| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Ungewollte Browserextension / Verlangsamtes Laden (Chrome)Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
24.03.2017, 19:13
| #1 |
 |  Ungewollte Browserextension / Verlangsamtes Laden (Chrome) Hallo zusammen  Seit kurzem lädt Instagram auffällig langsam (es liegt nicht an deren Server) - eher hab ich den Eindruck, dass irgendwas unterwünschtes dazwischenfunkt! Dann habe ich beim Googlen festgeställt, dass sich eine Extension namens "RocketTab" eingeschlichen hat. Diese schiebt sich als erste Treffer bei Google ein. Ich kann die Extension weder im Erweiterungsmanager von Chrome, noch in meinen Programmen unter Computer>Programme deinstallieren finden.  Ich habe kürzlich einen routinierten Virenscan mit Panda Security gemacht, aber da gabs nichts. Wollte nicht auf eigene Faust Software anwenden und bitte um Hilfe, welche reihenfolge ich befolgen soll. Danke <3 |
|
24.03.2017, 21:22
| #2 |
| /// TB-Ausbilder   | Ungewollte Browserextension / Verlangsamtes Laden (Chrome) Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
26.03.2017, 02:52
| #3 |
| |  Ungewollte Browserextension / Verlangsamtes Laden (Chrome) Hallo lieber Matthias,
__________________Vielen vielen dank für die Hilfe und Anweisungen Code:
ATTFilter 03:39:27.0752 0x37ac TDSS rootkit removing tool 3.1.0.12 Nov 7 2016 07:10:01
03:39:31.0101 0x37ac ============================================================
03:39:31.0101 0x37ac Current date / time: 2017/03/26 03:39:31.0101
03:39:31.0101 0x37ac SystemInfo:
03:39:31.0101 0x37ac
03:39:31.0101 0x37ac OS Version: 6.1.7601 ServicePack: 1.0
03:39:31.0101 0x37ac Product type: Workstation
03:39:31.0101 0x37ac ComputerName: NESLIHAN-PC
03:39:31.0101 0x37ac UserName: Neslihan
03:39:31.0101 0x37ac Windows directory: C:\Windows
03:39:31.0101 0x37ac System windows directory: C:\Windows
03:39:31.0101 0x37ac Running under WOW64
03:39:31.0101 0x37ac Processor architecture: Intel x64
03:39:31.0101 0x37ac Number of processors: 4
03:39:31.0101 0x37ac Page size: 0x1000
03:39:31.0101 0x37ac Boot type: Normal boot
03:39:31.0101 0x37ac CodeIntegrityOptions = 0x00000001
03:39:31.0101 0x37ac ============================================================
03:39:31.0221 0x37ac KLMD registered as C:\Windows\system32\drivers\68969641.sys
03:39:31.0221 0x37ac KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23677, osProperties = 0x1
03:39:31.0333 0x37ac System UUID: {C5C12FA4-AF46-6B4B-810C-191EF8F02E5A}
03:39:31.0642 0x37ac Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
03:39:31.0651 0x37ac Drive \Device\Harddisk1\DR1 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
03:39:31.0655 0x37ac ============================================================
03:39:31.0655 0x37ac \Device\Harddisk0\DR0:
03:39:31.0655 0x37ac MBR partitions:
03:39:31.0655 0x37ac \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
03:39:31.0655 0x37ac \Device\Harddisk1\DR1:
03:39:31.0655 0x37ac MBR partitions:
03:39:31.0655 0x37ac \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
03:39:31.0655 0x37ac \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xEE49000
03:39:31.0655 0x37ac ============================================================
|
|
26.03.2017, 02:53
| #4 |
| | Ungewollte Browserextension / Verlangsamtes Laden (Chrome) TDSS ZWEITER TEIL Code:
ATTFilter 03:39:31.0656 0x37ac C: <-> \Device\Harddisk1\DR1\Partition2
03:39:31.0685 0x37ac E: <-> \Device\Harddisk0\DR0\Partition1
03:39:31.0685 0x37ac ============================================================
03:39:31.0685 0x37ac Initialize success
03:39:31.0685 0x37ac ============================================================
03:40:30.0482 0x394c ============================================================
03:40:30.0482 0x394c Scan started
03:40:30.0482 0x394c Mode: Manual; SigCheck; TDLFS;
03:40:30.0482 0x394c ============================================================
03:40:30.0482 0x394c KSN ping started
03:40:30.0700 0x394c KSN ping finished: true
03:40:31.0154 0x394c ================ Scan system memory ========================
03:40:31.0154 0x394c System memory - ok
03:40:31.0154 0x394c ================ Scan services =============================
03:40:31.0179 0x394c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
03:40:31.0217 0x394c 1394ohci - ok
03:40:31.0269 0x394c [ CEB66453AFFE08518566151D2B86864C, B0E99D797E7E36F9DE5AC93C80C4D9047EA05A8C62DEC67E222CC7AE7D67AB18 ] A6200 C:\Windows\system32\DRIVERS\bcmwlhigh664.sys
03:40:31.0321 0x394c A6200 - ok
03:40:31.0333 0x394c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
03:40:31.0346 0x394c ACPI - ok
03:40:31.0349 0x394c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
03:40:31.0364 0x394c AcpiPmi - ok
03:40:31.0370 0x394c [ B932E0EE190778D840F1442DFC0F9612, 8780963F14D57279FDD585BE945ED40F24590D32676C7A9EF94002D38B8BA643 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
03:40:31.0377 0x394c AdobeARMservice - ok
03:40:31.0392 0x394c [ 7EB7A3B01751889C6459C51A74CC87FA, 088EF5CA10D439905822A3DFFEFD2D3416198F10EAAF8C235771CDB3DF86E82C ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
03:40:31.0405 0x394c AdobeFlashPlayerUpdateSvc - ok
03:40:31.0423 0x394c [ 5B4D60ACCEA6918DBBB8C9FD4ADBDD29, FE3A768A76B673DCD09716F600D52B53A6EABEC6AA65E0DE89144F322E8571B8 ] AdobeUpdateService C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
03:40:31.0442 0x394c AdobeUpdateService - ok
03:40:31.0455 0x394c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
03:40:31.0470 0x394c adp94xx - ok
03:40:31.0479 0x394c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
03:40:31.0492 0x394c adpahci - ok
03:40:31.0499 0x394c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
03:40:31.0509 0x394c adpu320 - ok
03:40:31.0514 0x394c [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
03:40:31.0527 0x394c AeLookupSvc - ok
03:40:31.0539 0x394c [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
03:40:31.0557 0x394c AFD - ok
03:40:31.0562 0x394c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
03:40:31.0570 0x394c agp440 - ok
03:40:31.0617 0x394c [ A32EA26C90A47B2BC93D7B0B94994B11, 1CF8DB09CA27EAC5741489EDFDFC04D69485B51C726F539BFCDC3C78E8E09EBE ] AGSService C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
03:40:31.0660 0x394c AGSService - ok
03:40:31.0667 0x394c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
03:40:31.0677 0x394c ALG - ok
03:40:31.0680 0x394c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
03:40:31.0687 0x394c aliide - ok
03:40:31.0691 0x394c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
03:40:31.0697 0x394c amdide - ok
03:40:31.0701 0x394c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
03:40:31.0709 0x394c AmdK8 - ok
03:40:31.0713 0x394c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
03:40:31.0721 0x394c AmdPPM - ok
03:40:31.0726 0x394c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
03:40:31.0735 0x394c amdsata - ok
03:40:31.0742 0x394c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
03:40:31.0751 0x394c amdsbs - ok
03:40:31.0755 0x394c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
03:40:31.0762 0x394c amdxata - ok
03:40:31.0766 0x394c [ B84DDCCB03A9CEDC1E90A88EDA5306DB, 1E51A7336C7E3F6402ED90AB0B3E98FD3827E2DC51B133E7F8BB37140B315192 ] AppID C:\Windows\system32\drivers\appid.sys
03:40:31.0775 0x394c AppID - ok
03:40:31.0778 0x394c [ 02B60F8FA4BAB8DC3B14782A7E60564B, D7EB27CB202573734D7A4EB4667B9BCEC1598AA9EBD154F2C9266AF230F51A52 ] AppIDSvc C:\Windows\System32\appidsvc.dll
03:40:31.0786 0x394c AppIDSvc - ok
03:40:31.0790 0x394c [ DE23E052E557580674785CDF45B613F3, A955ADC6CC7D816BA7CE1065F911E7A3295A1908C22BE0A3C506C38CFEE8DE0D ] Appinfo C:\Windows\System32\appinfo.dll
03:40:31.0799 0x394c Appinfo - ok
03:40:31.0805 0x394c [ 2D564BB1C4559A517B390A031955714D, 3048C187FD107C958D43DD8B954AB55FDD1BC538D3E0066CBFCB428C7A8A87E1 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
03:40:31.0815 0x394c Apple Mobile Device Service - ok
03:40:31.0821 0x394c [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
03:40:31.0832 0x394c AppMgmt - ok
03:40:31.0836 0x394c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
03:40:31.0844 0x394c arc - ok
03:40:31.0849 0x394c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
03:40:31.0858 0x394c arcsas - ok
03:40:31.0870 0x394c [ EE424A5CE56E3923D59BB7DE2E15036D, 8B8196870EFE74D43EDA72674021A46846D370E97A6A058134D84A721AECD091 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
03:40:31.0878 0x394c aspnet_state - ok
03:40:31.0881 0x394c [ E1AFEE1584C74050DE0DD16DE2A54BF3, 77C8D98159D8BCDC7917B04977949823D50C49D0D13587310E060A4B8893AE42 ] AsrAppCharger C:\Windows\system32\DRIVERS\AsrAppCharger.sys
03:40:31.0891 0x394c AsrAppCharger - ok
03:40:31.0895 0x394c [ 1A234F4643F5658BAB07BFA611282267, F40435488389B4FB3B945CA21A8325A51E1B5F80F045AB019748D0EC66056A8B ] AsrDrv101 C:\Windows\SysWOW64\Drivers\AsrDrv101.sys
03:40:31.0901 0x394c AsrDrv101 - ok
03:40:31.0905 0x394c [ 67C03C21F319647834DAA61704D8A248, A0845AE5B13E1208CDDEB77863AB2D40CA5D1C709AD5B1976C3AC595F7A516D5 ] AsrRamDisk C:\Windows\system32\DRIVERS\AsrRamDisk.sys
03:40:31.0912 0x394c AsrRamDisk - ok
03:40:31.0914 0x394c AsrSetupDrv - ok
03:40:31.0917 0x394c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
03:40:31.0941 0x394c AsyncMac - ok
03:40:31.0944 0x394c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
03:40:31.0950 0x394c atapi - ok
03:40:31.0966 0x394c [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
03:40:31.0985 0x394c AudioEndpointBuilder - ok
03:40:32.0001 0x394c [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv C:\Windows\System32\Audiosrv.dll
03:40:32.0020 0x394c AudioSrv - ok
03:40:32.0025 0x394c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
03:40:32.0038 0x394c AxInstSV - ok
03:40:32.0049 0x394c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
03:40:32.0065 0x394c b06bdrv - ok
03:40:32.0074 0x394c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
03:40:32.0085 0x394c b57nd60a - ok
03:40:32.0089 0x394c BCM42RLY - ok
03:40:32.0094 0x394c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
03:40:32.0103 0x394c BDESVC - ok
03:40:32.0106 0x394c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
03:40:32.0128 0x394c Beep - ok
03:40:32.0158 0x394c [ D6BD4AE897D0DF163832AC75DF361BD0, E5F57A907EC557B2F29F49AA0A98AC90261DC44674F3066798AD622ECB24DBBE ] BEService C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
03:40:32.0191 0x394c BEService - ok
03:40:32.0209 0x394c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
03:40:32.0229 0x394c BFE - ok
03:40:32.0250 0x394c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
03:40:32.0289 0x394c BITS - ok
03:40:32.0294 0x394c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
03:40:32.0303 0x394c blbdrive - ok
03:40:32.0309 0x394c [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser C:\Windows\system32\DRIVERS\bowser.sys
03:40:32.0321 0x394c bowser - ok
03:40:32.0325 0x394c BRDriver64_1_3_3_E02B25FC - ok
03:40:32.0331 0x394c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
03:40:32.0342 0x394c BrFiltLo - ok
03:40:32.0345 0x394c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
03:40:32.0354 0x394c BrFiltUp - ok
03:40:32.0359 0x394c [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
03:40:32.0385 0x394c BridgeMP - ok
03:40:32.0392 0x394c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
03:40:32.0403 0x394c Browser - ok
03:40:32.0411 0x394c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
03:40:32.0425 0x394c Brserid - ok
03:40:32.0429 0x394c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
03:40:32.0440 0x394c BrSerWdm - ok
03:40:32.0449 0x394c [ 448917845F097FCE9D4554C3D2001EF3, BDCBEC01579D7CF28963E4E13CDC5B26E4B69CA24FA2CC4D6E24CAE0DDBCB3FE ] BRSptStub C:\ProgramData\BitRaider\BRSptStub.exe
03:40:32.0462 0x394c BRSptStub - ok
03:40:32.0466 0x394c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
03:40:32.0476 0x394c BrUsbMdm - ok
03:40:32.0479 0x394c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
03:40:32.0488 0x394c BrUsbSer - ok
03:40:32.0493 0x394c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
03:40:32.0504 0x394c BTHMODEM - ok
03:40:32.0510 0x394c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
03:40:32.0533 0x394c bthserv - ok
03:40:32.0536 0x394c catchme - ok
03:40:32.0542 0x394c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
03:40:32.0567 0x394c cdfs - ok
03:40:32.0574 0x394c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
03:40:32.0584 0x394c cdrom - ok
03:40:32.0589 0x394c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
03:40:32.0612 0x394c CertPropSvc - ok
03:40:32.0646 0x394c [ 33B82CF69E41B38A2EC0C3CABDE80D6E, E7331B38232001A4055CE1F6D74AED0F108385DDBD5211006DA8EA932D3B1575 ] cFosSpeed C:\Windows\system32\DRIVERS\cfosspeed6.sys
03:40:32.0682 0x394c cFosSpeed - ok
03:40:32.0695 0x394c [ A469854CD303A39162931FA770EA45A2, 45CB65C6079B023A808EA76B96C4FE0D6A588E4A6747B337CC24FDDD35B5D356 ] cFosSpeedS C:\Program Files\ASRock\XFast LAN\spd.exe
03:40:32.0709 0x394c cFosSpeedS - ok
03:40:32.0713 0x394c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
03:40:32.0724 0x394c circlass - ok
03:40:32.0735 0x394c [ 3D67C27DD17B254D7915FA16A5AE3573, 5B3A6C6A7F940C06362775DAF13CEADA37C7AA84A509458A57C23B4369970A90 ] CLFS C:\Windows\system32\CLFS.sys
03:40:32.0748 0x394c CLFS - ok
03:40:32.0825 0x394c [ A92885780F31BAF23E47CCAF7D32CA28, C81D89A322E913A1E4119A738E4494697D212584934E35C2EC580F688FD216C4 ] ClickToRunSvc C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
03:40:32.0889 0x394c ClickToRunSvc - ok
03:40:32.0902 0x394c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
03:40:32.0911 0x394c clr_optimization_v2.0.50727_32 - ok
03:40:32.0915 0x394c [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
03:40:32.0924 0x394c clr_optimization_v2.0.50727_64 - ok
03:40:32.0934 0x394c [ 5BAF4F1296D4D91FC28560CDB4C37C4B, ACA4BC57ED1F8432F18F0F215EC7FF956BAEF6E02760779E264E4008A979E9DD ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
03:40:32.0944 0x394c clr_optimization_v4.0.30319_32 - ok
03:40:32.0953 0x394c [ 569B54004A7E85A74FD92841DE6058E2, 58949313D0F6B1C06359B2F3C68E29940B1655A17E93FFC3718F6D2EAE1633E4 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
03:40:32.0963 0x394c clr_optimization_v4.0.30319_64 - ok
03:40:32.0967 0x394c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
03:40:32.0976 0x394c CmBatt - ok
03:40:32.0979 0x394c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
03:40:32.0986 0x394c cmdide - ok
03:40:32.0992 0x394c [ F34031DC6D1745154F54B04AFF54F5D1, CDC5CCCB7F9A19C6F9459754895F60B149C2BDBADEF2620F75FAA9B870757758 ] cmnsusbser C:\Windows\system32\DRIVERS\cmnsusbser.sys
03:40:32.0997 0x394c cmnsusbser - detected UnsignedFile.Multi.Generic ( 1 )
03:40:33.0266 0x394c Detect skipped due to KSN trusted
03:40:33.0266 0x394c cmnsusbser - ok
03:40:33.0278 0x394c [ A98CED39AD91B445E2E442A9BD67E8B4, B4189DEEF1C0EE22AE983119047B1A40FFDD8F3E163DFFABD7C2706231B0B1B0 ] CNG C:\Windows\system32\Drivers\cng.sys
03:40:33.0296 0x394c CNG - ok
03:40:33.0300 0x394c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
03:40:33.0309 0x394c Compbatt - ok
03:40:33.0314 0x394c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
03:40:33.0327 0x394c CompositeBus - ok
03:40:33.0329 0x394c COMSysApp - ok
03:40:33.0332 0x394c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
03:40:33.0340 0x394c crcdisk - ok
03:40:33.0349 0x394c [ 2C6632CECFDBBE793FDA8AF9CA55A9CC, 335188515F798483660E529204A13012E4D21B0ECA489224A11C26F91A5B3CCE ] CryptSvc C:\Windows\system32\cryptsvc.dll
03:40:33.0361 0x394c CryptSvc - ok
03:40:33.0374 0x394c [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
03:40:33.0391 0x394c CSC - ok
03:40:33.0407 0x394c [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
03:40:33.0426 0x394c CscService - ok
03:40:33.0442 0x394c [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch C:\Windows\system32\rpcss.dll
03:40:33.0459 0x394c DcomLaunch - ok
03:40:33.0467 0x394c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
03:40:33.0495 0x394c defragsvc - ok
03:40:33.0499 0x394c [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC C:\Windows\system32\Drivers\dfsc.sys
03:40:33.0510 0x394c DfsC - ok
03:40:33.0515 0x394c [ 0F4A5D01156B948B54550375498B08A2, 1CAE3D744429A06E9C9EC46AC6B216AB68154EF8FACDD0721C47902B83820F56 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
03:40:33.0526 0x394c dg_ssudbus - ok
03:40:33.0534 0x394c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
03:40:33.0547 0x394c Dhcp - ok
03:40:33.0579 0x394c [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack C:\Windows\system32\diagtrack.dll
03:40:33.0612 0x394c DiagTrack - ok
03:40:33.0617 0x394c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
03:40:33.0643 0x394c discache - ok
03:40:33.0647 0x394c [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk C:\Windows\system32\drivers\disk.sys
03:40:33.0655 0x394c Disk - ok
03:40:33.0660 0x394c [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
03:40:33.0669 0x394c dmvsc - ok
03:40:33.0677 0x394c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
03:40:33.0688 0x394c Dnscache - ok
03:40:33.0696 0x394c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
03:40:33.0724 0x394c dot3svc - ok
03:40:33.0729 0x394c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
03:40:33.0756 0x394c DPS - ok
03:40:33.0759 0x394c [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
03:40:33.0767 0x394c drmkaud - ok
03:40:33.0790 0x394c [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
03:40:33.0816 0x394c DXGKrnl - ok
03:40:33.0830 0x394c [ 8020B5D39DDFF589200EBD5592314F83, 23B5D36AE4EFC799E966168F030FB76226CD6365C8F00B5E51EFC44CAF0A0CB2 ] e1dexpress C:\Windows\system32\DRIVERS\e1d62x64.sys
03:40:33.0845 0x394c e1dexpress - ok
03:40:33.0850 0x394c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
03:40:33.0876 0x394c EapHost - ok
03:40:33.0878 0x394c EasyAntiCheat - ok
03:40:33.0938 0x394c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
03:40:34.0008 0x394c ebdrv - ok
03:40:34.0015 0x394c [ CA69E856332E2D85294665F6B7E97254, A9693F836907FB0154DC1090D9476F1E9242ABE922D932D74D0385772D2EAB65 ] EFS C:\Windows\System32\lsass.exe
03:40:34.0025 0x394c EFS - ok
03:40:34.0041 0x394c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
03:40:34.0064 0x394c ehRecvr - ok
03:40:34.0072 0x394c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
03:40:34.0083 0x394c ehSched - ok
03:40:34.0097 0x394c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
03:40:34.0114 0x394c elxstor - ok
03:40:34.0117 0x394c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
03:40:34.0125 0x394c ErrDev - ok
03:40:34.0137 0x394c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
03:40:34.0168 0x394c EventSystem - ok
03:40:34.0172 0x394c [ 152B8C8590DE93A7C89D058D58090998, 8782B476B940C81A95D790A6B720B5D50C576A2015F90C11587E04284B660CD1 ] ew_usbccgpfilter C:\Windows\system32\DRIVERS\ew_usbccgpfilter.sys
03:40:34.0182 0x394c ew_usbccgpfilter - ok
03:40:34.0188 0x394c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
03:40:34.0214 0x394c exfat - ok
03:40:34.0221 0x394c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
03:40:34.0248 0x394c fastfat - ok
03:40:34.0265 0x394c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
03:40:34.0284 0x394c Fax - ok
03:40:34.0289 0x394c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
03:40:34.0297 0x394c fdc - ok
03:40:34.0300 0x394c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
03:40:34.0325 0x394c fdPHost - ok
03:40:34.0329 0x394c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
03:40:34.0351 0x394c FDResPub - ok
03:40:34.0356 0x394c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
03:40:34.0364 0x394c FileInfo - ok
03:40:34.0367 0x394c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
03:40:34.0392 0x394c Filetrace - ok
03:40:34.0395 0x394c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
03:40:34.0403 0x394c flpydisk - ok
03:40:34.0412 0x394c [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
03:40:34.0423 0x394c FltMgr - ok
03:40:34.0427 0x394c [ 508401A63E6B1CBF0B9C9A011498731F, F636B0A9C0EB6AE7EC04E5C5FD8A0578AEB76A1B0D974F355BCE6B6091901725 ] FNETTBOH_305 C:\Windows\system32\drivers\FNETTBOH_305.SYS
03:40:34.0436 0x394c FNETTBOH_305 - ok
03:40:34.0439 0x394c [ E341178C116DAC6A3A764587E68DFA7B, 91B4C79057908A622666FF069CF1C7ECA42952A6587432F5E99E33E8B19D29AF ] FNETURPX C:\Windows\system32\drivers\FNETURPX.SYS
03:40:34.0446 0x394c FNETURPX - ok
03:40:34.0473 0x394c [ CF0108CBA6D1860563BA20E3D74C6646, 737B5E89A858D7E3AEC8BF660AA4FCC56501A69468EA143531286016AF7C0B33 ] FontCache C:\Windows\system32\FntCache.dll
03:40:34.0501 0x394c FontCache - ok
03:40:34.0507 0x394c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
03:40:34.0514 0x394c FontCache3.0.0.0 - ok
03:40:34.0518 0x394c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
03:40:34.0526 0x394c FsDepends - ok
03:40:34.0529 0x394c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
03:40:34.0536 0x394c Fs_Rec - ok
03:40:34.0543 0x394c [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
03:40:34.0555 0x394c fvevol - ok
03:40:34.0560 0x394c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
03:40:34.0569 0x394c gagp30kx - ok
03:40:34.0588 0x394c [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc C:\Windows\System32\gpsvc.dll
03:40:34.0612 0x394c gpsvc - ok
03:40:34.0620 0x394c [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
03:40:34.0627 0x394c gupdate - ok
03:40:34.0632 0x394c [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
03:40:34.0639 0x394c gupdatem - ok
03:40:34.0645 0x394c [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
03:40:34.0654 0x394c gusvc - ok
03:40:34.0658 0x394c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
03:40:34.0666 0x394c hcw85cir - ok
03:40:34.0676 0x394c [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
03:40:34.0691 0x394c HdAudAddService - ok
03:40:34.0696 0x394c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
03:40:34.0707 0x394c HDAudBus - ok
03:40:34.0710 0x394c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
03:40:34.0718 0x394c HidBatt - ok
03:40:34.0723 0x394c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
03:40:34.0734 0x394c HidBth - ok
03:40:34.0738 0x394c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
03:40:34.0748 0x394c HidIr - ok
03:40:34.0751 0x394c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
03:40:34.0775 0x394c hidserv - ok
03:40:34.0778 0x394c [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
03:40:34.0787 0x394c HidUsb - ok
03:40:34.0793 0x394c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
03:40:34.0818 0x394c hkmsvc - ok
03:40:34.0826 0x394c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
03:40:34.0838 0x394c HomeGroupListener - ok
03:40:34.0844 0x394c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
03:40:34.0855 0x394c HomeGroupProvider - ok
03:40:34.0860 0x394c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
03:40:34.0867 0x394c HpSAMD - ok
03:40:34.0884 0x394c [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
03:40:34.0904 0x394c HTTP - ok
03:40:34.0913 0x394c [ E548929868BDFD3FC13B46D99605B764, 737C8A1210442533735F10BD80AFBB3E890D0CC9068F2406CA5C577C7C58B97C ] HuaweiHiSuiteService64.exe C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
03:40:34.0924 0x394c HuaweiHiSuiteService64.exe - ok
03:40:34.0928 0x394c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
03:40:34.0934 0x394c hwpolicy - ok
03:40:34.0941 0x394c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
03:40:34.0950 0x394c i8042prt - ok
03:40:34.0965 0x394c [ B9E489CC1EA3284FEED33799DC70612D, 0DD714A3A37C391B38F4EEEB3F85C3C3C056F4AAB4A5EFA63835AD967BC25B51 ] iaStorA C:\Windows\system32\DRIVERS\iaStorA.sys
03:40:34.0983 0x394c iaStorA - ok
03:40:34.0987 0x394c [ 3AEE4C821114AC707699A28988F27ABB, 033A25A19E2A649DA059AE3BCACB8605C00D4F10D356C5E3167B84C01B9359A9 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
03:40:34.0994 0x394c IAStorDataMgrSvc - ok
03:40:34.0997 0x394c [ CC096E5C9BAABEB8EF12CDFAFFD888CF, 9D61736CB83DE04FC44FB25122AB6D09951C915E577E1A18188D4D5F35EACD76 ] iaStorF C:\Windows\system32\DRIVERS\iaStorF.sys
03:40:35.0004 0x394c iaStorF - ok
03:40:35.0015 0x394c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
03:40:35.0029 0x394c iaStorV - ok
03:40:35.0041 0x394c [ E199288F016C354255C39A84378A48F6, 881B41D64D73F7A3A1680EDD68201E14AC5C60B848374EEAE44CCDDE46010E81 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
03:40:35.0050 0x394c ICCS - ok
03:40:35.0069 0x394c [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
03:40:35.0090 0x394c idsvc - ok
03:40:35.0093 0x394c IEEtwCollectorService - ok
03:40:35.0097 0x394c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
03:40:35.0104 0x394c iirsp - ok
03:40:35.0108 0x394c [ E18725531054FE222115873AC1CCB02B, 0FC4B9D5DF77E19E4732759B848B4BCBBD44A124304FA8333BB3B7BC37E15FB8 ] ikbevent C:\Windows\system32\DRIVERS\ikbevent.sys
03:40:35.0115 0x394c ikbevent - ok
03:40:35.0134 0x394c [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
03:40:35.0156 0x394c IKEEXT - ok
03:40:35.0160 0x394c [ 45060257BCA3D60204FEC29F6E6DE458, C9FB92FEEFC0DC5386B545A8E429D60B932360B9044A920F6F2EDD5CF3B7B5A0 ] imsevent C:\Windows\system32\DRIVERS\imsevent.sys
03:40:35.0167 0x394c imsevent - ok
03:40:35.0229 0x394c [ 7D7711B0F972C73AE46105B42092D82E, AC66AE06B65C03BCEE2FF90732B13B651862382CDFEE85A6B5497DF3A2FF75A2 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
03:40:35.0292 0x394c IntcAzAudAddService - ok
03:40:35.0312 0x394c [ DDA8E5AD97231AB50B81FED04C28F64C, 5C9E8F7CC45A9AE7FF12A02641562E271D84894DFA7C50218AC2AAA298251B60 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
03:40:35.0329 0x394c Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
03:40:35.0627 0x394c Detect skipped due to KSN trusted
03:40:35.0627 0x394c Intel(R) Capability Licensing Service Interface - ok
03:40:35.0645 0x394c [ 86FE509640D77FB0998FC8B1FF5523C6, 13E895DEB9B84379251699D7E52C5E3FD888994425DE01B6C4634F9E959D5584 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
03:40:35.0664 0x394c Intel(R) Capability Licensing Service TCP IP Interface - ok
03:40:35.0671 0x394c [ EE65488B7294FBCB113EAC9FD492345C, D1D6B22CD94324387171B188D295AA716900654DA1DC9F3DC18D0CD528F2BBEA ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
03:40:35.0679 0x394c Intel(R) ME Service - ok
03:40:35.0685 0x394c [ 26FBC0AEDE7C6A67781202E0E2ECB6A6, BEF9E7CB2B2DD7A8091483EC53B812CA3F079CEC949DE545ABED6BE617A9ED55 ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
03:40:35.0695 0x394c Intel(R) PROSet Monitoring Service - ok
03:40:35.0698 0x394c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
03:40:35.0705 0x394c intelide - ok
03:40:35.0709 0x394c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
03:40:35.0717 0x394c intelppm - ok
03:40:35.0724 0x394c [ A85A70A3C8E0A2A4252E598926B5270F, CDF65FA04331C120139EA0493DC6D613867F4D9EDEEC9FF5F16FCBE6EEC7B047 ] intelsba C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
03:40:35.0731 0x394c intelsba - ok
03:40:35.0735 0x394c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
03:40:35.0762 0x394c IPBusEnum - ok
03:40:35.0767 0x394c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
03:40:35.0791 0x394c IpFilterDriver - ok
03:40:35.0804 0x394c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
03:40:35.0826 0x394c iphlpsvc - ok
03:40:35.0832 0x394c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
03:40:35.0842 0x394c IPMIDRV - ok
03:40:35.0847 0x394c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
03:40:35.0872 0x394c IPNAT - ok
03:40:35.0875 0x394c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
03:40:35.0886 0x394c IRENUM - ok
03:40:35.0889 0x394c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
03:40:35.0896 0x394c isapnp - ok
03:40:35.0904 0x394c [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
03:40:35.0915 0x394c iScsiPrt - ok
03:40:35.0919 0x394c [ 4EE2423C38F43D37F8497A672FD10BDC, 031C5272DD28809255CF4FA8E6DE45DBFBD9A363BBD5156D0AEE0787C4297980 ] ISCT C:\Windows\system32\DRIVERS\ISCTD64.sys
03:40:35.0926 0x394c ISCT - ok
03:40:35.0932 0x394c [ 88CCCCFA8269973C3C3C06F94DA03BAB, A88BF3397466C40C7D4BE94288A88FF1FB7103E92FBA4E17A16AB6A04F909F29 ] ISCTAgent C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
03:40:35.0941 0x394c ISCTAgent - ok
03:40:35.0948 0x394c [ 622BF9C46A47CF17608C501320E8EFBD, 059F99D4306216324E100FCDAF02093B2CD662F2C6BE8565A4281E7760F8B575 ] iumsvc C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
03:40:35.0962 0x394c iumsvc - ok
03:40:35.0965 0x394c [ 897B93573F07C9CB1140516DAC44BC7E, C80665FEA4913DDC72F2140EC92CD4FA5D693BD8D0E4029A99DB96D63172E3D1 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
03:40:35.0972 0x394c iusb3hcs - ok
03:40:35.0982 0x394c [ 2D15CEDF619796002E8640F73A4BF920, FCC0137CB5AE32266A550EE46106B80F431F0B55342599951B9D032F8EA10649 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
03:40:35.0996 0x394c iusb3hub - ok
03:40:36.0014 0x394c [ F1E93FE111924D0BC853155AADF8048B, 2DFD5B3D042286A0FD5E482C81FAE339E4F05C0A6DFF43061D8502C4551125F7 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
03:40:36.0034 0x394c iusb3xhc - ok
03:40:36.0042 0x394c [ BF5D3A2624177C413680DEF19A465AF8, B9909D3E6CB6F9971293116387865AD15CB9D47513C7FAA9C36BE4D2847A41EB ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
03:40:36.0051 0x394c jhi_service - ok
03:40:36.0055 0x394c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
03:40:36.0063 0x394c kbdclass - ok
03:40:36.0067 0x394c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
03:40:36.0079 0x394c kbdhid - ok
03:40:36.0082 0x394c [ CA69E856332E2D85294665F6B7E97254, A9693F836907FB0154DC1090D9476F1E9242ABE922D932D74D0385772D2EAB65 ] KeyIso C:\Windows\system32\lsass.exe
03:40:36.0091 0x394c KeyIso - ok
03:40:36.0096 0x394c [ 3AAA10BAF3F194F7CD34F4C78F8222EE, 25AE0B764748B13C7F093966E228D506072E270379A5E751F1ED619DEFB40814 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
03:40:36.0104 0x394c KSecDD - ok
03:40:36.0111 0x394c [ 7B7C28D4E71E4A4365F2B7528DA619F8, 0A507468C6A49870F794F28FF274643FE8FD238A3A9BE86C8656882F237DE77B ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
03:40:36.0120 0x394c KSecPkg - ok
03:40:36.0125 0x394c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
03:40:36.0149 0x394c ksthunk - ok
03:40:36.0159 0x394c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
03:40:36.0189 0x394c KtmRm - ok
03:40:36.0197 0x394c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
03:40:36.0224 0x394c LanmanServer - ok
03:40:36.0229 0x394c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
03:40:36.0253 0x394c LanmanWorkstation - ok
03:40:36.0259 0x394c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
03:40:36.0282 0x394c lltdio - ok
03:40:36.0291 0x394c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
03:40:36.0323 0x394c lltdsvc - ok
03:40:36.0328 0x394c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
03:40:36.0353 0x394c lmhosts - ok
03:40:36.0363 0x394c [ 02A9CBACE666877BBBA4FD66B22F6D4A, 0E783BA7A8F00CEC8F03CFEE03999CA5DB9E4DB7CCE62D9171CFCF36AFBE4BB1 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
03:40:36.0376 0x394c LMS - ok
03:40:36.0383 0x394c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
03:40:36.0392 0x394c LSI_FC - ok
03:40:36.0396 0x394c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
03:40:36.0406 0x394c LSI_SAS - ok
03:40:36.0410 0x394c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
03:40:36.0418 0x394c LSI_SAS2 - ok
03:40:36.0423 0x394c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
03:40:36.0431 0x394c LSI_SCSI - ok
03:40:36.0436 0x394c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
03:40:36.0461 0x394c luafv - ok
03:40:36.0471 0x394c [ A401CFF74982D8DF851F20307C806073, 1D7BA90C9E77FAAE59F60AB5310EC41D9C5B98F1F9A89A3CDB9169E6DEF565DA ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
03:40:36.0483 0x394c LVRS64 - ok
03:40:36.0565 0x394c [ 13384CB5F5813E65F31078D6ABFAAF38, A6E7374C15CAECC273197BF62F8F926BA30E9509270A8470756F4710E1DEA126 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
03:40:36.0653 0x394c LVUVC64 - ok
03:40:36.0664 0x394c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
03:40:36.0674 0x394c Mcx2Svc - ok
03:40:36.0677 0x394c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
03:40:36.0684 0x394c megasas - ok
03:40:36.0692 0x394c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
03:40:36.0703 0x394c MegaSR - ok
03:40:36.0708 0x394c [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
03:40:36.0715 0x394c MEIx64 - ok
03:40:36.0721 0x394c [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
03:40:36.0729 0x394c Microsoft Office Groove Audit Service - ok
03:40:36.0733 0x394c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
03:40:36.0758 0x394c MMCSS - ok
03:40:36.0762 0x394c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
03:40:36.0785 0x394c Modem - ok
03:40:36.0788 0x394c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
03:40:36.0798 0x394c monitor - ok
03:40:36.0802 0x394c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
03:40:36.0810 0x394c mouclass - ok
03:40:36.0813 0x394c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
03:40:36.0821 0x394c mouhid - ok
03:40:36.0828 0x394c [ 8ADB5445B29941CB41AF2846FD5C93C7, 689582430FE29EC0845B1DB841D3CC49D5D09DE264586E3999EEFE616986D12B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
03:40:36.0836 0x394c mountmgr - ok
03:40:36.0841 0x394c [ EB4B5C8AB9DA5585CCC975CD3D072115, BEED5B7478F92C9FB1BBB62FFCEB5321A5C12A7C1AA9B20151BF22064589CD46 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
03:40:36.0850 0x394c MozillaMaintenance - ok
03:40:36.0856 0x394c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
03:40:36.0865 0x394c mpio - ok
03:40:36.0869 0x394c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
03:40:36.0893 0x394c mpsdrv - ok
03:40:36.0911 0x394c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
03:40:36.0947 0x394c MpsSvc - ok
03:40:36.0953 0x394c [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
03:40:36.0963 0x394c MRxDAV - ok
03:40:36.0969 0x394c [ 819426D736BCBD31CC7CA27221954E04, 0C4AADEFE282D89EA4A523BDA7B6BB948247F50253D7D0B90C8FC46C4DEEF835 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
03:40:36.0980 0x394c mrxsmb - ok
03:40:36.0988 0x394c [ 85CB449B319AF69A3538BB1B97EEA2E5, DB75D56A7E631F57D31957105422811C738E96E5B84480C3346B827ACF280E12 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
03:40:37.0001 0x394c mrxsmb10 - ok
03:40:37.0006 0x394c [ C0B2DC34587FE163997055AA38EB883A, A0BFD0CF873CCEF266606ADE1A4DA69DF757A67D8AD28330272AFEABD7F481D5 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
03:40:37.0016 0x394c mrxsmb20 - ok
03:40:37.0019 0x394c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
03:40:37.0026 0x394c msahci - ok
03:40:37.0032 0x394c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
03:40:37.0041 0x394c msdsm - ok
03:40:37.0046 0x394c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
03:40:37.0057 0x394c MSDTC - ok
03:40:37.0062 0x394c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
03:40:37.0086 0x394c Msfs - ok
03:40:37.0090 0x394c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
03:40:37.0112 0x394c mshidkmdf - ok
03:40:37.0115 0x394c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
03:40:37.0122 0x394c msisadrv - ok
03:40:37.0128 0x394c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
03:40:37.0153 0x394c MSiSCSI - ok
03:40:37.0155 0x394c msiserver - ok
03:40:37.0159 0x394c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
03:40:37.0181 0x394c MSKSSRV - ok
03:40:37.0184 0x394c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
03:40:37.0207 0x394c MSPCLOCK - ok
03:40:37.0209 0x394c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
03:40:37.0232 0x394c MSPQM - ok
03:40:37.0241 0x394c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
03:40:37.0254 0x394c MsRPC - ok
03:40:37.0259 0x394c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
03:40:37.0266 0x394c mssmbios - ok
03:40:37.0268 0x394c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
03:40:37.0291 0x394c MSTEE - ok
03:40:37.0294 0x394c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
03:40:37.0302 0x394c MTConfig - ok
03:40:37.0306 0x394c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
03:40:37.0314 0x394c Mup - ok
03:40:37.0323 0x394c [ 4672AA80B5517E43927AFA46CB813708, 3DED7E055D480AF6009EE6B2E52D52EEC463CF06615A36CC3D20C7798798C38A ] NanoServiceMain C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
03:40:37.0333 0x394c NanoServiceMain - ok
03:40:37.0346 0x394c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
03:40:37.0377 0x394c napagent - ok
03:40:37.0385 0x394c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
03:40:37.0402 0x394c NativeWifiP - ok
03:40:37.0425 0x394c [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
03:40:37.0448 0x394c NDIS - ok
03:40:37.0452 0x394c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
03:40:37.0476 0x394c NdisCap - ok
03:40:37.0478 0x394c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
03:40:37.0501 0x394c NdisTapi - ok
03:40:37.0505 0x394c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
03:40:37.0528 0x394c Ndisuio - ok
03:40:37.0533 0x394c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
03:40:37.0558 0x394c NdisWan - ok
03:40:37.0561 0x394c [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
03:40:37.0585 0x394c NDProxy - ok
03:40:37.0588 0x394c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
03:40:37.0611 0x394c NetBIOS - ok
03:40:37.0619 0x394c [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
03:40:37.0631 0x394c NetBT - ok
03:40:37.0634 0x394c [ CA69E856332E2D85294665F6B7E97254, A9693F836907FB0154DC1090D9476F1E9242ABE922D932D74D0385772D2EAB65 ] Netlogon C:\Windows\system32\lsass.exe
03:40:37.0642 0x394c Netlogon - ok
03:40:37.0651 0x394c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
03:40:37.0679 0x394c Netman - ok
03:40:37.0685 0x394c [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
03:40:37.0695 0x394c NetMsmqActivator - ok
03:40:37.0699 0x394c [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
03:40:37.0710 0x394c NetPipeActivator - ok
03:40:37.0721 0x394c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
03:40:37.0752 0x394c netprofm - ok
03:40:37.0757 0x394c [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
03:40:37.0767 0x394c NetTcpActivator - ok
03:40:37.0772 0x394c [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
03:40:37.0782 0x394c NetTcpPortSharing - ok
03:40:37.0787 0x394c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
03:40:37.0794 0x394c nfrd960 - ok
03:40:37.0802 0x394c [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
03:40:37.0816 0x394c NlaSvc - ok
03:40:37.0821 0x394c [ 68AB4FAE948ED0116BC80763F962A34F, 6E03784C270CA51EA8B1D0EEC3E11A6E07E33F08605E40B9652B0B037FD540B4 ] NNSALPC C:\Windows\system32\DRIVERS\NNSAlpc.sys
03:40:37.0832 0x394c NNSALPC - ok
03:40:37.0839 0x394c [ DFAEDED6712D6E1DD4E199C380D3625A, CA5D8EFEE2634C45807AC09611D88164B408910CD48EFD4D529E15B3AF30F8E7 ] NNSHTTP C:\Windows\system32\DRIVERS\NNSHttp.sys
03:40:37.0849 0x394c NNSHTTP - ok
03:40:37.0854 0x394c [ DCA68413569AB20356E5BDBDB7A5E5CF, B543BD5D4971271A7D0400BC5AD5C3E6662311493F45A17D38D637DE9CD106F2 ] NNSHTTPS C:\Windows\system32\DRIVERS\NNSHttps.sys
03:40:37.0863 0x394c NNSHTTPS - ok
03:40:37.0868 0x394c [ 48905D86912C8544F2D4D8FA8786172A, 7D2D2FC5D415EA6817A73A6DC3F226E584BAA4854DEF793B1040C4AE38FED785 ] NNSIDS C:\Windows\system32\DRIVERS\NNSIds.sys
03:40:37.0876 0x394c NNSIDS - ok
03:40:37.0880 0x394c [ 3E5469215F92051C2F6AAA4D8C94AE2E, 6A9A600CC494633ACAF4DED301F492B4BF8B12B3030B5EA2C09E0A8D1CA4230F ] NNSNAHSL C:\Windows\system32\DRIVERS\NNSNAHSL.sys
03:40:37.0890 0x394c NNSNAHSL - ok
03:40:37.0895 0x394c [ BA00DDDED5A00198E29AEF05D723919E, 865766F565097D49D6CC7D46678F9A7CFFA9F76EA9FAF32450ACA398A9DB6FB9 ] NNSPICC C:\Windows\system32\DRIVERS\NNSPicc.sys
03:40:37.0903 0x394c NNSPICC - ok
03:40:37.0907 0x394c [ 5522C8BCFF4BBD132D36DFD5A2E4074D, B45987148AE7016C98D2FD06B5832C33A0E973E01D296AD9DE9F14DA1391BAD7 ] NNSPIHSW C:\Windows\system32\DRIVERS\NNSPihsw.sys
03:40:37.0915 0x394c NNSPIHSW - ok
03:40:37.0920 0x394c [ E28E12C1785D2CD9A1BEA996939E1F22, 9F86FFC3C57C44887A4FB4F7AEB434EABF8F872B3D66922C620C660329566067 ] NNSPOP3 C:\Windows\system32\DRIVERS\NNSPop3.sys
03:40:37.0929 0x394c NNSPOP3 - ok
03:40:37.0938 0x394c [ 855F568B91BA260C68D1B06E7A898AA1, FCFF990676C1542D60C75B3CF04398B9117F5C64EAC420F85ABFEEA5EEB7DAAE ] NNSPROT C:\Windows\system32\DRIVERS\NNSProt.sys
03:40:37.0950 0x394c NNSPROT - ok
03:40:37.0956 0x394c [ B62B6CA0CBCF1A9D47DFF4BAC8008A44, 40DFF2098E0ADCAB99FCA201FC1D58D483EB724600CEBE70CAA5DAB4FF671FA1 ] NNSPRV C:\Windows\system32\DRIVERS\NNSPrv.sys
03:40:37.0966 0x394c NNSPRV - ok
03:40:37.0971 0x394c [ 734D11039FCCEDDCF040B9973D4DB1A4, 25846E1511447AFA8F0EC44FB2852AC74044AAC853E53D10C61563C10579CAE8 ] NNSSMTP C:\Windows\system32\DRIVERS\NNSSmtp.sys
03:40:37.0980 0x394c NNSSMTP - ok
03:40:37.0988 0x394c [ AE91263421F2EC327D333C2BCFB68119, AD13136CCF004B7C99472AE3367040B894F17ADDF537F44B795749B9F60B42A2 ] NNSSTRM C:\Windows\system32\DRIVERS\NNSStrm.sys
03:40:37.0999 0x394c NNSSTRM - ok
03:40:38.0004 0x394c [ 2F40D7D2C226255F9AC79F0C761FD766, F3CDCE41B942E05B603A94EF32DD14C4A64DCAEDCDACC17130F631F450604FFB ] NNSTLSC C:\Windows\system32\DRIVERS\NNSTlsc.sys
03:40:38.0014 0x394c NNSTLSC - ok
03:40:38.0017 0x394c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
03:40:38.0041 0x394c Npfs - ok
03:40:38.0043 0x394c npggsvc - ok
03:40:38.0046 0x394c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
03:40:38.0069 0x394c nsi - ok
03:40:38.0073 0x394c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
03:40:38.0099 0x394c nsiproxy - ok
03:40:38.0134 0x394c [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
03:40:38.0174 0x394c Ntfs - ok
03:40:38.0178 0x394c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
03:40:38.0201 0x394c Null - ok
03:40:38.0212 0x394c [ CEF487606A4D64DC9A5F4D76EEE996AA, 0534E3EE033B0E821597328AAA62C818593D537BDCA54625CB3C1B99912ACC21 ] NvContainerLocalSystem C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
03:40:38.0227 0x394c NvContainerLocalSystem - ok
03:40:38.0238 0x394c [ CEF487606A4D64DC9A5F4D76EEE996AA, 0534E3EE033B0E821597328AAA62C818593D537BDCA54625CB3C1B99912ACC21 ] NvContainerNetworkService C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
03:40:38.0252 0x394c NvContainerNetworkService - ok
03:40:38.0259 0x394c [ D812362E8AF615B521AD4DF19A93BD5A, B1F04122DFE9FCC3FC56BE327D86912D624C89F2EFB9684BE66FC22115D0E19F ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
03:40:38.0269 0x394c NVHDA - ok
03:40:38.0452 0x394c [ B2E1A2E7911DF19A2A41156F16982ECC, A87B6761CFB0B64F3D1B28CAE861C8749CB4144EC4F7638BEC8D0D199AF1453E ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
03:40:38.0645 0x394c nvlddmkm - ok
03:40:38.0668 0x394c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
03:40:38.0677 0x394c nvraid - ok
03:40:38.0683 0x394c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
03:40:38.0693 0x394c nvstor - ok
03:40:38.0696 0x394c [ 05FECCB901276013D16A42AD4CFCE24B, 281E2F23E5C820FA670E908EA1798F3FA062C4DD37B16DF73CE13E58B6F3C56E ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
03:40:38.0704 0x394c NvStreamKms - ok
03:40:38.0729 0x394c [ C897258EFDF6740F5ABFB4A6A61B4995, 0678E4BE0E66A528A9ED3CE5540F193BF67449296F6E96E4FCAA13D637FCF5BC ] nvsvc C:\Windows\system32\nvvsvc.exe
03:40:38.0752 0x394c nvsvc - ok
03:40:38.0765 0x394c [ 40B216E2D52371BC377C892FE83E63E9, AFD5466C86F0B0B54BE9AE6EF172D1B8F1F828C867FDA91CDD4E0A805D6EF71E ] NvTelemetryContainer C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
03:40:38.0781 0x394c NvTelemetryContainer - ok
03:40:38.0787 0x394c [ CA090120FB0C11D99A15DA648CD33EE8, 9760D42634867306DA422A1A17C872FBE8D9874295107F8B00A9D5564CE3BCFC ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
03:40:38.0795 0x394c nvvad_WaveExtensible - ok
03:40:38.0799 0x394c [ 8633AFA9759AD66649D9E0613FFDD847, 6B1F4C4B8AEFC963652C9E881C28C3FCE5665D23C3D79AFA8F9F896B722F7A95 ] nvvhci C:\Windows\system32\DRIVERS\nvvhci.sys
03:40:38.0808 0x394c nvvhci - ok
03:40:38.0813 0x394c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
03:40:38.0821 0x394c nv_agp - ok
03:40:38.0837 0x394c [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
03:40:38.0851 0x394c odserv - ok
03:40:38.0856 0x394c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
03:40:38.0866 0x394c ohci1394 - ok
03:40:38.0926 0x394c [ 107383EF78A7DC444F62594C927536E6, 7B1D2E3FE5D53AC168BE455881971E001845DB5BCADB4F0A49BB2DA8BCFFBACE ] OpenVPNService E:\Program Files\OpenVPN\bin\openvpnserv.exe
03:40:38.0933 0x394c OpenVPNService - ok
03:40:39.0024 0x394c [ 2906AF02B5D06B0EFCD32382F19B88DB, 52A57816017591AC18693095ED6877EC6187F01A1B075ECC0F7E8FA73543E9D0 ] Origin Client Service E:\Games\Origin\OriginClientService.exe
03:40:39.0070 0x394c Origin Client Service - ok
03:40:39.0081 0x394c [ 7B9A1271FEFFA14D5A227E97BBFCD2D9, FE7736FA49500F3280C688A5C305C06D30D2B517BDEACDE47CA1E9DEC7CE224C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
03:40:39.0093 0x394c ose - ok
03:40:39.0186 0x394c [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
03:40:39.0282 0x394c osppsvc - ok
03:40:39.0299 0x394c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
03:40:39.0313 0x394c p2pimsvc - ok
03:40:39.0324 0x394c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
03:40:39.0341 0x394c p2psvc - ok
03:40:39.0345 0x394c [ 7CB4A8CEFE80C1B924B82ABC8423D75A, 8114529E20433B20542AD7ADDC7D069768E8190A88B1B2ED9988324580D6059C ] PandaAgent C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
03:40:39.0352 0x394c PandaAgent - ok
03:40:39.0354 0x394c panda_url_filtering - ok
03:40:39.0357 0x394c panda_url_filteringd - ok
03:40:39.0363 0x394c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
03:40:39.0371 0x394c Parport - ok
03:40:39.0376 0x394c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
03:40:39.0385 0x394c partmgr - ok
03:40:39.0391 0x394c [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc C:\Windows\System32\pcasvc.dll
03:40:39.0402 0x394c PcaSvc - ok
03:40:39.0409 0x394c [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
03:40:39.0418 0x394c pci - ok
03:40:39.0421 0x394c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
03:40:39.0428 0x394c pciide - ok
03:40:39.0434 0x394c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
03:40:39.0445 0x394c pcmcia - ok
03:40:39.0448 0x394c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
03:40:39.0456 0x394c pcw - ok
03:40:39.0471 0x394c [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH C:\Windows\system32\drivers\peauth.sys
03:40:39.0491 0x394c PEAUTH - ok
03:40:39.0520 0x394c [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
03:40:39.0551 0x394c PeerDistSvc - ok
03:40:39.0565 0x394c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
03:40:39.0574 0x394c PerfHost - ok
03:40:39.0608 0x394c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
03:40:39.0653 0x394c pla - ok
03:40:39.0665 0x394c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
03:40:39.0685 0x394c PlugPlay - ok
03:40:39.0688 0x394c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
03:40:39.0697 0x394c PNRPAutoReg - ok
03:40:39.0705 0x394c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
03:40:39.0718 0x394c PNRPsvc - ok
03:40:39.0731 0x394c [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
03:40:39.0747 0x394c PolicyAgent - ok
03:40:39.0755 0x394c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
03:40:39.0784 0x394c Power - ok
03:40:39.0788 0x394c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
03:40:39.0813 0x394c PptpMiniport - ok
03:40:39.0817 0x394c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
03:40:39.0826 0x394c Processor - ok
03:40:39.0834 0x394c [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
03:40:39.0847 0x394c ProfSvc - ok
03:40:39.0850 0x394c [ CA69E856332E2D85294665F6B7E97254, A9693F836907FB0154DC1090D9476F1E9242ABE922D932D74D0385772D2EAB65 ] ProtectedStorage C:\Windows\system32\lsass.exe
03:40:39.0858 0x394c ProtectedStorage - ok
03:40:39.0863 0x394c [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
03:40:39.0887 0x394c Psched - ok
03:40:39.0894 0x394c [ FBBCC2BAEA51014CC5B24839F74CED3C, 69E8A6C6EFB9F35E33DA8C9EDCEB8D9DB5ED051ADCDCEAAB241F282685C1F684 ] PSINAflt C:\Windows\system32\DRIVERS\PSINAflt.sys
03:40:39.0903 0x394c PSINAflt - ok
03:40:39.0909 0x394c [ F3936B5CC371E81900887EA9B1460737, A066ADCE60DCF3E09D3B4EA5992352CAE7B0C84A6249E36F8469576EEFEA6AF4 ] PSINFile C:\Windows\system32\DRIVERS\PSINFile.sys
03:40:39.0918 0x394c PSINFile - ok
03:40:39.0925 0x394c [ 5A77C1C126B8CD67129878444F1CD1F5, CD3061DE79CCAA7541892B297308C559D23AE4717A5A14D88F2B90FECAD31CE6 ] PSINKNC C:\Windows\system32\DRIVERS\psinknc.sys
03:40:39.0935 0x394c PSINKNC - ok
03:40:39.0940 0x394c [ 8BCC45C855ADDD1AC2483F42AF45F5AE, C6887AF0AE36CC9C8C67C2709856752B714F5CB40E9CA81903F9441B88631E07 ] PSINProc C:\Windows\system32\DRIVERS\PSINProc.sys
03:40:39.0950 0x394c PSINProc - ok
03:40:39.0955 0x394c [ 0328A149C311E305F41DD665304F41CC, 0978DB25B327F498D78583AEFEEAE9106479066D3B617BC30E0ECA1469EEB494 ] PSINProt C:\Windows\system32\DRIVERS\PSINProt.sys
03:40:39.0965 0x394c PSINProt - ok
03:40:39.0969 0x394c [ 422ABF1D3E93DB63D5769018DC936751, 6F71DDC639E7037844E578FF49675B33698008F133DB7B156A3841557C75C3E1 ] PSINReg C:\Windows\system32\DRIVERS\PSINReg.sys
03:40:39.0978 0x394c PSINReg - ok
03:40:39.0982 0x394c [ 34309132ABE90878D54B6597B559EDEC, 4714EE9B65560E53CB558C2BBBA9446675939541EFC089E7B0B12D9161753D64 ] PSKMAD C:\Windows\system32\DRIVERS\PSKMAD.sys
03:40:39.0990 0x394c PSKMAD - ok
03:40:39.0997 0x394c [ F8F2096FB17C1219C81008671F0FADA5, F16CB53622107A5690CF32E43104CCE0172A4D985FE7AD7182AFF2DF3AF01D28 ] PSUAService C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
03:40:40.0004 0x394c PSUAService - ok
03:40:40.0038 0x394c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
03:40:40.0074 0x394c ql2300 - ok
03:40:40.0101 0x394c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
03:40:40.0111 0x394c ql40xx - ok
03:40:40.0125 0x394c QMUdisk - ok
03:40:40.0127 0x394c QQPCRTP - ok
03:40:40.0135 0x394c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
03:40:40.0152 0x394c QWAVE - ok
03:40:40.0156 0x394c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
03:40:40.0170 0x394c QWAVEdrv - ok
03:40:40.0173 0x394c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
03:40:40.0198 0x394c RasAcd - ok
03:40:40.0202 0x394c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
03:40:40.0227 0x394c RasAgileVpn - ok
03:40:40.0231 0x394c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
03:40:40.0257 0x394c RasAuto - ok
03:40:40.0262 0x394c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
03:40:40.0287 0x394c Rasl2tp - ok
03:40:40.0296 0x394c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
03:40:40.0325 0x394c RasMan - ok
03:40:40.0330 0x394c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
03:40:40.0358 0x394c RasPppoe - ok
03:40:40.0362 0x394c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
03:40:40.0386 0x394c RasSstp - ok
03:40:40.0394 0x394c [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
03:40:40.0422 0x394c rdbss - ok
03:40:40.0426 0x394c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
03:40:40.0436 0x394c rdpbus - ok
03:40:40.0439 0x394c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
03:40:40.0464 0x394c RDPCDD - ok
03:40:40.0471 0x394c [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
03:40:40.0482 0x394c RDPDR - ok
03:40:40.0485 0x394c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
03:40:40.0510 0x394c RDPENCDD - ok
03:40:40.0515 0x394c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
03:40:40.0539 0x394c RDPREFMP - ok
03:40:40.0545 0x394c [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
03:40:40.0554 0x394c RdpVideoMiniport - ok
03:40:40.0562 0x394c [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
03:40:40.0625 0x394c RDPWD - ok
03:40:40.0632 0x394c [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
03:40:40.0641 0x394c rdyboost - ok
03:40:40.0646 0x394c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
03:40:40.0670 0x394c RemoteAccess - ok
03:40:40.0677 0x394c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
03:40:40.0703 0x394c RemoteRegistry - ok
03:40:40.0708 0x394c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
03:40:40.0733 0x394c RpcEptMapper - ok
03:40:40.0736 0x394c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
03:40:40.0745 0x394c RpcLocator - ok
03:40:40.0757 0x394c [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs C:\Windows\system32\rpcss.dll
03:40:40.0774 0x394c RpcSs - ok
03:40:40.0779 0x394c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
03:40:40.0803 0x394c rspndr - ok
03:40:40.0859 0x394c [ 24061B0958874C1CB2A5A8E9D25482D4, F84F8173242B95F9F3C4FEA99B5555B33F9CE37CA8188B643871D261CB081496 ] RTCore64 E:\Program Files (x86)\MSI Afterburner\RTCore64.sys
03:40:40.0866 0x394c RTCore64 - ok
03:40:40.0873 0x394c [ 3A50489C017292386C1C6CF6EB283F23, 42E2C75A83A45070BB548591B83C3744F5DF6BB3743221D0442C1BA23789AD5D ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
03:40:40.0883 0x394c RtkAudioService - ok
03:40:40.0904 0x394c [ 7461D3DA1AABB5F703504E958455A900, B77D36E095A476A8191C1771539F20529F82CACF3C945BF55D64C39EEF09D0EA ] RTL8192cu C:\Windows\system32\DRIVERS\RTL8192cu.sys
03:40:40.0926 0x394c RTL8192cu - ok
03:40:40.0930 0x394c [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
03:40:40.0938 0x394c s3cap - ok
03:40:40.0942 0x394c [ 4F55BC63DCA859A6DEDC1106E0062135, C9AA97130DBEEE4D47BE2DAB3A8B8E7F0484DA0FCD3701C664B2F76F7671ACCF ] S3XXx64 C:\Windows\system32\DRIVERS\S3XXx64.sys
03:40:40.0951 0x394c S3XXx64 - ok
03:40:40.0954 0x394c [ CA69E856332E2D85294665F6B7E97254, A9693F836907FB0154DC1090D9476F1E9242ABE922D932D74D0385772D2EAB65 ] SamSs C:\Windows\system32\lsass.exe
03:40:40.0963 0x394c SamSs - ok
03:40:40.0967 0x394c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
03:40:40.0976 0x394c sbp2port - ok
03:40:40.0982 0x394c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
03:40:41.0009 0x394c SCardSvr - ok
03:40:41.0012 0x394c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
03:40:41.0034 0x394c scfilter - ok
03:40:41.0058 0x394c [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
03:40:41.0086 0x394c Schedule - ok
03:40:41.0092 0x394c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
03:40:41.0119 0x394c SCPolicySvc - ok
03:40:41.0125 0x394c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
03:40:41.0137 0x394c SDRSVC - ok
03:40:41.0141 0x394c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
03:40:41.0150 0x394c secdrv - ok
03:40:41.0153 0x394c [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll
03:40:41.0163 0x394c seclogon - ok
03:40:41.0167 0x394c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
03:40:41.0192 0x394c SENS - ok
03:40:41.0195 0x394c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
03:40:41.0205 0x394c SensrSvc - ok
03:40:41.0209 0x394c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
03:40:41.0218 0x394c Serenum - ok
03:40:41.0222 0x394c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
03:40:41.0232 0x394c Serial - ok
03:40:41.0235 0x394c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
03:40:41.0245 0x394c sermouse - ok
03:40:41.0253 0x394c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
03:40:41.0278 0x394c SessionEnv - ok
03:40:41.0282 0x394c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
03:40:41.0292 0x394c sffdisk - ok
03:40:41.0295 0x394c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
03:40:41.0304 0x394c sffp_mmc - ok
03:40:41.0308 0x394c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
03:40:41.0318 0x394c sffp_sd - ok
03:40:41.0321 0x394c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
03:40:41.0330 0x394c sfloppy - ok
03:40:41.0340 0x394c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
03:40:41.0371 0x394c SharedAccess - ok
03:40:41.0381 0x394c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
03:40:41.0412 0x394c ShellHWDetection - ok
03:40:41.0417 0x394c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
03:40:41.0425 0x394c SiSRaid2 - ok
03:40:41.0429 0x394c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
03:40:41.0437 0x394c SiSRaid4 - ok
03:40:41.0441 0x394c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
03:40:41.0466 0x394c Smb - ok
03:40:41.0471 0x394c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
03:40:41.0481 0x394c SNMPTRAP - ok
03:40:41.0483 0x394c softaal - ok
03:40:41.0487 0x394c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
03:40:41.0494 0x394c spldr - ok
03:40:41.0508 0x394c [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
03:40:41.0526 0x394c Spooler - ok
03:40:41.0589 0x394c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
03:40:41.0672 0x394c sppsvc - ok
03:40:41.0680 0x394c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
03:40:41.0704 0x394c sppuinotify - ok
03:40:41.0717 0x394c [ EB15C46477EB84B6B520871ED5936CCF, 7366FD2E1315109B9A2F47DA08959CF0CBEEB1F20B2E2DEF449D39B508107D29 ] srv C:\Windows\system32\DRIVERS\srv.sys
03:40:41.0734 0x394c srv - ok
03:40:41.0743 0x394c [ 7F4FDC9528BCE6FB919615B6A77D5724, C4843381504E0F50D4B8E4F8886C83112018CE5F64467B875F2809508EA2B182 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
03:40:41.0759 0x394c srv2 - ok
03:40:41.0765 0x394c [ 3F20CD2A11872284BD667DAD6D4801CC, 917EAA680CD10D3EA59EEF4B77BB3813D5718E7D1CB0846431255EE73035D834 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
03:40:41.0776 0x394c srvnet - ok
03:40:41.0782 0x394c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
03:40:41.0808 0x394c SSDPSRV - ok
03:40:41.0813 0x394c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
03:40:41.0838 0x394c SstpSvc - ok
03:40:41.0844 0x394c [ D08FFE34AF5B7AC5F69EEA1E0E8C6ECE, CC43752CE5C879E24229C84443DBEE667CE629ECF992AD0D42F0F77FE04F6751 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
03:40:41.0857 0x394c ssudmdm - ok
03:40:41.0967 0x394c [ 7DB9E612A2742ACEAB080B882E83141C, FFD1FA36E732F55223F3F4B5F845331DBB3073B023C2C5BF51A0E7680DEE7FA7 ] ss_conn_service E:\Programme\kies\USB Drivers\27_ssconn\conn\ss_conn_service.exe
03:40:41.0988 0x394c ss_conn_service - ok
03:40:42.0023 0x394c [ 5CBCEB3FF7C232ACC8891C8197BF3353, B1FE57C61E62B1FEC81B219551DAD68DC5DF17FC1603CDC0CBA097A3E687A027 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
03:40:42.0056 0x394c Steam Client Service - ok
03:40:42.0069 0x394c [ 84E3F6607842CD40A4F3B4EC2D5152B6, 1C1240069576B728BDE22C41DEB55CCFDF9085E36178761DDD91322009359EBF ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
03:40:42.0082 0x394c Stereo Service - ok
03:40:42.0086 0x394c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
03:40:42.0094 0x394c stexstor - ok
03:40:42.0108 0x394c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
03:40:42.0130 0x394c stisvc - ok
03:40:42.0134 0x394c [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
03:40:42.0141 0x394c storflt - ok
03:40:42.0144 0x394c [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
03:40:42.0152 0x394c StorSvc - ok
03:40:42.0155 0x394c [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
03:40:42.0163 0x394c storvsc - ok
03:40:42.0166 0x394c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
03:40:42.0172 0x394c swenum - ok
03:40:42.0185 0x394c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
03:40:42.0217 0x394c swprv - ok
03:40:42.0252 0x394c [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
03:40:42.0290 0x394c SysMain - ok
03:40:42.0296 0x394c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
03:40:42.0310 0x394c TabletInputService - ok
03:40:42.0375 0x394c [ 37BEA19DBD43301FD987F5D277DFBEA5, E58F4E4FD589C33134C658A06CA4FEB9CA2A000A4D31314DEEABFD86DE4215A5 ] TabletServicePen C:\Windows\system32\Pen_Tablet.exe
03:40:42.0447 0x394c TabletServicePen - ok
03:40:42.0454 0x394c [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
03:40:42.0462 0x394c tap0901 - ok
03:40:42.0471 0x394c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
03:40:42.0499 0x394c TapiSrv - ok
03:40:42.0536 0x394c [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] Tcpip C:\Windows\system32\drivers\tcpip.sys
03:40:42.0575 0x394c Tcpip - ok
03:40:42.0616 0x394c [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
03:40:42.0654 0x394c TCPIP6 - ok
03:40:42.0661 0x394c [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
03:40:42.0669 0x394c tcpipreg - ok
03:40:42.0674 0x394c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
03:40:42.0682 0x394c TDPIPE - ok
03:40:42.0686 0x394c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
03:40:42.0693 0x394c TDTCP - ok
03:40:42.0699 0x394c [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
03:40:42.0708 0x394c tdx - ok
03:40:42.0712 0x394c [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
03:40:42.0720 0x394c TermDD - ok
03:40:42.0735 0x394c [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
03:40:42.0755 0x394c TermService - ok
03:40:42.0760 0x394c [ 8221854F134EF1A0E260CFCBE7030EFA, D89A957F3623DBEDAB49F94F560BDCE6AC77E7E4EBFAE62838FAA9C5B2A4CB58 ] TesMon C:\Windows\system32\TesMon.sys
03:40:42.0770 0x394c TesMon - ok
03:40:42.0793 0x394c [ C163DA99031A953AB160575E9D259AED, 117D7EE9F0F962839141098AADC2A42CC84051CBF3E4D6ADA6897FD5674E3987 ] TesSafe C:\Windows\system32\TesSafe.sys
03:40:42.0821 0x394c TesSafe - ok
03:40:42.0826 0x394c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
03:40:42.0838 0x394c Themes - ok
03:40:42.0843 0x394c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
03:40:42.0870 0x394c THREADORDER - ok
03:40:42.0876 0x394c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
03:40:42.0902 0x394c TrkWks - ok
03:40:42.0908 0x394c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
03:40:42.0933 0x394c TrustedInstaller - ok
03:40:42.0936 0x394c TsDefenseBt - ok
03:40:42.0939 0x394c tsnethlpx64 - ok
03:40:42.0943 0x394c [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
03:40:42.0951 0x394c tssecsrv - ok
03:40:42.0955 0x394c [ 986659F31F7065438FAC1A58B6271CB3, 2026DB49F657B7914628D5D59F8D3D57E793B8F6D681896BBED0C3C66F8C14FB ] TSSKX64 C:\Windows\system32\drivers\tsskx64.sys
03:40:42.0963 0x394c TSSKX64 - ok
03:40:42.0967 0x394c [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
03:40:42.0975 0x394c TsUsbFlt - ok
03:40:42.0979 0x394c [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
03:40:42.0987 0x394c TsUsbGD - ok
03:40:42.0992 0x394c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
03:40:43.0016 0x394c tunnel - ok
03:40:43.0020 0x394c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
03:40:43.0028 0x394c uagp35 - ok
03:40:43.0036 0x394c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
03:40:43.0064 0x394c udfs - ok
03:40:43.0069 0x394c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
03:40:43.0079 0x394c UI0Detect - ok
03:40:43.0086 0x394c [ 4AD47E4A6AEBB8D2D54414BCDAC0AA38, BE2E7529188C6B96FF10200C65DE1F2D31171F1E83DE134C060F15A8E6032549 ] ui11drdr C:\Windows\system32\DRIVERS\ui11drdr.sys
03:40:43.0096 0x394c ui11drdr - ok
03:40:43.0099 0x394c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
03:40:43.0109 0x394c uliagpkx - ok
03:40:43.0113 0x394c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
03:40:43.0121 0x394c umbus - ok
03:40:43.0124 0x394c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
03:40:43.0133 0x394c UmPass - ok
03:40:43.0140 0x394c [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
03:40:43.0151 0x394c UmRdpService - ok
03:40:43.0161 0x394c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
03:40:43.0190 0x394c upnphost - ok
03:40:43.0195 0x394c [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
03:40:43.0204 0x394c usbaudio - ok
03:40:43.0208 0x394c [ 28B81917A195B67617AF7DCF4DFE5736, 40A4D2AAE1BDE5ABA8708ED150396E913C566ECD5CDA40D6C6DB256F1B9FD4A9 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
03:40:43.0218 0x394c usbccgp - ok
03:40:43.0222 0x394c [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
03:40:43.0232 0x394c usbcir - ok
03:40:43.0236 0x394c [ B626F048318DAE65A3317F0592BE592C, 284D8FFE1D35F852EFDA182A72288AC3A10D6ED825FE2CC5812497D3FE291AF1 ] usbehci C:\Windows\system32\drivers\usbehci.sys
03:40:43.0245 0x394c usbehci - ok
03:40:43.0254 0x394c [ 390109E8E05BA00375DCB1ED64DC60AF, B8628502590B423BEFB6F7C8C69FAD0667AD0746FF6B444EE02016E8E1052B78 ] usbhub C:\Windows\system32\drivers\usbhub.sys
03:40:43.0267 0x394c usbhub - ok
03:40:43.0271 0x394c [ B4DF0F4C1D9D25DFE1DAD1D8670F1D4F, 4317C2DEDC639527B53864BAEC46CBE022D298C0503E29E1072DD1C851D92BFC ] usbohci C:\Windows\system32\drivers\usbohci.sys
03:40:43.0279 0x394c usbohci - ok
03:40:43.0282 0x394c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
03:40:43.0292 0x394c usbprint - ok
03:40:43.0296 0x394c [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
03:40:43.0305 0x394c USBSTOR - ok
03:40:43.0309 0x394c [ CFEAAF96E666E3DCBD8F6DFF516784AE, 006218A3DB5851790CC0A7F3DCD7B3AF82F624DA679296DE507AFD36C5468317 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
03:40:43.0317 0x394c usbuhci - ok
03:40:43.0323 0x394c [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
03:40:43.0334 0x394c usbvideo - ok
03:40:43.0337 0x394c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
03:40:43.0362 0x394c UxSms - ok
03:40:43.0365 0x394c [ CA69E856332E2D85294665F6B7E97254, A9693F836907FB0154DC1090D9476F1E9242ABE922D932D74D0385772D2EAB65 ] VaultSvc C:\Windows\system32\lsass.exe
03:40:43.0373 0x394c VaultSvc - ok
03:40:43.0376 0x394c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
03:40:43.0384 0x394c vdrvroot - ok
03:40:43.0397 0x394c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
03:40:43.0431 0x394c vds - ok
03:40:43.0435 0x394c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
03:40:43.0445 0x394c vga - ok
03:40:43.0448 0x394c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
03:40:43.0471 0x394c VgaSave - ok
03:40:43.0478 0x394c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
03:40:43.0488 0x394c vhdmp - ok
03:40:43.0492 0x394c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
03:40:43.0499 0x394c viaide - ok
03:40:43.0505 0x394c [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
03:40:43.0515 0x394c vmbus - ok
03:40:43.0519 0x394c [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
03:40:43.0526 0x394c VMBusHID - ok
03:40:43.0531 0x394c [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
03:40:43.0539 0x394c volmgr - ok
03:40:43.0548 0x394c [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
03:40:43.0561 0x394c volmgrx - ok
03:40:43.0570 0x394c [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
03:40:43.0581 0x394c volsnap - ok
03:40:43.0588 0x394c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
03:40:43.0598 0x394c vsmraid - ok
03:40:43.0630 0x394c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
03:40:43.0679 0x394c VSS - ok
03:40:43.0684 0x394c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
03:40:43.0694 0x394c vwifibus - ok
03:40:43.0698 0x394c [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
03:40:43.0710 0x394c vwififlt - ok
03:40:43.0720 0x394c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
03:40:43.0750 0x394c W32Time - ok
03:40:43.0755 0x394c [ F39FC224758290A3193C68C091E6F11A, 6F5EEF38D269F41DE95389F0EB5D2642D4D6E3FDCAC95301F5D7DB87A35A7A96 ] wacmoumonitor C:\Windows\system32\DRIVERS\wacmoumonitor.sys
03:40:43.0760 0x394c wacmoumonitor - ok
03:40:43.0764 0x394c [ E04D43C7D1641E95D35CAE6086C7E350, BF08ED680EC835D70C522B91560B8987F206793E8E2987117C1D7B77DEFF8556 ] wacommousefilter C:\Windows\system32\DRIVERS\wacommousefilter.sys
03:40:43.0770 0x394c wacommousefilter - ok
03:40:43.0773 0x394c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
03:40:43.0781 0x394c WacomPen - ok
03:40:43.0784 0x394c [ 53B03E71E88109A5C3C074A33889258A, 67728D644C21F430D471A9F1FD2D09B43F56198B3A84C9A707D462E47743D8ED ] wacomvhid C:\Windows\system32\DRIVERS\wacomvhid.sys
03:40:43.0790 0x394c wacomvhid - ok
03:40:43.0793 0x394c [ 8B4255329EDFBA3ECFBD0714476FAD38, DF1EEBB2672A0A0762B16CDB85896752F508A0CB86E8B644F34F5098C73B9814 ] WacomVKHid C:\Windows\system32\DRIVERS\WacomVKHid.sys
03:40:43.0799 0x394c WacomVKHid - ok
03:40:43.0803 0x394c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
03:40:43.0827 0x394c WANARP - ok
03:40:43.0831 0x394c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
03:40:43.0857 0x394c Wanarpv6 - ok
03:40:43.0888 0x394c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
03:40:43.0923 0x394c wbengine - ok
03:40:43.0931 0x394c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
03:40:43.0946 0x394c WbioSrvc - ok
03:40:43.0956 0x394c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
03:40:43.0973 0x394c wcncsvc - ok
03:40:43.0977 0x394c [ BC00873272B3771CCDA38336AF2B4D4B, 3E412DEC5F172B4C5FD5C227CD790EE56B90A00A8B538704E8F973D230BE2289 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
03:40:43.0986 0x394c WcsPlugInService - ok
03:40:43.0989 0x394c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
03:40:43.0996 0x394c Wd - ok
03:40:44.0014 0x394c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
03:40:44.0035 0x394c Wdf01000 - ok
03:40:44.0040 0x394c [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
03:40:44.0050 0x394c WdiServiceHost - ok
03:40:44.0054 0x394c [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
03:40:44.0064 0x394c WdiSystemHost - ok
03:40:44.0071 0x394c [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient C:\Windows\System32\webclnt.dll
03:40:44.0084 0x394c WebClient - ok
03:40:44.0092 0x394c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
03:40:44.0121 0x394c Wecsvc - ok
03:40:44.0126 0x394c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
03:40:44.0151 0x394c wercplsupport - ok
03:40:44.0156 0x394c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
03:40:44.0181 0x394c WerSvc - ok
03:40:44.0184 0x394c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
03:40:44.0208 0x394c WfpLwf - ok
03:40:44.0211 0x394c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
03:40:44.0218 0x394c WIMMount - ok
03:40:44.0220 0x394c WinDefend - ok
03:40:44.0224 0x394c WinHttpAutoProxySvc - ok
03:40:44.0235 0x394c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
03:40:44.0263 0x394c Winmgmt - ok
03:40:44.0301 0x394c [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM C:\Windows\system32\WsmSvc.dll
03:40:44.0345 0x394c WinRM - ok
03:40:44.0353 0x394c [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
03:40:44.0366 0x394c WinUsb - ok
03:40:44.0385 0x394c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
03:40:44.0412 0x394c Wlansvc - ok
03:40:44.0457 0x394c [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
03:40:44.0501 0x394c wlidsvc - ok
03:40:44.0507 0x394c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
03:40:44.0515 0x394c WmiAcpi - ok
03:40:44.0523 0x394c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
03:40:44.0535 0x394c wmiApSrv - ok
03:40:44.0537 0x394c WMPNetworkSvc - ok
03:40:44.0540 0x394c [ CD04DC21E9A4CF93945BA3C469C1AB5F, 30F9529C52F4FC6A1AEA48F4D6ED90CC5A6BA854E8327CB296510684806542AC ] WNDA6200 C:\Program Files (x86)\NETGEAR\A6200\WifiService.exe
03:40:44.0548 0x394c WNDA6200 - ok
03:40:44.0551 0x394c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
03:40:44.0560 0x394c WPCSvc - ok
03:40:44.0565 0x394c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
03:40:44.0576 0x394c WPDBusEnum - ok
03:40:44.0580 0x394c [ 7CA09731EB7FC99B910C7F239E57720F, 502F8917A0811F37C39B2B3F5E9B4F38A0E899C30CB29D3ECD87A50FF228E536 ] WPRO_41_2001 C:\Windows\system32\drivers\WPRO_41_2001.sys
03:40:44.0587 0x394c WPRO_41_2001 - ok
03:40:44.0591 0x394c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
03:40:44.0615 0x394c ws2ifsl - ok
03:40:44.0620 0x394c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
03:40:44.0633 0x394c wscsvc - ok
03:40:44.0636 0x394c WSearch - ok
03:40:44.0648 0x394c [ B91CC2B946124529044BBCD915DD0FE3, 0D5437CE441D516439FAF0CD298950EA8BE07A6925E14B5E706AD5BBBF0621F8 ] WTGService C:\Program Files (x86)\XSManager\WTGService.exe
03:40:44.0660 0x394c WTGService - ok
03:40:44.0711 0x394c [ 31F32E0C1A8BA9A37EEC23DE5F27F847, 0180832BC6172C9A4C32B5B222BB3F91EA615A5EBDA98DB79ED4FED258C2D257 ] wuauserv C:\Windows\system32\wuaueng.dll
03:40:44.0764 0x394c wuauserv - ok
03:40:44.0771 0x394c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
03:40:44.0782 0x394c WudfPf - ok
03:40:44.0789 0x394c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
03:40:44.0801 0x394c WUDFRd - ok
03:40:44.0805 0x394c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
03:40:44.0816 0x394c wudfsvc - ok
03:40:44.0823 0x394c [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
03:40:44.0835 0x394c WwanSvc - ok
03:40:44.0837 0x394c xhunter1 - ok
03:40:44.0855 0x394c [ 4A5CE13408945E525503B5F73D29B9C5, D58BB31AF17752508EA67931BF170CE46877DC204FC5DA7EED5A078AEB0CA0FD ] xnacc C:\Windows\system32\DRIVERS\xnacc.sys
03:40:44.0876 0x394c xnacc - ok
03:40:44.0883 0x394c [ C2F3D4B5BA078EB6CB08300990304F39, 45DC087206F0D8AE5F21F9EBB323E5747DE92FE7DCD550AC65FD2F4D7B1C46A3 ] XS Stick Service C:\Windows\service4g.exe
03:40:44.0891 0x394c XS Stick Service - ok
03:40:44.0894 0x394c [ 377F3E3467A8BFA3CDC921AD6425D513, 699271DA1D63E90FE1F9FE8AF3A8789CA588A0B7A2AFF5899EBA443361E041A5 ] XSplit_Dummy C:\Windows\system32\drivers\xspltspk.sys
03:40:44.0901 0x394c XSplit_Dummy - ok
03:40:44.0908 0x394c ================ Scan global ===============================
03:40:44.0911 0x394c [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
03:40:44.0919 0x394c [ B68AD91370FA58C1296DE9086BB4BA0A, 3B6B8170990B3B3B321752539A54D8EAB6E6241A25092682FDEE1A46BD39DBF6 ] C:\Windows\system32\winsrv.dll
03:40:44.0930 0x394c [ B68AD91370FA58C1296DE9086BB4BA0A, 3B6B8170990B3B3B321752539A54D8EAB6E6241A25092682FDEE1A46BD39DBF6 ] C:\Windows\system32\winsrv.dll
03:40:44.0937 0x394c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
03:40:44.0947 0x394c [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
03:40:44.0952 0x394c [ Global ] - ok
03:40:44.0953 0x394c ================ Scan MBR ==================================
03:40:44.0954 0x394c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
03:40:45.0134 0x394c \Device\Harddisk0\DR0 - ok
03:40:45.0137 0x394c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
03:40:45.0180 0x394c \Device\Harddisk1\DR1 - ok
03:40:45.0180 0x394c ================ Scan VBR ==================================
03:40:45.0182 0x394c [ 639E7ED30A711D020904451D61BEA8F0 ] \Device\Harddisk0\DR0\Partition1
03:40:45.0183 0x394c \Device\Harddisk0\DR0\Partition1 - ok
03:40:45.0185 0x394c [ 587E11BEF865F5A8B00719E2FABA5F4C ] \Device\Harddisk1\DR1\Partition1
03:40:45.0186 0x394c \Device\Harddisk1\DR1\Partition1 - ok
03:40:45.0187 0x394c [ B0F2C1E711B85EB55BC57000BACA68E6 ] \Device\Harddisk1\DR1\Partition2
03:40:45.0188 0x394c \Device\Harddisk1\DR1\Partition2 - ok
03:40:45.0189 0x394c ================ Scan generic autorun ======================
03:40:45.0192 0x394c [ 4503FA7E89950178CAD1B635B501640D, E607913AE096DB1E07B9FE1003DF9F9E294FC512F6CD3DEE8D0FB9851491BA37 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
03:40:45.0197 0x394c IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
03:40:45.0464 0x394c Detect skipped due to KSN trusted
03:40:45.0464 0x394c IAStorIcon - ok
03:40:45.0473 0x394c [ 3731A3AB53B6321E455CC6D1FB3DB8DD, 0FFA668F41EDBA5CDCC66C898B7EB8FC9D12E86D58040E0C0BD8B8CFAAE51F71 ] C:\Program Files (x86)\NETGEAR\A6200\A6200.exe
03:40:45.0487 0x394c GENIE - ok
03:40:45.0491 0x394c [ 15972BF70736F6AC32B0BA9470945E51, B6AEC29533F7B52A826BC41C806EEBE318B2CB067E961C67B1A2BFBA99D7D376 ] C:\Program Files (x86)\NETGEAR\A6200\LanuchApp.exe
03:40:45.0498 0x394c LanuchApp - ok
03:40:45.0731 0x394c [ 6DDA13FB28B620FEE52E0E616F4E7B70, 8C75E17E2C0C81BA3D1660ACB73591C181C3BD15237DF3A2E9734A7FF365C16A ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
03:40:45.0989 0x394c RtHDVCpl - ok
03:40:46.0014 0x394c [ 48515EEA1608ECD83FE26C7490460F59, C7C552D13ED12B4165FDE45F69E170D4F18B746D84B3B08E7254AAF8D9671D0C ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
03:40:46.0030 0x394c AdobeAAMUpdater-1.0 - ok
03:40:46.0033 0x394c [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
03:40:46.0042 0x394c ShadowPlay - ok
03:40:46.0047 0x394c [ 70BDEE03032BF7CE279838866B25E697, 007C3AC1B4380BC56EC6E14EFC022C03F165D08447AD763854351C530E19D976 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
03:40:46.0056 0x394c IMSS - ok
03:40:46.0064 0x394c [ 0436F64FD296BE331B3BB0CE446548BF, 53A8F8E58F451A7B030AE61E30DBB9BDFD5342046674177941A838B66D80FD70 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
03:40:46.0076 0x394c USB3MON - ok
03:40:46.0081 0x394c [ 85B91052ADF40F50FAD6994A85C607F7, 114D6FBB162D6D8CFCD20C303836BE8E6DE31FBBBAFE9B5EBD134DBF7082E2B4 ] C:\Windows\starter4g.exe
03:40:46.0089 0x394c starter4g - ok
03:40:46.0092 0x394c [ 0C9D4FDAEBD8A5A977F06EB5E70D8606, 3A61DC4CCB24A496B292519D2C857646BFF3DBE8F3CFB90AD17FF8A464E1BB74 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
03:40:46.0100 0x394c PSUAMain - ok
03:40:46.0160 0x394c [ 308AD1E5746DBF1704EE3E87BD481A92, 40549EEE0D86A676D657114C50B2DC664E54591061BD16098C846C0D9F254501 ] C:\Program Files (x86)\Lioncast LM30 Gaming Mouse\LCmon.exe
03:40:46.0226 0x394c LCgmmouseRun - detected UnsignedFile.Multi.Generic ( 1 )
03:40:46.0560 0x394c LCgmmouseRun ( UnsignedFile.Multi.Generic ) - warning
03:40:46.0739 0x394c [ 6302798F2560E25EB980992B1C4C5F81, E5029149F326C3CD0E418D87234B656A47E4ADFA1E8BC186F0F80B763224BD02 ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
03:40:46.0795 0x394c Adobe Creative Cloud - ok
03:40:46.0802 0x394c [ 0E34B7BB1FCF22BCC1E394D16F9E992B, 382CA8E6BAC301E2F277F8EDA03D263FF71272796A8EED582C36294EEE9191F9 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
03:40:46.0809 0x394c GrooveMonitor - ok
03:40:46.0824 0x394c [ 6EACC43D0542EF88226FB34B0B12EDB0, 6345E4B49D7F804F6DE042F981AB172822B6AB74C42209BEFB0582B019430884 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
03:40:46.0842 0x394c SunJavaUpdateSched - ok
03:40:46.0934 0x394c [ E2CB8918F91D39E24C4A488ED9F22325, F674C9AEECC6D2553E952B4D51BECEA3B18FA5AB191276FCA8D0434015971F67 ] E:\Adobe Documents\Acrobat DC\Acrobat\Acrotray.exe
03:40:46.0976 0x394c Acrobat Assistant 8.0 - ok
03:40:47.0001 0x394c Discord - ok
03:40:47.0004 0x394c [ 42B6A94DD747DF2B5F628A2752E62A98, 4A49EAE1322E65FFA6C71F0BEA52CAEC97D1F30DE71FB068CD9FD8318C8287AB ] C:\Windows\system32\ctfmon.exe
03:40:47.0014 0x394c ctfmon - ok
03:40:47.0094 0x394c [ 7F3D0BC2FE61C249302E0515989C59E2, 18613B1D861D7289EF050EE1C0384FCF70F40FDF7E3CB586D36B5D19A7591F8F ] C:\Users\Neslihan\AppData\Local\Akamai\netsession_win.exe
03:40:47.0194 0x394c Akamai NetSession Interface - ok
03:40:47.0239 0x394c [ 1F963FAD87E58A1760B4902CB8F89079, F2FEE975FDBCD3CF910306EFAA115700C531825381CF969E14D1CD244CE1BAAF ] E:\Adobe Documents\Acrobat DC\Acrobat\AdobeCollabSync.exe
03:40:47.0264 0x394c Adobe Acrobat Synchronizer - ok
03:40:47.0265 0x394c Steam - ok
03:40:47.0354 0x394c [ DAB21C14C09FA0F40DACD1A19C7A9125, DC215DAA9F79EA6B9D3B2C376A908AC4621871DC4B56374FAD7EDAED4FEB66D7 ] E:\Games\Origin\Origin.exe
03:40:47.0446 0x394c EADM - ok
03:40:47.0450 0x394c Waiting for KSN requests completion. In queue: 172
03:40:48.0468 0x394c AV detected via SS2: Panda Free Antivirus, C:\Program Files (x86)\Panda Security\Panda Security Protection\PAV3WSC.exe ( 6.0.0.0 ), 0x71000 ( enabled : updated )
03:40:48.0470 0x394c FW detected via SS2: Panda Firewall, C:\Program Files (x86)\Panda Security\Panda Security Protection\PAV3WSC.exe ( 6.0.0.0 ), 0x72010 ( disabled )
03:40:48.0471 0x394c Win FW state via NFP2: enabled ( trusted )
03:40:48.0556 0x394c ============================================================
03:40:48.0556 0x394c Scan finished
03:40:48.0556 0x394c ============================================================
03:40:48.0563 0x3010 Detected object count: 1
03:40:48.0563 0x3010 Actual detected object count: 1
03:43:35.0587 0x3010 LCgmmouseRun ( UnsignedFile.Multi.Generic ) - skipped by user
03:43:35.0587 0x3010 LCgmmouseRun ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
26.03.2017, 03:14
| #5 |
| | Ungewollte Browserextension / Verlangsamtes Laden (Chrome) FRST Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
durchgeführt von Neslihan (Administrator) auf NESLIHAN-PC (25-03-2017 22:22:23)
Gestartet von C:\Users\Neslihan\Desktop
Geladene Profile: Neslihan (Verfügbare Profile: Neslihan & Gast)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\spd.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Visicom Media Inc.) C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(DEVGURU Co., LTD.) E:\Programme\kies\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Wacom Technology, Corp.) C:\Windows\System32\Pen_Tablet.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\NETGEAR\A6200\WifiService.exe
() C:\Program Files (x86)\XSManager\WTGService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(4G Systems GmbH & Co. KG) C:\Windows\service4g.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NETGEAR,Inc.) C:\Program Files (x86)\NETGEAR\A6200\A6200.exe
(Wacom Technology, Corp.) C:\Windows\System32\WTablet\Pen_TabletUser.exe
(Hammer & Chisel, Inc.) C:\Users\Neslihan\AppData\Local\Discord\app-0.0.297\Discord.exe
(Wacom Technology, Corp.) C:\Windows\System32\Pen_Tablet.exe
(Akamai Technologies, Inc.) C:\Users\Neslihan\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Neslihan\AppData\Local\Akamai\netsession_win.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(cv cryptovision GmbH) E:\Program Files (x86)\cv cryptovision\cv act sc interface\RegisterTool.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(4G Systems GmbH & Co. KG) C:\Windows\starter4g.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
() C:\Program Files (x86)\Lioncast LM30 Gaming Mouse\LCMon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hammer & Chisel, Inc.) C:\Users\Neslihan\AppData\Local\Discord\app-0.0.297\Discord.exe
(Adobe Systems Inc.) E:\Adobe Documents\Acrobat DC\Acrobat\acrotray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Hammer & Chisel, Inc.) C:\Users\Neslihan\AppData\Local\Discord\app-0.0.297\Discord.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Nullsoft, Inc.) E:\Program Files (x86)\Winamp\winamp.exe
(Last.fm) E:\Program Files (x86)\Last.fm\Last.fm Scrobbler.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-03-22] (Intel Corporation)
HKLM\...\Run: [GENIE] => C:\Program Files (x86)\NETGEAR\A6200\A6200.exe [348888 2013-02-18] (NETGEAR,Inc.)
HKLM\...\Run: [LanuchApp] => C:\Program Files (x86)\NETGEAR\A6200\LanuchApp.exe [15136 2012-07-11] ()
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-18] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-03-12] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291128 2013-03-06] (Intel Corporation)
HKLM-x32\...\Run: [starter4g] => C:\Windows\starter4g.exe [160424 2010-04-30] (4G Systems GmbH & Co. KG)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [54520 2015-10-22] (Panda Security, S.L.)
HKLM-x32\...\Run: [LCgmmouseRun] => C:\Program Files (x86)\Lioncast LM30 Gaming Mouse\LCmon.exe [3171840 2015-05-25] ()
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2384984 2016-12-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => E:\Adobe Documents\Acrobat DC\Acrobat\Acrotray.exe [1870928 2016-12-23] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\ScCertProp:
HKU\S-1-5-21-2601677052-3802215475-160921258-1000\...\Run: [Discord] => C:\Users\Neslihan\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-2601677052-3802215475-160921258-1000\...\Run: [ctfmon] => C:\Windows\system32\ctfmon.exe [9728 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-2601677052-3802215475-160921258-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Neslihan\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2601677052-3802215475-160921258-1000\...\Run: [Adobe Acrobat Synchronizer] => E:\Adobe Documents\Acrobat DC\Acrobat\AdobeCollabSync.exe [886352 2016-12-23] (Adobe Systems Incorporated)
HKU\S-1-5-21-2601677052-3802215475-160921258-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2601677052-3802215475-160921258-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [333824 2010-11-21] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [panda] => reg.exe delete "HKCU\Software\AppDataLow\Software\panda" /f
HKU\S-1-5-18\...\RunOnce: [panda_XP] => reg.exe delete "HKCU\Software\panda" /f
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [!{6A86DAFA-242F-4E90-A4AD-D01E6B56E6EA}] -> {6A86DAFA-242F-4E90-A4AD-D01E6B56E6EA} => -> Keine Datei
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Keine Datei
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Keine Datei
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Keine Datei
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
ShellIconOverlayIdentifiers: [QBOverlayIcon] -> {96959DE7-C855-42BD-8382-2AAABF2A8F52} => C:\Users\Neslihan\AppData\Local\Tencent\QQBrowser\User Data\IconOverlay\QBShellIcon3a6efae.dll [2016-12-27] (Tencent)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Keine Datei
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\cv act sc interface RegisterTool.lnk [2014-06-23]
ShortcutTarget: cv act sc interface RegisterTool.lnk -> E:\Program Files (x86)\cv cryptovision\cv act sc interface\RegisterTool.exe (cv cryptovision GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk [2014-02-25]
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
GroupPolicyScripts-x32: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog9 01 C:\Windows\SysWOW64\xunyount.dll [135136 2016-05-08] (四川迅游网络科技股份有限公司)
Winsock: Catalog9 02 C:\Windows\SysWOW64\xunyount.dll [135136 2016-05-08] (四川迅游网络科技股份有限公司)
Winsock: Catalog9 03 C:\Windows\SysWOW64\xunyount.dll [135136 2016-05-08] (四川迅游网络科技股份有限公司)
Winsock: Catalog9 14 C:\Windows\SysWOW64\xunyount.dll [135136 2016-05-08] (四川迅游网络科技股份有限公司)
Winsock: Catalog9-x64 01 C:\Windows\system32\xunyount64.dll [176096 2016-05-08] (四川迅游网络科技股份有限公司)
Winsock: Catalog9-x64 02 C:\Windows\system32\xunyount64.dll [176096 2016-05-08] (四川迅游网络科技股份有限公司)
Winsock: Catalog9-x64 03 C:\Windows\system32\xunyount64.dll [176096 2016-05-08] (四川迅游网络科技股份有限公司)
Winsock: Catalog9-x64 14 C:\Windows\system32\xunyount64.dll [176096 2016-05-08] (四川迅游网络科技股份有限公司)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{08D6EAEC-989B-47E7-9A6B-FFC1DD3F1541}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{140BEABE-B131-48D8-A795-5BE12294B5ED}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{9541EBCD-4C46-48C8-AC3B-BF3B74ACB32D}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-2601677052-3802215475-160921258-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://hao.qq.com/?unc=o400493_1&s=o400493_1
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2601677052-3802215475-160921258-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2601677052-3802215475-160921258-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hao123.com/?tn=82013038_111_hao_pg
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2601677052-3802215475-160921258-1000 -> {3C3277C8-7F89-4F3F-AED7-71D9698B615D} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-2601677052-3802215475-160921258-1000 -> {3D8B4390-0AF1-440A-9B59-8F69A66B8CCB} URL = hxxp://www.google.com.hk/search?hl=zh-CN&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2601677052-3802215475-160921258-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-2601677052-3802215475-160921258-1000 -> {DBF90901-3B89-433A-BF74-7D34AEB1CB85} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-03-05] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-10-01] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2017-03-05] (Microsoft Corporation)
BHO: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2015-10-05] ()
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-03-05] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-10-01] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-03-05] (Microsoft Corporation)
BHO-x32: 应用宝一键安装插件 -> {50F4150A-48B2-417A-BE4C-C83F580FB904} -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhoneManagerExt.dll [2014-05-30] (腾讯公司)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-21] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-10-01] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2017-03-05] (Microsoft Corporation)
BHO-x32: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2015-10-05] ()
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-03-05] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-21] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-10-01] (Adobe Systems Incorporated)
Toolbar: HKLM - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2015-10-05] ()
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-10-01] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2015-10-05] ()
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-10-01] (Adobe Systems Incorporated)
DPF: HKLM-x32 {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} hxxp://dist.cdnetworks.co.jp/cdndist/neffy/NeffyLauncher_v1013.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-05] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-05] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-05] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-05] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF DefaultProfile: 6ghfa3rf.default-1436973638517
FF ProfilePath: C:\Users\Neslihan\AppData\Roaming\Mozilla\Firefox\Profiles\6ghfa3rf.default-1436973638517 [2017-03-05]
FF Session Restore: Mozilla\Firefox\Profiles\6ghfa3rf.default-1436973638517 -> ist aktiviert.
FF Keyword.URL: Mozilla\Firefox\Profiles\6ghfa3rf.default-1436973638517 -> hxxp://pandasecurity.mystart.com/results.php?pr=vmn&id=pandasecuritytb&v=4_3&idate=2015-09-16&ent=tb____campaignID___&mkt=us&u=D7FDE081746D1FC35579DD55F97CB820&q=
FF Extension: (Imperia OneClickEdit) - C:\Users\Neslihan\AppData\Roaming\Mozilla\Firefox\Profiles\6ghfa3rf.default-1436973638517\Extensions\oce@imperia.de.xpi [2016-08-10]
FF Extension: (Panda Security Toolbar) - C:\Users\Neslihan\AppData\Roaming\Mozilla\Firefox\Profiles\6ghfa3rf.default-1436973638517\Extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} [2015-09-16] [ist nicht signiert]
FF Extension: (Adblock Plus) - C:\Users\Neslihan\AppData\Roaming\Mozilla\Firefox\Profiles\6ghfa3rf.default-1436973638517\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-25]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - E:\Adobe Documents\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - E:\Adobe Documents\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2017-01-11]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-15] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> E:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-12-09] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-15] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-03-05] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-03-05] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-24] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-24] (NVIDIA Corporation)
FF Plugin-x32: @qq.com/npAndroidAssistant -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhoneManagerExt.dll [2014-05-30] (腾讯公司)
FF Plugin-x32: @qq.com/TXSSO -> C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.3.15\Bin\npSSOAxCtrlForPTLogin.dll [2015-06-20] (Tencent)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> E:\Adobe Documents\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-12-09] (Adobe Systems)
StartMenuInternet: FIREFOX.EXE - E:\Program Files (x86)\Mozilla Firefox\firefox.exe
Chrome:
=======
CHR DefaultProfile: Default
CHR DefaultSearchURL: Default -> hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=orcl_default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://de.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Session Restore: Default -> ist aktiviert.
CHR Profile: C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default [2017-03-25]
CHR Extension: (Google Präsentationen) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-28]
CHR Extension: (Google Docs) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-28]
CHR Extension: (Google Drive) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (Skype-Anrufe) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2015-11-03]
CHR Extension: (YouTube) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Mogicons) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpgpffljkgjmijjdmjbdppndoojdgboe [2017-03-21]
CHR Extension: (Ecosia - Die Suchmaschine, die Bäume pflanzt) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\clellnciejhoedgepbdilbkdkaoecgpc [2017-01-09]
CHR Extension: (Google-Suche) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Icon Pack for Facebook) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjnigeodbhfkikngfpbpaponldpnajj [2017-03-25]
CHR Extension: (Full Page Screen Capture) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2016-09-02]
CHR Extension: (Google Tabellen) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-28]
CHR Extension: (Facebook™ Chat Privacy) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfpgaanechfneiboempkfjghninbibjn [2016-07-19]
CHR Extension: (Google Docs Offline) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (AdBlock) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-02-25]
CHR Extension: (Tag Assistant (by Google)) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk [2016-06-10]
CHR Extension: (TwitchAlerts Stream Labels) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgmggmdngboajiakmbpdknfpdelbjbcg [2016-12-08]
CHR Extension: (Noisli) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\klejemegaoblahjdpcajmpcnjjmkmkkf [2017-03-12]
CHR Extension: (Video DownloadHelper) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2016-12-21]
CHR Extension: (Ghostery) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2017-02-14]
CHR Extension: (F.B. Purity For Facebook) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncdlagniojmheiklojdcpdaeepochckl [2016-07-16]
CHR Extension: (F.B.(FluffBusting)Purity) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmkinhboiljjkhaknpaeaicmdjhagpep [2017-03-24]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (VK audio mp3 + video by MyUpdate.ru) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofhhndfphhclgkigefjgbmghohfiomni [2015-10-11]
CHR Extension: (Spottster) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\oojdbjfeamokogkeipeejegidjceiaio [2016-03-25]
CHR Extension: (VK Downloader) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjdlpaffkkdggnabfdbhbfbncmcckio [2017-03-01]
CHR Extension: (Google Mail) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-10]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [753240 2016-12-09] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-02-27] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1447944 2016-12-12] ()
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-09-01] (BitRaider, LLC)
R2 cFosSpeedS; C:\Program Files\ASRock\XFast LAN\spd.exe [395136 2011-10-19] (cFos Software GmbH)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3294912 2017-03-05] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [399120 2017-02-14] (EasyAntiCheat Ltd)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2016-11-25] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-03-22] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation)
S3 intelsba; C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [48832 2013-01-28] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182248 2013-03-14] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142072 2015-10-18] (Panda Security, S.L.)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3521168 2015-07-22] (INCA Internet Co., Ltd.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-02-23] (NVIDIA Corporation)
S3 OpenVPNService; E:\Program Files\OpenVPN\bin\openvpnserv.exe [37176 2014-06-05] (The OpenVPN Project)
S3 Origin Client Service; E:\Games\Origin\OriginClientService.exe [2122248 2016-09-01] (Electronic Arts)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [73176 2016-02-22] (Panda Security, S.L.)
R2 panda_url_filtering; C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe [287752 2015-10-02] (Visicom Media Inc.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-10-22] (Panda Security, S.L.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [239176 2013-02-19] (Realtek Semiconductor)
R2 ss_conn_service; E:\Programme\kies\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WNDA6200; C:\Program Files (x86)\NETGEAR\A6200\WifiService.exe [29984 2012-09-24] ()
R2 WTGService; C:\Program Files (x86)\XSManager\WTGService.exe [329872 2013-01-30] ()
R2 XS Stick Service; C:\Windows\service4g.exe [145064 2010-04-30] (4G Systems GmbH & Co. KG)
S2 QQPCRTP; "e:\games\QQPCMgr\11.1.16892.209\QQPCRtp.exe" -r [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 A6200; C:\Windows\System32\DRIVERS\bcmwlhigh664.sys [2567984 2013-02-28] (Broadcom Corporation)
S3 AsrDrv101; C:\Windows\SysWOW64\Drivers\AsrDrv101.sys [22280 2014-02-28] (ASRock Incorporation)
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [34640 2012-08-09] (ASRock Inc.)
S3 cmnsusbser; C:\Windows\System32\DRIVERS\cmnsusbser.sys [126080 2014-11-18] (QUALCOMM Incorporated) [Datei ist nicht signiert]
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [496400 2013-02-26] (Intel Corporation)
S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [18816 2016-11-25] (Huawei Technologies Co., Ltd.)
S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [32320 2014-02-25] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [16648 2014-02-25] (FNet Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-11-25] (Huawei Technologies Co., Ltd.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-03-22] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21048 2013-03-14] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21048 2013-03-14] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-03-14] ()
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [94456 2015-07-09] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [201976 2015-07-09] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [110840 2015-07-09] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [110840 2015-07-09] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\System32\DRIVERS\NNSNAHSL.sys [57648 2015-05-20] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [103160 2015-07-09] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [73464 2015-08-31] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [124152 2015-07-09] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [300280 2015-07-09] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [170232 2015-07-09] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [113400 2015-07-09] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [257784 2015-07-09] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [106232 2015-07-09] (Panda Security, S.L.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-02-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47672 2017-01-20] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [59448 2017-01-20] (NVIDIA Corporation)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [164088 2015-07-19] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [121592 2015-07-19] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [197880 2015-07-19] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [124152 2015-07-19] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [134392 2015-07-19] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [107768 2015-07-19] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [61712 2015-05-22] (Panda Security, S.L.)
S3 RTCore64; E:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13512 2015-12-09] ()
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2011-04-08] (Realtek Semiconductor Corporation )
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 TesMon; C:\Windows\system32\TesMon.sys [60472 2016-12-30] (Tencent)
S3 TesSafe; C:\Windows\system32\TesSafe.sys [1020968 2016-12-30] (TENCENT)
S3 TSSKX64; C:\Windows\System32\drivers\tsskx64.sys [38200 2015-08-28] (电脑管家)
R1 ui11drdr; C:\Windows\System32\DRIVERS\ui11drdr.sys [201072 2012-09-24] (1&1 Internet AG)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2017-03-25] ()
R3 XSplit_Dummy; C:\Windows\System32\drivers\xspltspk.sys [26200 2015-05-25] (SplitmediaLabs Limited)
S3 AsrSetupDrv; \??\C:\Windows\SysWOW64\Drivers\AsrSetupDrv.sys [X]
S3 BCM42RLY; system32\drivers\BCM42RLY.sys [X]
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 panda_url_filteringd; \??\C:\Program Files\Panda Security URL Filtering\panda_url_filteringd.sys [X]
S1 QMUdisk; \??\e:\games\QQPCMgr\11.1.16892.209\QMUdisk64.sys [X]
S1 softaal; \??\e:\games\QQPCMgr\11.1.16892.209\softaal64.sys [X]
S1 TsDefenseBt; \??\e:\games\QQPCMgr\11.1.16892.209\TsDefenseBT64.sys [X]
S2 tsnethlpx64; \??\e:\games\QQPCMgr\11.1.16892.209\TsNetHlpX64.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-03-25 22:22 - 2017-03-25 22:22 - 00044686 _____ C:\Users\Neslihan\Desktop\FRST.txt
2017-03-25 22:22 - 2017-03-25 22:22 - 00000000 ____D C:\FRST
2017-03-25 22:01 - 2017-03-25 22:01 - 02424832 _____ (Farbar) C:\Users\Neslihan\Desktop\FRST64.exe
2017-03-23 21:16 - 2017-03-23 21:16 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsigndf8d44c91c38c0eb
2017-03-23 21:13 - 2017-03-23 21:13 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsignfd62bc2add33fb12
2017-03-23 21:13 - 2017-03-23 21:13 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign61b5bb42634075d3
2017-03-23 19:14 - 2017-03-23 19:14 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsigncf63fec69e463626
2017-03-22 18:58 - 2017-03-22 18:58 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign6b9d7f1807479434
2017-03-22 18:54 - 2017-03-22 18:54 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsigne5af52582f90f37f
2017-03-22 18:54 - 2017-03-22 18:54 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign60de42643c6f7a23
2017-03-22 18:54 - 2017-03-22 18:54 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign5f734d3f7262e6bc
2017-03-21 17:27 - 2017-03-21 17:27 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsigndb80571007b5bdd0
2017-03-21 17:27 - 2017-03-21 17:27 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign938b02d59e98a841
2017-03-21 17:27 - 2017-03-21 17:27 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign39e73bdd6f95bf51
2017-03-21 17:27 - 2017-03-21 17:27 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign05557c3ea402652b
2017-03-19 18:07 - 2017-03-19 18:07 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign7edce2e064fea208
2017-03-19 18:07 - 2017-03-19 18:07 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign49be87d93723542d
2017-03-19 18:07 - 2017-03-19 18:07 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign2993c1475cf259f3
2017-03-19 17:04 - 2017-03-19 17:04 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign62bdafbef23c872b
2017-03-19 17:04 - 2017-03-19 17:04 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign1f993a9833221052
2017-03-19 02:22 - 2017-03-19 02:23 - 00000000 ____D C:\Users\Neslihan\Documents\Tomb Raider - Legend
2017-03-18 19:17 - 2017-03-18 19:17 - 00000916 _____ C:\Users\Public\Desktop\XSplit Broadcaster.lnk
2017-03-18 19:16 - 2017-03-18 19:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
2017-03-15 04:46 - 2017-03-15 04:46 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsigneb98a71387055f9c
2017-03-15 03:04 - 2017-03-15 03:04 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign4ca960dc3bda00a8
2017-03-15 00:51 - 2017-03-15 00:51 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsignf0d4b64949b917a9
2017-03-15 00:51 - 2017-03-15 00:51 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsignef5abc0c4fb50efc
2017-03-15 00:51 - 2017-03-15 00:51 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign14096ac8487c58e6
2017-03-14 19:01 - 2017-03-04 08:59 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-03-14 19:01 - 2017-03-04 08:51 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-03-14 19:01 - 2017-03-02 19:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-03-14 19:01 - 2017-03-02 18:53 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-03-14 19:01 - 2017-03-02 18:35 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:14 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:14 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-03-14 19:01 - 2017-02-09 17:14 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 16:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-03-14 19:01 - 2017-02-09 16:49 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 16:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 16:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 16:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-03-14 19:00 - 2017-03-04 18:24 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-03-14 19:00 - 2017-03-04 17:39 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-03-14 19:00 - 2017-03-04 09:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-03-14 19:00 - 2017-03-04 09:20 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-03-14 19:00 - 2017-03-04 09:02 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-03-14 19:00 - 2017-03-04 09:01 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-03-14 19:00 - 2017-03-04 09:01 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-03-14 19:00 - 2017-03-04 09:01 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-03-14 19:00 - 2017-03-04 09:01 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-03-14 19:00 - 2017-03-04 08:52 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-03-14 19:00 - 2017-03-04 08:48 - 25746944 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-03-14 19:00 - 2017-03-04 08:46 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-03-14 19:00 - 2017-03-04 08:45 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-03-14 19:00 - 2017-03-04 08:45 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-03-14 19:00 - 2017-03-04 08:45 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-03-14 19:00 - 2017-03-04 08:44 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-03-14 19:00 - 2017-03-04 08:36 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-03-14 19:00 - 2017-03-04 08:32 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-03-14 19:00 - 2017-03-04 08:31 - 06045696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-03-14 19:00 - 2017-03-04 08:23 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-03-14 19:00 - 2017-03-04 08:21 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-03-14 19:00 - 2017-03-04 08:16 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-03-14 19:00 - 2017-03-04 08:16 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-03-14 19:00 - 2017-03-04 08:13 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-03-14 19:00 - 2017-03-04 08:11 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-03-14 19:00 - 2017-03-04 07:57 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-03-14 19:00 - 2017-03-04 07:55 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-03-14 19:00 - 2017-03-04 07:54 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-03-14 19:00 - 2017-03-04 07:52 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-03-14 19:00 - 2017-03-04 07:52 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-03-14 19:00 - 2017-03-04 07:26 - 15259648 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-03-14 19:00 - 2017-03-04 07:25 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-03-14 19:00 - 2017-03-04 07:12 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-03-14 19:00 - 2017-03-04 07:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-03-14 19:00 - 2017-03-04 05:18 - 20281856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-03-14 19:00 - 2017-03-02 19:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-03-14 19:00 - 2017-03-02 19:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-03-14 19:00 - 2017-03-02 19:01 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-03-14 19:00 - 2017-03-02 19:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-03-14 19:00 - 2017-03-02 19:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-03-14 19:00 - 2017-03-02 18:55 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-03-14 19:00 - 2017-03-02 18:54 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-03-14 19:00 - 2017-03-02 18:51 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-03-14 19:00 - 2017-03-02 18:50 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-03-14 19:00 - 2017-03-02 18:49 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-03-14 19:00 - 2017-03-02 18:49 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-03-14 19:00 - 2017-03-02 18:41 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-03-14 19:00 - 2017-03-02 18:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-03-14 19:00 - 2017-03-02 18:32 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-03-14 19:00 - 2017-03-02 18:31 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-03-14 19:00 - 2017-03-02 18:29 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-03-14 19:00 - 2017-03-02 18:28 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-03-14 19:00 - 2017-03-02 18:22 - 04604416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-03-14 19:00 - 2017-03-02 18:21 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-03-14 19:00 - 2017-03-02 18:19 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-03-14 19:00 - 2017-03-02 18:17 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-03-14 19:00 - 2017-03-02 18:17 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-03-14 19:00 - 2017-03-02 18:11 - 13654528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-03-14 19:00 - 2017-03-02 17:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-03-14 19:00 - 2017-03-02 17:50 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-03-14 19:00 - 2017-03-02 17:50 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-03-14 19:00 - 2017-02-11 16:58 - 00462848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-03-14 19:00 - 2017-02-11 16:58 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-03-14 19:00 - 2017-02-11 16:58 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-03-14 19:00 - 2017-02-10 17:32 - 00803328 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-03-14 19:00 - 2017-02-10 17:32 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-03-14 19:00 - 2017-02-10 17:17 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2017-03-14 19:00 - 2017-02-10 17:17 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-03-14 19:00 - 2017-02-10 15:33 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-03-14 19:00 - 2017-02-09 17:36 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-03-14 19:00 - 2017-02-09 17:35 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-03-14 19:00 - 2017-02-09 17:35 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-03-14 19:00 - 2017-02-09 17:35 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-03-14 19:00 - 2017-02-09 17:35 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-03-14 19:00 - 2017-02-09 17:33 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-03-14 19:00 - 2017-02-09 17:32 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-03-14 19:00 - 2017-02-09 17:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-03-14 19:00 - 2017-02-09 17:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-03-14 19:00 - 2017-02-09 17:32 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-03-14 19:00 - 2017-02-09 17:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-03-14 19:00 - 2017-02-09 17:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-03-14 19:00 - 2017-02-09 17:32 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-03-14 19:00 - 2017-02-09 17:32 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-03-14 19:00 - 2017-02-09 17:32 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-03-14 19:00 - 2017-02-09 17:32 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-03-14 19:00 - 2017-02-09 17:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-03-14 19:00 - 2017-02-09 17:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-03-14 19:00 - 2017-02-09 17:32 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
2017-03-14 19:00 - 2017-02-09 17:32 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-03-14 19:00 - 2017-02-09 17:32 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-03-14 19:00 - 2017-02-09 17:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-03-14 19:00 - 2017-02-09 17:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-03-14 19:00 - 2017-02-09 17:31 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-03-14 19:00 - 2017-02-09 17:31 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-03-14 19:00 - 2017-02-09 17:31 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-03-14 19:00 - 2017-02-09 17:31 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-03-14 19:00 - 2017-02-09 17:31 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-03-14 19:00 - 2017-02-09 17:31 - 00625664 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2017-03-14 19:00 - 2017-02-09 17:31 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-03-14 19:00 - 2017-02-09 17:31 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-03-14 19:00 - 2017-02-09 17:31 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-03-14 19:00 - 2017-02-09 17:31 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2017-03-14 19:00 - 2017-02-09 17:31 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-03-14 19:00 - 2017-02-09 17:31 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-03-14 19:00 - 2017-02-09 17:31 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-03-14 19:00 - 2017-02-09 17:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-03-14 19:00 - 2017-02-09 17:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-03-14 19:00 - 2017-02-09 17:31 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-03-14 19:00 - 2017-02-09 17:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-03-14 19:00 - 2017-02-09 17:31 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-03-14 19:00 - 2017-02-09 17:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-03-14 19:00 - 2017-02-09 17:19 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-03-14 19:00 - 2017-02-09 17:19 - 03945192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-03-14 19:00 - 2017-02-09 17:16 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-03-14 19:00 - 2017-02-09 17:14 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-03-14 19:00 - 2017-02-09 17:14 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-03-14 19:00 - 2017-02-09 17:14 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-03-14 19:00 - 2017-02-09 17:14 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-03-14 19:00 - 2017-02-09 17:14 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-03-14 19:00 - 2017-02-09 17:14 - 00481792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2017-03-14 19:00 - 2017-02-09 17:14 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-03-14 19:00 - 2017-02-09 17:14 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-03-14 19:00 - 2017-02-09 17:14 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-03-14 19:00 - 2017-02-09 17:14 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-03-14 19:00 - 2017-02-09 17:14 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-03-14 19:00 - 2017-02-09 17:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2017-03-14 19:00 - 2017-02-09 17:14 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-03-14 19:00 - 2017-02-09 17:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-03-14 19:00 - 2017-02-09 17:14 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-03-14 19:00 - 2017-02-09 17:14 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-03-14 19:00 - 2017-02-09 17:14 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-03-14 19:00 - 2017-02-09 17:14 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-03-14 19:00 - 2017-02-09 17:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-03-14 19:00 - 2017-02-09 17:14 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-03-14 19:00 - 2017-02-09 17:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-03-14 19:00 - 2017-02-09 17:14 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-03-14 19:00 - 2017-02-09 17:14 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-03-14 19:00 - 2017-02-09 17:14 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-03-14 19:00 - 2017-02-09 17:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-03-14 19:00 - 2017-02-09 17:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-03-14 19:00 - 2017-02-09 17:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-03-14 19:00 - 2017-02-09 17:02 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-03-14 19:00 - 2017-02-09 17:00 - 03220480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-03-14 19:00 - 2017-02-09 16:59 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-03-14 19:00 - 2017-02-09 16:58 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-03-14 19:00 - 2017-02-09 16:55 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-03-14 19:00 - 2017-02-09 16:55 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-03-14 19:00 - 2017-02-09 16:55 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-03-14 19:00 - 2017-02-09 16:54 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-03-14 19:00 - 2017-02-09 16:54 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-03-14 19:00 - 2017-02-09 16:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-03-14 19:00 - 2017-02-09 16:51 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcsPlugInService.dll
2017-03-14 19:00 - 2017-02-09 16:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-03-14 19:00 - 2017-02-09 16:50 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-03-14 19:00 - 2017-02-09 16:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-03-14 19:00 - 2017-02-09 16:49 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-03-14 19:00 - 2017-02-09 15:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-03-14 19:00 - 2017-02-09 15:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-03-14 19:00 - 2017-02-06 17:14 - 00733696 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-03-14 19:00 - 2017-01-13 19:00 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2017-03-14 19:00 - 2017-01-13 19:00 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2017-03-14 19:00 - 2017-01-13 18:45 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2017-03-14 19:00 - 2017-01-13 18:45 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2017-03-14 19:00 - 2017-01-11 19:01 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2017-03-14 19:00 - 2017-01-11 19:01 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2017-03-14 19:00 - 2017-01-11 18:43 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2017-03-14 19:00 - 2017-01-11 18:43 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2017-03-14 19:00 - 2017-01-06 19:00 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-03-14 19:00 - 2017-01-06 18:44 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-03-14 18:33 - 2017-02-23 00:42 - 00084712 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-03-14 18:33 - 2017-02-23 00:37 - 01285632 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-03-14 18:33 - 2017-02-18 15:05 - 01609216 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-03-14 18:33 - 2017-02-18 15:05 - 00646656 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-03-14 18:33 - 2016-12-31 16:36 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-03-14 18:33 - 2016-12-31 16:36 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-03-14 18:33 - 2016-12-31 16:36 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-03-14 18:33 - 2016-12-31 16:36 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-03-14 18:33 - 2016-12-31 16:36 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-03-14 09:01 - 2017-03-14 09:01 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign05f5c3d3844488c3
2017-03-14 08:58 - 2017-03-14 08:58 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsigna38f4ae7ba94e769
2017-03-14 08:32 - 2017-03-14 08:32 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign19a76a8a80a1d27d
2017-03-14 08:31 - 2017-03-14 08:31 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign5259f0a813dc6f37
2017-03-14 08:24 - 2017-03-14 08:24 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign9a238826f0b8a724
2017-03-14 08:17 - 2017-03-14 08:17 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsigna15cf6525f7f16f8
2017-03-14 06:34 - 2017-03-14 06:34 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsigncd2372de63e22d65
2017-03-14 06:34 - 2017-03-14 06:34 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign303ddab9221d97b6
2017-03-14 06:34 - 2017-03-14 06:34 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign0aebfc68e533d90a
2017-03-14 06:12 - 2017-03-14 06:12 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign625b562275780c55
2017-03-14 06:10 - 2017-03-14 06:10 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsigne7fbe97d58c32c66
2017-03-14 05:46 - 2017-03-14 05:46 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign4fda5c802e32c16a
2017-03-14 05:46 - 2017-03-14 05:46 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign0c18fce3a5a32fd6
2017-03-14 05:18 - 2017-03-14 05:18 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsigncf1f9edd72789056
2017-03-14 05:18 - 2017-03-14 05:18 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign56e16e1b71d85407
2017-03-14 05:18 - 2017-03-14 05:18 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign439a51e3ac9c25c6
2017-03-14 05:17 - 2017-03-14 05:17 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign882bee4154f1702c
2017-03-13 20:59 - 2017-03-13 20:59 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign3788088892b6f25e
2017-03-13 14:30 - 2017-03-13 14:30 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsigna1cf4eb4b7978cf6
2017-03-13 14:29 - 2017-03-13 14:29 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsigncce7569a99c56917
2017-03-13 14:28 - 2017-03-13 14:28 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsignee575aedea082fcd
2017-03-13 14:28 - 2017-03-13 14:28 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign4b69bd5016b0db54
2017-03-13 14:28 - 2017-03-13 14:28 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign3d3ef6132e181240
2017-03-13 12:42 - 2017-03-13 12:42 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign2b1745fdde2929e8
2017-03-13 08:36 - 2017-03-13 08:36 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsigne52fe0a952a25ae0
2017-03-13 08:36 - 2017-03-13 08:36 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsignbe19441f5ccc3f7d
2017-03-13 08:36 - 2017-03-13 08:36 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsignb1904a5be34d8368
2017-03-13 07:53 - 2017-03-13 07:53 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsignfd931d1f93140af9
2017-03-13 07:11 - 2017-03-13 07:11 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign3bfdf3bc6658a468
2017-03-13 06:54 - 2017-03-13 06:54 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign5494f71aaf218633
2017-03-13 06:53 - 2017-03-13 06:53 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign953294dde6156a32
2017-03-13 06:49 - 2017-03-13 06:49 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign9eceebd87113727e
2017-03-13 05:51 - 2017-03-13 05:51 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign117550d388a1f2a7
2017-03-13 05:49 - 2017-03-13 05:49 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsignfec2cd7067cff811
2017-03-13 05:48 - 2017-03-13 05:48 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign99cae667b61981e1
2017-03-13 05:48 - 2017-03-13 05:48 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign912c2af5adecaf70
2017-03-13 05:46 - 2017-03-13 05:46 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign9e8ef3c8850bff80
2017-03-13 05:24 - 2017-03-13 05:24 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign8dc2a9876f691cfa
2017-03-13 04:58 - 2017-03-13 04:58 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsigndf2a16f010aecad4
2017-03-13 04:41 - 2017-03-13 04:41 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign8ee178e9ccf6c22e
2017-03-13 04:40 - 2017-03-13 04:40 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsignc2b066faff7858cc
2017-03-13 04:40 - 2017-03-13 04:40 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign3a87b62683d00b14
2017-03-13 04:02 - 2017-03-13 04:02 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsigna02fc1f627408854
2017-03-13 04:02 - 2017-03-13 04:02 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign9b44ea79fbe56291
2017-03-13 03:15 - 2017-03-13 03:15 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign2c8a83390b5b28e2
2017-03-12 15:10 - 2017-03-12 15:10 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsignaa87a2b5943753c4
2017-03-12 14:47 - 2017-03-12 14:47 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign273abf7d91d78979
2017-03-12 12:33 - 2017-03-12 12:33 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign03a8cb43e3755d71
2017-03-12 09:16 - 2017-03-12 09:16 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsignd9247430d9fb07f8
2017-03-12 07:39 - 2017-03-12 07:39 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign495109533bebc232
2017-03-12 07:39 - 2017-03-12 07:39 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign415b15f6f9776164
2017-03-12 06:22 - 2017-03-12 06:22 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign239cfce9ecb309ea
2017-03-12 05:41 - 2017-03-12 05:41 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsignd847b0767fd8206e
2017-03-12 05:34 - 2017-03-12 05:34 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign4d038378984def5b
2017-03-12 05:34 - 2017-03-12 05:34 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign11836441b8ca2800
2017-03-10 19:31 - 2017-03-10 19:31 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsignefb77ac9f46c8885
2017-03-10 18:20 - 2017-03-10 18:20 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign3437ded8bd76c275
2017-03-10 16:20 - 2017-03-10 16:20 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign42ca768a24fd7163
2017-03-10 15:43 - 2017-03-10 15:43 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign619ee5881d635b74
2017-03-10 15:07 - 2017-03-10 15:07 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsignc3d353708860cb12
2017-03-10 15:00 - 2017-03-10 15:00 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign8a1bd38b8301b694
2017-03-10 14:18 - 2017-03-10 14:18 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign96756aad01b87220
2017-03-10 13:16 - 2017-03-10 13:16 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsigna869d107c5d9fb8c
2017-03-10 13:15 - 2017-03-10 13:15 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsignfdde206322f4f403
2017-03-10 12:22 - 2017-03-10 12:22 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsigne22cb56c4baeee05
2017-03-10 12:22 - 2017-03-10 12:22 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign19d1c54040a068eb
2017-03-08 19:23 - 2017-03-08 19:23 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign38ded6488edea3de
2017-03-08 19:21 - 2017-03-08 19:21 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsignf04a034f70fd4c96
2017-03-08 19:21 - 2017-03-08 19:21 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsigna29c454c6fc1e230
2017-03-08 19:21 - 2017-03-08 19:21 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign429dcb279273e1a0
2017-03-08 14:08 - 2017-03-08 14:08 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsignb14fbe6dd2fa7c33
2017-03-08 14:08 - 2017-03-08 14:08 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign31e9a07bdd41e2a2
2017-03-08 14:04 - 2017-03-08 14:04 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsignbe91615a796ecbb3
2017-03-08 14:04 - 2017-03-08 14:04 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign06edc387a0021eac
2017-03-05 14:48 - 2017-03-05 14:48 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign835214551bdab20b
2017-03-05 14:11 - 2017-03-05 14:11 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign6b7588698b471b9c
2017-03-05 14:07 - 2017-03-05 14:07 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsignd3f3b00e27aac296
2017-03-05 14:05 - 2017-03-05 14:05 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign47904763b1a0c18b
2017-03-05 13:46 - 2017-03-05 13:46 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign8d0bade2f469ca8a
2017-03-05 13:46 - 2017-03-05 13:46 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign2d991fca5ea9fb5d
2017-03-05 11:57 - 2017-03-05 11:57 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign94ed36450b5169ea
2017-03-05 11:55 - 2017-03-05 11:55 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign88d8e739766bdba9
2017-03-05 11:54 - 2017-03-05 11:54 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsigna2f698cdf070c2fd
2017-03-05 11:53 - 2017-03-05 11:53 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsigncd2be3babab79827
2017-03-05 11:53 - 2017-03-05 11:53 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign8cf69fbe3711474b
2017-03-05 11:53 - 2017-03-05 11:53 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign876a68f00798f6e3
2017-03-05 11:53 - 2017-03-05 11:53 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign012e921f6a749f34
2017-03-05 06:32 - 2017-03-05 06:32 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign31f5c4a99661b77e
2017-03-05 04:24 - 2017-03-05 04:24 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsigna3311df5d23a5e5a
2017-03-05 04:24 - 2017-03-05 04:24 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign8654d848065f6b6e
2017-03-05 04:24 - 2017-03-05 04:24 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign3a38656a0e08befc
2017-03-03 16:06 - 2017-03-03 16:06 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign6893b9bee712a773
2017-03-03 16:06 - 2017-03-03 16:06 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign52fd9e23ec38e86d
2017-03-02 02:36 - 2017-03-02 02:36 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsigne0a8783060e6063b
2017-03-02 02:33 - 2017-03-02 02:33 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign2d573d36a7c42ecd
2017-03-02 02:33 - 2017-03-02 02:33 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign133cea06596ae90b
2017-03-02 02:33 - 2017-03-02 02:33 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign0af826f9836e726e
2017-03-01 06:50 - 2017-03-01 06:50 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsignc2dd5776b774c331
2017-03-01 06:46 - 2017-03-01 06:46 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign787cca1634e72c57
2017-03-01 06:26 - 2017-03-01 06:26 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsignceaf4b08691235ec
2017-03-01 06:21 - 2017-03-01 06:21 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign21634f6767d5fa18
2017-03-01 06:17 - 2017-03-01 06:17 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign9762b7fac04a4434
2017-03-01 06:07 - 2017-03-01 06:07 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsigne2d48c6b639c2c4e
2017-03-01 06:07 - 2017-03-01 06:07 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign7a8f9954848f4b84
2017-03-01 06:07 - 2017-03-01 06:07 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign2d8ae92b0ffcf353
2017-02-26 01:38 - 2017-02-26 01:38 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsigne4eec0e952b59ccc
2017-02-26 01:38 - 2017-02-26 01:38 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsignc548f0c7aefb2c3e
2017-02-26 01:36 - 2017-02-26 01:36 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign765c3d561f706472
2017-02-26 01:36 - 2017-02-26 01:36 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign34e2a9f71067d2c9
2017-02-25 19:13 - 2017-02-25 19:13 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsignc07647b8671ac18f
2017-02-25 19:02 - 2017-02-25 19:02 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign9a96748222dc59e2
2017-02-25 19:02 - 2017-02-25 19:02 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign47357fa607bb2f8b
2017-02-25 19:01 - 2017-02-25 19:01 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign35d61fe4df6244f1
2017-02-25 19:00 - 2017-02-25 19:00 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsignaa69387f1fc1d647
2017-02-25 19:00 - 2017-02-25 19:00 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign8a66b98530dc7cc7
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-03-25 22:21 - 2014-09-25 22:35 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Last.fm
2017-03-25 22:11 - 2015-07-31 00:12 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Ubisoft Game Launcher
2017-03-25 12:46 - 2016-10-26 04:44 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Battle.net
2017-03-25 12:25 - 2015-11-09 23:00 - 00000000 ____D C:\ProgramData\NVIDIA
2017-03-25 12:02 - 2009-07-14 05:45 - 00031680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-25 12:02 - 2009-07-14 05:45 - 00031680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-25 12:00 - 2014-02-25 15:57 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Adobe
2017-03-25 11:55 - 2011-04-12 08:43 - 00689954 _____ C:\Windows\system32\perfh007.dat
2017-03-25 11:55 - 2011-04-12 08:43 - 00149424 _____ C:\Windows\system32\perfc007.dat
2017-03-25 11:55 - 2009-07-14 06:13 - 01623190 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-25 11:55 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-03-25 11:51 - 2015-09-03 14:50 - 00000000 ____D C:\Users\Neslihan\AppData\Roaming\WTablet
2017-03-25 11:49 - 2017-01-11 19:18 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2017-03-25 11:49 - 2014-02-25 15:39 - 00034752 _____ C:\Windows\system32\Drivers\WPRO_41_2001.sys
2017-03-25 11:49 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-24 20:48 - 2015-09-30 16:18 - 00000000 ____D C:\Users\Neslihan\AppData\Roaming\Spotify
2017-03-24 20:48 - 2015-09-30 16:18 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Spotify
2017-03-24 18:26 - 2015-03-11 15:49 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-03-24 18:25 - 2014-03-16 23:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-03-19 17:03 - 2016-11-10 01:14 - 00000033 _____ C:\Users\Neslihan\AppData\Roaming\AdobeWLCMCache.dat
2017-03-18 21:46 - 2014-03-29 00:04 - 00000000 ____D C:\Users\Neslihan\AppData\Local\CrashDumps
2017-03-18 20:35 - 2017-02-16 01:34 - 00003852 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-18 20:35 - 2017-02-16 01:34 - 00001412 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-03-18 20:35 - 2017-02-16 01:33 - 00004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-18 20:35 - 2017-02-16 01:33 - 00003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-18 20:35 - 2017-02-16 01:33 - 00003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-18 20:35 - 2017-02-16 01:33 - 00003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-18 20:35 - 2017-02-16 01:33 - 00003554 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-18 20:35 - 2017-02-16 01:33 - 00003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-18 20:35 - 2014-02-25 23:13 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-03-18 20:35 - 2014-02-25 23:13 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-03-18 20:35 - 2014-02-25 23:11 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-03-15 19:43 - 2017-01-11 21:20 - 00000000 ____D C:\Windows\rescache
2017-03-15 19:18 - 2017-01-01 15:49 - 07385264 _____ C:\Windows\system32\FNTCACHE.DAT
2017-03-15 19:18 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\DVD Maker
2017-03-15 11:55 - 2014-04-04 22:45 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-03-15 11:55 - 2014-04-04 22:45 - 00004366 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-03-15 11:55 - 2014-04-04 22:45 - 00000000 ____D C:\Windows\system32\Macromed
2017-03-15 11:55 - 2014-02-26 22:01 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-03-15 11:55 - 2014-02-26 22:01 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-03-14 23:21 - 2014-12-11 17:22 - 00000000 ____D C:\Windows\system32\appraiser
2017-03-14 23:21 - 2014-04-24 10:49 - 00000000 ___SD C:\Windows\system32\CompatTel
2017-03-14 19:05 - 2014-02-26 02:00 - 00000000 ____D C:\Windows\system32\MRT
2017-03-14 19:03 - 2014-02-26 02:00 - 138634176 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-03-14 08:56 - 2017-02-01 19:11 - 00001456 _____ C:\Users\Neslihan\AppData\Local\Adobe Save for Web 13.0 Prefs
2017-03-05 12:35 - 2016-11-30 23:55 - 00000000 ____D C:\Users\Neslihan\AppData\LocalLow\Mozilla
2017-02-23 19:35 - 2017-02-16 01:34 - 01880512 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2017-02-23 19:35 - 2017-02-16 01:34 - 01755072 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2017-02-23 19:35 - 2017-02-16 01:34 - 01468864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2017-02-23 19:35 - 2017-02-16 01:34 - 01317312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2017-02-23 19:35 - 2017-02-16 01:34 - 00120256 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2017-02-23 15:32 - 2017-02-16 01:33 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2017-02-23 15:30 - 2017-02-16 01:33 - 00001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2017-02-23 00:56 - 2016-12-29 15:25 - 00002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-09-22 20:06 - 2016-01-02 00:53 - 0000132 _____ () C:\Users\Neslihan\AppData\Roaming\Adobe GIF-Format CC - Voreinstellungen
2014-08-06 11:44 - 2015-02-03 00:43 - 0000132 _____ () C:\Users\Neslihan\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2016-11-10 01:14 - 2017-03-19 17:03 - 0000033 _____ () C:\Users\Neslihan\AppData\Roaming\AdobeWLCMCache.dat
2016-12-27 18:50 - 2016-12-27 18:51 - 45331960 _____ (Tencent Inc.) C:\Users\Neslihan\AppData\Roaming\TXQBINSTX2.EXE
2015-09-10 17:47 - 2015-09-10 17:47 - 0000005 _____ () C:\Users\Neslihan\AppData\Roaming\version.ini
2014-03-01 17:43 - 2017-01-29 00:28 - 0001456 _____ () C:\Users\Neslihan\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2017-02-01 19:11 - 2017-03-14 08:56 - 0001456 _____ () C:\Users\Neslihan\AppData\Local\Adobe Save for Web 13.0 Prefs
2014-02-26 20:22 - 2015-08-19 02:05 - 0007605 _____ () C:\Users\Neslihan\AppData\Local\resmon.resmoncfg
2014-02-25 15:30 - 2014-02-25 15:30 - 0000003 _____ () C:\Users\Neslihan\AppData\Local\user_data.ini
2015-11-05 21:35 - 2016-12-30 21:24 - 0000271 _____ () C:\ProgramData\DP0004.dat
2015-10-26 21:40 - 2015-10-26 21:40 - 0000128 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\DP0004.dat
Einige Dateien in TEMP:
====================
2017-02-07 09:12 - 2017-02-07 09:12 - 0739904 _____ (Oracle Corporation) C:\Users\Neslihan\AppData\Local\Temp\jre-8u121-windows-au.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-03-24 19:01
==================== Ende von FRST.txt ============================
|
|
26.03.2017, 03:56
| #6 |
| | Ungewollte Browserextension / Verlangsamtes Laden (Chrome) ADDITION Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-03-2017
durchgeführt von Neslihan (25-03-2017 22:22:54)
Gestartet von C:\Users\Neslihan\Desktop
Windows 7 Professional Service Pack 1 (X64) (2014-02-25 13:50:22)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2601677052-3802215475-160921258-500 - Administrator - Disabled)
Gast (S-1-5-21-2601677052-3802215475-160921258-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-2601677052-3802215475-160921258-1002 - Limited - Enabled)
Neslihan (S-1-5-21-2601677052-3802215475-160921258-1000 - Administrator - Enabled) => C:\Users\Neslihan
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Panda Free Antivirus (Enabled - Up to date) {AAF74A68-8713-CDF1-004F-30003398BE9E}
AS: Panda Free Antivirus (Enabled - Up to date) {1196AB8C-A129-C27F-3AFF-0B72481FF423}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Firewall (Disabled) {92CCCB4D-CD7C-CCA9-2B10-9935CD4BF9E5}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
ÃÀͼ¿´¿´ 2.2.7 (HKU\S-1-5-21-2601677052-3802215475-160921258-1000\...\ÃÀͼ¿´¿´) (Version: 2.2.7 - Meitu, Inc.)
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.124 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.5.353 - Adobe Systems Incorporated)
Adobe Flash Player 25 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Adobe Illustrator CC 2017 (HKLM-x32\...\ILST_21_0_2) (Version: 21.0.2 - Adobe Systems Incorporated)
Adobe InDesign CC 2017 (HKLM-x32\...\IDSN_12_0_0) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0_1) (Version: 18.0.1 - Adobe Systems Incorporated)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.2 - Adobe Systems, Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-2601677052-3802215475-160921258-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Amazon Cloud Player (HKU\S-1-5-21-2601677052-3802215475-160921258-1000\...\Amazon Amazon Cloud Player) (Version: 2.3.0.422 - Amazon Services LLC)
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version: 1.17.1.44184 - Amazon)
AndreaMosaic 3.35.01 (HKLM-x32\...\AndreaMosaic) (Version: - )
Apple Application Support (32-Bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ASRock App Charger v1.0.5 (HKLM\...\ASRock App Charger_is1) (Version: - ASRock Inc.)
ASRock SmartConnect v1.0.6 (HKLM\...\ASRock SmartConnect_is1) (Version: - ASRock Inc.)
ASRock XFast RAM v2.0.28 (HKLM\...\ASRock XFast RAM_is1) (Version: - ASRock Inc.)
A-Tuning v1.0.17 (HKLM-x32\...\A-Tuning_is1) (Version: 1.0.17 - )
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Blade & Soul (HKLM-x32\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.260 - NC Interactive, LLC)
Blade & Soul (x32 Version: 1.0.63.260 - NC Interactive, LLC) Hidden
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.20 - Piriform)
Child of Light (HKLM-x32\...\Uplay Install 609) (Version: - Ubisoft)
cv act sc/interface - Admin Edition (64-Bit) (HKLM\...\{05A84E0B-67C4-4ACA-8CAD-F62673D4C194}) (Version: 6.0.15 - cv cryptovision GmbH)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DC Universe Online (HKU\S-1-5-21-2601677052-3802215475-160921258-1000\...\DGC-DC Universe Online) (Version: 1.0.3.192 - Daybreak Game Company)
DC Universe Online Live (HKU\S-1-5-21-2601677052-3802215475-160921258-1000\...\DG0-DC Universe Online Live) (Version: - Sony Online Entertainment)
Discord (HKU\S-1-5-21-2601677052-3802215475-160921258-1000\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
FileZilla Client 3.17.0.1 (HKLM-x32\...\FileZilla Client) (Version: 3.17.0.1 - Tim Kosse)
For Honor Open Beta (HKLM\...\Steam App 572600) (Version: - Ubisoft Montreal)
ForHonor (HKLM-x32\...\Uplay Install 569) (Version: - Ubisoft)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
H1Z1: Just Survive (HKLM\...\Steam App 295110) (Version: - Daybreak Game Company)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
inSSIDer Home (HKLM-x32\...\{9E54E4AE-B67A-4925-8E92-0E1F9817FD73}) (Version: 3.1.2.1 - MetaGeek, LLC)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel(R) Network Connections 18.2.63.0 (HKLM\...\PROSetDX) (Version: 18.2.63.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.5.0.1066 - Intel Corporation)
Intel(R) Small Business Advantage (HKLM-x32\...\{6A6D86CD-B004-46b7-8951-7BB75A776F8C}) (Version: 2.0.30.6644 - Intel(R) Corporation)
Intel(R) Smart Connect Technology 4.1 x64 (HKLM\...\{1EF24D7D-7B14-4EBA-A686-9E91C9C6763D}) (Version: 4.1.40.2143 - Intel)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel(R) Update Manager (x32 Version: 1.0.0.36888 - Intel Corporation) Hidden
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.0.0.100 - Intel Corporation)
IsoBuster 3.3 (HKLM-x32\...\IsoBuster3_is1) (Version: 3.3 - Smart Projects)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Last.fm Scrobbler 2.1.37 (HKLM-x32\...\LastFM_is1) (Version: - Last.fm)
Lioncast LM30 Gaming Mouse Version 1.1 (HKLM-x32\...\{BF8BC0AC-979B-4085-8F94-7933AF19CBD2}_is1) (Version: 1.1 - LIONCAST)
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Magic ISO Maker v5.5 (build 0281) (HKLM-x32\...\Magic ISO Maker v5.5 (build 0281)) (Version: - )
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Expression Web 4 (HKLM-x32\...\Web_4.0.1460.0) (Version: 4.0.1460.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.7369.2120 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2601677052-3802215475-160921258-1000\...\OneDriveSetup.exe) (Version: 17.3.5951.0827 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 50.1.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 de)) (Version: 50.1.0 - Mozilla)
Mozilla Firefox 51.0.1 (x86 de) (HKU\S-1-5-21-2601677052-3802215475-160921258-1000\...\Mozilla Firefox 51.0.1 (x86 de)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.1.5828 - Mozilla)
MSI Afterburner 4.2.0 (HKLM-x32\...\Afterburner) (Version: 4.2.0 - MSI Co., LTD)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version: - NCSOFT)
Nero 9 Lite (HKLM-x32\...\{7edf2ecd-a3de-4e25-8e3f-51e7baafa7bb}) (Version: - Nero AG)
NETGEAR A6200 Genie (HKLM-x32\...\{48E61F3E-61D4-42A3-9D29-D0CF40838779}) (Version: 26.0.0.0 - NETGEAR)
Nexon Launcher (HKLM-x32\...\Nexon Nexon Launcher) (Version: 1.2.0 - Nexon)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.2.2 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 359.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 359.06 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.4.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.4.0.70 - NVIDIA Corporation)
NVIDIA Grafiktreiber 359.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.06 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
NvNodejs (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.3.16.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7369.2120 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7369.2120 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7369.2120 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7369.2120 - Microsoft Corporation) Hidden
One Piece Pirate Warriors 3 (HKLM-x32\...\One Piece Pirate Warriors 3_is1) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenVPN 2.3.4-I002 (HKLM\...\OpenVPN) (Version: 2.3.4-I002 - )
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Panda Devices Agent (x32 Version: 1.03.07 - Panda Security) Hidden
Panda Devices Agent (x32 Version: 1.06.00 - Panda Security) Hidden
Panda Free Antivirus (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 16.0.2 - Panda Security)
Panda Free Antivirus (Version: 8.04.00.0000 - Panda Security) Hidden
Panda Security Toolbar (HKLM-x32\...\pandasecuritytb) (Version: 4.3.1.9 - Panda Security and Visicom Media Inc.)
PatchCleaner (HKLM-x32\...\{727DA176-50BB-452C-8DB5-96EE0A573ED4}) (Version: 1.4.20 - HomeDev)
Poedit (HKLM-x32\...\{68EB2C37-083A-4303-B5D8-41FA67E50B8F}_is1) (Version: 1.8.8 - Vaclav Slavik)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6865 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RUBICon (HKLM-x32\...\{438134D3-0BD4-4C52-8575-5B2B63AD01C2}) (Version: 2.0.25 - RUB)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
SHIELD Streaming (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
Spotify (HKU\S-1-5-21-2601677052-3802215475-160921258-1000\...\Spotify) (Version: 1.0.47.13.gd8e05b1f - Spotify AB)
Star Citizen Launcher (HKU\S-1-5-21-2601677052-3802215475-160921258-1000\...\Star Citizen Launcher) (Version: 00.01.00.00 - Cloud Imperium Games)
Stardew Valley (HKLM\...\Steam App 413150) (Version: - ConcernedApe)
Stifttablett (HKLM-x32\...\Pen Tablet Driver) (Version: - Wacom Technology Corp.)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Team Fortress 2 (HKLM\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The Witcher 3: Wild Hunt (HKLM\...\Steam App 292030) (Version: - CD PROJEKT RED)
TouchChip USB Driver 2.20 (Version: 2.20.0.0196 - AuthenTec Inc.) Hidden
TreeSize Free V3.4.5 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.4.5 - JAM Software)
Tunatic (HKLM-x32\...\Tunatic) (Version: - )
TwitchAlerts (HKU\S-1-5-21-2601677052-3802215475-160921258-1000\...\fb3f6ca9b67f53a3) (Version: 1.0.0.8 - TwitchAlerts)
UE4 Prerequisites (x64) (HKLM-x32\...\{9514471f-b41e-41f7-af03-7da1d05b279e}) (Version: 1.0.8.0 - Epic Games, Inc.)
UE4 Prerequisites (x64) (Version: 1.0.8.0 - Epic Games, Inc.) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.40 (64-位) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
XFast LAN v6.61 (HKLM\...\XFast LAN) (Version: 6.61 - cFos Software GmbH, Bonn)
XFastUSB (HKLM-x32\...\XFastUSB) (Version: 3.02.31 - ASRock Inc.)
XSplit Broadcaster (HKLM-x32\...\{D03A2557-75B6-43EB-A4E5-0D6599A0C1FF}) (Version: 2.9.1701.1616 - SplitmediaLabs)
天涯明月刀 (HKLM-x32\...\天涯明月刀) (Version: - Tencent)
美图秀秀 4.0.1 (HKLM-x32\...\美图秀秀) (Version: - 美图网)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
HKU\S-1-5-21-2601677052-3802215475-160921258-1000\...\ChromeHTML: -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2601677052-3802215475-160921258-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0E61B214-E0C3-498C-90C7-4BCFC481634E} - \{819010D2-A0A3-49B0-AD47-F6FA41C287BE} -> Keine Datei <==== ACHTUNG
Task: {0EE0FDF9-B8EC-42D4-934B-194629235E95} - \{7716F4DC-9C3B-48F6-BD2D-D246152D50D5} -> Keine Datei <==== ACHTUNG
Task: {11621090-C6FF-4862-A84C-102D9D1A6070} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-03-05] (Microsoft Corporation)
Task: {182E280A-3024-4A3E-9578-4AA48FFF352A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-03-08] (Microsoft Corporation)
Task: {26A02431-EB4C-4A34-9168-B30C2ACE784F} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {2A9979F9-30A5-4D14-BAF8-B576C4F45429} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-02-23] (NVIDIA Corporation)
Task: {2E4351C9-377F-44B0-B875-70E3240BB284} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {2FE80C6B-6DD8-4DBC-8658-343117A6507F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {3242145C-4CAA-4AD0-8A59-9BE8E85B5D28} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {3FCD1689-C888-4C9E-92AE-FF38E0B76E38} - \{FB56A103-64B6-478E-A049-9B2D3062D7F5} -> Keine Datei <==== ACHTUNG
Task: {483CAB98-8A98-4031-BD4D-C806683CBFFC} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {4D52E475-C2D2-49A7-8244-B047655FEE7D} - \{5CD14BEA-4EA5-4E55-BEB2-096A9CEE323F} -> Keine Datei <==== ACHTUNG
Task: {506376F9-CF2E-45E8-BEA8-D8AED3DBC36F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-03-08] (Microsoft Corporation)
Task: {5428638B-1793-4D06-8160-E59DA94B6C03} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-02-23] (NVIDIA Corporation)
Task: {56E59397-8449-45D0-9A21-03E9519C7E1B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-07-13] (Piriform Ltd)
Task: {6A218976-BADF-41B1-B607-6EAAFC6F59AA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {7BE7A42F-0BDA-4D9F-A4F1-BE9569EB0545} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {7FDF5ED5-DB32-4865-8468-28D21E9FC9B0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-03-05] (Microsoft Corporation)
Task: {8E126DD9-3CD4-42BC-9D6D-C188C6B9A8F5} - \{44055574-0B85-44F3-A1C4-682E2FDE5C62} -> Keine Datei <==== ACHTUNG
Task: {92CDE40B-714D-4FFB-80BC-A591B91ACA43} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-03-08] (Microsoft Corporation)
Task: {9D86EFAD-6408-42DB-9C16-738DAA4D127B} - \{A13CFA64-A305-4CF8-B147-201BD908448B} -> Keine Datei <==== ACHTUNG
Task: {A359D49F-D812-483C-8C6D-454C4C9B0B37} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-02-23] (NVIDIA Corporation)
Task: {B31857D6-A81B-4D2A-94CC-E4489ED3136A} - System32\Tasks\AdobeAAMUpdater-1.0-Neslihan-PC-Neslihan => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {B47AC53A-91CF-4DC1-8812-1662818008D1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {BE0E3003-791E-4AEE-8414-A681F40CB476} - \{751E6175-316C-4642-809F-78BBE16BC1BB} -> Keine Datei <==== ACHTUNG
Task: {C1C8B78C-68BE-463D-ACBF-7A7EC3F8249E} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {DDBC4148-291F-4637-A8C9-2AC78F191579} - \{4ABDB9BE-1FF9-4E66-945F-902C72DA8C8F} -> Keine Datei <==== ACHTUNG
Task: {DEB6B19A-37D8-40C9-A00A-C6F124692FC5} - \{F0BA206F-7AF8-4FDB-B502-BE05D000D02D} -> Keine Datei <==== ACHTUNG
Task: {E01E7AA4-F6F0-43B9-9C73-258B96A2E328} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-15] (Adobe Systems Incorporated)
Task: {F6379081-512D-4EE8-BB0D-A2ED7CB25B94} - \{EEECA145-83F4-4879-86D0-176A6725C669} -> Keine Datei <==== ACHTUNG
Task: {FD5FA2A4-FE12-4075-B15C-C140815E24C7} - \{2C3E5067-F04D-40F9-8187-D7C85417554E} -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\Neslihan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.istartsurf.com/?type=sc&ts=1427555536&from=tugs&uid=ST1000DM003-1CH162_Z1D574ZAXXXXZ1D574ZA
ShortcutWithArgument: C:\Users\Neslihan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\TwitchAlerts Stream Labels.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=kgmggmdngboajiakmbpdknfpdelbjbcg
ShortcutWithArgument: C:\Users\Neslihan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.istartsurf.com/?type=sc&ts=1427555536&from=tugs&uid=ST1000DM003-1CH162_Z1D574ZAXXXXZ1D574ZA
ShortcutWithArgument: C:\Users\Neslihan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\TwitchAlerts Stream Labels.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=kgmggmdngboajiakmbpdknfpdelbjbcg
ShortcutWithArgument: C:\Users\Neslihan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\a06339e9776d4569\Instagram for Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=opnbmdkdflhjiclaoiiifmheknpccalb
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-11-09 23:00 - 2015-11-24 19:40 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-11-25 07:16 - 2016-11-25 07:16 - 00192200 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2013-03-14 14:42 - 2013-03-14 14:42 - 00182248 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-03-14 14:42 - 2013-03-14 14:42 - 00059880 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2017-02-16 01:33 - 2017-02-23 19:35 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-02-16 01:33 - 2017-02-23 19:35 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2014-03-04 15:46 - 2012-09-24 17:28 - 00029984 _____ () C:\Program Files (x86)\NETGEAR\A6200\WifiService.exe
2014-11-18 00:07 - 2013-01-30 20:36 - 00329872 ____N () C:\Program Files (x86)\XSManager\WTGService.exe
2016-10-25 09:57 - 2016-10-25 09:57 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-05-09 08:22 - 2016-05-09 08:22 - 00052912 _____ () E:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2016-09-17 19:02 - 2015-05-25 17:21 - 03171840 _____ () C:\Program Files (x86)\Lioncast LM30 Gaming Mouse\LCMon.exe
2016-12-23 18:21 - 2016-12-23 18:21 - 31723696 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2013-04-12 18:23 - 2013-04-12 18:23 - 00612664 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll
2015-08-26 01:42 - 2017-02-23 19:35 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2017-02-16 01:33 - 2017-02-23 19:35 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-02-16 01:33 - 2017-02-23 19:35 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2014-03-04 15:46 - 2013-02-18 16:13 - 00106496 _____ () C:\Program Files (x86)\NETGEAR\A6200\GWlanController.dll
2014-03-04 15:46 - 2013-03-26 17:00 - 00018944 _____ () C:\Program Files (x86)\NETGEAR\A6200\GWPSController.dll
2017-01-11 23:00 - 2017-01-04 14:28 - 01958912 _____ () C:\Users\Neslihan\AppData\Local\Discord\app-0.0.297\ffmpeg.dll
2017-01-12 22:49 - 2017-01-12 22:49 - 01082880 _____ () \\?\C:\Users\Neslihan\AppData\Roaming\discord\0.0.297\modules\discord_voice\discord_voice.node
2017-01-12 22:49 - 2017-01-12 22:49 - 03750400 _____ () \\?\C:\Users\Neslihan\AppData\Roaming\discord\0.0.297\modules\discord_voice\libdiscord.dll
2017-01-12 22:49 - 2017-01-12 22:49 - 00914432 _____ () \\?\C:\Users\Neslihan\AppData\Roaming\discord\0.0.297\modules\discord_utils\discord_utils.node
2017-02-16 14:20 - 2017-02-16 14:20 - 00062464 _____ () E:\Program Files (x86)\SplitmediaLabs\XSplit Broadcaster\ftl.dll
2016-09-17 19:02 - 2011-01-26 23:53 - 00028160 _____ () C:\Program Files (x86)\Lioncast LM30 Gaming Mouse\uiHook.dll
2016-12-09 15:09 - 2016-12-09 15:09 - 52051544 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2017-01-11 23:00 - 2017-01-04 14:28 - 02278912 _____ () C:\Users\Neslihan\AppData\Local\Discord\app-0.0.297\libglesv2.dll
2017-01-11 23:00 - 2017-01-04 14:28 - 00096768 _____ () C:\Users\Neslihan\AppData\Local\Discord\app-0.0.297\libegl.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 00010240 _____ () E:\Adobe Documents\Acrobat DC\Acrobat\locale\de_de\acrotray.deu
2016-05-09 08:22 - 2016-05-09 08:22 - 00048816 _____ () E:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2017-03-25 11:51 - 2017-03-25 11:51 - 00148992 _____ () \\?\C:\Users\Neslihan\AppData\Local\Temp\A9E5.tmp.node
2017-01-12 22:49 - 2017-01-12 22:49 - 02658304 _____ () \\?\C:\Users\Neslihan\AppData\Roaming\discord\0.0.297\modules\discord_rpc\discord_rpc.node
2017-01-12 22:49 - 2017-03-24 18:09 - 02665976 _____ () \\?\C:\Users\Neslihan\AppData\Roaming\discord\0.0.297\modules\discord_contact_import\discord_contact_import.node
2016-12-02 01:54 - 2016-12-02 01:54 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2016-12-02 01:54 - 2016-12-02 01:54 - 00223232 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2016-12-02 01:54 - 2016-12-02 01:54 - 00117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2016-12-02 01:54 - 2016-12-02 01:54 - 00124928 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2016-12-09 15:09 - 2016-12-09 15:09 - 00110680 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin7.dll
2016-12-02 01:54 - 2016-12-02 01:54 - 00086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2016-10-10 23:15 - 2016-10-10 23:15 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\fs-ext\build\Release\fs-ext.node
2016-10-10 23:15 - 2016-10-10 23:15 - 00117760 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ref\build\Release\binding.node
2016-10-10 23:15 - 2016-10-10 23:15 - 00125440 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ffi\build\Release\ffi_bindings.node
2016-10-10 23:17 - 2016-10-10 23:17 - 00223232 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2016-12-09 15:02 - 2016-12-09 15:02 - 00110680 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin7.dll
2016-10-10 23:14 - 2016-10-10 23:14 - 00121856 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\bufferutil\build\Release\bufferutil.node
2016-10-10 23:14 - 2016-10-10 23:14 - 00166400 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\idle-gc\build\Release\idle-gc.node
2017-02-16 01:33 - 2017-02-23 15:30 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2017-02-16 01:33 - 2017-02-23 15:30 - 00252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2017-02-16 01:33 - 2017-02-23 15:30 - 02443320 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2017-02-16 01:33 - 2017-02-23 15:30 - 00385592 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2017-02-16 01:33 - 2017-02-23 15:30 - 00543288 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2017-02-16 01:33 - 2017-02-23 15:30 - 00468536 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2017-02-07 18:16 - 2017-02-01 10:01 - 01870168 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-07 18:16 - 2017-02-01 10:01 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
2017-03-25 22:11 - 2017-03-25 22:11 - 00014336 _____ () C:\Users\Neslihan\AppData\Local\Temp\WDEF7B2.tmp\ml_online.lng
2017-03-25 22:11 - 2017-03-25 22:11 - 00036352 _____ () C:\Users\Neslihan\AppData\Local\Temp\WDEF7B2.tmp\ombrowser.lng
2014-09-25 22:35 - 2015-04-20 01:00 - 00738784 _____ () E:\Program Files (x86)\Last.fm\unicorn.dll
2014-09-25 22:35 - 2015-04-20 01:00 - 00034784 _____ () E:\Program Files (x86)\Last.fm\logger.dll
2014-09-25 22:35 - 2015-04-20 01:00 - 00353248 _____ () E:\Program Files (x86)\Last.fm\lastfm.dll
2014-09-25 22:35 - 2015-04-20 01:00 - 00128992 _____ () E:\Program Files (x86)\Last.fm\listener.dll
2014-09-25 22:35 - 2015-04-20 00:59 - 00304608 _____ () E:\Program Files (x86)\Last.fm\phonon.dll
2015-04-26 17:50 - 2015-04-20 01:00 - 00184800 _____ () E:\Program Files (x86)\Last.fm\plugins\phonon_backend\phonon_vlc.dll
2014-09-25 22:35 - 2015-04-20 00:59 - 00113120 _____ () E:\Program Files (x86)\Last.fm\libvlc.dll
2014-09-25 22:35 - 2015-04-20 00:59 - 02288608 _____ () E:\Program Files (x86)\Last.fm\libvlccore.dll
2015-04-26 17:50 - 2015-04-20 01:00 - 00051680 _____ () E:\Program Files (x86)\Last.fm\plugins\audio_output\libaout_directx_plugin.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-2601677052-3802215475-160921258-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-2601677052-3802215475-160921258-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-2601677052-3802215475-160921258-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-2601677052-3802215475-160921258-1000\...\sony.com -> sony.com
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2015-03-26 01:26 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2601677052-3802215475-160921258-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Neslihan\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: Amazon Cloud Player => "C:\Users\Neslihan\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe"
MSCONFIG\startupreg: EADM => "E:\Games\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: GIZMO2 => "C:\Program Files (x86)\GIZMO2\GIZMO.exe" -BootProcess
MSCONFIG\startupreg: LWS => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
MSCONFIG\startupreg: XFast LAN => C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe
MSCONFIG\startupreg: XFastUSB => "C:\Program Files (x86)\XFastUSB\XFastUsb.exe"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{20BC7E89-392A-4205-84C9-44ADBA795383}E:\program files\openvpn\bin\openvpn.exe] => (Allow) E:\program files\openvpn\bin\openvpn.exe
FirewallRules: [UDP Query User{D23DF202-AF12-4852-A036-8A01E019C17B}E:\program files\openvpn\bin\openvpn.exe] => (Allow) E:\program files\openvpn\bin\openvpn.exe
FirewallRules: [TCP Query User{6360BCB9-7366-45C3-984E-D7226224C707}E:\program files\openvpn\bin\openvpn.exe] => (Allow) E:\program files\openvpn\bin\openvpn.exe
FirewallRules: [UDP Query User{8DB18B96-A706-4006-B625-3DC281453463}E:\program files\openvpn\bin\openvpn.exe] => (Allow) E:\program files\openvpn\bin\openvpn.exe
FirewallRules: [{211DC86D-591B-4451-AD01-534F509CEC12}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{305DECB8-BAFD-4F69-9CF9-4630DEAA0AD8}] => (Allow) LPort=2869
FirewallRules: [{549BF946-3002-4565-989F-A7C414B0F6E3}] => (Allow) LPort=1900
FirewallRules: [{3316B31C-2618-4552-901E-261EA5883023}] => (Allow) E:\Program Files (x86)\Hearthstone\Hearthstone\Hearthstone.exe
FirewallRules: [{515DEA60-FBA6-45FD-A823-30786F47959A}] => (Allow) E:\Program Files (x86)\Hearthstone\Hearthstone\Hearthstone.exe
FirewallRules: [{24054B22-0776-466B-A91F-94269576B9D4}] => (Allow) E:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{5D3D7B57-58B9-4B8B-B89E-41261D55F825}] => (Allow) E:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{451FDAA3-372F-4392-8E7E-C16A3C573EF2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{0E2AF16A-750C-4547-B315-7AD82C07DD39}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{2ED2CBBD-D27E-4B6D-A5D9-C848049E5862}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{97744521-7826-48C4-AF72-944BD7F8658F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8E3A9DD9-1159-4E17-A932-24E21E484EB2}] => (Allow) C:\Program Files (x86)\Tencent\QQmusic\QQMusicInstall\QQMusicMMInstaller.exe
FirewallRules: [{45A043E7-9D62-4DC3-862C-823841BEDC8E}] => (Allow) E:\SteamLibrary\steamapps\common\Mad Max\MadMax.exe
FirewallRules: [{F26B9C07-30A9-4C6F-B5E7-DBA76E50657A}] => (Allow) E:\SteamLibrary\steamapps\common\Mad Max\MadMax.exe
FirewallRules: [{DB2F6782-6F23-4EA9-9ABE-4E6841B2B868}] => (Allow) E:\SteamLibrary\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{0BE7144A-2A1F-47DA-933B-F4FDAAE7B02B}] => (Allow) E:\SteamLibrary\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [TCP Query User{80B3DB55-46AD-40BD-949C-A3F921F25EF3}C:\users\neslihan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\neslihan\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{EAE2E8ED-AC86-4786-BD96-37E070A0CE22}C:\users\neslihan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\neslihan\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9789DF36-463A-491F-AC33-B5A3243CA57C}] => (Allow) E:\SteamLibrary\steamapps\common\SotA\Shroud of the Avatar.exe
FirewallRules: [{AC7E671A-2C37-43BC-86C9-0DF144EFA9E8}] => (Allow) E:\SteamLibrary\steamapps\common\SotA\Shroud of the Avatar.exe
FirewallRules: [{C5ED12BD-9B03-409A-BA66-B99EFCACC2A0}] => (Allow) E:\SteamLibrary\steamapps\common\Tales of Zestiria\Tales of Zestiria.exe
FirewallRules: [{1F0E867F-036F-49B7-B111-A2F97BDB88C3}] => (Allow) E:\SteamLibrary\steamapps\common\Tales of Zestiria\Tales of Zestiria.exe
FirewallRules: [{E29AE97B-7B1F-4FCA-81ED-6E73A8A71F4C}] => (Allow) E:\SteamLibrary\steamapps\common\Warhammer End Times Vermintide\launcher\launcher.exe
FirewallRules: [{EAF232D4-7B10-4C09-A58D-D4EC2BB4E9EB}] => (Allow) E:\SteamLibrary\steamapps\common\Warhammer End Times Vermintide\launcher\launcher.exe
FirewallRules: [{8B09FA49-6079-430F-B1C6-FD67A62E0214}] => (Allow) E:\SteamLibrary\steamapps\common\Warhammer End Times Vermintide\binaries\vermintide.exe
FirewallRules: [{553650AF-B888-4AFE-9A3E-76FF654C95B1}] => (Allow) E:\SteamLibrary\steamapps\common\Warhammer End Times Vermintide\binaries\vermintide.exe
FirewallRules: [{91CAD956-1974-43DF-8786-12247970DCDA}] => (Allow) E:\SteamLibrary\steamapps\common\Broforce\Broforce_beta.exe
FirewallRules: [{BC6EBDE6-1053-43BF-ADD7-1A16DD3B8C0C}] => (Allow) E:\SteamLibrary\steamapps\common\Broforce\Broforce_beta.exe
FirewallRules: [{9FA9615D-E53B-4E76-9A29-CC4B578AC7FD}] => (Allow) c:\users\neslihan\appdata\roaming\tencent\天涯明月刀\8a6e0952da9baa6c24785a480f54d35a\teniodl\teniodl.exe
FirewallRules: [{C0158D5F-F632-457C-9E72-18AA812EB904}] => (Allow) c:\users\neslihan\appdata\roaming\tencent\天涯明月刀\8a6e0952da9baa6c24785a480f54d35a\teniodl\teniodl.exe
FirewallRules: [TCP Query User{35453FC1-E049-4628-BFD6-026043DF27D5}C:\users\neslihan\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\neslihan\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{5126F960-6396-422B-93DE-E61FF03FF7A3}C:\users\neslihan\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\neslihan\appdata\local\akamai\netsession_win.exe
FirewallRules: [{73F51FAE-2249-4EE1-B0AF-56B9AD3DEBA8}] => (Allow) E:\SteamLibrary\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{0798E8D3-7E67-474C-A307-CDEDB6DA93EB}] => (Allow) E:\SteamLibrary\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [TCP Query User{EC0413C3-5FB4-4ECF-939C-1C0BF41758F5}C:\users\neslihan\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\neslihan\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{25D336AF-658E-4257-9759-9E48A82F465B}C:\users\neslihan\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\neslihan\appdata\local\akamai\netsession_win.exe
FirewallRules: [{602FC368-8B2E-4BF1-A304-4E5264F953E0}] => (Allow) E:\SteamLibrary\steamapps\common\Tomb Raider Legend\trl.exe
FirewallRules: [{A6B3144F-040D-4C36-812E-02D26886306A}] => (Allow) E:\SteamLibrary\steamapps\common\Tomb Raider Legend\trl.exe
FirewallRules: [TCP Query User{D73DBAEE-4738-4EF0-882A-94BD324FB11A}E:\games\cloud imperium games\patcher\cigpatcher.exe] => (Allow) E:\games\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [UDP Query User{B3D08E34-69CE-4F58-B97C-8C7BB6E83DEC}E:\games\cloud imperium games\patcher\cigpatcher.exe] => (Allow) E:\games\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [{2B502E81-BDBA-438E-9165-F161B355D689}] => (Allow) E:\SteamLibrary\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{914DCCE0-53D5-442A-931B-4B293B560FF3}] => (Allow) E:\SteamLibrary\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{DD776E7A-223A-441C-A6B3-B65C61F532C9}] => (Allow) C:\Program Files (x86)\pandasecuritytb\cleanupie.exe
FirewallRules: [{2F2F6093-D210-4AD2-8F6B-E75F8FFDCEF4}] => (Allow) C:\Program Files (x86)\pandasecuritytb\cleanupie.exe
FirewallRules: [{1A7E9523-B848-475B-9F58-311618C5E0DD}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe
FirewallRules: [{0D26AAF6-5173-49B1-9F12-6B46252F12C6}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe
FirewallRules: [{089D295D-D29B-4008-A552-C18AFC79ECEF}] => (Allow) E:\SteamLibrary\steamapps\common\Tom Clancy's The Division\thedivision.exe
FirewallRules: [{58425B24-3732-4493-BDFA-E5F316B116AA}] => (Allow) E:\SteamLibrary\steamapps\common\Tom Clancy's The Division\thedivision.exe
FirewallRules: [{DCA69552-596F-4354-A6DB-EEB2D1A87606}] => (Allow) E:\SteamLibrary\steamapps\common\Alice Madness Returns\Binaries\Win32\AliceMadnessReturns.exe
FirewallRules: [{3FAA2378-DE1E-4EB0-A003-85929053C62C}] => (Allow) E:\SteamLibrary\steamapps\common\Alice Madness Returns\Binaries\Win32\AliceMadnessReturns.exe
FirewallRules: [{75ABE64B-0DFF-419D-9705-758C08585B8C}] => (Allow) E:\Games\Steam\Steam.exe
FirewallRules: [{4C628DE2-9A52-41BC-A868-41AC785282A7}] => (Allow) E:\Games\Steam\Steam.exe
FirewallRules: [{0EB9CA94-1F68-4577-A36D-D375861D9F12}] => (Allow) E:\Games\Steam\steamapps\common\DOOM\DOOMx64.exe
FirewallRules: [{AEEA5BF1-F17D-4651-95C3-20D83A92D388}] => (Allow) E:\Games\Steam\steamapps\common\DOOM\DOOMx64.exe
FirewallRules: [TCP Query User{9D7A0F72-EC4A-4CA0-A004-5116944F3D81}E:\program files (x86)\hearthstone\overwatch\overwatch.exe] => (Allow) E:\program files (x86)\hearthstone\overwatch\overwatch.exe
FirewallRules: [UDP Query User{495D0D3A-5724-4DA1-A050-CBFC88C177F9}E:\program files (x86)\hearthstone\overwatch\overwatch.exe] => (Allow) E:\program files (x86)\hearthstone\overwatch\overwatch.exe
FirewallRules: [{70A0125E-13F0-4252-9969-5542AC18844A}] => (Allow) E:\Games\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{DC368896-4DD8-45DB-8C07-A6273C1C202B}] => (Allow) E:\Games\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [TCP Query User{E35D35E4-7A7A-4E14-A986-E71BF362CD40}E:\program files (x86)\hearthstone\overwatch test\overwatch.exe] => (Allow) E:\program files (x86)\hearthstone\overwatch test\overwatch.exe
FirewallRules: [UDP Query User{45AB9449-FD05-48A3-8DFB-E060FF643AB8}E:\program files (x86)\hearthstone\overwatch test\overwatch.exe] => (Allow) E:\program files (x86)\hearthstone\overwatch test\overwatch.exe
FirewallRules: [{824C8913-5F78-44A0-A58F-9A9B6060A3A3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{25A2DCEA-A568-4CCC-B4EE-6FF2127DC2C8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{915AE0B8-77F0-4A90-8D04-222AA70D79F2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{0B92682D-F4F1-48FF-B93E-6D231A399759}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{3DAB5233-E764-442E-B426-68E919386EF7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{3A3DD2D5-1944-4354-B6F0-DB3A023BB28D}] => (Allow) E:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{53AEFA85-E2B3-44BB-A1B8-6F660B9BEE01}] => (Allow) E:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{A9C4D86F-340D-4F2C-8C82-CE002D8DA9B8}] => (Allow) E:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{6DDAB588-67AF-4F3C-AC56-64154957EAC8}] => (Allow) E:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{4303224E-ED75-4078-8AE0-DB1B923EAB4E}] => (Allow) c:\users\neslihan\appdata\roaming\tencent\天涯明月刀\bd8dd184d01af1e249e6c91baf701c80\teniodl\teniodl.exe
FirewallRules: [{22178D6F-DB1D-4294-8221-8262D15718F0}] => (Allow) c:\users\neslihan\appdata\roaming\tencent\天涯明月刀\bd8dd184d01af1e249e6c91baf701c80\teniodl\teniodl.exe
FirewallRules: [TCP Query User{1D96E34F-2648-40E2-B2F8-18AF7569C94D}E:\games\天涯明月刀\wuxia_client.exe] => (Allow) E:\games\天涯明月刀\wuxia_client.exe
FirewallRules: [UDP Query User{466137C0-9299-4C12-8C32-6DC60B34DA62}E:\games\天涯明月刀\wuxia_client.exe] => (Allow) E:\games\天涯明月刀\wuxia_client.exe
FirewallRules: [{9D1556FF-394A-47A1-AB52-F737D62ABFDF}] => (Allow) E:\Games\天涯明月刀\Cross\CrossProxy.exe
FirewallRules: [{438589E3-C083-4578-8D54-A4F2555AC6C0}] => (Allow) E:\Games\天涯明月刀\Cross\CrossProxy.exe
FirewallRules: [{E1758C05-819D-419E-B694-434181B5169C}] => (Allow) E:\Games\天涯明月刀\Cross\Apps\CQS\QTalk\Bin\miniQTalk.exe
FirewallRules: [{76AE8A6B-4AA7-490B-A822-13C93260E167}] => (Allow) E:\Games\天涯明月刀\Cross\Apps\CQS\QTalk\Bin\miniQTalk.exe
FirewallRules: [{776621DD-DE93-4018-A788-EB1F09180972}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\131\tencentdl.exe
FirewallRules: [{E7E4F2B2-6943-4A40-9C1A-743DA4D6130A}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\131\bugreport_xf.exe
FirewallRules: [{C634EEF9-0E43-470B-BE9B-9B680EE81EA7}] => (Allow) E:\Games\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{BE96DD78-3297-4BB1-A499-56B7DA611CDB}] => (Allow) E:\Games\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{D70B4C2B-EC34-44DF-A144-568FCA46DD95}] => (Allow) E:\Games\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [{311654A9-2B9C-4B26-8EFE-C3CE6CC10184}] => (Allow) E:\Games\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [TCP Query User{25E65068-A478-4BC2-A92F-2301AE63CE1C}E:\games\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) E:\games\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{64FD4181-D927-4664-ACD0-6D0CD801CB43}E:\games\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) E:\games\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{385DBFE5-7336-4C79-B655-223FF004B6B5}] => (Allow) E:\Games\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{69D85AAB-9AF0-432F-87EC-5AF0CD050D3A}] => (Allow) E:\Games\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{6BBB77AF-34C0-414E-8DE9-EDA7DC740FF2}] => (Allow) E:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{90C1DF8F-0FEA-4396-89E7-DCDB775226CA}] => (Allow) E:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C7270A60-1253-4DBB-B6A2-814F1383B60A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{BACF2223-7B7E-4B9F-9EF8-D9998839C075}E:\program files (x86)\ubisoft\ubisoft game launcher\games\forhonor\forhonor.exe] => (Allow) E:\program files (x86)\ubisoft\ubisoft game launcher\games\forhonor\forhonor.exe
FirewallRules: [UDP Query User{D024BD3C-3E13-4168-A2B0-41E177399577}E:\program files (x86)\ubisoft\ubisoft game launcher\games\forhonor\forhonor.exe] => (Allow) E:\program files (x86)\ubisoft\ubisoft game launcher\games\forhonor\forhonor.exe
FirewallRules: [{6DCE6C8D-982A-4ECA-973A-BC008F42C3DA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{1EEA627D-E0A3-41BC-9ED8-3262110922F4}] => (Allow) E:\Program Files (x86)\SplitmediaLabs\XSplit Broadcaster\XSplit.Core.exe
FirewallRules: [{6B2E07C8-47EC-4708-A1D2-AD5ACAA704D6}] => (Allow) E:\Program Files (x86)\SplitmediaLabs\XSplit Broadcaster\XSplit.cam.exe
FirewallRules: [{D15E7B4C-419C-43E6-BFE2-165A14EE194E}] => (Allow) E:\Program Files (x86)\SplitmediaLabs\XSplit Broadcaster\XSplit.Core.exe
FirewallRules: [{021036DC-C11E-4E5D-8F7E-EF2CA14932E9}] => (Allow) E:\Program Files (x86)\SplitmediaLabs\XSplit Broadcaster\XSplit.cam.exe
FirewallRules: [{EFF6F8A5-FA2C-4272-B7F1-B4918E674E59}] => (Allow) E:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{64A24666-C007-4AA9-BBF0-0D3AD51E6926}] => (Allow) E:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
StandardProfile\AuthorizedApplications: [E:\Program Files (x86)\Meitu\KanKan\KanKan.exe] => Enabled:KanKan
==================== Wiederherstellungspunkte =========================
21-03-2017 01:12:12 Windows Update
21-03-2017 19:00:10 Windows Update
22-03-2017 19:00:10 Windows Update
23-03-2017 19:00:10 Windows Update
24-03-2017 02:05:20 Windows Update
24-03-2017 19:00:10 Windows Update
24-03-2017 21:24:42 Windows Update
25-03-2017 19:00:10 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: softaal
Description: softaal
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: softaal
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: TSDefenseBt
Description: TSDefenseBt
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: TSDefenseBt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: tencent QMUdisk
Description: tencent QMUdisk
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: QMUdisk
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (03/25/2017 07:51:22 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (03/25/2017 07:02:08 PM) (Source: MsiInstaller) (EventID: 1013) (User: NT-AUTORITÄT)
Description: Internal MSI error. Installer terminated prematurely.
Error: (03/25/2017 11:58:15 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (03/25/2017 11:50:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (03/24/2017 09:26:39 PM) (Source: MsiInstaller) (EventID: 1013) (User: NT-AUTORITÄT)
Description: Internal MSI error. Installer terminated prematurely.
Error: (03/24/2017 07:02:07 PM) (Source: MsiInstaller) (EventID: 1013) (User: NT-AUTORITÄT)
Description: Internal MSI error. Installer terminated prematurely.
Error: (03/24/2017 06:26:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (03/24/2017 06:16:44 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (03/24/2017 06:09:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (03/24/2017 02:07:17 AM) (Source: MsiInstaller) (EventID: 1013) (User: NT-AUTORITÄT)
Description: Internal MSI error. Installer terminated prematurely.
Systemfehler:
=============
Error: (03/25/2017 07:02:29 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft Silverlight (KB4013867)
Error: (03/25/2017 05:02:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BCM42RLY" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (03/25/2017 04:02:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BCM42RLY" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (03/25/2017 11:50:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BCM42RLY" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (03/25/2017 11:49:58 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
TsDefenseBt
Error: (03/25/2017 11:49:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "QQPCMgr RTP Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (03/24/2017 09:26:39 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft Silverlight (KB4013867)
Error: (03/24/2017 08:52:40 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.
Error: (03/24/2017 08:52:40 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.
Error: (03/24/2017 07:02:27 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft Silverlight (KB4013867)
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4430 CPU @ 3.00GHz
Prozentuale Nutzung des RAM: 36%
Installierter physikalischer RAM: 16301.32 MB
Verfügbarer physikalischer RAM: 10382.55 MB
Summe virtueller Speicher: 20299.5 MB
Verfügbarer virtueller Speicher: 13781.67 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:119.14 GB) (Free:45.54 GB) NTFS
Drive e: () (Fixed) (Total:931.51 GB) (Free:61.84 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 29C690AD)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 29C690D5)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
26.03.2017, 12:36
| #7 |
| /// TB-Ausbilder | Ungewollte Browserextension / Verlangsamtes Laden (Chrome) Servus, Schritt 1 Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt 2 Downloade Dir bitte Malwarebytes Anti-Malware 3
Schritt 3
Bitte poste mit deiner nächsten Antwort
|
|
29.03.2017, 18:43
| #8 |
| | Ungewollte Browserextension / Verlangsamtes Laden (Chrome) Hallo! danke für die Tipps! Ich habe nun allerdings ein neues Problem - zunächst habe ich AdwCleaner und Malwarebytes ausführen können - danach war übrigens die Browserextension weg. Bevor ich die nächsten Schritte aber überhaupt erst machen konnte, wurde mein Rechner unsagbar langsam - das war er sonst nie. Wenn ich beispielsweise die Windowstaste drücke, kann ich manchmal gar nicht richtig einen der Icons/Verknüpfungen anklicken. Internetseiten bauen sich plötzlich mega langsam auf und irgendwann hängt einfach alles und ich kann nichts mehr machen. Ich bekomme eine Windowsfehlermeldung, dass dieser Prozess (Windows) nicht mehr richtig funktioniert, kann ihn aber nicht beenden, weil es so hängt. Gerade kam dann auch einfach ein schwarzer Bildschirm  Bin jetzt im abgesicherten Modus (mit Netzwerktreibern) und da ist alles prima. Nichts hängt. Ich poste jetzt mal die Berichte, die ich schon habe. Falls ich das Restliche im abgesicherten Modus machen darf, bitte bescheid geben. Ansonsten scheint es nämlich nicht zu klappen.AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v6.044 - Bericht erstellt am 26/03/2017 um 19:19:50
# Aktualisiert am 28/02/2017 von Malwarebytes
# Datenbank : 2017-03-23.2 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (X64)
# Benutzername : Neslihan - NESLIHAN-PC
# Gestartet von : C:\Users\Neslihan\Desktop\AdwCleaner_6.044.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
[-] Dienst gelöscht: QQPCRTP
[-] Dienst gelöscht: TSDefenseBt
[-] Dienst gelöscht: QMUdisk
[-] Dienst gelöscht: TSSKX64
[-] Dienst gelöscht: softaal
[-] Dienst gelöscht: tsnethlpx64
[-] Dienst gelöscht: panda_url_filtering
***** [ Ordner ] *****
[-] Ordner gelöscht: C:\Users\Neslihan\AppData\Local\TVWizard
[-] Ordner gelöscht: C:\Users\Neslihan\AppData\Local\YSearchUtil
[-] Ordner gelöscht: C:\Users\Neslihan\AppData\Local\Tencent
[-] Ordner gelöscht: C:\Users\Neslihan\AppData\LocalLow\pandasecuritytb
[-] Ordner gelöscht: C:\Users\Neslihan\AppData\Roaming\Tencent
[-] Ordner gelöscht: C:\Users\Neslihan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯游戏
[-] Ordner gelöscht: C:\Users\Neslihan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
[-] Ordner gelöscht: C:\Users\Gast\AppData\LocalLow\pandasecuritytb
[-] Ordner gelöscht: C:\Users\Neslihan\AppData\Roaming\Mozilla\Firefox\Profiles\6ghfa3rf.default-1436973638517\pandasecuritytb
[-] Ordner gelöscht: C:\Program Files\Panda Security URL Filtering
[-] Ordner gelöscht: C:\Program Files\Common Files\Tencent
[-] Ordner gelöscht: C:\Users\Neslihan\AppData\Local\VirtualStore\Program Files (x86)\Tencent
[-] Ordner gelöscht: C:\ProgramData\NetEngine
[-] Ordner gelöscht: C:\ProgramData\TXQMPC
[-] Ordner gelöscht: C:\ProgramData\Tencent
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\NetEngine
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\TXQMPC
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\Tencent
[-] Ordner gelöscht: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\腾讯游戏
[-] Ordner gelöscht: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\腾讯软件
[-] Ordner gelöscht: C:\Program Files (x86)\Tencent
[-] Ordner gelöscht: C:\Program Files (x86)\pandasecuritytb
[-] Ordner gelöscht: C:\Program Files (x86)\Common Files\Tencent
[-] Ordner gelöscht: C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent
[-] Ordner gelöscht: C:\Windows\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil
[-] Ordner gelöscht: C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\pandasecuritytb
[-] Ordner gelöscht: C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\npdicihegicnhaangkdmcgbjceoemeoo
***** [ Dateien ] *****
[-] Datei gelöscht: C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Hao123.lnk
[-] Datei gelöscht: C:\Users\Gast\Desktop\Hao123.lnk
[-] Datei gelöscht: C:\Users\Gast\Desktop\PepperZip.lnk
[-] Datei gelöscht: C:\Windows\SysNative\drivers\TSSKX64.sys
[-] Datei gelöscht: C:\Windows\SysNative\drivers\TFsFltX64.sys
[-] Datei gelöscht: C:\END
[-] Datei gelöscht: C:\Windows\SysWOW64\drivers\TS888x64.sys
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[#] Schlüssel mit Neustart gelöscht: HKLM\SYSTEM\CurrentControlSet\services\tsdefensebt
[#] Schlüssel mit Neustart gelöscht: HKLM\SYSTEM\CurrentControlSet\services\tsskx64
[#] Schlüssel mit Neustart gelöscht: HKLM\SYSTEM\CurrentControlSet\services\qmudisk
[#] Schlüssel mit Neustart gelöscht: HKLM\SYSTEM\CurrentControlSet\services\qqpcrtp
[-] Schlüssel gelöscht: HKU\S-1-5-21-2601677052-3802215475-160921258-1000\Software\Classes\PepperZip
[-] Schlüssel gelöscht: HKU\S-1-5-21-2601677052-3802215475-160921258-1000\Software\Classes\QQBrowser.File
[-] Schlüssel gelöscht: HKU\S-1-5-21-2601677052-3802215475-160921258-1000\Software\Classes\QQBrowser.Protocol
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Classes\PepperZip
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Classes\QQBrowser.File
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Classes\QQBrowser.Protocol
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\metnsd
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\qmgcfiles
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\QQAppIEAgentEx.AgentForAndroid
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\QQAppIEAgentEx.AgentForAndroid.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\QQBrowser.File
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\QQBrowser.Protocol
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\PepperZip
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\QQBrowser.File
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\QQBrowser.Protocol
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\metnsd
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\protector_dll.Protector
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\qmgcfiles
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\QQAppIEAgentEx.AgentForAndroid
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\QQAppIEAgentEx.AgentForAndroid.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\QQBrowser.File
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\QQBrowser.Protocol
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{50F4150A-48B2-417A-BE4C-C83F580FB904}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{B9E49847-9822-4139-BC55-7173ED1ADA11}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{6B3732AA-F6D4-4F16-9E22-49EDC52C9514}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{B9E49847-9822-4139-BC55-7173ED1ADA11}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{6E1533F0-E0B5-465A-9F16-98FF0C76D493}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{8519F1E4-E25B-42B1-B361-0C643F45CF11}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{50F4150A-48B2-417A-BE4C-C83F580FB904}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{50F4150A-48B2-417A-BE4C-C83F580FB904}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{29B6CFD5-0064-411A-8C42-9890C83F9921}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{50F4150A-48B2-417A-BE4C-C83F580FB904}
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved [{754DF2CE-51E8-4895-B53C-6381418B84AE}]
[-] Schlüssel gelöscht: HKU\S-1-5-21-2601677052-3802215475-160921258-1000\Software\QQBrowser
[-] Schlüssel gelöscht: HKU\S-1-5-21-2601677052-3802215475-160921258-1000\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\QQBrowser
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
[-] Schlüssel gelöscht: HKLM\SOFTWARE\MaxPower
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\QQBrowser
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
[-] Daten wiederhergestellt: HKU\S-1-5-21-2601677052-3802215475-160921258-1000\Software\Policies\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten wiederhergestellt: HKU\S-1-5-21-2601677052-3802215475-160921258-1000\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten wiederhergestellt: HKCU\Software\Policies\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten wiederhergestellt: HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten wiederhergestellt: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten wiederhergestellt: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten wiederhergestellt: HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tab]
[-] Daten wiederhergestellt: [x64] HKCU\Software\Policies\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten wiederhergestellt: [x64] HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten wiederhergestellt: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten wiederhergestellt: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tab]
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
[-] Schlüssel gelöscht: HKLM\SOFTWARE\MozillaPlugins\@qq.com/TXSSO
[-] Schlüssel gelöscht: HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP
[-] Schlüssel gelöscht: HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP
[-] Schlüssel gelöscht: HKLM\SOFTWARE\MozillaPlugins\@qq.com/npandroidassistant
[-] Schlüssel gelöscht: HKEY_CLASSES_ROOT\.qmgc
[-] Schlüssel gelöscht: HKCU\SOFTWARE\Classes\ChromeHTML
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Google\Chrome\Extensions\npdicihegicnhaangkdmcgbjceoemeoo
***** [ Browser ] *****
[-] [C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default] [extension] Gelöscht: npdicihegicnhaangkdmcgbjceoemeoo
[-] [C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default] [extension] Gelöscht: npdicihegicnhaangkdmcgbjceoemeoo
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Image File Execution Options" Schlüssel gelöscht
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Firewall Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [11096 Bytes] - [26/03/2017 19:19:50]
C:\AdwCleaner\AdwCleaner[S0].txt - [10545 Bytes] - [26/03/2017 19:10:55]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [11244 Bytes] ##########
MBAM Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 26.03.17
Scan-Zeit: 19:43
Protokolldatei: mbam.txt
Administrator: Ja
-Softwaredaten-
Version: 3.0.6.1469
Komponentenversion: 1.0.75
Version des Aktualisierungspakets: 1.0.1394
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Neslihan-PC\Neslihan
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 450660
Abgelaufene Zeit: 1 Min., 59 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 2
PUP.Optional.DriveTheLife, C:\Users\Neslihan\AppData\Roaming\DriveTheLife2013\Dtl2013DownLoad, In Quarantäne, [2975], [381097],1.0.1394
PUP.Optional.DriveTheLife, C:\USERS\NESLIHAN\APPDATA\ROAMING\DriveTheLife2013, In Quarantäne, [2975], [381097],1.0.1394
Datei: 0
(keine bösartigen Elemente erkannt)
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
(end)
|
|
29.03.2017, 20:44
| #9 |
| /// TB-Ausbilder | Ungewollte Browserextension / Verlangsamtes Laden (Chrome) Servus, komisch... ich sehe jetzt nicht, dass AdwCleaner bei dir was "falsches" gelöscht hätte... AdwCleaner bitte nochmal im Abgesicherten Modus ausführen (wie beschrieben) und wieder die Logdatei posten. Dann FRST im normalen Modus ausführen (nur wenn es GAR NICHT geht, im abgesicherten Modus). |
|
02.04.2017, 09:36
| #10 |
| /// TB-Ausbilder | Ungewollte Browserextension / Verlangsamtes Laden (Chrome) Fehlende Rückmeldung Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten. PM an mich falls Du denoch weiter machen willst. Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist. Jeder andere bitte hier klicken und einen eigenen Thread erstellen! |
|
| Themen zu Ungewollte Browserextension / Verlangsamtes Laden (Chrome) |
| computer, deinstallieren, extension, faust, folge, funkt, google, hallo zusammen, kurzem, laden, langsam, lädt, namens, panda, panda security, programme, programmen, scan, security, server, software, tab, ungewollte, virenscan, zusammen |
Linear-Darstellung
