Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Probleme nach Cyberfox Update

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 20.11.2015, 23:28   #1
Kaitosan
 
Probleme nach Cyberfox Update - Standard

Probleme nach Cyberfox Update



Hallo,

habe vor ca. zwei Tagen mein Cyberfox geupdated, nur irgendwie spinnen seit dem verschiedene Sachen. Zuerst öffnete sich eine Seite im internet explorer, und schloss sich danach direkt wieder. Youtube Videos stürzen häufig ab und kurz vorher spinnt der Sound von eben diesen. Auch kann ich hier und da durch meine Lautsprecher Werbung hören so als würde diese im Hintergrund kurz laufen. Allerdings ist da irgendwie nichts. Panda Antivirus macht auch keine Meldung.

Dazu kommt noch das der PC hier und da zufällig einfriert und nichts mehr geht. Kann dann nur Strom aus und wieder ein schalten.


GMER Scan funktioniert bei mir übrigens nicht, kriege nur eine Fehlermeldung und dann stürzt es ab.

FRST.txt
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:20-11-2015
durchgeführt von HPPC (Administrator) auf HP (21-11-2015 00:16:16)
Gestartet von C:\Users\HPPC\Desktop
Geladene Profile: HPPC (Verfügbare Profile: HPPC)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_1.8.0.19_x86__h6adky7gbf63m\W8.1EntryPoint.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Dropbox, Inc.) C:\Users\HPPC\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe
(8pecxstudios) C:\Program Files\Cyberfox\Cyberfox.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2012-08-10] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-08-10] (IDT, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [40184 2015-02-17] (Panda Security, S.L.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-11-12] (LogMeIn Inc.)
HKLM\...\Winlogon: [Userinit] C:\WINDOWS\SysWOW64\userinit.exe,
HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\Run: [Spotify Web Helper] => C:\Users\HPPC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-12] (Spotify Ltd)
HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\Run: [Dropbox Update] => C:\Users\HPPC\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-19] (Dropbox, Inc.)
HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\MountPoints2: {d4a071f6-483f-11e5-bf85-78e3b5b56ba1} - "G:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\MountPoints2: {d4a072b9-483f-11e5-bf85-78e3b5b56ba1} - "G:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\MountPoints2: {f3de35ef-23c5-11e4-be72-78e3b5b56ba1} - "H:\wubi.exe" 
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\..\Interfaces\{687EFE86-7C48-4DD7-9764-BFDE83F885DD}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{93B37C6C-F077-40E8-BA0B-A8E67EA05545}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-08-14] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-08-14] (Oracle Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll [2014-08-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2015-07-19] (Unity Technologies ApS)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll [2014-08-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-08-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-08-14] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-06-26] (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-3776727103-4227896957-2343858286-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\HPPC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-09-05] (Unity Technologies ApS)

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
S2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244392 2015-06-02] (Foxit Software Inc.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-11-12] (LogMeIn, Inc.)
S2 Mobizen plugin; C:\Program Files (x86)\RSUPPORT\MobizenService\MobizenService.exe [3353360 2015-08-14] ( Rsupport Corporation)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142584 2015-02-17] (Panda Security, S.L.)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [66808 2014-10-09] (Panda Security, S.L.)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [Datei ist nicht signiert]
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-06-26] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-06-26] (pdfforge GmbH)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-02-17] (Panda Security, S.L.)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [321536 2012-08-10] (IDT, Inc.) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-03] (Advanced Micro Devices)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.)
S3 HtcVCom32; C:\Windows\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [93968 2015-02-09] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [202000 2015-02-09] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [110864 2015-02-09] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [116496 2015-02-09] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [49936 2014-12-31] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [99600 2015-02-09] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [69904 2015-02-09] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [124176 2015-02-09] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [299792 2015-02-09] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [166160 2015-02-09] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [113424 2015-02-09] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [257296 2015-02-09] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [106256 2015-02-09] (Panda Security, S.L.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [163088 2015-02-11] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [121616 2015-02-11] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [197392 2015-02-10] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [124176 2015-02-11] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [133904 2015-02-11] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [107792 2015-02-11] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [61712 2015-01-29] (Panda Security, S.L.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [35320 2014-09-22] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [258368 2014-09-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-21 00:16 - 2015-11-21 00:16 - 00015280 _____ C:\Users\HPPC\Desktop\FRST.txt
2015-11-21 00:12 - 2015-11-21 00:12 - 02345984 _____ (Farbar) C:\Users\HPPC\Desktop\FRST64.exe
2015-11-20 17:18 - 2015-11-20 17:19 - 00000000 ____D C:\Users\HPPC\AppData\Local\SM3DL
2015-11-19 21:57 - 2015-01-29 18:21 - 00061712 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
2015-11-17 22:00 - 2015-11-17 22:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-11-17 22:00 - 2015-11-17 22:00 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2015-11-16 16:27 - 2015-11-16 16:27 - 00000000 __SHD C:\WINDOWS\SysWOW64\AI_RecycleBin
2015-11-16 16:12 - 2015-11-16 16:12 - 00000000 ____D C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cyberfox
2015-11-15 00:30 - 2015-11-18 20:36 - 00000000 ____D C:\Users\HPPC\Desktop\Base
2015-11-14 15:48 - 2015-11-14 15:48 - 00000085 ___SH C:\ProgramData\.zreglib
2015-11-14 15:48 - 2015-11-14 15:48 - 00000000 ____D C:\ProgramData\Elaborate Bytes
2015-11-13 15:07 - 2015-11-15 10:16 - 00000000 ____D C:\Users\HPPC\Desktop\Luxaren Allure v1
2015-11-13 12:42 - 2015-11-13 12:42 - 00000000 ____D C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-11-12 11:47 - 2015-11-12 11:47 - 00045680 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys
2015-11-03 12:22 - 2015-11-18 01:12 - 00000000 ____D C:\Users\HPPC\Desktop\Convert
2015-11-02 16:18 - 2015-11-06 09:06 - 00000000 ____D C:\Users\HPPC\Downloads\PS3
2015-10-30 15:13 - 2015-11-16 17:43 - 00000238 _____ C:\Users\HPPC\Desktop\Neues Textdokument.txt
2015-10-27 10:21 - 2015-10-27 10:21 - 00000000 ____D C:\Users\HPPC\AppData\Roaming\fltk.org
2015-10-27 10:21 - 2015-10-27 10:21 - 00000000 ____D C:\ProgramData\fltk.org
2015-10-23 22:33 - 2015-10-23 22:33 - 00000000 ____D C:\Users\HPPC\Documents\Games
2015-10-23 22:33 - 2015-10-23 22:33 - 00000000 ____D C:\Users\HPPC\AppData\Local\KADOKAWA
2015-10-23 22:30 - 2015-10-23 22:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RPG Maker MV
2015-10-23 22:29 - 2015-10-23 22:29 - 00000000 ____D C:\Program Files (x86)\KADOKAWA

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-21 00:16 - 2015-02-24 16:20 - 00000000 ____D C:\FRST
2015-11-21 00:07 - 2014-08-14 19:40 - 00000000 ____D C:\Users\HPPC\AppData\Roaming\Skype
2015-11-21 00:00 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-20 23:41 - 2015-06-19 14:31 - 00001226 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3776727103-4227896957-2343858286-1001UA.job
2015-11-20 23:04 - 2014-08-17 14:42 - 00000000 ____D C:\Users\HPPC\AppData\Roaming\vlc
2015-11-20 23:03 - 2015-08-30 08:16 - 00000000 ____D C:\Users\HPPC\Desktop\Neu
2015-11-20 22:39 - 2015-10-13 10:40 - 00000000 ____D C:\Users\HPPC\Desktop\Szenen
2015-11-20 22:25 - 2014-08-16 11:52 - 00000000 __RHD C:\Users\HPPC\Dropbox
2015-11-20 22:25 - 2014-08-16 11:49 - 00000000 ____D C:\Users\HPPC\AppData\Roaming\Dropbox
2015-11-20 22:21 - 2014-08-26 13:14 - 109657600 ___SH C:\Users\HPPC\Desktop\Thumbs.db
2015-11-20 22:01 - 2015-02-22 15:37 - 00000000 ___RD C:\Users\HPPC\OneDrive
2015-11-20 22:01 - 2014-08-25 20:37 - 00000000 ____D C:\Users\HPPC\AppData\Local\LogMeIn Hamachi
2015-11-20 21:59 - 2015-10-15 20:57 - 00006008 _____ C:\WINDOWS\setupact.log
2015-11-20 21:59 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-20 17:49 - 2013-08-22 14:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-11-20 17:48 - 2015-02-22 15:08 - 00000000 ____D C:\Users\HPPC
2015-11-20 17:27 - 2014-08-14 20:21 - 00000000 ___RD C:\Users\HPPC\Desktop\Spiele
2015-11-20 15:34 - 2015-08-27 19:29 - 01078794 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-20 08:51 - 2014-08-09 14:11 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3776727103-4227896957-2343858286-1001
2015-11-20 01:01 - 2015-08-09 11:00 - 00000000 ___RD C:\Users\HPPC\Desktop\FinVal
2015-11-20 00:39 - 2015-08-09 23:21 - 00000000 ____D C:\Users\HPPC\Desktop\Yoshi Wallpaper
2015-11-19 22:29 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-19 22:15 - 2015-10-11 18:15 - 00000000 ____D C:\Users\HPPC\Desktop\NVList-3.3
2015-11-19 01:41 - 2015-06-19 14:31 - 00001174 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3776727103-4227896957-2343858286-1001Core.job
2015-11-18 10:27 - 2014-08-27 14:56 - 00005632 _____ C:\Users\HPPC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-11-18 10:27 - 2014-08-16 21:07 - 00000000 ____D C:\Users\HPPC\Documents\Camtasia Studio
2015-11-18 01:13 - 2014-11-21 04:35 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-18 01:13 - 2014-11-21 03:45 - 00764340 _____ C:\WINDOWS\system32\perfh007.dat
2015-11-18 01:13 - 2014-11-21 03:45 - 00159160 _____ C:\WINDOWS\system32\perfc007.dat
2015-11-17 22:02 - 2014-08-14 20:21 - 00000000 ___RD C:\Users\HPPC\Desktop\Programme
2015-11-17 10:32 - 2014-11-26 11:01 - 00000000 ___RD C:\Users\HPPC\Desktop\Bilder
2015-11-17 10:10 - 2015-01-12 11:43 - 00000000 ____D C:\Users\HPPC\Downloads\3DS
2015-11-17 09:16 - 2014-08-15 17:19 - 00000000 ____D C:\Users\HPPC\AppData\Local\JDownloader v2.0
2015-11-16 16:12 - 2014-08-14 19:33 - 00000826 _____ C:\Users\Public\Desktop\Cyberfox.lnk
2015-11-16 16:12 - 2014-08-14 19:33 - 00000000 ____D C:\Program Files\Cyberfox
2015-11-16 13:15 - 2015-08-12 21:15 - 00000000 ____D C:\Users\HPPC\Desktop\Dragons
2015-11-15 00:30 - 2014-08-16 11:25 - 00000000 ___RD C:\Users\HPPC\Desktop\Sonstiges
2015-11-14 15:48 - 2014-08-15 17:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2015-11-14 15:48 - 2014-08-15 17:01 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
2015-10-27 10:21 - 2014-11-27 12:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amnesia - The Dark Descent
2015-10-27 10:13 - 2014-11-27 14:16 - 00000000 ____D C:\Users\HPPC\Documents\Amnesia
2015-10-27 08:18 - 2013-08-22 15:44 - 04957520 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-10-22 21:19 - 2015-07-21 21:31 - 00000000 ___RD C:\Users\HPPC\Desktop\Pandora's Box
2015-10-22 16:04 - 2014-08-20 11:40 - 00000000 ____D C:\Users\HPPC\AppData\Roaming\FileZilla

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-08-18 01:24 - 2014-08-19 11:20 - 0000132 _____ () C:\Users\HPPC\AppData\Roaming\Adobe PNG Format CS5 Prefs
2015-05-08 23:28 - 2015-05-09 00:18 - 0014086 _____ () C:\Users\HPPC\AppData\Roaming\SpeedRunnersLog.txt
2015-05-08 23:32 - 2015-05-08 23:32 - 0002916 _____ () C:\Users\HPPC\AppData\Roaming\TargetInvocationLog.txt
2014-09-26 14:44 - 2015-10-17 12:56 - 0001456 _____ () C:\Users\HPPC\AppData\Local\Adobe Für Web speichern 11.0 Prefs
2014-08-27 14:56 - 2015-11-18 10:27 - 0005632 _____ () C:\Users\HPPC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-26 02:42 - 2015-07-21 23:37 - 0007608 _____ () C:\Users\HPPC\AppData\Local\Resmon.ResmonCfg
2015-11-14 15:48 - 2015-11-14 15:48 - 0000085 ___SH () C:\ProgramData\.zreglib

Einige Dateien in TEMP:
====================
C:\Users\HPPC\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkrk72t.dll
C:\Users\HPPC\AppData\Local\Temp\proxy_vole1591921514149422294.dll
C:\Users\HPPC\AppData\Local\Temp\proxy_vole4710295672764641662.dll
C:\Users\HPPC\AppData\Local\Temp\proxy_vole5307946691491688091.dll
C:\Users\HPPC\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-20 13:38

==================== Ende von FRST.txt ============================
         
Addition.txt
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:20-11-2015
durchgeführt von HPPC (2015-11-21 00:17:29)
Gestartet von C:\Users\HPPC\Desktop
Windows 8.1 (X64) (2015-02-22 14:27:51)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3776727103-4227896957-2343858286-500 - Administrator - Disabled)
Gast (S-1-5-21-3776727103-4227896957-2343858286-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3776727103-4227896957-2343858286-1006 - Limited - Enabled)
HPPC (S-1-5-21-3776727103-4227896957-2343858286-1001 - Administrator - Enabled) => C:\Users\HPPC

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Panda Free Antivirus (Enabled - Up to date) {AAF74A68-8713-CDF1-004F-30003398BE9E}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Free Antivirus (Enabled - Up to date) {1196AB8C-A129-C27F-3AFF-0B72481FF423}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Firewall (Disabled) {92CCCB4D-CD7C-CCA9-2B10-9935CD4BF9E5}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Amnesia - The Dark Descent  (HKLM-x32\...\{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1) (Version: 1.2 - Frictional Games)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Azure Striker Gunvolt (HKLM-x32\...\Steam App 388800) (Version:  - INTI CREATES CO., LTD.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Camtasia Studio 8 (HKLM-x32\...\{3F3A5785-81E3-4065-B643-B4933790AE1E}) (Version: 8.1.1.1313 - TechSmith Corporation)
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5000 - CDBurnerXP)
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.3 - Elaborate Bytes)
Crazy Taxi (HKLM-x32\...\Steam App 71230) (Version:  - SEGA)
Cyberfox Web Browser (HKLM\...\{5EFB52C0-4EC9-46B4-80EB-8432C6599641}_is1) (Version: 42.0.1.0 - 8pecxstudios)
Dear Esther Version 1.0 (HKLM-x32\...\Dear Esther_is1) (Version: 1.0 - TheChineseRoom)
Divekick (HKLM-x32\...\Steam App 244730) (Version:  - Iron Galaxy Studios)
Dropbox (HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
fault milestone one Demo (HKLM-x32\...\Steam App 313680) (Version:  - ALICE IN DISSONANCE)
FINAL FANTASY XIII-2 (HKLM-x32\...\Steam App 292140) (Version:  - SQUARE ENIX)
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.5.116.602 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.0.6.1126 - Foxit Software Inc.)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
FreeStyle2: Street Basketball (HKLM-x32\...\Steam App 339610) (Version:  - Joycity)
GitHub (HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\5f7eb300e2ea4ebf) (Version: 3.0.6.4 - GitHub, Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6418.0 - IDT)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.410 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.410 - LogMeIn, Inc.) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mighty Gunvolt (HKLM-x32\...\Steam App 394600) (Version:  - INTI CREATES CO., LTD.)
Mobizen (HKLM-x32\...\{BA0D3A44-BCEE-4C8B-BCD4-F7F1E64F41E3}) (Version: 2.16.0.2 - RSUPPORT)
Mozilla Thunderbird 31.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.5.0 (x86 de)) (Version: 31.5.0 - Mozilla)
NiGHTS into Dreams... (HKLM-x32\...\Steam App 219950) (Version:  - SEGA)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.3 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.04 - Panda Security)
Panda Devices Agent (x32 Version: 1.05.00 - Panda Security) Hidden
Panda Free Antivirus (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 15.01.00.0000 - Panda Security)
Panda Free Antivirus (Version: 7.81.00.0000 - Panda Security) Hidden
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version:  - OVERKILL Software)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)
PDF Architect 2 View Module (HKLM-x32\...\{C960FF38-431D-429D-AD1F-FBD12A45B7C5}) (Version: 2.0.17.17583 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
PHANTASY STAR UNIVERSE (HKLM-x32\...\PHANTASY STAR UNIVERSE_is1) (Version:  - SEGA SONIC TEAM)
PhotoFiltre 7 (HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\PhotoFiltre 7) (Version:  - )
Project 64 version 2.2.0.3 (HKLM-x32\...\{BEB5FB69-4080-466F-96C4-F15DF271718B}_is1) (Version: 2.2.0.3 - )
Project My Screen App (HKLM-x32\...\{DF901456-7160-49DB-977B-0E91858CA2CB}) (Version: 8.0.12349 - Microsoft Corporation)
Ragnarök Online (HKLM-x32\...\{55725CAB-ED4D-4169-A22E-20249EFCF2B5}) (Version: 14.1 - Gravity)
Resident Evil 6 / Biohazard 6 (HKLM-x32\...\Steam App 221040) (Version:  - Capcom)
RGSS-RTP Standard (HKLM-x32\...\{5A9FE525-8B8F-4701-A937-7F6745A4E9C7}) (Version: 1.0.0 - Enterbrain)
RPG Maker 2003 v1.08 (HKLM-x32\...\RPG Maker 2003_is1) (Version:  - Enterbrain, Inc.)
RPG Maker MV (HKLM-x32\...\RPGMV_is1) (Version: 1.0.0.0 - KADOKAWA)
RPG MAKER VX Ace (HKLM-x32\...\RPG MAKER VX Ace_is1) (Version: 1.01a - )
RPG Maker XP (HKLM-x32\...\RPGXP_E_is1) (Version: 1.05 - Enterbrain)
SILENT HILL 3 (HKLM-x32\...\InstallShield_{14D10AAC-9737-454E-A247-8075C26C30E1}) (Version: 1.00.0000 - Konami Computer Entertainment Tokyo, Inc.)
SILENT HILL 3 (x32 Version: 1.00.0000 - Konami Computer Entertainment Tokyo, Inc.) Hidden
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Sonic & All-Stars Racing Transformed (HKLM-x32\...\Steam App 212480) (Version:  - Sumo Digital)
Sonic Adventure DX (HKLM-x32\...\Steam App 71250) (Version:  - SEGA)
Sonic Generations (HKLM-x32\...\Steam App 71340) (Version:  - Devil's Details)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
SpeedRunners (HKLM-x32\...\Steam App 207140) (Version:  - DoubleDutch Games)
Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.15 - Splashtop Inc.)
Splashtop Streamer (HKLM-x32\...\{B7C5EA94-B96A-41F5-BE95-25D78B486678}) (Version: 2.6.0.4 - Splashtop Inc.)
Spotify (HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Last Remnant (HKLM-x32\...\Steam App 23310) (Version:  - SQUARE ENIX)
Thief (HKLM-x32\...\Steam App 239160) (Version:  - Eidos-Montréal)
Unity Web Player (HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\UnityWebPlayer) (Version: 4.5.4f1 - Unity Technologies ApS)
Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.6.4f1 - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

30-10-2015 09:54:17 Geplanter Prüfpunkt
08-11-2015 01:49:49 Geplanter Prüfpunkt
16-11-2015 00:42:42 Geplanter Prüfpunkt
18-11-2015 01:13:27 UltraMon wird entfernt

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {26307C61-2BD7-45FB-9910-F4A494F26755} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {29470BB9-1590-410B-97FF-A0CFDE07A7FB} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3776727103-4227896957-2343858286-1001
Task: {405FAB6A-74DB-4EAF-9E35-DDA6A4C2CD60} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3776727103-4227896957-2343858286-1001Core => C:\Users\HPPC\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)
Task: {5712CE09-B483-453B-9147-BAE5579FFEDF} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3776727103-4227896957-2343858286-1001UA => C:\Users\HPPC\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3776727103-4227896957-2343858286-1001Core.job => C:\Users\HPPC\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3776727103-4227896957-2343858286-1001UA.job => C:\Users\HPPC\AppData\Local\Dropbox\Update\DropboxUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-10-17 14:27 - 2013-10-17 14:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2015-04-15 21:13 - 2015-04-15 21:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2014-07-04 21:33 - 2014-07-04 21:33 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2015-11-19 22:28 - 2015-11-19 22:29 - 15079424 _____ () C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_1.8.0.19_x86__h6adky7gbf63m\W8.1EntryPoint.exe
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-04-12 18:23 - 2013-04-12 18:23 - 00612664 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll
2015-11-19 22:28 - 2015-11-19 22:29 - 00044544 _____ () C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_1.8.0.19_x86__h6adky7gbf63m\IGPLib_Windows_8.dll
2015-11-19 22:28 - 2015-11-19 22:29 - 00056320 _____ () C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_1.8.0.19_x86__h6adky7gbf63m\GLAdsManager.dll
2015-11-19 22:28 - 2015-11-19 22:29 - 00663040 _____ () C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_1.8.0.19_x86__h6adky7gbf63m\WindowsCorePackage.Windows81.dll
2015-11-19 22:28 - 2015-11-19 22:29 - 00178688 _____ () C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_1.8.0.19_x86__h6adky7gbf63m\InAppPurchaseComponentW8_x86.dll
2015-11-19 22:28 - 2015-11-19 22:29 - 00028160 _____ () C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_1.8.0.19_x86__h6adky7gbf63m\PopupRuntimeModule.dll
2015-11-20 08:51 - 2015-11-20 08:51 - 00186880 _____ () C:\Users\HPPC\AppData\Local\Packages\A278AB0D.DragonManiaLegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\IGPBridgeLibrary\0d11bae9eedde0c1b2a08681df5b2f8e\IGPBridgeLibrary.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 03530752 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.UI.Xaml\0b2afd93fc0545b7b94339e8a4a7af97\Windows.UI.Xaml.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00960000 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.UI\8ddd8ad15fe3fb05a871ef0115fb84e2\Windows.UI.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00228864 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Foundation\16c3eb7650767d95d002c998d0c73eb5\Windows.Foundation.ni.dll
2015-11-20 08:51 - 2015-11-20 08:51 - 00344064 _____ () C:\Users\HPPC\AppData\Local\Packages\A278AB0D.DragonManiaLegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\FacebookRun67b5d43e#\e0f36441fa3fa36571abdb8b8f5aa5ee\FacebookRuntimeComponent.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 01131008 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.App640a3541#\72dff8d45b73e9b02b3838d29765607a\Windows.ApplicationModel.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00337920 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Data\98644a649e9bf9e880f2e97889501b07\Windows.Data.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00808448 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Storage\7abff64c7c1ea1fae5bd170c8238b73e\Windows.Storage.ni.dll
2015-11-20 08:51 - 2015-11-20 08:51 - 00053760 _____ () C:\Users\HPPC\AppData\Local\Packages\A278AB0D.DragonManiaLegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\GLAds_Bridge_Lib\71d0ecf6e40e946ad905161d4b8486bd\GLAds_Bridge_Lib.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00402432 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Security\ae4a1bf110c1a12f619514bde2b27939\Windows.Security.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00133120 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.System\c639835fe3da556a2cbe2e03540996c0\Windows.System.ni.dll
2015-11-20 08:51 - 2015-11-20 08:51 - 00863744 _____ () C:\Users\HPPC\AppData\Local\Packages\A278AB0D.DragonManiaLegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\GLAds__Root\bba30b943ee115b42d0fb7e3132f465f\GLAds__Root.ni.dll
2015-11-20 08:51 - 2015-11-20 08:51 - 00032256 _____ () C:\Users\HPPC\AppData\Local\Packages\A278AB0D.DragonManiaLegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\PopUpsBridgeLibrary\8bdfeb35d1618b40d5fd567c034d905a\PopUpsBridgeLibrary.ni.dll
2015-11-20 08:51 - 2015-11-20 08:51 - 00047616 _____ () C:\Users\HPPC\AppData\Local\Packages\A278AB0D.DragonManiaLegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\PopUpsView\ca40c0f61b14c9e986746b6fb1d8c93c\PopUpsView.ni.dll
2015-11-20 08:51 - 2015-11-20 08:51 - 00135168 _____ () C:\Users\HPPC\AppData\Local\Packages\A278AB0D.DragonManiaLegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\W8_1EntryPoint\1e2dd38ac09f4c38b56f93039a50622a\W8_1EntryPoint.ni.dll
2015-11-20 08:51 - 2015-11-20 08:51 - 00249344 _____ () C:\Users\HPPC\AppData\Local\Packages\A278AB0D.DragonManiaLegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\IGPWindows8\4d50acb30008b043d587d99eee69cc72\IGPWindows8.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00239616 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Gloaae92e31#\94af4549db265c6f339c287c8675d234\Windows.Globalization.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00304128 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Graphics\eff020aac8737300c74dee47a69c9bbf\Windows.Graphics.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 01282048 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Devices\4764145200fcd33a90ced1505892fce6\Windows.Devices.ni.dll
2015-11-20 08:51 - 2015-11-20 08:51 - 00068096 _____ () C:\Users\HPPC\AppData\Local\Packages\A278AB0D.DragonManiaLegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\WCPToolkit\3328b38b7a94906f3e3f0a49ad5cd127\WCPToolkit.ni.dll
2015-11-20 08:51 - 2015-11-20 08:51 - 00403456 _____ () C:\Users\HPPC\AppData\Local\Packages\A278AB0D.DragonManiaLegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\Notificatioc5a47191#\cd8f1245f69d554ae0d875c6c5b589a0\NotificationsExtensions.ni.dll
2015-09-16 01:14 - 2015-09-16 01:14 - 00799232 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Networking\86865ced79f3180ebdfa736d895e5edb\Windows.Networking.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00873472 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Web\5a696652396e3e6bc1b2f36a25751862\Windows.Web.ni.dll
2015-06-08 20:06 - 2015-06-08 20:06 - 00014336 _____ () C:\Program Files (x86)\Notepad++\plugins\NppExport.dll
2015-05-15 15:24 - 2015-05-15 15:24 - 02873856 _____ () C:\Program Files (x86)\Notepad++\plugins\NppFTP.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\HPPC\Desktop\43825153_p0.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\HPPC\Desktop\44e477d0c35b67de32be6ae42a98c718.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\HPPC\Desktop\Chillin' evening.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\HPPC\Desktop\First kiss darker characters.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\HPPC\Desktop\Good night 2.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\HPPC\Desktop\Night time2.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\HPPC\Desktop\Version 1- stare.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\HPPC\Desktop\Version 2- kiss.jpg:com.dropbox.attributes

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\HPPC\AppData\Roaming\8pecxstudios\Cyberfox\Desktop Background.bmp
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{23FC7089-0D60-4869-ABFD-DAC6C01F04A8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{FEBBDA95-1D87-44E0-A5BD-C834771B6D80}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D9522932-BB3B-471A-A550-922C674A876B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CACAB489-4310-4D49-94FD-7B937AB7621B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{43EEA5A2-04E3-4F9D-81E3-D391710F4784}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{D1958A19-74F5-41FF-A27A-1847102504D7}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{143E2BD3-A7F1-4A00-9A92-1A5176F1597A}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\FINAL FANTASY XIII-2\FFXiii2Launcher.exe
FirewallRules: [{4AECFAC5-6B9C-4135-8599-368C74856701}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\FINAL FANTASY XIII-2\FFXiii2Launcher.exe
FirewallRules: [{56D069FC-7A2B-4C9A-8EAC-4AEA643F5874}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{77AA35B3-F4F4-42C3-B3C0-A45403B4D8A7}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{6596ABD8-6219-40F8-B03F-1B85F05CF579}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\The Last Remnant\Binaries\TLR.exe
FirewallRules: [{38609705-6AB2-493D-A4B6-CCB090F35F0F}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\The Last Remnant\Binaries\TLR.exe
FirewallRules: [{90948236-7A68-4E2C-9265-FB8049C7C3D8}] => (Allow) C:\Users\HPPC\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{470501B4-17D4-4105-94A2-E866E1190179}] => (Allow) C:\Users\HPPC\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{3B178E18-BF08-433A-BBC2-A9866A9AD918}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\NiGHTS Into Dreams\Launcher.exe
FirewallRules: [{7D14D5D3-33FC-48D1-9685-706678965B52}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\NiGHTS Into Dreams\Launcher.exe
FirewallRules: [{17B9A865-90E2-4BC6-97B9-D57313EF66BF}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\Launcher.exe
FirewallRules: [{EB4F9202-C0E7-49BF-ABDE-EF5502AFE4C6}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\Launcher.exe
FirewallRules: [{73C6B972-6BB6-4C8E-8201-5AD3DD3D10FF}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe
FirewallRules: [{14596CDC-1143-411A-817A-69A9EDCDC4D6}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe
FirewallRules: [{2CE0FD85-A5E4-4F11-8DAF-01568EB7DBB1}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic Adventure DX\AppLauncher.exe
FirewallRules: [{6D6BD41E-CC9C-4B53-B6BF-A3F76DCE21A6}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic Adventure DX\AppLauncher.exe
FirewallRules: [{AB4CE098-66DC-40B0-B9C2-827BFDA0DE6F}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Crazy Taxi\AppLauncher.exe
FirewallRules: [{E50434DD-B1E7-40F4-947F-0C5F73B23CB1}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Crazy Taxi\AppLauncher.exe
FirewallRules: [{F518EB44-C3E9-491E-8442-758840448BEA}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic Generations\ConfigurationTool.exe
FirewallRules: [{7CFA4D53-37B5-49CB-8023-E9B34D9FA350}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic Generations\ConfigurationTool.exe
FirewallRules: [{BEB0C014-3ED4-4BE3-8E70-7A2978BEDEEA}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic Generations\SonicGenerations.exe
FirewallRules: [{B5CDF304-B827-45F6-A2FB-9CB6658C4DD4}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic Generations\SonicGenerations.exe
FirewallRules: [{29502EA3-799C-4C41-9587-028A3C3710C0}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{F58A21E0-FF17-4DC0-A820-C586CD1A6B9D}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{C9D50332-DCCD-4D68-949D-B42542688C18}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{4FFFB6DC-741A-4A1E-9F3E-49690A911EA7}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{CE4A72EE-F675-48B6-BCF6-76E7DE1A6131}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\DataProxy.exe
FirewallRules: [{CA8DA855-6844-4C4E-A0DD-E5C0B10EC8BD}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
FirewallRules: [{4DE4DBC9-0E08-4872-A0D8-B6B02966AACA}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
FirewallRules: [{BB3DF925-92B0-4F71-B89D-0CE1B6858419}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Resident Evil 6\BH6.exe
FirewallRules: [{A3A23176-AF35-45C3-9504-488286001A2D}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Resident Evil 6\BH6.exe
FirewallRules: [{1609350F-083C-46AE-880B-79B2EE942B7A}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{872A30A4-C588-47C5-B6B0-FD0E5883E0F5}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{B3380C7E-2F69-4594-B265-08BEB8D97E90}] => (Allow) F:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{DCE5FED3-DB8B-4B3C-8C71-42C2EE515561}] => (Allow) F:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{D86A4DFC-D449-4B22-A987-5BE304026113}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{89026587-DAED-4FD7-8FC6-3ACEEEDCDAFC}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B4B7A26A-8F73-4849-BEB2-A2FAEA057C0D}] => (Allow) C:\Users\HPPC\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{4D252D01-2EDF-4EA2-90E0-8113B0A44C31}] => (Allow) C:\Users\HPPC\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [UDP Query User{743977DF-B0B5-4B4C-BF28-E9B661A2F7C7}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{BCE09F39-6899-42E8-8AB1-F0D5364FD623}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{AA4CD044-A3A2-48A1-B12D-E845C5B82E23}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{ADDE23F0-A14A-4B1D-81B1-E278B4B9BFD5}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [{83AA786E-A70F-4678-9234-629BDB6F8AC8}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [{6F9CFE8C-0755-483A-B663-39D72C5C7A28}] => (Allow) LPort=8743
FirewallRules: [{BB54A553-68E5-42DA-AD55-F9906D8EEE02}] => (Allow) LPort=8643
FirewallRules: [{5C8B8923-9196-4948-83E0-B63F30FBBCD0}] => (Allow) LPort=7676
FirewallRules: [{32FEE7F9-CF4D-4E54-A5FA-BF67A655933D}] => (Allow) LPort=7679
FirewallRules: [{230E229D-8BA8-4773-9150-76A3E1EC963D}] => (Allow) LPort=24234
FirewallRules: [{C84E823F-7F0C-4D77-BD63-C6570AFDED0B}] => (Allow) LPort=7900
FirewallRules: [{C09C8FE6-7C3A-4845-AB17-6FD231AD6079}] => (Allow) LPort=1900
FirewallRules: [{B24B1C4E-D18A-4342-AF0E-07845E8E13FE}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\FreeStyle2\LauncherSteam.exe
FirewallRules: [{4BC8765B-E102-4FA7-87E0-E7E8F1F30B6F}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\FreeStyle2\LauncherSteam.exe
FirewallRules: [{DC3DE35E-BF03-4B90-88AC-D9E7B876F608}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{4F37EE3B-F5BD-4A34-BF32-80B8751F95CC}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{6BC4802F-2D67-44A1-8AE4-5CED5FC8F868}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Divekick\DivekickD3D11.exe
FirewallRules: [{490A7624-0A1D-4C74-9E42-0EF76B411E49}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Divekick\DivekickD3D11.exe
FirewallRules: [{F4208D90-6A7B-40C1-983A-C8BA7DB2E732}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Mighty Gunvolt\MightyGunvolt.exe
FirewallRules: [{72969CAD-1484-46BC-9563-DB889894CC9F}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Mighty Gunvolt\MightyGunvolt.exe
FirewallRules: [{14009966-3BD0-4E58-ADF4-486A85B4CAC6}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\fault milestone one Demo\faultms1_demo.exe
FirewallRules: [{E1B13D94-4851-41BE-B5FA-6605242893A9}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\fault milestone one Demo\faultms1_demo.exe
FirewallRules: [{C339F8EC-1854-4D25-B0BA-C69C8985C345}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Azure Striker Gunvolt\exe\gv_win.exe
FirewallRules: [{9649E0CB-8B7C-4135-A1CA-0D7987B09BCD}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Azure Striker Gunvolt\exe\gv_win.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/20/2015 04:52:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Photoshop.exe, Version: 12.0.0.0, Zeitstempel: 0x4b504eff
Name des fehlerhaften Moduls: ScriptingSupport.8li, Version: 10.0.0.0, Zeitstempel: 0x4b505282
Ausnahmecode: 0xc000041d
Fehleroffset: 0x00018a15
ID des fehlerhaften Prozesses: 0x17c0
Startzeit der fehlerhaften Anwendung: 0xPhotoshop.exe0
Pfad der fehlerhaften Anwendung: Photoshop.exe1
Pfad des fehlerhaften Moduls: Photoshop.exe2
Berichtskennung: Photoshop.exe3
Vollständiger Name des fehlerhaften Pakets: Photoshop.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Photoshop.exe5

Error: (11/20/2015 04:52:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Photoshop.exe, Version: 12.0.0.0, Zeitstempel: 0x4b504eff
Name des fehlerhaften Moduls: ScriptingSupport.8li, Version: 10.0.0.0, Zeitstempel: 0x4b505282
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00018a15
ID des fehlerhaften Prozesses: 0x17c0
Startzeit der fehlerhaften Anwendung: 0xPhotoshop.exe0
Pfad der fehlerhaften Anwendung: Photoshop.exe1
Pfad des fehlerhaften Moduls: Photoshop.exe2
Berichtskennung: Photoshop.exe3
Vollständiger Name des fehlerhaften Pakets: Photoshop.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Photoshop.exe5

Error: (11/20/2015 03:09:21 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (11/20/2015 01:38:51 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (11/20/2015 08:52:10 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (11/20/2015 00:39:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Photoshop.exe, Version: 12.0.0.0, Zeitstempel: 0x4b504eff
Name des fehlerhaften Moduls: ScriptingSupport.8li, Version: 10.0.0.0, Zeitstempel: 0x4b505282
Ausnahmecode: 0xc000041d
Fehleroffset: 0x00018a15
ID des fehlerhaften Prozesses: 0xc68
Startzeit der fehlerhaften Anwendung: 0xPhotoshop.exe0
Pfad der fehlerhaften Anwendung: Photoshop.exe1
Pfad des fehlerhaften Moduls: Photoshop.exe2
Berichtskennung: Photoshop.exe3
Vollständiger Name des fehlerhaften Pakets: Photoshop.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Photoshop.exe5

Error: (11/20/2015 00:39:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Photoshop.exe, Version: 12.0.0.0, Zeitstempel: 0x4b504eff
Name des fehlerhaften Moduls: ScriptingSupport.8li, Version: 10.0.0.0, Zeitstempel: 0x4b505282
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00018a15
ID des fehlerhaften Prozesses: 0xc68
Startzeit der fehlerhaften Anwendung: 0xPhotoshop.exe0
Pfad der fehlerhaften Anwendung: Photoshop.exe1
Pfad des fehlerhaften Moduls: Photoshop.exe2
Berichtskennung: Photoshop.exe3
Vollständiger Name des fehlerhaften Pakets: Photoshop.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Photoshop.exe5

Error: (11/19/2015 09:20:47 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (11/18/2015 11:20:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 42.0.1.5787, Zeitstempel: 0x563ad95b
Name des fehlerhaften Moduls: webplayer_win.dll, Version: 4.6.6.2872, Zeitstempel: 0x55757527
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000006ee25e
ID des fehlerhaften Prozesses: 0x17f0
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (11/18/2015 05:44:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Photoshop.exe, Version: 12.0.0.0, Zeitstempel: 0x4b504eff
Name des fehlerhaften Moduls: ScriptingSupport.8li, Version: 10.0.0.0, Zeitstempel: 0x4b505282
Ausnahmecode: 0xc000041d
Fehleroffset: 0x00018a15
ID des fehlerhaften Prozesses: 0x9d8
Startzeit der fehlerhaften Anwendung: 0xPhotoshop.exe0
Pfad der fehlerhaften Anwendung: Photoshop.exe1
Pfad des fehlerhaften Moduls: Photoshop.exe2
Berichtskennung: Photoshop.exe3
Vollständiger Name des fehlerhaften Pakets: Photoshop.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Photoshop.exe5


Systemfehler:
=============
Error: (11/21/2015 00:07:07 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (11/21/2015 00:07:07 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (11/21/2015 00:07:07 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (11/20/2015 10:01:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Skype Updater" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/20/2015 10:01:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Splashtop Software Updater Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/20/2015 10:01:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Splashtop® Remote Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/20/2015 10:01:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Foxit Cloud Safe Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/20/2015 10:01:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Adobe Acrobat Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/20/2015 10:00:04 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (11/20/2015 00:47:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Splashtop Software Updater Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2015-02-27 08:18:30.512
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-27 08:18:30.402
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-27 08:18:30.246
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-27 08:18:30.106
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-27 08:18:29.980
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-27 08:18:29.855
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-27 08:18:29.637
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: AMD A10-5700 APU with Radeon(tm) HD Graphics 
Prozentuale Nutzung des RAM: 35%
Installierter physikalischer RAM: 6039.32 MB
Verfügbarer physikalischer RAM: 3916.63 MB
Summe virtueller Speicher: 6999.32 MB
Verfügbarer virtueller Speicher: 4313.91 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:452.14 GB) (Free:155.29 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Recovery Image) (Fixed) (Total:10.92 GB) (Free:0.94 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive f: (Spiele+Programme) (Fixed) (Total:454.22 GB) (Free:30.15 GB) NTFS
Drive j: (Sonstiges) (Fixed) (Total:244.41 GB) (Free:140.1 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 52E55227)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 00000001)
Partition 1: (Not Active) - (Size=993 KB) - (Type=42)
Partition 2: (Active) - (Size=454.2 GB) - (Type=42)
Partition 3: (Not Active) - (Size=244.4 GB) - (Type=42)

==================== Ende von Addition.txt ============================
         

Alt 21.11.2015, 10:06   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Probleme nach Cyberfox Update - Standard

Probleme nach Cyberfox Update



hi,

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________

__________________

Alt 21.11.2015, 14:09   #3
Kaitosan
 
Probleme nach Cyberfox Update - Standard

Probleme nach Cyberfox Update



Habe ich gemacht, beide zeigen nichts an:

mbar.exe
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2015.11.21.03
  rootkit: v2015.11.14.01

Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.17631
HPPC :: HP [administrator]

21.11.2015 14:21:55
mbar-log-2015-11-21 (14-21-55).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 383937
Time elapsed: 39 minute(s), 37 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
TDSSKiller
Code:
ATTFilter
15:04:24.0329 0x14a0  TDSS rootkit removing tool 3.1.0.6 Nov 16 2015 12:17:23
15:04:24.0329 0x14a0  UEFI system
15:04:27.0705 0x14a0  ============================================================
15:04:27.0705 0x14a0  Current date / time: 2015/11/21 15:04:27.0705
15:04:27.0705 0x14a0  SystemInfo:
15:04:27.0705 0x14a0  
15:04:27.0705 0x14a0  OS Version: 6.3.9600 ServicePack: 0.0
15:04:27.0705 0x14a0  Product type: Workstation
15:04:27.0705 0x14a0  ComputerName: HP
15:04:27.0705 0x14a0  UserName: HPPC
15:04:27.0705 0x14a0  Windows directory: C:\WINDOWS
15:04:27.0705 0x14a0  System windows directory: C:\WINDOWS
15:04:27.0705 0x14a0  Running under WOW64
15:04:27.0705 0x14a0  Processor architecture: Intel x64
15:04:27.0705 0x14a0  Number of processors: 4
15:04:27.0705 0x14a0  Page size: 0x1000
15:04:27.0705 0x14a0  Boot type: Normal boot
15:04:27.0705 0x14a0  ============================================================
15:04:27.0971 0x14a0  KLMD registered as C:\WINDOWS\system32\drivers\80072351.sys
15:04:28.0471 0x14a0  System UUID: {654F6458-FF61-98CC-97CD-FAB3589B28C8}
15:04:29.0002 0x14a0  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:04:29.0002 0x14a0  Drive \Device\Harddisk1\DR1 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:04:29.0018 0x14a0  ============================================================
15:04:29.0018 0x14a0  \Device\Harddisk0\DR0:
15:04:29.0018 0x14a0  GPT partitions:
15:04:29.0018 0x14a0  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {15379101-7D3C-40A7-AF4D-FA9C4562BE49}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x1FF800
15:04:29.0018 0x14a0  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {D9C4A3F4-C937-41A7-A262-DA8EBE58ADD5}, Name: EFI system partition, StartLBA 0x200000, BlocksNum 0xB4000
15:04:29.0018 0x14a0  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {80FF6248-257D-4B83-97B7-CAFB49B686D6}, Name: Microsoft reserved partition, StartLBA 0x2B4000, BlocksNum 0x40000
15:04:29.0018 0x14a0  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {3D8F1E69-3DC5-4B3F-9900-C23485B88752}, Name: Basic data partition, StartLBA 0x2F4000, BlocksNum 0x38847000
15:04:29.0018 0x14a0  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {5E61F2F5-6C36-44EB-9A4A-D876950EA1BA}, Name: , StartLBA 0x38B3B000, BlocksNum 0xE2000
15:04:29.0018 0x14a0  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {70A76504-0C46-4578-918E-709A1BE55B0F}, Name: , StartLBA 0x38C1D000, BlocksNum 0xE1000
15:04:29.0018 0x14a0  \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {DDF60087-E095-44D5-940A-9722973A2194}, Name: , StartLBA 0x38CFE000, BlocksNum 0xAF000
15:04:29.0018 0x14a0  \Device\Harddisk0\DR0\Partition8: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {F5D91DE7-C2AF-425D-AB35-FDD8AEB41549}, Name: Basic data partition, StartLBA 0x38DAD000, BlocksNum 0x15D9000
15:04:29.0018 0x14a0  MBR partitions:
15:04:29.0018 0x14a0  \Device\Harddisk1\DR1:
15:04:29.0018 0x14a0  MBR partitions:
15:04:29.0018 0x14a0  ============================================================
15:04:29.0049 0x14a0  C: <-> \Device\Harddisk0\DR0\Partition4
15:04:29.0111 0x14a0  D: <-> \Device\Harddisk0\DR0\Partition8
15:04:29.0111 0x14a0  ============================================================
15:04:29.0111 0x14a0  Initialize success
15:04:29.0111 0x14a0  ============================================================
15:05:15.0259 0x1478  ============================================================
15:05:15.0259 0x1478  Scan started
15:05:15.0259 0x1478  Mode: Manual; SigCheck; TDLFS; 
15:05:15.0259 0x1478  ============================================================
15:05:15.0259 0x1478  KSN ping started
15:05:17.0556 0x1478  KSN ping finished: true
15:05:20.0885 0x1478  ================ Scan system memory ========================
15:05:20.0885 0x1478  System memory - ok
15:05:20.0900 0x1478  ================ Scan services =============================
15:05:21.0166 0x1478  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
15:05:21.0307 0x1478  1394ohci - ok
15:05:21.0322 0x1478  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
15:05:21.0338 0x1478  3ware - ok
15:05:21.0369 0x1478  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
15:05:21.0385 0x1478  ACPI - ok
15:05:21.0416 0x1478  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
15:05:21.0416 0x1478  acpiex - ok
15:05:21.0432 0x1478  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
15:05:21.0447 0x1478  acpipagr - ok
15:05:21.0494 0x1478  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
15:05:21.0588 0x1478  AcpiPmi - ok
15:05:21.0604 0x1478  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
15:05:21.0635 0x1478  acpitime - ok
15:05:21.0713 0x1478  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:05:21.0744 0x1478  AdobeARMservice - ok
15:05:21.0775 0x1478  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
15:05:21.0822 0x1478  ADP80XX - ok
15:05:21.0869 0x1478  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
15:05:21.0932 0x1478  AeLookupSvc - ok
15:05:21.0979 0x1478  [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
15:05:22.0088 0x1478  AFD - ok
15:05:22.0119 0x1478  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
15:05:22.0119 0x1478  agp440 - ok
15:05:22.0166 0x1478  [ F0CB6DB513CAC393D04A0FCE0A59E1BF, E6EE159D0E6B1F666946B1FE421874044E89BB2EB60A521BAA111A1229FA7B2D ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
15:05:22.0229 0x1478  ahcache - ok
15:05:22.0276 0x1478  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\WINDOWS\System32\alg.exe
15:05:22.0354 0x1478  ALG - ok
15:05:22.0401 0x1478  [ 6CF81DD5083D7F94A7E76E50429A949C, 19240502A6406924F889D1AFA975B975A300776D8B2D0557181DF13649622E2B ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
15:05:22.0494 0x1478  AMD External Events Utility - ok
15:05:22.0541 0x1478  AMD FUEL Service - ok
15:05:22.0604 0x1478  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
15:05:22.0697 0x1478  AmdK8 - ok
15:05:23.0104 0x1478  [ 71F8D8B977ACC5973FA042BF906E709F, 8106C5F5C8E40344CCCDB912845786DF287BDF068D7A6EF9D26B00FA1754C1BC ] amdkmdag        C:\WINDOWS\system32\DRIVERS\atikmdag.sys
15:05:23.0557 0x1478  amdkmdag - ok
15:05:23.0619 0x1478  [ 4AA027F91A8093B1CDF453B5394F6715, E6D15E959637C102A34F73F66BFDC38436575A2FEFFC3976ACF399A472F126A5 ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys
15:05:23.0651 0x1478  amdkmdap - ok
15:05:23.0682 0x1478  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
15:05:23.0697 0x1478  AmdPPM - ok
15:05:23.0713 0x1478  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
15:05:23.0729 0x1478  amdsata - ok
15:05:23.0776 0x1478  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
15:05:23.0791 0x1478  amdsbs - ok
15:05:23.0807 0x1478  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
15:05:23.0822 0x1478  amdxata - ok
15:05:23.0838 0x1478  [ E8CCB797DAF80779C768BD3A9FC8FCAF, 781BD878CA34D8B6D2FE238439CD173E95449260428859BEA92866D41B1284F4 ] AODDriver4.2.0  C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
15:05:23.0854 0x1478  AODDriver4.2.0 - ok
15:05:23.0869 0x1478  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\WINDOWS\system32\drivers\appid.sys
15:05:23.0963 0x1478  AppID - ok
15:05:24.0041 0x1478  [ 34B2E222F82D05398DAE7203B36B6A2B, AC04BC6B5A36A6807FFE302E9ACF073342B4D76B0BB386249251CB3CA1852CE8 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
15:05:24.0088 0x1478  AppIDSvc - ok
15:05:24.0104 0x1478  [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
15:05:24.0151 0x1478  Appinfo - ok
15:05:24.0197 0x1478  [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:05:24.0197 0x1478  Apple Mobile Device - ok
15:05:24.0229 0x1478  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
15:05:24.0276 0x1478  AppReadiness - ok
15:05:24.0322 0x1478  [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
15:05:24.0447 0x1478  AppXSvc - ok
15:05:24.0479 0x1478  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
15:05:24.0494 0x1478  arcsas - ok
15:05:24.0541 0x1478  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
15:05:24.0572 0x1478  atapi - ok
15:05:24.0588 0x1478  [ 98A9D78AF74B2C7D27465029D389F567, 12EF8D3A7A9F27230A965D44DA4BD5692CF3F0A4183A822E226AC6722A35F4C4 ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdW86.sys
15:05:24.0604 0x1478  AtiHDAudioService - ok
15:05:24.0666 0x1478  [ 8779FDAE68BC948B0FE152E758CC8DA7, 13070C2073F8E7546B48AE9CF54067B9BB75DFCD98F2987B90FFAD20D40D54CF ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
15:05:24.0744 0x1478  AudioEndpointBuilder - ok
15:05:24.0839 0x1478  [ 61EA45A645854FE81D8A924E2D93DFFE, 34F79532297F609CA93C380B68BB8B7B0F027F9C8F4FB8E02A9A43EA3D155F1B ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
15:05:24.0901 0x1478  Audiosrv - ok
15:05:24.0932 0x1478  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
15:05:24.0995 0x1478  AxInstSV - ok
15:05:25.0073 0x1478  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
15:05:25.0104 0x1478  b06bdrv - ok
15:05:25.0120 0x1478  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
15:05:25.0214 0x1478  BasicDisplay - ok
15:05:25.0214 0x1478  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
15:05:25.0292 0x1478  BasicRender - ok
15:05:25.0307 0x1478  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
15:05:25.0323 0x1478  bcmfn2 - ok
15:05:25.0401 0x1478  [ 77D760E9B477C21487C171F561497F98, 2393D466CEC863C771C5BB4CD81B251635DC084386134B8E13F74F3E1C6D68DF ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
15:05:25.0479 0x1478  BDESVC - ok
15:05:25.0542 0x1478  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
15:05:25.0620 0x1478  Beep - ok
15:05:25.0682 0x1478  [ 7BCB00EA702F78EC74CD9699D85CE80B, 17241ADAA13051B560DB9FA9079CAE6321D5B49788B596C125DC912443B00421 ] BFE             C:\WINDOWS\System32\bfe.dll
15:05:25.0761 0x1478  BFE - ok
15:05:25.0855 0x1478  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\WINDOWS\System32\qmgr.dll
15:05:25.0948 0x1478  BITS - ok
15:05:25.0995 0x1478  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:05:26.0011 0x1478  Bonjour Service - ok
15:05:26.0058 0x1478  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
15:05:26.0151 0x1478  bowser - ok
15:05:26.0214 0x1478  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
15:05:26.0308 0x1478  BrokerInfrastructure - ok
15:05:26.0339 0x1478  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\WINDOWS\System32\browser.dll
15:05:26.0401 0x1478  Browser - ok
15:05:26.0448 0x1478  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
15:05:26.0526 0x1478  BthAvrcpTg - ok
15:05:26.0558 0x1478  [ 67343511D80BF3D6D9EEDB5BA8D0B06B, 28436B2E62762686C4FF4FA3F9E7ABB56DA9D6884B6C924ACC544161400593DD ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
15:05:26.0620 0x1478  BthHFEnum - ok
15:05:26.0651 0x1478  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
15:05:26.0667 0x1478  bthhfhid - ok
15:05:26.0730 0x1478  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
15:05:26.0776 0x1478  BthHFSrv - ok
15:05:26.0808 0x1478  [ EF4B9E7C9AD88C00C18A12B0D22D1894, 672537E75201E690D86CD65252B8AEF887C76EBD37AB0C419462D69164B350CC ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
15:05:26.0902 0x1478  BTHMODEM - ok
15:05:26.0917 0x1478  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\WINDOWS\system32\bthserv.dll
15:05:27.0011 0x1478  bthserv - ok
15:05:27.0027 0x1478  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
15:05:27.0073 0x1478  cdfs - ok
15:05:27.0120 0x1478  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
15:05:27.0136 0x1478  cdrom - ok
15:05:27.0152 0x1478  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
15:05:27.0167 0x1478  CertPropSvc - ok
15:05:27.0214 0x1478  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
15:05:27.0230 0x1478  circlass - ok
15:05:27.0261 0x1478  [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
15:05:27.0277 0x1478  CLFS - ok
15:05:27.0308 0x1478  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
15:05:27.0386 0x1478  CmBatt - ok
15:05:27.0448 0x1478  [ 3930E508DDA46C1FF68FD963F350AA0A, BF63F9C7AB30E2A8199D65EDD6DCBB797C93A4A0B972373643FBE1C38BCFA697 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
15:05:27.0480 0x1478  CNG - ok
15:05:27.0511 0x1478  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
15:05:27.0527 0x1478  CompositeBus - ok
15:05:27.0527 0x1478  COMSysApp - ok
15:05:27.0573 0x1478  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
15:05:27.0605 0x1478  condrv - ok
15:05:27.0636 0x1478  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
15:05:27.0714 0x1478  CryptSvc - ok
15:05:27.0761 0x1478  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\WINDOWS\system32\drivers\dam.sys
15:05:27.0792 0x1478  dam - ok
15:05:27.0886 0x1478  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
15:05:27.0949 0x1478  DcomLaunch - ok
15:05:27.0995 0x1478  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
15:05:28.0074 0x1478  defragsvc - ok
15:05:28.0136 0x1478  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
15:05:28.0167 0x1478  DeviceAssociationService - ok
15:05:28.0214 0x1478  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
15:05:28.0308 0x1478  DeviceInstall - ok
15:05:28.0370 0x1478  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
15:05:28.0464 0x1478  Dfsc - ok
15:05:28.0527 0x1478  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
15:05:28.0574 0x1478  Dhcp - ok
15:05:28.0605 0x1478  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\WINDOWS\system32\drivers\disk.sys
15:05:28.0620 0x1478  disk - ok
15:05:28.0636 0x1478  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
15:05:28.0714 0x1478  dmvsc - ok
15:05:28.0745 0x1478  [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
15:05:28.0777 0x1478  Dnscache - ok
15:05:28.0855 0x1478  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
15:05:28.0949 0x1478  dot3svc - ok
15:05:28.0980 0x1478  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\WINDOWS\system32\dps.dll
15:05:28.0996 0x1478  DPS - ok
15:05:29.0042 0x1478  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
15:05:29.0042 0x1478  drmkaud - ok
15:05:29.0074 0x1478  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
15:05:29.0105 0x1478  DsmSvc - ok
15:05:29.0183 0x1478  [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
15:05:29.0246 0x1478  DXGKrnl - ok
15:05:29.0261 0x1478  EagleX64 - ok
15:05:29.0308 0x1478  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
15:05:29.0402 0x1478  Eaphost - ok
15:05:29.0527 0x1478  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
15:05:29.0683 0x1478  ebdrv - ok
15:05:29.0730 0x1478  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\WINDOWS\System32\lsass.exe
15:05:29.0746 0x1478  EFS - ok
15:05:29.0761 0x1478  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
15:05:29.0777 0x1478  EhStorClass - ok
15:05:29.0793 0x1478  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
15:05:29.0793 0x1478  EhStorTcgDrv - ok
15:05:29.0839 0x1478  [ BDD265EEB37DF5953A547FE412E2472F, 17EB4FD54D62207937F8CA7454837DBF1EEC867AEDAF201FC2E839A3ED357F4F ] ElbyCDIO        C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
15:05:29.0855 0x1478  ElbyCDIO - ok
15:05:29.0871 0x1478  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
15:05:29.0902 0x1478  ErrDev - ok
15:05:29.0964 0x1478  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\WINDOWS\system32\es.dll
15:05:30.0058 0x1478  EventSystem - ok
15:05:30.0121 0x1478  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
15:05:30.0152 0x1478  exfat - ok
15:05:30.0183 0x1478  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
15:05:30.0199 0x1478  fastfat - ok
15:05:30.0261 0x1478  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\WINDOWS\system32\fxssvc.exe
15:05:30.0355 0x1478  Fax - ok
15:05:30.0371 0x1478  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
15:05:30.0402 0x1478  fdc - ok
15:05:30.0449 0x1478  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
15:05:30.0527 0x1478  fdPHost - ok
15:05:30.0574 0x1478  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
15:05:30.0589 0x1478  FDResPub - ok
15:05:30.0621 0x1478  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
15:05:30.0699 0x1478  fhsvc - ok
15:05:30.0761 0x1478  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
15:05:30.0777 0x1478  FileInfo - ok
15:05:30.0808 0x1478  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
15:05:30.0824 0x1478  Filetrace - ok
15:05:30.0839 0x1478  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
15:05:30.0855 0x1478  flpydisk - ok
15:05:30.0871 0x1478  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
15:05:30.0886 0x1478  FltMgr - ok
15:05:30.0933 0x1478  [ 7269C9013FCFA3C6E70F03E2630DBFC3, AAB282B4444CC17D197974D05063C7C97E5202E604681DD2DC3BCF0AE77D6057 ] FontCache       C:\WINDOWS\system32\FntCache.dll
15:05:31.0043 0x1478  FontCache - ok
15:05:31.0214 0x1478  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:05:31.0246 0x1478  FontCache3.0.0.0 - ok
15:05:31.0339 0x1478  [ D1A8631ADA1E71178D3DBF5AA2BC1E85, 1BD14BA0AD48722BE8B4513F9AE09D4394E0D576138B0D9A0877D36F47F2B714 ] FoxitCloudUpdateService C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
15:05:31.0355 0x1478  FoxitCloudUpdateService - ok
15:05:31.0402 0x1478  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
15:05:31.0433 0x1478  FsDepends - ok
15:05:31.0449 0x1478  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:05:31.0464 0x1478  Fs_Rec - ok
15:05:31.0496 0x1478  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
15:05:31.0511 0x1478  fvevol - ok
15:05:31.0527 0x1478  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
15:05:31.0543 0x1478  FxPPM - ok
15:05:31.0558 0x1478  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
15:05:31.0574 0x1478  gagp30kx - ok
15:05:31.0621 0x1478  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
15:05:31.0652 0x1478  gencounter - ok
15:05:31.0683 0x1478  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
15:05:31.0699 0x1478  GPIOClx0101 - ok
15:05:31.0793 0x1478  [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
15:05:31.0871 0x1478  gpsvc - ok
15:05:31.0902 0x1478  [ 7F79205B4EFA98F0767309479C8C01C6, 4B576903A83F33A8CF31D3887144A3D51C56D1187115C83AC99C0E9F6B4BF128 ] Hamachi         C:\WINDOWS\system32\DRIVERS\Hamdrv.sys
15:05:31.0933 0x1478  Hamachi - ok
15:05:32.0121 0x1478  [ C0EF69A59C13D9204D1D70434AA3D00C, 56BD4F7C74B2A36665677C32F30C4E1839DB9AAAC82FFA4A2622B4D261D865F2 ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
15:05:32.0183 0x1478  Hamachi2Svc - ok
15:05:32.0230 0x1478  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
15:05:32.0340 0x1478  HDAudBus - ok
15:05:32.0355 0x1478  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
15:05:32.0386 0x1478  HidBatt - ok
15:05:32.0402 0x1478  [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
15:05:32.0433 0x1478  HidBth - ok
15:05:32.0449 0x1478  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
15:05:32.0449 0x1478  hidi2c - ok
15:05:32.0496 0x1478  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
15:05:32.0527 0x1478  HidIr - ok
15:05:32.0590 0x1478  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\WINDOWS\system32\hidserv.dll
15:05:32.0668 0x1478  hidserv - ok
15:05:32.0730 0x1478  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
15:05:32.0824 0x1478  HidUsb - ok
15:05:32.0871 0x1478  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
15:05:32.0949 0x1478  hkmsvc - ok
15:05:32.0980 0x1478  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
15:05:33.0058 0x1478  HomeGroupListener - ok
15:05:33.0137 0x1478  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
15:05:33.0168 0x1478  HomeGroupProvider - ok
15:05:33.0199 0x1478  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
15:05:33.0215 0x1478  HpSAMD - ok
15:05:33.0246 0x1478  [ B8B1B284362E1D8135112573395D5DA5, 97BC6A7B2DCD7CC854B912A85BB2FCF199592E8E16A7C405EAF89B02D5DE4AEE ] htcnprot        C:\WINDOWS\system32\DRIVERS\htcnprot.sys
15:05:33.0246 0x1478  htcnprot - ok
15:05:33.0277 0x1478  [ 7C7C986776D00E575BFBDE5DCBDC615D, 4CF12851A5A45917C3A9139B19D79434F2038611B617F83A714506CC7A1A6C61 ] HtcVCom32       C:\WINDOWS\system32\DRIVERS\HtcVComV64.sys
15:05:33.0324 0x1478  HtcVCom32 - ok
15:05:33.0371 0x1478  [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
15:05:33.0418 0x1478  HTTP - ok
15:05:33.0465 0x1478  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
15:05:33.0480 0x1478  hwpolicy - ok
15:05:33.0496 0x1478  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
15:05:33.0543 0x1478  hyperkbd - ok
15:05:33.0558 0x1478  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
15:05:33.0590 0x1478  HyperVideo - ok
15:05:33.0605 0x1478  [ D887446F3F6051C60C26F4FD1FC8D43F, A3235C64E9D5378E3409FA7CDD9DB0DD1B3CE6A6EB018F2C40558EB9C427A498 ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
15:05:33.0699 0x1478  i8042prt - ok
15:05:33.0730 0x1478  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
15:05:33.0730 0x1478  iaLPSSi_GPIO - ok
15:05:33.0746 0x1478  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
15:05:33.0762 0x1478  iaLPSSi_I2C - ok
15:05:33.0793 0x1478  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
15:05:33.0824 0x1478  iaStorAV - ok
15:05:33.0855 0x1478  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
15:05:33.0871 0x1478  iaStorV - ok
15:05:33.0871 0x1478  IEEtwCollectorService - ok
15:05:33.0949 0x1478  [ 3DBDBD9581C015F02651D6A89801FAD5, 81B6D302C9CD29AD8319515056CFBCD0BD25619B2B166937ACD5F1416B568837 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
15:05:33.0996 0x1478  IKEEXT - ok
15:05:34.0012 0x1478  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
15:05:34.0027 0x1478  intelide - ok
15:05:34.0043 0x1478  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
15:05:34.0043 0x1478  intelpep - ok
15:05:34.0074 0x1478  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
15:05:34.0090 0x1478  intelppm - ok
15:05:34.0152 0x1478  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:05:34.0277 0x1478  IpFilterDriver - ok
15:05:34.0371 0x1478  [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
15:05:34.0402 0x1478  iphlpsvc - ok
15:05:34.0418 0x1478  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
15:05:34.0496 0x1478  IPMIDRV - ok
15:05:34.0527 0x1478  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
15:05:34.0590 0x1478  IPNAT - ok
15:05:34.0605 0x1478  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
15:05:34.0621 0x1478  IRENUM - ok
15:05:34.0668 0x1478  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
15:05:34.0699 0x1478  isapnp - ok
15:05:34.0715 0x1478  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
15:05:34.0730 0x1478  iScsiPrt - ok
15:05:34.0762 0x1478  [ A1D4D34A56DF1D5122CDB265038A2E72, AE061BA1A65C98AF875FA18878B014B57E33594D4AC4C39B050AA532E2220F83 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
15:05:34.0777 0x1478  kbdclass - ok
15:05:34.0777 0x1478  [ 4A34D7084B862A92F3ABC4969166B3D3, 87B2635873DA4DD06D9E3B8E4313CBDBDC1488E4E340EC2101393EC65823771F ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
15:05:34.0793 0x1478  kbdhid - ok
15:05:34.0809 0x1478  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
15:05:34.0887 0x1478  kdnic - ok
15:05:34.0934 0x1478  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\WINDOWS\system32\lsass.exe
15:05:34.0965 0x1478  KeyIso - ok
15:05:34.0980 0x1478  [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
15:05:34.0980 0x1478  KSecDD - ok
15:05:35.0043 0x1478  [ 15C8C65CEA018C02EA0F648448C491C5, DF909704D22D891BE439B2E3D8386EA659444F91DC92AABFF9766446AEE5EBC0 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
15:05:35.0059 0x1478  KSecPkg - ok
15:05:35.0074 0x1478  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
15:05:35.0090 0x1478  ksthunk - ok
15:05:35.0152 0x1478  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
15:05:35.0184 0x1478  KtmRm - ok
15:05:35.0215 0x1478  [ 50AECF8C21AB2A6428A6E1E10549D8E5, 6BC7C60CF5E8AFB9972619EE1C78357756E9C0A3EC783C3056CEB600DCBB1555 ] L1C             C:\WINDOWS\system32\DRIVERS\L1C63x64.sys
15:05:35.0230 0x1478  L1C - ok
15:05:35.0277 0x1478  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
15:05:35.0371 0x1478  LanmanServer - ok
15:05:35.0402 0x1478  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
15:05:35.0434 0x1478  LanmanWorkstation - ok
15:05:35.0527 0x1478  [ 2B7479EB47731A8ACBA28AF4C4BDA32D, 67AEB98E7B41337FEFD92CC81BFAD25FBB679998B318C110A4873B1AD8927A97 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
15:05:35.0605 0x1478  lfsvc - ok
15:05:35.0668 0x1478  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
15:05:35.0699 0x1478  lltdio - ok
15:05:35.0762 0x1478  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
15:05:35.0809 0x1478  lltdsvc - ok
15:05:35.0856 0x1478  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
15:05:35.0949 0x1478  lmhosts - ok
15:05:36.0012 0x1478  [ D6BF6FD055BD719F3D62E51B90857159, A7777D18E404164B4DA531AD94D2A712D9CC6A9288795B7388037752A558E96F ] LMIGuardianSvc  C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
15:05:36.0028 0x1478  LMIGuardianSvc - ok
15:05:36.0074 0x1478  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
15:05:36.0090 0x1478  LSI_SAS - ok
15:05:36.0106 0x1478  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
15:05:36.0137 0x1478  LSI_SAS2 - ok
15:05:36.0153 0x1478  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
15:05:36.0168 0x1478  LSI_SAS3 - ok
15:05:36.0184 0x1478  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
15:05:36.0184 0x1478  LSI_SSS - ok
15:05:36.0278 0x1478  [ 9B231CD3E52DF29EE50086FF676D3D6F, A47449CA6C88FE089A6953D05FA33A55A55E0306335A7A102A4CD75429FF0515 ] LSM             C:\WINDOWS\System32\lsm.dll
15:05:36.0371 0x1478  LSM - ok
15:05:36.0403 0x1478  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
15:05:36.0481 0x1478  luafv - ok
15:05:36.0543 0x1478  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
15:05:36.0559 0x1478  megasas - ok
15:05:36.0590 0x1478  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
15:05:36.0621 0x1478  megasr - ok
15:05:36.0668 0x1478  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\WINDOWS\system32\mmcss.dll
15:05:36.0699 0x1478  MMCSS - ok
15:05:36.0825 0x1478  [ 8C906888992D9199404FBAAA34BE9696, 0765DC5A1D10B066EF910DE0980976C33AE30E47CCDB7C5EF7EFCCD8153AD4D8 ] Mobizen plugin  C:\Program Files (x86)\RSUPPORT\MobizenService\MobizenService.exe
15:05:36.0950 0x1478  Mobizen plugin - ok
15:05:37.0012 0x1478  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
15:05:37.0028 0x1478  Modem - ok
15:05:37.0043 0x1478  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
15:05:37.0122 0x1478  monitor - ok
15:05:37.0168 0x1478  [ 2A2F8D5284E59815169A88F1FC9CEE28, 58EFBCF3C849FD088CFB7FE287FC7D9DD7E03D4E6AA98F0497C09E4596E42538 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
15:05:37.0200 0x1478  mouclass - ok
15:05:37.0215 0x1478  [ 91223A2AE2955B3E0DA3DB79C3A897A6, 32B59CF1586C2300D60AF8A1D819515033ACC7F7A1F3523FC4AC7725E29B5A90 ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
15:05:37.0262 0x1478  mouhid - ok
15:05:37.0278 0x1478  [ D1D82F007A079A4D623DBD1F36EF30A1, 7901F81B62C5A4196D75A10C05386B16831CB290EFB9A1611CECF281068C520F ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
15:05:37.0293 0x1478  mountmgr - ok
15:05:37.0309 0x1478  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
15:05:37.0325 0x1478  mpsdrv - ok
15:05:37.0418 0x1478  [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
15:05:37.0450 0x1478  MpsSvc - ok
15:05:37.0512 0x1478  [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
15:05:37.0559 0x1478  MRxDAV - ok
15:05:37.0590 0x1478  [ 31233271EDE50D1BBB220F78AFA60486, 2122FAB5BD353DF63CF0FE9CEDBD5DFD1F26F2DE04303E1B3FFB03AA02AECED9 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:05:37.0653 0x1478  mrxsmb - ok
15:05:37.0668 0x1478  [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
15:05:37.0731 0x1478  mrxsmb10 - ok
15:05:37.0747 0x1478  [ 6276AC2AA203CF47811F6EFBBD214FBF, AE55D87D863A626347B0074F4E962080F1989A94153DAF8475593249F616DA2F ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
15:05:37.0778 0x1478  mrxsmb20 - ok
15:05:37.0809 0x1478  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
15:05:37.0856 0x1478  MsBridge - ok
15:05:37.0903 0x1478  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
15:05:37.0934 0x1478  MSDTC - ok
15:05:37.0950 0x1478  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
15:05:37.0981 0x1478  Msfs - ok
15:05:37.0997 0x1478  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
15:05:37.0997 0x1478  msgpiowin32 - ok
15:05:38.0044 0x1478  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
15:05:38.0090 0x1478  mshidkmdf - ok
15:05:38.0106 0x1478  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
15:05:38.0122 0x1478  mshidumdf - ok
15:05:38.0153 0x1478  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
15:05:38.0153 0x1478  msisadrv - ok
15:05:38.0215 0x1478  [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
15:05:38.0247 0x1478  MSiSCSI - ok
15:05:38.0247 0x1478  msiserver - ok
15:05:38.0262 0x1478  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:05:38.0278 0x1478  MSKSSRV - ok
15:05:38.0294 0x1478  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
15:05:38.0340 0x1478  MsLldp - ok
15:05:38.0387 0x1478  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:05:38.0419 0x1478  MSPCLOCK - ok
15:05:38.0434 0x1478  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
15:05:38.0450 0x1478  MSPQM - ok
15:05:38.0481 0x1478  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
15:05:38.0497 0x1478  MsRPC - ok
15:05:38.0528 0x1478  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
15:05:38.0528 0x1478  mssmbios - ok
15:05:38.0544 0x1478  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
15:05:38.0559 0x1478  MSTEE - ok
15:05:38.0590 0x1478  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
15:05:38.0606 0x1478  MTConfig - ok
15:05:38.0622 0x1478  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
15:05:38.0637 0x1478  Mup - ok
15:05:38.0653 0x1478  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
15:05:38.0669 0x1478  mvumis - ok
15:05:38.0762 0x1478  [ ECA62C7A8992BE744CB4E6C40AE7B72E, FAA2F98E6EBA210C988192B57A23A5F9CDD78666C9CCD0BAD6A4602438203FB7 ] NanoServiceMain C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
15:05:38.0778 0x1478  NanoServiceMain - ok
15:05:38.0934 0x1478  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\WINDOWS\system32\qagentRT.dll
15:05:38.0997 0x1478  napagent - ok
15:05:39.0075 0x1478  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
15:05:39.0153 0x1478  NativeWifiP - ok
15:05:39.0215 0x1478  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
15:05:39.0309 0x1478  NcaSvc - ok
15:05:39.0325 0x1478  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\WINDOWS\System32\ncbservice.dll
15:05:39.0356 0x1478  NcbService - ok
15:05:39.0387 0x1478  [ 9ACED0F5B458C9011F39143326494E93, 9DFFC7EE7DE6FD92545EC6A203213C498A01EEFB0BC55460D339BCE498E56A7F ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
15:05:39.0419 0x1478  NcdAutoSetup - ok
15:05:39.0497 0x1478  [ 21FE65E2E67C4E31EE95CBD1F91C4B24, 6558F2BC10E6B09F7EE5264722FCF572B861EDB60A1433B58A4F4625EC0ABF63 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
15:05:39.0559 0x1478  NDIS - ok
15:05:39.0622 0x1478  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
15:05:39.0653 0x1478  NdisCap - ok
15:05:39.0669 0x1478  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
15:05:39.0731 0x1478  NdisImPlatform - ok
15:05:39.0747 0x1478  [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:05:39.0778 0x1478  NdisTapi - ok
15:05:39.0794 0x1478  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:05:39.0888 0x1478  Ndisuio - ok
15:05:39.0904 0x1478  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
15:05:39.0951 0x1478  NdisVirtualBus - ok
15:05:39.0998 0x1478  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:05:40.0044 0x1478  NdisWan - ok
15:05:40.0044 0x1478  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:05:40.0060 0x1478  NdisWanLegacy - ok
15:05:40.0076 0x1478  [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
15:05:40.0091 0x1478  NDProxy - ok
15:05:40.0107 0x1478  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
15:05:40.0185 0x1478  Ndu - ok
15:05:40.0201 0x1478  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
15:05:40.0216 0x1478  NetBIOS - ok
15:05:40.0232 0x1478  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
15:05:40.0310 0x1478  NetBT - ok
15:05:40.0326 0x1478  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\WINDOWS\system32\lsass.exe
15:05:40.0341 0x1478  Netlogon - ok
15:05:40.0404 0x1478  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\WINDOWS\System32\netman.dll
15:05:40.0451 0x1478  Netman - ok
15:05:40.0529 0x1478  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
15:05:40.0560 0x1478  netprofm - ok
15:05:40.0685 0x1478  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:05:40.0732 0x1478  NetTcpPortSharing - ok
15:05:40.0763 0x1478  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\WINDOWS\System32\drivers\netvsc63.sys
15:05:40.0857 0x1478  netvsc - ok
15:05:40.0919 0x1478  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
15:05:40.0966 0x1478  NlaSvc - ok
15:05:40.0998 0x1478  [ 49187521F6CD3719898F22D32BF6FE14, A248D75B3C8DE2C90C408B82FCBBE0D5623CAC9526A188EE9A4CE44C191BE308 ] NNSALPC         C:\WINDOWS\system32\DRIVERS\NNSAlpc.sys
15:05:40.0998 0x1478  NNSALPC - ok
15:05:41.0029 0x1478  [ 944E0EB604FDC54C14FDEC74EB394BD2, 8CF7D61FE5E27504CAE75EE1F0FF9EC3D2161F48DD2FFC0823FC1B512CE463CD ] NNSHTTP         C:\WINDOWS\system32\DRIVERS\NNSHttp.sys
15:05:41.0044 0x1478  NNSHTTP - ok
15:05:41.0044 0x1478  [ 66A53D468BD466DF2FC43E02655341AF, 1CA0DE465414B5E0F1774C79226FCBD984FCA91074E4195FA97244A2882E5F6F ] NNSHTTPS        C:\WINDOWS\system32\DRIVERS\NNSHttps.sys
15:05:41.0060 0x1478  NNSHTTPS - ok
15:05:41.0060 0x1478  [ 58208570B63593A511BAA7C54040862F, 43DA12D2312C24F00C5D38BF85A774B8DD8E149AD0085017374D29BD8379189D ] NNSIDS          C:\WINDOWS\system32\DRIVERS\NNSIds.sys
15:05:41.0076 0x1478  NNSIDS - ok
15:05:41.0091 0x1478  [ 85ACBE5BA9DB4F18352D73FACBF79B9B, 0CE8DD2F8A219A266B0DBD29317B78ED48729D79A4E8CA46235B842399259F87 ] NNSNAHSL        C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys
15:05:41.0107 0x1478  NNSNAHSL - ok
15:05:41.0123 0x1478  [ 99697751DE64A3D7CA4306120D6CC87A, C623ADF8BFD6D278B1065B8CA999A336A52ED4BBBE261B7EC0C6D382C25F73B7 ] NNSPICC         C:\WINDOWS\system32\DRIVERS\NNSPicc.sys
15:05:41.0123 0x1478  NNSPICC - ok
15:05:41.0138 0x1478  [ 7F640E0EA360A3F6EE86F74813FEFC24, 12D09A9229AF484F23FFC7DAFD4BC44EC421B13F694E98B57CD3015BD0CD8A60 ] NNSPIHSW        C:\WINDOWS\system32\DRIVERS\NNSPihsw.sys
15:05:41.0138 0x1478  NNSPIHSW - ok
15:05:41.0154 0x1478  [ 163E56A6A4D85F8AD744C69C1C9E73BB, 36BAE9773D3608D246A033E1050492BE4B95DD3D4E983679B4C2208F83FE5772 ] NNSPOP3         C:\WINDOWS\system32\DRIVERS\NNSPop3.sys
15:05:41.0154 0x1478  NNSPOP3 - ok
15:05:41.0169 0x1478  [ 879B319D73A7D590978A7221FF718A7E, 8128000477720E37ADFC39B548342CEE794930416F874CC4B80F68D68C64CFEE ] NNSPROT         C:\WINDOWS\system32\DRIVERS\NNSProt.sys
15:05:41.0201 0x1478  NNSPROT - ok
15:05:41.0216 0x1478  [ 71B34C94305109929814D5B272562279, D4F71523D5A716B94F0FBCD70FD8C53692129A463646992364CDFB9C22BD6BFE ] NNSPRV          C:\WINDOWS\system32\DRIVERS\NNSPrv.sys
15:05:41.0232 0x1478  NNSPRV - ok
15:05:41.0232 0x1478  [ F7C11C9BFE13CCEE4C96760D437AD7AE, A66FD750B16DBF29757805B9168C4BBC1ED0E6C75A04A8F7BD8EDFB86084F575 ] NNSSMTP         C:\WINDOWS\system32\DRIVERS\NNSSmtp.sys
15:05:41.0248 0x1478  NNSSMTP - ok
15:05:41.0248 0x1478  [ 73932C39B0117344CC9AEED5B8653F36, E135BD6D6D98D4B0FF540170403233155A3C0F4A08A694E33EAF8EF1E61627B9 ] NNSSTRM         C:\WINDOWS\system32\DRIVERS\NNSStrm.sys
15:05:41.0263 0x1478  NNSSTRM - ok
15:05:41.0279 0x1478  [ D5F2661EB8D3027070EB630D3CA2DD86, 8999955CF5C16703BF2606DB4B8028F35429761E5FACE16E31C4FC9189FCAFBB ] NNSTLSC         C:\WINDOWS\system32\DRIVERS\NNSTlsc.sys
15:05:41.0279 0x1478  NNSTLSC - ok
15:05:41.0294 0x1478  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
15:05:41.0326 0x1478  Npfs - ok
15:05:41.0341 0x1478  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
15:05:41.0404 0x1478  npsvctrig - ok
15:05:41.0451 0x1478  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\WINDOWS\system32\nsisvc.dll
15:05:41.0513 0x1478  nsi - ok
15:05:41.0529 0x1478  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
15:05:41.0560 0x1478  nsiproxy - ok
15:05:41.0685 0x1478  [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
15:05:41.0763 0x1478  Ntfs - ok
15:05:41.0779 0x1478  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
15:05:41.0795 0x1478  Null - ok
15:05:41.0810 0x1478  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
15:05:41.0826 0x1478  nvraid - ok
15:05:41.0841 0x1478  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
15:05:41.0857 0x1478  nvstor - ok
15:05:41.0873 0x1478  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
15:05:41.0888 0x1478  nv_agp - ok
15:05:41.0935 0x1478  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
15:05:41.0998 0x1478  p2pimsvc - ok
15:05:42.0013 0x1478  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
15:05:42.0107 0x1478  p2psvc - ok
15:05:42.0123 0x1478  [ 742FC7886B2F155317723F1D6B045F94, BCB0DC50A64423973694DD35A270C6C9F4BB5A0A0819ECA0287B8BB9458DB137 ] PandaAgent      C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
15:05:42.0154 0x1478  PandaAgent - ok
15:05:42.0201 0x1478  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
15:05:42.0232 0x1478  Parport - ok
15:05:42.0248 0x1478  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
15:05:42.0263 0x1478  partmgr - ok
15:05:42.0295 0x1478  [ 446462BBA744DA60379574926FD51EAB, 4A79E8EF28670333F4733FA0016508DC88E9BDC566B455DA5EDEDC514612180A ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
15:05:42.0310 0x1478  PassThru Service - detected UnsignedFile.Multi.Generic ( 1 )
15:05:44.0607 0x1478  Detect skipped due to KSN trusted
15:05:44.0607 0x1478  PassThru Service - ok
15:05:44.0685 0x1478  [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
15:05:44.0717 0x1478  PcaSvc - ok
15:05:44.0748 0x1478  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\WINDOWS\system32\drivers\pci.sys
15:05:44.0764 0x1478  pci - ok
15:05:44.0779 0x1478  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
15:05:44.0795 0x1478  pciide - ok
15:05:44.0811 0x1478  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
15:05:44.0826 0x1478  pcmcia - ok
15:05:44.0842 0x1478  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
15:05:44.0857 0x1478  pcw - ok
15:05:44.0873 0x1478  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
15:05:44.0873 0x1478  pdc - ok
15:05:44.0998 0x1478  [ F97DC1A5244469D367B1334D47118E34, A36B6C402F92BEBE14082296CBF5F69656ED87AB700789028799768FA1FE2A72 ] PDF Architect 2 C:\Program Files (x86)\PDF Architect 2\ws.exe
15:05:45.0061 0x1478  PDF Architect 2 - ok
15:05:45.0092 0x1478  [ E81F7D5371C95904D4105B06405D5EDA, A6A41793AC241801D37A95C25B2DA0C3CDDC804B4F2BD087ECBD30C562F3517B ] pdfforge CrashHandler C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe
15:05:45.0123 0x1478  pdfforge CrashHandler - ok
15:05:45.0186 0x1478  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
15:05:45.0295 0x1478  PEAUTH - ok
15:05:45.0404 0x1478  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
15:05:45.0498 0x1478  PerfHost - ok
15:05:45.0717 0x1478  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\WINDOWS\system32\pla.dll
15:05:45.0858 0x1478  pla - ok
15:05:46.0029 0x1478  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
15:05:46.0061 0x1478  PlugPlay - ok
15:05:46.0076 0x1478  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
15:05:46.0092 0x1478  PNRPAutoReg - ok
15:05:46.0108 0x1478  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
15:05:46.0139 0x1478  PNRPsvc - ok
15:05:46.0186 0x1478  [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
15:05:46.0233 0x1478  PolicyAgent - ok
15:05:46.0248 0x1478  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\WINDOWS\system32\umpo.dll
15:05:46.0326 0x1478  Power - ok
15:05:46.0483 0x1478  [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
15:05:46.0623 0x1478  PrintNotify - ok
15:05:46.0717 0x1478  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
15:05:46.0764 0x1478  Processor - ok
15:05:46.0811 0x1478  [ 19424364D8C03B990C4281BE53963FD0, 958FC8436E6B754858E20BC48B0D4B269991E8CA94C15C2761BF04ED52591907 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
15:05:46.0905 0x1478  ProfSvc - ok
15:05:46.0951 0x1478  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
15:05:46.0983 0x1478  Psched - ok
15:05:47.0014 0x1478  [ 4E00E6C6785D8188BCCBB63CB4B88CC0, DE910AAC4C0B8F6B16006D5B4F0B30D94BA529663CB9114FC724336FEBE0D68F ] PSINAflt        C:\WINDOWS\system32\DRIVERS\PSINAflt.sys
15:05:47.0030 0x1478  PSINAflt - ok
15:05:47.0030 0x1478  [ D0901BD14717A793D0CA4BCAA228CB67, 53DE21324F6A8B00CC9763DE8B974269186FCF20ACA07D1CAA3367DA1AFB36F6 ] PSINFile        C:\WINDOWS\system32\DRIVERS\PSINFile.sys
15:05:47.0045 0x1478  PSINFile - ok
15:05:47.0061 0x1478  [ 2A91002F6DB29EF9977B7BE94BEE1FE4, 7A291C0855DAE4F7104B5AEB7B244DF4B70BF1E3E3E449160879A76E5C5229C7 ] PSINKNC         C:\WINDOWS\system32\DRIVERS\psinknc.sys
15:05:47.0076 0x1478  PSINKNC - ok
15:05:47.0076 0x1478  [ B3CF35BA3A3371D7BE0F3B6AF5FE1259, F13322FE4FD9569C950979B669071850B908A3412CCC9EEEEF2E98D09042E37E ] PSINProc        C:\WINDOWS\system32\DRIVERS\PSINProc.sys
15:05:47.0092 0x1478  PSINProc - ok
15:05:47.0108 0x1478  [ F89C294AE002707F1DD76A524A2317D6, 65A89E8E3B196505A1D6A2B69FE28756F58A4F0BADE523B956362CA363882DCE ] PSINProt        C:\WINDOWS\system32\DRIVERS\PSINProt.sys
15:05:47.0108 0x1478  PSINProt - ok
15:05:47.0139 0x1478  [ 72EED3B04B93D700F12ECA7A458CC9E1, D2F241FA8010F56FCAD61C52D3330CD9F4F478F7697BB1825C60857C061D2577 ] PSINReg         C:\WINDOWS\system32\DRIVERS\PSINReg.sys
15:05:47.0139 0x1478  PSINReg - ok
15:05:47.0201 0x1478  [ F29E7E36F8A8A7BAC112327E842FF0B5, 41045499589E59C6448F09D162286A3EF7EA7600F0FE98CB560FAC95187C7E9C ] PSKMAD          C:\WINDOWS\system32\DRIVERS\PSKMAD.sys
15:05:47.0217 0x1478  PSKMAD - ok
15:05:47.0295 0x1478  [ D80B642CD9C3D771700F33862D69FC76, 5FA257E6517291B82CA42151FA8F6C9525D55F75E660787618A9E12804229B33 ] PSUAService     C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
15:05:47.0311 0x1478  PSUAService - ok
15:05:47.0389 0x1478  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\WINDOWS\system32\qwave.dll
15:05:47.0483 0x1478  QWAVE - ok
15:05:47.0530 0x1478  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
15:05:47.0576 0x1478  QWAVEdrv - ok
15:05:47.0608 0x1478  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:05:47.0655 0x1478  RasAcd - ok
15:05:47.0686 0x1478  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
15:05:47.0717 0x1478  RasAuto - ok
15:05:47.0764 0x1478  [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan          C:\WINDOWS\System32\rasmans.dll
15:05:47.0811 0x1478  RasMan - ok
15:05:47.0827 0x1478  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:05:47.0842 0x1478  RasPppoe - ok
15:05:47.0873 0x1478  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:05:47.0952 0x1478  rdbss - ok
15:05:47.0983 0x1478  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
15:05:48.0045 0x1478  rdpbus - ok
15:05:48.0077 0x1478  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
15:05:48.0155 0x1478  RDPDR - ok
15:05:48.0217 0x1478  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
15:05:48.0233 0x1478  RdpVideoMiniport - ok
15:05:48.0264 0x1478  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
15:05:48.0280 0x1478  rdyboost - ok
15:05:48.0342 0x1478  [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
15:05:48.0373 0x1478  ReFS - ok
15:05:48.0452 0x1478  [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
15:05:48.0467 0x1478  RemoteAccess - ok
15:05:48.0498 0x1478  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
15:05:48.0577 0x1478  RemoteRegistry - ok
15:05:48.0623 0x1478  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
15:05:48.0655 0x1478  RpcEptMapper - ok
15:05:48.0702 0x1478  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\WINDOWS\system32\locator.exe
15:05:48.0780 0x1478  RpcLocator - ok
15:05:48.0827 0x1478  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
15:05:48.0873 0x1478  RpcSs - ok
15:05:48.0920 0x1478  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
15:05:48.0967 0x1478  rspndr - ok
15:05:48.0983 0x1478  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
15:05:48.0983 0x1478  s3cap - ok
15:05:49.0030 0x1478  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\WINDOWS\system32\lsass.exe
15:05:49.0061 0x1478  SamSs - ok
15:05:49.0092 0x1478  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
15:05:49.0108 0x1478  sbp2port - ok
15:05:49.0170 0x1478  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
15:05:49.0202 0x1478  SCardSvr - ok
15:05:49.0217 0x1478  [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
15:05:49.0248 0x1478  ScDeviceEnum - ok
15:05:49.0295 0x1478  [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
15:05:49.0342 0x1478  scfilter - ok
15:05:49.0389 0x1478  [ A626F5E446860F22835E783142D7AE33, 3A786639E1FABCA512F4F91A10811DD3C4D9C9C9BB893362E4D019219D0BD8E2 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
15:05:49.0452 0x1478  Schedule - ok
15:05:49.0498 0x1478  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
15:05:49.0514 0x1478  SCPolicySvc - ok
15:05:49.0561 0x1478  [ 7B7C482CF48E6EE33664340D1A78E6FE, CE5077C4B0372F4F9F02B0B37AE58C0DAEFCA9D242065731A23F072506430575 ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
15:05:49.0577 0x1478  sdbus - ok
15:05:49.0592 0x1478  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
15:05:49.0608 0x1478  sdstor - ok
15:05:49.0623 0x1478  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
15:05:49.0655 0x1478  secdrv - ok
15:05:49.0670 0x1478  [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon        C:\WINDOWS\system32\seclogon.dll
15:05:49.0686 0x1478  seclogon - ok
15:05:49.0702 0x1478  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\WINDOWS\System32\sens.dll
15:05:49.0733 0x1478  SENS - ok
15:05:49.0764 0x1478  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
15:05:49.0844 0x1478  SensrSvc - ok
15:05:49.0844 0x1478  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
15:05:49.0860 0x1478  SerCx - ok
15:05:49.0907 0x1478  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
15:05:49.0938 0x1478  SerCx2 - ok
15:05:49.0985 0x1478  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
15:05:50.0001 0x1478  Serenum - ok
15:05:50.0016 0x1478  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
15:05:50.0032 0x1478  Serial - ok
15:05:50.0047 0x1478  [ 96B01F117057FB4DAE0FF919ACB55770, D0F58F1CAE4F81D60FCE60BB0065A34B4F897E8105DF17B6DAA334938CD25A56 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
15:05:50.0063 0x1478  sermouse - ok
15:05:50.0141 0x1478  [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
15:05:50.0188 0x1478  SessionEnv - ok
15:05:50.0204 0x1478  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
15:05:50.0219 0x1478  sfloppy - ok
15:05:50.0297 0x1478  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
15:05:50.0329 0x1478  SharedAccess - ok
15:05:50.0360 0x1478  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
15:05:50.0438 0x1478  ShellHWDetection - ok
15:05:50.0501 0x1478  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
15:05:50.0516 0x1478  SiSRaid2 - ok
15:05:50.0532 0x1478  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
15:05:50.0547 0x1478  SiSRaid4 - ok
15:05:50.0579 0x1478  [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
15:05:50.0594 0x1478  SkypeUpdate - ok
15:05:50.0641 0x1478  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\WINDOWS\System32\smphost.dll
15:05:50.0657 0x1478  smphost - ok
15:05:50.0704 0x1478  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
15:05:50.0766 0x1478  SNMPTRAP - ok
15:05:50.0797 0x1478  [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
15:05:50.0829 0x1478  spaceport - ok
15:05:50.0844 0x1478  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
15:05:50.0860 0x1478  SpbCx - ok
15:05:50.0922 0x1478  [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan        C:\WINDOWS\SysWOW64\speedfan.sys
15:05:50.0938 0x1478  speedfan - ok
15:05:51.0047 0x1478  [ 59F13AAE95D8E934AC5C02AD65212E92, B9A741609F4B5FB83F4324A0ADB84FFA71D8A3CE95619DB9789888724CC69285 ] SplashtopRemoteService C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
15:05:51.0079 0x1478  SplashtopRemoteService - ok
15:05:51.0219 0x1478  [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
15:05:51.0313 0x1478  Spooler - ok
15:05:51.0516 0x1478  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
15:05:51.0766 0x1478  sppsvc - ok
15:05:51.0876 0x1478  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
15:05:51.0969 0x1478  srv - ok
15:05:52.0016 0x1478  [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
15:05:52.0063 0x1478  srv2 - ok
15:05:52.0079 0x1478  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
15:05:52.0141 0x1478  srvnet - ok
15:05:52.0204 0x1478  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
15:05:52.0251 0x1478  SSDPSRV - ok
15:05:52.0313 0x1478  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
15:05:52.0376 0x1478  SstpSvc - ok
15:05:52.0423 0x1478  [ 504C33FE3B4E2AF11FE5875DDCA8EBEA, 7A3A5B5B23422A58F597DDE5FC0593EDE8EF31A7FB9CB77DB3A6AAFCCA369F3D ] SSUService      C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
15:05:52.0438 0x1478  SSUService - ok
15:05:52.0516 0x1478  [ 97F839E8AEC48EE271509BF4BC764C24, 7B9B791E987ADC8991C128CD52CB253F295E41DF502BF8933DF388994E84560D ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
15:05:52.0548 0x1478  STacSV - detected UnsignedFile.Multi.Generic ( 1 )
15:05:54.0845 0x1478  Detect skipped due to KSN trusted
15:05:54.0845 0x1478  STacSV - ok
15:05:54.0939 0x1478  [ D31201BD8782752BD69DBE1E5DDF9AC5, 98B72690B4E6CC1B694C655DD31CB1FB56B76B62A32CFB748AF78F4C072D9740 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
15:05:54.0955 0x1478  Steam Client Service - ok
15:05:55.0002 0x1478  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
15:05:55.0033 0x1478  stexstor - ok
15:05:55.0064 0x1478  [ 7E89F65EB250463EE8665CFE19566FC3, 45849BAFA62E72A97103C5F02962D346D3F79DE9DB07297D1073FF355A506D9C ] STHDA           C:\WINDOWS\system32\DRIVERS\stwrt64.sys
15:05:55.0111 0x1478  STHDA - ok
15:05:55.0174 0x1478  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
15:05:55.0267 0x1478  stisvc - ok
15:05:55.0299 0x1478  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
15:05:55.0314 0x1478  storahci - ok
15:05:55.0345 0x1478  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
15:05:55.0361 0x1478  storflt - ok
15:05:55.0377 0x1478  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
15:05:55.0392 0x1478  stornvme - ok
15:05:55.0439 0x1478  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
15:05:55.0533 0x1478  StorSvc - ok
15:05:55.0549 0x1478  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
15:05:55.0564 0x1478  storvsc - ok
15:05:55.0611 0x1478  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\WINDOWS\system32\svsvc.dll
15:05:55.0674 0x1478  svsvc - ok
15:05:55.0689 0x1478  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
15:05:55.0705 0x1478  swenum - ok
15:05:55.0736 0x1478  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\WINDOWS\System32\swprv.dll
15:05:55.0799 0x1478  swprv - ok
15:05:55.0877 0x1478  [ 3114CB46C2853CA71525428CB0C7CB58, A9CC51506AABBC23BAB2B90E30AB13197A72268A3DE6D2F281C1C367ED7118AE ] SysMain         C:\WINDOWS\system32\sysmain.dll
15:05:55.0955 0x1478  SysMain - ok
15:05:55.0986 0x1478  [ 23BECB70654B192A7E378DEE3DBD8D42, 7596174AE7508B62C40A429645198F6A420D0CD5B62A10AB78516113584E7EDB ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
15:05:56.0064 0x1478  SystemEventsBroker - ok
15:05:56.0127 0x1478  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
15:05:56.0189 0x1478  TabletInputService - ok
15:05:56.0220 0x1478  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
15:05:56.0299 0x1478  TapiSrv - ok
15:05:56.0439 0x1478  [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
15:05:56.0533 0x1478  Tcpip - ok
15:05:56.0658 0x1478  [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:05:56.0736 0x1478  TCPIP6 - ok
15:05:56.0783 0x1478  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
15:05:56.0846 0x1478  tcpipreg - ok
15:05:56.0877 0x1478  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
15:05:56.0892 0x1478  tdx - ok
15:05:56.0924 0x1478  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
15:05:56.0939 0x1478  terminpt - ok
15:05:57.0049 0x1478  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\WINDOWS\System32\termsrv.dll
15:05:57.0080 0x1478  TermService - ok
15:05:57.0096 0x1478  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\WINDOWS\system32\themeservice.dll
15:05:57.0111 0x1478  Themes - ok
15:05:57.0158 0x1478  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
15:05:57.0189 0x1478  THREADORDER - ok
15:05:57.0221 0x1478  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
15:05:57.0299 0x1478  TimeBroker - ok
15:05:57.0361 0x1478  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
15:05:57.0377 0x1478  TPM - ok
15:05:57.0408 0x1478  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
15:05:57.0424 0x1478  TrkWks - ok
15:05:57.0517 0x1478  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
15:05:57.0580 0x1478  TrustedInstaller - ok
15:05:57.0580 0x1478  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
15:05:57.0674 0x1478  TsUsbFlt - ok
15:05:57.0689 0x1478  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
15:05:57.0736 0x1478  TsUsbGD - ok
15:05:57.0767 0x1478  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
15:05:57.0814 0x1478  tunnel - ok
15:05:57.0830 0x1478  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
15:05:57.0830 0x1478  uagp35 - ok
15:05:57.0846 0x1478  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
15:05:57.0861 0x1478  UASPStor - ok
15:05:57.0908 0x1478  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
15:05:57.0924 0x1478  UCX01000 - ok
15:05:57.0955 0x1478  [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
15:05:57.0971 0x1478  udfs - ok
15:05:57.0986 0x1478  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
15:05:58.0002 0x1478  UEFI - ok
15:05:58.0033 0x1478  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
15:05:58.0049 0x1478  UI0Detect - ok
15:05:58.0080 0x1478  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
15:05:58.0080 0x1478  uliagpkx - ok
15:05:58.0096 0x1478  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
15:05:58.0111 0x1478  umbus - ok
15:05:58.0111 0x1478  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
15:05:58.0127 0x1478  UmPass - ok
15:05:58.0189 0x1478  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
15:05:58.0267 0x1478  UmRdpService - ok
15:05:58.0283 0x1478  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\WINDOWS\System32\upnphost.dll
15:05:58.0314 0x1478  upnphost - ok
15:05:58.0346 0x1478  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
15:05:58.0361 0x1478  usbccgp - ok
15:05:58.0377 0x1478  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
15:05:58.0392 0x1478  usbcir - ok
15:05:58.0408 0x1478  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
15:05:58.0408 0x1478  usbehci - ok
15:05:58.0424 0x1478  [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
15:05:58.0455 0x1478  usbhub - ok
15:05:58.0471 0x1478  [ FAA564A13576F9284546BF016D27B551, 1D2CD13DC0B02DD40657EE4F93F4A13C78D2F2EF91685E563D78E217C96DF544 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
15:05:58.0502 0x1478  USBHUB3 - ok
15:05:58.0517 0x1478  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
15:05:58.0674 0x1478  usbohci - ok
15:05:58.0705 0x1478  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
15:05:58.0783 0x1478  usbprint - ok
15:05:58.0814 0x1478  [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:05:58.0846 0x1478  usbscan - ok
15:05:58.0877 0x1478  [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
15:05:58.0892 0x1478  USBSTOR - ok
15:05:58.0939 0x1478  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
15:05:58.0939 0x1478  usbuhci - ok
15:05:58.0955 0x1478  [ 1A20F03700D2B2ED775E38D751EF2F63, 76F8BE9F412D4397437E60A7E6231C80EA9B4F5436C9A8FAB967C78604994AE9 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
15:05:58.0971 0x1478  USBXHCI - ok
15:05:59.0017 0x1478  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\WINDOWS\system32\lsass.exe
15:05:59.0049 0x1478  VaultSvc - ok
15:05:59.0064 0x1478  [ 87D4E923785CDFA655B53A78DD99BD2B, CCE460ED6C1292284B22B675CEDBB86CC3D329B15B1B9F77EA80AC7EDB774B65 ] VBoxNetAdp      C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys
15:05:59.0080 0x1478  VBoxNetAdp - ok
15:05:59.0080 0x1478  VBoxNetFlt - ok
15:05:59.0127 0x1478  [ 3C8E2C591345F38149C69FE8E5DF8C90, 9F4BB9BDA09CB2E99A6A888B288F322AE5C460B5D124CD714C6F00FF5029144B ] VClone          C:\WINDOWS\System32\drivers\VClone.sys
15:05:59.0189 0x1478  VClone - ok
15:05:59.0205 0x1478  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
15:05:59.0221 0x1478  vdrvroot - ok
15:05:59.0283 0x1478  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\WINDOWS\System32\vds.exe
15:05:59.0346 0x1478  vds - ok
15:05:59.0377 0x1478  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
15:05:59.0392 0x1478  VerifierExt - ok
15:05:59.0471 0x1478  [ C06E8481E068F170A258441639AC5792, 2F550530BACB511A195D5047F003B01CB6E04FA9A0DCCF638CB3D51FF5467DC7 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
15:05:59.0486 0x1478  vhdmp - ok
15:05:59.0517 0x1478  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
15:05:59.0517 0x1478  viaide - ok
15:05:59.0533 0x1478  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
15:05:59.0549 0x1478  vmbus - ok
15:05:59.0564 0x1478  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
15:05:59.0580 0x1478  VMBusHID - ok
15:05:59.0642 0x1478  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
15:05:59.0674 0x1478  vmicguestinterface - ok
15:05:59.0689 0x1478  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
15:05:59.0705 0x1478  vmicheartbeat - ok
15:05:59.0721 0x1478  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
15:05:59.0736 0x1478  vmickvpexchange - ok
15:05:59.0752 0x1478  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
15:05:59.0783 0x1478  vmicrdv - ok
15:05:59.0799 0x1478  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
15:05:59.0819 0x1478  vmicshutdown - ok
15:05:59.0834 0x1478  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
15:05:59.0850 0x1478  vmictimesync - ok
15:05:59.0865 0x1478  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
15:05:59.0881 0x1478  vmicvss - ok
15:05:59.0912 0x1478  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
15:05:59.0912 0x1478  volmgr - ok
15:05:59.0928 0x1478  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
15:05:59.0959 0x1478  volmgrx - ok
15:05:59.0975 0x1478  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
15:05:59.0990 0x1478  volsnap - ok
15:06:00.0037 0x1478  [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
15:06:00.0069 0x1478  vpci - ok
15:06:00.0084 0x1478  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
15:06:00.0100 0x1478  vsmraid - ok
15:06:00.0194 0x1478  [ 94FAFD473CDD80CE19A21FB9503D7ED1, 953E5E8C753C0017E1258695A76F60CC05D283F7476B9D9C5C8AC78B8E3FCE18 ] VSS             C:\WINDOWS\system32\vssvc.exe
15:06:00.0272 0x1478  VSS - ok
15:06:00.0287 0x1478  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
15:06:00.0303 0x1478  VSTXRAID - ok
15:06:00.0334 0x1478  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
15:06:00.0459 0x1478  vwifibus - ok
15:06:00.0537 0x1478  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\WINDOWS\system32\w32time.dll
15:06:00.0584 0x1478  W32Time - ok
15:06:00.0600 0x1478  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
15:06:00.0615 0x1478  WacomPen - ok
15:06:00.0694 0x1478  [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine        C:\WINDOWS\system32\wbengine.exe
15:06:00.0819 0x1478  wbengine - ok
15:06:00.0897 0x1478  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
15:06:00.0990 0x1478  WbioSrvc - ok
15:06:01.0006 0x1478  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
15:06:01.0053 0x1478  Wcmsvc - ok
15:06:01.0069 0x1478  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
15:06:01.0100 0x1478  wcncsvc - ok
15:06:01.0115 0x1478  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
15:06:01.0178 0x1478  WcsPlugInService - ok
15:06:01.0225 0x1478  [ 0359607177E5E9F6041136CC0A5CB0B6, 16687BE2639648CF46E8768BA1798030472C525612C629BF134D053240E2195B ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
15:06:01.0240 0x1478  WdBoot - ok
15:06:01.0319 0x1478  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
15:06:01.0350 0x1478  Wdf01000 - ok
15:06:01.0381 0x1478  [ DE8D12B4C3F55FA2C5E9774314F6C58A, C3E835DC066A94E1431BCDC90D7EA27AAC6F82826F4A5527B37D865241D7A366 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
15:06:01.0397 0x1478  WdFilter - ok
15:06:01.0412 0x1478  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
15:06:01.0444 0x1478  WdiServiceHost - ok
15:06:01.0444 0x1478  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
15:06:01.0459 0x1478  WdiSystemHost - ok
15:06:01.0475 0x1478  [ 4AD874CDC812EC156265E451B6B09DAB, 6E3E05B8301841425E9BB0D54B35EF386B78EEB307B5A6153FD1F366D30F23FA ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
15:06:01.0490 0x1478  WdNisDrv - ok
15:06:01.0522 0x1478  WdNisSvc - ok
15:06:01.0553 0x1478  [ 185E4111627F7AA6799E1366B5E91D65, 7A02C816DFBCCF47EDB49E5E2005A3D0B80719FAC94F9298D2DBAC63950EDA05 ] WebClient       C:\WINDOWS\System32\webclnt.dll
15:06:01.0662 0x1478  WebClient - ok
15:06:01.0678 0x1478  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
15:06:01.0725 0x1478  Wecsvc - ok
15:06:01.0740 0x1478  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
15:06:01.0772 0x1478  WEPHOSTSVC - ok
15:06:01.0787 0x1478  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
15:06:01.0850 0x1478  wercplsupport - ok
15:06:01.0881 0x1478  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
15:06:01.0897 0x1478  WerSvc - ok
15:06:01.0944 0x1478  [ BAB713B409258DB7B5D9F9693F802B0E, C0D0391EC4FDC07E0A07F4EEB2DC9CC5B2BE5D2E292E7D01929E8D39D6F73EA5 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
15:06:01.0959 0x1478  WFPLWFS - ok
15:06:01.0975 0x1478  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
15:06:01.0991 0x1478  WiaRpc - ok
15:06:02.0037 0x1478  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
15:06:02.0053 0x1478  WIMMount - ok
15:06:02.0053 0x1478  WinDefend - ok
15:06:02.0116 0x1478  [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
15:06:02.0162 0x1478  WinHttpAutoProxySvc - ok
15:06:02.0225 0x1478  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
15:06:02.0303 0x1478  Winmgmt - ok
15:06:02.0428 0x1478  [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
15:06:02.0506 0x1478  WinRM - ok
15:06:02.0584 0x1478  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
15:06:02.0600 0x1478  WINUSB - ok
15:06:02.0678 0x1478  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
15:06:02.0756 0x1478  WlanSvc - ok
15:06:02.0819 0x1478  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
15:06:02.0897 0x1478  wlidsvc - ok
15:06:02.0944 0x1478  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
15:06:02.0944 0x1478  WmiAcpi - ok
15:06:03.0006 0x1478  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
15:06:03.0022 0x1478  wmiApSrv - ok
15:06:03.0084 0x1478  WMPNetworkSvc - ok
15:06:03.0116 0x1478  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
15:06:03.0131 0x1478  Wof - ok
15:06:03.0225 0x1478  [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
15:06:03.0381 0x1478  workfolderssvc - ok
15:06:03.0444 0x1478  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
15:06:03.0459 0x1478  wpcfltr - ok
15:06:03.0491 0x1478  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
15:06:03.0522 0x1478  WPCSvc - ok
15:06:03.0522 0x1478  [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
15:06:03.0569 0x1478  WPDBusEnum - ok
15:06:03.0584 0x1478  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
15:06:03.0600 0x1478  WpdUpFltr - ok
15:06:03.0600 0x1478  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
15:06:03.0631 0x1478  ws2ifsl - ok
15:06:03.0647 0x1478  [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
15:06:03.0694 0x1478  wscsvc - ok
15:06:03.0694 0x1478  WSearch - ok
15:06:03.0819 0x1478  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\WINDOWS\System32\WSService.dll
15:06:03.0975 0x1478  WSService - ok
15:06:04.0116 0x1478  [ 1B24547C96E1C656ED9A8E6B6F6FA03B, A15D1180D8A9011F0D5A2C8D801D34974D5AEA367FFFB96BD335448B17A2C142 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
15:06:04.0272 0x1478  wuauserv - ok
15:06:04.0334 0x1478  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
15:06:04.0397 0x1478  WudfPf - ok
15:06:04.0428 0x1478  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
15:06:04.0459 0x1478  WUDFRd - ok
15:06:04.0475 0x1478  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
15:06:04.0491 0x1478  wudfsvc - ok
15:06:04.0506 0x1478  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
15:06:04.0522 0x1478  WUDFWpdFs - ok
15:06:04.0522 0x1478  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
15:06:04.0538 0x1478  WUDFWpdMtp - ok
15:06:04.0569 0x1478  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
15:06:04.0584 0x1478  WwanSvc - ok
15:06:04.0600 0x1478  ================ Scan global ===============================
15:06:04.0678 0x1478  [ 243F54DBA6EB48A369CA465E263ABA4A, 9D9F9DE783D000F3EA130EB68FD71319F21E4F1CD4232FB8B2F8A9A67E08F5F4 ] C:\WINDOWS\system32\basesrv.dll
15:06:04.0741 0x1478  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll
15:06:04.0788 0x1478  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll
15:06:04.0803 0x1478  [ 5BF02EBEFEDC706318C96E2E60EDCB91, DC866C5BC3A887CAAA7169AB9BB2992F6F877B3EA04B62B4F95B6BD54943155F ] C:\WINDOWS\system32\services.exe
15:06:04.0819 0x1478  [ Global ] - ok
15:06:04.0819 0x1478  ================ Scan MBR ==================================
15:06:04.0835 0x1478  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
15:06:04.0928 0x1478  \Device\Harddisk0\DR0 - ok
15:06:04.0960 0x1478  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
15:06:05.0163 0x1478  \Device\Harddisk1\DR1 - ok
15:06:05.0163 0x1478  ================ Scan VBR ==================================
15:06:05.0194 0x1478  [ 12A32DC54A5932C51FF38D50FDB83E1F ] \Device\Harddisk0\DR0\Partition1
15:06:05.0210 0x1478  \Device\Harddisk0\DR0\Partition1 - ok
15:06:05.0225 0x1478  [ 8195AC7F02DD2DE8BE9CF0DC92AE3B5A ] \Device\Harddisk0\DR0\Partition2
15:06:05.0225 0x1478  \Device\Harddisk0\DR0\Partition2 - ok
15:06:05.0241 0x1478  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
15:06:05.0241 0x1478  \Device\Harddisk0\DR0\Partition3 - ok
15:06:05.0241 0x1478  [ 42F2DAE7D846B6499F6923A18C513D19 ] \Device\Harddisk0\DR0\Partition4
15:06:05.0241 0x1478  \Device\Harddisk0\DR0\Partition4 - ok
15:06:05.0272 0x1478  [ 662ED4DBD6B4488DE1B6A2150295D68F ] \Device\Harddisk0\DR0\Partition5
15:06:05.0272 0x1478  \Device\Harddisk0\DR0\Partition5 - ok
15:06:05.0288 0x1478  [ 145B68D0E2C824FD3B6B29D4B4E21862 ] \Device\Harddisk0\DR0\Partition6
15:06:05.0288 0x1478  \Device\Harddisk0\DR0\Partition6 - ok
15:06:05.0303 0x1478  [ 54F60A1FEBB5E1736072A3AE2C5B1627 ] \Device\Harddisk0\DR0\Partition7
15:06:05.0303 0x1478  \Device\Harddisk0\DR0\Partition7 - ok
15:06:05.0319 0x1478  [ 636A9AA53C3110CC4616B76975580953 ] \Device\Harddisk0\DR0\Partition8
15:06:05.0319 0x1478  \Device\Harddisk0\DR0\Partition8 - ok
15:06:05.0319 0x1478  ================ Scan generic autorun ======================
15:06:05.0381 0x1478  [ 49BD5663071AA799AC0B1E6B48EB9257, 39364B7E08C87545B4E48264509D73800FE5B0A76E34E0B169DA489895820B22 ] C:\Program Files\IDT\WDM\beats64.exe
15:06:05.0397 0x1478  BeatsOSDApp - detected UnsignedFile.Multi.Generic ( 1 )
15:06:07.0710 0x1478  Detect skipped due to KSN trusted
15:06:07.0710 0x1478  BeatsOSDApp - ok
15:06:07.0788 0x1478  [ 94BFCE236D6340011721470E394056E3, 42A7808F6C53C268354E9E47F0689FE2B4717F61E97CBAA0ABF33E0275B908EF ] C:\Program Files\IDT\WDM\sttray64.exe
15:06:07.0835 0x1478  SysTrayApp - detected UnsignedFile.Multi.Generic ( 1 )
15:06:10.0148 0x1478  Detect skipped due to KSN trusted
15:06:10.0148 0x1478  SysTrayApp - ok
15:06:10.0242 0x1478  [ 73F1B07CF82235B25BCC3E9A7522ACCB, 47221B8DFF5A44050AFB0AB5A249FEECE36BE2E000D6529E099128EEDFA647DA ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
15:06:10.0273 0x1478  StartCCC - ok
15:06:10.0367 0x1478  [ 308F2EE28005510DE616409148CF077B, A2126CB185B0053086BDD6F0A16A503F6CA629AC677E4B7AE6D43C770061D087 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
15:06:10.0398 0x1478  SunJavaUpdateSched - ok
15:06:10.0476 0x1478  [ 3BD79A1F6D2EA0FDDEA3F8914B2A6A0C, 332E6806EFF846A2E6D0DC04A70D3503855DABFA83E6EC27F37E2D9103E80E51 ] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
15:06:10.0492 0x1478  VirtualCloneDrive - ok
15:06:10.0539 0x1478  [ BD2EB5BA405C9FC6487D70243540103A, 6B72A0E226CDB198AC4755C788AC87367362BFA7E1C61EA1946885B872FDBD16 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
15:06:10.0554 0x1478  PSUAMain - ok
15:06:10.0789 0x1478  [ E5255D63DD01AA9F1CC4355FE366E2D3, 2E28C14DC1FEAE10626D37FF4C1DAE27F3801A40EA973E02E42B48185CBBC89B ] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
15:06:10.0899 0x1478  LogMeIn Hamachi Ui - ok
15:06:11.0071 0x1478  [ 08DFA176E4FC0E63ACD8EC854449D2B0, B8CA204C3F318CD9D12F61CDDA5C66184A48D6206F019AD11DB2605FDBEB288D ] C:\Users\HPPC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
15:06:11.0118 0x1478  Spotify Web Helper - ok
15:06:11.0165 0x1478  [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\HPPC\AppData\Local\Dropbox\Update\DropboxUpdate.exe
15:06:11.0181 0x1478  Dropbox Update - ok
15:06:11.0181 0x1478  Waiting for KSN requests completion. In queue: 7
15:06:12.0196 0x1478  Waiting for KSN requests completion. In queue: 7
15:06:13.0212 0x1478  Waiting for KSN requests completion. In queue: 7
15:06:13.0477 0x1318  Object required for P2P: [ E5255D63DD01AA9F1CC4355FE366E2D3 ] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
15:06:14.0212 0x1478  Waiting for KSN requests completion. In queue: 3
15:06:15.0228 0x1478  Waiting for KSN requests completion. In queue: 3
15:06:15.0931 0x1318  Object send P2P result: true
15:06:16.0244 0x1478  AV detected via SS2: Panda Free Antivirus, C:\Program Files (x86)\Panda Security\Panda Security Protection\PAV3WSC.exe ( 6.0.0.0 ), 0x71000 ( enabled : updated )
15:06:16.0244 0x1478  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.6.305.0 ), 0x60100 ( disabled : updated )
15:06:16.0244 0x1478  FW detected via SS2: Panda Firewall, C:\Program Files (x86)\Panda Security\Panda Security Protection\PAV3WSC.exe ( 6.0.0.0 ), 0x72010 ( disabled )
15:06:16.0275 0x1478  Win FW state via NFP2: disabled ( trusted )
15:06:18.0635 0x1478  ============================================================
15:06:18.0635 0x1478  Scan finished
15:06:18.0635 0x1478  ============================================================
15:06:18.0650 0x0594  Detected object count: 0
15:06:18.0650 0x0594  Actual detected object count: 0
15:06:36.0325 0x0bbc  Deinitialize success
         
__________________

Alt 22.11.2015, 06:43   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Probleme nach Cyberfox Update - Standard

Probleme nach Cyberfox Update



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 22.11.2015, 12:09   #5
Kaitosan
 
Probleme nach Cyberfox Update - Standard

Probleme nach Cyberfox Update



Malwarebytes Anti-Malware
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 22.11.2015
Suchlaufzeit: 12:32
Protokolldatei: mam.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2015.11.22.02
Rootkit-Datenbank: v2015.11.14.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: HPPC

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 355435
Abgelaufene Zeit: 12 Min., 55 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 1
PUP.Optional.Yontoo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Update ace race, In Quarantäne, [df2b8af74e3d5cdaf26427c0b94a659b], 

Registrierungswerte: 1
PUP.Optional.Vosteran, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|AppPath, C:\Program Files (x86)\WSE_Vosteran\\, In Quarantäne, [1cee3e43b9d2e056a39468f25fa4e020]

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
AdwCleaner
AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v5.021 - Bericht erstellt am 22/11/2015 um 12:56:11
# Aktualisiert am 14/11/2015 von Xplode
# Datenbank : 2015-11-19.4 [Server]
# Betriebssystem : Windows 8.1  (x64)
# Benutzername : HPPC - HP
# Gestartet von : C:\Users\HPPC\Desktop\AdwCleaner_5.021.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****

[-] Datei Gelöscht : C:\Users\HPPC\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\rz80wx15.default\foxydeal.sqlite

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****


*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [903 Bytes] ##########
         
--- --- ---

Junkware Removal Tool
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.0 (11.12.2015)
Operating System: Windows 8.1 x64 
Ran by HPPC (Administrator) on 22.11.2015 at 12:59:34,74
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 2 

Successfully deleted: C:\Users\HPPC\AppData\Roaming\speedrunnerslog.txt (File) 
Successfully deleted: C:\WINDOWS\system32\REN2167.tmp (File) 



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22.11.2015 at 13:01:41,55
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
FRST
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:20-11-2015
durchgeführt von HPPC (Administrator) auf HP (22-11-2015 13:05:20)
Gestartet von C:\Users\HPPC\Desktop
Geladene Profile: HPPC (Verfügbare Profile: HPPC)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
( Rsupport Corporation) C:\Program Files (x86)\RSUPPORT\MobizenService\MobizenService.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(8pecxstudios) C:\Program Files\Cyberfox\Cyberfox.exe
() C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_1.8.0.19_x86__h6adky7gbf63m\W8.1EntryPoint.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2012-08-10] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-08-10] (IDT, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [40184 2015-02-17] (Panda Security, S.L.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-11-12] (LogMeIn Inc.)
HKLM\...\Winlogon: [Userinit] C:\WINDOWS\SysWOW64\userinit.exe,
HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\Run: [Spotify Web Helper] => C:\Users\HPPC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-12] (Spotify Ltd)
HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\Run: [Dropbox Update] => C:\Users\HPPC\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-19] (Dropbox, Inc.)
HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\MountPoints2: {d4a071f6-483f-11e5-bf85-78e3b5b56ba1} - "G:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\MountPoints2: {d4a072b9-483f-11e5-bf85-78e3b5b56ba1} - "G:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\MountPoints2: {f3de35ef-23c5-11e4-be72-78e3b5b56ba1} - "H:\wubi.exe" 
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\..\Interfaces\{687EFE86-7C48-4DD7-9764-BFDE83F885DD}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{93B37C6C-F077-40E8-BA0B-A8E67EA05545}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-08-14] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-08-14] (Oracle Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll [2014-08-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2015-07-19] (Unity Technologies ApS)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll [2014-08-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-08-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-08-14] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-06-26] (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-3776727103-4227896957-2343858286-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\HPPC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-09-05] (Unity Technologies ApS)

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244392 2015-06-02] (Foxit Software Inc.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-11-12] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 Mobizen plugin; C:\Program Files (x86)\RSUPPORT\MobizenService\MobizenService.exe [3353360 2015-08-14] ( Rsupport Corporation)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142584 2015-02-17] (Panda Security, S.L.)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [66808 2014-10-09] (Panda Security, S.L.)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [Datei ist nicht signiert]
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-06-26] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-06-26] (pdfforge GmbH)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-02-17] (Panda Security, S.L.)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [321536 2012-08-10] (IDT, Inc.) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-03] (Advanced Micro Devices)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.)
S3 HtcVCom32; C:\Windows\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [93968 2015-02-09] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [202000 2015-02-09] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [110864 2015-02-09] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [116496 2015-02-09] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [49936 2014-12-31] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [99600 2015-02-09] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [69904 2015-02-09] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [124176 2015-02-09] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [299792 2015-02-09] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [166160 2015-02-09] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [113424 2015-02-09] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [257296 2015-02-09] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [106256 2015-02-09] (Panda Security, S.L.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [163088 2015-02-11] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [121616 2015-02-11] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [197392 2015-02-10] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [124176 2015-02-11] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [133904 2015-02-11] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [107792 2015-02-11] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [61712 2015-01-29] (Panda Security, S.L.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [35320 2014-09-22] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [258368 2014-09-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-22 13:05 - 2015-11-22 13:05 - 00015078 _____ C:\Users\HPPC\Desktop\FRST.txt
2015-11-22 13:03 - 2015-11-22 13:03 - 02345984 _____ (Farbar) C:\Users\HPPC\Desktop\FRST64.exe
2015-11-22 12:46 - 2015-11-22 12:56 - 00000738 _____ C:\WINDOWS\PFRO.log
2015-11-22 12:31 - 2015-11-22 12:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-11-22 12:31 - 2015-11-22 12:31 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-11-22 12:31 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-11-22 12:31 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-11-21 22:20 - 2014-07-29 02:16 - 43985758 _____ C:\Users\HPPC\Desktop\Plains of Eternity.psd
2015-11-20 17:18 - 2015-11-20 17:19 - 00000000 ____D C:\Users\HPPC\AppData\Local\SM3DL
2015-11-19 21:57 - 2015-01-29 18:21 - 00061712 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
2015-11-17 22:00 - 2015-11-17 22:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-11-17 22:00 - 2015-11-17 22:00 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2015-11-16 16:27 - 2015-11-16 16:27 - 00000000 __SHD C:\WINDOWS\SysWOW64\AI_RecycleBin
2015-11-16 16:12 - 2015-11-16 16:12 - 00000000 ____D C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cyberfox
2015-11-15 00:30 - 2015-11-18 20:36 - 00000000 ____D C:\Users\HPPC\Desktop\Base
2015-11-14 15:48 - 2015-11-14 15:48 - 00000085 ___SH C:\ProgramData\.zreglib
2015-11-14 15:48 - 2015-11-14 15:48 - 00000000 ____D C:\ProgramData\Elaborate Bytes
2015-11-13 12:42 - 2015-11-13 12:42 - 00000000 ____D C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-11-12 11:47 - 2015-11-12 11:47 - 00045680 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys
2015-11-03 12:22 - 2015-11-18 01:12 - 00000000 ____D C:\Users\HPPC\Desktop\Convert
2015-11-02 16:18 - 2015-11-06 09:06 - 00000000 ____D C:\Users\HPPC\Downloads\PS3
2015-10-30 15:13 - 2015-11-16 17:43 - 00000238 _____ C:\Users\HPPC\Desktop\Neues Textdokument.txt
2015-10-27 10:21 - 2015-10-27 10:21 - 00000000 ____D C:\Users\HPPC\AppData\Roaming\fltk.org
2015-10-27 10:21 - 2015-10-27 10:21 - 00000000 ____D C:\ProgramData\fltk.org
2015-10-23 22:33 - 2015-10-23 22:33 - 00000000 ____D C:\Users\HPPC\Documents\Games
2015-10-23 22:33 - 2015-10-23 22:33 - 00000000 ____D C:\Users\HPPC\AppData\Local\KADOKAWA
2015-10-23 22:30 - 2015-10-23 22:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RPG Maker MV
2015-10-23 22:29 - 2015-10-23 22:29 - 00000000 ____D C:\Program Files (x86)\KADOKAWA

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-22 13:05 - 2015-02-24 16:20 - 00000000 ____D C:\FRST
2015-11-22 13:02 - 2014-08-09 14:11 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3776727103-4227896957-2343858286-1001
2015-11-22 13:00 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-22 12:57 - 2015-10-15 20:57 - 00006470 _____ C:\WINDOWS\setupact.log
2015-11-22 12:57 - 2015-02-22 15:37 - 00000000 ___RD C:\Users\HPPC\OneDrive
2015-11-22 12:57 - 2014-08-25 20:37 - 00000000 ____D C:\Users\HPPC\AppData\Local\LogMeIn Hamachi
2015-11-22 12:57 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-22 12:56 - 2015-02-25 22:13 - 00000000 ____D C:\AdwCleaner
2015-11-22 12:56 - 2015-02-22 15:34 - 00000008 __RSH C:\ProgramData\ntuser.pol
2015-11-22 12:52 - 2014-08-14 20:21 - 00000000 ___RD C:\Users\HPPC\Desktop\Programme
2015-11-22 12:48 - 2015-02-24 22:03 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-11-22 12:46 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Registration
2015-11-22 12:45 - 2013-08-22 14:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-11-22 12:41 - 2015-06-19 14:31 - 00001226 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3776727103-4227896957-2343858286-1001UA.job
2015-11-22 12:31 - 2015-02-24 22:03 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-22 09:37 - 2015-08-27 19:29 - 01175125 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-22 01:54 - 2015-02-22 15:08 - 00000000 ____D C:\Users\HPPC
2015-11-22 01:41 - 2015-06-19 14:31 - 00001174 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3776727103-4227896957-2343858286-1001Core.job
2015-11-22 01:37 - 2014-08-17 14:42 - 00000000 ____D C:\Users\HPPC\AppData\Roaming\vlc
2015-11-22 00:34 - 2014-08-16 11:52 - 00000000 __RHD C:\Users\HPPC\Dropbox
2015-11-21 22:25 - 2014-08-26 13:14 - 109897728 ___SH C:\Users\HPPC\Desktop\Thumbs.db
2015-11-21 22:19 - 2014-08-16 11:49 - 00000000 ____D C:\Users\HPPC\AppData\Roaming\Dropbox
2015-11-21 17:10 - 2014-11-21 04:35 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-21 17:10 - 2014-11-21 03:45 - 00764340 _____ C:\WINDOWS\system32\perfh007.dat
2015-11-21 17:10 - 2014-11-21 03:45 - 00159160 _____ C:\WINDOWS\system32\perfc007.dat
2015-11-21 15:01 - 2015-02-24 22:03 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-11-21 13:03 - 2014-08-16 21:07 - 00000000 ____D C:\Users\HPPC\Documents\Camtasia Studio
2015-11-21 12:56 - 2014-08-27 14:56 - 00004608 _____ C:\Users\HPPC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-11-21 11:29 - 2015-07-21 21:31 - 00000000 ___RD C:\Users\HPPC\Desktop\Pandora's Box
2015-11-21 00:20 - 2014-08-14 19:40 - 00000000 ____D C:\Users\HPPC\AppData\Roaming\Skype
2015-11-20 23:03 - 2015-08-30 08:16 - 00000000 ____D C:\Users\HPPC\Desktop\Neu
2015-11-20 22:39 - 2015-10-13 10:40 - 00000000 ____D C:\Users\HPPC\Desktop\Szenen
2015-11-20 17:27 - 2014-08-14 20:21 - 00000000 ___RD C:\Users\HPPC\Desktop\Spiele
2015-11-20 01:01 - 2015-08-09 11:00 - 00000000 ___RD C:\Users\HPPC\Desktop\FinVal
2015-11-20 00:39 - 2015-08-09 23:21 - 00000000 ____D C:\Users\HPPC\Desktop\Yoshi Wallpaper
2015-11-19 22:29 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-19 22:15 - 2015-10-11 18:15 - 00000000 ____D C:\Users\HPPC\Desktop\NVList-3.3
2015-11-17 10:32 - 2014-11-26 11:01 - 00000000 ___RD C:\Users\HPPC\Desktop\Bilder
2015-11-17 10:10 - 2015-01-12 11:43 - 00000000 ____D C:\Users\HPPC\Downloads\3DS
2015-11-17 09:16 - 2014-08-15 17:19 - 00000000 ____D C:\Users\HPPC\AppData\Local\JDownloader v2.0
2015-11-16 16:12 - 2014-08-14 19:33 - 00000826 _____ C:\Users\Public\Desktop\Cyberfox.lnk
2015-11-16 16:12 - 2014-08-14 19:33 - 00000000 ____D C:\Program Files\Cyberfox
2015-11-16 13:15 - 2015-08-12 21:15 - 00000000 ____D C:\Users\HPPC\Desktop\Dragons
2015-11-15 00:30 - 2014-08-16 11:25 - 00000000 ___RD C:\Users\HPPC\Desktop\Sonstiges
2015-11-14 15:48 - 2014-08-15 17:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2015-11-14 15:48 - 2014-08-15 17:01 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
2015-10-27 10:21 - 2014-11-27 12:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amnesia - The Dark Descent
2015-10-27 10:13 - 2014-11-27 14:16 - 00000000 ____D C:\Users\HPPC\Documents\Amnesia
2015-10-27 08:18 - 2013-08-22 15:44 - 04957520 _____ C:\WINDOWS\system32\FNTCACHE.DAT

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-08-18 01:24 - 2014-08-19 11:20 - 0000132 _____ () C:\Users\HPPC\AppData\Roaming\Adobe PNG Format CS5 Prefs
2015-05-08 23:32 - 2015-05-08 23:32 - 0002916 _____ () C:\Users\HPPC\AppData\Roaming\TargetInvocationLog.txt
2014-09-26 14:44 - 2015-10-17 12:56 - 0001456 _____ () C:\Users\HPPC\AppData\Local\Adobe Für Web speichern 11.0 Prefs
2014-08-27 14:56 - 2015-11-21 12:56 - 0004608 _____ () C:\Users\HPPC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-26 02:42 - 2015-07-21 23:37 - 0007608 _____ () C:\Users\HPPC\AppData\Local\Resmon.ResmonCfg
2015-11-14 15:48 - 2015-11-14 15:48 - 0000085 ___SH () C:\ProgramData\.zreglib

Einige Dateien in TEMP:
====================
C:\Users\HPPC\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbmahtl.dll
C:\Users\HPPC\AppData\Local\Temp\proxy_vole1591921514149422294.dll
C:\Users\HPPC\AppData\Local\Temp\proxy_vole4710295672764641662.dll
C:\Users\HPPC\AppData\Local\Temp\proxy_vole5307946691491688091.dll
C:\Users\HPPC\AppData\Local\Temp\SkypeSetup.exe
C:\Users\HPPC\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-22 10:18

==================== Ende von FRST.txt ============================
         
Addition
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:20-11-2015
durchgeführt von HPPC (2015-11-22 13:06:28)
Gestartet von C:\Users\HPPC\Desktop
Windows 8.1 (X64) (2015-02-22 14:27:51)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3776727103-4227896957-2343858286-500 - Administrator - Disabled)
Gast (S-1-5-21-3776727103-4227896957-2343858286-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3776727103-4227896957-2343858286-1006 - Limited - Enabled)
HPPC (S-1-5-21-3776727103-4227896957-2343858286-1001 - Administrator - Enabled) => C:\Users\HPPC

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Panda Free Antivirus (Enabled - Up to date) {AAF74A68-8713-CDF1-004F-30003398BE9E}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Free Antivirus (Enabled - Up to date) {1196AB8C-A129-C27F-3AFF-0B72481FF423}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Firewall (Disabled) {92CCCB4D-CD7C-CCA9-2B10-9935CD4BF9E5}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Amnesia - The Dark Descent  (HKLM-x32\...\{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1) (Version: 1.2 - Frictional Games)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Azure Striker Gunvolt (HKLM-x32\...\Steam App 388800) (Version:  - INTI CREATES CO., LTD.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Camtasia Studio 8 (HKLM-x32\...\{3F3A5785-81E3-4065-B643-B4933790AE1E}) (Version: 8.1.1.1313 - TechSmith Corporation)
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5000 - CDBurnerXP)
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.3 - Elaborate Bytes)
Crazy Taxi (HKLM-x32\...\Steam App 71230) (Version:  - SEGA)
Cyberfox Web Browser (HKLM\...\{5EFB52C0-4EC9-46B4-80EB-8432C6599641}_is1) (Version: 42.0.1.0 - 8pecxstudios)
Dear Esther Version 1.0 (HKLM-x32\...\Dear Esther_is1) (Version: 1.0 - TheChineseRoom)
Divekick (HKLM-x32\...\Steam App 244730) (Version:  - Iron Galaxy Studios)
Dropbox (HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
fault milestone one Demo (HKLM-x32\...\Steam App 313680) (Version:  - ALICE IN DISSONANCE)
FINAL FANTASY XIII-2 (HKLM-x32\...\Steam App 292140) (Version:  - SQUARE ENIX)
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.5.116.602 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.0.6.1126 - Foxit Software Inc.)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
FreeStyle2: Street Basketball (HKLM-x32\...\Steam App 339610) (Version:  - Joycity)
GitHub (HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\5f7eb300e2ea4ebf) (Version: 3.0.6.4 - GitHub, Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6418.0 - IDT)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.410 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.410 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mighty Gunvolt (HKLM-x32\...\Steam App 394600) (Version:  - INTI CREATES CO., LTD.)
Mobizen (HKLM-x32\...\{BA0D3A44-BCEE-4C8B-BCD4-F7F1E64F41E3}) (Version: 2.16.0.2 - RSUPPORT)
Mozilla Thunderbird 31.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.5.0 (x86 de)) (Version: 31.5.0 - Mozilla)
NiGHTS into Dreams... (HKLM-x32\...\Steam App 219950) (Version:  - SEGA)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.3 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.04 - Panda Security)
Panda Devices Agent (x32 Version: 1.05.00 - Panda Security) Hidden
Panda Free Antivirus (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 15.01.00.0000 - Panda Security)
Panda Free Antivirus (Version: 7.81.00.0000 - Panda Security) Hidden
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version:  - OVERKILL Software)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)
PDF Architect 2 View Module (HKLM-x32\...\{C960FF38-431D-429D-AD1F-FBD12A45B7C5}) (Version: 2.0.17.17583 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
PHANTASY STAR UNIVERSE (HKLM-x32\...\PHANTASY STAR UNIVERSE_is1) (Version:  - SEGA SONIC TEAM)
PhotoFiltre 7 (HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\PhotoFiltre 7) (Version:  - )
Project 64 version 2.2.0.3 (HKLM-x32\...\{BEB5FB69-4080-466F-96C4-F15DF271718B}_is1) (Version: 2.2.0.3 - )
Project My Screen App (HKLM-x32\...\{DF901456-7160-49DB-977B-0E91858CA2CB}) (Version: 8.0.12349 - Microsoft Corporation)
Ragnarök Online (HKLM-x32\...\{55725CAB-ED4D-4169-A22E-20249EFCF2B5}) (Version: 14.1 - Gravity)
Resident Evil 6 / Biohazard 6 (HKLM-x32\...\Steam App 221040) (Version:  - Capcom)
RGSS-RTP Standard (HKLM-x32\...\{5A9FE525-8B8F-4701-A937-7F6745A4E9C7}) (Version: 1.0.0 - Enterbrain)
RPG Maker 2003 v1.08 (HKLM-x32\...\RPG Maker 2003_is1) (Version:  - Enterbrain, Inc.)
RPG Maker MV (HKLM-x32\...\RPGMV_is1) (Version: 1.0.0.0 - KADOKAWA)
RPG MAKER VX Ace (HKLM-x32\...\RPG MAKER VX Ace_is1) (Version: 1.01a - )
RPG Maker XP (HKLM-x32\...\RPGXP_E_is1) (Version: 1.05 - Enterbrain)
SILENT HILL 3 (HKLM-x32\...\InstallShield_{14D10AAC-9737-454E-A247-8075C26C30E1}) (Version: 1.00.0000 - Konami Computer Entertainment Tokyo, Inc.)
SILENT HILL 3 (x32 Version: 1.00.0000 - Konami Computer Entertainment Tokyo, Inc.) Hidden
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Sonic & All-Stars Racing Transformed (HKLM-x32\...\Steam App 212480) (Version:  - Sumo Digital)
Sonic Adventure DX (HKLM-x32\...\Steam App 71250) (Version:  - SEGA)
Sonic Generations (HKLM-x32\...\Steam App 71340) (Version:  - Devil's Details)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
SpeedRunners (HKLM-x32\...\Steam App 207140) (Version:  - DoubleDutch Games)
Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.15 - Splashtop Inc.)
Splashtop Streamer (HKLM-x32\...\{B7C5EA94-B96A-41F5-BE95-25D78B486678}) (Version: 2.6.0.4 - Splashtop Inc.)
Spotify (HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Last Remnant (HKLM-x32\...\Steam App 23310) (Version:  - SQUARE ENIX)
Thief (HKLM-x32\...\Steam App 239160) (Version:  - Eidos-Montréal)
Unity Web Player (HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\UnityWebPlayer) (Version: 4.5.4f1 - Unity Technologies ApS)
Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.6.4f1 - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

08-11-2015 01:49:49 Geplanter Prüfpunkt
16-11-2015 00:42:42 Geplanter Prüfpunkt
18-11-2015 01:13:27 UltraMon wird entfernt
22-11-2015 12:59:39 JRT Pre-Junkware Removal

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {26307C61-2BD7-45FB-9910-F4A494F26755} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {29470BB9-1590-410B-97FF-A0CFDE07A7FB} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3776727103-4227896957-2343858286-1001
Task: {405FAB6A-74DB-4EAF-9E35-DDA6A4C2CD60} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3776727103-4227896957-2343858286-1001Core => C:\Users\HPPC\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)
Task: {5712CE09-B483-453B-9147-BAE5579FFEDF} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3776727103-4227896957-2343858286-1001UA => C:\Users\HPPC\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3776727103-4227896957-2343858286-1001Core.job => C:\Users\HPPC\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3776727103-4227896957-2343858286-1001UA.job => C:\Users\HPPC\AppData\Local\Dropbox\Update\DropboxUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-10-17 14:27 - 2013-10-17 14:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2015-11-19 22:28 - 2015-11-19 22:29 - 15079424 _____ () C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_1.8.0.19_x86__h6adky7gbf63m\W8.1EntryPoint.exe
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-04-12 18:23 - 2013-04-12 18:23 - 00612664 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll
2015-11-19 22:28 - 2015-11-19 22:29 - 00044544 _____ () C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_1.8.0.19_x86__h6adky7gbf63m\IGPLib_Windows_8.dll
2015-11-19 22:28 - 2015-11-19 22:29 - 00056320 _____ () C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_1.8.0.19_x86__h6adky7gbf63m\GLAdsManager.dll
2015-11-19 22:28 - 2015-11-19 22:29 - 00663040 _____ () C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_1.8.0.19_x86__h6adky7gbf63m\WindowsCorePackage.Windows81.dll
2015-11-19 22:28 - 2015-11-19 22:29 - 00178688 _____ () C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_1.8.0.19_x86__h6adky7gbf63m\InAppPurchaseComponentW8_x86.dll
2015-11-19 22:28 - 2015-11-19 22:29 - 00028160 _____ () C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_1.8.0.19_x86__h6adky7gbf63m\PopupRuntimeModule.dll
2015-11-20 08:51 - 2015-11-20 08:51 - 00186880 _____ () C:\Users\HPPC\AppData\Local\Packages\A278AB0D.DragonManiaLegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\IGPBridgeLibrary\0d11bae9eedde0c1b2a08681df5b2f8e\IGPBridgeLibrary.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 03530752 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.UI.Xaml\0b2afd93fc0545b7b94339e8a4a7af97\Windows.UI.Xaml.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00960000 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.UI\8ddd8ad15fe3fb05a871ef0115fb84e2\Windows.UI.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00228864 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Foundation\16c3eb7650767d95d002c998d0c73eb5\Windows.Foundation.ni.dll
2015-11-20 08:51 - 2015-11-20 08:51 - 00344064 _____ () C:\Users\HPPC\AppData\Local\Packages\A278AB0D.DragonManiaLegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\FacebookRun67b5d43e#\e0f36441fa3fa36571abdb8b8f5aa5ee\FacebookRuntimeComponent.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 01131008 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.App640a3541#\72dff8d45b73e9b02b3838d29765607a\Windows.ApplicationModel.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00337920 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Data\98644a649e9bf9e880f2e97889501b07\Windows.Data.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00808448 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Storage\7abff64c7c1ea1fae5bd170c8238b73e\Windows.Storage.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00402432 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Security\ae4a1bf110c1a12f619514bde2b27939\Windows.Security.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00133120 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.System\c639835fe3da556a2cbe2e03540996c0\Windows.System.ni.dll
2015-11-20 08:51 - 2015-11-20 08:51 - 00053760 _____ () C:\Users\HPPC\AppData\Local\Packages\A278AB0D.DragonManiaLegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\GLAds_Bridge_Lib\71d0ecf6e40e946ad905161d4b8486bd\GLAds_Bridge_Lib.ni.dll
2015-11-20 08:51 - 2015-11-20 08:51 - 00863744 _____ () C:\Users\HPPC\AppData\Local\Packages\A278AB0D.DragonManiaLegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\GLAds__Root\bba30b943ee115b42d0fb7e3132f465f\GLAds__Root.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 01282048 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Devices\4764145200fcd33a90ced1505892fce6\Windows.Devices.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00304128 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Graphics\eff020aac8737300c74dee47a69c9bbf\Windows.Graphics.ni.dll
2015-11-20 08:51 - 2015-11-20 08:51 - 00032256 _____ () C:\Users\HPPC\AppData\Local\Packages\A278AB0D.DragonManiaLegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\PopUpsBridgeLibrary\8bdfeb35d1618b40d5fd567c034d905a\PopUpsBridgeLibrary.ni.dll
2015-11-20 08:51 - 2015-11-20 08:51 - 00047616 _____ () C:\Users\HPPC\AppData\Local\Packages\A278AB0D.DragonManiaLegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\PopUpsView\ca40c0f61b14c9e986746b6fb1d8c93c\PopUpsView.ni.dll
2015-11-20 08:51 - 2015-11-20 08:51 - 00135168 _____ () C:\Users\HPPC\AppData\Local\Packages\A278AB0D.DragonManiaLegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\W8_1EntryPoint\1e2dd38ac09f4c38b56f93039a50622a\W8_1EntryPoint.ni.dll
2015-11-20 08:51 - 2015-11-20 08:51 - 00249344 _____ () C:\Users\HPPC\AppData\Local\Packages\A278AB0D.DragonManiaLegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\IGPWindows8\4d50acb30008b043d587d99eee69cc72\IGPWindows8.ni.dll
2015-02-24 15:40 - 2015-02-24 15:40 - 00239616 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Gloaae92e31#\94af4549db265c6f339c287c8675d234\Windows.Globalization.ni.dll
2015-11-20 08:51 - 2015-11-20 08:51 - 00068096 _____ () C:\Users\HPPC\AppData\Local\Packages\A278AB0D.DragonManiaLegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\WCPToolkit\3328b38b7a94906f3e3f0a49ad5cd127\WCPToolkit.ni.dll
2015-11-20 08:51 - 2015-11-20 08:51 - 00403456 _____ () C:\Users\HPPC\AppData\Local\Packages\A278AB0D.DragonManiaLegends_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\Notificatioc5a47191#\cd8f1245f69d554ae0d875c6c5b589a0\NotificationsExtensions.ni.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\HPPC\Desktop\43825153_p0.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\HPPC\Desktop\44e477d0c35b67de32be6ae42a98c718.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\HPPC\Desktop\Chillin' evening.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\HPPC\Desktop\First kiss darker characters.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\HPPC\Desktop\Good night 2.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\HPPC\Desktop\Night time2.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\HPPC\Desktop\Plains of Eternity.psd:com.dropbox.attributes
AlternateDataStreams: C:\Users\HPPC\Desktop\Version 1- stare.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\HPPC\Desktop\Version 2- kiss.jpg:com.dropbox.attributes

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\HPPC\AppData\Roaming\8pecxstudios\Cyberfox\Desktop Background.bmp
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{23FC7089-0D60-4869-ABFD-DAC6C01F04A8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{FEBBDA95-1D87-44E0-A5BD-C834771B6D80}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D9522932-BB3B-471A-A550-922C674A876B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CACAB489-4310-4D49-94FD-7B937AB7621B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{43EEA5A2-04E3-4F9D-81E3-D391710F4784}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{D1958A19-74F5-41FF-A27A-1847102504D7}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{143E2BD3-A7F1-4A00-9A92-1A5176F1597A}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\FINAL FANTASY XIII-2\FFXiii2Launcher.exe
FirewallRules: [{4AECFAC5-6B9C-4135-8599-368C74856701}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\FINAL FANTASY XIII-2\FFXiii2Launcher.exe
FirewallRules: [{56D069FC-7A2B-4C9A-8EAC-4AEA643F5874}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{77AA35B3-F4F4-42C3-B3C0-A45403B4D8A7}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{6596ABD8-6219-40F8-B03F-1B85F05CF579}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\The Last Remnant\Binaries\TLR.exe
FirewallRules: [{38609705-6AB2-493D-A4B6-CCB090F35F0F}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\The Last Remnant\Binaries\TLR.exe
FirewallRules: [{90948236-7A68-4E2C-9265-FB8049C7C3D8}] => (Allow) C:\Users\HPPC\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{470501B4-17D4-4105-94A2-E866E1190179}] => (Allow) C:\Users\HPPC\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{3B178E18-BF08-433A-BBC2-A9866A9AD918}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\NiGHTS Into Dreams\Launcher.exe
FirewallRules: [{7D14D5D3-33FC-48D1-9685-706678965B52}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\NiGHTS Into Dreams\Launcher.exe
FirewallRules: [{17B9A865-90E2-4BC6-97B9-D57313EF66BF}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\Launcher.exe
FirewallRules: [{EB4F9202-C0E7-49BF-ABDE-EF5502AFE4C6}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\Launcher.exe
FirewallRules: [{73C6B972-6BB6-4C8E-8201-5AD3DD3D10FF}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe
FirewallRules: [{14596CDC-1143-411A-817A-69A9EDCDC4D6}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe
FirewallRules: [{2CE0FD85-A5E4-4F11-8DAF-01568EB7DBB1}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic Adventure DX\AppLauncher.exe
FirewallRules: [{6D6BD41E-CC9C-4B53-B6BF-A3F76DCE21A6}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic Adventure DX\AppLauncher.exe
FirewallRules: [{AB4CE098-66DC-40B0-B9C2-827BFDA0DE6F}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Crazy Taxi\AppLauncher.exe
FirewallRules: [{E50434DD-B1E7-40F4-947F-0C5F73B23CB1}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Crazy Taxi\AppLauncher.exe
FirewallRules: [{F518EB44-C3E9-491E-8442-758840448BEA}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic Generations\ConfigurationTool.exe
FirewallRules: [{7CFA4D53-37B5-49CB-8023-E9B34D9FA350}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic Generations\ConfigurationTool.exe
FirewallRules: [{BEB0C014-3ED4-4BE3-8E70-7A2978BEDEEA}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic Generations\SonicGenerations.exe
FirewallRules: [{B5CDF304-B827-45F6-A2FB-9CB6658C4DD4}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic Generations\SonicGenerations.exe
FirewallRules: [{29502EA3-799C-4C41-9587-028A3C3710C0}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{F58A21E0-FF17-4DC0-A820-C586CD1A6B9D}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{C9D50332-DCCD-4D68-949D-B42542688C18}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{4FFFB6DC-741A-4A1E-9F3E-49690A911EA7}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{CE4A72EE-F675-48B6-BCF6-76E7DE1A6131}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\DataProxy.exe
FirewallRules: [{CA8DA855-6844-4C4E-A0DD-E5C0B10EC8BD}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
FirewallRules: [{4DE4DBC9-0E08-4872-A0D8-B6B02966AACA}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
FirewallRules: [{BB3DF925-92B0-4F71-B89D-0CE1B6858419}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Resident Evil 6\BH6.exe
FirewallRules: [{A3A23176-AF35-45C3-9504-488286001A2D}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Resident Evil 6\BH6.exe
FirewallRules: [{1609350F-083C-46AE-880B-79B2EE942B7A}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{872A30A4-C588-47C5-B6B0-FD0E5883E0F5}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{B3380C7E-2F69-4594-B265-08BEB8D97E90}] => (Allow) F:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{DCE5FED3-DB8B-4B3C-8C71-42C2EE515561}] => (Allow) F:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{D86A4DFC-D449-4B22-A987-5BE304026113}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{89026587-DAED-4FD7-8FC6-3ACEEEDCDAFC}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B4B7A26A-8F73-4849-BEB2-A2FAEA057C0D}] => (Allow) C:\Users\HPPC\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{4D252D01-2EDF-4EA2-90E0-8113B0A44C31}] => (Allow) C:\Users\HPPC\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [UDP Query User{743977DF-B0B5-4B4C-BF28-E9B661A2F7C7}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{BCE09F39-6899-42E8-8AB1-F0D5364FD623}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{AA4CD044-A3A2-48A1-B12D-E845C5B82E23}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{ADDE23F0-A14A-4B1D-81B1-E278B4B9BFD5}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [{83AA786E-A70F-4678-9234-629BDB6F8AC8}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [{6F9CFE8C-0755-483A-B663-39D72C5C7A28}] => (Allow) LPort=8743
FirewallRules: [{BB54A553-68E5-42DA-AD55-F9906D8EEE02}] => (Allow) LPort=8643
FirewallRules: [{5C8B8923-9196-4948-83E0-B63F30FBBCD0}] => (Allow) LPort=7676
FirewallRules: [{32FEE7F9-CF4D-4E54-A5FA-BF67A655933D}] => (Allow) LPort=7679
FirewallRules: [{230E229D-8BA8-4773-9150-76A3E1EC963D}] => (Allow) LPort=24234
FirewallRules: [{C84E823F-7F0C-4D77-BD63-C6570AFDED0B}] => (Allow) LPort=7900
FirewallRules: [{C09C8FE6-7C3A-4845-AB17-6FD231AD6079}] => (Allow) LPort=1900
FirewallRules: [{B24B1C4E-D18A-4342-AF0E-07845E8E13FE}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\FreeStyle2\LauncherSteam.exe
FirewallRules: [{4BC8765B-E102-4FA7-87E0-E7E8F1F30B6F}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\FreeStyle2\LauncherSteam.exe
FirewallRules: [{DC3DE35E-BF03-4B90-88AC-D9E7B876F608}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{4F37EE3B-F5BD-4A34-BF32-80B8751F95CC}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{6BC4802F-2D67-44A1-8AE4-5CED5FC8F868}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Divekick\DivekickD3D11.exe
FirewallRules: [{490A7624-0A1D-4C74-9E42-0EF76B411E49}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Divekick\DivekickD3D11.exe
FirewallRules: [{F4208D90-6A7B-40C1-983A-C8BA7DB2E732}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Mighty Gunvolt\MightyGunvolt.exe
FirewallRules: [{72969CAD-1484-46BC-9563-DB889894CC9F}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Mighty Gunvolt\MightyGunvolt.exe
FirewallRules: [{14009966-3BD0-4E58-ADF4-486A85B4CAC6}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\fault milestone one Demo\faultms1_demo.exe
FirewallRules: [{E1B13D94-4851-41BE-B5FA-6605242893A9}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\fault milestone one Demo\faultms1_demo.exe
FirewallRules: [{C339F8EC-1854-4D25-B0BA-C69C8985C345}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Azure Striker Gunvolt\exe\gv_win.exe
FirewallRules: [{9649E0CB-8B7C-4135-A1CA-0D7987B09BCD}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Azure Striker Gunvolt\exe\gv_win.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/22/2015 10:18:50 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (11/21/2015 06:17:28 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (11/21/2015 00:44:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm CamRecorder.exe, Version 8.1.1.1313 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: ae8

Startzeit: 01d12451a536562d

Endzeit: 4294967295

Anwendungspfad: F:\Program Files (x86)\TechSmith\Camtasia Studio 8\CamRecorder.exe

Berichts-ID: 34895262-9045-11e5-bfd2-78e3b5b56ba1

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (11/21/2015 09:30:52 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (11/21/2015 02:15:56 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (11/21/2015 00:21:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: e1y02i1y.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Name des fehlerhaften Moduls: e1y02i1y.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000011aa
ID des fehlerhaften Prozesses: 0x1e78
Startzeit der fehlerhaften Anwendung: 0xe1y02i1y.exe0
Pfad der fehlerhaften Anwendung: e1y02i1y.exe1
Pfad des fehlerhaften Moduls: e1y02i1y.exe2
Berichtskennung: e1y02i1y.exe3
Vollständiger Name des fehlerhaften Pakets: e1y02i1y.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: e1y02i1y.exe5

Error: (11/21/2015 00:21:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: e1y02i1y.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Name des fehlerhaften Moduls: e1y02i1y.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000011aa
ID des fehlerhaften Prozesses: 0x1418
Startzeit der fehlerhaften Anwendung: 0xe1y02i1y.exe0
Pfad der fehlerhaften Anwendung: e1y02i1y.exe1
Pfad des fehlerhaften Moduls: e1y02i1y.exe2
Berichtskennung: e1y02i1y.exe3
Vollständiger Name des fehlerhaften Pakets: e1y02i1y.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: e1y02i1y.exe5

Error: (11/20/2015 04:52:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Photoshop.exe, Version: 12.0.0.0, Zeitstempel: 0x4b504eff
Name des fehlerhaften Moduls: ScriptingSupport.8li, Version: 10.0.0.0, Zeitstempel: 0x4b505282
Ausnahmecode: 0xc000041d
Fehleroffset: 0x00018a15
ID des fehlerhaften Prozesses: 0x17c0
Startzeit der fehlerhaften Anwendung: 0xPhotoshop.exe0
Pfad der fehlerhaften Anwendung: Photoshop.exe1
Pfad des fehlerhaften Moduls: Photoshop.exe2
Berichtskennung: Photoshop.exe3
Vollständiger Name des fehlerhaften Pakets: Photoshop.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Photoshop.exe5

Error: (11/20/2015 04:52:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Photoshop.exe, Version: 12.0.0.0, Zeitstempel: 0x4b504eff
Name des fehlerhaften Moduls: ScriptingSupport.8li, Version: 10.0.0.0, Zeitstempel: 0x4b505282
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00018a15
ID des fehlerhaften Prozesses: 0x17c0
Startzeit der fehlerhaften Anwendung: 0xPhotoshop.exe0
Pfad der fehlerhaften Anwendung: Photoshop.exe1
Pfad des fehlerhaften Moduls: Photoshop.exe2
Berichtskennung: Photoshop.exe3
Vollständiger Name des fehlerhaften Pakets: Photoshop.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Photoshop.exe5

Error: (11/20/2015 03:09:21 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.


Systemfehler:
=============
Error: (11/22/2015 00:57:21 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (11/22/2015 00:56:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/22/2015 00:56:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/22/2015 00:56:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "LogMeIn Hamachi Tunneling Engine" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/22/2015 00:56:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Internet Pass-Through Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/22/2015 00:56:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Panda Devices Agent" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 300000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/22/2015 00:56:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Foxit Cloud Safe Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/22/2015 00:56:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Dienst "Bonjour"" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/22/2015 00:56:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Apple Mobile Device" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/22/2015 00:56:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "AMD FUEL Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2015-02-27 08:18:30.512
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-27 08:18:30.402
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-27 08:18:30.246
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-27 08:18:30.106
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-27 08:18:29.980
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-27 08:18:29.855
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-27 08:18:29.637
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: AMD A10-5700 APU with Radeon(tm) HD Graphics 
Prozentuale Nutzung des RAM: 25%
Installierter physikalischer RAM: 6039.32 MB
Verfügbarer physikalischer RAM: 4470.57 MB
Summe virtueller Speicher: 6999.32 MB
Verfügbarer virtueller Speicher: 5151.59 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:452.14 GB) (Free:150.49 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Recovery Image) (Fixed) (Total:10.92 GB) (Free:0.94 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive f: (Spiele+Programme) (Fixed) (Total:454.22 GB) (Free:28.94 GB) NTFS
Drive j: (Sonstiges) (Fixed) (Total:244.41 GB) (Free:140.03 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 52E55227)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 00000001)
Partition 1: (Not Active) - (Size=993 KB) - (Type=42)
Partition 2: (Active) - (Size=454.2 GB) - (Type=42)
Partition 3: (Not Active) - (Size=244.4 GB) - (Type=42)

==================== Ende von Addition.txt ============================
         


Alt 23.11.2015, 18:08   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Probleme nach Cyberfox Update - Standard

Probleme nach Cyberfox Update




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
--> Probleme nach Cyberfox Update

Alt 07.12.2015, 23:04   #7
Kaitosan
 
Probleme nach Cyberfox Update - Standard

Probleme nach Cyberfox Update



Hallo, und sorry das es so lange gedauert hat.

Ja, es gibt auch weiterhin Probleme. Zwar höre ich keine zufälligen Geräusche mehr durch die Lautsprecher, aber der PC hängt sich immer noch auf. Außerdem gibt es dazu hier und da eine Meldung das der Treiber meiner Grafikkarte wiederhergestellt werden musste.

ESET Online Scanner:
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=34e051d27c5cf241808d5caa1ad3f453
# end=init
# utc_time=2015-11-23 10:03:33
# local_time=2015-11-23 11:03:33 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 26860
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=34e051d27c5cf241808d5caa1ad3f453
# end=updated
# utc_time=2015-11-23 10:05:30
# local_time=2015-11-23 11:05:30 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=34e051d27c5cf241808d5caa1ad3f453
# engine=26860
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-11-23 10:52:10
# local_time=2015-11-23 11:52:10 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='Panda Free Antivirus'
# compatibility_mode=1557 16777213 100 100 3158242 234515104 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 23546314 44080982 0 0
# scanned=191290
# found=5
# cleaned=0
# scan_time=2799
sh=E5A22D682B5B9C1F5AD1E1F7D98E685772BED8FC ft=0 fh=0000000000000000 vn="JS/Astromenda.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HPPC\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\js\background.js.vir"
sh=F2A8917500E1C6B9E4ADD5299BAF66B57DD4EB63 ft=0 fh=0000000000000000 vn="JS/Astromenda.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HPPC\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\js\bootstrap.js.vir"
sh=CE3159B58A6DFF52E43F2445A4E094B983DD0EBA ft=0 fh=0000000000000000 vn="JS/Astromenda.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HPPC\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\js\newtab.js.vir"
sh=FD7368BFE59CB6D2E4853110A8BDE09937D30BFA ft=0 fh=0000000000000000 vn="JS/Astromenda.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HPPC\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\js\opentab.js.vir"
sh=90A440A11B158CACC211196FF49670F6F38EB760 ft=1 fh=8b2ddc3358c7903c vn="Variante von Win32/Toolbar.Visicom.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Panda Security\Panda Security Protection\Tools\PandaSecurityTb.exe"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=34e051d27c5cf241808d5caa1ad3f453
# end=init
# utc_time=2015-12-06 01:09:18
# local_time=2015-12-06 02:09:18 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 27065
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=34e051d27c5cf241808d5caa1ad3f453
# end=updated
# utc_time=2015-12-06 01:11:43
# local_time=2015-12-06 02:11:43 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=34e051d27c5cf241808d5caa1ad3f453
# engine=27065
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-12-06 02:45:32
# local_time=2015-12-06 03:45:32 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='Panda Free Antivirus'
# compatibility_mode=1557 16777213 100 100 4252244 235609106 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 24640316 45174984 0 0
# scanned=574734
# found=5
# cleaned=0
# scan_time=5627
sh=E5A22D682B5B9C1F5AD1E1F7D98E685772BED8FC ft=0 fh=0000000000000000 vn="JS/Astromenda.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HPPC\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\js\background.js.vir"
sh=F2A8917500E1C6B9E4ADD5299BAF66B57DD4EB63 ft=0 fh=0000000000000000 vn="JS/Astromenda.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HPPC\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\js\bootstrap.js.vir"
sh=CE3159B58A6DFF52E43F2445A4E094B983DD0EBA ft=0 fh=0000000000000000 vn="JS/Astromenda.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HPPC\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\js\newtab.js.vir"
sh=FD7368BFE59CB6D2E4853110A8BDE09937D30BFA ft=0 fh=0000000000000000 vn="JS/Astromenda.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HPPC\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\js\opentab.js.vir"
sh=90A440A11B158CACC211196FF49670F6F38EB760 ft=1 fh=8b2ddc3358c7903c vn="Variante von Win32/Toolbar.Visicom.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Panda Security\Panda Security Protection\Tools\PandaSecurityTb.exe"
         
SecurityCheck:
Code:
ATTFilter
 Results of screen317's Security Check version 1.013 --- 11/28/15  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Panda Free Antivirus   
Windows Defender       
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 67  
 Java version 32-bit out of Date! 
  Adobe Flash Player 	14.0.0.179 Flash Player out of Date!  
 Adobe Reader XI  
 Mozilla Thunderbird 31.5.0 Thunderbird out of Date!  
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
         
FRST:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-12-2015
durchgeführt von HPPC (Administrator) auf HP (07-12-2015 23:54:18)
Gestartet von C:\Users\HPPC\Desktop
Geladene Profile: HPPC (Verfügbare Profile: HPPC)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\livecomm.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Spotify Ltd) C:\Users\HPPC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(8pecxstudios) C:\Program Files\Cyberfox\Cyberfox.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2012-08-10] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-08-10] (IDT, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [40184 2015-02-17] (Panda Security, S.L.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-11-12] (LogMeIn Inc.)
HKLM\...\Winlogon: [Userinit] C:\WINDOWS\SysWOW64\userinit.exe,
HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\Run: [Spotify Web Helper] => C:\Users\HPPC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-12] (Spotify Ltd)
HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\Run: [Dropbox Update] => C:\Users\HPPC\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-19] (Dropbox, Inc.)
HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\MountPoints2: {d4a071f6-483f-11e5-bf85-78e3b5b56ba1} - "G:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\MountPoints2: {d4a072b9-483f-11e5-bf85-78e3b5b56ba1} - "G:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\MountPoints2: {f3de35ef-23c5-11e4-be72-78e3b5b56ba1} - "H:\wubi.exe" 
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\..\Interfaces\{687EFE86-7C48-4DD7-9764-BFDE83F885DD}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{93B37C6C-F077-40E8-BA0B-A8E67EA05545}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-08-14] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-08-14] (Oracle Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll [2014-08-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2015-07-19] (Unity Technologies ApS)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll [2014-08-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-08-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-08-14] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-06-26] (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-3776727103-4227896957-2343858286-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\HPPC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-09-05] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3776727103-4227896957-2343858286-1001: pokki.com/PokkiDownloadHelper -> C:\Users\HPPC\AppData\Local\Pokki\Download Helper\npPokkiDownloadHelper.1.2.0.78.dll [2015-12-03] (Pokki)

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-11-12] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S2 Mobizen plugin; C:\Program Files (x86)\RSUPPORT\MobizenService\MobizenService.exe [3353360 2015-08-14] ( Rsupport Corporation)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142584 2015-02-17] (Panda Security, S.L.)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [66808 2014-10-09] (Panda Security, S.L.)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [Datei ist nicht signiert]
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-06-26] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-06-26] (pdfforge GmbH)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-02-17] (Panda Security, S.L.)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [321536 2012-08-10] (IDT, Inc.) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
S2 AdobeARMservice; "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-03] (Advanced Micro Devices)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.)
S3 HtcVCom32; C:\Windows\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [93968 2015-02-09] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [202000 2015-02-09] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [110864 2015-02-09] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [116496 2015-02-09] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [49936 2014-12-31] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [99600 2015-02-09] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [69904 2015-02-09] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [124176 2015-02-09] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [299792 2015-02-09] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [166160 2015-02-09] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [113424 2015-02-09] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [257296 2015-02-09] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [106256 2015-02-09] (Panda Security, S.L.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [163088 2015-02-11] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [121616 2015-02-11] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [197392 2015-02-10] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [124176 2015-02-11] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [133904 2015-02-11] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [107792 2015-02-11] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [61712 2015-01-29] (Panda Security, S.L.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [35320 2014-09-22] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [258368 2014-09-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-07 23:54 - 2015-12-07 23:55 - 00015689 _____ C:\Users\HPPC\Desktop\FRST.txt
2015-12-07 23:54 - 2015-12-07 23:54 - 02369024 _____ (Farbar) C:\Users\HPPC\Desktop\FRST64.exe
2015-12-07 23:47 - 2015-12-07 23:47 - 00000000 ____D C:\Users\HPPC\AppData\Roaming\Adobe
2015-12-07 23:47 - 2015-12-07 23:47 - 00000000 ____D C:\Users\HPPC\AppData\Local\Adobe
2015-12-07 23:47 - 2015-12-07 23:47 - 00000000 ____D C:\ProgramData\Adobe
2015-12-06 18:15 - 2015-12-06 18:15 - 00000918 _____ C:\Users\HPPC\Desktop\checkup.txt
2015-12-06 18:05 - 2015-12-06 18:05 - 00001884 _____ C:\Users\HPPC\Desktop\f.txt
2015-12-05 23:40 - 2015-12-05 23:40 - 06539752 _____ (Tim Kosse) C:\Users\HPPC\Downloads\FileZilla_3.14.1_win64-setup.exe
2015-12-05 12:32 - 2015-12-05 12:32 - 00000000 ____D C:\Users\HPPC\Trelby
2015-12-03 22:26 - 2015-12-03 22:26 - 00000000 ____D C:\Users\HPPC\AppData\Local\Pokki
2015-11-22 21:46 - 2015-01-29 18:21 - 00061712 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
2015-11-22 12:31 - 2015-11-22 12:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-11-22 12:31 - 2015-11-22 12:31 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-11-22 12:31 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-11-22 12:31 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-11-20 17:18 - 2015-11-20 17:19 - 00000000 ____D C:\Users\HPPC\AppData\Local\SM3DL
2015-11-17 22:00 - 2015-11-17 22:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-11-17 22:00 - 2015-11-17 22:00 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2015-11-16 16:27 - 2015-11-16 16:27 - 00000000 __SHD C:\WINDOWS\SysWOW64\AI_RecycleBin
2015-11-16 16:12 - 2015-11-16 16:12 - 00000000 ____D C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cyberfox
2015-11-14 15:48 - 2015-11-14 15:48 - 00000085 ___SH C:\ProgramData\.zreglib
2015-11-14 15:48 - 2015-11-14 15:48 - 00000000 ____D C:\ProgramData\Elaborate Bytes
2015-11-13 12:42 - 2015-11-13 12:42 - 00000000 ____D C:\Users\HPPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-11-12 11:47 - 2015-11-12 11:47 - 00045680 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-07 23:54 - 2015-02-24 16:20 - 00000000 ____D C:\FRST
2015-12-07 23:52 - 2014-08-25 20:37 - 00000000 ____D C:\Users\HPPC\AppData\Local\LogMeIn Hamachi
2015-12-07 23:51 - 2015-02-22 15:37 - 00000000 ___RD C:\Users\HPPC\OneDrive
2015-12-07 23:51 - 2015-02-22 15:08 - 00000000 ____D C:\Users\HPPC
2015-12-07 23:51 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-07 23:48 - 2014-08-14 19:40 - 00000000 ____D C:\Users\HPPC\AppData\Roaming\Skype
2015-12-07 23:41 - 2015-06-19 14:31 - 00001226 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3776727103-4227896957-2343858286-1001UA.job
2015-12-07 22:52 - 2014-08-26 13:14 - 115166208 ___SH C:\Users\HPPC\Desktop\Thumbs.db
2015-12-07 22:42 - 2014-08-20 11:40 - 00000000 ____D C:\Users\HPPC\AppData\Roaming\FileZilla
2015-12-07 17:53 - 2013-08-22 14:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-12-07 16:47 - 2015-08-12 21:15 - 00000000 ____D C:\Users\HPPC\Desktop\Dragons
2015-12-07 16:23 - 2014-08-17 14:42 - 00000000 ____D C:\Users\HPPC\AppData\Roaming\vlc
2015-12-07 16:10 - 2014-08-21 07:26 - 00000000 ____D C:\Users\HPPC\AppData\Roaming\Audacity
2015-12-07 16:04 - 2014-08-27 14:56 - 00004608 _____ C:\Users\HPPC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-12-07 16:04 - 2014-08-16 21:07 - 00000000 ____D C:\Users\HPPC\Documents\Camtasia Studio
2015-12-07 14:43 - 2014-11-21 04:35 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-07 14:43 - 2014-11-21 03:45 - 00764340 _____ C:\WINDOWS\system32\perfh007.dat
2015-12-07 14:43 - 2014-11-21 03:45 - 00159160 _____ C:\WINDOWS\system32\perfc007.dat
2015-12-07 14:43 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2015-12-07 08:45 - 2014-08-16 11:52 - 00000000 __RHD C:\Users\HPPC\Dropbox
2015-12-07 08:39 - 2014-08-16 11:49 - 00000000 ____D C:\Users\HPPC\AppData\Roaming\Dropbox
2015-12-06 22:08 - 2015-08-30 08:16 - 00000000 ____D C:\Users\HPPC\Desktop\Neu
2015-12-06 01:41 - 2015-06-19 14:31 - 00001174 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3776727103-4227896957-2343858286-1001Core.job
2015-12-05 14:34 - 2014-08-14 20:21 - 00000000 ___RD C:\Users\HPPC\Desktop\Programme
2015-12-05 12:40 - 2014-08-09 14:11 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3776727103-4227896957-2343858286-1001
2015-12-05 12:19 - 2015-10-30 15:13 - 00002023 _____ C:\Users\HPPC\Desktop\Neues Textdokument.txt
2015-12-04 23:19 - 2015-05-27 17:51 - 00000000 ____D C:\Users\HPPC\AppData\Roaming\TS3Client
2015-12-04 00:08 - 2014-08-16 11:25 - 00000000 ___RD C:\Users\HPPC\Desktop\Sonstiges
2015-12-03 00:56 - 2014-09-26 14:44 - 00001456 _____ C:\Users\HPPC\AppData\Local\Adobe Für Web speichern 11.0 Prefs
2015-11-29 17:13 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-29 17:08 - 2014-08-07 21:58 - 00000000 ____D C:\Users\HPPC\AppData\Local\Packages
2015-11-29 17:07 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2015-11-22 13:06 - 2013-08-22 14:36 - 00000000 ____D C:\Windows
2015-11-22 12:56 - 2015-02-25 22:13 - 00000000 ____D C:\AdwCleaner
2015-11-22 12:56 - 2015-02-22 15:34 - 00000008 __RSH C:\ProgramData\ntuser.pol
2015-11-22 12:48 - 2015-02-24 22:03 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-11-22 12:46 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Registration
2015-11-22 12:31 - 2015-02-24 22:03 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-21 15:01 - 2015-02-24 22:03 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-11-21 11:29 - 2015-07-21 21:31 - 00000000 ___RD C:\Users\HPPC\Desktop\Pandora's Box
2015-11-20 22:39 - 2015-10-13 10:40 - 00000000 ____D C:\Users\HPPC\Desktop\Szenen
2015-11-20 17:27 - 2014-08-14 20:21 - 00000000 ___RD C:\Users\HPPC\Desktop\Spiele
2015-11-20 01:01 - 2015-08-09 11:00 - 00000000 ___RD C:\Users\HPPC\Desktop\FinVal
2015-11-19 22:15 - 2015-10-11 18:15 - 00000000 ____D C:\Users\HPPC\Desktop\NVList-3.3
2015-11-17 10:32 - 2014-11-26 11:01 - 00000000 ___RD C:\Users\HPPC\Desktop\Bilder
2015-11-17 10:10 - 2015-01-12 11:43 - 00000000 ____D C:\Users\HPPC\Downloads\3DS
2015-11-17 09:16 - 2014-08-15 17:19 - 00000000 ____D C:\Users\HPPC\AppData\Local\JDownloader v2.0
2015-11-16 16:12 - 2014-08-14 19:33 - 00000826 _____ C:\Users\Public\Desktop\Cyberfox.lnk
2015-11-16 16:12 - 2014-08-14 19:33 - 00000000 ____D C:\Program Files\Cyberfox
2015-11-14 15:48 - 2014-08-15 17:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2015-11-14 15:48 - 2014-08-15 17:01 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-08-18 01:24 - 2014-08-19 11:20 - 0000132 _____ () C:\Users\HPPC\AppData\Roaming\Adobe PNG Format CS5 Prefs
2015-05-08 23:32 - 2015-05-08 23:32 - 0002916 _____ () C:\Users\HPPC\AppData\Roaming\TargetInvocationLog.txt
2014-09-26 14:44 - 2015-12-03 00:56 - 0001456 _____ () C:\Users\HPPC\AppData\Local\Adobe Für Web speichern 11.0 Prefs
2014-08-27 14:56 - 2015-12-07 16:04 - 0004608 _____ () C:\Users\HPPC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-26 02:42 - 2015-07-21 23:37 - 0007608 _____ () C:\Users\HPPC\AppData\Local\Resmon.ResmonCfg
2015-11-14 15:48 - 2015-11-14 15:48 - 0000085 ___SH () C:\ProgramData\.zreglib

Einige Dateien in TEMP:
====================
C:\Users\HPPC\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpk0xq83.dll
C:\Users\HPPC\AppData\Local\Temp\proxy_vole1591921514149422294.dll
C:\Users\HPPC\AppData\Local\Temp\proxy_vole4710295672764641662.dll
C:\Users\HPPC\AppData\Local\Temp\proxy_vole5307946691491688091.dll
C:\Users\HPPC\AppData\Local\Temp\SkypeSetup.exe
C:\Users\HPPC\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-12-07 09:07

==================== Ende von FRST.txt ============================
         
Addition:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-12-2015
durchgeführt von HPPC (2015-12-07 23:55:35)
Gestartet von C:\Users\HPPC\Desktop
Windows 8.1 (X64) (2015-02-22 14:27:51)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3776727103-4227896957-2343858286-500 - Administrator - Disabled)
Gast (S-1-5-21-3776727103-4227896957-2343858286-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3776727103-4227896957-2343858286-1006 - Limited - Enabled)
HPPC (S-1-5-21-3776727103-4227896957-2343858286-1001 - Administrator - Enabled) => C:\Users\HPPC

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Panda Free Antivirus (Enabled - Up to date) {AAF74A68-8713-CDF1-004F-30003398BE9E}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Free Antivirus (Enabled - Up to date) {1196AB8C-A129-C27F-3AFF-0B72481FF423}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Firewall (Disabled) {92CCCB4D-CD7C-CCA9-2B10-9935CD4BF9E5}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Amnesia - The Dark Descent  (HKLM-x32\...\{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1) (Version: 1.2 - Frictional Games)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Azure Striker Gunvolt (HKLM-x32\...\Steam App 388800) (Version:  - INTI CREATES CO., LTD.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Camtasia Studio 8 (HKLM-x32\...\{3F3A5785-81E3-4065-B643-B4933790AE1E}) (Version: 8.1.1.1313 - TechSmith Corporation)
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5000 - CDBurnerXP)
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.3 - Elaborate Bytes)
Crazy Taxi (HKLM-x32\...\Steam App 71230) (Version:  - SEGA)
Cyberfox Web Browser (HKLM\...\{5EFB52C0-4EC9-46B4-80EB-8432C6599641}_is1) (Version: 42.0.1.0 - 8pecxstudios)
Dear Esther Version 1.0 (HKLM-x32\...\Dear Esther_is1) (Version: 1.0 - TheChineseRoom)
Divekick (HKLM-x32\...\Steam App 244730) (Version:  - Iron Galaxy Studios)
Dropbox (HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
fault milestone one Demo (HKLM-x32\...\Steam App 313680) (Version:  - ALICE IN DISSONANCE)
FINAL FANTASY XIII-2 (HKLM-x32\...\Steam App 292140) (Version:  - SQUARE ENIX)
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.7.143.923 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.0.6.1126 - Foxit Software Inc.)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
FreeStyle2: Street Basketball (HKLM-x32\...\Steam App 339610) (Version:  - Joycity)
GitHub (HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\5f7eb300e2ea4ebf) (Version: 3.0.6.4 - GitHub, Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6418.0 - IDT)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.410 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.410 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mighty Gunvolt (HKLM-x32\...\Steam App 394600) (Version:  - INTI CREATES CO., LTD.)
Mobizen (HKLM-x32\...\{BA0D3A44-BCEE-4C8B-BCD4-F7F1E64F41E3}) (Version: 2.16.0.2 - RSUPPORT)
Mozilla Thunderbird 31.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.5.0 (x86 de)) (Version: 31.5.0 - Mozilla)
NiGHTS into Dreams... (HKLM-x32\...\Steam App 219950) (Version:  - SEGA)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.3 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.04 - Panda Security)
Panda Devices Agent (x32 Version: 1.05.00 - Panda Security) Hidden
Panda Free Antivirus (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 15.01.00.0000 - Panda Security)
Panda Free Antivirus (Version: 7.81.00.0000 - Panda Security) Hidden
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version:  - OVERKILL Software)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)
PDF Architect 2 View Module (HKLM-x32\...\{C960FF38-431D-429D-AD1F-FBD12A45B7C5}) (Version: 2.0.17.17583 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
PHANTASY STAR UNIVERSE (HKLM-x32\...\PHANTASY STAR UNIVERSE_is1) (Version:  - SEGA SONIC TEAM)
PhotoFiltre 7 (HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\PhotoFiltre 7) (Version:  - )
Pokki Download Helper (HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\PokkiDownloadHelper) (Version: 1.3.1.289 - Pokki)
Project 64 version 2.2.0.3 (HKLM-x32\...\{BEB5FB69-4080-466F-96C4-F15DF271718B}_is1) (Version: 2.2.0.3 - )
Project My Screen App (HKLM-x32\...\{DF901456-7160-49DB-977B-0E91858CA2CB}) (Version: 8.0.12349 - Microsoft Corporation)
Ragnarök Online (HKLM-x32\...\{55725CAB-ED4D-4169-A22E-20249EFCF2B5}) (Version: 14.1 - Gravity)
Resident Evil 6 / Biohazard 6 (HKLM-x32\...\Steam App 221040) (Version:  - Capcom)
RGSS-RTP Standard (HKLM-x32\...\{5A9FE525-8B8F-4701-A937-7F6745A4E9C7}) (Version: 1.0.0 - Enterbrain)
RPG Maker 2003 v1.08 (HKLM-x32\...\RPG Maker 2003_is1) (Version:  - Enterbrain, Inc.)
RPG Maker MV (HKLM-x32\...\RPGMV_is1) (Version: 1.0.0.0 - KADOKAWA)
RPG MAKER VX Ace (HKLM-x32\...\RPG MAKER VX Ace_is1) (Version: 1.01a - )
RPG Maker XP (HKLM-x32\...\RPGXP_E_is1) (Version: 1.05 - Enterbrain)
SILENT HILL 3 (HKLM-x32\...\InstallShield_{14D10AAC-9737-454E-A247-8075C26C30E1}) (Version: 1.00.0000 - Konami Computer Entertainment Tokyo, Inc.)
SILENT HILL 3 (x32 Version: 1.00.0000 - Konami Computer Entertainment Tokyo, Inc.) Hidden
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Sonic & All-Stars Racing Transformed (HKLM-x32\...\Steam App 212480) (Version:  - Sumo Digital)
Sonic Adventure DX (HKLM-x32\...\Steam App 71250) (Version:  - SEGA)
Sonic Generations (HKLM-x32\...\Steam App 71340) (Version:  - Devil's Details)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
SpeedRunners (HKLM-x32\...\Steam App 207140) (Version:  - DoubleDutch Games)
Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.15 - Splashtop Inc.)
Splashtop Streamer (HKLM-x32\...\{B7C5EA94-B96A-41F5-BE95-25D78B486678}) (Version: 2.6.0.4 - Splashtop Inc.)
Spotify (HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Last Remnant (HKLM-x32\...\Steam App 23310) (Version:  - SQUARE ENIX)
Thief (HKLM-x32\...\Steam App 239160) (Version:  - Eidos-Montréal)
Unity Web Player (HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\...\UnityWebPlayer) (Version: 4.5.4f1 - Unity Technologies ApS)
Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.6.4f1 - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3776727103-4227896957-2343858286-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\HPPC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

22-11-2015 12:59:39 JRT Pre-Junkware Removal
30-11-2015 10:46:12 Geplanter Prüfpunkt

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {26307C61-2BD7-45FB-9910-F4A494F26755} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {29470BB9-1590-410B-97FF-A0CFDE07A7FB} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3776727103-4227896957-2343858286-1001
Task: {405FAB6A-74DB-4EAF-9E35-DDA6A4C2CD60} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3776727103-4227896957-2343858286-1001Core => C:\Users\HPPC\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)
Task: {5712CE09-B483-453B-9147-BAE5579FFEDF} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3776727103-4227896957-2343858286-1001UA => C:\Users\HPPC\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3776727103-4227896957-2343858286-1001Core.job => C:\Users\HPPC\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3776727103-4227896957-2343858286-1001UA.job => C:\Users\HPPC\AppData\Local\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\HPPC\Desktop\Spiele\White_Night - Verknüpfung.lnk -> F:\Program Files (x86)\Amnesia - The Dark Descent\redist\White_Night.bat () <==== ACHTUNG

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-10-17 14:27 - 2013-10-17 14:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2014-07-04 21:33 - 2014-07-04 21:33 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-04-12 18:23 - 2013-04-12 18:23 - 00612664 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\HPPC\Desktop\43825153_p0.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\HPPC\Desktop\44e477d0c35b67de32be6ae42a98c718.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\HPPC\Desktop\Body heat redone.png:com.dropbox.attributes
AlternateDataStreams: C:\Users\HPPC\Desktop\Chillin' evening.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\HPPC\Desktop\First kiss darker characters.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\HPPC\Desktop\Good night 2.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\HPPC\Desktop\Night time2.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\HPPC\Desktop\Version 1- stare.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\HPPC\Desktop\Version 2- kiss.jpg:com.dropbox.attributes

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3776727103-4227896957-2343858286-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\HPPC\AppData\Roaming\8pecxstudios\Cyberfox\Desktop Background.bmp
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{23FC7089-0D60-4869-ABFD-DAC6C01F04A8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{FEBBDA95-1D87-44E0-A5BD-C834771B6D80}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D9522932-BB3B-471A-A550-922C674A876B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CACAB489-4310-4D49-94FD-7B937AB7621B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{43EEA5A2-04E3-4F9D-81E3-D391710F4784}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{D1958A19-74F5-41FF-A27A-1847102504D7}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{143E2BD3-A7F1-4A00-9A92-1A5176F1597A}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\FINAL FANTASY XIII-2\FFXiii2Launcher.exe
FirewallRules: [{4AECFAC5-6B9C-4135-8599-368C74856701}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\FINAL FANTASY XIII-2\FFXiii2Launcher.exe
FirewallRules: [{56D069FC-7A2B-4C9A-8EAC-4AEA643F5874}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{77AA35B3-F4F4-42C3-B3C0-A45403B4D8A7}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{6596ABD8-6219-40F8-B03F-1B85F05CF579}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\The Last Remnant\Binaries\TLR.exe
FirewallRules: [{38609705-6AB2-493D-A4B6-CCB090F35F0F}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\The Last Remnant\Binaries\TLR.exe
FirewallRules: [{90948236-7A68-4E2C-9265-FB8049C7C3D8}] => (Allow) C:\Users\HPPC\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{470501B4-17D4-4105-94A2-E866E1190179}] => (Allow) C:\Users\HPPC\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{3B178E18-BF08-433A-BBC2-A9866A9AD918}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\NiGHTS Into Dreams\Launcher.exe
FirewallRules: [{7D14D5D3-33FC-48D1-9685-706678965B52}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\NiGHTS Into Dreams\Launcher.exe
FirewallRules: [{17B9A865-90E2-4BC6-97B9-D57313EF66BF}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\Launcher.exe
FirewallRules: [{EB4F9202-C0E7-49BF-ABDE-EF5502AFE4C6}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\Launcher.exe
FirewallRules: [{73C6B972-6BB6-4C8E-8201-5AD3DD3D10FF}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe
FirewallRules: [{14596CDC-1143-411A-817A-69A9EDCDC4D6}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe
FirewallRules: [{2CE0FD85-A5E4-4F11-8DAF-01568EB7DBB1}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic Adventure DX\AppLauncher.exe
FirewallRules: [{6D6BD41E-CC9C-4B53-B6BF-A3F76DCE21A6}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic Adventure DX\AppLauncher.exe
FirewallRules: [{AB4CE098-66DC-40B0-B9C2-827BFDA0DE6F}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Crazy Taxi\AppLauncher.exe
FirewallRules: [{E50434DD-B1E7-40F4-947F-0C5F73B23CB1}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Crazy Taxi\AppLauncher.exe
FirewallRules: [{F518EB44-C3E9-491E-8442-758840448BEA}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic Generations\ConfigurationTool.exe
FirewallRules: [{7CFA4D53-37B5-49CB-8023-E9B34D9FA350}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic Generations\ConfigurationTool.exe
FirewallRules: [{BEB0C014-3ED4-4BE3-8E70-7A2978BEDEEA}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic Generations\SonicGenerations.exe
FirewallRules: [{B5CDF304-B827-45F6-A2FB-9CB6658C4DD4}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Sonic Generations\SonicGenerations.exe
FirewallRules: [{29502EA3-799C-4C41-9587-028A3C3710C0}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{F58A21E0-FF17-4DC0-A820-C586CD1A6B9D}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{C9D50332-DCCD-4D68-949D-B42542688C18}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{4FFFB6DC-741A-4A1E-9F3E-49690A911EA7}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{CE4A72EE-F675-48B6-BCF6-76E7DE1A6131}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\DataProxy.exe
FirewallRules: [{CA8DA855-6844-4C4E-A0DD-E5C0B10EC8BD}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
FirewallRules: [{4DE4DBC9-0E08-4872-A0D8-B6B02966AACA}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
FirewallRules: [{BB3DF925-92B0-4F71-B89D-0CE1B6858419}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Resident Evil 6\BH6.exe
FirewallRules: [{A3A23176-AF35-45C3-9504-488286001A2D}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Resident Evil 6\BH6.exe
FirewallRules: [{1609350F-083C-46AE-880B-79B2EE942B7A}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{872A30A4-C588-47C5-B6B0-FD0E5883E0F5}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{B3380C7E-2F69-4594-B265-08BEB8D97E90}] => (Allow) F:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{DCE5FED3-DB8B-4B3C-8C71-42C2EE515561}] => (Allow) F:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{D86A4DFC-D449-4B22-A987-5BE304026113}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{89026587-DAED-4FD7-8FC6-3ACEEEDCDAFC}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B4B7A26A-8F73-4849-BEB2-A2FAEA057C0D}] => (Allow) C:\Users\HPPC\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{4D252D01-2EDF-4EA2-90E0-8113B0A44C31}] => (Allow) C:\Users\HPPC\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [UDP Query User{743977DF-B0B5-4B4C-BF28-E9B661A2F7C7}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{BCE09F39-6899-42E8-8AB1-F0D5364FD623}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{AA4CD044-A3A2-48A1-B12D-E845C5B82E23}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{ADDE23F0-A14A-4B1D-81B1-E278B4B9BFD5}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [{83AA786E-A70F-4678-9234-629BDB6F8AC8}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [{6F9CFE8C-0755-483A-B663-39D72C5C7A28}] => (Allow) LPort=8743
FirewallRules: [{BB54A553-68E5-42DA-AD55-F9906D8EEE02}] => (Allow) LPort=8643
FirewallRules: [{5C8B8923-9196-4948-83E0-B63F30FBBCD0}] => (Allow) LPort=7676
FirewallRules: [{32FEE7F9-CF4D-4E54-A5FA-BF67A655933D}] => (Allow) LPort=7679
FirewallRules: [{230E229D-8BA8-4773-9150-76A3E1EC963D}] => (Allow) LPort=24234
FirewallRules: [{C84E823F-7F0C-4D77-BD63-C6570AFDED0B}] => (Allow) LPort=7900
FirewallRules: [{C09C8FE6-7C3A-4845-AB17-6FD231AD6079}] => (Allow) LPort=1900
FirewallRules: [{B24B1C4E-D18A-4342-AF0E-07845E8E13FE}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\FreeStyle2\LauncherSteam.exe
FirewallRules: [{4BC8765B-E102-4FA7-87E0-E7E8F1F30B6F}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\FreeStyle2\LauncherSteam.exe
FirewallRules: [{DC3DE35E-BF03-4B90-88AC-D9E7B876F608}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{4F37EE3B-F5BD-4A34-BF32-80B8751F95CC}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{6BC4802F-2D67-44A1-8AE4-5CED5FC8F868}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Divekick\DivekickD3D11.exe
FirewallRules: [{490A7624-0A1D-4C74-9E42-0EF76B411E49}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Divekick\DivekickD3D11.exe
FirewallRules: [{F4208D90-6A7B-40C1-983A-C8BA7DB2E732}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Mighty Gunvolt\MightyGunvolt.exe
FirewallRules: [{72969CAD-1484-46BC-9563-DB889894CC9F}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Mighty Gunvolt\MightyGunvolt.exe
FirewallRules: [{14009966-3BD0-4E58-ADF4-486A85B4CAC6}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\fault milestone one Demo\faultms1_demo.exe
FirewallRules: [{E1B13D94-4851-41BE-B5FA-6605242893A9}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\fault milestone one Demo\faultms1_demo.exe
FirewallRules: [{C339F8EC-1854-4D25-B0BA-C69C8985C345}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Azure Striker Gunvolt\exe\gv_win.exe
FirewallRules: [{9649E0CB-8B7C-4135-A1CA-0D7987B09BCD}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Azure Striker Gunvolt\exe\gv_win.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/07/2015 09:08:43 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (12/06/2015 09:30:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm RPG_RT.exe, Version 1.0.8.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 16c8

Startzeit: 01d13064adc33ffc

Endzeit: 4294967295

Anwendungspfad: J:\Program Files (x86)\Other\Eternal Dreams\Horrorspiele\Horror Kurzfilmsammlung by Yggdrasil 2\RPG_RT.exe

Berichts-ID: 25d45bd0-9c58-11e5-bff2-78e3b5b56ba1

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (12/06/2015 06:42:14 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (12/06/2015 03:46:37 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (12/06/2015 02:09:15 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (12/06/2015 02:09:14 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (12/06/2015 02:09:12 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (12/06/2015 02:09:02 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (12/06/2015 11:20:49 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm W8.1EntryPoint.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 153c

Startzeit: 01d12ff44c1443d9

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_1.8.0.19_x86__h6adky7gbf63m\W8.1EntryPoint.exe

Berichts-ID: fa8acf28-9c02-11e5-bff1-78e3b5b56ba1

Vollständiger Name des fehlerhaften Pakets: A278AB0D.DragonManiaLegends_1.8.0.19_x86__h6adky7gbf63m

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (12/06/2015 11:20:31 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: HP)
Description: Das Paket „A278AB0D.DragonManiaLegends_1.8.0.19_x86__h6adky7gbf63m+App“ wurde beendet, da das Anhalten zu lange dauerte.


Systemfehler:
=============
Error: (12/07/2015 11:51:44 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (12/07/2015 11:51:13 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎07.‎12.‎2015 um 21:58:16 unerwartet heruntergefahren.

Error: (12/07/2015 09:58:32 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (12/07/2015 08:36:25 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Adobe Acrobat Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/07/2015 08:35:32 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (12/06/2015 02:10:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (12/06/2015 02:10:58 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\HPPC\AppData\Local\Temp\ehdrv.sys

Error: (12/06/2015 02:10:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (12/06/2015 02:10:58 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\HPPC\AppData\Local\Temp\ehdrv.sys

Error: (12/06/2015 02:10:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275


CodeIntegrity:
===================================
  Date: 2015-02-27 08:18:30.512
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-27 08:18:30.402
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-27 08:18:30.246
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-27 08:18:30.106
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-27 08:18:29.980
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-27 08:18:29.855
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-27 08:18:29.637
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: AMD A10-5700 APU with Radeon(tm) HD Graphics 
Prozentuale Nutzung des RAM: 27%
Installierter physikalischer RAM: 6039.32 MB
Verfügbarer physikalischer RAM: 4358.32 MB
Summe virtueller Speicher: 6999.32 MB
Verfügbarer virtueller Speicher: 5165.17 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:452.14 GB) (Free:150.9 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Recovery Image) (Fixed) (Total:10.92 GB) (Free:0.94 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive f: (Spiele+Programme) (Fixed) (Total:454.22 GB) (Free:28.39 GB) NTFS
Drive j: (Sonstiges) (Fixed) (Total:244.41 GB) (Free:139.44 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 52E55227)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 00000001)
Partition 1: (Not Active) - (Size=993 KB) - (Type=42)
Partition 2: (Active) - (Size=454.2 GB) - (Type=42)
Partition 3: (Not Active) - (Size=244.4 GB) - (Type=42)

==================== Ende von Addition.txt ============================
         

Alt 08.12.2015, 19:50   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Probleme nach Cyberfox Update - Standard

Probleme nach Cyberfox Update



Bitte Windows Repair laufen lassen:
Windows reparieren - so geht's - Anleitungen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Probleme nach Cyberfox Update
antivirus, bonjour, computer, defender, dnsapi.dll, fehlermeldung, flash player, format, google, helper, internet, internet explorer, lightning, proxy, prozesse, registry, scan, security, services.exe, software, svchost.exe, system, temp, udp, warnung, werbung, windows



Ähnliche Themen: Probleme nach Cyberfox Update


  1. Probleme nach Update auf Win 10 und Virus TR/Crypt.Xpack.14432 vorhanden
    Log-Analyse und Auswertung - 05.10.2015 (7)
  2. Probleme mit NVIDEA Systemsteuerung nach Windows 10 update
    Netzwerk und Hardware - 06.08.2015 (1)
  3. Windows 8.1: Probleme nach Update
    Log-Analyse und Auswertung - 12.03.2015 (13)
  4. Probleme mit Java Update
    Log-Analyse und Auswertung - 19.11.2014 (3)
  5. diverse Probleme nach AVIRA-Update
    Alles rund um Windows - 22.08.2014 (7)
  6. Win 8 : Probleme und Windows Verson Installer 2011-2014 nach Java Update
    Plagegeister aller Art und deren Bekämpfung - 08.06.2014 (9)
  7. Windows Vista 32Bit: Probleme nach Reparatur von Fake Java Update mit MalwareBytes
    Alles rund um Windows - 13.05.2014 (9)
  8. Probleme nach Java Update
    Plagegeister aller Art und deren Bekämpfung - 01.05.2014 (19)
  9. Probleme nach Windows Update mit Desktop, Tastatur etc. Trojaner?
    Log-Analyse und Auswertung - 30.12.2012 (31)
  10. Adobe denkt über kürzere Update-Zyklen und die Nutzung von Microsoft Update nach
    Nachrichten - 27.05.2010 (0)
  11. Unregelmäßige Probleme nach FF3 Update mit SP3
    Plagegeister aller Art und deren Bekämpfung - 01.10.2008 (1)
  12. Nach Windows Update Internet Explorer schließt sich nach dem öffen kann es sein ?
    Log-Analyse und Auswertung - 15.12.2007 (3)
  13. Probleme nach dem Update von Win2000-XP
    Alles rund um Windows - 31.03.2007 (2)
  14. Probleme nach Update von Zonealarm
    Antiviren-, Firewall- und andere Schutzprogramme - 13.04.2006 (3)
  15. Probleme nach automatischem Win-Update
    Alles rund um Windows - 19.03.2006 (6)
  16. Probleme nach AntiVir update
    Alles rund um Windows - 07.11.2004 (16)
  17. Probleme mit Windows Update
    Alles rund um Windows - 02.08.2003 (4)

Zum Thema Probleme nach Cyberfox Update - Hallo, habe vor ca. zwei Tagen mein Cyberfox geupdated, nur irgendwie spinnen seit dem verschiedene Sachen. Zuerst öffnete sich eine Seite im internet explorer, und schloss sich danach direkt wieder. - Probleme nach Cyberfox Update...
Archiv
Du betrachtest: Probleme nach Cyberfox Update auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.