x0310  Initialize success
14:02:49.0319 0x0310  ============================================================
14:03:24.0417 0x0638  ============================================================
14:03:24.0417 0x0638  Scan started
14:03:24.0417 0x0638  Mode: Manual; SigCheck; TDLFS; 
14:03:24.0417 0x0638  ============================================================
14:03:24.0417 0x0638  KSN ping started
14:03:52.0428 0x0638  KSN ping finished: true
14:03:57.0916 0x0638  ================ Scan system memory ========================
14:03:57.0916 0x0638  System memory - ok
14:03:57.0920 0x0638  ================ Scan services =============================
14:03:58.0133 0x0638  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys
14:03:58.0552 0x0638  1394ohci - ok
14:03:58.0768 0x0638  [ BBC496CC995FE6AA0524FBFC3C39A878, 7AB01DF636CFE4E8EE156399EC044E64B0875F2A54045A64BC8389B5D383A430 ] ABBYY.Licensing.PDFTransformer.Classic.3.0 C:\Program Files\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe
14:03:58.0905 0x0638  ABBYY.Licensing.PDFTransformer.Classic.3.0 - ok
14:03:59.0019 0x0638  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\windows\system32\drivers\ACPI.sys
14:03:59.0045 0x0638  ACPI - ok
14:03:59.0093 0x0638  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys
14:03:59.0233 0x0638  AcpiPmi - ok
14:03:59.0295 0x0638  [ 27A563BEEFCE364823EAAA789A3F7EAE, 371EF141AEBDD00F9CCAD62B742B59A4D0C97EA449E9C14E3BE66EC7FFFF9D2C ] acsock          C:\windows\system32\DRIVERS\acsock.sys
14:03:59.0339 0x0638  acsock - ok
14:03:59.0519 0x0638  [ 0465625CC5804192E412D5C122A79732, 1AFFD1B70AA3A6A3673A583AACC407BE9FA895F05A47FE37C5D17AEE50C42711 ] Active@ Disk Monitor C:\Program Files\LSoft Technologies Inc\Active@ Hard Disk Monitor\DiskMonitorService.exe
14:03:59.0569 0x0638  Active@ Disk Monitor - ok
14:03:59.0781 0x0638  [ 14C23516C990DCD6052152CF034DDE40, 1EC8AAD6AA6D68A17A9D04AECDB716BD0DD4BFF93641BD96D01855AF1232A5FB ] Adobe Version Cue CS3 C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
14:03:59.0815 0x0638  Adobe Version Cue CS3 - ok
14:03:59.0898 0x0638  [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
14:03:59.0928 0x0638  AdobeARMservice - ok
14:04:00.0057 0x0638  [ B04A4810C6CC205F9DC72DC22E4AB236, 547321F5C28C80D4818372D65E2A33D4BAC593015DD6613B24586FE4B4A95D5D ] AdobeFlashPlayerUpdateSvc C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
14:04:00.0089 0x0638  AdobeFlashPlayerUpdateSvc - ok
14:04:00.0127 0x0638  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\windows\system32\DRIVERS\adp94xx.sys
14:04:00.0162 0x0638  adp94xx - ok
14:04:00.0193 0x0638  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\windows\system32\DRIVERS\adpahci.sys
14:04:00.0220 0x0638  adpahci - ok
14:04:00.0244 0x0638  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\windows\system32\DRIVERS\adpu320.sys
14:04:00.0271 0x0638  adpu320 - ok
14:04:00.0308 0x0638  [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
14:04:00.0480 0x0638  AeLookupSvc - ok
14:04:00.0621 0x0638  [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD             C:\windows\system32\drivers\afd.sys
14:04:00.0723 0x0638  AFD - ok
14:04:00.0797 0x0638  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\windows\system32\drivers\agp440.sys
14:04:00.0830 0x0638  agp440 - ok
14:04:00.0855 0x0638  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\windows\system32\DRIVERS\djsvs.sys
14:04:00.0872 0x0638  aic78xx - ok
14:04:00.0902 0x0638  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\windows\System32\alg.exe
14:04:00.0951 0x0638  ALG - ok
14:04:00.0990 0x0638  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\windows\system32\drivers\aliide.sys
14:04:01.0006 0x0638  aliide - ok
14:04:01.0023 0x0638  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\windows\system32\drivers\amdagp.sys
14:04:01.0040 0x0638  amdagp - ok
14:04:01.0055 0x0638  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\windows\system32\drivers\amdide.sys
14:04:01.0071 0x0638  amdide - ok
14:04:01.0090 0x0638  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\windows\system32\DRIVERS\amdk8.sys
14:04:01.0178 0x0638  AmdK8 - ok
14:04:01.0194 0x0638  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\windows\system32\DRIVERS\amdppm.sys
14:04:01.0248 0x0638  AmdPPM - ok
14:04:01.0308 0x0638  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\windows\system32\drivers\amdsata.sys
14:04:01.0344 0x0638  amdsata - ok
14:04:01.0372 0x0638  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\windows\system32\DRIVERS\amdsbs.sys
14:04:01.0397 0x0638  amdsbs - ok
14:04:01.0411 0x0638  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\windows\system32\drivers\amdxata.sys
14:04:01.0426 0x0638  amdxata - ok
14:04:01.0480 0x0638  [ 81F97D8F8B3FB94A451CC6F7CF8B2965, 8DEBA4E47E1016D69740C0BB7CDD23852D86E0D42C1C1EA5A847ECB115C38CB1 ] AppID           C:\windows\system32\drivers\appid.sys
14:04:01.0590 0x0638  AppID - ok
14:04:01.0623 0x0638  [ F5090F8FA6757C58E17BAEAA86093636, 5E14CF3032DF5801240F45C59AA93962EA41AA5648A0C6458D16D9B9D95A131F ] AppIDSvc        C:\windows\System32\appidsvc.dll
14:04:01.0674 0x0638  AppIDSvc - ok
14:04:01.0750 0x0638  [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo         C:\windows\System32\appinfo.dll
14:04:01.0930 0x0638  Appinfo - ok
14:04:01.0958 0x0638  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\windows\system32\DRIVERS\arc.sys
14:04:01.0975 0x0638  arc - ok
14:04:01.0989 0x0638  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\windows\system32\DRIVERS\arcsas.sys
14:04:02.0006 0x0638  arcsas - ok
14:04:02.0069 0x0638  [ 16CDE6977CC88433BF3767C4D42B22D3, 4C9F386C244EEA98FA240817339D8E5BF1365A25B784442DB735268E6AEBEE1B ] asdrm           C:\windows\system32\DRIVERS\asdrm.sys
14:04:02.0096 0x0638  asdrm - ok
14:04:02.0113 0x0638  [ 3E62E3122E534254DD314FA8A7B6BF48, D9C496F05A173D4F5E9175A33BAF34581D1A99315BFB23D43D0EBCE112D0FC99 ] asdrs           C:\windows\system32\DRIVERS\asdrs.sys
14:04:02.0130 0x0638  asdrs - ok
14:04:02.0231 0x0638  [ 3F9CA1ACFCB7CFF153B4B3DDB7E29373, CD1B61C1714BD2EBB00B92BB926DB1892875C2ACB8330BC756C1A80B4F7A1330 ] asdsrv          C:\Program Files\Anvisoft\Anvi Smart Defender\ASDSrv.exe
14:04:02.0270 0x0638  asdsrv - ok
14:04:02.0282 0x0638  [ 9AFCF85708576F3EF6FB868B6C604C01, 93B7A91CDAF502A5994DE9486A614A592F12B683BDF9F6F84D6083FF3F414BC7 ] asdws           C:\windows\system32\DRIVERS\asdws.sys
14:04:02.0311 0x0638  asdws - ok
14:04:02.0588 0x0638  [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state    C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
14:04:02.0689 0x0638  aspnet_state - ok
14:04:02.0785 0x0638  [ 3BFBB5DAE801CB893B8B46345FED6437, 2C2B71C1294585265D4871E74F17541500CA20DE34AC516F2A906DD81964C833 ] aswHwid         C:\windows\system32\drivers\aswHwid.sys
14:04:02.0817 0x0638  aswHwid - ok
14:04:02.0877 0x0638  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
14:04:02.0974 0x0638  AsyncMac - ok
14:04:03.0021 0x0638  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\windows\system32\drivers\atapi.sys
14:04:03.0050 0x0638  atapi - ok
14:04:03.0275 0x0638  [ DE0FBCCCD6AF0F0E7BF12E8D041CC48F, FF6A43CA5E0001FA99D18A62FB3B15A53FCB616B98CA10349E43BC0BA13F534D ] athr            C:\windows\system32\DRIVERS\athr.sys
14:04:03.0401 0x0638  athr - ok
14:04:03.0477 0x0638  [ F0D933B42CD0594048E4D5200AE9E417, FF53E843A99948568515964C3C97107FA875BBC3F2906BADEE0B29ACE5532F0D ] atksgt          C:\windows\system32\DRIVERS\atksgt.sys
14:04:03.0539 0x0638  atksgt - ok
14:04:03.0596 0x0638  [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
14:04:03.0680 0x0638  AudioEndpointBuilder - ok
14:04:03.0701 0x0638  [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv        C:\windows\System32\Audiosrv.dll
14:04:03.0737 0x0638  Audiosrv - ok
14:04:03.0817 0x0638  [ CB2C2B24BD7E64CFB2B24D401FF5BBC0, F48ABD9F5BF91BF5F25E6D5EE02647F7DD8E1C1A11FEEE2C1C1B3BD34E3D0F85 ] Avgdiskx        C:\windows\system32\DRIVERS\avgdiskx.sys
14:04:03.0848 0x0638  Avgdiskx - ok
14:04:04.0075 0x0638  [ E2FDE8691C03525F095C8D01F005FA97, B234D8642F528550FB246127CBA24A2A115F8EAF8ED1BC8FD37562AFEBEF4978 ] AVGIDSAgent     C:\Program Files\AVG\AVG2015\avgidsagent.exe
14:04:04.0195 0x0638  AVGIDSAgent - ok
14:04:04.0239 0x0638  [ DF448F0C0ABEF60F553FEC5B53A9F540, 4B8ED5BDF7C599530C6E64558D92AFE6DBC5ED960AC3E1483D62C99858F9471D ] AVGIDSDriver    C:\windows\system32\DRIVERS\avgidsdriverx.sys
14:04:04.0262 0x0638  AVGIDSDriver - ok
14:04:04.0303 0x0638  [ D1663A0114691080C624D857A8343D5B, 8E7029A8FE7A62F4BED7687C54699D0709876D05D93CAA499B4BC69BF8C59091 ] AVGIDSHX        C:\windows\system32\DRIVERS\avgidshx.sys
14:04:04.0322 0x0638  AVGIDSHX - ok
14:04:04.0397 0x0638  [ 2429F7F025F63532B6B264D97E4ECA49, EDE2C88B3B4B2A3AC59A3AB0B2FEC1D2CC75AA8AFFF0F5011D07AB4F053390D9 ] AVGIDSShim      C:\windows\system32\DRIVERS\avgidsshimx.sys
14:04:04.0421 0x0638  AVGIDSShim - ok
14:04:04.0487 0x0638  [ 9AFD535116E986D49877B811F3665E8E, 6843415ED638BB26A17BE9AB7A49D36070A588088256D4D0D1B4789FBDA6730B ] Avgldx86        C:\windows\system32\DRIVERS\avgldx86.sys
14:04:04.0510 0x0638  Avgldx86 - ok
14:04:04.0572 0x0638  [ B97A84EE582A0241E6E08AD07DFE2F74, C3362B9261B4DA099AFC544A2C7F2B3659AE0BDA5DC9DCBD5E383464F9F56A4D ] Avglogx         C:\windows\system32\DRIVERS\avglogx.sys
14:04:04.0599 0x0638  Avglogx - ok
14:04:04.0664 0x0638  [ 99D968295470D3DE76CADD876F4090F0, FAA00C5AE99FA3B3CB6A1F815DC80579101E627206694304FB6BA3F9F4E60E76 ] Avgmfx86        C:\windows\system32\DRIVERS\avgmfx86.sys
14:04:04.0701 0x0638  Avgmfx86 - ok
14:04:04.0752 0x0638  [ F016B95273E0B1961F204F7FD2FFD811, 9F89323177B68DEDE6B1F09790E6A978376B4FCBDC029283B297A3C4D9B242FF ] Avgrkx86        C:\windows\system32\DRIVERS\avgrkx86.sys
14:04:04.0769 0x0638  Avgrkx86 - ok
14:04:04.0866 0x0638  [ B2E8473C080FEFB41E984CB6034112F0, 34DEC37A6A61BD7C643AC9CABA9105B15DE201117FEBB238C3DD713A0833A3CF ] Avgtdix         C:\windows\system32\DRIVERS\avgtdix.sys
14:04:04.0890 0x0638  Avgtdix - ok
14:04:04.0952 0x0638  [ DCF350D917112A03D3CDC33C8ADEA87A, 78E7B8E6575EEB07C993EA71D699443C428B3258A748236264F75571FE23D796 ] avgwd           C:\Program Files\AVG\AVG2015\avgwdsvc.exe
14:04:04.0978 0x0638  avgwd - ok
14:04:05.0099 0x0638  [ 06C3528E0686A58701367749B0145A4A, 9C31CEB1F6C8E327B962F5465DBF8147437F2614DEE78D4D31FA8E04555B2AC2 ] AVM WLAN Connection Service C:\Program Files\avmwlanstick\WlanNetService.exe
14:04:05.0163 0x0638  AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic ( 1 )
14:04:11.0081 0x0638  Detect skipped due to KSN trusted
14:04:11.0081 0x0638  AVM WLAN Connection Service - ok
14:04:11.0190 0x0638  [ 263CF9D248FD5E020A1333ED4F7EAA88, 04F944C2B284172A7917389A83C525FA9A3ACB026F370EB886B48759FE81A5E1 ] avmeject        C:\windows\system32\drivers\avmeject.sys
14:04:11.0247 0x0638  avmeject - detected UnsignedFile.Multi.Generic ( 1 )
14:04:17.0094 0x0638  Detect skipped due to KSN trusted
14:04:17.0094 0x0638  avmeject - ok
14:04:17.0207 0x0638  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\windows\System32\AxInstSV.dll
14:04:17.0355 0x0638  AxInstSV - ok
14:04:17.0435 0x0638  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\windows\system32\DRIVERS\bxvbdx.sys
14:04:17.0605 0x0638  b06bdrv - ok
14:04:17.0630 0x0638  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\windows\system32\DRIVERS\b57nd60x.sys
14:04:17.0723 0x0638  b57nd60x - ok
14:04:17.0873 0x0638  [ 5508197A31A19BBD14BA3338F03A4720, 179BF97E0B6EAF4FB47595CB376B447D251CE2112948B12B4993B2FCEF58FC20 ] BCM42RLY        C:\windows\system32\drivers\BCM42RLY.sys
14:04:17.0916 0x0638  BCM42RLY - ok
14:04:18.0088 0x0638  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\windows\System32\bdesvc.dll
14:04:18.0323 0x0638  BDESVC - ok
14:04:18.0510 0x0638  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\windows\system32\drivers\Beep.sys
14:04:18.0601 0x0638  Beep - ok
14:04:18.0681 0x0638  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\windows\System32\bfe.dll
14:04:18.0837 0x0638  BFE - ok
14:04:18.0992 0x0638  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\windows\System32\qmgr.dll
14:04:19.0301 0x0638  BITS - ok
14:04:19.0365 0x0638  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\windows\system32\DRIVERS\blbdrive.sys
14:04:19.0399 0x0638  blbdrive - ok
14:04:19.0482 0x0638  [ 73686FE0B2E0469F89FD2075BE724704, 4BC5BBA7ACB5BDA77251B82B9CF16C6A9EBBCC29760860A0F37ABDDF9288143F ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:04:19.0518 0x0638  Bonjour Service - detected UnsignedFile.Multi.Generic ( 1 )
14:04:25.0351 0x0638  Detect skipped due to KSN trusted
14:04:25.0351 0x0638  Bonjour Service - ok
14:04:25.0444 0x0638  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
14:04:25.0537 0x0638  bowser - ok
14:04:25.0556 0x0638  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\windows\system32\DRIVERS\BrFiltLo.sys
14:04:25.0627 0x0638  BrFiltLo - ok
14:04:25.0667 0x0638  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\windows\system32\DRIVERS\BrFiltUp.sys
14:04:25.0718 0x0638  BrFiltUp - ok
14:04:25.0766 0x0638  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\windows\System32\browser.dll
14:04:25.0916 0x0638  Browser - ok
14:04:25.0961 0x0638  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\windows\System32\Drivers\Brserid.sys
14:04:26.0060 0x0638  Brserid - ok
14:04:26.0081 0x0638  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys
14:04:26.0113 0x0638  BrSerWdm - ok
14:04:26.0124 0x0638  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys
14:04:26.0160 0x0638  BrUsbMdm - ok
14:04:26.0171 0x0638  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys
14:04:26.0205 0x0638  BrUsbSer - ok
14:04:26.0268 0x0638  [ 2865A5C8E98C70C605F417908CEBB3A4, B1C5AC228BD7072AF8668C009C6CDC13EE9FCB9481F57524300F37C40BF1E935 ] BthEnum         C:\windows\system32\drivers\BthEnum.sys
14:04:26.0415 0x0638  BthEnum - ok
14:04:26.0426 0x0638  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\windows\system32\DRIVERS\bthmodem.sys
14:04:26.0447 0x0638  BTHMODEM - ok
14:04:26.0495 0x0638  [ AD1872E5829E8A2C3B5B4B641C3EAB0E, 8C2DBCAC08DDB41E2B44E257C55FA2D0272959B308EFF9EAF5FF9AE1E4A0AA39 ] BthPan          C:\windows\system32\DRIVERS\bthpan.sys
14:04:26.0517 0x0638  BthPan - ok
14:04:26.0571 0x0638  [ 1153DE2E4F5941E10C399CB5592F78A1, 2B88AF246D62F72FA9F5B921B0375AE59A0F263672472D5EC9FDB5CA5EF51C31 ] BTHPORT         C:\windows\System32\Drivers\BTHport.sys
14:04:26.0621 0x0638  BTHPORT - ok
14:04:26.0647 0x0638  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\windows\system32\bthserv.dll
14:04:26.0693 0x0638  bthserv - ok
14:04:26.0741 0x0638  [ C81E9413A25A439F436B1D4B6A0CF9E9, A4C290163207AED22C70C7F90B28F6FC24892889643D60D915059405AC5A4A72 ] BTHUSB          C:\windows\System32\Drivers\BTHUSB.sys
14:04:26.0760 0x0638  BTHUSB - ok
14:04:26.0825 0x0638  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
14:04:26.0879 0x0638  cdfs - ok
14:04:26.0940 0x0638  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\windows\system32\DRIVERS\cdrom.sys
14:04:26.0963 0x0638  cdrom - ok
14:04:27.0010 0x0638  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\windows\System32\certprop.dll
14:04:27.0048 0x0638  CertPropSvc - ok
14:04:27.0061 0x0638  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\windows\system32\DRIVERS\circlass.sys
14:04:27.0091 0x0638  circlass - ok
14:04:27.0166 0x0638  [ 33A60554882FDF59CDA3E1806370BBA1, 3DE5451E1CB84AAEBD03F54BEFC670C401447B4881A8B022748B6ECF0F500F01 ] CLFS            C:\windows\system32\CLFS.sys
14:04:27.0197 0x0638  CLFS - ok
14:04:27.0271 0x0638  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:04:27.0288 0x0638  clr_optimization_v2.0.50727_32 - ok
14:04:27.0353 0x0638  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:04:27.0406 0x0638  clr_optimization_v4.0.30319_32 - ok
14:04:27.0452 0x0638  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\windows\system32\DRIVERS\CmBatt.sys
14:04:27.0513 0x0638  CmBatt - ok
14:04:27.0559 0x0638  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\windows\system32\drivers\cmdide.sys
14:04:27.0578 0x0638  cmdide - ok
14:04:27.0656 0x0638  [ 3051724F223EA48968B19567DE2A81F4, DCC27DE1B2B35866FC6DBDE95A368E7D0D346B6C3F31D0BACA63DD39B0A8874E ] CNG             C:\windows\system32\Drivers\cng.sys
14:04:27.0695 0x0638  CNG - ok
14:04:27.0737 0x0638  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\windows\system32\DRIVERS\compbatt.sys
14:04:27.0752 0x0638  Compbatt - ok
14:04:27.0795 0x0638  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\windows\system32\drivers\CompositeBus.sys
14:04:27.0815 0x0638  CompositeBus - ok
14:04:27.0822 0x0638  COMSysApp - ok
14:04:27.0841 0x0638  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\windows\system32\DRIVERS\crcdisk.sys
14:04:27.0856 0x0638  crcdisk - ok
14:04:27.0949 0x0638  [ 49474B3E37969AF4B5C076F42B623AFF, BDA6B57E9B60EF1B67C74099263D33A367AAA035667239F76AB8B268FD3E8F23 ] CryptSvc        C:\windows\system32\cryptsvc.dll
14:04:27.0988 0x0638  CryptSvc - ok
14:04:28.0051 0x0638  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\windows\system32\rpcss.dll
14:04:28.0124 0x0638  DcomLaunch - ok
14:04:28.0159 0x0638  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\windows\System32\defragsvc.dll
14:04:28.0216 0x0638  defragsvc - ok
14:04:28.0282 0x0638  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\windows\system32\Drivers\dfsc.sys
14:04:28.0344 0x0638  DfsC - ok
14:04:28.0393 0x0638  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\windows\system32\dhcpcore.dll
14:04:28.0496 0x0638  Dhcp - ok
14:04:28.0567 0x0638  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\windows\system32\drivers\discache.sys
14:04:28.0622 0x0638  discache - ok
14:04:28.0675 0x0638  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\windows\system32\DRIVERS\disk.sys
14:04:28.0698 0x0638  Disk - ok
14:04:28.0745 0x0638  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\windows\System32\dnsrslvr.dll
14:04:28.0833 0x0638  Dnscache - ok
14:04:28.0886 0x0638  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\windows\System32\dot3svc.dll
14:04:28.0935 0x0638  dot3svc - ok
14:04:28.0974 0x0638  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\windows\system32\dps.dll
14:04:29.0043 0x0638  DPS - ok
14:04:29.0101 0x0638  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
14:04:29.0193 0x0638  drmkaud - ok
14:04:29.0265 0x0638  [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
14:04:29.0312 0x0638  DXGKrnl - ok
14:04:29.0368 0x0638  EagleXNt - ok
14:04:29.0419 0x0638  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\windows\System32\eapsvc.dll
14:04:29.0473 0x0638  EapHost - ok
14:04:29.0625 0x0638  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\windows\system32\DRIVERS\evbdx.sys
14:04:29.0774 0x0638  ebdrv - ok
14:04:29.0820 0x0638  [ 981CE3E3A653511799F4A862494B66A8, 414D975387A118535E39636413969A7D4C98A85E542A44B8FA515C8A20D6093F ] EFS             C:\windows\System32\lsass.exe
14:04:29.0903 0x0638  EFS - ok
14:04:29.0985 0x0638  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\windows\ehome\ehRecvr.exe
14:04:30.0084 0x0638  ehRecvr - ok
14:04:30.0110 0x0638  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\windows\ehome\ehsched.exe
14:04:30.0178 0x0638  ehSched - ok
14:04:30.0219 0x0638  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\windows\system32\DRIVERS\elxstor.sys
14:04:30.0249 0x0638  elxstor - ok
14:04:30.0289 0x0638  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\windows\system32\drivers\errdev.sys
14:04:30.0310 0x0638  ErrDev - ok
14:04:30.0374 0x0638  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\windows\system32\es.dll
14:04:30.0430 0x0638  EventSystem - ok
14:04:30.0447 0x0638  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\windows\system32\drivers\exfat.sys
14:04:30.0502 0x0638  exfat - ok
14:04:30.0563 0x0638  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\windows\system32\drivers\fastfat.sys
14:04:30.0604 0x0638  fastfat - ok
14:04:30.0658 0x0638  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\windows\system32\fxssvc.exe
14:04:30.0758 0x0638  Fax - ok
14:04:30.0773 0x0638  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\windows\system32\DRIVERS\fdc.sys
14:04:30.0792 0x0638  fdc - ok
14:04:30.0818 0x0638  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\windows\system32\fdPHost.dll
14:04:30.0866 0x0638  fdPHost - ok
14:04:30.0907 0x0638  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\windows\system32\fdrespub.dll
14:04:30.0959 0x0638  FDResPub - ok
14:04:31.0000 0x0638  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
14:04:31.0016 0x0638  FileInfo - ok
14:04:31.0043 0x0638  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
14:04:31.0093 0x0638  Filetrace - ok
14:04:31.0173 0x0638  [ 227846995AFEEFA70D328BF5334A86A5, B8EF22DE552B44E7DC352742C775BB6B4992B653AF4B66B231A60182CE7A7201 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
14:04:31.0249 0x0638  FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
14:04:37.0242 0x0638  Detect skipped due to KSN trusted
14:04:37.0242 0x0638  FLEXnet Licensing Service - ok
14:04:37.0285 0x0638  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\windows\system32\DRIVERS\flpydisk.sys
14:04:37.0318 0x0638  flpydisk - ok
14:04:37.0372 0x0638  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
14:04:37.0394 0x0638  FltMgr - ok
14:04:37.0484 0x0638  [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache       C:\windows\system32\FntCache.dll
14:04:37.0577 0x0638  FontCache - ok
14:04:37.0622 0x0638  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
14:04:37.0639 0x0638  FontCache3.0.0.0 - ok
14:04:37.0665 0x0638  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
14:04:37.0682 0x0638  FsDepends - ok
14:04:37.0729 0x0638  [ B0082808A6856A252F7CDD939892CE50, 3A069239629C4F54049A2CFC6642AC5102ECEAA74470BAA9DDB1AB108D1060EE ] fssfltr         C:\windows\system32\DRIVERS\fssfltr.sys
14:04:37.0746 0x0638  fssfltr - ok
14:04:37.0862 0x0638  [ 28DDEEEC44E988657B732CF404D504CB, 47F83018E5449CDCED3DD447991788EBAAC92C418D4513FBA9408C45E9AB8E7E ] fsssvc          C:\Program Files\Windows Live\Family Safety\fsssvc.exe
14:04:37.0927 0x0638  fsssvc - ok
14:04:37.0995 0x0638  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
14:04:38.0013 0x0638  Fs_Rec - ok
14:04:38.0087 0x0638  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
14:04:38.0132 0x0638  fvevol - ok
14:04:38.0211 0x0638  [ FC06A5BE1AB381CD47AF3D69006E88F0, EFEB3F5735A7FEDF36C95182228CDD898D59180434F372D12DC0704AE129F5EF ] fwlanusbn       C:\windows\system32\DRIVERS\fwlanusbn.sys
14:04:38.0301 0x0638  fwlanusbn - ok
14:04:38.0382 0x0638  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\windows\system32\DRIVERS\gagp30kx.sys
14:04:38.0413 0x0638  gagp30kx - ok
14:04:38.0474 0x0638  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\windows\System32\gpsvc.dll
14:04:38.0547 0x0638  gpsvc - ok
14:04:38.0604 0x0638  [ 833051C6C6C42117191935F734CFBD97, 5EB5672ABC7994A4AFF855A572158B8BE4FC6E541CFD4B9BE4FF2739A9A6AFB8 ] hamachi         C:\windows\system32\DRIVERS\hamachi.sys
14:04:38.0620 0x0638  hamachi - ok
14:04:38.0764 0x0638  [ F31D7F8A7699575DBB3B3A3AB4AA6216, 8D926CF1B6609DE9F1C9D315CA4547597D01FB90F78FF45F158DE0D5D88B6108 ] Hamachi2Svc     C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
14:04:38.0824 0x0638  Hamachi2Svc - ok
14:04:38.0860 0x0638  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys
14:04:38.0943 0x0638  hcw85cir - ok
14:04:38.0995 0x0638  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
14:04:39.0046 0x0638  HdAudAddService - ok
14:04:39.0085 0x0638  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\windows\system32\drivers\HDAudBus.sys
14:04:39.0110 0x0638  HDAudBus - ok
14:04:39.0123 0x0638  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\windows\system32\DRIVERS\HidBatt.sys
14:04:39.0152 0x0638  HidBatt - ok
14:04:39.0171 0x0638  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\windows\system32\DRIVERS\hidbth.sys
14:04:39.0196 0x0638  HidBth - ok
14:04:39.0217 0x0638  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\windows\system32\DRIVERS\hidir.sys
14:04:39.0237 0x0638  HidIr - ok
14:04:39.0255 0x0638  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\windows\system32\hidserv.dll
14:04:39.0302 0x0638  hidserv - ok
14:04:39.0334 0x0638  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\windows\system32\DRIVERS\hidusb.sys
14:04:39.0434 0x0638  HidUsb - ok
14:04:39.0480 0x0638  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\windows\system32\kmsvc.dll
14:04:39.0518 0x0638  hkmsvc - ok
14:04:39.0571 0x0638  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\windows\system32\ListSvc.dll
14:04:39.0645 0x0638  HomeGroupListener - ok
14:04:39.0694 0x0638  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\windows\system32\provsvc.dll
14:04:39.0725 0x0638  HomeGroupProvider - ok
14:04:39.0766 0x0638  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
14:04:39.0784 0x0638  HpSAMD - ok
14:04:39.0839 0x0638  [ 863CC3A82C63C9F60ACF2E85D5310620, 51CBC73D696BB87FBF3F4CD31ADE38DF9B8476DFAC38356A5C0ABD8CA63A5494 ] HPZid412        C:\windows\system32\DRIVERS\HPZid412.sys
14:04:39.0913 0x0638  HPZid412 - ok
14:04:39.0967 0x0638  [ 08CB72E95DD75B61F2966B311D0E4366, 3C4CBCA84B67DBFD00C3A2470EE0CBE1F66AF549E9579B016C659BEE40219D24 ] HPZipr12        C:\windows\system32\DRIVERS\HPZipr12.sys
14:04:40.0018 0x0638  HPZipr12 - ok
14:04:40.0062 0x0638  [ CA990306ED4EF732AF9695BFF24FC96F, 083532116547447D4A82CA02181AB4099944082405036EE38D7A3FB09CFDDC95 ] HPZius12        C:\windows\system32\DRIVERS\HPZius12.sys
14:04:40.0123 0x0638  HPZius12 - ok
14:04:40.0196 0x0638  [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP            C:\windows\system32\drivers\HTTP.sys
14:04:40.0320 0x0638  HTTP - ok
14:04:40.0378 0x0638  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
14:04:40.0408 0x0638  hwpolicy - ok
14:04:40.0451 0x0638  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\windows\system32\drivers\i8042prt.sys
14:04:40.0485 0x0638  i8042prt - ok
14:04:40.0527 0x0638  [ EDF5ECC965FAAA533D35E02F47B9132E, 09CF93344C399A5F3C3984557EE09A70072727579D3EFEE5D442940D679CF35A ] iaStor          C:\windows\system32\DRIVERS\iaStor.sys
14:04:40.0555 0x0638  iaStor - ok
14:04:40.0620 0x0638  [ 807737C9CC11ACF18D9761FD7BCFEDA0, 38E926DB7A8EB07D6DDA6C7FDBD4C12AC0D965412115D2D1F9C9F013A3D9CED9 ] iaStorA         C:\windows\system32\DRIVERS\iaStorA.sys
14:04:40.0647 0x0638  iaStorA - ok
14:04:40.0691 0x0638  [ 0CCFE6C9C7470201DA6C1A3A3CB99161, BAB988DB459DC898AE42CF723187C7B843B75D62C3AC599C60189A8427FBA57C ] iaStorF         C:\windows\system32\DRIVERS\iaStorF.sys
14:04:40.0704 0x0638  iaStorF - ok
14:04:40.0724 0x0638  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
14:04:40.0749 0x0638  iaStorV - ok
14:04:40.0862 0x0638  [ 58BD7551B0445F3673D96CA380F21822, F5123B90F6D249FCA7AD985199E85AB4D8110F3CDA102BD1863D5BD569F22353 ] ICQ Service     C:\Program Files\ICQ6Toolbar\ICQ Service.exe
14:04:40.0892 0x0638  ICQ Service - ok
14:04:40.0963 0x0638  [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc           C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:04:41.0011 0x0638  idsvc - ok
14:04:41.0051 0x0638  IEEtwCollectorService - ok
14:04:41.0261 0x0638  [ AD626F6964F4D364D226C39E06872DD3, 5D52F89930BB07D4D2D0FC12143BD233B5D2C238527B3B4CAD74736D1EC84218 ] igfx            C:\windows\system32\DRIVERS\igdkmd32.sys
14:04:41.0499 0x0638  igfx - ok
14:04:41.0540 0x0638  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\windows\system32\DRIVERS\iirsp.sys
14:04:41.0555 0x0638  iirsp - ok
14:04:41.0634 0x0638  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\windows\System32\ikeext.dll
14:04:41.0707 0x0638  IKEEXT - ok
14:04:41.0772 0x0638  [ 4A31216A5E97D46EE06069D9E06428FA, 90DA208F12EBB12324B62A982F077447A31A696612C36CB65488B9F342299D4B ] Impcd           C:\windows\system32\DRIVERS\Impcd.sys
14:04:41.0823 0x0638  Impcd - ok
14:04:41.0980 0x0638  [ 96282FBCE4534C9BF147CFFE9E1FA8DB, 91801002545FFF336A46A6D8B365491D2A21DD561DC8C7FA1EF6A1D9CFE1893C ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHDA.sys
14:04:42.0104 0x0638  IntcAzAudAddService - ok
14:04:42.0149 0x0638  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\windows\system32\drivers\intelide.sys
14:04:42.0165 0x0638  intelide - ok
14:04:42.0221 0x0638  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys
14:04:42.0251 0x0638  intelppm - ok
14:04:42.0278 0x0638  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\windows\system32\ipbusenum.dll
14:04:42.0331 0x0638  IPBusEnum - ok
14:04:42.0353 0x0638  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
14:04:42.0412 0x0638  IpFilterDriver - ok
14:04:42.0493 0x0638  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
14:04:42.0622 0x0638  iphlpsvc - ok
14:04:42.0668 0x0638  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys
14:04:42.0706 0x0638  IPMIDRV - ok
14:04:42.0736 0x0638  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\windows\system32\drivers\ipnat.sys
14:04:42.0774 0x0638  IPNAT - ok
14:04:42.0790 0x0638  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\windows\system32\drivers\irenum.sys
14:04:42.0847 0x0638  IRENUM - ok
14:04:42.0890 0x0638  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\windows\system32\drivers\isapnp.sys
14:04:42.0920 0x0638  isapnp - ok
14:04:42.0972 0x0638  [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys
14:04:42.0995 0x0638  iScsiPrt - ok
14:04:43.0028 0x0638  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\windows\system32\DRIVERS\kbdclass.sys
14:04:43.0044 0x0638  kbdclass - ok
14:04:43.0090 0x0638  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\windows\system32\DRIVERS\kbdhid.sys
14:04:43.0123 0x0638  kbdhid - ok
14:04:43.0150 0x0638  [ 981CE3E3A653511799F4A862494B66A8, 414D975387A118535E39636413969A7D4C98A85E542A44B8FA515C8A20D6093F ] KeyIso          C:\windows\system32\lsass.exe
14:04:43.0167 0x0638  KeyIso - ok
14:04:43.0195 0x0638  [ 746F89CE0C6569C589E6AC4D3DA82D41, 6D41311CBA8BB7C9C09C1757D7947539B67FE3EFF6299502176C673809BAEAD8 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
14:04:43.0211 0x0638  KSecDD - ok
14:04:43.0239 0x0638  [ D800E1EAF33630A1636BB21E8256AA92, D07542A242E0D52B494BE63A6A141207D0A59CF66ABEBA9CE33877594BF7BA5D ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
14:04:43.0258 0x0638  KSecPkg - ok
14:04:43.0309 0x0638  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\windows\system32\msdtckrm.dll
14:04:43.0368 0x0638  KtmRm - ok
14:04:43.0410 0x0638  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\windows\system32\srvsvc.dll
14:04:43.0458 0x0638  LanmanServer - ok
14:04:43.0480 0x0638  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
14:04:43.0531 0x0638  LanmanWorkstation - ok
14:04:43.0589 0x0638  [ F8A7212D0864EF5E9185FB95E6623F4D, 277EAA06BD3D1CB31E6CD7B9ECD3A4B7D4AB7A369DB5FFF04EC7D749DF26E3D2 ] lirsgt          C:\windows\system32\DRIVERS\lirsgt.sys
14:04:43.0603 0x0638  lirsgt - ok
14:04:43.0662 0x0638  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
14:04:43.0746 0x0638  lltdio - ok
14:04:43.0773 0x0638  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\windows\System32\lltdsvc.dll
14:04:43.0815 0x0638  lltdsvc - ok
14:04:43.0829 0x0638  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\windows\System32\lmhsvc.dll
14:04:43.0870 0x0638  lmhosts - ok
14:04:43.0895 0x0638  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\windows\system32\DRIVERS\lsi_fc.sys
14:04:43.0914 0x0638  LSI_FC - ok
14:04:43.0932 0x0638  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\windows\system32\DRIVERS\lsi_sas.sys
14:04:43.0949 0x0638  LSI_SAS - ok
14:04:43.0966 0x0638  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\windows\system32\DRIVERS\lsi_sas2.sys
14:04:43.0983 0x0638  LSI_SAS2 - ok
14:04:43.0991 0x0638  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\windows\system32\DRIVERS\lsi_scsi.sys
14:04:44.0010 0x0638  LSI_SCSI - ok
14:04:44.0081 0x0638  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\windows\system32\drivers\luafv.sys
14:04:44.0139 0x0638  luafv - ok
14:04:44.0176 0x0638  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\windows\system32\Mcx2Svc.dll
14:04:44.0216 0x0638  Mcx2Svc - ok
14:04:44.0234 0x0638  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\windows\system32\DRIVERS\megasas.sys
14:04:44.0252 0x0638  megasas - ok
14:04:44.0279 0x0638  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\windows\system32\DRIVERS\MegaSR.sys
14:04:44.0304 0x0638  MegaSR - ok
14:04:44.0338 0x0638  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\windows\system32\mmcss.dll
14:04:44.0390 0x0638  MMCSS - ok
14:04:44.0434 0x0638  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\windows\system32\drivers\modem.sys
14:04:44.0474 0x0638  Modem - ok
14:04:44.0519 0x0638  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\windows\system32\DRIVERS\monitor.sys
14:04:44.0557 0x0638  monitor - ok
14:04:44.0602 0x0638  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys
14:04:44.0617 0x0638  mouclass - ok
14:04:44.0638 0x0638  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys
14:04:44.0667 0x0638  mouhid - ok
14:04:44.0714 0x0638  [ 644905A19D0F37F2233DFCE53BC4BC19, F52CB40AA0FD1EBF8CBF0F3BFB20C47142C637719840877FB93F10D085EB8C2B ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
14:04:44.0731 0x0638  mountmgr - ok
14:04:44.0827 0x0638  [ 03D14BF1DC59130002F6B8BA3AD89DB9, 1729CCD8AAF51CDB86ED67569974D0B6B1CFFA5F90EF6E6004B0D8A305D88C27 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
14:04:44.0885 0x0638  MozillaMaintenance - ok
14:04:44.0922 0x0638  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\windows\system32\drivers\mpio.sys
14:04:44.0946 0x0638  mpio - ok
14:04:44.0993 0x0638  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
14:04:45.0054 0x0638  mpsdrv - ok
14:04:45.0114 0x0638  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\windows\system32\mpssvc.dll
14:04:45.0172 0x0638  MpsSvc - ok
14:04:45.0235 0x0638  [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
14:04:45.0276 0x0638  MRxDAV - ok
14:04:45.0334 0x0638  [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
14:04:45.0440 0x0638  mrxsmb - ok
14:04:45.0530 0x0638  [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
14:04:45.0570 0x0638  mrxsmb10 - ok
14:04:45.0605 0x0638  [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
14:04:45.0634 0x0638  mrxsmb20 - ok
14:04:45.0687 0x0638  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\windows\system32\drivers\msahci.sys
14:04:45.0702 0x0638  msahci - ok
14:04:45.0720 0x0638  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\windows\system32\drivers\msdsm.sys
14:04:45.0740 0x0638  msdsm - ok
14:04:45.0758 0x0638  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\windows\System32\msdtc.exe
14:04:45.0796 0x0638  MSDTC - ok
14:04:45.0854 0x0638  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\windows\system32\drivers\Msfs.sys
14:04:45.0896 0x0638  Msfs - ok
14:04:45.0907 0x0638  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
14:04:45.0955 0x0638  mshidkmdf - ok
14:04:45.0996 0x0638  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
14:04:46.0011 0x0638  msisadrv - ok
14:04:46.0041 0x0638  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\windows\system32\iscsiexe.dll
14:04:46.0086 0x0638  MSiSCSI - ok
14:04:46.0093 0x0638  msiserver - ok
14:04:46.0130 0x0638  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
14:04:46.0171 0x0638  MSKSSRV - ok
14:04:46.0184 0x0638  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
14:04:46.0228 0x0638  MSPCLOCK - ok
14:04:46.0241 0x0638  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
14:04:46.0291 0x0638  MSPQM - ok
14:04:46.0309 0x0638  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
14:04:46.0329 0x0638  MsRPC - ok
14:04:46.0370 0x0638  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\windows\system32\drivers\mssmbios.sys
14:04:46.0385 0x0638  mssmbios - ok
14:04:46.0466 0x0638  MSSQL$SQLEXPRESS - ok
14:04:46.0562 0x0638  [ F1761C8FB2B25A32C6D63E36BB88C3AE, C88F5EF7B547DAA2394888362916FA18F07241E0BF2B938297428A1C04FFD806 ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
14:04:46.0579 0x0638  MSSQLServerADHelper100 - ok
14:04:46.0624 0x0638  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
14:04:46.0664 0x0638  MSTEE - ok
14:04:46.0684 0x0638  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\windows\system32\DRIVERS\MTConfig.sys
14:04:46.0706 0x0638  MTConfig - ok
14:04:46.0727 0x0638  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\windows\system32\Drivers\mup.sys
14:04:46.0743 0x0638  Mup - ok
14:04:46.0810 0x0638  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\windows\system32\qagentRT.dll
14:04:46.0857 0x0638  napagent - ok
14:04:46.0895 0x0638  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
14:04:46.0941 0x0638  NativeWifiP - ok
14:04:46.0999 0x0638  [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\windows\system32\drivers\ndis.sys
14:04:47.0038 0x0638  NDIS - ok
14:04:47.0061 0x0638  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
14:04:47.0097 0x0638  NdisCap - ok
14:04:47.0150 0x0638  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
14:04:47.0193 0x0638  NdisTapi - ok
14:04:47.0238 0x0638  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
14:04:47.0289 0x0638  Ndisuio - ok
14:04:47.0339 0x0638  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
14:04:47.0402 0x0638  NdisWan - ok
14:04:47.0449 0x0638  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
14:04:47.0519 0x0638  NDProxy - ok
14:04:47.0578 0x0638  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
14:04:47.0624 0x0638  NetBIOS - ok
14:04:47.0671 0x0638  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
14:04:47.0715 0x0638  NetBT - ok
14:04:47.0744 0x0638  [ 981CE3E3A653511799F4A862494B66A8, 414D975387A118535E39636413969A7D4C98A85E542A44B8FA515C8A20D6093F ] Netlogon        C:\windows\system32\lsass.exe
14:04:47.0762 0x0638  Netlogon - ok
14:04:47.0800 0x0638  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\windows\System32\netman.dll
14:04:47.0846 0x0638  Netman - ok
14:04:47.0916 0x0638  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:04:47.0947 0x0638  NetMsmqActivator - ok
14:04:47.0971 0x0638  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:04:47.0992 0x0638  NetPipeActivator - ok
14:04:48.0032 0x0638  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\windows\System32\netprofm.dll
14:04:48.0089 0x0638  netprofm - ok
14:04:48.0114 0x0638  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:04:48.0149 0x0638  NetTcpActivator - ok
14:04:48.0180 0x0638  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:04:48.0213 0x0638  NetTcpPortSharing - ok
14:04:48.0251 0x0638  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\windows\system32\DRIVERS\nfrd960.sys
14:04:48.0268 0x0638  nfrd960 - ok
14:04:48.0331 0x0638  [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc          C:\windows\System32\nlasvc.dll
14:04:48.0400 0x0638  NlaSvc - ok
14:04:48.0462 0x0638  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\windows\system32\drivers\Npfs.sys
14:04:48.0542 0x0638  Npfs - ok
14:04:48.0571 0x0638  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\windows\system32\nsisvc.dll
14:04:48.0614 0x0638  nsi - ok
14:04:48.0640 0x0638  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
14:04:48.0680 0x0638  nsiproxy - ok
14:04:48.0785 0x0638  [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
14:04:48.0845 0x0638  Ntfs - ok
14:04:48.0889 0x0638  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\windows\system32\drivers\Null.sys
14:04:48.0939 0x0638  Null - ok
14:04:48.0999 0x0638  [ D2F4C4B22969236382CA853B8DAA2D4E, 83950153451140AC54CF95F0ED03C165DD5E8B7E8F3869B1746CDDDF9DFE1F11 ] NVHDA           C:\windows\system32\drivers\nvhda32v.sys
14:04:49.0027 0x0638  NVHDA - ok
14:04:49.0495 0x0638  [ AFB33A823AABC112FC7BD62AFBCDB0CD, B267AA94024363B1C4A26D853094F84895D7EA232B8A6690C315D99D3D4C79BD ] nvlddmkm        C:\windows\system32\DRIVERS\nvlddmkm.sys
14:04:50.0039 0x0638  nvlddmkm - ok
14:04:50.0103 0x0638  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\windows\system32\drivers\nvraid.sys
14:04:50.0132 0x0638  nvraid - ok
14:04:50.0155 0x0638  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\windows\system32\drivers\nvstor.sys
14:04:50.0175 0x0638  nvstor - ok
14:04:50.0232 0x0638  [ 782945716AD010AC3D41758E8E52C735, 5A2B869B697D5BCD31F59BF39E3B0C8C570DD01B1FC82063CD9530F2FC49C7D6 ] nvsvc           C:\windows\system32\nvvsvc.exe
14:04:50.0267 0x0638  nvsvc - ok
14:04:50.0316 0x0638  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
14:04:50.0334 0x0638  nv_agp - ok
14:04:50.0449 0x0638  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:04:50.0478 0x0638  odserv - ok
14:04:50.0503 0x0638  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\windows\system32\drivers\ohci1394.sys
14:04:50.0535 0x0638  ohci1394 - ok
14:04:50.0560 0x0638  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:04:50.0587 0x0638  ose - ok
14:04:50.0625 0x0638  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
14:04:50.0701 0x0638  p2pimsvc - ok
14:04:50.0729 0x0638  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\windows\system32\p2psvc.dll
14:04:50.0775 0x0638  p2psvc - ok
14:04:50.0834 0x0638  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\windows\system32\DRIVERS\parport.sys
14:04:50.0879 0x0638  Parport - ok
14:04:50.0914 0x0638  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\windows\system32\drivers\partmgr.sys
14:04:50.0936 0x0638  partmgr - ok
14:04:50.0959 0x0638  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\windows\system32\DRIVERS\parvdm.sys
14:04:50.0984 0x0638  Parvdm - ok
14:04:51.0037 0x0638  [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc          C:\windows\System32\pcasvc.dll
14:04:51.0136 0x0638  PcaSvc - ok
14:04:51.0190 0x0638  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\windows\system32\drivers\pci.sys
14:04:51.0211 0x0638  pci - ok
14:04:51.0247 0x0638  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\windows\system32\drivers\pciide.sys
14:04:51.0262 0x0638  pciide - ok
14:04:51.0293 0x0638  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\windows\system32\DRIVERS\pcmcia.sys
14:04:51.0314 0x0638  pcmcia - ok
14:04:51.0361 0x0638  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\windows\system32\drivers\pcw.sys
14:04:51.0377 0x0638  pcw - ok
14:04:51.0409 0x0638  [ AEBC369F7DC72AB3F5B9BDF34FA0D43F, 2A819154AC6C23E97C583D90B4D0C112188B7AE9D8D9B3F88811BFCED124E551 ] PEAUTH          C:\windows\system32\drivers\peauth.sys
14:04:51.0459 0x0638  PEAUTH - ok
14:04:51.0565 0x0638  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\windows\system32\pla.dll
14:04:51.0664 0x0638  pla - ok
14:04:51.0724 0x0638  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\windows\system32\umpnpmgr.dll
14:04:51.0767 0x0638  PlugPlay - ok
14:04:51.0789 0x0638  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
14:04:51.0814 0x0638  PNRPAutoReg - ok
14:04:51.0841 0x0638  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
14:04:51.0877 0x0638  PNRPsvc - ok
14:04:51.0937 0x0638  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
14:04:51.0996 0x0638  PolicyAgent - ok
14:04:52.0039 0x0638  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\windows\system32\umpo.dll
14:04:52.0096 0x0638  Power - ok
14:04:52.0160 0x0638  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
14:04:52.0215 0x0638  PptpMiniport - ok
14:04:52.0234 0x0638  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\windows\system32\DRIVERS\processr.sys
14:04:52.0260 0x0638  Processor - ok
14:04:52.0307 0x0638  [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc         C:\windows\system32\profsvc.dll
14:04:52.0338 0x0638  ProfSvc - ok
14:04:52.0360 0x0638  [ 981CE3E3A653511799F4A862494B66A8, 414D975387A118535E39636413969A7D4C98A85E542A44B8FA515C8A20D6093F ] ProtectedStorage C:\windows\system32\lsass.exe
14:04:52.0382 0x0638  ProtectedStorage - ok
14:04:52.0427 0x0638  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\windows\system32\DRIVERS\pacer.sys
14:04:52.0479 0x0638  Psched - ok
14:04:52.0549 0x0638  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\windows\system32\DRIVERS\ql2300.sys
14:04:52.0612 0x0638  ql2300 - ok
14:04:52.0638 0x0638  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\windows\system32\DRIVERS\ql40xx.sys
14:04:52.0658 0x0638  ql40xx - ok
14:04:52.0688 0x0638  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\windows\system32\qwave.dll
14:04:52.0727 0x0638  QWAVE - ok
14:04:52.0743 0x0638  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
14:04:52.0765 0x0638  QWAVEdrv - ok
14:04:52.0778 0x0638  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
14:04:52.0825 0x0638  RasAcd - ok
14:04:52.0845 0x0638  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
14:04:52.0886 0x0638  RasAgileVpn - ok
14:04:52.0901 0x0638  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\windows\System32\rasauto.dll
14:04:52.0959 0x0638  RasAuto - ok
14:04:53.0022 0x0638  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
14:04:53.0069 0x0638  Rasl2tp - ok
14:04:53.0117 0x0638  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\windows\System32\rasmans.dll
14:04:53.0162 0x0638  RasMan - ok
14:04:53.0213 0x0638  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
14:04:53.0284 0x0638  RasPppoe - ok
14:04:53.0317 0x0638  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
14:04:53.0353 0x0638  RasSstp - ok
14:04:53.0409 0x0638  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
14:04:53.0466 0x0638  rdbss - ok
14:04:53.0492 0x0638  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\windows\system32\DRIVERS\rdpbus.sys
14:04:53.0512 0x0638  rdpbus - ok
14:04:53.0549 0x0638  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
14:04:53.0594 0x0638  RDPCDD - ok
14:04:53.0607 0x0638  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys
14:04:53.0654 0x0638  RDPENCDD - ok
14:04:53.0667 0x0638  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys
14:04:53.0713 0x0638  RDPREFMP - ok
14:04:53.0766 0x0638  [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
14:04:53.0852 0x0638  RDPWD - ok
14:04:53.0935 0x0638  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
14:04:53.0959 0x0638  rdyboost - ok
14:04:53.0983 0x0638  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\windows\System32\mprdim.dll
14:04:54.0041 0x0638  RemoteAccess - ok
14:04:54.0071 0x0638  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\windows\system32\regsvc.dll
14:04:54.0123 0x0638  RemoteRegistry - ok
14:04:54.0175 0x0638  [ F85AE59A52885F4B09AADAFB23001A3B, CE722F19C0F916BC9EC1B7B28A479C71504190271B54B4B9ACA82922B484FEA0 ] Rezip           C:\windows\SYSTEM32\Rezip.exe
14:04:54.0200 0x0638  Rezip - detected UnsignedFile.Multi.Generic ( 1 )
14:05:04.0272 0x0638  Rezip ( UnsignedFile.Multi.Generic ) - warning
14:05:23.0297 0x0638  [ CB928D9E6DAF51879DD6BA8D02F01321, DFD263B67DDF98AE09AF6D6986CBC7BE3206BCE8403AAC51BCF9459E78233D12 ] RFCOMM          C:\windows\system32\DRIVERS\rfcomm.sys
14:05:23.0325 0x0638  RFCOMM - ok
14:05:23.0392 0x0638  [ 7CCAEBCAB6FC1ED0206C07E083E79207, 40BFA1BEDFF093652279494EDD397FC094794B76916C2681D0544D6793314DFE ] RichVideo       C:\Program Files\CyberLink\Shared files\RichVideo.exe
14:05:23.0415 0x0638  RichVideo - ok
14:05:23.0449 0x0638  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
14:05:23.0503 0x0638  RpcEptMapper - ok
14:05:23.0532 0x0638  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\windows\system32\locator.exe
14:05:23.0568 0x0638  RpcLocator - ok
14:05:23.0624 0x0638  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\windows\system32\rpcss.dll
14:05:23.0671 0x0638  RpcSs - ok
14:05:23.0746 0x0638  [ FD692C6FFADE58F7C4C3C3C9A0EC35BD, 0168F61220999B2D084EDEF87079C1970BC53A9AFE4241B08931F9408FF58013 ] RsFx0103        C:\windows\system32\DRIVERS\RsFx0103.sys
14:05:23.0767 0x0638  RsFx0103 - ok
14:05:23.0821 0x0638  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
14:05:23.0869 0x0638  rspndr - ok
14:05:23.0917 0x0638  [ 7DFD48E24479B68B258D8770121155A0, 3B5F7309403C46855DB888CF2058B07C9029690DBC7FB3224BAC7BE5547D2D57 ] RTL8167         C:\windows\system32\DRIVERS\Rt86win7.sys
14:05:23.0949 0x0638  RTL8167 - ok
14:05:24.0006 0x0638  [ 6E5FBB7CBAEC47038B945D5E9B144A64, B2AA2F39DAA841FCA470846CC07C580464E2F07C3EFAA64AF783144718F09C13 ] SABI            C:\windows\system32\Drivers\SABI.sys
14:05:24.0050 0x0638  SABI - ok
14:05:24.0068 0x0638  [ 981CE3E3A653511799F4A862494B66A8, 414D975387A118535E39636413969A7D4C98A85E542A44B8FA515C8A20D6093F ] SamSs           C:\windows\system32\lsass.exe
14:05:24.0085 0x0638  SamSs - ok
14:05:24.0154 0x0638  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
14:05:24.0172 0x0638  sbp2port - ok
14:05:24.0209 0x0638  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\windows\System32\SCardSvr.dll
14:05:24.0267 0x0638  SCardSvr - ok
14:05:24.0288 0x0638  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
14:05:24.0336 0x0638  scfilter - ok
14:05:24.0409 0x0638  [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\windows\system32\schedsvc.dll
14:05:24.0478 0x0638  Schedule - ok
14:05:24.0527 0x0638  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\windows\System32\certprop.dll
14:05:24.0561 0x0638  SCPolicySvc - ok
14:05:24.0596 0x0638  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\windows\System32\SDRSVC.dll
14:05:24.0664 0x0638  SDRSVC - ok
14:05:24.0693 0x0638  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\windows\system32\drivers\secdrv.sys
14:05:24.0729 0x0638  secdrv - ok
14:05:24.0750 0x0638  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\windows\system32\seclogon.dll
14:05:24.0799 0x0638  seclogon - ok
14:05:24.0821 0x0638  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\windows\System32\sens.dll
14:05:24.0858 0x0638  SENS - ok
14:05:24.0916 0x0638  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\windows\system32\sensrsvc.dll
14:05:25.0007 0x0638  SensrSvc - ok
14:05:25.0023 0x0638  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\windows\system32\DRIVERS\serenum.sys
14:05:25.0048 0x0638  Serenum - ok
14:05:25.0072 0x0638  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\windows\system32\DRIVERS\serial.sys
14:05:25.0100 0x0638  Serial - ok
14:05:25.0115 0x0638  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\windows\system32\DRIVERS\sermouse.sys
14:05:25.0153 0x0638  sermouse - ok
14:05:25.0204 0x0638  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\windows\system32\sessenv.dll
14:05:25.0244 0x0638  SessionEnv - ok
14:05:25.0279 0x0638  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\windows\system32\drivers\sffdisk.sys
14:05:25.0348 0x0638  sffdisk - ok
14:05:25.0389 0x0638  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys
14:05:25.0411 0x0638  sffp_mmc - ok
14:05:25.0423 0x0638  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\windows\system32\drivers\sffp_sd.sys
14:05:25.0446 0x0638  sffp_sd - ok
14:05:25.0473 0x0638  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\windows\system32\DRIVERS\sfloppy.sys
14:05:25.0491 0x0638  sfloppy - ok
14:05:25.0567 0x0638  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\windows\System32\ipnathlp.dll
14:05:25.0669 0x0638  SharedAccess - ok
14:05:25.0701 0x0638  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\windows\System32\shsvcs.dll
14:05:25.0750 0x0638  ShellHWDetection - ok
14:05:25.0772 0x0638  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\windows\system32\drivers\sisagp.sys
14:05:25.0788 0x0638  sisagp - ok
14:05:25.0798 0x0638  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\windows\system32\DRIVERS\SiSRaid2.sys
14:05:25.0814 0x0638  SiSRaid2 - ok
14:05:25.0829 0x0638  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\windows\system32\DRIVERS\sisraid4.sys
14:05:25.0851 0x0638  SiSRaid4 - ok
14:05:25.0961 0x0638  [ 704B4F81729F676BBF034529FC334D82, 1E50DAF97836807A500284385D99272780A8B69CA88761250451060B207824F8 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
14:05:25.0990 0x0638  SkypeUpdate - ok
14:05:26.0004 0x0638  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\windows\system32\DRIVERS\smb.sys
14:05:26.0049 0x0638  Smb - ok
14:05:26.0083 0x0638  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
14:05:26.0110 0x0638  SNMPTRAP - ok
14:05:26.0150 0x0638  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\windows\system32\drivers\spldr.sys
14:05:26.0165 0x0638  spldr - ok
14:05:26.0221 0x0638  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\windows\System32\spoolsv.exe
14:05:26.0330 0x0638  Spooler - ok
14:05:26.0483 0x0638  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\windows\system32\sppsvc.exe
14:05:26.0643 0x0638  sppsvc - ok
14:05:26.0699 0x0638  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\windows\system32\sppuinotify.dll
14:05:26.0750 0x0638  sppuinotify - ok
14:05:26.0814 0x0638  [ 0022CFFF1A41E5CE3A764050A7DDF22A, A5B3DE389043E60A677CF807F19EDFE2B07A849E83BA23E89E05AE85B43AECAE ] sptd            C:\windows\System32\Drivers\sptd.sys
14:05:26.0845 0x0638  sptd - ok
14:05:26.0897 0x0638  [ A687B5B326AFCFCF182C4931D1FF9771, B8447F9FFB87A2B891D9FE29BA5182ED1129B718FB27990CE79E6CDCA6023A59 ] SQLAgent$SQLEXPRESS C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
14:05:26.0923 0x0638  SQLAgent$SQLEXPRESS - ok
14:05:27.0021 0x0638  [ B54B48F6D92423440C264E91225C5FF1, 7484D90CE309555E1FB54F011A2980D8491354223111B7AA16D1D2473570DC19 ] SQLBrowser      C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
14:05:27.0052 0x0638  SQLBrowser - ok
14:05:27.0077 0x0638  [ 637A0F23F9012358E92E6F99835494D1, 5399EF5C35D58B6902F470BF5F851C96CBD83CAD77658917C46867B91D7D9442 ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
14:05:27.0095 0x0638  SQLWriter - ok
14:05:27.0155 0x0638  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\windows\system32\DRIVERS\srv.sys
14:05:27.0235 0x0638  srv - ok
14:05:27.0301 0x0638  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
14:05:27.0366 0x0638  srv2 - ok
14:05:27.0391 0x0638  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
14:05:27.0438 0x0638  srvnet - ok
14:05:27.0495 0x0638  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
14:05:27.0547 0x0638  SSDPSRV - ok
14:05:27.0613 0x0638  [ E98C0EEE2AAA630FC2D814B37AD16C29, 5227C5F551011B946A01EE88B864DD12FCA33C6B14AD2BE73EA4D30F1CEF8147 ] SSMO3v2Filter   C:\windows\system32\drivers\MO3v2Driver.sys
14:05:27.0711 0x0638  SSMO3v2Filter - ok
14:05:27.0735 0x0638  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\windows\system32\sstpsvc.dll
14:05:27.0780 0x0638  SstpSvc - ok
14:05:27.0889 0x0638  [ B1691AF4A072CB674D600DB16DD7308E, 214E35001E7BA10E8C329CE8904E900AA54F9B35C5329F2FF20E3156D6F21A8E ] StarWindServiceAE C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
14:05:27.0921 0x0638  StarWindServiceAE - detected UnsignedFile.Multi.Generic ( 1 )
14:05:33.0760 0x0638  Detect skipped due to KSN trusted
14:05:33.0760 0x0638  StarWindServiceAE - ok
14:05:33.0837 0x0638  [ 3F0826F632F66906CB3ED62202A6BAD7, CA21B038DD1A1BED7293A8DEEBE19D43D1C12378ED5C6B82D36900CD4FFF23B7 ] Steam Client Service C:\Program Files\Common Files\Steam\SteamService.exe
14:05:34.0033 0x0638  Steam Client Service - ok
14:05:34.0125 0x0638  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\windows\system32\DRIVERS\stexstor.sys
14:05:34.0172 0x0638  stexstor - ok
14:05:34.0241 0x0638  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\windows\System32\wiaservc.dll
14:05:34.0306 0x0638  StiSvc - ok
14:05:34.0351 0x0638  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\windows\system32\drivers\swenum.sys
14:05:34.0366 0x0638  swenum - ok
14:05:34.0505 0x0638  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
14:05:34.0541 0x0638  SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
14:05:40.0376 0x0638  Detect skipped due to KSN trusted
14:05:40.0376 0x0638  SwitchBoard - ok
14:05:40.0423 0x0638  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\windows\System32\swprv.dll
14:05:40.0486 0x0638  swprv - ok
14:05:40.0555 0x0638  [ 215A45246C6E2D0A9C263CE1786C8D8A, 619D3A836C6D6DCD9739F128E8B4863308A66FF474B31A2CBC4A94FBBEC47D0C ] SynTP           C:\windows\system32\DRIVERS\SynTP.sys
14:05:40.0575 0x0638  SynTP - ok
14:05:40.0665 0x0638  [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain         C:\windows\system32\sysmain.dll
14:05:40.0736 0x0638  SysMain - ok
14:05:40.0793 0x0638  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\windows\System32\TabSvc.dll
14:05:40.0839 0x0638  TabletInputService - ok
14:05:40.0899 0x0638  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\windows\System32\tapisrv.dll
14:05:40.0955 0x0638  TapiSrv - ok
14:05:40.0983 0x0638  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\windows\System32\tbssvc.dll
14:05:41.0035 0x0638  TBS - ok
14:05:41.0142 0x0638  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip           C:\windows\system32\drivers\tcpip.sys
14:05:41.0206 0x0638  Tcpip - ok
14:05:41.0250 0x0638  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
14:05:41.0308 0x0638  TCPIP6 - ok
14:05:41.0358 0x0638  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
14:05:41.0386 0x0638  tcpipreg - ok
14:05:41.0433 0x0638  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys
14:05:41.0517 0x0638  TDPIPE - ok
14:05:41.0558 0x0638  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\windows\system32\drivers\tdtcp.sys
14:05:41.0593 0x0638  TDTCP - ok
14:05:41.0652 0x0638  [ 7FE680A3DFA421C4A8E4879AE4C5AAB0, A4C64E155AB2843823CD3586756BA7681CFDEA50812095468221503BBAD30DCD ] tdx             C:\windows\system32\DRIVERS\tdx.sys
14:05:41.0720 0x0638  tdx - ok
14:05:42.0737 0x0638  [ E99CD4524662A2DA7C73372C626669D8, 694DF29BF6CFF8CA06B8C701BBD148DCF58D6A6ECE3CF6CC900B0D0E5A3DFDF2 ] TeamViewer9     C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
14:05:42.0934 0x0638  TeamViewer9 - ok
14:05:42.0994 0x0638  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\windows\system32\drivers\termdd.sys
14:05:43.0012 0x0638  TermDD - ok
14:05:43.0075 0x0638  [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService     C:\windows\System32\termsrv.dll
14:05:43.0130 0x0638  TermService - ok
14:05:43.0157 0x0638  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\windows\system32\themeservice.dll
14:05:43.0220 0x0638  Themes - ok
14:05:43.0235 0x0638  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\windows\system32\mmcss.dll
14:05:43.0274 0x0638  THREADORDER - ok
14:05:43.0287 0x0638  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\windows\System32\trkwks.dll
14:05:43.0327 0x0638  TrkWks - ok
14:05:43.0402 0x0638  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
14:05:43.0455 0x0638  TrustedInstaller - ok
14:05:43.0511 0x0638  [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys
14:05:43.0557 0x0638  tssecsrv - ok
14:05:43.0653 0x0638  [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
14:05:43.0754 0x0638  TsUsbFlt - ok
14:05:43.0824 0x0638  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
14:05:43.0902 0x0638  tunnel - ok
14:05:43.0928 0x0638  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\windows\system32\DRIVERS\uagp35.sys
14:05:43.0947 0x0638  uagp35 - ok
14:05:43.0974 0x0638  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
14:05:44.0015 0x0638  udfs - ok
14:05:44.0049 0x0638  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\windows\system32\UI0Detect.exe
14:05:44.0117 0x0638  UI0Detect - ok
14:05:44.0164 0x0638  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
14:05:44.0192 0x0638  uliagpkx - ok
14:05:44.0252 0x0638  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\windows\system32\drivers\umbus.sys
14:05:44.0283 0x0638  umbus - ok
14:05:44.0296 0x0638  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\windows\system32\DRIVERS\umpass.sys
14:05:44.0320 0x0638  UmPass - ok
14:05:44.0345 0x0638  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\windows\System32\upnphost.dll
14:05:44.0396 0x0638  upnphost - ok
14:05:44.0464 0x0638  [ A1977C315BF5691DA99235AA4A6907AF, 34B52FBA83F0E1C6B001D0AD1808B00152F731D18AAECC3C53B9918AA89BACEC ] usbaudio        C:\windows\system32\drivers\usbaudio.sys
14:05:44.0533 0x0638  usbaudio - ok
14:05:44.0583 0x0638  [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp         C:\windows\system32\DRIVERS\usbccgp.sys
14:05:44.0650 0x0638  usbccgp - ok
14:05:44.0696 0x0638  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\windows\system32\drivers\usbcir.sys
14:05:44.0730 0x0638  usbcir - ok
14:05:44.0772 0x0638  [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci         C:\windows\system32\drivers\usbehci.sys
14:05:44.0803 0x0638  usbehci - ok
14:05:44.0888 0x0638  [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys
14:05:44.0942 0x0638  usbhub - ok
14:05:44.0997 0x0638  [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci         C:\windows\system32\drivers\usbohci.sys
14:05:45.0028 0x0638  usbohci - ok
14:05:45.0081 0x0638  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\windows\system32\DRIVERS\usbprint.sys
14:05:45.0109 0x0638  usbprint - ok
14:05:45.0163 0x0638  [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan         C:\windows\system32\drivers\usbscan.sys
14:05:45.0246 0x0638  usbscan - ok
14:05:45.0295 0x0638  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS
14:05:45.0374 0x0638  USBSTOR - ok
14:05:45.0425 0x0638  [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci         C:\windows\system32\drivers\usbuhci.sys
14:05:45.0451 0x0638  usbuhci - ok
14:05:45.0510 0x0638  [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo        C:\windows\System32\Drivers\usbvideo.sys
14:05:45.0546 0x0638  usbvideo - ok
14:05:45.0590 0x0638  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\windows\System32\uxsms.dll
14:05:45.0631 0x0638  UxSms - ok
14:05:45.0681 0x0638  [ 981CE3E3A653511799F4A862494B66A8, 414D975387A118535E39636413969A7D4C98A85E542A44B8FA515C8A20D6093F ] VaultSvc        C:\windows\system32\lsass.exe
14:05:45.0699 0x0638  VaultSvc - ok
14:05:45.0736 0x0638  [ 9EBB5A19746196660722310A1E26F9DA, 76850165D23FAADDBC73DFED3FD2B4C2387424F6A646F5E3FD0C416FEAB9E38A ] VBoxDrv         C:\windows\system32\DRIVERS\VBoxDrv.sys
14:05:45.0756 0x0638  VBoxDrv - ok
14:05:45.0805 0x0638  [ 4A92B7923BA53260C41A88649E388E4F, 3916A99C3373125DBFD946E15A4615C7A177A4E6AB4A5312DD66093E1A20A141 ] VBoxNetAdp      C:\windows\system32\DRIVERS\VBoxNetAdp.sys
14:05:45.0822 0x0638  VBoxNetAdp - ok
14:05:45.0878 0x0638  [ DEB3856B4CF455594356E40C7EBA3766, 57B1EE6DAC4A0839F4744B19B17CAC3DA9AF64AA3B34A4D791BC06693F3C357D ] VBoxNetFlt      C:\windows\system32\DRIVERS\VBoxNetFlt.sys
14:05:45.0894 0x0638  VBoxNetFlt - ok
14:05:45.0936 0x0638  [ 4C1D1D36D847C4C23DDBD30402A3EE5F, AF301A7062BC2E6B413CA7E2955B76A24DE2A4D967F4A0F8CA0273E430C4E032 ] VBoxUSBMon      C:\windows\system32\DRIVERS\VBoxUSBMon.sys
14:05:45.0952 0x0638  VBoxUSBMon - ok
14:05:46.0010 0x0638  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
14:05:46.0042 0x0638  vdrvroot - ok
14:05:46.0093 0x0638  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\windows\System32\vds.exe
14:05:46.0157 0x0638  vds - ok
14:05:46.0185 0x0638  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\windows\system32\DRIVERS\vgapnp.sys
14:05:46.0210 0x0638  vga - ok
14:05:46.0256 0x0638  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\windows\System32\drivers\vga.sys
14:05:46.0303 0x0638  VgaSave - ok
14:05:46.0325 0x0638  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\windows\system32\drivers\vhdmp.sys
14:05:46.0350 0x0638  vhdmp - ok
14:05:46.0365 0x0638  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\windows\system32\drivers\viaagp.sys
14:05:46.0381 0x0638  viaagp - ok
14:05:46.0399 0x0638  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\windows\system32\DRIVERS\viac7.sys
14:05:46.0418 0x0638  ViaC7 - ok
14:05:46.0461 0x0638  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\windows\system32\drivers\viaide.sys
14:05:46.0477 0x0638  viaide - ok
14:05:46.0514 0x0638  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\windows\system32\drivers\volmgr.sys
14:05:46.0532 0x0638  volmgr - ok
14:05:46.0583 0x0638  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
14:05:46.0608 0x0638  volmgrx - ok
14:05:46.0657 0x0638  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\windows\system32\drivers\volsnap.sys
14:05:46.0683 0x0638  volsnap - ok
14:05:46.0787 0x0638  [ 86C96C079293E2E06708E146A011F4C4, 10F8DBA78B76B304525FC72C83990F10133936010E26D2F9AEB2FB747F8B75C2 ] vpnagent        C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
14:05:46.0818 0x0638  vpnagent - ok
14:05:46.0868 0x0638  [ B4A71B5E7F83BE22064891D503BF82F6, 37872EABDB6D7CB60BC36FE4117BD4D5F83F35009BA2515BF2D15D3ECCED6957 ] vpnva           C:\windows\system32\DRIVERS\vpnva-6.sys
14:05:46.0883 0x0638  vpnva - ok
14:05:46.0916 0x0638  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\windows\system32\DRIVERS\vsmraid.sys
14:05:46.0938 0x0638  vsmraid - ok
14:05:47.0044 0x0638  [ 143C873A90E834F38733BB05D686A9E7, EBBC2A11B751E4C869D08CD35FFB1B54A3BC1EDDDD436CFD6026892460BC842E ] VSPerfDrv100    c:\Program Files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys
14:05:47.0064 0x0638  VSPerfDrv100 - ok
14:05:47.0136 0x0638  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\windows\system32\vssvc.exe
14:05:47.0234 0x0638  VSS - ok
14:05:47.0249 0x0638  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\windows\system32\DRIVERS\vwifibus.sys
14:05:47.0268 0x0638  vwifibus - ok
14:05:47.0308 0x0638  [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
14:05:47.0349 0x0638  vwififlt - ok
14:05:47.0388 0x0638  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\windows\system32\w32time.dll
14:05:47.0440 0x0638  W32Time - ok
14:05:47.0464 0x0638  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\windows\system32\DRIVERS\wacompen.sys
14:05:47.0482 0x0638  WacomPen - ok
14:05:47.0523 0x0638  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys
14:05:47.0560 0x0638  WANARP - ok
14:05:47.0592 0x0638  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
14:05:47.0631 0x0638  Wanarpv6 - ok
14:05:47.0757 0x0638  [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc     C:\windows\system32\Wat\WatAdminSvc.exe
14:05:47.0819 0x0638  WatAdminSvc - ok
14:05:47.0902 0x0638  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\windows\system32\wbengine.exe
14:05:48.0030 0x0638  wbengine - ok
14:05:48.0065 0x0638  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
14:05:48.0093 0x0638  WbioSrvc - ok
14:05:48.0144 0x0638  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\windows\System32\wcncsvc.dll
14:05:48.0178 0x0638  wcncsvc - ok
14:05:48.0195 0x0638  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
14:05:48.0260 0x0638  WcsPlugInService - ok
14:05:48.0278 0x0638  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\windows\system32\DRIVERS\wd.sys
14:05:48.0298 0x0638  Wd - ok
14:05:48.0372 0x0638  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
14:05:48.0409 0x0638  Wdf01000 - ok
14:05:48.0452 0x0638  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost  C:\windows\system32\wdi.dll
14:05:48.0503 0x0638  WdiServiceHost - ok
14:05:48.0510 0x0638  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost   C:\windows\system32\wdi.dll
14:05:48.0533 0x0638  WdiSystemHost - ok
14:05:48.0582 0x0638  [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient       C:\windows\System32\webclnt.dll
14:05:48.0714 0x0638  WebClient - ok
14:05:48.0747 0x0638  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\windows\system32\wecsvc.dll
14:05:48.0800 0x0638  Wecsvc - ok
14:05:48.0823 0x0638  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\windows\System32\wercplsupport.dll
14:05:48.0865 0x0638  wercplsupport - ok
14:05:48.0881 0x0638  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\windows\System32\WerSvc.dll
14:05:48.0934 0x0638  WerSvc - ok
14:05:48.0991 0x0638  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys
14:05:49.0065 0x0638  WfpLwf - ok
14:05:49.0080 0x0638  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\windows\system32\drivers\wimmount.sys
14:05:49.0095 0x0638  WIMMount - ok
14:05:49.0199 0x0638  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
14:05:49.0276 0x0638  WinDefend - ok
14:05:49.0367 0x0638  [ 0A597F84BC8AF4229B529F655BB2BA14, 2243728CC9B52CF39EBB08F75E7057D771C71C32B64248AC44BD5D123ACBC037 ] WinDriver6      C:\windows\system32\drivers\windrvr6.sys
14:05:49.0398 0x0638  WinDriver6 - ok
14:05:49.0426 0x0638  WinHttpAutoProxySvc - ok
14:05:49.0500 0x0638  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
14:05:49.0554 0x0638  Winmgmt - ok
14:05:49.0632 0x0638  [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM           C:\windows\system32\WsmSvc.dll
14:05:49.0737 0x0638  WinRM - ok
14:05:49.0783 0x0638  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys
14:05:49.0804 0x0638  WinUsb - ok
14:05:49.0854 0x0638  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\windows\System32\wlansvc.dll
14:05:49.0949 0x0638  Wlansvc - ok
14:05:50.0123 0x0638  [ FB01D4AE207B9EFDBABFC55DC95C7E31, E0EFDBBE0BAC275230C8C1A053948C21BCF20B99B92E50939E95FFB9DC87F6BA ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:05:50.0200 0x0638  wlidsvc - ok
14:05:50.0319 0x0638  [ 325E4C5FC6B30C69B302DF650B9BB083, 4DF53A12F39A16DDF2AA22A0194873D0671CEBFBFB53EB2300186B45EAF8DB4D ] wltrysvc        C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
14:05:50.0326 0x0638  wltrysvc - detected UnsignedFile.Multi.Generic ( 1 )
14:05:56.0196 0x0638  Detect skipped due to KSN trusted
14:05:56.0196 0x0638  wltrysvc - ok
14:05:56.0245 0x0638  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\windows\system32\drivers\wmiacpi.sys
14:05:56.0271 0x0638  WmiAcpi - ok
14:05:56.0307 0x0638  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
14:05:56.0329 0x0638  wmiApSrv - ok
14:05:56.0465 0x0638  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
14:05:56.0591 0x0638  WMPNetworkSvc - ok
14:05:56.0624 0x0638  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\windows\System32\wpcsvc.dll
14:05:56.0678 0x0638  WPCSvc - ok
14:05:56.0720 0x0638  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
14:05:56.0772 0x0638  WPDBusEnum - ok
14:05:56.0794 0x0638  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
14:05:56.0832 0x0638  ws2ifsl - ok
14:05:56.0853 0x0638  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\windows\System32\wscsvc.dll
14:05:56.0891 0x0638  wscsvc - ok
14:05:56.0912 0x0638  WSearch - ok
14:05:57.0023 0x0638  [ 7E5C454A3F986FEBAD075DB8D915917E, 9E9147DDACD075958689523130DB92FC4ED0E38433461D8AB8792BCFBD9376DA ] wuauserv        C:\windows\system32\wuaueng.dll
14:05:57.0167 0x0638  wuauserv - ok
14:05:57.0238 0x0638  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
14:05:57.0321 0x0638  WudfPf - ok
14:05:57.0368 0x0638  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\windows\system32\DRIVERS\WUDFRd.sys
14:05:57.0392 0x0638  WUDFRd - ok
14:05:57.0415 0x0638  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\windows\System32\WUDFSvc.dll
14:05:57.0459 0x0638  wudfsvc - ok
14:05:57.0500 0x0638  [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc         C:\windows\System32\wwansvc.dll
14:05:57.0541 0x0638  WwanSvc - ok
14:05:57.0619 0x0638  [ B79B9DBC3C974F165B5D8054A8A932A6, 9A745DEEEAF07BC6ABB3ACDBA81BE1E4783E378412AF32D6E6AC3DF4442D45AF ] yukonw7         C:\windows\system32\DRIVERS\yk62x86.sys
14:05:57.0642 0x0638  yukonw7 - ok
14:05:57.0713 0x0638  ================ Scan global ===============================
14:05:57.0821 0x0638  [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\windows\system32\basesrv.dll
14:05:57.0869 0x0638  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\windows\system32\winsrv.dll
14:05:57.0886 0x0638  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\windows\system32\winsrv.dll
14:05:57.0923 0x0638  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\windows\system32\sxssrv.dll
14:05:57.0958 0x0638  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\windows\system32\services.exe
14:05:57.0968 0x0638  [ Global ] - ok
14:05:57.0969 0x0638  ================ Scan MBR ==================================
14:05:57.0990 0x0638  [ 2E5DEBB2116B3417023E0D6562D7ED07 ] \Device\Harddisk0\DR0
14:05:58.0563 0x0638  \Device\Harddisk0\DR0 - ok
14:05:58.0564 0x0638  ================ Scan VBR ==================================
14:05:58.0583 0x0638  [ 21CA5D1E9D7B400A90E47C6EB81DADE8 ] \Device\Harddisk0\DR0\Partition1
14:05:58.0585 0x0638  \Device\Harddisk0\DR0\Partition1 - ok
14:05:58.0594 0x0638  [ 9E781046B2E9F074CE1E7175D45CC8EE ] \Device\Harddisk0\DR0\Partition2
14:05:58.0596 0x0638  \Device\Harddisk0\DR0\Partition2 - ok
14:05:58.0623 0x0638  [ EAE45601D3E06586699E2ACB1CE1F6F5 ] \Device\Harddisk0\DR0\Partition3
14:05:58.0625 0x0638  \Device\Harddisk0\DR0\Partition3 - ok
14:05:58.0628 0x0638  ================ Scan generic autorun ======================
14:05:58.0739 0x0638  [ 4C5440275C0CC16B7387E0B76CF5A530, C5BD631C4BB7422D87290C05D20A146F1CCB46B41B14DF19A58C9957D1B223B7 ] C:\Program Files\Anvisoft\Anvi Smart Defender\ASDTray.exe
14:05:58.0791 0x0638  Anvi Smart Defender - ok
14:05:58.0995 0x0638  [ 9F22AF691BB098BA98951BC3DFDD779A, E52F319D82A40A3A016C9A3624B940B97FF15C6A26229B69645C279704DDD0C9 ] C:\Program Files\AVG\AVG2015\avgui.exe
14:05:59.0142 0x0638  AVG_UI - ok
14:05:59.0258 0x0638  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
14:05:59.0357 0x0638  Sidebar - ok
14:05:59.0390 0x0638  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
14:05:59.0417 0x0638  mctadmin - ok
14:05:59.0455 0x0638  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
14:05:59.0506 0x0638  Sidebar - ok
14:05:59.0513 0x0638  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
14:05:59.0537 0x0638  mctadmin - ok
14:05:59.0575 0x0638  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\sidebar.exe
14:05:59.0626 0x0638  Sidebar - ok
14:05:59.0629 0x0638  Waiting for KSN requests completion. In queue: 20
14:06:00.0629 0x0638  Waiting for KSN requests completion. In queue: 20
14:06:01.0629 0x0638  Waiting for KSN requests completion. In queue: 20
14:06:02.0629 0x0638  Waiting for KSN requests completion. In queue: 20
14:06:03.0629 0x0638  Waiting for KSN requests completion. In queue: 20
14:06:04.0629 0x0638  Waiting for KSN requests completion. In queue: 20
14:06:05.0836 0x0638  AV detected via SS2: AVG AntiVirus Free Edition 2015, C:\Program Files\AVG\AVG2015\avgwsc.exe ( 15.0.0.5863 ), 0x41000 ( enabled : updated )
14:06:05.0947 0x0638  Win FW state via NFP2: enabled
14:06:11.0800 0x0638  ============================================================
14:06:11.0800 0x0638  Scan finished
14:06:11.0800 0x0638  ============================================================
14:06:11.0810 0x0754  Detected object count: 1
14:06:11.0810 0x0754  Actual detected object count: 1
14:10:37.0019 0x0754  Rezip ( UnsignedFile.Multi.Generic ) - skipped by user
14:10:37.0019 0x0754  Rezip ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:10:45.0445 0x1174  Deinitialize success
         

Nach dem Neustart nach mbar waren die Prozesse, die zuviel waren shcon weg Vielen Dank für die Hilfe!

Alt 06.05.2015, 14:40   #7
schrauber
/// the machine
/// TB-Ausbilder
 

Zu viele Prozesse - Standard

Zu viele Prozesse



hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 16.05.2015, 07:39   #8
Inuyasha2008
 
Zu viele Prozesse - Standard

Zu viele Prozesse



Hallo,

also ich habe Combofix heruntergeladen fand es unter downloads und hab es auf den Desktop kopiert. Nach dem starten der exe hab ich nichts bewegt und gewartet. Folgendes kam während diesem Pozess:


Nachdem es durchgelaufen ist hab ich nach combofix gesucht jedoch nur die exe und keine log Datei gefunden. Jedoch war folgendes im Odner:

Alt 16.05.2015, 14:21   #9
schrauber
/// the machine
/// TB-Ausbilder
 

Zu viele Prozesse - Standard

Zu viele Prozesse



AV Programm komplett abschalten, dann nochmal Combofix
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 17.05.2015, 02:12   #10
Inuyasha2008
 
Zu viele Prozesse - Standard

Zu viele Prozesse



Der Prozess lässt sich nicht beenden. Hatte mit rechtsklick den Schutz vorübergehend deaktiviert jedoch ging es damit auch nicht.

Alt 17.05.2015, 11:46   #11
schrauber
/// the machine
/// TB-Ausbilder
 

Zu viele Prozesse - Standard

Zu viele Prozesse



AVG dann bitte deinstallieren, das wird uns bei jedem Schritt reinfunken.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Zu viele Prozesse
arten, avg, beim starten, dienst, heute, konnte, laufe, laufen, lokaler, mehrmals, nichts, plötzlich, prozess, prozesse, starte, starten, svchost, viele prozesse, virus



Ähnliche Themen: Zu viele Prozesse


  1. Sehr viele Prozesse im Taskmanager. Normal?
    Log-Analyse und Auswertung - 10.10.2014 (5)
  2. Sehr viele Prozesse (88-92)
    Log-Analyse und Auswertung - 09.11.2013 (5)
  3. Zu viele laufende Prozesse
    Plagegeister aller Art und deren Bekämpfung - 08.01.2012 (7)
  4. Eindeutig zu viele svchost Prozesse....
    Plagegeister aller Art und deren Bekämpfung - 24.01.2011 (11)
  5. System langsam, zu viele Prozesse
    Log-Analyse und Auswertung - 24.01.2011 (28)
  6. Zu viele Prozesse. Hijackthis log
    Log-Analyse und Auswertung - 25.10.2010 (3)
  7. zu viele prozesse welche sind unsinn ?
    Plagegeister aller Art und deren Bekämpfung - 08.10.2010 (4)
  8. acer netbock aspire one 523 - viel zu viele prozesse
    Log-Analyse und Auswertung - 27.09.2010 (7)
  9. Pc startet sehr viele Winlogon.exe prozesse .
    Plagegeister aller Art und deren Bekämpfung - 28.08.2010 (16)
  10. Task-Manager - viele Prozesse mit SVCHOST
    Log-Analyse und Auswertung - 05.07.2010 (2)
  11. Hohe CPU-Auslastung, viele Prozesse
    Log-Analyse und Auswertung - 04.05.2010 (3)
  12. viele unerwünschte prozesse auf desktop und netbook
    Log-Analyse und Auswertung - 29.04.2009 (0)
  13. viele unbekannte neue Prozesse
    Log-Analyse und Auswertung - 18.02.2009 (2)
  14. Zu viele Prozesse?
    Log-Analyse und Auswertung - 27.03.2008 (5)
  15. Zu viele Prozesse?
    Log-Analyse und Auswertung - 13.11.2007 (9)
  16. langes hochfahren durch zu viele prozesse
    Alles rund um Windows - 07.07.2007 (7)
  17. PC lahmt / Viele Prozesse im Taskmanager
    Antiviren-, Firewall- und andere Schutzprogramme - 23.06.2005 (4)

Zum Thema Zu viele Prozesse - Hallo, ich habe seit heute viel zu viele Prozesse im Task Manager. Sind beim starten plötzlich 4 mal soviele wie normalerweise. Auch laufen einige wie z.B. svchost mehrmals einmal LOKALER - Zu viele Prozesse...
Archiv
Du betrachtest: Zu viele Prozesse auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.