| |
| |||||||
Log-Analyse und Auswertung: Windows 8.1: Probleme nach UpdateWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
24.02.2015, 17:00
| #1 |
 |  Windows 8.1: Probleme nach Update Guten Tag, ich habe gestern mein System auf Windows 8.1 aktualisiert (vorher Windows 8), und seitdem Probleme beim Start. Sobald ich auf dem Desktop bin kriege ich Fehlermeldungen das diverse Prozesse nicht mehr funktionieren. Diese kann man wegklicken, und danach läuft das System ganz normal. Außerdem auffällig ist das eine Datei namens isuyiBzamf.dat, welche im Autostart eingetragen ist. Hier dazu ein Bild: www.directupload.net/file/d/3908/c5jh8bj3_png.htm Diese wurde von virustotal als Trj/Genetic.gen erkannt. Konnte aber von meinem Virenscanner bisher nicht entfernt werden bzw. hatte ich nie Probleme gehabt. Alle Logfiles gibt es nun hier: FRST Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-02-2015
Ran by HPPC (administrator) on HP on 24-02-2015 16:20:25
Running from C:\Users\HPPC\Desktop
Loaded Profiles: HPPC (Available profiles: HPPC)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser path: "C:\Program Files\Cyberfox\Cyberfox.exe" -osint -url "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Spotify Ltd) C:\Users\HPPC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(8pecxstudios) C:\Program Files\Cyberfox\Cyberfox.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
() C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_1.0.2.8_x86__h6adky7gbf63m\W8.1EntryPoint.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2012-08-10] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-08-10] (IDT, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [37624 2014-07-24] (Panda Security, S.L.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-02-17] (LogMeIn Inc.)
HKLM\...\Winlogon: [Userinit] C:\WINDOWS\SysWOW64\userinit.exe,
HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\Run: [Spotify Web Helper] => C:\Users\HPPC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-12] (Spotify Ltd)
HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\Run: [IsuyiBzamf] => regsvr32.exe "C:\ProgramData\IsuyiBzamf\IsuyiBzamf.dat"
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ir_15_05&cd=2XzuyEtN2Y1L1QzuyB0AyBzytCzy0BtB0F0FyEtB0BtA0FtBtN0D0Tzu0StCtCtByEtN1L2XzutAtFyBtFtBtFtCtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StC0CyE0CyEtCtD0BtGzzyC0CyDtG0CtByDtAtG0A0DtB0DtGtAyE0F0D0DtCyCtC0F0F0E0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCyB0EzytDtA0F0EtGzyzytDtAtGyEyByDyDtG0B0D0B0BtGtDzz0CtByE0C0BtAyE0EyB0E2Q&cr=1875176596&ir=
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ir_15_05&cd=2XzuyEtN2Y1L1QzuyB0AyBzytCzy0BtB0F0FyEtB0BtA0FtBtN0D0Tzu0StCtCtByEtN1L2XzutAtFyBtFtBtFtCtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StC0CyE0CyEtCtD0BtGzzyC0CyDtG0CtByDtAtG0A0DtB0DtGtAyE0F0D0DtCyCtC0F0F0E0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCyB0EzytDtA0F0EtGzyzytDtAtGyEyByDyDtG0B0D0B0BtGtDzz0CtByE0C0BtAyE0EyB0E2Q&cr=1875176596&ir=
SearchScopes: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ir_15_05&cd=2XzuyEtN2Y1L1QzuyB0AyBzytCzy0BtB0F0FyEtB0BtA0FtBtN0D0Tzu0StCtCtByEtN1L2XzutAtFyBtFtBtFtCtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StC0CyE0CyEtCtD0BtGzzyC0CyDtG0CtByDtAtG0A0DtB0DtGtAyE0F0D0DtCyCtC0F0F0E0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCyB0EzytDtA0F0EtGzyzytDtAtGyEyByDyDtG0B0D0B0BtGtDzz0CtByE0C0BtAyE0EyB0E2Q&cr=1875176596&ir=
SearchScopes: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ir_15_05&cd=2XzuyEtN2Y1L1QzuyB0AyBzytCzy0BtB0F0FyEtB0BtA0FtBtN0D0Tzu0StCtCtByEtN1L2XzutAtFyBtFtBtFtCtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StC0CyE0CyEtCtD0BtGzzyC0CyDtG0CtByDtAtG0A0DtB0DtGtAyE0F0D0DtCyCtC0F0F0E0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCyB0EzytDtA0F0EtGzyzytDtAtGyEyByDyDtG0B0D0B0BtGtDzz0CtByE0C0BtAyE0EyB0E2Q&cr=1875176596&ir=
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-3776727103-4227896957-2343858286-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\HPPC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
S2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [243880 2015-02-13] (Foxit Software Inc.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-02-16] (LogMeIn, Inc.)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [141560 2014-07-24] (Panda Security, S.L.)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [61688 2014-07-23] (Panda Security, S.L.)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-06-26] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-06-26] (pdfforge GmbH)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2014-07-24] (Panda Security, S.L.)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [321536 2012-08-10] (IDT, Inc.) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-03] (Advanced Micro Devices)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-02-17] (LogMeIn Inc.)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [96800 2014-06-04] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [162336 2014-06-18] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [112160 2014-06-04] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [115232 2014-06-04] (Panda Security, S.L.)
S1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [47360 2014-01-16] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [95776 2014-06-04] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [70176 2014-06-04] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [125984 2014-06-04] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [306720 2014-06-04] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [169504 2014-06-04] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [115744 2014-06-04] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [261152 2014-06-04] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [109088 2014-06-04] (Panda Security, S.L.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [160800 2014-07-24] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [120352 2014-07-24] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [195616 2014-07-24] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [122400 2014-07-24] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [132128 2014-07-24] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [106016 2014-07-24] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [60400 2014-03-25] (Panda Security, S.L.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R1 {f2944598-b89f-4e10-b544-5173761572df}Gw64; C:\Windows\System32\drivers\{f2944598-b89f-4e10-b544-5173761572df}Gw64.sys [48784 2015-01-29] (StdLib)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-24 16:20 - 2015-02-24 16:20 - 00015380 _____ () C:\Users\HPPC\Desktop\FRST.txt
2015-02-24 16:20 - 2015-02-24 16:20 - 00000000 ____D () C:\FRST
2015-02-24 16:19 - 2015-02-24 16:19 - 02087424 _____ (Farbar) C:\Users\HPPC\Desktop\FRST64.exe
2015-02-24 12:51 - 2015-02-24 12:52 - 00001354 _____ () C:\Users\HPPC\Desktop\Shutdown.lnk
2015-02-24 12:04 - 2015-02-24 12:06 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-02-24 12:04 - 2015-01-29 17:49 - 116773704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-02-24 12:01 - 2014-04-16 00:35 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2015-02-24 12:01 - 2014-04-16 00:34 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2015-02-24 11:57 - 2014-09-22 04:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-02-24 11:57 - 2014-09-22 04:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-02-24 11:57 - 2014-09-22 03:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-02-24 11:57 - 2014-09-02 23:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-02-24 11:57 - 2014-09-02 23:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-02-24 11:51 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-02-24 11:51 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-02-24 11:51 - 2014-04-30 07:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2015-02-24 11:51 - 2014-04-30 07:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2015-02-24 11:49 - 2015-01-19 19:42 - 01487976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-02-24 11:48 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-02-24 11:48 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-02-24 11:47 - 2014-11-10 00:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-02-24 11:47 - 2014-11-10 00:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-02-24 11:47 - 2014-11-10 00:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-02-24 11:47 - 2014-11-10 00:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-02-24 11:46 - 2014-07-24 04:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2015-02-24 11:46 - 2014-07-24 04:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2015-02-23 23:22 - 2015-02-24 12:15 - 00001903 _____ () C:\WINDOWS\setupact.log
2015-02-23 23:22 - 2015-02-23 23:22 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-02-22 20:08 - 2015-02-22 20:12 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2015-02-22 15:37 - 2015-02-24 12:16 - 00000000 ___RD () C:\Users\HPPC\OneDrive
2015-02-22 15:34 - 2015-02-22 15:34 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2015-02-22 15:29 - 2015-02-22 15:29 - 00000000 ____D () C:\Users\HPPC\AppData\Local\AMD
2015-02-22 15:28 - 2015-02-22 15:28 - 00001456 _____ () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-02-22 15:28 - 2015-02-22 15:28 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\ATI
2015-02-22 15:28 - 2015-02-22 15:28 - 00000000 ____D () C:\Users\HPPC\AppData\Local\ATI
2015-02-22 15:28 - 2015-02-22 15:28 - 00000000 ____D () C:\ProgramData\ATI
2015-02-22 15:27 - 2015-02-22 15:27 - 00000020 ___SH () C:\Users\HPPC\ntuser.ini
2015-02-22 15:25 - 2015-02-22 15:25 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default\Startmenü
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-02-22 15:13 - 2015-02-22 15:13 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-02-22 15:13 - 2015-02-22 15:13 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2015-02-22 15:13 - 2015-02-22 15:13 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2015-02-22 15:10 - 2015-02-22 15:10 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2015-02-22 15:09 - 2015-02-22 15:25 - 00022863 _____ () C:\WINDOWS\diagwrn.xml
2015-02-22 15:09 - 2015-02-22 15:25 - 00022863 _____ () C:\WINDOWS\diagerr.xml
2015-02-22 15:08 - 2015-02-22 15:37 - 00000000 ____D () C:\Users\HPPC
2015-02-22 15:08 - 2015-02-22 15:09 - 00000000 ___RD () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-22 15:08 - 2015-02-22 15:08 - 00000000 _SHDL () C:\Users\HPPC\Vorlagen
2015-02-22 15:08 - 2015-02-22 15:08 - 00000000 _SHDL () C:\Users\HPPC\Startmenü
2015-02-22 15:08 - 2015-02-22 15:08 - 00000000 _SHDL () C:\Users\HPPC\Netzwerkumgebung
2015-02-22 15:08 - 2015-02-22 15:08 - 00000000 _SHDL () C:\Users\HPPC\Lokale Einstellungen
2015-02-22 15:08 - 2015-02-22 15:08 - 00000000 _SHDL () C:\Users\HPPC\Eigene Dateien
2015-02-22 15:08 - 2015-02-22 15:08 - 00000000 _SHDL () C:\Users\HPPC\Druckumgebung
2015-02-22 15:08 - 2015-02-22 15:08 - 00000000 _SHDL () C:\Users\HPPC\Documents\Eigene Musik
2015-02-22 15:08 - 2015-02-22 15:08 - 00000000 _SHDL () C:\Users\HPPC\Documents\Eigene Bilder
2015-02-22 15:08 - 2015-02-22 15:08 - 00000000 _SHDL () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-22 15:08 - 2015-02-22 15:08 - 00000000 _SHDL () C:\Users\HPPC\AppData\Local\Verlauf
2015-02-22 15:08 - 2015-02-22 15:08 - 00000000 _SHDL () C:\Users\HPPC\AppData\Local\Anwendungsdaten
2015-02-22 15:08 - 2015-02-22 15:08 - 00000000 _SHDL () C:\Users\HPPC\Anwendungsdaten
2015-02-22 15:08 - 2014-11-21 11:52 - 00000000 ___RD () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-02-22 15:08 - 2014-11-21 11:52 - 00000000 ___RD () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-02-22 15:08 - 2014-11-21 04:42 - 00000369 _____ () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-02-22 15:08 - 2014-11-21 04:42 - 00000369 _____ () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-02-22 15:08 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-02-22 15:02 - 2015-02-22 15:02 - 00060817 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201502221502333668.log
2015-02-22 15:02 - 2015-02-22 15:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-02-22 15:02 - 2015-02-22 15:02 - 00000000 ____D () C:\ProgramData\AMD
2015-02-22 15:02 - 2015-02-22 15:02 - 00000000 ____D () C:\Program Files\ATI Technologies
2015-02-22 15:01 - 2015-02-24 15:33 - 01120598 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-22 15:01 - 2015-02-22 15:02 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2015-02-22 15:01 - 2015-02-22 15:01 - 00000425 _____ () C:\WINDOWS\BRWMARK.INI
2015-02-22 15:01 - 2015-02-22 15:01 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-02-22 15:00 - 2015-02-22 15:00 - 00000000 ____D () C:\Program Files\AMD
2015-02-22 15:00 - 2015-02-22 15:00 - 00000000 _____ () C:\WINDOWS\ativpsrm.bin
2015-02-22 14:58 - 2015-02-23 10:57 - 00000000 ___DC () C:\WINDOWS\Panther
2015-02-22 14:55 - 2015-02-22 14:55 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-02-22 14:55 - 2015-02-22 14:55 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-02-22 14:55 - 2015-02-22 14:55 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-02-22 14:55 - 2015-02-22 14:55 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-02-22 14:55 - 2015-02-22 14:55 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-02-22 14:55 - 2015-02-22 14:55 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-02-22 14:55 - 2015-02-22 14:55 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-02-22 14:55 - 2015-02-22 14:55 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-02-22 14:55 - 2015-02-22 14:55 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-02-22 14:54 - 2015-02-22 14:54 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-02-22 14:54 - 2015-02-22 14:54 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-02-22 14:54 - 2015-02-22 14:54 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2015-02-22 14:54 - 2015-02-22 14:54 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2015-02-22 14:54 - 2015-02-22 14:54 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-02-22 14:54 - 2015-02-22 14:54 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-02-22 14:54 - 2015-02-22 14:54 - 00788680 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-02-22 14:54 - 2015-02-22 14:54 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-02-22 14:54 - 2015-02-22 14:54 - 00602776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-02-22 14:54 - 2015-02-22 14:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-02-22 14:54 - 2015-02-22 14:54 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-02-22 14:54 - 2015-02-22 14:54 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-02-22 14:54 - 2015-02-22 14:54 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-02-22 14:54 - 2015-02-22 14:54 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-02-22 14:53 - 2015-02-22 14:53 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-02-22 14:53 - 2015-02-22 14:53 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-02-22 14:53 - 2015-02-22 14:53 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-02-22 14:53 - 2015-02-22 14:53 - 00563504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-02-22 14:53 - 2015-02-22 14:53 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2015-02-22 14:53 - 2015-02-22 14:53 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-02-22 14:53 - 2015-02-22 14:53 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-02-22 14:53 - 2015-02-22 14:53 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2015-02-22 14:53 - 2015-02-22 14:53 - 00391526 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-02-22 14:53 - 2015-02-22 14:53 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-02-22 14:53 - 2015-02-22 14:53 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-02-22 14:53 - 2015-02-22 14:53 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-02-22 14:53 - 2015-02-22 14:53 - 00177984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-02-22 14:53 - 2015-02-22 14:53 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-02-22 14:53 - 2015-02-22 14:53 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-02-22 14:53 - 2015-02-22 14:53 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2015-02-22 14:53 - 2015-02-22 14:53 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 25056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 19740160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 14401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 12829184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-02-22 14:52 - 2015-02-22 14:52 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-02-22 14:52 - 2015-02-22 14:52 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-02-22 14:52 - 2015-02-22 14:52 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-02-22 14:52 - 2015-02-22 14:52 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-02-22 14:52 - 2015-02-22 14:52 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2015-02-22 14:52 - 2015-02-22 14:52 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2015-02-22 14:52 - 2015-02-22 14:52 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-02-22 14:52 - 2015-02-22 14:52 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-02-22 14:51 - 2015-02-22 14:51 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-02-22 14:51 - 2015-02-22 14:51 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-02-22 14:51 - 2015-02-22 14:51 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-02-22 14:51 - 2015-02-22 14:51 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-02-22 14:51 - 2015-02-22 14:51 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2015-02-22 14:51 - 2015-02-22 14:51 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2015-02-22 14:51 - 2015-02-22 14:51 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-02-22 14:51 - 2015-02-22 14:51 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-02-22 14:51 - 2015-02-22 14:51 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-02-22 14:51 - 2015-02-22 14:51 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2015-02-22 14:51 - 2015-02-22 14:51 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2015-02-22 14:51 - 2015-02-22 14:51 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2015-02-22 14:49 - 2015-02-22 14:49 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2015-02-22 14:49 - 2015-02-22 14:49 - 00000000 ____D () C:\Program Files\Reference Assemblies
2015-02-22 14:49 - 2015-02-22 14:49 - 00000000 ____D () C:\Program Files\MSBuild
2015-02-22 14:49 - 2015-02-22 14:49 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2015-02-22 14:49 - 2015-02-22 14:49 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-02-22 14:49 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-02-22 14:49 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-02-22 14:49 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-02-22 14:49 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-02-22 13:35 - 2015-02-22 13:35 - 00000136 _____ () C:\WINDOWS\system32\netcfg-135814.txt
2015-02-22 13:35 - 2015-02-22 13:35 - 00000134 _____ () C:\WINDOWS\system32\netcfg-130604.txt
2015-02-22 13:35 - 2015-02-22 13:35 - 00000134 _____ () C:\WINDOWS\system32\netcfg-123786.txt
2015-02-22 13:34 - 2014-03-25 14:15 - 00060400 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
2015-02-22 12:12 - 2015-02-22 12:12 - 00000131 _____ () C:\WINDOWS\system32\netcfg-1992846830.txt
2015-02-22 09:18 - 2015-02-22 09:18 - 00000132 _____ () C:\WINDOWS\system32\netcfg-1982392611.txt
2015-02-22 09:17 - 2015-02-22 09:17 - 00000139 _____ () C:\WINDOWS\system32\netcfg-1982334360.txt
2015-02-22 09:17 - 2015-02-22 09:17 - 00000139 _____ () C:\WINDOWS\system32\netcfg-1982324017.txt
2015-02-22 09:16 - 2015-02-22 09:16 - 00001078 _____ () C:\WINDOWS\system32\netcfg-1982279260.txt
2015-02-22 09:16 - 2015-02-22 09:16 - 00000139 _____ () C:\WINDOWS\system32\netcfg-1982318947.txt
2015-02-22 09:16 - 2015-02-22 09:16 - 00000139 _____ () C:\WINDOWS\system32\netcfg-1982268309.txt
2015-02-22 09:15 - 2015-02-22 15:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-02-22 09:15 - 2015-02-22 09:15 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2015-02-18 10:05 - 2015-02-18 10:05 - 00010878 _____ () C:\Users\HPPC\Documents\ftp_log_2015-02-17.gz
2015-02-17 22:58 - 2015-02-17 22:58 - 00014336 ___SH () C:\Users\HPPC\Thumbs.db
2015-02-17 18:21 - 2015-02-17 18:21 - 00044296 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys
2015-02-16 17:09 - 2015-02-22 15:14 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Project My Screen App
2015-02-16 17:09 - 2015-02-16 17:09 - 00000000 ____D () C:\Program Files (x86)\ProjectMyScreenApp
2015-02-15 22:20 - 2015-02-23 23:12 - 00000000 ____D () C:\Users\HPPC\Desktop\Yuri
2015-02-15 13:13 - 2015-02-18 17:16 - 00000000 ____D () C:\Users\HPPC\Desktop\FinVal
2015-01-30 12:33 - 2015-02-02 00:56 - 00000000 ___HD () C:\Users\HPPC\Downloads\AshSerena
2015-01-30 10:23 - 2015-01-30 10:37 - 00000000 ____D () C:\ProgramData\IsuyiBzamf
2015-01-30 10:22 - 2015-01-30 10:22 - 00000117 _____ () C:\WINDOWS\system32\netcfg-82259.txt
2015-01-30 10:22 - 2015-01-30 10:22 - 00000117 _____ () C:\WINDOWS\system32\netcfg-79123.txt
2015-01-30 10:22 - 2015-01-30 10:22 - 00000117 _____ () C:\WINDOWS\system32\netcfg-76112.txt
2015-01-30 10:13 - 2015-01-30 10:13 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1463102021.txt
2015-01-30 10:13 - 2015-01-30 10:13 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1463101740.txt
2015-01-30 10:13 - 2015-01-30 10:13 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1463101537.txt
2015-01-30 10:13 - 2015-01-30 10:13 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1463096670.txt
2015-01-30 10:13 - 2015-01-30 10:13 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1463081350.txt
2015-01-30 10:13 - 2015-01-30 10:13 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1463079993.txt
2015-01-30 00:29 - 2015-01-30 00:29 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1428060265.txt
2015-01-30 00:29 - 2015-01-30 00:29 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1428060202.txt
2015-01-29 23:07 - 2015-01-29 10:34 - 00048784 _____ (StdLib) C:\WINDOWS\system32\Drivers\{f2944598-b89f-4e10-b544-5173761572df}Gw64.sys
2015-01-29 22:59 - 2015-01-29 23:00 - 00000000 ____D () C:\Users\HPPC\AppData\Local\Vosteran
2015-01-29 21:59 - 2015-01-29 21:59 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1419069007.txt
2015-01-29 21:59 - 2015-01-29 21:59 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1419056386.txt
2015-01-29 21:58 - 2015-01-29 21:58 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1419041270.txt
2015-01-29 21:58 - 2015-01-29 21:58 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1419039788.txt
2015-01-29 17:49 - 2015-01-29 17:49 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1404108012.txt
2015-01-29 17:49 - 2015-01-29 17:49 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1404107949.txt
2015-01-29 10:59 - 2015-01-29 10:59 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1379488839.txt
2015-01-29 10:59 - 2015-01-29 10:59 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1379488605.txt
2015-01-29 10:59 - 2015-01-29 10:59 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1379485001.txt
2015-01-29 10:59 - 2015-01-29 10:59 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1379483394.txt
2015-01-29 10:59 - 2015-01-29 10:59 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1379468278.txt
2015-01-29 10:59 - 2015-01-29 10:59 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1379467061.txt
2015-01-29 09:25 - 2015-01-29 09:25 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1373824333.txt
2015-01-29 09:25 - 2015-01-29 09:25 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1373824271.txt
2015-01-29 07:40 - 2015-01-29 07:40 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1367524342.txt
2015-01-29 07:40 - 2015-01-29 07:40 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1367524061.txt
2015-01-29 07:40 - 2015-01-29 07:40 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1367520052.txt
2015-01-29 07:40 - 2015-01-29 07:40 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1367518991.txt
2015-01-29 07:39 - 2015-01-29 07:39 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1367503937.txt
2015-01-29 07:39 - 2015-01-29 07:39 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1367502720.txt
2015-01-29 01:52 - 2015-01-29 01:52 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1346678771.txt
2015-01-29 01:52 - 2015-01-29 01:52 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1346678708.txt
2015-01-28 22:15 - 2015-01-28 22:15 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1333622985.txt
2015-01-28 22:15 - 2015-01-28 22:15 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1333622751.txt
2015-01-28 22:15 - 2015-01-28 22:15 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1333619506.txt
2015-01-28 22:14 - 2015-01-28 22:14 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1333617696.txt
2015-01-28 22:14 - 2015-01-28 22:14 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1333602455.txt
2015-01-28 22:14 - 2015-01-28 22:14 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1333600599.txt
2015-01-28 15:37 - 2015-01-28 15:37 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1309795127.txt
2015-01-28 15:37 - 2015-01-28 15:37 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1309795064.txt
2015-01-28 12:55 - 2015-01-28 12:56 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\redsn0w
2015-01-28 10:42 - 2015-01-28 10:44 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\Apple Computer
2015-01-28 10:42 - 2015-01-28 10:42 - 00000000 ____D () C:\Users\HPPC\AppData\Local\Apple Computer
2015-01-28 10:41 - 2015-02-22 19:12 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-01-28 10:41 - 2015-02-22 19:11 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-01-28 10:41 - 2015-01-28 10:41 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-01-28 10:41 - 2015-01-28 10:41 - 00000000 ____D () C:\Users\HPPC\AppData\Local\Apple
2015-01-28 10:41 - 2015-01-28 10:41 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-01-28 10:41 - 2015-01-28 10:41 - 00000000 ____D () C:\Program Files\Bonjour
2015-01-28 10:41 - 2015-01-28 10:41 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2015-01-28 10:41 - 2015-01-28 10:41 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2015-01-28 10:40 - 2015-01-28 10:41 - 00000000 ____D () C:\ProgramData\Apple
2015-01-28 09:10 - 2015-01-28 09:10 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1286525409.txt
2015-01-28 09:10 - 2015-01-28 09:10 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1286525160.txt
2015-01-28 09:10 - 2015-01-28 09:10 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1286522008.txt
2015-01-28 09:09 - 2015-01-28 09:09 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1286520090.txt
2015-01-28 09:09 - 2015-01-28 09:09 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1286504583.txt
2015-01-28 09:09 - 2015-01-28 09:09 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1286503413.txt
2015-01-28 01:27 - 2015-01-28 01:27 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1258746186.txt
2015-01-28 01:27 - 2015-01-28 01:27 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1258746140.txt
2015-01-28 00:46 - 2015-01-28 00:46 - 00000132 _____ () C:\WINDOWS\system32\netcfg-1256320059.txt
2015-01-28 00:46 - 2015-01-28 00:46 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1256323553.txt
2015-01-28 00:46 - 2015-01-28 00:46 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1256304677.txt
2015-01-28 00:45 - 2015-01-28 00:45 - 00000139 _____ () C:\WINDOWS\system32\netcfg-1256262058.txt
2015-01-28 00:45 - 2015-01-28 00:45 - 00000139 _____ () C:\WINDOWS\system32\netcfg-1256251824.txt
2015-01-28 00:45 - 2015-01-28 00:45 - 00000139 _____ () C:\WINDOWS\system32\netcfg-1256246754.txt
2015-01-28 00:45 - 2015-01-28 00:45 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1256235709.txt
2015-01-28 00:44 - 2015-01-28 00:44 - 00001078 _____ () C:\WINDOWS\system32\netcfg-1256207863.txt
2015-01-28 00:44 - 2015-01-28 00:44 - 00000139 _____ () C:\WINDOWS\system32\netcfg-1256196865.txt
2015-01-28 00:44 - 2015-01-28 00:44 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1256208097.txt
2015-01-28 00:44 - 2015-01-28 00:44 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1256200484.txt
2015-01-28 00:44 - 2015-01-28 00:44 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1256200437.txt
2015-01-27 21:57 - 2015-01-27 21:57 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1246173083.txt
2015-01-27 21:57 - 2015-01-27 21:57 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1246172865.txt
2015-01-27 21:57 - 2015-01-27 21:57 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1246169526.txt
2015-01-27 21:57 - 2015-01-27 21:57 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1246167763.txt
2015-01-27 21:57 - 2015-01-27 21:57 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1246152553.txt
2015-01-27 21:57 - 2015-01-27 21:57 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1246151180.txt
2015-01-27 17:50 - 2015-01-27 17:50 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1231372613.txt
2015-01-27 17:50 - 2015-01-27 17:50 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1231372566.txt
2015-01-27 09:55 - 2015-01-27 09:55 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1202881511.txt
2015-01-27 09:55 - 2015-01-27 09:55 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1202880481.txt
2015-01-27 09:55 - 2015-01-27 09:55 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1202879015.txt
2015-01-27 09:55 - 2015-01-27 09:55 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1202875396.txt
2015-01-27 09:55 - 2015-01-27 09:55 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1202860201.txt
2015-01-27 09:55 - 2015-01-27 09:55 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1202858984.txt
2015-01-27 02:39 - 2015-01-27 02:39 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1176709847.txt
2015-01-27 02:39 - 2015-01-27 02:39 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1176709800.txt
2015-01-26 15:38 - 2015-01-26 15:38 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1137059510.txt
2015-01-26 15:38 - 2015-01-26 15:38 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1137048075.txt
2015-01-26 15:38 - 2015-01-26 15:38 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1137032787.txt
2015-01-26 15:38 - 2015-01-26 15:38 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1137031601.txt
2015-01-26 09:51 - 2015-01-26 09:51 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1116221551.txt
2015-01-26 09:51 - 2015-01-26 09:51 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1116221505.txt
2015-01-26 08:37 - 2015-01-26 08:37 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1111752341.txt
2015-01-26 08:36 - 2015-01-26 08:36 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1111752123.txt
2015-01-26 08:36 - 2015-01-26 08:36 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1111748519.txt
2015-01-26 08:36 - 2015-01-26 08:36 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1111747037.txt
2015-01-26 08:36 - 2015-01-26 08:36 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1111731515.txt
2015-01-26 08:36 - 2015-01-26 08:36 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1111730407.txt
2015-01-26 01:55 - 2015-01-26 01:55 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1087688594.txt
2015-01-26 01:55 - 2015-01-26 01:55 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1087688547.txt
2015-01-25 10:39 - 2015-01-25 10:39 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1032700020.txt
2015-01-25 10:39 - 2015-01-25 10:39 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1032694544.txt
2015-01-25 10:39 - 2015-01-25 10:39 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1032679334.txt
2015-01-25 10:39 - 2015-01-25 10:39 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1032678071.txt
2015-01-25 02:31 - 2015-01-25 02:31 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1003451829.txt
2015-01-25 02:31 - 2015-01-25 02:31 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1003451783.txt
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-24 16:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-02-24 15:55 - 2014-08-25 20:37 - 00000000 ____D () C:\Users\HPPC\AppData\Local\LogMeIn Hamachi
2015-02-24 12:19 - 2014-11-21 04:35 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-02-24 12:19 - 2014-11-21 03:45 - 00764340 _____ () C:\WINDOWS\system32\perfh007.dat
2015-02-24 12:19 - 2014-11-21 03:45 - 00159160 _____ () C:\WINDOWS\system32\perfc007.dat
2015-02-24 12:15 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-24 12:14 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-02-24 12:13 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-24 12:13 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-24 12:13 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2015-02-24 12:13 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2015-02-24 12:13 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-02-24 12:13 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-02-24 12:12 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-02-24 12:04 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-02-24 01:57 - 2014-08-14 19:40 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\Skype
2015-02-24 00:07 - 2014-08-26 13:14 - 32202240 ___SH () C:\Users\HPPC\Desktop\Thumbs.db
2015-02-23 23:30 - 2014-08-17 14:42 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\vlc
2015-02-23 11:09 - 2014-08-09 14:11 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3776727103-4227896957-2343858286-1001
2015-02-23 10:57 - 2014-08-16 21:15 - 00000000 ____D () C:\Users\HPPC\AppData\Local\CrashDumps
2015-02-22 23:11 - 2014-08-14 20:21 - 00000000 ___RD () C:\Users\HPPC\Desktop\Programme
2015-02-22 20:59 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-02-22 20:54 - 2014-08-07 21:58 - 00000000 ____D () C:\Users\HPPC\AppData\Local\Packages
2015-02-22 20:08 - 2014-08-13 19:07 - 00000045 _____ () C:\WINDOWS\SysWOW64\initdebug.nfo
2015-02-22 19:10 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2015-02-22 15:29 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Registration
2015-02-22 15:28 - 2014-08-07 21:58 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2015-02-22 15:26 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-02-22 15:25 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT
2015-02-22 15:25 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default
2015-02-22 15:23 - 2013-08-22 16:36 - 00000000 __RSD () C:\WINDOWS\Media
2015-02-22 15:23 - 2013-08-22 16:36 - 00000000 __RHD () C:\Users\Public\Libraries
2015-02-22 15:22 - 2014-08-09 14:17 - 00000000 ____D () C:\ProgramData\SoundResearch
2015-02-22 15:16 - 2013-08-22 15:44 - 04940552 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-02-22 15:14 - 2015-01-05 23:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\gg Ragnarok Online
2015-02-22 15:14 - 2014-12-06 19:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-02-22 15:14 - 2014-12-03 13:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4
2015-02-22 15:14 - 2014-11-27 12:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amnesia - The Dark Descent
2015-02-22 15:14 - 2014-11-14 11:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
2015-02-22 15:14 - 2014-10-06 11:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Splashtop Remote
2015-02-22 15:14 - 2014-09-16 21:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-02-22 15:14 - 2014-09-03 10:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 2
2015-02-22 15:14 - 2014-09-03 10:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2015-02-22 15:14 - 2014-09-02 10:05 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2015-02-22 15:14 - 2014-08-27 08:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dear Esther
2015-02-22 15:14 - 2014-08-27 08:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-02-22 15:14 - 2014-08-27 08:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2015-02-22 15:14 - 2014-08-19 13:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7
2015-02-22 15:14 - 2014-08-17 13:17 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2015-02-22 15:14 - 2014-08-17 08:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RPG Maker XP
2015-02-22 15:14 - 2014-08-17 08:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RPG Maker 2003
2015-02-22 15:14 - 2014-08-16 21:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-02-22 15:14 - 2014-08-16 21:05 - 00000000 ____D () C:\ProgramData\regid.1995-08.com.techsmith
2015-02-22 15:14 - 2014-08-16 21:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2015-02-22 15:14 - 2014-08-16 11:51 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-22 15:14 - 2014-08-15 17:21 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2015-02-22 15:14 - 2014-08-15 17:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-02-22 15:14 - 2014-08-15 15:25 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-02-22 15:14 - 2014-08-15 15:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-02-22 15:14 - 2014-08-14 20:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-02-22 15:14 - 2014-08-14 19:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus
2015-02-22 15:14 - 2014-08-14 19:33 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cyberfox
2015-02-22 15:14 - 2014-08-13 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2015-02-22 15:13 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2015-02-22 15:13 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2015-02-22 15:13 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\system32\WCN
2015-02-22 15:13 - 2014-08-25 00:18 - 00000000 __SHD () C:\WINDOWS\SysWOW64\AI_RecycleBin
2015-02-22 15:13 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2015-02-22 15:13 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2015-02-22 15:13 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2015-02-22 15:13 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2015-02-22 15:13 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2015-02-22 15:13 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2015-02-22 15:13 - 2012-07-26 06:37 - 00000000 ____D () C:\Users\Default.migrated
2015-02-22 15:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-02-22 15:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2015-02-22 15:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2015-02-22 15:11 - 2014-11-26 10:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gravity
2015-02-22 15:11 - 2014-10-06 13:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SEGA
2015-02-22 15:11 - 2014-08-17 01:38 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2015-02-22 15:11 - 2014-08-15 17:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KONAMI
2015-02-22 15:11 - 2014-08-15 17:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2015-02-22 15:11 - 2014-08-07 21:58 - 00000000 ____D () C:\ProgramData\PRICache
2015-02-22 15:11 - 2013-08-22 16:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2015-02-22 15:11 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2015-02-22 15:11 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2015-02-22 15:11 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\IME
2015-02-22 15:11 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Help
2015-02-22 15:11 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-02-22 15:10 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2015-02-22 15:09 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\GroupPolicy
2015-02-22 15:04 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2015-02-22 14:57 - 2013-08-22 16:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2015-02-22 14:57 - 2012-08-01 18:05 - 00000000 __SHD () C:\Recovery
2015-02-22 14:54 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-02-22 14:53 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2015-02-21 14:17 - 2014-08-20 11:40 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\FileZilla
2015-02-19 15:25 - 2014-09-26 14:44 - 00001456 _____ () C:\Users\HPPC\AppData\Local\Adobe Für Web speichern 11.0 Prefs
2015-02-18 17:13 - 2014-08-16 11:52 - 00000000 ___RD () C:\Users\HPPC\Dropbox
2015-02-18 17:13 - 2014-08-16 11:49 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\Dropbox
2015-02-17 15:36 - 2014-08-16 11:25 - 00000000 ___RD () C:\Users\HPPC\Desktop\Sonstiges
2015-02-15 00:31 - 2014-08-14 19:33 - 00000977 _____ () C:\Users\Public\Desktop\Cyberfox.lnk
2015-02-14 10:14 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2015-02-12 00:17 - 2014-08-15 15:23 - 00000000 ___RD () C:\Users\HPPC\Desktop\Emulation
2015-02-11 15:54 - 2014-11-26 11:01 - 00000000 ___RD () C:\Users\HPPC\Desktop\Bilder
2015-02-08 13:04 - 2014-08-15 17:19 - 00000000 ____D () C:\Users\HPPC\AppData\Local\JDownloader v2.0
2015-02-08 13:03 - 2015-01-12 11:43 - 00000000 ____D () C:\Users\HPPC\Downloads\3DS
2015-02-05 12:32 - 2014-12-03 13:32 - 00000000 ___HD () C:\Users\HPPC\Downloads\NaruHina
2015-02-03 20:31 - 2014-11-21 12:01 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-02-03 20:31 - 2014-11-21 12:01 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-30 10:22 - 2012-07-26 06:26 - 00000194 _____ () C:\WINDOWS\win.ini
==================== Files in the root of some directories =======
2014-08-18 01:24 - 2014-08-19 11:20 - 0000132 _____ () C:\Users\HPPC\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-09-26 14:44 - 2015-02-19 15:25 - 0001456 _____ () C:\Users\HPPC\AppData\Local\Adobe Für Web speichern 11.0 Prefs
2014-08-27 14:56 - 2014-09-11 13:07 - 0005120 _____ () C:\Users\HPPC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Some content of TEMP:
====================
C:\Users\HPPC\AppData\Local\Temp\sfamcc00001.dll
C:\Users\HPPC\AppData\Local\Temp\sfareca00001.dll
C:\Users\HPPC\AppData\Local\Temp\sfextra.dll
C:\Users\HPPC\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-22 14:59
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-02-2015
Ran by HPPC at 2015-02-24 16:21:35
Running from C:\Users\HPPC\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Panda Free Antivirus (Disabled - Up to date) {5FD6C936-849B-5CE2-14BA-709E1D6FD1DA}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Free Antivirus (Disabled - Up to date) {E4B728D2-A2A1-536C-2E0A-4BEC66E89B67}
FW: Panda Firewall (Disabled) {67ED4813-CEF4-5DBA-3FE5-D9ABE3BC96A1}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Amnesia - The Dark Descent (HKLM-x32\...\{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1) (Version: 1.0.0 - Frictional Games)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Camtasia Studio 8 (HKLM-x32\...\{3F3A5785-81E3-4065-B643-B4933790AE1E}) (Version: 8.1.1.1313 - TechSmith Corporation)
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5000 - CDBurnerXP)
Crazy Taxi (HKLM-x32\...\Steam App 71230) (Version: - SEGA)
Cyberfox Web Browser (HKLM\...\{5EFB52C0-4EC9-46B4-80EB-8432C6599641}_is1) (Version: 31.0.1.0 - 8pecxstudios)
Dear Esther Version 1.0 (HKLM-x32\...\Dear Esther_is1) (Version: 1.0 - TheChineseRoom)
Dropbox (HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)
FINAL FANTASY XIII-2 (HKLM-x32\...\Steam App 292140) (Version: - SQUARE ENIX)
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 2.8.49.213 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.0.6.1126 - Foxit Software Inc.)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Ragnarok Online Version 1.0.1 (HKLM-x32\...\{0E66E992-D520-4053-8AB0-D0FE32CBCDFD}_is1) (Version: 1.0.1 - Ragnarok Online)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6418.0 - IDT)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.319 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.319 - LogMeIn, Inc.) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
NiGHTS into Dreams... (HKLM-x32\...\Steam App 219950) (Version: - SEGA)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.03 - Panda Security)
Panda Devices Agent (x32 Version: 1.05.00 - Panda Security) Hidden
Panda Free Antivirus (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 15.00.01.0000 - Panda Security)
Panda Free Antivirus (Version: 7.23.00.0000 - Panda Security) Hidden
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version: - OVERKILL Software)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)
PDF Architect 2 View Module (HKLM-x32\...\{C960FF38-431D-429D-AD1F-FBD12A45B7C5}) (Version: 2.0.17.17583 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
PHANTASY STAR UNIVERSE (HKLM-x32\...\PHANTASY STAR UNIVERSE_is1) (Version: - SEGA SONIC TEAM)
PhotoFiltre 7 (HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\PhotoFiltre 7) (Version: - )
Project My Screen App (HKLM-x32\...\{DF901456-7160-49DB-977B-0E91858CA2CB}) (Version: 8.0.12349 - Microsoft Corporation)
Ragnarök Online (HKLM-x32\...\{55725CAB-ED4D-4169-A22E-20249EFCF2B5}) (Version: 14.1 - Gravity)
Resident Evil 6 / Biohazard 6 (HKLM-x32\...\Steam App 221040) (Version: - Capcom)
RGSS-RTP Standard (HKLM-x32\...\{5A9FE525-8B8F-4701-A937-7F6745A4E9C7}) (Version: 1.0.0 - Enterbrain)
RPG Maker 2003 v1.08 (HKLM-x32\...\RPG Maker 2003_is1) (Version: - Enterbrain, Inc.)
RPG Maker XP (HKLM-x32\...\RPGXP_E_is1) (Version: 1.05 - Enterbrain)
SILENT HILL 3 (HKLM-x32\...\InstallShield_{14D10AAC-9737-454E-A247-8075C26C30E1}) (Version: 1.00.0000 - Konami Computer Entertainment Tokyo, Inc.)
SILENT HILL 3 (x32 Version: 1.00.0000 - Konami Computer Entertainment Tokyo, Inc.) Hidden
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Sonic & All-Stars Racing Transformed (HKLM-x32\...\Steam App 212480) (Version: - Sumo Digital)
Sonic Adventure DX (HKLM-x32\...\Steam App 71250) (Version: - SEGA)
Sonic Generations (HKLM-x32\...\Steam App 71340) (Version: - Devil's Details)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.15 - Splashtop Inc.)
Splashtop Streamer (HKLM-x32\...\{B7C5EA94-B96A-41F5-BE95-25D78B486678}) (Version: 2.6.0.4 - Splashtop Inc.)
Spotify (HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Last Remnant (HKLM-x32\...\Steam App 23310) (Version: - SQUARE ENIX)
The Sims 4 Version 1.0 u1 (HKLM-x32\...\{27B947C0-320C-4997-9681-1E7010A15896}_is1) (Version: 1.0 u1 - EA Games)
Thief (HKLM-x32\...\Steam App 239160) (Version: - Eidos-Montréal)
Unity Web Player (HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\UnityWebPlayer) (Version: 4.5.4f1 - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
==================== Restore Points =========================
22-02-2015 19:10:23 Removed iTunes
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {242456D4-526B-4A93-8BC6-589121653F72} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\WINDOWS\SYSTEM32\OOBE\SETUPSQM.EXE [2014-11-21] (Microsoft Corporation)
Task: {26307C61-2BD7-45FB-9910-F4A494F26755} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {CC1EEC99-9267-4177-A0A7-948D20C0F1DD} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-01-29] (Microsoft Corporation)
==================== Loaded Modules (whitelisted) ==============
2014-07-04 21:33 - 2014-07-04 21:33 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-08-14 19:33 - 2014-07-29 12:35 - 04652712 _____ () C:\Program Files\Cyberfox\mozjs.dll
2015-02-22 20:53 - 2015-02-22 20:54 - 13208576 _____ () C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_1.0.2.8_x86__h6adky7gbf63m\W8.1EntryPoint.exe
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-04-12 18:23 - 2013-04-12 18:23 - 00612664 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll
2015-02-22 20:53 - 2015-02-22 20:54 - 00041472 _____ () C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_1.0.2.8_x86__h6adky7gbf63m\IGPLib_Windows_8.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\HPPC\OneDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\HPPC\AppData\Roaming\8pecxstudios\Cyberfox\Desktop Background.bmp
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
==================== Accounts: =============================
Administrator (S-1-5-21-3776727103-4227896957-2343858286-500 - Administrator - Disabled)
Gast (S-1-5-21-3776727103-4227896957-2343858286-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3776727103-4227896957-2343858286-1006 - Limited - Enabled)
HPPC (S-1-5-21-3776727103-4227896957-2343858286-1001 - Administrator - Enabled) => C:\Users\HPPC
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/24/2015 00:43:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PSUAMain.exe, Version: 4.0.0.644, Zeitstempel: 0x53d152c9
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x02a04b26
ID des fehlerhaften Prozesses: 0x34c
Startzeit der fehlerhaften Anwendung: 0xPSUAMain.exe0
Pfad der fehlerhaften Anwendung: PSUAMain.exe1
Pfad des fehlerhaften Moduls: PSUAMain.exe2
Berichtskennung: PSUAMain.exe3
Vollständiger Name des fehlerhaften Pakets: PSUAMain.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: PSUAMain.exe5
Error: (02/24/2015 00:16:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: regsvr32.exe, Version: 6.3.9600.17415, Zeitstempel: 0x54505249
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17630, Zeitstempel: 0x54b0e17a
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0000000000081d68
ID des fehlerhaften Prozesses: 0x10fc
Startzeit der fehlerhaften Anwendung: 0xregsvr32.exe0
Pfad der fehlerhaften Anwendung: regsvr32.exe1
Pfad des fehlerhaften Moduls: regsvr32.exe2
Berichtskennung: regsvr32.exe3
Vollständiger Name des fehlerhaften Pakets: regsvr32.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: regsvr32.exe5
Error: (02/24/2015 00:16:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: RuntimeBroker.exe, Version: 6.3.9600.17415, Zeitstempel: 0x54504125
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17630, Zeitstempel: 0x54b0e17a
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0000000000081d68
ID des fehlerhaften Prozesses: 0x13a8
Startzeit der fehlerhaften Anwendung: 0xRuntimeBroker.exe0
Pfad der fehlerhaften Anwendung: RuntimeBroker.exe1
Pfad des fehlerhaften Moduls: RuntimeBroker.exe2
Berichtskennung: RuntimeBroker.exe3
Vollständiger Name des fehlerhaften Pakets: RuntimeBroker.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: RuntimeBroker.exe5
Error: (02/24/2015 00:16:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: skydrive.exe, Version: 6.3.9600.17416, Zeitstempel: 0x5452fd72
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17630, Zeitstempel: 0x54b0e17a
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0000000000081d68
ID des fehlerhaften Prozesses: 0x10cc
Startzeit der fehlerhaften Anwendung: 0xskydrive.exe0
Pfad der fehlerhaften Anwendung: skydrive.exe1
Pfad des fehlerhaften Moduls: skydrive.exe2
Berichtskennung: skydrive.exe3
Vollständiger Name des fehlerhaften Pakets: skydrive.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: skydrive.exe5
Error: (02/24/2015 00:16:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.3.9600.17415, Zeitstempel: 0x54503a3a
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17630, Zeitstempel: 0x54b0e17a
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0000000000081d68
ID des fehlerhaften Prozesses: 0x580
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Vollständiger Name des fehlerhaften Pakets: Explorer.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Explorer.EXE5
Error: (02/24/2015 00:16:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: taskhostex.exe, Version: 6.3.9600.17415, Zeitstempel: 0x545040e8
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17630, Zeitstempel: 0x54b0e17a
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0000000000081d68
ID des fehlerhaften Prozesses: 0xec8
Startzeit der fehlerhaften Anwendung: 0xtaskhostex.exe0
Pfad der fehlerhaften Anwendung: taskhostex.exe1
Pfad des fehlerhaften Moduls: taskhostex.exe2
Berichtskennung: taskhostex.exe3
Vollständiger Name des fehlerhaften Pakets: taskhostex.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: taskhostex.exe5
Error: (02/24/2015 11:45:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SystemSettings.exe, Version: 6.3.9600.17489, Zeitstempel: 0x5465bbd5
Name des fehlerhaften Moduls: Windows.UI.Xaml.dll, Version: 6.3.9600.17415, Zeitstempel: 0x54504b1a
Ausnahmecode: 0xc000027b
Fehleroffset: 0x00000000006d663b
ID des fehlerhaften Prozesses: 0x1060
Startzeit der fehlerhaften Anwendung: 0xSystemSettings.exe0
Pfad der fehlerhaften Anwendung: SystemSettings.exe1
Pfad des fehlerhaften Moduls: SystemSettings.exe2
Berichtskennung: SystemSettings.exe3
Vollständiger Name des fehlerhaften Pakets: SystemSettings.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SystemSettings.exe5
Error: (02/24/2015 11:19:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: regsvr32.exe, Version: 6.3.9600.17415, Zeitstempel: 0x54505249
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17630, Zeitstempel: 0x54b0e17a
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0000000000081d68
ID des fehlerhaften Prozesses: 0x7d4
Startzeit der fehlerhaften Anwendung: 0xregsvr32.exe0
Pfad der fehlerhaften Anwendung: regsvr32.exe1
Pfad des fehlerhaften Moduls: regsvr32.exe2
Berichtskennung: regsvr32.exe3
Vollständiger Name des fehlerhaften Pakets: regsvr32.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: regsvr32.exe5
Error: (02/24/2015 11:19:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: RuntimeBroker.exe, Version: 6.3.9600.17415, Zeitstempel: 0x54504125
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17630, Zeitstempel: 0x54b0e17a
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0000000000081d68
ID des fehlerhaften Prozesses: 0x1024
Startzeit der fehlerhaften Anwendung: 0xRuntimeBroker.exe0
Pfad der fehlerhaften Anwendung: RuntimeBroker.exe1
Pfad des fehlerhaften Moduls: RuntimeBroker.exe2
Berichtskennung: RuntimeBroker.exe3
Vollständiger Name des fehlerhaften Pakets: RuntimeBroker.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: RuntimeBroker.exe5
Error: (02/24/2015 11:19:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SettingSyncHost.exe, Version: 6.3.9600.17415, Zeitstempel: 0x54503b4a
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17630, Zeitstempel: 0x54b0e17a
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0000000000081d68
ID des fehlerhaften Prozesses: 0xde4
Startzeit der fehlerhaften Anwendung: 0xSettingSyncHost.exe0
Pfad der fehlerhaften Anwendung: SettingSyncHost.exe1
Pfad des fehlerhaften Moduls: SettingSyncHost.exe2
Berichtskennung: SettingSyncHost.exe3
Vollständiger Name des fehlerhaften Pakets: SettingSyncHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SettingSyncHost.exe5
System errors:
=============
Error: (02/24/2015 00:58:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Splashtop Software Updater Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/24/2015 00:17:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Adobe Acrobat Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/24/2015 00:15:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Network Activity Hook Server LightWeight Filter Driver" wurde aufgrund folgenden Fehlers nicht gestartet:
%%31
Error: (02/24/2015 00:15:46 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
%%5
Error: (02/24/2015 00:12:43 PM) (Source: DCOM) (EventID: 10010) (User: HP)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}
Error: (02/24/2015 00:02:40 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Foxit Cloud Safe Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/24/2015 00:02:09 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Adobe Acrobat Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/23/2015 11:29:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/23/2015 11:29:04 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Windows Search" wurde mit dem folgenden dienstspezifischen Fehler beendet:
%%2147749126
Error: (02/23/2015 11:28:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Network Activity Hook Server LightWeight Filter Driver" wurde aufgrund folgenden Fehlers nicht gestartet:
%%31
Microsoft Office Sessions:
=========================
Error: (02/24/2015 00:43:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: PSUAMain.exe4.0.0.64453d152c9unknown0.0.0.000000000c000000502a04b2634c01d05027021b075cC:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exeunknown58fdc26a-bc1a-11e4-be92-78e3b5b56ba1
Error: (02/24/2015 00:16:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: regsvr32.exe6.3.9600.1741554505249ntdll.dll6.3.9600.1763054b0e17ac00004090000000000081d6810fc01d0502357eee0d5C:\Windows\System32\regsvr32.exeC:\WINDOWS\SYSTEM32\ntdll.dlla0ba9d43-bc16-11e4-be92-78e3b5b56ba1
Error: (02/24/2015 00:16:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: RuntimeBroker.exe6.3.9600.1741554504125ntdll.dll6.3.9600.1763054b0e17ac00004090000000000081d6813a801d0502355a6b4bdC:\Windows\System32\RuntimeBroker.exeC:\WINDOWS\SYSTEM32\ntdll.dlla04367a1-bc16-11e4-be92-78e3b5b56ba1
Error: (02/24/2015 00:16:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: skydrive.exe6.3.9600.174165452fd72ntdll.dll6.3.9600.1763054b0e17ac00004090000000000081d6810cc01d0502353bde283C:\Windows\System32\skydrive.exeC:\WINDOWS\SYSTEM32\ntdll.dll9ec10f57-bc16-11e4-be92-78e3b5b56ba1
Error: (02/24/2015 00:16:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.3.9600.1741554503a3antdll.dll6.3.9600.1763054b0e17ac00004090000000000081d6858001d050234d919685C:\WINDOWS\Explorer.EXEC:\WINDOWS\SYSTEM32\ntdll.dll99f9bdfd-bc16-11e4-be92-78e3b5b56ba1
Error: (02/24/2015 00:16:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: taskhostex.exe6.3.9600.17415545040e8ntdll.dll6.3.9600.1763054b0e17ac00004090000000000081d68ec801d050234d2d739aC:\WINDOWS\system32\taskhostex.exeC:\WINDOWS\SYSTEM32\ntdll.dll99743299-bc16-11e4-be92-78e3b5b56ba1
Error: (02/24/2015 11:45:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: SystemSettings.exe6.3.9600.174895465bbd5Windows.UI.Xaml.dll6.3.9600.1741554504b1ac000027b00000000006d663b106001d0501f01a6ad45C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exeC:\Windows\System32\Windows.UI.Xaml.dll4d8f947e-bc12-11e4-be91-78e3b5b56ba1windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewymicrosoft.windows.immersivecontrolpanel
Error: (02/24/2015 11:19:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: regsvr32.exe6.3.9600.1741554505249ntdll.dll6.3.9600.1763054b0e17ac00004090000000000081d687d401d0501b5336ccdeC:\Windows\System32\regsvr32.exeC:\WINDOWS\SYSTEM32\ntdll.dll9d80845d-bc0e-11e4-be91-78e3b5b56ba1
Error: (02/24/2015 11:19:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: RuntimeBroker.exe6.3.9600.1741554504125ntdll.dll6.3.9600.1763054b0e17ac00004090000000000081d68102401d0501b4dac1d53C:\Windows\System32\RuntimeBroker.exeC:\WINDOWS\SYSTEM32\ntdll.dll9d54e1c5-bc0e-11e4-be91-78e3b5b56ba1
Error: (02/24/2015 11:19:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: SettingSyncHost.exe6.3.9600.1741554503b4antdll.dll6.3.9600.1763054b0e17ac00004090000000000081d68de401d0501b4c7eea75C:\Windows\System32\SettingSyncHost.exeC:\WINDOWS\SYSTEM32\ntdll.dll9bfd89b7-bc0e-11e4-be91-78e3b5b56ba1
==================== Memory info ===========================
Processor: AMD A10-5700 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 34%
Total physical RAM: 6039.32 MB
Available physical RAM: 3958.75 MB
Total Pagefile: 6999.32 MB
Available Pagefile: 4576.21 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:452.14 GB) (Free:333.27 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:10.92 GB) (Free:0.94 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (Spiele+Programme) (Fixed) (Total:454.22 GB) (Free:43.8 GB) NTFS
Drive j: (Sonstiges) (Fixed) (Total:244.41 GB) (Free:235.56 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 52E55227)
Partition: GPT Partition Type.
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 00000001)
Partition 1: (Not Active) - (Size=993 KB) - (Type=42)
Partition 2: (Active) - (Size=454.2 GB) - (Type=42)
Partition 3: (Not Active) - (Size=244.4 GB) - (Type=42)
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-02-24 16:31:15
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000026 ST500DM002-1BD142 rev.HP73 465,76GB
Running: Gmer-19357.exe; Driver: C:\Users\HPPC\AppData\Local\Temp\fxldipow.sys
---- User code sections - GMER 2.1 ----
.text C:\Program Files\IDT\WDM\Beats64.exe[5108] C:\WINDOWS\system32\KERNEL32.DLL!CreateProcessA 00007ff9e4d74ab0 12 bytes {JMP QWORD [RIP+0x0]}
.text C:\Program Files\IDT\WDM\Beats64.exe[5108] C:\WINDOWS\system32\KERNEL32.DLL!CreateProcessW 00007ff9e4d77b30 12 bytes {JMP QWORD [RIP+0x0]}
.text C:\Program Files\IDT\WDM\Beats64.exe[5108] C:\WINDOWS\system32\ADVAPI32.dll!CreateProcessAsUserW 00007ff9e2832eb0 12 bytes {JMP QWORD [RIP+0x0]}
.text C:\Program Files\IDT\WDM\Beats64.exe[5108] C:\WINDOWS\system32\ADVAPI32.dll!CreateProcessAsUserA 00007ff9e283a210 11 bytes {JMP QWORD [RIP+0x0]}
.text C:\Program Files\IDT\WDM\Beats64.exe[5108] C:\WINDOWS\system32\ADVAPI32.dll!CreateProcessAsUserA + 12 00007ff9e283a21c 2 bytes [00, 00]
.text C:\Program Files\IDT\WDM\Beats64.exe[5108] C:\WINDOWS\system32\CRYPT32.dll!PFXImportCertStore 00007ff9e21c2e40 14 bytes {JMP QWORD [RIP+0x0]}
.text C:\Program Files\IDT\WDM\sttray64.exe[4180] C:\WINDOWS\system32\KERNEL32.DLL!CreateProcessA 00007ff9e4d74ab0 8 bytes {JMP QWORD [RIP+0x0]}
.text C:\Program Files\IDT\WDM\sttray64.exe[4180] C:\WINDOWS\system32\KERNEL32.DLL!CreateProcessA + 9 00007ff9e4d74ab9 3 bytes [02, 00, 00]
.text C:\Program Files\IDT\WDM\sttray64.exe[4180] C:\WINDOWS\system32\KERNEL32.DLL!CreateProcessW 00007ff9e4d77b30 8 bytes {JMP QWORD [RIP+0x0]}
.text C:\Program Files\IDT\WDM\sttray64.exe[4180] C:\WINDOWS\system32\KERNEL32.DLL!CreateProcessW + 9 00007ff9e4d77b39 3 bytes [02, 00, 00]
.text C:\Program Files\IDT\WDM\sttray64.exe[4180] C:\WINDOWS\system32\ADVAPI32.dll!CreateProcessAsUserW 00007ff9e2832eb0 8 bytes {JMP QWORD [RIP+0x0]}
.text C:\Program Files\IDT\WDM\sttray64.exe[4180] C:\WINDOWS\system32\ADVAPI32.dll!CreateProcessAsUserW + 9 00007ff9e2832eb9 3 bytes [02, 00, 00]
.text C:\Program Files\IDT\WDM\sttray64.exe[4180] C:\WINDOWS\system32\ADVAPI32.dll!CreateProcessAsUserA 00007ff9e283a210 11 bytes {JMP QWORD [RIP+0x0]}
.text C:\Program Files\IDT\WDM\sttray64.exe[4180] C:\WINDOWS\system32\ADVAPI32.dll!CreateProcessAsUserA + 12 00007ff9e283a21c 2 bytes [00, 00]
.text C:\Program Files\IDT\WDM\sttray64.exe[4180] C:\WINDOWS\system32\CRYPT32.dll!PFXImportCertStore 00007ff9e21c2e40 14 bytes {JMP QWORD [RIP+0x0]}
---- Threads - GMER 2.1 ----
Thread C:\WINDOWS\system32\csrss.exe [560:584] fffff9600097b2d0
Thread C:\Windows\System32\SettingSyncHost.exe [4384:3984] 00007ff9db86c3f0
---- Processes - GMER 2.1 ----
Process C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_1.0.2.8_x86__h6adky7gbf63m\W8.1EntryPoint.exe (*** suspicious ***) @ C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_1.0.2.8_x86__h6adky7gbf63m\W8.1EntryPoint.exe [9460](2015-02-22 19:53:29) 0000000000060000
Library C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_1.0.2.8_x86__h6adky7gbf63m\IGPLib_Windows_8.dll (*** suspicious ***) @ C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_1.0.2.8_x86__h6adky7gbf63m\W8.1EntryPoint.exe [9460](2015-02-22 19:53:28) 00000000747f0000
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
Panda Antivirus und HijackThis logs habe ich auch noch, und kann diese bei bedarf gerne posten. |
|
24.02.2015, 17:08
| #2 |
| /// the machine /// TB-Ausbilder    | Windows 8.1: Probleme nach Update hi,
__________________Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
24.02.2015, 22:36
| #3 |
| | Windows 8.1: Probleme nach Update Wow, vielen herzlichen dank!! Malwarebytes Anti-Rootkit hat 3 Objekte gefunden und diese nach einem Neustart sofort entfernt. Im Autostart gibt es keine Einträge mehr mit isuyiBzamf.dat, und auch sonst sind alle Fehlermeldungen welche beim Start erschienen sind nun verschwunden. Hier auch noch der Log:
__________________Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
Database version:
main: v2015.02.24.06
rootkit: v2015.02.22.01
Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.17631
HPPC :: HP [administrator]
24.02.2015 22:03:11
mbar-log-2015-02-24 (22-03-11).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 370892
Time elapsed: 17 minute(s), 18 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 1
HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|IsuyiBzamf (IPH.Trojan.VawTrak) -> Data: regsvr32.exe "C:\ProgramData\IsuyiBzamf\IsuyiBzamf.dat" -> Delete on reboot. [cf77061c2b5fbe789e3ee51b7a860ff1]
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 2
C:\ProgramData\IsuyiBzamf\IsuyiBzamf.dat (IPH.Trojan.VawTrak) -> Delete on reboot. [cf77061c2b5fbe789e3ee51b7a860ff1]
C:\Windows\System32\drivers\{f2944598-b89f-4e10-b544-5173761572df}Gw64.sys (PUP.Optional.Sanbreel.A) -> Delete on reboot. [b47cb86ae1de3b88164c69a6dc386d0a]
Physical Sectors Detected: 0
(No malicious items detected)
(end)
 . |
|
25.02.2015, 11:54
| #4 |
| /// the machine /// TB-Ausbilder | Windows 8.1: Probleme nach Update TDSSKiller? Wir sind noch lange nicht fertig
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
25.02.2015, 12:38
| #5 |
| | Windows 8.1: Probleme nach Update Ok, habe diesen nun durchlaufen lassen. Nichts . Log Code:
ATTFilter 12:33:08.0840 0x191c TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
12:33:08.0840 0x191c UEFI system
12:33:13.0442 0x191c ============================================================
12:33:13.0442 0x191c Current date / time: 2015/02/25 12:33:13.0442
12:33:13.0442 0x191c SystemInfo:
12:33:13.0442 0x191c
12:33:13.0442 0x191c OS Version: 6.3.9600 ServicePack: 0.0
12:33:13.0442 0x191c Product type: Workstation
12:33:13.0442 0x191c ComputerName: HP
12:33:13.0442 0x191c UserName: HPPC
12:33:13.0442 0x191c Windows directory: C:\WINDOWS
12:33:13.0442 0x191c System windows directory: C:\WINDOWS
12:33:13.0442 0x191c Running under WOW64
12:33:13.0442 0x191c Processor architecture: Intel x64
12:33:13.0442 0x191c Number of processors: 4
12:33:13.0442 0x191c Page size: 0x1000
12:33:13.0442 0x191c Boot type: Normal boot
12:33:13.0442 0x191c ============================================================
12:33:13.0592 0x191c KLMD registered as C:\WINDOWS\system32\drivers\56616006.sys
12:33:14.0276 0x191c System UUID: {654F6458-FF61-98CC-97CD-FAB3589B28C8}
12:33:14.0816 0x191c Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:33:14.0831 0x191c Drive \Device\Harddisk1\DR1 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:33:14.0926 0x191c ============================================================
12:33:14.0926 0x191c \Device\Harddisk0\DR0:
12:33:14.0926 0x191c GPT partitions:
12:33:14.0926 0x191c \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {15379101-7D3C-40A7-AF4D-FA9C4562BE49}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x1FF800
12:33:14.0927 0x191c \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {D9C4A3F4-C937-41A7-A262-DA8EBE58ADD5}, Name: EFI system partition, StartLBA 0x200000, BlocksNum 0xB4000
12:33:14.0927 0x191c \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {80FF6248-257D-4B83-97B7-CAFB49B686D6}, Name: Microsoft reserved partition, StartLBA 0x2B4000, BlocksNum 0x40000
12:33:14.0927 0x191c \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {3D8F1E69-3DC5-4B3F-9900-C23485B88752}, Name: Basic data partition, StartLBA 0x2F4000, BlocksNum 0x38847000
12:33:14.0927 0x191c \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {5E61F2F5-6C36-44EB-9A4A-D876950EA1BA}, Name: , StartLBA 0x38B3B000, BlocksNum 0xE2000
12:33:14.0927 0x191c \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {70A76504-0C46-4578-918E-709A1BE55B0F}, Name: , StartLBA 0x38C1D000, BlocksNum 0xE1000
12:33:14.0927 0x191c \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {DDF60087-E095-44D5-940A-9722973A2194}, Name: , StartLBA 0x38CFE000, BlocksNum 0xAF000
12:33:14.0927 0x191c \Device\Harddisk0\DR0\Partition8: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {F5D91DE7-C2AF-425D-AB35-FDD8AEB41549}, Name: Basic data partition, StartLBA 0x38DAD000, BlocksNum 0x15D9000
12:33:14.0927 0x191c MBR partitions:
12:33:14.0927 0x191c \Device\Harddisk1\DR1:
12:33:14.0931 0x191c MBR partitions:
12:33:14.0931 0x191c ============================================================
12:33:14.0983 0x191c C: <-> \Device\Harddisk0\DR0\Partition4
12:33:15.0030 0x191c D: <-> \Device\Harddisk0\DR0\Partition8
12:33:15.0030 0x191c ============================================================
12:33:15.0030 0x191c Initialize success
12:33:15.0030 0x191c ============================================================
12:34:05.0811 0x1598 ============================================================
12:34:05.0811 0x1598 Scan started
12:34:05.0811 0x1598 Mode: Manual; SigCheck; TDLFS;
12:34:05.0811 0x1598 ============================================================
12:34:05.0811 0x1598 KSN ping started
12:34:08.0155 0x1598 KSN ping finished: true
12:34:09.0530 0x1598 ================ Scan system memory ========================
12:34:09.0530 0x1598 System memory - ok
12:34:09.0530 0x1598 ================ Scan services =============================
12:34:09.0749 0x1598 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
12:34:09.0827 0x1598 1394ohci - ok
12:34:09.0827 0x1598 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
12:34:09.0842 0x1598 3ware - ok
12:34:09.0889 0x1598 [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
12:34:09.0936 0x1598 ACPI - ok
12:34:09.0936 0x1598 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
12:34:09.0952 0x1598 acpiex - ok
12:34:09.0967 0x1598 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
12:34:09.0983 0x1598 acpipagr - ok
12:34:10.0014 0x1598 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
12:34:10.0061 0x1598 AcpiPmi - ok
12:34:10.0061 0x1598 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
12:34:10.0093 0x1598 acpitime - ok
12:34:10.0202 0x1598 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:34:10.0218 0x1598 AdobeARMservice - ok
12:34:10.0280 0x1598 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
12:34:10.0311 0x1598 ADP80XX - ok
12:34:10.0358 0x1598 [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
12:34:10.0389 0x1598 AeLookupSvc - ok
12:34:10.0421 0x1598 [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD C:\WINDOWS\system32\drivers\afd.sys
12:34:10.0483 0x1598 AFD - ok
12:34:10.0499 0x1598 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
12:34:10.0514 0x1598 agp440 - ok
12:34:10.0546 0x1598 [ F0CB6DB513CAC393D04A0FCE0A59E1BF, E6EE159D0E6B1F666946B1FE421874044E89BB2EB60A521BAA111A1229FA7B2D ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
12:34:10.0608 0x1598 ahcache - ok
12:34:10.0639 0x1598 [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\WINDOWS\System32\alg.exe
12:34:10.0702 0x1598 ALG - ok
12:34:10.0749 0x1598 [ 6CF81DD5083D7F94A7E76E50429A949C, 19240502A6406924F889D1AFA975B975A300776D8B2D0557181DF13649622E2B ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
12:34:10.0796 0x1598 AMD External Events Utility - ok
12:34:10.0874 0x1598 AMD FUEL Service - ok
12:34:10.0921 0x1598 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
12:34:10.0983 0x1598 AmdK8 - ok
12:34:11.0343 0x1598 [ 71F8D8B977ACC5973FA042BF906E709F, 8106C5F5C8E40344CCCDB912845786DF287BDF068D7A6EF9D26B00FA1754C1BC ] amdkmdag C:\WINDOWS\system32\DRIVERS\atikmdag.sys
12:34:11.0765 0x1598 amdkmdag - ok
12:34:11.0827 0x1598 [ 4AA027F91A8093B1CDF453B5394F6715, E6D15E959637C102A34F73F66BFDC38436575A2FEFFC3976ACF399A472F126A5 ] amdkmdap C:\WINDOWS\system32\DRIVERS\atikmpag.sys
12:34:11.0905 0x1598 amdkmdap - ok
12:34:11.0921 0x1598 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
12:34:11.0952 0x1598 AmdPPM - ok
12:34:11.0968 0x1598 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
12:34:11.0983 0x1598 amdsata - ok
12:34:12.0015 0x1598 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
12:34:12.0046 0x1598 amdsbs - ok
12:34:12.0061 0x1598 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
12:34:12.0077 0x1598 amdxata - ok
12:34:12.0093 0x1598 [ E8CCB797DAF80779C768BD3A9FC8FCAF, 781BD878CA34D8B6D2FE238439CD173E95449260428859BEA92866D41B1284F4 ] AODDriver4.2.0 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
12:34:12.0108 0x1598 AODDriver4.2.0 - ok
12:34:12.0124 0x1598 [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\WINDOWS\system32\drivers\appid.sys
12:34:12.0186 0x1598 AppID - ok
12:34:12.0233 0x1598 [ 34B2E222F82D05398DAE7203B36B6A2B, AC04BC6B5A36A6807FFE302E9ACF073342B4D76B0BB386249251CB3CA1852CE8 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
12:34:12.0265 0x1598 AppIDSvc - ok
12:34:12.0296 0x1598 [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo C:\WINDOWS\System32\appinfo.dll
12:34:12.0358 0x1598 Appinfo - ok
12:34:12.0390 0x1598 [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:34:12.0405 0x1598 Apple Mobile Device - ok
12:34:12.0468 0x1598 [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
12:34:12.0530 0x1598 AppReadiness - ok
12:34:12.0593 0x1598 [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
12:34:12.0671 0x1598 AppXSvc - ok
12:34:12.0686 0x1598 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
12:34:12.0702 0x1598 arcsas - ok
12:34:12.0733 0x1598 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
12:34:12.0733 0x1598 atapi - ok
12:34:12.0780 0x1598 [ 98A9D78AF74B2C7D27465029D389F567, 12EF8D3A7A9F27230A965D44DA4BD5692CF3F0A4183A822E226AC6722A35F4C4 ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdW86.sys
12:34:12.0796 0x1598 AtiHDAudioService - ok
12:34:12.0843 0x1598 [ 8779FDAE68BC948B0FE152E758CC8DA7, 13070C2073F8E7546B48AE9CF54067B9BB75DFCD98F2987B90FFAD20D40D54CF ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
12:34:12.0890 0x1598 AudioEndpointBuilder - ok
12:34:12.0952 0x1598 [ 61EA45A645854FE81D8A924E2D93DFFE, 34F79532297F609CA93C380B68BB8B7B0F027F9C8F4FB8E02A9A43EA3D155F1B ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
12:34:12.0999 0x1598 Audiosrv - ok
12:34:13.0030 0x1598 [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
12:34:13.0077 0x1598 AxInstSV - ok
12:34:13.0140 0x1598 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
12:34:13.0171 0x1598 b06bdrv - ok
12:34:13.0187 0x1598 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
12:34:13.0234 0x1598 BasicDisplay - ok
12:34:13.0249 0x1598 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
12:34:13.0280 0x1598 BasicRender - ok
12:34:13.0296 0x1598 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
12:34:13.0312 0x1598 bcmfn2 - ok
12:34:13.0327 0x1598 [ 77D760E9B477C21487C171F561497F98, 2393D466CEC863C771C5BB4CD81B251635DC084386134B8E13F74F3E1C6D68DF ] BDESVC C:\WINDOWS\System32\bdesvc.dll
12:34:13.0374 0x1598 BDESVC - ok
12:34:13.0405 0x1598 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\WINDOWS\system32\drivers\Beep.sys
12:34:13.0437 0x1598 Beep - ok
12:34:13.0499 0x1598 [ 7BCB00EA702F78EC74CD9699D85CE80B, 17241ADAA13051B560DB9FA9079CAE6321D5B49788B596C125DC912443B00421 ] BFE C:\WINDOWS\System32\bfe.dll
12:34:13.0530 0x1598 BFE - ok
12:34:13.0593 0x1598 [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\WINDOWS\System32\qmgr.dll
12:34:13.0655 0x1598 BITS - ok
12:34:13.0687 0x1598 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:34:13.0702 0x1598 Bonjour Service - ok
12:34:13.0734 0x1598 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
12:34:13.0780 0x1598 bowser - ok
12:34:13.0843 0x1598 [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
12:34:13.0890 0x1598 BrokerInfrastructure - ok
12:34:13.0905 0x1598 [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\WINDOWS\System32\browser.dll
12:34:13.0952 0x1598 Browser - ok
12:34:13.0984 0x1598 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
12:34:14.0030 0x1598 BthAvrcpTg - ok
12:34:14.0030 0x1598 [ 67343511D80BF3D6D9EEDB5BA8D0B06B, 28436B2E62762686C4FF4FA3F9E7ABB56DA9D6884B6C924ACC544161400593DD ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
12:34:14.0062 0x1598 BthHFEnum - ok
12:34:14.0077 0x1598 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
12:34:14.0093 0x1598 bthhfhid - ok
12:34:14.0124 0x1598 [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
12:34:14.0155 0x1598 BthHFSrv - ok
12:34:14.0171 0x1598 [ EF4B9E7C9AD88C00C18A12B0D22D1894, 672537E75201E690D86CD65252B8AEF887C76EBD37AB0C419462D69164B350CC ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
12:34:14.0249 0x1598 BTHMODEM - ok
12:34:14.0265 0x1598 [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\WINDOWS\system32\bthserv.dll
12:34:14.0296 0x1598 bthserv - ok
12:34:14.0312 0x1598 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
12:34:14.0343 0x1598 cdfs - ok
12:34:14.0374 0x1598 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
12:34:14.0390 0x1598 cdrom - ok
12:34:14.0421 0x1598 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
12:34:14.0468 0x1598 CertPropSvc - ok
12:34:14.0499 0x1598 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
12:34:14.0515 0x1598 circlass - ok
12:34:14.0530 0x1598 [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
12:34:14.0546 0x1598 CLFS - ok
12:34:14.0593 0x1598 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
12:34:14.0609 0x1598 CmBatt - ok
12:34:14.0671 0x1598 [ 3930E508DDA46C1FF68FD963F350AA0A, BF63F9C7AB30E2A8199D65EDD6DCBB797C93A4A0B972373643FBE1C38BCFA697 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
12:34:14.0702 0x1598 CNG - ok
12:34:14.0718 0x1598 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
12:34:14.0749 0x1598 CompositeBus - ok
12:34:14.0749 0x1598 COMSysApp - ok
12:34:14.0780 0x1598 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\WINDOWS\system32\drivers\condrv.sys
12:34:14.0796 0x1598 condrv - ok
12:34:14.0843 0x1598 [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
12:34:14.0859 0x1598 CryptSvc - ok
12:34:14.0874 0x1598 [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\WINDOWS\system32\drivers\dam.sys
12:34:14.0890 0x1598 dam - ok
12:34:14.0937 0x1598 [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
12:34:14.0999 0x1598 DcomLaunch - ok
12:34:15.0015 0x1598 [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\WINDOWS\System32\defragsvc.dll
12:34:15.0062 0x1598 defragsvc - ok
12:34:15.0124 0x1598 [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
12:34:15.0156 0x1598 DeviceAssociationService - ok
12:34:15.0187 0x1598 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
12:34:15.0202 0x1598 DeviceInstall - ok
12:34:15.0249 0x1598 [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
12:34:15.0281 0x1598 Dfsc - ok
12:34:15.0343 0x1598 [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
12:34:15.0421 0x1598 Dhcp - ok
12:34:15.0437 0x1598 [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\WINDOWS\system32\drivers\disk.sys
12:34:15.0452 0x1598 disk - ok
12:34:15.0468 0x1598 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
12:34:15.0515 0x1598 dmvsc - ok
12:34:15.0531 0x1598 [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
12:34:15.0562 0x1598 Dnscache - ok
12:34:15.0609 0x1598 [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
12:34:15.0640 0x1598 dot3svc - ok
12:34:15.0671 0x1598 [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\WINDOWS\system32\dps.dll
12:34:15.0687 0x1598 DPS - ok
12:34:15.0718 0x1598 [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
12:34:15.0734 0x1598 drmkaud - ok
12:34:15.0781 0x1598 [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
12:34:15.0812 0x1598 DsmSvc - ok
12:34:15.0890 0x1598 [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
12:34:15.0952 0x1598 DXGKrnl - ok
12:34:15.0999 0x1598 [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\WINDOWS\System32\eapsvc.dll
12:34:16.0031 0x1598 Eaphost - ok
12:34:16.0140 0x1598 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
12:34:16.0281 0x1598 ebdrv - ok
12:34:16.0327 0x1598 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\WINDOWS\System32\lsass.exe
12:34:16.0327 0x1598 EFS - ok
12:34:16.0343 0x1598 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
12:34:16.0343 0x1598 EhStorClass - ok
12:34:16.0359 0x1598 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
12:34:16.0374 0x1598 EhStorTcgDrv - ok
12:34:16.0421 0x1598 [ BE2902E13CA69383F449B6BF927844FB, F092785E305D8E1FE795AF98A7A7B7B4548A0D6687060568C9E078FFA8D65C1C ] ElbyCDIO C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
12:34:16.0437 0x1598 ElbyCDIO - ok
12:34:16.0452 0x1598 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
12:34:16.0499 0x1598 ErrDev - ok
12:34:16.0546 0x1598 [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\WINDOWS\system32\es.dll
12:34:16.0593 0x1598 EventSystem - ok
12:34:16.0624 0x1598 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
12:34:16.0702 0x1598 exfat - ok
12:34:16.0718 0x1598 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
12:34:16.0734 0x1598 fastfat - ok
12:34:16.0781 0x1598 [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\WINDOWS\system32\fxssvc.exe
12:34:16.0827 0x1598 Fax - ok
12:34:16.0843 0x1598 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
12:34:16.0874 0x1598 fdc - ok
12:34:16.0890 0x1598 [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
12:34:16.0921 0x1598 fdPHost - ok
12:34:16.0937 0x1598 [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
12:34:16.0952 0x1598 FDResPub - ok
12:34:16.0984 0x1598 [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
12:34:16.0999 0x1598 fhsvc - ok
12:34:17.0031 0x1598 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
12:34:17.0062 0x1598 FileInfo - ok
12:34:17.0077 0x1598 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
12:34:17.0109 0x1598 Filetrace - ok
12:34:17.0124 0x1598 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
12:34:17.0140 0x1598 flpydisk - ok
12:34:17.0156 0x1598 [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
12:34:17.0171 0x1598 FltMgr - ok
12:34:17.0234 0x1598 [ 7269C9013FCFA3C6E70F03E2630DBFC3, AAB282B4444CC17D197974D05063C7C97E5202E604681DD2DC3BCF0AE77D6057 ] FontCache C:\WINDOWS\system32\FntCache.dll
12:34:17.0296 0x1598 FontCache - ok
12:34:17.0374 0x1598 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:34:17.0406 0x1598 FontCache3.0.0.0 - ok
12:34:17.0468 0x1598 [ DB557F4BB4E08E340D1C8B764602C4ED, 9D352D215C0131FB5E87DB6B00EBA4CAE5831D8444B01F11468F2D37B412D146 ] FoxitCloudUpdateService C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
12:34:17.0484 0x1598 FoxitCloudUpdateService - ok
12:34:17.0515 0x1598 [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
12:34:17.0531 0x1598 FsDepends - ok
12:34:17.0562 0x1598 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:34:17.0562 0x1598 Fs_Rec - ok
12:34:17.0593 0x1598 [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
12:34:17.0609 0x1598 fvevol - ok
12:34:17.0640 0x1598 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
12:34:17.0656 0x1598 FxPPM - ok
12:34:17.0671 0x1598 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
12:34:17.0687 0x1598 gagp30kx - ok
12:34:17.0702 0x1598 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
12:34:17.0734 0x1598 gencounter - ok
12:34:17.0749 0x1598 [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
12:34:17.0765 0x1598 GPIOClx0101 - ok
12:34:17.0812 0x1598 [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
12:34:17.0890 0x1598 gpsvc - ok
12:34:17.0921 0x1598 [ 73357C27E5DA5D855657B2B6047799AE, A485124E2C44B5434798C195F2B7051F599D7335186E99CC58067830DE55D9EB ] Hamachi C:\WINDOWS\system32\DRIVERS\Hamdrv.sys
12:34:17.0937 0x1598 Hamachi - ok
12:34:18.0031 0x1598 [ B2D769C3899865902706A924CED699C7, 0E80C639BB6EA4E4CCA537494E8F96CB921DEB91429FFD0E93BBE966EF792916 ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
12:34:18.0140 0x1598 Hamachi2Svc - ok
12:34:18.0172 0x1598 [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
12:34:18.0234 0x1598 HDAudBus - ok
12:34:18.0265 0x1598 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
12:34:18.0281 0x1598 HidBatt - ok
12:34:18.0312 0x1598 [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
12:34:18.0343 0x1598 HidBth - ok
12:34:18.0375 0x1598 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
12:34:18.0375 0x1598 hidi2c - ok
12:34:18.0390 0x1598 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
12:34:18.0406 0x1598 HidIr - ok
12:34:18.0422 0x1598 [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\WINDOWS\system32\hidserv.dll
12:34:18.0437 0x1598 hidserv - ok
12:34:18.0468 0x1598 [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
12:34:18.0484 0x1598 HidUsb - ok
12:34:18.0531 0x1598 [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
12:34:18.0578 0x1598 hkmsvc - ok
12:34:18.0593 0x1598 [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
12:34:18.0640 0x1598 HomeGroupListener - ok
12:34:18.0703 0x1598 [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
12:34:18.0750 0x1598 HomeGroupProvider - ok
12:34:18.0781 0x1598 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
12:34:18.0797 0x1598 HpSAMD - ok
12:34:18.0828 0x1598 [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
12:34:18.0875 0x1598 HTTP - ok
12:34:18.0890 0x1598 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
12:34:18.0906 0x1598 hwpolicy - ok
12:34:18.0922 0x1598 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
12:34:18.0953 0x1598 hyperkbd - ok
12:34:18.0953 0x1598 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
12:34:18.0984 0x1598 HyperVideo - ok
12:34:19.0000 0x1598 [ D887446F3F6051C60C26F4FD1FC8D43F, A3235C64E9D5378E3409FA7CDD9DB0DD1B3CE6A6EB018F2C40558EB9C427A498 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
12:34:19.0031 0x1598 i8042prt - ok
12:34:19.0047 0x1598 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
12:34:19.0062 0x1598 iaLPSSi_GPIO - ok
12:34:19.0078 0x1598 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
12:34:19.0094 0x1598 iaLPSSi_I2C - ok
12:34:19.0125 0x1598 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
12:34:19.0140 0x1598 iaStorAV - ok
12:34:19.0156 0x1598 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
12:34:19.0187 0x1598 iaStorV - ok
12:34:19.0187 0x1598 IEEtwCollectorService - ok
12:34:19.0234 0x1598 [ 3DBDBD9581C015F02651D6A89801FAD5, 81B6D302C9CD29AD8319515056CFBCD0BD25619B2B166937ACD5F1416B568837 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
12:34:19.0297 0x1598 IKEEXT - ok
12:34:19.0312 0x1598 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
12:34:19.0312 0x1598 intelide - ok
12:34:19.0344 0x1598 [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
12:34:19.0344 0x1598 intelpep - ok
12:34:19.0359 0x1598 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
12:34:19.0375 0x1598 intelppm - ok
12:34:19.0406 0x1598 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:34:19.0469 0x1598 IpFilterDriver - ok
12:34:19.0515 0x1598 [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
12:34:19.0547 0x1598 iphlpsvc - ok
12:34:19.0562 0x1598 [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
12:34:19.0625 0x1598 IPMIDRV - ok
12:34:19.0640 0x1598 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
12:34:19.0672 0x1598 IPNAT - ok
12:34:19.0672 0x1598 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
12:34:19.0703 0x1598 IRENUM - ok
12:34:19.0719 0x1598 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
12:34:19.0734 0x1598 isapnp - ok
12:34:19.0750 0x1598 [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
12:34:19.0765 0x1598 iScsiPrt - ok
12:34:19.0797 0x1598 [ A1D4D34A56DF1D5122CDB265038A2E72, AE061BA1A65C98AF875FA18878B014B57E33594D4AC4C39B050AA532E2220F83 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
12:34:19.0812 0x1598 kbdclass - ok
12:34:19.0812 0x1598 [ 4A34D7084B862A92F3ABC4969166B3D3, 87B2635873DA4DD06D9E3B8E4313CBDBDC1488E4E340EC2101393EC65823771F ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
12:34:19.0844 0x1598 kbdhid - ok
12:34:19.0859 0x1598 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
12:34:19.0890 0x1598 kdnic - ok
12:34:19.0906 0x1598 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\WINDOWS\system32\lsass.exe
12:34:19.0922 0x1598 KeyIso - ok
12:34:19.0937 0x1598 [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
12:34:19.0953 0x1598 KSecDD - ok
12:34:19.0984 0x1598 [ 15C8C65CEA018C02EA0F648448C491C5, DF909704D22D891BE439B2E3D8386EA659444F91DC92AABFF9766446AEE5EBC0 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
12:34:20.0000 0x1598 KSecPkg - ok
12:34:20.0015 0x1598 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
12:34:20.0031 0x1598 ksthunk - ok
12:34:20.0078 0x1598 [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
12:34:20.0125 0x1598 KtmRm - ok
12:34:20.0172 0x1598 [ 50AECF8C21AB2A6428A6E1E10549D8E5, 6BC7C60CF5E8AFB9972619EE1C78357756E9C0A3EC783C3056CEB600DCBB1555 ] L1C C:\WINDOWS\system32\DRIVERS\L1C63x64.sys
12:34:20.0172 0x1598 L1C - ok
12:34:20.0219 0x1598 [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
12:34:20.0266 0x1598 LanmanServer - ok
12:34:20.0297 0x1598 [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
12:34:20.0328 0x1598 LanmanWorkstation - ok
12:34:20.0375 0x1598 [ 2B7479EB47731A8ACBA28AF4C4BDA32D, 67AEB98E7B41337FEFD92CC81BFAD25FBB679998B318C110A4873B1AD8927A97 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll
12:34:20.0422 0x1598 lfsvc - ok
12:34:20.0437 0x1598 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
12:34:20.0469 0x1598 lltdio - ok
12:34:20.0500 0x1598 [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
12:34:20.0547 0x1598 lltdsvc - ok
12:34:20.0578 0x1598 [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
12:34:20.0625 0x1598 lmhosts - ok
12:34:20.0672 0x1598 [ DECDC94EE980974EDFE4663B28A127C1, 9546F6B6F049EAD3D503A18CA106A1716AFE46CA40769D3DB128A3C152E02D30 ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
12:34:20.0687 0x1598 LMIGuardianSvc - ok
12:34:20.0719 0x1598 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
12:34:20.0719 0x1598 LSI_SAS - ok
12:34:20.0734 0x1598 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
12:34:20.0750 0x1598 LSI_SAS2 - ok
12:34:20.0750 0x1598 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys
12:34:20.0766 0x1598 LSI_SAS3 - ok
12:34:20.0766 0x1598 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
12:34:20.0781 0x1598 LSI_SSS - ok
12:34:20.0812 0x1598 [ 9B231CD3E52DF29EE50086FF676D3D6F, A47449CA6C88FE089A6953D05FA33A55A55E0306335A7A102A4CD75429FF0515 ] LSM C:\WINDOWS\System32\lsm.dll
12:34:20.0859 0x1598 LSM - ok
12:34:20.0875 0x1598 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
12:34:20.0906 0x1598 luafv - ok
12:34:20.0922 0x1598 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\WINDOWS\system32\drivers\megasas.sys
12:34:20.0937 0x1598 megasas - ok
12:34:20.0969 0x1598 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
12:34:21.0078 0x1598 megasr - ok
12:34:21.0125 0x1598 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\WINDOWS\system32\mmcss.dll
12:34:21.0141 0x1598 MMCSS - ok
12:34:21.0187 0x1598 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\WINDOWS\system32\drivers\modem.sys
12:34:21.0219 0x1598 Modem - ok
12:34:21.0250 0x1598 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
12:34:21.0281 0x1598 monitor - ok
12:34:21.0312 0x1598 [ 2A2F8D5284E59815169A88F1FC9CEE28, 58EFBCF3C849FD088CFB7FE287FC7D9DD7E03D4E6AA98F0497C09E4596E42538 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
12:34:21.0328 0x1598 mouclass - ok
12:34:21.0344 0x1598 [ 91223A2AE2955B3E0DA3DB79C3A897A6, 32B59CF1586C2300D60AF8A1D819515033ACC7F7A1F3523FC4AC7725E29B5A90 ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
12:34:21.0359 0x1598 mouhid - ok
12:34:21.0375 0x1598 [ D1D82F007A079A4D623DBD1F36EF30A1, 7901F81B62C5A4196D75A10C05386B16831CB290EFB9A1611CECF281068C520F ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
12:34:21.0391 0x1598 mountmgr - ok
12:34:21.0391 0x1598 [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
12:34:21.0422 0x1598 mpsdrv - ok
12:34:21.0469 0x1598 [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
12:34:21.0500 0x1598 MpsSvc - ok
12:34:21.0531 0x1598 [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
12:34:21.0578 0x1598 MRxDAV - ok
12:34:21.0594 0x1598 [ 31233271EDE50D1BBB220F78AFA60486, 2122FAB5BD353DF63CF0FE9CEDBD5DFD1F26F2DE04303E1B3FFB03AA02AECED9 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:34:21.0656 0x1598 mrxsmb - ok
12:34:21.0687 0x1598 [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
12:34:21.0719 0x1598 mrxsmb10 - ok
12:34:21.0734 0x1598 [ 6276AC2AA203CF47811F6EFBBD214FBF, AE55D87D863A626347B0074F4E962080F1989A94153DAF8475593249F616DA2F ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
12:34:21.0766 0x1598 mrxsmb20 - ok
12:34:21.0797 0x1598 [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
12:34:21.0844 0x1598 MsBridge - ok
12:34:21.0875 0x1598 [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\WINDOWS\System32\msdtc.exe
12:34:21.0906 0x1598 MSDTC - ok
12:34:21.0922 0x1598 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
12:34:21.0937 0x1598 Msfs - ok
12:34:21.0953 0x1598 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
12:34:21.0969 0x1598 msgpiowin32 - ok
12:34:21.0984 0x1598 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
12:34:22.0016 0x1598 mshidkmdf - ok
12:34:22.0016 0x1598 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
12:34:22.0031 0x1598 mshidumdf - ok
12:34:22.0047 0x1598 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
12:34:22.0063 0x1598 msisadrv - ok
12:34:22.0094 0x1598 [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
12:34:22.0125 0x1598 MSiSCSI - ok
12:34:22.0125 0x1598 msiserver - ok
12:34:22.0141 0x1598 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:34:22.0157 0x1598 MSKSSRV - ok
12:34:22.0172 0x1598 [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
12:34:22.0188 0x1598 MsLldp - ok
12:34:22.0219 0x1598 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:34:22.0250 0x1598 MSPCLOCK - ok
12:34:22.0266 0x1598 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
12:34:22.0282 0x1598 MSPQM - ok
12:34:22.0313 0x1598 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
12:34:22.0344 0x1598 MsRPC - ok
12:34:22.0360 0x1598 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
12:34:22.0360 0x1598 mssmbios - ok
12:34:22.0391 0x1598 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
12:34:22.0407 0x1598 MSTEE - ok
12:34:22.0407 0x1598 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
12:34:22.0438 0x1598 MTConfig - ok
12:34:22.0438 0x1598 [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\WINDOWS\system32\Drivers\mup.sys
12:34:22.0453 0x1598 Mup - ok
12:34:22.0469 0x1598 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
12:34:22.0485 0x1598 mvumis - ok
12:34:22.0547 0x1598 [ 0FC64133A8FB5342C6876982B01FA37F, FCF8CE0D3095ECB25242E1A18F16A70BA1D0BC64C6525D4497672AF1F0043C9E ] NanoServiceMain C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
12:34:22.0578 0x1598 NanoServiceMain - ok
12:34:22.0610 0x1598 [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\WINDOWS\system32\qagentRT.dll
12:34:22.0641 0x1598 napagent - ok
12:34:22.0688 0x1598 [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
12:34:22.0719 0x1598 NativeWifiP - ok
12:34:22.0766 0x1598 [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
12:34:22.0797 0x1598 NcaSvc - ok
12:34:22.0813 0x1598 [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\WINDOWS\System32\ncbservice.dll
12:34:22.0828 0x1598 NcbService - ok
12:34:22.0844 0x1598 [ 9ACED0F5B458C9011F39143326494E93, 9DFFC7EE7DE6FD92545EC6A203213C498A01EEFB0BC55460D339BCE498E56A7F ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
12:34:22.0875 0x1598 NcdAutoSetup - ok
12:34:22.0969 0x1598 [ 21FE65E2E67C4E31EE95CBD1F91C4B24, 6558F2BC10E6B09F7EE5264722FCF572B861EDB60A1433B58A4F4625EC0ABF63 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
12:34:23.0016 0x1598 NDIS - ok
12:34:23.0047 0x1598 [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
12:34:23.0079 0x1598 NdisCap - ok
12:34:23.0094 0x1598 [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
12:34:23.0110 0x1598 NdisImPlatform - ok
12:34:23.0125 0x1598 [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:34:23.0157 0x1598 NdisTapi - ok
12:34:23.0188 0x1598 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:34:23.0235 0x1598 Ndisuio - ok
12:34:23.0250 0x1598 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
12:34:23.0282 0x1598 NdisVirtualBus - ok
12:34:23.0329 0x1598 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:34:23.0360 0x1598 NdisWan - ok
12:34:23.0375 0x1598 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:34:23.0391 0x1598 NdisWanLegacy - ok
12:34:23.0407 0x1598 [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
12:34:23.0422 0x1598 NDProxy - ok
12:34:23.0438 0x1598 [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
12:34:23.0469 0x1598 Ndu - ok
12:34:23.0485 0x1598 [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
12:34:23.0500 0x1598 NetBIOS - ok
12:34:23.0532 0x1598 [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
12:34:23.0563 0x1598 NetBT - ok
12:34:23.0594 0x1598 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\WINDOWS\system32\lsass.exe
12:34:23.0610 0x1598 Netlogon - ok
12:34:23.0672 0x1598 [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\WINDOWS\System32\netman.dll
12:34:23.0704 0x1598 Netman - ok
12:34:23.0766 0x1598 [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
12:34:23.0797 0x1598 netprofm - ok
12:34:23.0891 0x1598 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:34:23.0969 0x1598 NetTcpPortSharing - ok
12:34:24.0000 0x1598 [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\WINDOWS\System32\drivers\netvsc63.sys
12:34:24.0047 0x1598 netvsc - ok
12:34:24.0094 0x1598 [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
12:34:24.0141 0x1598 NlaSvc - ok
12:34:24.0172 0x1598 [ ACC47D60E202EBA0A8A80768EC5D3C97, 3A26BA0A97201B55151D649DBCF048E0D72A933D4DDBE5FD415AB772C7C6C250 ] NNSALPC C:\WINDOWS\system32\DRIVERS\NNSAlpc.sys
12:34:24.0188 0x1598 NNSALPC - ok
12:34:24.0188 0x1598 [ 4C7EAD79B914ADE44D68171AFEEF2AB3, 78D805FFC0DF4EB3D36B43CFD05CF7F5AFCC81B196224A09834EB17FA4D29838 ] NNSHTTP C:\WINDOWS\system32\DRIVERS\NNSHttp.sys
12:34:24.0204 0x1598 NNSHTTP - ok
12:34:24.0219 0x1598 [ B40C57451477334E8A66F4823BE04AE3, B3E52FA1570D569F2C40716ED925E3D588489DF37D9639E3BA5B5C0AAFE91543 ] NNSHTTPS C:\WINDOWS\system32\DRIVERS\NNSHttps.sys
12:34:24.0235 0x1598 NNSHTTPS - ok
12:34:24.0250 0x1598 [ 222CF23D6FCEB616CA48BBA55FC4D5C0, DB61FEA4126005A226E88FD6590BC57B440047DFAC6531B3C91AFFEFB0AD6F6C ] NNSIDS C:\WINDOWS\system32\DRIVERS\NNSIds.sys
12:34:24.0250 0x1598 NNSIDS - ok
12:34:24.0282 0x1598 [ 34944C0D7595E99FADF85F808E508EA3, ED8484DB7C6A012A20E23CCC057AE5553FE487D2BFF3F58D1CBFFA4059ED09F4 ] NNSNAHSL C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys
12:34:24.0297 0x1598 NNSNAHSL - ok
12:34:24.0313 0x1598 [ C5332A1FB751B8D5FD9D424D330BC91B, B2FEBEA06252457FF87B74D693E75B29CCF6839EA6FFD60007996B23A6D80154 ] NNSPICC C:\WINDOWS\system32\DRIVERS\NNSPicc.sys
12:34:24.0313 0x1598 NNSPICC - ok
12:34:24.0329 0x1598 [ AA1A311C019288FFCCF3661B5EA27A99, BC91048E82C820CECBBDEDD9D9F7EDDBF6CBC88CE1D9C83A12C4A0E59CFAAC76 ] NNSPIHSW C:\WINDOWS\system32\DRIVERS\NNSPihsw.sys
12:34:24.0344 0x1598 NNSPIHSW - ok
12:34:24.0360 0x1598 [ EB153B4FA5200D1D3352D6C3FB7C9C38, 306805080F8FDB5D9299E93C7074F3B46F8E4B6623A3A75A83E98E6EB0E5BDC5 ] NNSPOP3 C:\WINDOWS\system32\DRIVERS\NNSPop3.sys
12:34:24.0360 0x1598 NNSPOP3 - ok
12:34:24.0391 0x1598 [ 425356A7A3657174C206AA3FDB3DDD35, 9634D9A2271C57051BBEC58020082B4CCF2A6583B8FB3C6AC22E9C81728E10F8 ] NNSPROT C:\WINDOWS\system32\DRIVERS\NNSProt.sys
12:34:24.0391 0x1598 NNSPROT - ok
12:34:24.0422 0x1598 [ FFDF3257F83A094941005EE607B8A905, D3E676A13175D329E2F3677D9B56ED7B4DCDCE6794C96025171B24140B543EDC ] NNSPRV C:\WINDOWS\system32\DRIVERS\NNSPrv.sys
12:34:24.0422 0x1598 NNSPRV - ok
12:34:24.0438 0x1598 [ DE87A11CB1767ABDDE223D4CC0F7C221, 3D24BC83E4D88174CA08281C0B3E3E7BC44218F4C6950D28D37029AE39F68E50 ] NNSSMTP C:\WINDOWS\system32\DRIVERS\NNSSmtp.sys
12:34:24.0454 0x1598 NNSSMTP - ok
12:34:24.0469 0x1598 [ 537FB2F711E65475562FE29877F108E1, D2B486CBF3D4CF4AB5D6CCF34CAA57725C3027A2C3E0A1CF628D33546ACBF072 ] NNSSTRM C:\WINDOWS\system32\DRIVERS\NNSStrm.sys
12:34:24.0485 0x1598 NNSSTRM - ok
12:34:24.0500 0x1598 [ 4F37DC4420A00BC6E9D22E3590806BFC, C65CEE11AFA68F9B870FB256AB53A04C32C1F73F6F4F209944815CC96F8FEB17 ] NNSTLSC C:\WINDOWS\system32\DRIVERS\NNSTlsc.sys
12:34:24.0516 0x1598 NNSTLSC - ok
12:34:24.0532 0x1598 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
12:34:24.0547 0x1598 Npfs - ok
12:34:24.0563 0x1598 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
12:34:24.0610 0x1598 npsvctrig - ok
12:34:24.0657 0x1598 [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\WINDOWS\system32\nsisvc.dll
12:34:24.0719 0x1598 nsi - ok
12:34:24.0735 0x1598 [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
12:34:24.0766 0x1598 nsiproxy - ok
12:34:24.0860 0x1598 [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
12:34:24.0938 0x1598 Ntfs - ok
12:34:24.0954 0x1598 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\WINDOWS\system32\drivers\Null.sys
12:34:24.0969 0x1598 Null - ok
12:34:24.0985 0x1598 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
12:34:25.0000 0x1598 nvraid - ok
12:34:25.0016 0x1598 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
12:34:25.0032 0x1598 nvstor - ok
12:34:25.0032 0x1598 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
12:34:25.0048 0x1598 nv_agp - ok
12:34:25.0126 0x1598 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
12:34:25.0158 0x1598 p2pimsvc - ok
12:34:25.0189 0x1598 [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\WINDOWS\system32\p2psvc.dll
12:34:25.0236 0x1598 p2psvc - ok
12:34:25.0298 0x1598 [ A6B78F395F57E927A0F981D51A00CC5D, D06BFDCF435F80F64F97D225159AFCD3BD77D7D0D9FD6C90E7B89FF47BAC47F0 ] PandaAgent C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
12:34:25.0314 0x1598 PandaAgent - ok
12:34:25.0345 0x1598 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\WINDOWS\System32\drivers\parport.sys
12:34:25.0376 0x1598 Parport - ok
12:34:25.0408 0x1598 [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
12:34:25.0423 0x1598 partmgr - ok
12:34:25.0455 0x1598 [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
12:34:25.0501 0x1598 PcaSvc - ok
12:34:25.0517 0x1598 [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\WINDOWS\system32\drivers\pci.sys
12:34:25.0533 0x1598 pci - ok
12:34:25.0548 0x1598 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
12:34:25.0564 0x1598 pciide - ok
12:34:25.0564 0x1598 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
12:34:25.0580 0x1598 pcmcia - ok
12:34:25.0595 0x1598 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
12:34:25.0595 0x1598 pcw - ok
12:34:25.0611 0x1598 [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
12:34:25.0626 0x1598 pdc - ok
12:34:25.0736 0x1598 [ F97DC1A5244469D367B1334D47118E34, A36B6C402F92BEBE14082296CBF5F69656ED87AB700789028799768FA1FE2A72 ] PDF Architect 2 C:\Program Files (x86)\PDF Architect 2\ws.exe
12:34:25.0798 0x1598 PDF Architect 2 - ok
12:34:25.0830 0x1598 [ E81F7D5371C95904D4105B06405D5EDA, A6A41793AC241801D37A95C25B2DA0C3CDDC804B4F2BD087ECBD30C562F3517B ] pdfforge CrashHandler C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe
12:34:25.0845 0x1598 pdfforge CrashHandler - ok
12:34:25.0892 0x1598 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
12:34:25.0986 0x1598 PEAUTH - ok
12:34:26.0111 0x1598 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
12:34:26.0189 0x1598 PerfHost - ok
12:34:26.0361 0x1598 [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\WINDOWS\system32\pla.dll
12:34:26.0439 0x1598 pla - ok
12:34:26.0486 0x1598 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
12:34:26.0517 0x1598 PlugPlay - ok
12:34:26.0533 0x1598 [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
12:34:26.0548 0x1598 PNRPAutoReg - ok
12:34:26.0580 0x1598 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
12:34:26.0595 0x1598 PNRPsvc - ok
12:34:26.0642 0x1598 [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
12:34:26.0673 0x1598 PolicyAgent - ok
12:34:26.0705 0x1598 [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\WINDOWS\system32\umpo.dll
12:34:26.0736 0x1598 Power - ok
12:34:26.0939 0x1598 [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
12:34:27.0080 0x1598 PrintNotify - ok
12:34:27.0142 0x1598 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\WINDOWS\System32\drivers\processr.sys
12:34:27.0174 0x1598 Processor - ok
12:34:27.0205 0x1598 [ 19424364D8C03B990C4281BE53963FD0, 958FC8436E6B754858E20BC48B0D4B269991E8CA94C15C2761BF04ED52591907 ] ProfSvc C:\WINDOWS\system32\profsvc.dll
12:34:27.0252 0x1598 ProfSvc - ok
12:34:27.0283 0x1598 [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
12:34:27.0299 0x1598 Psched - ok
12:34:27.0330 0x1598 [ C6FBFC8B41D51A80433D97337515DA39, 10B0DF9E476FE5DED6ABD42372A9F38288207AB11606C03C814FCEF457D4F9BC ] PSINAflt C:\WINDOWS\system32\DRIVERS\PSINAflt.sys
12:34:27.0345 0x1598 PSINAflt - ok
12:34:27.0361 0x1598 [ 65D5DB4FA4C17795860DC736B1054EA2, 422B6FF6588355D1774803293EF77F2B8BF22F769244DD575675430C7116EAA7 ] PSINFile C:\WINDOWS\system32\DRIVERS\PSINFile.sys
12:34:27.0361 0x1598 PSINFile - ok
12:34:27.0392 0x1598 [ 305FCF2F725B806BC5E69AC95340A271, FCA0EF28DE5F4DAF8E3E4BB70C7668A0E1990CC080D52BA711DFB9CC5C369230 ] PSINKNC C:\WINDOWS\system32\DRIVERS\psinknc.sys
12:34:27.0392 0x1598 PSINKNC - ok
12:34:27.0408 0x1598 [ ED6B1CDE5B178B057F64B2AF682EB45A, BDD46380BF51A48982E81F1D5EDAC2D9B16D2C03E886144279F4505ADA247EE2 ] PSINProc C:\WINDOWS\system32\DRIVERS\PSINProc.sys
12:34:27.0424 0x1598 PSINProc - ok
12:34:27.0439 0x1598 [ 171F1C6F49142F2D1C174B817F46EC0F, 96F6B021CBEA2F0787A01E323EED626B380DAD13FC91EE4552F4DEEEC95DBD2C ] PSINProt C:\WINDOWS\system32\DRIVERS\PSINProt.sys
12:34:27.0439 0x1598 PSINProt - ok
12:34:27.0455 0x1598 [ E962316E38ABC537821C3651AAC0B7CC, 80821A37A035F662CC20C5E8EA8D06E1106F24EA0B6DB35995C6174601E21AFD ] PSINReg C:\WINDOWS\system32\DRIVERS\PSINReg.sys
12:34:27.0470 0x1598 PSINReg - ok
12:34:27.0486 0x1598 [ 105ACC469DF34C8BD0D5E68A70C774E5, 983A759339E058AAE779EB9476EC2AEE8B379F0C60E5E2FD73826155827F5518 ] PSKMAD C:\WINDOWS\system32\DRIVERS\PSKMAD.sys
12:34:27.0502 0x1598 PSKMAD - ok
12:34:27.0595 0x1598 [ 586823A8CF9F975CE994EA5E05569156, B4AFA337417001CCE867EB809D3F766B2C6B14C53D1C59DE649068557702F88E ] PSUAService C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
12:34:27.0611 0x1598 PSUAService - ok
12:34:27.0658 0x1598 [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\WINDOWS\system32\qwave.dll
12:34:27.0705 0x1598 QWAVE - ok
12:34:27.0752 0x1598 [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
12:34:27.0783 0x1598 QWAVEdrv - ok
12:34:27.0814 0x1598 [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:34:27.0845 0x1598 RasAcd - ok
12:34:27.0892 0x1598 [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\WINDOWS\System32\rasauto.dll
12:34:27.0939 0x1598 RasAuto - ok
12:34:27.0970 0x1598 [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan C:\WINDOWS\System32\rasmans.dll
12:34:28.0017 0x1598 RasMan - ok
12:34:28.0049 0x1598 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:34:28.0095 0x1598 RasPppoe - ok
12:34:28.0111 0x1598 [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:34:28.0142 0x1598 rdbss - ok
12:34:28.0158 0x1598 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
12:34:28.0236 0x1598 rdpbus - ok
12:34:28.0283 0x1598 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
12:34:28.0330 0x1598 RDPDR - ok
12:34:28.0361 0x1598 [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
12:34:28.0377 0x1598 RdpVideoMiniport - ok
12:34:28.0377 0x1598 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
12:34:28.0408 0x1598 rdyboost - ok
12:34:28.0439 0x1598 [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
12:34:28.0486 0x1598 ReFS - ok
12:34:28.0517 0x1598 [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
12:34:28.0533 0x1598 RemoteAccess - ok
12:34:28.0580 0x1598 [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
12:34:28.0627 0x1598 RemoteRegistry - ok
12:34:28.0658 0x1598 [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
12:34:28.0689 0x1598 RpcEptMapper - ok
12:34:28.0720 0x1598 [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\WINDOWS\system32\locator.exe
12:34:28.0752 0x1598 RpcLocator - ok
12:34:28.0799 0x1598 [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs C:\WINDOWS\system32\rpcss.dll
12:34:28.0830 0x1598 RpcSs - ok
12:34:28.0861 0x1598 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
12:34:28.0892 0x1598 rspndr - ok
12:34:28.0908 0x1598 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
12:34:28.0924 0x1598 s3cap - ok
12:34:28.0955 0x1598 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\WINDOWS\system32\lsass.exe
12:34:28.0955 0x1598 SamSs - ok
12:34:29.0002 0x1598 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
12:34:29.0017 0x1598 sbp2port - ok
12:34:29.0049 0x1598 [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
12:34:29.0096 0x1598 SCardSvr - ok
12:34:29.0111 0x1598 [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
12:34:29.0127 0x1598 ScDeviceEnum - ok
12:34:29.0142 0x1598 [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
12:34:29.0174 0x1598 scfilter - ok
12:34:29.0236 0x1598 [ A626F5E446860F22835E783142D7AE33, 3A786639E1FABCA512F4F91A10811DD3C4D9C9C9BB893362E4D019219D0BD8E2 ] Schedule C:\WINDOWS\system32\schedsvc.dll
12:34:29.0299 0x1598 Schedule - ok
12:34:29.0346 0x1598 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
12:34:29.0361 0x1598 SCPolicySvc - ok
12:34:29.0392 0x1598 [ 7B7C482CF48E6EE33664340D1A78E6FE, CE5077C4B0372F4F9F02B0B37AE58C0DAEFCA9D242065731A23F072506430575 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
12:34:29.0408 0x1598 sdbus - ok
12:34:29.0424 0x1598 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
12:34:29.0424 0x1598 sdstor - ok
12:34:29.0439 0x1598 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
12:34:29.0471 0x1598 secdrv - ok
12:34:29.0486 0x1598 [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon C:\WINDOWS\system32\seclogon.dll
12:34:29.0533 0x1598 seclogon - ok
12:34:29.0564 0x1598 [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\WINDOWS\System32\sens.dll
12:34:29.0596 0x1598 SENS - ok
12:34:29.0611 0x1598 [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
12:34:29.0674 0x1598 SensrSvc - ok
12:34:29.0689 0x1598 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
12:34:29.0705 0x1598 SerCx - ok
12:34:29.0736 0x1598 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
12:34:29.0752 0x1598 SerCx2 - ok
12:34:29.0783 0x1598 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
12:34:29.0799 0x1598 Serenum - ok
12:34:29.0799 0x1598 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\WINDOWS\System32\drivers\serial.sys
12:34:29.0830 0x1598 Serial - ok
12:34:29.0830 0x1598 [ 96B01F117057FB4DAE0FF919ACB55770, D0F58F1CAE4F81D60FCE60BB0065A34B4F897E8105DF17B6DAA334938CD25A56 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
12:34:29.0846 0x1598 sermouse - ok
12:34:29.0892 0x1598 [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv C:\WINDOWS\system32\sessenv.dll
12:34:29.0924 0x1598 SessionEnv - ok
12:34:29.0939 0x1598 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
12:34:29.0955 0x1598 sfloppy - ok
12:34:30.0002 0x1598 [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
12:34:30.0033 0x1598 SharedAccess - ok
12:34:30.0080 0x1598 [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
12:34:30.0143 0x1598 ShellHWDetection - ok
12:34:30.0174 0x1598 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
12:34:30.0174 0x1598 SiSRaid2 - ok
12:34:30.0190 0x1598 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
12:34:30.0205 0x1598 SiSRaid4 - ok
12:34:30.0221 0x1598 [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
12:34:30.0236 0x1598 SkypeUpdate - ok
12:34:30.0268 0x1598 [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\WINDOWS\System32\smphost.dll
12:34:30.0283 0x1598 smphost - ok
12:34:30.0315 0x1598 [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
12:34:30.0361 0x1598 SNMPTRAP - ok
12:34:30.0393 0x1598 [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
12:34:30.0424 0x1598 spaceport - ok
12:34:30.0424 0x1598 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
12:34:30.0440 0x1598 SpbCx - ok
12:34:30.0502 0x1598 [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan C:\WINDOWS\SysWOW64\speedfan.sys
12:34:30.0533 0x1598 speedfan - ok
12:34:30.0643 0x1598 [ 59F13AAE95D8E934AC5C02AD65212E92, B9A741609F4B5FB83F4324A0ADB84FFA71D8A3CE95619DB9789888724CC69285 ] SplashtopRemoteService C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
12:34:30.0674 0x1598 SplashtopRemoteService - ok
12:34:30.0830 0x1598 [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler C:\WINDOWS\System32\spoolsv.exe
12:34:30.0877 0x1598 Spooler - ok
12:34:31.0065 0x1598 [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\WINDOWS\system32\sppsvc.exe
12:34:31.0315 0x1598 sppsvc - ok
12:34:31.0393 0x1598 [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
12:34:31.0471 0x1598 srv - ok
12:34:31.0502 0x1598 [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
12:34:31.0533 0x1598 srv2 - ok
12:34:31.0549 0x1598 [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
12:34:31.0596 0x1598 srvnet - ok
12:34:31.0627 0x1598 [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
12:34:31.0658 0x1598 SSDPSRV - ok
12:34:31.0705 0x1598 [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
12:34:31.0752 0x1598 SstpSvc - ok
12:34:31.0815 0x1598 [ 504C33FE3B4E2AF11FE5875DDCA8EBEA, 7A3A5B5B23422A58F597DDE5FC0593EDE8EF31A7FB9CB77DB3A6AAFCCA369F3D ] SSUService C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
12:34:31.0830 0x1598 SSUService - ok
12:34:31.0924 0x1598 [ 97F839E8AEC48EE271509BF4BC764C24, 7B9B791E987ADC8991C128CD52CB253F295E41DF502BF8933DF388994E84560D ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
12:34:31.0940 0x1598 STacSV - detected UnsignedFile.Multi.Generic ( 1 )
12:34:34.0252 0x1598 Detect skipped due to KSN trusted
12:34:34.0252 0x1598 STacSV - ok
12:34:34.0362 0x1598 [ CC7ED069C2FC82B5B1555C2044C765CC, CE43363544A3EE2C5133CD0D47BF34AFAFA4EAD6AC9EB9A772EE55E89D4D89D4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
12:34:34.0393 0x1598 Steam Client Service - ok
12:34:34.0424 0x1598 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
12:34:34.0424 0x1598 stexstor - ok
12:34:34.0471 0x1598 [ 7E89F65EB250463EE8665CFE19566FC3, 45849BAFA62E72A97103C5F02962D346D3F79DE9DB07297D1073FF355A506D9C ] STHDA C:\WINDOWS\system32\DRIVERS\stwrt64.sys
12:34:34.0487 0x1598 STHDA - ok
12:34:34.0549 0x1598 [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\WINDOWS\System32\wiaservc.dll
12:34:34.0612 0x1598 stisvc - ok
12:34:34.0627 0x1598 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
12:34:34.0627 0x1598 storahci - ok
12:34:34.0659 0x1598 [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
12:34:34.0674 0x1598 storflt - ok
12:34:34.0690 0x1598 [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
12:34:34.0690 0x1598 stornvme - ok
12:34:34.0721 0x1598 [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\WINDOWS\system32\storsvc.dll
12:34:34.0768 0x1598 StorSvc - ok
12:34:34.0784 0x1598 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
12:34:34.0799 0x1598 storvsc - ok
12:34:34.0815 0x1598 [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\WINDOWS\system32\svsvc.dll
12:34:34.0862 0x1598 svsvc - ok
12:34:34.0877 0x1598 [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\WINDOWS\System32\drivers\swenum.sys
12:34:34.0877 0x1598 swenum - ok
12:34:34.0909 0x1598 [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\WINDOWS\System32\swprv.dll
12:34:34.0955 0x1598 swprv - ok
12:34:35.0034 0x1598 [ 3114CB46C2853CA71525428CB0C7CB58, A9CC51506AABBC23BAB2B90E30AB13197A72268A3DE6D2F281C1C367ED7118AE ] SysMain C:\WINDOWS\system32\sysmain.dll
12:34:35.0128 0x1598 SysMain - ok
12:34:35.0143 0x1598 [ 23BECB70654B192A7E378DEE3DBD8D42, 7596174AE7508B62C40A429645198F6A420D0CD5B62A10AB78516113584E7EDB ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
12:34:35.0190 0x1598 SystemEventsBroker - ok
12:34:35.0206 0x1598 [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
12:34:35.0253 0x1598 TabletInputService - ok
12:34:35.0268 0x1598 [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
12:34:35.0315 0x1598 TapiSrv - ok
12:34:35.0409 0x1598 [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
12:34:35.0503 0x1598 Tcpip - ok
12:34:35.0581 0x1598 [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:34:35.0659 0x1598 TCPIP6 - ok
12:34:35.0706 0x1598 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
12:34:35.0721 0x1598 tcpipreg - ok
12:34:35.0753 0x1598 [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
12:34:35.0768 0x1598 tdx - ok
12:34:35.0799 0x1598 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
12:34:35.0799 0x1598 terminpt - ok
12:34:35.0862 0x1598 [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService C:\WINDOWS\System32\termsrv.dll
12:34:35.0924 0x1598 TermService - ok
12:34:35.0956 0x1598 [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\WINDOWS\system32\themeservice.dll
12:34:35.0971 0x1598 Themes - ok
12:34:36.0003 0x1598 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\WINDOWS\system32\mmcss.dll
12:34:36.0018 0x1598 THREADORDER - ok
12:34:36.0034 0x1598 [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
12:34:36.0081 0x1598 TimeBroker - ok
12:34:36.0112 0x1598 [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\WINDOWS\system32\drivers\tpm.sys
12:34:36.0159 0x1598 TPM - ok
12:34:36.0175 0x1598 [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\WINDOWS\System32\trkwks.dll
12:34:36.0190 0x1598 TrkWks - ok
12:34:36.0268 0x1598 [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
12:34:36.0315 0x1598 TrustedInstaller - ok
12:34:36.0331 0x1598 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
12:34:36.0378 0x1598 TsUsbFlt - ok
12:34:36.0378 0x1598 [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
12:34:36.0393 0x1598 TsUsbGD - ok
12:34:36.0409 0x1598 [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
12:34:36.0440 0x1598 tunnel - ok
12:34:36.0456 0x1598 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
12:34:36.0456 0x1598 uagp35 - ok
12:34:36.0471 0x1598 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
12:34:36.0471 0x1598 UASPStor - ok
12:34:36.0518 0x1598 [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
12:34:36.0534 0x1598 UCX01000 - ok
12:34:36.0534 0x1598 [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
12:34:36.0565 0x1598 udfs - ok
12:34:36.0581 0x1598 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
12:34:36.0596 0x1598 UEFI - ok
12:34:36.0628 0x1598 [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
12:34:36.0643 0x1598 UI0Detect - ok
12:34:36.0659 0x1598 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
12:34:36.0659 0x1598 uliagpkx - ok
12:34:36.0675 0x1598 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
12:34:36.0675 0x1598 umbus - ok
12:34:36.0690 0x1598 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
12:34:36.0706 0x1598 UmPass - ok
12:34:36.0737 0x1598 [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
12:34:36.0768 0x1598 UmRdpService - ok
12:34:36.0800 0x1598 [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\WINDOWS\System32\upnphost.dll
12:34:36.0831 0x1598 upnphost - ok
12:34:36.0831 0x1598 [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
12:34:36.0846 0x1598 usbccgp - ok
12:34:36.0878 0x1598 [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
12:34:36.0878 0x1598 usbcir - ok
12:34:36.0893 0x1598 [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
12:34:36.0909 0x1598 usbehci - ok
12:34:36.0909 0x1598 [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
12:34:36.0940 0x1598 usbhub - ok
12:34:36.0971 0x1598 [ FAA564A13576F9284546BF016D27B551, 1D2CD13DC0B02DD40657EE4F93F4A13C78D2F2EF91685E563D78E217C96DF544 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
12:34:36.0987 0x1598 USBHUB3 - ok
12:34:37.0003 0x1598 [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
12:34:37.0081 0x1598 usbohci - ok
12:34:37.0097 0x1598 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
12:34:37.0143 0x1598 usbprint - ok
12:34:37.0175 0x1598 [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
12:34:37.0206 0x1598 usbscan - ok
12:34:37.0222 0x1598 [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
12:34:37.0237 0x1598 USBSTOR - ok
12:34:37.0268 0x1598 [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
12:34:37.0284 0x1598 usbuhci - ok
12:34:37.0300 0x1598 [ 1A20F03700D2B2ED775E38D751EF2F63, 76F8BE9F412D4397437E60A7E6231C80EA9B4F5436C9A8FAB967C78604994AE9 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
12:34:37.0331 0x1598 USBXHCI - ok
12:34:37.0362 0x1598 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\WINDOWS\system32\lsass.exe
12:34:37.0362 0x1598 VaultSvc - ok
12:34:37.0409 0x1598 [ 3C8E2C591345F38149C69FE8E5DF8C90, 9F4BB9BDA09CB2E99A6A888B288F322AE5C460B5D124CD714C6F00FF5029144B ] VClone C:\WINDOWS\System32\drivers\VClone.sys
12:34:37.0440 0x1598 VClone - ok
12:34:37.0456 0x1598 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
12:34:37.0472 0x1598 vdrvroot - ok
12:34:37.0518 0x1598 [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\WINDOWS\System32\vds.exe
12:34:37.0597 0x1598 vds - ok
12:34:37.0628 0x1598 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
12:34:37.0643 0x1598 VerifierExt - ok
12:34:37.0690 0x1598 [ C06E8481E068F170A258441639AC5792, 2F550530BACB511A195D5047F003B01CB6E04FA9A0DCCF638CB3D51FF5467DC7 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
12:34:37.0722 0x1598 vhdmp - ok
12:34:37.0737 0x1598 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
12:34:37.0737 0x1598 viaide - ok
12:34:37.0753 0x1598 [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
12:34:37.0768 0x1598 vmbus - ok
12:34:37.0784 0x1598 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
12:34:37.0800 0x1598 VMBusHID - ok
12:34:37.0831 0x1598 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
12:34:37.0878 0x1598 vmicguestinterface - ok
12:34:37.0893 0x1598 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
12:34:37.0909 0x1598 vmicheartbeat - ok
12:34:37.0925 0x1598 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
12:34:37.0940 0x1598 vmickvpexchange - ok
12:34:37.0956 0x1598 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
12:34:37.0972 0x1598 vmicrdv - ok
12:34:37.0987 0x1598 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
12:34:38.0018 0x1598 vmicshutdown - ok
12:34:38.0034 0x1598 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
12:34:38.0050 0x1598 vmictimesync - ok
12:34:38.0065 0x1598 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
12:34:38.0081 0x1598 vmicvss - ok
12:34:38.0097 0x1598 [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
12:34:38.0112 0x1598 volmgr - ok
12:34:38.0128 0x1598 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
12:34:38.0159 0x1598 volmgrx - ok
12:34:38.0159 0x1598 [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
12:34:38.0190 0x1598 volsnap - ok
12:34:38.0222 0x1598 [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
12:34:38.0222 0x1598 vpci - ok
12:34:38.0253 0x1598 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
12:34:38.0253 0x1598 vsmraid - ok
12:34:38.0331 0x1598 [ 94FAFD473CDD80CE19A21FB9503D7ED1, 953E5E8C753C0017E1258695A76F60CC05D283F7476B9D9C5C8AC78B8E3FCE18 ] VSS C:\WINDOWS\system32\vssvc.exe
12:34:38.0409 0x1598 VSS - ok
12:34:38.0440 0x1598 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
12:34:38.0472 0x1598 VSTXRAID - ok
12:34:38.0487 0x1598 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
12:34:38.0565 0x1598 vwifibus - ok
12:34:38.0628 0x1598 [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\WINDOWS\system32\w32time.dll
12:34:38.0690 0x1598 W32Time - ok
12:34:38.0722 0x1598 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
12:34:38.0737 0x1598 WacomPen - ok
12:34:38.0784 0x1598 [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine C:\WINDOWS\system32\wbengine.exe
12:34:38.0862 0x1598 wbengine - ok
12:34:38.0909 0x1598 [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
12:34:38.0972 0x1598 WbioSrvc - ok
12:34:38.0987 0x1598 [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
12:34:39.0018 0x1598 Wcmsvc - ok
12:34:39.0050 0x1598 [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
12:34:39.0081 0x1598 wcncsvc - ok
12:34:39.0097 0x1598 [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
12:34:39.0128 0x1598 WcsPlugInService - ok
12:34:39.0159 0x1598 [ 0359607177E5E9F6041136CC0A5CB0B6, 16687BE2639648CF46E8768BA1798030472C525612C629BF134D053240E2195B ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
12:34:39.0175 0x1598 WdBoot - ok
12:34:39.0222 0x1598 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
12:34:39.0253 0x1598 Wdf01000 - ok
12:34:39.0268 0x1598 [ DE8D12B4C3F55FA2C5E9774314F6C58A, C3E835DC066A94E1431BCDC90D7EA27AAC6F82826F4A5527B37D865241D7A366 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
12:34:39.0284 0x1598 WdFilter - ok
12:34:39.0300 0x1598 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
12:34:39.0331 0x1598 WdiServiceHost - ok
12:34:39.0331 0x1598 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
12:34:39.0347 0x1598 WdiSystemHost - ok
12:34:39.0378 0x1598 [ 4AD874CDC812EC156265E451B6B09DAB, 6E3E05B8301841425E9BB0D54B35EF386B78EEB307B5A6153FD1F366D30F23FA ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
12:34:39.0378 0x1598 WdNisDrv - ok
12:34:39.0409 0x1598 WdNisSvc - ok
12:34:39.0456 0x1598 [ 185E4111627F7AA6799E1366B5E91D65, 7A02C816DFBCCF47EDB49E5E2005A3D0B80719FAC94F9298D2DBAC63950EDA05 ] WebClient C:\WINDOWS\System32\webclnt.dll
12:34:39.0503 0x1598 WebClient - ok
12:34:39.0534 0x1598 [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
12:34:39.0565 0x1598 Wecsvc - ok
12:34:39.0565 0x1598 [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
12:34:39.0597 0x1598 WEPHOSTSVC - ok
12:34:39.0612 0x1598 [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
12:34:39.0643 0x1598 wercplsupport - ok
12:34:39.0659 0x1598 [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\WINDOWS\System32\WerSvc.dll
12:34:39.0675 0x1598 WerSvc - ok
12:34:39.0706 0x1598 [ BAB713B409258DB7B5D9F9693F802B0E, C0D0391EC4FDC07E0A07F4EEB2DC9CC5B2BE5D2E292E7D01929E8D39D6F73EA5 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
12:34:39.0737 0x1598 WFPLWFS - ok
12:34:39.0753 0x1598 [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
12:34:39.0784 0x1598 WiaRpc - ok
12:34:39.0800 0x1598 [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
12:34:39.0815 0x1598 WIMMount - ok
12:34:39.0815 0x1598 WinDefend - ok
12:34:39.0893 0x1598 [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
12:34:39.0925 0x1598 WinHttpAutoProxySvc - ok
12:34:39.0987 0x1598 [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
12:34:40.0034 0x1598 Winmgmt - ok
12:34:40.0144 0x1598 [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
12:34:40.0253 0x1598 WinRM - ok
12:34:40.0347 0x1598 [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
12:34:40.0409 0x1598 WlanSvc - ok
12:34:40.0472 0x1598 [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
12:34:40.0534 0x1598 wlidsvc - ok
12:34:40.0566 0x1598 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
12:34:40.0581 0x1598 WmiAcpi - ok
12:34:40.0628 0x1598 [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
12:34:40.0644 0x1598 wmiApSrv - ok
12:34:40.0675 0x1598 WMPNetworkSvc - ok
12:34:40.0706 0x1598 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\WINDOWS\system32\drivers\Wof.sys
12:34:40.0737 0x1598 Wof - ok
12:34:40.0784 0x1598 [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
12:34:40.0894 0x1598 workfolderssvc - ok
12:34:40.0925 0x1598 [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
12:34:40.0925 0x1598 wpcfltr - ok
12:34:40.0941 0x1598 [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
12:34:40.0972 0x1598 WPCSvc - ok
12:34:40.0987 0x1598 [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
12:34:41.0034 0x1598 WPDBusEnum - ok
12:34:41.0050 0x1598 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
12:34:41.0066 0x1598 WpdUpFltr - ok
12:34:41.0081 0x1598 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
12:34:41.0112 0x1598 ws2ifsl - ok
12:34:41.0128 0x1598 [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
12:34:41.0222 0x1598 wscsvc - ok
12:34:41.0237 0x1598 WSearch - ok
12:34:41.0362 0x1598 [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\WINDOWS\System32\WSService.dll
12:34:41.0503 0x1598 WSService - ok
12:34:41.0612 0x1598 [ 1B24547C96E1C656ED9A8E6B6F6FA03B, A15D1180D8A9011F0D5A2C8D801D34974D5AEA367FFFB96BD335448B17A2C142 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
12:34:41.0737 0x1598 wuauserv - ok
12:34:41.0784 0x1598 [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
12:34:41.0831 0x1598 WudfPf - ok
12:34:41.0847 0x1598 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
12:34:41.0878 0x1598 WUDFRd - ok
12:34:41.0894 0x1598 [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
12:34:41.0925 0x1598 wudfsvc - ok
12:34:41.0925 0x1598 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
12:34:41.0941 0x1598 WUDFWpdFs - ok
12:34:41.0972 0x1598 [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
12:34:42.0003 0x1598 WwanSvc - ok
12:34:42.0019 0x1598 {f2944598-b89f-4e10-b544-5173761572df}Gw64 - ok
12:34:42.0019 0x1598 ================ Scan global ===============================
12:34:42.0068 0x1598 [ 243F54DBA6EB48A369CA465E263ABA4A, 9D9F9DE783D000F3EA130EB68FD71319F21E4F1CD4232FB8B2F8A9A67E08F5F4 ] C:\WINDOWS\system32\basesrv.dll
12:34:42.0115 0x1598 [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll
12:34:42.0130 0x1598 [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll
12:34:42.0161 0x1598 [ 5BF02EBEFEDC706318C96E2E60EDCB91, DC866C5BC3A887CAAA7169AB9BB2992F6F877B3EA04B62B4F95B6BD54943155F ] C:\WINDOWS\system32\services.exe
12:34:42.0177 0x1598 [ Global ] - ok
12:34:42.0177 0x1598 ================ Scan MBR ==================================
12:34:42.0177 0x1598 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
12:34:42.0286 0x1598 \Device\Harddisk0\DR0 - ok
12:34:42.0302 0x1598 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
12:34:42.0505 0x1598 \Device\Harddisk1\DR1 - ok
12:34:42.0505 0x1598 ================ Scan VBR ==================================
12:34:42.0536 0x1598 [ 12A32DC54A5932C51FF38D50FDB83E1F ] \Device\Harddisk0\DR0\Partition1
12:34:42.0552 0x1598 \Device\Harddisk0\DR0\Partition1 - ok
12:34:42.0568 0x1598 [ 8195AC7F02DD2DE8BE9CF0DC92AE3B5A ] \Device\Harddisk0\DR0\Partition2
12:34:42.0568 0x1598 \Device\Harddisk0\DR0\Partition2 - ok
12:34:42.0583 0x1598 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
12:34:42.0583 0x1598 \Device\Harddisk0\DR0\Partition3 - ok
12:34:42.0599 0x1598 [ 42F2DAE7D846B6499F6923A18C513D19 ] \Device\Harddisk0\DR0\Partition4
12:34:42.0599 0x1598 \Device\Harddisk0\DR0\Partition4 - ok
12:34:42.0630 0x1598 [ 662ED4DBD6B4488DE1B6A2150295D68F ] \Device\Harddisk0\DR0\Partition5
12:34:42.0630 0x1598 \Device\Harddisk0\DR0\Partition5 - ok
12:34:42.0630 0x1598 [ 145B68D0E2C824FD3B6B29D4B4E21862 ] \Device\Harddisk0\DR0\Partition6
12:34:42.0646 0x1598 \Device\Harddisk0\DR0\Partition6 - ok
12:34:42.0646 0x1598 [ 54F60A1FEBB5E1736072A3AE2C5B1627 ] \Device\Harddisk0\DR0\Partition7
12:34:42.0646 0x1598 \Device\Harddisk0\DR0\Partition7 - ok
12:34:42.0661 0x1598 [ 636A9AA53C3110CC4616B76975580953 ] \Device\Harddisk0\DR0\Partition8
12:34:42.0661 0x1598 \Device\Harddisk0\DR0\Partition8 - ok
12:34:42.0661 0x1598 ================ Scan generic autorun ======================
12:34:42.0740 0x1598 [ 49BD5663071AA799AC0B1E6B48EB9257, 39364B7E08C87545B4E48264509D73800FE5B0A76E34E0B169DA489895820B22 ] C:\Program Files\IDT\WDM\beats64.exe
12:34:42.0755 0x1598 BeatsOSDApp - detected UnsignedFile.Multi.Generic ( 1 )
12:34:45.0302 0x1598 Detect skipped due to KSN trusted
12:34:45.0302 0x1598 BeatsOSDApp - ok
12:34:45.0380 0x1598 [ 94BFCE236D6340011721470E394056E3, 42A7808F6C53C268354E9E47F0689FE2B4717F61E97CBAA0ABF33E0275B908EF ] C:\Program Files\IDT\WDM\sttray64.exe
12:34:45.0443 0x1598 SysTrayApp - detected UnsignedFile.Multi.Generic ( 1 )
12:34:47.0740 0x1598 Detect skipped due to KSN trusted
12:34:47.0740 0x1598 SysTrayApp - ok
12:34:47.0834 0x1598 [ 73F1B07CF82235B25BCC3E9A7522ACCB, 47221B8DFF5A44050AFB0AB5A249FEECE36BE2E000D6529E099128EEDFA647DA ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
12:34:47.0865 0x1598 StartCCC - ok
12:34:47.0928 0x1598 [ BF52C0C77799E091AC68D339BED0C11D, 9590A875598BAA16BAE2DC1C0C4A2C57A249C1E86DE53B97CCA0913DA46DFA28 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
12:34:47.0943 0x1598 PSUAMain - ok
12:34:48.0022 0x1598 [ 308F2EE28005510DE616409148CF077B, A2126CB185B0053086BDD6F0A16A503F6CA629AC677E4B7AE6D43C770061D087 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
12:34:48.0022 0x1598 SunJavaUpdateSched - ok
12:34:48.0100 0x1598 [ 3BD79A1F6D2EA0FDDEA3F8914B2A6A0C, 332E6806EFF846A2E6D0DC04A70D3503855DABFA83E6EC27F37E2D9103E80E51 ] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
12:34:48.0115 0x1598 VirtualCloneDrive - ok
12:34:48.0256 0x1598 [ 30BDC4ED2EF99EB8CB6F0005B1DAA4AA, 45BA59198D99B60469CE2CD9DFC56EF94488B3AFDB7362B054373891F307D10A ] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
12:34:48.0397 0x1598 LogMeIn Hamachi Ui - ok
12:34:48.0537 0x1598 [ 08DFA176E4FC0E63ACD8EC854449D2B0, B8CA204C3F318CD9D12F61CDDA5C66184A48D6206F019AD11DB2605FDBEB288D ] C:\Users\HPPC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
12:34:48.0584 0x1598 Spotify Web Helper - ok
12:34:48.0584 0x1598 Waiting for KSN requests completion. In queue: 124
12:34:49.0600 0x1598 Waiting for KSN requests completion. In queue: 6
12:34:50.0600 0x1598 Waiting for KSN requests completion. In queue: 6
12:34:51.0616 0x1598 AV detected via SS2: Panda Free Antivirus, C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe ( 1.0.0.0 ), 0x70000 ( disabled : updated )
12:34:51.0631 0x1598 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.6.305.0 ), 0x60100 ( disabled : updated )
12:34:51.0631 0x1598 FW detected via SS2: Panda Firewall, C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe ( 1.0.0.0 ), 0x70010 ( disabled )
12:34:51.0631 0x1598 Win FW state via NFP2: disabled
12:34:53.0992 0x1598 ============================================================
12:34:53.0992 0x1598 Scan finished
12:34:53.0992 0x1598 ============================================================
12:34:54.0007 0x18c0 Detected object count: 0
12:34:54.0007 0x18c0 Actual detected object count: 0
|
|
25.02.2015, 17:56
| #6 |
| /// the machine /// TB-Ausbilder | Windows 8.1: Probleme nach Update Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ --> Windows 8.1: Probleme nach Update |
|
25.02.2015, 22:51
| #7 |
| | Windows 8.1: Probleme nach Update AdwCleaner Code:
ATTFilter # AdwCleaner v4.111 - Bericht erstellt 25/02/2015 um 22:16:41
# Aktualisiert 18/02/2015 von Xplode
# Datenbank : 2015-02-18.3 [Server]
# Betriebssystem : Windows 8.1 (x64)
# Benutzername : HPPC - HP
# Gestarted von : C:\Users\HPPC\Desktop\AdwCleaner_4.111.exe
# Option : Löschen
***** [ Dienste ] *****
[#] Dienst Gelöscht : {f2944598-b89f-4e10-b544-5173761572df}Gw64
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Users\HPPC\AppData\Local\Vosteran
Ordner Gelöscht : C:\Users\HPPC\AppData\Roaming\pdfforge
Datei Gelöscht : C:\Users\HPPC\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\rz80wx15.default\foxydeal.sqlite
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\Vosteran Browser
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17416
-\\ Cyberfox v
*************************
AdwCleaner[R0].txt - [2456 Bytes] - [25/02/2015 22:13:24]
AdwCleaner[S0].txt - [2131 Bytes] - [25/02/2015 22:16:41]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2190 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 8.1 x64
Ran by HPPC on 25.02.2015 at 22:19:33,97
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\WINDOWS\syswow64\ai_recyclebin"
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25.02.2015 at 22:21:45,19
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-02-2015 01
Ran by HPPC (administrator) on HP on 25-02-2015 22:22:22
Running from C:\Users\HPPC\Desktop
Loaded Profiles: HPPC (Available profiles: HPPC)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser path: "C:\Program Files\Cyberfox\Cyberfox.exe" -osint -url "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Spotify Ltd) C:\Users\HPPC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_1.0.2.8_x86__h6adky7gbf63m\W8.1EntryPoint.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2012-08-10] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-08-10] (IDT, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [37624 2014-07-24] (Panda Security, S.L.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-02-17] (LogMeIn Inc.)
HKLM\...\Winlogon: [Userinit] C:\WINDOWS\SysWOW64\userinit.exe,
HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\Run: [Spotify Web Helper] => C:\Users\HPPC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-12] (Spotify Ltd)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-3776727103-4227896957-2343858286-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\HPPC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [243880 2015-02-13] (Foxit Software Inc.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-02-16] (LogMeIn, Inc.)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [141560 2014-07-24] (Panda Security, S.L.)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [61688 2014-07-23] (Panda Security, S.L.)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-06-26] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-06-26] (pdfforge GmbH)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2014-07-24] (Panda Security, S.L.)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [321536 2012-08-10] (IDT, Inc.) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-03] (Advanced Micro Devices)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-02-17] (LogMeIn Inc.)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [96800 2014-06-04] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [162336 2014-06-18] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [112160 2014-06-04] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [115232 2014-06-04] (Panda Security, S.L.)
S1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [47360 2014-01-16] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [95776 2014-06-04] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [70176 2014-06-04] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [125984 2014-06-04] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [306720 2014-06-04] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [169504 2014-06-04] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [115744 2014-06-04] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [261152 2014-06-04] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [109088 2014-06-04] (Panda Security, S.L.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [160800 2014-07-24] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [120352 2014-07-24] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [195616 2014-07-24] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [122400 2014-07-24] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [132128 2014-07-24] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [106016 2014-07-24] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [60400 2014-03-25] (Panda Security, S.L.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-25 22:22 - 2015-02-25 22:22 - 00013405 _____ () C:\Users\HPPC\Desktop\FRST.txt
2015-02-25 22:21 - 2015-02-25 22:21 - 00000683 _____ () C:\Users\HPPC\Desktop\JRT.txt
2015-02-25 22:18 - 2015-02-25 22:18 - 00002286 _____ () C:\Users\HPPC\Desktop\AdwCleaner[S0].txt
2015-02-25 22:13 - 2015-02-25 22:16 - 00000000 ____D () C:\AdwCleaner
2015-02-25 22:12 - 2015-02-25 22:12 - 02087936 _____ (Farbar) C:\Users\HPPC\Desktop\FRST64.exe
2015-02-25 13:02 - 2015-02-25 13:02 - 06372800 _____ (Tim Kosse) C:\Users\HPPC\Downloads\FileZilla_3.10.1.1_win32-setup.exe
2015-02-24 22:22 - 2015-02-25 09:44 - 00000676 _____ () C:\WINDOWS\PFRO.log
2015-02-24 22:03 - 2015-02-25 09:44 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-02-24 22:03 - 2015-02-24 22:03 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-02-24 22:03 - 2015-02-24 22:03 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-24 22:01 - 2015-02-24 22:01 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-02-24 16:20 - 2015-02-25 22:22 - 00000000 ____D () C:\FRST
2015-02-24 12:51 - 2015-02-24 12:52 - 00001354 _____ () C:\Users\HPPC\Desktop\Shutdown.lnk
2015-02-24 12:04 - 2015-02-24 12:06 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-02-24 12:04 - 2015-01-29 17:49 - 116773704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-02-24 12:01 - 2014-04-16 00:35 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2015-02-24 12:01 - 2014-04-16 00:34 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2015-02-24 11:57 - 2014-09-22 04:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-02-24 11:57 - 2014-09-22 04:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-02-24 11:57 - 2014-09-22 03:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-02-24 11:57 - 2014-09-02 23:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-02-24 11:57 - 2014-09-02 23:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-02-24 11:51 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-02-24 11:51 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-02-24 11:51 - 2014-04-30 07:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2015-02-24 11:51 - 2014-04-30 07:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2015-02-24 11:49 - 2015-01-19 19:42 - 01487976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-02-24 11:48 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-02-24 11:48 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-02-24 11:47 - 2014-11-10 00:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-02-24 11:47 - 2014-11-10 00:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-02-24 11:47 - 2014-11-10 00:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-02-24 11:47 - 2014-11-10 00:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-02-24 11:46 - 2014-07-24 04:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2015-02-24 11:46 - 2014-07-24 04:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2015-02-23 23:22 - 2015-02-25 22:17 - 00002288 _____ () C:\WINDOWS\setupact.log
2015-02-23 23:22 - 2015-02-23 23:22 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-02-22 20:08 - 2015-02-22 20:12 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2015-02-22 15:37 - 2015-02-25 22:17 - 00000000 ___RD () C:\Users\HPPC\OneDrive
2015-02-22 15:34 - 2015-02-22 15:34 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2015-02-22 15:29 - 2015-02-22 15:29 - 00000000 ____D () C:\Users\HPPC\AppData\Local\AMD
2015-02-22 15:28 - 2015-02-22 15:28 - 00001456 _____ () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-02-22 15:28 - 2015-02-22 15:28 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\ATI
2015-02-22 15:28 - 2015-02-22 15:28 - 00000000 ____D () C:\Users\HPPC\AppData\Local\ATI
2015-02-22 15:28 - 2015-02-22 15:28 - 00000000 ____D () C:\ProgramData\ATI
2015-02-22 15:27 - 2015-02-22 15:27 - 00000020 ___SH () C:\Users\HPPC\ntuser.ini
2015-02-22 15:25 - 2015-02-22 15:25 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default\Startmenü
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-02-22 15:13 - 2015-02-22 15:13 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-02-22 15:13 - 2015-02-22 15:13 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2015-02-22 15:13 - 2015-02-22 15:13 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2015-02-22 15:10 - 2015-02-22 15:10 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2015-02-22 15:09 - 2015-02-22 15:25 - 00022863 _____ () C:\WINDOWS\diagwrn.xml
2015-02-22 15:09 - 2015-02-22 15:25 - 00022863 _____ () C:\WINDOWS\diagerr.xml
2015-02-22 15:08 - 2015-02-22 15:37 - 00000000 ____D () C:\Users\HPPC
2015-02-22 15:08 - 2015-02-22 15:09 - 00000000 ___RD () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-22 15:08 - 2015-02-22 15:08 - 00000000 _SHDL () C:\Users\HPPC\Vorlagen
2015-02-22 15:08 - 2015-02-22 15:08 - 00000000 _SHDL () C:\Users\HPPC\Startmenü
2015-02-22 15:08 - 2015-02-22 15:08 - 00000000 _SHDL () C:\Users\HPPC\Netzwerkumgebung
2015-02-22 15:08 - 2015-02-22 15:08 - 00000000 _SHDL () C:\Users\HPPC\Lokale Einstellungen
2015-02-22 15:08 - 2015-02-22 15:08 - 00000000 _SHDL () C:\Users\HPPC\Eigene Dateien
2015-02-22 15:08 - 2015-02-22 15:08 - 00000000 _SHDL () C:\Users\HPPC\Druckumgebung
2015-02-22 15:08 - 2015-02-22 15:08 - 00000000 _SHDL () C:\Users\HPPC\Documents\Eigene Musik
2015-02-22 15:08 - 2015-02-22 15:08 - 00000000 _SHDL () C:\Users\HPPC\Documents\Eigene Bilder
2015-02-22 15:08 - 2015-02-22 15:08 - 00000000 _SHDL () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-22 15:08 - 2015-02-22 15:08 - 00000000 _SHDL () C:\Users\HPPC\AppData\Local\Verlauf
2015-02-22 15:08 - 2015-02-22 15:08 - 00000000 _SHDL () C:\Users\HPPC\AppData\Local\Anwendungsdaten
2015-02-22 15:08 - 2015-02-22 15:08 - 00000000 _SHDL () C:\Users\HPPC\Anwendungsdaten
2015-02-22 15:08 - 2014-11-21 11:52 - 00000000 ___RD () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-02-22 15:08 - 2014-11-21 11:52 - 00000000 ___RD () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-02-22 15:08 - 2014-11-21 04:42 - 00000369 _____ () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-02-22 15:08 - 2014-11-21 04:42 - 00000369 _____ () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-02-22 15:08 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-02-22 15:02 - 2015-02-22 15:02 - 00060817 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201502221502333668.log
2015-02-22 15:02 - 2015-02-22 15:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-02-22 15:02 - 2015-02-22 15:02 - 00000000 ____D () C:\ProgramData\AMD
2015-02-22 15:02 - 2015-02-22 15:02 - 00000000 ____D () C:\Program Files\ATI Technologies
2015-02-22 15:01 - 2015-02-25 22:19 - 01178377 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-22 15:01 - 2015-02-22 15:02 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2015-02-22 15:01 - 2015-02-22 15:01 - 00000425 _____ () C:\WINDOWS\BRWMARK.INI
2015-02-22 15:01 - 2015-02-22 15:01 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-02-22 15:00 - 2015-02-22 15:00 - 00000000 ____D () C:\Program Files\AMD
2015-02-22 15:00 - 2015-02-22 15:00 - 00000000 _____ () C:\WINDOWS\ativpsrm.bin
2015-02-22 14:58 - 2015-02-23 10:57 - 00000000 ___DC () C:\WINDOWS\Panther
2015-02-22 14:55 - 2015-02-22 14:55 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-02-22 14:55 - 2015-02-22 14:55 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-02-22 14:55 - 2015-02-22 14:55 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-02-22 14:55 - 2015-02-22 14:55 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-02-22 14:55 - 2015-02-22 14:55 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-02-22 14:55 - 2015-02-22 14:55 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-02-22 14:55 - 2015-02-22 14:55 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-02-22 14:55 - 2015-02-22 14:55 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-02-22 14:55 - 2015-02-22 14:55 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-02-22 14:54 - 2015-02-22 14:54 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-02-22 14:54 - 2015-02-22 14:54 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-02-22 14:54 - 2015-02-22 14:54 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2015-02-22 14:54 - 2015-02-22 14:54 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2015-02-22 14:54 - 2015-02-22 14:54 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-02-22 14:54 - 2015-02-22 14:54 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-02-22 14:54 - 2015-02-22 14:54 - 00788680 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-02-22 14:54 - 2015-02-22 14:54 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-02-22 14:54 - 2015-02-22 14:54 - 00602776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-02-22 14:54 - 2015-02-22 14:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-02-22 14:54 - 2015-02-22 14:54 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-02-22 14:54 - 2015-02-22 14:54 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-02-22 14:54 - 2015-02-22 14:54 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-02-22 14:54 - 2015-02-22 14:54 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-02-22 14:53 - 2015-02-22 14:53 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-02-22 14:53 - 2015-02-22 14:53 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-02-22 14:53 - 2015-02-22 14:53 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-02-22 14:53 - 2015-02-22 14:53 - 00563504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-02-22 14:53 - 2015-02-22 14:53 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2015-02-22 14:53 - 2015-02-22 14:53 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-02-22 14:53 - 2015-02-22 14:53 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-02-22 14:53 - 2015-02-22 14:53 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2015-02-22 14:53 - 2015-02-22 14:53 - 00391526 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-02-22 14:53 - 2015-02-22 14:53 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-02-22 14:53 - 2015-02-22 14:53 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-02-22 14:53 - 2015-02-22 14:53 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-02-22 14:53 - 2015-02-22 14:53 - 00177984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-02-22 14:53 - 2015-02-22 14:53 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-02-22 14:53 - 2015-02-22 14:53 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-02-22 14:53 - 2015-02-22 14:53 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2015-02-22 14:53 - 2015-02-22 14:53 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 25056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 19740160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 14401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 12829184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-02-22 14:52 - 2015-02-22 14:52 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-02-22 14:52 - 2015-02-22 14:52 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-02-22 14:52 - 2015-02-22 14:52 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-02-22 14:52 - 2015-02-22 14:52 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-02-22 14:52 - 2015-02-22 14:52 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2015-02-22 14:52 - 2015-02-22 14:52 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2015-02-22 14:52 - 2015-02-22 14:52 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-02-22 14:52 - 2015-02-22 14:52 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-02-22 14:51 - 2015-02-22 14:51 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-02-22 14:51 - 2015-02-22 14:51 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-02-22 14:51 - 2015-02-22 14:51 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-02-22 14:51 - 2015-02-22 14:51 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-02-22 14:51 - 2015-02-22 14:51 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2015-02-22 14:51 - 2015-02-22 14:51 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2015-02-22 14:51 - 2015-02-22 14:51 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-02-22 14:51 - 2015-02-22 14:51 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-02-22 14:51 - 2015-02-22 14:51 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-02-22 14:51 - 2015-02-22 14:51 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2015-02-22 14:51 - 2015-02-22 14:51 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2015-02-22 14:51 - 2015-02-22 14:51 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2015-02-22 14:49 - 2015-02-22 14:49 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2015-02-22 14:49 - 2015-02-22 14:49 - 00000000 ____D () C:\Program Files\Reference Assemblies
2015-02-22 14:49 - 2015-02-22 14:49 - 00000000 ____D () C:\Program Files\MSBuild
2015-02-22 14:49 - 2015-02-22 14:49 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2015-02-22 14:49 - 2015-02-22 14:49 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-02-22 14:49 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-02-22 14:49 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-02-22 14:49 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-02-22 14:49 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-02-22 13:35 - 2015-02-22 13:35 - 00000136 _____ () C:\WINDOWS\system32\netcfg-135814.txt
2015-02-22 13:35 - 2015-02-22 13:35 - 00000134 _____ () C:\WINDOWS\system32\netcfg-130604.txt
2015-02-22 13:35 - 2015-02-22 13:35 - 00000134 _____ () C:\WINDOWS\system32\netcfg-123786.txt
2015-02-22 13:34 - 2014-03-25 14:15 - 00060400 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
2015-02-22 12:12 - 2015-02-22 12:12 - 00000131 _____ () C:\WINDOWS\system32\netcfg-1992846830.txt
2015-02-22 09:18 - 2015-02-22 09:18 - 00000132 _____ () C:\WINDOWS\system32\netcfg-1982392611.txt
2015-02-22 09:17 - 2015-02-22 09:17 - 00000139 _____ () C:\WINDOWS\system32\netcfg-1982334360.txt
2015-02-22 09:17 - 2015-02-22 09:17 - 00000139 _____ () C:\WINDOWS\system32\netcfg-1982324017.txt
2015-02-22 09:16 - 2015-02-22 09:16 - 00001078 _____ () C:\WINDOWS\system32\netcfg-1982279260.txt
2015-02-22 09:16 - 2015-02-22 09:16 - 00000139 _____ () C:\WINDOWS\system32\netcfg-1982318947.txt
2015-02-22 09:16 - 2015-02-22 09:16 - 00000139 _____ () C:\WINDOWS\system32\netcfg-1982268309.txt
2015-02-22 09:15 - 2015-02-22 15:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-02-22 09:15 - 2015-02-22 09:15 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2015-02-18 10:05 - 2015-02-18 10:05 - 00010878 _____ () C:\Users\HPPC\Documents\ftp_log_2015-02-17.gz
2015-02-17 22:58 - 2015-02-17 22:58 - 00014336 ___SH () C:\Users\HPPC\Thumbs.db
2015-02-17 18:21 - 2015-02-17 18:21 - 00044296 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys
2015-02-16 17:09 - 2015-02-22 15:14 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Project My Screen App
2015-02-16 17:09 - 2015-02-16 17:09 - 00000000 ____D () C:\Program Files (x86)\ProjectMyScreenApp
2015-02-15 22:20 - 2015-02-25 16:54 - 00000000 ____D () C:\Users\HPPC\Desktop\Yuri
2015-02-15 13:13 - 2015-02-18 17:16 - 00000000 ____D () C:\Users\HPPC\Desktop\FinVal
2015-01-30 12:33 - 2015-02-02 00:56 - 00000000 ___HD () C:\Users\HPPC\Downloads\AshSerena
2015-01-30 10:22 - 2015-01-30 10:22 - 00000117 _____ () C:\WINDOWS\system32\netcfg-82259.txt
2015-01-30 10:22 - 2015-01-30 10:22 - 00000117 _____ () C:\WINDOWS\system32\netcfg-79123.txt
2015-01-30 10:22 - 2015-01-30 10:22 - 00000117 _____ () C:\WINDOWS\system32\netcfg-76112.txt
2015-01-30 10:13 - 2015-01-30 10:13 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1463102021.txt
2015-01-30 10:13 - 2015-01-30 10:13 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1463101740.txt
2015-01-30 10:13 - 2015-01-30 10:13 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1463101537.txt
2015-01-30 10:13 - 2015-01-30 10:13 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1463096670.txt
2015-01-30 10:13 - 2015-01-30 10:13 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1463081350.txt
2015-01-30 10:13 - 2015-01-30 10:13 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1463079993.txt
2015-01-30 00:29 - 2015-01-30 00:29 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1428060265.txt
2015-01-30 00:29 - 2015-01-30 00:29 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1428060202.txt
2015-01-29 21:59 - 2015-01-29 21:59 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1419069007.txt
2015-01-29 21:59 - 2015-01-29 21:59 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1419056386.txt
2015-01-29 21:58 - 2015-01-29 21:58 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1419041270.txt
2015-01-29 21:58 - 2015-01-29 21:58 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1419039788.txt
2015-01-29 17:49 - 2015-01-29 17:49 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1404108012.txt
2015-01-29 17:49 - 2015-01-29 17:49 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1404107949.txt
2015-01-29 10:59 - 2015-01-29 10:59 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1379488839.txt
2015-01-29 10:59 - 2015-01-29 10:59 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1379488605.txt
2015-01-29 10:59 - 2015-01-29 10:59 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1379485001.txt
2015-01-29 10:59 - 2015-01-29 10:59 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1379483394.txt
2015-01-29 10:59 - 2015-01-29 10:59 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1379468278.txt
2015-01-29 10:59 - 2015-01-29 10:59 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1379467061.txt
2015-01-29 09:25 - 2015-01-29 09:25 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1373824333.txt
2015-01-29 09:25 - 2015-01-29 09:25 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1373824271.txt
2015-01-29 07:40 - 2015-01-29 07:40 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1367524342.txt
2015-01-29 07:40 - 2015-01-29 07:40 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1367524061.txt
2015-01-29 07:40 - 2015-01-29 07:40 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1367520052.txt
2015-01-29 07:40 - 2015-01-29 07:40 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1367518991.txt
2015-01-29 07:39 - 2015-01-29 07:39 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1367503937.txt
2015-01-29 07:39 - 2015-01-29 07:39 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1367502720.txt
2015-01-29 01:52 - 2015-01-29 01:52 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1346678771.txt
2015-01-29 01:52 - 2015-01-29 01:52 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1346678708.txt
2015-01-28 22:15 - 2015-01-28 22:15 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1333622985.txt
2015-01-28 22:15 - 2015-01-28 22:15 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1333622751.txt
2015-01-28 22:15 - 2015-01-28 22:15 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1333619506.txt
2015-01-28 22:14 - 2015-01-28 22:14 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1333617696.txt
2015-01-28 22:14 - 2015-01-28 22:14 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1333602455.txt
2015-01-28 22:14 - 2015-01-28 22:14 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1333600599.txt
2015-01-28 15:37 - 2015-01-28 15:37 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1309795127.txt
2015-01-28 15:37 - 2015-01-28 15:37 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1309795064.txt
2015-01-28 12:55 - 2015-01-28 12:56 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\redsn0w
2015-01-28 10:42 - 2015-01-28 10:44 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\Apple Computer
2015-01-28 10:42 - 2015-01-28 10:42 - 00000000 ____D () C:\Users\HPPC\AppData\Local\Apple Computer
2015-01-28 10:41 - 2015-02-22 19:12 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-01-28 10:41 - 2015-02-22 19:11 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-01-28 10:41 - 2015-01-28 10:41 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-01-28 10:41 - 2015-01-28 10:41 - 00000000 ____D () C:\Users\HPPC\AppData\Local\Apple
2015-01-28 10:41 - 2015-01-28 10:41 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-01-28 10:41 - 2015-01-28 10:41 - 00000000 ____D () C:\Program Files\Bonjour
2015-01-28 10:41 - 2015-01-28 10:41 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2015-01-28 10:41 - 2015-01-28 10:41 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2015-01-28 10:40 - 2015-01-28 10:41 - 00000000 ____D () C:\ProgramData\Apple
2015-01-28 09:10 - 2015-01-28 09:10 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1286525409.txt
2015-01-28 09:10 - 2015-01-28 09:10 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1286525160.txt
2015-01-28 09:10 - 2015-01-28 09:10 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1286522008.txt
2015-01-28 09:09 - 2015-01-28 09:09 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1286520090.txt
2015-01-28 09:09 - 2015-01-28 09:09 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1286504583.txt
2015-01-28 09:09 - 2015-01-28 09:09 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1286503413.txt
2015-01-28 01:27 - 2015-01-28 01:27 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1258746186.txt
2015-01-28 01:27 - 2015-01-28 01:27 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1258746140.txt
2015-01-28 00:46 - 2015-01-28 00:46 - 00000132 _____ () C:\WINDOWS\system32\netcfg-1256320059.txt
2015-01-28 00:46 - 2015-01-28 00:46 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1256323553.txt
2015-01-28 00:46 - 2015-01-28 00:46 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1256304677.txt
2015-01-28 00:45 - 2015-01-28 00:45 - 00000139 _____ () C:\WINDOWS\system32\netcfg-1256262058.txt
2015-01-28 00:45 - 2015-01-28 00:45 - 00000139 _____ () C:\WINDOWS\system32\netcfg-1256251824.txt
2015-01-28 00:45 - 2015-01-28 00:45 - 00000139 _____ () C:\WINDOWS\system32\netcfg-1256246754.txt
2015-01-28 00:45 - 2015-01-28 00:45 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1256235709.txt
2015-01-28 00:44 - 2015-01-28 00:44 - 00001078 _____ () C:\WINDOWS\system32\netcfg-1256207863.txt
2015-01-28 00:44 - 2015-01-28 00:44 - 00000139 _____ () C:\WINDOWS\system32\netcfg-1256196865.txt
2015-01-28 00:44 - 2015-01-28 00:44 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1256208097.txt
2015-01-28 00:44 - 2015-01-28 00:44 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1256200484.txt
2015-01-28 00:44 - 2015-01-28 00:44 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1256200437.txt
2015-01-27 21:57 - 2015-01-27 21:57 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1246173083.txt
2015-01-27 21:57 - 2015-01-27 21:57 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1246172865.txt
2015-01-27 21:57 - 2015-01-27 21:57 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1246169526.txt
2015-01-27 21:57 - 2015-01-27 21:57 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1246167763.txt
2015-01-27 21:57 - 2015-01-27 21:57 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1246152553.txt
2015-01-27 21:57 - 2015-01-27 21:57 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1246151180.txt
2015-01-27 17:50 - 2015-01-27 17:50 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1231372613.txt
2015-01-27 17:50 - 2015-01-27 17:50 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1231372566.txt
2015-01-27 09:55 - 2015-01-27 09:55 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1202881511.txt
2015-01-27 09:55 - 2015-01-27 09:55 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1202880481.txt
2015-01-27 09:55 - 2015-01-27 09:55 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1202879015.txt
2015-01-27 09:55 - 2015-01-27 09:55 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1202875396.txt
2015-01-27 09:55 - 2015-01-27 09:55 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1202860201.txt
2015-01-27 09:55 - 2015-01-27 09:55 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1202858984.txt
2015-01-27 02:39 - 2015-01-27 02:39 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1176709847.txt
2015-01-27 02:39 - 2015-01-27 02:39 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1176709800.txt
2015-01-26 15:38 - 2015-01-26 15:38 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1137059510.txt
2015-01-26 15:38 - 2015-01-26 15:38 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1137048075.txt
2015-01-26 15:38 - 2015-01-26 15:38 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1137032787.txt
2015-01-26 15:38 - 2015-01-26 15:38 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1137031601.txt
2015-01-26 09:51 - 2015-01-26 09:51 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1116221551.txt
2015-01-26 09:51 - 2015-01-26 09:51 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1116221505.txt
2015-01-26 08:37 - 2015-01-26 08:37 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1111752341.txt
2015-01-26 08:36 - 2015-01-26 08:36 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1111752123.txt
2015-01-26 08:36 - 2015-01-26 08:36 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1111748519.txt
2015-01-26 08:36 - 2015-01-26 08:36 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1111747037.txt
2015-01-26 08:36 - 2015-01-26 08:36 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1111731515.txt
2015-01-26 08:36 - 2015-01-26 08:36 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1111730407.txt
2015-01-26 01:55 - 2015-01-26 01:55 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1087688594.txt
2015-01-26 01:55 - 2015-01-26 01:55 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1087688547.txt
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-25 22:21 - 2014-11-21 04:35 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-02-25 22:21 - 2014-11-21 03:45 - 00764340 _____ () C:\WINDOWS\system32\perfh007.dat
2015-02-25 22:21 - 2014-11-21 03:45 - 00159160 _____ () C:\WINDOWS\system32\perfc007.dat
2015-02-25 22:17 - 2014-08-25 20:37 - 00000000 ____D () C:\Users\HPPC\AppData\Local\LogMeIn Hamachi
2015-02-25 22:17 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-25 22:16 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-02-25 22:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-02-25 16:51 - 2014-08-26 13:14 - 32269312 ___SH () C:\Users\HPPC\Desktop\Thumbs.db
2015-02-25 16:50 - 2014-08-20 11:40 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\FileZilla
2015-02-25 16:43 - 2014-08-14 20:21 - 00000000 ___RD () C:\Users\HPPC\Desktop\Programme
2015-02-25 02:35 - 2014-08-14 19:40 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\Skype
2015-02-24 22:22 - 2014-11-21 04:13 - 00000000 ____D () C:\WINDOWS\ShellNew
2015-02-24 12:13 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-24 12:13 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-24 12:13 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2015-02-24 12:13 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2015-02-24 12:13 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-02-24 12:13 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-02-24 12:12 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-02-24 12:04 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-02-23 23:30 - 2014-08-17 14:42 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\vlc
2015-02-23 11:09 - 2014-08-09 14:11 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3776727103-4227896957-2343858286-1001
2015-02-23 10:57 - 2014-08-16 21:15 - 00000000 ____D () C:\Users\HPPC\AppData\Local\CrashDumps
2015-02-22 20:59 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-02-22 20:54 - 2014-08-07 21:58 - 00000000 ____D () C:\Users\HPPC\AppData\Local\Packages
2015-02-22 20:08 - 2014-08-13 19:07 - 00000045 _____ () C:\WINDOWS\SysWOW64\initdebug.nfo
2015-02-22 19:10 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2015-02-22 15:29 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Registration
2015-02-22 15:28 - 2014-08-07 21:58 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2015-02-22 15:26 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-02-22 15:25 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT
2015-02-22 15:25 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default
2015-02-22 15:23 - 2013-08-22 16:36 - 00000000 __RSD () C:\WINDOWS\Media
2015-02-22 15:23 - 2013-08-22 16:36 - 00000000 __RHD () C:\Users\Public\Libraries
2015-02-22 15:22 - 2014-08-09 14:17 - 00000000 ____D () C:\ProgramData\SoundResearch
2015-02-22 15:16 - 2013-08-22 15:44 - 04940552 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-02-22 15:14 - 2015-01-05 23:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\gg Ragnarok Online
2015-02-22 15:14 - 2014-12-06 19:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-02-22 15:14 - 2014-12-03 13:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4
2015-02-22 15:14 - 2014-11-27 12:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amnesia - The Dark Descent
2015-02-22 15:14 - 2014-11-14 11:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
2015-02-22 15:14 - 2014-10-06 11:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Splashtop Remote
2015-02-22 15:14 - 2014-09-16 21:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-02-22 15:14 - 2014-09-03 10:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 2
2015-02-22 15:14 - 2014-09-03 10:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2015-02-22 15:14 - 2014-09-02 10:05 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2015-02-22 15:14 - 2014-08-27 08:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dear Esther
2015-02-22 15:14 - 2014-08-27 08:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-02-22 15:14 - 2014-08-27 08:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2015-02-22 15:14 - 2014-08-19 13:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7
2015-02-22 15:14 - 2014-08-17 13:17 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2015-02-22 15:14 - 2014-08-17 08:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RPG Maker XP
2015-02-22 15:14 - 2014-08-17 08:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RPG Maker 2003
2015-02-22 15:14 - 2014-08-16 21:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-02-22 15:14 - 2014-08-16 21:05 - 00000000 ____D () C:\ProgramData\regid.1995-08.com.techsmith
2015-02-22 15:14 - 2014-08-16 21:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2015-02-22 15:14 - 2014-08-16 11:51 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-22 15:14 - 2014-08-15 17:21 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2015-02-22 15:14 - 2014-08-15 17:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-02-22 15:14 - 2014-08-15 15:25 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-02-22 15:14 - 2014-08-15 15:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-02-22 15:14 - 2014-08-14 20:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-02-22 15:14 - 2014-08-14 19:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus
2015-02-22 15:14 - 2014-08-14 19:33 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cyberfox
2015-02-22 15:14 - 2014-08-13 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2015-02-22 15:13 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2015-02-22 15:13 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2015-02-22 15:13 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\system32\WCN
2015-02-22 15:13 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2015-02-22 15:13 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2015-02-22 15:13 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2015-02-22 15:13 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2015-02-22 15:13 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2015-02-22 15:13 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2015-02-22 15:13 - 2012-07-26 06:37 - 00000000 ____D () C:\Users\Default.migrated
2015-02-22 15:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-02-22 15:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2015-02-22 15:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2015-02-22 15:11 - 2014-11-26 10:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gravity
2015-02-22 15:11 - 2014-10-06 13:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SEGA
2015-02-22 15:11 - 2014-08-17 01:38 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2015-02-22 15:11 - 2014-08-15 17:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KONAMI
2015-02-22 15:11 - 2014-08-15 17:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2015-02-22 15:11 - 2014-08-07 21:58 - 00000000 ____D () C:\ProgramData\PRICache
2015-02-22 15:11 - 2013-08-22 16:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2015-02-22 15:11 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2015-02-22 15:11 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2015-02-22 15:11 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\IME
2015-02-22 15:11 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Help
2015-02-22 15:11 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-02-22 15:10 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2015-02-22 15:09 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\GroupPolicy
2015-02-22 15:04 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2015-02-22 14:57 - 2013-08-22 16:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2015-02-22 14:57 - 2012-08-01 18:05 - 00000000 __SHD () C:\Recovery
2015-02-22 14:54 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-02-22 14:53 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2015-02-19 15:25 - 2014-09-26 14:44 - 00001456 _____ () C:\Users\HPPC\AppData\Local\Adobe Für Web speichern 11.0 Prefs
2015-02-18 17:13 - 2014-08-16 11:52 - 00000000 ___RD () C:\Users\HPPC\Dropbox
2015-02-18 17:13 - 2014-08-16 11:49 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\Dropbox
2015-02-17 15:36 - 2014-08-16 11:25 - 00000000 ___RD () C:\Users\HPPC\Desktop\Sonstiges
2015-02-15 00:31 - 2014-08-14 19:33 - 00000977 _____ () C:\Users\Public\Desktop\Cyberfox.lnk
2015-02-14 10:14 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2015-02-12 00:17 - 2014-08-15 15:23 - 00000000 ___RD () C:\Users\HPPC\Desktop\Emulation
2015-02-11 15:54 - 2014-11-26 11:01 - 00000000 ___RD () C:\Users\HPPC\Desktop\Bilder
2015-02-08 13:04 - 2014-08-15 17:19 - 00000000 ____D () C:\Users\HPPC\AppData\Local\JDownloader v2.0
2015-02-08 13:03 - 2015-01-12 11:43 - 00000000 ____D () C:\Users\HPPC\Downloads\3DS
2015-02-05 12:32 - 2014-12-03 13:32 - 00000000 ___HD () C:\Users\HPPC\Downloads\NaruHina
2015-02-03 20:31 - 2014-11-21 12:01 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-02-03 20:31 - 2014-11-21 12:01 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-30 10:22 - 2012-07-26 06:26 - 00000194 _____ () C:\WINDOWS\win.ini
==================== Files in the root of some directories =======
2014-08-18 01:24 - 2014-08-19 11:20 - 0000132 _____ () C:\Users\HPPC\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-09-26 14:44 - 2015-02-19 15:25 - 0001456 _____ () C:\Users\HPPC\AppData\Local\Adobe Für Web speichern 11.0 Prefs
2014-08-27 14:56 - 2014-09-11 13:07 - 0005120 _____ () C:\Users\HPPC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Some content of TEMP:
====================
C:\Users\HPPC\AppData\Local\Temp\Quarantine.exe
C:\Users\HPPC\AppData\Local\Temp\sfamcc00001.dll
C:\Users\HPPC\AppData\Local\Temp\sfareca00001.dll
C:\Users\HPPC\AppData\Local\Temp\sfextra.dll
C:\Users\HPPC\AppData\Local\Temp\SkypeSetup.exe
C:\Users\HPPC\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-22 14:59
==================== End Of Log ============================
--- --- --- --- --- --- --- --- --- --- --- --- --- --- --- Addition Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-02-2015 01
Ran by HPPC at 2015-02-25 22:23:45
Running from C:\Users\HPPC\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Panda Free Antivirus (Enabled - Up to date) {5FD6C936-849B-5CE2-14BA-709E1D6FD1DA}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Free Antivirus (Enabled - Up to date) {E4B728D2-A2A1-536C-2E0A-4BEC66E89B67}
FW: Panda Firewall (Disabled) {67ED4813-CEF4-5DBA-3FE5-D9ABE3BC96A1}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Amnesia - The Dark Descent (HKLM-x32\...\{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1) (Version: 1.0.0 - Frictional Games)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Camtasia Studio 8 (HKLM-x32\...\{3F3A5785-81E3-4065-B643-B4933790AE1E}) (Version: 8.1.1.1313 - TechSmith Corporation)
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5000 - CDBurnerXP)
Crazy Taxi (HKLM-x32\...\Steam App 71230) (Version: - SEGA)
Cyberfox Web Browser (HKLM\...\{5EFB52C0-4EC9-46B4-80EB-8432C6599641}_is1) (Version: 31.0.1.0 - 8pecxstudios)
Dear Esther Version 1.0 (HKLM-x32\...\Dear Esther_is1) (Version: 1.0 - TheChineseRoom)
Dropbox (HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)
FINAL FANTASY XIII-2 (HKLM-x32\...\Steam App 292140) (Version: - SQUARE ENIX)
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 2.8.49.213 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.0.6.1126 - Foxit Software Inc.)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
gg Ragnarok Online Version 1.0.1 (HKLM-x32\...\{0E66E992-D520-4053-8AB0-D0FE32CBCDFD}_is1) (Version: 1.0.1 - gg Ragnarok Online)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6418.0 - IDT)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.319 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.319 - LogMeIn, Inc.) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
NiGHTS into Dreams... (HKLM-x32\...\Steam App 219950) (Version: - SEGA)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.03 - Panda Security)
Panda Devices Agent (x32 Version: 1.05.00 - Panda Security) Hidden
Panda Free Antivirus (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 15.00.01.0000 - Panda Security)
Panda Free Antivirus (Version: 7.23.00.0000 - Panda Security) Hidden
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version: - OVERKILL Software)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)
PDF Architect 2 View Module (HKLM-x32\...\{C960FF38-431D-429D-AD1F-FBD12A45B7C5}) (Version: 2.0.17.17583 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
PHANTASY STAR UNIVERSE (HKLM-x32\...\PHANTASY STAR UNIVERSE_is1) (Version: - SEGA SONIC TEAM)
PhotoFiltre 7 (HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\PhotoFiltre 7) (Version: - )
Project My Screen App (HKLM-x32\...\{DF901456-7160-49DB-977B-0E91858CA2CB}) (Version: 8.0.12349 - Microsoft Corporation)
Ragnarök Online (HKLM-x32\...\{55725CAB-ED4D-4169-A22E-20249EFCF2B5}) (Version: 14.1 - Gravity)
Resident Evil 6 / Biohazard 6 (HKLM-x32\...\Steam App 221040) (Version: - Capcom)
RGSS-RTP Standard (HKLM-x32\...\{5A9FE525-8B8F-4701-A937-7F6745A4E9C7}) (Version: 1.0.0 - Enterbrain)
RPG Maker 2003 v1.08 (HKLM-x32\...\RPG Maker 2003_is1) (Version: - Enterbrain, Inc.)
RPG Maker XP (HKLM-x32\...\RPGXP_E_is1) (Version: 1.05 - Enterbrain)
SILENT HILL 3 (HKLM-x32\...\InstallShield_{14D10AAC-9737-454E-A247-8075C26C30E1}) (Version: 1.00.0000 - Konami Computer Entertainment Tokyo, Inc.)
SILENT HILL 3 (x32 Version: 1.00.0000 - Konami Computer Entertainment Tokyo, Inc.) Hidden
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Sonic & All-Stars Racing Transformed (HKLM-x32\...\Steam App 212480) (Version: - Sumo Digital)
Sonic Adventure DX (HKLM-x32\...\Steam App 71250) (Version: - SEGA)
Sonic Generations (HKLM-x32\...\Steam App 71340) (Version: - Devil's Details)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.15 - Splashtop Inc.)
Splashtop Streamer (HKLM-x32\...\{B7C5EA94-B96A-41F5-BE95-25D78B486678}) (Version: 2.6.0.4 - Splashtop Inc.)
Spotify (HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Last Remnant (HKLM-x32\...\Steam App 23310) (Version: - SQUARE ENIX)
The Sims 4 Version 1.0 u1 (HKLM-x32\...\{27B947C0-320C-4997-9681-1E7010A15896}_is1) (Version: 1.0 u1 - EA Games)
Thief (HKLM-x32\...\Steam App 239160) (Version: - Eidos-Montréal)
Unity Web Player (HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\UnityWebPlayer) (Version: 4.5.4f1 - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
==================== Restore Points =========================
22-02-2015 19:10:23 Removed iTunes
24-02-2015 22:20:42 Malwarebytes Anti-Rootkit Restore Point
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {242456D4-526B-4A93-8BC6-589121653F72} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\WINDOWS\SYSTEM32\OOBE\SETUPSQM.EXE [2014-11-21] (Microsoft Corporation)
Task: {26307C61-2BD7-45FB-9910-F4A494F26755} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {DE77922F-28A5-4104-A766-C5E679082657} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-01-29] (Microsoft Corporation)
==================== Loaded Modules (whitelisted) ==============
2014-07-04 21:33 - 2014-07-04 21:33 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2015-02-22 20:53 - 2015-02-22 20:54 - 13208576 _____ () C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_1.0.2.8_x86__h6adky7gbf63m\W8.1EntryPoint.exe
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-04-12 18:23 - 2013-04-12 18:23 - 00612664 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll
2015-02-22 20:53 - 2015-02-22 20:54 - 00041472 _____ () C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_1.0.2.8_x86__h6adky7gbf63m\IGPLib_Windows_8.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00168448 _____ () C:\Users\HPPC\AppData\Local\Packages\a278ab0d.dragonmanialegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\IGPBridgeLibrary\6a121e97dca2ce33538218b71dcfad7e\IGPBridgeLibrary.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 03530752 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.UI.Xaml\0b2afd93fc0545b7b94339e8a4a7af97\Windows.UI.Xaml.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00269312 _____ () C:\Users\HPPC\AppData\Local\Packages\a278ab0d.dragonmanialegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\IGPWindows8\fc37e1035c5d382043aa5a6ff512c125\IGPWindows8.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00239616 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Gloaae92e31#\94af4549db265c6f339c287c8675d234\Windows.Globalization.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00402432 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Security\ae4a1bf110c1a12f619514bde2b27939\Windows.Security.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00133120 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.System\c639835fe3da556a2cbe2e03540996c0\Windows.System.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00808448 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Storage\7abff64c7c1ea1fae5bd170c8238b73e\Windows.Storage.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00228864 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Foundation\16c3eb7650767d95d002c998d0c73eb5\Windows.Foundation.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 01131008 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.App640a3541#\72dff8d45b73e9b02b3838d29765607a\Windows.ApplicationModel.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00330240 _____ () C:\Users\HPPC\AppData\Local\Packages\a278ab0d.dragonmanialegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\FacebookRun67b5d43e#\aa9b3c3c2ae71b296094e32b2938820c\FacebookRuntimeComponent.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00080896 _____ () C:\Users\HPPC\AppData\Local\Packages\a278ab0d.dragonmanialegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\InGameBrowserLibrary\9789ec5e3948754d168d3d659a1480be\InGameBrowserLibrary.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00960000 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.UI\8ddd8ad15fe3fb05a871ef0115fb84e2\Windows.UI.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00337920 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Data\98644a649e9bf9e880f2e97889501b07\Windows.Data.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00403456 _____ () C:\Users\HPPC\AppData\Local\Packages\a278ab0d.dragonmanialegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\Notificatioc5a47191#\e0958749e97c3f3e06015513bd6d9fff\NotificationsExtensions.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00050688 _____ () C:\Users\HPPC\AppData\Local\Packages\a278ab0d.dragonmanialegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\W8_1EntryPoint\639d6719378b5ec9cb0660bc8e875504\W8_1EntryPoint.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 01282048 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Devices\4764145200fcd33a90ced1505892fce6\Windows.Devices.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00304128 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Graphics\eff020aac8737300c74dee47a69c9bbf\Windows.Graphics.ni.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\HPPC\OneDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\HPPC\AppData\Roaming\8pecxstudios\Cyberfox\Desktop Background.bmp
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
==================== Accounts: =============================
Administrator (S-1-5-21-3776727103-4227896957-2343858286-500 - Administrator - Disabled)
Gast (S-1-5-21-3776727103-4227896957-2343858286-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3776727103-4227896957-2343858286-1006 - Limited - Enabled)
HPPC (S-1-5-21-3776727103-4227896957-2343858286-1001 - Administrator - Enabled) => C:\Users\HPPC
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Processor: AMD A10-5700 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 19%
Total physical RAM: 6039.32 MB
Available physical RAM: 4851.66 MB
Total Pagefile: 6999.32 MB
Available Pagefile: 5628.08 MB
Total Virtual: 131072 MB
Available Virtual: 131071.85 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:452.14 GB) (Free:333.23 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:10.92 GB) (Free:0.94 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (Spiele+Programme) (Fixed) (Total:454.22 GB) (Free:43.8 GB) NTFS
Drive j: (Sonstiges) (Fixed) (Total:244.41 GB) (Free:235.56 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 52E55227)
Partition: GPT Partition Type.
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 00000001)
Partition 1: (Not Active) - (Size=993 KB) - (Type=42)
Partition 2: (Active) - (Size=454.2 GB) - (Type=42)
Partition 3: (Not Active) - (Size=244.4 GB) - (Type=42)
==================== End Of Log ============================
hxxp://www.directupload.net/file/d/3909/9q98cjck_png.htm Wie kann das sein? Ich habe da sicher nichts geändert, und Panda an sich war aus. Geändert von Kaitosan (25.02.2015 um 22:57 Uhr) |
|
26.02.2015, 13:15
| #8 |
| /// the machine /// TB-Ausbilder | Windows 8.1: Probleme nach Update Kann ich so auch nicht sagen. Rechner komplett neu starten, kommt es dann wieder vor? ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
26.02.2015, 15:18
| #9 |
| | Windows 8.1: Probleme nach Update Jau, Panda startet sich halt 4 mal beim Systemstart. Nur wie bekomme ich das weg? ESET hat scheinbar auch was bei Panda selbst gefunden... ESET: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=34e051d27c5cf241808d5caa1ad3f453
# engine=22659
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-02-26 12:57:52
# local_time=2015-02-26 01:57:52 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='Panda Cloud Antivirus'
# compatibility_mode=1552 16777213 75 93 349576 211151446 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 179056 20717324 0 0
# scanned=71725
# found=5
# cleaned=0
# scan_time=1886
sh=E5A22D682B5B9C1F5AD1E1F7D98E685772BED8FC ft=0 fh=0000000000000000 vn="JS/Astromenda.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HPPC\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\js\background.js.vir"
sh=F2A8917500E1C6B9E4ADD5299BAF66B57DD4EB63 ft=0 fh=0000000000000000 vn="JS/Astromenda.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HPPC\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\js\bootstrap.js.vir"
sh=CE3159B58A6DFF52E43F2445A4E094B983DD0EBA ft=0 fh=0000000000000000 vn="JS/Astromenda.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HPPC\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\js\newtab.js.vir"
sh=FD7368BFE59CB6D2E4853110A8BDE09937D30BFA ft=0 fh=0000000000000000 vn="JS/Astromenda.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HPPC\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\js\opentab.js.vir"
sh=39124F7BD6F91DA2179011F51AF1B068D6FEE8A9 ft=1 fh=c719b2fe67e3bb02 vn="Variante von Win32/Toolbar.Visicom.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Panda Security\Panda Security Protection\Tools\PandaSecurityTb.exe"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=34e051d27c5cf241808d5caa1ad3f453
# engine=22659
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-02-26 02:03:21
# local_time=2015-02-26 03:03:21 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='Panda Cloud Antivirus'
# compatibility_mode=1552 16777213 75 93 357105 211155375 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 186585 20721253 0 0
# scanned=183692
# found=5
# cleaned=0
# scan_time=3417
sh=E5A22D682B5B9C1F5AD1E1F7D98E685772BED8FC ft=0 fh=0000000000000000 vn="JS/Astromenda.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HPPC\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\js\background.js.vir"
sh=F2A8917500E1C6B9E4ADD5299BAF66B57DD4EB63 ft=0 fh=0000000000000000 vn="JS/Astromenda.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HPPC\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\js\bootstrap.js.vir"
sh=CE3159B58A6DFF52E43F2445A4E094B983DD0EBA ft=0 fh=0000000000000000 vn="JS/Astromenda.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HPPC\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\js\newtab.js.vir"
sh=FD7368BFE59CB6D2E4853110A8BDE09937D30BFA ft=0 fh=0000000000000000 vn="JS/Astromenda.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HPPC\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\js\opentab.js.vir"
sh=39124F7BD6F91DA2179011F51AF1B068D6FEE8A9 ft=1 fh=c719b2fe67e3bb02 vn="Variante von Win32/Toolbar.Visicom.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Panda Security\Panda Security Protection\Tools\PandaSecurityTb.exe"
Code:
ATTFilter Results of screen317's Security Check version 0.99.96
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Panda Free Antivirus
Windows Defender
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 67
Java version 32-bit out of Date!
Java 64-bit 8 Update 31
Adobe Flash Player 14.0.0.179 Flash Player out of Date!
Adobe Reader XI
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-02-2015 01
Ran by HPPC (administrator) on HP on 26-02-2015 15:13:32
Running from C:\Users\HPPC\Desktop
Loaded Profiles: HPPC (Available profiles: HPPC)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser path: "C:\Program Files\Cyberfox\Cyberfox.exe" -osint -url "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Spotify Ltd) C:\Users\HPPC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(8pecxstudios) C:\Program Files\Cyberfox\Cyberfox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2012-08-10] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-08-10] (IDT, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [37624 2014-07-24] (Panda Security, S.L.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-02-17] (LogMeIn Inc.)
HKLM\...\Winlogon: [Userinit] C:\WINDOWS\SysWOW64\userinit.exe,
HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\Run: [Spotify Web Helper] => C:\Users\HPPC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-12] (Spotify Ltd)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-3776727103-4227896957-2343858286-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\HPPC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
S2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [243880 2015-02-13] (Foxit Software Inc.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-02-16] (LogMeIn, Inc.)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [141560 2014-07-24] (Panda Security, S.L.)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [61688 2014-07-23] (Panda Security, S.L.)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-06-26] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-06-26] (pdfforge GmbH)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2014-07-24] (Panda Security, S.L.)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [321536 2012-08-10] (IDT, Inc.) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-03] (Advanced Micro Devices)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-02-17] (LogMeIn Inc.)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [96800 2014-06-04] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [162336 2014-06-18] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [112160 2014-06-04] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [115232 2014-06-04] (Panda Security, S.L.)
S1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [47360 2014-01-16] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [95776 2014-06-04] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [70176 2014-06-04] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [125984 2014-06-04] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [306720 2014-06-04] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [169504 2014-06-04] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [115744 2014-06-04] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [261152 2014-06-04] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [109088 2014-06-04] (Panda Security, S.L.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [160800 2014-07-24] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [120352 2014-07-24] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [195616 2014-07-24] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [122400 2014-07-24] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [132128 2014-07-24] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [106016 2014-07-24] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [60400 2014-03-25] (Panda Security, S.L.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-26 15:13 - 2015-02-26 15:13 - 02087936 _____ (Farbar) C:\Users\HPPC\Desktop\FRST64.exe
2015-02-26 15:13 - 2015-02-26 15:13 - 00012993 _____ () C:\Users\HPPC\Desktop\FRST.txt
2015-02-26 02:42 - 2015-02-26 02:42 - 00007605 _____ () C:\Users\HPPC\AppData\Local\Resmon.ResmonCfg
2015-02-25 22:13 - 2015-02-25 22:16 - 00000000 ____D () C:\AdwCleaner
2015-02-24 22:22 - 2015-02-25 09:44 - 00000676 _____ () C:\WINDOWS\PFRO.log
2015-02-24 22:03 - 2015-02-25 09:44 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-02-24 22:03 - 2015-02-24 22:03 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-02-24 22:03 - 2015-02-24 22:03 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-24 22:01 - 2015-02-24 22:01 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-02-24 16:20 - 2015-02-26 15:13 - 00000000 ____D () C:\FRST
2015-02-24 12:51 - 2015-02-24 12:52 - 00001354 _____ () C:\Users\HPPC\Desktop\Shutdown.lnk
2015-02-24 12:04 - 2015-02-24 12:06 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-02-24 12:04 - 2015-01-29 17:49 - 116773704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-02-24 12:01 - 2014-04-16 00:35 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2015-02-24 12:01 - 2014-04-16 00:34 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2015-02-24 11:57 - 2014-09-22 04:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-02-24 11:57 - 2014-09-22 04:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-02-24 11:57 - 2014-09-22 03:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-02-24 11:57 - 2014-09-02 23:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-02-24 11:57 - 2014-09-02 23:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-02-24 11:51 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-02-24 11:51 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-02-24 11:51 - 2014-04-30 07:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2015-02-24 11:51 - 2014-04-30 07:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2015-02-24 11:49 - 2015-01-19 19:42 - 01487976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-02-24 11:48 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-02-24 11:48 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-02-24 11:47 - 2014-11-10 00:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-02-24 11:47 - 2014-11-10 00:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-02-24 11:47 - 2014-11-10 00:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-02-24 11:47 - 2014-11-10 00:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-02-24 11:46 - 2014-07-24 04:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2015-02-24 11:46 - 2014-07-24 04:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2015-02-23 23:22 - 2015-02-25 22:27 - 00002365 _____ () C:\WINDOWS\setupact.log
2015-02-23 23:22 - 2015-02-23 23:22 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-02-22 20:08 - 2015-02-22 20:12 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2015-02-22 15:37 - 2015-02-25 22:27 - 00000000 ___RD () C:\Users\HPPC\OneDrive
2015-02-22 15:34 - 2015-02-22 15:34 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2015-02-22 15:29 - 2015-02-22 15:29 - 00000000 ____D () C:\Users\HPPC\AppData\Local\AMD
2015-02-22 15:28 - 2015-02-22 15:28 - 00001456 _____ () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-02-22 15:28 - 2015-02-22 15:28 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\ATI
2015-02-22 15:28 - 2015-02-22 15:28 - 00000000 ____D () C:\Users\HPPC\AppData\Local\ATI
2015-02-22 15:28 - 2015-02-22 15:28 - 00000000 ____D () C:\ProgramData\ATI
2015-02-22 15:27 - 2015-02-22 15:27 - 00000020 ___SH () C:\Users\HPPC\ntuser.ini
2015-02-22 15:25 - 2015-02-22 15:25 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default\Startmenü
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-02-22 15:13 - 2015-02-22 15:13 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-02-22 15:13 - 2015-02-22 15:13 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2015-02-22 15:13 - 2015-02-22 15:13 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2015-02-22 15:10 - 2015-02-22 15:10 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2015-02-22 15:09 - 2015-02-22 15:25 - 00022863 _____ () C:\WINDOWS\diagwrn.xml
2015-02-22 15:09 - 2015-02-22 15:25 - 00022863 _____ () C:\WINDOWS\diagerr.xml
2015-02-22 15:08 - 2015-02-26 00:14 - 00000000 ____D () C:\Users\HPPC
2015-02-22 15:08 - 2015-02-22 15:09 - 00000000 ___RD () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-22 15:08 - 2015-02-22 15:08 - 00000000 _SHDL () C:\Users\HPPC\Vorlagen
2015-02-22 15:08 - 2015-02-22 15:08 - 00000000 _SHDL () C:\Users\HPPC\Startmenü
2015-02-22 15:08 - 2015-02-22 15:08 - 00000000 _SHDL () C:\Users\HPPC\Netzwerkumgebung
2015-02-22 15:08 - 2015-02-22 15:08 - 00000000 _SHDL () C:\Users\HPPC\Lokale Einstellungen
2015-02-22 15:08 - 2015-02-22 15:08 - 00000000 _SHDL () C:\Users\HPPC\Eigene Dateien
2015-02-22 15:08 - 2015-02-22 15:08 - 00000000 _SHDL () C:\Users\HPPC\Druckumgebung
2015-02-22 15:08 - 2015-02-22 15:08 - 00000000 _SHDL () C:\Users\HPPC\Documents\Eigene Musik
2015-02-22 15:08 - 2015-02-22 15:08 - 00000000 _SHDL () C:\Users\HPPC\Documents\Eigene Bilder
2015-02-22 15:08 - 2015-02-22 15:08 - 00000000 _SHDL () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-22 15:08 - 2015-02-22 15:08 - 00000000 _SHDL () C:\Users\HPPC\AppData\Local\Verlauf
2015-02-22 15:08 - 2015-02-22 15:08 - 00000000 _SHDL () C:\Users\HPPC\AppData\Local\Anwendungsdaten
2015-02-22 15:08 - 2015-02-22 15:08 - 00000000 _SHDL () C:\Users\HPPC\Anwendungsdaten
2015-02-22 15:08 - 2014-11-21 11:52 - 00000000 ___RD () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-02-22 15:08 - 2014-11-21 11:52 - 00000000 ___RD () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-02-22 15:08 - 2014-11-21 04:42 - 00000369 _____ () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-02-22 15:08 - 2014-11-21 04:42 - 00000369 _____ () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-02-22 15:08 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-02-22 15:02 - 2015-02-22 15:02 - 00060817 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201502221502333668.log
2015-02-22 15:02 - 2015-02-22 15:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-02-22 15:02 - 2015-02-22 15:02 - 00000000 ____D () C:\ProgramData\AMD
2015-02-22 15:02 - 2015-02-22 15:02 - 00000000 ____D () C:\Program Files\ATI Technologies
2015-02-22 15:01 - 2015-02-26 07:02 - 01230335 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-22 15:01 - 2015-02-22 15:02 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2015-02-22 15:01 - 2015-02-22 15:01 - 00000425 _____ () C:\WINDOWS\BRWMARK.INI
2015-02-22 15:01 - 2015-02-22 15:01 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-02-22 15:00 - 2015-02-22 15:00 - 00000000 ____D () C:\Program Files\AMD
2015-02-22 15:00 - 2015-02-22 15:00 - 00000000 _____ () C:\WINDOWS\ativpsrm.bin
2015-02-22 14:58 - 2015-02-23 10:57 - 00000000 ___DC () C:\WINDOWS\Panther
2015-02-22 14:55 - 2015-02-22 14:55 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-02-22 14:55 - 2015-02-22 14:55 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-02-22 14:55 - 2015-02-22 14:55 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-02-22 14:55 - 2015-02-22 14:55 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-02-22 14:55 - 2015-02-22 14:55 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-02-22 14:55 - 2015-02-22 14:55 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-02-22 14:55 - 2015-02-22 14:55 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-02-22 14:55 - 2015-02-22 14:55 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-02-22 14:55 - 2015-02-22 14:55 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-02-22 14:54 - 2015-02-22 14:54 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-02-22 14:54 - 2015-02-22 14:54 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-02-22 14:54 - 2015-02-22 14:54 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2015-02-22 14:54 - 2015-02-22 14:54 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2015-02-22 14:54 - 2015-02-22 14:54 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-02-22 14:54 - 2015-02-22 14:54 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-02-22 14:54 - 2015-02-22 14:54 - 00788680 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-02-22 14:54 - 2015-02-22 14:54 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-02-22 14:54 - 2015-02-22 14:54 - 00602776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-02-22 14:54 - 2015-02-22 14:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-02-22 14:54 - 2015-02-22 14:54 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-02-22 14:54 - 2015-02-22 14:54 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-02-22 14:54 - 2015-02-22 14:54 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-02-22 14:54 - 2015-02-22 14:54 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-02-22 14:53 - 2015-02-22 14:53 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-02-22 14:53 - 2015-02-22 14:53 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-02-22 14:53 - 2015-02-22 14:53 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-02-22 14:53 - 2015-02-22 14:53 - 00563504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-02-22 14:53 - 2015-02-22 14:53 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2015-02-22 14:53 - 2015-02-22 14:53 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-02-22 14:53 - 2015-02-22 14:53 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-02-22 14:53 - 2015-02-22 14:53 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2015-02-22 14:53 - 2015-02-22 14:53 - 00391526 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-02-22 14:53 - 2015-02-22 14:53 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-02-22 14:53 - 2015-02-22 14:53 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-02-22 14:53 - 2015-02-22 14:53 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-02-22 14:53 - 2015-02-22 14:53 - 00177984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-02-22 14:53 - 2015-02-22 14:53 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-02-22 14:53 - 2015-02-22 14:53 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-02-22 14:53 - 2015-02-22 14:53 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2015-02-22 14:53 - 2015-02-22 14:53 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 25056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 19740160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 14401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 12829184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-02-22 14:52 - 2015-02-22 14:52 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-02-22 14:52 - 2015-02-22 14:52 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-02-22 14:52 - 2015-02-22 14:52 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-02-22 14:52 - 2015-02-22 14:52 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-02-22 14:52 - 2015-02-22 14:52 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2015-02-22 14:52 - 2015-02-22 14:52 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2015-02-22 14:52 - 2015-02-22 14:52 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-02-22 14:52 - 2015-02-22 14:52 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-02-22 14:51 - 2015-02-22 14:51 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-02-22 14:51 - 2015-02-22 14:51 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-02-22 14:51 - 2015-02-22 14:51 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-02-22 14:51 - 2015-02-22 14:51 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-02-22 14:51 - 2015-02-22 14:51 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2015-02-22 14:51 - 2015-02-22 14:51 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2015-02-22 14:51 - 2015-02-22 14:51 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-02-22 14:51 - 2015-02-22 14:51 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-02-22 14:51 - 2015-02-22 14:51 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-02-22 14:51 - 2015-02-22 14:51 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2015-02-22 14:51 - 2015-02-22 14:51 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2015-02-22 14:51 - 2015-02-22 14:51 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2015-02-22 14:49 - 2015-02-22 14:49 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2015-02-22 14:49 - 2015-02-22 14:49 - 00000000 ____D () C:\Program Files\Reference Assemblies
2015-02-22 14:49 - 2015-02-22 14:49 - 00000000 ____D () C:\Program Files\MSBuild
2015-02-22 14:49 - 2015-02-22 14:49 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2015-02-22 14:49 - 2015-02-22 14:49 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-02-22 14:49 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-02-22 14:49 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-02-22 14:49 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-02-22 14:49 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-02-22 13:35 - 2015-02-22 13:35 - 00000136 _____ () C:\WINDOWS\system32\netcfg-135814.txt
2015-02-22 13:35 - 2015-02-22 13:35 - 00000134 _____ () C:\WINDOWS\system32\netcfg-130604.txt
2015-02-22 13:35 - 2015-02-22 13:35 - 00000134 _____ () C:\WINDOWS\system32\netcfg-123786.txt
2015-02-22 13:34 - 2014-03-25 14:15 - 00060400 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
2015-02-22 12:12 - 2015-02-22 12:12 - 00000131 _____ () C:\WINDOWS\system32\netcfg-1992846830.txt
2015-02-22 09:18 - 2015-02-22 09:18 - 00000132 _____ () C:\WINDOWS\system32\netcfg-1982392611.txt
2015-02-22 09:17 - 2015-02-22 09:17 - 00000139 _____ () C:\WINDOWS\system32\netcfg-1982334360.txt
2015-02-22 09:17 - 2015-02-22 09:17 - 00000139 _____ () C:\WINDOWS\system32\netcfg-1982324017.txt
2015-02-22 09:16 - 2015-02-22 09:16 - 00001078 _____ () C:\WINDOWS\system32\netcfg-1982279260.txt
2015-02-22 09:16 - 2015-02-22 09:16 - 00000139 _____ () C:\WINDOWS\system32\netcfg-1982318947.txt
2015-02-22 09:16 - 2015-02-22 09:16 - 00000139 _____ () C:\WINDOWS\system32\netcfg-1982268309.txt
2015-02-22 09:15 - 2015-02-22 15:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-02-22 09:15 - 2015-02-22 09:15 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2015-02-18 10:05 - 2015-02-18 10:05 - 00010878 _____ () C:\Users\HPPC\Documents\ftp_log_2015-02-17.gz
2015-02-17 22:58 - 2015-02-26 00:14 - 00033792 ___SH () C:\Users\HPPC\Thumbs.db
2015-02-17 18:21 - 2015-02-17 18:21 - 00044296 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys
2015-02-16 17:09 - 2015-02-22 15:14 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Project My Screen App
2015-02-16 17:09 - 2015-02-16 17:09 - 00000000 ____D () C:\Program Files (x86)\ProjectMyScreenApp
2015-02-15 22:20 - 2015-02-26 12:57 - 00000000 ____D () C:\Users\HPPC\Desktop\Yuri
2015-02-15 13:13 - 2015-02-18 17:16 - 00000000 ____D () C:\Users\HPPC\Desktop\FinVal
2015-01-30 10:22 - 2015-01-30 10:22 - 00000117 _____ () C:\WINDOWS\system32\netcfg-82259.txt
2015-01-30 10:22 - 2015-01-30 10:22 - 00000117 _____ () C:\WINDOWS\system32\netcfg-79123.txt
2015-01-30 10:22 - 2015-01-30 10:22 - 00000117 _____ () C:\WINDOWS\system32\netcfg-76112.txt
2015-01-30 10:13 - 2015-01-30 10:13 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1463102021.txt
2015-01-30 10:13 - 2015-01-30 10:13 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1463101740.txt
2015-01-30 10:13 - 2015-01-30 10:13 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1463101537.txt
2015-01-30 10:13 - 2015-01-30 10:13 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1463096670.txt
2015-01-30 10:13 - 2015-01-30 10:13 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1463081350.txt
2015-01-30 10:13 - 2015-01-30 10:13 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1463079993.txt
2015-01-30 00:29 - 2015-01-30 00:29 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1428060265.txt
2015-01-30 00:29 - 2015-01-30 00:29 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1428060202.txt
2015-01-29 21:59 - 2015-01-29 21:59 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1419069007.txt
2015-01-29 21:59 - 2015-01-29 21:59 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1419056386.txt
2015-01-29 21:58 - 2015-01-29 21:58 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1419041270.txt
2015-01-29 21:58 - 2015-01-29 21:58 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1419039788.txt
2015-01-29 17:49 - 2015-01-29 17:49 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1404108012.txt
2015-01-29 17:49 - 2015-01-29 17:49 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1404107949.txt
2015-01-29 10:59 - 2015-01-29 10:59 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1379488839.txt
2015-01-29 10:59 - 2015-01-29 10:59 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1379488605.txt
2015-01-29 10:59 - 2015-01-29 10:59 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1379485001.txt
2015-01-29 10:59 - 2015-01-29 10:59 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1379483394.txt
2015-01-29 10:59 - 2015-01-29 10:59 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1379468278.txt
2015-01-29 10:59 - 2015-01-29 10:59 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1379467061.txt
2015-01-29 09:25 - 2015-01-29 09:25 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1373824333.txt
2015-01-29 09:25 - 2015-01-29 09:25 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1373824271.txt
2015-01-29 07:40 - 2015-01-29 07:40 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1367524342.txt
2015-01-29 07:40 - 2015-01-29 07:40 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1367524061.txt
2015-01-29 07:40 - 2015-01-29 07:40 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1367520052.txt
2015-01-29 07:40 - 2015-01-29 07:40 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1367518991.txt
2015-01-29 07:39 - 2015-01-29 07:39 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1367503937.txt
2015-01-29 07:39 - 2015-01-29 07:39 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1367502720.txt
2015-01-29 01:52 - 2015-01-29 01:52 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1346678771.txt
2015-01-29 01:52 - 2015-01-29 01:52 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1346678708.txt
2015-01-28 22:15 - 2015-01-28 22:15 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1333622985.txt
2015-01-28 22:15 - 2015-01-28 22:15 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1333622751.txt
2015-01-28 22:15 - 2015-01-28 22:15 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1333619506.txt
2015-01-28 22:14 - 2015-01-28 22:14 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1333617696.txt
2015-01-28 22:14 - 2015-01-28 22:14 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1333602455.txt
2015-01-28 22:14 - 2015-01-28 22:14 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1333600599.txt
2015-01-28 15:37 - 2015-01-28 15:37 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1309795127.txt
2015-01-28 15:37 - 2015-01-28 15:37 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1309795064.txt
2015-01-28 12:55 - 2015-01-28 12:56 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\redsn0w
2015-01-28 10:42 - 2015-01-28 10:44 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\Apple Computer
2015-01-28 10:42 - 2015-01-28 10:42 - 00000000 ____D () C:\Users\HPPC\AppData\Local\Apple Computer
2015-01-28 10:41 - 2015-02-22 19:12 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-01-28 10:41 - 2015-02-22 19:11 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-01-28 10:41 - 2015-01-28 10:41 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-01-28 10:41 - 2015-01-28 10:41 - 00000000 ____D () C:\Users\HPPC\AppData\Local\Apple
2015-01-28 10:41 - 2015-01-28 10:41 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-01-28 10:41 - 2015-01-28 10:41 - 00000000 ____D () C:\Program Files\Bonjour
2015-01-28 10:41 - 2015-01-28 10:41 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2015-01-28 10:41 - 2015-01-28 10:41 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2015-01-28 10:40 - 2015-01-28 10:41 - 00000000 ____D () C:\ProgramData\Apple
2015-01-28 09:10 - 2015-01-28 09:10 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1286525409.txt
2015-01-28 09:10 - 2015-01-28 09:10 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1286525160.txt
2015-01-28 09:10 - 2015-01-28 09:10 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1286522008.txt
2015-01-28 09:09 - 2015-01-28 09:09 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1286520090.txt
2015-01-28 09:09 - 2015-01-28 09:09 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1286504583.txt
2015-01-28 09:09 - 2015-01-28 09:09 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1286503413.txt
2015-01-28 01:27 - 2015-01-28 01:27 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1258746186.txt
2015-01-28 01:27 - 2015-01-28 01:27 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1258746140.txt
2015-01-28 00:46 - 2015-01-28 00:46 - 00000132 _____ () C:\WINDOWS\system32\netcfg-1256320059.txt
2015-01-28 00:46 - 2015-01-28 00:46 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1256323553.txt
2015-01-28 00:46 - 2015-01-28 00:46 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1256304677.txt
2015-01-28 00:45 - 2015-01-28 00:45 - 00000139 _____ () C:\WINDOWS\system32\netcfg-1256262058.txt
2015-01-28 00:45 - 2015-01-28 00:45 - 00000139 _____ () C:\WINDOWS\system32\netcfg-1256251824.txt
2015-01-28 00:45 - 2015-01-28 00:45 - 00000139 _____ () C:\WINDOWS\system32\netcfg-1256246754.txt
2015-01-28 00:45 - 2015-01-28 00:45 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1256235709.txt
2015-01-28 00:44 - 2015-01-28 00:44 - 00001078 _____ () C:\WINDOWS\system32\netcfg-1256207863.txt
2015-01-28 00:44 - 2015-01-28 00:44 - 00000139 _____ () C:\WINDOWS\system32\netcfg-1256196865.txt
2015-01-28 00:44 - 2015-01-28 00:44 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1256208097.txt
2015-01-28 00:44 - 2015-01-28 00:44 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1256200484.txt
2015-01-28 00:44 - 2015-01-28 00:44 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1256200437.txt
2015-01-27 21:57 - 2015-01-27 21:57 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1246173083.txt
2015-01-27 21:57 - 2015-01-27 21:57 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1246172865.txt
2015-01-27 21:57 - 2015-01-27 21:57 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1246169526.txt
2015-01-27 21:57 - 2015-01-27 21:57 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1246167763.txt
2015-01-27 21:57 - 2015-01-27 21:57 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1246152553.txt
2015-01-27 21:57 - 2015-01-27 21:57 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1246151180.txt
2015-01-27 17:50 - 2015-01-27 17:50 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1231372613.txt
2015-01-27 17:50 - 2015-01-27 17:50 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1231372566.txt
2015-01-27 09:55 - 2015-01-27 09:55 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1202881511.txt
2015-01-27 09:55 - 2015-01-27 09:55 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1202880481.txt
2015-01-27 09:55 - 2015-01-27 09:55 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1202879015.txt
2015-01-27 09:55 - 2015-01-27 09:55 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1202875396.txt
2015-01-27 09:55 - 2015-01-27 09:55 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1202860201.txt
2015-01-27 09:55 - 2015-01-27 09:55 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1202858984.txt
2015-01-27 02:39 - 2015-01-27 02:39 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1176709847.txt
2015-01-27 02:39 - 2015-01-27 02:39 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1176709800.txt
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-26 15:03 - 2014-08-09 14:11 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3776727103-4227896957-2343858286-1001
2015-02-26 15:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-02-26 14:04 - 2014-11-23 12:43 - 00000000 ____D () C:\Users\HPPC\Downloads\Sonstige
2015-02-26 14:02 - 2014-08-14 20:21 - 00000000 ___RD () C:\Users\HPPC\Desktop\Spiele
2015-02-26 14:02 - 2014-08-14 20:21 - 00000000 ___RD () C:\Users\HPPC\Desktop\Programme
2015-02-26 13:58 - 2014-09-02 13:11 - 00284160 ___SH () C:\Users\HPPC\Downloads\Thumbs.db
2015-02-26 13:24 - 2014-08-25 20:37 - 00000000 ____D () C:\Users\HPPC\AppData\Local\LogMeIn Hamachi
2015-02-26 02:30 - 2014-08-14 19:40 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\Skype
2015-02-26 01:09 - 2014-08-26 13:14 - 32559104 ___SH () C:\Users\HPPC\Desktop\Thumbs.db
2015-02-25 23:25 - 2014-08-17 14:42 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\vlc
2015-02-25 22:31 - 2014-11-21 04:35 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-02-25 22:31 - 2014-11-21 03:45 - 00764340 _____ () C:\WINDOWS\system32\perfh007.dat
2015-02-25 22:31 - 2014-11-21 03:45 - 00159160 _____ () C:\WINDOWS\system32\perfc007.dat
2015-02-25 22:27 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-25 22:16 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-02-25 16:50 - 2014-08-20 11:40 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\FileZilla
2015-02-24 22:22 - 2014-11-21 04:13 - 00000000 ____D () C:\WINDOWS\ShellNew
2015-02-24 12:13 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-24 12:13 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-24 12:13 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2015-02-24 12:13 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2015-02-24 12:13 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-02-24 12:13 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-02-24 12:12 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-02-24 12:04 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-02-23 10:57 - 2014-08-16 21:15 - 00000000 ____D () C:\Users\HPPC\AppData\Local\CrashDumps
2015-02-22 20:59 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-02-22 20:54 - 2014-08-07 21:58 - 00000000 ____D () C:\Users\HPPC\AppData\Local\Packages
2015-02-22 20:08 - 2014-08-13 19:07 - 00000045 _____ () C:\WINDOWS\SysWOW64\initdebug.nfo
2015-02-22 19:10 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2015-02-22 15:29 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Registration
2015-02-22 15:28 - 2014-08-07 21:58 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2015-02-22 15:26 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-02-22 15:25 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT
2015-02-22 15:25 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default
2015-02-22 15:23 - 2013-08-22 16:36 - 00000000 __RSD () C:\WINDOWS\Media
2015-02-22 15:23 - 2013-08-22 16:36 - 00000000 __RHD () C:\Users\Public\Libraries
2015-02-22 15:22 - 2014-08-09 14:17 - 00000000 ____D () C:\ProgramData\SoundResearch
2015-02-22 15:16 - 2013-08-22 15:44 - 04940552 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-02-22 15:14 - 2015-01-05 23:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\gg Ragnarok Online
2015-02-22 15:14 - 2014-12-06 19:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-02-22 15:14 - 2014-11-27 12:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amnesia - The Dark Descent
2015-02-22 15:14 - 2014-11-14 11:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
2015-02-22 15:14 - 2014-10-06 11:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Splashtop Remote
2015-02-22 15:14 - 2014-09-16 21:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-02-22 15:14 - 2014-09-03 10:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 2
2015-02-22 15:14 - 2014-09-03 10:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2015-02-22 15:14 - 2014-09-02 10:05 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2015-02-22 15:14 - 2014-08-27 08:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dear Esther
2015-02-22 15:14 - 2014-08-27 08:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-02-22 15:14 - 2014-08-27 08:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2015-02-22 15:14 - 2014-08-19 13:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7
2015-02-22 15:14 - 2014-08-17 13:17 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2015-02-22 15:14 - 2014-08-17 08:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RPG Maker XP
2015-02-22 15:14 - 2014-08-17 08:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RPG Maker 2003
2015-02-22 15:14 - 2014-08-16 21:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-02-22 15:14 - 2014-08-16 21:05 - 00000000 ____D () C:\ProgramData\regid.1995-08.com.techsmith
2015-02-22 15:14 - 2014-08-16 21:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2015-02-22 15:14 - 2014-08-16 11:51 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-22 15:14 - 2014-08-15 17:21 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2015-02-22 15:14 - 2014-08-15 17:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-02-22 15:14 - 2014-08-15 15:25 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-02-22 15:14 - 2014-08-15 15:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-02-22 15:14 - 2014-08-14 20:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-02-22 15:14 - 2014-08-14 19:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus
2015-02-22 15:14 - 2014-08-14 19:33 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cyberfox
2015-02-22 15:14 - 2014-08-13 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2015-02-22 15:13 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2015-02-22 15:13 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2015-02-22 15:13 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\system32\WCN
2015-02-22 15:13 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2015-02-22 15:13 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2015-02-22 15:13 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2015-02-22 15:13 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2015-02-22 15:13 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2015-02-22 15:13 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2015-02-22 15:13 - 2012-07-26 06:37 - 00000000 ____D () C:\Users\Default.migrated
2015-02-22 15:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-02-22 15:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2015-02-22 15:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2015-02-22 15:11 - 2014-11-26 10:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gravity
2015-02-22 15:11 - 2014-10-06 13:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SEGA
2015-02-22 15:11 - 2014-08-17 01:38 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2015-02-22 15:11 - 2014-08-15 17:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KONAMI
2015-02-22 15:11 - 2014-08-15 17:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2015-02-22 15:11 - 2014-08-07 21:58 - 00000000 ____D () C:\ProgramData\PRICache
2015-02-22 15:11 - 2013-08-22 16:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2015-02-22 15:11 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2015-02-22 15:11 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2015-02-22 15:11 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\IME
2015-02-22 15:11 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Help
2015-02-22 15:11 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-02-22 15:10 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2015-02-22 15:09 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\GroupPolicy
2015-02-22 15:04 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2015-02-22 14:57 - 2013-08-22 16:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2015-02-22 14:57 - 2012-08-01 18:05 - 00000000 __SHD () C:\Recovery
2015-02-22 14:54 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-02-22 14:53 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2015-02-19 15:25 - 2014-09-26 14:44 - 00001456 _____ () C:\Users\HPPC\AppData\Local\Adobe Für Web speichern 11.0 Prefs
2015-02-18 17:13 - 2014-08-16 11:52 - 00000000 ___RD () C:\Users\HPPC\Dropbox
2015-02-18 17:13 - 2014-08-16 11:49 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\Dropbox
2015-02-17 15:36 - 2014-08-16 11:25 - 00000000 ___RD () C:\Users\HPPC\Desktop\Sonstiges
2015-02-15 00:31 - 2014-08-14 19:33 - 00000977 _____ () C:\Users\Public\Desktop\Cyberfox.lnk
2015-02-14 10:14 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2015-02-12 00:17 - 2014-08-15 15:23 - 00000000 ___RD () C:\Users\HPPC\Desktop\Emulation
2015-02-11 15:54 - 2014-11-26 11:01 - 00000000 ___RD () C:\Users\HPPC\Desktop\Bilder
2015-02-08 13:04 - 2014-08-15 17:19 - 00000000 ____D () C:\Users\HPPC\AppData\Local\JDownloader v2.0
2015-02-08 13:03 - 2015-01-12 11:43 - 00000000 ____D () C:\Users\HPPC\Downloads\3DS
2015-02-03 20:31 - 2014-11-21 12:01 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-02-03 20:31 - 2014-11-21 12:01 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-30 10:22 - 2012-07-26 06:26 - 00000194 _____ () C:\WINDOWS\win.ini
==================== Files in the root of some directories =======
2014-08-18 01:24 - 2014-08-19 11:20 - 0000132 _____ () C:\Users\HPPC\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-09-26 14:44 - 2015-02-19 15:25 - 0001456 _____ () C:\Users\HPPC\AppData\Local\Adobe Für Web speichern 11.0 Prefs
2014-08-27 14:56 - 2014-09-11 13:07 - 0005120 _____ () C:\Users\HPPC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-26 02:42 - 2015-02-26 02:42 - 0007605 _____ () C:\Users\HPPC\AppData\Local\Resmon.ResmonCfg
Some content of TEMP:
====================
C:\Users\HPPC\AppData\Local\Temp\Quarantine.exe
C:\Users\HPPC\AppData\Local\Temp\sfamcc00001.dll
C:\Users\HPPC\AppData\Local\Temp\sfareca00001.dll
C:\Users\HPPC\AppData\Local\Temp\sfextra.dll
C:\Users\HPPC\AppData\Local\Temp\SkypeSetup.exe
C:\Users\HPPC\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-22 14:59
==================== End Of Log ============================
--- --- --- Addition: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-02-2015 01
Ran by HPPC at 2015-02-26 15:14:44
Running from C:\Users\HPPC\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Panda Free Antivirus (Disabled - Up to date) {5FD6C936-849B-5CE2-14BA-709E1D6FD1DA}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Free Antivirus (Disabled - Up to date) {E4B728D2-A2A1-536C-2E0A-4BEC66E89B67}
FW: Panda Firewall (Disabled) {67ED4813-CEF4-5DBA-3FE5-D9ABE3BC96A1}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Amnesia - The Dark Descent (HKLM-x32\...\{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1) (Version: 1.0.0 - Frictional Games)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Camtasia Studio 8 (HKLM-x32\...\{3F3A5785-81E3-4065-B643-B4933790AE1E}) (Version: 8.1.1.1313 - TechSmith Corporation)
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5000 - CDBurnerXP)
Crazy Taxi (HKLM-x32\...\Steam App 71230) (Version: - SEGA)
Cyberfox Web Browser (HKLM\...\{5EFB52C0-4EC9-46B4-80EB-8432C6599641}_is1) (Version: 31.0.1.0 - 8pecxstudios)
Dear Esther Version 1.0 (HKLM-x32\...\Dear Esther_is1) (Version: 1.0 - TheChineseRoom)
Dropbox (HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)
FINAL FANTASY XIII-2 (HKLM-x32\...\Steam App 292140) (Version: - SQUARE ENIX)
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 2.8.49.213 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.0.6.1126 - Foxit Software Inc.)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
gg Ragnarok Online Version 1.0.1 (HKLM-x32\...\{0E66E992-D520-4053-8AB0-D0FE32CBCDFD}_is1) (Version: 1.0.1 - gg Ragnarok Online)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6418.0 - IDT)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.319 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.319 - LogMeIn, Inc.) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
NiGHTS into Dreams... (HKLM-x32\...\Steam App 219950) (Version: - SEGA)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.03 - Panda Security)
Panda Devices Agent (x32 Version: 1.05.00 - Panda Security) Hidden
Panda Free Antivirus (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 15.00.01.0000 - Panda Security)
Panda Free Antivirus (Version: 7.23.00.0000 - Panda Security) Hidden
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version: - OVERKILL Software)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)
PDF Architect 2 View Module (HKLM-x32\...\{C960FF38-431D-429D-AD1F-FBD12A45B7C5}) (Version: 2.0.17.17583 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
PHANTASY STAR UNIVERSE (HKLM-x32\...\PHANTASY STAR UNIVERSE_is1) (Version: - SEGA SONIC TEAM)
PhotoFiltre 7 (HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\PhotoFiltre 7) (Version: - )
Project My Screen App (HKLM-x32\...\{DF901456-7160-49DB-977B-0E91858CA2CB}) (Version: 8.0.12349 - Microsoft Corporation)
Ragnarök Online (HKLM-x32\...\{55725CAB-ED4D-4169-A22E-20249EFCF2B5}) (Version: 14.1 - Gravity)
Resident Evil 6 / Biohazard 6 (HKLM-x32\...\Steam App 221040) (Version: - Capcom)
RGSS-RTP Standard (HKLM-x32\...\{5A9FE525-8B8F-4701-A937-7F6745A4E9C7}) (Version: 1.0.0 - Enterbrain)
RPG Maker 2003 v1.08 (HKLM-x32\...\RPG Maker 2003_is1) (Version: - Enterbrain, Inc.)
RPG Maker XP (HKLM-x32\...\RPGXP_E_is1) (Version: 1.05 - Enterbrain)
SILENT HILL 3 (HKLM-x32\...\InstallShield_{14D10AAC-9737-454E-A247-8075C26C30E1}) (Version: 1.00.0000 - Konami Computer Entertainment Tokyo, Inc.)
SILENT HILL 3 (x32 Version: 1.00.0000 - Konami Computer Entertainment Tokyo, Inc.) Hidden
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Sonic & All-Stars Racing Transformed (HKLM-x32\...\Steam App 212480) (Version: - Sumo Digital)
Sonic Adventure DX (HKLM-x32\...\Steam App 71250) (Version: - SEGA)
Sonic Generations (HKLM-x32\...\Steam App 71340) (Version: - Devil's Details)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.15 - Splashtop Inc.)
Splashtop Streamer (HKLM-x32\...\{B7C5EA94-B96A-41F5-BE95-25D78B486678}) (Version: 2.6.0.4 - Splashtop Inc.)
Spotify (HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Last Remnant (HKLM-x32\...\Steam App 23310) (Version: - SQUARE ENIX)
Thief (HKLM-x32\...\Steam App 239160) (Version: - Eidos-Montréal)
Unity Web Player (HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\UnityWebPlayer) (Version: 4.5.4f1 - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
==================== Restore Points =========================
22-02-2015 19:10:23 Removed iTunes
24-02-2015 22:20:42 Malwarebytes Anti-Rootkit Restore Point
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {21437426-FE31-4169-96BB-B0AE3EE3B1A3} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-01-29] (Microsoft Corporation)
Task: {242456D4-526B-4A93-8BC6-589121653F72} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\WINDOWS\SYSTEM32\OOBE\SETUPSQM.EXE [2014-11-21] (Microsoft Corporation)
Task: {26307C61-2BD7-45FB-9910-F4A494F26755} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
==================== Loaded Modules (whitelisted) ==============
2014-07-04 21:33 - 2014-07-04 21:33 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-08-14 19:33 - 2014-07-29 12:35 - 04652712 _____ () C:\Program Files\Cyberfox\mozjs.dll
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-04-12 18:23 - 2013-04-12 18:23 - 00612664 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll
2015-02-22 20:53 - 2015-02-22 20:54 - 13208576 _____ () C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_1.0.2.8_x86__h6adky7gbf63m\W8.1EntryPoint.exe
2015-02-22 20:53 - 2015-02-22 20:54 - 00041472 _____ () C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_1.0.2.8_x86__h6adky7gbf63m\IGPLib_Windows_8.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00168448 _____ () C:\Users\HPPC\AppData\Local\Packages\a278ab0d.dragonmanialegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\IGPBridgeLibrary\6a121e97dca2ce33538218b71dcfad7e\IGPBridgeLibrary.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 03530752 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.UI.Xaml\0b2afd93fc0545b7b94339e8a4a7af97\Windows.UI.Xaml.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00269312 _____ () C:\Users\HPPC\AppData\Local\Packages\a278ab0d.dragonmanialegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\IGPWindows8\fc37e1035c5d382043aa5a6ff512c125\IGPWindows8.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00239616 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Gloaae92e31#\94af4549db265c6f339c287c8675d234\Windows.Globalization.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00402432 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Security\ae4a1bf110c1a12f619514bde2b27939\Windows.Security.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00133120 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.System\c639835fe3da556a2cbe2e03540996c0\Windows.System.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00808448 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Storage\7abff64c7c1ea1fae5bd170c8238b73e\Windows.Storage.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00228864 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Foundation\16c3eb7650767d95d002c998d0c73eb5\Windows.Foundation.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 01131008 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.App640a3541#\72dff8d45b73e9b02b3838d29765607a\Windows.ApplicationModel.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00330240 _____ () C:\Users\HPPC\AppData\Local\Packages\a278ab0d.dragonmanialegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\FacebookRun67b5d43e#\aa9b3c3c2ae71b296094e32b2938820c\FacebookRuntimeComponent.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00080896 _____ () C:\Users\HPPC\AppData\Local\Packages\a278ab0d.dragonmanialegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\InGameBrowserLibrary\9789ec5e3948754d168d3d659a1480be\InGameBrowserLibrary.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00960000 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.UI\8ddd8ad15fe3fb05a871ef0115fb84e2\Windows.UI.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00337920 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Data\98644a649e9bf9e880f2e97889501b07\Windows.Data.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00403456 _____ () C:\Users\HPPC\AppData\Local\Packages\a278ab0d.dragonmanialegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\Notificatioc5a47191#\e0958749e97c3f3e06015513bd6d9fff\NotificationsExtensions.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00050688 _____ () C:\Users\HPPC\AppData\Local\Packages\a278ab0d.dragonmanialegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\W8_1EntryPoint\639d6719378b5ec9cb0660bc8e875504\W8_1EntryPoint.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 01282048 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Devices\4764145200fcd33a90ced1505892fce6\Windows.Devices.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00304128 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Graphics\eff020aac8737300c74dee47a69c9bbf\Windows.Graphics.ni.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\HPPC\OneDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\HPPC\AppData\Roaming\8pecxstudios\Cyberfox\Desktop Background.bmp
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
==================== Accounts: =============================
Administrator (S-1-5-21-3776727103-4227896957-2343858286-500 - Administrator - Disabled)
Gast (S-1-5-21-3776727103-4227896957-2343858286-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3776727103-4227896957-2343858286-1006 - Limited - Enabled)
HPPC (S-1-5-21-3776727103-4227896957-2343858286-1001 - Administrator - Enabled) => C:\Users\HPPC
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/26/2015 03:12:11 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Error: (02/26/2015 03:07:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Error: (02/26/2015 02:04:18 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Error: (02/26/2015 02:04:16 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Error: (02/26/2015 02:04:13 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Error: (02/26/2015 01:23:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Error: (02/26/2015 01:23:19 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Error: (02/26/2015 01:23:16 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Error: (02/26/2015 01:23:16 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Error: (02/26/2015 01:23:16 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
System errors:
=============
Error: (02/26/2015 02:39:50 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Foxit Cloud Safe Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/25/2015 11:03:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Splashtop Software Updater Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/25/2015 10:28:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Splashtop® Remote Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/25/2015 10:28:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Adobe Acrobat Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/25/2015 10:27:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Network Activity Hook Server LightWeight Filter Driver" wurde aufgrund folgenden Fehlers nicht gestartet:
%%31
Error: (02/25/2015 10:27:37 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
%%5
Error: (02/25/2015 10:26:59 PM) (Source: DCOM) (EventID: 10010) (User: HP)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
Error: (02/25/2015 10:26:29 PM) (Source: DCOM) (EventID: 10010) (User: HP)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
Error: (02/25/2015 10:25:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Adobe Acrobat Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office Sessions:
=========================
Error: (02/26/2015 03:12:11 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\$Recycle.Bin\S-1-5-21-3776727103-4227896957-2343858286-1001\$RMMJQQU.exe
Error: (02/26/2015 03:07:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (02/26/2015 02:04:18 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Users\HPPC\Desktop\esetsmartinstaller_deu.exe
Error: (02/26/2015 02:04:16 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Users\HPPC\Desktop\esetsmartinstaller_deu.exe
Error: (02/26/2015 02:04:13 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Users\HPPC\Desktop\esetsmartinstaller_deu.exe
Error: (02/26/2015 01:23:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Users\HPPC\Desktop\esetsmartinstaller_deu.exe
Error: (02/26/2015 01:23:19 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Users\HPPC\Desktop\esetsmartinstaller_deu.exe
Error: (02/26/2015 01:23:16 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Users\HPPC\Desktop\esetsmartinstaller_deu.exe
Error: (02/26/2015 01:23:16 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Users\HPPC\Desktop\esetsmartinstaller_deu.exe
Error: (02/26/2015 01:23:16 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Users\HPPC\Desktop\esetsmartinstaller_deu.exe
==================== Memory info ===========================
Processor: AMD A10-5700 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 35%
Total physical RAM: 6039.32 MB
Available physical RAM: 3909.32 MB
Total Pagefile: 6999.32 MB
Available Pagefile: 4255.36 MB
Total Virtual: 131072 MB
Available Virtual: 131071.85 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:452.14 GB) (Free:340.83 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:10.92 GB) (Free:0.94 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (Spiele+Programme) (Fixed) (Total:454.22 GB) (Free:52.38 GB) NTFS
Drive j: (Sonstiges) (Fixed) (Total:244.41 GB) (Free:235.56 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 52E55227)
Partition: GPT Partition Type.
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 00000001)
Partition 1: (Not Active) - (Size=993 KB) - (Type=42)
Partition 2: (Active) - (Size=454.2 GB) - (Type=42)
Partition 3: (Not Active) - (Size=244.4 GB) - (Type=42)
==================== End Of Log ============================
|
|
27.02.2015, 07:05
| #10 |
| /// the machine /// TB-Ausbilder | Windows 8.1: Probleme nach Update Java und Flash updaten. Panda wird angemeckert wegen der Toolbar. Das ist halt so wenn man unbedigt Freeware AVs nutzen will, dann bekommt man auch Toolbars und Werbung aufs Gerät, die müssen ja auch irgendwie zu Geld kommen. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Ich sehe im Log nicht warum das 4mal starten sollte. Bitte mal deinstallieren und neu installieren.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
11.03.2015, 14:59
| #11 |
| | Windows 8.1: Probleme nach Update Erst einmal sorry für die späte Antwort, war einige Zeit nicht da und der PC lief soweit auch wieder gut. Jetzt allerdings stellt er mich erneut vor ein Problem das einfach so auftritt. Ich kann fast gar keine Programme mehr installieren oder ausführen. Auch Programme wie Malwarebytes Anti-Rootkit oder der Eset Online Scanner werden nicht gestartet. Programme Deinstallieren kann ich gar nicht, und Panda Antivirus läuft zwar, aber gibt nur Fehlermeldungen aus wenn ich es öffnen will. Es steht auch schon wieder 2 mal im Autostart... Jedes mal kommen folgende Fehlermeldungen:  Farbar's Recovery Scan Tool lässt sich aber noch starten, und ich konnte einen Scan machen. FRST FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by HPPC (administrator) on HP on 11-03-2015 14:36:46
Running from C:\Users\HPPC\Desktop\Programme
Loaded Profiles: HPPC (Available profiles: HPPC)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser path: "C:\Program Files\Cyberfox\Cyberfox.exe" -osint -url "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Spotify Ltd) C:\Users\HPPC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_1.0.2.8_x86__h6adky7gbf63m\W8.1EntryPoint.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(8pecxstudios) C:\Program Files\Cyberfox\Cyberfox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2012-08-10] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-08-10] (IDT, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-02-17] (LogMeIn Inc.)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [40184 2015-02-17] (Panda Security, S.L.)
HKLM\...\Winlogon: [Userinit] C:\WINDOWS\SysWOW64\userinit.exe,
HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\Run: [Spotify Web Helper] => C:\Users\HPPC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-12] (Spotify Ltd)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-08-14] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-08-14] (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll [2014-08-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll [2014-08-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-08-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-08-14] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-06-26] (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-3776727103-4227896957-2343858286-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\HPPC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-09-05] (Unity Technologies ApS)
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
S2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [243880 2015-02-13] (Foxit Software Inc.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-02-16] (LogMeIn, Inc.)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142584 2015-02-17] (Panda Security, S.L.)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [66808 2014-10-09] (Panda Security, S.L.)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-06-26] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-06-26] (pdfforge GmbH)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-02-17] (Panda Security, S.L.)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [321536 2012-08-10] (IDT, Inc.) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-03] (Advanced Micro Devices)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-02-17] (LogMeIn Inc.)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [93968 2015-02-09] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [202000 2015-02-09] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [110864 2015-02-09] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [116496 2015-02-09] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [49936 2014-12-31] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [99600 2015-02-09] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [69904 2015-02-09] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [124176 2015-02-09] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [299792 2015-02-09] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [166160 2015-02-09] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [113424 2015-02-09] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [257296 2015-02-09] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [106256 2015-02-09] (Panda Security, S.L.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [163088 2015-02-11] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [121616 2015-02-11] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [197392 2015-02-10] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [124176 2015-02-11] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [133904 2015-02-11] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [107792 2015-02-11] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [61712 2015-01-29] (Panda Security, S.L.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-11 14:34 - 2015-03-11 14:34 - 00000000 ____D () C:\Program Files\Java
2015-03-11 14:34 - 2015-03-11 14:34 - 00000000 _____ () C:\WINDOWS\system32\REN2167.tmp
2015-03-11 14:32 - 2015-03-11 14:33 - 42925480 _____ (Oracle Corporation) C:\Users\HPPC\Desktop\jre-8u40-windows-x64.exe
2015-03-06 09:17 - 2015-01-29 18:21 - 00061712 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
2015-02-27 08:17 - 2015-02-27 08:18 - 00002214 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus.lnk
2015-02-27 08:17 - 2015-02-27 08:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus
2015-02-27 08:13 - 2015-03-11 09:51 - 00002828 _____ () C:\WINDOWS\setupact.log
2015-02-27 08:13 - 2015-02-27 08:13 - 00002062 _____ () C:\WINDOWS\PFRO.log
2015-02-27 08:13 - 2015-02-27 08:13 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-02-27 08:12 - 2015-02-27 08:12 - 00000000 __SHD () C:\Users\HPPC\AppData\Local\EmieUserList
2015-02-27 08:12 - 2015-02-27 08:12 - 00000000 __SHD () C:\Users\HPPC\AppData\Local\EmieSiteList
2015-02-27 08:12 - 2015-02-27 08:12 - 00000000 __SHD () C:\Users\HPPC\AppData\Local\EmieBrowserModeList
2015-02-27 01:13 - 2015-03-11 10:07 - 00607871 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-26 02:42 - 2015-02-27 01:10 - 00007608 _____ () C:\Users\HPPC\AppData\Local\Resmon.ResmonCfg
2015-02-25 22:13 - 2015-02-25 22:16 - 00000000 ____D () C:\AdwCleaner
2015-02-24 22:03 - 2015-02-25 09:44 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-02-24 22:03 - 2015-02-24 22:03 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-02-24 22:03 - 2015-02-24 22:03 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-24 22:01 - 2015-02-24 22:01 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-02-24 16:20 - 2015-03-11 14:36 - 00000000 ____D () C:\FRST
2015-02-24 12:51 - 2015-02-24 12:52 - 00001354 _____ () C:\Users\HPPC\Desktop\Shutdown.lnk
2015-02-24 12:04 - 2015-02-24 12:06 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-02-24 12:04 - 2015-01-29 17:49 - 116773704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-02-24 12:01 - 2014-04-16 00:35 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2015-02-24 12:01 - 2014-04-16 00:34 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2015-02-24 11:57 - 2014-09-22 04:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-02-24 11:57 - 2014-09-22 04:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-02-24 11:57 - 2014-09-22 03:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-02-24 11:57 - 2014-09-02 23:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-02-24 11:57 - 2014-09-02 23:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-02-24 11:51 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-02-24 11:51 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-02-24 11:51 - 2014-04-30 07:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2015-02-24 11:51 - 2014-04-30 07:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2015-02-24 11:49 - 2015-01-19 19:42 - 01487976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-02-24 11:48 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-02-24 11:48 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-02-24 11:47 - 2014-11-10 00:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-02-24 11:47 - 2014-11-10 00:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-02-24 11:47 - 2014-11-10 00:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-02-24 11:47 - 2014-11-10 00:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-02-24 11:46 - 2014-07-24 04:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2015-02-24 11:46 - 2014-07-24 04:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2015-02-22 20:08 - 2015-02-22 20:12 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2015-02-22 15:37 - 2015-03-11 09:54 - 00000000 ___RD () C:\Users\HPPC\OneDrive
2015-02-22 15:34 - 2015-02-22 15:34 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2015-02-22 15:29 - 2015-02-22 15:29 - 00000000 ____D () C:\Users\HPPC\AppData\Local\AMD
2015-02-22 15:28 - 2015-02-22 15:28 - 00001456 _____ () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-02-22 15:28 - 2015-02-22 15:28 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\ATI
2015-02-22 15:28 - 2015-02-22 15:28 - 00000000 ____D () C:\Users\HPPC\AppData\Local\ATI
2015-02-22 15:28 - 2015-02-22 15:28 - 00000000 ____D () C:\ProgramData\ATI
2015-02-22 15:27 - 2015-02-22 15:27 - 00000020 ___SH () C:\Users\HPPC\ntuser.ini
2015-02-22 15:25 - 2015-02-22 15:25 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default\Startmenü
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2015-02-22 15:25 - 2015-02-22 15:25 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-02-22 15:13 - 2015-02-22 15:13 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-02-22 15:13 - 2015-02-22 15:13 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2015-02-22 15:13 - 2015-02-22 15:13 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2015-02-22 15:10 - 2015-02-22 15:10 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2015-02-22 15:09 - 2015-02-22 15:25 - 00022863 _____ () C:\WINDOWS\diagwrn.xml
2015-02-22 15:09 - 2015-02-22 15:25 - 00022863 _____ () C:\WINDOWS\diagerr.xml
2015-02-22 15:08 - 2015-03-01 14:57 - 00000000 ____D () C:\Users\HPPC
2015-02-22 15:08 - 2015-02-22 15:09 - 00000000 ___RD () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-22 15:08 - 2015-02-22 15:08 - 00000000 _SHDL () C:\Users\HPPC\Vorlagen
2015-02-22 15:08 - 2015-02-22 15:08 - 00000000 _SHDL () C:\Users\HPPC\Startmenü
2015-02-22 15:08 - 2015-02-22 15:08 - 00000000 _SHDL () C:\Users\HPPC\Netzwerkumgebung
2015-02-22 15:08 - 2015-02-22 15:08 - 00000000 _SHDL () C:\Users\HPPC\Lokale Einstellungen
2015-02-22 15:08 - 2015-02-22 15:08 - 00000000 _SHDL () C:\Users\HPPC\Eigene Dateien
2015-02-22 15:08 - 2015-02-22 15:08 - 00000000 _SHDL () C:\Users\HPPC\Druckumgebung
2015-02-22 15:08 - 2015-02-22 15:08 - 00000000 _SHDL () C:\Users\HPPC\Documents\Eigene Musik
2015-02-22 15:08 - 2015-02-22 15:08 - 00000000 _SHDL () C:\Users\HPPC\Documents\Eigene Bilder
2015-02-22 15:08 - 2015-02-22 15:08 - 00000000 _SHDL () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-22 15:08 - 2015-02-22 15:08 - 00000000 _SHDL () C:\Users\HPPC\AppData\Local\Verlauf
2015-02-22 15:08 - 2015-02-22 15:08 - 00000000 _SHDL () C:\Users\HPPC\AppData\Local\Anwendungsdaten
2015-02-22 15:08 - 2015-02-22 15:08 - 00000000 _SHDL () C:\Users\HPPC\Anwendungsdaten
2015-02-22 15:08 - 2014-11-21 11:52 - 00000000 ___RD () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-02-22 15:08 - 2014-11-21 11:52 - 00000000 ___RD () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-02-22 15:08 - 2014-11-21 04:42 - 00000369 _____ () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-02-22 15:08 - 2014-11-21 04:42 - 00000369 _____ () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-02-22 15:08 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-02-22 15:02 - 2015-02-22 15:02 - 00060817 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201502221502333668.log
2015-02-22 15:02 - 2015-02-22 15:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-02-22 15:02 - 2015-02-22 15:02 - 00000000 ____D () C:\ProgramData\AMD
2015-02-22 15:02 - 2015-02-22 15:02 - 00000000 ____D () C:\Program Files\ATI Technologies
2015-02-22 15:01 - 2015-02-22 15:02 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2015-02-22 15:01 - 2015-02-22 15:01 - 00000425 _____ () C:\WINDOWS\BRWMARK.INI
2015-02-22 15:01 - 2015-02-22 15:01 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-02-22 15:00 - 2015-02-22 15:00 - 00000000 ____D () C:\Program Files\AMD
2015-02-22 15:00 - 2015-02-22 15:00 - 00000000 _____ () C:\WINDOWS\ativpsrm.bin
2015-02-22 14:58 - 2015-02-23 10:57 - 00000000 ___DC () C:\WINDOWS\Panther
2015-02-22 14:55 - 2015-02-22 14:55 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-02-22 14:55 - 2015-02-22 14:55 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-02-22 14:55 - 2015-02-22 14:55 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-02-22 14:55 - 2015-02-22 14:55 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-02-22 14:55 - 2015-02-22 14:55 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-02-22 14:55 - 2015-02-22 14:55 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-02-22 14:55 - 2015-02-22 14:55 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-02-22 14:55 - 2015-02-22 14:55 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-02-22 14:55 - 2015-02-22 14:55 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-02-22 14:54 - 2015-02-22 14:54 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-02-22 14:54 - 2015-02-22 14:54 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-02-22 14:54 - 2015-02-22 14:54 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2015-02-22 14:54 - 2015-02-22 14:54 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2015-02-22 14:54 - 2015-02-22 14:54 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-02-22 14:54 - 2015-02-22 14:54 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-02-22 14:54 - 2015-02-22 14:54 - 00788680 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-02-22 14:54 - 2015-02-22 14:54 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-02-22 14:54 - 2015-02-22 14:54 - 00602776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-02-22 14:54 - 2015-02-22 14:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-02-22 14:54 - 2015-02-22 14:54 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-02-22 14:54 - 2015-02-22 14:54 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-02-22 14:54 - 2015-02-22 14:54 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-02-22 14:54 - 2015-02-22 14:54 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-02-22 14:53 - 2015-02-22 14:53 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-02-22 14:53 - 2015-02-22 14:53 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-02-22 14:53 - 2015-02-22 14:53 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-02-22 14:53 - 2015-02-22 14:53 - 00563504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-02-22 14:53 - 2015-02-22 14:53 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2015-02-22 14:53 - 2015-02-22 14:53 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-02-22 14:53 - 2015-02-22 14:53 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-02-22 14:53 - 2015-02-22 14:53 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2015-02-22 14:53 - 2015-02-22 14:53 - 00391526 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-02-22 14:53 - 2015-02-22 14:53 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-02-22 14:53 - 2015-02-22 14:53 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-02-22 14:53 - 2015-02-22 14:53 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-02-22 14:53 - 2015-02-22 14:53 - 00177984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-02-22 14:53 - 2015-02-22 14:53 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-02-22 14:53 - 2015-02-22 14:53 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-02-22 14:53 - 2015-02-22 14:53 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2015-02-22 14:53 - 2015-02-22 14:53 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 25056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 19740160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 14401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 12829184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-02-22 14:52 - 2015-02-22 14:52 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-02-22 14:52 - 2015-02-22 14:52 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-02-22 14:52 - 2015-02-22 14:52 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-02-22 14:52 - 2015-02-22 14:52 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-02-22 14:52 - 2015-02-22 14:52 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2015-02-22 14:52 - 2015-02-22 14:52 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2015-02-22 14:52 - 2015-02-22 14:52 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-02-22 14:52 - 2015-02-22 14:52 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-02-22 14:52 - 2015-02-22 14:52 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-02-22 14:51 - 2015-02-22 14:51 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-02-22 14:51 - 2015-02-22 14:51 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-02-22 14:51 - 2015-02-22 14:51 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-02-22 14:51 - 2015-02-22 14:51 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-02-22 14:51 - 2015-02-22 14:51 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2015-02-22 14:51 - 2015-02-22 14:51 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2015-02-22 14:51 - 2015-02-22 14:51 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-02-22 14:51 - 2015-02-22 14:51 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-02-22 14:51 - 2015-02-22 14:51 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-02-22 14:51 - 2015-02-22 14:51 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2015-02-22 14:51 - 2015-02-22 14:51 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2015-02-22 14:51 - 2015-02-22 14:51 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2015-02-22 14:49 - 2015-02-22 14:49 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2015-02-22 14:49 - 2015-02-22 14:49 - 00000000 ____D () C:\Program Files\Reference Assemblies
2015-02-22 14:49 - 2015-02-22 14:49 - 00000000 ____D () C:\Program Files\MSBuild
2015-02-22 14:49 - 2015-02-22 14:49 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2015-02-22 14:49 - 2015-02-22 14:49 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-02-22 14:49 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-02-22 14:49 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-02-22 14:49 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-02-22 14:49 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-02-22 13:35 - 2015-02-22 13:35 - 00000136 _____ () C:\WINDOWS\system32\netcfg-135814.txt
2015-02-22 13:35 - 2015-02-22 13:35 - 00000134 _____ () C:\WINDOWS\system32\netcfg-130604.txt
2015-02-22 13:35 - 2015-02-22 13:35 - 00000134 _____ () C:\WINDOWS\system32\netcfg-123786.txt
2015-02-22 12:12 - 2015-02-22 12:12 - 00000131 _____ () C:\WINDOWS\system32\netcfg-1992846830.txt
2015-02-22 09:18 - 2015-02-22 09:18 - 00000132 _____ () C:\WINDOWS\system32\netcfg-1982392611.txt
2015-02-22 09:17 - 2015-02-22 09:17 - 00000139 _____ () C:\WINDOWS\system32\netcfg-1982334360.txt
2015-02-22 09:17 - 2015-02-22 09:17 - 00000139 _____ () C:\WINDOWS\system32\netcfg-1982324017.txt
2015-02-22 09:16 - 2015-02-22 09:16 - 00001078 _____ () C:\WINDOWS\system32\netcfg-1982279260.txt
2015-02-22 09:16 - 2015-02-22 09:16 - 00000139 _____ () C:\WINDOWS\system32\netcfg-1982318947.txt
2015-02-22 09:16 - 2015-02-22 09:16 - 00000139 _____ () C:\WINDOWS\system32\netcfg-1982268309.txt
2015-02-22 09:15 - 2015-02-22 15:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-02-22 09:15 - 2015-02-22 09:15 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2015-02-18 10:05 - 2015-02-18 10:05 - 00010878 _____ () C:\Users\HPPC\Documents\ftp_log_2015-02-17.gz
2015-02-17 22:58 - 2015-02-28 00:11 - 00040960 ___SH () C:\Users\HPPC\Thumbs.db
2015-02-17 18:21 - 2015-02-17 18:21 - 00044296 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys
2015-02-16 17:09 - 2015-02-22 15:14 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Project My Screen App
2015-02-16 17:09 - 2015-02-16 17:09 - 00000000 ____D () C:\Program Files (x86)\ProjectMyScreenApp
2015-02-15 22:20 - 2015-03-11 14:30 - 00000000 ____D () C:\Users\HPPC\Desktop\Yuri
2015-02-15 13:13 - 2015-02-18 17:16 - 00000000 ____D () C:\Users\HPPC\Desktop\FinVal
2015-02-11 23:39 - 2015-02-11 23:39 - 00163088 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINAflt.sys
2015-02-11 23:39 - 2015-02-11 23:39 - 00133904 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINProt.sys
2015-02-11 23:39 - 2015-02-11 23:39 - 00124176 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINProc.sys
2015-02-11 23:39 - 2015-02-11 23:39 - 00121616 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINFile.sys
2015-02-11 23:39 - 2015-02-11 23:39 - 00107792 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINReg.sys
2015-02-10 03:03 - 2015-02-10 03:03 - 00197392 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINKNC.sys
2015-02-09 22:13 - 2015-02-09 22:13 - 00299792 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\NNSProt.sys
2015-02-09 22:13 - 2015-02-09 22:13 - 00257296 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\NNSStrm.sys
2015-02-09 22:13 - 2015-02-09 22:13 - 00202000 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\NNSHttp.sys
2015-02-09 22:13 - 2015-02-09 22:13 - 00166160 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\NNSPrv.sys
2015-02-09 22:13 - 2015-02-09 22:13 - 00124176 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\NNSPop3.sys
2015-02-09 22:13 - 2015-02-09 22:13 - 00116496 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\NNSIds.sys
2015-02-09 22:13 - 2015-02-09 22:13 - 00113424 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\NNSSmtp.sys
2015-02-09 22:13 - 2015-02-09 22:13 - 00110864 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\NNSHttps.sys
2015-02-09 22:13 - 2015-02-09 22:13 - 00106256 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\NNStlsc.sys
2015-02-09 22:13 - 2015-02-09 22:13 - 00099600 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\NNSpicc.sys
2015-02-09 22:13 - 2015-02-09 22:13 - 00093968 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\NNSAlpc.sys
2015-02-09 22:13 - 2015-02-09 22:13 - 00069904 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\NNSPihsw.sys
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-11 14:36 - 2014-08-14 20:21 - 00000000 ___RD () C:\Users\HPPC\Desktop\Programme
2015-03-11 14:35 - 2014-08-14 19:40 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\Skype
2015-03-11 14:34 - 2014-08-14 20:18 - 00000000 ____D () C:\ProgramData\Oracle
2015-03-11 14:34 - 2014-08-14 20:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-03-11 14:29 - 2014-08-26 13:14 - 35793920 ___SH () C:\Users\HPPC\Desktop\Thumbs.db
2015-03-11 14:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-03-11 12:20 - 2014-08-25 20:37 - 00000000 ____D () C:\Users\HPPC\AppData\Local\LogMeIn Hamachi
2015-03-11 09:56 - 2014-11-21 04:35 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-11 09:56 - 2014-11-21 03:45 - 00764340 _____ () C:\WINDOWS\system32\perfh007.dat
2015-03-11 09:56 - 2014-11-21 03:45 - 00159160 _____ () C:\WINDOWS\system32\perfc007.dat
2015-03-11 09:51 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-11 02:45 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-03-10 22:51 - 2014-08-17 14:42 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\vlc
2015-03-08 13:49 - 2014-08-15 17:19 - 00000000 ____D () C:\Users\HPPC\AppData\Local\JDownloader v2.0
2015-03-08 12:51 - 2014-08-27 14:56 - 00005632 _____ () C:\Users\HPPC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-08 12:51 - 2014-08-16 21:07 - 00000000 ____D () C:\Users\HPPC\Documents\Camtasia Studio
2015-03-06 01:33 - 2014-08-16 11:25 - 00000000 ___RD () C:\Users\HPPC\Desktop\Sonstiges
2015-03-03 10:46 - 2014-08-20 11:40 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\FileZilla
2015-03-02 07:47 - 2013-08-22 15:44 - 04939472 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-02-28 16:01 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp
2015-02-28 01:22 - 2014-09-26 14:44 - 00001456 _____ () C:\Users\HPPC\AppData\Local\Adobe Für Web speichern 11.0 Prefs
2015-02-28 00:30 - 2014-08-14 20:21 - 00000000 ___RD () C:\Users\HPPC\Desktop\Spiele
2015-02-27 22:44 - 2015-01-12 11:43 - 00000000 ____D () C:\Users\HPPC\Downloads\3DS
2015-02-27 09:47 - 2014-08-09 14:11 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3776727103-4227896957-2343858286-1001
2015-02-27 08:19 - 2014-08-14 19:51 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2015-02-27 08:19 - 2014-08-14 19:49 - 00000000 ____D () C:\ProgramData\Panda Security
2015-02-27 08:17 - 2014-08-14 19:51 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\Panda Security
2015-02-26 16:30 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-02-26 14:04 - 2014-11-23 12:43 - 00000000 ____D () C:\Users\HPPC\Downloads\Sonstige
2015-02-26 13:58 - 2014-09-02 13:11 - 00284160 ___SH () C:\Users\HPPC\Downloads\Thumbs.db
2015-02-24 22:22 - 2014-11-21 04:13 - 00000000 ____D () C:\WINDOWS\ShellNew
2015-02-24 12:13 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-24 12:13 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-24 12:13 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2015-02-24 12:13 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2015-02-24 12:13 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-02-24 12:13 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-02-24 12:12 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-02-24 12:04 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-02-23 10:57 - 2014-08-16 21:15 - 00000000 ____D () C:\Users\HPPC\AppData\Local\CrashDumps
2015-02-22 20:59 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-02-22 20:54 - 2014-08-07 21:58 - 00000000 ____D () C:\Users\HPPC\AppData\Local\Packages
2015-02-22 20:08 - 2014-08-13 19:07 - 00000045 _____ () C:\WINDOWS\SysWOW64\initdebug.nfo
2015-02-22 19:12 - 2015-01-28 10:41 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-02-22 19:11 - 2015-01-28 10:41 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-02-22 19:10 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2015-02-22 15:29 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Registration
2015-02-22 15:28 - 2014-08-07 21:58 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2015-02-22 15:25 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT
2015-02-22 15:25 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default
2015-02-22 15:23 - 2013-08-22 16:36 - 00000000 __RSD () C:\WINDOWS\Media
2015-02-22 15:23 - 2013-08-22 16:36 - 00000000 __RHD () C:\Users\Public\Libraries
2015-02-22 15:22 - 2014-08-09 14:17 - 00000000 ____D () C:\ProgramData\SoundResearch
2015-02-22 15:14 - 2014-12-06 19:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-02-22 15:14 - 2014-11-27 12:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amnesia - The Dark Descent
2015-02-22 15:14 - 2014-11-14 11:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
2015-02-22 15:14 - 2014-10-06 11:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Splashtop Remote
2015-02-22 15:14 - 2014-09-16 21:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-02-22 15:14 - 2014-09-03 10:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 2
2015-02-22 15:14 - 2014-09-03 10:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2015-02-22 15:14 - 2014-09-02 10:05 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2015-02-22 15:14 - 2014-08-27 08:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dear Esther
2015-02-22 15:14 - 2014-08-27 08:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-02-22 15:14 - 2014-08-27 08:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2015-02-22 15:14 - 2014-08-19 13:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7
2015-02-22 15:14 - 2014-08-17 13:17 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2015-02-22 15:14 - 2014-08-17 08:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RPG Maker XP
2015-02-22 15:14 - 2014-08-17 08:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RPG Maker 2003
2015-02-22 15:14 - 2014-08-16 21:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-02-22 15:14 - 2014-08-16 21:05 - 00000000 ____D () C:\ProgramData\regid.1995-08.com.techsmith
2015-02-22 15:14 - 2014-08-16 21:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2015-02-22 15:14 - 2014-08-16 11:51 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-22 15:14 - 2014-08-15 17:21 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2015-02-22 15:14 - 2014-08-15 17:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-02-22 15:14 - 2014-08-15 15:25 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-02-22 15:14 - 2014-08-15 15:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-02-22 15:14 - 2014-08-14 19:33 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cyberfox
2015-02-22 15:14 - 2014-08-13 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2015-02-22 15:13 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2015-02-22 15:13 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2015-02-22 15:13 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\system32\WCN
2015-02-22 15:13 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2015-02-22 15:13 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2015-02-22 15:13 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2015-02-22 15:13 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2015-02-22 15:13 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2015-02-22 15:13 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2015-02-22 15:13 - 2012-07-26 06:37 - 00000000 ____D () C:\Users\Default.migrated
2015-02-22 15:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-02-22 15:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2015-02-22 15:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2015-02-22 15:11 - 2014-11-26 10:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gravity
2015-02-22 15:11 - 2014-10-06 13:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SEGA
2015-02-22 15:11 - 2014-08-17 01:38 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2015-02-22 15:11 - 2014-08-15 17:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KONAMI
2015-02-22 15:11 - 2014-08-15 17:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2015-02-22 15:11 - 2014-08-07 21:58 - 00000000 ____D () C:\ProgramData\PRICache
2015-02-22 15:11 - 2013-08-22 16:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2015-02-22 15:11 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2015-02-22 15:11 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2015-02-22 15:11 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\IME
2015-02-22 15:11 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Help
2015-02-22 15:11 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-02-22 15:10 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2015-02-22 15:09 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\GroupPolicy
2015-02-22 15:04 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2015-02-22 14:57 - 2013-08-22 16:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2015-02-22 14:57 - 2012-08-01 18:05 - 00000000 __SHD () C:\Recovery
2015-02-22 14:54 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-02-22 14:53 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2015-02-18 17:13 - 2014-08-16 11:52 - 00000000 ___RD () C:\Users\HPPC\Dropbox
2015-02-18 17:13 - 2014-08-16 11:49 - 00000000 ____D () C:\Users\HPPC\AppData\Roaming\Dropbox
2015-02-15 00:31 - 2014-08-14 19:33 - 00000977 _____ () C:\Users\Public\Desktop\Cyberfox.lnk
2015-02-14 10:14 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2015-02-12 00:17 - 2014-08-15 15:23 - 00000000 ___RD () C:\Users\HPPC\Desktop\Emulation
2015-02-11 15:54 - 2014-11-26 11:01 - 00000000 ___RD () C:\Users\HPPC\Desktop\Bilder
==================== Files in the root of some directories =======
2014-08-18 01:24 - 2014-08-19 11:20 - 0000132 _____ () C:\Users\HPPC\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-09-26 14:44 - 2015-02-28 01:22 - 0001456 _____ () C:\Users\HPPC\AppData\Local\Adobe Für Web speichern 11.0 Prefs
2014-08-27 14:56 - 2015-03-08 12:51 - 0005632 _____ () C:\Users\HPPC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-26 02:42 - 2015-02-27 01:10 - 0007608 _____ () C:\Users\HPPC\AppData\Local\Resmon.ResmonCfg
Some content of TEMP:
====================
C:\Users\HPPC\AppData\Local\Temp\proxy_vole3365814431527910434.dll
C:\Users\HPPC\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-11 10:33
==================== End Of Log ============================
--- --- --- --- --- --- Addition Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by HPPC at 2015-03-11 14:37:51
Running from C:\Users\HPPC\Desktop\Programme
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Panda Free Antivirus (Enabled - Up to date) {5FD6C936-849B-5CE2-14BA-709E1D6FD1DA}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Free Antivirus (Enabled - Up to date) {E4B728D2-A2A1-536C-2E0A-4BEC66E89B67}
FW: Panda Firewall (Disabled) {67ED4813-CEF4-5DBA-3FE5-D9ABE3BC96A1}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Amnesia - The Dark Descent (HKLM-x32\...\{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1) (Version: 1.0.0 - Frictional Games)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Camtasia Studio 8 (HKLM-x32\...\{3F3A5785-81E3-4065-B643-B4933790AE1E}) (Version: 8.1.1.1313 - TechSmith Corporation)
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5000 - CDBurnerXP)
Crazy Taxi (HKLM-x32\...\Steam App 71230) (Version: - SEGA)
Cyberfox Web Browser (HKLM\...\{5EFB52C0-4EC9-46B4-80EB-8432C6599641}_is1) (Version: 31.0.1.0 - 8pecxstudios)
Dear Esther Version 1.0 (HKLM-x32\...\Dear Esther_is1) (Version: 1.0 - TheChineseRoom)
Dropbox (HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)
FINAL FANTASY XIII-2 (HKLM-x32\...\Steam App 292140) (Version: - SQUARE ENIX)
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 2.8.49.213 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.0.6.1126 - Foxit Software Inc.)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6418.0 - IDT)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.319 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.319 - LogMeIn, Inc.) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
NiGHTS into Dreams... (HKLM-x32\...\Steam App 219950) (Version: - SEGA)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.04 - Panda Security)
Panda Devices Agent (x32 Version: 1.05.00 - Panda Security) Hidden
Panda Free Antivirus (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 15.01.00.0000 - Panda Security)
Panda Free Antivirus (Version: 7.81.00.0000 - Panda Security) Hidden
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version: - OVERKILL Software)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)
PDF Architect 2 View Module (HKLM-x32\...\{C960FF38-431D-429D-AD1F-FBD12A45B7C5}) (Version: 2.0.17.17583 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
PHANTASY STAR UNIVERSE (HKLM-x32\...\PHANTASY STAR UNIVERSE_is1) (Version: - SEGA SONIC TEAM)
PhotoFiltre 7 (HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\PhotoFiltre 7) (Version: - )
Project My Screen App (HKLM-x32\...\{DF901456-7160-49DB-977B-0E91858CA2CB}) (Version: 8.0.12349 - Microsoft Corporation)
Ragnarök Online (HKLM-x32\...\{55725CAB-ED4D-4169-A22E-20249EFCF2B5}) (Version: 14.1 - Gravity)
Resident Evil 6 / Biohazard 6 (HKLM-x32\...\Steam App 221040) (Version: - Capcom)
RGSS-RTP Standard (HKLM-x32\...\{5A9FE525-8B8F-4701-A937-7F6745A4E9C7}) (Version: 1.0.0 - Enterbrain)
RPG Maker 2003 v1.08 (HKLM-x32\...\RPG Maker 2003_is1) (Version: - Enterbrain, Inc.)
RPG Maker XP (HKLM-x32\...\RPGXP_E_is1) (Version: 1.05 - Enterbrain)
SILENT HILL 3 (HKLM-x32\...\InstallShield_{14D10AAC-9737-454E-A247-8075C26C30E1}) (Version: 1.00.0000 - Konami Computer Entertainment Tokyo, Inc.)
SILENT HILL 3 (x32 Version: 1.00.0000 - Konami Computer Entertainment Tokyo, Inc.) Hidden
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Sonic & All-Stars Racing Transformed (HKLM-x32\...\Steam App 212480) (Version: - Sumo Digital)
Sonic Adventure DX (HKLM-x32\...\Steam App 71250) (Version: - SEGA)
Sonic Generations (HKLM-x32\...\Steam App 71340) (Version: - Devil's Details)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.15 - Splashtop Inc.)
Splashtop Streamer (HKLM-x32\...\{B7C5EA94-B96A-41F5-BE95-25D78B486678}) (Version: 2.6.0.4 - Splashtop Inc.)
Spotify (HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Last Remnant (HKLM-x32\...\Steam App 23310) (Version: - SQUARE ENIX)
Thief (HKLM-x32\...\Steam App 239160) (Version: - Eidos-Montréal)
Unity Web Player (HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\UnityWebPlayer) (Version: 4.5.4f1 - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
==================== Restore Points =========================
22-02-2015 19:10:23 Removed iTunes
24-02-2015 22:20:42 Malwarebytes Anti-Rootkit Restore Point
04-03-2015 11:55:06 Geplanter Prüfpunkt
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {26307C61-2BD7-45FB-9910-F4A494F26755} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {80B3911A-27E7-4C15-9D9A-0B2FBD64833F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-01-29] (Microsoft Corporation)
==================== Loaded Modules (whitelisted) ==============
2014-07-04 21:33 - 2014-07-04 21:33 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2015-02-22 20:53 - 2015-02-22 20:54 - 13208576 _____ () C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_1.0.2.8_x86__h6adky7gbf63m\W8.1EntryPoint.exe
2014-08-14 19:33 - 2014-07-29 12:35 - 04652712 _____ () C:\Program Files\Cyberfox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\HPPC\OneDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\HPPC\AppData\Roaming\8pecxstudios\Cyberfox\Desktop Background.bmp
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
==================== Accounts: =============================
Administrator (S-1-5-21-3776727103-4227896957-2343858286-500 - Administrator - Disabled)
Gast (S-1-5-21-3776727103-4227896957-2343858286-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3776727103-4227896957-2343858286-1006 - Limited - Enabled)
HPPC (S-1-5-21-3776727103-4227896957-2343858286-1001 - Administrator - Enabled) => C:\Users\HPPC
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/11/2015 02:34:23 PM) (Source: MsiInstaller) (EventID: 11719) (User: HP)
Description: Produkt: Java 8 Update 40 (64-bit) -- Fehler 1719. Auf den Dienst "Windows Installer" konnte nicht zugegriffen werden. Dies kann auftreten, wenn Windows im abgesicherten Modus ausgeführt wird oder wenn der Windows Installer nicht ordnungsgemäß installiert wurde. Setzen Sie sich mit dem Support in Verbindung, um weitere Unterstützung zu erhalten.
Error: (03/02/2015 01:19:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 31.0.1.5323, Zeitstempel: 0x53d7528d
Name des fehlerhaften Moduls: mozalloc.dll, Version: 31.0.1.5323, Zeitstempel: 0x53d74bf2
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000000000001693
ID des fehlerhaften Prozesses: 0x2644
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5
Error: (02/28/2015 04:08:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Photoshop.exe, Version: 12.0.0.0, Zeitstempel: 0x4b504eff
Name des fehlerhaften Moduls: ScriptingSupport.8li, Version: 10.0.0.0, Zeitstempel: 0x4b505282
Ausnahmecode: 0xc000041d
Fehleroffset: 0x00018a15
ID des fehlerhaften Prozesses: 0x1304
Startzeit der fehlerhaften Anwendung: 0xPhotoshop.exe0
Pfad der fehlerhaften Anwendung: Photoshop.exe1
Pfad des fehlerhaften Moduls: Photoshop.exe2
Berichtskennung: Photoshop.exe3
Vollständiger Name des fehlerhaften Pakets: Photoshop.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Photoshop.exe5
Error: (02/28/2015 04:07:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Photoshop.exe, Version: 12.0.0.0, Zeitstempel: 0x4b504eff
Name des fehlerhaften Moduls: ScriptingSupport.8li, Version: 10.0.0.0, Zeitstempel: 0x4b505282
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00018a15
ID des fehlerhaften Prozesses: 0x1304
Startzeit der fehlerhaften Anwendung: 0xPhotoshop.exe0
Pfad der fehlerhaften Anwendung: Photoshop.exe1
Pfad des fehlerhaften Moduls: Photoshop.exe2
Berichtskennung: Photoshop.exe3
Vollständiger Name des fehlerhaften Pakets: Photoshop.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Photoshop.exe5
Error: (02/26/2015 03:12:11 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Error: (02/26/2015 03:07:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Error: (02/26/2015 02:04:18 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Error: (02/26/2015 02:04:16 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Error: (02/26/2015 02:04:13 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Error: (02/26/2015 01:23:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
System errors:
=============
Error: (03/11/2015 02:35:44 PM) (Source: DCOM) (EventID: 10000) (User: HP)
Description: C:\WINDOWS\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}5{06622D85-6856-4460-8DE1-A81921B41C4B}
Error: (03/11/2015 02:35:41 PM) (Source: DCOM) (EventID: 10000) (User: HP)
Description: C:\WINDOWS\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}5{06622D85-6856-4460-8DE1-A81921B41C4B}
Error: (03/11/2015 02:35:40 PM) (Source: DCOM) (EventID: 10000) (User: HP)
Description: C:\WINDOWS\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}87{06622D85-6856-4460-8DE1-A81921B41C4B}
Error: (03/11/2015 02:33:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Splashtop® Remote Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/11/2015 02:30:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Foxit Cloud Safe Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/11/2015 02:30:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Adobe Acrobat Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/11/2015 09:52:04 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
%%5
Error: (03/10/2015 09:58:18 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
%%5
Error: (03/10/2015 01:15:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Foxit Cloud Safe Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/10/2015 01:15:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Splashtop® Remote Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office Sessions:
=========================
Error: (03/11/2015 02:34:23 PM) (Source: MsiInstaller) (EventID: 11719) (User: HP)
Description: Produkt: Java 8 Update 40 (64-bit) -- Fehler 1719. Auf den Dienst "Windows Installer" konnte nicht zugegriffen werden. Dies kann auftreten, wenn Windows im abgesicherten Modus ausgeführt wird oder wenn der Windows Installer nicht ordnungsgemäß installiert wurde. Setzen Sie sich mit dem Support in Verbindung, um weitere Unterstützung zu erhalten.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (03/02/2015 01:19:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe31.0.1.532353d7528dmozalloc.dll31.0.1.532353d74bf2800000030000000000001693264401d05476040cd201C:\Program Files\Cyberfox\plugin-container.exeC:\Program Files\Cyberfox\mozalloc.dlld9626c05-c071-11e4-be99-78e3b5b56ba1
Error: (02/28/2015 04:08:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Photoshop.exe12.0.0.04b504effScriptingSupport.8li10.0.0.04b505282c000041d00018a15130401d05367b3c33008C:\Users\HPPC\Desktop\Programme\Adobe Photoshop CS5\App\PhotoshopCS5\Photoshop.exeC:\Users\HPPC\Desktop\Programme\Adobe Photoshop CS5\App\PhotoshopCS5\Plug-ins\Extensions\ScriptingSupport.8li95ea18fc-bf5b-11e4-be99-78e3b5b56ba1
Error: (02/28/2015 04:07:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Photoshop.exe12.0.0.04b504effScriptingSupport.8li10.0.0.04b505282c000000500018a15130401d05367b3c33008C:\Users\HPPC\Desktop\Programme\Adobe Photoshop CS5\App\PhotoshopCS5\Photoshop.exeC:\Users\HPPC\Desktop\Programme\Adobe Photoshop CS5\App\PhotoshopCS5\Plug-ins\Extensions\ScriptingSupport.8li9488fd2c-bf5b-11e4-be99-78e3b5b56ba1
Error: (02/26/2015 03:12:11 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\$Recycle.Bin\S-1-5-21-3776727103-4227896957-2343858286-1001\$RMMJQQU.exe
Error: (02/26/2015 03:07:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (02/26/2015 02:04:18 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Users\HPPC\Desktop\esetsmartinstaller_deu.exe
Error: (02/26/2015 02:04:16 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Users\HPPC\Desktop\esetsmartinstaller_deu.exe
Error: (02/26/2015 02:04:13 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Users\HPPC\Desktop\esetsmartinstaller_deu.exe
Error: (02/26/2015 01:23:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Users\HPPC\Desktop\esetsmartinstaller_deu.exe
CodeIntegrity Errors:
===================================
Date: 2015-02-27 08:18:30.512
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-02-27 08:18:30.402
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-02-27 08:18:30.246
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-02-27 08:18:30.106
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-02-27 08:18:29.980
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-02-27 08:18:29.855
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-02-27 08:18:29.637
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: AMD A10-5700 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 22%
Total physical RAM: 6039.32 MB
Available physical RAM: 4665.84 MB
Total Pagefile: 6999.32 MB
Available Pagefile: 5168.32 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:452.14 GB) (Free:330.54 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:10.92 GB) (Free:0.94 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (Spiele+Programme) (Fixed) (Total:454.22 GB) (Free:54.11 GB) NTFS
Drive j: (Sonstiges) (Fixed) (Total:244.41 GB) (Free:238.39 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 52E55227)
Partition: GPT Partition Type.
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 00000001)
Partition 1: (Not Active) - (Size=993 KB) - (Type=42)
Partition 2: (Active) - (Size=454.2 GB) - (Type=42)
Partition 3: (Not Active) - (Size=244.4 GB) - (Type=42)
==================== End Of Log ============================
|
|
12.03.2015, 08:52
| #12 |
| /// the machine /// TB-Ausbilder | Windows 8.1: Probleme nach Update Panda hat das System mit einem Update zerschossen. Bekanntes Problem, haben viele hier im Moment. Rechner nicht neustarten!!!!! und warten bis Panda das behebt.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
12.03.2015, 09:14
| #13 |
| | Windows 8.1: Probleme nach Update Hatte leider schon den PC runtergefahren, warscheinlich passierte das alles deswegen. Zum Glück wurde das neuste Update von Panda gestern abend noch eingespeist, und seither geht wieder alles soweit . |
|
12.03.2015, 19:06
| #14 |
| /// the machine /// TB-Ausbilder | Windows 8.1: Probleme nach Update ok
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Windows 8.1: Probleme nach Update |
| defender, explorer, fehlercode 0xc0000005, fehlercode 0xc000027b, fehlercode 0xc0000409, fehlercode windows, flash player, hijackthis, iph.trojan.vawtrak, lightning, neustart, prozesse, pup.optional.sanbreel.a, registry, security, services.exe, software, svchost.exe, trj/genetic.gen, windowsapps |
Linear-Darstellung
