Zurück   Trojaner-Board > Web/PC > Alles rund um Windows

Alles rund um Windows: Win7: Windows Installer defekt

Windows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8 und 8.1 - als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows.

Antwort
Alt 25.12.2015, 04:14   #1
Tseet
/// TB-Schüler
 
Win7: Windows Installer defekt - Standard

Problem: Win7: Windows Installer defekt



Hallo,

ich versuche jetzt schon seit Stunden iTunes zu installieren. Ich hab die Datei runtergeladen, habe sie ausgeführt und bekomme seitdem jedes Mal die Fehlermeldung "Auf den Windows Installer-Dienst konnte nicht zugegriffen werden. Dies kann auftreten, wenn Windows im abgesicherten Modus ausgeführt wird oder wenn der Windows Installer nicht korrekt installiert wurde. Setzen Sie sich mit dem Supportpersonal in V..."
Es handelt sich um ein Lenovo Thinkpad mit Windows 7 x86

Diese Schritte habe ich bereits ausprobiert:

- Windows Installer neu registriert (msiexec /unregister & /regserver)
- Windows-Installierdienst starten ( Net start MSIServer -> Dienststatus überprüft)
- sfc /scannow
- Registry key überprüft
- Windows Repair (da ich letztens schon mal Probleme mit meinem PC hatte habe ich damals den Hinweis von schrauber bekommen Windows Repair laufen zu lassen, das war da zumindest kurzzeitig erfolgreich, daher habe ich es jetzt nach eurer Anleitung (hxxp://anleitung.trojaner-board.de/windows-reparieren_398) noch mal gemacht, hat aber auch nichts geholfen. Hier der damalige Thread: http://www.trojaner-board.de/173806-...optimiert.html)

Bevor das Problem angefangen hat habe ich nichts am System geändert gehabt.

Ich bin echt etwas verzweifelt, wäre wirklich super wenn mir jemand helfen könnte.

Grüße,

Tseet

Alt 25.12.2015, 23:29   #2
burningice
/// Malwareteam
 
Win7: Windows Installer defekt - Standard

Win7: Windows Installer defekt Anleitung / Hilfe




Mein Name ist Rafael und ich werde dir bei der Bereinigung helfen.

Damit ich dir optimal helfen kann, halte dich bitte an folgende Regeln:
  • Bitte lies meine Posts komplett durch bevor du sie abarbeitest
  • Wenn ein Problem auftauchen sollte oder dir etwas unklar ist, unterbreche deine Arbeit und beschreibe es so genau wie möglich.
  • Bitte kein Crossposting
  • Installiere oder Deinstalliere keine Software ohne Aufforderung
  • Bitte verwende nur die Tools, welche hier im Thread erwähnt werden und führe sie nur gemäß Anweisung aus
  • Bitte antworte innerhalb von 24h um eine sinnvolle Bereinigung zu ermöglichen
  • Poste die Logs immer in CODE-Tags (#-Button), zur Not die Logs einfach aufteilen
  • Wichtig: Nur weil dein Problem mit einem Schritt plötzlich behoben ist, bedeutet das nicht, dass dein PC auch sauber ist. Mache solange weiter, bis ich dir sage, dass dein PC "clean" ist
Los geht's

Frohe Weihnachten wünsche ich dir!

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



Schritt 2
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________

__________________

Alt 26.12.2015, 08:59   #3
Tseet
/// TB-Schüler
 
Win7: Windows Installer defekt - Standard

Win7: Windows Installer defekt Details



Ok, vielen Dank

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:25-12-2015
durchgeführt von David (Administrator) auf DAVID-PC (26-12-2015 08:55:11)
Gestartet von C:\Users\David\Desktop
Geladene Profile: David &  (Verfügbare Profile: David & Test)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
(Validity Sensors, Inc.) C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
(Spotify Ltd) C:\Users\David\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(CyberGhost S.R.L.) C:\Program Files\CyberGhost 5\CyberGhost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Validity Sensors, Inc.) C:\Program Files\Lenovo Fingerprint Reader\SwipeMonitor.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2822896 2014-11-11] (Synaptics Incorporated)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1691112 2015-03-12] (Bitdefender)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [552960 2013-05-14] (Vimicro)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2621240 2015-11-18] (Malwarebytes Corporation)
HKU\S-1-5-21-1911313962-1889918886-1752542047-1000\...\Run: [Bitdefender-Geldb�rse-Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2015-01-15] (Bitdefender)
HKU\S-1-5-21-1911313962-1889918886-1752542047-1000\...\Run: [Spotify Web Helper] => C:\Users\David\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2346096 2015-12-15] (Spotify Ltd)
HKU\S-1-5-21-1911313962-1889918886-1752542047-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1911313962-1889918886-1752542047-1000\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.exe [433256 2015-11-05] (CyberGhost S.R.L.)
HKU\S-1-5-21-1911313962-1889918886-1752542047-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50378880 2015-12-17] (Skype Technologies S.A.)
HKU\S-1-5-21-1911313962-1889918886-1752542047-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-1911313962-1889918886-1752542047-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Bitdefender-Geldb�rse-Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2015-01-15] (Bitdefender)
HKU\S-1-5-21-1911313962-1889918886-1752542047-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify Web Helper] => C:\Users\David\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2346096 2015-12-15] (Spotify Ltd)
HKU\S-1-5-21-1911313962-1889918886-1752542047-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1911313962-1889918886-1752542047-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.exe [433256 2015-11-05] (CyberGhost S.R.L.)
HKU\S-1-5-21-1911313962-1889918886-1752542047-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50378880 2015-12-17] (Skype Technologies S.A.)
HKU\S-1-5-21-1911313962-1889918886-1752542047-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-1911313962-1889918886-1752542047-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Bitdefender-Geldb�rse-Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2015-01-15] (Bitdefender)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-12-13] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-12-13] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-12-13] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BdBkpFolder [2015-12-05] ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL Keine Datei 
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL Keine Datei 
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL Keine Datei 
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL Keine Datei 
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{2817433B-2456-44EE-9A7E-29889112B518}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-1911313962-1889918886-1752542047-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-1911313962-1889918886-1752542047-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-1911313962-1889918886-1752542047-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1911313962-1889918886-1752542047-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-12-13] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-12-13] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-12-13] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2015-12-13] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL [2015-12-13] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2015-12-13] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-1911313962-1889918886-1752542047-1000 -> Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-01-28] (Bitdefender)
Toolbar: HKU\S-1-5-21-1911313962-1889918886-1752542047-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-01-28] (Bitdefender)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-03-14] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL [2015-03-14] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\8umi2l9n.default
FF DefaultSearchEngine: DuckDuckGo
FF SelectedSearchEngine: DuckDuckGo
FF Homepage: hxxp://duckduckgo.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-09] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-03-14] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-07-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-07-16] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-03] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL [2015-03-14] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Extension: BetterPrivacy - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\8umi2l9n.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2015-11-29]
FF Extension: Ghostery - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\8umi2l9n.default\Extensions\firefox@ghostery.com.xpi [2015-11-05]
FF Extension: Private Tab - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\8umi2l9n.default\Extensions\privateTab@infocatcher.xpi [2015-10-26]
FF Extension: Adblock Edge - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\8umi2l9n.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2015-12-05]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2015-04-01] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2015-04-01] [ist nicht signiert]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext

Chrome: 
=======
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-02]
CHR Extension: (Google Docs) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-02]
CHR Extension: (Google Drive) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-02]
CHR Extension: (YouTube) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-02]
CHR Extension: (Google-Suche) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-02]
CHR Extension: (Bitdefender Wallet) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabcmochhfpldjekobfaaggijgohadih [2015-12-02]
CHR Extension: (Google Tabellen) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-02]
CHR Extension: (Google Docs Offline) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-03]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-02]
CHR Extension: (Google Mail) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-02]
CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - hxxps://clients2.google.com/service/update2/crx

Opera: 
=======
StartMenuInternet: (HKLM) Opera - C:\Program Files\Opera x64\Opera.exe

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2014-12-09] (Bitdefender)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [65640 2015-11-05] (CyberGhost S.R.L)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2802360 2015-11-24] (Microsoft Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2015-12-02] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-07-16] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-07-16] (Intel Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-11-10] (IObit)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272440 2015-03-09] (Lenovo)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [739640 2015-11-18] (Malwarebytes Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2014-12-04] ()
S4 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-10-27] (Bitdefender)
R2 ValBioService; C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe [22872 2014-07-21] (Validity Sensors, Inc.)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [49040 2014-07-21] (Synaptics Incorporated)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1547936 2015-03-16] (Bitdefender)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2014-12-04] (Intel® Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1306464 2015-01-14] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [262544 2015-01-23] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [677104 2015-01-14] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2014-12-15] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107080 2012-10-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [76944 2012-04-17] (BitDefender)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [519680 2015-12-08] (Intel Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-11-18] ()
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [160544 2015-02-24] (BitDefender LLC)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-12-02] (REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [31144 2015-12-02] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-26] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [179456 2015-12-02] (Intel Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw02.sys [4011760 2015-12-02] (Intel Corporation)
S3 RtlvVga; C:\Windows\System32\DRIVERS\RtlvVga.sys [11920 2014-03-18] (Realtek Semiconductor Corporation                           )
R3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [752856 2015-12-02] (Realsil Semiconductor Corporation)
S3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [32936 2015-12-02] (Synaptics Incorporated)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-10-15] (BitDefender S.R.L.)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [1070080 2013-12-31] (Vimicro Corporation)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2015-02-19] (Cisco Systems, Inc.)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-26 08:55 - 2015-12-26 08:55 - 00024802 _____ C:\Users\David\Desktop\FRST.txt
2015-12-26 08:55 - 2015-12-26 08:55 - 00000000 ____D C:\FRST
2015-12-26 08:54 - 2015-12-26 08:54 - 02370560 _____ (Farbar) C:\Users\David\Desktop\FRST64.exe
2015-12-25 04:01 - 2015-12-25 04:01 - 00000000 ____D C:\Users\David\AppData\Local\TempTaskUpdateDetection8F53564F-D079-4BA3-9C9E-14736B8A3746
2015-12-25 03:49 - 2015-12-25 03:50 - 55325024 _____ C:\Users\Test\Downloads\iTunes6464Setup.exe.part
2015-12-25 03:48 - 2015-12-25 03:51 - 00000000 ____D C:\Users\Test\AppData\Roaming\Bitdefender
2015-12-25 03:48 - 2015-12-25 03:48 - 00001425 _____ C:\Users\Test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-12-25 03:48 - 2015-12-25 03:48 - 00000385 _____ C:\Users\Test\AppData\Roaminguser_gensett.xml
2015-12-25 03:48 - 2015-12-25 03:48 - 00000020 ___SH C:\Users\Test\ntuser.ini
2015-12-25 03:48 - 2015-12-25 03:48 - 00000000 _SHDL C:\Users\Test\Vorlagen
2015-12-25 03:48 - 2015-12-25 03:48 - 00000000 _SHDL C:\Users\Test\Startmenü
2015-12-25 03:48 - 2015-12-25 03:48 - 00000000 _SHDL C:\Users\Test\Netzwerkumgebung
2015-12-25 03:48 - 2015-12-25 03:48 - 00000000 _SHDL C:\Users\Test\Lokale Einstellungen
2015-12-25 03:48 - 2015-12-25 03:48 - 00000000 _SHDL C:\Users\Test\Eigene Dateien
2015-12-25 03:48 - 2015-12-25 03:48 - 00000000 _SHDL C:\Users\Test\Druckumgebung
2015-12-25 03:48 - 2015-12-25 03:48 - 00000000 _SHDL C:\Users\Test\Documents\Eigene Videos
2015-12-25 03:48 - 2015-12-25 03:48 - 00000000 _SHDL C:\Users\Test\Documents\Eigene Musik
2015-12-25 03:48 - 2015-12-25 03:48 - 00000000 _SHDL C:\Users\Test\Documents\Eigene Bilder
2015-12-25 03:48 - 2015-12-25 03:48 - 00000000 _SHDL C:\Users\Test\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-25 03:48 - 2015-12-25 03:48 - 00000000 _SHDL C:\Users\Test\AppData\Local\Verlauf
2015-12-25 03:48 - 2015-12-25 03:48 - 00000000 _SHDL C:\Users\Test\AppData\Local\Anwendungsdaten
2015-12-25 03:48 - 2015-12-25 03:48 - 00000000 _SHDL C:\Users\Test\Anwendungsdaten
2015-12-25 03:48 - 2015-12-25 03:48 - 00000000 __SHD C:\Users\Test\IntelGraphicsProfiles
2015-12-25 03:48 - 2015-12-25 03:48 - 00000000 ____D C:\Users\Test\AppData\Roaming\Mozilla
2015-12-25 03:48 - 2015-12-25 03:48 - 00000000 ____D C:\Users\Test\AppData\Roaming\Intel
2015-12-25 03:48 - 2015-12-25 03:48 - 00000000 ____D C:\Users\Test\AppData\Roaming\Adobe
2015-12-25 03:48 - 2015-12-25 03:48 - 00000000 ____D C:\Users\Test\AppData\Local\VirtualStore
2015-12-25 03:48 - 2015-12-25 03:48 - 00000000 ____D C:\Users\Test\AppData\Local\Mozilla
2015-12-25 03:48 - 2015-12-25 03:48 - 00000000 ____D C:\Users\Test\AppData\Local\Google
2015-12-25 03:48 - 2015-12-25 03:48 - 00000000 ____D C:\Users\Test
2015-12-25 03:48 - 2015-02-15 15:20 - 00000000 ____D C:\Users\Test\AppData\Roaming\Macromedia
2015-12-25 03:48 - 2011-04-12 08:54 - 00000000 ____D C:\Users\Test\AppData\Roaming\Media Center Programs
2015-12-25 03:46 - 2015-12-25 03:46 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-12-25 03:36 - 2015-11-11 22:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-25 03:36 - 2015-11-11 21:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-25 03:36 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-25 03:36 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-25 03:36 - 2015-11-11 16:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-12-25 03:36 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-25 03:36 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-25 03:36 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-25 03:36 - 2015-11-11 15:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-12-25 03:36 - 2015-11-10 01:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-12-25 03:36 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-25 03:36 - 2015-11-10 01:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-12-25 03:36 - 2015-11-10 01:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-12-25 03:36 - 2015-11-10 01:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-12-25 03:36 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-25 03:36 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-25 03:36 - 2015-11-10 01:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-12-25 03:36 - 2015-11-10 01:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-12-25 03:36 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-25 03:36 - 2015-11-10 01:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-12-25 03:36 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-25 03:36 - 2015-11-10 01:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-12-25 03:36 - 2015-11-10 00:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-25 03:36 - 2015-11-10 00:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-12-25 03:36 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-25 03:36 - 2015-11-10 00:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-12-25 03:36 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-25 03:36 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-25 03:36 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-25 03:36 - 2015-11-10 00:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-12-25 03:36 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-25 03:36 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-25 03:36 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-25 03:36 - 2015-11-08 23:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-25 03:36 - 2015-11-08 23:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-12-25 03:36 - 2015-11-08 23:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-12-25 03:36 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-25 03:36 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-25 03:36 - 2015-11-08 23:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-25 03:36 - 2015-11-08 23:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-12-25 03:36 - 2015-11-08 23:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-12-25 03:36 - 2015-11-08 23:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-25 03:36 - 2015-11-08 23:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-12-25 03:36 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-25 03:36 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-25 03:36 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-25 03:36 - 2015-11-08 23:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-12-25 03:36 - 2015-11-08 23:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-25 03:36 - 2015-11-08 23:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-12-25 03:36 - 2015-11-08 22:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-25 03:36 - 2015-11-08 22:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-25 03:36 - 2015-11-08 22:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-25 03:36 - 2015-11-08 22:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-12-25 03:36 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-25 03:36 - 2015-11-08 22:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-12-25 03:36 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-25 03:36 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-25 03:36 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-25 03:36 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-25 03:36 - 2015-11-08 22:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-12-25 03:36 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-25 03:36 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-25 03:36 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-25 03:36 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-25 03:35 - 2015-11-11 19:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-25 03:35 - 2015-11-11 19:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-25 03:35 - 2015-11-11 19:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-25 03:35 - 2015-11-11 19:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-25 03:35 - 2015-11-10 19:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-25 03:35 - 2015-11-10 19:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-25 03:35 - 2015-11-10 19:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-25 03:35 - 2015-11-10 19:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-25 03:35 - 2015-11-10 19:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-25 03:35 - 2015-11-10 18:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-25 03:35 - 2015-11-05 20:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-12-25 03:35 - 2015-11-05 20:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2015-12-25 03:35 - 2015-11-05 20:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-12-25 03:35 - 2015-11-05 20:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-12-25 03:35 - 2015-11-05 10:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-25 03:35 - 2015-11-03 20:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-12-25 03:35 - 2015-11-03 20:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-25 03:35 - 2015-11-03 19:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-12-25 03:35 - 2015-11-03 19:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2015-12-25 03:35 - 2015-09-18 20:22 - 00025432 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-12-25 03:35 - 2015-09-18 20:19 - 01291264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-12-25 03:35 - 2015-09-18 20:19 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-12-25 03:35 - 2015-09-18 20:19 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-12-25 03:35 - 2015-09-18 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-12-25 03:35 - 2015-09-18 20:19 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-12-25 03:35 - 2015-09-18 20:09 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-12-25 03:21 - 2015-12-25 03:21 - 01466656 _____ C:\Users\David\Desktop\Revo Uninstaller - CHIP-Installer.exe
2015-12-25 02:39 - 2015-12-25 02:43 - 167583000 _____ (Apple Inc.) C:\Users\David\Desktop\iTunes6464Setup.exe
2015-12-25 02:23 - 2015-12-25 02:24 - 00000000 ____D C:\Users\David\Desktop\Tweaking.com - Windows Repair
2015-12-25 02:20 - 2015-12-25 02:23 - 00000000 ____D C:\Users\David\Desktop\windowsblah
2015-12-25 01:43 - 2015-12-25 01:43 - 05565384 _____ (Piriform Ltd) C:\Users\David\Desktop\ccsetup512_slim.exe
2015-12-25 00:51 - 2015-12-25 00:51 - 00003591 _____ C:\Users\David\Desktop\Msirepair.reg
2015-12-24 03:42 - 2015-12-24 05:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-24 03:03 - 2015-12-24 03:03 - 00170696 _____ (Lenovo.) C:\Windows\system32\ibmpmsvc.exe
2015-12-24 03:03 - 2015-12-24 03:03 - 00081096 _____ (Lenovo.) C:\Windows\system32\ibmpmctl.exe
2015-12-24 03:03 - 2015-12-24 03:03 - 00073888 _____ (Lenovo.) C:\Windows\system32\Drivers\ibmpmdrv.sys
2015-12-24 03:03 - 2015-12-24 03:03 - 00050888 _____ (Lenovo.) C:\Windows\system32\tpinspm.dll
2015-12-22 21:29 - 2015-12-22 21:29 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-12-22 21:29 - 2015-12-22 21:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-12-22 05:28 - 2015-12-22 05:28 - 00000000 ____D C:\Users\David\AppData\Local\TempTaskUpdateDetection25EBBC91-D660-4D31-A861-CBE235E68FDD
2015-12-19 01:38 - 2015-12-19 01:38 - 04967624 _____ (concept/design GmbH ) C:\Users\David\Desktop\otv11setup.exe
2015-12-19 01:38 - 2015-12-19 01:38 - 00001229 _____ C:\Users\David\Desktop\onlineTV 11.lnk
2015-12-19 01:38 - 2015-12-19 01:38 - 00000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\concept design
2015-12-19 01:38 - 2015-12-19 01:38 - 00000000 ____D C:\Users\David\AppData\Roaming\concept design
2015-12-19 01:38 - 2015-12-19 01:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\concept design
2015-12-19 01:38 - 2015-12-19 01:38 - 00000000 ____D C:\Program Files (x86)\concept design
2015-12-18 23:20 - 2015-12-18 23:20 - 00000000 ____D C:\Users\David\AppData\Local\btf game division
2015-12-18 23:19 - 2015-12-18 23:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameRoyale
2015-12-18 23:19 - 2015-12-18 23:19 - 00000000 ____D C:\Program Files (x86)\GameRoyale
2015-12-18 23:18 - 2015-12-18 23:18 - 57439949 _____ (btf GmbH ) C:\Users\David\Desktop\game_royale_windows.exe
2015-12-18 20:41 - 2015-12-18 20:41 - 00106756 _____ C:\Users\David\Desktop\mikro_klausur.pdf
2015-12-18 05:30 - 2015-12-18 05:30 - 00222254 _____ C:\Windows\ntbtlog.txt
2015-12-17 02:52 - 2015-12-17 03:22 - 00000000 ____D C:\Users\David\AppData\Local\Artipic
2015-12-17 02:14 - 2015-12-17 02:14 - 00001340 _____ C:\Users\Public\Desktop\Artipic.lnk
2015-12-17 02:14 - 2015-12-17 02:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Artipic
2015-12-17 02:14 - 2015-12-17 02:14 - 00000000 ____D C:\Program Files (x86)\Artipic AB
2015-12-17 02:13 - 2015-12-17 02:13 - 41015784 _____ (Artipic AB ) C:\Users\David\Desktop\17_ArtipicSetup-WIN-2-3-3-CHIP.exe
2015-12-14 19:18 - 2015-12-14 19:18 - 00000000 ____D C:\Users\David\Desktop\DCIM
2015-12-13 17:26 - 2015-12-13 17:26 - 00000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-12-13 02:24 - 2015-12-18 20:45 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2015-12-13 02:24 - 2015-12-13 02:24 - 01846024 _____ (Malwarebytes ) C:\Users\David\Desktop\mbae-setup-1.08.1.1045.exe
2015-12-13 02:24 - 2015-12-13 02:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2015-12-13 02:24 - 2015-12-13 02:24 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit
2015-12-13 02:19 - 2015-12-13 02:19 - 00001343 _____ C:\DelFix.txt
2015-12-13 02:19 - 2015-12-13 02:19 - 00000000 ____D C:\Windows\ERUNT
2015-12-11 18:03 - 2015-12-11 18:03 - 00000000 ____D C:\Users\David\Documents\Incomedia
2015-12-11 16:07 - 2015-12-11 16:07 - 00000000 ____D C:\Users\David\AppData\Roaming\ProductData
2015-12-11 14:23 - 2015-12-26 08:51 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-11 14:23 - 2015-12-11 14:23 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-12-11 14:23 - 2015-12-11 14:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-12-11 14:23 - 2015-12-11 14:23 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-11 14:23 - 2015-12-11 14:23 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-12-11 14:23 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-12-11 14:23 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-12-11 14:23 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-12-10 03:53 - 2015-12-10 03:55 - 00000000 ____D C:\Users\David\AppData\Local\CyberGhost
2015-12-10 03:52 - 2015-12-21 01:12 - 00001772 _____ C:\Users\David\Desktop\CyberGhost 5.lnk
2015-12-10 03:52 - 2015-12-10 03:53 - 00000000 ____D C:\Program Files\CyberGhost 5
2015-12-10 03:52 - 2015-12-10 03:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 5
2015-12-10 03:47 - 2015-12-10 03:47 - 00001128 _____ C:\Users\Public\Desktop\WebSite X5 Compact 11.lnk
2015-12-10 03:47 - 2015-12-10 03:47 - 00000000 ____D C:\Users\David\AppData\Local\Incomedia
2015-12-10 03:47 - 2015-12-10 03:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WebSite X5 v11 - Compact
2015-12-10 03:46 - 2015-12-10 03:47 - 00000000 ____D C:\Program Files (x86)\WebSite X5 v11 - Compact
2015-12-08 13:29 - 2015-12-08 13:29 - 00519680 _____ (Intel Corporation) C:\Windows\system32\Drivers\e1d62x64.sys
2015-12-08 13:29 - 2015-12-08 13:29 - 00082240 _____ (Intel Corporation) C:\Windows\system32\e1dmsg.dll
2015-12-08 13:26 - 2015-12-08 13:26 - 00099336 _____ (Intel Corporation) C:\Windows\system32\NicInstD.dll
2015-12-06 01:57 - 2015-12-06 01:57 - 00000202 _____ C:\Users\David\Desktop\Enclave.url
2015-12-06 01:56 - 2015-12-06 01:56 - 00000202 _____ C:\Users\David\Desktop\Deponia.url
2015-12-05 14:57 - 2015-12-05 14:59 - 00000000 ___RD C:\Temp1
2015-12-04 10:39 - 2015-12-06 20:34 - 00000000 ____D C:\Users\David\AppData\Local\Daedalic Entertainment
2015-12-04 01:33 - 2015-12-04 01:33 - 00000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2015-12-04 01:33 - 2015-12-04 01:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage
2015-12-03 23:55 - 2015-12-03 23:55 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-03 23:55 - 2015-12-03 23:55 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-03 23:55 - 2015-12-03 23:55 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-03 23:55 - 2015-12-03 23:55 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-03 23:55 - 2015-12-03 23:55 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2015-12-03 23:55 - 2015-12-03 23:55 - 00419928 _____ C:\Windows\system32\locale.nls
2015-12-03 23:55 - 2015-12-03 23:55 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-03 23:55 - 2015-12-03 23:55 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-03 23:55 - 2015-12-03 23:55 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-03 23:55 - 2015-12-03 23:55 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-03 23:55 - 2015-12-03 23:55 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-03 23:55 - 2015-12-03 23:55 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-03 23:55 - 2015-12-03 23:55 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2015-12-03 23:55 - 2015-12-03 23:55 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2015-12-03 23:55 - 2015-12-03 23:55 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-03 23:55 - 2015-12-03 23:55 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-03 23:55 - 2015-12-03 23:55 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-03 23:55 - 2015-12-03 23:55 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-03 23:55 - 2015-12-03 23:55 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-03 23:55 - 2015-12-03 23:55 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-12-03 23:55 - 2015-12-03 23:55 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2015-12-03 23:55 - 2015-12-03 23:55 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2015-12-03 23:55 - 2015-12-03 23:55 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2015-12-03 23:55 - 2015-12-03 23:55 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2015-12-03 23:55 - 2015-12-03 23:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2015-12-03 23:55 - 2015-12-03 23:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2015-12-03 23:51 - 2015-12-03 23:51 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-12-03 23:51 - 2015-12-03 23:51 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-12-03 23:51 - 2015-12-03 23:51 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-12-03 23:51 - 2015-12-03 23:51 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-12-03 23:51 - 2015-12-03 23:51 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-12-03 23:51 - 2015-12-03 23:51 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-12-03 23:51 - 2015-12-03 23:51 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-12-03 23:51 - 2015-12-03 23:51 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-12-03 23:51 - 2015-12-03 23:51 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-12-03 23:51 - 2015-12-03 23:51 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-12-03 23:51 - 2015-12-03 23:51 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-12-03 23:51 - 2015-12-03 23:51 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-12-03 23:51 - 2015-12-03 23:51 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-12-03 23:51 - 2015-12-03 23:51 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-12-03 23:51 - 2015-12-03 23:51 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-12-03 23:51 - 2015-12-03 23:51 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-12-03 23:51 - 2015-12-03 23:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-12-03 23:51 - 2015-12-03 23:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-12-03 23:50 - 2015-12-03 23:50 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-12-03 23:50 - 2015-12-03 23:50 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-12-03 23:50 - 2015-12-03 23:50 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-12-03 23:48 - 2015-12-03 23:48 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-12-03 23:48 - 2015-12-03 23:48 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-12-03 23:48 - 2015-12-03 23:48 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-12-03 23:47 - 2015-12-03 23:47 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-12-03 23:47 - 2015-12-03 23:47 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-12-03 23:47 - 2015-12-03 23:47 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-12-03 23:47 - 2015-12-03 23:47 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-12-03 23:47 - 2015-12-03 23:47 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-12-03 23:47 - 2015-12-03 23:47 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-12-03 23:47 - 2015-12-03 23:47 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-12-03 23:47 - 2015-12-03 23:47 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-12-03 23:47 - 2015-12-03 23:47 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-12-03 23:47 - 2015-12-03 23:47 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-12-03 23:46 - 2015-12-03 23:46 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-12-03 23:46 - 2015-12-03 23:46 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-12-03 23:46 - 2015-12-03 23:46 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-12-03 23:46 - 2015-12-03 23:46 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-12-03 23:46 - 2015-12-03 23:46 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-12-03 23:46 - 2015-12-03 23:46 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-12-03 23:45 - 2015-12-03 23:45 - 14176768 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-12-03 23:45 - 2015-12-03 23:45 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-12-03 23:45 - 2015-12-03 23:45 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-12-03 23:45 - 2015-12-03 23:45 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-12-03 23:44 - 2015-12-03 23:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-12-03 23:44 - 2015-12-03 23:44 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2015-12-02 15:49 - 2015-01-10 15:32 - 00128288 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll
2015-12-02 15:49 - 2014-06-04 15:17 - 00034080 _____ (IObit) C:\Windows\system32\SmartDefragBootTime.exe
2015-12-02 15:47 - 2015-12-02 15:47 - 44236800 _____ C:\Windows\system32\config\COMPONENTS.iobit
2015-12-02 15:36 - 2015-12-02 15:36 - 87769088 _____ C:\Windows\system32\config\SOFTWARE.iobit
2015-12-02 15:36 - 2015-12-02 15:36 - 00258048 _____ C:\Windows\system32\config\DEFAULT.iobit
2015-12-02 15:36 - 2015-12-02 15:36 - 00028672 _____ C:\Windows\system32\config\SECURITY.iobit
2015-12-02 15:36 - 2015-12-02 15:36 - 00024576 _____ C:\Windows\system32\config\SAM.iobit
2015-12-02 15:30 - 2015-12-02 15:30 - 10129672 _____ C:\Windows\system32\Drivers\Netwfw02.dat
2015-12-02 15:30 - 2015-12-02 15:30 - 09890008 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RsCRIcon.dll
2015-12-02 15:30 - 2015-12-02 15:30 - 04011760 _____ (Intel Corporation) C:\Windows\system32\Drivers\Netwsw02.sys
2015-12-02 15:30 - 2015-12-02 15:30 - 00752856 _____ (Realsil Semiconductor Corporation) C:\Windows\system32\Drivers\RtsPer.sys
2015-12-02 15:30 - 2015-12-02 15:30 - 00125728 _____ (Intel Corporation) C:\Windows\system32\NicCo4.dll
2015-12-02 15:30 - 2015-12-02 15:30 - 00083160 _____ (Realtek Semiconductor.) C:\Windows\system32\RtCRX64.dll
2015-12-02 15:30 - 2015-12-02 15:30 - 00003130 _____ C:\Windows\system32\e1d62x64.din
2015-12-02 15:30 - 2015-12-02 15:30 - 00000000 ____D C:\Windows\SysWOW64\sda
2015-12-02 15:29 - 2015-12-02 15:29 - 01455552 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorA.sys
2015-12-02 15:29 - 2015-12-02 15:29 - 00031144 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorF.sys
2015-12-02 15:28 - 2015-12-02 15:28 - 27022520 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10iumd32.dll
2015-12-02 15:28 - 2015-12-02 15:28 - 26190816 _____ (Intel Corporation) C:\Windows\system32\igdumdim64.dll
2015-12-02 15:28 - 2015-12-02 15:28 - 25730400 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdim32.dll
2015-12-02 15:28 - 2015-12-02 15:28 - 23048704 _____ (Intel Corporation) C:\Windows\system32\igdfcl64.dll
2015-12-02 15:28 - 2015-12-02 15:28 - 18032640 _____ (Intel Corporation) C:\Windows\SysWOW64\igdfcl32.dll
2015-12-02 15:28 - 2015-12-02 15:28 - 08176128 _____ (Intel Corporation) C:\Windows\system32\ig75icd64.dll
2015-12-02 15:28 - 2015-12-02 15:28 - 06434816 _____ (Intel Corporation) C:\Windows\SysWOW64\ig75icd32.dll
2015-12-02 15:28 - 2015-12-02 15:28 - 04342600 _____ (Intel Corporation) C:\Windows\system32\Gfxv4_0.exe
2015-12-02 15:28 - 2015-12-02 15:28 - 04339016 _____ (Intel Corporation) C:\Windows\system32\Gfxv2_0.exe
2015-12-02 15:28 - 2015-12-02 15:28 - 03789824 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2015-12-02 15:28 - 2015-12-02 15:28 - 03657984 _____ (Intel Corporation) C:\Windows\SysWOW64\igdusc32.dll
2015-12-02 15:28 - 2015-12-02 15:28 - 02019840 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2015-12-02 15:28 - 2015-12-02 15:28 - 01753088 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2015-12-02 15:28 - 2015-12-02 15:28 - 01675264 _____ (Intel Corporation) C:\Windows\system32\igdrcl64.dll
2015-12-02 15:28 - 2015-12-02 15:28 - 01554944 _____ (Intel Corporation) C:\Windows\SysWOW64\igdrcl32.dll
2015-12-02 15:28 - 2015-12-02 15:28 - 01137080 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2015-12-02 15:28 - 2015-12-02 15:28 - 01132960 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2015-12-02 15:28 - 2015-12-02 15:28 - 00929608 _____ (Intel Corporation) C:\Windows\system32\GfxUIEx.exe
2015-12-02 15:28 - 2015-12-02 15:28 - 00734208 _____ (Intel Corporation) C:\Windows\system32\MetroIntelGenericUIFramework.dll
2015-12-02 15:28 - 2015-12-02 15:28 - 00543560 _____ (Intel Corporation) C:\Windows\system32\DPTopologyApp.exe
2015-12-02 15:28 - 2015-12-02 15:28 - 00543048 _____ (Intel Corporation) C:\Windows\system32\DPTopologyAppv2_0.exe
2015-12-02 15:28 - 2015-12-02 15:28 - 00433560 _____ C:\Windows\system32\igdmd64.dll
2015-12-02 15:28 - 2015-12-02 15:28 - 00392520 _____ (Intel Corporation) C:\Windows\system32\CustomModeApp.exe
2015-12-02 15:28 - 2015-12-02 15:28 - 00392008 _____ (Intel Corporation) C:\Windows\system32\CustomModeAppv2_0.exe
2015-12-02 15:28 - 2015-12-02 15:28 - 00373248 _____ (Intel Corporation) C:\Windows\system32\igfxOSP.dll
2015-12-02 15:28 - 2015-12-02 15:28 - 00348088 _____ C:\Windows\SysWOW64\igdmd32.dll
2015-12-02 15:28 - 2015-12-02 15:28 - 00330240 _____ (Intel Corporation) C:\Windows\system32\igdbcl64.dll
2015-12-02 15:28 - 2015-12-02 15:28 - 00320512 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll
2015-12-02 15:28 - 2015-12-02 15:28 - 00291328 _____ (Intel Corporation) C:\Windows\SysWOW64\igdbcl32.dll
2015-12-02 15:28 - 2015-12-02 15:28 - 00278344 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2015-12-02 15:28 - 2015-12-02 15:28 - 00265216 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelOpenCL32.dll
2015-12-02 15:28 - 2015-12-02 15:28 - 00254976 _____ C:\Windows\system32\igfxCPL.cpl
2015-12-02 15:28 - 2015-12-02 15:28 - 00223744 _____ C:\Windows\system32\igdde64.dll
2015-12-02 15:28 - 2015-12-02 15:28 - 00218808 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2015-12-02 15:28 - 2015-12-02 15:28 - 00212992 _____ (Intel Corporation) C:\Windows\system32\igfxDTCM.dll
2015-12-02 15:28 - 2015-12-02 15:28 - 00190792 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2015-12-02 15:28 - 2015-12-02 15:28 - 00187408 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2015-12-02 15:28 - 2015-12-02 15:28 - 00187348 __RSH C:\Windows\system32\resTHA.cui
2015-12-02 15:28 - 2015-12-02 15:28 - 00183808 _____ C:\Windows\SysWOW64\igdde32.dll
2015-12-02 15:28 - 2015-12-02 15:28 - 00183800 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2015-12-02 15:28 - 2015-12-02 15:28 - 00182784 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v3574.dll
2015-12-02 15:28 - 2015-12-02 15:28 - 00182784 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll
2015-12-02 15:28 - 2015-12-02 15:28 - 00180164 __RSH C:\Windows\system32\resELL.cui
2015-12-02 15:28 - 2015-12-02 15:28 - 00176020 __RSH C:\Windows\system32\resRUS.cui
2015-12-02 15:28 - 2015-12-02 15:28 - 00161876 __RSH C:\Windows\system32\resARA.cui
2015-12-02 15:28 - 2015-12-02 15:28 - 00161332 __RSH C:\Windows\system32\resHEB.cui
2015-12-02 15:28 - 2015-12-02 15:28 - 00161268 __RSH C:\Windows\system32\resJPN.cui
2015-12-02 15:28 - 2015-12-02 15:28 - 00160256 _____ C:\Windows\system32\igdail64.dll
2015-12-02 15:28 - 2015-12-02 15:28 - 00158032 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2015-12-02 15:28 - 2015-12-02 15:28 - 00156692 __RSH C:\Windows\system32\resFRA.cui
2015-12-02 15:28 - 2015-12-02 15:28 - 00156676 __RSH C:\Windows\system32\resHUN.cui
2015-12-02 15:28 - 2015-12-02 15:28 - 00155136 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
2015-12-02 15:28 - 2015-12-02 15:28 - 00154980 __RSH C:\Windows\system32\resKOR.cui
2015-12-02 15:28 - 2015-12-02 15:28 - 00154884 __RSH C:\Windows\system32\resITA.cui
2015-12-02 15:28 - 2015-12-02 15:28 - 00154884 __RSH C:\Windows\system32\resDEU.cui
2015-12-02 15:28 - 2015-12-02 15:28 - 00154724 __RSH C:\Windows\system32\resROM.cui
2015-12-02 15:28 - 2015-12-02 15:28 - 00154612 __RSH C:\Windows\system32\resESN.cui
2015-12-02 15:28 - 2015-12-02 15:28 - 00154180 __RSH C:\Windows\system32\resPLK.cui
2015-12-02 15:28 - 2015-12-02 15:28 - 00154036 __RSH C:\Windows\system32\resSKY.cui
2015-12-02 15:28 - 2015-12-02 15:28 - 00153844 __RSH C:\Windows\system32\resNLD.cui
2015-12-02 15:28 - 2015-12-02 15:28 - 00153284 __RSH C:\Windows\system32\resPTB.cui
2015-12-02 15:28 - 2015-12-02 15:28 - 00153140 __RSH C:\Windows\system32\resTRK.cui
2015-12-02 15:28 - 2015-12-02 15:28 - 00153108 __RSH C:\Windows\system32\resCSY.cui
2015-12-02 15:28 - 2015-12-02 15:28 - 00152980 __RSH C:\Windows\system32\resPTG.cui
2015-12-02 15:28 - 2015-12-02 15:28 - 00152564 __RSH C:\Windows\system32\resFIN.cui
2015-12-02 15:28 - 2015-12-02 15:28 - 00152392 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2015-12-02 15:28 - 2015-12-02 15:28 - 00152132 __RSH C:\Windows\system32\resHRV.cui
2015-12-02 15:28 - 2015-12-02 15:28 - 00151684 __RSH C:\Windows\system32\resSVE.cui
2015-12-02 15:28 - 2015-12-02 15:28 - 00151508 __RSH C:\Windows\system32\resSLV.cui
2015-12-02 15:28 - 2015-12-02 15:28 - 00150580 __RSH C:\Windows\system32\resNOR.cui
2015-12-02 15:28 - 2015-12-02 15:28 - 00150068 __RSH C:\Windows\system32\resDAN.cui
2015-12-02 15:28 - 2015-12-02 15:28 - 00148756 __RSH C:\Windows\system32\resENU.cui
2015-12-02 15:28 - 2015-12-02 15:28 - 00146980 __RSH C:\Windows\system32\resCHT.cui
2015-12-02 15:28 - 2015-12-02 15:28 - 00146148 __RSH C:\Windows\system32\resCHS.cui
2015-12-02 15:28 - 2015-12-02 15:28 - 00142848 _____ C:\Windows\SysWOW64\igdail32.dll
2015-12-02 15:28 - 2015-12-02 15:28 - 00070144 _____ C:\Windows\system32\igfxCUIServicePS.dll
2015-12-02 15:28 - 2015-12-02 15:28 - 00069632 _____ ( ) C:\Windows\system32\igfxDHLibv2_0.dll
2015-12-02 15:28 - 2015-12-02 15:28 - 00057856 _____ ( ) C:\Windows\system32\igfxDHLib.dll
2015-12-02 15:28 - 2015-12-02 15:28 - 00031408 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2015-12-02 15:28 - 2015-12-02 15:28 - 00030720 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2015-12-02 15:28 - 2015-12-02 15:28 - 00010752 _____ ( ) C:\Windows\system32\igfxDILib.dll
2015-12-02 15:28 - 2015-12-02 15:28 - 00010240 _____ ( ) C:\Windows\system32\igfxEMLibv2_0.dll
2015-12-02 15:28 - 2015-12-02 15:28 - 00010240 _____ ( ) C:\Windows\system32\igfxEMLib.dll
2015-12-02 15:28 - 2015-12-02 15:28 - 00010240 _____ ( ) C:\Windows\system32\igfxDILibv2_0.dll
2015-12-02 15:28 - 2015-12-02 15:28 - 00005120 _____ ( ) C:\Windows\system32\igfxLHMLibv2_0.dll
2015-12-02 15:28 - 2015-12-02 15:28 - 00005120 _____ ( ) C:\Windows\system32\igfxLHMLib.dll
2015-12-02 15:28 - 2015-12-02 15:28 - 00002568 _____ C:\Windows\system32\iglhxs64.vp
2015-12-02 15:27 - 2015-12-02 15:27 - 00179456 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
2015-12-02 15:27 - 2015-12-02 15:27 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-12-02 15:26 - 2015-12-02 15:26 - 00032936 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2015-12-02 15:21 - 2015-12-02 15:21 - 00000000 ____D C:\Windows\Tasks\ImCleanDisabled
2015-12-02 15:21 - 2015-12-02 15:21 - 00000000 ____D C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2015-12-02 15:20 - 2015-12-11 14:38 - 00000000 ____D C:\Users\David\AppData\Roaming\IObit
2015-12-02 15:20 - 2015-12-11 14:38 - 00000000 ____D C:\ProgramData\IObit
2015-12-02 15:20 - 2015-12-11 14:38 - 00000000 ____D C:\Program Files (x86)\IObit
2015-12-02 15:20 - 2015-12-10 01:33 - 00002168 _____ C:\Users\Public\Desktop\Driver Booster 3.lnk
2015-12-02 15:20 - 2015-12-02 15:21 - 00000000 ____D C:\Users\David\AppData\LocalLow\IObit
2015-12-02 15:20 - 2015-12-02 15:20 - 00026528 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2015-12-02 15:20 - 2015-12-02 15:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
2015-12-02 15:16 - 2015-12-26 08:51 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-02 15:16 - 2015-12-26 08:50 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-02 15:16 - 2015-12-17 00:30 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-02 15:16 - 2015-12-08 15:08 - 00004116 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-02 15:16 - 2015-12-08 15:08 - 00003864 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-02 15:16 - 2015-12-03 20:03 - 00000000 ____D C:\Users\David\AppData\Local\Google
2015-12-02 15:16 - 2015-12-02 15:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-02 15:16 - 2015-12-02 15:16 - 00000000 ____D C:\Program Files (x86)\Google
2015-12-01 22:49 - 2015-12-01 22:58 - 00005285 _____ C:\Users\David\Desktop\smileys_in.rar
2015-12-01 22:48 - 2015-12-01 22:57 - 00000000 ____D C:\Users\David\Desktop\smileys_in
2015-12-01 21:43 - 2015-12-01 21:43 - 00000000 ____D C:\Users\David\Desktop\ö
2015-12-01 13:52 - 2015-12-01 13:52 - 00000000 ____D C:\Users\David\AppData\Local\TempTaskUpdateDetectionF86EDC80-F68E-4C42-9F6B-A3E81CD6AAAD
2015-11-30 16:00 - 2015-11-30 16:01 - 00000000 ____D C:\Users\David\AppData\Roaming\Trillian
2015-11-30 16:00 - 2015-11-30 16:00 - 00001113 _____ C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trillian.lnk
2015-11-30 16:00 - 2015-11-30 16:00 - 00001083 _____ C:\Users\David\Desktop\Trillian.lnk
2015-11-30 15:59 - 2015-12-21 01:07 - 00000000 ____D C:\Program Files (x86)\Trillian
2015-11-30 15:15 - 2015-11-30 16:06 - 00000000 ____D C:\Users\David\AppData\Roaming\ICQM
2015-11-30 15:15 - 2015-11-30 15:17 - 00000000 ____D C:\Users\David\AppData\Roaming\ICQ-Profile
2015-11-30 15:15 - 2015-11-30 15:15 - 00001802 _____ C:\Users\David\Desktop\ICQ.lnk
2015-11-30 15:15 - 2015-11-30 15:15 - 00001660 _____ C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk
2015-11-30 15:15 - 2015-11-30 15:15 - 00000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2015-11-29 23:19 - 2015-11-29 23:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-11-29 23:19 - 2015-11-29 23:19 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-11-29 23:19 - 2015-11-29 23:19 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-11-29 16:20 - 2015-11-29 16:23 - 00000000 ____D C:\Users\David\AppData\Roaming\PhotoFiltre 7
2015-11-29 16:20 - 2015-11-29 16:23 - 00000000 ____D C:\Program Files (x86)\PhotoFiltre 7
2015-11-29 16:20 - 2015-11-29 16:20 - 00001066 _____ C:\Users\David\Desktop\PhotoFiltre 7.lnk
2015-11-29 16:20 - 2015-11-29 16:20 - 00000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7
2015-11-29 16:20 - 2015-11-29 16:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7
2015-11-29 16:18 - 2015-11-29 16:18 - 00001360 _____ C:\Users\David\AppData\Local\recently-used.xbel

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-26 08:55 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-26 08:51 - 2015-10-26 00:56 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-25 15:10 - 2009-07-14 05:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-25 15:10 - 2009-07-14 05:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-25 09:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-12-25 04:22 - 2011-04-12 08:43 - 00645354 _____ C:\Windows\system32\perfh007.dat
2015-12-25 04:22 - 2011-04-12 08:43 - 00130892 _____ C:\Windows\system32\perfc007.dat
2015-12-25 04:22 - 2009-07-14 06:13 - 01516610 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-25 04:22 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-25 04:18 - 2015-02-15 18:45 - 00000000 ____D C:\Users\David\AppData\Roaming\Skype
2015-12-25 04:18 - 2015-02-15 15:16 - 00000000 ____D C:\ProgramData\Validity
2015-12-25 04:18 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-25 04:17 - 2015-02-13 19:24 - 00121946 _____ C:\bdlog.txt
2015-12-25 04:17 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2015-12-25 03:45 - 2009-07-14 05:45 - 00436784 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-25 03:44 - 2015-04-18 21:03 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-12-25 03:44 - 2015-04-18 21:03 - 00000000 ____D C:\Windows\system32\appraiser
2015-12-25 03:44 - 2015-04-07 00:08 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-12-25 03:44 - 2015-04-07 00:08 - 00000000 ___SD C:\Windows\system32\GWX
2015-12-25 03:40 - 2015-02-13 19:00 - 00000000 ____D C:\Windows\system32\MRT
2015-12-25 03:09 - 2015-07-09 14:47 - 00000000 ____D C:\Windows\Minidump
2015-12-25 02:37 - 2015-02-15 15:24 - 00111448 _____ C:\Users\David\AppData\Local\GDIPFONTCACHEV1.DAT
2015-12-25 02:33 - 2009-07-14 03:34 - 00000439 _____ C:\Windows\win.ini
2015-12-25 02:19 - 2009-07-14 03:34 - 00000855 _____ C:\Windows\system32\Drivers\etc\hosts_bak_118
2015-12-25 01:46 - 2015-02-23 01:18 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-12-25 01:46 - 2015-02-13 15:40 - 00000000 ____D C:\Program Files (x86)\Cisco
2015-12-25 01:30 - 2015-02-17 13:29 - 00000000 ____D C:\Users\David\AppData\Roaming\Spotify
2015-12-25 01:30 - 2015-02-17 13:29 - 00000000 ____D C:\Users\David\AppData\Local\Spotify
2015-12-25 00:42 - 2015-02-15 14:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-12-22 21:29 - 2015-10-29 22:33 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2015-12-22 21:29 - 2015-02-15 18:45 - 00000000 ____D C:\Users\David\AppData\Local\Skype
2015-12-22 21:29 - 2015-02-15 18:45 - 00000000 ____D C:\ProgramData\Skype
2015-12-18 23:19 - 2015-02-13 15:40 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-13 02:39 - 2015-03-14 14:30 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-12-13 02:17 - 2015-02-13 15:20 - 00000000 ____D C:\Users\David
2015-12-11 16:05 - 2015-03-14 14:58 - 00000000 ____D C:\Users\David\AppData\LocalLow\Temp
2015-12-11 14:30 - 2015-10-25 12:42 - 00000000 ____D C:\Users\David\Desktop\ESS
2015-12-09 08:36 - 2015-10-26 00:56 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-09 08:36 - 2015-02-15 18:28 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-09 08:36 - 2015-02-15 18:28 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-07 16:21 - 2009-07-14 03:34 - 00000855 _____ C:\Windows\system32\Drivers\etc\hosts_bak_13
2015-12-06 01:57 - 2015-02-15 20:41 - 00000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-12-05 14:13 - 2011-04-12 08:55 - 00000000 ____D C:\Program Files\Windows Journal
2015-12-04 01:33 - 2015-02-15 15:20 - 00000000 ____D C:\Windows\System32\Tasks\Lenovo
2015-12-04 01:33 - 2015-02-15 15:00 - 00000000 ____D C:\Program Files (x86)\Lenovo
2015-12-04 01:32 - 2015-02-15 15:20 - 00000000 ____D C:\Windows\Downloaded Installations
2015-12-04 00:58 - 2015-04-14 15:25 - 00000000 ____D C:\Users\David\AppData\OICE_15_974FA576_32C1D314_34A
2015-12-04 00:28 - 2009-07-14 03:34 - 00000872 _____ C:\Windows\system32\Drivers\etc\hosts_bak_158
2015-12-04 00:20 - 2009-07-14 05:54 - 00000749 ___RH C:\Windows\WindowsShell.Manifest
2015-12-04 00:20 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Libraries
2015-12-03 23:53 - 2015-02-13 18:45 - 01592784 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-12-02 15:42 - 2015-02-13 23:06 - 00000000 ____D C:\Windows\Panther
2015-12-02 15:32 - 2015-02-15 15:26 - 00000451 _____ C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-12-02 15:32 - 2015-02-15 15:26 - 00000000 __SHD C:\Users\David\IntelGraphicsProfiles
2015-12-02 15:28 - 2015-02-15 15:07 - 27392320 _____ (Intel Corporation) C:\Windows\system32\igd10iumd64.dll
2015-12-02 15:28 - 2015-02-15 15:07 - 04589640 _____ (Intel Corporation) C:\Windows\system32\igdusc64.dll
2015-12-02 15:28 - 2015-02-15 15:07 - 00655360 _____ (Intel Corporation) C:\Windows\system32\igfxDH.dll
2015-12-02 15:28 - 2015-02-15 15:07 - 00501064 _____ (Intel Corporation) C:\Windows\system32\igfxEM.exe
2015-12-02 15:28 - 2015-02-15 15:07 - 00443208 _____ (Intel Corporation) C:\Windows\system32\igfxTray.exe
2015-12-02 15:28 - 2015-02-15 15:07 - 00314696 _____ (Intel Corporation) C:\Windows\system32\igfxCUIService.exe
2015-12-02 15:28 - 2015-02-15 15:07 - 00267264 _____ (Intel Corporation) C:\Windows\system32\igfxDI.dll
2015-12-02 15:28 - 2015-02-15 15:07 - 00249856 _____ (Intel Corporation) C:\Windows\system32\igfxLHM.dll
2015-12-02 15:28 - 2015-02-15 15:07 - 00243528 _____ (Intel Corporation) C:\Windows\system32\igfxHK.exe
2015-12-02 15:21 - 2015-02-23 01:18 - 00000000 ____D C:\Users\David\AppData\Roaming\Apple Computer
2015-12-01 18:07 - 2015-02-19 21:13 - 00000000 ____D C:\Users\David\AppData\Local\ElevatedDiagnostics
2015-11-29 21:41 - 2015-02-15 15:20 - 00000000 ____D C:\Users\David\AppData\Local\Adobe
2015-11-29 16:38 - 2015-08-07 15:40 - 00000000 ____D C:\Users\David\.gimp-2.8
2015-11-29 16:18 - 2015-08-07 15:54 - 00000000 ____D C:\Users\David\AppData\Local\gtk-2.0
2015-11-27 07:42 - 2015-03-14 14:33 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-11-26 02:22 - 2015-11-15 21:34 - 00000000 ____D C:\Users\David\Documents\Die Kunst des Mordens – Der Marionettenspieler DE
2015-11-26 00:00 - 2015-05-13 13:30 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-11-29 16:18 - 2015-11-29 16:18 - 0001360 _____ () C:\Users\David\AppData\Local\recently-used.xbel
2015-02-15 14:48 - 2015-02-15 14:48 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-12-21 15:47

==================== Ende von FRST.txt ============================
         
__________________

Alt 26.12.2015, 09:00   #4
Tseet
/// TB-Schüler
 
Win7: Windows Installer defekt - Standard

Lösung: Win7: Windows Installer defekt



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:25-12-2015
durchgeführt von David (2015-12-26 08:55:33)
Gestartet von C:\Users\David\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2015-02-13 14:20:20)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1911313962-1889918886-1752542047-500 - Administrator - Disabled)
David (S-1-5-21-1911313962-1889918886-1752542047-1000 - Administrator - Enabled) => C:\Users\David
Gast (S-1-5-21-1911313962-1889918886-1752542047-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1911313962-1889918886-1752542047-1004 - Limited - Enabled)
Test (S-1-5-21-1911313962-1889918886-1752542047-1005 - Administrator - Enabled) => C:\Users\Test

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.213 - Adobe Systems Incorporated)
Adobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.228 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Alcor Micro Smart Card Reader Driver (HKLM-x32\...\SZCCID) (Version: 1.7.34.0 - Alcor Micro Corp.)
Alcor Micro Smart Card Reader Driver (x32 Version: 1.7.34.0 - Alcor Micro Corp.) Hidden
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 8.42.20 - )
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Artipic (HKLM-x32\...\{C8A6CFF8-9D80-4C6C-B490-805AD9F2906B}}_is1) (Version: 2.3.3.8 - Artipic AB)
Bitdefender Total Security 2015 (HKLM\...\Bitdefender) (Version: 18.22.0.1521 - Bitdefender)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
concept/design onlineTV 11 (HKLM-x32\...\{8A4C3184-DA2F-4553-BF61-83F5690C3048}_is1) (Version: 11.15.10.22 - concept/design GmbH)
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version:  - CyberGhost S.R.L.)
Deponia (HKLM-x32\...\Steam App 214340) (Version:  - Daedalic Entertainment)
Die Kunst des Mordens – Der Marionettenspieler (0.2.15.9637) (HKLM-x32\...\Die Kunst des Mordens – Der Marionettenspieler_is1) (Version:  - City Interactive)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Enclave (HKLM-x32\...\Steam App 253980) (Version:  - Starbreeze)
Free Video to JPG Converter version 5.0.58.324 (HKLM-x32\...\Free Video to JPG Converter_is1) (Version: 5.0.58.324 - DVDVideoSoft Ltd.)
Game Royale Version 1.1 (HKLM-x32\...\{BED1C00F-3FC6-4380-AA86-7AF2D570C9EE}_is1) (Version: 1.1 - btf GmbH)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
ICQ 8.4 (build 7786) (HKU\S-1-5-21-1911313962-1889918886-1752542047-1000\...\ICQ) (Version: 8.4.7786.0 - ICQ)
ICQ 8.4 (build 7786) (HKU\S-1-5-21-1911313962-1889918886-1752542047-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\ICQ) (Version: 8.4.7786.0 - ICQ)
Incomedia WebSite X5 v11 - Compact (HKLM-x32\...\{C6AE8967-DF23-42DF-B362-8263A5496338}_is1) (Version: 11.0.8.31 - Incomedia s.r.l.)
Integrated Camera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 5.14.225.3 - Vimicro)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.13.1402 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 19.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3574 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{a9888f41-68ae-43df-bd7d-d93405a44106}) (Version: 17.13.11 - Intel Corporation)
iTunes (HKLM\...\{BFEAB774-C7DC-4032-B05A-DA5F7CB7B365}) (Version: 12.2.2.25 - Apple Inc.)
Lenovo Fingerprint Manager (HKLM\...\{1E36FF16-8B0B-4399-99D6-A33EE7D48EDC}) (Version: 4.5.266.0 - Synaptics)
Lenovo Fingerprint Manager (HKLM\...\{F7AB2C19-6A27-4C75-A92A-8CC7C59E5FA2}) (Version: 4.5.266.0 - )
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.11.06 - Lenovo)
Lenovo Solution Center (HKLM\...\{1CA74803-5CB2-4C03-BDBE-061EDC81CC7F}) (Version: 2.8.004.00 - Lenovo Group Limited)
Malwarebytes Anti-Exploit version 1.8.1.1045 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.8.1.1045 - Malwarebytes)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Message Center Plus (HKLM\...\{C2C2DB64-1BCE-4FA7-962D-457795ECCEC0}) (Version: 3.3.0004.00 - Lenovo Group Limited)
Message Center Plus (HKLM\...\{EE4D9822-C7F3-4386-8703-889CDDA22FAA}) (Version: 3.4.0001.00 - Lenovo Group Limited)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 15.0.4779.1002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{4fd02573-5f12-4ae4-8027-c63f8e1115af}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 43.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.2 (x86 de)) (Version: 43.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.2.5833 - Mozilla)
MPU (HKLM-x32\...\{3A556984-06AF-4BBC-A515-EECC1AD19890}) (Version: 1.0.1 - eifel-online GbR)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Opera 12.17 (HKLM\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
Passbild-Generator v4.0b (HKLM-x32\...\Passbild-Generator_is1) (Version:  - Passbild-Generator)
PDF24 Creator 7.4.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PhotoFiltre 7 (HKU\S-1-5-21-1911313962-1889918886-1752542047-1000\...\PhotoFiltre 7) (Version:  - )
PhotoFiltre 7 (HKU\S-1-5-21-1911313962-1889918886-1752542047-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\PhotoFiltre 7) (Version:  - )
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7272 - Realtek Semiconductor Corp.)
SimCity 4 Deluxe (HKLM-x32\...\Steam App 24780) (Version:  - EA - Maxis)
Skype™ 7.14 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.14.106 - Skype Technologies S.A.)
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version:  - Obsidian Entertainment)
Spotify (HKU\S-1-5-21-1911313962-1889918886-1752542047-1000\...\Spotify) (Version: 1.0.20.94.g8f8543b3 - Spotify AB)
Spotify (HKU\S-1-5-21-1911313962-1889918886-1752542047-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Spotify) (Version: 1.0.20.94.g8f8543b3 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.0.7.99 - Synaptics Incorporated)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Trillian (HKLM-x32\...\Trillian) (Version:  - Cerulean Studios, LLC)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.0 - VideoLAN)
WinRAR 5.21 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1911313962-1889918886-1752542047-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1911313962-1889918886-1752542047-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1911313962-1889918886-1752542047-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0E2D2F00-931E-438D-A27D-6D2D11C7C372} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-03-09] (Lenovo)
Task: {142E750E-C5F8-4904-BBCD-12BE8AECAA96} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-12-13] (Microsoft Corporation)
Task: {2F64B6BA-7CC7-4FF0-B390-9EA4F8BACB31} - System32\Tasks\Lenovo\Message Center Plus Launcher => C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe [2015-03-23] (Lenovo)
Task: {7353F5BA-7261-44C0-ABDF-6C9B370E0733} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-03-09] ()
Task: {8D518F64-EBF5-4110-A5E2-AFA715EA6C78} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-09] (Adobe Systems Incorporated)
Task: {96EC8AA8-232E-4F30-8568-43F499AE0E11} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-03-09] ()
Task: {991D8E1C-1BCB-437A-9458-0BE6BA177AF9} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2015-03-09] (Lenovo)
Task: {A420E151-E9B0-4378-9783-00ACB6C9BE74} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-03-09] (Lenovo)
Task: {B5EAA294-0783-4FB2-974F-35C1643842B2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation)
Task: {C3202BCE-FA47-496F-9E09-479E30B082B9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-28] (Microsoft Corporation)
Task: {C647AEDC-7470-49B8-BE18-C05267B6DB45} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {CF3A8117-FAC1-4E6E-B714-443F3682277C} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {D7FF020F-8964-45EB-BC77-F2C9D0F06756} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {E2A57FC4-2A93-475D-9717-115CFB7C26A4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-02] (Google Inc.)
Task: {E36F0E30-774F-4A0E-BACB-4CC2E523CA90} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-02] (Google Inc.)
Task: {EA161798-CBE0-436E-9A7B-26C8CA4BFA7E} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {EAA4E1A5-11BD-4BE4-BC8C-1FBED41096C2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-28] (Microsoft Corporation)
Task: {ED1F689A-2F63-4B87-B553-A370B210F809} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation)
Task: {F4CDD8CC-C7A1-456B-BBDF-635F9B9561F2} - System32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 => C:\Program Files\Bitdefender\Bitdefender 2015\bdproductdata.exe [2015-08-06] (Bitdefender)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-08-06 21:07 - 2014-08-27 15:31 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\txmlutil.dll
2015-08-06 21:07 - 2013-09-03 13:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdmetrics.dll
2015-08-06 21:07 - 2015-04-01 17:05 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\UI\accessl.ui
2015-08-06 21:07 - 2012-10-29 13:22 - 00152816 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdfwcore.dll
2015-12-03 19:47 - 2015-12-03 19:47 - 00876888 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_01250_007\ashttpbr.mdl
2015-12-03 19:47 - 2015-12-03 19:47 - 00742976 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_01250_007\ashttpdsp.mdl
2015-12-03 19:47 - 2015-12-03 19:47 - 02803536 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_01250_007\ashttpph.mdl
2015-12-03 19:47 - 2015-12-03 19:47 - 01415584 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_01250_007\ashttprbl.mdl
2015-03-14 14:30 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-12-10 03:52 - 2015-09-25 16:49 - 00032768 _____ () C:\Program Files\CyberGhost 5\de\CyberGhost.resources.dll
2015-12-10 03:52 - 2015-11-05 12:26 - 01435240 _____ () C:\Program Files\CyberGhost 5\Geckofx-Core.dll
2015-02-15 15:05 - 2013-07-16 15:39 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\David\Desktop\17_ArtipicSetup-WIN-2-3-3-CHIP.exe:BDU
AlternateDataStreams: C:\Users\David\Desktop\ccsetup512_slim.exe:BDU
AlternateDataStreams: C:\Users\David\Desktop\FRST64.exe:BDU
AlternateDataStreams: C:\Users\David\Desktop\game_royale_windows.exe:BDU
AlternateDataStreams: C:\Users\David\Desktop\iTunes6464Setup.exe:BDU
AlternateDataStreams: C:\Users\David\Desktop\mbae-setup-1.08.1.1045.exe:BDU
AlternateDataStreams: C:\Users\David\Desktop\otv11setup.exe:BDU
AlternateDataStreams: C:\Users\David\Desktop\Revo Uninstaller - CHIP-Installer.exe:BDU
AlternateDataStreams: C:\Users\Test\Downloads\iTunes6464Setup.exe.part:BDU

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\S-1-5-21-1911313962-1889918886-1752542047-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1911313962-1889918886-1752542047-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1911313962-1889918886-1752542047-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1911313962-1889918886-1752542047-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1911313962-1889918886-1752542047-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1911313962-1889918886-1752542047-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1911313962-1889918886-1752542047-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1911313962-1889918886-1752542047-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1911313962-1889918886-1752542047-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1911313962-1889918886-1752542047-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1911313962-1889918886-1752542047-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1911313962-1889918886-1752542047-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1911313962-1889918886-1752542047-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1911313962-1889918886-1752542047-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1911313962-1889918886-1752542047-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1911313962-1889918886-1752542047-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1911313962-1889918886-1752542047-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-1911313962-1889918886-1752542047-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-1911313962-1889918886-1752542047-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-1911313962-1889918886-1752542047-1000\...\100sexlinks.com -> 100sexlinks.com

Da befinden sich 4788 mehr Seiten.

IE restricted site: HKU\S-1-5-21-1911313962-1889918886-1752542047-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1911313962-1889918886-1752542047-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1911313962-1889918886-1752542047-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1911313962-1889918886-1752542047-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1911313962-1889918886-1752542047-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1911313962-1889918886-1752542047-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1911313962-1889918886-1752542047-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1911313962-1889918886-1752542047-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1911313962-1889918886-1752542047-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1911313962-1889918886-1752542047-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1911313962-1889918886-1752542047-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1911313962-1889918886-1752542047-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1911313962-1889918886-1752542047-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1911313962-1889918886-1752542047-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1911313962-1889918886-1752542047-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1911313962-1889918886-1752542047-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1911313962-1889918886-1752542047-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-1911313962-1889918886-1752542047-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-1911313962-1889918886-1752542047-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-1911313962-1889918886-1752542047-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100sexlinks.com -> 100sexlinks.com

Da befinden sich 4788 mehr Seiten.


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2015-12-25 02:33 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1911313962-1889918886-1752542047-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\David\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
HKU\S-1-5-21-1911313962-1889918886-1752542047-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\David\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
HKU\S-1-5-21-1911313962-1889918886-1752542047-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Test\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{A81BE579-917C-4F53-9B73-2EC0802E70F2}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{23ECF992-EC21-4EF9-8CC3-EA17C36A2BFF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CCBA4B60-5245-4752-B41B-48E2A9DD8683}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{ECC14478-3354-4003-B2C8-39A865AA4C1E}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{0B2FC994-78A5-4338-B02C-6E1BD65B14E6}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{E688EE0F-F8EB-4035-8E83-F416C81116AB}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{14C24A9B-CC58-4CE2-83C5-66EEBDC602A0}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{DBA39093-E51A-4DAA-9F34-A729C5D2D2F0}] => (Allow) E:\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{0791420D-1E85-47F9-B670-B61AAA8A1230}] => (Allow) E:\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{8EBBFA6F-2873-4FA5-9F24-18B469378781}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{96FA9E35-89A7-4B2D-804E-A10ECE2C6265}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{04637997-44F9-486A-9B1E-E6A3C85A8DCB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{FBF8E981-F0BF-4609-8730-62B65BD1B805}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4FFEF555-8BDC-4AD9-B2ED-845FA753B981}] => (Allow) E:\Steam\steamapps\common\SimCity 4 Deluxe\Apps\SimCity 4.exe
FirewallRules: [{31141118-1D6C-4088-A140-5C203F852911}] => (Allow) E:\Steam\steamapps\common\SimCity 4 Deluxe\Apps\SimCity 4.exe
FirewallRules: [{5D59E60C-07B9-4720-8FF8-422C4DDB28F8}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{F42DE304-8C0B-418F-997F-F3DF52BAA8D6}] => (Allow) C:\Program Files\Opera x64\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{F53DB53B-3222-4683-99F6-821BB56FA667}] => (Allow) C:\Program Files\Opera x64\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{0DB5168C-E8C0-4F2F-864A-AB6C167A6BCB}] => (Allow) C:\Program Files\Opera x64\pluginwrapper\opera_plugin_wrapper_32.exe
FirewallRules: [{41B7E842-3B53-4AA1-A686-1C4D9CC1AD4D}] => (Allow) C:\Program Files\Opera x64\pluginwrapper\opera_plugin_wrapper_32.exe
FirewallRules: [{CDD6FCFB-5F42-4FBB-BE7D-FD6323D1AE06}] => (Allow) C:\Program Files\Opera x64\opera.exe
FirewallRules: [{A90F0252-1129-4111-9F47-BDD4CE8F1660}] => (Allow) C:\Program Files\Opera x64\opera.exe
FirewallRules: [TCP Query User{F1AC011D-8BF7-4810-B999-4B5491D4DAC0}C:\users\david\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\david\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{61B53ACA-5241-44C1-AB4E-4B2559D35C44}C:\users\david\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\david\appdata\roaming\spotify\spotify.exe
FirewallRules: [{39F1EA44-A8F2-4BAE-8DF5-97C6991DCFBE}] => (Allow) E:\iTunes.exe
FirewallRules: [{DEDCAC26-2DFB-47DD-85F1-296D9B10C8CB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{69E293F6-9CFF-414C-B761-0133113A8A69}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D55C48D0-F880-4E88-92DC-046E2A895D31}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AF0FE2FA-F2C1-4F81-A50C-7EB3DBAAE077}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{E76F758A-FC76-400B-8FA3-8E977597996B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{9232D5AD-D978-451C-B063-F362CF72C249}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{F440F129-66D1-4FC7-A64B-FCEBB62B05C2}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{71278E7D-213B-482C-9F3A-C906E4C48615}] => (Allow) E:\Steam\steamapps\common\Deponia\deponia.exe
FirewallRules: [{4647E7CD-F0D0-442A-90EF-1531CD8F8349}] => (Allow) E:\Steam\steamapps\common\Deponia\deponia.exe
FirewallRules: [{774E9BF1-3DDA-44ED-A845-AAFDE88954CB}] => (Allow) E:\Steam\steamapps\common\Deponia\VisionaireConfigurationTool.exe
FirewallRules: [{A0533894-2F4F-4EBD-BF3A-0FE9F45F4595}] => (Allow) E:\Steam\steamapps\common\Deponia\VisionaireConfigurationTool.exe
FirewallRules: [{ABCCC7CD-AAC5-47D5-B6B6-85CD1580EC36}] => (Allow) E:\Steam\steamapps\common\Enclave\Enclave.exe
FirewallRules: [{5BFF3D7E-6446-48E8-A568-56D8A90349E0}] => (Allow) E:\Steam\steamapps\common\Enclave\Enclave.exe
FirewallRules: [{72DBFBDD-4AEF-4426-8339-A4A55DAB040C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{E8A26B85-D41F-4E30-9000-9AB7DDE469CF}] => (Allow) C:\Program Files (x86)\concept design\onlineTV 11\onlineTV.exe
FirewallRules: [{7648206B-F7AB-45F7-AFC6-61E806ACA4F7}] => (Allow) C:\Program Files (x86)\concept design\onlineTV 11\onlineTV.exe

==================== Wiederherstellungspunkte =========================

25-12-2015 00:56:34 Removed iTunes
25-12-2015 00:56:51 Removed iTunes
25-12-2015 01:45:37 Removed Apple Application Support (32-Bit)
25-12-2015 01:45:52 Removed Apple Mobile Device Support
25-12-2015 01:46:06 Removed Apple Application Support (64-Bit)
25-12-2015 01:46:34 Removed Apple Software Update
25-12-2015 01:46:47 Removed Cisco AnyConnect Secure Mobility Client
25-12-2015 01:47:04 Removed Apple Mobile Device Support
25-12-2015 01:47:41 Removed iTunes
25-12-2015 02:01:51 Tweaking.com - Windows Repair
25-12-2015 03:36:57 Windows Update
25-12-2015 03:50:32 Removed iTunes

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/26/2015 08:51:15 AM) (Source: LSCWinService) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Der Dienstprozess konnte keine Verbindung mit dem Dienstcontroller herstellen

Error: (12/25/2015 04:19:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Skype.exe, Version: 7.17.0.105, Zeitstempel: 0x56721832
Name des fehlerhaften Moduls: Skype.exe, Version: 7.17.0.105, Zeitstempel: 0x56721832
Ausnahmecode: 0x40000015
Fehleroffset: 0x00f739f7
ID des fehlerhaften Prozesses: 0x1774
Startzeit der fehlerhaften Anwendung: 0xSkype.exe0
Pfad der fehlerhaften Anwendung: Skype.exe1
Pfad des fehlerhaften Moduls: Skype.exe2
Berichtskennung: Skype.exe3

Error: (12/25/2015 04:18:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Skype.exe, Version: 7.17.0.105, Zeitstempel: 0x56721832
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xe0fafafa
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x1774
Startzeit der fehlerhaften Anwendung: 0xSkype.exe0
Pfad der fehlerhaften Anwendung: Skype.exe1
Pfad des fehlerhaften Moduls: Skype.exe2
Berichtskennung: Skype.exe3

Error: (12/25/2015 04:18:17 AM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: Die Registrierungsinformationen der Leistungsindikatoren für WSearchIdxPi für die Instanz   konnten wegen des folgenden Fehlers nicht abgerufen werden: Der Vorgang wurde erfolgreich beendet.   0x0.

Error: (12/25/2015 04:18:17 AM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.

Kontext:  Anwendung, SystemIndex Katalog

Error: (12/25/2015 04:18:17 AM) (Source: Windows Search Service) (EventID: 3006) (User: )
Description: Die Leistungsüberwachung kann für den Gatherer-Dienst nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.

Error: (12/25/2015 04:15:51 AM) (Source: MsiInstaller) (EventID: 11719) (User: David-PC)
Description: Produkt: iTunes -- Fehler 1719. Auf den Windows Installer-Dienst konnte nicht zugegriffen werden. Dies kann auftreten, wenn Windows im abgesicherten Modus ausgeführt wird oder wenn der Windows Installer nicht korrekt installiert wurde. Setzen Sie sich mit dem Supportpersonal in Verbindung, um weitere Unterstützung zu erhalten.

Error: (12/25/2015 03:50:42 AM) (Source: MsiInstaller) (EventID: 11719) (User: David-PC)
Description: Produkt: iTunes -- Fehler 1719. Auf den Windows Installer-Dienst konnte nicht zugegriffen werden. Dies kann auftreten, wenn Windows im abgesicherten Modus ausgeführt wird oder wenn der Windows Installer nicht korrekt installiert wurde. Setzen Sie sich mit dem Supportpersonal in Verbindung, um weitere Unterstützung zu erhalten.

Error: (12/25/2015 03:47:15 AM) (Source: MsiInstaller) (EventID: 11719) (User: David-PC)
Description: Produkt: iTunes -- Fehler 1719. Auf den Windows Installer-Dienst konnte nicht zugegriffen werden. Dies kann auftreten, wenn Windows im abgesicherten Modus ausgeführt wird oder wenn der Windows Installer nicht korrekt installiert wurde. Setzen Sie sich mit dem Supportpersonal in Verbindung, um weitere Unterstützung zu erhalten.

Error: (12/25/2015 03:45:42 AM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: Die Registrierungsinformationen der Leistungsindikatoren für WSearchIdxPi für die Instanz   konnten wegen des folgenden Fehlers nicht abgerufen werden: Der Vorgang wurde erfolgreich beendet.   0x0.


Systemfehler:
=============
Error: (12/26/2015 08:51:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "LSCWinService" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/25/2015 04:18:57 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet: 
%%2

Error: (12/25/2015 04:18:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Apple Mobile Device Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (12/25/2015 04:18:13 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Apple Mobile Device Service erreicht.

Error: (12/25/2015 03:46:22 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet: 
%%2

Error: (12/25/2015 03:45:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Apple Mobile Device Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (12/25/2015 03:45:38 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Apple Mobile Device Service erreicht.

Error: (12/25/2015 02:38:14 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet: 
%%2

Error: (12/25/2015 02:37:29 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Apple Mobile Device Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (12/25/2015 02:37:29 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Apple Mobile Device Service erreicht.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i3-4100M CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 44%
Installierter physikalischer RAM: 7912.56 MB
Verfügbarer physikalischer RAM: 4420.84 MB
Summe virtueller Speicher: 15823.33 MB
Verfügbarer virtueller Speicher: 11955.23 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:119.14 GB) (Free:52.45 GB) NTFS
Drive e: (Volume) (Fixed) (Total:465.63 GB) (Free:187.4 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 97C713DD)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Alt 26.12.2015, 09:07   #5
Tseet
/// TB-Schüler
 
Win7: Windows Installer defekt - Standard

Wie Win7: Windows Installer defekt



Der TDSSKILLER hat nichts gefunden:

Code:
ATTFilter
09:01:21.0064 0x1d10  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
09:01:27.0538 0x1d10  ============================================================
09:01:27.0538 0x1d10  Current date / time: 2015/12/26 09:01:27.0538
09:01:27.0539 0x1d10  SystemInfo:
09:01:27.0539 0x1d10  
09:01:27.0539 0x1d10  OS Version: 6.1.7601 ServicePack: 1.0
09:01:27.0539 0x1d10  Product type: Workstation
09:01:27.0539 0x1d10  ComputerName: DAVID-PC
09:01:27.0543 0x1d10  UserName: David
09:01:27.0543 0x1d10  Windows directory: C:\Windows
09:01:27.0543 0x1d10  System windows directory: C:\Windows
09:01:27.0543 0x1d10  Running under WOW64
09:01:27.0543 0x1d10  Processor architecture: Intel x64
09:01:27.0543 0x1d10  Number of processors: 4
09:01:27.0543 0x1d10  Page size: 0x1000
09:01:27.0543 0x1d10  Boot type: Normal boot
09:01:27.0543 0x1d10  ============================================================
09:01:43.0622 0x1d10  KLMD registered as C:\Windows\system32\drivers\52836531.sys
09:01:43.0918 0x1d10  System UUID: {9145FDFE-EF71-3026-DA46-0E8E23FB9083}
09:01:44.0765 0x1d10  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:01:44.0774 0x1d10  Drive \Device\Harddisk1\DR1 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:01:44.0787 0x1d10  ============================================================
09:01:44.0788 0x1d10  \Device\Harddisk0\DR0:
09:01:44.0788 0x1d10  GPT partitions:
09:01:44.0789 0x1d10  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {AA956A4E-8C43-43FD-92A8-37DD1C9A9C70}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
09:01:44.0789 0x1d10  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {99046B80-642C-4140-9E3C-E5AB3E4EE184}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x3A345000
09:01:44.0790 0x1d10  MBR partitions:
09:01:44.0790 0x1d10  \Device\Harddisk1\DR1:
09:01:44.0790 0x1d10  MBR partitions:
09:01:44.0790 0x1d10  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
09:01:44.0790 0x1d10  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xEE49000
09:01:44.0790 0x1d10  ============================================================
09:01:44.0792 0x1d10  C: <-> \Device\Harddisk1\DR1\Partition2
09:01:44.0796 0x1d10  E: <-> \Device\Harddisk0\DR0\Partition2
09:01:44.0796 0x1d10  ============================================================
09:01:44.0796 0x1d10  Initialize success
09:01:44.0797 0x1d10  ============================================================
09:02:56.0579 0x1870  ============================================================
09:02:56.0579 0x1870  Scan started
09:02:56.0579 0x1870  Mode: Manual; SigCheck; TDLFS; 
09:02:56.0579 0x1870  ============================================================
09:02:56.0579 0x1870  KSN ping started
09:02:59.0480 0x1870  KSN ping finished: true
09:03:00.0541 0x1870  ================ Scan system memory ========================
09:03:00.0541 0x1870  System memory - ok
09:03:00.0541 0x1870  ================ Scan services =============================
09:03:00.0572 0x1870  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
09:03:00.0619 0x1870  1394ohci - ok
09:03:00.0635 0x1870  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
09:03:00.0650 0x1870  ACPI - ok
09:03:00.0650 0x1870  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
09:03:00.0666 0x1870  AcpiPmi - ok
09:03:00.0682 0x1870  [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:03:00.0697 0x1870  AdobeARMservice - ok
09:03:00.0713 0x1870  [ F54564025D2284AE498E51D7C139F971, AAA48F38B81DB894854E8C84DB2E1F5C8447AA982D27C0BB78FF2786D9F80F83 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:03:00.0744 0x1870  AdobeFlashPlayerUpdateSvc - ok
09:03:00.0760 0x1870  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
09:03:00.0775 0x1870  adp94xx - ok
09:03:00.0791 0x1870  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
09:03:00.0806 0x1870  adpahci - ok
09:03:00.0806 0x1870  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
09:03:00.0822 0x1870  adpu320 - ok
09:03:00.0822 0x1870  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
09:03:00.0838 0x1870  AeLookupSvc - ok
09:03:00.0853 0x1870  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
09:03:00.0869 0x1870  AFD - ok
09:03:00.0869 0x1870  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
09:03:00.0884 0x1870  agp440 - ok
09:03:00.0884 0x1870  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
09:03:00.0900 0x1870  ALG - ok
09:03:00.0900 0x1870  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
09:03:00.0916 0x1870  aliide - ok
09:03:00.0916 0x1870  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
09:03:00.0916 0x1870  amdide - ok
09:03:00.0931 0x1870  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
09:03:00.0931 0x1870  AmdK8 - ok
09:03:00.0947 0x1870  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
09:03:00.0947 0x1870  AmdPPM - ok
09:03:00.0962 0x1870  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
09:03:00.0962 0x1870  amdsata - ok
09:03:00.0978 0x1870  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
09:03:00.0994 0x1870  amdsbs - ok
09:03:00.0994 0x1870  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
09:03:00.0994 0x1870  amdxata - ok
09:03:01.0009 0x1870  [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID           C:\Windows\system32\drivers\appid.sys
09:03:01.0009 0x1870  AppID - ok
09:03:01.0009 0x1870  [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
09:03:01.0025 0x1870  AppIDSvc - ok
09:03:01.0025 0x1870  [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo         C:\Windows\System32\appinfo.dll
09:03:01.0040 0x1870  Appinfo - ok
09:03:01.0040 0x1870  [ 6EB87FDB59AABF6D19C927492DEA0D36, 36168F8CC75D16917A30FA1FACF57659BC2ADF870D20DEE93F851D5348E605BB ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:03:01.0056 0x1870  Apple Mobile Device Service - ok
09:03:01.0056 0x1870  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
09:03:01.0072 0x1870  arc - ok
09:03:01.0072 0x1870  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
09:03:01.0087 0x1870  arcsas - ok
09:03:01.0103 0x1870  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:03:01.0118 0x1870  aspnet_state - ok
09:03:01.0118 0x1870  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
09:03:01.0150 0x1870  AsyncMac - ok
09:03:01.0150 0x1870  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
09:03:01.0150 0x1870  atapi - ok
09:03:01.0181 0x1870  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:03:01.0196 0x1870  AudioEndpointBuilder - ok
09:03:01.0212 0x1870  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
09:03:01.0228 0x1870  AudioSrv - ok
09:03:01.0259 0x1870  [ 1517FBA8213F75ECCD9311DE493DD8C9, B5296BE2501F19B525BBC774465CB03E06BD5DE17DAED058CC74B0121D569EEF ] avc3            C:\Windows\system32\DRIVERS\avc3.sys
09:03:01.0306 0x1870  avc3 - ok
09:03:01.0306 0x1870  [ 075AE98458B00E98F3104D777C062032, 3447D7E2439B8EE89047E3C43973490F47129C416A983B72F86EF67EB349F794 ] avchv           C:\Windows\system32\DRIVERS\avchv.sys
09:03:01.0321 0x1870  avchv - ok
09:03:01.0337 0x1870  [ D1A0A4A314FCE6478F2E8C05D8DABC5B, 2EF0DE520081AB82B53733209EB1791D99ADA5E0F9E94B0EAC56E4609CB67D72 ] avckf           C:\Windows\system32\DRIVERS\avckf.sys
09:03:01.0368 0x1870  avckf - ok
09:03:01.0368 0x1870  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
09:03:01.0384 0x1870  AxInstSV - ok
09:03:01.0399 0x1870  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
09:03:01.0415 0x1870  b06bdrv - ok
09:03:01.0430 0x1870  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
09:03:01.0430 0x1870  b57nd60a - ok
09:03:01.0446 0x1870  [ 1E20AEB58EB2D2DF3D43E255771079D7, EE2EA1B03550ADFCE940FA1BBD818A3BFA8DCB00CDA1D654E10F701A0C10E23C ] BdDesktopParental C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe
09:03:01.0462 0x1870  BdDesktopParental - ok
09:03:01.0462 0x1870  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
09:03:01.0477 0x1870  BDESVC - ok
09:03:01.0477 0x1870  [ 9A9A632AA25D4B33BFA9D3202DEA0E87, 438FFDD092197BAFE86609D545E9218103F1BE25A49BF30C62E546BE3360C2CA ] BdfNdisf        c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys
09:03:01.0493 0x1870  BdfNdisf - ok
09:03:01.0493 0x1870  [ EC80614A72BC7039D2B22E3DD6C15895, 932260AB126523428B884034162E3619E1B7FA13720F830783B592AAE825AC86 ] bdfwfpf         C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
09:03:01.0508 0x1870  bdfwfpf - ok
09:03:01.0508 0x1870  [ C0247341C1BCD7FF2742821D0AD7AFBC, EC2B246F3233302DB540394AC0F11F294CA16FB9E44110126CC9807BAC20EA35 ] bdfwfpf_pc      C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys
09:03:01.0524 0x1870  bdfwfpf_pc - ok
09:03:01.0524 0x1870  [ 50F796CB1E8C80F3D19435CB50C3DAB5, 20CE5C1242F8D0DFEE13C8D07EF1A67F670A078BA44E810A3A042C6A060FACC9 ] BDVEDISK        C:\Windows\system32\DRIVERS\bdvedisk.sys
09:03:01.0540 0x1870  BDVEDISK - ok
09:03:01.0540 0x1870  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
09:03:01.0571 0x1870  Beep - ok
09:03:01.0586 0x1870  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
09:03:01.0602 0x1870  BFE - ok
09:03:01.0633 0x1870  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
09:03:01.0664 0x1870  BITS - ok
09:03:01.0680 0x1870  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
09:03:01.0680 0x1870  blbdrive - ok
09:03:01.0696 0x1870  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:03:01.0711 0x1870  Bonjour Service - ok
09:03:01.0711 0x1870  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
09:03:01.0727 0x1870  bowser - ok
09:03:01.0727 0x1870  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
09:03:01.0742 0x1870  BrFiltLo - ok
09:03:01.0742 0x1870  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
09:03:01.0758 0x1870  BrFiltUp - ok
09:03:01.0758 0x1870  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
09:03:01.0774 0x1870  Browser - ok
09:03:01.0774 0x1870  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
09:03:01.0789 0x1870  Brserid - ok
09:03:01.0805 0x1870  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
09:03:01.0805 0x1870  BrSerWdm - ok
09:03:01.0820 0x1870  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
09:03:01.0820 0x1870  BrUsbMdm - ok
09:03:01.0820 0x1870  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
09:03:01.0836 0x1870  BrUsbSer - ok
09:03:01.0836 0x1870  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
09:03:01.0852 0x1870  BthEnum - ok
09:03:01.0852 0x1870  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
09:03:01.0867 0x1870  BTHMODEM - ok
09:03:01.0867 0x1870  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
09:03:01.0883 0x1870  BthPan - ok
09:03:01.0898 0x1870  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
09:03:01.0914 0x1870  BTHPORT - ok
09:03:01.0930 0x1870  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
09:03:01.0945 0x1870  bthserv - ok
09:03:01.0961 0x1870  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
09:03:01.0961 0x1870  BTHUSB - ok
09:03:01.0976 0x1870  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
09:03:01.0992 0x1870  cdfs - ok
09:03:02.0008 0x1870  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
09:03:02.0023 0x1870  cdrom - ok
09:03:02.0023 0x1870  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
09:03:02.0054 0x1870  CertPropSvc - ok
09:03:02.0054 0x1870  [ 6FED735D3B808D51C725C886E8F53116, 7DABDFA995C1323E222D7D5AE7F3AE28E11703E21430EA7B7B16B12DF0102B86 ] CGVPNCliService C:\Program Files\CyberGhost 5\Service.exe
09:03:02.0070 0x1870  CGVPNCliService - ok
09:03:02.0070 0x1870  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
09:03:02.0086 0x1870  circlass - ok
09:03:02.0101 0x1870  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
09:03:02.0117 0x1870  CLFS - ok
09:03:02.0179 0x1870  [ 7A36AD856A17AFB1EBAAD3C5BF1362A1, 9779501A2B733B6F2855E421115C0123AC3A67715E7E7C85ACED58939DC0883D ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
09:03:02.0242 0x1870  ClickToRunSvc - ok
09:03:02.0257 0x1870  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:03:02.0273 0x1870  clr_optimization_v2.0.50727_32 - ok
09:03:02.0273 0x1870  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:03:02.0288 0x1870  clr_optimization_v2.0.50727_64 - ok
09:03:02.0304 0x1870  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:03:02.0320 0x1870  clr_optimization_v4.0.30319_32 - ok
09:03:02.0320 0x1870  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:03:02.0335 0x1870  clr_optimization_v4.0.30319_64 - ok
09:03:02.0335 0x1870  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
09:03:02.0351 0x1870  CmBatt - ok
09:03:02.0351 0x1870  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
09:03:02.0366 0x1870  cmdide - ok
09:03:02.0366 0x1870  [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG             C:\Windows\system32\Drivers\cng.sys
09:03:02.0398 0x1870  CNG - ok
09:03:02.0398 0x1870  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
09:03:02.0413 0x1870  Compbatt - ok
09:03:02.0413 0x1870  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
09:03:02.0429 0x1870  CompositeBus - ok
09:03:02.0429 0x1870  COMSysApp - ok
09:03:02.0444 0x1870  [ A54BDF623D0716DDD9BDED860C2DAFE2, 9D348A3FD59EFCB7176EC561DAB110E4C77441DCF1D4E6AB4ADD2DE8415EF43E ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
09:03:02.0476 0x1870  cphs - ok
09:03:02.0476 0x1870  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
09:03:02.0491 0x1870  crcdisk - ok
09:03:02.0507 0x1870  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
09:03:02.0507 0x1870  CryptSvc - ok
09:03:02.0522 0x1870  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
09:03:02.0569 0x1870  DcomLaunch - ok
09:03:02.0569 0x1870  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
09:03:02.0600 0x1870  defragsvc - ok
09:03:02.0616 0x1870  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
09:03:02.0632 0x1870  DfsC - ok
09:03:02.0647 0x1870  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
09:03:02.0663 0x1870  Dhcp - ok
09:03:02.0694 0x1870  [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack       C:\Windows\system32\diagtrack.dll
09:03:02.0725 0x1870  DiagTrack - ok
09:03:02.0741 0x1870  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
09:03:02.0756 0x1870  discache - ok
09:03:02.0772 0x1870  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
09:03:02.0772 0x1870  Disk - ok
09:03:02.0788 0x1870  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
09:03:02.0803 0x1870  Dnscache - ok
09:03:02.0803 0x1870  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
09:03:02.0834 0x1870  dot3svc - ok
09:03:02.0834 0x1870  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
09:03:02.0866 0x1870  DPS - ok
09:03:02.0881 0x1870  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
09:03:02.0881 0x1870  drmkaud - ok
09:03:02.0912 0x1870  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
09:03:02.0928 0x1870  DXGKrnl - ok
09:03:02.0944 0x1870  [ B3B6BE0C21B3CF9DA5FEE9E999B1F4A0, F660FA54D9282A1BF0AD22B7432F1EDC14C675C0B23653728B6A74256D0BAA6B ] e1dexpress      C:\Windows\system32\DRIVERS\e1d62x64.sys
09:03:02.0975 0x1870  e1dexpress - ok
09:03:02.0975 0x1870  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
09:03:03.0006 0x1870  EapHost - ok
09:03:03.0068 0x1870  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
09:03:03.0146 0x1870  ebdrv - ok
09:03:03.0146 0x1870  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] EFS             C:\Windows\System32\lsass.exe
09:03:03.0162 0x1870  EFS - ok
09:03:03.0178 0x1870  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
09:03:03.0193 0x1870  ehRecvr - ok
09:03:03.0209 0x1870  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
09:03:03.0209 0x1870  ehSched - ok
09:03:03.0224 0x1870  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
09:03:03.0240 0x1870  elxstor - ok
09:03:03.0256 0x1870  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
09:03:03.0256 0x1870  ErrDev - ok
09:03:03.0271 0x1870  [ F0398A8040D902ED669B5C8C64AD855D, 77B784A6105E34F4ED480993F36B28C68F16080EB590623CBE8DE022274DA359 ] ESProtectionDriver C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys
09:03:03.0271 0x1870  ESProtectionDriver - ok
09:03:03.0287 0x1870  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
09:03:03.0318 0x1870  EventSystem - ok
09:03:03.0334 0x1870  [ ADAC76188512444B5D351EDDEB3A392B, 1C8D6B98C6A1361B0E8E55D8C95E1ECAD41E18B8987F9D78AAFCDEDB3B05CDDF ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
09:03:03.0365 0x1870  EvtEng - ok
09:03:03.0365 0x1870  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
09:03:03.0396 0x1870  exfat - ok
09:03:03.0396 0x1870  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
09:03:03.0427 0x1870  fastfat - ok
09:03:03.0443 0x1870  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
09:03:03.0474 0x1870  Fax - ok
09:03:03.0474 0x1870  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
09:03:03.0490 0x1870  fdc - ok
09:03:03.0490 0x1870  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
09:03:03.0521 0x1870  fdPHost - ok
09:03:03.0521 0x1870  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
09:03:03.0552 0x1870  FDResPub - ok
09:03:03.0552 0x1870  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
09:03:03.0568 0x1870  FileInfo - ok
09:03:03.0568 0x1870  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
09:03:03.0599 0x1870  Filetrace - ok
09:03:03.0599 0x1870  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
09:03:03.0599 0x1870  flpydisk - ok
09:03:03.0614 0x1870  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
09:03:03.0630 0x1870  FltMgr - ok
09:03:03.0646 0x1870  [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache       C:\Windows\system32\FntCache.dll
09:03:03.0677 0x1870  FontCache - ok
09:03:03.0692 0x1870  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:03:03.0708 0x1870  FontCache3.0.0.0 - ok
09:03:03.0708 0x1870  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
09:03:03.0708 0x1870  FsDepends - ok
09:03:03.0724 0x1870  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
09:03:03.0724 0x1870  Fs_Rec - ok
09:03:03.0739 0x1870  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
09:03:03.0755 0x1870  fvevol - ok
09:03:03.0755 0x1870  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
09:03:03.0770 0x1870  gagp30kx - ok
09:03:03.0770 0x1870  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:03:03.0770 0x1870  GEARAspiWDM - ok
09:03:03.0802 0x1870  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
09:03:03.0833 0x1870  gpsvc - ok
09:03:03.0848 0x1870  [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:03:03.0864 0x1870  gupdate - ok
09:03:03.0864 0x1870  [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:03:03.0895 0x1870  gupdatem - ok
09:03:03.0895 0x1870  [ 4250E0978FBC9B3C0D115CD26C5BA9F4, 5674E267D9053BDF185A73C689CB125EE70AE14C7F2D0E37718379F425EBDC01 ] gzflt           C:\Windows\system32\DRIVERS\gzflt.sys
09:03:03.0911 0x1870  gzflt - ok
09:03:03.0911 0x1870  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
09:03:03.0926 0x1870  hcw85cir - ok
09:03:03.0926 0x1870  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:03:03.0958 0x1870  HdAudAddService - ok
09:03:03.0958 0x1870  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
09:03:03.0973 0x1870  HDAudBus - ok
09:03:03.0973 0x1870  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
09:03:03.0989 0x1870  HidBatt - ok
09:03:03.0989 0x1870  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
09:03:04.0004 0x1870  HidBth - ok
09:03:04.0004 0x1870  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
09:03:04.0020 0x1870  HidIr - ok
09:03:04.0020 0x1870  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
09:03:04.0051 0x1870  hidserv - ok
09:03:04.0051 0x1870  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
09:03:04.0067 0x1870  HidUsb - ok
09:03:04.0067 0x1870  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
09:03:04.0098 0x1870  hkmsvc - ok
09:03:04.0098 0x1870  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:03:04.0114 0x1870  HomeGroupListener - ok
09:03:04.0129 0x1870  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:03:04.0145 0x1870  HomeGroupProvider - ok
09:03:04.0145 0x1870  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
09:03:04.0160 0x1870  HpSAMD - ok
09:03:04.0176 0x1870  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
09:03:04.0192 0x1870  HTTP - ok
09:03:04.0207 0x1870  [ E5805896A55D4166C20F216249F40FA3, F426BF60D5B916E7A778EF24C49FE1FFE1B2977C2ABD2977FD5C38C6E6CB139F ] HWiNFO32        C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS
09:03:04.0207 0x1870  HWiNFO32 - ok
09:03:04.0207 0x1870  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
09:03:04.0223 0x1870  hwpolicy - ok
09:03:04.0223 0x1870  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
09:03:04.0238 0x1870  i8042prt - ok
09:03:04.0270 0x1870  [ 12859E1215AA083A42E7ADCDE5C061D1, 262F9C65C3FA7EB69C4FA7C6547E1C79DB49697A083309909BC78726A116557F ] iaStorA         C:\Windows\system32\DRIVERS\iaStorA.sys
09:03:04.0316 0x1870  iaStorA - ok
09:03:04.0316 0x1870  [ 91F97C1A0ABCD7FA487E8EF7A249C15C, 834D85B7833DD1EDE0938320A68237315F60263ABCB6714974E711EBA91178E9 ] iaStorF         C:\Windows\system32\DRIVERS\iaStorF.sys
09:03:04.0332 0x1870  iaStorF - ok
09:03:04.0332 0x1870  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
09:03:04.0348 0x1870  iaStorV - ok
09:03:04.0363 0x1870  [ AC2188307BAF6EA585FF6ADB18CA46CE, D4F4BA137D02F58EF90C94E80F76AB57DB49B6B279B431A614F18BDA40917D88 ] IBMPMDRV        C:\Windows\system32\DRIVERS\ibmpmdrv.sys
09:03:04.0363 0x1870  IBMPMDRV - ok
09:03:04.0379 0x1870  [ 9996A667B3AA4DD699C087342F2C7B11, C8AA0F2469CB1CCC3674EB0A19EE9D50190815BB64AC59383D5468B800F50DDA ] IBMPMSVC        C:\Windows\system32\ibmpmsvc.exe
09:03:04.0394 0x1870  IBMPMSVC - ok
09:03:04.0410 0x1870  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:03:04.0426 0x1870  idsvc - ok
09:03:04.0441 0x1870  IEEtwCollectorService - ok
09:03:04.0504 0x1870  [ 623DB9620F552B480690AD882AFACED1, F44039122CF6001CB40A4032D3C108D9A83F06FC700A5B47D83EF605F83C9D2F ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
09:03:04.0597 0x1870  igfx - ok
09:03:04.0613 0x1870  [ D7C012C452D33F6E5BBE4E225BCBBB5C, 12686A543AC07EB5EE135A74199EBB4B5B33183C98720FD08A2A9248277D6428 ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
09:03:04.0613 0x1870  igfxCUIService1.0.0.0 - ok
09:03:04.0628 0x1870  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
09:03:04.0628 0x1870  iirsp - ok
09:03:04.0660 0x1870  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
09:03:04.0675 0x1870  IKEEXT - ok
09:03:04.0753 0x1870  [ F121B8C45FE6550D9E2DBC40C0A2E408, 08010538C876ABA196C546D603893339E7A117B5F98C0C2AF9451B627EEB4FE7 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
09:03:04.0847 0x1870  IntcAzAudAddService - ok
09:03:04.0862 0x1870  [ 8E4044C6B71B2F837166F6EDB6BF9100, 441A4EA0C3EF686B8B7884EC96FD8EE1017EB3F462FB4376638F461E41D97C72 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
09:03:04.0878 0x1870  IntcDAud - ok
09:03:04.0894 0x1870  [ 0DB1E3F6189C628675F855C0EB510419, 989F539E82105019D2D81255369B96DC65826CD2A421DA09809155B26F69C555 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
09:03:04.0909 0x1870  Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
09:03:06.0360 0x28a8  Object required for P2P: [ B3B6BE0C21B3CF9DA5FEE9E999B1F4A0 ] e1dexpress
09:03:07.0702 0x1870  Detect skipped due to KSN trusted
09:03:07.0717 0x1870  Intel(R) Capability Licensing Service Interface - ok
09:03:07.0733 0x1870  [ 492AAF2FF66F437F0E796574B116EFC3, 6BF21C61ED05705DD58203952A750D1AB4D4B62F3A2B640BBBD9B85D1ECC3E5C ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
09:03:07.0764 0x1870  Intel(R) Capability Licensing Service TCP IP Interface - ok
09:03:07.0764 0x1870  [ 6D48198E80739B912A42D5CC57EE3405, A6537ECAFBD48A28441E4B4AF89EBA530C6316FE0B7E0721CDA5663DE5DFD905 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
09:03:07.0780 0x1870  Intel(R) ME Service - ok
09:03:07.0795 0x1870  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
09:03:07.0795 0x1870  intelide - ok
09:03:07.0811 0x1870  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
09:03:07.0811 0x1870  intelppm - ok
09:03:07.0826 0x1870  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
09:03:07.0842 0x1870  IPBusEnum - ok
09:03:07.0858 0x1870  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:03:07.0873 0x1870  IpFilterDriver - ok
09:03:07.0889 0x1870  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
09:03:07.0920 0x1870  iphlpsvc - ok
09:03:07.0920 0x1870  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
09:03:07.0936 0x1870  IPMIDRV - ok
09:03:07.0936 0x1870  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
09:03:07.0967 0x1870  IPNAT - ok
09:03:07.0982 0x1870  [ E8D96F840994291789F0CDE6800AC1A4, 35B39474B6385DA828D4212047F5C94775FC3C55E8C72EAA503D763D86F9BFB7 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
09:03:07.0998 0x1870  iPod Service - ok
09:03:07.0998 0x1870  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
09:03:08.0014 0x1870  IRENUM - ok
09:03:08.0014 0x1870  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
09:03:08.0029 0x1870  isapnp - ok
09:03:08.0029 0x1870  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
09:03:08.0045 0x1870  iScsiPrt - ok
09:03:08.0060 0x1870  [ 78D369F8A81A341109FBA1DB64B4C512, E584F693255CCBF7006E7D35984149CF599BB0849A8F02EFDD6223DF0D606049 ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
09:03:08.0060 0x1870  iusb3hcs - ok
09:03:08.0076 0x1870  [ 5B632ABA038CE2E2D5D2D1115C6B26D1, 605A8FFA704E4369CF9D17DF8630DC9E196B8920D47F1CC5151759E60B234C1F ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
09:03:08.0092 0x1870  iusb3hub - ok
09:03:08.0107 0x1870  [ EA841584EF59528D11F20355770E427E, 515737761BB2A0A233F4AD141E28D93E3B9789320A15B7D5FB3DB5AC3CD8E249 ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
09:03:08.0123 0x1870  iusb3xhc - ok
09:03:08.0138 0x1870  [ 2AC7892765A9A44DEF6B2BBB81A04907, FB166331E0E1CCCDE985E549031CFD096BF2906A6A145E5495968764FF19ED47 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
09:03:08.0154 0x1870  jhi_service - ok
09:03:08.0154 0x1870  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
09:03:08.0170 0x1870  kbdclass - ok
09:03:08.0170 0x1870  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
09:03:08.0185 0x1870  kbdhid - ok
09:03:08.0185 0x1870  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] KeyIso          C:\Windows\system32\lsass.exe
09:03:08.0185 0x1870  KeyIso - ok
09:03:08.0201 0x1870  [ BCC83F22805F560C8A487F2F296A78FE, B6729B9D85CC3B9377E3143FEF920EFAA82D152845A43074417E9266C9F5C1A8 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
09:03:08.0201 0x1870  KSecDD - ok
09:03:08.0216 0x1870  [ 33D52A96BEEE8AFCE9E07EEC9FE0C9DB, 5367B46A43296792A0E6294906D40511079D5CAA23F08D5A7EDE02C06AD34484 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
09:03:08.0216 0x1870  KSecPkg - ok
09:03:08.0232 0x1870  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
09:03:08.0248 0x1870  ksthunk - ok
09:03:08.0263 0x1870  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
09:03:08.0294 0x1870  KtmRm - ok
09:03:08.0310 0x1870  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
09:03:08.0341 0x1870  LanmanServer - ok
09:03:08.0341 0x1870  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:03:08.0372 0x1870  LanmanWorkstation - ok
09:03:08.0372 0x1870  [ BC381F006A302D01D20B0B5768AE3A94, 5DCBC9F6992C62D11001EF0340CA7813BD5AA84B74C990AC6889B81DBC8B9DBA ] LENOVO.MICMUTE  C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
09:03:08.0404 0x1870  LENOVO.MICMUTE - ok
09:03:08.0450 0x1870  [ C2BDC7EA68CAE9E9A088F77BAC88FB92, EBD7B98C00DD320DAAD39C15A8D9D49CB9F3691BF41F1553039F4060BAB29A24 ] LiveUpdateSvc   C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
09:03:08.0684 0x1870  LiveUpdateSvc - ok
09:03:08.0684 0x1870  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
09:03:08.0716 0x1870  lltdio - ok
09:03:08.0731 0x1870  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
09:03:08.0762 0x1870  lltdsvc - ok
09:03:08.0762 0x1870  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
09:03:08.0794 0x1870  lmhosts - ok
09:03:08.0809 0x1870  [ A792A1C031FC49F8C57818383F67B699, 76C5808415290A538193C16CFC6B2699CE94983C5C830882E7F5E47C2CCB9E76 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
09:03:08.0825 0x1870  LMS - ok
09:03:08.0840 0x1870  [ 30223D9D80819C55531F2CF0CCB7C355, 1CA88470D6ECCF84BE23A71B1198B42107789EFD6EE7A37B2F880380F888FC83 ] LSCWinService   C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
09:03:08.0856 0x1870  LSCWinService - ok
09:03:08.0856 0x1870  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
09:03:08.0872 0x1870  LSI_FC - ok
09:03:08.0872 0x1870  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
09:03:08.0887 0x1870  LSI_SAS - ok
09:03:08.0887 0x1870  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
09:03:08.0903 0x1870  LSI_SAS2 - ok
09:03:08.0903 0x1870  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
09:03:08.0918 0x1870  LSI_SCSI - ok
09:03:08.0918 0x1870  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
09:03:08.0950 0x1870  luafv - ok
09:03:08.0965 0x1870  [ 4774408EA07208FBC81E19367702D8EE, 52227ABBC59E040AF9C49996E3E7E1B08C9740987D3F90214933164B02B36645 ] MbaeSvc         C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
09:03:08.0996 0x1870  MbaeSvc - ok
09:03:08.0996 0x1870  [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
09:03:09.0012 0x1870  MBAMProtector - ok
09:03:09.0043 0x1870  [ AB176B9E59C0435499D83047D84EDD59, 85B826A3972CE9AD885313B69B9C60328B850257667D0EB65DDE890D0BB06361 ] MBAMScheduler   C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
09:03:09.0090 0x1870  MBAMScheduler - ok
09:03:09.0106 0x1870  [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
09:03:09.0152 0x1870  MBAMService - ok
09:03:09.0152 0x1870  [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
09:03:09.0168 0x1870  MBAMSwissArmy - ok
09:03:09.0168 0x1870  [ D61070CFAD43038DC56AEAD9BFE9CE2A, BD77AEF60E7FD2015CB14A464799304359547146C14A47F8D25274ACFA2E42D5 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
09:03:09.0184 0x1870  MBAMWebAccessControl - ok
09:03:09.0184 0x1870  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
09:03:09.0199 0x1870  Mcx2Svc - ok
09:03:09.0199 0x1870  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
09:03:09.0215 0x1870  megasas - ok
09:03:09.0215 0x1870  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
09:03:09.0230 0x1870  MegaSR - ok
09:03:09.0246 0x1870  [ F59C2E19189BEB21A57CB2CE32AE1618, 881E221B3FF4C65F89B215840CB16DE5A42BE2ED992344CC2C90FE7850CAE430 ] MEIx64          C:\Windows\system32\DRIVERS\TeeDriverx64.sys
09:03:09.0262 0x1870  MEIx64 - ok
09:03:09.0262 0x1870  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
09:03:09.0293 0x1870  MMCSS - ok
09:03:09.0293 0x1870  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
09:03:09.0308 0x28a8  Object send P2P result: true
09:03:09.0324 0x1870  Modem - ok
09:03:09.0324 0x1870  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
09:03:09.0340 0x1870  monitor - ok
09:03:09.0340 0x1870  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
09:03:09.0340 0x1870  mouclass - ok
09:03:09.0355 0x1870  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
09:03:09.0355 0x1870  mouhid - ok
09:03:09.0371 0x1870  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
09:03:09.0371 0x1870  mountmgr - ok
09:03:09.0386 0x1870  [ 9763F3C17AC8C095C4419482BD1484BA, 5E329D63ADF7ADAF615DF45F7A0C1E9528B1A5CEE50B6340CEE8584EFE285FB9 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:03:09.0402 0x1870  MozillaMaintenance - ok
09:03:09.0402 0x1870  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
09:03:09.0418 0x1870  mpio - ok
09:03:09.0418 0x1870  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
09:03:09.0449 0x1870  mpsdrv - ok
09:03:09.0464 0x1870  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
09:03:09.0511 0x1870  MpsSvc - ok
09:03:09.0527 0x1870  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
09:03:09.0527 0x1870  MRxDAV - ok
09:03:09.0542 0x1870  [ 73ADDCC406B86E7DA4416691E8E74BDA, 4EC970B9095E6DAA79BF7EFB92DF3F2C0AB0C46739AA36C171A262E05B63CBB5 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
09:03:09.0558 0x1870  mrxsmb - ok
09:03:09.0558 0x1870  [ 7C81098FBAF2EAF5B54B939F832B0F61, 999435DF4638ECB136D5BF1B84305A84B215BAB542E4D5301E57D28D507E11B3 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:03:09.0574 0x1870  mrxsmb10 - ok
09:03:09.0574 0x1870  [ ACB763673BCCE6C7B3B8F858C9FE4F1F, CCD49558F8A01A225AEAE60BF299BCA6E9399E39F4F553FABC36CADB164BBBC0 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:03:09.0589 0x1870  mrxsmb20 - ok
09:03:09.0589 0x1870  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
09:03:09.0605 0x1870  msahci - ok
09:03:09.0605 0x1870  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
09:03:09.0620 0x1870  msdsm - ok
09:03:09.0620 0x1870  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
09:03:09.0636 0x1870  MSDTC - ok
09:03:09.0652 0x1870  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
09:03:09.0667 0x1870  Msfs - ok
09:03:09.0667 0x1870  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
09:03:09.0698 0x1870  mshidkmdf - ok
09:03:09.0698 0x1870  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
09:03:09.0714 0x1870  msisadrv - ok
09:03:09.0714 0x1870  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
09:03:09.0745 0x1870  MSiSCSI - ok
09:03:09.0745 0x1870  msiserver - ok
09:03:09.0761 0x1870  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
09:03:09.0776 0x1870  MSKSSRV - ok
09:03:09.0792 0x1870  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
09:03:09.0808 0x1870  MSPCLOCK - ok
09:03:09.0808 0x1870  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
09:03:09.0839 0x1870  MSPQM - ok
09:03:09.0854 0x1870  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
09:03:09.0870 0x1870  MsRPC - ok
09:03:09.0870 0x1870  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
09:03:09.0886 0x1870  mssmbios - ok
09:03:09.0886 0x1870  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
09:03:09.0917 0x1870  MSTEE - ok
09:03:09.0917 0x1870  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
09:03:09.0917 0x1870  MTConfig - ok
09:03:09.0932 0x1870  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
09:03:09.0932 0x1870  Mup - ok
09:03:09.0948 0x1870  [ EBD7D5781E446C5F367F97944014BC7F, 86BAF4C4B0933CD9E26FEA98844A46FC3FE932A978F358B0CDB01ED87217EFB9 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
09:03:09.0964 0x1870  MyWiFiDHCPDNS - ok
09:03:09.0964 0x1870  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
09:03:10.0010 0x1870  napagent - ok
09:03:10.0010 0x1870  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
09:03:10.0042 0x1870  NativeWifiP - ok
09:03:10.0057 0x1870  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
09:03:10.0088 0x1870  NDIS - ok
09:03:10.0088 0x1870  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
09:03:10.0120 0x1870  NdisCap - ok
09:03:10.0120 0x1870  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
09:03:10.0151 0x1870  NdisTapi - ok
09:03:10.0151 0x1870  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
09:03:10.0182 0x1870  Ndisuio - ok
09:03:10.0182 0x1870  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
09:03:10.0213 0x1870  NdisWan - ok
09:03:10.0213 0x1870  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
09:03:10.0244 0x1870  NDProxy - ok
09:03:10.0244 0x1870  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
09:03:10.0276 0x1870  NetBIOS - ok
09:03:10.0276 0x1870  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
09:03:10.0307 0x1870  NetBT - ok
09:03:10.0322 0x1870  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] Netlogon        C:\Windows\system32\lsass.exe
09:03:10.0322 0x1870  Netlogon - ok
09:03:10.0338 0x1870  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
09:03:10.0369 0x1870  Netman - ok
09:03:10.0385 0x1870  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:03:10.0400 0x1870  NetMsmqActivator - ok
09:03:10.0400 0x1870  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:03:10.0416 0x1870  NetPipeActivator - ok
09:03:10.0432 0x1870  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
09:03:10.0463 0x1870  netprofm - ok
09:03:10.0478 0x1870  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:03:10.0494 0x1870  NetTcpActivator - ok
09:03:10.0494 0x1870  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:03:10.0510 0x1870  NetTcpPortSharing - ok
09:03:10.0588 0x1870  [ C808B1B6EE5DEA4144DB6199DE196E6F, 70A6E7C44C1AF13E2692CCB314942747D1BDADCD250C38BDFDE50F3B2810BC51 ] NETwNs64        C:\Windows\system32\DRIVERS\Netwsw02.sys
09:03:10.0681 0x1870  NETwNs64 - ok
09:03:10.0681 0x1870  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
09:03:10.0697 0x1870  nfrd960 - ok
09:03:10.0712 0x1870  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
09:03:10.0728 0x1870  NlaSvc - ok
09:03:10.0728 0x1870  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
09:03:10.0759 0x1870  Npfs - ok
09:03:10.0759 0x1870  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
09:03:10.0790 0x1870  nsi - ok
09:03:10.0790 0x1870  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
09:03:10.0822 0x1870  nsiproxy - ok
09:03:10.0853 0x1870  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
09:03:10.0900 0x1870  Ntfs - ok
09:03:10.0900 0x1870  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
09:03:10.0931 0x1870  Null - ok
09:03:10.0931 0x1870  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
09:03:10.0946 0x1870  nvraid - ok
09:03:10.0946 0x1870  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
09:03:10.0962 0x1870  nvstor - ok
09:03:10.0962 0x1870  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
09:03:10.0978 0x1870  nv_agp - ok
09:03:10.0978 0x1870  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
09:03:10.0993 0x1870  ohci1394 - ok
09:03:11.0009 0x1870  [ 11E0B35479C895888BA3D7F619DCFFF3, 6ED82C19898101EC00BD64A9F90595C3D20AD2D2902AA8765B740FB3B9312DDF ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:03:11.0009 0x1870  ose64 - ok
09:03:11.0118 0x1870  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:03:11.0227 0x1870  osppsvc - ok
09:03:11.0227 0x1870  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
09:03:11.0258 0x1870  p2pimsvc - ok
09:03:11.0258 0x1870  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
09:03:11.0274 0x1870  p2psvc - ok
09:03:11.0290 0x1870  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
09:03:11.0290 0x1870  Parport - ok
09:03:11.0305 0x1870  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
09:03:11.0305 0x1870  partmgr - ok
09:03:11.0321 0x1870  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
09:03:11.0336 0x1870  PcaSvc - ok
09:03:11.0336 0x1870  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
09:03:11.0352 0x1870  pci - ok
09:03:11.0352 0x1870  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
09:03:11.0368 0x1870  pciide - ok
09:03:11.0368 0x1870  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
09:03:11.0383 0x1870  pcmcia - ok
09:03:11.0383 0x1870  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
09:03:11.0399 0x1870  pcw - ok
09:03:11.0414 0x1870  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
09:03:11.0430 0x1870  PEAUTH - ok
09:03:11.0461 0x1870  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
09:03:11.0477 0x1870  PerfHost - ok
09:03:11.0508 0x1870  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
09:03:11.0555 0x1870  pla - ok
09:03:11.0570 0x1870  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
09:03:11.0586 0x1870  PlugPlay - ok
09:03:11.0586 0x1870  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
09:03:11.0602 0x1870  PNRPAutoReg - ok
09:03:11.0602 0x1870  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
09:03:11.0617 0x1870  PNRPsvc - ok
09:03:11.0633 0x1870  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
09:03:11.0664 0x1870  PolicyAgent - ok
09:03:11.0680 0x1870  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
09:03:11.0711 0x1870  Power - ok
09:03:11.0711 0x1870  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
09:03:11.0742 0x1870  PptpMiniport - ok
09:03:11.0742 0x1870  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
09:03:11.0758 0x1870  Processor - ok
09:03:11.0758 0x1870  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
09:03:11.0773 0x1870  ProfSvc - ok
09:03:11.0789 0x1870  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:03:11.0789 0x1870  ProtectedStorage - ok
09:03:11.0804 0x1870  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
09:03:11.0820 0x1870  Psched - ok
09:03:11.0851 0x1870  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
09:03:11.0898 0x1870  ql2300 - ok
09:03:11.0898 0x1870  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
09:03:11.0914 0x1870  ql40xx - ok
09:03:11.0914 0x1870  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
09:03:11.0945 0x1870  QWAVE - ok
09:03:11.0945 0x1870  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
09:03:11.0960 0x1870  QWAVEdrv - ok
09:03:11.0960 0x1870  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
09:03:11.0992 0x1870  RasAcd - ok
09:03:11.0992 0x1870  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
09:03:12.0023 0x1870  RasAgileVpn - ok
09:03:12.0023 0x1870  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
09:03:12.0054 0x1870  RasAuto - ok
09:03:12.0054 0x1870  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
09:03:12.0085 0x1870  Rasl2tp - ok
09:03:12.0101 0x1870  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
09:03:12.0132 0x1870  RasMan - ok
09:03:12.0132 0x1870  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
09:03:12.0163 0x1870  RasPppoe - ok
09:03:12.0163 0x1870  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
09:03:12.0194 0x1870  RasSstp - ok
09:03:12.0210 0x1870  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
09:03:12.0241 0x1870  rdbss - ok
09:03:12.0241 0x1870  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
09:03:12.0257 0x1870  rdpbus - ok
09:03:12.0257 0x1870  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
09:03:12.0272 0x1870  RDPCDD - ok
09:03:12.0288 0x1870  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
09:03:12.0304 0x1870  RDPENCDD - ok
09:03:12.0319 0x1870  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
09:03:12.0335 0x1870  RDPREFMP - ok
09:03:12.0350 0x1870  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
09:03:12.0350 0x1870  RdpVideoMiniport - ok
09:03:12.0366 0x1870  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
09:03:12.0382 0x1870  RDPWD - ok
09:03:12.0382 0x1870  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
09:03:12.0397 0x1870  rdyboost - ok
09:03:12.0397 0x1870  [ 6656FBF14F378A272682A4F91CBDCDAD, A31B9D61F91DEBA8FB622148A60106115BE4CAE06CE1FE1FA729C45BAD0C5294 ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
09:03:12.0413 0x1870  RegSrvc - ok
09:03:12.0428 0x1870  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
09:03:12.0444 0x1870  RemoteAccess - ok
09:03:12.0460 0x1870  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
09:03:12.0491 0x1870  RemoteRegistry - ok
09:03:12.0491 0x1870  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
09:03:12.0506 0x1870  RFCOMM - ok
09:03:12.0506 0x1870  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
09:03:12.0538 0x1870  RpcEptMapper - ok
09:03:12.0538 0x1870  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
09:03:12.0553 0x1870  RpcLocator - ok
09:03:12.0569 0x1870  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
09:03:12.0600 0x1870  RpcSs - ok
09:03:12.0616 0x1870  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
09:03:12.0631 0x1870  rspndr - ok
09:03:12.0647 0x1870  [ 2C139A3D76AD5F87506EEC0F11206E6F, C38BB56ADEFBF50F2BDF71DC04DD74112956A6614CA899A6069A82EF3D4E32BC ] RtlvVga         C:\Windows\system32\DRIVERS\RtlvVga.sys
09:03:12.0647 0x1870  RtlvVga - ok
09:03:12.0662 0x1870  [ FEAB5D20ECE485D6C0BD9FC9846F32B8, 4F7A0E5621634BBB9421E5C1178FA7AA20A21F367741EF2EE60DF23E161983DA ] RTSPER          C:\Windows\system32\DRIVERS\RtsPer.sys
09:03:12.0694 0x1870  RTSPER - ok
09:03:12.0694 0x1870  [ E228C336F195FA629D00B02F9FFC5667, 114F562882EF2A439EC4783029A977A53588F3870AED158B46F8DA51B4CB2715 ] SafeBox         C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
09:03:12.0709 0x1870  SafeBox - ok
09:03:12.0709 0x1870  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] SamSs           C:\Windows\system32\lsass.exe
09:03:12.0725 0x1870  SamSs - ok
09:03:12.0725 0x1870  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
09:03:12.0740 0x1870  sbp2port - ok
09:03:12.0740 0x1870  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
09:03:12.0772 0x1870  SCardSvr - ok
09:03:12.0772 0x1870  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
09:03:12.0803 0x1870  scfilter - ok
09:03:12.0818 0x1870  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
09:03:12.0865 0x1870  Schedule - ok
09:03:12.0865 0x1870  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
09:03:12.0896 0x1870  SCPolicySvc - ok
09:03:12.0896 0x1870  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
09:03:12.0912 0x1870  SDRSVC - ok
09:03:12.0912 0x1870  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
09:03:12.0928 0x1870  secdrv - ok
09:03:12.0928 0x1870  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
09:03:12.0959 0x1870  seclogon - ok
09:03:12.0959 0x1870  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
09:03:12.0990 0x1870  SENS - ok
09:03:12.0990 0x1870  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
09:03:13.0006 0x1870  SensrSvc - ok
09:03:13.0006 0x1870  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
09:03:13.0021 0x1870  Serenum - ok
09:03:13.0021 0x1870  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
09:03:13.0037 0x1870  Serial - ok
09:03:13.0037 0x1870  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
09:03:13.0037 0x1870  sermouse - ok
09:03:13.0052 0x1870  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
09:03:13.0084 0x1870  SessionEnv - ok
09:03:13.0084 0x1870  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
09:03:13.0099 0x1870  sffdisk - ok
09:03:13.0099 0x1870  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
09:03:13.0115 0x1870  sffp_mmc - ok
09:03:13.0115 0x1870  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
09:03:13.0130 0x1870  sffp_sd - ok
09:03:13.0130 0x1870  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
09:03:13.0130 0x1870  sfloppy - ok
09:03:13.0146 0x1870  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
09:03:13.0177 0x1870  SharedAccess - ok
09:03:13.0193 0x1870  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:03:13.0224 0x1870  ShellHWDetection - ok
09:03:13.0224 0x1870  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
09:03:13.0240 0x1870  SiSRaid2 - ok
09:03:13.0240 0x1870  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
09:03:13.0255 0x1870  SiSRaid4 - ok
09:03:13.0271 0x1870  [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
09:03:13.0286 0x1870  SkypeUpdate - ok
09:03:13.0302 0x1870  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
09:03:13.0318 0x1870  Smb - ok
09:03:13.0333 0x1870  [ C10B629AD8BD36BF8D376243D509AECA, 4F0972C53C817CB9D09A33D67269E383B64B2DEED00A6EA17DE94241E437C3BF ] SmbDrvI         C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
09:03:13.0333 0x1870  SmbDrvI - ok
09:03:13.0349 0x1870  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
09:03:13.0349 0x1870  SNMPTRAP - ok
09:03:13.0364 0x1870  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
09:03:13.0364 0x1870  spldr - ok
09:03:13.0380 0x1870  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
09:03:13.0396 0x1870  Spooler - ok
09:03:13.0474 0x1870  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
09:03:13.0567 0x1870  sppsvc - ok
09:03:13.0567 0x1870  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
09:03:13.0598 0x1870  sppuinotify - ok
09:03:13.0614 0x1870  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
09:03:13.0630 0x1870  srv - ok
09:03:13.0645 0x1870  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
09:03:13.0661 0x1870  srv2 - ok
09:03:13.0661 0x1870  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
09:03:13.0676 0x1870  srvnet - ok
09:03:13.0692 0x1870  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
09:03:13.0723 0x1870  SSDPSRV - ok
09:03:13.0723 0x1870  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
09:03:13.0754 0x1870  SstpSvc - ok
09:03:13.0770 0x1870  [ FD7D26CD1E671DCDC2112494747A3AE1, C8A85F10FD3F4F3FCEF40D46EEF88DB72290421DB5F99EEB818B2E1F69143D5D ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
09:03:13.0817 0x1870  Steam Client Service - ok
09:03:13.0817 0x1870  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
09:03:13.0817 0x1870  stexstor - ok
09:03:13.0832 0x1870  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
09:03:13.0864 0x1870  stisvc - ok
09:03:13.0864 0x1870  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
09:03:13.0879 0x1870  swenum - ok
09:03:13.0879 0x1870  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
09:03:13.0926 0x1870  swprv - ok
09:03:13.0942 0x1870  [ 689065E7BB1EB17D2A994AA92D2F1F5A, F3DE10148E4E6E6CA50D06799C7C75E154AB27AC533F761CFFF2CA38BB655AEA ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
09:03:13.0957 0x1870  SynTP - ok
09:03:13.0988 0x1870  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
09:03:14.0035 0x1870  SysMain - ok
09:03:14.0035 0x1870  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:03:14.0066 0x1870  TabletInputService - ok
09:03:14.0066 0x1870  [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
09:03:14.0066 0x1870  tap0901 - ok
09:03:14.0082 0x1870  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
09:03:14.0113 0x1870  TapiSrv - ok
09:03:14.0113 0x1870  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
09:03:14.0144 0x1870  TBS - ok
09:03:14.0191 0x1870  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
09:03:14.0238 0x1870  Tcpip - ok
09:03:14.0269 0x1870  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
09:03:14.0316 0x1870  TCPIP6 - ok
09:03:14.0316 0x1870  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
09:03:14.0332 0x1870  tcpipreg - ok
09:03:14.0332 0x1870  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
09:03:14.0347 0x1870  TDPIPE - ok
09:03:14.0347 0x1870  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
09:03:14.0363 0x1870  TDTCP - ok
09:03:14.0363 0x1870  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
09:03:14.0378 0x1870  tdx - ok
09:03:14.0378 0x1870  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
09:03:14.0394 0x1870  TermDD - ok
09:03:14.0410 0x1870  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
09:03:14.0425 0x1870  TermService - ok
09:03:14.0425 0x1870  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
09:03:14.0441 0x1870  Themes - ok
09:03:14.0456 0x1870  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
09:03:14.0488 0x1870  THREADORDER - ok
09:03:14.0488 0x1870  [ 3B4250CB21F95FFA64162389106F39BA, 2461E6D335D699F837908254FDA43C789D589FE90C9592B5B43D964CFDB43F11 ] TPHKLOAD        C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
09:03:14.0503 0x1870  TPHKLOAD - ok
09:03:14.0503 0x1870  [ 667EF334C512416712F14118E3382919, D59D3ED81E823A84885AA0787B020DAFBCA20303F1F5A37F37E5392C5C272F9D ] TPHKSVC         C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
09:03:14.0519 0x1870  TPHKSVC - ok
09:03:14.0519 0x1870  [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM             C:\Windows\system32\drivers\tpm.sys
09:03:14.0534 0x1870  TPM - ok
09:03:14.0534 0x1870  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
09:03:14.0566 0x1870  TrkWks - ok
09:03:14.0581 0x1870  [ 3E75A47D2DEFD2683DCA409572FBE8B2, 33964B1A05E045D3B878CDFD9F52A9086B4FA54D6D4D1DC38062D2874CACD4A0 ] trufos          C:\Windows\system32\DRIVERS\trufos.sys
09:03:14.0597 0x1870  trufos - ok
09:03:14.0612 0x1870  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:03:14.0628 0x1870  TrustedInstaller - ok
09:03:14.0644 0x1870  [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
09:03:14.0644 0x1870  tssecsrv - ok
09:03:14.0659 0x1870  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
09:03:14.0659 0x1870  TsUsbFlt - ok
09:03:14.0659 0x1870  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
09:03:14.0675 0x1870  TsUsbGD - ok
09:03:14.0675 0x1870  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
09:03:14.0706 0x1870  tunnel - ok
09:03:14.0722 0x1870  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
09:03:14.0722 0x1870  uagp35 - ok
09:03:14.0737 0x1870  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
09:03:14.0768 0x1870  udfs - ok
09:03:14.0768 0x1870  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
09:03:14.0784 0x1870  UI0Detect - ok
09:03:14.0784 0x1870  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
09:03:14.0800 0x1870  uliagpkx - ok
09:03:14.0800 0x1870  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
09:03:14.0815 0x1870  umbus - ok
09:03:14.0815 0x1870  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
09:03:14.0831 0x1870  UmPass - ok
09:03:14.0831 0x1870  [ C1C2C9231EBD263DB9C4F34DBB080B32, 25A046D8CC6674A47F3338E84661BF502D21C571C50643D9EF20D334CC27538C ] UPDATESRV       C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
09:03:14.0846 0x1870  UPDATESRV - ok
09:03:14.0846 0x1870  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
09:03:14.0893 0x1870  upnphost - ok
09:03:14.0893 0x1870  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
09:03:14.0909 0x1870  USBAAPL64 - ok
09:03:14.0909 0x1870  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
09:03:14.0924 0x1870  usbccgp - ok
09:03:14.0924 0x1870  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
09:03:14.0940 0x1870  usbcir - ok
09:03:14.0940 0x1870  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
09:03:14.0940 0x1870  usbehci - ok
09:03:14.0956 0x1870  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
09:03:14.0971 0x1870  usbhub - ok
09:03:14.0971 0x1870  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
09:03:14.0987 0x1870  usbohci - ok
09:03:14.0987 0x1870  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
09:03:15.0002 0x1870  usbprint - ok
09:03:15.0002 0x1870  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
09:03:15.0018 0x1870  usbscan - ok
09:03:15.0018 0x1870  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:03:15.0034 0x1870  USBSTOR - ok
09:03:15.0034 0x1870  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
09:03:15.0049 0x1870  usbuhci - ok
09:03:15.0049 0x1870  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
09:03:15.0065 0x1870  usbvideo - ok
09:03:15.0065 0x1870  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
09:03:15.0096 0x1870  UxSms - ok
09:03:15.0096 0x1870  [ 1A2FFD415B82AE5A246DA062585B0B79, 93D5840BC0C39BC8DEE29092DD4CBFFCF15DB2AAA0EF85ABC5DFDCA94B935C74 ] ValBioService   C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe
09:03:15.0112 0x1870  ValBioService - ok
09:03:15.0112 0x1870  [ 505FFD53872E16A39C135DDC8199B30B, 346E80982DE8A748C9EB5CB344070185199907158EE602F4FCD63B9BF50AA36C ] valWBFPolicyService C:\Windows\system32\valWBFPolicyService.exe
09:03:15.0127 0x1870  valWBFPolicyService - ok
09:03:15.0127 0x1870  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] VaultSvc        C:\Windows\system32\lsass.exe
09:03:15.0127 0x1870  VaultSvc - ok
09:03:15.0143 0x1870  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
09:03:15.0143 0x1870  vdrvroot - ok
09:03:15.0158 0x1870  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
09:03:15.0190 0x1870  vds - ok
09:03:15.0205 0x1870  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
09:03:15.0205 0x1870  vga - ok
09:03:15.0221 0x1870  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
09:03:15.0236 0x1870  VgaSave - ok
09:03:15.0252 0x1870  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
09:03:15.0268 0x1870  vhdmp - ok
09:03:15.0268 0x1870  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
09:03:15.0268 0x1870  viaide - ok
09:03:15.0299 0x1870  [ 8FC2FD775C7A3AB3B801A2BF1FF44E14, 2D071FFC15ECD151D37F340488CC43C5F750CB87DD7CFE187CFC1D35E93FCD3C ] vm331avs        C:\Windows\system32\Drivers\vm331avs.sys
09:03:15.0330 0x1870  vm331avs - ok
09:03:15.0330 0x1870  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
09:03:15.0346 0x1870  volmgr - ok
09:03:15.0346 0x1870  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
09:03:15.0361 0x1870  volmgrx - ok
09:03:15.0377 0x1870  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
09:03:15.0392 0x1870  volsnap - ok
09:03:15.0392 0x1870  [ 0F42C39016F82F345C0F2DB2D5B90EB4, 2E957E72BB8D0293F61FA7385BA9400DF7759E1E3D35FE24F3877A6460988F4D ] vpnva           C:\Windows\system32\DRIVERS\vpnva64-6.sys
09:03:15.0408 0x1870  vpnva - ok
09:03:15.0408 0x1870  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
09:03:15.0424 0x1870  vsmraid - ok
09:03:15.0455 0x1870  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
09:03:15.0517 0x1870  VSS - ok
09:03:15.0548 0x1870  [ 964C356C9AEEEE88B8B9B71D94042874, BE2BCA4923B5A246D40935D50827D0C233520BF2548B9DD98DE0310CFEC47EF1 ] VSSERV          C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
09:03:15.0580 0x1870  VSSERV - ok
09:03:15.0595 0x1870  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
09:03:15.0595 0x1870  vwifibus - ok
09:03:15.0611 0x1870  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
09:03:15.0611 0x1870  vwififlt - ok
09:03:15.0626 0x1870  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
09:03:15.0626 0x1870  vwifimp - ok
09:03:15.0642 0x1870  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
09:03:15.0673 0x1870  W32Time - ok
09:03:15.0689 0x1870  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
09:03:15.0689 0x1870  WacomPen - ok
09:03:15.0704 0x1870  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
09:03:15.0720 0x1870  WANARP - ok
09:03:15.0736 0x1870  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
09:03:15.0751 0x1870  Wanarpv6 - ok
09:03:15.0782 0x1870  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
09:03:15.0814 0x1870  WatAdminSvc - ok
09:03:15.0860 0x1870  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
09:03:15.0892 0x1870  wbengine - ok
09:03:15.0907 0x1870  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
09:03:15.0923 0x1870  WbioSrvc - ok
09:03:15.0923 0x1870  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
09:03:15.0954 0x1870  wcncsvc - ok
09:03:15.0954 0x1870  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:03:15.0970 0x1870  WcsPlugInService - ok
09:03:15.0970 0x1870  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
09:03:15.0970 0x1870  Wd - ok
09:03:16.0001 0x1870  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
09:03:16.0016 0x1870  Wdf01000 - ok
09:03:16.0016 0x1870  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
09:03:16.0032 0x1870  WdiServiceHost - ok
09:03:16.0032 0x1870  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
09:03:16.0048 0x1870  WdiSystemHost - ok
09:03:16.0063 0x1870  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
09:03:16.0079 0x1870  WebClient - ok
09:03:16.0079 0x1870  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
09:03:16.0110 0x1870  Wecsvc - ok
09:03:16.0126 0x1870  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
09:03:16.0157 0x1870  wercplsupport - ok
09:03:16.0157 0x1870  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
09:03:16.0188 0x1870  WerSvc - ok
09:03:16.0188 0x1870  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
09:03:16.0219 0x1870  WfpLwf - ok
09:03:16.0219 0x1870  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
09:03:16.0219 0x1870  WIMMount - ok
09:03:16.0235 0x1870  WinDefend - ok
09:03:16.0235 0x1870  WinHttpAutoProxySvc - ok
09:03:16.0250 0x1870  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
09:03:16.0282 0x1870  Winmgmt - ok
09:03:16.0313 0x1870  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
09:03:16.0375 0x1870  WinRM - ok
09:03:16.0375 0x1870  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
09:03:16.0391 0x1870  WinUsb - ok
09:03:16.0406 0x1870  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
09:03:16.0438 0x1870  Wlansvc - ok
09:03:16.0438 0x1870  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
09:03:16.0453 0x1870  WmiAcpi - ok
09:03:16.0469 0x1870  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
09:03:16.0469 0x1870  wmiApSrv - ok
09:03:16.0484 0x1870  WMPNetworkSvc - ok
09:03:16.0484 0x1870  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
09:03:16.0500 0x1870  WPCSvc - ok
09:03:16.0500 0x1870  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
09:03:16.0516 0x1870  WPDBusEnum - ok
09:03:16.0516 0x1870  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
09:03:16.0547 0x1870  ws2ifsl - ok
09:03:16.0547 0x1870  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
09:03:16.0562 0x1870  wscsvc - ok
09:03:16.0562 0x1870  WSearch - ok
09:03:16.0625 0x1870  [ 6075791ED85E47A2A2916B1F34582944, 25B5FAD161711875B38BDD014A26FA527C8EE4854D485989D19A72D5EBBA4054 ] wuauserv        C:\Windows\system32\wuaueng.dll
09:03:16.0687 0x1870  wuauserv - ok
09:03:16.0687 0x1870  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
09:03:16.0703 0x1870  WudfPf - ok
09:03:16.0703 0x1870  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
09:03:16.0718 0x1870  WUDFRd - ok
09:03:16.0718 0x1870  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
09:03:16.0734 0x1870  wudfsvc - ok
09:03:16.0750 0x1870  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
09:03:16.0765 0x1870  WwanSvc - ok
09:03:16.0843 0x1870  [ 3E7427F3D0AAF5E114BFFE86C9FBAAD2, 5226BE5E7B1873AD0ADC397139160F9A57D8F62C59E12A245EBF28B925DC8A6F ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
09:03:16.0921 0x1870  ZeroConfigService - ok
09:03:16.0937 0x1870  ================ Scan global ===============================
09:03:16.0937 0x1870  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
09:03:16.0937 0x1870  [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
09:03:16.0952 0x1870  [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
09:03:16.0968 0x1870  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
09:03:16.0968 0x1870  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
09:03:16.0984 0x1870  [ Global ] - ok
09:03:16.0984 0x1870  ================ Scan MBR ==================================
09:03:16.0984 0x1870  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:03:17.0420 0x1870  \Device\Harddisk0\DR0 - ok
09:03:17.0420 0x1870  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
09:03:17.0530 0x1870  \Device\Harddisk1\DR1 - ok
09:03:17.0530 0x1870  ================ Scan VBR ==================================
09:03:17.0530 0x1870  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition1
09:03:17.0530 0x1870  \Device\Harddisk0\DR0\Partition1 - ok
09:03:17.0545 0x1870  [ E03B42A3983FC50ABB4E5F236273695B ] \Device\Harddisk0\DR0\Partition2
09:03:17.0545 0x1870  \Device\Harddisk0\DR0\Partition2 - ok
09:03:17.0545 0x1870  [ 8322552E921FBE3A048CAFF74E8C6A33 ] \Device\Harddisk1\DR1\Partition1
09:03:17.0545 0x1870  \Device\Harddisk1\DR1\Partition1 - ok
09:03:17.0561 0x1870  [ 815566E4A582573FFE7D85862D9E9EBD ] \Device\Harddisk1\DR1\Partition2
09:03:17.0561 0x1870  \Device\Harddisk1\DR1\Partition2 - ok
09:03:17.0561 0x1870  ================ Scan generic autorun ======================
09:03:17.0561 0x1870  SynTPEnh - ok
09:03:17.0592 0x1870  [ 51C494FEE2AB2EAEF3EE7D9329098950, 9EF665FA7627462755D0B1BA5296AA89C972242784A05806AA0AEABC8E08BD4D ] C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
09:03:17.0639 0x1870  Bdagent - ok
09:03:17.0654 0x1870  [ 094E4E76FB9AB960A73F841BC6733F42, 01C1BFF17BEC6588E192EC4D7ACB74FC9B95ECA7CB8BB9585B04FC8EA73C3B43 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
09:03:17.0686 0x1870  USB3MON - ok
09:03:17.0701 0x1870  [ FA6220C7FDF2D94CFF82D45B72E5C929, C3E414388F8818EC4B3BEABC8ED16DE6CBF965A6603328A45AD6D9A1808F3E55 ] C:\Program Files (x86)\USB Camera\VM331STI.EXE
09:03:17.0748 0x1870  331BigDog - ok
09:03:17.0810 0x1870  [ 473CD6A860EF672D6DF5CABD2BDE35FB, F4F612CB3BA896D237460AB4A01C73D8495B2B12D4D03EC3598660B5D861DD55 ] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
09:03:17.0873 0x1870  Malwarebytes Anti-Exploit - ok
09:03:17.0904 0x1870  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
09:03:17.0935 0x1870  Sidebar - ok
09:03:17.0951 0x1870  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
09:03:17.0966 0x1870  mctadmin - ok
09:03:17.0982 0x1870  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
09:03:18.0013 0x1870  Sidebar - ok
09:03:18.0029 0x1870  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
09:03:18.0044 0x1870  mctadmin - ok
09:03:18.0060 0x1870  [ 53A6B1ED8BE0F7208FB72EF2580F71EC, 18799E69603DC0F67D56FA7A748FECFEDFD1CFFB8A12DC2B7E75035724B09303 ] C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
09:03:18.0076 0x1870  Bitdefender-Geldbörse-Agent - ok
09:03:18.0138 0x1870  [ 8D33759428539564CBF7008CA9FC5DA8, 5AC7B7554C21EC9A3D763E8E109549CF8999E4C04F2460F2DB56B0D84051D9B9 ] C:\Users\David\AppData\Roaming\Spotify\SpotifyWebHelper.exe
09:03:18.0200 0x1870  Spotify Web Helper - ok
09:03:18.0200 0x1870  [ B22CB67919EBAD88B0E8BB9CDA446010, 2F744FEAC48EDE7D6B6D2727F7DDFA80B26D9E3B0009741B00992B19AD85E128 ] C:\Windows\System32\StikyNot.exe
09:03:18.0232 0x1870  RESTART_STICKY_NOTES - ok
09:03:18.0232 0x1870  [ 0A81DF13C4AEAC053C0DCE6240DC05D4, 13900D6FA1E9221236E79567DB0C6143AB7FECD4431CA295C33A039D1170E06B ] C:\Program Files\CyberGhost 5\CyberGhost.exe
09:03:18.0263 0x1870  CyberGhost - ok
09:03:18.0263 0x1870  Skype - ok
09:03:18.0278 0x1870  [ 53A6B1ED8BE0F7208FB72EF2580F71EC, 18799E69603DC0F67D56FA7A748FECFEDFD1CFFB8A12DC2B7E75035724B09303 ] C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
09:03:18.0310 0x1870  Bitdefender-Geldbörse-Agent - ok
09:03:18.0310 0x1870  Waiting for KSN requests completion. In queue: 352
09:03:19.0324 0x1870  Waiting for KSN requests completion. In queue: 47
09:03:20.0338 0x1870  Waiting for KSN requests completion. In queue: 47
09:03:21.0133 0x2978  Object required for P2P: [ 8D33759428539564CBF7008CA9FC5DA8 ] C:\Users\David\AppData\Roaming\Spotify\SpotifyWebHelper.exe
09:03:21.0352 0x1870  Waiting for KSN requests completion. In queue: 3
09:03:22.0366 0x1870  Waiting for KSN requests completion. In queue: 3
09:03:23.0380 0x1870  Waiting for KSN requests completion. In queue: 3
09:03:24.0097 0x2978  Object send P2P result: true
09:03:24.0472 0x1870  AV detected via SS2: Bitdefender Antivirus, C:\Program Files\Bitdefender\Bitdefender 2015\wscfix.exe ( 18.18.0.1254 ), 0x41000 ( enabled : updated )
09:03:24.0472 0x1870  FW detected via SS2: Bitdefender Firewall, C:\Program Files\Bitdefender\Bitdefender 2015\wscfix.exe ( 18.18.0.1254 ), 0x41010 ( enabled )
09:03:27.0342 0x1870  ============================================================
09:03:27.0342 0x1870  Scan finished
09:03:27.0342 0x1870  ============================================================
09:03:27.0342 0x2624  Detected object count: 0
09:03:27.0342 0x2624  Actual detected object count: 0
         


Alt 26.12.2015, 11:02   #6
burningice
/// Malwareteam
 
Win7: Windows Installer defekt - Standard

Wo Win7: Windows Installer defekt Lösung!



Schritt 1

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset



Schritt 2
Downloade dir bitte Farbar Service Scanner Farbar Service Scanner
  • Starte das Tool mit Doppelklick auf die FSS.exe
  • Gehe sicher, dass folgende Optionen angehakt sind.
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Klicke auf Scan.
  • Wenn das Tool fertig ist, wird es eine FSS.txt in dem Verzeichnis erstellen, wo das Tool gelaufen ist.

Poste bitte den Inhalt hier.


__________________
--> Win7: Windows Installer defekt

Alt 26.12.2015, 22:49   #7
Tseet
/// TB-Schüler
 
Win7: Windows Installer defekt - Standard

Win7: Windows Installer defekt



Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=00e8f08053acbc47a312234afa0f437f
# end=init
# utc_time=2015-12-26 02:23:04
# local_time=2015-12-26 03:23:04 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 27366
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=00e8f08053acbc47a312234afa0f437f
# end=updated
# utc_time=2015-12-26 02:28:32
# local_time=2015-12-26 03:28:32 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=00e8f08053acbc47a312234afa0f437f
# engine=27366
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-12-26 09:32:27
# local_time=2015-12-26 10:32:27 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Bitdefender Antivirus'
# compatibility_mode=2065 16777213 100 100 29597 155014456 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 27317369 202795397 0 0
# scanned=210372
# found=1
# cleaned=0
# scan_time=25434
sh=924502C7D8E6F158C17FD7C3E9A87B5DBA834062 ft=1 fh=7eac0279e7527cbc vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\David\Desktop\Revo Uninstaller - CHIP-Installer.exe"
         
Code:
ATTFilter
Farbar Service Scanner Version: 10-06-2014
Ran by David (administrator) on 26-12-2015 at 22:48:53
Running from "C:\Users\David\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy: 
==================


System Restore:
============

System Restore Disabled Policy: 
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****
         

Alt 26.12.2015, 22:57   #8
burningice
/// Malwareteam
 
Win7: Windows Installer defekt - Standard

Win7: Windows Installer defekt



Kannst du andere Programme installieren? Oder hast du nur dieses Problem mit iTunes?

Schritt 1

Systemupdate-Vorbereitungstool (SURT)
  • Lade dir das passende Systemupdate-Vorbereitungstool von Microsoft >>hier<<
  • Starte das Tool und lass es in Ruhe laufen.

Hinweis: Das Tool kann länger dauern und es kann teilweise so aussehen, als würde es hängen, das ist aber ganz normal.
Schritt 2
Überprüfung der Systemintegrität
  • Klick auf Windows/Start
  • Gib im Suchfeld folgendes ein: cmd
  • Wähle die Eingabeaufforderung und starte sie als Administrator
  • Führe folgendes aus:
    Code:
    ATTFilter
    sfc /scannow
             

Bitte gehe in folgenden Ordner: C:\Windows\Logs
  • Gehe in den Ordner CBS und kopiere die CheckSur.log auf den Desktop
  • Gehe in den Ordner CBS und kopiere die cbs.log auf den Desktop
Erstelle daraus eine .zip Datei und füge sie bitte hier als Anhang an.
__________________
Mfg,
Rafael

~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~

Unterstütze uns mit einer Spende
......... Lob, Kritik oder Wünsche .........
.......... Folge uns auf Facebook ..........

Alt 27.12.2015, 00:32   #9
Tseet
/// TB-Schüler
 
Win7: Windows Installer defekt - Standard

Win7: Windows Installer defekt



Bis jetzt ist es mir nur bei iTunes aufgefallen. Aber kann auch die alte Version nicht deinstallieren, da kommt die selbe Meldung.
Angehängte Dateien
Dateityp: rar CheckSUR.rar (59,6 KB, 8x aufgerufen)

Alt 27.12.2015, 00:37   #10
burningice
/// Malwareteam
 
Win7: Windows Installer defekt - Standard

Win7: Windows Installer defekt [gelöst]



Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    iTunes

  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 



Funktioniert das?
Wenn ja, probiere ob du wieder iTunes installieren kannst.
__________________
Mfg,
Rafael

~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~

Unterstütze uns mit einer Spende
......... Lob, Kritik oder Wünsche .........
.......... Folge uns auf Facebook ..........

Alt 27.12.2015, 01:25   #11
Tseet
/// TB-Schüler
 
Win7: Windows Installer defekt - Standard

Win7: Windows Installer defekt [gelöst]



Aus irgendeinem Grund wird iTunes in der Liste nicht angezeigt und kann auch über die Suchfunktion nicht gefunden werden.

Habe iTunes jetzt mit GeekUninstaller samt Daten- und Registryresten entfernt, aber es geht trotzdem unverändert nicht...

Alt 27.12.2015, 19:52   #12
burningice
/// Malwareteam
 
Win7: Windows Installer defekt - Standard

Win7: Windows Installer defekt [gelöst]



Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
C:\Users\David\Desktop\Revo Uninstaller - CHIP-Installer.exe
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL Keine Datei  
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL Keine Datei  
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL Keine Datei  
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL Keine Datei 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
cmd: netsh winsock reset
CreateRestorePoint:
emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Schritt 2

Registry-Fix


Drücke bitte die + R Taste und schreibe notepad in das Ausführen Fenster.
Klicke auf OK und kopiere nun den Text aus der Codebox in das leere Textdokument:

Code:
ATTFilter
Windows Registry Editor Version 5.00
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\msiserver]
"DisplayName"="@%SystemRoot%\\system32\\msimsg.dll,-27"
"ImagePath"=hex(2):25,00,73,00,79,00,73,00,74,00,65,00,6d,00,72,00,6f,00,6f,00,\
  74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,6d,\
  00,73,00,69,00,65,00,78,00,65,00,63,00,20,00,2f,00,56,00,00,00
"Description"="@%SystemRoot%\\system32\\msimsg.dll,-32"
"ObjectName"="LocalSystem"
"ErrorControl"=dword:00000001
"Start"=dword:00000003
"Type"=dword:00000010
"DependOnService"=hex(7):72,00,70,00,63,00,73,00,73,00,00,00,00,00
"ServiceSidType"=dword:00000001
"RequiredPrivileges"=hex(7):53,00,65,00,54,00,63,00,62,00,50,00,72,00,69,00,76,\
  00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,43,00,72,00,65,00,61,00,\
  74,00,65,00,50,00,61,00,67,00,65,00,66,00,69,00,6c,00,65,00,50,00,72,00,69,\
  00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,4c,00,6f,00,63,00,\
  6b,00,4d,00,65,00,6d,00,6f,00,72,00,79,00,50,00,72,00,69,00,76,00,69,00,6c,\
  00,65,00,67,00,65,00,00,00,53,00,65,00,49,00,6e,00,63,00,72,00,65,00,61,00,\
  73,00,65,00,42,00,61,00,73,00,65,00,50,00,72,00,69,00,6f,00,72,00,69,00,74,\
  00,79,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,\
  65,00,43,00,72,00,65,00,61,00,74,00,65,00,50,00,65,00,72,00,6d,00,61,00,6e,\
  00,65,00,6e,00,74,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,\
  00,00,53,00,65,00,41,00,75,00,64,00,69,00,74,00,50,00,72,00,69,00,76,00,69,\
  00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,53,00,65,00,63,00,75,00,72,00,\
  69,00,74,00,79,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,\
  00,53,00,65,00,43,00,68,00,61,00,6e,00,67,00,65,00,4e,00,6f,00,74,00,69,00,\
  66,00,79,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,\
  00,65,00,50,00,72,00,6f,00,66,00,69,00,6c,00,65,00,53,00,69,00,6e,00,67,00,\
  6c,00,65,00,50,00,72,00,6f,00,63,00,65,00,73,00,73,00,50,00,72,00,69,00,76,\
  00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,49,00,6d,00,70,00,65,00,\
  72,00,73,00,6f,00,6e,00,61,00,74,00,65,00,50,00,72,00,69,00,76,00,69,00,6c,\
  00,65,00,67,00,65,00,00,00,53,00,65,00,43,00,72,00,65,00,61,00,74,00,65,00,\
  47,00,6c,00,6f,00,62,00,61,00,6c,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,\
  00,67,00,65,00,00,00,53,00,65,00,41,00,73,00,73,00,69,00,67,00,6e,00,50,00,\
  72,00,69,00,6d,00,61,00,72,00,79,00,54,00,6f,00,6b,00,65,00,6e,00,50,00,72,\
  00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,52,00,65,00,\
  73,00,74,00,6f,00,72,00,65,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,\
  00,65,00,00,00,53,00,65,00,49,00,6e,00,63,00,72,00,65,00,61,00,73,00,65,00,\
  51,00,75,00,6f,00,74,00,61,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,\
  00,65,00,00,00,53,00,65,00,53,00,68,00,75,00,74,00,64,00,6f,00,77,00,6e,00,\
  50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,54,\
  00,61,00,6b,00,65,00,4f,00,77,00,6e,00,65,00,72,00,73,00,68,00,69,00,70,00,\
  50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,4c,\
  00,6f,00,61,00,64,00,44,00,72,00,69,00,76,00,65,00,72,00,50,00,72,00,69,00,\
  76,00,69,00,6c,00,65,00,67,00,65,00,00,00,00,00
"FailureActions"=hex:84,03,00,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\
  00,01,00,00,00,c0,d4,01,00,01,00,00,00,e0,93,04,00,00,00,00,00,00,00,00,00
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\msiserver\Enum]
"0"="Root\\LEGACY_MSISERVER\\0000"
"Count"=dword:00000001
"NextInstance"=dword:00000001
         
  • Speichere es nun als regfix.reg auf Deinem Desktop ab.
  • Achte dabei darauf, dass bei Datei-Typ "Alle Dateien" angegeben ist.
  • Mache nun einen Doppelklick auf die erstellte Datei.
  • Klicke auf Ja, und bestätige den weiteren Vorgang.
  • Starte den Rechner neu.

Wie verhält sich dein Problem?
__________________
Mfg,
Rafael

~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~

Unterstütze uns mit einer Spende
......... Lob, Kritik oder Wünsche .........
.......... Folge uns auf Facebook ..........

Alt 27.12.2015, 22:39   #13
Tseet
/// TB-Schüler
 
Win7: Windows Installer defekt - Standard

Win7: Windows Installer defekt [gelöst]



Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:25-12-2015
durchgeführt von David (2015-12-27 22:30:37) Run:1
Gestartet von C:\Users\David\Desktop
Geladene Profile: David (Verfügbare Profile: David & Test)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
C:\Users\David\Desktop\Revo Uninstaller - CHIP-Installer.exe
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL Keine Datei  
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL Keine Datei  
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL Keine Datei  
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL Keine Datei 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
cmd: netsh winsock reset
CreateRestorePoint:
emptytemp:
         
*****************

"C:\Users\David\Desktop\Revo Uninstaller - CHIP-Installer.exe" => nicht gefunden.
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000008" => Schlüssel erfolgreich entfernt
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000009" => Schlüssel erfolgreich entfernt
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\000000000008" => Schlüssel erfolgreich entfernt
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\000000000009" => Schlüssel erfolgreich entfernt
HKLM\System\CurrentControlSet\Control\SafeBoot\\Default => Wert erfolgreich wiederhergestellt
HKLM\System\CurrentControlSet\Control\SafeBoot\\AlternateShell => Wert erfolgreich wiederhergestellt
"HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot" => Schlüssel erfolgreich entfernt
HKLM\System\CurrentControlSet\Control\SafeBoot\\Default => Wert erfolgreich wiederhergestellt
HKLM\System\CurrentControlSet\Control\SafeBoot\\AlternateShell => Wert erfolgreich wiederhergestellt
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot" => Schlüssel erfolgreich entfernt

=========  netsh winsock reset =========

Die Initialisierungsfunktion InitHelperDll in NSHHTTP.DLL konnte nicht gestartet werden. Fehlercode 11003

Der Winsock-Katalog wurde zur�ckgesetzt.
Sie m�ssen den Computer neu starten, um den Vorgang abzuschlie�en.


========= Ende von CMD: =========

Wiederherstellungspunkt wurde erfolgreich erstellt.
EmptyTemp: => 1 GB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 22:31:06 ====
         
Leider alles unverändert

Alt 28.12.2015, 12:08   #14
burningice
/// Malwareteam
 
Win7: Windows Installer defekt - Standard

Win7: Windows Installer defekt [gelöst]



Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
cmd: reg query HKLM\SYSTEM\CurrentControlSet\Services\msiserver /s
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.

__________________
Mfg,
Rafael

~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~

Unterstütze uns mit einer Spende
......... Lob, Kritik oder Wünsche .........
.......... Folge uns auf Facebook ..........

Alt 28.12.2015, 12:45   #15
Tseet
/// TB-Schüler
 
Win7: Windows Installer defekt - Standard

Win7: Windows Installer defekt [gelöst]



Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:25-12-2015
durchgeführt von David (2015-12-28 12:44:20) Run:2
Gestartet von C:\Users\David\Desktop
Geladene Profile: David (Verfügbare Profile: David & Test)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
cmd: reg query HKLM\SYSTEM\CurrentControlSet\Services\msiserver /s
*****************


=========  reg query HKLM\SYSTEM\CurrentControlSet\Services\msiserver /s =========


HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\msiserver
    Type    REG_DWORD    0x10
    Start    REG_DWORD    0x3
    ErrorControl    REG_DWORD    0x1
    ImagePath    REG_EXPAND_SZ    %systemroot%\system32\msiexec /V
    DisplayName    REG_SZ    @%SystemRoot%\system32\msimsg.dll,-27
    WOW64    REG_DWORD    0x1
    ObjectName    REG_SZ    LocalSystem
    Description    REG_SZ    @%SystemRoot%\system32\msimsg.dll,-32
    DependOnService    REG_MULTI_SZ    rpcss
    ServiceSidType    REG_DWORD    0x1
    RequiredPrivileges    REG_MULTI_SZ    SeTcbPrivilege\0SeCreatePagefilePrivilege\0SeLockMemoryPrivilege\0SeIncreaseBasePriorityPrivilege\0SeCreatePermanentPrivilege\0SeAuditPrivilege\0SeSecurityPrivilege\0SeChangeNotifyPrivilege\0SeProfileSingleProcessPrivilege\0SeImpersonatePrivilege\0SeCreateGlobalPrivilege\0SeAssignPrimaryTokenPrivilege\0SeRestorePrivilege\0SeIncreaseQuotaPrivilege\0SeShutdownPrivilege\0SeTakeOwnershipPrivilege\0SeLoadDriverPrivilege
    FailureActions    REG_BINARY    840300000000000000000000030000001400000001000000C0D4010001000000E09304000000000000000000

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\msiserver\Enum
    0    REG_SZ    Root\LEGACY_MSISERVER\0000
    Count    REG_DWORD    0x1
    NextInstance    REG_DWORD    0x1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\msiserver\Security
    Security    REG_BINARY    01001480B4000000C0000000140000003000000002001C000100000002801400FF010F00010100000000000100000000020084000500000000002800FF010F00010600000000000550000000B589FB381984C2CB5C6C236D5700776EC002648700001400FF010F0001010000000000051200000000001800FF010F0001020000000000052000000020020000000014008D010200010100000000000504000000000014008D010200010100000000000506000000010100000000000512000000010100000000000512000000


========= Ende von CMD: =========


==== Ende von Fixlog 12:44:20 ====
         

Antwort

Themen zu Win7: Windows Installer defekt
abgesicherten, anleitung, datei, defekt, fehlermeldung, gen, geändert, hinweis, installiert, itunes, modus, neu, nichts, personal, probleme, registry, starten, super, system, thread, win, win7, windows, windows 7, windows installer, wirklich



Ähnliche Themen: Win7: Windows Installer defekt


  1. Win7/64Bit - Ungewollte Festplattenüberprüfung hängt. Defekt?
    Alles rund um Windows - 09.09.2015 (2)
  2. Windows 7: Trojaner - Windows Updates, Firewall defekt
    Log-Analyse und Auswertung - 20.03.2015 (24)
  3. Windows 8: Es tauchen stets Programme auf die ich nicht kenne (Windows installer usw.)
    Log-Analyse und Auswertung - 02.03.2015 (11)
  4. Zombie News Virus / Windows Version Installer - Windows 7
    Log-Analyse und Auswertung - 21.12.2014 (1)
  5. Windows 7: Windows Version Installer (Schadprogramm); Laptop läuft heiß, Lüfter arbeitet auf Hochleistung; Firefox stürzt ab.
    Log-Analyse und Auswertung - 07.11.2014 (17)
  6. Windows 7 : Windows Version Installer Overlay und Continue Live Installation.exe verschwindet nicht.
    Log-Analyse und Auswertung - 09.10.2014 (9)
  7. Win7 64bit "Windows Version installer, Continue VuuPC Installation, MyPC Backup, Advanced System Protector,..."
    Log-Analyse und Auswertung - 03.07.2014 (21)
  8. Windows Installer defekt
    Alles rund um Windows - 30.12.2013 (12)
  9. Rootkit.0Access.64 in C:\\Windows\Installer\ --> kein Windows Update?
    Plagegeister aller Art und deren Bekämpfung - 08.10.2012 (17)
  10. w32/patched.ub in c:\windows\system32\service.exe und BDS/ZAccess.V in c:\windows\installer.....
    Plagegeister aller Art und deren Bekämpfung - 29.09.2012 (4)
  11. Windows installer defekt
    Alles rund um Windows - 14.09.2012 (3)
  12. TR/ATRAPS.Gen2, TR/Sirefef.16896 (in C:\Windows\Installer\...) und W32/Patched.UA (C:\Windows\System32\services.exe)
    Plagegeister aller Art und deren Bekämpfung - 04.09.2012 (5)
  13. Windows Installer defekt | Updates werden nicht gemacht | fehlende Adminstratorrechte | BKA-Trojaner + Funde
    Plagegeister aller Art und deren Bekämpfung - 29.08.2012 (4)
  14. Windows 7 Home 64bit Windows Installer Problem
    Alles rund um Windows - 27.07.2011 (11)
  15. Windows Installer
    Mülltonne - 26.09.2008 (0)
  16. Windows XP ICS Defekt
    Netzwerk und Hardware - 25.09.2008 (4)
  17. Windows Installer
    Alles rund um Windows - 21.11.2004 (1)

Zum Thema Win7: Windows Installer defekt - Hallo, ich versuche jetzt schon seit Stunden iTunes zu installieren. Ich hab die Datei runtergeladen, habe sie ausgeführt und bekomme seitdem jedes Mal die Fehlermeldung "Auf den Windows Installer-Dienst konnte - Win7: Windows Installer defekt...
Archiv
Du betrachtest: Win7: Windows Installer defekt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.