Trojaner-Board - Weißer Bildschirm nach Anmeldung (Windows 7)

Addition.txt

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-08-2013 02

Ran by Marco at 2013-08-12 20:34:38

Running from C:\Users\Marco\Desktop

Boot Mode: Normal

==========================================================
 
 

==================== Installed Programs =======================
 

   

„Windows Live Essentials“ (x32 Version: 15.4.3502.0922) Unnötig

„Windows Live Mail“ (x32 Version: 15.4.3502.0922) Unnötig

„Windows Live Messenger“ (x32 Version: 15.4.3502.0922) Unnötig

„Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922) Unnötig

Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224) Nötig

Adobe Reader 9.1 - Deutsch (x32 Version: 9.1.0)Nötig

Adobe Shockwave Player 11.6 (x32 Version: 11.6.4.634)Nötig

Agatha Christie - Death on the Nile (x32 Version: 2.2.0.82) Unnötig

Akamai NetSession Interface (HKCU) Unnötig

Ask Toolbar (x32 Version: 1.13.2.0) Unnötig 

AutoCAD 2014 Language Pack - Deutsch (German) (Version: 19.1.18.0)Nötig

Autodesk 360 (Version: 4.0.27.1)Nötig

Autodesk App Manager (x32 Version: 1.1.0)Nötig

Autodesk Content Service (x32 Version: 3.1.3.0)Nötig

Autodesk Content Service Language Pack (x32 Version: 3.1.3.0)Nötig

Autodesk Featured Apps (x32 Version: 1.1.0)Nötig

Autodesk Material Library 2014 (x32 Version: 4.0.19.0)Nötig

Autodesk Material Library Base Resolution Image Library 2014 (x32 Version: 4.0.19.0)Nötig

Autodesk ReCap (Version: 1.0.43.13)Nötig

Autodesk ReCap Language Pack-English (Version: 1.0.43.13)Nötig

BatteryLifeExtender (x32 Version: 1.0.11) Unnötig

Bejeweled 2 Deluxe (x32 Version: 2.2.0.95) Unnötig

Bing Bar (x32 Version: 7.0.610.0) Unnötig

Build-a-lot (x32 Version: 2.2.0.82) Unnötig

Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.00.0000) Unnötig

ChargeableUSB (x32 Version: 1.0.0.0) Unnötig

Chuzzle Deluxe (x32 Version: 2.2.0.82) Unnötig

CyberLink Media Suite (x32 Version: 8.0.2227) Unnötig

CyberLink Media+ Player10 (x32 Version: 10.0.1110.00) Unnötig

CyberLink Power2Go (x32 Version: 6.1.3802)Unnötig

CyberLink PowerDirector (x32 Version: 8.0.3306)Unnötig

CyberLink YouCam (x32 Version: 3.1.3509)Unnötig

D3DX10 (x32 Version: 15.4.2368.0902)Unbekannt

DAEMON Tools Lite (x32 Version: 4.40.2.0131)Unnötig

Definition Update for Microsoft Office 2010 (KB982726) 64-Bit EditionNötig

Die ersten 10 Jahre (x32 Version: 1.00.0000)Unnötig

Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.82)Unnötig

DirectX Media Runtime 5.1 (x32)Nötig

DVDVideoSoftTB DE Toolbar (x32 Version: 6.9.0.16)Unnötig

Easy Content Share (x32 Version: 1.0)Unnötig

Easy Display Manager (x32 Version: 3.2)Unnötig

Easy Migration (x32 Version: 1.0)Unnötig

Easy Network Manager (x32 Version: 4.4.7)Unnötig

Easy SpeedUp Manager (x32 Version: 2.1.1.1)Unnötig

EasyBatteryManager (x32 Version: 4.0.0.4)Unnötig

EasyFileShare (x32 Version: 1.0.11)Unnötig

ETDWare PS/2-X64 10.7.14.12_WHQL (Version: 10.7.14.12)Unnötig

Explorer Suite IIIUnnötig

Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287)Unnötig

Farm Frenzy (x32 Version: 2.2.0.82)Unnötig

FARO LS 1.1.501.0 (64bit) (x32 Version: 5.1.0.30630)Unnötig

FARO LS 1.1.501.0 (x32 Version: 5.1.0.30630)Unnötig

Fast Start (x32 Version: 2.2.0.0)Unnötig

Fotogalerija Windows Live (x32 Version: 15.4.3502.0922)Unnötig

Free YouTube to MP3 Converter version 3.11.33.1005 (x32 Version: 3.11.33.1005)Unnötig

Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922)Unnötig

Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922)Unnötig

Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922)Unnötig

Galerie de photos Windows Live (x32 Version: 15.4.3502.0922)Unnötig

Galerie foto Windows Live (x32 Version: 15.4.3502.0922)Unnötig

Game Alarm (HKCU)Unnötig

GeoGebra 4.2 (HKCU)Unnötig

Google Earth (x32 Version: 7.0.3.8542)Unnötig

Google Update Helper (x32 Version: 1.3.21.153)Unnötig

Insaniquarium Deluxe (x32 Version: 2.2.0.82)Unnötig

Intel PROSet WirelesNötig

Intel(R) Control Center (x32 Version: 1.2.1.1007)Nötig

Intel(R) Management Engine Components (x32 Version: 7.0.0.1144)Nötig

Intel(R) Processor Graphics (x32 Version: 8.15.10.2266)Nötig

Intel(R) Rapid Storage Technology (x32 Version: 10.0.0.1046)Nötig

Intel® PROSet/Wireless WiFi-Software (Version: 15.00.0000.0642)Nötig

Jägermeister Radio (x32 Version: 2.1.1)Unnötig

Java Auto Updater (x32 Version: 2.0.2.4)Nötig

Java(TM) 6 Update 22 (x32 Version: 6.0.220)Nötig

John Deere Drive Green (x32 Version: 2.2.0.82)Unnötig

Junk Mail filter update (x32 Version: 15.4.3502.0922)Unnötig

Landwirtschafts Simulator 2011 (x32 Version: 1.0)Unnötig

Landwirtschafts Simulator 2013 (x32 Version: 1.0)Unnötig

Mesh Runtime (x32 Version: 15.4.5722.2)Unnötig

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)Nötig

Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)Nötig

Microsoft .NET Framework 4 Extended (Version: 4.0.30319)Nötig

Microsoft Application Error Reporting (Version: 12.0.6015.5000)Nötig

Microsoft Office 2010 (x32 Version: 14.0.4763.1000)Nötig

Microsoft Office 2010 Service Pack 1 (SP1)Nötig

Microsoft Office Access MUI (German) 2010 (Version: 14.0.6029.1000)Nötig

Microsoft Office Excel MUI (German) 2010 (Version: 14.0.6029.1000)Nötig

Microsoft Office Groove MUI (German) 2010 (Version: 14.0.6029.1000)Nötig

Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.6029.1000)Nötig

Microsoft Office Office 32-bit Components 2010 (Version: 14.0.6029.1000)Nötig

Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.6029.1000)Nötig

Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.6029.1000)Nötig

Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.6029.1000)Nötig

Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)Nötig

Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)Nötig

Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)Nötig

Microsoft Office Proof (German) 2010 (Version: 14.0.6029.1000)Nötig

Microsoft Office Proof (Italian) 2010 (Version: 14.0.6029.1000)Nötig

Microsoft Office Proofing (German) 2010 (Version: 14.0.6029.1000)Nötig

Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.6029.1000)Nötig

Microsoft Office Shared 32-bit MUI (German) 2010 (Version: 14.0.6029.1000)Nötig

Microsoft Office Shared MUI (German) 2010 (Version: 14.0.6029.1000)Nötig

Microsoft Office Word MUI (German) 2010 (Version: 14.0.6029.1000)Nötig

Microsoft Security Client (Version: 4.2.0223.1)Nötig

Microsoft Security Essentials (Version: 4.2.223.1)Nötig

Microsoft Silverlight (Version: 5.1.20513.0)Nötig

Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)Nötig

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)Nötig

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)Nötig

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)Nötig

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)Nötig

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)Nötig

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)Nötig

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)Nötig

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)Nötig

Movie Color Enhancer (x32 Version: 1.0)Unnötig

MSVCRT (x32 Version: 15.4.2862.0708)Unbekkannt

MSVCRT_amd64 (x32 Version: 15.4.2862.0708)Unbekannt

NVIDIA Control Panel 266.72 (Version: 266.72)Nötig

NVIDIA Graphics Driver 266.72 (Version: 266.72)Nötig

NVIDIA Install Application (Version: 2.265.39.0)Nötig

NVIDIA Optimus 1.0.15 (Version: 1.0.15)Nötig

NVIDIA PhysX (x32 Version: 9.09.0814)Nötig

NVIDIA Update Components (Version: 1.0.15)Nötig

odesk AutoCAD 2014 - Deutsch (German) (Version: 19.1.18.0)Nötig

OpenOffice.org 3.3 (x32 Version: 3.3.9567)Nötig

Pando Media Booster (x32 Version: 2.6.0.8)Unnötig

Peggle (x32 Version: 2.2.0.82)Unnötig

Penguins! (x32 Version: 2.2.0.82)Unnötig

PhoneShare (x32 Version: 9.1.4)Unnötig

Plants vs. Zombies (x32 Version: 2.2.0.82)Unnötig

Poczta usługi Windows Live (x32 Version: 15.4.3502.0922)Unnötig

Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922)Unnötig

Pointofix (x32)Unnötig

Polar Golfer (x32 Version: 2.2.0.82)Unnötig

Pošta Windows Live (x32 Version: 15.4.3502.0922)Unnötig

Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922)Unnötig

RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0)Unnötig

RealPlayer (x32)Unnötig

Realtek Ethernet Controller Driver (x32 Version: 7.44.421.2011)Unnötig

Realtek High Definition Audio Driver (x32 Version: 6.0.1.6378)Unnötig

RealUpgrade 1.1 (x32 Version: 1.1.0)Unnötig

Samsung AnyWeb Print (x32 Version: 2.0.67.1)Unnötig

Samsung Printer Live Update (x32)Unnötig

Samsung Recovery Solution 5 (x32 Version: 5.0.0.9)Unnötig

Samsung Support Center (x32 Version: 1.1.24)Unnötig

Samsung Universal Print Driver (x32 Version: 2.02.05.00:27)Unnötig

Samsung Universal Scan Driver (x32 Version: 1.2.5.0)Unnötig

Samsung Update Plus (x32 Version: 3.0.0.17)Unnötig

SketchUp Import for AutoCAD 2014 (x32 Version: 1.1.0)Unnötig

Ski Challenge 13 (CH) (HKCU)Unnötig

Skype™ 5.10 (x32 Version: 5.10.116)Unnötig

swMSM (x32 Version: 12.0.0.1)Unnötig

TeamViewer 8 (x32 Version: 8.0.17396)Unnötig

Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (Version: 2.0.82.0)Unnötig

Uniblue DriverScanner (x32 Version: 4.0.3.5)Unnötig

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)Nötig

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)Nötig

Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)Nötig

Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)Nötig

Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)Nötig

Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)Nötig

Update for Microsoft Office 2010 (KB2553065)Nötig

Update for Microsoft Office 2010 (KB2553092)Nötig

Update for Microsoft Office 2010 (KB2553181) 64-Bit EditionNötig

Update for Microsoft Office 2010 (KB2553267) 64-Bit EditionNötig

Update for Microsoft Office 2010 (KB2553310) 64-Bit EditionNötig

Update for Microsoft Office 2010 (KB2553378) 64-Bit EditionNötig

Update for Microsoft Office 2010 (KB2566458)Nötig

Update for Microsoft Office 2010 (KB2598242) 64-Bit EditionNötig

Update for Microsoft Office 2010 (KB2687509) 64-Bit EditionNötig

Update for Microsoft Office 2010 (KB2760631) 64-Bit EditionNötig

Update for Microsoft Office 2010 (KB2767886) 64-Bit EditionNötig

Update for Microsoft OneNote 2010 (KB2553290) 64-Bit EditionNötig

Update for Microsoft Outlook 2010 (KB2597090) 64-Bit EditionNötig

Update for Microsoft Outlook 2010 (KB2687623) 64-Bit EditionNötig

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit EditionNötig

Update for Microsoft PowerPoint 2010 (KB2598240) 64-Bit EditionNötig

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit EditionNötig

User Guide (x32 Version: 1.5)Unnötig

VirtualDJ Home FREE (x32 Version: 7.3)Unnötig

VLC media player 1.1.11 (x32 Version: 1.1.11)Unnötig

WildTangent Games (x32 Version: 1.0.1.5)Unnötig

WildTangent ORB Game Console (x32)Unnötig

Windows Live Communications Platform (x32 Version: 15.4.3502.0922)Nötig

Windows Live Essentials (x32 Version: 15.4.3502.0922)Nötig

Windows Live fotoattēlu galerija (x32 Version: 15.4.3502.0922)Nötig

Windows Live Fotogaléria (x32 Version: 15.4.3502.0922)Nötig

Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)Nötig

Windows Live Foto-galerija (x32 Version: 15.4.3502.0922)Nötig

Windows Live Fotogalleri (x32 Version: 15.4.3502.0922)Nötig

Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922)Nötig

Windows Live Fotótár (x32 Version: 15.4.3502.0922)Nötig

Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922)Nötig

Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922)Nötig

Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)Nötig

Windows Live Installer (x32 Version: 15.4.3502.0922)Nötig

Windows Live Language Selector (Version: 15.4.3508.1109)Nötig

Windows Live Mail (x32 Version: 15.4.3502.0922)Nötig

Windows Live Mesh (x32 Version: 15.4.3502.0922)Nötig

Windows Live Messenger (x32 Version: 15.4.3502.0922)Nötig

Windows Live MIME IFilter (Version: 15.4.3502.0922)Nötig

Windows Live Movie Maker (x32 Version: 15.4.3502.0922)Nötig

Windows Live Photo Common (x32 Version: 15.4.3502.0922)Nötig

Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)Nötig

Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)Nötig

Windows Live Pošta (x32 Version: 15.4.3502.0922)Nötig

Windows Live Remote Client (Version: 15.4.5722.2)Nötig

Windows Live Remote Client Resources (Version: 15.4.5722.2)Nötig

Windows Live Remote Service (Version: 15.4.5722.2)Nötig

Windows Live Remote Service Resources (Version: 15.4.5722.2)Nötig

Windows Live SOXE (x32 Version: 15.4.3502.0922)Nötig

Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)Nötig

Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922)Nötig

Windows Live UX Platform (x32 Version: 15.4.3502.0922)Nötig

Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)Nötig

Windows Live Writer (x32 Version: 15.4.3502.0922)Nötig

Windows Live Writer Resources (x32 Version: 15.4.3502.0922)Nötig

Windows Live 메일 (x32 Version: 15.4.3502.0922)Nötig

Windows Live 사진 갤러리 (x32 Version: 15.4.3502.0922)Nötig

Windows Live 필수 패키지 (x32 Version: 15.4.3502.0922)Nötig

Windows Live 影像中心 (x32 Version: 15.4.3502.0922)Nötig

Windows Live 照片库 (x32 Version: 15.4.3502.0922)Nötig

Windows Live 程式集 (x32 Version: 15.4.3502.0922)Nötig

Windows Live 程式集 (x32 Version: 15.4.3508.1109)Nötig

Windows Live 软件包 (x32 Version: 15.4.3502.0922)Nötig

Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922)Nötig

Windows Liven sähköposti (x32 Version: 15.4.3502.0922)Nötig

Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922)Nötig

WinRAR 4.01 (64-Bit) (Version: 4.01.0)Nötig

WordCaptureX Pro (x32 Version: 4.0.0)Unnötig

Yontoo 1.10.03 (Version: 1.10.03)Unnötig

Zuma Deluxe (x32 Version: 2.2.0.95)Unnötig

Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922)Unnötig

Основные компоненты Windows Live (x32 Version: 15.4.3502.0922)Unnötig

Почта Windows Live (x32 Version: 15.4.3502.0922)Unnötig

Фотоальбом Windows Live (x32 Version: 15.4.3502.0922)Unnötig

Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922)Unnötig

גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922)Unnötig

بريد Windows Live (x32 Version: 15.4.3502.0922)Unnötig

معرض صور Windows Live (x32 Version: 15.4.3502.0922)Unnötig
 

==================== Restore Points  =========================
 
 

==================== Hosts content: ==========================
 

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {0ED2D85F-8AFE-48BE-BC64-DD8B3E06F3E2} - System32\Tasks\WifiManager => C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe [2011-01-04] (Samsung Electronics Co., Ltd.)

Task: {1988C802-A832-49B9-9F2F-BE364E836982} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-11-01] (Google Inc.)

Task: {26DBF6A7-263A-4114-93CC-041306CC0BE5} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2010-11-10] (CyberLink)

Task: {36AE324A-DAEA-4967-A52D-B2DD990FA0F1} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe [2010-11-29] (Samsung Electronics Co., Ltd.)

Task: {3C11257B-7E34-437A-977C-C577B4AE5F38} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-11-01] (Google Inc.)

Task: {415FF63B-7725-4FE9-BFA4-AE154E954C33} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [2010-12-23] (Samsung Electronics Co., Ltd.)

Task: {451203D1-3AEA-4306-BC57-D55C6A26F43B} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [2011-02-07] (SAMSUNG Electronics)

Task: {4A0D2E26-72B1-45D8-AD33-FA495FD26FE7} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-12-18] (Samsung Electronics. Co. Ltd.)

Task: {4D5F2877-5AEC-4D34-B382-20CD663996B1} - System32\Tasks\SUPBackground => C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe [2011-01-12] (Samsung Electronics)

Task: {4EF3A82F-4D20-4B46-B6FD-BACFF19707EC} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-11] (Adobe Systems Incorporated)

Task: {510C97C2-D82E-4D60-9364-A0A2BBEBCDDC} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2363513811-1566349318-2052125673-1001Core => C:\Users\Marco\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)

Task: {57ED20A2-BAF4-4AFA-A797-CF1C352A6693} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe [2013-01-27] (Microsoft Corporation)

Task: {5DD0D743-7111-4D19-9EDD-56A887350C1A} - System32\Tasks\EasyPartitionManager => C:\Windows\MSetup\BA46-12225A02\EPM.exe No File

Task: {62A38930-DB6B-458D-A49B-C44A3FC80DA8} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => C:\Program Files\Microsoft Security Client\MpCmdRun.exe [2013-01-27] (Microsoft Corporation)

Task: {648D2B98-727C-4C45-972D-E920F6EF0599} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-05-14] (Sun Microsystems, Inc.)

Task: {7380DC84-7DF0-4D6E-85FA-23C91803DAE0} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2010-07-20] (SAMSUNG Electronics co., LTD.)

Task: {82669EE7-D9ED-4C82-86B9-0B88C681AF93} - System32\Tasks\SmartRestarter => C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe [2010-08-05] (Samsung Electronics Co., Ltd.)

Task: {8528D06A-222E-4208-8BA9-9D1F2F705EFD} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2363513811-1566349318-2052125673-1001UA => C:\Users\Marco\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)

Task: {88382C5B-16AE-4D1D-A7BA-6433AB344D95} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2010-11-17] (SEC)

Task: {9E1BCF36-1E44-4FEE-BE19-29F7833DA7DA} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)

Task: {A35EF62F-9A01-4558-9CDD-73043A5A9A1D} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2011-11-17] ()

Task: {BA4108CB-C014-4FF5-BDC3-2B3BA7E275B5} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2363513811-1566349318-2052125673-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2011-09-27] (RealNetworks, Inc.)

Task: {C44F098C-221A-403F-BE3B-9F7DDB7CCBAB} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [2011-01-11] (Samsung Electronics Co., Ltd.)

Task: {D96EBAB0-2389-4755-AD4A-AF04FF2BD2D5} - System32\Tasks\DriverScanner => C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe [2012-03-02] (Uniblue Systems Limited)

Task: {E0D75258-18DA-49F2-9EE7-F0E119A16665} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2363513811-1566349318-2052125673-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2011-09-27] (RealNetworks, Inc.)

Task: {EE2BB659-0878-4118-8AD5-83B263E68CAD} - System32\Tasks\{A76F5228-760A-4C26-8024-ADC04D8CA726} => C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\FreeYouTubeToMP3Converter.exe [2012-10-05] (DVDVideoSoft Ltd.)

Task: {F63486F8-F6C2-410A-87F6-D0C2FFECFA00} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task

Task: {F7E6CCFA-8E9B-47B5-AD5F-56FA57B73804} - System32\Tasks\Real Player-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [2011-11-10] (RealNetworks, Inc.)

Task: {FAD55D8E-1922-43B0-BEB1-64E494BE8C2C} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\windows\System32\lpksetup.exe [2010-11-21] (Microsoft Corporation)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\windows\Tasks\DriverScanner.job => C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe

Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2363513811-1566349318-2052125673-1001Core.job => C:\Users\Marco\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2363513811-1566349318-2052125673-1001UA.job => C:\Users\Marco\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 

==================== Faulty Device Manager Devices =============
 

Name: Realtek PCIe GBE Family Controller

Description: Realtek PCIe GBE Family Controller

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Realtek

Service: RTL8167

Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)

Resolution: Update the driver
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (08/12/2013 08:33:29 PM) (Source: Windows Search Service) (User: )

Description: Fehler beim Erstellen des neuen Suchindex durch Windows Search. Interner Fehler <4, 0x8004117f, Fehler beim Hinzufügen des Projekts: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects>.
 

Error: (08/12/2013 08:33:28 PM) (Source: ESENT) (User: )

Description: Windows (4576) Windows: Versuch, in Datei "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb" bei Offset 25231360 (0x0000000001810000) für 1048576 (0x00100000) Bytes zu schreiben, ist nach Windows0 Sekunden mit Systemfehler 112 (0x00000070): "Es steht nicht genug Speicherplatz auf dem Datenträger zur Verfügung. " fehlgeschlagen. Fehler -1808 (0xfffff8f0) bei Schreiboperation. Wenn dieser Zustand andauert, ist die Datei möglicherweise beschädigt und muss aus einer vorherigen Sicherung wiederhergestellt werden.
 

Error: (08/12/2013 08:33:24 PM) (Source: Windows Search Service) (User: )

Description: Fehler beim Erstellen des neuen Suchindex durch Windows Search. Interner Fehler <4, 0x8004117f, Fehler beim Hinzufügen des Projekts: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects>.
 

Error: (08/12/2013 08:33:23 PM) (Source: ESENT) (User: )

Description: Windows (4704) Windows: Versuch, in Datei "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb" bei Offset 34668544 (0x0000000002110000) für 1048576 (0x00100000) Bytes zu schreiben, ist nach Windows0 Sekunden mit Systemfehler 112 (0x00000070): "Es steht nicht genug Speicherplatz auf dem Datenträger zur Verfügung. " fehlgeschlagen. Fehler -1808 (0xfffff8f0) bei Schreiboperation. Wenn dieser Zustand andauert, ist die Datei möglicherweise beschädigt und muss aus einer vorherigen Sicherung wiederhergestellt werden.
 

Error: (08/12/2013 08:33:12 PM) (Source: Windows Search Service) (User: )

Description: Fehler beim Erstellen des neuen Suchindex durch Windows Search. Interner Fehler <4, 0x8004117f, Fehler beim Hinzufügen des Projekts: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects>.
 

Error: (08/12/2013 08:33:12 PM) (Source: Windows Search Service) (User: )

Description: Der Jet-Eigenschaftenspeicher kann von Windows Search nicht geöffnet werden.
 
 

Details:

        0x%08x (0x8004117f - Der Inhaltsindexserver kann wegen eines Datenbankfehlers keine Daten aktualisieren oder auf sie zugreifen. Beenden Sie den Suchdienst, und starten Sie ihn erneut. Wenn das Problem weiterhin besteht, setzen Sie den Inhaltsindex zurück, und crawlen Sie ihn erneut. In manchen Fällen muss der Inhaltsindex möglicherweise gelöscht und erneut erstellt werden.  (HRESULT : 0x8004117f))
 

Error: (08/12/2013 08:30:38 PM) (Source: Windows Search Service) (User: )

Description: Fehler beim Erstellen des neuen Suchindex durch Windows Search. Interner Fehler <4, 0x8004117f, Fehler beim Hinzufügen des Projekts: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects>.
 

Error: (08/12/2013 08:30:38 PM) (Source: Windows Search Service) (User: )

Description: Der Jet-Eigenschaftenspeicher kann von Windows Search nicht geöffnet werden.
 
 

Details:

        0x%08x (0x8004117f - Der Inhaltsindexserver kann wegen eines Datenbankfehlers keine Daten aktualisieren oder auf sie zugreifen. Beenden Sie den Suchdienst, und starten Sie ihn erneut. Wenn das Problem weiterhin besteht, setzen Sie den Inhaltsindex zurück, und crawlen Sie ihn erneut. In manchen Fällen muss der Inhaltsindex möglicherweise gelöscht und erneut erstellt werden.  (HRESULT : 0x8004117f))
 

Error: (08/12/2013 08:30:38 PM) (Source: ESENT) (User: )

Description: Windows (6044) Windows: Versuch, in Datei "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb" bei Offset 4259840 (0x0000000000410000) für 32768 (0x00008000) Bytes zu schreiben, ist nach Windows0 Sekunden mit Systemfehler 112 (0x00000070): "Es steht nicht genug Speicherplatz auf dem Datenträger zur Verfügung. " fehlgeschlagen. Fehler -1808 (0xfffff8f0) bei Schreiboperation. Wenn dieser Zustand andauert, ist die Datei möglicherweise beschädigt und muss aus einer vorherigen Sicherung wiederhergestellt werden.
 

Error: (08/12/2013 08:30:30 PM) (Source: Windows Search Service) (User: )

Description: Fehler beim Erstellen des neuen Suchindex durch Windows Search. Interner Fehler <4, 0x8004117f, Fehler beim Hinzufügen des Projekts: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects>.
 
 

System errors:

=============

Error: (08/12/2013 08:33:30 PM) (Source: Service Control Manager) (User: )

Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 16 Mal passiert.
 

Error: (08/12/2013 08:33:30 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147217025.
 

Error: (08/12/2013 08:33:25 PM) (Source: Service Control Manager) (User: )

Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 15 Mal passiert.
 

Error: (08/12/2013 08:33:25 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147217025.
 

Error: (08/12/2013 08:33:13 PM) (Source: Service Control Manager) (User: )

Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 14 Mal passiert.
 

Error: (08/12/2013 08:33:13 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147217025.
 

Error: (08/12/2013 08:31:49 PM) (Source: Disk) (User: )

Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 

Error: (08/12/2013 08:31:48 PM) (Source: Disk) (User: )

Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 

Error: (08/12/2013 08:31:47 PM) (Source: Disk) (User: )

Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 

Error: (08/12/2013 08:31:42 PM) (Source: Disk) (User: )

Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
 

Microsoft Office Sessions:

=========================

Error: (08/12/2013 08:33:29 PM) (Source: Windows Search Service)(User: )

Description: 40x8004117fFehler beim Hinzufügen des Projekts: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects
 

Error: (08/12/2013 08:33:28 PM) (Source: ESENT)(User: )

Description: Windows4576Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb25231360 (0x0000000001810000)1048576 (0x00100000)-1808 (0xfffff8f0)112 (0x00000070)Es steht nicht genug Speicherplatz auf dem Datenträger zur Verfügung. 0
 

Error: (08/12/2013 08:33:24 PM) (Source: Windows Search Service)(User: )

Description: 40x8004117fFehler beim Hinzufügen des Projekts: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects
 

Error: (08/12/2013 08:33:23 PM) (Source: ESENT)(User: )

Description: Windows4704Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb34668544 (0x0000000002110000)1048576 (0x00100000)-1808 (0xfffff8f0)112 (0x00000070)Es steht nicht genug Speicherplatz auf dem Datenträger zur Verfügung. 0
 

Error: (08/12/2013 08:33:12 PM) (Source: Windows Search Service)(User: )

Description: 40x8004117fFehler beim Hinzufügen des Projekts: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects
 

Error: (08/12/2013 08:33:12 PM) (Source: Windows Search Service)(User: )

Description: 

Details:

        0x%08x (0x8004117f - Der Inhaltsindexserver kann wegen eines Datenbankfehlers keine Daten aktualisieren oder auf sie zugreifen. Beenden Sie den Suchdienst, und starten Sie ihn erneut. Wenn das Problem weiterhin besteht, setzen Sie den Inhaltsindex zurück, und crawlen Sie ihn erneut. In manchen Fällen muss der Inhaltsindex möglicherweise gelöscht und erneut erstellt werden.  (HRESULT : 0x8004117f))
 

Error: (08/12/2013 08:30:38 PM) (Source: Windows Search Service)(User: )

Description: 40x8004117fFehler beim Hinzufügen des Projekts: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects
 

Error: (08/12/2013 08:30:38 PM) (Source: Windows Search Service)(User: )

Description: 

Details:

        0x%08x (0x8004117f - Der Inhaltsindexserver kann wegen eines Datenbankfehlers keine Daten aktualisieren oder auf sie zugreifen. Beenden Sie den Suchdienst, und starten Sie ihn erneut. Wenn das Problem weiterhin besteht, setzen Sie den Inhaltsindex zurück, und crawlen Sie ihn erneut. In manchen Fällen muss der Inhaltsindex möglicherweise gelöscht und erneut erstellt werden.  (HRESULT : 0x8004117f))
 

Error: (08/12/2013 08:30:38 PM) (Source: ESENT)(User: )

Description: Windows6044Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb4259840 (0x0000000000410000)32768 (0x00008000)-1808 (0xfffff8f0)112 (0x00000070)Es steht nicht genug Speicherplatz auf dem Datenträger zur Verfügung. 0
 

Error: (08/12/2013 08:30:30 PM) (Source: Windows Search Service)(User: )

Description: 40x8004117fFehler beim Hinzufügen des Projekts: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects
 
 

==================== Memory info =========================== 
 

Percentage of memory in use: 44%

Total physical RAM: 4008.29 MB

Available physical RAM: 2210.62 MB

Total Pagefile: 8014.76 MB

Available Pagefile: 6124.62 MB

Total Virtual: 8192 MB

Available Virtual: 8191.84 MB
 

==================== Drives ================================
 

Drive c: () (Fixed) (Total:178 GB) (Free:0.01 GB) NTFS (Disk=0 Partition=2)

Drive d: () (Fixed) (Total:264.83 GB) (Free:75.57 GB) NTFS (Disk=0 Partition=4)

Drive g: () (Removable) (Total:14.91 GB) (Free:8.35 GB) NTFS (Disk=1 Partition=1)
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (Size: 466 GB) (Disk ID: 1F8D46A3)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=178 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=265 GB) - (Type=OF Extended)

Partition 4: (Not Active) - (Size=23 GB) - (Type=27)
 

========================================================

Disk: 1 (Size: 15 GB) (Disk ID: 66205247)

No partition Table on disk 1.
 

==================== End Of Log ============================

FRST.txt

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-08-2013 02

Ran by Marco (administrator) on 12-08-2013 20:33:39

Running from C:\Users\Marco\Desktop

Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard

Internet Explorer Version 10

Boot Mode: Normal
 

==================== Processes (Whitelisted) =================
 

(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe

(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe

(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe

(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe

(Akamai Technologies, Inc.) C:\Users\Marco\AppData\Local\Akamai\netsession_win.exe

(Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe

(Akamai Technologies, Inc.) C:\Users\Marco\AppData\Local\Akamai\netsession_win.exe

(Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe

() C:\windows\SysWOW64\srvany.exe

() C:\windows\KMService.exe

(Uniblue Systems Limited) C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe

() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe

(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe

(Intel Corporation) C:\windows\system32\igfxext.exe

(Intel Corporation) C:\windows\system32\igfxsrvc.exe

(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe

(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe

(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe

(Intel Corporation) C:\windows\system32\hkcmd.exe

(Intel Corporation) C:\windows\system32\igfxtray.exe

(Intel Corporation) C:\windows\system32\igfxpers.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe

(Samsung Electronics) C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

(Adobe Systems Incorporated) C:\windows\system32\Macromed\Flash\FlashUtil64_11_7_700_224_ActiveX.exe

(Microsoft Corporation) \\?\C:\windows\system32\wbem\WMIADAP.EXE
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11855976 2011-05-19] (Realtek Semiconductor)

HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2817872 2012-04-25] (ELAN Microelectronics Corp.)

HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1281512 2013-01-27] (Microsoft Corporation)

HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)

HKCU\...\Run: [Facebook Update] - C:\Users\Marco\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-12] (Facebook Inc.)

HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd)

HKCU\...\Run: [DriverScanner] - C:\Program Files (x86)\Uniblue\DriverScanner\launcher.exe [338808 2012-03-02] (Uniblue Systems Limited)

HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Marco\AppData\Local\Akamai\netsession_win.exe [4480768 2013-01-26] (Akamai Technologies, Inc.)

HKCU\...\Run: [Autodesk Sync] - C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)

MountPoints2: {5076cd14-268e-11e1-8a4e-e811329aefd2} - F:\cdstart.exe

HKLM-x32\...\Run: [WinampAgent] - "C:\Program Files (x86)\Winamp\winampa.exe" [x]

HKLM-x32\...\Run: [] -  [x]

HKLM-x32\...\Run: [ApnUpdater] - C:\Program Files (x86)\Ask.com\Updater\Updater.exe [901800 2011-11-17] (Ask)

AppInit_DLLs: C:\windows\system32\nvinitx.dll [226920 2011-05-04] (NVIDIA Corporation)

AppInit_DLLs-x32: c:\progra~3\browser manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll c:\windows\syswow64\nvinit.dll [226920 2011-05-04] ()

Startup: C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Game Alarm.lnk

ShortcutTarget: Game Alarm.lnk -> C:\Games\Game Alarm\gamealarm.exe (Europe Support Ltd. N.V.)

Startup: C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk

ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
 

==================== Internet (Whitelisted) ====================
 

ProxyServer: proxy.ksn.at:8080

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung.msn.com

URLSearchHook: (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} -  No File

URLSearchHook: (No Name) - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} -  No File

SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox

SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=109220&tt=4612_4&babsrc=SP_ss&mntrId=ae05d6cc00000000000078929c3a2d34

SearchScopes: HKCU - {30BD8453-7E63-44FD-B84C-BE54DAF5BFFA} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=VDJ&o=41647960&src=kw&q={searchTerms}&locale=de_US&apn_ptnrs=^8R&apn_dtid=^YYYYYY^YY^AT&apn_uid=68151A6E-FD63-4127-A8F9-FE7B826411D1&apn_sauid=3CCDE858-FF55-4558-A628-8613E317A015&

SearchScopes: HKCU - {EB6D7AA5-B8DF-437B-90DD-2A361729CB35} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2625848

BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: DVDVideoSoftTB DE Toolbar - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVD0.dll (Conduit Ltd.)

BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)

BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Samsung BHO Class - {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll ()

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)

BHO-x32: VirtualDJ Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)

BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

BHO-x32: smartdownloader Class - {F1AF26F8-1828-4279-ABCE-074EF3235BD7} - C:\Program Files (x86)\PutLockerDownloader\smarterdownloader.dll No File

BHO-x32: Yontoo - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll No File

Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)

Toolbar: HKLM-x32 - DVDVideoSoftTB DE Toolbar - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVD0.dll (Conduit Ltd.)

Toolbar: HKLM-x32 - VirtualDJ Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)

Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File

Toolbar: HKCU - No Name - {0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} -  No File

DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 212.186.211.21 195.34.133.21
 

FireFox:

========

FF ProfilePath: C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\ygnmue7p.default

FF user.js: detected! => C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\ygnmue7p.default\user.js

FF Homepage: hxxp://www.ask.com/?l=dis&o=41647960&gct=hp

FF SelectedSearchEngine: Ask.com

FF Keyword.URL: hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=VDJ&o=41647960&locale=de_US&apn_uid=68151A6E-FD63-4127-A8F9-FE7B826411D1&apn_ptnrs=%5E8R&apn_sauid=3CCDE858-FF55-4558-A628-8613E317A015&apn_dtid=%5EYYYYYY%5EYY%5EAT&&q=

FF Plugin: @microsoft.com/GENUINE - disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\system32\Adobe\Director\np32dsw.dll No File

FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF Plugin-x32: @microsoft.com/GENUINE - disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF Plugin-x32: @real.com/nppl3260;version=12.0.1.669 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprjplug;version=12.0.1.669 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=12.0.1.669 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprphtml5videoshim;version=12.0.1.669 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprpjplug;version=12.0.1.669 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Marco\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF SearchPlugin: C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\ygnmue7p.default\searchplugins\askcom.xml

FF SearchPlugin: C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\ygnmue7p.default\searchplugins\browsemngr.xml

FF Extension: VirtualDJ Toolbar - C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\ygnmue7p.default\Extensions\toolbar@ask.com

FF Extension: DVDVideoSoftTB DE  - C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\ygnmue7p.default\Extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}

FF Extension: No Name - C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\ygnmue7p.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

FF Extension: putlockerdownloader - C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\ygnmue7p.default\Extensions\putlockerdownloader@putlockerdownloader.com.xpi

FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext

FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
 

Chrome: 

=======

CHR HomePage: hxxp://www.google.com/

CHR RestoreOnStartup: "hxxp://www.google.com/"

CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll No File

CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\gcswf32.dll No File

CHR Plugin: (Remoting Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll No File

CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\pdf.dll No File

CHR Plugin: (WordCaptureX) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjdepfkicdcciagbigfcmdhknnoaaegf\1.1_0\npWCX.dll (Deskperience)

CHR Plugin: (Free Studio) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.0.0_0\np_dvs_plugin.dll (DVDVideoSoft Ltd.)

CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)

CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)

CHR Plugin: (Java(TM) Platform SE 6 U22) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File

CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File

CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)

CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)

CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)

CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Marco\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

CHR Plugin: (Shockwave for Director) - C:\windows\system32\Adobe\Director\np32dsw.dll No File

CHR Extension: (YouTube) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0

CHR Extension: (Google Search) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0

CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0

CHR Extension: (Word CaptureX Extension) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjdepfkicdcciagbigfcmdhknnoaaegf\1.1_0

CHR Extension: (DvdVideoSoft Free Youtube Download) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.0.0_0

CHR Extension: (Gmail) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

CHR HKLM-x32\...\Chrome\Extension: [apfdadfinodckpcehhdhjlgiphgnbfci] - C:\Program Files (x86)\PutLockerDownloader\putlockerdownloader10.crx

CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx

CHR HKLM-x32\...\Chrome\Extension: [mjdepfkicdcciagbigfcmdhknnoaaegf] - C:\Program Files (x86)\Deskperience\Word Capture\wcxChrome.crx

CHR HKLM-x32\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Program Files (x86)\Yontoo\YontooLayers.crx

CHR HKLM-x32\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.crx
 

==================== Services (Whitelisted) =================
 

S2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.)

R2 KMService; C:\Windows\SysWow64\srvany.exe [8192 2013-06-08] ()

R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22056 2013-01-27] (Microsoft Corporation)

R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [379360 2013-01-27] (Microsoft Corporation)

R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] ()
 

==================== Drivers (Whitelisted) ====================
 

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2011-12-14] (DT Soft Ltd)

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [230320 2013-01-20] (Microsoft Corporation)

R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [130008 2013-01-20] (Microsoft Corporation)

S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2011-08-12] (Windows (R) 2003 DDK 3790 provider)

S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2011-08-12] (Windows (R) 2003 DDK 3790 provider)
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2013-08-12 20:33 - 2013-08-12 19:43 - 01575246 _____ (Farbar) C:\Users\Marco\Desktop\FRST64.exe

2013-08-03 13:37 - 2013-08-12 20:19 - 00000000 ____D C:\Users\UpdatusUser\AppData\Local\CrashDumps

2013-07-31 15:17 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll

2013-07-31 15:17 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll

2013-07-31 15:17 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL

2013-07-31 15:17 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL

2013-07-31 15:16 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys

2013-07-31 15:14 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll

2013-07-31 15:14 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll

2013-07-16 09:25 - 2013-07-23 10:29 - 00000000 ____D C:\Users\Marco\Desktop\Praxisberichte
 

==================== One Month Modified Files and Folders =======
 

2013-08-12 20:33 - 2011-06-09 23:38 - 00697542 _____ C:\windows\system32\perfh007.dat

2013-08-12 20:33 - 2011-06-09 23:38 - 00148548 _____ C:\windows\system32\perfc007.dat

2013-08-12 20:33 - 2009-07-14 07:13 - 01614924 _____ C:\windows\system32\PerfStringBackup.INI

2013-08-12 20:32 - 2011-11-01 14:32 - 00001108 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job

2013-08-12 20:25 - 2011-06-10 00:01 - 01356881 _____ C:\windows\WindowsUpdate.log

2013-08-12 20:24 - 2009-07-14 06:45 - 00021200 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-08-12 20:24 - 2009-07-14 06:45 - 00021200 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-08-12 20:19 - 2013-08-03 13:37 - 00000000 ____D C:\Users\UpdatusUser\AppData\Local\CrashDumps

2013-08-12 20:18 - 2013-08-13 05:59 - 00000000 ____D C:\FRST

2013-08-12 20:16 - 2012-10-13 07:28 - 00000340 _____ C:\windows\Tasks\DriverScanner.job

2013-08-12 20:16 - 2011-11-01 14:32 - 00001104 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job

2013-08-12 20:15 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT

2013-08-12 20:15 - 2009-07-14 06:51 - 00115756 _____ C:\windows\setupact.log

2013-08-12 19:43 - 2013-08-12 20:33 - 01575246 _____ (Farbar) C:\Users\Marco\Desktop\FRST64.exe

2013-08-12 19:39 - 2012-09-02 16:16 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job

2013-08-12 18:56 - 2011-10-19 20:15 - 00001138 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2363513811-1566349318-2052125673-1001UA.job

2013-08-04 11:17 - 2011-10-19 20:15 - 00001116 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2363513811-1566349318-2052125673-1001Core.job

2013-08-01 09:17 - 2013-06-08 12:06 - 00000000 ____D C:\ProgramData\Microsoft Help

2013-07-31 15:51 - 2009-07-14 06:45 - 00521712 _____ C:\windows\system32\FNTCACHE.DAT

2013-07-31 15:49 - 2011-06-09 23:30 - 00000000 ____D C:\Program Files\Windows Journal

2013-07-31 15:49 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender

2013-07-31 15:49 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender

2013-07-31 15:24 - 2013-03-14 08:13 - 00000000 ____D C:\Program Files\Microsoft Silverlight

2013-07-31 15:24 - 2013-03-14 08:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight

2013-07-30 14:27 - 2011-11-01 14:32 - 00004104 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA

2013-07-30 14:27 - 2011-11-01 14:32 - 00003852 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore

2013-07-29 22:10 - 2011-11-28 18:41 - 00000000 ____D C:\Users\Marco\AppData\Local\CrashDumps

2013-07-27 15:45 - 2013-04-21 17:16 - 00000000 ____D C:\Users\Marco\Desktop\Marcos

2013-07-23 10:55 - 2012-11-21 18:17 - 00000000 ____D C:\Users\Marco\Desktop\HLFS Bruck

2013-07-23 10:29 - 2013-07-16 09:25 - 00000000 ____D C:\Users\Marco\Desktop\Praxisberichte

2013-07-16 09:25 - 2011-10-05 10:13 - 00000000 ____D C:\Users\Marco\Desktop\filme
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2013-07-27 00:21
 

==================== End Of Log ============================

--- --- ---

Combofix

Code:

ComboFix 13-08-13.02 - Marco 13.08.2013  21:54:03.1.8 - x64

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.43.1031.18.4008.2191 [GMT 2:00]

ausgeführt von:: c:\users\Marco\Desktop\ComboFix.exe

AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}

SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 * Neuer Wiederherstellungspunkt wurde erstellt

.

.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\windows\SysWow64\SETD243.tmp

c:\windows\wininit.ini

.

.

(((((((((((((((((((((((   Dateien erstellt von 2013-07-13 bis 2013-08-13  ))))))))))))))))))))))))))))))

.

.

2013-08-13 20:01 . 2013-08-13 20:01        --------        d-----w-        c:\users\UpdatusUser\AppData\Local\temp

2013-08-13 20:01 . 2013-08-13 20:01        --------        d-----w-        c:\users\Default\AppData\Local\temp

2013-08-13 19:49 . 2013-07-01 23:34        9460976        ----a-w-        c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7643B792-DB35-4FE5-BBD9-BB273D03BFB2}\mpengine.dll

2013-08-13 19:28 . 2013-08-13 19:28        312232        ----a-w-        c:\windows\system32\javaws.exe

2013-08-13 19:28 . 2013-08-13 19:28        972712        ----a-w-        c:\windows\system32\deployJava1.dll

2013-08-13 19:28 . 2013-08-13 19:28        1093032        ----a-w-        c:\windows\system32\npDeployJava1.dll

2013-08-13 19:28 . 2013-08-13 19:28        108968        ----a-w-        c:\windows\system32\WindowsAccessBridge-64.dll

2013-08-13 19:28 . 2013-08-13 19:28        189352        ----a-w-        c:\windows\system32\javaw.exe

2013-08-13 19:28 . 2013-08-13 19:28        188840        ----a-w-        c:\windows\system32\java.exe

2013-08-13 19:28 . 2013-08-13 19:28        --------        d-----w-        c:\program files\Java

2013-08-13 18:56 . 2013-08-13 18:56        --------        d-----w-        c:\program files (x86)\Common Files\Adobe

2013-08-13 18:53 . 2013-08-13 18:52        941720        ------w-        c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4644493F-6E23-4A91-93F8-5D8410C8F8EE}\gapaengine.dll

2013-08-13 18:48 . 2013-08-13 18:48        692104        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe

2013-08-13 18:48 . 2013-08-13 18:48        71048        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-08-13 03:59 . 2013-08-12 18:18        --------        d-----w-        C:\FRST

2013-08-03 11:37 . 2013-08-13 19:48        --------        d-----w-        c:\users\UpdatusUser\AppData\Local\CrashDumps

2013-07-31 13:17 . 2013-05-27 05:50        1011712        ----a-w-        c:\program files\Windows Defender\MpSvc.dll

2013-07-31 13:17 . 2013-05-27 05:50        571904        ----a-w-        c:\program files\Windows Defender\MpClient.dll

2013-07-31 13:17 . 2013-05-27 05:50        314880        ----a-w-        c:\program files\Windows Defender\MpCommu.dll

2013-07-31 13:17 . 2013-05-27 04:57        54784        ----a-w-        c:\program files (x86)\Windows Defender\MpOAV.dll

2013-07-31 13:17 . 2013-05-27 04:57        392704        ----a-w-        c:\program files (x86)\Windows Defender\MpClient.dll

2013-07-31 13:17 . 2013-05-27 03:15        9216        ----a-w-        c:\program files (x86)\Windows Defender\MpAsDesc.dll

2013-07-31 13:17 . 2013-05-27 04:57        4608        ----a-w-        c:\program files (x86)\Windows Defender\MsMpLics.dll

2013-07-31 13:17 . 2013-06-04 06:00        624128        ----a-w-        c:\windows\system32\qedit.dll

2013-07-31 13:17 . 2013-06-04 04:53        509440        ----a-w-        c:\windows\SysWow64\qedit.dll

2013-07-31 13:17 . 2013-05-06 06:03        1887744        ----a-w-        c:\windows\system32\WMVDECOD.DLL

2013-07-31 13:17 . 2013-05-06 04:56        1620480        ----a-w-        c:\windows\SysWow64\WMVDECOD.DLL

2013-07-31 13:16 . 2013-06-05 03:34        3153920        ----a-w-        c:\windows\system32\win32k.sys

2013-07-31 13:16 . 2013-04-10 05:48        1732608        ----a-w-        c:\program files\Windows Journal\NBDoc.DLL

2013-07-31 13:16 . 2013-04-10 05:46        1367040        ----a-w-        c:\program files\Common Files\Microsoft Shared\ink\journal.dll

2013-07-31 13:16 . 2013-04-10 05:46        1402880        ----a-w-        c:\program files\Windows Journal\JNWDRV.dll

2013-07-31 13:16 . 2013-04-10 05:46        1393152        ----a-w-        c:\program files\Windows Journal\JNTFiltr.dll

2013-07-31 13:16 . 2013-04-10 05:03        936448        ----a-w-        c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll

2013-07-31 13:14 . 2013-04-02 22:51        1643520        ----a-w-        c:\windows\system32\DWrite.dll

2013-07-31 13:14 . 2013-04-09 23:34        1247744        ----a-w-        c:\windows\SysWow64\DWrite.dll

.

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-06-23 19:15 . 2012-11-28 19:34        964552        ------w-        c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll

2013-06-12 03:08 . 2013-07-04 13:51        9552976        ----a-w-        c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2013-06-08 14:08 . 2013-06-19 22:14        1365504        ----a-w-        c:\windows\system32\urlmon.dll

2013-06-08 14:07 . 2013-06-19 22:13        19233792        ----a-w-        c:\windows\system32\mshtml.dll

2013-06-08 14:06 . 2013-06-19 22:14        2648064        ----a-w-        c:\windows\system32\iertutil.dll

2013-06-08 14:06 . 2013-06-19 22:13        526336        ----a-w-        c:\windows\system32\ieui.dll

2013-06-08 14:06 . 2013-06-19 22:13        15404544        ----a-w-        c:\windows\system32\ieframe.dll

2013-06-08 12:28 . 2013-06-19 22:14        2706432        ----a-w-        c:\windows\system32\mshtml.tlb

2013-06-08 11:24 . 2013-06-08 11:24        8192        ----a-w-        c:\windows\SysWow64\srvany.exe

2013-06-08 11:24 . 2013-06-08 11:24        151552        ----a-w-        c:\windows\KMService.exe

2013-06-08 11:13 . 2013-06-19 22:14        2706432        ----a-w-        c:\windows\SysWow64\mshtml.tlb

2013-05-23 19:31 . 2010-06-24 02:33        22240        ----a-w-        c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2013-05-17 01:25 . 2013-06-15 15:53        1767936        ----a-w-        c:\windows\SysWow64\wininet.dll

2013-05-17 01:25 . 2013-06-15 15:53        2877440        ----a-w-        c:\windows\SysWow64\jscript9.dll

2013-05-17 01:25 . 2013-06-15 15:53        61440        ----a-w-        c:\windows\SysWow64\iesetup.dll

2013-05-17 01:25 . 2013-06-15 15:53        109056        ----a-w-        c:\windows\SysWow64\iesysprep.dll

2013-05-17 00:59 . 2013-06-15 15:53        51712        ----a-w-        c:\windows\system32\ie4uinit.exe

2013-05-17 00:59 . 2013-06-15 15:53        2241024        ----a-w-        c:\windows\system32\wininet.dll

2013-05-17 00:58 . 2013-06-15 15:53        603136        ----a-w-        c:\windows\system32\msfeeds.dll

2013-05-17 00:58 . 2013-06-15 15:53        855552        ----a-w-        c:\windows\system32\jscript.dll

2013-05-17 00:58 . 2013-06-15 15:53        3958784        ----a-w-        c:\windows\system32\jscript9.dll

2013-05-17 00:58 . 2013-06-15 15:53        53248        ----a-w-        c:\windows\system32\jsproxy.dll

2013-05-17 00:58 . 2013-06-15 15:53        67072        ----a-w-        c:\windows\system32\iesetup.dll

2013-05-17 00:58 . 2013-06-15 15:53        39936        ----a-w-        c:\windows\system32\iernonce.dll

2013-05-17 00:58 . 2013-06-15 15:53        136704        ----a-w-        c:\windows\system32\iesysprep.dll

.

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]

"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-04 1081224]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-05-11 958576]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-04 1081224]

.

c:\users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"LoadAppInit_DLLs"=1 (0x1)

"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]

"TkBellExe"="c:\program files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]

R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]

R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]

R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]

R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]

R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]

R3 Samsung UPD Service;Samsung UPD Service;c:\windows\System32\SUPDSvc.exe;c:\windows\SYSNATIVE\SUPDSvc.exe [x]

R3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]

R3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]

R3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]

R3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]

R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]

R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]

S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]

S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys;c:\windows\SYSNATIVE\Drivers\SABI.sys [x]

S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x]

S2 KMService;KMService;c:\windows\system32\srvany.exe;c:\windows\SYSNATIVE\srvany.exe [x]

S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]

S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]

S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]

S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]

.

.

Inhalt des "geplante Tasks" Ordners

.

2013-08-13 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-13 18:48]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-05-19 11855976]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512]

"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=c:\windows\System32\nvinitx.dll

.

------- Zusätzlicher Suchlauf -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.google.at/

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyServer = proxy.ksn.at:8080

uInternet Settings,ProxyOverride = <local>

IE: An OneNote s&enden - c:\progra~1\Microsoft Office\Office14\ONBttnIE.dll/105

IE: Free YouTube to MP3 Converter - c:\users\Marco\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

IE: Nach Microsoft E&xcel exportieren - c:\progra~1\Microsoft Office\Office14\EXCEL.EXE/3000

TCP: DhcpNameServer = 212.186.211.21 195.34.133.21

.

- - - - Entfernte verwaiste Registrierungseinträge - - - -

.

BHO-{F1AF26F8-1828-4279-ABCE-074EF3235BD7} - c:\program files (x86)\PutLockerDownloader\smarterdownloader.dll

BHO-{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - c:\program files (x86)\Yontoo\YontooIEClient.dll

Toolbar-Locked - (no file)

Wow6432Node-HKCU-Run-Akamai NetSession Interface - c:\users\Marco\AppData\Local\Akamai\netsession_win.exe

Wow6432Node-HKLM-Run-WinampAgent - c:\program files (x86)\Winamp\winampa.exe

c:\users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Game Alarm.lnk - c:\games\Game Alarm\gamealarm.exe -silent 2

HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start

Toolbar-Locked - (no file)

HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe

.

.

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Zeit der Fertigstellung: 2013-08-13  22:03:32

ComboFix-quarantined-files.txt  2013-08-13 20:03

.

Vor Suchlauf: 10 Verzeichnis(se), 12.582.199.296 Bytes frei

Nach Suchlauf: 15 Verzeichnis(se), 14.426.841.088 Bytes frei

.

- - End Of File - - 0D997B9D9AD249F0B2C8C0276850E17C

D41D8CD98F00B204E9800998ECF8427E

TDSSKiller

Code:

22:06:04.0043 1904  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

22:06:04.0230 1904  ============================================================

22:06:04.0230 1904  Current date / time: 2013/08/13 22:06:04.0230

22:06:04.0230 1904  SystemInfo:

22:06:04.0230 1904  

22:06:04.0230 1904  OS Version: 6.1.7601 ServicePack: 1.0

22:06:04.0230 1904  Product type: Workstation

22:06:04.0230 1904  ComputerName: MARCO-PC

22:06:04.0230 1904  UserName: Marco

22:06:04.0230 1904  Windows directory: C:\windows

22:06:04.0230 1904  System windows directory: C:\windows

22:06:04.0230 1904  Running under WOW64

22:06:04.0230 1904  Processor architecture: Intel x64

22:06:04.0230 1904  Number of processors: 8

22:06:04.0230 1904  Page size: 0x1000

22:06:04.0230 1904  Boot type: Normal boot

22:06:04.0230 1904  ============================================================

22:06:04.0620 1904  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

22:06:04.0636 1904  ============================================================

22:06:04.0636 1904  \Device\Harddisk0\DR0:

22:06:04.0636 1904  MBR partitions:

22:06:04.0636 1904  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

22:06:04.0636 1904  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x16400000

22:06:04.0652 1904  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x16433000, BlocksNum 0x211A8800

22:06:04.0652 1904  ============================================================

22:06:04.0667 1904  C: <-> \Device\Harddisk0\DR0\Partition2

22:06:04.0730 1904  D: <-> \Device\Harddisk0\DR0\Partition3

22:06:04.0730 1904  ============================================================

22:06:04.0730 1904  Initialize success

22:06:04.0730 1904  ============================================================

22:06:48.0769 3224  ============================================================

22:06:48.0769 3224  Scan started

22:06:48.0769 3224  Mode: Manual; SigCheck; TDLFS; 

22:06:48.0769 3224  ============================================================

22:06:49.0767 3224  ================ Scan system memory ========================

22:06:49.0767 3224  System memory - ok

22:06:49.0767 3224  ================ Scan services =============================

22:06:50.0032 3224  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys

22:06:50.0173 3224  1394ohci - ok

22:06:50.0235 3224  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\windows\system32\drivers\ACPI.sys

22:06:50.0266 3224  ACPI - ok

22:06:50.0360 3224  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys

22:06:50.0391 3224  AcpiPmi - ok

22:06:50.0578 3224  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

22:06:50.0594 3224  AdobeARMservice - ok

22:06:50.0812 3224  [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

22:06:50.0843 3224  AdobeFlashPlayerUpdateSvc - ok

22:06:50.0890 3224  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\windows\system32\drivers\adp94xx.sys

22:06:50.0921 3224  adp94xx - ok

22:06:50.0937 3224  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\windows\system32\drivers\adpahci.sys

22:06:50.0953 3224  adpahci - ok

22:06:50.0968 3224  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\windows\system32\drivers\adpu320.sys

22:06:50.0984 3224  adpu320 - ok

22:06:51.0015 3224  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll

22:06:51.0077 3224  AeLookupSvc - ok

22:06:51.0202 3224  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\windows\system32\drivers\afd.sys

22:06:51.0296 3224  AFD - ok

22:06:51.0343 3224  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\windows\system32\drivers\agp440.sys

22:06:51.0358 3224  agp440 - ok

22:06:51.0389 3224  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\windows\System32\alg.exe

22:06:51.0436 3224  ALG - ok

22:06:51.0467 3224  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\windows\system32\drivers\aliide.sys

22:06:51.0483 3224  aliide - ok

22:06:51.0530 3224  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\windows\system32\drivers\amdide.sys

22:06:51.0561 3224  amdide - ok

22:06:51.0561 3224  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\windows\system32\drivers\amdk8.sys

22:06:51.0592 3224  AmdK8 - ok

22:06:51.0592 3224  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\windows\system32\drivers\amdppm.sys

22:06:51.0623 3224  AmdPPM - ok

22:06:51.0655 3224  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\windows\system32\drivers\amdsata.sys

22:06:51.0670 3224  amdsata - ok

22:06:51.0733 3224  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\windows\system32\drivers\amdsbs.sys

22:06:51.0764 3224  amdsbs - ok

22:06:51.0779 3224  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\windows\system32\drivers\amdxata.sys

22:06:51.0795 3224  amdxata - ok

22:06:51.0795 3224  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\windows\system32\drivers\appid.sys

22:06:51.0842 3224  AppID - ok

22:06:51.0873 3224  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\windows\System32\appidsvc.dll

22:06:51.0904 3224  AppIDSvc - ok

22:06:51.0935 3224  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\windows\System32\appinfo.dll

22:06:51.0967 3224  Appinfo - ok

22:06:52.0029 3224  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\windows\system32\drivers\arc.sys

22:06:52.0060 3224  arc - ok

22:06:52.0076 3224  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\windows\system32\drivers\arcsas.sys

22:06:52.0091 3224  arcsas - ok

22:06:52.0201 3224  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

22:06:52.0232 3224  aspnet_state - ok

22:06:52.0294 3224  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys

22:06:52.0357 3224  AsyncMac - ok

22:06:52.0388 3224  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\windows\system32\drivers\atapi.sys

22:06:52.0403 3224  atapi - ok

22:06:52.0419 3224  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll

22:06:52.0466 3224  AudioEndpointBuilder - ok

22:06:52.0481 3224  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\windows\System32\Audiosrv.dll

22:06:52.0513 3224  AudioSrv - ok

22:06:52.0606 3224  [ 3817558D8D5BBC8B0F190CF0D7C4720F ] Autodesk Content Service C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe

22:06:52.0622 3224  Autodesk Content Service ( UnsignedFile.Multi.Generic ) - warning

22:06:52.0622 3224  Autodesk Content Service - detected UnsignedFile.Multi.Generic (1)

22:06:52.0637 3224  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\windows\System32\AxInstSV.dll

22:06:52.0700 3224  AxInstSV - ok

22:06:52.0731 3224  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys

22:06:52.0778 3224  b06bdrv - ok

22:06:52.0809 3224  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\windows\system32\DRIVERS\b57nd60a.sys

22:06:52.0840 3224  b57nd60a - ok

22:06:52.0871 3224  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\windows\System32\bdesvc.dll

22:06:52.0918 3224  BDESVC - ok

22:06:52.0949 3224  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\windows\system32\drivers\Beep.sys

22:06:52.0996 3224  Beep - ok

22:06:53.0027 3224  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\windows\System32\bfe.dll

22:06:53.0074 3224  BFE - ok

22:06:53.0137 3224  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\windows\system32\qmgr.dll

22:06:53.0183 3224  BITS - ok

22:06:53.0230 3224  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\windows\system32\DRIVERS\blbdrive.sys

22:06:53.0261 3224  blbdrive - ok

22:06:53.0308 3224  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\windows\system32\DRIVERS\bowser.sys

22:06:53.0355 3224  bowser - ok

22:06:53.0386 3224  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\windows\system32\drivers\BrFiltLo.sys

22:06:53.0417 3224  BrFiltLo - ok

22:06:53.0417 3224  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\windows\system32\drivers\BrFiltUp.sys

22:06:53.0433 3224  BrFiltUp - ok

22:06:53.0464 3224  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\windows\system32\DRIVERS\bridge.sys

22:06:53.0495 3224  BridgeMP - ok

22:06:53.0511 3224  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\windows\System32\browser.dll

22:06:53.0542 3224  Browser - ok

22:06:53.0558 3224  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\windows\System32\Drivers\Brserid.sys

22:06:53.0589 3224  Brserid - ok

22:06:53.0605 3224  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys

22:06:53.0651 3224  BrSerWdm - ok

22:06:53.0667 3224  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys

22:06:53.0714 3224  BrUsbMdm - ok

22:06:53.0729 3224  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys

22:06:53.0776 3224  BrUsbSer - ok

22:06:53.0823 3224  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\windows\system32\drivers\BthEnum.sys

22:06:53.0885 3224  BthEnum - ok

22:06:53.0901 3224  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\windows\system32\drivers\bthmodem.sys

22:06:53.0948 3224  BTHMODEM - ok

22:06:53.0979 3224  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\windows\system32\DRIVERS\bthpan.sys

22:06:54.0026 3224  BthPan - ok

22:06:54.0057 3224  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\windows\System32\Drivers\BTHport.sys

22:06:54.0088 3224  BTHPORT - ok

22:06:54.0119 3224  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\windows\system32\bthserv.dll

22:06:54.0166 3224  bthserv - ok

22:06:54.0213 3224  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\windows\System32\Drivers\BTHUSB.sys

22:06:54.0244 3224  BTHUSB - ok

22:06:54.0260 3224  catchme - ok

22:06:54.0307 3224  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys

22:06:54.0385 3224  cdfs - ok

22:06:54.0385 3224  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\windows\system32\DRIVERS\cdrom.sys

22:06:54.0400 3224  cdrom - ok

22:06:54.0431 3224  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\windows\System32\certprop.dll

22:06:54.0447 3224  CertPropSvc - ok

22:06:54.0478 3224  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\windows\system32\drivers\circlass.sys

22:06:54.0509 3224  circlass - ok

22:06:54.0587 3224  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\windows\system32\CLFS.sys

22:06:54.0619 3224  CLFS - ok

22:06:54.0697 3224  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

22:06:54.0712 3224  clr_optimization_v2.0.50727_32 - ok

22:06:54.0759 3224  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

22:06:54.0775 3224  clr_optimization_v2.0.50727_64 - ok

22:06:54.0853 3224  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

22:06:54.0868 3224  clr_optimization_v4.0.30319_32 - ok

22:06:54.0915 3224  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

22:06:54.0931 3224  clr_optimization_v4.0.30319_64 - ok

22:06:54.0977 3224  clwvd - ok

22:06:54.0993 3224  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\windows\system32\DRIVERS\CmBatt.sys

22:06:55.0024 3224  CmBatt - ok

22:06:55.0055 3224  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\windows\system32\drivers\cmdide.sys

22:06:55.0071 3224  cmdide - ok

22:06:55.0102 3224  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\windows\system32\Drivers\cng.sys

22:06:55.0149 3224  CNG - ok

22:06:55.0165 3224  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\windows\system32\DRIVERS\compbatt.sys

22:06:55.0180 3224  Compbatt - ok

22:06:55.0180 3224  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\windows\system32\DRIVERS\CompositeBus.sys

22:06:55.0196 3224  CompositeBus - ok

22:06:55.0196 3224  COMSysApp - ok

22:06:55.0211 3224  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\windows\system32\drivers\crcdisk.sys

22:06:55.0227 3224  crcdisk - ok

22:06:55.0274 3224  [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc        C:\windows\system32\cryptsvc.dll

22:06:55.0321 3224  CryptSvc - ok

22:06:55.0367 3224  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\windows\system32\rpcss.dll

22:06:55.0414 3224  DcomLaunch - ok

22:06:55.0445 3224  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\windows\System32\defragsvc.dll

22:06:55.0523 3224  defragsvc - ok

22:06:55.0570 3224  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\windows\system32\Drivers\dfsc.sys

22:06:55.0633 3224  DfsC - ok

22:06:55.0664 3224  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\windows\system32\dhcpcore.dll

22:06:55.0711 3224  Dhcp - ok

22:06:55.0742 3224  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\windows\system32\drivers\discache.sys

22:06:55.0820 3224  discache - ok

22:06:55.0851 3224  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\windows\system32\drivers\disk.sys

22:06:55.0867 3224  Disk - ok

22:06:55.0882 3224  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\windows\System32\dnsrslvr.dll

22:06:55.0929 3224  Dnscache - ok

22:06:55.0960 3224  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\windows\System32\dot3svc.dll

22:06:56.0023 3224  dot3svc - ok

22:06:56.0038 3224  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\windows\system32\dps.dll

22:06:56.0085 3224  DPS - ok

22:06:56.0116 3224  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys

22:06:56.0147 3224  drmkaud - ok

22:06:56.0225 3224  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys

22:06:56.0272 3224  DXGKrnl - ok

22:06:56.0288 3224  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\windows\System32\eapsvc.dll

22:06:56.0319 3224  EapHost - ok

22:06:56.0413 3224  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\windows\system32\drivers\evbda.sys

22:06:56.0522 3224  ebdrv - ok

22:06:56.0553 3224  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\windows\System32\lsass.exe

22:06:56.0584 3224  EFS - ok

22:06:56.0647 3224  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\windows\ehome\ehRecvr.exe

22:06:56.0709 3224  ehRecvr - ok

22:06:56.0725 3224  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\windows\ehome\ehsched.exe

22:06:56.0740 3224  ehSched - ok

22:06:56.0818 3224  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\windows\system32\drivers\elxstor.sys

22:06:56.0849 3224  elxstor - ok

22:06:56.0865 3224  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\windows\system32\drivers\errdev.sys

22:06:56.0881 3224  ErrDev - ok

22:06:56.0927 3224  [ 0C8324462B9791A1ECE2A329A7378A55 ] ETD             C:\windows\system32\DRIVERS\ETD.sys

22:06:56.0959 3224  ETD - ok

22:06:56.0990 3224  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\windows\system32\es.dll

22:06:57.0037 3224  EventSystem - ok

22:06:57.0068 3224  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\windows\system32\drivers\exfat.sys

22:06:57.0099 3224  exfat - ok

22:06:57.0115 3224  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\windows\system32\drivers\fastfat.sys

22:06:57.0161 3224  fastfat - ok

22:06:57.0208 3224  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\windows\system32\fxssvc.exe

22:06:57.0255 3224  Fax - ok

22:06:57.0286 3224  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\windows\system32\drivers\fdc.sys

22:06:57.0317 3224  fdc - ok

22:06:57.0349 3224  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\windows\system32\fdPHost.dll

22:06:57.0411 3224  fdPHost - ok

22:06:57.0427 3224  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\windows\system32\fdrespub.dll

22:06:57.0473 3224  FDResPub - ok

22:06:57.0505 3224  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\windows\system32\drivers\fileinfo.sys

22:06:57.0520 3224  FileInfo - ok

22:06:57.0551 3224  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\windows\system32\drivers\filetrace.sys

22:06:57.0614 3224  Filetrace - ok

22:06:57.0754 3224  [ ECC329F6104EE208C24C4A8C1B4A9D14 ] FlexNet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe

22:06:57.0801 3224  FlexNet Licensing Service 64 - ok

22:06:57.0817 3224  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\windows\system32\drivers\flpydisk.sys

22:06:57.0832 3224  flpydisk - ok

22:06:57.0879 3224  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys

22:06:57.0910 3224  FltMgr - ok

22:06:57.0957 3224  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\windows\system32\FntCache.dll

22:06:57.0988 3224  FontCache - ok

22:06:58.0051 3224  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

22:06:58.0066 3224  FontCache3.0.0.0 - ok

22:06:58.0082 3224  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\windows\system32\drivers\FsDepends.sys

22:06:58.0113 3224  FsDepends - ok

22:06:58.0144 3224  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys

22:06:58.0160 3224  Fs_Rec - ok

22:06:58.0191 3224  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys

22:06:58.0222 3224  fvevol - ok

22:06:58.0253 3224  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys

22:06:58.0269 3224  gagp30kx - ok

22:06:58.0316 3224  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\windows\System32\gpsvc.dll

22:06:58.0347 3224  gpsvc - ok

22:06:58.0378 3224  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys

22:06:58.0409 3224  hcw85cir - ok

22:06:58.0441 3224  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys

22:06:58.0487 3224  HdAudAddService - ok

22:06:58.0503 3224  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\windows\system32\DRIVERS\HDAudBus.sys

22:06:58.0534 3224  HDAudBus - ok

22:06:58.0534 3224  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\windows\system32\drivers\HidBatt.sys

22:06:58.0550 3224  HidBatt - ok

22:06:58.0565 3224  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\windows\system32\drivers\hidbth.sys

22:06:58.0597 3224  HidBth - ok

22:06:58.0612 3224  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\windows\system32\drivers\hidir.sys

22:06:58.0628 3224  HidIr - ok

22:06:58.0659 3224  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\windows\System32\hidserv.dll

22:06:58.0706 3224  hidserv - ok

22:06:58.0753 3224  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\windows\system32\DRIVERS\hidusb.sys

22:06:58.0784 3224  HidUsb - ok

22:06:58.0815 3224  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\windows\system32\kmsvc.dll

22:06:58.0924 3224  hkmsvc - ok

22:06:58.0940 3224  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll

22:06:58.0971 3224  HomeGroupListener - ok

22:06:58.0987 3224  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll

22:06:59.0033 3224  HomeGroupProvider - ok

22:06:59.0080 3224  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys

22:06:59.0096 3224  HpSAMD - ok

22:06:59.0143 3224  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\windows\system32\drivers\HTTP.sys

22:06:59.0189 3224  HTTP - ok

22:06:59.0189 3224  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys

22:06:59.0205 3224  hwpolicy - ok

22:06:59.0236 3224  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\windows\system32\DRIVERS\i8042prt.sys

22:06:59.0236 3224  i8042prt - ok

22:06:59.0267 3224  [ F7CE9BE72EDAC499B713ECA6DAE5D26F ] iaStor          C:\windows\system32\DRIVERS\iaStor.sys

22:06:59.0283 3224  iaStor - ok

22:06:59.0314 3224  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys

22:06:59.0330 3224  iaStorV - ok

22:06:59.0377 3224  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

22:06:59.0423 3224  idsvc - ok

22:06:59.0626 3224  [ 8CB8667F5A3B5515F2585F3254F3AAF7 ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys

22:06:59.0876 3224  igfx - ok

22:06:59.0907 3224  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\windows\system32\drivers\iirsp.sys

22:06:59.0923 3224  iirsp - ok

22:06:59.0969 3224  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\windows\System32\ikeext.dll

22:07:00.0016 3224  IKEEXT - ok

22:07:00.0110 3224  [ C7124DA48E557D8F88D0D7F1254557F4 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys

22:07:00.0172 3224  IntcAzAudAddService - ok

22:07:00.0203 3224  [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud        C:\windows\system32\DRIVERS\IntcDAud.sys

22:07:00.0235 3224  IntcDAud - ok

22:07:00.0266 3224  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\windows\system32\drivers\intelide.sys

22:07:00.0266 3224  intelide - ok

22:07:00.0313 3224  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys

22:07:00.0359 3224  intelppm - ok

22:07:00.0375 3224  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\windows\system32\ipbusenum.dll

22:07:00.0437 3224  IPBusEnum - ok

22:07:00.0453 3224  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys

22:07:00.0484 3224  IpFilterDriver - ok

22:07:00.0547 3224  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\windows\System32\iphlpsvc.dll

22:07:00.0593 3224  iphlpsvc - ok

22:07:00.0625 3224  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys

22:07:00.0625 3224  IPMIDRV - ok

22:07:00.0671 3224  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\windows\system32\drivers\ipnat.sys

22:07:00.0734 3224  IPNAT - ok

22:07:00.0765 3224  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\windows\system32\drivers\irenum.sys

22:07:00.0781 3224  IRENUM - ok

22:07:00.0796 3224  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\windows\system32\drivers\isapnp.sys

22:07:00.0796 3224  isapnp - ok

22:07:00.0827 3224  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys

22:07:00.0843 3224  iScsiPrt - ok

22:07:00.0874 3224  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\windows\system32\DRIVERS\kbdclass.sys

22:07:00.0874 3224  kbdclass - ok

22:07:00.0890 3224  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\windows\system32\drivers\kbdhid.sys

22:07:00.0905 3224  kbdhid - ok

22:07:00.0921 3224  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\windows\system32\lsass.exe

22:07:00.0937 3224  KeyIso - ok

22:07:00.0968 3224  KMService - ok

22:07:01.0030 3224  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys

22:07:01.0046 3224  KSecDD - ok

22:07:01.0077 3224  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys

22:07:01.0093 3224  KSecPkg - ok

22:07:01.0108 3224  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\windows\system32\drivers\ksthunk.sys

22:07:01.0155 3224  ksthunk - ok

22:07:01.0186 3224  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\windows\system32\msdtckrm.dll

22:07:01.0217 3224  KtmRm - ok

22:07:01.0264 3224  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\windows\System32\srvsvc.dll

22:07:01.0295 3224  LanmanServer - ok

22:07:01.0327 3224  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll

22:07:01.0373 3224  LanmanWorkstation - ok

22:07:01.0389 3224  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys

22:07:01.0436 3224  lltdio - ok

22:07:01.0451 3224  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\windows\System32\lltdsvc.dll

22:07:01.0483 3224  lltdsvc - ok

22:07:01.0498 3224  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\windows\System32\lmhsvc.dll

22:07:01.0545 3224  lmhosts - ok

22:07:01.0592 3224  [ F4A17DCAB576267C85663E64F3ACE5A4 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

22:07:01.0607 3224  LMS - ok

22:07:01.0639 3224  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\windows\system32\drivers\lsi_fc.sys

22:07:01.0670 3224  LSI_FC - ok

22:07:01.0685 3224  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys

22:07:01.0701 3224  LSI_SAS - ok

22:07:01.0701 3224  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys

22:07:01.0717 3224  LSI_SAS2 - ok

22:07:01.0732 3224  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\windows\system32\drivers\lsi_scsi.sys

22:07:01.0748 3224  LSI_SCSI - ok

22:07:01.0779 3224  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\windows\system32\drivers\luafv.sys

22:07:01.0826 3224  luafv - ok

22:07:01.0841 3224  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\windows\system32\Mcx2Svc.dll

22:07:01.0873 3224  Mcx2Svc - ok

22:07:01.0904 3224  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\windows\system32\drivers\megasas.sys

22:07:01.0919 3224  megasas - ok

22:07:01.0966 3224  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\windows\system32\drivers\MegaSR.sys

22:07:01.0997 3224  MegaSR - ok

22:07:02.0029 3224  [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64          C:\windows\system32\DRIVERS\HECIx64.sys

22:07:02.0044 3224  MEIx64 - ok

22:07:02.0091 3224  Microsoft SharePoint Workspace Audit Service - ok

22:07:02.0122 3224  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\windows\system32\mmcss.dll

22:07:02.0200 3224  MMCSS - ok

22:07:02.0216 3224  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\windows\system32\drivers\modem.sys

22:07:02.0263 3224  Modem - ok

22:07:02.0309 3224  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\windows\system32\DRIVERS\monitor.sys

22:07:02.0341 3224  monitor - ok

22:07:02.0372 3224  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys

22:07:02.0372 3224  mouclass - ok

22:07:02.0387 3224  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys

22:07:02.0419 3224  mouhid - ok

22:07:02.0450 3224  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\windows\system32\drivers\mountmgr.sys

22:07:02.0465 3224  mountmgr - ok

22:07:02.0512 3224  [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter        C:\windows\system32\DRIVERS\MpFilter.sys

22:07:02.0543 3224  MpFilter - ok

22:07:02.0559 3224  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\windows\system32\drivers\mpio.sys

22:07:02.0575 3224  mpio - ok

22:07:02.0606 3224  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys

22:07:02.0653 3224  mpsdrv - ok

22:07:02.0684 3224  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\windows\system32\mpssvc.dll

22:07:02.0731 3224  MpsSvc - ok

22:07:02.0762 3224  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys

22:07:02.0809 3224  MRxDAV - ok

22:07:02.0824 3224  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys

22:07:02.0840 3224  mrxsmb - ok

22:07:02.0855 3224  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys

22:07:02.0871 3224  mrxsmb10 - ok

22:07:02.0902 3224  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys

22:07:02.0918 3224  mrxsmb20 - ok

22:07:02.0933 3224  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\windows\system32\drivers\msahci.sys

22:07:02.0949 3224  msahci - ok

22:07:02.0965 3224  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\windows\system32\drivers\msdsm.sys

22:07:02.0965 3224  msdsm - ok

22:07:02.0996 3224  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\windows\System32\msdtc.exe

22:07:03.0027 3224  MSDTC - ok

22:07:03.0058 3224  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\windows\system32\drivers\Msfs.sys

22:07:03.0136 3224  Msfs - ok

22:07:03.0152 3224  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys

22:07:03.0183 3224  mshidkmdf - ok

22:07:03.0183 3224  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\windows\system32\drivers\msisadrv.sys

22:07:03.0199 3224  msisadrv - ok

22:07:03.0230 3224  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\windows\system32\iscsiexe.dll

22:07:03.0261 3224  MSiSCSI - ok

22:07:03.0261 3224  msiserver - ok

22:07:03.0292 3224  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys

22:07:03.0308 3224  MSKSSRV - ok

22:07:03.0386 3224  [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe

22:07:03.0417 3224  MsMpSvc - ok

22:07:03.0433 3224  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys

22:07:03.0464 3224  MSPCLOCK - ok

22:07:03.0464 3224  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\windows\system32\drivers\MSPQM.sys

22:07:03.0511 3224  MSPQM - ok

22:07:03.0526 3224  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\windows\system32\drivers\MsRPC.sys

22:07:03.0542 3224  MsRPC - ok

22:07:03.0573 3224  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\windows\system32\DRIVERS\mssmbios.sys

22:07:03.0589 3224  mssmbios - ok

22:07:03.0589 3224  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\windows\system32\drivers\MSTEE.sys

22:07:03.0604 3224  MSTEE - ok

22:07:03.0620 3224  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\windows\system32\drivers\MTConfig.sys

22:07:03.0667 3224  MTConfig - ok

22:07:03.0682 3224  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\windows\system32\Drivers\mup.sys

22:07:03.0698 3224  Mup - ok

22:07:03.0745 3224  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\windows\system32\qagentRT.dll

22:07:03.0807 3224  napagent - ok

22:07:03.0823 3224  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys

22:07:03.0869 3224  NativeWifiP - ok

22:07:03.0916 3224  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\windows\system32\drivers\ndis.sys

22:07:03.0947 3224  NDIS - ok

22:07:03.0963 3224  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys

22:07:04.0041 3224  NdisCap - ok

22:07:04.0088 3224  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys

22:07:04.0103 3224  NdisTapi - ok

22:07:04.0150 3224  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys

22:07:04.0213 3224  Ndisuio - ok

22:07:04.0228 3224  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys

22:07:04.0259 3224  NdisWan - ok

22:07:04.0275 3224  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys

22:07:04.0306 3224  NDProxy - ok

22:07:04.0322 3224  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys

22:07:04.0369 3224  NetBIOS - ok

22:07:04.0400 3224  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys

22:07:04.0462 3224  NetBT - ok

22:07:04.0478 3224  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\windows\system32\lsass.exe

22:07:04.0478 3224  Netlogon - ok

22:07:04.0525 3224  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\windows\System32\netman.dll

22:07:04.0571 3224  Netman - ok

22:07:04.0618 3224  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

22:07:04.0634 3224  NetMsmqActivator - ok

22:07:04.0649 3224  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

22:07:04.0665 3224  NetPipeActivator - ok

22:07:04.0712 3224  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\windows\System32\netprofm.dll

22:07:04.0759 3224  netprofm - ok

22:07:04.0759 3224  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

22:07:04.0774 3224  NetTcpActivator - ok

22:07:04.0774 3224  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

22:07:04.0790 3224  NetTcpPortSharing - ok

22:07:04.0993 3224  [ B51E9AD4F4E4F8DBE0AB882756BC5DAB ] NETwNs64        C:\windows\system32\DRIVERS\NETwNs64.sys

22:07:05.0258 3224  NETwNs64 - ok

22:07:05.0289 3224  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\windows\system32\drivers\nfrd960.sys

22:07:05.0305 3224  nfrd960 - ok

22:07:05.0367 3224  [ 162100E0BC8377710F9D170631921C03 ] NisDrv          C:\windows\system32\DRIVERS\NisDrvWFP.sys

22:07:05.0398 3224  NisDrv - ok

22:07:05.0429 3224  [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe

22:07:05.0476 3224  NisSrv - ok

22:07:05.0523 3224  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\windows\System32\nlasvc.dll

22:07:05.0585 3224  NlaSvc - ok

22:07:05.0585 3224  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\windows\system32\drivers\Npfs.sys

22:07:05.0632 3224  Npfs - ok

22:07:05.0663 3224  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\windows\system32\nsisvc.dll

22:07:05.0710 3224  nsi - ok

22:07:05.0726 3224  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys

22:07:05.0804 3224  nsiproxy - ok

22:07:05.0866 3224  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys

22:07:05.0913 3224  Ntfs - ok

22:07:05.0944 3224  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\windows\system32\drivers\Null.sys

22:07:06.0022 3224  Null - ok

22:07:06.0256 3224  [ FBE6AC1C3591CB67543FAD15ABD26BCB ] nvlddmkm        C:\windows\system32\DRIVERS\nvlddmkm.sys

22:07:06.0584 3224  nvlddmkm - ok

22:07:06.0599 3224  [ 680C5BAF7D0190B1485068FC4BA75F1C ] nvpciflt        C:\windows\system32\DRIVERS\nvpciflt.sys

22:07:06.0599 3224  nvpciflt - ok

22:07:06.0615 3224  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\windows\system32\drivers\nvraid.sys

22:07:06.0631 3224  nvraid - ok

22:07:06.0646 3224  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\windows\system32\drivers\nvstor.sys

22:07:06.0662 3224  nvstor - ok

22:07:06.0709 3224  [ 147B0D17255FD796F990CC6F745605C5 ] NVSvc           C:\windows\system32\nvvsvc.exe

22:07:06.0755 3224  NVSvc - ok

22:07:06.0833 3224  [ 812BF9531C827E1D8029843CDDB2B5D6 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

22:07:06.0880 3224  nvUpdatusService - ok

22:07:06.0911 3224  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\windows\system32\drivers\nv_agp.sys

22:07:06.0927 3224  nv_agp - ok

22:07:06.0943 3224  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\windows\system32\drivers\ohci1394.sys

22:07:06.0958 3224  ohci1394 - ok

22:07:07.0005 3224  [ 4965B005492CBA7719E82B71E3245495 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

22:07:07.0036 3224  ose64 - ok

22:07:07.0177 3224  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

22:07:07.0317 3224  osppsvc - ok

22:07:07.0348 3224  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\windows\system32\pnrpsvc.dll

22:07:07.0395 3224  p2pimsvc - ok

22:07:07.0442 3224  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\windows\system32\p2psvc.dll

22:07:07.0489 3224  p2psvc - ok

22:07:07.0520 3224  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\windows\system32\drivers\parport.sys

22:07:07.0551 3224  Parport - ok

22:07:07.0567 3224  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\windows\system32\drivers\partmgr.sys

22:07:07.0598 3224  partmgr - ok

22:07:07.0613 3224  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\windows\System32\pcasvc.dll

22:07:07.0645 3224  PcaSvc - ok

22:07:07.0660 3224  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\windows\system32\drivers\pci.sys

22:07:07.0676 3224  pci - ok

22:07:07.0707 3224  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\windows\system32\drivers\pciide.sys

22:07:07.0707 3224  pciide - ok

22:07:07.0723 3224  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\windows\system32\drivers\pcmcia.sys

22:07:07.0738 3224  pcmcia - ok

22:07:07.0769 3224  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\windows\system32\drivers\pcw.sys

22:07:07.0769 3224  pcw - ok

22:07:07.0816 3224  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\windows\system32\drivers\peauth.sys

22:07:07.0894 3224  PEAUTH - ok

22:07:07.0972 3224  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\windows\SysWow64\perfhost.exe

22:07:08.0019 3224  PerfHost - ok

22:07:08.0066 3224  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\windows\system32\pla.dll

22:07:08.0144 3224  pla - ok

22:07:08.0175 3224  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\windows\system32\umpnpmgr.dll

22:07:08.0191 3224  PlugPlay - ok

22:07:08.0222 3224  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll

22:07:08.0269 3224  PNRPAutoReg - ok

22:07:08.0284 3224  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\windows\system32\pnrpsvc.dll

22:07:08.0315 3224  PNRPsvc - ok

22:07:08.0347 3224  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll

22:07:08.0409 3224  PolicyAgent - ok

22:07:08.0425 3224  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\windows\system32\umpo.dll

22:07:08.0503 3224  Power - ok

22:07:08.0534 3224  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys

22:07:08.0596 3224  PptpMiniport - ok

22:07:08.0612 3224  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\windows\system32\drivers\processr.sys

22:07:08.0627 3224  Processor - ok

22:07:08.0659 3224  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\windows\system32\profsvc.dll

22:07:08.0674 3224  ProfSvc - ok

22:07:08.0674 3224  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe

22:07:08.0690 3224  ProtectedStorage - ok

22:07:08.0705 3224  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\windows\system32\DRIVERS\pacer.sys

22:07:08.0737 3224  Psched - ok

22:07:08.0768 3224  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\windows\system32\drivers\ql2300.sys

22:07:08.0799 3224  ql2300 - ok

22:07:08.0815 3224  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\windows\system32\drivers\ql40xx.sys

22:07:08.0815 3224  ql40xx - ok

22:07:08.0861 3224  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\windows\system32\qwave.dll

22:07:08.0893 3224  QWAVE - ok

22:07:08.0924 3224  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys

22:07:08.0939 3224  QWAVEdrv - ok

22:07:08.0955 3224  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys

22:07:09.0002 3224  RasAcd - ok

22:07:09.0033 3224  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys

22:07:09.0080 3224  RasAgileVpn - ok

22:07:09.0095 3224  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\windows\System32\rasauto.dll

22:07:09.0173 3224  RasAuto - ok

22:07:09.0205 3224  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys

22:07:09.0267 3224  Rasl2tp - ok

22:07:09.0283 3224  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\windows\System32\rasmans.dll

22:07:09.0329 3224  RasMan - ok

22:07:09.0345 3224  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys

22:07:09.0376 3224  RasPppoe - ok

22:07:09.0407 3224  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys

22:07:09.0454 3224  RasSstp - ok

22:07:09.0470 3224  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys

22:07:09.0501 3224  rdbss - ok

22:07:09.0532 3224  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\windows\system32\drivers\rdpbus.sys

22:07:09.0548 3224  rdpbus - ok

22:07:09.0563 3224  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys

22:07:09.0595 3224  RDPCDD - ok

22:07:09.0595 3224  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys

22:07:09.0626 3224  RDPENCDD - ok

22:07:09.0641 3224  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys

22:07:09.0673 3224  RDPREFMP - ok

22:07:09.0719 3224  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\windows\system32\drivers\RDPWD.sys

22:07:09.0751 3224  RDPWD - ok

22:07:09.0782 3224  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\windows\system32\drivers\rdyboost.sys

22:07:09.0797 3224  rdyboost - ok

22:07:09.0829 3224  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\windows\System32\mprdim.dll

22:07:09.0891 3224  RemoteAccess - ok

22:07:09.0922 3224  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\windows\system32\regsvc.dll

22:07:09.0969 3224  RemoteRegistry - ok

22:07:10.0000 3224  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\windows\system32\DRIVERS\rfcomm.sys

22:07:10.0016 3224  RFCOMM - ok

22:07:10.0031 3224  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll

22:07:10.0063 3224  RpcEptMapper - ok

22:07:10.0063 3224  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\windows\system32\locator.exe

22:07:10.0078 3224  RpcLocator - ok

22:07:10.0094 3224  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\windows\system32\rpcss.dll

22:07:10.0125 3224  RpcSs - ok

22:07:10.0172 3224  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys

22:07:10.0234 3224  rspndr - ok

22:07:10.0250 3224  [ F4C374B1C46DE294B573BB43723AC3F6 ] RTL8167         C:\windows\system32\DRIVERS\Rt64win7.sys

22:07:10.0265 3224  RTL8167 - ok

22:07:10.0328 3224  [ 4CA0DBA9E224473D664C25E411F5A3BD ] rtport          C:\windows\SysWOW64\drivers\rtport.sys

22:07:10.0343 3224  rtport - ok

22:07:10.0375 3224  [ 62DB6CC4B0818F1B5F3441241B098F12 ] SABI            C:\windows\system32\Drivers\SABI.sys

22:07:10.0406 3224  SABI - ok

22:07:10.0421 3224  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\windows\system32\lsass.exe

22:07:10.0453 3224  SamSs - ok

22:07:10.0484 3224  [ D641337B75B9A9D5AE10687AA1097755 ] Samsung UPD Service C:\windows\System32\SUPDSvc.exe

22:07:10.0499 3224  Samsung UPD Service - ok

22:07:10.0546 3224  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\windows\system32\drivers\sbp2port.sys

22:07:10.0562 3224  sbp2port - ok

22:07:10.0609 3224  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\windows\System32\SCardSvr.dll

22:07:10.0671 3224  SCardSvr - ok

22:07:10.0702 3224  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys

22:07:10.0733 3224  scfilter - ok

22:07:10.0780 3224  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\windows\system32\schedsvc.dll

22:07:10.0827 3224  Schedule - ok

22:07:10.0858 3224  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\windows\System32\certprop.dll

22:07:10.0874 3224  SCPolicySvc - ok

22:07:10.0921 3224  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\windows\System32\SDRSVC.dll

22:07:10.0952 3224  SDRSVC - ok

22:07:10.0999 3224  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\windows\system32\drivers\secdrv.sys

22:07:11.0061 3224  secdrv - ok

22:07:11.0077 3224  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\windows\system32\seclogon.dll

22:07:11.0123 3224  seclogon - ok

22:07:11.0139 3224  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\windows\system32\sens.dll

22:07:11.0186 3224  SENS - ok

22:07:11.0201 3224  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\windows\system32\sensrsvc.dll

22:07:11.0217 3224  SensrSvc - ok

22:07:11.0217 3224  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\windows\system32\drivers\serenum.sys

22:07:11.0248 3224  Serenum - ok

22:07:11.0264 3224  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\windows\system32\drivers\serial.sys

22:07:11.0295 3224  Serial - ok

22:07:11.0311 3224  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\windows\system32\drivers\sermouse.sys

22:07:11.0342 3224  sermouse - ok

22:07:11.0373 3224  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\windows\system32\sessenv.dll

22:07:11.0420 3224  SessionEnv - ok

22:07:11.0420 3224  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\windows\system32\drivers\sffdisk.sys

22:07:11.0435 3224  sffdisk - ok

22:07:11.0451 3224  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys

22:07:11.0467 3224  sffp_mmc - ok

22:07:11.0498 3224  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\windows\system32\drivers\sffp_sd.sys

22:07:11.0529 3224  sffp_sd - ok

22:07:11.0545 3224  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\windows\system32\drivers\sfloppy.sys

22:07:11.0576 3224  sfloppy - ok

22:07:11.0623 3224  [ D5183ED285D2795491DC15BDDCBEE5AD ] Sftfs           C:\windows\system32\DRIVERS\Sftfslh.sys

22:07:11.0654 3224  Sftfs - ok

22:07:11.0685 3224  [ 00F118B68C50D2206DD51634F9142B83 ] Sftplay         C:\windows\system32\DRIVERS\Sftplaylh.sys

22:07:11.0685 3224  Sftplay - ok

22:07:11.0701 3224  [ 76A827DF5640BFE16A0CDBB4108ADECA ] Sftredir        C:\windows\system32\DRIVERS\Sftredirlh.sys

22:07:11.0716 3224  Sftredir - ok

22:07:11.0732 3224  [ 1B4C9701645086BAB8CAFFFCE30ED284 ] Sftvol          C:\windows\system32\DRIVERS\Sftvollh.sys

22:07:11.0732 3224  Sftvol - ok

22:07:11.0779 3224  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\windows\System32\ipnathlp.dll

22:07:11.0841 3224  SharedAccess - ok

22:07:11.0888 3224  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll

22:07:11.0919 3224  ShellHWDetection - ok

22:07:11.0935 3224  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys

22:07:11.0935 3224  SiSRaid2 - ok

22:07:11.0981 3224  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys

22:07:12.0013 3224  SiSRaid4 - ok

22:07:12.0013 3224  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\windows\system32\DRIVERS\smb.sys

22:07:12.0075 3224  Smb - ok

22:07:12.0091 3224  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\windows\System32\snmptrap.exe

22:07:12.0122 3224  SNMPTRAP - ok

22:07:12.0137 3224  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\windows\system32\drivers\spldr.sys

22:07:12.0153 3224  spldr - ok

22:07:12.0184 3224  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\windows\System32\spoolsv.exe

22:07:12.0200 3224  Spooler - ok

22:07:12.0293 3224  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\windows\system32\sppsvc.exe

22:07:12.0449 3224  sppsvc - ok

22:07:12.0465 3224  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\windows\system32\sppuinotify.dll

22:07:12.0496 3224  sppuinotify - ok

22:07:12.0543 3224  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\windows\system32\DRIVERS\srv.sys

22:07:12.0574 3224  srv - ok

22:07:12.0590 3224  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\windows\system32\DRIVERS\srv2.sys

22:07:12.0605 3224  srv2 - ok

22:07:12.0621 3224  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys

22:07:12.0637 3224  srvnet - ok

22:07:12.0652 3224  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll

22:07:12.0683 3224  SSDPSRV - ok

22:07:12.0715 3224  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\windows\system32\sstpsvc.dll

22:07:12.0730 3224  SstpSvc - ok

22:07:12.0777 3224  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\windows\system32\drivers\stexstor.sys

22:07:12.0777 3224  stexstor - ok

22:07:12.0808 3224  [ DECACB6921DED1A38642642685D77DAC ] StillCam        C:\windows\system32\DRIVERS\serscan.sys

22:07:12.0824 3224  StillCam - ok

22:07:12.0855 3224  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\windows\System32\wiaservc.dll

22:07:12.0902 3224  stisvc - ok

22:07:12.0917 3224  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\windows\system32\DRIVERS\swenum.sys

22:07:12.0933 3224  swenum - ok

22:07:12.0964 3224  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\windows\System32\swprv.dll

22:07:13.0011 3224  swprv - ok

22:07:13.0058 3224  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\windows\system32\sysmain.dll

22:07:13.0105 3224  SysMain - ok

22:07:13.0136 3224  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll

22:07:13.0151 3224  TabletInputService - ok

22:07:13.0167 3224  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\windows\System32\tapisrv.dll

22:07:13.0198 3224  TapiSrv - ok

22:07:13.0214 3224  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\windows\System32\tbssvc.dll

22:07:13.0245 3224  TBS - ok

22:07:13.0339 3224  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip           C:\windows\system32\drivers\tcpip.sys

22:07:13.0370 3224  Tcpip - ok

22:07:13.0401 3224  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys

22:07:13.0432 3224  TCPIP6 - ok

22:07:13.0448 3224  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys

22:07:13.0463 3224  tcpipreg - ok

22:07:13.0495 3224  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys

22:07:13.0510 3224  TDPIPE - ok

22:07:13.0541 3224  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\windows\system32\drivers\tdtcp.sys

22:07:13.0573 3224  TDTCP - ok

22:07:13.0604 3224  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\windows\system32\DRIVERS\tdx.sys

22:07:13.0651 3224  tdx - ok

22:07:13.0666 3224  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\windows\system32\DRIVERS\termdd.sys

22:07:13.0682 3224  TermDD - ok

22:07:13.0744 3224  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\windows\System32\termsrv.dll

22:07:13.0791 3224  TermService - ok

22:07:13.0807 3224  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\windows\system32\themeservice.dll

22:07:13.0838 3224  Themes - ok

22:07:13.0869 3224  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\windows\system32\mmcss.dll

22:07:13.0916 3224  THREADORDER - ok

22:07:13.0931 3224  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\windows\System32\trkwks.dll

22:07:13.0963 3224  TrkWks - ok

22:07:14.0025 3224  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe

22:07:14.0072 3224  TrustedInstaller - ok

22:07:14.0087 3224  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys

22:07:14.0103 3224  tssecsrv - ok

22:07:14.0134 3224  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys

22:07:14.0134 3224  TsUsbFlt - ok

22:07:14.0165 3224  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\windows\system32\drivers\TsUsbGD.sys

22:07:14.0212 3224  TsUsbGD - ok

22:07:14.0243 3224  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys

22:07:14.0337 3224  tunnel - ok

22:07:14.0368 3224  [ 48743B69EA47C020A792D8649F753F44 ] TurboB          C:\windows\system32\DRIVERS\TurboB.sys

22:07:14.0384 3224  TurboB - ok

22:07:14.0446 3224  [ 759F59E3EA3802FF23F93DCDB6FE9171 ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe

22:07:14.0477 3224  TurboBoost - ok

22:07:14.0493 3224  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\windows\system32\drivers\uagp35.sys

22:07:14.0509 3224  uagp35 - ok

22:07:14.0540 3224  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\windows\system32\DRIVERS\udfs.sys

22:07:14.0602 3224  udfs - ok

22:07:14.0633 3224  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\windows\system32\UI0Detect.exe

22:07:14.0649 3224  UI0Detect - ok

22:07:14.0665 3224  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys

22:07:14.0680 3224  uliagpkx - ok

22:07:14.0696 3224  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\windows\system32\DRIVERS\umbus.sys

22:07:14.0711 3224  umbus - ok

22:07:14.0743 3224  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\windows\system32\drivers\umpass.sys

22:07:14.0774 3224  UmPass - ok

22:07:14.0867 3224  [ DB641944F7E4B14C13C3FEFC89843F69 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

22:07:14.0930 3224  UNS - ok

22:07:14.0961 3224  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\windows\System32\upnphost.dll

22:07:15.0039 3224  upnphost - ok

22:07:15.0086 3224  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\windows\system32\DRIVERS\usbccgp.sys

22:07:15.0117 3224  usbccgp - ok

22:07:15.0148 3224  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\windows\system32\drivers\usbcir.sys

22:07:15.0195 3224  usbcir - ok

22:07:15.0211 3224  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\windows\system32\drivers\usbehci.sys

22:07:15.0211 3224  usbehci - ok

22:07:15.0257 3224  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys

22:07:15.0304 3224  usbhub - ok

22:07:15.0320 3224  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\windows\system32\drivers\usbohci.sys

22:07:15.0367 3224  usbohci - ok

22:07:15.0398 3224  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\windows\system32\drivers\usbprint.sys

22:07:15.0429 3224  usbprint - ok

22:07:15.0445 3224  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS

22:07:15.0476 3224  USBSTOR - ok

22:07:15.0491 3224  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\windows\system32\drivers\usbuhci.sys

22:07:15.0523 3224  usbuhci - ok

22:07:15.0538 3224  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\windows\system32\Drivers\usbvideo.sys

22:07:15.0585 3224  usbvideo - ok

22:07:15.0601 3224  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\windows\System32\uxsms.dll

22:07:15.0663 3224  UxSms - ok

22:07:15.0679 3224  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\windows\system32\lsass.exe

22:07:15.0694 3224  VaultSvc - ok

22:07:15.0725 3224  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys

22:07:15.0725 3224  vdrvroot - ok

22:07:15.0757 3224  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\windows\System32\vds.exe

22:07:15.0803 3224  vds - ok

22:07:15.0819 3224  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\windows\system32\DRIVERS\vgapnp.sys

22:07:15.0819 3224  vga - ok

22:07:15.0835 3224  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\windows\System32\drivers\vga.sys

22:07:15.0881 3224  VgaSave - ok

22:07:15.0897 3224  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\windows\system32\drivers\vhdmp.sys

22:07:15.0913 3224  vhdmp - ok

22:07:15.0928 3224  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\windows\system32\drivers\viaide.sys

22:07:15.0944 3224  viaide - ok

22:07:15.0959 3224  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\windows\system32\drivers\volmgr.sys

22:07:15.0959 3224  volmgr - ok

22:07:16.0006 3224  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\windows\system32\drivers\volmgrx.sys

22:07:16.0037 3224  volmgrx - ok

22:07:16.0053 3224  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\windows\system32\drivers\volsnap.sys

22:07:16.0069 3224  volsnap - ok

22:07:16.0084 3224  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\windows\system32\drivers\vsmraid.sys

22:07:16.0115 3224  vsmraid - ok

22:07:16.0178 3224  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\windows\system32\vssvc.exe

22:07:16.0240 3224  VSS - ok

22:07:16.0271 3224  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\windows\system32\DRIVERS\vwifibus.sys

22:07:16.0271 3224  vwifibus - ok

22:07:16.0303 3224  [ 13A0DECD1794DE60A8427862C8669D27 ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys

22:07:16.0318 3224  vwififlt - ok

22:07:16.0349 3224  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\windows\system32\w32time.dll

22:07:16.0427 3224  W32Time - ok

22:07:16.0443 3224  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\windows\system32\drivers\wacompen.sys

22:07:16.0474 3224  WacomPen - ok

22:07:16.0474 3224  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys

22:07:16.0505 3224  WANARP - ok

22:07:16.0505 3224  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys

22:07:16.0537 3224  Wanarpv6 - ok

22:07:16.0615 3224  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\windows\system32\Wat\WatAdminSvc.exe

22:07:16.0661 3224  WatAdminSvc - ok

22:07:16.0724 3224  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\windows\system32\wbengine.exe

22:07:16.0786 3224  wbengine - ok

22:07:16.0802 3224  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\windows\System32\wbiosrvc.dll

22:07:16.0833 3224  WbioSrvc - ok

22:07:16.0864 3224  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\windows\System32\wcncsvc.dll

22:07:16.0911 3224  wcncsvc - ok

22:07:16.0942 3224  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll

22:07:16.0958 3224  WcsPlugInService - ok

22:07:17.0005 3224  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\windows\system32\drivers\wd.sys

22:07:17.0020 3224  Wd - ok

22:07:17.0051 3224  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys

22:07:17.0083 3224  Wdf01000 - ok

22:07:17.0098 3224  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\windows\system32\wdi.dll

22:07:17.0114 3224  WdiServiceHost - ok

22:07:17.0129 3224  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\windows\system32\wdi.dll

22:07:17.0129 3224  WdiSystemHost - ok

22:07:17.0161 3224  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\windows\System32\webclnt.dll

22:07:17.0176 3224  WebClient - ok

22:07:17.0207 3224  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\windows\system32\wecsvc.dll

22:07:17.0270 3224  Wecsvc - ok

22:07:17.0285 3224  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\windows\System32\wercplsupport.dll

22:07:17.0317 3224  wercplsupport - ok

22:07:17.0332 3224  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\windows\System32\WerSvc.dll

22:07:17.0363 3224  WerSvc - ok

22:07:17.0379 3224  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys

22:07:17.0410 3224  WfpLwf - ok

22:07:17.0441 3224  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\windows\system32\drivers\wimmount.sys

22:07:17.0457 3224  WIMMount - ok

22:07:17.0488 3224  WinDefend - ok

22:07:17.0504 3224  WinHttpAutoProxySvc - ok

22:07:17.0582 3224  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll

22:07:17.0644 3224  Winmgmt - ok

22:07:17.0707 3224  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\windows\system32\WsmSvc.dll

22:07:17.0769 3224  WinRM - ok

22:07:17.0831 3224  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys

22:07:17.0878 3224  WinUsb - ok

22:07:17.0956 3224  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\windows\System32\wlansvc.dll

22:07:18.0003 3224  Wlansvc - ok

22:07:18.0050 3224  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

22:07:18.0065 3224  wlcrasvc - ok

22:07:18.0175 3224  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

22:07:18.0221 3224  wlidsvc - ok

22:07:18.0253 3224  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\windows\system32\DRIVERS\wmiacpi.sys

22:07:18.0268 3224  WmiAcpi - ok

22:07:18.0284 3224  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe

22:07:18.0331 3224  wmiApSrv - ok

22:07:18.0346 3224  WMPNetworkSvc - ok

22:07:18.0393 3224  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\windows\System32\wpcsvc.dll

22:07:18.0424 3224  WPCSvc - ok

22:07:18.0440 3224  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll

22:07:18.0471 3224  WPDBusEnum - ok

22:07:18.0502 3224  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys

22:07:18.0533 3224  ws2ifsl - ok

22:07:18.0549 3224  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\windows\system32\wscsvc.dll

22:07:18.0565 3224  wscsvc - ok

22:07:18.0580 3224  WSearch - ok

22:07:18.0643 3224  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\windows\system32\wuaueng.dll

22:07:18.0705 3224  wuauserv - ok

22:07:18.0752 3224  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\windows\system32\drivers\WudfPf.sys

22:07:18.0783 3224  WudfPf - ok

22:07:18.0830 3224  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\windows\system32\DRIVERS\WUDFRd.sys

22:07:18.0861 3224  WUDFRd - ok

22:07:18.0877 3224  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\windows\System32\WUDFSvc.dll

22:07:18.0908 3224  wudfsvc - ok

22:07:18.0955 3224  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\windows\System32\wwansvc.dll

22:07:18.0986 3224  WwanSvc - ok

22:07:19.0001 3224  ================ Scan global ===============================

22:07:19.0048 3224  [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll

22:07:19.0064 3224  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\windows\system32\winsrv.dll

22:07:19.0079 3224  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\windows\system32\winsrv.dll

22:07:19.0111 3224  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll

22:07:19.0142 3224  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe

22:07:19.0157 3224  [Global] - ok

22:07:19.0157 3224  ================ Scan MBR ==================================

22:07:19.0173 3224  [ 2E5DEBB2116B3417023E0D6562D7ED07 ] \Device\Harddisk0\DR0

22:07:19.0516 3224  \Device\Harddisk0\DR0 - ok

22:07:19.0516 3224  ================ Scan VBR ==================================

22:07:19.0516 3224  [ C121900F0C43FE69018B1ADC1224EBFF ] \Device\Harddisk0\DR0\Partition1

22:07:19.0516 3224  \Device\Harddisk0\DR0\Partition1 - ok

22:07:19.0579 3224  [ 24D63EA3FD2FE46B5351A4459AC7C2A8 ] \Device\Harddisk0\DR0\Partition2

22:07:19.0579 3224  \Device\Harddisk0\DR0\Partition2 - ok

22:07:19.0594 3224  [ F2AB7E80925F2C8BADEB8D361D758B79 ] \Device\Harddisk0\DR0\Partition3

22:07:19.0610 3224  \Device\Harddisk0\DR0\Partition3 - ok

22:07:19.0610 3224  ============================================================

22:07:19.0610 3224  Scan finished

22:07:19.0610 3224  ============================================================

22:07:19.0625 1500  Detected object count: 1

22:07:19.0625 1500  Actual detected object count: 1

22:07:52.0011 1500  Autodesk Content Service ( UnsignedFile.Multi.Generic ) - skipped by user

22:07:52.0011 1500  Autodesk Content Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 

22:08:21.0651 4516  Deinitialize success