Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
[Win8 64) InternetExplorer öffnet sich ohne in der taskleiste aufzutauchen, spielt Sound ab, lässt sich nur durch Task Manager beend

[Win8 64) InternetExplorer öffnet sich ohne in der taskleiste aufzutauchen, spielt Sound ab, lässt sich nur durch Task Manager beend


Log-Analyse und Auswertung: [Win8 64) InternetExplorer öffnet sich ohne in der taskleiste aufzutauchen, spielt Sound ab, lässt sich nur durch Task Manager beend

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 26.06.2014, 13:52   #1
Therbreg
 
[Win8 64) InternetExplorer öffnet sich ohne in der taskleiste aufzutauchen, spielt Sound ab, lässt sich nur durch Task Manager beend - Standard

[Win8 64) InternetExplorer öffnet sich ohne in der taskleiste aufzutauchen, spielt Sound ab, lässt sich nur durch Task Manager beend


Hallo liebes Trojaner-Board!

Seit ein paar Wochen öffnet sich immer de InternetExplorer bei mir im Hintergrund, wird aber nicht in der Taskleiste angezeigt und lässt sich nur mit dem Taskmanager beenden.
Ich poste euch mal die Log Dateien von FRST, und GMER:
FRST:
Code:
ATTFilter
FRST Logfile:
FRST Logfile:


	
Code: 

 
ATTFilter


  

	
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:25-06-2014
Ran by Thorgrem (administrator) on THERBREG on 26-06-2014 13:40:44
Running from C:\Users\Thorgrem\Downloads
Platform: Microsoft Windows 8.1 Pro (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(MAGIX AG) C:\Program Files\Common Files\MAGIX Shared\Database2\bin\FABS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(Saitek) C:\Program Files\SmartTechnology\Software\ProfilerU.exe
(Saitek) C:\Program Files\SmartTechnology\Software\SaiMfd.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Akamai Technologies, Inc.) C:\Users\Thorgrem\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Thorgrem\AppData\Local\Akamai\netsession_win.exe
(Spotify Ltd) C:\Users\Thorgrem\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Thorgrem\AppData\Roaming\Spotify\spotify.exe
() C:\Users\Thorgrem\AppData\Roaming\InetStat\inetstat.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
() C:\Users\Thorgrem\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Thorgrem\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Thorgrem\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Thorgrem\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Thorgrem\AppData\Local\Temp\GPUpd53ABF9460.exe
() C:\Users\Thorgrem\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Users\Thorgrem\Downloads\Defogger.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [750160 2014-06-26] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap.dll [1048152 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [748256 2014-04-17] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [182352 2014-05-05] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [ProfilerU] => C:\Program Files\SmartTechnology\Software\ProfilerU.exe [327680 2013-04-16] (Saitek)
HKLM\...\Run: [SaiMfd] => C:\Program Files\SmartTechnology\Software\SaiMfd.exe [122880 2013-04-16] (Saitek)
HKU\S-1-5-21-729715285-913791145-1909180566-1001\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-729715285-913791145-1909180566-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [631816 2014-05-29] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-729715285-913791145-1909180566-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.EXE [404080 2014-04-29] (CyberGhost S.R.L.)
HKU\S-1-5-21-729715285-913791145-1909180566-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Thorgrem\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-729715285-913791145-1909180566-1001\...\Run: [Spotify Web Helper] => C:\Users\Thorgrem\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-05-27] (Spotify Ltd)
HKU\S-1-5-21-729715285-913791145-1909180566-1001\...\Run: [Spotify] => C:\Users\Thorgrem\AppData\Roaming\Spotify\spotify.exe [6170168 2014-05-27] (Spotify Ltd)
HKU\S-1-5-21-729715285-913791145-1909180566-1001\...\Run: [InetStat] => C:\Users\Thorgrem\AppData\Roaming\InetStat\inetstat.exe [659470 2014-06-19] ()
HKU\S-1-5-21-729715285-913791145-1909180566-1001\...\Policies\Explorer: [DisallowRun] 1
AppInit_DLLs: C:\PROGRA~1\SupTab\SEARCH~1.DLL => C:\Program Files\SupTab\SearchProtect32.dll [91248 2014-05-08] (Skytech Co., Ltd.)
ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1403179653&from=irs&uid=ST3250823AS_4ND0JF5PXXXX4ND0JF5P&i=psd&t=3445c393b
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x63A1700B172FCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1403179653&from=irs&uid=ST3250823AS_4ND0JF5PXXXX4ND0JF5P&i=psd&t=3445c393b
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.v9.com/web/?type=ds&ts=1403179653&from=irs&uid=ST3250823AS_4ND0JF5PXXXX4ND0JF5P&i=psd&t=3445c393b&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1403179653&from=irs&uid=ST3250823AS_4ND0JF5PXXXX4ND0JF5P&i=psd&t=3445c393b
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1403179653&from=irs&uid=ST3250823AS_4ND0JF5PXXXX4ND0JF5P&i=psd&t=3445c393b
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.v9.com/web/?type=ds&ts=1403179653&from=irs&uid=ST3250823AS_4ND0JF5PXXXX4ND0JF5P&i=psd&t=3445c393b&q={searchTerms}
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.v9.com/web/?type=ds&ts=1403179653&from=irs&uid=ST3250823AS_4ND0JF5PXXXX4ND0JF5P&i=psd&t=3445c393b&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.v9.com/web/?type=ds&ts=1403179653&from=irs&uid=ST3250823AS_4ND0JF5PXXXX4ND0JF5P&i=psd&t=3445c393b&q={searchTerms}
SearchScopes: HKLM - {FB16A4F9-54C5-4F68-8D50-474449B462BE} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.v9.com/web/?type=ds&ts=1403179653&from=irs&uid=ST3250823AS_4ND0JF5PXXXX4ND0JF5P&i=psd&t=3445c393b&q={searchTerms}
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.v9.com/web/?type=ds&ts=1403179653&from=irs&uid=ST3250823AS_4ND0JF5PXXXX4ND0JF5P&i=psd&t=3445c393b&q={searchTerms}
SearchScopes: HKCU - {FB16A4F9-54C5-4F68-8D50-474449B462BE} URL = hxxp://www.sm.de/?q={searchTerms}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Thorgrem\AppData\Roaming\Mozilla\Firefox\Profiles\vsqfhgqo.default
FF NewTab: hxxp://www.v9.com/newtab/?type=nt&ts=1403179653&from=irs&uid=ST3250823AS_4ND0JF5PXXXX4ND0JF5P&i=psd&t=3445c393b
FF SearchEngineOrder.1: SuchMaschine
FF Homepage: hxxp://www.v9.com/?type=hppp&ts=1403506107&from=irs&uid=ST3250823AS_4ND0JF5PXXXX4ND0JF5P&i=psd&t=3448e0955
FF Keyword.URL: hxxp://www.sm.de/?q=
FF NetworkProxy: "http", "184.105.18.60"
FF NetworkProxy: "http_port", 7808
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/Lync,version=15.0 - C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Thorgrem\AppData\Roaming\Mozilla\Firefox\Profiles\vsqfhgqo.default\searchplugins\search_engine.xml
FF SearchPlugin: C:\Users\Thorgrem\AppData\Roaming\Mozilla\Firefox\Profiles\vsqfhgqo.default\searchplugins\youtube-videosuche.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\v9.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Amazon-Icon - C:\Users\Thorgrem\AppData\Roaming\Mozilla\Firefox\Profiles\vsqfhgqo.default\Extensions\amazon-icon@giga.de [2014-06-02]
FF Extension: Quick Start - C:\Users\Thorgrem\AppData\Roaming\Mozilla\Firefox\Profiles\vsqfhgqo.default\Extensions\quick_start@gmail.com [2014-06-19]
FF Extension: YouTube Unblocker - C:\Users\Thorgrem\AppData\Roaming\Mozilla\Firefox\Profiles\vsqfhgqo.default\Extensions\youtubeunblocker@unblocker.yt [2014-06-21]
FF Extension: DownloadHelper - C:\Users\Thorgrem\AppData\Roaming\Mozilla\Firefox\Profiles\vsqfhgqo.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-25]
FF Extension: Firebug - C:\Users\Thorgrem\AppData\Roaming\Mozilla\Firefox\Profiles\vsqfhgqo.default\Extensions\firebug@software.joehewitt.com.xpi [2014-06-19]
FF Extension: CSSAddon - C:\Users\Thorgrem\AppData\Roaming\Mozilla\Firefox\Profiles\vsqfhgqo.default\Extensions\{a31bea78-e3a8-4eb0-8fad-89e40aeaf15f}.xpi [2014-04-19]
FF Extension: Adblock Plus - C:\Users\Thorgrem\AppData\Roaming\Mozilla\Firefox\Profiles\vsqfhgqo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-15]
FF Extension: {fc118710-982f-446f-9772-5f125dbe1a6f} - C:\Users\Thorgrem\AppData\Roaming\Mozilla\Firefox\Profiles\vsqfhgqo.default\Extensions\{fc118710-982f-446f-9772-5f125dbe1a6f}.xpi [2014-04-19]
FF HKLM\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Thorgrem\AppData\Roaming\Mozilla\Firefox\Profiles\vsqfhgqo.default\extensions\quick_start@gmail.com
FF Extension: Quick Start - C:\Users\Thorgrem\AppData\Roaming\Mozilla\Firefox\Profiles\vsqfhgqo.default\extensions\quick_start@gmail.com [2014-06-19]

========================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [276992 2014-04-17] (Advanced Micro Devices, Inc.) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-06-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-06-26] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [124496 2014-05-05] (Avira Operations GmbH & Co. KG)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64624 2014-04-29] (CyberGhost S.R.L)
R2 Fabs; C:\Program Files\Common Files\MAGIX Shared\Database2\bin\FABS.exe [1155072 2008-12-16] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files\Common Files\MAGIX Shared\Database2\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®) [File not signed]
S3 fussvc; C:\Program Files\Windows Kits\8.1\App Certification Kit\fussvc.exe [140800 2014-02-19] (Microsoft Corporation) [File not signed]
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [704112 2014-05-08] (Cherished Technololgy LIMITED)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15904544 2014-02-05] (NVIDIA Corporation)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [134664 2014-05-29] (Sandboxie Holdings, LLC)
S3 ScDeviceEnum; C:\WINDOWS\System32\ScDeviceEnum.dll [105472 2013-08-22] (Microsoft Corporation)
S3 Te.Service; C:\Program Files\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [91136 2013-08-21] (Microsoft Corporation) [File not signed]
S3 TunngleService; C:\Program Files\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)
S3 UPnPService; C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [548864 2008-10-21] (Magix AG) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [279784 2014-03-24] (Microsoft Corporation)
S3 WEPHOSTSVC; C:\WINDOWS\system32\wephostsvc.dll [20992 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22224 2014-03-24] (Microsoft Corporation)
S3 workfolderssvc; C:\WINDOWS\system32\workfolderssvc.dll [1210368 2014-04-03] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [50400 2014-02-11] (Advanced Micro Devices)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [97648 2014-06-26] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [136216 2014-05-22] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [37352 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 BasicRender; C:\WINDOWS\System32\drivers\BasicRender.sys [25600 2014-02-22] (Microsoft Corporation)
S3 BthA2DP; C:\WINDOWS\system32\drivers\BthA2DP.sys [107648 2013-08-22] (Microsoft Corporation)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [243128 2014-06-19] (Disc Soft Ltd)
S3 GPIO; C:\WINDOWS\System32\drivers\iaiogpio.sys [22016 2013-07-23] (Intel Corporation)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [16256 2013-05-17] ()
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad32v.sys [34080 2013-12-27] (NVIDIA Corporation)
R3 SaiK1708; C:\WINDOWS\system32\DRIVERS\SaiK1708.sys [145216 2012-09-20] (Saitek)
R3 SaiMini; C:\WINDOWS\System32\drivers\SaiMini.sys [23200 2013-04-30] (Saitek)
R3 SaiNtBus; C:\WINDOWS\system32\drivers\SaiBus.sys [46624 2013-04-30] (Saitek)
R3 SaiU1708; C:\WINDOWS\System32\drivers\SaiU1708.sys [41280 2012-09-20] (Saitek)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [160264 2014-05-29] (Sandboxie Holdings, LLC)
R1 ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [28520 2014-02-25] (Avira GmbH)
R3 tap0901; C:\WINDOWS\system32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
R3 tap0901t; C:\WINDOWS\system32\DRIVERS\tap0901t.sys [27136 2009-09-16] (Tunngle.net)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [92504 2014-03-24] (Microsoft Corporation)
R0 Wof; C:\WINDOWS\system32\Drivers\Wof.sys [138584 2014-03-13] (Microsoft Corporation)
R3 WUDFSensorLP; C:\WINDOWS\System32\drivers\WUDFRd.sys [187392 2013-08-22] (Microsoft Corporation)
R3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [187392 2013-08-22] (Microsoft Corporation)
S3 ALSysIO; \??\C:\Users\Thorgrem\AppData\Local\Temp\ALSysIO.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-26 13:40 - 2014-06-26 13:41 - 00020137 _____ () C:\Users\Thorgrem\Downloads\FRST.txt
2014-06-26 13:40 - 2014-06-26 13:40 - 01073152 _____ (Farbar) C:\Users\Thorgrem\Downloads\FRST.exe
2014-06-26 13:40 - 2014-06-26 13:40 - 00000000 ____D () C:\FRST
2014-06-26 13:39 - 2014-06-26 13:39 - 00050477 _____ () C:\Users\Thorgrem\Downloads\Defogger.exe
2014-06-26 13:39 - 2014-06-26 13:39 - 00000548 _____ () C:\Users\Thorgrem\Downloads\defogger_disable.log
2014-06-26 13:39 - 2014-06-26 13:39 - 00000156 _____ () C:\Users\Thorgrem\defogger_reenable
2014-06-26 13:35 - 2014-06-26 13:35 - 00961360 _____ (Chip Digital GmbH) C:\Users\Thorgrem\Downloads\HijackThis - CHIP-Installer.exe
2014-06-22 19:19 - 2014-06-22 19:19 - 03067063 _____ () C:\Users\Thorgrem\Downloads\alle_chars_100_unskilled.zip
2014-06-22 19:11 - 2014-06-22 19:11 - 00000000 ____D () C:\WINDOWS\95FC26FB19FD4A96BBB1B1062E8648F5.TMP
2014-06-22 19:11 - 2014-06-22 19:11 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-06-21 22:32 - 2014-06-21 22:32 - 00001631 _____ () C:\Users\Public\Desktop\Sacred Gold.lnk
2014-06-21 22:32 - 2014-06-21 22:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sacred Gold [GOG.com]
2014-06-21 22:24 - 2014-06-21 22:24 - 00000000 ____D () C:\Users\Thorgrem\Downloads\sacred.gold.german.soundfiles
2014-06-21 20:10 - 2014-06-21 22:24 - 408819582 _____ () C:\Users\Thorgrem\Downloads\sacred.gold.german.soundfiles.rar
2014-06-20 20:38 - 2014-06-20 20:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-06-20 11:49 - 2014-06-21 22:28 - 00000000 ____D () C:\GOG Games
2014-06-20 11:17 - 2014-06-20 11:17 - 00000000 ____D () C:\Users\Thorgrem\Downloads\Sacred Gold 2.0.0.4
2014-06-19 21:35 - 2014-06-19 21:35 - 00000000 ____D () C:\Users\Thorgrem\Downloads\JDownloader
2014-06-19 18:35 - 2014-06-19 18:35 - 00000000 ____D () C:\Program Files\Sacred Underworld
2014-06-19 16:09 - 2014-06-19 16:09 - 00000000 ____D () C:\Users\Thorgrem\Downloads\Sacred Underworld
2014-06-19 14:08 - 2014-06-19 14:08 - 00000000 ____D () C:\Users\Thorgrem\AppData\Roaming\SupTab
2014-06-19 14:08 - 2014-06-19 14:08 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-06-19 14:08 - 2014-06-19 14:08 - 00000000 ____D () C:\Program Files\SupTab
2014-06-19 14:07 - 2014-06-19 14:07 - 00000000 ____D () C:\Users\Thorgrem\AppData\Roaming\v9
2014-06-19 14:07 - 2014-06-19 14:07 - 00000000 ____D () C:\Users\Thorgrem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat
2014-06-19 14:07 - 2014-06-19 14:07 - 00000000 ____D () C:\Users\Thorgrem\AppData\Roaming\InetStat
2014-06-19 14:06 - 2014-06-19 14:06 - 00000000 ____D () C:\Users\Thorgrem\AppData\Roaming\wi_upd
2014-06-19 14:06 - 2014-06-19 14:06 - 00000000 ____D () C:\Users\Thorgrem\AppData\Roaming\GetPrivate
2014-06-19 14:06 - 2014-06-19 14:06 - 00000000 ____D () C:\Program Files\GetPrivate
2014-06-19 13:52 - 2014-06-19 13:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elcomsoft Password Recovery
2014-06-19 13:52 - 2014-06-19 13:52 - 00000000 ____D () C:\ProgramData\Elcomsoft Password Recovery
2014-06-19 13:52 - 2014-06-19 13:52 - 00000000 ____D () C:\Program Files\Elcomsoft Password Recovery
2014-06-19 13:52 - 2014-06-19 13:52 - 00000000 ____D () C:\Program Files\Elcomsoft
2014-06-19 13:50 - 2014-06-19 13:50 - 00961360 _____ (Chip Digital GmbH) C:\Users\Thorgrem\Downloads\Advanced Archive Password Recovery - CHIP-Installer.exe
2014-06-19 13:37 - 2014-06-19 13:37 - 00001908 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-06-19 13:37 - 2014-06-19 13:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2014-06-19 13:36 - 2014-06-19 13:37 - 00000000 ____D () C:\Users\Thorgrem\AppData\Roaming\DAEMON Tools Lite
2014-06-19 13:36 - 2014-06-19 13:36 - 00243128 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtsoftbus01.sys
2014-06-19 13:36 - 2014-06-19 13:36 - 00000000 ____D () C:\Program Files\DAEMON Tools Lite
2014-06-19 13:35 - 2014-06-19 13:38 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-06-19 13:35 - 2014-06-19 13:35 - 13429504 _____ (Disc Soft Ltd) C:\Users\Thorgrem\Downloads\DTLite4491-0356.exe
2014-06-19 12:19 - 2014-06-20 20:00 - 00000000 ____D () C:\Users\Thorgrem\Downloads\Sacred.Underworld - SKIDROW
2014-06-19 12:18 - 2014-06-20 11:52 - 00000000 ____D () C:\Users\Thorgrem\AppData\Roaming\uTorrent
2014-06-19 12:18 - 2014-06-19 12:18 - 00000900 _____ () C:\Users\Thorgrem\Desktop\µTorrent.lnk
2014-06-19 12:18 - 2014-06-19 12:18 - 00000880 _____ () C:\Users\Thorgrem\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-06-19 12:11 - 2014-06-20 19:39 - 00000000 ____D () C:\Users\Thorgrem\Downloads\Alle Chars unskilled lvl 100
2014-06-19 12:08 - 2014-06-19 12:08 - 00163138 _____ () C:\Users\Thorgrem\Downloads\Alle Chars unskilled lvl 100.zip
2014-06-19 12:04 - 2014-06-19 12:04 - 00000000 ____D () C:\Users\Thorgrem\Downloads\UnskilledGladiLvl50
2014-06-19 12:03 - 2014-06-19 12:03 - 00043151 _____ () C:\Users\Thorgrem\Downloads\UnskilledGladiLvl50.zip
2014-06-18 22:18 - 2014-06-18 22:18 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-06-17 21:16 - 2014-06-17 21:16 - 00001175 _____ () C:\Users\Thorgrem\Desktop\Sacred.lnk
2014-06-17 21:16 - 2014-06-17 21:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ascaron Entertainment
2014-06-17 21:10 - 2014-06-22 19:22 - 00000000 ____D () C:\Program Files\Ascaron Entertainment
2014-06-16 21:09 - 2014-06-16 21:09 - 00961360 _____ (Chip Digital GmbH) C:\Users\Thorgrem\Downloads\TeamSpeak 3 32 Bit - CHIP-Installer.exe
2014-06-15 22:01 - 2014-06-15 22:01 - 00000000 ____D () C:\Users\Thorgrem\Documents\MAGIX_Screenshare
2014-06-15 22:01 - 2014-06-15 22:01 - 00000000 ____D () C:\Users\Thorgrem\Documents\MAGIX_Online_Druck_Service
2014-06-15 21:09 - 2014-06-15 21:09 - 01058200 _____ (Adobe) C:\Users\Thorgrem\Downloads\install_flashplayer14x32au_mssd_aaa_aih.exe
2014-06-15 21:08 - 2014-06-15 21:08 - 00207872 _____ () C:\Users\Thorgrem\Documents\Das Projekt.ppt
2014-06-15 10:19 - 2014-06-15 21:07 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2014-06-12 17:27 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-06-12 17:27 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-12 17:27 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-06-12 17:27 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-06-12 17:27 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-06-12 17:27 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-06-12 17:27 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-06-12 17:27 - 2014-05-30 09:57 - 00595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-06-12 17:27 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-06-12 17:27 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-06-12 17:27 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-06-12 17:27 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-06-12 17:27 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-06-12 17:27 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-06-12 17:27 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-06-12 17:27 - 2014-05-19 07:33 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-06-12 17:27 - 2014-05-19 07:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-06-12 17:27 - 2014-05-10 05:22 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-06-12 17:27 - 2014-05-09 01:08 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-06-12 17:27 - 2014-05-05 06:02 - 02826240 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-06-12 17:27 - 2014-05-03 08:36 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-06-12 17:27 - 2014-05-03 08:12 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-06-12 17:27 - 2014-05-03 06:07 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-12 17:27 - 2014-05-03 05:38 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-06-12 17:27 - 2014-05-01 13:00 - 02257608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-06-12 17:27 - 2014-05-01 13:00 - 00046512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-06-12 17:27 - 2014-05-01 08:51 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-06-12 17:27 - 2014-05-01 08:42 - 02045440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-06-12 17:27 - 2014-05-01 07:31 - 02366976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-06-12 17:27 - 2014-04-30 12:10 - 01090296 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-06-12 17:27 - 2014-04-30 05:47 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-06-12 17:27 - 2014-04-30 05:43 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2014-06-12 17:27 - 2014-02-06 12:19 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-06-12 17:27 - 2014-02-06 12:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-06-12 17:27 - 2014-02-06 11:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-06-12 17:27 - 2014-02-06 11:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-12 17:27 - 2014-02-06 11:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-06-12 17:27 - 2014-02-06 11:47 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-06-12 17:27 - 2014-02-06 11:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-12 17:26 - 2014-04-18 15:43 - 00031064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-06-12 17:26 - 2014-04-18 15:29 - 01200288 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-06-12 17:26 - 2014-04-18 10:58 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-06-12 17:26 - 2014-04-18 10:51 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2014-06-12 17:26 - 2014-04-18 10:01 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-06-12 17:26 - 2014-04-18 09:51 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-06-12 17:26 - 2014-04-18 09:49 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-06-12 17:26 - 2014-04-14 10:01 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-06-12 17:26 - 2014-04-11 07:29 - 01016320 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-06-12 17:26 - 2014-04-11 06:23 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-06-12 17:26 - 2014-04-11 05:27 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-06-12 17:26 - 2014-04-09 12:47 - 00294744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-06-12 17:26 - 2014-04-09 07:44 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-06-12 17:26 - 2014-04-09 06:01 - 01089536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-06-12 17:26 - 2014-04-09 05:22 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-06-12 17:26 - 2014-04-08 01:47 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-06-12 17:26 - 2014-04-06 17:27 - 00311128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-06-12 17:26 - 2014-04-06 17:27 - 00240472 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-06-12 17:26 - 2014-04-06 17:23 - 00098584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-06-12 17:26 - 2014-04-06 17:22 - 18755672 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-06-12 17:26 - 2014-04-06 17:22 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2014-06-12 17:26 - 2014-04-06 17:18 - 00271192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-06-12 17:26 - 2014-04-06 17:16 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-06-12 17:26 - 2014-04-06 17:16 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-06-12 17:26 - 2014-04-06 17:16 - 01159520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-06-12 17:26 - 2014-04-06 17:16 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-06-12 17:26 - 2014-04-06 17:16 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-06-12 17:26 - 2014-04-06 17:16 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-06-12 17:26 - 2014-04-06 17:16 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-06-12 17:26 - 2014-04-06 17:16 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-06-12 17:26 - 2014-04-06 17:16 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-06-12 17:26 - 2014-04-06 17:16 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-06-12 17:26 - 2014-04-06 17:16 - 00194752 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-06-12 17:26 - 2014-04-06 15:06 - 03497472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-06-12 17:26 - 2014-04-06 14:06 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-06-12 17:26 - 2014-04-06 14:00 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-06-12 17:26 - 2014-04-06 13:54 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-06-12 17:26 - 2014-04-06 13:47 - 00264704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-06-12 17:26 - 2014-04-06 13:40 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-06-12 17:26 - 2014-04-06 12:58 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-06-12 17:26 - 2014-04-06 12:55 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-06-12 17:26 - 2014-04-06 12:44 - 00623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-06-12 17:26 - 2014-04-06 12:37 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-06-12 17:26 - 2014-04-06 12:36 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-06-12 17:26 - 2014-04-06 11:59 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-06-12 17:26 - 2014-04-03 06:03 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-06-12 17:26 - 2014-04-03 06:03 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2014-06-12 17:26 - 2014-04-03 05:53 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-06-12 17:26 - 2014-04-03 05:46 - 01871704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-06-12 17:26 - 2014-04-03 05:46 - 00286040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-06-12 17:26 - 2014-04-03 04:46 - 03563008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-06-12 17:26 - 2014-04-03 04:45 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-06-12 17:26 - 2014-04-03 04:44 - 01210368 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-06-12 17:26 - 2014-04-03 04:24 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-06-12 17:26 - 2014-04-03 04:24 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-06-12 17:26 - 2014-04-03 04:23 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2014-06-12 17:26 - 2014-04-01 07:09 - 00333656 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-06-12 17:26 - 2014-03-31 05:34 - 05786968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-06-12 17:26 - 2014-03-31 02:41 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d8thk.dll
2014-06-12 17:26 - 2014-03-31 01:26 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-06-12 17:26 - 2014-03-31 01:13 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-06-12 17:26 - 2014-03-31 00:37 - 01167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-06-12 17:26 - 2014-03-31 00:35 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-06-12 17:26 - 2014-03-31 00:09 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-06-12 17:26 - 2014-03-30 23:49 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-06-12 17:26 - 2014-03-28 11:04 - 00328984 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2014-06-12 17:26 - 2014-03-27 07:21 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-06-12 17:26 - 2014-03-27 06:48 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-06-12 17:26 - 2014-03-27 06:19 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-06-12 17:26 - 2014-03-27 05:22 - 00244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-06-12 17:26 - 2014-03-27 05:03 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-06-12 17:26 - 2014-03-27 04:59 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-06-12 17:26 - 2014-03-25 00:57 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-06-12 17:26 - 2014-03-21 05:46 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\tscfgwmi.dll
2014-06-12 17:26 - 2014-03-20 03:20 - 00229344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-06-12 17:26 - 2014-03-20 01:38 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2014-06-12 17:26 - 2014-03-20 01:33 - 05774848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-06-12 17:26 - 2014-03-19 09:17 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-06-12 17:26 - 2014-03-19 09:09 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-06-12 17:26 - 2014-03-19 07:56 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-06-12 17:26 - 2014-03-19 07:00 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-06-12 17:26 - 2014-03-19 06:51 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-06-12 17:26 - 2014-03-19 06:47 - 01309184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-06-12 17:26 - 2014-03-19 06:23 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-06-12 17:26 - 2014-03-19 06:14 - 02130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-06-12 17:26 - 2014-03-18 09:22 - 00069632 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-06-12 17:26 - 2014-03-18 06:52 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-06-12 17:26 - 2014-03-17 06:11 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-06-12 17:26 - 2014-03-17 04:45 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-06-12 17:26 - 2014-03-17 04:36 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-06-12 17:26 - 2014-03-14 08:10 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-06-12 17:26 - 2014-03-06 12:37 - 00264536 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-06-12 17:15 - 2014-06-12 17:15 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-06-10 11:29 - 2014-06-10 12:11 - 00000000 ____D () C:\Users\Thorgrem\Downloads\bücher
2014-06-08 11:58 - 2014-06-08 11:58 - 00000000 ____D () C:\Users\Thorgrem\AppData\Local\SniperV2
2014-06-05 20:58 - 2014-06-05 20:58 - 00428399 _____ () C:\Users\Thorgrem\Downloads\sixpackcode10fehler.zip
2014-06-05 20:58 - 2014-06-05 20:58 - 00000000 ____D () C:\Users\Thorgrem\Downloads\sixpackcode10fehler
2014-06-05 17:34 - 2014-06-05 17:34 - 00000000 ____D () C:\Users\Thorgrem\Downloads\rezepte
2014-06-05 17:33 - 2014-06-05 17:33 - 00294828 _____ () C:\Users\Thorgrem\Downloads\rezepte.zip
2014-06-04 21:04 - 2014-06-04 21:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GeoGebra 4.4
2014-06-04 21:04 - 2014-06-04 21:04 - 00000000 ____D () C:\Program Files\GeoGebra 4.4
2014-06-04 21:02 - 2014-06-04 21:04 - 41946528 _____ (International GeoGebra Institute) C:\Users\Thorgrem\Downloads\GeoGebra-Windows-Installer-4-4-37-0.exe
2014-06-04 18:17 - 2014-06-04 18:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2014-06-04 15:43 - 2014-06-04 15:43 - 00000903 _____ () C:\Users\Thorgrem\Documents\Downloads - Verknüpfung.lnk
2014-06-03 21:08 - 2014-06-03 21:09 - 44199212 _____ () C:\Users\Thorgrem\Desktop\Pentakill-SmiteandIgnite.zip
2014-06-02 15:57 - 2014-06-02 15:57 - 00000000 ____D () C:\Users\Thorgrem\AppData\Roaming\Security System 2
2014-06-02 15:57 - 2014-06-02 15:57 - 00000000 ____D () C:\Users\Thorgrem\AppData\Local\Tempb7198e9bb9ab25f664356c451ef253f1
2014-06-02 15:12 - 2014-06-02 15:12 - 00000188 _____ () C:\Users\Thorgrem\Desktop\Amazon.de.url
2014-06-02 15:12 - 2014-06-02 15:12 - 00000000 ____D () C:\Users\Thorgrem\ChromeExtensions
2014-06-02 15:12 - 2014-06-02 15:12 - 00000000 ____D () C:\Users\Thorgrem\AppData\Local\Temp9a4653a4bc5a5527baaf9453f4749d2f
2014-06-02 15:04 - 2014-06-02 15:04 - 00001876 _____ () C:\Users\Public\Desktop\Black & White 2.lnk
2014-06-02 15:00 - 2014-06-02 15:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black & White 2
2014-06-02 15:00 - 2014-06-02 15:00 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-06-02 15:00 - 2014-06-02 15:00 - 00000000 ____D () C:\Program Files\Lionhead Studios
2014-06-01 10:11 - 2014-06-01 12:02 - 00000000 ____D () C:\Users\Thorgrem\AppData\Roaming\Tunngle
2014-06-01 10:11 - 2014-06-01 12:02 - 00000000 ____D () C:\ProgramData\Tunngle
2014-06-01 10:11 - 2014-06-01 10:13 - 00000000 ____D () C:\Program Files\Tunngle
2014-06-01 10:11 - 2014-06-01 10:11 - 00000961 _____ () C:\Users\Public\Desktop\Tunngle beta.lnk
2014-06-01 10:11 - 2014-06-01 10:11 - 00000000 ____D () C:\Users\Thorgrem\Documents\Tunngle
2014-06-01 10:11 - 2014-06-01 10:11 - 00000000 ____D () C:\Users\Public\Documents\Tunngle
2014-06-01 10:11 - 2014-06-01 10:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
2014-06-01 10:11 - 2009-09-16 07:02 - 00027136 _____ (Tunngle.net) C:\WINDOWS\system32\Drivers\tap0901t.sys
2014-06-01 09:46 - 2014-06-01 09:46 - 00000214 _____ () C:\Users\Thorgrem\Desktop\Sid Meier's Civilization V.url
2014-05-27 20:23 - 2014-06-26 12:43 - 00000000 ____D () C:\Users\Thorgrem\AppData\Local\Spotify
2014-05-27 20:23 - 2014-05-27 20:23 - 00001866 _____ () C:\Users\Thorgrem\Desktop\Spotify.lnk
2014-05-27 20:23 - 2014-05-27 20:23 - 00001852 _____ () C:\Users\Thorgrem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-05-27 20:22 - 2014-06-26 12:44 - 00000000 ____D () C:\Users\Thorgrem\AppData\Roaming\Spotify
2014-05-27 20:22 - 2014-05-27 20:22 - 00126112 _____ (Spotify Ltd) C:\Users\Thorgrem\Downloads\SpotifySetup.exe
2014-05-27 17:46 - 2014-05-27 17:46 - 00000000 ____D () C:\Program Files\Common Files\Skype

==================== One Month Modified Files and Folders =======

2014-06-26 13:41 - 2014-06-26 13:40 - 00020137 _____ () C:\Users\Thorgrem\Downloads\FRST.txt
2014-06-26 13:40 - 2014-06-26 13:40 - 01073152 _____ (Farbar) C:\Users\Thorgrem\Downloads\FRST.exe
2014-06-26 13:40 - 2014-06-26 13:40 - 00000000 ____D () C:\FRST
2014-06-26 13:39 - 2014-06-26 13:39 - 00050477 _____ () C:\Users\Thorgrem\Downloads\Defogger.exe
2014-06-26 13:39 - 2014-06-26 13:39 - 00000548 _____ () C:\Users\Thorgrem\Downloads\defogger_disable.log
2014-06-26 13:39 - 2014-06-26 13:39 - 00000156 _____ () C:\Users\Thorgrem\defogger_reenable
2014-06-26 13:39 - 2014-02-24 18:31 - 00000000 ____D () C:\Users\Thorgrem
2014-06-26 13:37 - 2014-02-22 15:36 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-06-26 13:35 - 2014-06-26 13:35 - 00961360 _____ (Chip Digital GmbH) C:\Users\Thorgrem\Downloads\HijackThis - CHIP-Installer.exe
2014-06-26 13:26 - 2014-03-17 16:47 - 00000000 ____D () C:\Users\Thorgrem\AppData\Roaming\Skype
2014-06-26 13:06 - 2014-02-24 18:27 - 01513329 _____ () C:\WINDOWS\WindowsUpdate.log
2014-06-26 13:02 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-06-26 12:45 - 2014-04-19 12:26 - 00097648 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2014-06-26 12:44 - 2014-05-27 20:22 - 00000000 ____D () C:\Users\Thorgrem\AppData\Roaming\Spotify
2014-06-26 12:43 - 2014-05-27 20:23 - 00000000 ____D () C:\Users\Thorgrem\AppData\Local\Spotify
2014-06-26 12:41 - 2014-05-13 21:14 - 00001604 _____ () C:\WINDOWS\Sandboxie.ini
2014-06-26 12:40 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-06-22 19:34 - 2014-03-09 15:24 - 00000000 ____D () C:\Program Files\Steam
2014-06-22 19:22 - 2014-06-17 21:10 - 00000000 ____D () C:\Program Files\Ascaron Entertainment
2014-06-22 19:19 - 2014-06-22 19:19 - 03067063 _____ () C:\Users\Thorgrem\Downloads\alle_chars_100_unskilled.zip
2014-06-22 19:11 - 2014-06-22 19:11 - 00000000 ____D () C:\WINDOWS\95FC26FB19FD4A96BBB1B1062E8648F5.TMP
2014-06-22 19:11 - 2014-06-22 19:11 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-06-22 10:22 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-06-21 22:32 - 2014-06-21 22:32 - 00001631 _____ () C:\Users\Public\Desktop\Sacred Gold.lnk
2014-06-21 22:32 - 2014-06-21 22:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sacred Gold [GOG.com]
2014-06-21 22:28 - 2014-06-20 11:49 - 00000000 ____D () C:\GOG Games
2014-06-21 22:24 - 2014-06-21 22:24 - 00000000 ____D () C:\Users\Thorgrem\Downloads\sacred.gold.german.soundfiles
2014-06-21 22:24 - 2014-06-21 20:10 - 408819582 _____ () C:\Users\Thorgrem\Downloads\sacred.gold.german.soundfiles.rar
2014-06-20 20:38 - 2014-06-20 20:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-06-20 20:00 - 2014-06-19 12:19 - 00000000 ____D () C:\Users\Thorgrem\Downloads\Sacred.Underworld - SKIDROW
2014-06-20 19:39 - 2014-06-19 12:11 - 00000000 ____D () C:\Users\Thorgrem\Downloads\Alle Chars unskilled lvl 100
2014-06-20 11:52 - 2014-06-19 12:18 - 00000000 ____D () C:\Users\Thorgrem\AppData\Roaming\uTorrent
2014-06-20 11:17 - 2014-06-20 11:17 - 00000000 ____D () C:\Users\Thorgrem\Downloads\Sacred Gold 2.0.0.4
2014-06-19 22:00 - 2014-02-24 18:27 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-19 22:00 - 2013-11-14 01:00 - 00109288 _____ () C:\WINDOWS\PFRO.log
2014-06-19 22:00 - 2013-08-22 09:23 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-06-19 21:59 - 2013-08-22 08:13 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-06-19 21:56 - 2013-11-14 10:09 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-06-19 21:50 - 2014-02-21 17:24 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-06-19 21:35 - 2014-06-19 21:35 - 00000000 ____D () C:\Users\Thorgrem\Downloads\JDownloader
2014-06-19 18:35 - 2014-06-19 18:35 - 00000000 ____D () C:\Program Files\Sacred Underworld
2014-06-19 16:09 - 2014-06-19 16:09 - 00000000 ____D () C:\Users\Thorgrem\Downloads\Sacred Underworld
2014-06-19 14:08 - 2014-06-19 14:08 - 00000000 ____D () C:\Users\Thorgrem\AppData\Roaming\SupTab
2014-06-19 14:08 - 2014-06-19 14:08 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-06-19 14:08 - 2014-06-19 14:08 - 00000000 ____D () C:\Program Files\SupTab
2014-06-19 14:07 - 2014-06-19 14:07 - 00000000 ____D () C:\Users\Thorgrem\AppData\Roaming\v9
2014-06-19 14:07 - 2014-06-19 14:07 - 00000000 ____D () C:\Users\Thorgrem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat
2014-06-19 14:07 - 2014-06-19 14:07 - 00000000 ____D () C:\Users\Thorgrem\AppData\Roaming\InetStat
2014-06-19 14:06 - 2014-06-19 14:06 - 00000000 ____D () C:\Users\Thorgrem\AppData\Roaming\wi_upd
2014-06-19 14:06 - 2014-06-19 14:06 - 00000000 ____D () C:\Users\Thorgrem\AppData\Roaming\GetPrivate
2014-06-19 14:06 - 2014-06-19 14:06 - 00000000 ____D () C:\Program Files\GetPrivate
2014-06-19 13:52 - 2014-06-19 13:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elcomsoft Password Recovery
2014-06-19 13:52 - 2014-06-19 13:52 - 00000000 ____D () C:\ProgramData\Elcomsoft Password Recovery
2014-06-19 13:52 - 2014-06-19 13:52 - 00000000 ____D () C:\Program Files\Elcomsoft Password Recovery
2014-06-19 13:52 - 2014-06-19 13:52 - 00000000 ____D () C:\Program Files\Elcomsoft
2014-06-19 13:50 - 2014-06-19 13:50 - 00961360 _____ (Chip Digital GmbH) C:\Users\Thorgrem\Downloads\Advanced Archive Password Recovery - CHIP-Installer.exe
2014-06-19 13:38 - 2014-06-19 13:35 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-06-19 13:37 - 2014-06-19 13:37 - 00001908 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-06-19 13:37 - 2014-06-19 13:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2014-06-19 13:37 - 2014-06-19 13:36 - 00000000 ____D () C:\Users\Thorgrem\AppData\Roaming\DAEMON Tools Lite
2014-06-19 13:36 - 2014-06-19 13:36 - 00243128 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtsoftbus01.sys
2014-06-19 13:36 - 2014-06-19 13:36 - 00000000 ____D () C:\Program Files\DAEMON Tools Lite
2014-06-19 13:35 - 2014-06-19 13:35 - 13429504 _____ (Disc Soft Ltd) C:\Users\Thorgrem\Downloads\DTLite4491-0356.exe
2014-06-19 12:18 - 2014-06-19 12:18 - 00000900 _____ () C:\Users\Thorgrem\Desktop\µTorrent.lnk
2014-06-19 12:18 - 2014-06-19 12:18 - 00000880 _____ () C:\Users\Thorgrem\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-06-19 12:08 - 2014-06-19 12:08 - 00163138 _____ () C:\Users\Thorgrem\Downloads\Alle Chars unskilled lvl 100.zip
2014-06-19 12:04 - 2014-06-19 12:04 - 00000000 ____D () C:\Users\Thorgrem\Downloads\UnskilledGladiLvl50
2014-06-19 12:03 - 2014-06-19 12:03 - 00043151 _____ () C:\Users\Thorgrem\Downloads\UnskilledGladiLvl50.zip
2014-06-18 22:18 - 2014-06-18 22:18 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-06-18 21:59 - 2012-07-26 08:43 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-06-17 21:16 - 2014-06-17 21:16 - 00001175 _____ () C:\Users\Thorgrem\Desktop\Sacred.lnk
2014-06-17 21:16 - 2014-06-17 21:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ascaron Entertainment
2014-06-17 17:27 - 2014-05-10 20:04 - 00004364 _____ () C:\WINDOWS\setupact.log
2014-06-16 21:09 - 2014-06-16 21:09 - 00961360 _____ (Chip Digital GmbH) C:\Users\Thorgrem\Downloads\TeamSpeak 3 32 Bit - CHIP-Installer.exe
2014-06-15 22:02 - 2014-03-01 13:21 - 00000000 ____D () C:\Program Files\Common Files\MAGIX Shared
2014-06-15 22:01 - 2014-06-15 22:01 - 00000000 ____D () C:\Users\Thorgrem\Documents\MAGIX_Screenshare
2014-06-15 22:01 - 2014-06-15 22:01 - 00000000 ____D () C:\Users\Thorgrem\Documents\MAGIX_Online_Druck_Service
2014-06-15 22:01 - 2014-03-01 13:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2014-06-15 22:01 - 2014-03-01 13:21 - 00000000 ____D () C:\ProgramData\MAGIX
2014-06-15 22:01 - 2014-03-01 13:21 - 00000000 ____D () C:\Program Files\Common Files\xara
2014-06-15 22:01 - 2014-03-01 13:20 - 00007119 _____ () C:\WINDOWS\mgxoschk.ini
2014-06-15 22:01 - 2014-03-01 13:20 - 00000000 ____D () C:\WINDOWS\system32\MAGIX
2014-06-15 22:01 - 2014-03-01 13:20 - 00000000 ____D () C:\Program Files\MAGIX
2014-06-15 22:00 - 2014-03-01 13:21 - 00001115 _____ () C:\Users\Public\Desktop\MAGIX MP3 Maker 15.lnk
2014-06-15 21:10 - 2014-05-19 21:52 - 00000000 ____D () C:\Users\Thorgrem\AppData\Local\Deployment
2014-06-15 21:09 - 2014-06-15 21:09 - 01058200 _____ (Adobe) C:\Users\Thorgrem\Downloads\install_flashplayer14x32au_mssd_aaa_aih.exe
2014-06-15 21:08 - 2014-06-15 21:08 - 00207872 _____ () C:\Users\Thorgrem\Documents\Das Projekt.ppt
2014-06-15 21:07 - 2014-06-15 10:19 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2014-06-15 10:16 - 2014-03-16 16:06 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-15 10:15 - 2014-03-16 16:11 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-06-13 16:52 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\rescache
2014-06-12 21:00 - 2013-08-22 09:22 - 00494544 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-06-12 18:53 - 2013-11-14 09:53 - 00000000 ____D () C:\WINDOWS\system32\Drivers\de-DE
2014-06-12 18:53 - 2013-08-22 10:17 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-06-12 18:53 - 2013-08-22 10:17 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-06-12 18:53 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\WinStore
2014-06-12 17:58 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\de-DE
2014-06-12 17:55 - 2014-02-22 18:36 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-06-12 17:52 - 2014-02-22 18:36 - 92708840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-06-12 17:15 - 2014-06-12 17:15 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-06-10 12:11 - 2014-06-10 11:29 - 00000000 ____D () C:\Users\Thorgrem\Downloads\bücher
2014-06-09 11:21 - 2014-03-02 16:29 - 00000000 ____D () C:\Users\Thorgrem\AppData\Roaming\Audacity
2014-06-08 11:58 - 2014-06-08 11:58 - 00000000 ____D () C:\Users\Thorgrem\AppData\Local\SniperV2
2014-06-05 20:58 - 2014-06-05 20:58 - 00428399 _____ () C:\Users\Thorgrem\Downloads\sixpackcode10fehler.zip
2014-06-05 20:58 - 2014-06-05 20:58 - 00000000 ____D () C:\Users\Thorgrem\Downloads\sixpackcode10fehler
2014-06-05 17:34 - 2014-06-05 17:34 - 00000000 ____D () C:\Users\Thorgrem\Downloads\rezepte
2014-06-05 17:33 - 2014-06-05 17:33 - 00294828 _____ () C:\Users\Thorgrem\Downloads\rezepte.zip
2014-06-04 21:04 - 2014-06-04 21:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GeoGebra 4.4
2014-06-04 21:04 - 2014-06-04 21:04 - 00000000 ____D () C:\Program Files\GeoGebra 4.4
2014-06-04 21:04 - 2014-06-04 21:02 - 41946528 _____ (International GeoGebra Institute) C:\Users\Thorgrem\Downloads\GeoGebra-Windows-Installer-4-4-37-0.exe
2014-06-04 18:17 - 2014-06-04 18:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2014-06-04 15:43 - 2014-06-04 15:43 - 00000903 _____ () C:\Users\Thorgrem\Documents\Downloads - Verknüpfung.lnk
2014-06-03 21:09 - 2014-06-03 21:08 - 44199212 _____ () C:\Users\Thorgrem\Desktop\Pentakill-SmiteandIgnite.zip
2014-06-02 15:57 - 2014-06-02 15:57 - 00000000 ____D () C:\Users\Thorgrem\AppData\Roaming\Security System 2
2014-06-02 15:57 - 2014-06-02 15:57 - 00000000 ____D () C:\Users\Thorgrem\AppData\Local\Tempb7198e9bb9ab25f664356c451ef253f1
2014-06-02 15:12 - 2014-06-02 15:12 - 00000188 _____ () C:\Users\Thorgrem\Desktop\Amazon.de.url
2014-06-02 15:12 - 2014-06-02 15:12 - 00000000 ____D () C:\Users\Thorgrem\ChromeExtensions
2014-06-02 15:12 - 2014-06-02 15:12 - 00000000 ____D () C:\Users\Thorgrem\AppData\Local\Temp9a4653a4bc5a5527baaf9453f4749d2f
2014-06-02 15:04 - 2014-06-02 15:04 - 00001876 _____ () C:\Users\Public\Desktop\Black & White 2.lnk
2014-06-02 15:04 - 2014-06-02 15:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black & White 2
2014-06-02 15:00 - 2014-06-02 15:00 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-06-02 15:00 - 2014-06-02 15:00 - 00000000 ____D () C:\Program Files\Lionhead Studios
2014-06-02 15:00 - 2014-05-06 21:53 - 00044532 _____ () C:\WINDOWS\DirectX.log
2014-06-01 12:02 - 2014-06-01 10:11 - 00000000 ____D () C:\Users\Thorgrem\AppData\Roaming\Tunngle
2014-06-01 12:02 - 2014-06-01 10:11 - 00000000 ____D () C:\ProgramData\Tunngle
2014-06-01 10:27 - 2014-03-09 15:24 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-06-01 10:22 - 2014-05-04 10:52 - 00000000 ____D () C:\Users\Thorgrem\AppData\Local\NVIDIA
2014-06-01 10:13 - 2014-06-01 10:11 - 00000000 ____D () C:\Program Files\Tunngle
2014-06-01 10:11 - 2014-06-01 10:11 - 00000961 _____ () C:\Users\Public\Desktop\Tunngle beta.lnk
2014-06-01 10:11 - 2014-06-01 10:11 - 00000000 ____D () C:\Users\Thorgrem\Documents\Tunngle
2014-06-01 10:11 - 2014-06-01 10:11 - 00000000 ____D () C:\Users\Public\Documents\Tunngle
2014-06-01 10:11 - 2014-06-01 10:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
2014-06-01 09:46 - 2014-06-01 09:46 - 00000214 _____ () C:\Users\Thorgrem\Desktop\Sid Meier's Civilization V.url
2014-06-01 09:46 - 2014-03-23 12:29 - 00000000 ____D () C:\Users\Thorgrem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-05-31 07:13 - 2013-08-22 10:18 - 00703992 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-05-31 07:13 - 2013-08-22 10:18 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-05-30 11:18 - 2014-06-12 17:27 - 17271296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-05-30 10:43 - 2014-06-12 17:27 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-05-30 10:38 - 2014-06-12 17:27 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-05-30 10:27 - 2014-06-12 17:27 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-05-30 10:16 - 2014-06-12 17:27 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-05-30 10:04 - 2014-06-12 17:27 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-05-30 10:02 - 2014-06-12 17:27 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-05-30 09:57 - 2014-06-12 17:27 - 00595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-05-30 09:56 - 2014-06-12 17:27 - 04244992 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-05-30 09:54 - 2014-06-12 17:27 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-05-30 09:49 - 2014-06-12 17:27 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-05-30 09:40 - 2014-06-12 17:27 - 11725312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-05-30 09:21 - 2014-06-12 17:27 - 01790976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-05-30 09:15 - 2014-06-12 17:27 - 01143296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-05-30 09:13 - 2014-06-12 17:27 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-05-27 20:23 - 2014-05-27 20:23 - 00001866 _____ () C:\Users\Thorgrem\Desktop\Spotify.lnk
2014-05-27 20:23 - 2014-05-27 20:23 - 00001852 _____ () C:\Users\Thorgrem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-05-27 20:22 - 2014-05-27 20:22 - 00126112 _____ (Spotify Ltd) C:\Users\Thorgrem\Downloads\SpotifySetup.exe
2014-05-27 17:47 - 2014-03-17 16:46 - 00000000 ____D () C:\ProgramData\Skype
2014-05-27 17:46 - 2014-05-27 17:46 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-05-27 17:46 - 2014-03-17 16:47 - 00000000 ___RD () C:\Program Files\Skype

Some content of TEMP:
====================
C:\Users\Thorgrem\AppData\Local\Temp\amazonicon_v5.exe
C:\Users\Thorgrem\AppData\Local\Temp\amazoninstallernircmdc.exe
C:\Users\Thorgrem\AppData\Local\Temp\avgnt.exe
C:\Users\Thorgrem\AppData\Local\Temp\cpn54vft.nqo.exe
C:\Users\Thorgrem\AppData\Local\Temp\foxy_security_games.exe
C:\Users\Thorgrem\AppData\Local\Temp\GPUpd53ABF9460.exe
C:\Users\Thorgrem\AppData\Local\Temp\MgxVistaTools.dll
C:\Users\Thorgrem\AppData\Local\Temp\mhpu3cuq.2sp.exe
C:\Users\Thorgrem\AppData\Local\Temp\nvStInst.exe
C:\Users\Thorgrem\AppData\Local\Temp\ose00000.exe
C:\Users\Thorgrem\AppData\Local\Temp\SandboxieInstall.exe
C:\Users\Thorgrem\AppData\Local\Temp\sdanircmdc.exe
C:\Users\Thorgrem\AppData\Local\Temp\sdapskill.exe
C:\Users\Thorgrem\AppData\Local\Temp\sdaspwn.exe
C:\Users\Thorgrem\AppData\Local\Temp\SRLDetectionLibrary3755180600171889777.dll
C:\Users\Thorgrem\AppData\Local\Temp\sweetpage294wld_n2.exe
C:\Users\Thorgrem\AppData\Local\Temp\ucmlivxk.uze.exe
C:\Users\Thorgrem\AppData\Local\Temp\Uninstall.exe
C:\Users\Thorgrem\AppData\Local\Temp\unwise.exe
C:\Users\Thorgrem\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Thorgrem\AppData\Local\Temp\w0dvpylu.vui.exe


==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-20 10:06

==================== End Of Log ============================
         
 
--- --- ---

--- --- ---

--- --- ---


Addition:
[QUOTE]Additional scan result of Farbar Recovery Scan Tool (x86) Version:25-06-2014
Ran by Thorgrem at 2014-06-26 13:41:48
Running from C:\Users\Thorgrem\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.31743 - BitTorrent Inc.)
7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Advanced Archive Password Recovery (HKLM\...\{01011662-76A8-41E8-B1A8-4F8821570AC5}) (Version: 4.54.48.1338 - Elcomsoft Co. Ltd.)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
AMD Catalyst Control Center (Version: 2014.0417.2226.38446 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{DC7723BE-A2BB-58A0-4820-5630F9B82198}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2014.0417.2226.38446 - Ihr Firmenname) Hidden
Application Verifier x86 External Package (Version: 8.100.26629 - Microsoft) Hidden
Audacity 2.0.5 (HKLM\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avira (HKLM\...\{70a79d1f-686d-4d5c-962b-07aa1294eae0}) (Version: 1.1.12.20002 - Avira Operations GmbH & Co. KG)
Avira (Version: 1.1.12.20002 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.5.450 - Avira)
Black & White® 2 (HKLM\...\{D9E52CD1-9DF1-4A8A-9BDC-1E5E53982F2B}) (Version: 1.00.0000 - Lionhead Studios)
BlueJ (HKLM\...\{7D66971C-652B-4065-A6B1-B3EE313C254B}) (Version: 3.1.1 - BlueJ Team)
Catalyst Control Center - Branding (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
ccc-utility (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version:  - CyberGhost S.R.L.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{2BC398D2-11C8-43B1-AB84-675D33EB28C2}) (Version:  - Microsoft)
EarMaster Pro 6.1 (HKLM\...\EarMaster Pro 6_is1) (Version: 6.1 - EarMaster ApS)
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version:  - SEIKO EPSON Corporation)
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Firebird SQL Server - MAGIX Edition (HKLM\...\{19666E73-D9E5-44D4-8F33-037ED151ECBC}) (Version: 2.1.22.0 - MAGIX AG)
Fotogalerie (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GeoGebra 4.4 (HKLM\...\GeoGebra 4.4) (Version: 4.4.37.0 - International GeoGebra Institute)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java SE Development Kit 7 Update 51 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0170510}) (Version: 1.7.0.510 - Oracle)
Java-Editor 12.17, 2014.05.11 (HKLM\...\{65FBA21B-7F80-4E4E-B275-0958D2648F94}_is1) (Version:  - Gerhard Röhner)
JetBoost (HKLM\...\JetBoost_is1) (Version: 2.0.0 - BlueSprig)
Kits Configuration Installer (Version: 8.100.25984 - Microsoft) Hidden
League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (Version: 3.0.1 - Riot Games ) Hidden
MAGIX MP3 Maker 15 10.0.0.257 (D) (HKLM\...\MAGIX MP3 Maker 15 D) (Version: 10.0.0.257 - MAGIX AG)
MAGIX Online Druck Service 3.4.3.0 (D) (HKLM\...\MAGIX Online Druck Service D) (Version: 3.4.3.0 - MAGIX AG)
MAGIX Screenshare 4.3.6.1987 (D) (HKLM\...\MAGIX Screenshare D) (Version: 4.3.6.1987 - MAGIX AG)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM\...\{D1D37853-0004-3E36-A7AA-74F4EEA35F64}) (Version: 4.5.50930 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft Access MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Word MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 3.1 (HKLM\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Movie Maker (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 de) (HKLM\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSI Development Tools (Version: 8.100.25984 - Microsoft Corporation) Hidden
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden
NVIDIA 3D Vision Controller-Treiber 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
OpenOffice 4.1.0 (HKLM\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Pando Media Booster (HKLM\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
Photo Common (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Sacred (HKLM\...\Sacred_is1) (Version:  - Ascaron Entertainment GmbH)
Sacred Gold (HKLM\...\GOGPACKSACREDGOLD_is1) (Version: 2.0.0.4 - GOG.com)
Sandboxie 4.12 (32-bit) (HKLM\...\Sandboxie) (Version: 4.12 - Sandboxie Holdings, LLC)
SDK Debuggers (Version: 8.100.26629 - Microsoft Corporation) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Skype™ 6.16 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Smart Technology Programming Software 7.0.27.13 (HKLM\...\{6193D1C9-FEAC-4158-8EB5-1B1D7B0C8DA7}) (Version: 7.0.27.13 - Mad Catz)
Sniper Elite V2 (HKLM\...\Steam App 63380) (Version:  - Rebellion)
Spotify (HKCU\...\Spotify) (Version: 0.9.10.14.g578d350b - Spotify AB)
Steam (HKLM\...\Steam) (Version:  - Valve Corporation)
System Requirements Lab CYRI (HKLM\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Tinypic 3.18 (HKLM\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)
Tunngle beta (HKLM\...\Tunngle beta_is1) (Version:  - Tunngle.net GmbH)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM\...\{90150000-0018-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM\...\{90150000-001B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2850074) 32-Bit Edition (HKLM\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{968E82F6-FAF7-45E0-BCC0-EF8AA31A4EB3}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{A7610F07-E844-4444-8E1D-D5BC8AD0B4C5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{45B7D395-EB9B-414F-9E46-5849B42326E2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{66421820-D3CA-450A-898C-78D7E40108E6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition (HKLM\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{1644D7F6-90EE-4252-8884-18E4E330529D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1644D7F6-90EE-4252-8884-18E4E330529D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{B7EA8070-C37F-4617-82F4-52CF3304595A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837644) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{9BC5FF1D-9626-44D7-BC7F-EB44BD8BDB9F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2878313) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1FB43AFB-8112-41B9-B9A6-A43474F46123}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880457) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{D27F6360-AE1E-4C8C-8ECD-C0375E20B923}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880464) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{06EF2BF7-7351-4D70-A0D5-588FCCF9808D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880476) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{DDF64A37-8E32-406E-A94C-9F5B03661A21}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7C5CEE0F-6823-4BB7-A28F-76FEC14EB6AC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM\...\{90150000-001F-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{071A9ED9-C72F-4CDA-9A88-F100C5EF9EE1}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM\...\{90150000-001F-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{3365FE58-896F-45DE-8051-E48F6D8069FD}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM\...\{90150000-001F-040C-0000-0000000FF1CE}_Office15.PROPLUSR_{A2D4D766-14AE-46CA-BD99-801FB1523626}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM\...\{90150000-001F-0410-0000-0000000FF1CE}_Office15.PROPLUSR_{FE13BE31-2B5B-4D4E-8538-B3BB9B370C66}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM\...\{90150000-0090-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM\...\{90150000-00BA-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM\...\{90150000-00A1-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 32-Bit Edition (HKLM\...\{90150000-001A-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{1BCA67A6-5329-48D0-A088-C097AC7A14BD}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1BCA67A6-5329-48D0-A088-C097AC7A14BD}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881000) 32-Bit Edition (HKLM\...\{90150000-0018-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{4F3B2C6F-B7F9-431F-84ED-C29F47B31DB7}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881000) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{4F3B2C6F-B7F9-431F-84ED-C29F47B31DB7}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2726952) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{173C8CEB-B73E-4C38-AF3A-05EA5BB860D4}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{A7CD05CC-CA85-428C-91FD-74A908D126E1}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM\...\{90150000-001A-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM\...\{90150000-001B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version:  - Microsoft)
v9 uninstaller (HKLM\...\v9 uninstaller) (Version:  - v9)
VisualBee for Microsoft PowerPoint (HKCU\...\VisualBee for Microsoft PowerPoint) (Version: V4.1 - VisualBee.com)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows App Certification Kit Native Components (Version: 8.100.26629 - Microsoft Corporation) Hidden
Windows App Certification Kit x86 (Version: 8.100.26654 - Microsoft Corporation) Hidden
Windows Live Communications Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Software Development Kit (Version: 8.100.26654 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit EULA (Version: 8.100.25984 - Microsoft Corporations) Hidden
Windows Software Development Kit for Windows 8.1 (HKLM\...\{57334b90-51ab-4979-a6e4-ab0f7632479a}) (Version: 8.100.26654 - Microsoft Corporation)
Windows Software Development Kit for Windows Store Apps (Version: 8.100.26654 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (Version: 8.100.26654 - Microsoft Corporation) Hidden
Windows Software Development Kit Redistributables (Version: 8.100.26654 - Microsoft Corporation) Hidden
WPT Redistributables (Version: 8.100.26654 - Microsoft) Hidden
WPTx86 (Version: 8.100.26629 - Microsoft) Hidden

==================== Restore Points  =========================

15-06-2014 20:02:10 Firebird SQL Server - MAGIX Edition wird installiert
19-06-2014 11:51:30 Installed Advanced Archive Password Recovery
22-06-2014 17:11:15 Sacred 2 wurde installiert.

==================== Hosts content: ==========================

2013-08-22 08:13 - 2013-08-22 08:13 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {00BC77BF-3352-4FE8-9617-4F1B27BEC19A} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {17233BE9-87E9-40B0-B003-AE9D2B92CBBE} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {20A6C59B-C383-4308-A79F-84955C282C37} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\WINDOWS\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {247BD142-0549-4E91-84B0-172C25563718} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {2BE65564-89D1-4396-A5CC-D7D9283FC4A1} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {392EB017-207C-42BF-A061-F3BE721F456C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {4793E451-ACEB-41EA-88D3-50393FA15334} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\msoia.exe
Task: {4B7EF56A-8A42-4BD2-BB5C-7C389AC54A37} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {4DC0D96B-9A83-46BE-A4FA-D9F0C9810774} - System32\Tasks\SoftUpdateDaily => C:\Users\Thorgrem\AppData\Local\SoftUpdate\SoftUpdate.exe
Task: {5700ACE8-D0AF-4BA7-98B6-1033521A877A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {5E4FAF01-346B-4712-A24F-105513D7FAC9} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {6E84A59B-1863-4B21-8BD8-C9B20FD15484} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {74C481D4-5369-48F7-AF12-59279E240F2D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated)
Task: {7883EEFF-AA96-405C-9356-ED73361F225C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\msoia.exe
Task: {7C7CF1DA-F461-4850-96B2-ADCA8A67E59C} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {807DC311-69F1-4EA2-86C2-4201310CF89F} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {8410D4E1-C03D-4B1D-858A-292FAEFCA5A9} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {8B5819AE-7B44-478B-A3D3-8846AF160A8F} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {92414D17-159E-434E-B69D-AF7B1735747B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-06-12] (Microsoft Corporation)
Task: {92ED6570-4654-4BFA-9A6C-1084C6939C16} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {997C8BBD-710B-4E66-B5BC-CC09575A58D2} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {A5D45ED3-F524-4574-8F39-527F3729D1E2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\WINDOWS\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {B5A67861-AA69-4B17-9FE8-AA5099D3D400} - System32\Tasks\GPUpdate => C:\Program Files\GetPrivate\gpup.exe [2014-06-19] ()
Task: {BB6F00A8-D239-4563-91F0-9DA017BDE449} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {C0D0F7C4-419F-41B3-90A2-FE79270B828A} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {CF5A1DDC-D14D-4D59-AD49-A19A645B087B} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DCF55BED-B1DF-4ABF-8D85-6542C7007799} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E1AC355F-9C80-4D2D-95AC-16B127E28843} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Therbreg-Thorgrem Therbreg => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2014-04-08] (Microsoft Corporation)
Task: {E4C8774A-2818-45A4-8A6D-11DDF6348886} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {E68C661F-75D1-4FBC-9657-0D9AEEF2CCD0} - System32\Tasks\JetBoost_AutoUpdate => C:\Program Files\BlueSprig\JetBoost\AutoUpdate.exe [2012-11-27] (BlueSprig)
Task: {F0D8184F-880A-4E6B-ABEF-903998A15E66} - System32\Tasks\GPUpdateCheck => C:\Program Files\GetPrivate\gpup.exe [2014-06-19] ()
Task: {F1D1F5C6-C90A-46E7-8F60-0026369BC00A} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {F49B30B6-AF06-4796-936C-6523EF7F0F80} - System32\Tasks\SoftUpdateLogon => C:\Users\Thorgrem\AppData\Local\SoftUpdate\SoftUpdate.exe
Task: {F615B43F-7D1D-4243-AC0E-82FFE5FBEFA5} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {FAB49829-3EE7-4234-BE84-277862F2A57C} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2014-04-17 22:28 - 2014-04-17 22:28 - 00203776 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 07:10 - 2014-02-11 07:10 - 03854336 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2014-02-11 07:10 - 2014-02-11 07:10 - 00618496 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2014-05-05 10:37 - 2014-05-05 10:37 - 00138320 _____ () C:\Program Files\Avira\My Avira\Avira.OE.NativeCore.dll
2014-05-05 10:37 - 2014-05-05 10:37 - 00065616 _____ () C:\Program Files\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-02-24 18:27 - 2014-03-04 14:34 - 00109000 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2014-05-27 20:23 - 2014-05-27 20:23 - 36966968 _____ () C:\Users\Thorgrem\AppData\Roaming\Spotify\Data\libcef.dll
2014-06-19 14:07 - 2014-06-19 14:07 - 00659470 _____ () C:\Users\Thorgrem\AppData\Roaming\InetStat\inetstat.exe
2014-06-18 22:18 - 2014-06-18 22:18 - 03852912 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-05-27 20:23 - 2014-05-27 20:23 - 00598072 _____ () C:\Users\Thorgrem\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-06-26 12:43 - 2014-06-26 12:43 - 01610776 _____ () C:\Users\Thorgrem\AppData\Local\Temp\GPUpd53ABF9460.exe
2014-05-27 20:23 - 2014-05-27 20:23 - 00886840 _____ () C:\Users\Thorgrem\AppData\Roaming\Spotify\Data\libglesv2.dll
2014-05-27 20:23 - 2014-05-27 20:23 - 00108600 _____ () C:\Users\Thorgrem\AppData\Roaming\Spotify\Data\libegl.dll
2014-04-19 12:27 - 2014-05-05 10:37 - 00049744 _____ () C:\Users\Thorgrem\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-05-13 20:37 - 2014-05-13 20:37 - 16361136 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll
2014-06-26 13:39 - 2014-06-26 13:39 - 00050477 _____ () C:\Users\Thorgrem\Downloads\Defogger.exe

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\Services: WlanSvc => 3
HKCU\...\StartupApproved\Run: => "CyberGhost"

==================== Faulty Device Manager Devices =============

Name: Programmable Root Enumerator
Description: Programming Support
Class Guid: {678dcf40-e2e6-11d5-8cd5-e960089ea00a}
Manufacturer: Mad Catz
Service: SaiNtBus
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (06/23/2014 08:49:22 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: Der Desktopfenster-Manager hat einen schwerwiegenden Fehler (0x8898008d) festgestellt.

Error: (06/23/2014 08:17:34 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Therbreg)
Description: Die App „windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy+microsoft.windows.immersivecontrolpanel“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.

Error: (06/22/2014 07:11:26 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (06/22/2014 07:11:14 PM) (Source: MsiInstaller) (EventID: 1013) (User: Therbreg)
Description: Produkt: AGEIA PhysX v7.11.13 -- Installation terminated

Error: (06/22/2014 09:22:10 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SystemSettings.exe, Version 6.3.9600.17055 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: f64

Startzeit: 01cf8dea8f83c240

Endzeit: 4294967295

Anwendungspfad: C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe

Berichts-ID: da43cac6-f9dd-11e3-afed-c86000570b4c

Vollständiger Name des fehlerhaften Pakets: windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: microsoft.windows.immersivecontrolpanel

Error: (06/22/2014 09:22:09 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Therbreg)
Description: Bei der Aktivierung der App „windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/22/2014 09:21:34 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Therbreg)
Description: Die App „windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy+microsoft.windows.immersivecontrolpanel“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.

Error: (06/21/2014 07:25:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Therbreg)
Description: Bei der Aktivierung der App „windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/21/2014 07:25:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SystemSettings.exe, Version 6.3.9600.17055 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 918

Startzeit: 01cf8d75b43f2814

Endzeit: 4294967295

Anwendungspfad: C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe

Berichts-ID: fd647f82-f968-11e3-afed-c86000570b4c

Vollständiger Name des fehlerhaften Pakets: windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: microsoft.windows.immersivecontrolpanel

Error: (06/21/2014 07:25:05 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Therbreg)
Description: Die App „windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy+microsoft.windows.immersivecontrolpanel“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.


System errors:
=============
Error: (06/22/2014 10:22:37 AM) (Source: DCOM) (EventID: 10010) (User: Therbreg)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (06/22/2014 10:22:07 AM) (Source: DCOM) (EventID: 10010) (User: Therbreg)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (06/21/2014 08:25:34 PM) (Source: DCOM) (EventID: 10010) (User: Therbreg)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (06/21/2014 08:25:04 PM) (Source: DCOM) (EventID: 10010) (User: Therbreg)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (06/21/2014 08:09:23 PM) (Source: DCOM) (EventID: 10010) (User: Therbreg)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (06/21/2014 08:08:53 PM) (Source: DCOM) (EventID: 10010) (User: Therbreg)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (06/20/2014 05:58:18 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (06/20/2014 10:06:53 AM) (Source: DCOM) (EventID: 10010) (User: Therbreg)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (06/20/2014 10:06:23 AM) (Source: DCOM) (EventID: 10010) (User: Therbreg)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (06/19/2014 10:01:39 PM) (Source: DCOM) (EventID: 10016) (User: Therbreg)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}TherbregThorgremS-1-5-21-729715285-913791145-1909180566-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar


Microsoft Office Sessions:
=========================
Error: (06/23/2014 08:49:22 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x8898008d

Error: (06/23/2014 08:17:34 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Therbreg)
Description: windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy+microsoft.windows.immersivecontrolpanel

Error: (06/22/2014 07:11:26 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert

Error: (06/22/2014 07:11:14 PM) (Source: MsiInstaller) (EventID: 1013) (User: Therbreg)
Description: Produkt: AGEIA PhysX v7.11.13 -- Installation terminated(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (06/22/2014 09:22:10 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: SystemSettings.exe6.3.9600.17055f6401cf8dea8f83c2404294967295C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exeda43cac6-f9dd-11e3-afed-c86000570b4cwindows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewymicrosoft.windows.immersivecontrolpanel

Error: (06/22/2014 09:22:09 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Therbreg)
Description: windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel-2144927142

Error: (06/22/2014 09:21:34 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Therbreg)
Description: windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy+microsoft.windows.immersivecontrolpanel

Error: (06/21/2014 07:25:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Therbreg)
Description: windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel-2144927142

Error: (06/21/2014 07:25:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: SystemSettings.exe6.3.9600.1705591801cf8d75b43f28144294967295C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exefd647f82-f968-11e3-afed-c86000570b4cwindows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewymicrosoft.windows.immersivecontrolpanel

Error: (06/21/2014 07:25:05 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Therbreg)
Description: windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy+microsoft.windows.immersivecontrolpanel


==================== Memory info =========================== 

Percentage of memory in use: 61%
Total physical RAM: 3582.11 MB
Available physical RAM: 1362.96 MB
Total Pagefile: 7166.11 MB
Available Pagefile: 4297.43 MB
Total Virtual: 2047.88 MB
Available Virtual: 1863.49 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.88 GB) (Free:136.32 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 26FD26FC)
Partition 1: (Active) - (Size=233 GB) - (Type=07 NTFS)

==================== End Of Log ============================

GMER hängt sich beim Scan auf, aber HijackThis funkioniert:

Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:51:14, on 26.06.2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17126)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\taskhostex.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
C:\Program Files\SmartTechnology\Software\ProfilerU.exe
C:\Program Files\SmartTechnology\Software\SaiMfd.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Users\Thorgrem\AppData\Local\Akamai\netsession_win.exe
C:\Users\Thorgrem\AppData\Local\Akamai\netsession_win.exe
C:\Users\Thorgrem\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Users\Thorgrem\AppData\Roaming\InetStat\inetstat.exe
C:\WINDOWS\system32\taskeng.exe
C:\Program Files\Microsoft Office\Office15\MsoSync.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Users\Thorgrem\AppData\Local\Temp\OCS\ocs_v71b.exe
C:\Users\Thorgrem\AppData\Local\Temp\OCS\Downloads\fc14996dfa99adfc7baae624196888c5\7b4e384f5b096b9656fee276ba88bb81\HiJackThis204.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1403179653&from=irs&uid=ST3250823AS_4ND0JF5PXXXX4ND0JF5P&i=psd&t=3445c393b
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1403179653&from=irs&uid=ST3250823AS_4ND0JF5PXXXX4ND0JF5P&i=psd&t=3445c393b
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1403179653&from=irs&uid=ST3250823AS_4ND0JF5PXXXX4ND0JF5P&i=psd&t=3445c393b
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.v9.com/web/?type=ds&ts=1403179653&from=irs&uid=ST3250823AS_4ND0JF5PXXXX4ND0JF5P&i=psd&t=3445c393b&q={searchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.v9.com/web/?type=ds&ts=1403179653&from=irs&uid=ST3250823AS_4ND0JF5PXXXX4ND0JF5P&i=psd&t=3445c393b&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1403179653&from=irs&uid=ST3250823AS_4ND0JF5PXXXX4ND0JF5P&i=psd&t=3445c393b
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files\SupTab\SupTab.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [ShadowPlay] C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap.dll,ShadowPlayOnSystemStart
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKLM\..\Run: [ProfilerU] C:\Program Files\SmartTechnology\Software\ProfilerU.exe
O4 - HKLM\..\Run: [SaiMfd] C:\Program Files\SmartTechnology\Software\SaiMfd.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKCU\..\Run: [CyberGhost] "C:\Program Files\CyberGhost 5\CyberGhost.EXE" /autostart
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Thorgrem\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Thorgrem\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Spotify] "C:\Users\Thorgrem\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart
O4 - HKCU\..\Run: [InetStat] C:\Users\Thorgrem\AppData\Roaming\InetStat\inetstat.exe
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync: Anruf per Mausklick - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync: Anruf per Mausklick - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\SupTab\SEARCH~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Avira Planer (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Echtzeit-Scanner (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: CyberGhost 5 Client Service (CGVPNCliService) - CyberGhost S.R.L - C:\Program Files\CyberGhost 5\Service.exe
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files\Common Files\MAGIX Shared\Database2\bin\FABS.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\Common Files\MAGIX Shared\Database2\bin\fbserver.exe
O23 - Service: IePlugin Services (IePluginServices) - Cherished Technololgy LIMITED - C:\ProgramData\IePluginServices\PluginService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvvsvc.exe
O23 - Service: Sandboxie Service (SbieSvc) - Sandboxie Holdings, LLC - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files\Tunngle\TnglCtrl.exe
O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe

--
End of file - 9506 bytes
Ich hoffe mal ihr könnt damit was anfangen, ich kanns nicht :P
Schonmal Danke im Vorraus!
Geändert von Therbreg (26.06.2014 um 14:13 Uhr)

Alt 26.06.2014, 14:17   #2
schrauber
/// the machine
/// TB-Ausbilder
 
[Win8 64) InternetExplorer öffnet sich ohne in der taskleiste aufzutauchen, spielt Sound ab, lässt sich nur durch Task Manager beend - Standard

[Win8 64) InternetExplorer öffnet sich ohne in der taskleiste aufzutauchen, spielt Sound ab, lässt sich nur durch Task Manager beend


hi,

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________

__________________
Alt 26.06.2014, 15:00   #3
Therbreg
 
[Win8 64) InternetExplorer öffnet sich ohne in der taskleiste aufzutauchen, spielt Sound ab, lässt sich nur durch Task Manager beend - Standard

[Win8 64) InternetExplorer öffnet sich ohne in der taskleiste aufzutauchen, spielt Sound ab, lässt sich nur durch Task Manager beend


Gesagt, getan. Vielen Dank für die schnelle Antwort, hie ist der Report:

Code:
ATTFilter
15:50:05.0588 0x0f44  TDSS rootkit removing tool 3.0.0.39 Jun  5 2014 20:35:54
15:50:20.0077 0x0f44  ============================================================
15:50:20.0077 0x0f44  Current date / time: 2014/06/26 15:50:20.0077
15:50:20.0077 0x0f44  SystemInfo:
15:50:20.0077 0x0f44  
15:50:20.0077 0x0f44  OS Version: 6.3.9600 ServicePack: 0.0
15:50:20.0077 0x0f44  Product type: Workstation
15:50:20.0077 0x0f44  ComputerName: THERBREG
15:50:20.0077 0x0f44  UserName: Thorgrem
15:50:20.0077 0x0f44  Windows directory: C:\WINDOWS
15:50:20.0077 0x0f44  System windows directory: C:\WINDOWS
15:50:20.0077 0x0f44  Processor architecture: Intel x86
15:50:20.0077 0x0f44  Number of processors: 4
15:50:20.0077 0x0f44  Page size: 0x1000
15:50:20.0077 0x0f44  Boot type: Normal boot
15:50:20.0077 0x0f44  ============================================================
15:50:20.0448 0x0f44  KLMD registered as C:\WINDOWS\system32\drivers\40101284.sys
15:50:21.0030 0x0f44  System UUID: {9E58CEEC-A866-59DD-30CB-E3D7C37D542A}
15:50:21.0735 0x0f44  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:50:21.0756 0x0f44  ============================================================
15:50:21.0756 0x0f44  \Device\Harddisk0\DR0:
15:50:21.0767 0x0f44  MBR partitions:
15:50:21.0767 0x0f44  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C4542
15:50:21.0767 0x0f44  ============================================================
15:50:21.0826 0x0f44  C: <-> \Device\Harddisk0\DR0\Partition1
15:50:21.0826 0x0f44  ============================================================
15:50:21.0827 0x0f44  Initialize success
15:50:21.0827 0x0f44  ============================================================
15:50:57.0560 0x1120  ============================================================
15:50:57.0560 0x1120  Scan started
15:50:57.0560 0x1120  Mode: Manual; SigCheck; TDLFS; 
15:50:57.0560 0x1120  ============================================================
15:50:57.0560 0x1120  KSN ping started
15:50:59.0986 0x1120  KSN ping finished: true
15:51:01.0142 0x1120  ================ Scan system memory ========================
15:51:01.0142 0x1120  System memory - ok
15:51:01.0142 0x1120  ================ Scan services =============================
15:51:01.0345 0x1120  [ F7B9F821CF1C31B266F60A5733F8119A, F6CD1745CCE5F3023AA71BEBDD90ABF53AAB7BAC30FE6D28EB0CE73A46346875 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
15:51:01.0459 0x1120  1394ohci - ok
15:51:01.0522 0x1120  [ 57F7923ACC5009218F6591B3C0F62E07, 2C55C3C05063A87AA3B8B4E229F473104DE3643B1905214F75643332F60AD77F ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
15:51:01.0553 0x1120  3ware - ok
15:51:01.0600 0x1120  [ 97E855ABBF94A5B979BB3070833AE71C, 1BE118C8E9DE6C37D4B64980824B01552B18F468E710C5313CBBBAC4458F3CED ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
15:51:01.0616 0x1120  ACPI - ok
15:51:01.0662 0x1120  [ DCA3C5F55150B3AEB8B75A5E8D1156DC, 5BECBA14872511E9195B66F5BA290C80978C0DFFB08FABB8C5502D6F4B2927B9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
15:51:01.0662 0x1120  acpiex - ok
15:51:01.0678 0x1120  [ EE103776F838AE570EDBB2C1FB1356AF, 893FE536EEC3E9FBF08FBF3491DD96939DD92879E321A24E1AB4C6F7C5C84961 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
15:51:01.0709 0x1120  acpipagr - ok
15:51:01.0741 0x1120  [ AC1BAD06E47D090C553FDEEAD1A7C463, FF4A46E0811B6857DDF1C8FB35E1D99CF2C13D7139FEC574B797F09CA0DC95CA ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
15:51:01.0834 0x1120  AcpiPmi - ok
15:51:01.0866 0x1120  [ 519FA16CFE54F107861501D852322AEF, AC81AEAABF7C97F90769A8EE789449DB413815C2634999AE0C5825BF40656505 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
15:51:01.0883 0x1120  acpitime - ok
15:51:01.0946 0x1120  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
15:51:01.0992 0x1120  AdobeARMservice - ok
15:51:02.0071 0x1120  [ 09E7C37DF4A911C8A9AA8BF88ACD10AA, E881E0BBDCED58F28E0BA8DC27372EDFFFF2C57EE31CD13A032FDC9F7C831B5A ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:51:02.0086 0x1120  AdobeFlashPlayerUpdateSvc - ok
15:51:02.0164 0x1120  [ D614199DF507F1047D2C9ADB89BDD49E, F858794161F40660CDFEDA895A3B924364F74F8D6165947A7605A3C695D9EE7D ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
15:51:02.0196 0x1120  ADP80XX - ok
15:51:02.0242 0x1120  [ 38ED16BD714BD8AB7A1D78568E2C5B22, D03E82A895DC9F47488D4DDF4C47D241364F2FAFCA9C76576C934403BEFC046B ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
15:51:02.0336 0x1120  AeLookupSvc - ok
15:51:02.0383 0x1120  [ 216D830A67387CF922FEDC0DABA9BDFF, E8BE15B80E0228BAF2B0E7E65996B5F17231CEE89304B97AFDC69B0DF2E43A0E ] AFD             C:\WINDOWS\system32\drivers\afd.sys
15:51:02.0539 0x1120  AFD - ok
15:51:02.0586 0x1120  [ 7A706DCF874214097A30694D3B686866, C565B0A0F59A79259D0D3958FF3FAAE252FCC2BF3964C426B37F8C3830A0C216 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
15:51:02.0602 0x1120  agp440 - ok
15:51:02.0617 0x1120  [ 25815816E0032A26D2FE5FDA7F9A2BB7, F10F59CE1EB099BA7D6923BA7C8712E1D2E03C31A194F47A6B4CC824B479104B ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
15:51:02.0680 0x1120  ahcache - ok
15:51:02.0727 0x1120  [ F0393267267B7E0EFD1E987781783B9F, 90BC0B0FA5DE930650104C9D3ED76A90EDB99DCAD097FAF964B1705BD2BE6825 ] ALG             C:\WINDOWS\System32\alg.exe
15:51:02.0834 0x1120  ALG - ok
15:51:02.0928 0x1120  ALSysIO - ok
15:51:03.0006 0x1120  AMD FUEL Service - ok
15:51:03.0022 0x1120  [ E7E154969EEDB8E8FC2C80DF690A175A, 3015D83058BF9B018473823B596F4F9F1A348E3ED2724C51CB9776E76082C479 ] amdagp          C:\WINDOWS\system32\drivers\amdagp.sys
15:51:03.0037 0x1120  amdagp - ok
15:51:03.0100 0x1120  [ D9707ECC59834964EBA0D9D6C87305F6, EEC61004B16B4E1582D55D00C7A6DF497E72EC2B81A301B383584F5D6DFADCF0 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
15:51:03.0194 0x1120  AmdK8 - ok
15:51:03.0240 0x1120  [ 7E4E0841365A02F77BD8497CCE347179, 915506A214730851CD789A4E0D1AC6501706D56929CD8AFB30BF77E4618AE574 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
15:51:03.0293 0x1120  AmdPPM - ok
15:51:03.0305 0x1120  [ 5558A0EB3082EAC88C0578ABCE0C707D, 46DDFFE4E3DC5E98B06CA6DCF508C8B7BBCD1C9BED8DFA74B48AA08498E76EF2 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
15:51:03.0321 0x1120  amdsata - ok
15:51:03.0356 0x1120  [ FB1A73A850C812F63BA9D174AB97BFB6, D15ECB48ECC459E564386101178E4E698B84B7763ABBC022F6D617CC5623F755 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
15:51:03.0372 0x1120  amdsbs - ok
15:51:03.0387 0x1120  [ 43352B9C7917984404F893AD10468F63, 26270C5FBECF1D2E91ABB589196F3B57C46D5C941594D12EEA1A6BAD60B2E28A ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
15:51:03.0387 0x1120  amdxata - ok
15:51:03.0481 0x1120  [ 4C14746BCBF9985BDBF1CD1BEED96DF8, 8EF50FBD98C9AFD85F5D08692E7AEC21812B70074AA0DC6DCDFDBC2FFE34A75D ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
15:51:03.0512 0x1120  AntiVirSchedulerService - ok
15:51:03.0543 0x1120  [ 4C14746BCBF9985BDBF1CD1BEED96DF8, 8EF50FBD98C9AFD85F5D08692E7AEC21812B70074AA0DC6DCDFDBC2FFE34A75D ] AntiVirService  C:\Program Files\Avira\AntiVir Desktop\avguard.exe
15:51:03.0559 0x1120  AntiVirService - ok
15:51:03.0606 0x1120  [ 6E8510A72549883DA01882DB6A096538, C53590E5CBDEB073470CA2DD91696AD0851F023324CD06BF68533AFC331D9283 ] AODDriver4.3    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys
15:51:03.0621 0x1120  AODDriver4.3 - ok
15:51:03.0653 0x1120  [ 744F52D39EE8B38B85A047B6AFFE8696, 67594BD57863C48559B690D0C6FB2376B9ACBF7645232EE259464D54B786C5A8 ] AppID           C:\WINDOWS\system32\drivers\appid.sys
15:51:03.0762 0x1120  AppID - ok
15:51:03.0809 0x1120  [ 74A94E7CE70DAABD1929F605392F3632, 4434B89229E220B35E071E63A478C67F9607AF5F17A4C2C0FEB8DA5E8E77C11E ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
15:51:03.0886 0x1120  AppIDSvc - ok
15:51:03.0918 0x1120  [ 63F348EC88ACA15279C68A034040AF73, 8DB4AEB894AF959E73E4392C24F9F5B0CCF82FC08FD854D424F1C2A44B2E5023 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
15:51:03.0980 0x1120  Appinfo - ok
15:51:04.0011 0x1120  [ D45B9E7A13866AEEF0AAD9E60A24C604, 87911A658343575579F63A50CF93A8A69EEB64AC9E1EF692787CB1509E89CAF4 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
15:51:04.0136 0x1120  AppMgmt - ok
15:51:04.0199 0x1120  [ 0016BF6CCFCBEE39188861476B700D8B, 8E90B8BA4C94E7CF4E970C2ACE34FD510E2A1643AC041F4C51D8CF1EE1A0DA4E ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
15:51:04.0339 0x1120  AppReadiness - ok
15:51:04.0433 0x1120  [ D07789299DA4D79B123336534E960F62, E98CD0B2B80A71D8B7BCD152196B4D8B2B56EE39C798C35CB33C6D82C5C314A5 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
15:51:04.0558 0x1120  AppXSvc - ok
15:51:04.0589 0x1120  [ 0554DE27A3B4527C000073CEA0E84D1B, 526AA2C3B88AB21331C6DAA40F0443AE3437D673DECC330E7433F9FDC7ADDB54 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
15:51:04.0605 0x1120  arcsas - ok
15:51:04.0621 0x1120  [ 72FCAE2CE6DFEAB2AB072435017F3417, 1081DAD1DEC8956D7A0D2CE9AF5DCDC56620436B161A7D749EDE769AAE73F2D6 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
15:51:04.0636 0x1120  atapi - ok
15:51:04.0668 0x1120  [ D6BB129AB4F45174432D88C0B768E3A6, 32659D2DB33879B4368700C22B57208BFE3D5D257C15D632C169C19AD78BDD3F ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
15:51:04.0730 0x1120  AudioEndpointBuilder - ok
15:51:04.0777 0x1120  [ F5DB09E62DD1F1864C8DCF596645B540, 3B200F7835A1D468353D19821199F24ABB38C35716D652736382BF7775E3D807 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
15:51:04.0824 0x1120  Audiosrv - ok
15:51:04.0871 0x1120  [ B0A63DD71CB0CB597D8BD5C364E73F7C, 572B31F3FC962F50110D42A08CDD0614323E18C213575710CEEFA35EE7CAE8C5 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
15:51:04.0871 0x1120  avgntflt - ok
15:51:04.0902 0x1120  [ 05AF7CBF0BDA1571BBADC36703EB9CA4, 3925AD58053769D317D3CF0DDDF7371B010F2F4C839CF7B44F327AE9D0AB5442 ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
15:51:04.0918 0x1120  avipbb - ok
15:51:04.0964 0x1120  [ A5CD26F34F4D6E4DFB6B2D400572AB52, 312C66FE881C10A39CF059EF0F3927B6793BD7A88153FC346AA327E9A592DE57 ] Avira.OE.ServiceHost C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
15:51:05.0011 0x1120  Avira.OE.ServiceHost - ok
15:51:05.0043 0x1120  [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys
15:51:05.0058 0x1120  avkmgr - ok
15:51:05.0089 0x1120  [ E8EB0D954F852612B5558A2FA48141EF, 9EAFADF021D18BF7EBB9A0F3D7896EE4C4D144FE471447BECE1555FB3FF4148E ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
15:51:05.0167 0x1120  AxInstSV - ok
15:51:05.0199 0x1120  [ 235EAE5E6E5F3F0DD49DA9204F86976E, 6F29B9E36C54717E94DBF346FEF5145A2CAEBA4C1BB336E4023C5A7FE09B5290 ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
15:51:05.0286 0x1120  BasicDisplay - ok
15:51:05.0339 0x1120  [ 363392A3AF1630C9D3A7B9A31267B5B3, C1F084BFCC05EE56585860DF4729198C72475AC75A2A38FD4D1551D8CA3A9EA3 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
15:51:05.0418 0x1120  BasicRender - ok
15:51:05.0449 0x1120  [ 596DB7E4D0DB6AC32DF142C861001979, D7E2C2334F286778A485391C0E0BA19DE2A7D2C3B94A74563C57D55EB0A8E858 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
15:51:05.0449 0x1120  bcmfn2 - ok
15:51:05.0496 0x1120  [ BB66D3F11B9D1A71C14AA9175BA308E1, C110DA0892A6C4507D22537CD83DC8D923935624507F8C04B89D41367DD61ADC ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
15:51:05.0621 0x1120  BDESVC - ok
15:51:05.0652 0x1120  [ 38058AF65F15D0E9E1A5A9B8E75B0757, C7855B39DEAF8AE6E87FBF44FADD3344D69AC71AAC8737EA6FF21435685189F7 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
15:51:05.0715 0x1120  Beep - ok
15:51:05.0761 0x1120  [ F871C1523C46C935FDC7B11CC737625B, 98BA6030AF7BD49FAA14B2BBC2311052CF4968864B417442118044F04B7A7920 ] BFE             C:\WINDOWS\System32\bfe.dll
15:51:05.0836 0x1120  BFE - ok
15:51:05.0904 0x1120  [ CF61A9210872D1C98FA82593A5A3EFA1, E4732961BB3D9220E692646D1B16984B375D8BD65B1881B25F9BD35FB1B0AFD2 ] BITS            C:\WINDOWS\System32\qmgr.dll
15:51:06.0029 0x1120  BITS - ok
15:51:06.0061 0x1120  [ BC1FC15A5B1FAE717CE441537590FDD3, B16A29C37AAFD8BB63E96211A7B01A206E3370904F942DE0D85AAFE8EF49A8E9 ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
15:51:06.0154 0x1120  bowser - ok
15:51:06.0201 0x1120  [ EE34AA2092B0FE415064B726EEB7EC24, C404E2A3BC02C33B8AC9329985D2C1029C3A7CCB651240A790A11544E2B397BC ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
15:51:06.0217 0x1120  BrokerInfrastructure - ok
15:51:06.0248 0x1120  [ B64CCCB190CB29C3D376932DE1F1281B, 994C36CA6F6CD61F3607D3B226E8A5F362A5C254C936EABF234A6EEF516A7ED8 ] Browser         C:\WINDOWS\System32\browser.dll
15:51:06.0342 0x1120  Browser - ok
15:51:06.0389 0x1120  [ AB17BF4F2ECCCF158F508A15E0E9347B, AAA630EC07B30B05292FACF5DAB86D229229DCBA9C498F04873CABF46F328979 ] BthA2DP         C:\WINDOWS\system32\drivers\BthA2DP.sys
15:51:06.0451 0x1120  BthA2DP - ok
15:51:06.0467 0x1120  [ 48590B2DBCE55AC0DF0F7A3F23204CBF, CA57095FD6979A937FC26E9E4D804C8FA7248B36D84159D746F9FC8BADF08365 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
15:51:06.0498 0x1120  BthAvrcpTg - ok
15:51:06.0529 0x1120  [ 9CDC68D1B3D7EE582BA0550E738163B9, 57E01C109ECB3EA6C52F7C4ECE34D53B29DC1BE9C7F83E98B52B90E22BE52423 ] BthEnum         C:\WINDOWS\System32\drivers\BthEnum.sys
15:51:06.0670 0x1120  BthEnum - ok
15:51:06.0701 0x1120  [ 84CF99F7190D54D4C72E0F5D008BF88C, 585A87EC0A57057727D58A8D9B9ACDE90861AFB4BF4FBEF07C451A7EDF5DB96F ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
15:51:06.0733 0x1120  BthHFEnum - ok
15:51:06.0764 0x1120  [ 1C0791BC4DC2AE0B41F8E84CD3154929, FEA1FF46493C6638E08FC2FBBFB66B9922680BB649B99695ADACF05713962A78 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
15:51:06.0795 0x1120  bthhfhid - ok
15:51:06.0842 0x1120  [ 46F0B06DE544DF0E270BCB345E1768AC, C6D6CF456C8A6C973EEF1C127477E2D1CC2669C22CB675831FC385CAB0AA88F4 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
15:51:06.0873 0x1120  BTHMODEM - ok
15:51:06.0889 0x1120  [ 9308DF4D128C2124D45DD31F5AEFCD31, CC156C2901FA7CF44843D26D931A593658E358538556870EE705B48AD37CF797 ] BthPan          C:\WINDOWS\system32\DRIVERS\bthpan.sys
15:51:06.0982 0x1120  BthPan - ok
15:51:07.0045 0x1120  [ 6391FC0B7855B53FFB5D5CEEA200EEA3, ACB13306A0544B9870029CA065AAA652F53DA4D8FAF8859B2666007843B47690 ] BTHPORT         C:\WINDOWS\System32\Drivers\BTHport.sys
15:51:07.0092 0x1120  BTHPORT - ok
15:51:07.0123 0x1120  [ D0AD9879CC58ABB122EC0BF0F7B3925C, 09B3ECE40AA008B4E11955CE15453AC9F9262895E0568CEE2A169A0FE9526080 ] bthserv         C:\WINDOWS\system32\bthserv.dll
15:51:07.0186 0x1120  bthserv - ok
15:51:07.0217 0x1120  [ 3653C6E5405E5CA767E3D664D21AE379, F3426A206A23B77383E15673C2C208DCA840524FA39E0AF969B74E6F351478B4 ] BTHUSB          C:\WINDOWS\System32\Drivers\BTHUSB.sys
15:51:07.0248 0x1120  BTHUSB - ok
15:51:07.0270 0x1120  [ CE232BB0965C0C0B786C3F976CCBFB7D, B3EF33018585A1B0B560E774C6127354E45805F01779C5931C345853F9EFD48C ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
15:51:07.0293 0x1120  cdfs - ok
15:51:07.0325 0x1120  [ E2FC132D48EA4E8B04432C33EFB77801, 732BCDFA8975FB54DD0EAF0D208CBD361CA2E9C68B82212481C843E2ED1C5237 ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
15:51:07.0355 0x1120  cdrom - ok
15:51:07.0382 0x1120  [ 8EA77992FACEB94182B9610FA4A06A68, 18AC5B03A3B7FA783596B8BD63DC01F9C36520AEA5264AFD99CD9207F538C931 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
15:51:07.0461 0x1120  CertPropSvc - ok
15:51:07.0523 0x1120  [ 085BC9AECCEE58BDCFFD652524067F91, DA75EC021870DBB666CD663B279633B1DA1E9D3E36A6AE87056712B6C1DB2404 ] CGVPNCliService C:\Program Files\CyberGhost 5\Service.exe
15:51:07.0570 0x1120  CGVPNCliService - ok
15:51:07.0601 0x1120  [ 98294CE233DE8687CEEC29BD632107D0, 91DCAD303EB49A0321E3991A7B77E77672A87B32B55656A6D9471F10F1C2EE27 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
15:51:07.0648 0x1120  circlass - ok
15:51:07.0695 0x1120  [ 7559018F0024F00AC00198F18C6A0426, 29280C458A1C0F43D410E8582811D61A2ED5D7D8104FA5B17BB15E02DB080964 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
15:51:07.0710 0x1120  CLFS - ok
15:51:07.0757 0x1120  [ 6D46D1CCDA47E9B76F2D7FF4417D31AD, 8AA40C74C284EBF78FB60D64614BC87BD8C1592AD0EFB03D0DEE7F0265050019 ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
15:51:07.0804 0x1120  CmBatt - ok
15:51:07.0877 0x1120  [ C40F5940DDDCCFFEB8C3E55CDE1A3E0C, FE31772059442437306C5C2621E3FA2AF82BD8782B35F0EFB48A1A53046488BF ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
15:51:07.0897 0x1120  CNG - ok
15:51:07.0913 0x1120  [ EC086CEEC479CEDAD294D64D819CAABE, 07202C26C0691CE1C83112439FFDD9F4151B3FB16AE63A3B8F35D235C59D005B ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
15:51:07.0928 0x1120  cnghwassist - ok
15:51:07.0928 0x1120  [ F89853991E6A03526E17E4AE5239FD98, E10FBF25FCFA42D7D495B013B327E090517797E654FFAEA0A4D4F212A6A5D5CC ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
15:51:07.0960 0x1120  CompositeBus - ok
15:51:07.0960 0x1120  COMSysApp - ok
15:51:07.0975 0x1120  [ C8A7949EBAC42923D59B2C2630D2AD84, F5828C42AC40B873A09879F80B8C5F51ED36F9633A11A2A34846BBB890A416B9 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
15:51:08.0038 0x1120  condrv - ok
15:51:08.0085 0x1120  [ 1D0EF66A01276C2562A84E4C23C19F61, 791DC91B3348A24728165DC8E571FB02D068AF3E80D77DC32194DE083087BB48 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
15:51:08.0163 0x1120  CryptSvc - ok
15:51:08.0241 0x1120  [ 0B74231D179C53D34158554C65821D3B, 38157084D67FA80AAE526E5ABF1241FA3FA83185068B39C31670F12DD7E4B247 ] CSC             C:\WINDOWS\system32\drivers\csc.sys
15:51:08.0288 0x1120  CSC - ok
15:51:08.0335 0x1120  [ 4192B0B338B00B6E36A942287D68CF1E, 7075263FCE163F0AC2D2F6EA4C3F12D324CDC835EC9C677BEB72A4208916E45B ] CscService      C:\WINDOWS\System32\cscsvc.dll
15:51:08.0382 0x1120  CscService - ok
15:51:08.0397 0x1120  [ 2ECC9D6E0104409B441EA7095233F323, 82F9340A98DEF7CA4DDDBF27EAF23C9E829F87863C11E81445A776B366A00CA8 ] dam             C:\WINDOWS\system32\drivers\dam.sys
15:51:08.0429 0x1120  dam - ok
15:51:08.0475 0x1120  [ 05C0337538BEECC04FC695808EFF201C, DC32234686D38A7DD35DFE6AC9CB55F0DDAD8B463EE6B20857CC45884F00C093 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
15:51:08.0585 0x1120  DcomLaunch - ok
15:51:08.0647 0x1120  [ 0586EBA2C2741193863CE0B07050E15D, F929EF50F0E779C58EC449F8BE32961A468CAB2C33566FA61B60BBD303C39988 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
15:51:08.0741 0x1120  defragsvc - ok
15:51:08.0804 0x1120  [ CB7581E95D45B89503D6290277B3AEBA, E6645951628600EA62CE52CBF1CC2BFA46AFD429072B8CAB52530D93306CFCC0 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
15:51:08.0848 0x1120  DeviceAssociationService - ok
15:51:08.0864 0x1120  [ 7F4B79568DD6BEC3ECC80C2AE93DC749, E21DFE1B4D3B2BF3B4C65AB5D2A875453EED66AD9958CB3FD4840EA057756474 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
15:51:08.0926 0x1120  DeviceInstall - ok
15:51:08.0958 0x1120  [ 55758EBBC45E1628161121D7CFEAD4A1, 566B90D1600B5B0F71B85B7B5F775D3E77C3B8C73CE13A848784A9EC74478C80 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
15:51:09.0051 0x1120  Dfsc - ok
15:51:09.0098 0x1120  [ 9732BF17608F83AEFB792F0A6F024797, 3178F162CD1FDF8F9821A26279542080D7A21B36A92799DCAFD1DF009FFA5EED ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
15:51:09.0208 0x1120  Dhcp - ok
15:51:09.0254 0x1120  [ 832BDA661E26792B5512FC641A177F26, 10D4E4D2AE0974A48D6B5E8A294B4B53250B0BC6CA00EBBFE1F6119DD67509F8 ] disk            C:\WINDOWS\system32\drivers\disk.sys
15:51:09.0280 0x1120  disk - ok
15:51:09.0309 0x1120  [ 0357F5F7C542249D8EAA4E6FCC69EE91, E23B6657E1126603D195145BED77AA239625057A28378AF535E5A3A7A4D1F36D ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
15:51:09.0399 0x1120  dmvsc - ok
15:51:09.0446 0x1120  [ A47341D3C4D2FB3984BDCAF00AE4A6C7, E612CE37EF1C1F1090A95452349BA47CA9580A3928C7B3E1C5784117018F3E76 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
15:51:09.0493 0x1120  Dnscache - ok
15:51:09.0540 0x1120  [ EB46660185B04E24A66344699B5A3866, ADBF72CE72982D4C4F7D7DAC4DF0511FED3D7C936B9A1152E91C83ED6ADBEC51 ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
15:51:09.0618 0x1120  dot3svc - ok
15:51:09.0649 0x1120  [ F57ECB784590B2C7A974EE22EA16BE5F, 5A252316036C9A0DAAF27008D2C139A225E21736464E32C85709C39FC63DC2B1 ] DPS             C:\WINDOWS\system32\dps.dll
15:51:09.0727 0x1120  DPS - ok
15:51:09.0759 0x1120  [ 115B0BCB58F274B46A9C6A5615C4B925, 2F66228A3BC128FDA2356CE5BE7386E91AB9CA155F4E4B45B8BC7D4D02361589 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
15:51:09.0774 0x1120  drmkaud - ok
15:51:09.0806 0x1120  [ 57B0E7924571AFC1F4617749D17C7BFF, 7A1E4E7B5AC1849D020B2DA67B07CAC86CD5D378727AC340376558FDCE1A1C7F ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
15:51:09.0837 0x1120  DsmSvc - ok
15:51:09.0917 0x1120  [ 00C161B3D20AE0F9C7C3C0EB53AB7155, 38FE83B482FA580B292F7DFC8B372C78AECD6FF53EC41EB7BF4A2461827CDD64 ] dtsoftbus01     C:\WINDOWS\System32\drivers\dtsoftbus01.sys
15:51:09.0932 0x1120  dtsoftbus01 - ok
15:51:10.0010 0x1120  [ 38EC892387B603803C12C87D95C67AAB, F8F2E1AC36174ADFF1D45445C93DAA399B163A18753400101B237F15EC24CDD9 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
15:51:10.0073 0x1120  DXGKrnl - ok
15:51:10.0104 0x1120  [ BC17CF644AD174F7558D1DCB7D1D488E, 66DC5F0E4619F95674E553A09DA5558F1545B98F042D3D0298288D071F998B00 ] EapHost         C:\WINDOWS\System32\eapsvc.dll
15:51:10.0182 0x1120  EapHost - ok
15:51:10.0213 0x1120  [ F33BFCBBBAACE7208DB433B6CCA98930, 46E994BE4A2EA4D324C8B78CF9276F4805EA47046CBC7AD37401AA77E13C75FB ] EFS             C:\WINDOWS\System32\lsass.exe
15:51:10.0213 0x1120  EFS - ok
15:51:10.0260 0x1120  [ AECFDE05D120822452BA8F606841B3FE, DC89D894C9C25E164DD409C31937D6E85824F504D3F834BE8B9DAC61819BC844 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
15:51:10.0276 0x1120  EhStorClass - ok
15:51:10.0307 0x1120  [ BFDF5BA2B770B358CA607109240A739D, 20007ED67456BF90F080B4FC4BBA699CB0F2F10216B63350C0B6F9F4D7C5D1CB ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
15:51:10.0323 0x1120  EhStorTcgDrv - ok
15:51:10.0323 0x1120  [ 6E7FD164E20C50F5A2D49AD0218FF4AE, 0625C6875E703AC0059B5DE55AE6BF725D337C168C499F79D2E772EBAC107EA6 ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
15:51:10.0354 0x1120  ErrDev - ok
15:51:10.0417 0x1120  [ BC4E13AFEE0B35D87CE8F49EF5DF5634, EA6E7C135EE660070AD823F3D2BB940124FF7EDA599DAF7B7B86CCC58DC0BE5A ] EventSystem     C:\WINDOWS\system32\es.dll
15:51:10.0479 0x1120  EventSystem - ok
15:51:10.0510 0x1120  [ 630E4FAFAE692F2D2D3835A4F37A583C, 282C2051F4BDA060958529E4A1F799DB91CA0855B804FF2F6E19EFF913533FE1 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
15:51:10.0557 0x1120  exfat - ok
15:51:10.0604 0x1120  Fabs - ok
15:51:10.0635 0x1120  [ 2B731E0CF73B392B1923078F464D96DB, 741AE561704A0EF464EB6184C3353188AD6150A5B10130DF0E96D31CE821AD0C ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
15:51:10.0651 0x1120  fastfat - ok
15:51:10.0713 0x1120  [ 1FE12BBB957D8D74DDACF51F40B1358F, E8E565E332EADEDB543AE451CD446BE6CDC1079798A9598B868943A434416E84 ] Fax             C:\WINDOWS\system32\fxssvc.exe
15:51:10.0823 0x1120  Fax - ok
15:51:10.0838 0x1120  [ F2D60D87B15FF8ABBDA27371EBBEFE0B, EC2B48A3E259449E7C388C31BEF8ECF8B3CA9CB851CBE90E97673CE093CB4863 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
15:51:10.0885 0x1120  fdc - ok
15:51:10.0917 0x1120  [ D6AEDD0E959AC11665BEABA0EC470A2B, 731295F996D1AD143FF788E3041B0D8E21C5F6C3ACDAE6662A1598E86545C84B ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
15:51:10.0979 0x1120  fdPHost - ok
15:51:11.0010 0x1120  [ A04078C96EDF2D475B76B23D35967344, BB37D73D2899EF60080B5CBCA6FFB14E82933C717F9316025757EB17A0A64E00 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
15:51:11.0042 0x1120  FDResPub - ok
15:51:11.0057 0x1120  [ 472A9FFB696FD557828DEBD606FBD819, 5F8C8C5E5DF762A5E9CD4D82933F5BD881C6768194125A53FFBF81F8E8E5AC29 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
15:51:11.0088 0x1120  fhsvc - ok
15:51:11.0120 0x1120  [ 878BE2CD1B68000D4BEEE293267B19CB, 136480B18E145E681C756792B57163349D49521A6DDEA78745E896F1EAB24B17 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
15:51:11.0120 0x1120  FileInfo - ok
15:51:11.0151 0x1120  [ 5C427FD4AFAEAC08882A70EDA5013AF8, 74FDB9218D18154D6C541A835A54F17A88C6BE4EFA0A0C94BD642A752A500B0A ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
15:51:11.0213 0x1120  Filetrace - ok
15:51:11.0349 0x1120  [ FFF1130F7C9FA01D093A1EDFC5CCE8FC, 159EAA1893D871C309A063829CB3BC51A019FBCA1E07530B5CA1A382B2CCAF61 ] FirebirdServerMAGIXInstance C:\Program Files\Common Files\MAGIX Shared\Database2\bin\fbserver.exe
15:51:11.0482 0x1120  FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic ( 1 )
15:51:13.0997 0x1120  Detect skipped due to KSN trusted
15:51:13.0997 0x1120  FirebirdServerMAGIXInstance - ok
15:51:14.0044 0x1120  [ BB2091E613F6F06F24FF9507E0FAA20B, EFACAE4F4E586120C30C48EA503EC679E37D3BDE9052FE7392D6C81E8AE5010C ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
15:51:14.0076 0x1120  flpydisk - ok
15:51:14.0107 0x1120  [ 0E647295EA5573F06DDD42F0FDFF254A, 5051F269A431ED83B8DB70E4945C1CDC4D74481AFA71E30D389B47E1093D306F ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
15:51:14.0154 0x1120  FltMgr - ok
15:51:14.0341 0x1120  [ ED4BA3B6CD98646F392858C8110307FF, 853BD974F62DD580AB7172F99B81EBA4BFFC39C294F927DABF4BF4118F3736EB ] FontCache       C:\WINDOWS\system32\FntCache.dll
15:51:14.0497 0x1120  FontCache - ok
15:51:14.0622 0x1120  [ 7B47332931E0B083D09F1E7FBDD3F147, D7812D0109291BCB5268913498E66F817009E8262050F546AD16B5FAC47F8CCA ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:51:14.0685 0x1120  FontCache3.0.0.0 - ok
15:51:14.0716 0x1120  [ 73F944AA04157781172CAD535AB6E172, 6C2FB6C0D4A10924A845A1CF18A98206EEAAB8243A0B36AEEC78B047BFFCDDAF ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
15:51:14.0716 0x1120  FsDepends - ok
15:51:14.0732 0x1120  [ 6496F5E84CBC8C6D697939D6518D9B7A, 1E518FC7B478356E997E86FDD06A01A6833407C25F67A85CC91A49EC6F2EAEB1 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:51:14.0748 0x1120  Fs_Rec - ok
15:51:14.0848 0x1120  [ 4ABC12A6AD3B6AE6364F6B912FC1A8E3, 13692FDA4DD7035C22C628B9353ACDDF816F39CEA9855D4D7BE81D77825CEC50 ] fussvc          C:\Program Files\Windows Kits\8.1\App Certification Kit\fussvc.exe
15:51:14.0899 0x1120  fussvc - detected UnsignedFile.Multi.Generic ( 1 )
15:51:17.0439 0x1120  Detect skipped due to KSN trusted
15:51:17.0439 0x1120  fussvc - ok
15:51:17.0501 0x1120  [ A58318CA9F98AAB207D4C84868490D1D, E57DEF96B69A7ED25EC37DE41BF5F1F3A57A5B2729BC615E9785F0EDF5E75346 ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
15:51:17.0532 0x1120  fvevol - ok
15:51:17.0564 0x1120  [ B3CDDF19F6201210B8785FFD642A1632, 35A664BD1C51F9F448CADA2B82276F378BA65188D175C00515EBBD06E91641AC ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
15:51:17.0579 0x1120  FxPPM - ok
15:51:17.0611 0x1120  [ 2DC88A077B783AFD416CDEE7BDE63868, C016325071D88371753C4049749C26C8D58FE8D787533B3289DB1D523E6F076B ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
15:51:17.0611 0x1120  gagp30kx - ok
15:51:17.0642 0x1120  [ 2156802A56276A97FB6892412A0B899D, F97F253D7EE992A427D2A4F12601893FCEA93975547A7CE5D8C2DF25ABD23A97 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
15:51:17.0673 0x1120  gencounter - ok
15:51:17.0689 0x1120  [ 73EFE8A2747BB87F66B5646AA2262AE4, 368AAFA38F214D474206B914A4258B3679CB0B1C9080D32DFB3BF890BD5611A8 ] GPIO            C:\WINDOWS\System32\drivers\iaiogpio.sys
15:51:17.0720 0x1120  GPIO - ok
15:51:17.0751 0x1120  [ 5DDB379D541C2EE4C8D3734A0284A2DC, D18CA69EF148A267CFAF2F36B668416A79042CF9EE34C802B457DAB9AD91A431 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
15:51:17.0782 0x1120  GPIOClx0101 - ok
15:51:17.0876 0x1120  [ 22306013C7C180699EAD991005AF2F93, ECFC900BF1F2B3AC8CCD3B021A3F8F632689D6817219FAA383A3AE3BCA90A377 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
15:51:17.0984 0x1120  gpsvc - ok
15:51:18.0031 0x1120  [ 449688B15D29787C8A440D6ECA9925B5, 7E1C88106F3F39394843B8B2B5921A8F5B215AC1538F46F151B9F4FAAC7AE1DE ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
15:51:18.0062 0x1120  HdAudAddService - ok
15:51:18.0093 0x1120  [ 3D06FB84CFFB1D959ACE7690A27A89E1, 267F22D64BC774E32BF8DC8BED45C384ACAC888E16D9924D31EEEB1AF16553B6 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
15:51:18.0109 0x1120  HDAudBus - ok
15:51:18.0140 0x1120  [ 5C5BF3E47BB6B07FAD8EA4565159659E, E8C52CC743408093B118D3E1E8C0E7E1E7EED7234422341C8B666C03A9FA0CC4 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
15:51:18.0156 0x1120  HidBatt - ok
15:51:18.0171 0x1120  [ 4A59C5DAF29CC28DA966C57DB863655E, 6A164BEB000AF2A8FBCBF8A15C8BF9D999CDCF90EAFDD748D4F7FAA27E67CD12 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
15:51:18.0202 0x1120  HidBth - ok
15:51:18.0218 0x1120  [ 4AC33C5E591F9845E34DA8681E558A58, 4FC04C7EF2736D63CF77756566C5710764671EC54085FC035B4752377CABDDE7 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
15:51:18.0234 0x1120  hidi2c - ok
15:51:18.0234 0x1120  [ 2E6CA4DE2AEDF7ABDFEA906F11EDC8B1, 69FD8513F4E0C1E8C78D01D007D90DC33D3C4DEAED05FEECD634A15334202D62 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
15:51:18.0249 0x1120  HidIr - ok
15:51:18.0281 0x1120  [ 06692FEB8EBC5AD53AC6C610BC72F1C6, 4C2754E0F3FBCF147D7D7F9D1F433C85B6AB59922F9DA754B31CB57A90CDC175 ] hidserv         C:\WINDOWS\system32\hidserv.dll
15:51:18.0312 0x1120  hidserv - ok
15:51:18.0327 0x1120  [ 71E4AD300E86C0754D6070FB92475CF7, 110AF2389CFC8AB481B6A8706F436BB600D10063669C2A6ABB5A63FB9E3A3495 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
15:51:18.0405 0x1120  HidUsb - ok
15:51:18.0437 0x1120  [ 622B08BD041DE4B0B8F34D4F0F5A018C, 4EA4DB15CE5DD44FF30B5AE0D7EBEDAF3DDE8761D7633FED52CE7D022E0980E6 ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
15:51:18.0515 0x1120  hkmsvc - ok
15:51:18.0546 0x1120  [ D331E843F66501F57978F85FE695CEEE, CB2B23E3191DDE105A47D7C7361880DE968D79D55A16B371DA16456F047B7FE2 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
15:51:18.0609 0x1120  HomeGroupListener - ok
15:51:18.0671 0x1120  [ 4FC945E08AF63491AFCC902C99046735, 3F62C132B8C8A35C09D1ED7C602658EC901ED6284550B0A8E9E6FE0AACB7A511 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
15:51:18.0765 0x1120  HomeGroupProvider - ok
15:51:18.0812 0x1120  [ BA073FD7F6C94FF18F97DF8F0297ED62, 132611011C0AEB1E529453A4FA983587D7F1CE286C04AC0B952F4D964B72BEC1 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
15:51:18.0827 0x1120  HpSAMD - ok
15:51:18.0906 0x1120  [ 4196BBF0725EF4E4F220D5E1539EF553, EE78E340C8DE4256567A5D0589CE5B3C182EE80A7D6F663CB971651391BA3F92 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
15:51:18.0952 0x1120  HTTP - ok
15:51:18.0984 0x1120  [ FAEB94F3ACCDFDA16E5FA585369FDEC4, 12A41592EEC9CEB5C8C10AAF2C09E7262E2AC28B615D181F9BCCA0DEC12648F3 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
15:51:18.0999 0x1120  hwpolicy - ok
15:51:19.0015 0x1120  [ 2DDC60AD29D845A745C9ECAAE35FC477, 1A4670D10744B36FFCDC5068C824315200F9D9BD24E5F2A111B2019C13CD59BE ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
15:51:19.0015 0x1120  hyperkbd - ok
15:51:19.0030 0x1120  [ D360FFBA289307976BE1BBE7BE792F58, 6A787C493D226D6AB5A933B3EAF9D6EE4B18BDB2D07D1CAE59CE1EFA729B1B2D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
15:51:19.0062 0x1120  HyperVideo - ok
15:51:19.0093 0x1120  [ 5043E69532392A43549E5D41E22638AA, DC5186117FC60036A70CD6065810F090BD3EFFA24B59C760ECB6B7FB9C43F174 ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
15:51:19.0124 0x1120  i8042prt - ok
15:51:19.0140 0x1120  [ 646D3B416BC970C3CD2F53844FD156A5, 045CBA642382B33DB1E222302B14DD46838895A73CE50426FD180B4CA918253A ] iaioi2c         C:\WINDOWS\System32\drivers\iaioi2c.sys
15:51:19.0140 0x1120  iaioi2c - ok
15:51:19.0187 0x1120  [ 387637FC01BA30E95A2330DA3FFD0919, 836A100F766044B431D2263A57CB3BB3B43AA0C3E58220F31A2EF89E1BB8CB55 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
15:51:19.0218 0x1120  iaStorAV - ok
15:51:19.0265 0x1120  [ D2E7F3611BB8F1C2661B8F7858D33A35, EFA7B2E8433AB6DE739EB12792154B64DF29B61C8BB2F467C95C393A40D84E1A ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
15:51:19.0293 0x1120  iaStorV - ok
15:51:19.0296 0x1120  IEEtwCollectorService - ok
15:51:19.0365 0x1120  IePluginServices - ok
15:51:19.0432 0x1120  [ 92557399ED26FBABC5D8446B3C21CF0F, 71304B7614B1552FBA227683A3A9FC84B445BF6686341F6A91A37EDAEF4AE828 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
15:51:19.0463 0x1120  IKEEXT - ok
15:51:19.0478 0x1120  [ B0F92A795C7E48E2C5F908265C655458, 6F6606C3F36FD3E603CF9FCFDD1213A108E4B1CF9936E4FE851E6FD5FEA5FEEC ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
15:51:19.0494 0x1120  intelide - ok
15:51:19.0494 0x1120  [ 1B96BF4186366306D917FBD187218F29, 8B1E85412D52B0EE7593D7BA08153DABF0852448A4E8DC01F2B24EE3289912AA ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
15:51:19.0510 0x1120  intelpep - ok
15:51:19.0525 0x1120  [ 6DD61D8AFB56C9F853210C49FD4D8C16, DFE299AB383A81BDE531B93645F59076BC2D7E37038DA20649CA08230C043C55 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
15:51:19.0541 0x1120  intelppm - ok
15:51:19.0557 0x1120  [ 23B5C10891B64FB4261F9FCADF24FE28, DCE73864B0BE98DE96C0EC6C88BA62E1BC2878837D6442BCC2220A956E350D0E ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:51:19.0588 0x1120  IpFilterDriver - ok
15:51:19.0650 0x1120  [ DD457C613576ED1E134297DF8D4C5922, FC99459FEA8D85D75236F34BB4F12E8CF67AF421B6593B592C9133DB101D7709 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
15:51:19.0775 0x1120  iphlpsvc - ok
15:51:19.0807 0x1120  [ D395D5C2900596DFA30478E79110D003, BBED3586F653F9167430DF8FF42669FC7962F5EEA3E789289224DD91BAD3F18C ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
15:51:19.0853 0x1120  IPMIDRV - ok
15:51:19.0898 0x1120  [ FA6C94C754A566EA8A61D658932F32DE, AEA11A21F850228B23714CBF981C0D038FF5CC22566594E6995BA0994343A256 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
15:51:19.0945 0x1120  IPNAT - ok
15:51:19.0976 0x1120  [ ADF675CF9EB57229E9D13BC2F5D4719D, 1CAE1C71951795D1E650C81D5271EF9DF3482E531AAF0E6E08BE9789DE8C1E5B ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
15:51:20.0007 0x1120  IRENUM - ok
15:51:20.0039 0x1120  [ 2A0D17D431F13E87ADCB28DEEC84F252, 87C82734B58896BB71EE0707B70C4618D0E4895BE1409E9B55668F11E1715F30 ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
15:51:20.0070 0x1120  isapnp - ok
15:51:20.0086 0x1120  [ 74F452379260EA77CC59905AEDBD5AE7, BCD59690F69FCADC95C7499960F723D584E6E701CB722BA53BE738402BB080E9 ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
15:51:20.0101 0x1120  iScsiPrt - ok
15:51:20.0132 0x1120  [ 4504C8B75A6B2E5BE800DE03B26891D3, 4DC5DA3A2CBBB43B0E9CACE094D7EADE458347D134012F9693CAC2014EFE4145 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
15:51:20.0148 0x1120  kbdclass - ok
15:51:20.0164 0x1120  [ 8BAF1904393EACA7178A5EF962256D3F, 7CC026151E96D239C68758A016C206278ED262594C87EB7BFCD73A73631DBBC8 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
15:51:20.0195 0x1120  kbdhid - ok
15:51:20.0211 0x1120  [ 3FF50BD6E481C6690A16D0542A2D818F, C7A87459C770380DFC5CF275382B8AC9F81C65A58131A4FDB7D2C251481BA963 ] kbldfltr        C:\WINDOWS\system32\drivers\kbldfltr.sys
15:51:20.0211 0x1120  kbldfltr - ok
15:51:20.0242 0x1120  [ 7F896C99637CB0E48262F307FC0F3557, 51B1A2038443F581EAE8057FF487398CBAA4753E7AA854B191E47502F9D7D69B ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
15:51:20.0320 0x1120  kdnic - ok
15:51:20.0336 0x1120  [ F33BFCBBBAACE7208DB433B6CCA98930, 46E994BE4A2EA4D324C8B78CF9276F4805EA47046CBC7AD37401AA77E13C75FB ] KeyIso          C:\WINDOWS\system32\lsass.exe
15:51:20.0336 0x1120  KeyIso - ok
15:51:20.0382 0x1120  [ 21719E6D6B4EDEB062F0A9D8F7720FEF, 6BEF2890270D4127EAEA6C627B663495A7576A781EDB4E4623E9C68D2DE3EE22 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
15:51:20.0398 0x1120  KSecDD - ok
15:51:20.0429 0x1120  [ 09C2C25E6199901B93716FE4A82E682C, DC242E688EC66F9667320A1FA6CD73CF6FFE635E3459E1C851DAE1B2D8B07E9A ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
15:51:20.0445 0x1120  KSecPkg - ok
15:51:20.0507 0x1120  [ EC89E8C1334D257C27197A52099FA960, 5243DD460A78CBCCF6296C13944ADC0F7FA7BD152BCE9633EB8CA911B055C3F0 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
15:51:20.0554 0x1120  KtmRm - ok
15:51:20.0601 0x1120  [ 9E51948344BC8C8EBBDCD197948940F4, ADEFD92FD5EE23A008C1C7BA826F532BA6F7231F025373106EC551C850B3AC64 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
15:51:20.0710 0x1120  LanmanServer - ok
15:51:20.0757 0x1120  [ B230EE02279BBD757637B3CAE1CF660B, D74B85548818E0C9DAE10076AB00198AAD3838BB3A8C0212762716E5EBC3A3C8 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
15:51:20.0789 0x1120  LanmanWorkstation - ok
15:51:20.0835 0x1120  [ A54EB398BC2D792A0C603A97F7975FD8, 5216624129595ADBA24AA07F68350045D4D59B5F8A6FE5FD78FA3BD72646B83B ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
15:51:20.0923 0x1120  lfsvc - ok
15:51:20.0923 0x1120  [ 369ED2626209D245BA1CEBB626F9A376, C28A0B4998DF1027AB3C234742AD51E140889CC065CF2F073665297B61A31F6F ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
15:51:20.0970 0x1120  lltdio - ok
15:51:21.0001 0x1120  [ E7857CCA67A54E265533EF68C7B90A0C, 3CC312DAFD7C539467D5833002D448D62C8B3A2F2894523CBA18C49D2129F609 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
15:51:21.0095 0x1120  lltdsvc - ok
15:51:21.0126 0x1120  [ A44270027BA1C8983CCC414183AD5726, 26F0881DF03F7C521A7CA9FE91432B40313B1ED5A9F2779F4CAA3CF6625219B7 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
15:51:21.0220 0x1120  lmhosts - ok
15:51:21.0276 0x1120  [ 876BA8550E9F1F4EF8A7D056E66678F6, 55937F75D1332923FD348B9931BC28E379DEBC13841E0EE4D1330D3D4E7707DF ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
15:51:21.0280 0x1120  LSI_SAS - ok
15:51:21.0295 0x1120  [ 6FB4E344E66F7243D23F0F52A9610790, 7AAEE5EB222539AD767B0B01FD1F821EE35263699BC4D123E95906C4AE62D3F6 ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
15:51:21.0311 0x1120  LSI_SAS2 - ok
15:51:21.0327 0x1120  [ 2E61D97CA19BBECCCF7CDE9C0C7392B5, 237A5739DE9A643CBEE7432522E43DAAB289EAA322FB2E67A66E24D2A0E859E1 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
15:51:21.0327 0x1120  LSI_SAS3 - ok
15:51:21.0349 0x1120  [ 3986C8FAA6E397725024E7189BAC69CE, FD934C8D5E51153D9E69764B628E1A983D96CF223115B4E549FA67BA819A27E8 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
15:51:21.0361 0x1120  LSI_SSS - ok
15:51:21.0409 0x1120  [ 1D5999E703FAA551DFF0E4E7F6AA2150, D73332190244FE2943CE93C298EDBB09290AFDD1B12F286F94E4B67323F1A1F9 ] LSM             C:\WINDOWS\System32\lsm.dll
15:51:21.0487 0x1120  LSM - ok
15:51:21.0503 0x1120  [ A1E31C77F407F629F430A070B8747A44, 80E50D95CBDB85DBA2462BF133140AFEAB2D047F70168E87CE95E8D90A83C99E ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
15:51:21.0534 0x1120  luafv - ok
15:51:21.0550 0x1120  [ EE038F0B57FD34B872AE2ADD7679C1E2, FC6C352A4EFE659961513B131B68871AFFAD8174672C3D5BF955D83BA1F9CEA0 ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
15:51:21.0565 0x1120  megasas - ok
15:51:21.0597 0x1120  [ 2E3BE5DA8078B170DA14CE3181C5D3AC, F4E8251C554A47682F00FCE7A0F3B0D0FD0F3D74970BA501F63860A7C824407E ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
15:51:21.0612 0x1120  megasr - ok
15:51:21.0659 0x1120  [ 01946468EA6196F9C54A245354C1240A, 96BE9EF1D791417BFBD9AC9F24D38F128DEE409C95F25138B8CDAE3F86E17D4A ] MMCSS           C:\WINDOWS\system32\mmcss.dll
15:51:21.0737 0x1120  MMCSS - ok
15:51:21.0784 0x1120  [ FFE175CCDA4BC0278E88149F183B6C5E, B84F9E1E20B0C0BF64BC8DABC238776A307286ECC5AEFEDD74F6C187F5FD0671 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
15:51:21.0800 0x1120  Modem - ok
15:51:21.0831 0x1120  [ 523C526BBB796FC2087C0C8AC2B669BD, 79FAC4B32BD35E140B7FAFC5A58FA039B1FB16EF68A4DCEB25B2B153B1B0FE0D ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
15:51:21.0884 0x1120  monitor - ok
15:51:21.0916 0x1120  [ 1B621475FA22B947B60EE004A8EE11F5, EC4BBD6C586686BD3E05F861FF7D9E82E7C787DDBC9BC3CDEEE613BFCAFC34D3 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
15:51:21.0931 0x1120  mouclass - ok
15:51:21.0947 0x1120  [ 64DAA33D69C4442AD4CC52D478895355, 686CD366539D41331ACC41A66B165EF7B659CD8FC0048596E6F38D1FBF3120C8 ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
15:51:21.0978 0x1120  mouhid - ok
15:51:21.0994 0x1120  [ 8CF63AB55709A9E415190219C226A855, E061AE50F74F46D9D58E406254515B104B32D7B7DE64C1045E9901942A953FCF ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
15:51:22.0009 0x1120  mountmgr - ok
15:51:22.0056 0x1120  [ 26EA1DAD601EE3ACAC301D66F07BA219, C9594BB15D53D4AC2156CCCD2DB65B2C20620F1F60DA85F48D1586FC10028096 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
15:51:22.0119 0x1120  MozillaMaintenance - ok
15:51:22.0150 0x1120  [ 4B300E2D06B03410064CF443E1CE6B25, 9B75E288392DBB24C84C573823AB0C94F2CFA6AA8AF3F6D8E3ED93DA57F5ABB8 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
15:51:22.0197 0x1120  mpsdrv - ok
15:51:22.0244 0x1120  [ C67F755D89AE52C7F2249ACE98416265, EA115A4165E3657452CDF69E0C5704BB685A8E0FD451F37EA1FC3D5A8BCE5A9E ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
15:51:22.0291 0x1120  MpsSvc - ok
15:51:22.0322 0x1120  [ 53E370C8ED69C68DFD26BAE4588095F3, C72A759D0C31CF2E6C153D8D008DE03575C5D6A74067C381E580B09850890EBB ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
15:51:22.0338 0x1120  MRxDAV - ok
15:51:22.0400 0x1120  [ 5213858EAB957E8153D45B13FCF30082, 0AE1E4DD3B4673562A922D5B2BF9E503CC31418CC971F46DC9A6C759BCC71F09 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:51:22.0478 0x1120  mrxsmb - ok
15:51:22.0525 0x1120  [ F37F40422662235AB5768C303E829602, B1350AE9827FCF48FDC7BCA83CE5A7E1C54550449F6F56AC39E1E1ECB9EA56DD ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
15:51:22.0619 0x1120  mrxsmb10 - ok
15:51:22.0650 0x1120  [ 20EA1075D820ECD58400A76B617DC384, D1F3FFD233A68D994565883F8304807D09ACBBCCE3522E9DD8D17D094A8AFED7 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
15:51:22.0666 0x1120  mrxsmb20 - ok
15:51:22.0697 0x1120  [ 41CAFD1FAE3272E9B5DD67400ED59475, 689C8899F36D73652ADCAD6CEB2F3AC6024DDCB4619D908DA8575536978E85A6 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
15:51:22.0744 0x1120  MsBridge - ok
15:51:22.0775 0x1120  [ 18919845004A5A05D69CF5EAE19D0E68, 809FC3AF3CCA004712CE3B841E08BD0D47E2A1C0B938AD68337B642D5D43B0C3 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
15:51:22.0838 0x1120  MSDTC - ok
15:51:22.0853 0x1120  [ D99C98D630C34A448A93DE552DC7DD68, B3A216B119737476182B3CD080B3466506D673ED2889C9F8C36F0E92A4657029 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
15:51:22.0885 0x1120  Msfs - ok
15:51:22.0916 0x1120  [ 22FFBD5F9BCE2E970C617B95103079DC, BD431517B572EC80127881124C697434B31F016BF897382F6D2C5D0FF904C1C6 ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
15:51:22.0931 0x1120  msgpiowin32 - ok
15:51:22.0963 0x1120  [ 30DA16E72C4CB4D5F06D35D0DFA16E2C, F8C4073C3AA001FD22087BEBD0CEBDFA8F0BD1965B8F3346BBAEC0E3208F927B ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
15:51:22.0978 0x1120  mshidkmdf - ok
15:51:22.0994 0x1120  [ 26B1961255650B59107FC4990B2CEF34, 273E5E0DD5708BE9E188934CF1A19E63946179280F9AC149376053AD863A8239 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
15:51:22.0994 0x1120  mshidumdf - ok
15:51:23.0009 0x1120  [ BF7ABD4461576528028FB86633A7EA24, 3AF39AEA9FEAAE7D79A3691714AD700288411DC594F38A07756F149D6D7463BE ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
15:51:23.0009 0x1120  msisadrv - ok
15:51:23.0056 0x1120  [ A876A975BAF66A8D209240F43AC07A07, 11B26C8004B8F191F9AF7A25C90500DAE344392561DDA9C5516FC0EAB6DDEE26 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
15:51:23.0103 0x1120  MSiSCSI - ok
15:51:23.0103 0x1120  msiserver - ok
15:51:23.0135 0x1120  [ 02238D563EDB7DFE17BF8AE12D9F3D30, 77BB0671B7B9150E15F7744B8F3D83375948694C1612198CB24D93842FE1A32B ] MsKeyboardFilter C:\WINDOWS\System32\KeyboardFilterSvc.dll
15:51:23.0166 0x1120  MsKeyboardFilter - ok
15:51:23.0181 0x1120  [ 0B2A5AB2591D7F6E8E64A0516325F2AD, 083775925CA8B4677029B5FDF4F60F08E325CF05486FAE63D311B40C7EF3786F ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:51:23.0213 0x1120  MSKSSRV - ok
15:51:23.0261 0x1120  [ 2B1E1DA9C5FA25DB8DAC2F34BCF10196, AE346D5711E4EA9C6365D55411E907683147064B34192B88EEAA9E871DECE2B0 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
15:51:23.0276 0x1120  MsLldp - ok
15:51:23.0307 0x1120  [ 86729EC40EB28DBBAB6A672B138B4DC5, 13F097572A8BE21EC9FA44C950F143BF0AFEEF09131DCD115B951AB5EF13BA13 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:51:23.0342 0x1120  MSPCLOCK - ok
15:51:23.0358 0x1120  [ 4E5FB5BD76165A81EE181A82EB665C8A, 16C50027D92F059C07CCB28FDE339C3E35DE9BF1752B0F16577845C38B77B776 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
15:51:23.0381 0x1120  MSPQM - ok
15:51:23.0397 0x1120  [ C90BB8C3DC3F50FBA1A668B844C84315, 4ABA28B0047B2038E881583DB0F1A6A78FAB8ACF3759ECCB7A835D7F8944CC83 ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
15:51:23.0413 0x1120  MsRPC - ok
15:51:23.0428 0x1120  [ CF61A813430B7F12452BCED287135676, D5400E8C47D6441830EA48E153BDB2CC70672176B69E90D89EC3DD6D17BCFAFA ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
15:51:23.0428 0x1120  mssmbios - ok
15:51:23.0444 0x1120  [ C323F63D61AD8CEC79B3CF4B8463B208, FE1E91267B1050EDF05E89B33AFBEE2F6A5912251024A2130D756DE53C93BD81 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
15:51:23.0475 0x1120  MSTEE - ok
15:51:23.0491 0x1120  [ 06442D8CA4425EFF66F47D8F82493450, 82D3698938B2CA169C0564F90941423FC4F87261CCD1A214517DA95605671A32 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
15:51:23.0506 0x1120  MTConfig - ok
15:51:23.0522 0x1120  [ 98F1A21FEB21AA86402AD35CB09074D4, 9491292FEACC5EC9A8CAC55798A8AD0EFE4C428BB330AE2B205EEF6CC8B5A084 ] MTsensor        C:\WINDOWS\system32\DRIVERS\ASACPI.sys
15:51:23.0538 0x1120  MTsensor - ok
15:51:23.0538 0x1120  [ 6CD6189DFA649EEBFCBE81CB30030355, 7F50DD0ACDFC2AFFF1FA8BA5065B7B232C491D7AE7E67AE833BB02105AB7AF77 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
15:51:23.0553 0x1120  Mup - ok
15:51:23.0569 0x1120  [ 8122A46E9A5EBD2E001FF5FB34A12A47, 8CC747B11E77AB0F15A7F08D48160FB66AD26C81021D25A10335ECE967A847F4 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
15:51:23.0569 0x1120  mvumis - ok
15:51:23.0616 0x1120  [ E5B61DB218E01A850C7A92616E97F5EB, 26EA66D8EB058EB9CE8D2913D5A1397D26653E26AB0261119B802D8DFC11AE87 ] napagent        C:\WINDOWS\system32\qagentRT.dll
15:51:23.0647 0x1120  napagent - ok
15:51:23.0709 0x1120  [ F443E09D7076D93ACC69D751960AE744, C79A5F858483B97939C260F6878A9085F61E1FDC2C8ABAA7700A7EFA808CC223 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
15:51:23.0803 0x1120  NativeWifiP - ok
15:51:23.0835 0x1120  [ 54C905054922B43A91521D075E34024B, 4B2DF68DF11B26D2A224930CE2B8FAF40B19D960BCFDF5D523B52A82125B487A ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
15:51:23.0933 0x1120  NcaSvc - ok
15:51:23.0948 0x1120  [ F81A77CF6B0C9513AC20A24DD2997E26, 756818D6DEB6B7D036C2BF6B442EC8C435F9FB3E384E109FCCD9740F7651B3AB ] NcbService      C:\WINDOWS\System32\ncbservice.dll
15:51:24.0042 0x1120  NcbService - ok
15:51:24.0058 0x1120  [ 10A61CCF540D1E2260D3AE76377810F5, DFF0F1EAF03518220500C70BCC52286CA599EA2E00D3AB97D88D9BF15F1E26AD ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
15:51:24.0167 0x1120  NcdAutoSetup - ok
15:51:24.0245 0x1120  [ 14F983A265A9A84B13C8F03F1BE639B0, CA2C7BE7C998F14B7EF5EE20C170E1144DDD0098E9EEDAFDBD9E3B592EB586A0 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
15:51:24.0308 0x1120  NDIS - ok
15:51:24.0339 0x1120  [ 9FA562E35A0263FBD01D44559224D46B, 9C8CBDDFA09EA86B025BD7F04F63C5517296FF7EDAC9E87C096766054C448F1E ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
15:51:24.0370 0x1120  NdisCap - ok
15:51:24.0402 0x1120  [ E0E3F52E028D5AEB0AAEA4DEBFE5F696, 7CDA2500C3440B8A5EF0C4D64DB27E91A08A1D143CA6FA6568E5C7FBBD277B02 ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
15:51:24.0433 0x1120  NdisImPlatform - ok
15:51:24.0448 0x1120  [ BD856EB36898EFA1B11346996ECA764C, 52CF7CC4DEB3CC0F3B09E8A4D83E20538765C44DD04FE0746BD17B09C67AC78C ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:51:24.0480 0x1120  NdisTapi - ok
15:51:24.0511 0x1120  [ 1D34650E97E74DF51BD86E0A102DB241, B4B6A2C073348C3829E5CD0565A0B44CA6A0AD05E3744767FA8D89134ED8002E ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:51:24.0527 0x1120  Ndisuio - ok
15:51:24.0558 0x1120  [ 53D21FFC20728406A20BCCF145DC2AD4, 116B06A3827C6EB584C8DC13FE2554EFC1CE5A96BA298C4C7766B700E56C282F ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
15:51:24.0589 0x1120  NdisVirtualBus - ok
15:51:24.0620 0x1120  [ 11312D35028616E585DCF02AFAFA56DC, E7B0503FAA2B93F6751FD792D2F424B40E2F9A20D9E827253563B916A1CFAC06 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:51:24.0652 0x1120  NdisWan - ok
15:51:24.0652 0x1120  [ 11312D35028616E585DCF02AFAFA56DC, E7B0503FAA2B93F6751FD792D2F424B40E2F9A20D9E827253563B916A1CFAC06 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:51:24.0667 0x1120  NdisWanLegacy - ok
15:51:24.0698 0x1120  [ 9F76B41778F62A7E582ADA902E8D149E, 140A62ACA0B198A23A4236AE28CD4E32D5378F4D21CBE55FD05684EEE91C1B4E ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
15:51:24.0730 0x1120  NDProxy - ok
15:51:24.0761 0x1120  [ C6003C8BB723B4D7FCDFB4C419D676A1, 9D2639A104D962C899CC9EBB40BF8AA6FB9E440AD5DB6861C9723BDB4B9361FE ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
15:51:24.0761 0x1120  Ndu - ok
15:51:24.0777 0x1120  [ F0F2377D72E48EBCA9B9BE5F3DE3F355, 89C05AB573C0F97FD3F0C43024212A0A55BFA3698598DABFD33FC481D5D58E3C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
15:51:24.0808 0x1120  NetBIOS - ok
15:51:24.0855 0x1120  [ BC242922B0D08F61CF7C87FD08FAFA8B, D9E96D9C01FD9FFF80C60E76950B31E5D010EDE1A6CF0E4B5A85BD5E7A5DB715 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
15:51:24.0902 0x1120  NetBT - ok
15:51:24.0917 0x1120  [ F33BFCBBBAACE7208DB433B6CCA98930, 46E994BE4A2EA4D324C8B78CF9276F4805EA47046CBC7AD37401AA77E13C75FB ] Netlogon        C:\WINDOWS\system32\lsass.exe
15:51:24.0933 0x1120  Netlogon - ok
15:51:24.0964 0x1120  [ B587D8BBD8FB55FEA7C6CCE86D98DDA7, AC0EFCECF14B680A260D32BA13AA29E94663171E6EE2B9E1F3BD6BFD7997FE3D ] Netman          C:\WINDOWS\System32\netman.dll
15:51:25.0011 0x1120  Netman - ok
15:51:25.0074 0x1120  [ 9C005769C00F380DBEB33C0164BBB7F8, C67498DBB6EB1B71CCA11E29D5CFDE77748201A3B3AB68770E43B82F221FCEC6 ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
15:51:25.0105 0x1120  netprofm - ok
15:51:25.0183 0x1120  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:51:25.0290 0x1120  NetTcpPortSharing - ok
15:51:25.0322 0x1120  [ 6A90783186DA0F93D21C805F6FAFD9CE, EABCD828F1BB745E80AA6B8FDCD32BD644F63FDD724809D8B94CBB90EE16F48E ] netvsc          C:\WINDOWS\system32\DRIVERS\netvsc63.sys
15:51:25.0322 0x1120  netvsc - ok
15:51:25.0364 0x1120  [ 6DF13740F8E98AD840B13D056CA86511, 08C2491C82E1733C4317E565298BD8C19508F415A9B544044D57CC1C3E596590 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
15:51:25.0411 0x1120  NlaSvc - ok
15:51:25.0427 0x1120  [ 6CB2336E1C247A8164ADFF8A0D2FBCA4, 2EEE5E0754E01615D56EA9FC3A76195B3A9B7E32536F67C9394B452FC64697CD ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
15:51:25.0427 0x1120  Npfs - ok
15:51:25.0458 0x1120  [ 1B134DECC25E59D0C8AD95B64D475297, 7656D18FF1BBC83900109039F78DBC156A8E651638DBE3C6A6189408A0DF4511 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
15:51:25.0520 0x1120  npsvctrig - ok
15:51:25.0552 0x1120  [ 4763A0EC9B205B32E1194024E50F0C32, 10DCC2099B971661045F9D9224316E7D72D96E0DB642DC65FA8FA546CEE98FC8 ] nsi             C:\WINDOWS\system32\nsisvc.dll
15:51:25.0567 0x1120  nsi - ok
15:51:25.0598 0x1120  [ 3D383D0C64FFC3D3DDE2ED4EF828CFAB, 3F24F3E1874C5B1A1426C85D531580A30073CFCFA180DAFAD655BC6BC58428A5 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
15:51:25.0614 0x1120  nsiproxy - ok
15:51:25.0708 0x1120  [ BAFDB3519A9D1A6A0665A70696BA98D5, FA7F861139C4805F6D59D397D7AEBC69DEA96AFBACA4466336343EC5873A7B6B ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
15:51:25.0786 0x1120  Ntfs - ok
15:51:25.0802 0x1120  [ C68CBBB69A8C611EFA668FA36DE542D9, 2026BA1505619F62DBD06B293DD061A53B824FFD962D18B89297353F48D88017 ] Null            C:\WINDOWS\system32\drivers\Null.sys
15:51:25.0817 0x1120  Null - ok
15:51:25.0850 0x1120  [ 9F8EE4948B7ADD9D12F778F61A2758A4, 9848C7D97AC000BF7A00BAE12593E48E14D36D7FFFCF25A163FAAB446691032F ] NVHDA           C:\WINDOWS\system32\drivers\nvhda32v.sys
15:51:25.0866 0x1120  NVHDA - ok
15:51:26.0257 0x1120  [ 8E3BD4ED84EEF035B1AF3F90141D13D1, 764C700D9C08548225B1F0CD978265976B9CE65F20931970B69B2953CD00B611 ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
15:51:26.0710 0x1120  nvlddmkm - ok
15:51:26.0882 0x1120  [ D2FE0376285A783693469422678E878B, 9F0B1A6694CA7BDAAA3B26BE1D344A3FC7B98162518A259C273360EFF075CD75 ] NvNetworkService C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
15:51:26.0958 0x1120  NvNetworkService - ok
15:51:26.0990 0x1120  [ CE9BC6B9B2D5A9782B20B8EF1D48FC6E, D91145F57A4E2A6F03523C215B211BB5B431D29D3B8E0D15685967A01EC33D95 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
15:51:27.0005 0x1120  nvraid - ok
15:51:27.0021 0x1120  [ 8BC42FC48C9DB301025D7A5C6B20ECD9, 97A79CB628F1F806E7874CEAA3B9232DC56C2171AD1A50C07FE8246E3799C013 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
15:51:27.0037 0x1120  nvstor - ok
15:51:27.0620 0x1120  [ DA09A1DAEBD38226C0CB22BA8D967F63, 55654C3D4D96185E5754DE63C08D40FA6CB46FAECBAACA6CEAB0F48E643C392C ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
15:51:28.0226 0x1120  NvStreamSvc - ok
15:51:28.0304 0x1120  [ 7A50B5448C45C0BEBFCF0E6481ABD73F, 6890320DD8DC9A58F845D6C6E058858F4651067B62E25AEED9F94436F10A4EA1 ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
15:51:28.0320 0x1120  nvsvc - ok
15:51:28.0351 0x1120  [ D230D757C084FB8D7BC4936E3D6334B8, 28F6416C2C8B174F388B42F7951E2D35B42EA5443DC9A89A016FCDE8A3D57F4A ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad32v.sys
15:51:28.0351 0x1120  nvvad_WaveExtensible - ok
15:51:28.0398 0x1120  [ 5FC39F8B065128F2A59F92EE9AE3F286, 0BDA69197BAD4151DF895E3869E310D1E1C513332C0BADDF99D4C40E02232F46 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
15:51:28.0398 0x1120  nv_agp - ok
15:51:28.0481 0x1120  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:51:28.0543 0x1120  ose - ok
15:51:28.0574 0x1120  [ 51B0BA395EE58B2088F03162B3D3208C, 1F6676D168D18727061B756C333C2BA0F0489F5CCA3942984885E70FEE209599 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
15:51:28.0668 0x1120  p2pimsvc - ok
15:51:28.0730 0x1120  [ 2F3FD70DBD4CA80C20E0354E1B71FCF2, 66B31A2FC594C9B61806A550E5D28AD9EEAE220D6FBB684A64AAEF9468BBE403 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
15:51:28.0840 0x1120  p2psvc - ok
15:51:28.0887 0x1120  [ 4F30970F15ADCC382544B31D5D7E368E, F8A66D12796887A60015466A6EC1932EE9F63C5C7F83E1F0E65D338D23F89602 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
15:51:28.0902 0x1120  Parport - ok
15:51:28.0934 0x1120  [ C503DA12698E7F775F8252F7A6FEA47F, F85664D23549B6485A6CDEFDC9362A13A688EBB8998F7A1A4AEE6E95C0EB3229 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
15:51:28.0934 0x1120  partmgr - ok
15:51:28.0949 0x1120  [ 60450D9CA16603770DFCA15E68D8EAD3, 37DAC10DC550D0A1A2F44A95E9C4E0EDE69E29F6162C4C17BD356E6FAF10D9F6 ] Parvdm          C:\WINDOWS\System32\drivers\parvdm.sys
15:51:28.0965 0x1120  Parvdm - ok
15:51:29.0027 0x1120  [ 81F10577DBE53F1F6990280D1926DAC9, 9FC674CADAC6DCD40F8AD9891199B8ADF7873667377BA12F67EB9EF2156A5561 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
15:51:29.0121 0x1120  PcaSvc - ok
15:51:29.0152 0x1120  [ 8F8DB22F78C74514A42A51211DAE24E9, BA32DAC0784D2634065303F3703A383F3B0A2FA0CE2C2B32A6D29336ED4AE13F ] pci             C:\WINDOWS\system32\drivers\pci.sys
15:51:29.0168 0x1120  pci - ok
15:51:29.0168 0x1120  [ 05C7426981598F0E45824BC912D5177B, 46559C2A0EF523E89AAAB0670700263A2D5580D8A35BBA5404BB4E2BFBA29B4F ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
15:51:29.0184 0x1120  pciide - ok
15:51:29.0199 0x1120  [ F404AA7E499C83117C7442C2C2801C03, 4E30D0B41550FECECD7957822398E0E1897B5DB12A6799B7E1119CC7626E6959 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
15:51:29.0215 0x1120  pcmcia - ok
15:51:29.0215 0x1120  [ E0F759702BBA5095CB0AE570333B194B, BC8882F24038A83487C88569EFDD1407A55FA45778E4AF630167F4B2EB927DB5 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
15:51:29.0230 0x1120  pcw - ok
15:51:29.0269 0x1120  [ ACDB8C7FDD48AA326B6D1D681275237F, FD1116B0AB07D4959FD241432BABC2DE068EA061F46D1646AB50DEC0677C0126 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
15:51:29.0273 0x1120  pdc - ok
15:51:29.0342 0x1120  [ 1A9DFE5854BD66E28178431E9C96E77D, 8731CAB4C426FC641864A868AADC33EAED00E08A2E2F9B9F31484EE3852C1D6D ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
15:51:29.0389 0x1120  PEAUTH - ok
15:51:29.0483 0x1120  [ DCB79C8D79D46BF6E9B46ED7CE388D93, 52BFECDA9CB1043FB3E7E6565E3B675340D7B4F70EE2F40593947334C74581FC ] PeerDistSvc     C:\WINDOWS\system32\peerdistsvc.dll
15:51:29.0624 0x1120  PeerDistSvc - ok
15:51:29.0702 0x1120  [ 685A51594574DA70A4305C7ADE6F9649, FA3C9F383DC4A89473F7EA09C3FE71C13739291883D1EF5C9746808F903503FE ] pla             C:\WINDOWS\system32\pla.dll
15:51:29.0875 0x1120  pla - ok
15:51:29.0903 0x1120  [ 7F4B79568DD6BEC3ECC80C2AE93DC749, E21DFE1B4D3B2BF3B4C65AB5D2A875453EED66AD9958CB3FD4840EA057756474 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
15:51:29.0903 0x1120  PlugPlay - ok
15:51:29.0922 0x1120  [ 7A232CD15E6DF06044C8782FC6532B58, C46D1C5ACE232592380E87E0D5D5735082A4E977AD92A06EF927BA553713D3C0 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
15:51:29.0962 0x1120  PNRPAutoReg - ok
15:51:29.0994 0x1120  [ 51B0BA395EE58B2088F03162B3D3208C, 1F6676D168D18727061B756C333C2BA0F0489F5CCA3942984885E70FEE209599 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
15:51:30.0009 0x1120  PNRPsvc - ok
15:51:30.0056 0x1120  [ CABCC1083EC2BD8503385080F02C1901, 6A602FD80D10EC1E68ECA1194B1A46E0CC073ACBFA8CF8C0D4BD6D539930A702 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
15:51:30.0072 0x1120  PolicyAgent - ok
15:51:30.0103 0x1120  [ A35DF6D1C00783CEFA0ADC975B09BE7E, 1C137583E2669081FDA43186DFB7896BCAB3AC92B7185EE717FD5FBE28173671 ] Power           C:\WINDOWS\system32\umpo.dll
15:51:30.0150 0x1120  Power - ok
15:51:30.0306 0x1120  [ 801FDB9F5F565B56C917CFEF555F2B91, 24559B1D976460D88AD727CEEBA38A8F5EB037BE0479051F76CA31A92470DA80 ] PrintNotify     C:\Windows\system32\spool\drivers\W32X86\3\PrintConfig.dll
15:51:30.0665 0x1120  PrintNotify - ok
15:51:30.0712 0x1120  [ 0BE3706EE01AA76D1583E82AE2E680D6, 05B86010B88BA13ADE4A9A3ECDEC376D833C7FB6BAC61ACD9E3B406CF007E46E ] Processor       C:\WINDOWS\System32\drivers\processr.sys
15:51:30.0728 0x1120  Processor - ok
15:51:30.0759 0x1120  [ 7298FC235A76EDC1D03272B24FD1B33E, FB56223F92671EA308588E81E97CBEE72CEB9B9BBCD497C523AA1D11FAB556CA ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
15:51:30.0837 0x1120  ProfSvc - ok
15:51:30.0869 0x1120  [ 9F6173E6F8E4034C008FCE29BFD4FBB2, E91251433567035F0EDA5971A8D154E9FC911222365C3BAD16DC10A5CDC38860 ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
15:51:30.0900 0x1120  Psched - ok
15:51:30.0931 0x1120  [ BC63CB1761AEC25186C4E707C4A23ED4, D12F55F1445AF325A247B02B016A4F321CDDB8616D9A5432479085F3B10FE365 ] QWAVE           C:\WINDOWS\system32\qwave.dll
15:51:31.0009 0x1120  QWAVE - ok
15:51:31.0025 0x1120  [ C619F26983C63B2BB1F6FDD6B52490E0, D35D7AF400133D6E6CE75C963285E13DABCD1F7EE46E96629EED9466DC999048 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
15:51:31.0056 0x1120  QWAVEdrv - ok
15:51:31.0087 0x1120  [ 91D50E991F182B40E10E06A9D21D8779, 00F584B07BD3366D4DB6AD80A9AE6BC61572B163C74888A399DF85940D2F9A50 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:51:31.0134 0x1120  RasAcd - ok
15:51:31.0181 0x1120  [ 13867EC172CDA1E4278EF98F3822B5E1, BD5BF2E622F1B075758D29EEBFA779807244545E3BEFFD7A4E4AD36FD9DF4EE9 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
15:51:31.0212 0x1120  RasAuto - ok
15:51:31.0272 0x1120  [ 80812558CF8E87F248B9BA0C4825945B, 4DA89447C31A5EC8B5C21941D47EECB767673201859B72B33E3145E6D3B6DA26 ] RasMan          C:\WINDOWS\System32\rasmans.dll
15:51:31.0334 0x1120  RasMan - ok
15:51:31.0354 0x1120  [ 1B6351227867FBD8917769479F7D84A3, E38EF2291CE47956DC1A3F0C7D98E5FF97CA1EB515267A451ED99AA22370DC8E ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:51:31.0378 0x1120  RasPppoe - ok
15:51:31.0409 0x1120  [ 8810FA3D36B8922B7BD1935378CD1667, 483DBA29212149D14E6EF873CF71B32A89C36E018E6F424C67699735B233858A ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:51:31.0502 0x1120  rdbss - ok
15:51:31.0534 0x1120  [ 4E3C895DB9831A925CAFAF9F04FE89CC, 9F518A1A046082FFDC6E171385B36EEBBE8A7C6D0234660D00A69CB327B2D869 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
15:51:31.0596 0x1120  rdpbus - ok
15:51:31.0628 0x1120  [ 67E91843B0344411820A012063E876B2, BFD92EEB961BDE9AE4324F8FDB01597B5D334FAAD6990324E2839687DC3A4E0E ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
15:51:31.0690 0x1120  RDPDR - ok
15:51:31.0753 0x1120  [ EA6B3264660145F588643C5B65C7C9EB, AE9B9A8D92F9CC3CCD53AA2A46521E6FF8DCF28EBD22073A4C9F427E3EF4D5B7 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
15:51:31.0768 0x1120  RdpVideoMiniport - ok
15:51:31.0815 0x1120  [ ED5DA057B5C00042CDF0E705C59B3CB1, 195F37E7C6D748C4190C3E55594B4E48BD87F0BE6C3F4D0F2E316F6C7696027F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
15:51:31.0831 0x1120  rdyboost - ok
15:51:31.0872 0x1120  [ FE591904131230C3FB98E9F97AAABE4A, C7C108E384F2F27A9AA58DDC0CCDC63D32629E11AEC7E2FC2F1A3F609BC94390 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
15:51:31.0934 0x1120  RemoteAccess - ok
15:51:31.0965 0x1120  [ 148CA6950C5F9385B67F18C0584376B3, 1EC021529C15420E5E1646520FC78119236FD01FA1065FBA16672D07D53BD7CB ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
15:51:32.0028 0x1120  RemoteRegistry - ok
15:51:32.0044 0x1120  [ 5E3934F8ADC8D93064CC5E537637882C, 03EB142F8A04C19187FECA2B4824A130CE3BE4A51E755468729F6624FC0A678D ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys
15:51:32.0075 0x1120  RFCOMM - ok
15:51:32.0090 0x1120  [ 67138062CED5A0E30DC42EBC087EA76C, F43FBCA3475A63145DB487C8852CB0AB7C5EB844303C7565E5F4FE238AC5E2DC ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
15:51:32.0106 0x1120  RpcEptMapper - ok
15:51:32.0137 0x1120  [ 56C6CFC3375CAA49E0DAE65472FD028F, CE19E793E7ACDBCC5C8486361E14BFC86458BCC55C8E56BE31CDA442BB76FEBE ] RpcLocator      C:\WINDOWS\system32\locator.exe
15:51:32.0184 0x1120  RpcLocator - ok
15:51:32.0278 0x1120  [ 05C0337538BEECC04FC695808EFF201C, DC32234686D38A7DD35DFE6AC9CB55F0DDAD8B463EE6B20857CC45884F00C093 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
15:51:32.0309 0x1120  RpcSs - ok
15:51:32.0340 0x1120  [ A7B0D780D365635525B8A2B10CE493C4, D27F12DAB4B6BD7BE2E72650ED5BD48790E706B290A838882C6A34123B67D70E ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
15:51:32.0356 0x1120  rspndr - ok
15:51:32.0387 0x1120  [ C0483F6EC041F84BC4FA3D0F1EC87D38, 2A57F3CB551E3855BDECDEDD9A8F4B14B883D8CE76543B9B10DDEB4FADAF18B7 ] RTL8168         C:\WINDOWS\system32\DRIVERS\Rt630x86.sys
15:51:32.0418 0x1120  RTL8168 - ok
15:51:32.0434 0x1120  [ 14FC57F255EB705ECA023FB85D70BF7B, C05CEF9583C5EC04E291F65293E843FAEFE8BA1FC6B4EC0C26789ACB39BBD5C6 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
15:51:32.0434 0x1120  s3cap - ok
15:51:32.0481 0x1120  [ D87912FE7FE2426B252908DE83E83832, DE069497DA16AE3149FA356CFC775AED08994604EF2A7DE5EF5651C55B0ACE01 ] SaiK1708        C:\WINDOWS\system32\DRIVERS\SaiK1708.sys
15:51:32.0497 0x1120  SaiK1708 - ok
15:51:32.0528 0x1120  [ AEE1BDE22F6E9284D59B48706DB75110, F8B92F68E8AE95863B21E10E947206C4A7E345A27878D6BA0ECEBA685A7886A5 ] SaiMini         C:\WINDOWS\System32\drivers\SaiMini.sys
15:51:32.0544 0x1120  SaiMini - ok
15:51:32.0559 0x1120  [ ED42254EADDB77E3BED57294949326FF, 2946E4BD1212105C607056B040F479A270802ED606B996898E85AC984AF35243 ] SaiNtBus        C:\WINDOWS\system32\drivers\SaiBus.sys
15:51:32.0575 0x1120  SaiNtBus - ok
15:51:32.0575 0x1120  [ 602C3E2329E61804AEEB535DD44D5E42, 6FDCC9E585852CCD3115F4827B307FCEBEBFB933C6FD0A5AADE860C0777CE2E1 ] SaiU1708        C:\WINDOWS\System32\drivers\SaiU1708.sys
15:51:32.0590 0x1120  SaiU1708 - ok
15:51:32.0590 0x1120  [ F33BFCBBBAACE7208DB433B6CCA98930, 46E994BE4A2EA4D324C8B78CF9276F4805EA47046CBC7AD37401AA77E13C75FB ] SamSs           C:\WINDOWS\system32\lsass.exe
15:51:32.0606 0x1120  SamSs - ok
15:51:32.0668 0x1120  [ F2BF19FE48D9B8ADF8F5A0A6F17FD6BA, 4215E6D93946E5E038118DA7A80C93A567DD907F2CB04C6D37AC2175A185B527 ] SbieDrv         C:\Program Files\Sandboxie\SbieDrv.sys
15:51:32.0684 0x1120  SbieDrv - ok
15:51:32.0684 0x1120  [ 72A63DB72D3DE34B880CE90464069E7E, 321FCAA7AD1BC0D805828C08AEA3CA1A81ACE20BE88FAF115D3DE8B009C5221B ] SbieSvc         C:\Program Files\Sandboxie\SbieSvc.exe
15:51:32.0731 0x1120  SbieSvc - ok
15:51:32.0747 0x1120  [ 98A297A744DDF9B2E14B05E511439ABC, E1399BC222E02F5EBCB00F6A6C4FD52BFAD10F70F42063C7C8BAB55ED33D1F3A ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
15:51:32.0778 0x1120  sbp2port - ok
15:51:32.0825 0x1120  [ 54F017E5C8B7B5DDEA1878F4A0CF3B9C, 91B676F4371BE1FECE630BA97C341D2B15F56939E806F26842A9997A38B700C9 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
15:51:32.0872 0x1120  SCardSvr - ok
15:51:32.0887 0x1120  [ BC673C31F2665788938F85073BEBEDEA, 90F96D1FFA9D269CA198DD79576C468204D263257F68FF0FB4DB2541AE4EA234 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
15:51:32.0949 0x1120  ScDeviceEnum - ok
15:51:32.0980 0x1120  [ 631F9D546CD6D206F2D1273EFDA8B048, 2C7BBF8EA6D45D0B5456102E83B54BD126D443D7BEB8BAC8F4E4FFA5D9DCF1B0 ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
15:51:33.0011 0x1120  scfilter - ok
15:51:33.0089 0x1120  [ 4318B9E84A0B869FC381F8565501D1F2, C62EC4169349378CDA56DA396F4C956BA3A297F4CAF5284F63A190DA622BE470 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
15:51:33.0214 0x1120  Schedule - ok
15:51:33.0269 0x1120  [ 8EA77992FACEB94182B9610FA4A06A68, 18AC5B03A3B7FA783596B8BD63DC01F9C36520AEA5264AFD99CD9207F538C931 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
15:51:33.0277 0x1120  SCPolicySvc - ok
15:51:33.0324 0x1120  [ 83811B6DFB3154338DB07C1452F13C36, C5EA94BA28F3E10DA987B70A2BBFB5BE7708500CADC399C9CC8A4B51A125B102 ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
15:51:33.0344 0x1120  sdbus - ok
15:51:33.0380 0x1120  [ 6A90C0C56CABEAA19779434BA6A9875B, 42EA31F112D555F47D02D85922DE4C8415882FC2FB6CFF408D3DD390E6A1EB08 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
15:51:33.0380 0x1120  sdstor - ok
15:51:33.0411 0x1120  [ A8CC993CED4DF9710ADAABC9DA66B660, 76D64D0D762DCF05AE494749514D91D3F0FF4EC2D0A1FFEA8A5F8708832DF17C ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
15:51:33.0427 0x1120  secdrv - ok
15:51:33.0442 0x1120  [ 8B3C0BDAF6CAE7DC52B38054BC2D3ADD, 15EE0827485E30442A920BAC20DFED50B2659BC14B6A56EFD6317072764DB0E1 ] seclogon        C:\WINDOWS\system32\seclogon.dll
15:51:33.0474 0x1120  seclogon - ok
15:51:33.0489 0x1120  [ 68E8C6017442C4D2FB20032239878B4C, 24568AEF503DB6D214767E13A4C106818556E97A55932CCBF0DB332553544F0B ] SENS            C:\WINDOWS\System32\sens.dll
15:51:33.0505 0x1120  SENS - ok
15:51:33.0521 0x1120  [ F9A0314ED1FB0318C417299841D8A235, 2E4B129101DF70B07F310CE18B482622BC0100523AA0E6AF0974AE12927AFFA5 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
15:51:33.0583 0x1120  SensrSvc - ok
15:51:33.0614 0x1120  [ B9B7306D989D3B205EE9637ABB937978, 1CDEDB934381C64052AD2BF71F092D2A2CCFEC99CA1907F0B96897D0BCC12F9A ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
15:51:33.0630 0x1120  SerCx - ok
15:51:33.0661 0x1120  [ 617029159ED22EF9CB3F83FE5AF968CB, 4D89F71CCBF521EA9C83EE1ADF74AC4BFB9CB03ACAE5A4812771B0E0661097B7 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
15:51:33.0692 0x1120  SerCx2 - ok
15:51:33.0724 0x1120  [ DE87128CFA9AED45BC26B7422B06CE06, B6C7AB6BE6260047176FEB14838B859A3601326F2FD34E3594A7F1901DFD7E56 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
15:51:33.0724 0x1120  Serenum - ok
15:51:33.0739 0x1120  [ 8C86C60A471B4E6DF644B07FD30957C4, CC15109CE20ACEB0A5E10A96051CAAEE796F1DB640C6622B81D6CB76B8C9959D ] Serial          C:\WINDOWS\System32\drivers\serial.sys
15:51:33.0739 0x1120  Serial - ok
15:51:33.0771 0x1120  [ 83F70AC05D00530EFAE71C913AEB5F3B, BA50F3F120D5514FE17E2FFF4BDEA07CA7B46EE8EA8AB0BC890B862AA0626B84 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
15:51:33.0786 0x1120  sermouse - ok
15:51:33.0833 0x1120  [ ADC071E4F65BAC3AEF4807B23438472A, D45DEAE2AA7CD1D2627C80252D0024CDD932E760FD6346C74EA60CFE0538FC24 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
15:51:33.0936 0x1120  SessionEnv - ok
15:51:33.0952 0x1120  [ 4FC275DBBE9F48EB07418E066843058D, AF550B24A7B4EE55259D45DDECFDAB61AE0D2E4E1874E6693A62EC66AEE6096E ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
15:51:33.0952 0x1120  sfloppy - ok
15:51:33.0999 0x1120  [ F17175CD44231011EC33F3F62F8A9314, EE172A54BA33340D8C0B6C8C08D67C44016F9734FD851AB7DBFB7AAB93EC8E36 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
15:51:34.0077 0x1120  SharedAccess - ok
15:51:34.0124 0x1120  [ EBE31F23BF3EF06EE08CE4AC4F26DC80, 64C58B6AA318C4DF2EF8E2E8EB0D13B518775AE89C5F3BC60003C1510A5A70FE ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
15:51:34.0155 0x1120  ShellHWDetection - ok
15:51:34.0186 0x1120  [ 0EFBAF5C195B78D7897701EA3084AFA8, 82E539F7697AA9A57B74EFFDA1D9D9865890EAB9EBAEE3843D3DC9C7AD2621FC ] sisagp          C:\WINDOWS\system32\drivers\sisagp.sys
15:51:34.0202 0x1120  sisagp - ok
15:51:34.0218 0x1120  [ 447DAF85E9F4D53710636468AD9911EA, B1A3840E2A671FEE9D0F17BFFEBEE1EED04EB736A6150389A09E5B6156DF99E3 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
15:51:34.0218 0x1120  SiSRaid2 - ok
15:51:34.0233 0x1120  [ 5C08041AA0DB4FE983D496D820AFACB7, 2E513D9B6FA0B27D9A2A4CD1C57AD98C1A8C50D4DAD75AC384793F3A697E671F ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
15:51:34.0249 0x1120  SiSRaid4 - ok
15:51:34.0264 0x1120  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
15:51:34.0280 0x1120  SkypeUpdate - ok
15:51:34.0327 0x1120  [ 980D0CBAE757EEB1C9B21DEB4FA3B5F8, 5357033FAA1624549E84F6B5AB40345CD2C82353173F0FCE317EEEF0F59663F2 ] smphost         C:\WINDOWS\System32\smphost.dll
15:51:34.0405 0x1120  smphost - ok
15:51:34.0468 0x1120  [ 4A0B28346252F1165FD6FB38B2177F18, A9D754F11DBED4DB886CAB6DEDBD4B3FB01FF5F0FA2DE226A6D8F970D9C15A3E ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
15:51:34.0483 0x1120  SNMPTRAP - ok
15:51:34.0546 0x1120  [ EAF47B59FDEA68BC21963E3F05C0B0FE, B1016594F1123CE7AB7DF4FD3BBD8C2C21FBBBC9A11F7F3E0244A370FD3869D3 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
15:51:34.0561 0x1120  spaceport - ok
15:51:34.0593 0x1120  [ E0A6F5DA31A1B0F3C8D8A4802F97667D, 65770A9C2442522BD122AA2036E1EDAFBCDA2D7F9661412D90DCA01A5D676D01 ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
15:51:34.0608 0x1120  SpbCx - ok
15:51:34.0639 0x1120  [ B9EA3BE9957037FC5EA972621FB7EE36, 30CA80EBE2A7CC8CE5E700A53F1931DC6479A94E2ED5D4B23A312C977A344E5F ] Spooler         C:\WINDOWS\System32\spoolsv.exe
15:51:34.0702 0x1120  Spooler - ok
15:51:34.0936 0x1120  [ B269FCFAE6A576139BBDA4E805AAEDC4, 1CD8EC94B35EBDA7161FBB6C73EECE5330F458E59B17C7D1FCD52D353ACCC8F9 ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
15:51:35.0186 0x1120  sppsvc - ok
15:51:35.0233 0x1120  [ 4B6B140C66BC2B095E4B1CC0AB2C1A6E, A89B2E55CF6F2CE54268E494EAB4070CC07B1935714584DC0DE2E32A9CFC4F52 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
15:51:35.0286 0x1120  srv - ok
15:51:35.0347 0x1120  [ 058C080523FA3D22B2C45F5C50E00375, FFE84F9A9E54731824601D0F81E1892987620057C197F8B0C9C8953A93D43F40 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
15:51:35.0355 0x1120  srv2 - ok
15:51:35.0386 0x1120  [ E64760EE4341393C3895AD3FC1C8581D, 5856914BE8D65831399ACAF76D823B62D49E1092B5546007B7EA63D7D4FAB84D ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
15:51:35.0402 0x1120  srvnet - ok
15:51:35.0449 0x1120  [ 6CBF9EBA48E820CC19742919B2FAF67B, 87658A7D24BAFA653373C0599AC3756F1D44B77F2189B2CCA813ED4A06A9D564 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
15:51:35.0496 0x1120  SSDPSRV - ok
15:51:35.0511 0x1120  [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv          C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
15:51:35.0511 0x1120  ssmdrv - ok
15:51:35.0558 0x1120  [ 60F21B841226BF06EA420A5322A4279E, FDC563B5AFCCFB1DDC5FB39187BCAACB2B91528426E8A198A527379CC3EB5C89 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
15:51:35.0605 0x1120  SstpSvc - ok
15:51:35.0652 0x1120  [ 6E1A473DD2A4714EAF7D11E2315DF794, 4460546191072C7DF8B2E5A00577BA8E4FF5A1B2EA399DDF65EBE1AE4A5A5C84 ] Steam Client Service C:\Program Files\Common Files\Steam\SteamService.exe
15:51:35.0667 0x1120  Steam Client Service - ok
15:51:35.0730 0x1120  [ CDA9313E34887A111B8309B55BCDCD82, AC070AA093B7013E4D1B29F4FAF9B469C3C261E4D3D1512B4F77CC609CBD1484 ] Stereo Service  C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:51:35.0808 0x1120  Stereo Service - ok
15:51:35.0839 0x1120  [ B4489EA5810BF73778CD8BDC305109CE, E42EC87D2B8622AA25E9DAA64F98EA4129FC231BEDAD5D2ECF6DD7F19C710E07 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
15:51:35.0855 0x1120  stexstor - ok
15:51:35.0881 0x1120  [ AE30DD60D851221BC26A4D6848AD78CC, 593CD0E77942472112E359A2FB156E5CD04E5003DB67B0B989DDF0C7A00089E1 ] StiSvc          C:\WINDOWS\System32\wiaservc.dll
15:51:36.0004 0x1120  StiSvc - ok
15:51:36.0035 0x1120  [ BA47EC0DC91660274059C437DC53D82B, 49BC1483F92457F5EDA40B598CCC64F0379C49EEA1E21CA1E182F670AA6959ED ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
15:51:36.0051 0x1120  storahci - ok
15:51:36.0082 0x1120  [ FA5A48CAB745A7A8CB83ECFE26BD2A11, DBF39A5D4663DE7F8809B2E21EDD5DE4EC291F023CFFBBDEC33AD569245F8B52 ] storflt         C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
15:51:36.0097 0x1120  storflt - ok
15:51:36.0160 0x1120  [ 54614BE0F68CD3E9C6DEB8E8FBD12397, 2C3CDAF70BF5165965B03A83B7161862A4D5590EEFF34B4A71281DC8DA7EA2CD ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
15:51:36.0176 0x1120  stornvme - ok
15:51:36.0254 0x1120  [ 01DC138AF03B0DF86044D29BA6FA20C8, 608A1220154256AA5C1FDA43B32F852E1C277D445C1CA24E72CCE946C0A60291 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
15:51:36.0379 0x1120  StorSvc - ok
15:51:36.0394 0x1120  [ 19AC4D3BB088AA4561036B220FEB99DE, ECD0071B7229BEB1CEC80A1F302A9864E35958AB7EF659780695E80A14B9E647 ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
15:51:36.0426 0x1120  storvsc - ok
15:51:36.0519 0x1120  [ 77BBD7D3F9229A4FA1F4B61D12A06762, 2500C903E1EC45D31F54CE4B4ED4F2052C55396AC4DA29D2DDBBCC347FF9F535 ] svsvc           C:\WINDOWS\system32\svsvc.dll
15:51:36.0660 0x1120  svsvc - ok
15:51:36.0707 0x1120  [ BDD8121BEB8227A65D83C87FD4BE5AFE, 3B2C207180349752E39128316EEFA95B080333FC057E48A0F260D3224ED67B48 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
15:51:36.0722 0x1120  swenum - ok
15:51:36.0863 0x1120  [ 756E1472CB3BE829A8555869469074DE, 75379CB7D996DD0F5293A3AD7FBE7AEB3C51B75C046CE971E751019444212C70 ] swprv           C:\WINDOWS\System32\swprv.dll
15:51:36.0941 0x1120  swprv - ok
15:51:37.0082 0x1120  [ A08AEDA37F3BC5A7E72C2D7732C26FC0, B9521CC77BB8001142C64A7D1B8480F52A4ADC0AE0A94D04578EDAE67F2BEF65 ] SysMain         C:\WINDOWS\system32\sysmain.dll
15:51:37.0144 0x1120  SysMain - ok
15:51:37.0191 0x1120  [ F4273A2ED357007B2A98F90946174762, EBEBA946A538CCEBAAAB49F8E80169459C6B214EFFDD31CBEEE88199D2A5C51A ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
15:51:37.0254 0x1120  SystemEventsBroker - ok
15:51:37.0290 0x1120  [ 89BAFF8F0D332009A95EA5F217C57DE1, 6BB67736A8F15A218924060FC927EBDB524305550EAAFA5EFD228228353CE1F3 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
15:51:37.0322 0x1120  TabletInputService - ok
15:51:37.0357 0x1120  [ 432D9D823C4C26B6070C41BAD4404CE4, 741B41F7467D312AF4CC733EA31F647FBCD06985CBB6A14117E8A87A6F7B06F5 ] tap0901         C:\WINDOWS\system32\DRIVERS\tap0901.sys
15:51:37.0357 0x1120  tap0901 - ok
15:51:37.0388 0x1120  [ B7AEE68D2E867CBF69B649B18FCEDBBB, 82814EEDBD2908DC2D6A2162C647FB323F95EA7D9EA49265DB44CA72468753A0 ] tap0901t        C:\WINDOWS\system32\DRIVERS\tap0901t.sys
15:51:37.0404 0x1120  tap0901t - ok
15:51:37.0435 0x1120  [ 4FCDFA214133956B0DA8358D366F536B, E243B05AA9C0D2FB7FBD6774ADE2251C9A9ED6B3460956321E4388E2C0FDAE4E ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
15:51:37.0498 0x1120  TapiSrv - ok
15:51:37.0607 0x1120  [ A85BA90456F0D6C56963B5D6AB0F6C37, F950FF9307AA89C46348B1A8F8E906727F9DDF36734163EDD211A7952B0797BC ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
15:51:37.0685 0x1120  Tcpip - ok
15:51:37.0763 0x1120  [ A85BA90456F0D6C56963B5D6AB0F6C37, F950FF9307AA89C46348B1A8F8E906727F9DDF36734163EDD211A7952B0797BC ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:51:37.0826 0x1120  TCPIP6 - ok
15:51:37.0878 0x1120  [ 31D0E1BF76AA85F5A72F4FD488C3B508, AADDDAB1B41356EDDE6BE7091BAC24345C4D0BEC4DABD2B4F50D753320A6E1AE ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
15:51:37.0933 0x1120  tcpipreg - ok
15:51:37.0980 0x1120  [ DB0C184142CF9FA1746F598A16EE92B2, 27341EDDB764FE978AB0B4E6E89A9BA41E064578CCEA5AC56AA83CD99828DB93 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
15:51:38.0011 0x1120  tdx - ok
15:51:38.0074 0x1120  [ 8702612CA43950495A4473820FAA5F58, D55B67CA78392E806B1A4A2FE53F97716A35781BB18078416E8631EF2B25E059 ] Te.Service      C:\Program Files\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe
15:51:38.0121 0x1120  Te.Service - detected UnsignedFile.Multi.Generic ( 1 )
15:51:40.0588 0x1120  Detect skipped due to KSN trusted
15:51:40.0588 0x1120  Te.Service - ok
15:51:40.0635 0x1120  [ 87F4612CBEF6CD97043911BA43ABB53B, FFC4B03D5450782EAFA4E91B1F4F64B37E5ECEA3762A15768D068D80FB5F5941 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
15:51:40.0651 0x1120  terminpt - ok
15:51:40.0729 0x1120  [ 7A8E1158291CF4C8D8474A2091B9BF6D, D6A8C3A92AFC26AA0F710EF51E28943EC658AD7738A5C7EE65F1D9CC3288132E ] TermService     C:\WINDOWS\System32\termsrv.dll
15:51:40.0901 0x1120  TermService - ok
15:51:40.0916 0x1120  [ 97DDFC419054D0B0D6C5AE698F840307, 5131563E607BA121BA491434CB02E82B63AD8DFCFF30C899C971507445053D43 ] Themes          C:\WINDOWS\system32\themeservice.dll
15:51:40.0963 0x1120  Themes - ok
15:51:40.0979 0x1120  [ 01946468EA6196F9C54A245354C1240A, 96BE9EF1D791417BFBD9AC9F24D38F128DEE409C95F25138B8CDAE3F86E17D4A ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
15:51:40.0995 0x1120  THREADORDER - ok
15:51:40.0995 0x1120  [ 63B6FF7650AD844484624541772CCEBA, ADE044BDB9FE02EBEF17F3F0542B2FBBDBFFD0570A0FF53CB754BA8FC248E4AF ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
15:51:41.0026 0x1120  TimeBroker - ok
15:51:41.0057 0x1120  [ 7441A1E10500AC6229DDCE369A953929, E0C5863A7B89F86A09DBCC602907A3EF3D4511B593A9878FEF559737075FA280 ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
15:51:41.0088 0x1120  TPM - ok
15:51:41.0104 0x1120  [ AEB123A17BE77809C23DA9422505A356, F80D8A3BEB72C719DBE216061B45E00AA97D36175F4A84082A5AF12BDB5D31E0 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
15:51:41.0120 0x1120  TrkWks - ok
15:51:41.0182 0x1120  [ 37EA57301CE18BEAB54417989450D9E1, 0DAD10998F66149189E79343D880330C33856464582FC81C4F4810F4BF3C7625 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
15:51:41.0272 0x1120  TrustedInstaller - ok
15:51:41.0303 0x1120  [ 3E87B8167BA1CA5274DFACC4856B3FD9, ED06CD0BC2E525BC7F4467EECEF361CE4DBC456156AD1D4440FDA144B8310983 ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
15:51:41.0342 0x1120  TsUsbFlt - ok
15:51:41.0355 0x1120  [ 3F6FA4385342780468C0FEE5D09BB431, DB820F8A0B8443871F0EF1817D9516FDA8A3A6C71112951B52641C318176FCD5 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
15:51:41.0378 0x1120  TsUsbGD - ok
15:51:41.0410 0x1120  [ C9AF1C4C24DA2FF092B1A4548EEC5ACB, CD638FECB87AA8A6861CE248EBBD18AB42F2A71FB06446E28A7E9496968100DE ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
15:51:41.0441 0x1120  tunnel - ok
15:51:41.0535 0x1120  [ 9B67EEB5ECCA7E7A57942D967DD59089, 6CD1575BB52A936875DB6E2EA541C7630CF1B0BC4947A5B12356F7C493316324 ] TunngleService  C:\Program Files\Tunngle\TnglCtrl.exe
15:51:41.0628 0x1120  TunngleService - ok
15:51:41.0644 0x1120  [ 61FC1405334298EFE7D49970C5346551, 5068C5D1A8F08140A5FC2FA1122D86E146C7F10AEAF41C314EB85383E5C72560 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
15:51:41.0660 0x1120  uagp35 - ok
15:51:41.0675 0x1120  [ 0E919230A74FA541CC5C2D3F917340B7, 0C960B511C1AB67C8556604EAAE994B9366F5ED90B0C4C6C44D6F88E244C4C79 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
15:51:41.0691 0x1120  UASPStor - ok
15:51:41.0722 0x1120  [ BC87FFF7ACB60F25CEE11C03856D2BFD, 440854D481E170A1D0D9DB915823E87C35A2D0D2B274CA4ED56AE08646E34D31 ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
15:51:41.0738 0x1120  UCX01000 - ok
15:51:41.0753 0x1120  [ 070CDA00BE4D9E4E92F5471B8D24CBD8, B8407DCBF5E878FA440EA229E2FED457C27BD53CA47EC5326F7A8917CD6AC529 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
15:51:41.0785 0x1120  udfs - ok
15:51:41.0800 0x1120  [ 31C53FFBFD9977D3F2061627A69274D2, 6B95519B26C0B588E2D8973B838E03DF658C95BBF2D5940116E4256462518E63 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
15:51:41.0800 0x1120  UEFI - ok
15:51:41.0849 0x1120  [ 0424574BB406E7B793D122D0F1A198CE, 7A3084E6EE1F4FFDD7B61F4D4E1AFC9B7439BC6C3C9F358C9CFD1C1232A8E302 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
15:51:41.0923 0x1120  UI0Detect - ok
15:51:41.0965 0x1120  [ 202F1C6EBA7D84F59C03E708F45A28C3, 009D0E5D342929B0489D10AA4CBE704D11C1E81CB8FE8E55B50DCF5D246A469B ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
15:51:41.0980 0x1120  uliagpkx - ok
15:51:41.0996 0x1120  [ 8CB5D86BDB3890CFC4D94593935C2F4B, A1C26146D1FA78E66C878287D27BAC1E474EB7A3BC82A5FF2EF19223AAF5498A ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
15:51:42.0011 0x1120  umbus - ok
15:51:42.0043 0x1120  [ C4115675F53E9E853294C15131D5EBBC, 1E9EFBAAFDDA6BCCABAD2CA0F0D48019AFA7299A5E4D5E56ED5364F7398DFC26 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
15:51:42.0058 0x1120  UmPass - ok
15:51:42.0090 0x1120  [ 6843992F07DE867B29277B422F08A72B, 60588DFFDE7A20D0685BFF5FB0E94D8729CDCBC878968181BE4467EECF7FF576 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
15:51:42.0136 0x1120  UmRdpService - ok
15:51:42.0183 0x1120  [ B9DDAEA3770B3752B6AA7191B5AA16AA, 27D8ED0F417E57E242E6758639A2FFC7E5CF43B6AB8D4A9074273CF046355FC6 ] upnphost        C:\WINDOWS\System32\upnphost.dll
15:51:42.0214 0x1120  upnphost - ok
15:51:42.0293 0x1120  [ D4531B9B73B990DC53B4A765E3BD070A, 6BABBD203658A9DE011AC4F34608E5A5A921D7E3B50B920381F69F2B152B1F1A ] UPnPService     C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe
15:51:42.0324 0x1120  UPnPService - detected UnsignedFile.Multi.Generic ( 1 )
15:51:44.0838 0x1120  Detect skipped due to KSN trusted
15:51:44.0838 0x1120  UPnPService - ok
15:51:44.0885 0x1120  [ 9701107B5D7813654A1D1AC42F246E97, 7FFFB930A825386F724D3A63DA8C1691BE2FAD20BDD0D594C70898FAF72FCE75 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
15:51:44.0947 0x1120  usbaudio - ok
15:51:44.0998 0x1120  [ 8651DACA9D5A52378E6E53282E5F3F84, 8581D32DD13E2BFD7CB53F3A3BBE3B8966032641838494E13603A62F65DCE9F6 ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
15:51:45.0014 0x1120  usbccgp - ok
15:51:45.0045 0x1120  [ 9D941A00FD49FBC8670EFE0B48F41994, 947643E72D70E62C42DB39762D0668FF2151ED9B12CFB5B7B62203E8C2E48332 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
15:51:45.0061 0x1120  usbcir - ok
15:51:45.0076 0x1120  [ 7DCCCE20A4A92BC246E1AB04A4BB4103, 7C978E2A0AB0A19A919D7EF58FEE5CEE4BC0D74A7D866D44B2F8523A2B280937 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
15:51:45.0092 0x1120  usbehci - ok
15:51:45.0123 0x1120  [ 78BA6C76EAB8AEECD43C06E0E63FAD3D, 2F9D4E895B5943A770B72EF56865B05284CBC42ADD23B613D732C828A7412DDA ] usbfilter       C:\WINDOWS\system32\DRIVERS\usbfilter.sys
15:51:45.0123 0x1120  usbfilter - ok
15:51:45.0154 0x1120  [ 719A4B2BA45363AC0B158F6CB4BCD295, 7A8FCA890C9992D6AB8F9448F3140C7DC92A52D35C993611F7455FF01AE8F57E ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
15:51:45.0170 0x1120  usbhub - ok
15:51:45.0248 0x1120  [ 3314871104ECDA48F467057F1EEE4976, 391339FE499CBE453FC721E400C087D8858B71616598C36060CC5F6B532A5F07 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
15:51:45.0262 0x1120  USBHUB3 - ok
15:51:45.0293 0x1120  [ B1E835C5F75F98B0439ED0A56B85C3E8, 427313F3847C056DBCF6CF58EE7CC5BF1F22CA73C711D1A63537F3B18FB04FBA ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
15:51:45.0309 0x1120  usbohci - ok
15:51:45.0340 0x1120  [ F4FA8FC5577F5F603FD79663BD8F3005, 3D91D7312EFEEFA002C805F9A679EE50A3D8C7BF45C06A514BE5177582B156C0 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
15:51:45.0349 0x1120  usbprint - ok
15:51:45.0365 0x1120  [ 0524DB987E8BCB5D42B42F723AB60AC0, AA39F44AF92082FFFF5BB39690261E866434ECB7900092D80469513D775B7986 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:51:45.0396 0x1120  usbscan - ok
15:51:45.0427 0x1120  [ C76EEA7AE00350204BAA04CB2F3A9C52, 66EBBBC5E9BE5A9F934E537B0D4CDB55E9DC142F05263AAED6974AE44AE77AA6 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
15:51:45.0443 0x1120  USBSTOR - ok
15:51:45.0459 0x1120  [ CCCD22C19D5CC3FC410CDB0F21D08AB9, 1B25778C02CBAC2A8D31F73A5025E858BA60597E50190038F8BABA78324F0AC7 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
15:51:45.0459 0x1120  usbuhci - ok
15:51:45.0474 0x1120  [ DCEF75D41DD4FE665FA2F41F901E67AF, C946CFA766081BE2645DAA07557001EA2593686CD1E94998CA47312ABB840DB3 ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
15:51:45.0490 0x1120  usbvideo - ok
15:51:45.0505 0x1120  [ 0CEA7C4EC8BAB5DEFC8F7198BEE03850, AB5933A4C89CF2C2975A24119DC30A122C17572D74565DE0F5C895CF29EEED06 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
15:51:45.0521 0x1120  USBXHCI - ok
15:51:45.0537 0x1120  [ F33BFCBBBAACE7208DB433B6CCA98930, 46E994BE4A2EA4D324C8B78CF9276F4805EA47046CBC7AD37401AA77E13C75FB ] VaultSvc        C:\WINDOWS\system32\lsass.exe
15:51:45.0552 0x1120  VaultSvc - ok
15:51:45.0584 0x1120  [ 3D06B8D4A1ED1B91C8566DF7AC510AF2, 1639DA43B066D5D615133178AAB3251EF1F80B2330994C02B11122D8F1EC5C64 ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
15:51:45.0584 0x1120  vdrvroot - ok
15:51:45.0662 0x1120  [ 22DF64B9DA3F480FB78C886B329A1048, 0E2708A91818313501472BAF829703EE9EB6AA019C725DA36E0A13ED432063FF ] vds             C:\WINDOWS\System32\vds.exe
15:51:45.0818 0x1120  vds - ok
15:51:45.0849 0x1120  [ E0915FFD3BDFB98B723C46FEB8070B8A, 7D9B52E4D35E92823E3D8DE24DF8A405E23B34C84BF0E42DD04001C49C1F0EC0 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
15:51:45.0863 0x1120  VerifierExt - ok
15:51:45.0906 0x1120  [ 3AF00F5A0742B10CB10F54A4D6E17D8B, B6CABE42363AC8F797594879117EF1B352BAC5612F46F0930F966F4D6A2D5222 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
15:51:45.0922 0x1120  vhdmp - ok
15:51:45.0969 0x1120  [ 33CA244E0808BBD784EA6938605FED28, 381F320300D558261C79ED62EEB187D31E3606222B9B7B24EBDD00E782F03F87 ] viaagp          C:\WINDOWS\system32\drivers\viaagp.sys
15:51:45.0969 0x1120  viaagp - ok
15:51:46.0000 0x1120  [ EBBBCBC27D7F391188CDF4196ED80D63, 2493F56BE61DFA54138C2FFAEEB13ED40E168E345CE4B381EF7F34DEBC6152EC ] ViaC7           C:\WINDOWS\System32\drivers\viac7.sys
15:51:46.0032 0x1120  ViaC7 - ok
15:51:46.0063 0x1120  [ 75B08537DCF231A7B536ACE2ED8E8A35, 520D87B7AE1E351AF4C1798528D371188102F6552F2C576C40D6A2AB55B8A718 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
15:51:46.0078 0x1120  viaide - ok
15:51:46.0094 0x1120  [ 744DBD744910FAB62EACD05F25471D61, 99ED66D0E47976F1AA8C999032E0CF1649B91ED47AFCD4AEE880F4D926CD4D80 ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
15:51:46.0110 0x1120  vmbus - ok
15:51:46.0125 0x1120  [ 1F02B273254268F975612210D8CB6859, BB5EAC399CD3D7ACC5A20DB0EA4BD6DBF5D2D475A4A206E3CD1F31FBAE3C88D2 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
15:51:46.0141 0x1120  VMBusHID - ok
15:51:46.0188 0x1120  [ 0CA4644517EEC9BA9414A1B518DFED8F, CEF218418F65513DDC91215D82ECAE6624A259013F4C84EA0229465266EB07AF ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
15:51:46.0266 0x1120  vmicguestinterface - ok
15:51:46.0281 0x1120  [ 0CA4644517EEC9BA9414A1B518DFED8F, CEF218418F65513DDC91215D82ECAE6624A259013F4C84EA0229465266EB07AF ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
15:51:46.0313 0x1120  vmicheartbeat - ok
15:51:46.0328 0x1120  [ 0CA4644517EEC9BA9414A1B518DFED8F, CEF218418F65513DDC91215D82ECAE6624A259013F4C84EA0229465266EB07AF ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
15:51:46.0344 0x1120  vmickvpexchange - ok
15:51:46.0360 0x1120  [ 0CA4644517EEC9BA9414A1B518DFED8F, CEF218418F65513DDC91215D82ECAE6624A259013F4C84EA0229465266EB07AF ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
15:51:46.0375 0x1120  vmicrdv - ok
15:51:46.0391 0x1120  [ 0CA4644517EEC9BA9414A1B518DFED8F, CEF218418F65513DDC91215D82ECAE6624A259013F4C84EA0229465266EB07AF ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
15:51:46.0406 0x1120  vmicshutdown - ok
15:51:46.0422 0x1120  [ 0CA4644517EEC9BA9414A1B518DFED8F, CEF218418F65513DDC91215D82ECAE6624A259013F4C84EA0229465266EB07AF ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
15:51:46.0438 0x1120  vmictimesync - ok
15:51:46.0453 0x1120  [ 0CA4644517EEC9BA9414A1B518DFED8F, CEF218418F65513DDC91215D82ECAE6624A259013F4C84EA0229465266EB07AF ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
15:51:46.0469 0x1120  vmicvss - ok
15:51:46.0485 0x1120  [ D78640FCD9043EEFE3DDE69855A72567, 0668F913E5F3D21BC921E5344AE9D354CCAC0FB1962A74D4BE95822F7F4BC228 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
15:51:46.0500 0x1120  volmgr - ok
15:51:46.0547 0x1120  [ 57566A1F8D39071BB56AA0B083A75544, 3B63E53B05A5417084A1BC4ECB118FAC3DE4C5FA1EE30834564F670CCD79352E ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
15:51:46.0563 0x1120  volmgrx - ok
15:51:46.0610 0x1120  [ F4138DC230FC3DFE9E31201561D0491B, EDCE4AA2794F6D022A424A29021712A25D60A093D2C98BB6F5C4CF4092AAFA97 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
15:51:46.0625 0x1120  volsnap - ok
15:51:46.0641 0x1120  [ 10B78A2D45B1330C162FDE8FEE78F315, F3D790D2352422F335432BA50198C192F397BAAC713BAB99B577ED7C33C0348B ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
15:51:46.0656 0x1120  vsmraid - ok
15:51:46.0735 0x1120  [ 044B27361CEE42AD0662B04D57CDB716, 7B267D0EF4991C3E4D8FEE10455AFF12037B2C72F42FA6E57343643D29CD95A0 ] VSS             C:\WINDOWS\system32\vssvc.exe
15:51:46.0797 0x1120  VSS - ok
15:51:46.0813 0x1120  [ 761B3F51660CD3D9F815E5C916235D0B, 64DA061674047ECC3D0A034CFCB3D926712C14599807E06194688ED7E9F8ADCA ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
15:51:46.0828 0x1120  VSTXRAID - ok
15:51:46.0860 0x1120  [ 47BF83648E9FBD88A8CDB7C2A169D100, C00971C6DC1EA10FBB8D3291BF196DE45C66E234D143D08F3B9A97DDE08547FF ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
15:51:46.0891 0x1120  vwifibus - ok
15:51:46.0953 0x1120  [ 6300EDA4700C9BEEA42867D4F0A1F9E5, 8258ECE4E8B2A989F392B2E69AFE54BB3F444753ACE7E7990307EBCA143B6868 ] W32Time         C:\WINDOWS\system32\w32time.dll
15:51:46.0985 0x1120  W32Time - ok
15:51:47.0000 0x1120  [ 67B211F7AB2D49C6403E7FD970421806, B81E270723397450A9689F7EE9D014F2623FC90A5051D671484F141DC116D5CF ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
15:51:47.0016 0x1120  WacomPen - ok
15:51:47.0094 0x1120  [ A3A21FF9BE9C183F1AF9B538B9D37DD1, F959E22580425BF9C0FE9C72776EFF1934575021DFDBD1834E6BB881D3BA4A97 ] wbengine        C:\WINDOWS\system32\wbengine.exe
15:51:47.0280 0x1120  wbengine - ok
15:51:47.0350 0x1120  [ CE81100317C426F778651FD1D5C16492, 91CE2B6C43632D48859B9961F6CAF3F519D06C3A13FF23E906E1ED93DEB896B2 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
15:51:47.0374 0x1120  WbioSrvc - ok
15:51:47.0405 0x1120  [ 30DBF746D895BC3A6EC4CF55B81A8A81, 3CED8ED3D260A2F95B956CE0B962C5F6D90BADAB489C8B9724016E4DBEBF7662 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
15:51:47.0437 0x1120  Wcmsvc - ok
15:51:47.0483 0x1120  [ 531A627D02CAEC304B30A1EBDE99DADE, 410B2FEB23333861E61107C64F628FAA0A3FC8C62C17D4F5854EC891D8D83516 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
15:51:47.0577 0x1120  wcncsvc - ok
15:51:47.0593 0x1120  [ 69059CD0ABD70C3884117652E3B70431, 8568210E62C827C43377C09F40974628FF25CFD35A45EA4D4E3FDD5884F91617 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
15:51:47.0686 0x1120  WcsPlugInService - ok
15:51:47.0733 0x1120  [ 5B9AEA959D59C5F2DAEC2E6FD6DDFB0F, 3B7C857DC272860FDCD3216C524BBFA65B26F1AEB37B562EBB7F9068891DCB01 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
15:51:47.0749 0x1120  WdBoot - ok
15:51:47.0827 0x1120  [ C49F1B047C2080FC5AA662A769887631, 55BC1C77250B0B2AF2B81120DDBE41C25B875FCD72040A529D1BA88D5BFD5E7F ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
15:51:47.0865 0x1120  Wdf01000 - ok
15:51:47.0896 0x1120  [ BBD6DF3FC00CACBFA92A4C98CE5C0CCD, CB62FB1E28D6F00546C339C6D3A24B430315E78575FCDEB520D9F0963ADC74D1 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
15:51:47.0912 0x1120  WdFilter - ok
15:51:47.0958 0x1120  [ DACD90541CBF7DE095801B05ABB4F355, 2CB55E01DE3603DFA91CB151C7EE4E978EB3DD0F818BDC8277D3C9407751F7B5 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
15:51:48.0011 0x1120  WdiServiceHost - ok
15:51:48.0011 0x1120  [ DACD90541CBF7DE095801B05ABB4F355, 2CB55E01DE3603DFA91CB151C7EE4E978EB3DD0F818BDC8277D3C9407751F7B5 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
15:51:48.0026 0x1120  WdiSystemHost - ok
15:51:48.0042 0x1120  [ D7B8475F59FD0C9C395151E5BB5DCC2E, E49E161606B86819759213DC37D4D43C157A65EBED77686783F0FA85AB7C614B ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
15:51:48.0057 0x1120  WdNisDrv - ok
15:51:48.0104 0x1120  [ 2DFB6808124ED1DADE451D845AC61559, 432DCE00F281FC9C97EFC314266591DE0854B9623B95C3EE2FC463389D187CE7 ] WdNisSvc        C:\Program Files\Windows Defender\NisSrv.exe
15:51:48.0136 0x1120  WdNisSvc - ok
15:51:48.0167 0x1120  [ 0C82E61095A8E801FA580B04C304A0EC, 12C0F7D6701A9A5D9184A5260E0474B05E91FF53F4B3B4E15922CE3DE85E3AB1 ] WebClient       C:\WINDOWS\System32\webclnt.dll
15:51:48.0229 0x1120  WebClient - ok
15:51:48.0245 0x1120  [ 03EA9E300DCDF78E8A92625F0BA1CCB2, B8C73C05D2955400800B5D36DC20E8973F75411E32CCD8B2CFA03B6283A50A44 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
15:51:48.0307 0x1120  Wecsvc - ok
15:51:48.0323 0x1120  [ E4016FA4757738263BD714190FB26BA6, C5B121ED9EFFC5C040CF5F658AF9CC63A6FFEDC4C62F7D28D6B474632DC0178B ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
15:51:48.0339 0x1120  WEPHOSTSVC - ok
15:51:48.0370 0x1120  [ B83AC02F1FF0137AB3CB2B5B1AC801DA, 6F871E9A8EAA979D3624FDD3088DD37C3411BFBB43A8FFF75B39DF07B1A95D05 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
15:51:48.0448 0x1120  wercplsupport - ok
15:51:48.0479 0x1120  [ 7EC47083E7470A4BC538FA1EBE60BF58, 4AF817DAB7192182D0A782EA058E3916D22A44C6AB9F89371E1327E8D27C379A ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
15:51:48.0511 0x1120  WerSvc - ok
15:51:48.0526 0x1120  [ CBF73734B883C712BC07796708FCB0CD, 8DA54162866A71E7CEE188A49400964100E58D194B21F86821B01407C4334CA6 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
15:51:48.0542 0x1120  WFPLWFS - ok
15:51:48.0573 0x1120  [ 5876A572A52FA14CEE2F11D7A71ABA2D, 159883D0F10FE6FA05DAB56B598C12000BC25B977329E81BD67DE329B80F79B4 ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
15:51:48.0604 0x1120  WiaRpc - ok
15:51:48.0636 0x1120  [ A4A63DD4E1B72B8C8189AD3F09914AF0, 9B9773C8FB84A224FA6A48D93D46ACE2761E3AC123544C86B50D3895C8A39B41 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
15:51:48.0636 0x1120  WIMMount - ok
15:51:48.0683 0x1120  [ 8CC83221870DD07144E63DF594C391D9, 33BC14D231A4AFAA18F06513766D5F69D8B88F1E697CD127D24FB4B72AD44C7A ] WinDefend       C:\Program Files\Windows Defender\MsMpEng.exe
15:51:48.0745 0x1120  WinDefend - ok
15:51:48.0792 0x1120  [ 984B3226C7A4CFC9FE91D7BACA133D8D, B8058FC049217DE89F13730425207C19B1967194F3BE3C8CAE2F8AA3BD932721 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
15:51:48.0823 0x1120  WinHttpAutoProxySvc - ok
15:51:48.0870 0x1120  [ D08485FAEA1C3505A22FB5C1EBEBC062, 7377B0FE90C60A67789A12FEBBA7FD38C2580BB09F406CED3DD2E1F5EEF123CC ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
15:51:48.0886 0x1120  winmgmt - ok
15:51:48.0979 0x1120  [ 5B8D7F29CA815E6DB156DF9853F0472D, 8E343EC8241C146F7ECB85361BF1AD78C718552B42115A6EE1577B7959901F3D ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
15:51:49.0182 0x1120  WinRM - ok
15:51:49.0229 0x1120  [ 7683DEBE4329EF289BC2B1FC709ED629, F4353FF4E52457058FAE64B9EBAE59563D1E60E8D4CC2C1EF04CC4C3E9C03C78 ] WinUsb          C:\WINDOWS\system32\DRIVERS\WinUsb.sys
15:51:49.0229 0x1120  WinUsb - ok
15:51:49.0307 0x1120  [ 69F326FAE43423A4EDC1FA975C15FEF3, CD06FD275DCFA469780A4A333ED442CF1B47B5A62EE14030A46B30339F7920E4 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
15:51:49.0379 0x1120  WlanSvc - ok
15:51:49.0457 0x1120  [ 8885B2E1A62EC9C6BA7C6CDEEBF0C6E4, AF543870A8DAEA095E8543B32E5628C4F0F47034EF8764F85D0FCF29ABE33782 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
15:51:49.0535 0x1120  wlidsvc - ok
15:51:49.0567 0x1120  [ AF01C55490366930DFAF1D3655C763BD, 59081AC6B83E0A4A376A62417458C520ABA7DB4FB1AEEEC4C45FC8C0AF61FC20 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
15:51:49.0567 0x1120  WmiAcpi - ok
15:51:49.0629 0x1120  [ 57D8CE143395C99E185EA7D753F5C04F, 5778CD5B6EF11071C728416192353C3143C7E875AA8555E1F2CDB26F5B0FA08A ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
15:51:49.0723 0x1120  wmiApSrv - ok
15:51:49.0850 0x1120  [ A511D963C744DD2C86FFF20ADEEE49F9, D3DB5ADF7C32706FC386C608E73F93D03DA4CFDB0B5F80B1C35B30348B76CC31 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
15:51:50.0045 0x1120  WMPNetworkSvc - ok
15:51:50.0092 0x1120  [ DB3F0877E5C225693A131AE82C262957, BEE887EC134F7A27120915F709670FBDC9223E70EA928A0FDC4284FBDFD65ADB ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
15:51:50.0123 0x1120  Wof - ok
15:51:50.0217 0x1120  [ EA7A99A15E809938A6D44E0C4CB00B57, 522B443721529C642BBC9010DFBD1636B617121643D1CCA8C5AE18F3302F98CD ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
15:51:50.0327 0x1120  workfolderssvc - ok
15:51:50.0358 0x1120  [ 7E7207FF951BDAA10781D758628EC1B9, AD6E7D95AD188A9104AEC52DBA8562F0F194BBC45201B5774B9727CF7B01F52E ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
15:51:50.0373 0x1120  wpcfltr - ok
15:51:50.0405 0x1120  [ D7C14B416FC4F76A596A01A76FC5F873, 15D6D10186173F6CEFED503AC061F74F85A0C92B8C0D44684FF57B878AB96D5B ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
15:51:50.0498 0x1120  WPCSvc - ok
15:51:50.0514 0x1120  [ 942AA793A262EB8A6A94DB087D29E744, D52AE53AE985F527657CB22F202AE3007E319B22AA89BA2CDEBDC529A18CFB2D ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
15:51:50.0639 0x1120  WPDBusEnum - ok
15:51:50.0670 0x1120  [ 6D8FA63A8C9765A853264D3977EECC19, F8172DA54DC417E9DA812469A3CD677932F82CCA676DB09187E5A201660D1E83 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
15:51:50.0702 0x1120  WpdUpFltr - ok
15:51:50.0733 0x1120  [ 12BCBE7CA69586AF483C86255739793F, 25714CD7ED802C70AD3580E2C26150392EA452BA355EB3426170B94ABEDDC172 ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
15:51:50.0733 0x1120  ws2ifsl - ok
15:51:50.0748 0x1120  [ 7A0CFACFDF18C5A44D05F91656AB2C70, C15AC8200647B86199F0A547046059D9864EAA87711CD8F3034A8D3ECEDB4370 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
15:51:50.0842 0x1120  wscsvc - ok
15:51:50.0842 0x1120  WSearch - ok
15:51:50.0998 0x1120  [ 2535EE24CC1BB639A7639B4CA5BDE7C5, B855B693D413144CA26286CE49825F608870AE23DEAC641DAFD693F5F70D9ECB ] WSService       C:\WINDOWS\System32\WSService.dll
15:51:51.0154 0x1120  WSService - ok
15:51:51.0303 0x1120  [ ABF248007EAF71606B692F2178E483D7, 0692749E92D4DEA3D58800665CD73F261E0FC159E93085223DD8ADD2F19D7AE0 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
15:51:51.0517 0x1120  wuauserv - ok
15:51:51.0579 0x1120  [ 99EAF7E92720AF13D2CBBC7B0E2E4162, A78EA57231A9D4DAD99FBFE4E4A421C78629B90D35D98C21F088B77DCD60DA86 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
15:51:51.0595 0x1120  WudfPf - ok
15:51:51.0626 0x1120  [ AF04004069C5525E2E88A5476B385223, DC88F507CD786B02F87CB2A0140BCE4BAB75994132A8604E8B107586CE90D192 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
15:51:51.0673 0x1120  WUDFRd - ok
15:51:51.0689 0x1120  [ AF04004069C5525E2E88A5476B385223, DC88F507CD786B02F87CB2A0140BCE4BAB75994132A8604E8B107586CE90D192 ] WUDFSensorLP    C:\WINDOWS\System32\drivers\WUDFRd.sys
15:51:51.0704 0x1120  WUDFSensorLP - ok
15:51:51.0736 0x1120  [ 47575E783D399C38E9200DD73A712443, BFA635FC6927BABA46F6E11C1A99A952CC5C0A9090FE1550A7847CA728AA570C ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
15:51:51.0751 0x1120  wudfsvc - ok
15:51:51.0767 0x1120  [ AF04004069C5525E2E88A5476B385223, DC88F507CD786B02F87CB2A0140BCE4BAB75994132A8604E8B107586CE90D192 ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
15:51:51.0767 0x1120  WUDFWpdFs - ok
15:51:51.0782 0x1120  [ AF04004069C5525E2E88A5476B385223, DC88F507CD786B02F87CB2A0140BCE4BAB75994132A8604E8B107586CE90D192 ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
15:51:51.0798 0x1120  WUDFWpdMtp - ok
15:51:51.0814 0x1120  [ 0D3C738EC8FF12C8B69925229949ED05, 5E7A28F35D83B29925CAA663E12DF970961C10AD5887997E543D1C0ADA11345B ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
15:51:51.0870 0x1120  WwanSvc - ok
15:51:51.0870 0x1120  ================ Scan global ===============================
15:51:51.0933 0x1120  [ BEC87D938F9B07206DC39535D99F6771, F29468A3BE54CDA8EE7DBEFCC5CB2322D81C1E2B41D37EF91196CBA6DE442C2A ] C:\WINDOWS\system32\basesrv.dll
15:51:51.0979 0x1120  [ DBD08C890F4148C2C26D2247FA36E947, 505182658C0E6DC39197BFB8D25885274B3948E548E3618796FF3AF64E626326 ] C:\WINDOWS\system32\winsrv.dll
15:51:52.0011 0x1120  [ 9C56B7F2F68F73F735E367BBCF39D15B, D7370BE7D57A5A7EB1719241365946C35E321EF28EC640648103AA13FAA89CEA ] C:\WINDOWS\system32\sxssrv.dll
15:51:52.0058 0x1120  [ BE8FB66895B5475B09F5907D875CD47D, B9B13330F7BA49271AF4DC7FE917E5366A1052A644D0F5D2C506D282F2865F95 ] C:\WINDOWS\system32\services.exe
15:51:52.0089 0x1120  [ Global ] - ok
15:51:52.0089 0x1120  ================ Scan MBR ==================================
15:51:52.0105 0x1120  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:51:52.0354 0x1120  \Device\Harddisk0\DR0 - ok
15:51:52.0354 0x1120  ================ Scan VBR ==================================
15:51:52.0370 0x1120  [ 655C0422BBB9A9F93D3C081AFE1AFC54 ] \Device\Harddisk0\DR0\Partition1
15:51:52.0401 0x1120  \Device\Harddisk0\DR0\Partition1 - ok
15:51:52.0401 0x1120  ================ Scan generic autorun ======================
15:51:52.0448 0x1120  [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
15:51:52.0479 0x1120  SunJavaUpdateSched - ok
15:51:52.0558 0x1120  [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
15:51:52.0589 0x1120  Adobe ARM - ok
15:51:52.0715 0x1120  [ 1E9B225DE829A6F666A0BA9B8A7984BF, 89D1222D72E23D21E6388B068CE7C415A9857ABB37D7A3AAD549B949A87E61FC ] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
15:51:52.0730 0x1120  avgnt - ok
15:51:52.0871 0x1120  [ EE73B56ED71EB6383F25FA5468923BB2, 0A13F25C55D97A3F86766BED449265514147D41ABB392C9451B9FB070EC7E8E4 ] C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
15:51:52.0949 0x1120  NvBackend - ok
15:51:52.0980 0x1120  [ BE1DAE43DFBCA94FB6B4157C1B16923E, 889A5B65315613B8D29EF66EFEC7198C5EF13A698FC0B237948A5443BD27C9DA ] C:\WINDOWS\system32\rundll32.exe
15:51:53.0011 0x1120  ShadowPlay - ok
15:51:53.0136 0x1120  [ 629A67F63BEED0FB31D5EA2FDB545E8A, 99E4F7D1C1D8AA34DAA3B9121A86C82B0568B5E2D6FAF13BC811B4A3B0F3CF31 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe
15:51:53.0152 0x1120  StartCCC - ok
15:51:53.0199 0x1120  [ D40F8C4F111B93EB36FEDF06FF8A1B69, A9C2697F9ADE487D60ED906E9EA249708793A7C27773C21CA319BF1E8BA26C7D ] C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
15:51:53.0214 0x1120  Avira Systray - ok
15:51:53.0278 0x1120  [ DA7DC61D5C5CDFDBFD400F6835AFD12D, D8DE5357C94F4588B065DEEF16AAEF8840D683E12B581A821FBA080CF8F141F4 ] C:\Program Files\SmartTechnology\Software\ProfilerU.exe
15:51:53.0293 0x1120  ProfilerU - detected UnsignedFile.Multi.Generic ( 1 )
15:51:55.0754 0x1120  Detect skipped due to KSN trusted
15:51:55.0754 0x1120  ProfilerU - ok
15:51:55.0786 0x1120  [ FCEBDCC867A2039DCDA7E8CDA2040241, 5612845376EF69108D9B6BAF47E5409EA25473BB35A991C8993BF5A1A8CA22D6 ] C:\Program Files\SmartTechnology\Software\SaiMfd.exe
15:51:55.0801 0x1120  SaiMfd - detected UnsignedFile.Multi.Generic ( 1 )
15:51:58.0351 0x1120  Detect skipped due to KSN trusted
15:51:58.0351 0x1120  SaiMfd - ok
15:51:58.0382 0x1120  Skype - ok
15:51:58.0460 0x1120  [ 9BA7143CA1769BFE8A5FC03F523F2EE5, 2323CBBF3FB32E946D274E9B1532253BFB0918D3B816A8193C603A0F8315B67A ] C:\Program Files\Sandboxie\SbieCtrl.exe
15:51:58.0476 0x1120  SandboxieControl - ok
15:51:58.0570 0x1120  [ AC427F9A1AB854DDB1585B04C6036ADE, ADD25C9C555B387098D9FEA46FF3E7E97833D5406106730F14C02F45E19C8A53 ] C:\Program Files\CyberGhost 5\CyberGhost.EXE
15:51:58.0601 0x1120  CyberGhost - ok
15:51:58.0945 0x1120  [ CC78200C3ECFFA178E78308A0E160D80, 4E02D6827A99401781032A397663770FA7BE56397AA20F6E2FACE0A0004109C5 ] C:\Users\Thorgrem\AppData\Local\Akamai\netsession_win.exe
15:51:59.0132 0x1120  Akamai NetSession Interface - ok
15:51:59.0285 0x1120  [ 3B6060D03FE2D982AC7F4C2CE1D4FD76, C836E0261490441AD773C821C9E9A9746ED052304A1DAF477674559ECC054D6B ] C:\Users\Thorgrem\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
15:51:59.0331 0x1120  Spotify Web Helper - ok
15:51:59.0554 0x1120  [ 65F72C68DFE48591AFA2100FBEDB66B6, C0A039C8313E844CBBE3EE47943E699A246084798E31A3D89833FFDD31DC285C ] C:\Users\Thorgrem\AppData\Roaming\Spotify\spotify.exe
15:51:59.0694 0x1120  Spotify - ok
15:51:59.0741 0x1120  [ 10CE0F160CAED1B1327B0157E5D58C89, 85EE4FF4EDD448C1DCBF47E11795BE116C14E564A303867B173C4D32FA2803F6 ] C:\Users\Thorgrem\AppData\Roaming\InetStat\inetstat.exe
15:51:59.0757 0x1120  InetStat - detected UnsignedFile.Multi.Generic ( 1 )
15:52:02.0326 0x1120  InetStat ( UnsignedFile.Multi.Generic ) - warning
15:52:04.0794 0x1120  AV detected via SS2: Avira Desktop, C:\Program Files\Avira\AntiVir Desktop\wsctool.exe ( 14.0.5.376 ), 0x41000 ( enabled : updated )
15:52:04.0841 0x1120  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.5.218.0 ), 0x60100 ( disabled : updated )
15:52:04.0872 0x1120  Win FW state via NFP2: enabled
15:52:07.0341 0x1120  ============================================================
15:52:07.0341 0x1120  Scan finished
15:52:07.0341 0x1120  ============================================================
15:52:07.0357 0x0d9c  Detected object count: 1
15:52:07.0357 0x0d9c  Actual detected object count: 1
15:58:35.0442 0x0d9c  InetStat ( UnsignedFile.Multi.Generic ) - skipped by user
15:58:35.0442 0x0d9c  InetStat ( UnsignedFile.Multi.Generic ) - User select action: Skip
__________________
Alt 27.06.2014, 11:18   #4
schrauber
/// the machine
/// TB-Ausbilder
 
[Win8 64) InternetExplorer öffnet sich ohne in der taskleiste aufzutauchen, spielt Sound ab, lässt sich nur durch Task Manager beend - Standard

[Win8 64) InternetExplorer öffnet sich ohne in der taskleiste aufzutauchen, spielt Sound ab, lässt sich nur durch Task Manager beend


Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu [Win8 64) InternetExplorer öffnet sich ohne in der taskleiste aufzutauchen, spielt Sound ab, lässt sich nur durch Task Manager beend
acrobat update, akamai, amazon-icon, antivir, antivirus, association, avira, branding, browser, cyberghost, desktop, excel, firefox, flash player, giga.de, hijack, hijackthis, homepage, hängt, inetstat, logfile, mp3, newtab, onedrive, outlook 2013, quick_start, registry, required, scan, security, senden, software, spotify web helper, svchost.exe, system, taskmanager, teamspeak, vcredist, windows


« Registry Cleaner Akku vom laptop wird immer leergezogen | Win7 x64 SP1: ZoneAlarm Antivirus Schutz schaltet sich selbststandig aus »


Ähnliche Themen: [Win8 64) InternetExplorer öffnet sich ohne in der taskleiste aufzutauchen, spielt Sound ab, lässt sich nur durch Task Manager beend


  1. Task-Manager/Regedit schließen sich schnell von allein.
    Plagegeister aller Art und deren Bekämpfung - 17.05.2015 (16)
  2. Task Manager geht nicht mehr, Browser öffnet Internetseite, cmd-Fenster öffnet sich bei Start
    Log-Analyse und Auswertung - 19.06.2013 (8)
  3. Internet Explorer öffnet sich im Hintergrund & spielt einen Sound ab
    Plagegeister aller Art und deren Bekämpfung - 03.12.2012 (1)
  4. In meiner Taskleiste unter Windows 7 öffnet sich irgendein Programm und schließt sich sofort wieder
    Plagegeister aller Art und deren Bekämpfung - 02.07.2012 (11)
  5. iexplore.exe öffnet sich automatisch im Task-Manager
    Plagegeister aller Art und deren Bekämpfung - 25.03.2012 (12)
  6. Werbepopups, iexplorer.exe öffnet sich, Wave-Sound aus und Spiele minimieren sich...
    Plagegeister aller Art und deren Bekämpfung - 11.07.2010 (1)
  7. AW: Task Manager schließt sich selbstständig...
    Plagegeister aller Art und deren Bekämpfung - 16.06.2010 (1)
  8. IExplorer lässt sich nicht schließen im Task-Manager
    Log-Analyse und Auswertung - 23.12.2009 (6)
  9. Task Manager schließt sich selbstständig...
    Plagegeister aller Art und deren Bekämpfung - 23.11.2009 (7)
  10. Im Task Mangaer befinden sich 2mal die iexplore.exe und lässt sich nicht beenden?
    Log-Analyse und Auswertung - 07.11.2008 (0)
  11. IE funktioniert nicht mehr, Task-Manager lässt sich nicht starten
    Mülltonne - 27.09.2008 (0)
  12. Dialer von Norton gefunden / Task-Manager lässt sich nicht öffnen
    Log-Analyse und Auswertung - 22.12.2007 (1)
  13. Task Manager öffnet sich nicht mehr --> Hilfe!
    Alles rund um Windows - 28.11.2006 (1)
  14. unbekannter task öffnet sich kurz in taskleiste
    Plagegeister aller Art und deren Bekämpfung - 17.05.2006 (6)
  15. unbekannter task öffnet sich kurz in taskleiste
    Log-Analyse und Auswertung - 12.05.2006 (1)
  16. Task Manager öffnet sich nicht mehr
    Alles rund um Windows - 18.10.2005 (4)
  17. Task Manager,Geräte Manager,regedit öffnen sich nicht!
    Log-Analyse und Auswertung - 11.04.2005 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema [Win8 64) InternetExplorer öffnet sich ohne in der taskleiste aufzutauchen, spielt Sound ab, lässt sich nur durch Task Manager beend - Hallo liebes Trojaner-Board! Seit ein paar Wochen öffnet sich immer de InternetExplorer bei mir im Hintergrund, wird aber nicht in der Taskleiste angezeigt und lässt sich nur mit dem Taskmanager - [Win8 64) InternetExplorer öffnet sich ohne in der taskleiste aufzutauchen, spielt Sound ab, lässt sich nur durch Task Manager beend...
Archiv
Du betrachtest: [Win8 64) InternetExplorer öffnet sich ohne in der taskleiste aufzutauchen, spielt Sound ab, lässt sich nur durch Task Manager beend auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19