| |
| |||||||
Log-Analyse und Auswertung: Probleme nach Cyberfox UpdateWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
21.11.2015, 00:28
| #1 |
 |  Probleme nach Cyberfox Update Hallo, habe vor ca. zwei Tagen mein Cyberfox geupdated, nur irgendwie spinnen seit dem verschiedene Sachen. Zuerst öffnete sich eine Seite im internet explorer, und schloss sich danach direkt wieder. Youtube Videos stürzen häufig ab und kurz vorher spinnt der Sound von eben diesen. Auch kann ich hier und da durch meine Lautsprecher Werbung hören so als würde diese im Hintergrund kurz laufen. Allerdings ist da irgendwie nichts. Panda Antivirus macht auch keine Meldung. Dazu kommt noch das der PC hier und da zufällig einfriert und nichts mehr geht. Kann dann nur Strom aus und wieder ein schalten. GMER Scan funktioniert bei mir übrigens nicht, kriege nur eine Fehlermeldung und dann stürzt es ab. FRST.txt Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:20-11-2015
durchgeführt von HPPC (Administrator) auf HP (21-11-2015 00:16:16)
Gestartet von C:\Users\HPPC\Desktop
Geladene Profile: HPPC (Verfügbare Profile: HPPC)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_1.8.0.19_x86__h6adky7gbf63m\W8.1EntryPoint.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Dropbox, Inc.) C:\Users\HPPC\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe
(8pecxstudios) C:\Program Files\Cyberfox\Cyberfox.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2012-08-10] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-08-10] (IDT, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [40184 2015-02-17] (Panda Security, S.L.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-11-12] (LogMeIn Inc.)
HKLM\...\Winlogon: [Userinit] C:\WINDOWS\SysWOW64\userinit.exe,
HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\Run: [Spotify Web Helper] => C:\Users\HPPC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-12] (Spotify Ltd)
HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\Run: [Dropbox Update] => C:\Users\HPPC\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-19] (Dropbox, Inc.)
HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\MountPoints2: {d4a071f6-483f-11e5-bf85-78e3b5b56ba1} - "G:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\MountPoints2: {d4a072b9-483f-11e5-bf85-78e3b5b56ba1} - "G:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\MountPoints2: {f3de35ef-23c5-11e4-be72-78e3b5b56ba1} - "H:\wubi.exe"
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\..\Interfaces\{687EFE86-7C48-4DD7-9764-BFDE83F885DD}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{93B37C6C-F077-40E8-BA0B-A8E67EA05545}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-08-14] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-08-14] (Oracle Corporation)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll [2014-08-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2015-07-19] (Unity Technologies ApS)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll [2014-08-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-08-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-08-14] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-06-26] (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-3776727103-4227896957-2343858286-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\HPPC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-09-05] (Unity Technologies ApS)
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
S2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244392 2015-06-02] (Foxit Software Inc.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-11-12] (LogMeIn, Inc.)
S2 Mobizen plugin; C:\Program Files (x86)\RSUPPORT\MobizenService\MobizenService.exe [3353360 2015-08-14] ( Rsupport Corporation)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142584 2015-02-17] (Panda Security, S.L.)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [66808 2014-10-09] (Panda Security, S.L.)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [Datei ist nicht signiert]
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-06-26] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-06-26] (pdfforge GmbH)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-02-17] (Panda Security, S.L.)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [321536 2012-08-10] (IDT, Inc.) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-03] (Advanced Micro Devices)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.)
S3 HtcVCom32; C:\Windows\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [93968 2015-02-09] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [202000 2015-02-09] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [110864 2015-02-09] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [116496 2015-02-09] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [49936 2014-12-31] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [99600 2015-02-09] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [69904 2015-02-09] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [124176 2015-02-09] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [299792 2015-02-09] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [166160 2015-02-09] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [113424 2015-02-09] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [257296 2015-02-09] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [106256 2015-02-09] (Panda Security, S.L.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [163088 2015-02-11] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [121616 2015-02-11] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [197392 2015-02-10] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [124176 2015-02-11] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [133904 2015-02-11] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [107792 2015-02-11] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [61712 2015-01-29] (Panda Security, S.L.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [35320 2014-09-22] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [258368 2014-09-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-11-21 00:16 - 2015-11-21 00:16 - 00015280 _____ C:\Users\HPPC\Desktop\FRST.txt
2015-11-21 00:12 - 2015-11-21 00:12 - 02345984 _____ (Farbar) C:\Users\HPPC\Desktop\FRST64.exe
2015-11-20 17:18 - 2015-11-20 17:19 - 00000000 ____D C:\Users\HPPC\AppData\Local\SM3DL
2015-11-19 21:57 - 2015-01-29 18:21 - 00061712 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
2015-11-17 22:00 - 2015-11-17 22:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-11-17 22:00 - 2015-11-17 22:00 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2015-11-16 16:27 - 2015-11-16 16:27 - 00000000 __SHD C:\WINDOWS\SysWOW64\AI_RecycleBin
2015-11-16 16:12 - 2015-11-16 16:12 - 00000000 ____D C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cyberfox
2015-11-15 00:30 - 2015-11-18 20:36 - 00000000 ____D C:\Users\HPPC\Desktop\Base
2015-11-14 15:48 - 2015-11-14 15:48 - 00000085 ___SH C:\ProgramData\.zreglib
2015-11-14 15:48 - 2015-11-14 15:48 - 00000000 ____D C:\ProgramData\Elaborate Bytes
2015-11-13 15:07 - 2015-11-15 10:16 - 00000000 ____D C:\Users\HPPC\Desktop\Luxaren Allure v1
2015-11-13 12:42 - 2015-11-13 12:42 - 00000000 ____D C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-11-12 11:47 - 2015-11-12 11:47 - 00045680 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys
2015-11-03 12:22 - 2015-11-18 01:12 - 00000000 ____D C:\Users\HPPC\Desktop\Convert
2015-11-02 16:18 - 2015-11-06 09:06 - 00000000 ____D C:\Users\HPPC\Downloads\PS3
2015-10-30 15:13 - 2015-11-16 17:43 - 00000238 _____ C:\Users\HPPC\Desktop\Neues Textdokument.txt
2015-10-27 10:21 - 2015-10-27 10:21 - 00000000 ____D C:\Users\HPPC\AppData\Roaming\fltk.org
2015-10-27 10:21 - 2015-10-27 10:21 - 00000000 ____D C:\ProgramData\fltk.org
2015-10-23 22:33 - 2015-10-23 22:33 - 00000000 ____D C:\Users\HPPC\Documents\Games
2015-10-23 22:33 - 2015-10-23 22:33 - 00000000 ____D C:\Users\HPPC\AppData\Local\KADOKAWA
2015-10-23 22:30 - 2015-10-23 22:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RPG Maker MV
2015-10-23 22:29 - 2015-10-23 22:29 - 00000000 ____D C:\Program Files (x86)\KADOKAWA
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-11-21 00:16 - 2015-02-24 16:20 - 00000000 ____D C:\FRST
2015-11-21 00:07 - 2014-08-14 19:40 - 00000000 ____D C:\Users\HPPC\AppData\Roaming\Skype
2015-11-21 00:00 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-20 23:41 - 2015-06-19 14:31 - 00001226 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3776727103-4227896957-2343858286-1001UA.job
2015-11-20 23:04 - 2014-08-17 14:42 - 00000000 ____D C:\Users\HPPC\AppData\Roaming\vlc
2015-11-20 23:03 - 2015-08-30 08:16 - 00000000 ____D C:\Users\HPPC\Desktop\Neu
2015-11-20 22:39 - 2015-10-13 10:40 - 00000000 ____D C:\Users\HPPC\Desktop\Szenen
2015-11-20 22:25 - 2014-08-16 11:52 - 00000000 __RHD C:\Users\HPPC\Dropbox
2015-11-20 22:25 - 2014-08-16 11:49 - 00000000 ____D C:\Users\HPPC\AppData\Roaming\Dropbox
2015-11-20 22:21 - 2014-08-26 13:14 - 109657600 ___SH C:\Users\HPPC\Desktop\Thumbs.db
2015-11-20 22:01 - 2015-02-22 15:37 - 00000000 ___RD C:\Users\HPPC\OneDrive
2015-11-20 22:01 - 2014-08-25 20:37 - 00000000 ____D C:\Users\HPPC\AppData\Local\LogMeIn Hamachi
2015-11-20 21:59 - 2015-10-15 20:57 - 00006008 _____ C:\WINDOWS\setupact.log
2015-11-20 21:59 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-20 17:49 - 2013-08-22 14:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-11-20 17:48 - 2015-02-22 15:08 - 00000000 ____D C:\Users\HPPC
2015-11-20 17:27 - 2014-08-14 20:21 - 00000000 ___RD C:\Users\HPPC\Desktop\Spiele
2015-11-20 15:34 - 2015-08-27 19:29 - 01078794 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-20 08:51 - 2014-08-09 14:11 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3776727103-4227896957-2343858286-1001
2015-11-20 01:01 - 2015-08-09 11:00 - 00000000 ___RD C:\Users\HPPC\Desktop\FinVal
2015-11-20 00:39 - 2015-08-09 23:21 - 00000000 ____D C:\Users\HPPC\Desktop\Yoshi Wallpaper
2015-11-19 22:29 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-19 22:15 - 2015-10-11 18:15 - 00000000 ____D C:\Users\HPPC\Desktop\NVList-3.3
2015-11-19 01:41 - 2015-06-19 14:31 - 00001174 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3776727103-4227896957-2343858286-1001Core.job
2015-11-18 10:27 - 2014-08-27 14:56 - 00005632 _____ C:\Users\HPPC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-11-18 10:27 - 2014-08-16 21:07 - 00000000 ____D C:\Users\HPPC\Documents\Camtasia Studio
2015-11-18 01:13 - 2014-11-21 04:35 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-18 01:13 - 2014-11-21 03:45 - 00764340 _____ C:\WINDOWS\system32\perfh007.dat
2015-11-18 01:13 - 2014-11-21 03:45 - 00159160 _____ C:\WINDOWS\system32\perfc007.dat
2015-11-17 22:02 - 2014-08-14 20:21 - 00000000 ___RD C:\Users\HPPC\Desktop\Programme
2015-11-17 10:32 - 2014-11-26 11:01 - 00000000 ___RD C:\Users\HPPC\Desktop\Bilder
2015-11-17 10:10 - 2015-01-12 11:43 - 00000000 ____D C:\Users\HPPC\Downloads\3DS
2015-11-17 09:16 - 2014-08-15 17:19 - 00000000 ____D C:\Users\HPPC\AppData\Local\JDownloader v2.0
2015-11-16 16:12 - 2014-08-14 19:33 - 00000826 _____ C:\Users\Public\Desktop\Cyberfox.lnk
2015-11-16 16:12 - 2014-08-14 19:33 - 00000000 ____D C:\Program Files\Cyberfox
2015-11-16 13:15 - 2015-08-12 21:15 - 00000000 ____D C:\Users\HPPC\Desktop\Dragons
2015-11-15 00:30 - 2014-08-16 11:25 - 00000000 ___RD C:\Users\HPPC\Desktop\Sonstiges
2015-11-14 15:48 - 2014-08-15 17:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2015-11-14 15:48 - 2014-08-15 17:01 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
2015-10-27 10:21 - 2014-11-27 12:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amnesia - The Dark Descent
2015-10-27 10:13 - 2014-11-27 14:16 - 00000000 ____D C:\Users\HPPC\Documents\Amnesia
2015-10-27 08:18 - 2013-08-22 15:44 - 04957520 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-10-22 21:19 - 2015-07-21 21:31 - 00000000 ___RD C:\Users\HPPC\Desktop\Pandora's Box
2015-10-22 16:04 - 2014-08-20 11:40 - 00000000 ____D C:\Users\HPPC\AppData\Roaming\FileZilla
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-08-18 01:24 - 2014-08-19 11:20 - 0000132 _____ () C:\Users\HPPC\AppData\Roaming\Adobe PNG Format CS5 Prefs
2015-05-08 23:28 - 2015-05-09 00:18 - 0014086 _____ () C:\Users\HPPC\AppData\Roaming\SpeedRunnersLog.txt
2015-05-08 23:32 - 2015-05-08 23:32 - 0002916 _____ () C:\Users\HPPC\AppData\Roaming\TargetInvocationLog.txt
2014-09-26 14:44 - 2015-10-17 12:56 - 0001456 _____ () C:\Users\HPPC\AppData\Local\Adobe Für Web speichern 11.0 Prefs
2014-08-27 14:56 - 2015-11-18 10:27 - 0005632 _____ () C:\Users\HPPC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-26 02:42 - 2015-07-21 23:37 - 0007608 _____ () C:\Users\HPPC\AppData\Local\Resmon.ResmonCfg
2015-11-14 15:48 - 2015-11-14 15:48 - 0000085 ___SH () C:\ProgramData\.zreglib
Einige Dateien in TEMP:
====================
C:\Users\HPPC\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkrk72t.dll
C:\Users\HPPC\AppData\Local\Temp\proxy_vole1591921514149422294.dll
C:\Users\HPPC\AppData\Local\Temp\proxy_vole4710295672764641662.dll
C:\Users\HPPC\AppData\Local\Temp\proxy_vole5307946691491688091.dll
C:\Users\HPPC\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-11-20 13:38
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:20-11-2015
durchgeführt von HPPC (2015-11-21 00:17:29)
Gestartet von C:\Users\HPPC\Desktop
Windows 8.1 (X64) (2015-02-22 14:27:51)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3776727103-4227896957-2343858286-500 - Administrator - Disabled)
Gast (S-1-5-21-3776727103-4227896957-2343858286-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3776727103-4227896957-2343858286-1006 - Limited - Enabled)
HPPC (S-1-5-21-3776727103-4227896957-2343858286-1001 - Administrator - Enabled) => C:\Users\HPPC
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Panda Free Antivirus (Enabled - Up to date) {AAF74A68-8713-CDF1-004F-30003398BE9E}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Free Antivirus (Enabled - Up to date) {1196AB8C-A129-C27F-3AFF-0B72481FF423}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Firewall (Disabled) {92CCCB4D-CD7C-CCA9-2B10-9935CD4BF9E5}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Amnesia - The Dark Descent (HKLM-x32\...\{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1) (Version: 1.2 - Frictional Games)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Azure Striker Gunvolt (HKLM-x32\...\Steam App 388800) (Version: - INTI CREATES CO., LTD.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Camtasia Studio 8 (HKLM-x32\...\{3F3A5785-81E3-4065-B643-B4933790AE1E}) (Version: 8.1.1.1313 - TechSmith Corporation)
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5000 - CDBurnerXP)
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.3 - Elaborate Bytes)
Crazy Taxi (HKLM-x32\...\Steam App 71230) (Version: - SEGA)
Cyberfox Web Browser (HKLM\...\{5EFB52C0-4EC9-46B4-80EB-8432C6599641}_is1) (Version: 42.0.1.0 - 8pecxstudios)
Dear Esther Version 1.0 (HKLM-x32\...\Dear Esther_is1) (Version: 1.0 - TheChineseRoom)
Divekick (HKLM-x32\...\Steam App 244730) (Version: - Iron Galaxy Studios)
Dropbox (HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
fault milestone one Demo (HKLM-x32\...\Steam App 313680) (Version: - ALICE IN DISSONANCE)
FINAL FANTASY XIII-2 (HKLM-x32\...\Steam App 292140) (Version: - SQUARE ENIX)
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.5.116.602 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.0.6.1126 - Foxit Software Inc.)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
FreeStyle2: Street Basketball (HKLM-x32\...\Steam App 339610) (Version: - Joycity)
GitHub (HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\5f7eb300e2ea4ebf) (Version: 3.0.6.4 - GitHub, Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6418.0 - IDT)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.410 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.410 - LogMeIn, Inc.) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mighty Gunvolt (HKLM-x32\...\Steam App 394600) (Version: - INTI CREATES CO., LTD.)
Mobizen (HKLM-x32\...\{BA0D3A44-BCEE-4C8B-BCD4-F7F1E64F41E3}) (Version: 2.16.0.2 - RSUPPORT)
Mozilla Thunderbird 31.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.5.0 (x86 de)) (Version: 31.5.0 - Mozilla)
NiGHTS into Dreams... (HKLM-x32\...\Steam App 219950) (Version: - SEGA)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.3 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.04 - Panda Security)
Panda Devices Agent (x32 Version: 1.05.00 - Panda Security) Hidden
Panda Free Antivirus (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 15.01.00.0000 - Panda Security)
Panda Free Antivirus (Version: 7.81.00.0000 - Panda Security) Hidden
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version: - OVERKILL Software)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)
PDF Architect 2 View Module (HKLM-x32\...\{C960FF38-431D-429D-AD1F-FBD12A45B7C5}) (Version: 2.0.17.17583 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
PHANTASY STAR UNIVERSE (HKLM-x32\...\PHANTASY STAR UNIVERSE_is1) (Version: - SEGA SONIC TEAM)
PhotoFiltre 7 (HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\PhotoFiltre 7) (Version: - )
Project 64 version 2.2.0.3 (HKLM-x32\...\{BEB5FB69-4080-466F-96C4-F15DF271718B}_is1) (Version: 2.2.0.3 - )
Project My Screen App (HKLM-x32\...\{DF901456-7160-49DB-977B-0E91858CA2CB}) (Version: 8.0.12349 - Microsoft Corporation)
Ragnarök Online (HKLM-x32\...\{55725CAB-ED4D-4169-A22E-20249EFCF2B5}) (Version: 14.1 - Gravity)
Resident Evil 6 / Biohazard 6 (HKLM-x32\...\Steam App 221040) (Version: - Capcom)
RGSS-RTP Standard (HKLM-x32\...\{5A9FE525-8B8F-4701-A937-7F6745A4E9C7}) (Version: 1.0.0 - Enterbrain)
RPG Maker 2003 v1.08 (HKLM-x32\...\RPG Maker 2003_is1) (Version: - Enterbrain, Inc.)
RPG Maker MV (HKLM-x32\...\RPGMV_is1) (Version: 1.0.0.0 - KADOKAWA)
RPG MAKER VX Ace (HKLM-x32\...\RPG MAKER VX Ace_is1) (Version: 1.01a - )
RPG Maker XP (HKLM-x32\...\RPGXP_E_is1) (Version: 1.05 - Enterbrain)
SILENT HILL 3 (HKLM-x32\...\InstallShield_{14D10AAC-9737-454E-A247-8075C26C30E1}) (Version: 1.00.0000 - Konami Computer Entertainment Tokyo, Inc.)
SILENT HILL 3 (x32 Version: 1.00.0000 - Konami Computer Entertainment Tokyo, Inc.) Hidden
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Sonic & All-Stars Racing Transformed (HKLM-x32\...\Steam App 212480) (Version: - Sumo Digital)
Sonic Adventure DX (HKLM-x32\...\Steam App 71250) (Version: - SEGA)
Sonic Generations (HKLM-x32\...\Steam App 71340) (Version: - Devil's Details)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
SpeedRunners (HKLM-x32\...\Steam App 207140) (Version: - DoubleDutch Games)
Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.15 - Splashtop Inc.)
Splashtop Streamer (HKLM-x32\...\{B7C5EA94-B96A-41F5-BE95-25D78B486678}) (Version: 2.6.0.4 - Splashtop Inc.)
Spotify (HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Last Remnant (HKLM-x32\...\Steam App 23310) (Version: - SQUARE ENIX)
Thief (HKLM-x32\...\Steam App 239160) (Version: - Eidos-Montréal)
Unity Web Player (HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\UnityWebPlayer) (Version: 4.5.4f1 - Unity Technologies ApS)
Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.6.4f1 - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
==================== Wiederherstellungspunkte =========================
30-10-2015 09:54:17 Geplanter Prüfpunkt
08-11-2015 01:49:49 Geplanter Prüfpunkt
16-11-2015 00:42:42 Geplanter Prüfpunkt
18-11-2015 01:13:27 UltraMon wird entfernt
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {26307C61-2BD7-45FB-9910-F4A494F26755} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {29470BB9-1590-410B-97FF-A0CFDE07A7FB} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3776727103-4227896957-2343858286-1001
Task: {405FAB6A-74DB-4EAF-9E35-DDA6A4C2CD60} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3776727103-4227896957-2343858286-1001Core => C:\Users\HPPC\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)
Task: {5712CE09-B483-453B-9147-BAE5579FFEDF} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3776727103-4227896957-2343858286-1001UA => C:\Users\HPPC\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3776727103-4227896957-2343858286-1001Core.job => C:\Users\HPPC\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3776727103-4227896957-2343858286-1001UA.job => C:\Users\HPPC\AppData\Local\Dropbox\Update\DropboxUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-10-17 14:27 - 2013-10-17 14:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2015-04-15 21:13 - 2015-04-15 21:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2014-07-04 21:33 - 2014-07-04 21:33 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2015-11-19 22:28 - 2015-11-19 22:29 - 15079424 _____ () C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_1.8.0.19_x86__h6adky7gbf63m\W8.1EntryPoint.exe
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-04-12 18:23 - 2013-04-12 18:23 - 00612664 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll
2015-11-19 22:28 - 2015-11-19 22:29 - 00044544 _____ () C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_1.8.0.19_x86__h6adky7gbf63m\IGPLib_Windows_8.dll
2015-11-19 22:28 - 2015-11-19 22:29 - 00056320 _____ () C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_1.8.0.19_x86__h6adky7gbf63m\GLAdsManager.dll
2015-11-19 22:28 - 2015-11-19 22:29 - 00663040 _____ () C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_1.8.0.19_x86__h6adky7gbf63m\WindowsCorePackage.Windows81.dll
2015-11-19 22:28 - 2015-11-19 22:29 - 00178688 _____ () C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_1.8.0.19_x86__h6adky7gbf63m\InAppPurchaseComponentW8_x86.dll
2015-11-19 22:28 - 2015-11-19 22:29 - 00028160 _____ () C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_1.8.0.19_x86__h6adky7gbf63m\PopupRuntimeModule.dll
2015-11-20 08:51 - 2015-11-20 08:51 - 00186880 _____ () C:\Users\HPPC\AppData\Local\Packages\A278AB0D.DragonManiaLegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\IGPBridgeLibrary\0d11bae9eedde0c1b2a08681df5b2f8e\IGPBridgeLibrary.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 03530752 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.UI.Xaml\0b2afd93fc0545b7b94339e8a4a7af97\Windows.UI.Xaml.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00960000 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.UI\8ddd8ad15fe3fb05a871ef0115fb84e2\Windows.UI.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00228864 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Foundation\16c3eb7650767d95d002c998d0c73eb5\Windows.Foundation.ni.dll
2015-11-20 08:51 - 2015-11-20 08:51 - 00344064 _____ () C:\Users\HPPC\AppData\Local\Packages\A278AB0D.DragonManiaLegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\FacebookRun67b5d43e#\e0f36441fa3fa36571abdb8b8f5aa5ee\FacebookRuntimeComponent.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 01131008 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.App640a3541#\72dff8d45b73e9b02b3838d29765607a\Windows.ApplicationModel.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00337920 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Data\98644a649e9bf9e880f2e97889501b07\Windows.Data.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00808448 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Storage\7abff64c7c1ea1fae5bd170c8238b73e\Windows.Storage.ni.dll
2015-11-20 08:51 - 2015-11-20 08:51 - 00053760 _____ () C:\Users\HPPC\AppData\Local\Packages\A278AB0D.DragonManiaLegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\GLAds_Bridge_Lib\71d0ecf6e40e946ad905161d4b8486bd\GLAds_Bridge_Lib.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00402432 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Security\ae4a1bf110c1a12f619514bde2b27939\Windows.Security.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00133120 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.System\c639835fe3da556a2cbe2e03540996c0\Windows.System.ni.dll
2015-11-20 08:51 - 2015-11-20 08:51 - 00863744 _____ () C:\Users\HPPC\AppData\Local\Packages\A278AB0D.DragonManiaLegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\GLAds__Root\bba30b943ee115b42d0fb7e3132f465f\GLAds__Root.ni.dll
2015-11-20 08:51 - 2015-11-20 08:51 - 00032256 _____ () C:\Users\HPPC\AppData\Local\Packages\A278AB0D.DragonManiaLegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\PopUpsBridgeLibrary\8bdfeb35d1618b40d5fd567c034d905a\PopUpsBridgeLibrary.ni.dll
2015-11-20 08:51 - 2015-11-20 08:51 - 00047616 _____ () C:\Users\HPPC\AppData\Local\Packages\A278AB0D.DragonManiaLegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\PopUpsView\ca40c0f61b14c9e986746b6fb1d8c93c\PopUpsView.ni.dll
2015-11-20 08:51 - 2015-11-20 08:51 - 00135168 _____ () C:\Users\HPPC\AppData\Local\Packages\A278AB0D.DragonManiaLegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\W8_1EntryPoint\1e2dd38ac09f4c38b56f93039a50622a\W8_1EntryPoint.ni.dll
2015-11-20 08:51 - 2015-11-20 08:51 - 00249344 _____ () C:\Users\HPPC\AppData\Local\Packages\A278AB0D.DragonManiaLegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\IGPWindows8\4d50acb30008b043d587d99eee69cc72\IGPWindows8.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00239616 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Gloaae92e31#\94af4549db265c6f339c287c8675d234\Windows.Globalization.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00304128 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Graphics\eff020aac8737300c74dee47a69c9bbf\Windows.Graphics.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 01282048 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Devices\4764145200fcd33a90ced1505892fce6\Windows.Devices.ni.dll
2015-11-20 08:51 - 2015-11-20 08:51 - 00068096 _____ () C:\Users\HPPC\AppData\Local\Packages\A278AB0D.DragonManiaLegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\WCPToolkit\3328b38b7a94906f3e3f0a49ad5cd127\WCPToolkit.ni.dll
2015-11-20 08:51 - 2015-11-20 08:51 - 00403456 _____ () C:\Users\HPPC\AppData\Local\Packages\A278AB0D.DragonManiaLegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\Notificatioc5a47191#\cd8f1245f69d554ae0d875c6c5b589a0\NotificationsExtensions.ni.dll
2015-09-16 01:14 - 2015-09-16 01:14 - 00799232 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Networking\86865ced79f3180ebdfa736d895e5edb\Windows.Networking.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00873472 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Web\5a696652396e3e6bc1b2f36a25751862\Windows.Web.ni.dll
2015-06-08 20:06 - 2015-06-08 20:06 - 00014336 _____ () C:\Program Files (x86)\Notepad++\plugins\NppExport.dll
2015-05-15 15:24 - 2015-05-15 15:24 - 02873856 _____ () C:\Program Files (x86)\Notepad++\plugins\NppFTP.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\HPPC\Desktop\43825153_p0.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\HPPC\Desktop\44e477d0c35b67de32be6ae42a98c718.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\HPPC\Desktop\Chillin' evening.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\HPPC\Desktop\First kiss darker characters.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\HPPC\Desktop\Good night 2.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\HPPC\Desktop\Night time2.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\HPPC\Desktop\Version 1- stare.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\HPPC\Desktop\Version 2- kiss.jpg:com.dropbox.attributes
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\HPPC\AppData\Roaming\8pecxstudios\Cyberfox\Desktop Background.bmp
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{23FC7089-0D60-4869-ABFD-DAC6C01F04A8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{FEBBDA95-1D87-44E0-A5BD-C834771B6D80}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D9522932-BB3B-471A-A550-922C674A876B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CACAB489-4310-4D49-94FD-7B937AB7621B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{43EEA5A2-04E3-4F9D-81E3-D391710F4784}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{D1958A19-74F5-41FF-A27A-1847102504D7}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{143E2BD3-A7F1-4A00-9A92-1A5176F1597A}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\FINAL FANTASY XIII-2\FFXiii2Launcher.exe
FirewallRules: [{4AECFAC5-6B9C-4135-8599-368C74856701}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\FINAL FANTASY XIII-2\FFXiii2Launcher.exe
FirewallRules: [{56D069FC-7A2B-4C9A-8EAC-4AEA643F5874}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{77AA35B3-F4F4-42C3-B3C0-A45403B4D8A7}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{6596ABD8-6219-40F8-B03F-1B85F05CF579}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\The Last Remnant\Binaries\TLR.exe
FirewallRules: [{38609705-6AB2-493D-A4B6-CCB090F35F0F}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\The Last Remnant\Binaries\TLR.exe
FirewallRules: [{90948236-7A68-4E2C-9265-FB8049C7C3D8}] => (Allow) C:\Users\HPPC\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{470501B4-17D4-4105-94A2-E866E1190179}] => (Allow) C:\Users\HPPC\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{3B178E18-BF08-433A-BBC2-A9866A9AD918}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\NiGHTS Into Dreams\Launcher.exe
FirewallRules: [{7D14D5D3-33FC-48D1-9685-706678965B52}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\NiGHTS Into Dreams\Launcher.exe
FirewallRules: [{17B9A865-90E2-4BC6-97B9-D57313EF66BF}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\Launcher.exe
FirewallRules: [{EB4F9202-C0E7-49BF-ABDE-EF5502AFE4C6}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\Launcher.exe
FirewallRules: [{73C6B972-6BB6-4C8E-8201-5AD3DD3D10FF}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe
FirewallRules: [{14596CDC-1143-411A-817A-69A9EDCDC4D6}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe
FirewallRules: [{2CE0FD85-A5E4-4F11-8DAF-01568EB7DBB1}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic Adventure DX\AppLauncher.exe
FirewallRules: [{6D6BD41E-CC9C-4B53-B6BF-A3F76DCE21A6}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic Adventure DX\AppLauncher.exe
FirewallRules: [{AB4CE098-66DC-40B0-B9C2-827BFDA0DE6F}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Crazy Taxi\AppLauncher.exe
FirewallRules: [{E50434DD-B1E7-40F4-947F-0C5F73B23CB1}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Crazy Taxi\AppLauncher.exe
FirewallRules: [{F518EB44-C3E9-491E-8442-758840448BEA}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic Generations\ConfigurationTool.exe
FirewallRules: [{7CFA4D53-37B5-49CB-8023-E9B34D9FA350}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic Generations\ConfigurationTool.exe
FirewallRules: [{BEB0C014-3ED4-4BE3-8E70-7A2978BEDEEA}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic Generations\SonicGenerations.exe
FirewallRules: [{B5CDF304-B827-45F6-A2FB-9CB6658C4DD4}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic Generations\SonicGenerations.exe
FirewallRules: [{29502EA3-799C-4C41-9587-028A3C3710C0}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{F58A21E0-FF17-4DC0-A820-C586CD1A6B9D}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{C9D50332-DCCD-4D68-949D-B42542688C18}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{4FFFB6DC-741A-4A1E-9F3E-49690A911EA7}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{CE4A72EE-F675-48B6-BCF6-76E7DE1A6131}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\DataProxy.exe
FirewallRules: [{CA8DA855-6844-4C4E-A0DD-E5C0B10EC8BD}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
FirewallRules: [{4DE4DBC9-0E08-4872-A0D8-B6B02966AACA}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
FirewallRules: [{BB3DF925-92B0-4F71-B89D-0CE1B6858419}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Resident Evil 6\BH6.exe
FirewallRules: [{A3A23176-AF35-45C3-9504-488286001A2D}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Resident Evil 6\BH6.exe
FirewallRules: [{1609350F-083C-46AE-880B-79B2EE942B7A}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{872A30A4-C588-47C5-B6B0-FD0E5883E0F5}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{B3380C7E-2F69-4594-B265-08BEB8D97E90}] => (Allow) F:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{DCE5FED3-DB8B-4B3C-8C71-42C2EE515561}] => (Allow) F:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{D86A4DFC-D449-4B22-A987-5BE304026113}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{89026587-DAED-4FD7-8FC6-3ACEEEDCDAFC}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B4B7A26A-8F73-4849-BEB2-A2FAEA057C0D}] => (Allow) C:\Users\HPPC\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{4D252D01-2EDF-4EA2-90E0-8113B0A44C31}] => (Allow) C:\Users\HPPC\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [UDP Query User{743977DF-B0B5-4B4C-BF28-E9B661A2F7C7}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{BCE09F39-6899-42E8-8AB1-F0D5364FD623}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{AA4CD044-A3A2-48A1-B12D-E845C5B82E23}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{ADDE23F0-A14A-4B1D-81B1-E278B4B9BFD5}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [{83AA786E-A70F-4678-9234-629BDB6F8AC8}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [{6F9CFE8C-0755-483A-B663-39D72C5C7A28}] => (Allow) LPort=8743
FirewallRules: [{BB54A553-68E5-42DA-AD55-F9906D8EEE02}] => (Allow) LPort=8643
FirewallRules: [{5C8B8923-9196-4948-83E0-B63F30FBBCD0}] => (Allow) LPort=7676
FirewallRules: [{32FEE7F9-CF4D-4E54-A5FA-BF67A655933D}] => (Allow) LPort=7679
FirewallRules: [{230E229D-8BA8-4773-9150-76A3E1EC963D}] => (Allow) LPort=24234
FirewallRules: [{C84E823F-7F0C-4D77-BD63-C6570AFDED0B}] => (Allow) LPort=7900
FirewallRules: [{C09C8FE6-7C3A-4845-AB17-6FD231AD6079}] => (Allow) LPort=1900
FirewallRules: [{B24B1C4E-D18A-4342-AF0E-07845E8E13FE}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\FreeStyle2\LauncherSteam.exe
FirewallRules: [{4BC8765B-E102-4FA7-87E0-E7E8F1F30B6F}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\FreeStyle2\LauncherSteam.exe
FirewallRules: [{DC3DE35E-BF03-4B90-88AC-D9E7B876F608}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{4F37EE3B-F5BD-4A34-BF32-80B8751F95CC}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{6BC4802F-2D67-44A1-8AE4-5CED5FC8F868}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Divekick\DivekickD3D11.exe
FirewallRules: [{490A7624-0A1D-4C74-9E42-0EF76B411E49}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Divekick\DivekickD3D11.exe
FirewallRules: [{F4208D90-6A7B-40C1-983A-C8BA7DB2E732}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Mighty Gunvolt\MightyGunvolt.exe
FirewallRules: [{72969CAD-1484-46BC-9563-DB889894CC9F}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Mighty Gunvolt\MightyGunvolt.exe
FirewallRules: [{14009966-3BD0-4E58-ADF4-486A85B4CAC6}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\fault milestone one Demo\faultms1_demo.exe
FirewallRules: [{E1B13D94-4851-41BE-B5FA-6605242893A9}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\fault milestone one Demo\faultms1_demo.exe
FirewallRules: [{C339F8EC-1854-4D25-B0BA-C69C8985C345}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Azure Striker Gunvolt\exe\gv_win.exe
FirewallRules: [{9649E0CB-8B7C-4135-A1CA-0D7987B09BCD}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Azure Striker Gunvolt\exe\gv_win.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (11/20/2015 04:52:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Photoshop.exe, Version: 12.0.0.0, Zeitstempel: 0x4b504eff
Name des fehlerhaften Moduls: ScriptingSupport.8li, Version: 10.0.0.0, Zeitstempel: 0x4b505282
Ausnahmecode: 0xc000041d
Fehleroffset: 0x00018a15
ID des fehlerhaften Prozesses: 0x17c0
Startzeit der fehlerhaften Anwendung: 0xPhotoshop.exe0
Pfad der fehlerhaften Anwendung: Photoshop.exe1
Pfad des fehlerhaften Moduls: Photoshop.exe2
Berichtskennung: Photoshop.exe3
Vollständiger Name des fehlerhaften Pakets: Photoshop.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Photoshop.exe5
Error: (11/20/2015 04:52:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Photoshop.exe, Version: 12.0.0.0, Zeitstempel: 0x4b504eff
Name des fehlerhaften Moduls: ScriptingSupport.8li, Version: 10.0.0.0, Zeitstempel: 0x4b505282
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00018a15
ID des fehlerhaften Prozesses: 0x17c0
Startzeit der fehlerhaften Anwendung: 0xPhotoshop.exe0
Pfad der fehlerhaften Anwendung: Photoshop.exe1
Pfad des fehlerhaften Moduls: Photoshop.exe2
Berichtskennung: Photoshop.exe3
Vollständiger Name des fehlerhaften Pakets: Photoshop.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Photoshop.exe5
Error: (11/20/2015 03:09:21 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Error: (11/20/2015 01:38:51 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Error: (11/20/2015 08:52:10 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Error: (11/20/2015 00:39:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Photoshop.exe, Version: 12.0.0.0, Zeitstempel: 0x4b504eff
Name des fehlerhaften Moduls: ScriptingSupport.8li, Version: 10.0.0.0, Zeitstempel: 0x4b505282
Ausnahmecode: 0xc000041d
Fehleroffset: 0x00018a15
ID des fehlerhaften Prozesses: 0xc68
Startzeit der fehlerhaften Anwendung: 0xPhotoshop.exe0
Pfad der fehlerhaften Anwendung: Photoshop.exe1
Pfad des fehlerhaften Moduls: Photoshop.exe2
Berichtskennung: Photoshop.exe3
Vollständiger Name des fehlerhaften Pakets: Photoshop.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Photoshop.exe5
Error: (11/20/2015 00:39:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Photoshop.exe, Version: 12.0.0.0, Zeitstempel: 0x4b504eff
Name des fehlerhaften Moduls: ScriptingSupport.8li, Version: 10.0.0.0, Zeitstempel: 0x4b505282
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00018a15
ID des fehlerhaften Prozesses: 0xc68
Startzeit der fehlerhaften Anwendung: 0xPhotoshop.exe0
Pfad der fehlerhaften Anwendung: Photoshop.exe1
Pfad des fehlerhaften Moduls: Photoshop.exe2
Berichtskennung: Photoshop.exe3
Vollständiger Name des fehlerhaften Pakets: Photoshop.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Photoshop.exe5
Error: (11/19/2015 09:20:47 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Error: (11/18/2015 11:20:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 42.0.1.5787, Zeitstempel: 0x563ad95b
Name des fehlerhaften Moduls: webplayer_win.dll, Version: 4.6.6.2872, Zeitstempel: 0x55757527
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000006ee25e
ID des fehlerhaften Prozesses: 0x17f0
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5
Error: (11/18/2015 05:44:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Photoshop.exe, Version: 12.0.0.0, Zeitstempel: 0x4b504eff
Name des fehlerhaften Moduls: ScriptingSupport.8li, Version: 10.0.0.0, Zeitstempel: 0x4b505282
Ausnahmecode: 0xc000041d
Fehleroffset: 0x00018a15
ID des fehlerhaften Prozesses: 0x9d8
Startzeit der fehlerhaften Anwendung: 0xPhotoshop.exe0
Pfad der fehlerhaften Anwendung: Photoshop.exe1
Pfad des fehlerhaften Moduls: Photoshop.exe2
Berichtskennung: Photoshop.exe3
Vollständiger Name des fehlerhaften Pakets: Photoshop.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Photoshop.exe5
Systemfehler:
=============
Error: (11/21/2015 00:07:07 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.
Error: (11/21/2015 00:07:07 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.
Error: (11/21/2015 00:07:07 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.
Error: (11/20/2015 10:01:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Skype Updater" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (11/20/2015 10:01:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Splashtop Software Updater Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (11/20/2015 10:01:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Splashtop® Remote Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (11/20/2015 10:01:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Foxit Cloud Safe Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (11/20/2015 10:01:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Adobe Acrobat Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (11/20/2015 10:00:04 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
%%5
Error: (11/20/2015 00:47:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Splashtop Software Updater Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
CodeIntegrity:
===================================
Date: 2015-02-27 08:18:30.512
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-02-27 08:18:30.402
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-02-27 08:18:30.246
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-02-27 08:18:30.106
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-02-27 08:18:29.980
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-02-27 08:18:29.855
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-02-27 08:18:29.637
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: AMD A10-5700 APU with Radeon(tm) HD Graphics
Prozentuale Nutzung des RAM: 35%
Installierter physikalischer RAM: 6039.32 MB
Verfügbarer physikalischer RAM: 3916.63 MB
Summe virtueller Speicher: 6999.32 MB
Verfügbarer virtueller Speicher: 4313.91 MB
==================== Laufwerke ================================
Drive c: (OS) (Fixed) (Total:452.14 GB) (Free:155.29 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Recovery Image) (Fixed) (Total:10.92 GB) (Free:0.94 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive f: (Spiele+Programme) (Fixed) (Total:454.22 GB) (Free:30.15 GB) NTFS
Drive j: (Sonstiges) (Fixed) (Total:244.41 GB) (Free:140.1 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 52E55227)
Partition: GPT.
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 00000001)
Partition 1: (Not Active) - (Size=993 KB) - (Type=42)
Partition 2: (Active) - (Size=454.2 GB) - (Type=42)
Partition 3: (Not Active) - (Size=244.4 GB) - (Type=42)
==================== Ende von Addition.txt ============================
|
|
21.11.2015, 11:06
| #2 |
| /// the machine /// TB-Ausbilder    | Probleme nach Cyberfox Update hi,
__________________Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
21.11.2015, 15:09
| #3 |
| | Probleme nach Cyberfox Update Habe ich gemacht, beide zeigen nichts an:
__________________mbar.exe Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2015.11.21.03
rootkit: v2015.11.14.01
Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.17631
HPPC :: HP [administrator]
21.11.2015 14:21:55
mbar-log-2015-11-21 (14-21-55).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 383937
Time elapsed: 39 minute(s), 37 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 15:04:24.0329 0x14a0 TDSS rootkit removing tool 3.1.0.6 Nov 16 2015 12:17:23
15:04:24.0329 0x14a0 UEFI system
15:04:27.0705 0x14a0 ============================================================
15:04:27.0705 0x14a0 Current date / time: 2015/11/21 15:04:27.0705
15:04:27.0705 0x14a0 SystemInfo:
15:04:27.0705 0x14a0
15:04:27.0705 0x14a0 OS Version: 6.3.9600 ServicePack: 0.0
15:04:27.0705 0x14a0 Product type: Workstation
15:04:27.0705 0x14a0 ComputerName: HP
15:04:27.0705 0x14a0 UserName: HPPC
15:04:27.0705 0x14a0 Windows directory: C:\WINDOWS
15:04:27.0705 0x14a0 System windows directory: C:\WINDOWS
15:04:27.0705 0x14a0 Running under WOW64
15:04:27.0705 0x14a0 Processor architecture: Intel x64
15:04:27.0705 0x14a0 Number of processors: 4
15:04:27.0705 0x14a0 Page size: 0x1000
15:04:27.0705 0x14a0 Boot type: Normal boot
15:04:27.0705 0x14a0 ============================================================
15:04:27.0971 0x14a0 KLMD registered as C:\WINDOWS\system32\drivers\80072351.sys
15:04:28.0471 0x14a0 System UUID: {654F6458-FF61-98CC-97CD-FAB3589B28C8}
15:04:29.0002 0x14a0 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:04:29.0002 0x14a0 Drive \Device\Harddisk1\DR1 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:04:29.0018 0x14a0 ============================================================
15:04:29.0018 0x14a0 \Device\Harddisk0\DR0:
15:04:29.0018 0x14a0 GPT partitions:
15:04:29.0018 0x14a0 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {15379101-7D3C-40A7-AF4D-FA9C4562BE49}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x1FF800
15:04:29.0018 0x14a0 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {D9C4A3F4-C937-41A7-A262-DA8EBE58ADD5}, Name: EFI system partition, StartLBA 0x200000, BlocksNum 0xB4000
15:04:29.0018 0x14a0 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {80FF6248-257D-4B83-97B7-CAFB49B686D6}, Name: Microsoft reserved partition, StartLBA 0x2B4000, BlocksNum 0x40000
15:04:29.0018 0x14a0 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {3D8F1E69-3DC5-4B3F-9900-C23485B88752}, Name: Basic data partition, StartLBA 0x2F4000, BlocksNum 0x38847000
15:04:29.0018 0x14a0 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {5E61F2F5-6C36-44EB-9A4A-D876950EA1BA}, Name: , StartLBA 0x38B3B000, BlocksNum 0xE2000
15:04:29.0018 0x14a0 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {70A76504-0C46-4578-918E-709A1BE55B0F}, Name: , StartLBA 0x38C1D000, BlocksNum 0xE1000
15:04:29.0018 0x14a0 \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {DDF60087-E095-44D5-940A-9722973A2194}, Name: , StartLBA 0x38CFE000, BlocksNum 0xAF000
15:04:29.0018 0x14a0 \Device\Harddisk0\DR0\Partition8: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {F5D91DE7-C2AF-425D-AB35-FDD8AEB41549}, Name: Basic data partition, StartLBA 0x38DAD000, BlocksNum 0x15D9000
15:04:29.0018 0x14a0 MBR partitions:
15:04:29.0018 0x14a0 \Device\Harddisk1\DR1:
15:04:29.0018 0x14a0 MBR partitions:
15:04:29.0018 0x14a0 ============================================================
15:04:29.0049 0x14a0 C: <-> \Device\Harddisk0\DR0\Partition4
15:04:29.0111 0x14a0 D: <-> \Device\Harddisk0\DR0\Partition8
15:04:29.0111 0x14a0 ============================================================
15:04:29.0111 0x14a0 Initialize success
15:04:29.0111 0x14a0 ============================================================
15:05:15.0259 0x1478 ============================================================
15:05:15.0259 0x1478 Scan started
15:05:15.0259 0x1478 Mode: Manual; SigCheck; TDLFS;
15:05:15.0259 0x1478 ============================================================
15:05:15.0259 0x1478 KSN ping started
15:05:17.0556 0x1478 KSN ping finished: true
15:05:20.0885 0x1478 ================ Scan system memory ========================
15:05:20.0885 0x1478 System memory - ok
15:05:20.0900 0x1478 ================ Scan services =============================
15:05:21.0166 0x1478 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
15:05:21.0307 0x1478 1394ohci - ok
15:05:21.0322 0x1478 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
15:05:21.0338 0x1478 3ware - ok
15:05:21.0369 0x1478 [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
15:05:21.0385 0x1478 ACPI - ok
15:05:21.0416 0x1478 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
15:05:21.0416 0x1478 acpiex - ok
15:05:21.0432 0x1478 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
15:05:21.0447 0x1478 acpipagr - ok
15:05:21.0494 0x1478 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
15:05:21.0588 0x1478 AcpiPmi - ok
15:05:21.0604 0x1478 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
15:05:21.0635 0x1478 acpitime - ok
15:05:21.0713 0x1478 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:05:21.0744 0x1478 AdobeARMservice - ok
15:05:21.0775 0x1478 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
15:05:21.0822 0x1478 ADP80XX - ok
15:05:21.0869 0x1478 [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
15:05:21.0932 0x1478 AeLookupSvc - ok
15:05:21.0979 0x1478 [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD C:\WINDOWS\system32\drivers\afd.sys
15:05:22.0088 0x1478 AFD - ok
15:05:22.0119 0x1478 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
15:05:22.0119 0x1478 agp440 - ok
15:05:22.0166 0x1478 [ F0CB6DB513CAC393D04A0FCE0A59E1BF, E6EE159D0E6B1F666946B1FE421874044E89BB2EB60A521BAA111A1229FA7B2D ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
15:05:22.0229 0x1478 ahcache - ok
15:05:22.0276 0x1478 [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\WINDOWS\System32\alg.exe
15:05:22.0354 0x1478 ALG - ok
15:05:22.0401 0x1478 [ 6CF81DD5083D7F94A7E76E50429A949C, 19240502A6406924F889D1AFA975B975A300776D8B2D0557181DF13649622E2B ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
15:05:22.0494 0x1478 AMD External Events Utility - ok
15:05:22.0541 0x1478 AMD FUEL Service - ok
15:05:22.0604 0x1478 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
15:05:22.0697 0x1478 AmdK8 - ok
15:05:23.0104 0x1478 [ 71F8D8B977ACC5973FA042BF906E709F, 8106C5F5C8E40344CCCDB912845786DF287BDF068D7A6EF9D26B00FA1754C1BC ] amdkmdag C:\WINDOWS\system32\DRIVERS\atikmdag.sys
15:05:23.0557 0x1478 amdkmdag - ok
15:05:23.0619 0x1478 [ 4AA027F91A8093B1CDF453B5394F6715, E6D15E959637C102A34F73F66BFDC38436575A2FEFFC3976ACF399A472F126A5 ] amdkmdap C:\WINDOWS\system32\DRIVERS\atikmpag.sys
15:05:23.0651 0x1478 amdkmdap - ok
15:05:23.0682 0x1478 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
15:05:23.0697 0x1478 AmdPPM - ok
15:05:23.0713 0x1478 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
15:05:23.0729 0x1478 amdsata - ok
15:05:23.0776 0x1478 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
15:05:23.0791 0x1478 amdsbs - ok
15:05:23.0807 0x1478 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
15:05:23.0822 0x1478 amdxata - ok
15:05:23.0838 0x1478 [ E8CCB797DAF80779C768BD3A9FC8FCAF, 781BD878CA34D8B6D2FE238439CD173E95449260428859BEA92866D41B1284F4 ] AODDriver4.2.0 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
15:05:23.0854 0x1478 AODDriver4.2.0 - ok
15:05:23.0869 0x1478 [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\WINDOWS\system32\drivers\appid.sys
15:05:23.0963 0x1478 AppID - ok
15:05:24.0041 0x1478 [ 34B2E222F82D05398DAE7203B36B6A2B, AC04BC6B5A36A6807FFE302E9ACF073342B4D76B0BB386249251CB3CA1852CE8 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
15:05:24.0088 0x1478 AppIDSvc - ok
15:05:24.0104 0x1478 [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo C:\WINDOWS\System32\appinfo.dll
15:05:24.0151 0x1478 Appinfo - ok
15:05:24.0197 0x1478 [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:05:24.0197 0x1478 Apple Mobile Device - ok
15:05:24.0229 0x1478 [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
15:05:24.0276 0x1478 AppReadiness - ok
15:05:24.0322 0x1478 [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
15:05:24.0447 0x1478 AppXSvc - ok
15:05:24.0479 0x1478 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
15:05:24.0494 0x1478 arcsas - ok
15:05:24.0541 0x1478 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
15:05:24.0572 0x1478 atapi - ok
15:05:24.0588 0x1478 [ 98A9D78AF74B2C7D27465029D389F567, 12EF8D3A7A9F27230A965D44DA4BD5692CF3F0A4183A822E226AC6722A35F4C4 ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdW86.sys
15:05:24.0604 0x1478 AtiHDAudioService - ok
15:05:24.0666 0x1478 [ 8779FDAE68BC948B0FE152E758CC8DA7, 13070C2073F8E7546B48AE9CF54067B9BB75DFCD98F2987B90FFAD20D40D54CF ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
15:05:24.0744 0x1478 AudioEndpointBuilder - ok
15:05:24.0839 0x1478 [ 61EA45A645854FE81D8A924E2D93DFFE, 34F79532297F609CA93C380B68BB8B7B0F027F9C8F4FB8E02A9A43EA3D155F1B ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
15:05:24.0901 0x1478 Audiosrv - ok
15:05:24.0932 0x1478 [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
15:05:24.0995 0x1478 AxInstSV - ok
15:05:25.0073 0x1478 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
15:05:25.0104 0x1478 b06bdrv - ok
15:05:25.0120 0x1478 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
15:05:25.0214 0x1478 BasicDisplay - ok
15:05:25.0214 0x1478 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
15:05:25.0292 0x1478 BasicRender - ok
15:05:25.0307 0x1478 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
15:05:25.0323 0x1478 bcmfn2 - ok
15:05:25.0401 0x1478 [ 77D760E9B477C21487C171F561497F98, 2393D466CEC863C771C5BB4CD81B251635DC084386134B8E13F74F3E1C6D68DF ] BDESVC C:\WINDOWS\System32\bdesvc.dll
15:05:25.0479 0x1478 BDESVC - ok
15:05:25.0542 0x1478 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\WINDOWS\system32\drivers\Beep.sys
15:05:25.0620 0x1478 Beep - ok
15:05:25.0682 0x1478 [ 7BCB00EA702F78EC74CD9699D85CE80B, 17241ADAA13051B560DB9FA9079CAE6321D5B49788B596C125DC912443B00421 ] BFE C:\WINDOWS\System32\bfe.dll
15:05:25.0761 0x1478 BFE - ok
15:05:25.0855 0x1478 [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\WINDOWS\System32\qmgr.dll
15:05:25.0948 0x1478 BITS - ok
15:05:25.0995 0x1478 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:05:26.0011 0x1478 Bonjour Service - ok
15:05:26.0058 0x1478 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
15:05:26.0151 0x1478 bowser - ok
15:05:26.0214 0x1478 [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
15:05:26.0308 0x1478 BrokerInfrastructure - ok
15:05:26.0339 0x1478 [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\WINDOWS\System32\browser.dll
15:05:26.0401 0x1478 Browser - ok
15:05:26.0448 0x1478 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
15:05:26.0526 0x1478 BthAvrcpTg - ok
15:05:26.0558 0x1478 [ 67343511D80BF3D6D9EEDB5BA8D0B06B, 28436B2E62762686C4FF4FA3F9E7ABB56DA9D6884B6C924ACC544161400593DD ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
15:05:26.0620 0x1478 BthHFEnum - ok
15:05:26.0651 0x1478 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
15:05:26.0667 0x1478 bthhfhid - ok
15:05:26.0730 0x1478 [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
15:05:26.0776 0x1478 BthHFSrv - ok
15:05:26.0808 0x1478 [ EF4B9E7C9AD88C00C18A12B0D22D1894, 672537E75201E690D86CD65252B8AEF887C76EBD37AB0C419462D69164B350CC ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
15:05:26.0902 0x1478 BTHMODEM - ok
15:05:26.0917 0x1478 [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\WINDOWS\system32\bthserv.dll
15:05:27.0011 0x1478 bthserv - ok
15:05:27.0027 0x1478 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
15:05:27.0073 0x1478 cdfs - ok
15:05:27.0120 0x1478 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
15:05:27.0136 0x1478 cdrom - ok
15:05:27.0152 0x1478 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
15:05:27.0167 0x1478 CertPropSvc - ok
15:05:27.0214 0x1478 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
15:05:27.0230 0x1478 circlass - ok
15:05:27.0261 0x1478 [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
15:05:27.0277 0x1478 CLFS - ok
15:05:27.0308 0x1478 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
15:05:27.0386 0x1478 CmBatt - ok
15:05:27.0448 0x1478 [ 3930E508DDA46C1FF68FD963F350AA0A, BF63F9C7AB30E2A8199D65EDD6DCBB797C93A4A0B972373643FBE1C38BCFA697 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
15:05:27.0480 0x1478 CNG - ok
15:05:27.0511 0x1478 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
15:05:27.0527 0x1478 CompositeBus - ok
15:05:27.0527 0x1478 COMSysApp - ok
15:05:27.0573 0x1478 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\WINDOWS\system32\drivers\condrv.sys
15:05:27.0605 0x1478 condrv - ok
15:05:27.0636 0x1478 [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
15:05:27.0714 0x1478 CryptSvc - ok
15:05:27.0761 0x1478 [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\WINDOWS\system32\drivers\dam.sys
15:05:27.0792 0x1478 dam - ok
15:05:27.0886 0x1478 [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
15:05:27.0949 0x1478 DcomLaunch - ok
15:05:27.0995 0x1478 [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\WINDOWS\System32\defragsvc.dll
15:05:28.0074 0x1478 defragsvc - ok
15:05:28.0136 0x1478 [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
15:05:28.0167 0x1478 DeviceAssociationService - ok
15:05:28.0214 0x1478 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
15:05:28.0308 0x1478 DeviceInstall - ok
15:05:28.0370 0x1478 [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
15:05:28.0464 0x1478 Dfsc - ok
15:05:28.0527 0x1478 [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
15:05:28.0574 0x1478 Dhcp - ok
15:05:28.0605 0x1478 [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\WINDOWS\system32\drivers\disk.sys
15:05:28.0620 0x1478 disk - ok
15:05:28.0636 0x1478 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
15:05:28.0714 0x1478 dmvsc - ok
15:05:28.0745 0x1478 [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
15:05:28.0777 0x1478 Dnscache - ok
15:05:28.0855 0x1478 [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
15:05:28.0949 0x1478 dot3svc - ok
15:05:28.0980 0x1478 [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\WINDOWS\system32\dps.dll
15:05:28.0996 0x1478 DPS - ok
15:05:29.0042 0x1478 [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
15:05:29.0042 0x1478 drmkaud - ok
15:05:29.0074 0x1478 [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
15:05:29.0105 0x1478 DsmSvc - ok
15:05:29.0183 0x1478 [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
15:05:29.0246 0x1478 DXGKrnl - ok
15:05:29.0261 0x1478 EagleX64 - ok
15:05:29.0308 0x1478 [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\WINDOWS\System32\eapsvc.dll
15:05:29.0402 0x1478 Eaphost - ok
15:05:29.0527 0x1478 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
15:05:29.0683 0x1478 ebdrv - ok
15:05:29.0730 0x1478 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\WINDOWS\System32\lsass.exe
15:05:29.0746 0x1478 EFS - ok
15:05:29.0761 0x1478 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
15:05:29.0777 0x1478 EhStorClass - ok
15:05:29.0793 0x1478 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
15:05:29.0793 0x1478 EhStorTcgDrv - ok
15:05:29.0839 0x1478 [ BDD265EEB37DF5953A547FE412E2472F, 17EB4FD54D62207937F8CA7454837DBF1EEC867AEDAF201FC2E839A3ED357F4F ] ElbyCDIO C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
15:05:29.0855 0x1478 ElbyCDIO - ok
15:05:29.0871 0x1478 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
15:05:29.0902 0x1478 ErrDev - ok
15:05:29.0964 0x1478 [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\WINDOWS\system32\es.dll
15:05:30.0058 0x1478 EventSystem - ok
15:05:30.0121 0x1478 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
15:05:30.0152 0x1478 exfat - ok
15:05:30.0183 0x1478 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
15:05:30.0199 0x1478 fastfat - ok
15:05:30.0261 0x1478 [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\WINDOWS\system32\fxssvc.exe
15:05:30.0355 0x1478 Fax - ok
15:05:30.0371 0x1478 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
15:05:30.0402 0x1478 fdc - ok
15:05:30.0449 0x1478 [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
15:05:30.0527 0x1478 fdPHost - ok
15:05:30.0574 0x1478 [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
15:05:30.0589 0x1478 FDResPub - ok
15:05:30.0621 0x1478 [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
15:05:30.0699 0x1478 fhsvc - ok
15:05:30.0761 0x1478 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
15:05:30.0777 0x1478 FileInfo - ok
15:05:30.0808 0x1478 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
15:05:30.0824 0x1478 Filetrace - ok
15:05:30.0839 0x1478 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
15:05:30.0855 0x1478 flpydisk - ok
15:05:30.0871 0x1478 [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
15:05:30.0886 0x1478 FltMgr - ok
15:05:30.0933 0x1478 [ 7269C9013FCFA3C6E70F03E2630DBFC3, AAB282B4444CC17D197974D05063C7C97E5202E604681DD2DC3BCF0AE77D6057 ] FontCache C:\WINDOWS\system32\FntCache.dll
15:05:31.0043 0x1478 FontCache - ok
15:05:31.0214 0x1478 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:05:31.0246 0x1478 FontCache3.0.0.0 - ok
15:05:31.0339 0x1478 [ D1A8631ADA1E71178D3DBF5AA2BC1E85, 1BD14BA0AD48722BE8B4513F9AE09D4394E0D576138B0D9A0877D36F47F2B714 ] FoxitCloudUpdateService C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
15:05:31.0355 0x1478 FoxitCloudUpdateService - ok
15:05:31.0402 0x1478 [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
15:05:31.0433 0x1478 FsDepends - ok
15:05:31.0449 0x1478 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:05:31.0464 0x1478 Fs_Rec - ok
15:05:31.0496 0x1478 [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
15:05:31.0511 0x1478 fvevol - ok
15:05:31.0527 0x1478 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
15:05:31.0543 0x1478 FxPPM - ok
15:05:31.0558 0x1478 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
15:05:31.0574 0x1478 gagp30kx - ok
15:05:31.0621 0x1478 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
15:05:31.0652 0x1478 gencounter - ok
15:05:31.0683 0x1478 [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
15:05:31.0699 0x1478 GPIOClx0101 - ok
15:05:31.0793 0x1478 [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
15:05:31.0871 0x1478 gpsvc - ok
15:05:31.0902 0x1478 [ 7F79205B4EFA98F0767309479C8C01C6, 4B576903A83F33A8CF31D3887144A3D51C56D1187115C83AC99C0E9F6B4BF128 ] Hamachi C:\WINDOWS\system32\DRIVERS\Hamdrv.sys
15:05:31.0933 0x1478 Hamachi - ok
15:05:32.0121 0x1478 [ C0EF69A59C13D9204D1D70434AA3D00C, 56BD4F7C74B2A36665677C32F30C4E1839DB9AAAC82FFA4A2622B4D261D865F2 ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
15:05:32.0183 0x1478 Hamachi2Svc - ok
15:05:32.0230 0x1478 [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
15:05:32.0340 0x1478 HDAudBus - ok
15:05:32.0355 0x1478 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
15:05:32.0386 0x1478 HidBatt - ok
15:05:32.0402 0x1478 [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
15:05:32.0433 0x1478 HidBth - ok
15:05:32.0449 0x1478 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
15:05:32.0449 0x1478 hidi2c - ok
15:05:32.0496 0x1478 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
15:05:32.0527 0x1478 HidIr - ok
15:05:32.0590 0x1478 [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\WINDOWS\system32\hidserv.dll
15:05:32.0668 0x1478 hidserv - ok
15:05:32.0730 0x1478 [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
15:05:32.0824 0x1478 HidUsb - ok
15:05:32.0871 0x1478 [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
15:05:32.0949 0x1478 hkmsvc - ok
15:05:32.0980 0x1478 [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
15:05:33.0058 0x1478 HomeGroupListener - ok
15:05:33.0137 0x1478 [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
15:05:33.0168 0x1478 HomeGroupProvider - ok
15:05:33.0199 0x1478 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
15:05:33.0215 0x1478 HpSAMD - ok
15:05:33.0246 0x1478 [ B8B1B284362E1D8135112573395D5DA5, 97BC6A7B2DCD7CC854B912A85BB2FCF199592E8E16A7C405EAF89B02D5DE4AEE ] htcnprot C:\WINDOWS\system32\DRIVERS\htcnprot.sys
15:05:33.0246 0x1478 htcnprot - ok
15:05:33.0277 0x1478 [ 7C7C986776D00E575BFBDE5DCBDC615D, 4CF12851A5A45917C3A9139B19D79434F2038611B617F83A714506CC7A1A6C61 ] HtcVCom32 C:\WINDOWS\system32\DRIVERS\HtcVComV64.sys
15:05:33.0324 0x1478 HtcVCom32 - ok
15:05:33.0371 0x1478 [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
15:05:33.0418 0x1478 HTTP - ok
15:05:33.0465 0x1478 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
15:05:33.0480 0x1478 hwpolicy - ok
15:05:33.0496 0x1478 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
15:05:33.0543 0x1478 hyperkbd - ok
15:05:33.0558 0x1478 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
15:05:33.0590 0x1478 HyperVideo - ok
15:05:33.0605 0x1478 [ D887446F3F6051C60C26F4FD1FC8D43F, A3235C64E9D5378E3409FA7CDD9DB0DD1B3CE6A6EB018F2C40558EB9C427A498 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
15:05:33.0699 0x1478 i8042prt - ok
15:05:33.0730 0x1478 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
15:05:33.0730 0x1478 iaLPSSi_GPIO - ok
15:05:33.0746 0x1478 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
15:05:33.0762 0x1478 iaLPSSi_I2C - ok
15:05:33.0793 0x1478 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
15:05:33.0824 0x1478 iaStorAV - ok
15:05:33.0855 0x1478 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
15:05:33.0871 0x1478 iaStorV - ok
15:05:33.0871 0x1478 IEEtwCollectorService - ok
15:05:33.0949 0x1478 [ 3DBDBD9581C015F02651D6A89801FAD5, 81B6D302C9CD29AD8319515056CFBCD0BD25619B2B166937ACD5F1416B568837 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
15:05:33.0996 0x1478 IKEEXT - ok
15:05:34.0012 0x1478 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
15:05:34.0027 0x1478 intelide - ok
15:05:34.0043 0x1478 [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
15:05:34.0043 0x1478 intelpep - ok
15:05:34.0074 0x1478 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
15:05:34.0090 0x1478 intelppm - ok
15:05:34.0152 0x1478 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:05:34.0277 0x1478 IpFilterDriver - ok
15:05:34.0371 0x1478 [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
15:05:34.0402 0x1478 iphlpsvc - ok
15:05:34.0418 0x1478 [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
15:05:34.0496 0x1478 IPMIDRV - ok
15:05:34.0527 0x1478 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
15:05:34.0590 0x1478 IPNAT - ok
15:05:34.0605 0x1478 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
15:05:34.0621 0x1478 IRENUM - ok
15:05:34.0668 0x1478 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
15:05:34.0699 0x1478 isapnp - ok
15:05:34.0715 0x1478 [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
15:05:34.0730 0x1478 iScsiPrt - ok
15:05:34.0762 0x1478 [ A1D4D34A56DF1D5122CDB265038A2E72, AE061BA1A65C98AF875FA18878B014B57E33594D4AC4C39B050AA532E2220F83 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
15:05:34.0777 0x1478 kbdclass - ok
15:05:34.0777 0x1478 [ 4A34D7084B862A92F3ABC4969166B3D3, 87B2635873DA4DD06D9E3B8E4313CBDBDC1488E4E340EC2101393EC65823771F ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
15:05:34.0793 0x1478 kbdhid - ok
15:05:34.0809 0x1478 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
15:05:34.0887 0x1478 kdnic - ok
15:05:34.0934 0x1478 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\WINDOWS\system32\lsass.exe
15:05:34.0965 0x1478 KeyIso - ok
15:05:34.0980 0x1478 [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
15:05:34.0980 0x1478 KSecDD - ok
15:05:35.0043 0x1478 [ 15C8C65CEA018C02EA0F648448C491C5, DF909704D22D891BE439B2E3D8386EA659444F91DC92AABFF9766446AEE5EBC0 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
15:05:35.0059 0x1478 KSecPkg - ok
15:05:35.0074 0x1478 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
15:05:35.0090 0x1478 ksthunk - ok
15:05:35.0152 0x1478 [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
15:05:35.0184 0x1478 KtmRm - ok
15:05:35.0215 0x1478 [ 50AECF8C21AB2A6428A6E1E10549D8E5, 6BC7C60CF5E8AFB9972619EE1C78357756E9C0A3EC783C3056CEB600DCBB1555 ] L1C C:\WINDOWS\system32\DRIVERS\L1C63x64.sys
15:05:35.0230 0x1478 L1C - ok
15:05:35.0277 0x1478 [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
15:05:35.0371 0x1478 LanmanServer - ok
15:05:35.0402 0x1478 [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
15:05:35.0434 0x1478 LanmanWorkstation - ok
15:05:35.0527 0x1478 [ 2B7479EB47731A8ACBA28AF4C4BDA32D, 67AEB98E7B41337FEFD92CC81BFAD25FBB679998B318C110A4873B1AD8927A97 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll
15:05:35.0605 0x1478 lfsvc - ok
15:05:35.0668 0x1478 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
15:05:35.0699 0x1478 lltdio - ok
15:05:35.0762 0x1478 [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
15:05:35.0809 0x1478 lltdsvc - ok
15:05:35.0856 0x1478 [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
15:05:35.0949 0x1478 lmhosts - ok
15:05:36.0012 0x1478 [ D6BF6FD055BD719F3D62E51B90857159, A7777D18E404164B4DA531AD94D2A712D9CC6A9288795B7388037752A558E96F ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
15:05:36.0028 0x1478 LMIGuardianSvc - ok
15:05:36.0074 0x1478 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
15:05:36.0090 0x1478 LSI_SAS - ok
15:05:36.0106 0x1478 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
15:05:36.0137 0x1478 LSI_SAS2 - ok
15:05:36.0153 0x1478 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys
15:05:36.0168 0x1478 LSI_SAS3 - ok
15:05:36.0184 0x1478 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
15:05:36.0184 0x1478 LSI_SSS - ok
15:05:36.0278 0x1478 [ 9B231CD3E52DF29EE50086FF676D3D6F, A47449CA6C88FE089A6953D05FA33A55A55E0306335A7A102A4CD75429FF0515 ] LSM C:\WINDOWS\System32\lsm.dll
15:05:36.0371 0x1478 LSM - ok
15:05:36.0403 0x1478 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
15:05:36.0481 0x1478 luafv - ok
15:05:36.0543 0x1478 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\WINDOWS\system32\drivers\megasas.sys
15:05:36.0559 0x1478 megasas - ok
15:05:36.0590 0x1478 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
15:05:36.0621 0x1478 megasr - ok
15:05:36.0668 0x1478 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\WINDOWS\system32\mmcss.dll
15:05:36.0699 0x1478 MMCSS - ok
15:05:36.0825 0x1478 [ 8C906888992D9199404FBAAA34BE9696, 0765DC5A1D10B066EF910DE0980976C33AE30E47CCDB7C5EF7EFCCD8153AD4D8 ] Mobizen plugin C:\Program Files (x86)\RSUPPORT\MobizenService\MobizenService.exe
15:05:36.0950 0x1478 Mobizen plugin - ok
15:05:37.0012 0x1478 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\WINDOWS\system32\drivers\modem.sys
15:05:37.0028 0x1478 Modem - ok
15:05:37.0043 0x1478 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
15:05:37.0122 0x1478 monitor - ok
15:05:37.0168 0x1478 [ 2A2F8D5284E59815169A88F1FC9CEE28, 58EFBCF3C849FD088CFB7FE287FC7D9DD7E03D4E6AA98F0497C09E4596E42538 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
15:05:37.0200 0x1478 mouclass - ok
15:05:37.0215 0x1478 [ 91223A2AE2955B3E0DA3DB79C3A897A6, 32B59CF1586C2300D60AF8A1D819515033ACC7F7A1F3523FC4AC7725E29B5A90 ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
15:05:37.0262 0x1478 mouhid - ok
15:05:37.0278 0x1478 [ D1D82F007A079A4D623DBD1F36EF30A1, 7901F81B62C5A4196D75A10C05386B16831CB290EFB9A1611CECF281068C520F ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
15:05:37.0293 0x1478 mountmgr - ok
15:05:37.0309 0x1478 [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
15:05:37.0325 0x1478 mpsdrv - ok
15:05:37.0418 0x1478 [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
15:05:37.0450 0x1478 MpsSvc - ok
15:05:37.0512 0x1478 [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
15:05:37.0559 0x1478 MRxDAV - ok
15:05:37.0590 0x1478 [ 31233271EDE50D1BBB220F78AFA60486, 2122FAB5BD353DF63CF0FE9CEDBD5DFD1F26F2DE04303E1B3FFB03AA02AECED9 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:05:37.0653 0x1478 mrxsmb - ok
15:05:37.0668 0x1478 [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
15:05:37.0731 0x1478 mrxsmb10 - ok
15:05:37.0747 0x1478 [ 6276AC2AA203CF47811F6EFBBD214FBF, AE55D87D863A626347B0074F4E962080F1989A94153DAF8475593249F616DA2F ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
15:05:37.0778 0x1478 mrxsmb20 - ok
15:05:37.0809 0x1478 [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
15:05:37.0856 0x1478 MsBridge - ok
15:05:37.0903 0x1478 [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\WINDOWS\System32\msdtc.exe
15:05:37.0934 0x1478 MSDTC - ok
15:05:37.0950 0x1478 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
15:05:37.0981 0x1478 Msfs - ok
15:05:37.0997 0x1478 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
15:05:37.0997 0x1478 msgpiowin32 - ok
15:05:38.0044 0x1478 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
15:05:38.0090 0x1478 mshidkmdf - ok
15:05:38.0106 0x1478 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
15:05:38.0122 0x1478 mshidumdf - ok
15:05:38.0153 0x1478 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
15:05:38.0153 0x1478 msisadrv - ok
15:05:38.0215 0x1478 [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
15:05:38.0247 0x1478 MSiSCSI - ok
15:05:38.0247 0x1478 msiserver - ok
15:05:38.0262 0x1478 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:05:38.0278 0x1478 MSKSSRV - ok
15:05:38.0294 0x1478 [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
15:05:38.0340 0x1478 MsLldp - ok
15:05:38.0387 0x1478 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:05:38.0419 0x1478 MSPCLOCK - ok
15:05:38.0434 0x1478 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
15:05:38.0450 0x1478 MSPQM - ok
15:05:38.0481 0x1478 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
15:05:38.0497 0x1478 MsRPC - ok
15:05:38.0528 0x1478 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
15:05:38.0528 0x1478 mssmbios - ok
15:05:38.0544 0x1478 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
15:05:38.0559 0x1478 MSTEE - ok
15:05:38.0590 0x1478 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
15:05:38.0606 0x1478 MTConfig - ok
15:05:38.0622 0x1478 [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\WINDOWS\system32\Drivers\mup.sys
15:05:38.0637 0x1478 Mup - ok
15:05:38.0653 0x1478 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
15:05:38.0669 0x1478 mvumis - ok
15:05:38.0762 0x1478 [ ECA62C7A8992BE744CB4E6C40AE7B72E, FAA2F98E6EBA210C988192B57A23A5F9CDD78666C9CCD0BAD6A4602438203FB7 ] NanoServiceMain C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
15:05:38.0778 0x1478 NanoServiceMain - ok
15:05:38.0934 0x1478 [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\WINDOWS\system32\qagentRT.dll
15:05:38.0997 0x1478 napagent - ok
15:05:39.0075 0x1478 [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
15:05:39.0153 0x1478 NativeWifiP - ok
15:05:39.0215 0x1478 [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
15:05:39.0309 0x1478 NcaSvc - ok
15:05:39.0325 0x1478 [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\WINDOWS\System32\ncbservice.dll
15:05:39.0356 0x1478 NcbService - ok
15:05:39.0387 0x1478 [ 9ACED0F5B458C9011F39143326494E93, 9DFFC7EE7DE6FD92545EC6A203213C498A01EEFB0BC55460D339BCE498E56A7F ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
15:05:39.0419 0x1478 NcdAutoSetup - ok
15:05:39.0497 0x1478 [ 21FE65E2E67C4E31EE95CBD1F91C4B24, 6558F2BC10E6B09F7EE5264722FCF572B861EDB60A1433B58A4F4625EC0ABF63 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
15:05:39.0559 0x1478 NDIS - ok
15:05:39.0622 0x1478 [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
15:05:39.0653 0x1478 NdisCap - ok
15:05:39.0669 0x1478 [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
15:05:39.0731 0x1478 NdisImPlatform - ok
15:05:39.0747 0x1478 [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:05:39.0778 0x1478 NdisTapi - ok
15:05:39.0794 0x1478 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:05:39.0888 0x1478 Ndisuio - ok
15:05:39.0904 0x1478 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
15:05:39.0951 0x1478 NdisVirtualBus - ok
15:05:39.0998 0x1478 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:05:40.0044 0x1478 NdisWan - ok
15:05:40.0044 0x1478 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:05:40.0060 0x1478 NdisWanLegacy - ok
15:05:40.0076 0x1478 [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
15:05:40.0091 0x1478 NDProxy - ok
15:05:40.0107 0x1478 [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
15:05:40.0185 0x1478 Ndu - ok
15:05:40.0201 0x1478 [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
15:05:40.0216 0x1478 NetBIOS - ok
15:05:40.0232 0x1478 [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
15:05:40.0310 0x1478 NetBT - ok
15:05:40.0326 0x1478 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\WINDOWS\system32\lsass.exe
15:05:40.0341 0x1478 Netlogon - ok
15:05:40.0404 0x1478 [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\WINDOWS\System32\netman.dll
15:05:40.0451 0x1478 Netman - ok
15:05:40.0529 0x1478 [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
15:05:40.0560 0x1478 netprofm - ok
15:05:40.0685 0x1478 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:05:40.0732 0x1478 NetTcpPortSharing - ok
15:05:40.0763 0x1478 [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\WINDOWS\System32\drivers\netvsc63.sys
15:05:40.0857 0x1478 netvsc - ok
15:05:40.0919 0x1478 [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
15:05:40.0966 0x1478 NlaSvc - ok
15:05:40.0998 0x1478 [ 49187521F6CD3719898F22D32BF6FE14, A248D75B3C8DE2C90C408B82FCBBE0D5623CAC9526A188EE9A4CE44C191BE308 ] NNSALPC C:\WINDOWS\system32\DRIVERS\NNSAlpc.sys
15:05:40.0998 0x1478 NNSALPC - ok
15:05:41.0029 0x1478 [ 944E0EB604FDC54C14FDEC74EB394BD2, 8CF7D61FE5E27504CAE75EE1F0FF9EC3D2161F48DD2FFC0823FC1B512CE463CD ] NNSHTTP C:\WINDOWS\system32\DRIVERS\NNSHttp.sys
15:05:41.0044 0x1478 NNSHTTP - ok
15:05:41.0044 0x1478 [ 66A53D468BD466DF2FC43E02655341AF, 1CA0DE465414B5E0F1774C79226FCBD984FCA91074E4195FA97244A2882E5F6F ] NNSHTTPS C:\WINDOWS\system32\DRIVERS\NNSHttps.sys
15:05:41.0060 0x1478 NNSHTTPS - ok
15:05:41.0060 0x1478 [ 58208570B63593A511BAA7C54040862F, 43DA12D2312C24F00C5D38BF85A774B8DD8E149AD0085017374D29BD8379189D ] NNSIDS C:\WINDOWS\system32\DRIVERS\NNSIds.sys
15:05:41.0076 0x1478 NNSIDS - ok
15:05:41.0091 0x1478 [ 85ACBE5BA9DB4F18352D73FACBF79B9B, 0CE8DD2F8A219A266B0DBD29317B78ED48729D79A4E8CA46235B842399259F87 ] NNSNAHSL C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys
15:05:41.0107 0x1478 NNSNAHSL - ok
15:05:41.0123 0x1478 [ 99697751DE64A3D7CA4306120D6CC87A, C623ADF8BFD6D278B1065B8CA999A336A52ED4BBBE261B7EC0C6D382C25F73B7 ] NNSPICC C:\WINDOWS\system32\DRIVERS\NNSPicc.sys
15:05:41.0123 0x1478 NNSPICC - ok
15:05:41.0138 0x1478 [ 7F640E0EA360A3F6EE86F74813FEFC24, 12D09A9229AF484F23FFC7DAFD4BC44EC421B13F694E98B57CD3015BD0CD8A60 ] NNSPIHSW C:\WINDOWS\system32\DRIVERS\NNSPihsw.sys
15:05:41.0138 0x1478 NNSPIHSW - ok
15:05:41.0154 0x1478 [ 163E56A6A4D85F8AD744C69C1C9E73BB, 36BAE9773D3608D246A033E1050492BE4B95DD3D4E983679B4C2208F83FE5772 ] NNSPOP3 C:\WINDOWS\system32\DRIVERS\NNSPop3.sys
15:05:41.0154 0x1478 NNSPOP3 - ok
15:05:41.0169 0x1478 [ 879B319D73A7D590978A7221FF718A7E, 8128000477720E37ADFC39B548342CEE794930416F874CC4B80F68D68C64CFEE ] NNSPROT C:\WINDOWS\system32\DRIVERS\NNSProt.sys
15:05:41.0201 0x1478 NNSPROT - ok
15:05:41.0216 0x1478 [ 71B34C94305109929814D5B272562279, D4F71523D5A716B94F0FBCD70FD8C53692129A463646992364CDFB9C22BD6BFE ] NNSPRV C:\WINDOWS\system32\DRIVERS\NNSPrv.sys
15:05:41.0232 0x1478 NNSPRV - ok
15:05:41.0232 0x1478 [ F7C11C9BFE13CCEE4C96760D437AD7AE, A66FD750B16DBF29757805B9168C4BBC1ED0E6C75A04A8F7BD8EDFB86084F575 ] NNSSMTP C:\WINDOWS\system32\DRIVERS\NNSSmtp.sys
15:05:41.0248 0x1478 NNSSMTP - ok
15:05:41.0248 0x1478 [ 73932C39B0117344CC9AEED5B8653F36, E135BD6D6D98D4B0FF540170403233155A3C0F4A08A694E33EAF8EF1E61627B9 ] NNSSTRM C:\WINDOWS\system32\DRIVERS\NNSStrm.sys
15:05:41.0263 0x1478 NNSSTRM - ok
15:05:41.0279 0x1478 [ D5F2661EB8D3027070EB630D3CA2DD86, 8999955CF5C16703BF2606DB4B8028F35429761E5FACE16E31C4FC9189FCAFBB ] NNSTLSC C:\WINDOWS\system32\DRIVERS\NNSTlsc.sys
15:05:41.0279 0x1478 NNSTLSC - ok
15:05:41.0294 0x1478 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
15:05:41.0326 0x1478 Npfs - ok
15:05:41.0341 0x1478 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
15:05:41.0404 0x1478 npsvctrig - ok
15:05:41.0451 0x1478 [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\WINDOWS\system32\nsisvc.dll
15:05:41.0513 0x1478 nsi - ok
15:05:41.0529 0x1478 [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
15:05:41.0560 0x1478 nsiproxy - ok
15:05:41.0685 0x1478 [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
15:05:41.0763 0x1478 Ntfs - ok
15:05:41.0779 0x1478 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\WINDOWS\system32\drivers\Null.sys
15:05:41.0795 0x1478 Null - ok
15:05:41.0810 0x1478 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
15:05:41.0826 0x1478 nvraid - ok
15:05:41.0841 0x1478 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
15:05:41.0857 0x1478 nvstor - ok
15:05:41.0873 0x1478 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
15:05:41.0888 0x1478 nv_agp - ok
15:05:41.0935 0x1478 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
15:05:41.0998 0x1478 p2pimsvc - ok
15:05:42.0013 0x1478 [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\WINDOWS\system32\p2psvc.dll
15:05:42.0107 0x1478 p2psvc - ok
15:05:42.0123 0x1478 [ 742FC7886B2F155317723F1D6B045F94, BCB0DC50A64423973694DD35A270C6C9F4BB5A0A0819ECA0287B8BB9458DB137 ] PandaAgent C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
15:05:42.0154 0x1478 PandaAgent - ok
15:05:42.0201 0x1478 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\WINDOWS\System32\drivers\parport.sys
15:05:42.0232 0x1478 Parport - ok
15:05:42.0248 0x1478 [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
15:05:42.0263 0x1478 partmgr - ok
15:05:42.0295 0x1478 [ 446462BBA744DA60379574926FD51EAB, 4A79E8EF28670333F4733FA0016508DC88E9BDC566B455DA5EDEDC514612180A ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
15:05:42.0310 0x1478 PassThru Service - detected UnsignedFile.Multi.Generic ( 1 )
15:05:44.0607 0x1478 Detect skipped due to KSN trusted
15:05:44.0607 0x1478 PassThru Service - ok
15:05:44.0685 0x1478 [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
15:05:44.0717 0x1478 PcaSvc - ok
15:05:44.0748 0x1478 [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\WINDOWS\system32\drivers\pci.sys
15:05:44.0764 0x1478 pci - ok
15:05:44.0779 0x1478 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
15:05:44.0795 0x1478 pciide - ok
15:05:44.0811 0x1478 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
15:05:44.0826 0x1478 pcmcia - ok
15:05:44.0842 0x1478 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
15:05:44.0857 0x1478 pcw - ok
15:05:44.0873 0x1478 [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
15:05:44.0873 0x1478 pdc - ok
15:05:44.0998 0x1478 [ F97DC1A5244469D367B1334D47118E34, A36B6C402F92BEBE14082296CBF5F69656ED87AB700789028799768FA1FE2A72 ] PDF Architect 2 C:\Program Files (x86)\PDF Architect 2\ws.exe
15:05:45.0061 0x1478 PDF Architect 2 - ok
15:05:45.0092 0x1478 [ E81F7D5371C95904D4105B06405D5EDA, A6A41793AC241801D37A95C25B2DA0C3CDDC804B4F2BD087ECBD30C562F3517B ] pdfforge CrashHandler C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe
15:05:45.0123 0x1478 pdfforge CrashHandler - ok
15:05:45.0186 0x1478 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
15:05:45.0295 0x1478 PEAUTH - ok
15:05:45.0404 0x1478 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
15:05:45.0498 0x1478 PerfHost - ok
15:05:45.0717 0x1478 [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\WINDOWS\system32\pla.dll
15:05:45.0858 0x1478 pla - ok
15:05:46.0029 0x1478 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
15:05:46.0061 0x1478 PlugPlay - ok
15:05:46.0076 0x1478 [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
15:05:46.0092 0x1478 PNRPAutoReg - ok
15:05:46.0108 0x1478 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
15:05:46.0139 0x1478 PNRPsvc - ok
15:05:46.0186 0x1478 [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
15:05:46.0233 0x1478 PolicyAgent - ok
15:05:46.0248 0x1478 [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\WINDOWS\system32\umpo.dll
15:05:46.0326 0x1478 Power - ok
15:05:46.0483 0x1478 [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
15:05:46.0623 0x1478 PrintNotify - ok
15:05:46.0717 0x1478 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\WINDOWS\System32\drivers\processr.sys
15:05:46.0764 0x1478 Processor - ok
15:05:46.0811 0x1478 [ 19424364D8C03B990C4281BE53963FD0, 958FC8436E6B754858E20BC48B0D4B269991E8CA94C15C2761BF04ED52591907 ] ProfSvc C:\WINDOWS\system32\profsvc.dll
15:05:46.0905 0x1478 ProfSvc - ok
15:05:46.0951 0x1478 [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
15:05:46.0983 0x1478 Psched - ok
15:05:47.0014 0x1478 [ 4E00E6C6785D8188BCCBB63CB4B88CC0, DE910AAC4C0B8F6B16006D5B4F0B30D94BA529663CB9114FC724336FEBE0D68F ] PSINAflt C:\WINDOWS\system32\DRIVERS\PSINAflt.sys
15:05:47.0030 0x1478 PSINAflt - ok
15:05:47.0030 0x1478 [ D0901BD14717A793D0CA4BCAA228CB67, 53DE21324F6A8B00CC9763DE8B974269186FCF20ACA07D1CAA3367DA1AFB36F6 ] PSINFile C:\WINDOWS\system32\DRIVERS\PSINFile.sys
15:05:47.0045 0x1478 PSINFile - ok
15:05:47.0061 0x1478 [ 2A91002F6DB29EF9977B7BE94BEE1FE4, 7A291C0855DAE4F7104B5AEB7B244DF4B70BF1E3E3E449160879A76E5C5229C7 ] PSINKNC C:\WINDOWS\system32\DRIVERS\psinknc.sys
15:05:47.0076 0x1478 PSINKNC - ok
15:05:47.0076 0x1478 [ B3CF35BA3A3371D7BE0F3B6AF5FE1259, F13322FE4FD9569C950979B669071850B908A3412CCC9EEEEF2E98D09042E37E ] PSINProc C:\WINDOWS\system32\DRIVERS\PSINProc.sys
15:05:47.0092 0x1478 PSINProc - ok
15:05:47.0108 0x1478 [ F89C294AE002707F1DD76A524A2317D6, 65A89E8E3B196505A1D6A2B69FE28756F58A4F0BADE523B956362CA363882DCE ] PSINProt C:\WINDOWS\system32\DRIVERS\PSINProt.sys
15:05:47.0108 0x1478 PSINProt - ok
15:05:47.0139 0x1478 [ 72EED3B04B93D700F12ECA7A458CC9E1, D2F241FA8010F56FCAD61C52D3330CD9F4F478F7697BB1825C60857C061D2577 ] PSINReg C:\WINDOWS\system32\DRIVERS\PSINReg.sys
15:05:47.0139 0x1478 PSINReg - ok
15:05:47.0201 0x1478 [ F29E7E36F8A8A7BAC112327E842FF0B5, 41045499589E59C6448F09D162286A3EF7EA7600F0FE98CB560FAC95187C7E9C ] PSKMAD C:\WINDOWS\system32\DRIVERS\PSKMAD.sys
15:05:47.0217 0x1478 PSKMAD - ok
15:05:47.0295 0x1478 [ D80B642CD9C3D771700F33862D69FC76, 5FA257E6517291B82CA42151FA8F6C9525D55F75E660787618A9E12804229B33 ] PSUAService C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
15:05:47.0311 0x1478 PSUAService - ok
15:05:47.0389 0x1478 [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\WINDOWS\system32\qwave.dll
15:05:47.0483 0x1478 QWAVE - ok
15:05:47.0530 0x1478 [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
15:05:47.0576 0x1478 QWAVEdrv - ok
15:05:47.0608 0x1478 [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:05:47.0655 0x1478 RasAcd - ok
15:05:47.0686 0x1478 [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\WINDOWS\System32\rasauto.dll
15:05:47.0717 0x1478 RasAuto - ok
15:05:47.0764 0x1478 [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan C:\WINDOWS\System32\rasmans.dll
15:05:47.0811 0x1478 RasMan - ok
15:05:47.0827 0x1478 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:05:47.0842 0x1478 RasPppoe - ok
15:05:47.0873 0x1478 [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:05:47.0952 0x1478 rdbss - ok
15:05:47.0983 0x1478 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
15:05:48.0045 0x1478 rdpbus - ok
15:05:48.0077 0x1478 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
15:05:48.0155 0x1478 RDPDR - ok
15:05:48.0217 0x1478 [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
15:05:48.0233 0x1478 RdpVideoMiniport - ok
15:05:48.0264 0x1478 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
15:05:48.0280 0x1478 rdyboost - ok
15:05:48.0342 0x1478 [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
15:05:48.0373 0x1478 ReFS - ok
15:05:48.0452 0x1478 [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
15:05:48.0467 0x1478 RemoteAccess - ok
15:05:48.0498 0x1478 [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
15:05:48.0577 0x1478 RemoteRegistry - ok
15:05:48.0623 0x1478 [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
15:05:48.0655 0x1478 RpcEptMapper - ok
15:05:48.0702 0x1478 [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\WINDOWS\system32\locator.exe
15:05:48.0780 0x1478 RpcLocator - ok
15:05:48.0827 0x1478 [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs C:\WINDOWS\system32\rpcss.dll
15:05:48.0873 0x1478 RpcSs - ok
15:05:48.0920 0x1478 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
15:05:48.0967 0x1478 rspndr - ok
15:05:48.0983 0x1478 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
15:05:48.0983 0x1478 s3cap - ok
15:05:49.0030 0x1478 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\WINDOWS\system32\lsass.exe
15:05:49.0061 0x1478 SamSs - ok
15:05:49.0092 0x1478 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
15:05:49.0108 0x1478 sbp2port - ok
15:05:49.0170 0x1478 [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
15:05:49.0202 0x1478 SCardSvr - ok
15:05:49.0217 0x1478 [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
15:05:49.0248 0x1478 ScDeviceEnum - ok
15:05:49.0295 0x1478 [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
15:05:49.0342 0x1478 scfilter - ok
15:05:49.0389 0x1478 [ A626F5E446860F22835E783142D7AE33, 3A786639E1FABCA512F4F91A10811DD3C4D9C9C9BB893362E4D019219D0BD8E2 ] Schedule C:\WINDOWS\system32\schedsvc.dll
15:05:49.0452 0x1478 Schedule - ok
15:05:49.0498 0x1478 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
15:05:49.0514 0x1478 SCPolicySvc - ok
15:05:49.0561 0x1478 [ 7B7C482CF48E6EE33664340D1A78E6FE, CE5077C4B0372F4F9F02B0B37AE58C0DAEFCA9D242065731A23F072506430575 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
15:05:49.0577 0x1478 sdbus - ok
15:05:49.0592 0x1478 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
15:05:49.0608 0x1478 sdstor - ok
15:05:49.0623 0x1478 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
15:05:49.0655 0x1478 secdrv - ok
15:05:49.0670 0x1478 [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon C:\WINDOWS\system32\seclogon.dll
15:05:49.0686 0x1478 seclogon - ok
15:05:49.0702 0x1478 [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\WINDOWS\System32\sens.dll
15:05:49.0733 0x1478 SENS - ok
15:05:49.0764 0x1478 [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
15:05:49.0844 0x1478 SensrSvc - ok
15:05:49.0844 0x1478 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
15:05:49.0860 0x1478 SerCx - ok
15:05:49.0907 0x1478 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
15:05:49.0938 0x1478 SerCx2 - ok
15:05:49.0985 0x1478 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
15:05:50.0001 0x1478 Serenum - ok
15:05:50.0016 0x1478 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\WINDOWS\System32\drivers\serial.sys
15:05:50.0032 0x1478 Serial - ok
15:05:50.0047 0x1478 [ 96B01F117057FB4DAE0FF919ACB55770, D0F58F1CAE4F81D60FCE60BB0065A34B4F897E8105DF17B6DAA334938CD25A56 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
15:05:50.0063 0x1478 sermouse - ok
15:05:50.0141 0x1478 [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv C:\WINDOWS\system32\sessenv.dll
15:05:50.0188 0x1478 SessionEnv - ok
15:05:50.0204 0x1478 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
15:05:50.0219 0x1478 sfloppy - ok
15:05:50.0297 0x1478 [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
15:05:50.0329 0x1478 SharedAccess - ok
15:05:50.0360 0x1478 [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
15:05:50.0438 0x1478 ShellHWDetection - ok
15:05:50.0501 0x1478 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
15:05:50.0516 0x1478 SiSRaid2 - ok
15:05:50.0532 0x1478 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
15:05:50.0547 0x1478 SiSRaid4 - ok
15:05:50.0579 0x1478 [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
15:05:50.0594 0x1478 SkypeUpdate - ok
15:05:50.0641 0x1478 [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\WINDOWS\System32\smphost.dll
15:05:50.0657 0x1478 smphost - ok
15:05:50.0704 0x1478 [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
15:05:50.0766 0x1478 SNMPTRAP - ok
15:05:50.0797 0x1478 [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
15:05:50.0829 0x1478 spaceport - ok
15:05:50.0844 0x1478 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
15:05:50.0860 0x1478 SpbCx - ok
15:05:50.0922 0x1478 [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan C:\WINDOWS\SysWOW64\speedfan.sys
15:05:50.0938 0x1478 speedfan - ok
15:05:51.0047 0x1478 [ 59F13AAE95D8E934AC5C02AD65212E92, B9A741609F4B5FB83F4324A0ADB84FFA71D8A3CE95619DB9789888724CC69285 ] SplashtopRemoteService C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
15:05:51.0079 0x1478 SplashtopRemoteService - ok
15:05:51.0219 0x1478 [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler C:\WINDOWS\System32\spoolsv.exe
15:05:51.0313 0x1478 Spooler - ok
15:05:51.0516 0x1478 [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\WINDOWS\system32\sppsvc.exe
15:05:51.0766 0x1478 sppsvc - ok
15:05:51.0876 0x1478 [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
15:05:51.0969 0x1478 srv - ok
15:05:52.0016 0x1478 [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
15:05:52.0063 0x1478 srv2 - ok
15:05:52.0079 0x1478 [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
15:05:52.0141 0x1478 srvnet - ok
15:05:52.0204 0x1478 [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
15:05:52.0251 0x1478 SSDPSRV - ok
15:05:52.0313 0x1478 [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
15:05:52.0376 0x1478 SstpSvc - ok
15:05:52.0423 0x1478 [ 504C33FE3B4E2AF11FE5875DDCA8EBEA, 7A3A5B5B23422A58F597DDE5FC0593EDE8EF31A7FB9CB77DB3A6AAFCCA369F3D ] SSUService C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
15:05:52.0438 0x1478 SSUService - ok
15:05:52.0516 0x1478 [ 97F839E8AEC48EE271509BF4BC764C24, 7B9B791E987ADC8991C128CD52CB253F295E41DF502BF8933DF388994E84560D ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
15:05:52.0548 0x1478 STacSV - detected UnsignedFile.Multi.Generic ( 1 )
15:05:54.0845 0x1478 Detect skipped due to KSN trusted
15:05:54.0845 0x1478 STacSV - ok
15:05:54.0939 0x1478 [ D31201BD8782752BD69DBE1E5DDF9AC5, 98B72690B4E6CC1B694C655DD31CB1FB56B76B62A32CFB748AF78F4C072D9740 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
15:05:54.0955 0x1478 Steam Client Service - ok
15:05:55.0002 0x1478 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
15:05:55.0033 0x1478 stexstor - ok
15:05:55.0064 0x1478 [ 7E89F65EB250463EE8665CFE19566FC3, 45849BAFA62E72A97103C5F02962D346D3F79DE9DB07297D1073FF355A506D9C ] STHDA C:\WINDOWS\system32\DRIVERS\stwrt64.sys
15:05:55.0111 0x1478 STHDA - ok
15:05:55.0174 0x1478 [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\WINDOWS\System32\wiaservc.dll
15:05:55.0267 0x1478 stisvc - ok
15:05:55.0299 0x1478 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
15:05:55.0314 0x1478 storahci - ok
15:05:55.0345 0x1478 [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
15:05:55.0361 0x1478 storflt - ok
15:05:55.0377 0x1478 [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
15:05:55.0392 0x1478 stornvme - ok
15:05:55.0439 0x1478 [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\WINDOWS\system32\storsvc.dll
15:05:55.0533 0x1478 StorSvc - ok
15:05:55.0549 0x1478 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
15:05:55.0564 0x1478 storvsc - ok
15:05:55.0611 0x1478 [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\WINDOWS\system32\svsvc.dll
15:05:55.0674 0x1478 svsvc - ok
15:05:55.0689 0x1478 [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\WINDOWS\System32\drivers\swenum.sys
15:05:55.0705 0x1478 swenum - ok
15:05:55.0736 0x1478 [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\WINDOWS\System32\swprv.dll
15:05:55.0799 0x1478 swprv - ok
15:05:55.0877 0x1478 [ 3114CB46C2853CA71525428CB0C7CB58, A9CC51506AABBC23BAB2B90E30AB13197A72268A3DE6D2F281C1C367ED7118AE ] SysMain C:\WINDOWS\system32\sysmain.dll
15:05:55.0955 0x1478 SysMain - ok
15:05:55.0986 0x1478 [ 23BECB70654B192A7E378DEE3DBD8D42, 7596174AE7508B62C40A429645198F6A420D0CD5B62A10AB78516113584E7EDB ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
15:05:56.0064 0x1478 SystemEventsBroker - ok
15:05:56.0127 0x1478 [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
15:05:56.0189 0x1478 TabletInputService - ok
15:05:56.0220 0x1478 [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
15:05:56.0299 0x1478 TapiSrv - ok
15:05:56.0439 0x1478 [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
15:05:56.0533 0x1478 Tcpip - ok
15:05:56.0658 0x1478 [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:05:56.0736 0x1478 TCPIP6 - ok
15:05:56.0783 0x1478 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
15:05:56.0846 0x1478 tcpipreg - ok
15:05:56.0877 0x1478 [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
15:05:56.0892 0x1478 tdx - ok
15:05:56.0924 0x1478 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
15:05:56.0939 0x1478 terminpt - ok
15:05:57.0049 0x1478 [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService C:\WINDOWS\System32\termsrv.dll
15:05:57.0080 0x1478 TermService - ok
15:05:57.0096 0x1478 [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\WINDOWS\system32\themeservice.dll
15:05:57.0111 0x1478 Themes - ok
15:05:57.0158 0x1478 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\WINDOWS\system32\mmcss.dll
15:05:57.0189 0x1478 THREADORDER - ok
15:05:57.0221 0x1478 [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
15:05:57.0299 0x1478 TimeBroker - ok
15:05:57.0361 0x1478 [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\WINDOWS\system32\drivers\tpm.sys
15:05:57.0377 0x1478 TPM - ok
15:05:57.0408 0x1478 [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\WINDOWS\System32\trkwks.dll
15:05:57.0424 0x1478 TrkWks - ok
15:05:57.0517 0x1478 [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
15:05:57.0580 0x1478 TrustedInstaller - ok
15:05:57.0580 0x1478 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
15:05:57.0674 0x1478 TsUsbFlt - ok
15:05:57.0689 0x1478 [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
15:05:57.0736 0x1478 TsUsbGD - ok
15:05:57.0767 0x1478 [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
15:05:57.0814 0x1478 tunnel - ok
15:05:57.0830 0x1478 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
15:05:57.0830 0x1478 uagp35 - ok
15:05:57.0846 0x1478 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
15:05:57.0861 0x1478 UASPStor - ok
15:05:57.0908 0x1478 [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
15:05:57.0924 0x1478 UCX01000 - ok
15:05:57.0955 0x1478 [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
15:05:57.0971 0x1478 udfs - ok
15:05:57.0986 0x1478 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
15:05:58.0002 0x1478 UEFI - ok
15:05:58.0033 0x1478 [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
15:05:58.0049 0x1478 UI0Detect - ok
15:05:58.0080 0x1478 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
15:05:58.0080 0x1478 uliagpkx - ok
15:05:58.0096 0x1478 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
15:05:58.0111 0x1478 umbus - ok
15:05:58.0111 0x1478 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
15:05:58.0127 0x1478 UmPass - ok
15:05:58.0189 0x1478 [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
15:05:58.0267 0x1478 UmRdpService - ok
15:05:58.0283 0x1478 [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\WINDOWS\System32\upnphost.dll
15:05:58.0314 0x1478 upnphost - ok
15:05:58.0346 0x1478 [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
15:05:58.0361 0x1478 usbccgp - ok
15:05:58.0377 0x1478 [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
15:05:58.0392 0x1478 usbcir - ok
15:05:58.0408 0x1478 [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
15:05:58.0408 0x1478 usbehci - ok
15:05:58.0424 0x1478 [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
15:05:58.0455 0x1478 usbhub - ok
15:05:58.0471 0x1478 [ FAA564A13576F9284546BF016D27B551, 1D2CD13DC0B02DD40657EE4F93F4A13C78D2F2EF91685E563D78E217C96DF544 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
15:05:58.0502 0x1478 USBHUB3 - ok
15:05:58.0517 0x1478 [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
15:05:58.0674 0x1478 usbohci - ok
15:05:58.0705 0x1478 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
15:05:58.0783 0x1478 usbprint - ok
15:05:58.0814 0x1478 [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:05:58.0846 0x1478 usbscan - ok
15:05:58.0877 0x1478 [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
15:05:58.0892 0x1478 USBSTOR - ok
15:05:58.0939 0x1478 [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
15:05:58.0939 0x1478 usbuhci - ok
15:05:58.0955 0x1478 [ 1A20F03700D2B2ED775E38D751EF2F63, 76F8BE9F412D4397437E60A7E6231C80EA9B4F5436C9A8FAB967C78604994AE9 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
15:05:58.0971 0x1478 USBXHCI - ok
15:05:59.0017 0x1478 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\WINDOWS\system32\lsass.exe
15:05:59.0049 0x1478 VaultSvc - ok
15:05:59.0064 0x1478 [ 87D4E923785CDFA655B53A78DD99BD2B, CCE460ED6C1292284B22B675CEDBB86CC3D329B15B1B9F77EA80AC7EDB774B65 ] VBoxNetAdp C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys
15:05:59.0080 0x1478 VBoxNetAdp - ok
15:05:59.0080 0x1478 VBoxNetFlt - ok
15:05:59.0127 0x1478 [ 3C8E2C591345F38149C69FE8E5DF8C90, 9F4BB9BDA09CB2E99A6A888B288F322AE5C460B5D124CD714C6F00FF5029144B ] VClone C:\WINDOWS\System32\drivers\VClone.sys
15:05:59.0189 0x1478 VClone - ok
15:05:59.0205 0x1478 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
15:05:59.0221 0x1478 vdrvroot - ok
15:05:59.0283 0x1478 [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\WINDOWS\System32\vds.exe
15:05:59.0346 0x1478 vds - ok
15:05:59.0377 0x1478 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
15:05:59.0392 0x1478 VerifierExt - ok
15:05:59.0471 0x1478 [ C06E8481E068F170A258441639AC5792, 2F550530BACB511A195D5047F003B01CB6E04FA9A0DCCF638CB3D51FF5467DC7 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
15:05:59.0486 0x1478 vhdmp - ok
15:05:59.0517 0x1478 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
15:05:59.0517 0x1478 viaide - ok
15:05:59.0533 0x1478 [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
15:05:59.0549 0x1478 vmbus - ok
15:05:59.0564 0x1478 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
15:05:59.0580 0x1478 VMBusHID - ok
15:05:59.0642 0x1478 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
15:05:59.0674 0x1478 vmicguestinterface - ok
15:05:59.0689 0x1478 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
15:05:59.0705 0x1478 vmicheartbeat - ok
15:05:59.0721 0x1478 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
15:05:59.0736 0x1478 vmickvpexchange - ok
15:05:59.0752 0x1478 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
15:05:59.0783 0x1478 vmicrdv - ok
15:05:59.0799 0x1478 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
15:05:59.0819 0x1478 vmicshutdown - ok
15:05:59.0834 0x1478 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
15:05:59.0850 0x1478 vmictimesync - ok
15:05:59.0865 0x1478 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
15:05:59.0881 0x1478 vmicvss - ok
15:05:59.0912 0x1478 [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
15:05:59.0912 0x1478 volmgr - ok
15:05:59.0928 0x1478 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
15:05:59.0959 0x1478 volmgrx - ok
15:05:59.0975 0x1478 [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
15:05:59.0990 0x1478 volsnap - ok
15:06:00.0037 0x1478 [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
15:06:00.0069 0x1478 vpci - ok
15:06:00.0084 0x1478 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
15:06:00.0100 0x1478 vsmraid - ok
15:06:00.0194 0x1478 [ 94FAFD473CDD80CE19A21FB9503D7ED1, 953E5E8C753C0017E1258695A76F60CC05D283F7476B9D9C5C8AC78B8E3FCE18 ] VSS C:\WINDOWS\system32\vssvc.exe
15:06:00.0272 0x1478 VSS - ok
15:06:00.0287 0x1478 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
15:06:00.0303 0x1478 VSTXRAID - ok
15:06:00.0334 0x1478 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
15:06:00.0459 0x1478 vwifibus - ok
15:06:00.0537 0x1478 [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\WINDOWS\system32\w32time.dll
15:06:00.0584 0x1478 W32Time - ok
15:06:00.0600 0x1478 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
15:06:00.0615 0x1478 WacomPen - ok
15:06:00.0694 0x1478 [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine C:\WINDOWS\system32\wbengine.exe
15:06:00.0819 0x1478 wbengine - ok
15:06:00.0897 0x1478 [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
15:06:00.0990 0x1478 WbioSrvc - ok
15:06:01.0006 0x1478 [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
15:06:01.0053 0x1478 Wcmsvc - ok
15:06:01.0069 0x1478 [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
15:06:01.0100 0x1478 wcncsvc - ok
15:06:01.0115 0x1478 [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
15:06:01.0178 0x1478 WcsPlugInService - ok
15:06:01.0225 0x1478 [ 0359607177E5E9F6041136CC0A5CB0B6, 16687BE2639648CF46E8768BA1798030472C525612C629BF134D053240E2195B ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
15:06:01.0240 0x1478 WdBoot - ok
15:06:01.0319 0x1478 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
15:06:01.0350 0x1478 Wdf01000 - ok
15:06:01.0381 0x1478 [ DE8D12B4C3F55FA2C5E9774314F6C58A, C3E835DC066A94E1431BCDC90D7EA27AAC6F82826F4A5527B37D865241D7A366 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
15:06:01.0397 0x1478 WdFilter - ok
15:06:01.0412 0x1478 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
15:06:01.0444 0x1478 WdiServiceHost - ok
15:06:01.0444 0x1478 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
15:06:01.0459 0x1478 WdiSystemHost - ok
15:06:01.0475 0x1478 [ 4AD874CDC812EC156265E451B6B09DAB, 6E3E05B8301841425E9BB0D54B35EF386B78EEB307B5A6153FD1F366D30F23FA ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
15:06:01.0490 0x1478 WdNisDrv - ok
15:06:01.0522 0x1478 WdNisSvc - ok
15:06:01.0553 0x1478 [ 185E4111627F7AA6799E1366B5E91D65, 7A02C816DFBCCF47EDB49E5E2005A3D0B80719FAC94F9298D2DBAC63950EDA05 ] WebClient C:\WINDOWS\System32\webclnt.dll
15:06:01.0662 0x1478 WebClient - ok
15:06:01.0678 0x1478 [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
15:06:01.0725 0x1478 Wecsvc - ok
15:06:01.0740 0x1478 [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
15:06:01.0772 0x1478 WEPHOSTSVC - ok
15:06:01.0787 0x1478 [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
15:06:01.0850 0x1478 wercplsupport - ok
15:06:01.0881 0x1478 [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\WINDOWS\System32\WerSvc.dll
15:06:01.0897 0x1478 WerSvc - ok
15:06:01.0944 0x1478 [ BAB713B409258DB7B5D9F9693F802B0E, C0D0391EC4FDC07E0A07F4EEB2DC9CC5B2BE5D2E292E7D01929E8D39D6F73EA5 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
15:06:01.0959 0x1478 WFPLWFS - ok
15:06:01.0975 0x1478 [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
15:06:01.0991 0x1478 WiaRpc - ok
15:06:02.0037 0x1478 [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
15:06:02.0053 0x1478 WIMMount - ok
15:06:02.0053 0x1478 WinDefend - ok
15:06:02.0116 0x1478 [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
15:06:02.0162 0x1478 WinHttpAutoProxySvc - ok
15:06:02.0225 0x1478 [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
15:06:02.0303 0x1478 Winmgmt - ok
15:06:02.0428 0x1478 [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
15:06:02.0506 0x1478 WinRM - ok
15:06:02.0584 0x1478 [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS
15:06:02.0600 0x1478 WINUSB - ok
15:06:02.0678 0x1478 [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
15:06:02.0756 0x1478 WlanSvc - ok
15:06:02.0819 0x1478 [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
15:06:02.0897 0x1478 wlidsvc - ok
15:06:02.0944 0x1478 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
15:06:02.0944 0x1478 WmiAcpi - ok
15:06:03.0006 0x1478 [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
15:06:03.0022 0x1478 wmiApSrv - ok
15:06:03.0084 0x1478 WMPNetworkSvc - ok
15:06:03.0116 0x1478 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\WINDOWS\system32\drivers\Wof.sys
15:06:03.0131 0x1478 Wof - ok
15:06:03.0225 0x1478 [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
15:06:03.0381 0x1478 workfolderssvc - ok
15:06:03.0444 0x1478 [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
15:06:03.0459 0x1478 wpcfltr - ok
15:06:03.0491 0x1478 [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
15:06:03.0522 0x1478 WPCSvc - ok
15:06:03.0522 0x1478 [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
15:06:03.0569 0x1478 WPDBusEnum - ok
15:06:03.0584 0x1478 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
15:06:03.0600 0x1478 WpdUpFltr - ok
15:06:03.0600 0x1478 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
15:06:03.0631 0x1478 ws2ifsl - ok
15:06:03.0647 0x1478 [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
15:06:03.0694 0x1478 wscsvc - ok
15:06:03.0694 0x1478 WSearch - ok
15:06:03.0819 0x1478 [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\WINDOWS\System32\WSService.dll
15:06:03.0975 0x1478 WSService - ok
15:06:04.0116 0x1478 [ 1B24547C96E1C656ED9A8E6B6F6FA03B, A15D1180D8A9011F0D5A2C8D801D34974D5AEA367FFFB96BD335448B17A2C142 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
15:06:04.0272 0x1478 wuauserv - ok
15:06:04.0334 0x1478 [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
15:06:04.0397 0x1478 WudfPf - ok
15:06:04.0428 0x1478 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
15:06:04.0459 0x1478 WUDFRd - ok
15:06:04.0475 0x1478 [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
15:06:04.0491 0x1478 wudfsvc - ok
15:06:04.0506 0x1478 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
15:06:04.0522 0x1478 WUDFWpdFs - ok
15:06:04.0522 0x1478 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
15:06:04.0538 0x1478 WUDFWpdMtp - ok
15:06:04.0569 0x1478 [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
15:06:04.0584 0x1478 WwanSvc - ok
15:06:04.0600 0x1478 ================ Scan global ===============================
15:06:04.0678 0x1478 [ 243F54DBA6EB48A369CA465E263ABA4A, 9D9F9DE783D000F3EA130EB68FD71319F21E4F1CD4232FB8B2F8A9A67E08F5F4 ] C:\WINDOWS\system32\basesrv.dll
15:06:04.0741 0x1478 [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll
15:06:04.0788 0x1478 [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll
15:06:04.0803 0x1478 [ 5BF02EBEFEDC706318C96E2E60EDCB91, DC866C5BC3A887CAAA7169AB9BB2992F6F877B3EA04B62B4F95B6BD54943155F ] C:\WINDOWS\system32\services.exe
15:06:04.0819 0x1478 [ Global ] - ok
15:06:04.0819 0x1478 ================ Scan MBR ==================================
15:06:04.0835 0x1478 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
15:06:04.0928 0x1478 \Device\Harddisk0\DR0 - ok
15:06:04.0960 0x1478 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
15:06:05.0163 0x1478 \Device\Harddisk1\DR1 - ok
15:06:05.0163 0x1478 ================ Scan VBR ==================================
15:06:05.0194 0x1478 [ 12A32DC54A5932C51FF38D50FDB83E1F ] \Device\Harddisk0\DR0\Partition1
15:06:05.0210 0x1478 \Device\Harddisk0\DR0\Partition1 - ok
15:06:05.0225 0x1478 [ 8195AC7F02DD2DE8BE9CF0DC92AE3B5A ] \Device\Harddisk0\DR0\Partition2
15:06:05.0225 0x1478 \Device\Harddisk0\DR0\Partition2 - ok
15:06:05.0241 0x1478 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
15:06:05.0241 0x1478 \Device\Harddisk0\DR0\Partition3 - ok
15:06:05.0241 0x1478 [ 42F2DAE7D846B6499F6923A18C513D19 ] \Device\Harddisk0\DR0\Partition4
15:06:05.0241 0x1478 \Device\Harddisk0\DR0\Partition4 - ok
15:06:05.0272 0x1478 [ 662ED4DBD6B4488DE1B6A2150295D68F ] \Device\Harddisk0\DR0\Partition5
15:06:05.0272 0x1478 \Device\Harddisk0\DR0\Partition5 - ok
15:06:05.0288 0x1478 [ 145B68D0E2C824FD3B6B29D4B4E21862 ] \Device\Harddisk0\DR0\Partition6
15:06:05.0288 0x1478 \Device\Harddisk0\DR0\Partition6 - ok
15:06:05.0303 0x1478 [ 54F60A1FEBB5E1736072A3AE2C5B1627 ] \Device\Harddisk0\DR0\Partition7
15:06:05.0303 0x1478 \Device\Harddisk0\DR0\Partition7 - ok
15:06:05.0319 0x1478 [ 636A9AA53C3110CC4616B76975580953 ] \Device\Harddisk0\DR0\Partition8
15:06:05.0319 0x1478 \Device\Harddisk0\DR0\Partition8 - ok
15:06:05.0319 0x1478 ================ Scan generic autorun ======================
15:06:05.0381 0x1478 [ 49BD5663071AA799AC0B1E6B48EB9257, 39364B7E08C87545B4E48264509D73800FE5B0A76E34E0B169DA489895820B22 ] C:\Program Files\IDT\WDM\beats64.exe
15:06:05.0397 0x1478 BeatsOSDApp - detected UnsignedFile.Multi.Generic ( 1 )
15:06:07.0710 0x1478 Detect skipped due to KSN trusted
15:06:07.0710 0x1478 BeatsOSDApp - ok
15:06:07.0788 0x1478 [ 94BFCE236D6340011721470E394056E3, 42A7808F6C53C268354E9E47F0689FE2B4717F61E97CBAA0ABF33E0275B908EF ] C:\Program Files\IDT\WDM\sttray64.exe
15:06:07.0835 0x1478 SysTrayApp - detected UnsignedFile.Multi.Generic ( 1 )
15:06:10.0148 0x1478 Detect skipped due to KSN trusted
15:06:10.0148 0x1478 SysTrayApp - ok
15:06:10.0242 0x1478 [ 73F1B07CF82235B25BCC3E9A7522ACCB, 47221B8DFF5A44050AFB0AB5A249FEECE36BE2E000D6529E099128EEDFA647DA ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
15:06:10.0273 0x1478 StartCCC - ok
15:06:10.0367 0x1478 [ 308F2EE28005510DE616409148CF077B, A2126CB185B0053086BDD6F0A16A503F6CA629AC677E4B7AE6D43C770061D087 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
15:06:10.0398 0x1478 SunJavaUpdateSched - ok
15:06:10.0476 0x1478 [ 3BD79A1F6D2EA0FDDEA3F8914B2A6A0C, 332E6806EFF846A2E6D0DC04A70D3503855DABFA83E6EC27F37E2D9103E80E51 ] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
15:06:10.0492 0x1478 VirtualCloneDrive - ok
15:06:10.0539 0x1478 [ BD2EB5BA405C9FC6487D70243540103A, 6B72A0E226CDB198AC4755C788AC87367362BFA7E1C61EA1946885B872FDBD16 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
15:06:10.0554 0x1478 PSUAMain - ok
15:06:10.0789 0x1478 [ E5255D63DD01AA9F1CC4355FE366E2D3, 2E28C14DC1FEAE10626D37FF4C1DAE27F3801A40EA973E02E42B48185CBBC89B ] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
15:06:10.0899 0x1478 LogMeIn Hamachi Ui - ok
15:06:11.0071 0x1478 [ 08DFA176E4FC0E63ACD8EC854449D2B0, B8CA204C3F318CD9D12F61CDDA5C66184A48D6206F019AD11DB2605FDBEB288D ] C:\Users\HPPC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
15:06:11.0118 0x1478 Spotify Web Helper - ok
15:06:11.0165 0x1478 [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\HPPC\AppData\Local\Dropbox\Update\DropboxUpdate.exe
15:06:11.0181 0x1478 Dropbox Update - ok
15:06:11.0181 0x1478 Waiting for KSN requests completion. In queue: 7
15:06:12.0196 0x1478 Waiting for KSN requests completion. In queue: 7
15:06:13.0212 0x1478 Waiting for KSN requests completion. In queue: 7
15:06:13.0477 0x1318 Object required for P2P: [ E5255D63DD01AA9F1CC4355FE366E2D3 ] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
15:06:14.0212 0x1478 Waiting for KSN requests completion. In queue: 3
15:06:15.0228 0x1478 Waiting for KSN requests completion. In queue: 3
15:06:15.0931 0x1318 Object send P2P result: true
15:06:16.0244 0x1478 AV detected via SS2: Panda Free Antivirus, C:\Program Files (x86)\Panda Security\Panda Security Protection\PAV3WSC.exe ( 6.0.0.0 ), 0x71000 ( enabled : updated )
15:06:16.0244 0x1478 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.6.305.0 ), 0x60100 ( disabled : updated )
15:06:16.0244 0x1478 FW detected via SS2: Panda Firewall, C:\Program Files (x86)\Panda Security\Panda Security Protection\PAV3WSC.exe ( 6.0.0.0 ), 0x72010 ( disabled )
15:06:16.0275 0x1478 Win FW state via NFP2: disabled ( trusted )
15:06:18.0635 0x1478 ============================================================
15:06:18.0635 0x1478 Scan finished
15:06:18.0635 0x1478 ============================================================
15:06:18.0650 0x0594 Detected object count: 0
15:06:18.0650 0x0594 Actual detected object count: 0
15:06:36.0325 0x0bbc Deinitialize success
|
|
22.11.2015, 07:43
| #4 |
| /// the machine /// TB-Ausbilder | Probleme nach Cyberfox Update Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
22.11.2015, 13:09
| #5 |
| | Probleme nach Cyberfox Update Malwarebytes Anti-Malware Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 22.11.2015 Suchlaufzeit: 12:32 Protokolldatei: mam.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2015.11.22.02 Rootkit-Datenbank: v2015.11.14.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: HPPC Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 355435 Abgelaufene Zeit: 12 Min., 55 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 1 PUP.Optional.Yontoo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Update ace race, In Quarantäne, [df2b8af74e3d5cdaf26427c0b94a659b], Registrierungswerte: 1 PUP.Optional.Vosteran, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|AppPath, C:\Program Files (x86)\WSE_Vosteran\\, In Quarantäne, [1cee3e43b9d2e056a39468f25fa4e020] Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v5.021 - Bericht erstellt am 22/11/2015 um 12:56:11
# Aktualisiert am 14/11/2015 von Xplode
# Datenbank : 2015-11-19.4 [Server]
# Betriebssystem : Windows 8.1 (x64)
# Benutzername : HPPC - HP
# Gestartet von : C:\Users\HPPC\Desktop\AdwCleaner_5.021.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
[-] Datei Gelöscht : C:\Users\HPPC\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\rz80wx15.default\foxydeal.sqlite
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Internetbrowser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [903 Bytes] ##########
Junkware Removal Tool Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.0 (11.12.2015)
Operating System: Windows 8.1 x64
Ran by HPPC (Administrator) on 22.11.2015 at 12:59:34,74
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 2
Successfully deleted: C:\Users\HPPC\AppData\Roaming\speedrunnerslog.txt (File)
Successfully deleted: C:\WINDOWS\system32\REN2167.tmp (File)
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22.11.2015 at 13:01:41,55
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:20-11-2015
durchgeführt von HPPC (Administrator) auf HP (22-11-2015 13:05:20)
Gestartet von C:\Users\HPPC\Desktop
Geladene Profile: HPPC (Verfügbare Profile: HPPC)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
( Rsupport Corporation) C:\Program Files (x86)\RSUPPORT\MobizenService\MobizenService.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(8pecxstudios) C:\Program Files\Cyberfox\Cyberfox.exe
() C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_1.8.0.19_x86__h6adky7gbf63m\W8.1EntryPoint.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2012-08-10] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-08-10] (IDT, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [40184 2015-02-17] (Panda Security, S.L.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-11-12] (LogMeIn Inc.)
HKLM\...\Winlogon: [Userinit] C:\WINDOWS\SysWOW64\userinit.exe,
HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\Run: [Spotify Web Helper] => C:\Users\HPPC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-12] (Spotify Ltd)
HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\Run: [Dropbox Update] => C:\Users\HPPC\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-19] (Dropbox, Inc.)
HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\MountPoints2: {d4a071f6-483f-11e5-bf85-78e3b5b56ba1} - "G:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\MountPoints2: {d4a072b9-483f-11e5-bf85-78e3b5b56ba1} - "G:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\MountPoints2: {f3de35ef-23c5-11e4-be72-78e3b5b56ba1} - "H:\wubi.exe"
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\..\Interfaces\{687EFE86-7C48-4DD7-9764-BFDE83F885DD}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{93B37C6C-F077-40E8-BA0B-A8E67EA05545}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-08-14] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-08-14] (Oracle Corporation)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll [2014-08-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2015-07-19] (Unity Technologies ApS)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll [2014-08-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-08-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-08-14] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-06-26] (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-3776727103-4227896957-2343858286-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\HPPC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-09-05] (Unity Technologies ApS)
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244392 2015-06-02] (Foxit Software Inc.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-11-12] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 Mobizen plugin; C:\Program Files (x86)\RSUPPORT\MobizenService\MobizenService.exe [3353360 2015-08-14] ( Rsupport Corporation)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142584 2015-02-17] (Panda Security, S.L.)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [66808 2014-10-09] (Panda Security, S.L.)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [Datei ist nicht signiert]
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-06-26] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-06-26] (pdfforge GmbH)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-02-17] (Panda Security, S.L.)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [321536 2012-08-10] (IDT, Inc.) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-03] (Advanced Micro Devices)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.)
S3 HtcVCom32; C:\Windows\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [93968 2015-02-09] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [202000 2015-02-09] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [110864 2015-02-09] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [116496 2015-02-09] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [49936 2014-12-31] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [99600 2015-02-09] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [69904 2015-02-09] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [124176 2015-02-09] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [299792 2015-02-09] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [166160 2015-02-09] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [113424 2015-02-09] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [257296 2015-02-09] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [106256 2015-02-09] (Panda Security, S.L.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [163088 2015-02-11] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [121616 2015-02-11] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [197392 2015-02-10] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [124176 2015-02-11] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [133904 2015-02-11] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [107792 2015-02-11] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [61712 2015-01-29] (Panda Security, S.L.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [35320 2014-09-22] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [258368 2014-09-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-11-22 13:05 - 2015-11-22 13:05 - 00015078 _____ C:\Users\HPPC\Desktop\FRST.txt
2015-11-22 13:03 - 2015-11-22 13:03 - 02345984 _____ (Farbar) C:\Users\HPPC\Desktop\FRST64.exe
2015-11-22 12:46 - 2015-11-22 12:56 - 00000738 _____ C:\WINDOWS\PFRO.log
2015-11-22 12:31 - 2015-11-22 12:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-11-22 12:31 - 2015-11-22 12:31 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-11-22 12:31 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-11-22 12:31 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-11-21 22:20 - 2014-07-29 02:16 - 43985758 _____ C:\Users\HPPC\Desktop\Plains of Eternity.psd
2015-11-20 17:18 - 2015-11-20 17:19 - 00000000 ____D C:\Users\HPPC\AppData\Local\SM3DL
2015-11-19 21:57 - 2015-01-29 18:21 - 00061712 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
2015-11-17 22:00 - 2015-11-17 22:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-11-17 22:00 - 2015-11-17 22:00 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2015-11-16 16:27 - 2015-11-16 16:27 - 00000000 __SHD C:\WINDOWS\SysWOW64\AI_RecycleBin
2015-11-16 16:12 - 2015-11-16 16:12 - 00000000 ____D C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cyberfox
2015-11-15 00:30 - 2015-11-18 20:36 - 00000000 ____D C:\Users\HPPC\Desktop\Base
2015-11-14 15:48 - 2015-11-14 15:48 - 00000085 ___SH C:\ProgramData\.zreglib
2015-11-14 15:48 - 2015-11-14 15:48 - 00000000 ____D C:\ProgramData\Elaborate Bytes
2015-11-13 12:42 - 2015-11-13 12:42 - 00000000 ____D C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-11-12 11:47 - 2015-11-12 11:47 - 00045680 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys
2015-11-03 12:22 - 2015-11-18 01:12 - 00000000 ____D C:\Users\HPPC\Desktop\Convert
2015-11-02 16:18 - 2015-11-06 09:06 - 00000000 ____D C:\Users\HPPC\Downloads\PS3
2015-10-30 15:13 - 2015-11-16 17:43 - 00000238 _____ C:\Users\HPPC\Desktop\Neues Textdokument.txt
2015-10-27 10:21 - 2015-10-27 10:21 - 00000000 ____D C:\Users\HPPC\AppData\Roaming\fltk.org
2015-10-27 10:21 - 2015-10-27 10:21 - 00000000 ____D C:\ProgramData\fltk.org
2015-10-23 22:33 - 2015-10-23 22:33 - 00000000 ____D C:\Users\HPPC\Documents\Games
2015-10-23 22:33 - 2015-10-23 22:33 - 00000000 ____D C:\Users\HPPC\AppData\Local\KADOKAWA
2015-10-23 22:30 - 2015-10-23 22:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RPG Maker MV
2015-10-23 22:29 - 2015-10-23 22:29 - 00000000 ____D C:\Program Files (x86)\KADOKAWA
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-11-22 13:05 - 2015-02-24 16:20 - 00000000 ____D C:\FRST
2015-11-22 13:02 - 2014-08-09 14:11 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3776727103-4227896957-2343858286-1001
2015-11-22 13:00 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-22 12:57 - 2015-10-15 20:57 - 00006470 _____ C:\WINDOWS\setupact.log
2015-11-22 12:57 - 2015-02-22 15:37 - 00000000 ___RD C:\Users\HPPC\OneDrive
2015-11-22 12:57 - 2014-08-25 20:37 - 00000000 ____D C:\Users\HPPC\AppData\Local\LogMeIn Hamachi
2015-11-22 12:57 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-22 12:56 - 2015-02-25 22:13 - 00000000 ____D C:\AdwCleaner
2015-11-22 12:56 - 2015-02-22 15:34 - 00000008 __RSH C:\ProgramData\ntuser.pol
2015-11-22 12:52 - 2014-08-14 20:21 - 00000000 ___RD C:\Users\HPPC\Desktop\Programme
2015-11-22 12:48 - 2015-02-24 22:03 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-11-22 12:46 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Registration
2015-11-22 12:45 - 2013-08-22 14:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-11-22 12:41 - 2015-06-19 14:31 - 00001226 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3776727103-4227896957-2343858286-1001UA.job
2015-11-22 12:31 - 2015-02-24 22:03 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-22 09:37 - 2015-08-27 19:29 - 01175125 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-22 01:54 - 2015-02-22 15:08 - 00000000 ____D C:\Users\HPPC
2015-11-22 01:41 - 2015-06-19 14:31 - 00001174 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3776727103-4227896957-2343858286-1001Core.job
2015-11-22 01:37 - 2014-08-17 14:42 - 00000000 ____D C:\Users\HPPC\AppData\Roaming\vlc
2015-11-22 00:34 - 2014-08-16 11:52 - 00000000 __RHD C:\Users\HPPC\Dropbox
2015-11-21 22:25 - 2014-08-26 13:14 - 109897728 ___SH C:\Users\HPPC\Desktop\Thumbs.db
2015-11-21 22:19 - 2014-08-16 11:49 - 00000000 ____D C:\Users\HPPC\AppData\Roaming\Dropbox
2015-11-21 17:10 - 2014-11-21 04:35 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-21 17:10 - 2014-11-21 03:45 - 00764340 _____ C:\WINDOWS\system32\perfh007.dat
2015-11-21 17:10 - 2014-11-21 03:45 - 00159160 _____ C:\WINDOWS\system32\perfc007.dat
2015-11-21 15:01 - 2015-02-24 22:03 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-11-21 13:03 - 2014-08-16 21:07 - 00000000 ____D C:\Users\HPPC\Documents\Camtasia Studio
2015-11-21 12:56 - 2014-08-27 14:56 - 00004608 _____ C:\Users\HPPC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-11-21 11:29 - 2015-07-21 21:31 - 00000000 ___RD C:\Users\HPPC\Desktop\Pandora's Box
2015-11-21 00:20 - 2014-08-14 19:40 - 00000000 ____D C:\Users\HPPC\AppData\Roaming\Skype
2015-11-20 23:03 - 2015-08-30 08:16 - 00000000 ____D C:\Users\HPPC\Desktop\Neu
2015-11-20 22:39 - 2015-10-13 10:40 - 00000000 ____D C:\Users\HPPC\Desktop\Szenen
2015-11-20 17:27 - 2014-08-14 20:21 - 00000000 ___RD C:\Users\HPPC\Desktop\Spiele
2015-11-20 01:01 - 2015-08-09 11:00 - 00000000 ___RD C:\Users\HPPC\Desktop\FinVal
2015-11-20 00:39 - 2015-08-09 23:21 - 00000000 ____D C:\Users\HPPC\Desktop\Yoshi Wallpaper
2015-11-19 22:29 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-19 22:15 - 2015-10-11 18:15 - 00000000 ____D C:\Users\HPPC\Desktop\NVList-3.3
2015-11-17 10:32 - 2014-11-26 11:01 - 00000000 ___RD C:\Users\HPPC\Desktop\Bilder
2015-11-17 10:10 - 2015-01-12 11:43 - 00000000 ____D C:\Users\HPPC\Downloads\3DS
2015-11-17 09:16 - 2014-08-15 17:19 - 00000000 ____D C:\Users\HPPC\AppData\Local\JDownloader v2.0
2015-11-16 16:12 - 2014-08-14 19:33 - 00000826 _____ C:\Users\Public\Desktop\Cyberfox.lnk
2015-11-16 16:12 - 2014-08-14 19:33 - 00000000 ____D C:\Program Files\Cyberfox
2015-11-16 13:15 - 2015-08-12 21:15 - 00000000 ____D C:\Users\HPPC\Desktop\Dragons
2015-11-15 00:30 - 2014-08-16 11:25 - 00000000 ___RD C:\Users\HPPC\Desktop\Sonstiges
2015-11-14 15:48 - 2014-08-15 17:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2015-11-14 15:48 - 2014-08-15 17:01 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
2015-10-27 10:21 - 2014-11-27 12:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amnesia - The Dark Descent
2015-10-27 10:13 - 2014-11-27 14:16 - 00000000 ____D C:\Users\HPPC\Documents\Amnesia
2015-10-27 08:18 - 2013-08-22 15:44 - 04957520 _____ C:\WINDOWS\system32\FNTCACHE.DAT
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-08-18 01:24 - 2014-08-19 11:20 - 0000132 _____ () C:\Users\HPPC\AppData\Roaming\Adobe PNG Format CS5 Prefs
2015-05-08 23:32 - 2015-05-08 23:32 - 0002916 _____ () C:\Users\HPPC\AppData\Roaming\TargetInvocationLog.txt
2014-09-26 14:44 - 2015-10-17 12:56 - 0001456 _____ () C:\Users\HPPC\AppData\Local\Adobe Für Web speichern 11.0 Prefs
2014-08-27 14:56 - 2015-11-21 12:56 - 0004608 _____ () C:\Users\HPPC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-26 02:42 - 2015-07-21 23:37 - 0007608 _____ () C:\Users\HPPC\AppData\Local\Resmon.ResmonCfg
2015-11-14 15:48 - 2015-11-14 15:48 - 0000085 ___SH () C:\ProgramData\.zreglib
Einige Dateien in TEMP:
====================
C:\Users\HPPC\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbmahtl.dll
C:\Users\HPPC\AppData\Local\Temp\proxy_vole1591921514149422294.dll
C:\Users\HPPC\AppData\Local\Temp\proxy_vole4710295672764641662.dll
C:\Users\HPPC\AppData\Local\Temp\proxy_vole5307946691491688091.dll
C:\Users\HPPC\AppData\Local\Temp\SkypeSetup.exe
C:\Users\HPPC\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-11-22 10:18
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:20-11-2015
durchgeführt von HPPC (2015-11-22 13:06:28)
Gestartet von C:\Users\HPPC\Desktop
Windows 8.1 (X64) (2015-02-22 14:27:51)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3776727103-4227896957-2343858286-500 - Administrator - Disabled)
Gast (S-1-5-21-3776727103-4227896957-2343858286-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3776727103-4227896957-2343858286-1006 - Limited - Enabled)
HPPC (S-1-5-21-3776727103-4227896957-2343858286-1001 - Administrator - Enabled) => C:\Users\HPPC
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Panda Free Antivirus (Enabled - Up to date) {AAF74A68-8713-CDF1-004F-30003398BE9E}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Free Antivirus (Enabled - Up to date) {1196AB8C-A129-C27F-3AFF-0B72481FF423}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Firewall (Disabled) {92CCCB4D-CD7C-CCA9-2B10-9935CD4BF9E5}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Amnesia - The Dark Descent (HKLM-x32\...\{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1) (Version: 1.2 - Frictional Games)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Azure Striker Gunvolt (HKLM-x32\...\Steam App 388800) (Version: - INTI CREATES CO., LTD.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Camtasia Studio 8 (HKLM-x32\...\{3F3A5785-81E3-4065-B643-B4933790AE1E}) (Version: 8.1.1.1313 - TechSmith Corporation)
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5000 - CDBurnerXP)
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.3 - Elaborate Bytes)
Crazy Taxi (HKLM-x32\...\Steam App 71230) (Version: - SEGA)
Cyberfox Web Browser (HKLM\...\{5EFB52C0-4EC9-46B4-80EB-8432C6599641}_is1) (Version: 42.0.1.0 - 8pecxstudios)
Dear Esther Version 1.0 (HKLM-x32\...\Dear Esther_is1) (Version: 1.0 - TheChineseRoom)
Divekick (HKLM-x32\...\Steam App 244730) (Version: - Iron Galaxy Studios)
Dropbox (HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
fault milestone one Demo (HKLM-x32\...\Steam App 313680) (Version: - ALICE IN DISSONANCE)
FINAL FANTASY XIII-2 (HKLM-x32\...\Steam App 292140) (Version: - SQUARE ENIX)
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.5.116.602 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.0.6.1126 - Foxit Software Inc.)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
FreeStyle2: Street Basketball (HKLM-x32\...\Steam App 339610) (Version: - Joycity)
GitHub (HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\5f7eb300e2ea4ebf) (Version: 3.0.6.4 - GitHub, Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6418.0 - IDT)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.410 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.410 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mighty Gunvolt (HKLM-x32\...\Steam App 394600) (Version: - INTI CREATES CO., LTD.)
Mobizen (HKLM-x32\...\{BA0D3A44-BCEE-4C8B-BCD4-F7F1E64F41E3}) (Version: 2.16.0.2 - RSUPPORT)
Mozilla Thunderbird 31.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.5.0 (x86 de)) (Version: 31.5.0 - Mozilla)
NiGHTS into Dreams... (HKLM-x32\...\Steam App 219950) (Version: - SEGA)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.3 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.04 - Panda Security)
Panda Devices Agent (x32 Version: 1.05.00 - Panda Security) Hidden
Panda Free Antivirus (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 15.01.00.0000 - Panda Security)
Panda Free Antivirus (Version: 7.81.00.0000 - Panda Security) Hidden
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version: - OVERKILL Software)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)
PDF Architect 2 View Module (HKLM-x32\...\{C960FF38-431D-429D-AD1F-FBD12A45B7C5}) (Version: 2.0.17.17583 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
PHANTASY STAR UNIVERSE (HKLM-x32\...\PHANTASY STAR UNIVERSE_is1) (Version: - SEGA SONIC TEAM)
PhotoFiltre 7 (HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\PhotoFiltre 7) (Version: - )
Project 64 version 2.2.0.3 (HKLM-x32\...\{BEB5FB69-4080-466F-96C4-F15DF271718B}_is1) (Version: 2.2.0.3 - )
Project My Screen App (HKLM-x32\...\{DF901456-7160-49DB-977B-0E91858CA2CB}) (Version: 8.0.12349 - Microsoft Corporation)
Ragnarök Online (HKLM-x32\...\{55725CAB-ED4D-4169-A22E-20249EFCF2B5}) (Version: 14.1 - Gravity)
Resident Evil 6 / Biohazard 6 (HKLM-x32\...\Steam App 221040) (Version: - Capcom)
RGSS-RTP Standard (HKLM-x32\...\{5A9FE525-8B8F-4701-A937-7F6745A4E9C7}) (Version: 1.0.0 - Enterbrain)
RPG Maker 2003 v1.08 (HKLM-x32\...\RPG Maker 2003_is1) (Version: - Enterbrain, Inc.)
RPG Maker MV (HKLM-x32\...\RPGMV_is1) (Version: 1.0.0.0 - KADOKAWA)
RPG MAKER VX Ace (HKLM-x32\...\RPG MAKER VX Ace_is1) (Version: 1.01a - )
RPG Maker XP (HKLM-x32\...\RPGXP_E_is1) (Version: 1.05 - Enterbrain)
SILENT HILL 3 (HKLM-x32\...\InstallShield_{14D10AAC-9737-454E-A247-8075C26C30E1}) (Version: 1.00.0000 - Konami Computer Entertainment Tokyo, Inc.)
SILENT HILL 3 (x32 Version: 1.00.0000 - Konami Computer Entertainment Tokyo, Inc.) Hidden
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Sonic & All-Stars Racing Transformed (HKLM-x32\...\Steam App 212480) (Version: - Sumo Digital)
Sonic Adventure DX (HKLM-x32\...\Steam App 71250) (Version: - SEGA)
Sonic Generations (HKLM-x32\...\Steam App 71340) (Version: - Devil's Details)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
SpeedRunners (HKLM-x32\...\Steam App 207140) (Version: - DoubleDutch Games)
Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.15 - Splashtop Inc.)
Splashtop Streamer (HKLM-x32\...\{B7C5EA94-B96A-41F5-BE95-25D78B486678}) (Version: 2.6.0.4 - Splashtop Inc.)
Spotify (HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Last Remnant (HKLM-x32\...\Steam App 23310) (Version: - SQUARE ENIX)
Thief (HKLM-x32\...\Steam App 239160) (Version: - Eidos-Montréal)
Unity Web Player (HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\UnityWebPlayer) (Version: 4.5.4f1 - Unity Technologies ApS)
Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.6.4f1 - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
==================== Wiederherstellungspunkte =========================
08-11-2015 01:49:49 Geplanter Prüfpunkt
16-11-2015 00:42:42 Geplanter Prüfpunkt
18-11-2015 01:13:27 UltraMon wird entfernt
22-11-2015 12:59:39 JRT Pre-Junkware Removal
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {26307C61-2BD7-45FB-9910-F4A494F26755} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {29470BB9-1590-410B-97FF-A0CFDE07A7FB} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3776727103-4227896957-2343858286-1001
Task: {405FAB6A-74DB-4EAF-9E35-DDA6A4C2CD60} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3776727103-4227896957-2343858286-1001Core => C:\Users\HPPC\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)
Task: {5712CE09-B483-453B-9147-BAE5579FFEDF} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3776727103-4227896957-2343858286-1001UA => C:\Users\HPPC\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3776727103-4227896957-2343858286-1001Core.job => C:\Users\HPPC\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3776727103-4227896957-2343858286-1001UA.job => C:\Users\HPPC\AppData\Local\Dropbox\Update\DropboxUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-10-17 14:27 - 2013-10-17 14:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2015-11-19 22:28 - 2015-11-19 22:29 - 15079424 _____ () C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_1.8.0.19_x86__h6adky7gbf63m\W8.1EntryPoint.exe
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-04-12 18:23 - 2013-04-12 18:23 - 00612664 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll
2015-11-19 22:28 - 2015-11-19 22:29 - 00044544 _____ () C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_1.8.0.19_x86__h6adky7gbf63m\IGPLib_Windows_8.dll
2015-11-19 22:28 - 2015-11-19 22:29 - 00056320 _____ () C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_1.8.0.19_x86__h6adky7gbf63m\GLAdsManager.dll
2015-11-19 22:28 - 2015-11-19 22:29 - 00663040 _____ () C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_1.8.0.19_x86__h6adky7gbf63m\WindowsCorePackage.Windows81.dll
2015-11-19 22:28 - 2015-11-19 22:29 - 00178688 _____ () C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_1.8.0.19_x86__h6adky7gbf63m\InAppPurchaseComponentW8_x86.dll
2015-11-19 22:28 - 2015-11-19 22:29 - 00028160 _____ () C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_1.8.0.19_x86__h6adky7gbf63m\PopupRuntimeModule.dll
2015-11-20 08:51 - 2015-11-20 08:51 - 00186880 _____ () C:\Users\HPPC\AppData\Local\Packages\A278AB0D.DragonManiaLegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\IGPBridgeLibrary\0d11bae9eedde0c1b2a08681df5b2f8e\IGPBridgeLibrary.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 03530752 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.UI.Xaml\0b2afd93fc0545b7b94339e8a4a7af97\Windows.UI.Xaml.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00960000 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.UI\8ddd8ad15fe3fb05a871ef0115fb84e2\Windows.UI.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00228864 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Foundation\16c3eb7650767d95d002c998d0c73eb5\Windows.Foundation.ni.dll
2015-11-20 08:51 - 2015-11-20 08:51 - 00344064 _____ () C:\Users\HPPC\AppData\Local\Packages\A278AB0D.DragonManiaLegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\FacebookRun67b5d43e#\e0f36441fa3fa36571abdb8b8f5aa5ee\FacebookRuntimeComponent.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 01131008 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.App640a3541#\72dff8d45b73e9b02b3838d29765607a\Windows.ApplicationModel.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00337920 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Data\98644a649e9bf9e880f2e97889501b07\Windows.Data.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00808448 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Storage\7abff64c7c1ea1fae5bd170c8238b73e\Windows.Storage.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00402432 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Security\ae4a1bf110c1a12f619514bde2b27939\Windows.Security.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00133120 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.System\c639835fe3da556a2cbe2e03540996c0\Windows.System.ni.dll
2015-11-20 08:51 - 2015-11-20 08:51 - 00053760 _____ () C:\Users\HPPC\AppData\Local\Packages\A278AB0D.DragonManiaLegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\GLAds_Bridge_Lib\71d0ecf6e40e946ad905161d4b8486bd\GLAds_Bridge_Lib.ni.dll
2015-11-20 08:51 - 2015-11-20 08:51 - 00863744 _____ () C:\Users\HPPC\AppData\Local\Packages\A278AB0D.DragonManiaLegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\GLAds__Root\bba30b943ee115b42d0fb7e3132f465f\GLAds__Root.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 01282048 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Devices\4764145200fcd33a90ced1505892fce6\Windows.Devices.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00304128 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Graphics\eff020aac8737300c74dee47a69c9bbf\Windows.Graphics.ni.dll
2015-11-20 08:51 - 2015-11-20 08:51 - 00032256 _____ () C:\Users\HPPC\AppData\Local\Packages\A278AB0D.DragonManiaLegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\PopUpsBridgeLibrary\8bdfeb35d1618b40d5fd567c034d905a\PopUpsBridgeLibrary.ni.dll
2015-11-20 08:51 - 2015-11-20 08:51 - 00047616 _____ () C:\Users\HPPC\AppData\Local\Packages\A278AB0D.DragonManiaLegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\PopUpsView\ca40c0f61b14c9e986746b6fb1d8c93c\PopUpsView.ni.dll
2015-11-20 08:51 - 2015-11-20 08:51 - 00135168 _____ () C:\Users\HPPC\AppData\Local\Packages\A278AB0D.DragonManiaLegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\W8_1EntryPoint\1e2dd38ac09f4c38b56f93039a50622a\W8_1EntryPoint.ni.dll
2015-11-20 08:51 - 2015-11-20 08:51 - 00249344 _____ () C:\Users\HPPC\AppData\Local\Packages\A278AB0D.DragonManiaLegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\IGPWindows8\4d50acb30008b043d587d99eee69cc72\IGPWindows8.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00239616 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Gloaae92e31#\94af4549db265c6f339c287c8675d234\Windows.Globalization.ni.dll
2015-11-20 08:51 - 2015-11-20 08:51 - 00068096 _____ () C:\Users\HPPC\AppData\Local\Packages\A278AB0D.DragonManiaLegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\WCPToolkit\3328b38b7a94906f3e3f0a49ad5cd127\WCPToolkit.ni.dll
2015-11-20 08:51 - 2015-11-20 08:51 - 00403456 _____ () C:\Users\HPPC\AppData\Local\Packages\A278AB0D.DragonManiaLegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\Notificatioc5a47191#\cd8f1245f69d554ae0d875c6c5b589a0\NotificationsExtensions.ni.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\HPPC\Desktop\43825153_p0.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\HPPC\Desktop\44e477d0c35b67de32be6ae42a98c718.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\HPPC\Desktop\Chillin' evening.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\HPPC\Desktop\First kiss darker characters.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\HPPC\Desktop\Good night 2.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\HPPC\Desktop\Night time2.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\HPPC\Desktop\Plains of Eternity.psd:com.dropbox.attributes
AlternateDataStreams: C:\Users\HPPC\Desktop\Version 1- stare.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\HPPC\Desktop\Version 2- kiss.jpg:com.dropbox.attributes
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\HPPC\AppData\Roaming\8pecxstudios\Cyberfox\Desktop Background.bmp
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{23FC7089-0D60-4869-ABFD-DAC6C01F04A8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{FEBBDA95-1D87-44E0-A5BD-C834771B6D80}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D9522932-BB3B-471A-A550-922C674A876B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CACAB489-4310-4D49-94FD-7B937AB7621B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{43EEA5A2-04E3-4F9D-81E3-D391710F4784}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{D1958A19-74F5-41FF-A27A-1847102504D7}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{143E2BD3-A7F1-4A00-9A92-1A5176F1597A}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\FINAL FANTASY XIII-2\FFXiii2Launcher.exe
FirewallRules: [{4AECFAC5-6B9C-4135-8599-368C74856701}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\FINAL FANTASY XIII-2\FFXiii2Launcher.exe
FirewallRules: [{56D069FC-7A2B-4C9A-8EAC-4AEA643F5874}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{77AA35B3-F4F4-42C3-B3C0-A45403B4D8A7}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{6596ABD8-6219-40F8-B03F-1B85F05CF579}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\The Last Remnant\Binaries\TLR.exe
FirewallRules: [{38609705-6AB2-493D-A4B6-CCB090F35F0F}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\The Last Remnant\Binaries\TLR.exe
FirewallRules: [{90948236-7A68-4E2C-9265-FB8049C7C3D8}] => (Allow) C:\Users\HPPC\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{470501B4-17D4-4105-94A2-E866E1190179}] => (Allow) C:\Users\HPPC\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{3B178E18-BF08-433A-BBC2-A9866A9AD918}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\NiGHTS Into Dreams\Launcher.exe
FirewallRules: [{7D14D5D3-33FC-48D1-9685-706678965B52}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\NiGHTS Into Dreams\Launcher.exe
FirewallRules: [{17B9A865-90E2-4BC6-97B9-D57313EF66BF}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\Launcher.exe
FirewallRules: [{EB4F9202-C0E7-49BF-ABDE-EF5502AFE4C6}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\Launcher.exe
FirewallRules: [{73C6B972-6BB6-4C8E-8201-5AD3DD3D10FF}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe
FirewallRules: [{14596CDC-1143-411A-817A-69A9EDCDC4D6}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe
FirewallRules: [{2CE0FD85-A5E4-4F11-8DAF-01568EB7DBB1}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic Adventure DX\AppLauncher.exe
FirewallRules: [{6D6BD41E-CC9C-4B53-B6BF-A3F76DCE21A6}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic Adventure DX\AppLauncher.exe
FirewallRules: [{AB4CE098-66DC-40B0-B9C2-827BFDA0DE6F}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Crazy Taxi\AppLauncher.exe
FirewallRules: [{E50434DD-B1E7-40F4-947F-0C5F73B23CB1}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Crazy Taxi\AppLauncher.exe
FirewallRules: [{F518EB44-C3E9-491E-8442-758840448BEA}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic Generations\ConfigurationTool.exe
FirewallRules: [{7CFA4D53-37B5-49CB-8023-E9B34D9FA350}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic Generations\ConfigurationTool.exe
FirewallRules: [{BEB0C014-3ED4-4BE3-8E70-7A2978BEDEEA}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic Generations\SonicGenerations.exe
FirewallRules: [{B5CDF304-B827-45F6-A2FB-9CB6658C4DD4}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic Generations\SonicGenerations.exe
FirewallRules: [{29502EA3-799C-4C41-9587-028A3C3710C0}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{F58A21E0-FF17-4DC0-A820-C586CD1A6B9D}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{C9D50332-DCCD-4D68-949D-B42542688C18}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{4FFFB6DC-741A-4A1E-9F3E-49690A911EA7}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{CE4A72EE-F675-48B6-BCF6-76E7DE1A6131}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\DataProxy.exe
FirewallRules: [{CA8DA855-6844-4C4E-A0DD-E5C0B10EC8BD}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
FirewallRules: [{4DE4DBC9-0E08-4872-A0D8-B6B02966AACA}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
FirewallRules: [{BB3DF925-92B0-4F71-B89D-0CE1B6858419}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Resident Evil 6\BH6.exe
FirewallRules: [{A3A23176-AF35-45C3-9504-488286001A2D}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Resident Evil 6\BH6.exe
FirewallRules: [{1609350F-083C-46AE-880B-79B2EE942B7A}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{872A30A4-C588-47C5-B6B0-FD0E5883E0F5}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{B3380C7E-2F69-4594-B265-08BEB8D97E90}] => (Allow) F:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{DCE5FED3-DB8B-4B3C-8C71-42C2EE515561}] => (Allow) F:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{D86A4DFC-D449-4B22-A987-5BE304026113}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{89026587-DAED-4FD7-8FC6-3ACEEEDCDAFC}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B4B7A26A-8F73-4849-BEB2-A2FAEA057C0D}] => (Allow) C:\Users\HPPC\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{4D252D01-2EDF-4EA2-90E0-8113B0A44C31}] => (Allow) C:\Users\HPPC\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [UDP Query User{743977DF-B0B5-4B4C-BF28-E9B661A2F7C7}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{BCE09F39-6899-42E8-8AB1-F0D5364FD623}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{AA4CD044-A3A2-48A1-B12D-E845C5B82E23}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{ADDE23F0-A14A-4B1D-81B1-E278B4B9BFD5}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [{83AA786E-A70F-4678-9234-629BDB6F8AC8}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [{6F9CFE8C-0755-483A-B663-39D72C5C7A28}] => (Allow) LPort=8743
FirewallRules: [{BB54A553-68E5-42DA-AD55-F9906D8EEE02}] => (Allow) LPort=8643
FirewallRules: [{5C8B8923-9196-4948-83E0-B63F30FBBCD0}] => (Allow) LPort=7676
FirewallRules: [{32FEE7F9-CF4D-4E54-A5FA-BF67A655933D}] => (Allow) LPort=7679
FirewallRules: [{230E229D-8BA8-4773-9150-76A3E1EC963D}] => (Allow) LPort=24234
FirewallRules: [{C84E823F-7F0C-4D77-BD63-C6570AFDED0B}] => (Allow) LPort=7900
FirewallRules: [{C09C8FE6-7C3A-4845-AB17-6FD231AD6079}] => (Allow) LPort=1900
FirewallRules: [{B24B1C4E-D18A-4342-AF0E-07845E8E13FE}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\FreeStyle2\LauncherSteam.exe
FirewallRules: [{4BC8765B-E102-4FA7-87E0-E7E8F1F30B6F}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\FreeStyle2\LauncherSteam.exe
FirewallRules: [{DC3DE35E-BF03-4B90-88AC-D9E7B876F608}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{4F37EE3B-F5BD-4A34-BF32-80B8751F95CC}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{6BC4802F-2D67-44A1-8AE4-5CED5FC8F868}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Divekick\DivekickD3D11.exe
FirewallRules: [{490A7624-0A1D-4C74-9E42-0EF76B411E49}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Divekick\DivekickD3D11.exe
FirewallRules: [{F4208D90-6A7B-40C1-983A-C8BA7DB2E732}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Mighty Gunvolt\MightyGunvolt.exe
FirewallRules: [{72969CAD-1484-46BC-9563-DB889894CC9F}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Mighty Gunvolt\MightyGunvolt.exe
FirewallRules: [{14009966-3BD0-4E58-ADF4-486A85B4CAC6}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\fault milestone one Demo\faultms1_demo.exe
FirewallRules: [{E1B13D94-4851-41BE-B5FA-6605242893A9}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\fault milestone one Demo\faultms1_demo.exe
FirewallRules: [{C339F8EC-1854-4D25-B0BA-C69C8985C345}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Azure Striker Gunvolt\exe\gv_win.exe
FirewallRules: [{9649E0CB-8B7C-4135-A1CA-0D7987B09BCD}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Azure Striker Gunvolt\exe\gv_win.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (11/22/2015 10:18:50 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Error: (11/21/2015 06:17:28 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Error: (11/21/2015 00:44:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm CamRecorder.exe, Version 8.1.1.1313 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: ae8
Startzeit: 01d12451a536562d
Endzeit: 4294967295
Anwendungspfad: F:\Program Files (x86)\TechSmith\Camtasia Studio 8\CamRecorder.exe
Berichts-ID: 34895262-9045-11e5-bfd2-78e3b5b56ba1
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (11/21/2015 09:30:52 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Error: (11/21/2015 02:15:56 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Error: (11/21/2015 00:21:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: e1y02i1y.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Name des fehlerhaften Moduls: e1y02i1y.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000011aa
ID des fehlerhaften Prozesses: 0x1e78
Startzeit der fehlerhaften Anwendung: 0xe1y02i1y.exe0
Pfad der fehlerhaften Anwendung: e1y02i1y.exe1
Pfad des fehlerhaften Moduls: e1y02i1y.exe2
Berichtskennung: e1y02i1y.exe3
Vollständiger Name des fehlerhaften Pakets: e1y02i1y.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: e1y02i1y.exe5
Error: (11/21/2015 00:21:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: e1y02i1y.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Name des fehlerhaften Moduls: e1y02i1y.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000011aa
ID des fehlerhaften Prozesses: 0x1418
Startzeit der fehlerhaften Anwendung: 0xe1y02i1y.exe0
Pfad der fehlerhaften Anwendung: e1y02i1y.exe1
Pfad des fehlerhaften Moduls: e1y02i1y.exe2
Berichtskennung: e1y02i1y.exe3
Vollständiger Name des fehlerhaften Pakets: e1y02i1y.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: e1y02i1y.exe5
Error: (11/20/2015 04:52:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Photoshop.exe, Version: 12.0.0.0, Zeitstempel: 0x4b504eff
Name des fehlerhaften Moduls: ScriptingSupport.8li, Version: 10.0.0.0, Zeitstempel: 0x4b505282
Ausnahmecode: 0xc000041d
Fehleroffset: 0x00018a15
ID des fehlerhaften Prozesses: 0x17c0
Startzeit der fehlerhaften Anwendung: 0xPhotoshop.exe0
Pfad der fehlerhaften Anwendung: Photoshop.exe1
Pfad des fehlerhaften Moduls: Photoshop.exe2
Berichtskennung: Photoshop.exe3
Vollständiger Name des fehlerhaften Pakets: Photoshop.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Photoshop.exe5
Error: (11/20/2015 04:52:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Photoshop.exe, Version: 12.0.0.0, Zeitstempel: 0x4b504eff
Name des fehlerhaften Moduls: ScriptingSupport.8li, Version: 10.0.0.0, Zeitstempel: 0x4b505282
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00018a15
ID des fehlerhaften Prozesses: 0x17c0
Startzeit der fehlerhaften Anwendung: 0xPhotoshop.exe0
Pfad der fehlerhaften Anwendung: Photoshop.exe1
Pfad des fehlerhaften Moduls: Photoshop.exe2
Berichtskennung: Photoshop.exe3
Vollständiger Name des fehlerhaften Pakets: Photoshop.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Photoshop.exe5
Error: (11/20/2015 03:09:21 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Systemfehler:
=============
Error: (11/22/2015 00:57:21 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
%%5
Error: (11/22/2015 00:56:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/22/2015 00:56:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/22/2015 00:56:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "LogMeIn Hamachi Tunneling Engine" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (11/22/2015 00:56:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Internet Pass-Through Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/22/2015 00:56:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Panda Devices Agent" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 300000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/22/2015 00:56:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Foxit Cloud Safe Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (11/22/2015 00:56:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Dienst "Bonjour"" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (11/22/2015 00:56:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Apple Mobile Device" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/22/2015 00:56:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "AMD FUEL Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
CodeIntegrity:
===================================
Date: 2015-02-27 08:18:30.512
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-02-27 08:18:30.402
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-02-27 08:18:30.246
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-02-27 08:18:30.106
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-02-27 08:18:29.980
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-02-27 08:18:29.855
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-02-27 08:18:29.637
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: AMD A10-5700 APU with Radeon(tm) HD Graphics
Prozentuale Nutzung des RAM: 25%
Installierter physikalischer RAM: 6039.32 MB
Verfügbarer physikalischer RAM: 4470.57 MB
Summe virtueller Speicher: 6999.32 MB
Verfügbarer virtueller Speicher: 5151.59 MB
==================== Laufwerke ================================
Drive c: (OS) (Fixed) (Total:452.14 GB) (Free:150.49 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Recovery Image) (Fixed) (Total:10.92 GB) (Free:0.94 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive f: (Spiele+Programme) (Fixed) (Total:454.22 GB) (Free:28.94 GB) NTFS
Drive j: (Sonstiges) (Fixed) (Total:244.41 GB) (Free:140.03 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 52E55227)
Partition: GPT.
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 00000001)
Partition 1: (Not Active) - (Size=993 KB) - (Type=42)
Partition 2: (Active) - (Size=454.2 GB) - (Type=42)
Partition 3: (Not Active) - (Size=244.4 GB) - (Type=42)
==================== Ende von Addition.txt ============================
|
|
23.11.2015, 19:08
| #6 |
| /// the machine /// TB-Ausbilder | Probleme nach Cyberfox UpdateESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ --> Probleme nach Cyberfox Update |
|
08.12.2015, 00:04
| #7 |
| | Probleme nach Cyberfox Update Hallo, und sorry das es so lange gedauert hat. Ja, es gibt auch weiterhin Probleme. Zwar höre ich keine zufälligen Geräusche mehr durch die Lautsprecher, aber der PC hängt sich immer noch auf. Außerdem gibt es dazu hier und da eine Meldung das der Treiber meiner Grafikkarte wiederhergestellt werden musste. ESET Online Scanner: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=34e051d27c5cf241808d5caa1ad3f453
# end=init
# utc_time=2015-11-23 10:03:33
# local_time=2015-11-23 11:03:33 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 26860
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=34e051d27c5cf241808d5caa1ad3f453
# end=updated
# utc_time=2015-11-23 10:05:30
# local_time=2015-11-23 11:05:30 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=34e051d27c5cf241808d5caa1ad3f453
# engine=26860
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-11-23 10:52:10
# local_time=2015-11-23 11:52:10 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='Panda Free Antivirus'
# compatibility_mode=1557 16777213 100 100 3158242 234515104 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 23546314 44080982 0 0
# scanned=191290
# found=5
# cleaned=0
# scan_time=2799
sh=E5A22D682B5B9C1F5AD1E1F7D98E685772BED8FC ft=0 fh=0000000000000000 vn="JS/Astromenda.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HPPC\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\js\background.js.vir"
sh=F2A8917500E1C6B9E4ADD5299BAF66B57DD4EB63 ft=0 fh=0000000000000000 vn="JS/Astromenda.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HPPC\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\js\bootstrap.js.vir"
sh=CE3159B58A6DFF52E43F2445A4E094B983DD0EBA ft=0 fh=0000000000000000 vn="JS/Astromenda.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HPPC\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\js\newtab.js.vir"
sh=FD7368BFE59CB6D2E4853110A8BDE09937D30BFA ft=0 fh=0000000000000000 vn="JS/Astromenda.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HPPC\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\js\opentab.js.vir"
sh=90A440A11B158CACC211196FF49670F6F38EB760 ft=1 fh=8b2ddc3358c7903c vn="Variante von Win32/Toolbar.Visicom.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Panda Security\Panda Security Protection\Tools\PandaSecurityTb.exe"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=34e051d27c5cf241808d5caa1ad3f453
# end=init
# utc_time=2015-12-06 01:09:18
# local_time=2015-12-06 02:09:18 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 27065
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=34e051d27c5cf241808d5caa1ad3f453
# end=updated
# utc_time=2015-12-06 01:11:43
# local_time=2015-12-06 02:11:43 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=34e051d27c5cf241808d5caa1ad3f453
# engine=27065
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-12-06 02:45:32
# local_time=2015-12-06 03:45:32 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='Panda Free Antivirus'
# compatibility_mode=1557 16777213 100 100 4252244 235609106 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 24640316 45174984 0 0
# scanned=574734
# found=5
# cleaned=0
# scan_time=5627
sh=E5A22D682B5B9C1F5AD1E1F7D98E685772BED8FC ft=0 fh=0000000000000000 vn="JS/Astromenda.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HPPC\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\js\background.js.vir"
sh=F2A8917500E1C6B9E4ADD5299BAF66B57DD4EB63 ft=0 fh=0000000000000000 vn="JS/Astromenda.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HPPC\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\js\bootstrap.js.vir"
sh=CE3159B58A6DFF52E43F2445A4E094B983DD0EBA ft=0 fh=0000000000000000 vn="JS/Astromenda.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HPPC\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\js\newtab.js.vir"
sh=FD7368BFE59CB6D2E4853110A8BDE09937D30BFA ft=0 fh=0000000000000000 vn="JS/Astromenda.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HPPC\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\js\opentab.js.vir"
sh=90A440A11B158CACC211196FF49670F6F38EB760 ft=1 fh=8b2ddc3358c7903c vn="Variante von Win32/Toolbar.Visicom.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Panda Security\Panda Security Protection\Tools\PandaSecurityTb.exe"
Code:
ATTFilter Results of screen317's Security Check version 1.013 --- 11/28/15
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Panda Free Antivirus
Windows Defender
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 67
Java version 32-bit out of Date!
Adobe Flash Player 14.0.0.179 Flash Player out of Date!
Adobe Reader XI
Mozilla Thunderbird 31.5.0 Thunderbird out of Date!
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-12-2015
durchgeführt von HPPC (Administrator) auf HP (07-12-2015 23:54:18)
Gestartet von C:\Users\HPPC\Desktop
Geladene Profile: HPPC (Verfügbare Profile: HPPC)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\livecomm.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Spotify Ltd) C:\Users\HPPC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(8pecxstudios) C:\Program Files\Cyberfox\Cyberfox.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2012-08-10] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-08-10] (IDT, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [40184 2015-02-17] (Panda Security, S.L.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-11-12] (LogMeIn Inc.)
HKLM\...\Winlogon: [Userinit] C:\WINDOWS\SysWOW64\userinit.exe,
HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\Run: [Spotify Web Helper] => C:\Users\HPPC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-12] (Spotify Ltd)
HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\Run: [Dropbox Update] => C:\Users\HPPC\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-19] (Dropbox, Inc.)
HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\MountPoints2: {d4a071f6-483f-11e5-bf85-78e3b5b56ba1} - "G:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\MountPoints2: {d4a072b9-483f-11e5-bf85-78e3b5b56ba1} - "G:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\MountPoints2: {f3de35ef-23c5-11e4-be72-78e3b5b56ba1} - "H:\wubi.exe"
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\..\Interfaces\{687EFE86-7C48-4DD7-9764-BFDE83F885DD}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{93B37C6C-F077-40E8-BA0B-A8E67EA05545}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-08-14] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-08-14] (Oracle Corporation)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll [2014-08-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2015-07-19] (Unity Technologies ApS)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll [2014-08-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-08-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-08-14] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-06-26] (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-3776727103-4227896957-2343858286-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\HPPC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-09-05] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3776727103-4227896957-2343858286-1001: pokki.com/PokkiDownloadHelper -> C:\Users\HPPC\AppData\Local\Pokki\Download Helper\npPokkiDownloadHelper.1.2.0.78.dll [2015-12-03] (Pokki)
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-11-12] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S2 Mobizen plugin; C:\Program Files (x86)\RSUPPORT\MobizenService\MobizenService.exe [3353360 2015-08-14] ( Rsupport Corporation)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142584 2015-02-17] (Panda Security, S.L.)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [66808 2014-10-09] (Panda Security, S.L.)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [Datei ist nicht signiert]
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-06-26] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-06-26] (pdfforge GmbH)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-02-17] (Panda Security, S.L.)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [321536 2012-08-10] (IDT, Inc.) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
S2 AdobeARMservice; "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-03] (Advanced Micro Devices)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.)
S3 HtcVCom32; C:\Windows\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [93968 2015-02-09] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [202000 2015-02-09] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [110864 2015-02-09] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [116496 2015-02-09] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [49936 2014-12-31] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [99600 2015-02-09] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [69904 2015-02-09] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [124176 2015-02-09] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [299792 2015-02-09] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [166160 2015-02-09] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [113424 2015-02-09] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [257296 2015-02-09] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [106256 2015-02-09] (Panda Security, S.L.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [163088 2015-02-11] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [121616 2015-02-11] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [197392 2015-02-10] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [124176 2015-02-11] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [133904 2015-02-11] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [107792 2015-02-11] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [61712 2015-01-29] (Panda Security, S.L.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [35320 2014-09-22] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [258368 2014-09-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-07 23:54 - 2015-12-07 23:55 - 00015689 _____ C:\Users\HPPC\Desktop\FRST.txt
2015-12-07 23:54 - 2015-12-07 23:54 - 02369024 _____ (Farbar) C:\Users\HPPC\Desktop\FRST64.exe
2015-12-07 23:47 - 2015-12-07 23:47 - 00000000 ____D C:\Users\HPPC\AppData\Roaming\Adobe
2015-12-07 23:47 - 2015-12-07 23:47 - 00000000 ____D C:\Users\HPPC\AppData\Local\Adobe
2015-12-07 23:47 - 2015-12-07 23:47 - 00000000 ____D C:\ProgramData\Adobe
2015-12-06 18:15 - 2015-12-06 18:15 - 00000918 _____ C:\Users\HPPC\Desktop\checkup.txt
2015-12-06 18:05 - 2015-12-06 18:05 - 00001884 _____ C:\Users\HPPC\Desktop\f.txt
2015-12-05 23:40 - 2015-12-05 23:40 - 06539752 _____ (Tim Kosse) C:\Users\HPPC\Downloads\FileZilla_3.14.1_win64-setup.exe
2015-12-05 12:32 - 2015-12-05 12:32 - 00000000 ____D C:\Users\HPPC\Trelby
2015-12-03 22:26 - 2015-12-03 22:26 - 00000000 ____D C:\Users\HPPC\AppData\Local\Pokki
2015-11-22 21:46 - 2015-01-29 18:21 - 00061712 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
2015-11-22 12:31 - 2015-11-22 12:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-11-22 12:31 - 2015-11-22 12:31 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-11-22 12:31 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-11-22 12:31 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-11-20 17:18 - 2015-11-20 17:19 - 00000000 ____D C:\Users\HPPC\AppData\Local\SM3DL
2015-11-17 22:00 - 2015-11-17 22:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-11-17 22:00 - 2015-11-17 22:00 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2015-11-16 16:27 - 2015-11-16 16:27 - 00000000 __SHD C:\WINDOWS\SysWOW64\AI_RecycleBin
2015-11-16 16:12 - 2015-11-16 16:12 - 00000000 ____D C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cyberfox
2015-11-14 15:48 - 2015-11-14 15:48 - 00000085 ___SH C:\ProgramData\.zreglib
2015-11-14 15:48 - 2015-11-14 15:48 - 00000000 ____D C:\ProgramData\Elaborate Bytes
2015-11-13 12:42 - 2015-11-13 12:42 - 00000000 ____D C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-11-12 11:47 - 2015-11-12 11:47 - 00045680 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-07 23:54 - 2015-02-24 16:20 - 00000000 ____D C:\FRST
2015-12-07 23:52 - 2014-08-25 20:37 - 00000000 ____D C:\Users\HPPC\AppData\Local\LogMeIn Hamachi
2015-12-07 23:51 - 2015-02-22 15:37 - 00000000 ___RD C:\Users\HPPC\OneDrive
2015-12-07 23:51 - 2015-02-22 15:08 - 00000000 ____D C:\Users\HPPC
2015-12-07 23:51 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-07 23:48 - 2014-08-14 19:40 - 00000000 ____D C:\Users\HPPC\AppData\Roaming\Skype
2015-12-07 23:41 - 2015-06-19 14:31 - 00001226 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3776727103-4227896957-2343858286-1001UA.job
2015-12-07 22:52 - 2014-08-26 13:14 - 115166208 ___SH C:\Users\HPPC\Desktop\Thumbs.db
2015-12-07 22:42 - 2014-08-20 11:40 - 00000000 ____D C:\Users\HPPC\AppData\Roaming\FileZilla
2015-12-07 17:53 - 2013-08-22 14:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-12-07 16:47 - 2015-08-12 21:15 - 00000000 ____D C:\Users\HPPC\Desktop\Dragons
2015-12-07 16:23 - 2014-08-17 14:42 - 00000000 ____D C:\Users\HPPC\AppData\Roaming\vlc
2015-12-07 16:10 - 2014-08-21 07:26 - 00000000 ____D C:\Users\HPPC\AppData\Roaming\Audacity
2015-12-07 16:04 - 2014-08-27 14:56 - 00004608 _____ C:\Users\HPPC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-12-07 16:04 - 2014-08-16 21:07 - 00000000 ____D C:\Users\HPPC\Documents\Camtasia Studio
2015-12-07 14:43 - 2014-11-21 04:35 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-07 14:43 - 2014-11-21 03:45 - 00764340 _____ C:\WINDOWS\system32\perfh007.dat
2015-12-07 14:43 - 2014-11-21 03:45 - 00159160 _____ C:\WINDOWS\system32\perfc007.dat
2015-12-07 14:43 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2015-12-07 08:45 - 2014-08-16 11:52 - 00000000 __RHD C:\Users\HPPC\Dropbox
2015-12-07 08:39 - 2014-08-16 11:49 - 00000000 ____D C:\Users\HPPC\AppData\Roaming\Dropbox
2015-12-06 22:08 - 2015-08-30 08:16 - 00000000 ____D C:\Users\HPPC\Desktop\Neu
2015-12-06 01:41 - 2015-06-19 14:31 - 00001174 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3776727103-4227896957-2343858286-1001Core.job
2015-12-05 14:34 - 2014-08-14 20:21 - 00000000 ___RD C:\Users\HPPC\Desktop\Programme
2015-12-05 12:40 - 2014-08-09 14:11 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3776727103-4227896957-2343858286-1001
2015-12-05 12:19 - 2015-10-30 15:13 - 00002023 _____ C:\Users\HPPC\Desktop\Neues Textdokument.txt
2015-12-04 23:19 - 2015-05-27 17:51 - 00000000 ____D C:\Users\HPPC\AppData\Roaming\TS3Client
2015-12-04 00:08 - 2014-08-16 11:25 - 00000000 ___RD C:\Users\HPPC\Desktop\Sonstiges
2015-12-03 00:56 - 2014-09-26 14:44 - 00001456 _____ C:\Users\HPPC\AppData\Local\Adobe Für Web speichern 11.0 Prefs
2015-11-29 17:13 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-29 17:08 - 2014-08-07 21:58 - 00000000 ____D C:\Users\HPPC\AppData\Local\Packages
2015-11-29 17:07 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2015-11-22 13:06 - 2013-08-22 14:36 - 00000000 ____D C:\Windows
2015-11-22 12:56 - 2015-02-25 22:13 - 00000000 ____D C:\AdwCleaner
2015-11-22 12:56 - 2015-02-22 15:34 - 00000008 __RSH C:\ProgramData\ntuser.pol
2015-11-22 12:48 - 2015-02-24 22:03 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-11-22 12:46 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Registration
2015-11-22 12:31 - 2015-02-24 22:03 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-21 15:01 - 2015-02-24 22:03 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-11-21 11:29 - 2015-07-21 21:31 - 00000000 ___RD C:\Users\HPPC\Desktop\Pandora's Box
2015-11-20 22:39 - 2015-10-13 10:40 - 00000000 ____D C:\Users\HPPC\Desktop\Szenen
2015-11-20 17:27 - 2014-08-14 20:21 - 00000000 ___RD C:\Users\HPPC\Desktop\Spiele
2015-11-20 01:01 - 2015-08-09 11:00 - 00000000 ___RD C:\Users\HPPC\Desktop\FinVal
2015-11-19 22:15 - 2015-10-11 18:15 - 00000000 ____D C:\Users\HPPC\Desktop\NVList-3.3
2015-11-17 10:32 - 2014-11-26 11:01 - 00000000 ___RD C:\Users\HPPC\Desktop\Bilder
2015-11-17 10:10 - 2015-01-12 11:43 - 00000000 ____D C:\Users\HPPC\Downloads\3DS
2015-11-17 09:16 - 2014-08-15 17:19 - 00000000 ____D C:\Users\HPPC\AppData\Local\JDownloader v2.0
2015-11-16 16:12 - 2014-08-14 19:33 - 00000826 _____ C:\Users\Public\Desktop\Cyberfox.lnk
2015-11-16 16:12 - 2014-08-14 19:33 - 00000000 ____D C:\Program Files\Cyberfox
2015-11-14 15:48 - 2014-08-15 17:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2015-11-14 15:48 - 2014-08-15 17:01 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-08-18 01:24 - 2014-08-19 11:20 - 0000132 _____ () C:\Users\HPPC\AppData\Roaming\Adobe PNG Format CS5 Prefs
2015-05-08 23:32 - 2015-05-08 23:32 - 0002916 _____ () C:\Users\HPPC\AppData\Roaming\TargetInvocationLog.txt
2014-09-26 14:44 - 2015-12-03 00:56 - 0001456 _____ () C:\Users\HPPC\AppData\Local\Adobe Für Web speichern 11.0 Prefs
2014-08-27 14:56 - 2015-12-07 16:04 - 0004608 _____ () C:\Users\HPPC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-26 02:42 - 2015-07-21 23:37 - 0007608 _____ () C:\Users\HPPC\AppData\Local\Resmon.ResmonCfg
2015-11-14 15:48 - 2015-11-14 15:48 - 0000085 ___SH () C:\ProgramData\.zreglib
Einige Dateien in TEMP:
====================
C:\Users\HPPC\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpk0xq83.dll
C:\Users\HPPC\AppData\Local\Temp\proxy_vole1591921514149422294.dll
C:\Users\HPPC\AppData\Local\Temp\proxy_vole4710295672764641662.dll
C:\Users\HPPC\AppData\Local\Temp\proxy_vole5307946691491688091.dll
C:\Users\HPPC\AppData\Local\Temp\SkypeSetup.exe
C:\Users\HPPC\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-12-07 09:07
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-12-2015
durchgeführt von HPPC (2015-12-07 23:55:35)
Gestartet von C:\Users\HPPC\Desktop
Windows 8.1 (X64) (2015-02-22 14:27:51)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3776727103-4227896957-2343858286-500 - Administrator - Disabled)
Gast (S-1-5-21-3776727103-4227896957-2343858286-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3776727103-4227896957-2343858286-1006 - Limited - Enabled)
HPPC (S-1-5-21-3776727103-4227896957-2343858286-1001 - Administrator - Enabled) => C:\Users\HPPC
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Panda Free Antivirus (Enabled - Up to date) {AAF74A68-8713-CDF1-004F-30003398BE9E}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Free Antivirus (Enabled - Up to date) {1196AB8C-A129-C27F-3AFF-0B72481FF423}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Firewall (Disabled) {92CCCB4D-CD7C-CCA9-2B10-9935CD4BF9E5}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Amnesia - The Dark Descent (HKLM-x32\...\{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1) (Version: 1.2 - Frictional Games)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Azure Striker Gunvolt (HKLM-x32\...\Steam App 388800) (Version: - INTI CREATES CO., LTD.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Camtasia Studio 8 (HKLM-x32\...\{3F3A5785-81E3-4065-B643-B4933790AE1E}) (Version: 8.1.1.1313 - TechSmith Corporation)
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5000 - CDBurnerXP)
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.3 - Elaborate Bytes)
Crazy Taxi (HKLM-x32\...\Steam App 71230) (Version: - SEGA)
Cyberfox Web Browser (HKLM\...\{5EFB52C0-4EC9-46B4-80EB-8432C6599641}_is1) (Version: 42.0.1.0 - 8pecxstudios)
Dear Esther Version 1.0 (HKLM-x32\...\Dear Esther_is1) (Version: 1.0 - TheChineseRoom)
Divekick (HKLM-x32\...\Steam App 244730) (Version: - Iron Galaxy Studios)
Dropbox (HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
fault milestone one Demo (HKLM-x32\...\Steam App 313680) (Version: - ALICE IN DISSONANCE)
FINAL FANTASY XIII-2 (HKLM-x32\...\Steam App 292140) (Version: - SQUARE ENIX)
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.7.143.923 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.0.6.1126 - Foxit Software Inc.)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
FreeStyle2: Street Basketball (HKLM-x32\...\Steam App 339610) (Version: - Joycity)
GitHub (HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\5f7eb300e2ea4ebf) (Version: 3.0.6.4 - GitHub, Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6418.0 - IDT)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.410 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.410 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mighty Gunvolt (HKLM-x32\...\Steam App 394600) (Version: - INTI CREATES CO., LTD.)
Mobizen (HKLM-x32\...\{BA0D3A44-BCEE-4C8B-BCD4-F7F1E64F41E3}) (Version: 2.16.0.2 - RSUPPORT)
Mozilla Thunderbird 31.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.5.0 (x86 de)) (Version: 31.5.0 - Mozilla)
NiGHTS into Dreams... (HKLM-x32\...\Steam App 219950) (Version: - SEGA)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.3 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.04 - Panda Security)
Panda Devices Agent (x32 Version: 1.05.00 - Panda Security) Hidden
Panda Free Antivirus (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 15.01.00.0000 - Panda Security)
Panda Free Antivirus (Version: 7.81.00.0000 - Panda Security) Hidden
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version: - OVERKILL Software)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)
PDF Architect 2 View Module (HKLM-x32\...\{C960FF38-431D-429D-AD1F-FBD12A45B7C5}) (Version: 2.0.17.17583 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
PHANTASY STAR UNIVERSE (HKLM-x32\...\PHANTASY STAR UNIVERSE_is1) (Version: - SEGA SONIC TEAM)
PhotoFiltre 7 (HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\PhotoFiltre 7) (Version: - )
Pokki Download Helper (HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\PokkiDownloadHelper) (Version: 1.3.1.289 - Pokki)
Project 64 version 2.2.0.3 (HKLM-x32\...\{BEB5FB69-4080-466F-96C4-F15DF271718B}_is1) (Version: 2.2.0.3 - )
Project My Screen App (HKLM-x32\...\{DF901456-7160-49DB-977B-0E91858CA2CB}) (Version: 8.0.12349 - Microsoft Corporation)
Ragnarök Online (HKLM-x32\...\{55725CAB-ED4D-4169-A22E-20249EFCF2B5}) (Version: 14.1 - Gravity)
Resident Evil 6 / Biohazard 6 (HKLM-x32\...\Steam App 221040) (Version: - Capcom)
RGSS-RTP Standard (HKLM-x32\...\{5A9FE525-8B8F-4701-A937-7F6745A4E9C7}) (Version: 1.0.0 - Enterbrain)
RPG Maker 2003 v1.08 (HKLM-x32\...\RPG Maker 2003_is1) (Version: - Enterbrain, Inc.)
RPG Maker MV (HKLM-x32\...\RPGMV_is1) (Version: 1.0.0.0 - KADOKAWA)
RPG MAKER VX Ace (HKLM-x32\...\RPG MAKER VX Ace_is1) (Version: 1.01a - )
RPG Maker XP (HKLM-x32\...\RPGXP_E_is1) (Version: 1.05 - Enterbrain)
SILENT HILL 3 (HKLM-x32\...\InstallShield_{14D10AAC-9737-454E-A247-8075C26C30E1}) (Version: 1.00.0000 - Konami Computer Entertainment Tokyo, Inc.)
SILENT HILL 3 (x32 Version: 1.00.0000 - Konami Computer Entertainment Tokyo, Inc.) Hidden
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Sonic & All-Stars Racing Transformed (HKLM-x32\...\Steam App 212480) (Version: - Sumo Digital)
Sonic Adventure DX (HKLM-x32\...\Steam App 71250) (Version: - SEGA)
Sonic Generations (HKLM-x32\...\Steam App 71340) (Version: - Devil's Details)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
SpeedRunners (HKLM-x32\...\Steam App 207140) (Version: - DoubleDutch Games)
Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.15 - Splashtop Inc.)
Splashtop Streamer (HKLM-x32\...\{B7C5EA94-B96A-41F5-BE95-25D78B486678}) (Version: 2.6.0.4 - Splashtop Inc.)
Spotify (HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Last Remnant (HKLM-x32\...\Steam App 23310) (Version: - SQUARE ENIX)
Thief (HKLM-x32\...\Steam App 239160) (Version: - Eidos-Montréal)
Unity Web Player (HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\UnityWebPlayer) (Version: 4.5.4f1 - Unity Technologies ApS)
Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.6.4f1 - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
==================== Wiederherstellungspunkte =========================
22-11-2015 12:59:39 JRT Pre-Junkware Removal
30-11-2015 10:46:12 Geplanter Prüfpunkt
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {26307C61-2BD7-45FB-9910-F4A494F26755} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {29470BB9-1590-410B-97FF-A0CFDE07A7FB} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3776727103-4227896957-2343858286-1001
Task: {405FAB6A-74DB-4EAF-9E35-DDA6A4C2CD60} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3776727103-4227896957-2343858286-1001Core => C:\Users\HPPC\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)
Task: {5712CE09-B483-453B-9147-BAE5579FFEDF} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3776727103-4227896957-2343858286-1001UA => C:\Users\HPPC\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3776727103-4227896957-2343858286-1001Core.job => C:\Users\HPPC\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3776727103-4227896957-2343858286-1001UA.job => C:\Users\HPPC\AppData\Local\Dropbox\Update\DropboxUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\HPPC\Desktop\Spiele\White_Night - Verknüpfung.lnk -> F:\Program Files (x86)\Amnesia - The Dark Descent\redist\White_Night.bat () <==== ACHTUNG
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-10-17 14:27 - 2013-10-17 14:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2014-07-04 21:33 - 2014-07-04 21:33 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-04-12 18:23 - 2013-04-12 18:23 - 00612664 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\HPPC\Desktop\43825153_p0.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\HPPC\Desktop\44e477d0c35b67de32be6ae42a98c718.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\HPPC\Desktop\Body heat redone.png:com.dropbox.attributes
AlternateDataStreams: C:\Users\HPPC\Desktop\Chillin' evening.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\HPPC\Desktop\First kiss darker characters.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\HPPC\Desktop\Good night 2.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\HPPC\Desktop\Night time2.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\HPPC\Desktop\Version 1- stare.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\HPPC\Desktop\Version 2- kiss.jpg:com.dropbox.attributes
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\HPPC\AppData\Roaming\8pecxstudios\Cyberfox\Desktop Background.bmp
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{23FC7089-0D60-4869-ABFD-DAC6C01F04A8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{FEBBDA95-1D87-44E0-A5BD-C834771B6D80}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D9522932-BB3B-471A-A550-922C674A876B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CACAB489-4310-4D49-94FD-7B937AB7621B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{43EEA5A2-04E3-4F9D-81E3-D391710F4784}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{D1958A19-74F5-41FF-A27A-1847102504D7}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{143E2BD3-A7F1-4A00-9A92-1A5176F1597A}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\FINAL FANTASY XIII-2\FFXiii2Launcher.exe
FirewallRules: [{4AECFAC5-6B9C-4135-8599-368C74856701}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\FINAL FANTASY XIII-2\FFXiii2Launcher.exe
FirewallRules: [{56D069FC-7A2B-4C9A-8EAC-4AEA643F5874}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{77AA35B3-F4F4-42C3-B3C0-A45403B4D8A7}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{6596ABD8-6219-40F8-B03F-1B85F05CF579}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\The Last Remnant\Binaries\TLR.exe
FirewallRules: [{38609705-6AB2-493D-A4B6-CCB090F35F0F}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\The Last Remnant\Binaries\TLR.exe
FirewallRules: [{90948236-7A68-4E2C-9265-FB8049C7C3D8}] => (Allow) C:\Users\HPPC\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{470501B4-17D4-4105-94A2-E866E1190179}] => (Allow) C:\Users\HPPC\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{3B178E18-BF08-433A-BBC2-A9866A9AD918}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\NiGHTS Into Dreams\Launcher.exe
FirewallRules: [{7D14D5D3-33FC-48D1-9685-706678965B52}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\NiGHTS Into Dreams\Launcher.exe
FirewallRules: [{17B9A865-90E2-4BC6-97B9-D57313EF66BF}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\Launcher.exe
FirewallRules: [{EB4F9202-C0E7-49BF-ABDE-EF5502AFE4C6}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\Launcher.exe
FirewallRules: [{73C6B972-6BB6-4C8E-8201-5AD3DD3D10FF}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe
FirewallRules: [{14596CDC-1143-411A-817A-69A9EDCDC4D6}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe
FirewallRules: [{2CE0FD85-A5E4-4F11-8DAF-01568EB7DBB1}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic Adventure DX\AppLauncher.exe
FirewallRules: [{6D6BD41E-CC9C-4B53-B6BF-A3F76DCE21A6}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic Adventure DX\AppLauncher.exe
FirewallRules: [{AB4CE098-66DC-40B0-B9C2-827BFDA0DE6F}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Crazy Taxi\AppLauncher.exe
FirewallRules: [{E50434DD-B1E7-40F4-947F-0C5F73B23CB1}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Crazy Taxi\AppLauncher.exe
FirewallRules: [{F518EB44-C3E9-491E-8442-758840448BEA}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic Generations\ConfigurationTool.exe
FirewallRules: [{7CFA4D53-37B5-49CB-8023-E9B34D9FA350}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic Generations\ConfigurationTool.exe
FirewallRules: [{BEB0C014-3ED4-4BE3-8E70-7A2978BEDEEA}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic Generations\SonicGenerations.exe
FirewallRules: [{B5CDF304-B827-45F6-A2FB-9CB6658C4DD4}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic Generations\SonicGenerations.exe
FirewallRules: [{29502EA3-799C-4C41-9587-028A3C3710C0}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{F58A21E0-FF17-4DC0-A820-C586CD1A6B9D}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{C9D50332-DCCD-4D68-949D-B42542688C18}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{4FFFB6DC-741A-4A1E-9F3E-49690A911EA7}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{CE4A72EE-F675-48B6-BCF6-76E7DE1A6131}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\DataProxy.exe
FirewallRules: [{CA8DA855-6844-4C4E-A0DD-E5C0B10EC8BD}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
FirewallRules: [{4DE4DBC9-0E08-4872-A0D8-B6B02966AACA}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
FirewallRules: [{BB3DF925-92B0-4F71-B89D-0CE1B6858419}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Resident Evil 6\BH6.exe
FirewallRules: [{A3A23176-AF35-45C3-9504-488286001A2D}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Resident Evil 6\BH6.exe
FirewallRules: [{1609350F-083C-46AE-880B-79B2EE942B7A}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{872A30A4-C588-47C5-B6B0-FD0E5883E0F5}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{B3380C7E-2F69-4594-B265-08BEB8D97E90}] => (Allow) F:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{DCE5FED3-DB8B-4B3C-8C71-42C2EE515561}] => (Allow) F:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{D86A4DFC-D449-4B22-A987-5BE304026113}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{89026587-DAED-4FD7-8FC6-3ACEEEDCDAFC}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B4B7A26A-8F73-4849-BEB2-A2FAEA057C0D}] => (Allow) C:\Users\HPPC\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{4D252D01-2EDF-4EA2-90E0-8113B0A44C31}] => (Allow) C:\Users\HPPC\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [UDP Query User{743977DF-B0B5-4B4C-BF28-E9B661A2F7C7}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{BCE09F39-6899-42E8-8AB1-F0D5364FD623}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{AA4CD044-A3A2-48A1-B12D-E845C5B82E23}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{ADDE23F0-A14A-4B1D-81B1-E278B4B9BFD5}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [{83AA786E-A70F-4678-9234-629BDB6F8AC8}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [{6F9CFE8C-0755-483A-B663-39D72C5C7A28}] => (Allow) LPort=8743
FirewallRules: [{BB54A553-68E5-42DA-AD55-F9906D8EEE02}] => (Allow) LPort=8643
FirewallRules: [{5C8B8923-9196-4948-83E0-B63F30FBBCD0}] => (Allow) LPort=7676
FirewallRules: [{32FEE7F9-CF4D-4E54-A5FA-BF67A655933D}] => (Allow) LPort=7679
FirewallRules: [{230E229D-8BA8-4773-9150-76A3E1EC963D}] => (Allow) LPort=24234
FirewallRules: [{C84E823F-7F0C-4D77-BD63-C6570AFDED0B}] => (Allow) LPort=7900
FirewallRules: [{C09C8FE6-7C3A-4845-AB17-6FD231AD6079}] => (Allow) LPort=1900
FirewallRules: [{B24B1C4E-D18A-4342-AF0E-07845E8E13FE}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\FreeStyle2\LauncherSteam.exe
FirewallRules: [{4BC8765B-E102-4FA7-87E0-E7E8F1F30B6F}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\FreeStyle2\LauncherSteam.exe
FirewallRules: [{DC3DE35E-BF03-4B90-88AC-D9E7B876F608}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{4F37EE3B-F5BD-4A34-BF32-80B8751F95CC}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{6BC4802F-2D67-44A1-8AE4-5CED5FC8F868}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Divekick\DivekickD3D11.exe
FirewallRules: [{490A7624-0A1D-4C74-9E42-0EF76B411E49}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Divekick\DivekickD3D11.exe
FirewallRules: [{F4208D90-6A7B-40C1-983A-C8BA7DB2E732}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Mighty Gunvolt\MightyGunvolt.exe
FirewallRules: [{72969CAD-1484-46BC-9563-DB889894CC9F}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Mighty Gunvolt\MightyGunvolt.exe
FirewallRules: [{14009966-3BD0-4E58-ADF4-486A85B4CAC6}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\fault milestone one Demo\faultms1_demo.exe
FirewallRules: [{E1B13D94-4851-41BE-B5FA-6605242893A9}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\fault milestone one Demo\faultms1_demo.exe
FirewallRules: [{C339F8EC-1854-4D25-B0BA-C69C8985C345}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Azure Striker Gunvolt\exe\gv_win.exe
FirewallRules: [{9649E0CB-8B7C-4135-A1CA-0D7987B09BCD}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Azure Striker Gunvolt\exe\gv_win.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/07/2015 09:08:43 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Error: (12/06/2015 09:30:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm RPG_RT.exe, Version 1.0.8.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 16c8
Startzeit: 01d13064adc33ffc
Endzeit: 4294967295
Anwendungspfad: J:\Program Files (x86)\Other\Eternal Dreams\Horrorspiele\Horror Kurzfilmsammlung by Yggdrasil 2\RPG_RT.exe
Berichts-ID: 25d45bd0-9c58-11e5-bff2-78e3b5b56ba1
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (12/06/2015 06:42:14 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Error: (12/06/2015 03:46:37 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Error: (12/06/2015 02:09:15 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Error: (12/06/2015 02:09:14 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Error: (12/06/2015 02:09:12 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Error: (12/06/2015 02:09:02 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Error: (12/06/2015 11:20:49 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm W8.1EntryPoint.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 153c
Startzeit: 01d12ff44c1443d9
Endzeit: 4294967295
Anwendungspfad: C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_1.8.0.19_x86__h6adky7gbf63m\W8.1EntryPoint.exe
Berichts-ID: fa8acf28-9c02-11e5-bff1-78e3b5b56ba1
Vollständiger Name des fehlerhaften Pakets: A278AB0D.DragonManiaLegends_1.8.0.19_x86__h6adky7gbf63m
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Error: (12/06/2015 11:20:31 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: HP)
Description: Das Paket „A278AB0D.DragonManiaLegends_1.8.0.19_x86__h6adky7gbf63m+App“ wurde beendet, da das Anhalten zu lange dauerte.
Systemfehler:
=============
Error: (12/07/2015 11:51:44 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
%%5
Error: (12/07/2015 11:51:13 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 07.12.2015 um 21:58:16 unerwartet heruntergefahren.
Error: (12/07/2015 09:58:32 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
%%5
Error: (12/07/2015 08:36:25 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Adobe Acrobat Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/07/2015 08:35:32 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
%%5
Error: (12/06/2015 02:10:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (12/06/2015 02:10:58 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\HPPC\AppData\Local\Temp\ehdrv.sys
Error: (12/06/2015 02:10:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (12/06/2015 02:10:58 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\HPPC\AppData\Local\Temp\ehdrv.sys
Error: (12/06/2015 02:10:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
CodeIntegrity:
===================================
Date: 2015-02-27 08:18:30.512
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-02-27 08:18:30.402
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-02-27 08:18:30.246
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-02-27 08:18:30.106
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-02-27 08:18:29.980
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-02-27 08:18:29.855
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-02-27 08:18:29.637
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: AMD A10-5700 APU with Radeon(tm) HD Graphics
Prozentuale Nutzung des RAM: 27%
Installierter physikalischer RAM: 6039.32 MB
Verfügbarer physikalischer RAM: 4358.32 MB
Summe virtueller Speicher: 6999.32 MB
Verfügbarer virtueller Speicher: 5165.17 MB
==================== Laufwerke ================================
Drive c: (OS) (Fixed) (Total:452.14 GB) (Free:150.9 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Recovery Image) (Fixed) (Total:10.92 GB) (Free:0.94 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive f: (Spiele+Programme) (Fixed) (Total:454.22 GB) (Free:28.39 GB) NTFS
Drive j: (Sonstiges) (Fixed) (Total:244.41 GB) (Free:139.44 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 52E55227)
Partition: GPT.
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 00000001)
Partition 1: (Not Active) - (Size=993 KB) - (Type=42)
Partition 2: (Active) - (Size=454.2 GB) - (Type=42)
Partition 3: (Not Active) - (Size=244.4 GB) - (Type=42)
==================== Ende von Addition.txt ============================
|
|
08.12.2015, 20:50
| #8 |
| /// the machine /// TB-Ausbilder | Probleme nach Cyberfox Update Bitte Windows Repair laufen lassen: Windows reparieren - so geht's - Anleitungen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Probleme nach Cyberfox Update |
| antivirus, bonjour, computer, defender, dnsapi.dll, fehlermeldung, flash player, format, google, helper, internet, internet explorer, lightning, proxy, prozesse, registry, scan, security, services.exe, software, svchost.exe, system, temp, udp, warnung, werbung, windows, windowsapps |
Linear-Darstellung
