Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Ungewollte Browserextension / Verlangsamtes Laden (Chrome)

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 24.03.2017, 19:13   #1
monchou
 
Ungewollte Browserextension / Verlangsamtes Laden (Chrome) - Standard

Ungewollte Browserextension / Verlangsamtes Laden (Chrome)



Hallo zusammen

Seit kurzem lädt Instagram auffällig langsam (es liegt nicht an deren Server) - eher hab ich den Eindruck, dass irgendwas unterwünschtes dazwischenfunkt!
Dann habe ich beim Googlen festgeställt, dass sich eine Extension namens "RocketTab" eingeschlichen hat. Diese schiebt sich als erste Treffer bei Google ein. Ich kann die Extension weder im Erweiterungsmanager von Chrome, noch in meinen Programmen unter Computer>Programme deinstallieren finden.



Ich habe kürzlich einen routinierten Virenscan mit Panda Security gemacht, aber da gabs nichts.
Wollte nicht auf eigene Faust Software anwenden und bitte um Hilfe, welche reihenfolge ich befolgen soll. Danke <3

Alt 24.03.2017, 21:22   #2
M-K-D-B
/// TB-Ausbilder
 
Ungewollte Browserextension / Verlangsamtes Laden (Chrome) - Standard

Ungewollte Browserextension / Verlangsamtes Laden (Chrome)









Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.



Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:
  1. Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  2. Lies dir meine Anleitungen immer sorgfältig durch, arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste immer alle Logdateien (auch wenn nichts gefunden wurde). Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  3. Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  4. Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
    Außerdem bitte ich dich, nicht eigenmächtig irgendwelche Sicherheitsprogramme auszuführen und damit deinen Rechner zu überprüfen/bereinigen, da ich so leicht den Überblick verlieren kann.
    Außerdem hättest du dir das Eröffnen eines Themas in diesem Fall auch gleich sparen können, wenn du dann doch wieder alleine rumhantierst.

  5. Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  6. Alle zu verwendenen Programme sind auf dem Desktop ( C:\users\dein Benutzername\Desktop\ ) abzuspeichern und von dort als Administrator zu starten!
  7. Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.
  8. Sollten die Logdateien einmal die zulässige Länge (~ 120.000 Zeichen) überschreiten, so teile die Logdateien auf mehrere Posts auf.
    Zur Not kannst du die Logdateien dann auch zippen (in ein .zip Archiv packen) und als Anhang hochladen.

  9. Bitte arbeite so lange mit mir zusammen, bis ich dir sage, dass wir fertig sind und dein Rechner "sauber" ist. Das vorzeitige Verschwinden von Symptomen heißt nicht automatisch, dass dein Rechner bereits vollständig sauber ist.
  10. In der Regel antworte ich dir innerhalb von 24 Stunden, oft sogar wesentlich schneller.
    Jedoch habe auch ich einen normalen Beruf und Familie. Ich bin daher nicht jeden Tag stundenlag hier im Forum unterwegs. Es kann unter Umständen bis zu 2 Tage dauern, bis du eine Antwort von mir erhältst. Sollte diese Zeit überschritten sein, so kannst du mir gerne eine PM als Erinnerung schicken.





Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!







Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)







Schritt 2
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.







Bitte poste mit deiner nächsten Antwort
  • die Logdatei von TDSS-Killer,
  • die beiden neuen Logdateien von FRST.
__________________


Alt 26.03.2017, 02:52   #3
monchou
 
Ungewollte Browserextension / Verlangsamtes Laden (Chrome) - Rotes Gesicht

Ungewollte Browserextension / Verlangsamtes Laden (Chrome)



Hallo lieber Matthias,
Vielen vielen dank für die Hilfe und Anweisungen

Code:
ATTFilter
03:39:27.0752 0x37ac  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
03:39:31.0101 0x37ac  ============================================================
03:39:31.0101 0x37ac  Current date / time: 2017/03/26 03:39:31.0101
03:39:31.0101 0x37ac  SystemInfo:
03:39:31.0101 0x37ac  
03:39:31.0101 0x37ac  OS Version: 6.1.7601 ServicePack: 1.0
03:39:31.0101 0x37ac  Product type: Workstation
03:39:31.0101 0x37ac  ComputerName: NESLIHAN-PC
03:39:31.0101 0x37ac  UserName: Neslihan
03:39:31.0101 0x37ac  Windows directory: C:\Windows
03:39:31.0101 0x37ac  System windows directory: C:\Windows
03:39:31.0101 0x37ac  Running under WOW64
03:39:31.0101 0x37ac  Processor architecture: Intel x64
03:39:31.0101 0x37ac  Number of processors: 4
03:39:31.0101 0x37ac  Page size: 0x1000
03:39:31.0101 0x37ac  Boot type: Normal boot
03:39:31.0101 0x37ac  CodeIntegrityOptions = 0x00000001
03:39:31.0101 0x37ac  ============================================================
03:39:31.0221 0x37ac  KLMD registered as C:\Windows\system32\drivers\68969641.sys
03:39:31.0221 0x37ac  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23677, osProperties = 0x1
03:39:31.0333 0x37ac  System UUID: {C5C12FA4-AF46-6B4B-810C-191EF8F02E5A}
03:39:31.0642 0x37ac  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
03:39:31.0651 0x37ac  Drive \Device\Harddisk1\DR1 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
03:39:31.0655 0x37ac  ============================================================
03:39:31.0655 0x37ac  \Device\Harddisk0\DR0:
03:39:31.0655 0x37ac  MBR partitions:
03:39:31.0655 0x37ac  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
03:39:31.0655 0x37ac  \Device\Harddisk1\DR1:
03:39:31.0655 0x37ac  MBR partitions:
03:39:31.0655 0x37ac  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
03:39:31.0655 0x37ac  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xEE49000
03:39:31.0655 0x37ac  ============================================================
         
__________________

Alt 26.03.2017, 02:53   #4
monchou
 
Ungewollte Browserextension / Verlangsamtes Laden (Chrome) - Standard

Ungewollte Browserextension / Verlangsamtes Laden (Chrome)



TDSS ZWEITER TEIL

Code:
ATTFilter
03:39:31.0656 0x37ac  C: <-> \Device\Harddisk1\DR1\Partition2
03:39:31.0685 0x37ac  E: <-> \Device\Harddisk0\DR0\Partition1
03:39:31.0685 0x37ac  ============================================================
03:39:31.0685 0x37ac  Initialize success
03:39:31.0685 0x37ac  ============================================================
03:40:30.0482 0x394c  ============================================================
03:40:30.0482 0x394c  Scan started
03:40:30.0482 0x394c  Mode: Manual; SigCheck; TDLFS; 
03:40:30.0482 0x394c  ============================================================
03:40:30.0482 0x394c  KSN ping started
03:40:30.0700 0x394c  KSN ping finished: true
03:40:31.0154 0x394c  ================ Scan system memory ========================
03:40:31.0154 0x394c  System memory - ok
03:40:31.0154 0x394c  ================ Scan services =============================
03:40:31.0179 0x394c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
03:40:31.0217 0x394c  1394ohci - ok
03:40:31.0269 0x394c  [ CEB66453AFFE08518566151D2B86864C, B0E99D797E7E36F9DE5AC93C80C4D9047EA05A8C62DEC67E222CC7AE7D67AB18 ] A6200           C:\Windows\system32\DRIVERS\bcmwlhigh664.sys
03:40:31.0321 0x394c  A6200 - ok
03:40:31.0333 0x394c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
03:40:31.0346 0x394c  ACPI - ok
03:40:31.0349 0x394c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
03:40:31.0364 0x394c  AcpiPmi - ok
03:40:31.0370 0x394c  [ B932E0EE190778D840F1442DFC0F9612, 8780963F14D57279FDD585BE945ED40F24590D32676C7A9EF94002D38B8BA643 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
03:40:31.0377 0x394c  AdobeARMservice - ok
03:40:31.0392 0x394c  [ 7EB7A3B01751889C6459C51A74CC87FA, 088EF5CA10D439905822A3DFFEFD2D3416198F10EAAF8C235771CDB3DF86E82C ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
03:40:31.0405 0x394c  AdobeFlashPlayerUpdateSvc - ok
03:40:31.0423 0x394c  [ 5B4D60ACCEA6918DBBB8C9FD4ADBDD29, FE3A768A76B673DCD09716F600D52B53A6EABEC6AA65E0DE89144F322E8571B8 ] AdobeUpdateService C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
03:40:31.0442 0x394c  AdobeUpdateService - ok
03:40:31.0455 0x394c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
03:40:31.0470 0x394c  adp94xx - ok
03:40:31.0479 0x394c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
03:40:31.0492 0x394c  adpahci - ok
03:40:31.0499 0x394c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
03:40:31.0509 0x394c  adpu320 - ok
03:40:31.0514 0x394c  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
03:40:31.0527 0x394c  AeLookupSvc - ok
03:40:31.0539 0x394c  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
03:40:31.0557 0x394c  AFD - ok
03:40:31.0562 0x394c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
03:40:31.0570 0x394c  agp440 - ok
03:40:31.0617 0x394c  [ A32EA26C90A47B2BC93D7B0B94994B11, 1CF8DB09CA27EAC5741489EDFDFC04D69485B51C726F539BFCDC3C78E8E09EBE ] AGSService      C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
03:40:31.0660 0x394c  AGSService - ok
03:40:31.0667 0x394c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
03:40:31.0677 0x394c  ALG - ok
03:40:31.0680 0x394c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
03:40:31.0687 0x394c  aliide - ok
03:40:31.0691 0x394c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
03:40:31.0697 0x394c  amdide - ok
03:40:31.0701 0x394c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
03:40:31.0709 0x394c  AmdK8 - ok
03:40:31.0713 0x394c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
03:40:31.0721 0x394c  AmdPPM - ok
03:40:31.0726 0x394c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
03:40:31.0735 0x394c  amdsata - ok
03:40:31.0742 0x394c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
03:40:31.0751 0x394c  amdsbs - ok
03:40:31.0755 0x394c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
03:40:31.0762 0x394c  amdxata - ok
03:40:31.0766 0x394c  [ B84DDCCB03A9CEDC1E90A88EDA5306DB, 1E51A7336C7E3F6402ED90AB0B3E98FD3827E2DC51B133E7F8BB37140B315192 ] AppID           C:\Windows\system32\drivers\appid.sys
03:40:31.0775 0x394c  AppID - ok
03:40:31.0778 0x394c  [ 02B60F8FA4BAB8DC3B14782A7E60564B, D7EB27CB202573734D7A4EB4667B9BCEC1598AA9EBD154F2C9266AF230F51A52 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
03:40:31.0786 0x394c  AppIDSvc - ok
03:40:31.0790 0x394c  [ DE23E052E557580674785CDF45B613F3, A955ADC6CC7D816BA7CE1065F911E7A3295A1908C22BE0A3C506C38CFEE8DE0D ] Appinfo         C:\Windows\System32\appinfo.dll
03:40:31.0799 0x394c  Appinfo - ok
03:40:31.0805 0x394c  [ 2D564BB1C4559A517B390A031955714D, 3048C187FD107C958D43DD8B954AB55FDD1BC538D3E0066CBFCB428C7A8A87E1 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
03:40:31.0815 0x394c  Apple Mobile Device Service - ok
03:40:31.0821 0x394c  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
03:40:31.0832 0x394c  AppMgmt - ok
03:40:31.0836 0x394c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
03:40:31.0844 0x394c  arc - ok
03:40:31.0849 0x394c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
03:40:31.0858 0x394c  arcsas - ok
03:40:31.0870 0x394c  [ EE424A5CE56E3923D59BB7DE2E15036D, 8B8196870EFE74D43EDA72674021A46846D370E97A6A058134D84A721AECD091 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
03:40:31.0878 0x394c  aspnet_state - ok
03:40:31.0881 0x394c  [ E1AFEE1584C74050DE0DD16DE2A54BF3, 77C8D98159D8BCDC7917B04977949823D50C49D0D13587310E060A4B8893AE42 ] AsrAppCharger   C:\Windows\system32\DRIVERS\AsrAppCharger.sys
03:40:31.0891 0x394c  AsrAppCharger - ok
03:40:31.0895 0x394c  [ 1A234F4643F5658BAB07BFA611282267, F40435488389B4FB3B945CA21A8325A51E1B5F80F045AB019748D0EC66056A8B ] AsrDrv101       C:\Windows\SysWOW64\Drivers\AsrDrv101.sys
03:40:31.0901 0x394c  AsrDrv101 - ok
03:40:31.0905 0x394c  [ 67C03C21F319647834DAA61704D8A248, A0845AE5B13E1208CDDEB77863AB2D40CA5D1C709AD5B1976C3AC595F7A516D5 ] AsrRamDisk      C:\Windows\system32\DRIVERS\AsrRamDisk.sys
03:40:31.0912 0x394c  AsrRamDisk - ok
03:40:31.0914 0x394c  AsrSetupDrv - ok
03:40:31.0917 0x394c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
03:40:31.0941 0x394c  AsyncMac - ok
03:40:31.0944 0x394c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
03:40:31.0950 0x394c  atapi - ok
03:40:31.0966 0x394c  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
03:40:31.0985 0x394c  AudioEndpointBuilder - ok
03:40:32.0001 0x394c  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
03:40:32.0020 0x394c  AudioSrv - ok
03:40:32.0025 0x394c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
03:40:32.0038 0x394c  AxInstSV - ok
03:40:32.0049 0x394c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
03:40:32.0065 0x394c  b06bdrv - ok
03:40:32.0074 0x394c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
03:40:32.0085 0x394c  b57nd60a - ok
03:40:32.0089 0x394c  BCM42RLY - ok
03:40:32.0094 0x394c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
03:40:32.0103 0x394c  BDESVC - ok
03:40:32.0106 0x394c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
03:40:32.0128 0x394c  Beep - ok
03:40:32.0158 0x394c  [ D6BD4AE897D0DF163832AC75DF361BD0, E5F57A907EC557B2F29F49AA0A98AC90261DC44674F3066798AD622ECB24DBBE ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
03:40:32.0191 0x394c  BEService - ok
03:40:32.0209 0x394c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
03:40:32.0229 0x394c  BFE - ok
03:40:32.0250 0x394c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
03:40:32.0289 0x394c  BITS - ok
03:40:32.0294 0x394c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
03:40:32.0303 0x394c  blbdrive - ok
03:40:32.0309 0x394c  [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
03:40:32.0321 0x394c  bowser - ok
03:40:32.0325 0x394c  BRDriver64_1_3_3_E02B25FC - ok
03:40:32.0331 0x394c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
03:40:32.0342 0x394c  BrFiltLo - ok
03:40:32.0345 0x394c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
03:40:32.0354 0x394c  BrFiltUp - ok
03:40:32.0359 0x394c  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
03:40:32.0385 0x394c  BridgeMP - ok
03:40:32.0392 0x394c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
03:40:32.0403 0x394c  Browser - ok
03:40:32.0411 0x394c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
03:40:32.0425 0x394c  Brserid - ok
03:40:32.0429 0x394c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
03:40:32.0440 0x394c  BrSerWdm - ok
03:40:32.0449 0x394c  [ 448917845F097FCE9D4554C3D2001EF3, BDCBEC01579D7CF28963E4E13CDC5B26E4B69CA24FA2CC4D6E24CAE0DDBCB3FE ] BRSptStub       C:\ProgramData\BitRaider\BRSptStub.exe
03:40:32.0462 0x394c  BRSptStub - ok
03:40:32.0466 0x394c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
03:40:32.0476 0x394c  BrUsbMdm - ok
03:40:32.0479 0x394c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
03:40:32.0488 0x394c  BrUsbSer - ok
03:40:32.0493 0x394c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
03:40:32.0504 0x394c  BTHMODEM - ok
03:40:32.0510 0x394c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
03:40:32.0533 0x394c  bthserv - ok
03:40:32.0536 0x394c  catchme - ok
03:40:32.0542 0x394c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
03:40:32.0567 0x394c  cdfs - ok
03:40:32.0574 0x394c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
03:40:32.0584 0x394c  cdrom - ok
03:40:32.0589 0x394c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
03:40:32.0612 0x394c  CertPropSvc - ok
03:40:32.0646 0x394c  [ 33B82CF69E41B38A2EC0C3CABDE80D6E, E7331B38232001A4055CE1F6D74AED0F108385DDBD5211006DA8EA932D3B1575 ] cFosSpeed       C:\Windows\system32\DRIVERS\cfosspeed6.sys
03:40:32.0682 0x394c  cFosSpeed - ok
03:40:32.0695 0x394c  [ A469854CD303A39162931FA770EA45A2, 45CB65C6079B023A808EA76B96C4FE0D6A588E4A6747B337CC24FDDD35B5D356 ] cFosSpeedS      C:\Program Files\ASRock\XFast LAN\spd.exe
03:40:32.0709 0x394c  cFosSpeedS - ok
03:40:32.0713 0x394c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
03:40:32.0724 0x394c  circlass - ok
03:40:32.0735 0x394c  [ 3D67C27DD17B254D7915FA16A5AE3573, 5B3A6C6A7F940C06362775DAF13CEADA37C7AA84A509458A57C23B4369970A90 ] CLFS            C:\Windows\system32\CLFS.sys
03:40:32.0748 0x394c  CLFS - ok
03:40:32.0825 0x394c  [ A92885780F31BAF23E47CCAF7D32CA28, C81D89A322E913A1E4119A738E4494697D212584934E35C2EC580F688FD216C4 ] ClickToRunSvc   C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
03:40:32.0889 0x394c  ClickToRunSvc - ok
03:40:32.0902 0x394c  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
03:40:32.0911 0x394c  clr_optimization_v2.0.50727_32 - ok
03:40:32.0915 0x394c  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
03:40:32.0924 0x394c  clr_optimization_v2.0.50727_64 - ok
03:40:32.0934 0x394c  [ 5BAF4F1296D4D91FC28560CDB4C37C4B, ACA4BC57ED1F8432F18F0F215EC7FF956BAEF6E02760779E264E4008A979E9DD ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
03:40:32.0944 0x394c  clr_optimization_v4.0.30319_32 - ok
03:40:32.0953 0x394c  [ 569B54004A7E85A74FD92841DE6058E2, 58949313D0F6B1C06359B2F3C68E29940B1655A17E93FFC3718F6D2EAE1633E4 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
03:40:32.0963 0x394c  clr_optimization_v4.0.30319_64 - ok
03:40:32.0967 0x394c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
03:40:32.0976 0x394c  CmBatt - ok
03:40:32.0979 0x394c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
03:40:32.0986 0x394c  cmdide - ok
03:40:32.0992 0x394c  [ F34031DC6D1745154F54B04AFF54F5D1, CDC5CCCB7F9A19C6F9459754895F60B149C2BDBADEF2620F75FAA9B870757758 ] cmnsusbser      C:\Windows\system32\DRIVERS\cmnsusbser.sys
03:40:32.0997 0x394c  cmnsusbser - detected UnsignedFile.Multi.Generic ( 1 )
03:40:33.0266 0x394c  Detect skipped due to KSN trusted
03:40:33.0266 0x394c  cmnsusbser - ok
03:40:33.0278 0x394c  [ A98CED39AD91B445E2E442A9BD67E8B4, B4189DEEF1C0EE22AE983119047B1A40FFDD8F3E163DFFABD7C2706231B0B1B0 ] CNG             C:\Windows\system32\Drivers\cng.sys
03:40:33.0296 0x394c  CNG - ok
03:40:33.0300 0x394c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
03:40:33.0309 0x394c  Compbatt - ok
03:40:33.0314 0x394c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
03:40:33.0327 0x394c  CompositeBus - ok
03:40:33.0329 0x394c  COMSysApp - ok
03:40:33.0332 0x394c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
03:40:33.0340 0x394c  crcdisk - ok
03:40:33.0349 0x394c  [ 2C6632CECFDBBE793FDA8AF9CA55A9CC, 335188515F798483660E529204A13012E4D21B0ECA489224A11C26F91A5B3CCE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
03:40:33.0361 0x394c  CryptSvc - ok
03:40:33.0374 0x394c  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
03:40:33.0391 0x394c  CSC - ok
03:40:33.0407 0x394c  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
03:40:33.0426 0x394c  CscService - ok
03:40:33.0442 0x394c  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch      C:\Windows\system32\rpcss.dll
03:40:33.0459 0x394c  DcomLaunch - ok
03:40:33.0467 0x394c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
03:40:33.0495 0x394c  defragsvc - ok
03:40:33.0499 0x394c  [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
03:40:33.0510 0x394c  DfsC - ok
03:40:33.0515 0x394c  [ 0F4A5D01156B948B54550375498B08A2, 1CAE3D744429A06E9C9EC46AC6B216AB68154EF8FACDD0721C47902B83820F56 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
03:40:33.0526 0x394c  dg_ssudbus - ok
03:40:33.0534 0x394c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
03:40:33.0547 0x394c  Dhcp - ok
03:40:33.0579 0x394c  [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack       C:\Windows\system32\diagtrack.dll
03:40:33.0612 0x394c  DiagTrack - ok
03:40:33.0617 0x394c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
03:40:33.0643 0x394c  discache - ok
03:40:33.0647 0x394c  [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk            C:\Windows\system32\drivers\disk.sys
03:40:33.0655 0x394c  Disk - ok
03:40:33.0660 0x394c  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
03:40:33.0669 0x394c  dmvsc - ok
03:40:33.0677 0x394c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
03:40:33.0688 0x394c  Dnscache - ok
03:40:33.0696 0x394c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
03:40:33.0724 0x394c  dot3svc - ok
03:40:33.0729 0x394c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
03:40:33.0756 0x394c  DPS - ok
03:40:33.0759 0x394c  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
03:40:33.0767 0x394c  drmkaud - ok
03:40:33.0790 0x394c  [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
03:40:33.0816 0x394c  DXGKrnl - ok
03:40:33.0830 0x394c  [ 8020B5D39DDFF589200EBD5592314F83, 23B5D36AE4EFC799E966168F030FB76226CD6365C8F00B5E51EFC44CAF0A0CB2 ] e1dexpress      C:\Windows\system32\DRIVERS\e1d62x64.sys
03:40:33.0845 0x394c  e1dexpress - ok
03:40:33.0850 0x394c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
03:40:33.0876 0x394c  EapHost - ok
03:40:33.0878 0x394c  EasyAntiCheat - ok
03:40:33.0938 0x394c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
03:40:34.0008 0x394c  ebdrv - ok
03:40:34.0015 0x394c  [ CA69E856332E2D85294665F6B7E97254, A9693F836907FB0154DC1090D9476F1E9242ABE922D932D74D0385772D2EAB65 ] EFS             C:\Windows\System32\lsass.exe
03:40:34.0025 0x394c  EFS - ok
03:40:34.0041 0x394c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
03:40:34.0064 0x394c  ehRecvr - ok
03:40:34.0072 0x394c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
03:40:34.0083 0x394c  ehSched - ok
03:40:34.0097 0x394c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
03:40:34.0114 0x394c  elxstor - ok
03:40:34.0117 0x394c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
03:40:34.0125 0x394c  ErrDev - ok
03:40:34.0137 0x394c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
03:40:34.0168 0x394c  EventSystem - ok
03:40:34.0172 0x394c  [ 152B8C8590DE93A7C89D058D58090998, 8782B476B940C81A95D790A6B720B5D50C576A2015F90C11587E04284B660CD1 ] ew_usbccgpfilter C:\Windows\system32\DRIVERS\ew_usbccgpfilter.sys
03:40:34.0182 0x394c  ew_usbccgpfilter - ok
03:40:34.0188 0x394c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
03:40:34.0214 0x394c  exfat - ok
03:40:34.0221 0x394c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
03:40:34.0248 0x394c  fastfat - ok
03:40:34.0265 0x394c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
03:40:34.0284 0x394c  Fax - ok
03:40:34.0289 0x394c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
03:40:34.0297 0x394c  fdc - ok
03:40:34.0300 0x394c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
03:40:34.0325 0x394c  fdPHost - ok
03:40:34.0329 0x394c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
03:40:34.0351 0x394c  FDResPub - ok
03:40:34.0356 0x394c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
03:40:34.0364 0x394c  FileInfo - ok
03:40:34.0367 0x394c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
03:40:34.0392 0x394c  Filetrace - ok
03:40:34.0395 0x394c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
03:40:34.0403 0x394c  flpydisk - ok
03:40:34.0412 0x394c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
03:40:34.0423 0x394c  FltMgr - ok
03:40:34.0427 0x394c  [ 508401A63E6B1CBF0B9C9A011498731F, F636B0A9C0EB6AE7EC04E5C5FD8A0578AEB76A1B0D974F355BCE6B6091901725 ] FNETTBOH_305    C:\Windows\system32\drivers\FNETTBOH_305.SYS
03:40:34.0436 0x394c  FNETTBOH_305 - ok
03:40:34.0439 0x394c  [ E341178C116DAC6A3A764587E68DFA7B, 91B4C79057908A622666FF069CF1C7ECA42952A6587432F5E99E33E8B19D29AF ] FNETURPX        C:\Windows\system32\drivers\FNETURPX.SYS
03:40:34.0446 0x394c  FNETURPX - ok
03:40:34.0473 0x394c  [ CF0108CBA6D1860563BA20E3D74C6646, 737B5E89A858D7E3AEC8BF660AA4FCC56501A69468EA143531286016AF7C0B33 ] FontCache       C:\Windows\system32\FntCache.dll
03:40:34.0501 0x394c  FontCache - ok
03:40:34.0507 0x394c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
03:40:34.0514 0x394c  FontCache3.0.0.0 - ok
03:40:34.0518 0x394c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
03:40:34.0526 0x394c  FsDepends - ok
03:40:34.0529 0x394c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
03:40:34.0536 0x394c  Fs_Rec - ok
03:40:34.0543 0x394c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
03:40:34.0555 0x394c  fvevol - ok
03:40:34.0560 0x394c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
03:40:34.0569 0x394c  gagp30kx - ok
03:40:34.0588 0x394c  [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc           C:\Windows\System32\gpsvc.dll
03:40:34.0612 0x394c  gpsvc - ok
03:40:34.0620 0x394c  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
03:40:34.0627 0x394c  gupdate - ok
03:40:34.0632 0x394c  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
03:40:34.0639 0x394c  gupdatem - ok
03:40:34.0645 0x394c  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
03:40:34.0654 0x394c  gusvc - ok
03:40:34.0658 0x394c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
03:40:34.0666 0x394c  hcw85cir - ok
03:40:34.0676 0x394c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
03:40:34.0691 0x394c  HdAudAddService - ok
03:40:34.0696 0x394c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
03:40:34.0707 0x394c  HDAudBus - ok
03:40:34.0710 0x394c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
03:40:34.0718 0x394c  HidBatt - ok
03:40:34.0723 0x394c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
03:40:34.0734 0x394c  HidBth - ok
03:40:34.0738 0x394c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
03:40:34.0748 0x394c  HidIr - ok
03:40:34.0751 0x394c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
03:40:34.0775 0x394c  hidserv - ok
03:40:34.0778 0x394c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
03:40:34.0787 0x394c  HidUsb - ok
03:40:34.0793 0x394c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
03:40:34.0818 0x394c  hkmsvc - ok
03:40:34.0826 0x394c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
03:40:34.0838 0x394c  HomeGroupListener - ok
03:40:34.0844 0x394c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
03:40:34.0855 0x394c  HomeGroupProvider - ok
03:40:34.0860 0x394c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
03:40:34.0867 0x394c  HpSAMD - ok
03:40:34.0884 0x394c  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
03:40:34.0904 0x394c  HTTP - ok
03:40:34.0913 0x394c  [ E548929868BDFD3FC13B46D99605B764, 737C8A1210442533735F10BD80AFBB3E890D0CC9068F2406CA5C577C7C58B97C ] HuaweiHiSuiteService64.exe C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
03:40:34.0924 0x394c  HuaweiHiSuiteService64.exe - ok
03:40:34.0928 0x394c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
03:40:34.0934 0x394c  hwpolicy - ok
03:40:34.0941 0x394c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
03:40:34.0950 0x394c  i8042prt - ok
03:40:34.0965 0x394c  [ B9E489CC1EA3284FEED33799DC70612D, 0DD714A3A37C391B38F4EEEB3F85C3C3C056F4AAB4A5EFA63835AD967BC25B51 ] iaStorA         C:\Windows\system32\DRIVERS\iaStorA.sys
03:40:34.0983 0x394c  iaStorA - ok
03:40:34.0987 0x394c  [ 3AEE4C821114AC707699A28988F27ABB, 033A25A19E2A649DA059AE3BCACB8605C00D4F10D356C5E3167B84C01B9359A9 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
03:40:34.0994 0x394c  IAStorDataMgrSvc - ok
03:40:34.0997 0x394c  [ CC096E5C9BAABEB8EF12CDFAFFD888CF, 9D61736CB83DE04FC44FB25122AB6D09951C915E577E1A18188D4D5F35EACD76 ] iaStorF         C:\Windows\system32\DRIVERS\iaStorF.sys
03:40:35.0004 0x394c  iaStorF - ok
03:40:35.0015 0x394c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
03:40:35.0029 0x394c  iaStorV - ok
03:40:35.0041 0x394c  [ E199288F016C354255C39A84378A48F6, 881B41D64D73F7A3A1680EDD68201E14AC5C60B848374EEAE44CCDDE46010E81 ] ICCS            C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
03:40:35.0050 0x394c  ICCS - ok
03:40:35.0069 0x394c  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
03:40:35.0090 0x394c  idsvc - ok
03:40:35.0093 0x394c  IEEtwCollectorService - ok
03:40:35.0097 0x394c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
03:40:35.0104 0x394c  iirsp - ok
03:40:35.0108 0x394c  [ E18725531054FE222115873AC1CCB02B, 0FC4B9D5DF77E19E4732759B848B4BCBBD44A124304FA8333BB3B7BC37E15FB8 ] ikbevent        C:\Windows\system32\DRIVERS\ikbevent.sys
03:40:35.0115 0x394c  ikbevent - ok
03:40:35.0134 0x394c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
03:40:35.0156 0x394c  IKEEXT - ok
03:40:35.0160 0x394c  [ 45060257BCA3D60204FEC29F6E6DE458, C9FB92FEEFC0DC5386B545A8E429D60B932360B9044A920F6F2EDD5CF3B7B5A0 ] imsevent        C:\Windows\system32\DRIVERS\imsevent.sys
03:40:35.0167 0x394c  imsevent - ok
03:40:35.0229 0x394c  [ 7D7711B0F972C73AE46105B42092D82E, AC66AE06B65C03BCEE2FF90732B13B651862382CDFEE85A6B5497DF3A2FF75A2 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
03:40:35.0292 0x394c  IntcAzAudAddService - ok
03:40:35.0312 0x394c  [ DDA8E5AD97231AB50B81FED04C28F64C, 5C9E8F7CC45A9AE7FF12A02641562E271D84894DFA7C50218AC2AAA298251B60 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
03:40:35.0329 0x394c  Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
03:40:35.0627 0x394c  Detect skipped due to KSN trusted
03:40:35.0627 0x394c  Intel(R) Capability Licensing Service Interface - ok
03:40:35.0645 0x394c  [ 86FE509640D77FB0998FC8B1FF5523C6, 13E895DEB9B84379251699D7E52C5E3FD888994425DE01B6C4634F9E959D5584 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
03:40:35.0664 0x394c  Intel(R) Capability Licensing Service TCP IP Interface - ok
03:40:35.0671 0x394c  [ EE65488B7294FBCB113EAC9FD492345C, D1D6B22CD94324387171B188D295AA716900654DA1DC9F3DC18D0CD528F2BBEA ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
03:40:35.0679 0x394c  Intel(R) ME Service - ok
03:40:35.0685 0x394c  [ 26FBC0AEDE7C6A67781202E0E2ECB6A6, BEF9E7CB2B2DD7A8091483EC53B812CA3F079CEC949DE545ABED6BE617A9ED55 ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
03:40:35.0695 0x394c  Intel(R) PROSet Monitoring Service - ok
03:40:35.0698 0x394c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
03:40:35.0705 0x394c  intelide - ok
03:40:35.0709 0x394c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
03:40:35.0717 0x394c  intelppm - ok
03:40:35.0724 0x394c  [ A85A70A3C8E0A2A4252E598926B5270F, CDF65FA04331C120139EA0493DC6D613867F4D9EDEEC9FF5F16FCBE6EEC7B047 ] intelsba        C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
03:40:35.0731 0x394c  intelsba - ok
03:40:35.0735 0x394c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
03:40:35.0762 0x394c  IPBusEnum - ok
03:40:35.0767 0x394c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
03:40:35.0791 0x394c  IpFilterDriver - ok
03:40:35.0804 0x394c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
03:40:35.0826 0x394c  iphlpsvc - ok
03:40:35.0832 0x394c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
03:40:35.0842 0x394c  IPMIDRV - ok
03:40:35.0847 0x394c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
03:40:35.0872 0x394c  IPNAT - ok
03:40:35.0875 0x394c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
03:40:35.0886 0x394c  IRENUM - ok
03:40:35.0889 0x394c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
03:40:35.0896 0x394c  isapnp - ok
03:40:35.0904 0x394c  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
03:40:35.0915 0x394c  iScsiPrt - ok
03:40:35.0919 0x394c  [ 4EE2423C38F43D37F8497A672FD10BDC, 031C5272DD28809255CF4FA8E6DE45DBFBD9A363BBD5156D0AEE0787C4297980 ] ISCT            C:\Windows\system32\DRIVERS\ISCTD64.sys
03:40:35.0926 0x394c  ISCT - ok
03:40:35.0932 0x394c  [ 88CCCCFA8269973C3C3C06F94DA03BAB, A88BF3397466C40C7D4BE94288A88FF1FB7103E92FBA4E17A16AB6A04F909F29 ] ISCTAgent       C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
03:40:35.0941 0x394c  ISCTAgent - ok
03:40:35.0948 0x394c  [ 622BF9C46A47CF17608C501320E8EFBD, 059F99D4306216324E100FCDAF02093B2CD662F2C6BE8565A4281E7760F8B575 ] iumsvc          C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
03:40:35.0962 0x394c  iumsvc - ok
03:40:35.0965 0x394c  [ 897B93573F07C9CB1140516DAC44BC7E, C80665FEA4913DDC72F2140EC92CD4FA5D693BD8D0E4029A99DB96D63172E3D1 ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
03:40:35.0972 0x394c  iusb3hcs - ok
03:40:35.0982 0x394c  [ 2D15CEDF619796002E8640F73A4BF920, FCC0137CB5AE32266A550EE46106B80F431F0B55342599951B9D032F8EA10649 ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
03:40:35.0996 0x394c  iusb3hub - ok
03:40:36.0014 0x394c  [ F1E93FE111924D0BC853155AADF8048B, 2DFD5B3D042286A0FD5E482C81FAE339E4F05C0A6DFF43061D8502C4551125F7 ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
03:40:36.0034 0x394c  iusb3xhc - ok
03:40:36.0042 0x394c  [ BF5D3A2624177C413680DEF19A465AF8, B9909D3E6CB6F9971293116387865AD15CB9D47513C7FAA9C36BE4D2847A41EB ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
03:40:36.0051 0x394c  jhi_service - ok
03:40:36.0055 0x394c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
03:40:36.0063 0x394c  kbdclass - ok
03:40:36.0067 0x394c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
03:40:36.0079 0x394c  kbdhid - ok
03:40:36.0082 0x394c  [ CA69E856332E2D85294665F6B7E97254, A9693F836907FB0154DC1090D9476F1E9242ABE922D932D74D0385772D2EAB65 ] KeyIso          C:\Windows\system32\lsass.exe
03:40:36.0091 0x394c  KeyIso - ok
03:40:36.0096 0x394c  [ 3AAA10BAF3F194F7CD34F4C78F8222EE, 25AE0B764748B13C7F093966E228D506072E270379A5E751F1ED619DEFB40814 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
03:40:36.0104 0x394c  KSecDD - ok
03:40:36.0111 0x394c  [ 7B7C28D4E71E4A4365F2B7528DA619F8, 0A507468C6A49870F794F28FF274643FE8FD238A3A9BE86C8656882F237DE77B ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
03:40:36.0120 0x394c  KSecPkg - ok
03:40:36.0125 0x394c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
03:40:36.0149 0x394c  ksthunk - ok
03:40:36.0159 0x394c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
03:40:36.0189 0x394c  KtmRm - ok
03:40:36.0197 0x394c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
03:40:36.0224 0x394c  LanmanServer - ok
03:40:36.0229 0x394c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
03:40:36.0253 0x394c  LanmanWorkstation - ok
03:40:36.0259 0x394c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
03:40:36.0282 0x394c  lltdio - ok
03:40:36.0291 0x394c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
03:40:36.0323 0x394c  lltdsvc - ok
03:40:36.0328 0x394c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
03:40:36.0353 0x394c  lmhosts - ok
03:40:36.0363 0x394c  [ 02A9CBACE666877BBBA4FD66B22F6D4A, 0E783BA7A8F00CEC8F03CFEE03999CA5DB9E4DB7CCE62D9171CFCF36AFBE4BB1 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
03:40:36.0376 0x394c  LMS - ok
03:40:36.0383 0x394c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
03:40:36.0392 0x394c  LSI_FC - ok
03:40:36.0396 0x394c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
03:40:36.0406 0x394c  LSI_SAS - ok
03:40:36.0410 0x394c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
03:40:36.0418 0x394c  LSI_SAS2 - ok
03:40:36.0423 0x394c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
03:40:36.0431 0x394c  LSI_SCSI - ok
03:40:36.0436 0x394c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
03:40:36.0461 0x394c  luafv - ok
03:40:36.0471 0x394c  [ A401CFF74982D8DF851F20307C806073, 1D7BA90C9E77FAAE59F60AB5310EC41D9C5B98F1F9A89A3CDB9169E6DEF565DA ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
03:40:36.0483 0x394c  LVRS64 - ok
03:40:36.0565 0x394c  [ 13384CB5F5813E65F31078D6ABFAAF38, A6E7374C15CAECC273197BF62F8F926BA30E9509270A8470756F4710E1DEA126 ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
03:40:36.0653 0x394c  LVUVC64 - ok
03:40:36.0664 0x394c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
03:40:36.0674 0x394c  Mcx2Svc - ok
03:40:36.0677 0x394c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
03:40:36.0684 0x394c  megasas - ok
03:40:36.0692 0x394c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
03:40:36.0703 0x394c  MegaSR - ok
03:40:36.0708 0x394c  [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
03:40:36.0715 0x394c  MEIx64 - ok
03:40:36.0721 0x394c  [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
03:40:36.0729 0x394c  Microsoft Office Groove Audit Service - ok
03:40:36.0733 0x394c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
03:40:36.0758 0x394c  MMCSS - ok
03:40:36.0762 0x394c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
03:40:36.0785 0x394c  Modem - ok
03:40:36.0788 0x394c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
03:40:36.0798 0x394c  monitor - ok
03:40:36.0802 0x394c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
03:40:36.0810 0x394c  mouclass - ok
03:40:36.0813 0x394c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
03:40:36.0821 0x394c  mouhid - ok
03:40:36.0828 0x394c  [ 8ADB5445B29941CB41AF2846FD5C93C7, 689582430FE29EC0845B1DB841D3CC49D5D09DE264586E3999EEFE616986D12B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
03:40:36.0836 0x394c  mountmgr - ok
03:40:36.0841 0x394c  [ EB4B5C8AB9DA5585CCC975CD3D072115, BEED5B7478F92C9FB1BBB62FFCEB5321A5C12A7C1AA9B20151BF22064589CD46 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
03:40:36.0850 0x394c  MozillaMaintenance - ok
03:40:36.0856 0x394c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
03:40:36.0865 0x394c  mpio - ok
03:40:36.0869 0x394c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
03:40:36.0893 0x394c  mpsdrv - ok
03:40:36.0911 0x394c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
03:40:36.0947 0x394c  MpsSvc - ok
03:40:36.0953 0x394c  [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
03:40:36.0963 0x394c  MRxDAV - ok
03:40:36.0969 0x394c  [ 819426D736BCBD31CC7CA27221954E04, 0C4AADEFE282D89EA4A523BDA7B6BB948247F50253D7D0B90C8FC46C4DEEF835 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
03:40:36.0980 0x394c  mrxsmb - ok
03:40:36.0988 0x394c  [ 85CB449B319AF69A3538BB1B97EEA2E5, DB75D56A7E631F57D31957105422811C738E96E5B84480C3346B827ACF280E12 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
03:40:37.0001 0x394c  mrxsmb10 - ok
03:40:37.0006 0x394c  [ C0B2DC34587FE163997055AA38EB883A, A0BFD0CF873CCEF266606ADE1A4DA69DF757A67D8AD28330272AFEABD7F481D5 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
03:40:37.0016 0x394c  mrxsmb20 - ok
03:40:37.0019 0x394c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
03:40:37.0026 0x394c  msahci - ok
03:40:37.0032 0x394c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
03:40:37.0041 0x394c  msdsm - ok
03:40:37.0046 0x394c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
03:40:37.0057 0x394c  MSDTC - ok
03:40:37.0062 0x394c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
03:40:37.0086 0x394c  Msfs - ok
03:40:37.0090 0x394c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
03:40:37.0112 0x394c  mshidkmdf - ok
03:40:37.0115 0x394c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
03:40:37.0122 0x394c  msisadrv - ok
03:40:37.0128 0x394c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
03:40:37.0153 0x394c  MSiSCSI - ok
03:40:37.0155 0x394c  msiserver - ok
03:40:37.0159 0x394c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
03:40:37.0181 0x394c  MSKSSRV - ok
03:40:37.0184 0x394c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
03:40:37.0207 0x394c  MSPCLOCK - ok
03:40:37.0209 0x394c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
03:40:37.0232 0x394c  MSPQM - ok
03:40:37.0241 0x394c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
03:40:37.0254 0x394c  MsRPC - ok
03:40:37.0259 0x394c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
03:40:37.0266 0x394c  mssmbios - ok
03:40:37.0268 0x394c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
03:40:37.0291 0x394c  MSTEE - ok
03:40:37.0294 0x394c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
03:40:37.0302 0x394c  MTConfig - ok
03:40:37.0306 0x394c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
03:40:37.0314 0x394c  Mup - ok
03:40:37.0323 0x394c  [ 4672AA80B5517E43927AFA46CB813708, 3DED7E055D480AF6009EE6B2E52D52EEC463CF06615A36CC3D20C7798798C38A ] NanoServiceMain C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
03:40:37.0333 0x394c  NanoServiceMain - ok
03:40:37.0346 0x394c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
03:40:37.0377 0x394c  napagent - ok
03:40:37.0385 0x394c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
03:40:37.0402 0x394c  NativeWifiP - ok
03:40:37.0425 0x394c  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
03:40:37.0448 0x394c  NDIS - ok
03:40:37.0452 0x394c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
03:40:37.0476 0x394c  NdisCap - ok
03:40:37.0478 0x394c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
03:40:37.0501 0x394c  NdisTapi - ok
03:40:37.0505 0x394c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
03:40:37.0528 0x394c  Ndisuio - ok
03:40:37.0533 0x394c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
03:40:37.0558 0x394c  NdisWan - ok
03:40:37.0561 0x394c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
03:40:37.0585 0x394c  NDProxy - ok
03:40:37.0588 0x394c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
03:40:37.0611 0x394c  NetBIOS - ok
03:40:37.0619 0x394c  [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
03:40:37.0631 0x394c  NetBT - ok
03:40:37.0634 0x394c  [ CA69E856332E2D85294665F6B7E97254, A9693F836907FB0154DC1090D9476F1E9242ABE922D932D74D0385772D2EAB65 ] Netlogon        C:\Windows\system32\lsass.exe
03:40:37.0642 0x394c  Netlogon - ok
03:40:37.0651 0x394c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
03:40:37.0679 0x394c  Netman - ok
03:40:37.0685 0x394c  [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
03:40:37.0695 0x394c  NetMsmqActivator - ok
03:40:37.0699 0x394c  [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
03:40:37.0710 0x394c  NetPipeActivator - ok
03:40:37.0721 0x394c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
03:40:37.0752 0x394c  netprofm - ok
03:40:37.0757 0x394c  [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
03:40:37.0767 0x394c  NetTcpActivator - ok
03:40:37.0772 0x394c  [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
03:40:37.0782 0x394c  NetTcpPortSharing - ok
03:40:37.0787 0x394c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
03:40:37.0794 0x394c  nfrd960 - ok
03:40:37.0802 0x394c  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
03:40:37.0816 0x394c  NlaSvc - ok
03:40:37.0821 0x394c  [ 68AB4FAE948ED0116BC80763F962A34F, 6E03784C270CA51EA8B1D0EEC3E11A6E07E33F08605E40B9652B0B037FD540B4 ] NNSALPC         C:\Windows\system32\DRIVERS\NNSAlpc.sys
03:40:37.0832 0x394c  NNSALPC - ok
03:40:37.0839 0x394c  [ DFAEDED6712D6E1DD4E199C380D3625A, CA5D8EFEE2634C45807AC09611D88164B408910CD48EFD4D529E15B3AF30F8E7 ] NNSHTTP         C:\Windows\system32\DRIVERS\NNSHttp.sys
03:40:37.0849 0x394c  NNSHTTP - ok
03:40:37.0854 0x394c  [ DCA68413569AB20356E5BDBDB7A5E5CF, B543BD5D4971271A7D0400BC5AD5C3E6662311493F45A17D38D637DE9CD106F2 ] NNSHTTPS        C:\Windows\system32\DRIVERS\NNSHttps.sys
03:40:37.0863 0x394c  NNSHTTPS - ok
03:40:37.0868 0x394c  [ 48905D86912C8544F2D4D8FA8786172A, 7D2D2FC5D415EA6817A73A6DC3F226E584BAA4854DEF793B1040C4AE38FED785 ] NNSIDS          C:\Windows\system32\DRIVERS\NNSIds.sys
03:40:37.0876 0x394c  NNSIDS - ok
03:40:37.0880 0x394c  [ 3E5469215F92051C2F6AAA4D8C94AE2E, 6A9A600CC494633ACAF4DED301F492B4BF8B12B3030B5EA2C09E0A8D1CA4230F ] NNSNAHSL        C:\Windows\system32\DRIVERS\NNSNAHSL.sys
03:40:37.0890 0x394c  NNSNAHSL - ok
03:40:37.0895 0x394c  [ BA00DDDED5A00198E29AEF05D723919E, 865766F565097D49D6CC7D46678F9A7CFFA9F76EA9FAF32450ACA398A9DB6FB9 ] NNSPICC         C:\Windows\system32\DRIVERS\NNSPicc.sys
03:40:37.0903 0x394c  NNSPICC - ok
03:40:37.0907 0x394c  [ 5522C8BCFF4BBD132D36DFD5A2E4074D, B45987148AE7016C98D2FD06B5832C33A0E973E01D296AD9DE9F14DA1391BAD7 ] NNSPIHSW        C:\Windows\system32\DRIVERS\NNSPihsw.sys
03:40:37.0915 0x394c  NNSPIHSW - ok
03:40:37.0920 0x394c  [ E28E12C1785D2CD9A1BEA996939E1F22, 9F86FFC3C57C44887A4FB4F7AEB434EABF8F872B3D66922C620C660329566067 ] NNSPOP3         C:\Windows\system32\DRIVERS\NNSPop3.sys
03:40:37.0929 0x394c  NNSPOP3 - ok
03:40:37.0938 0x394c  [ 855F568B91BA260C68D1B06E7A898AA1, FCFF990676C1542D60C75B3CF04398B9117F5C64EAC420F85ABFEEA5EEB7DAAE ] NNSPROT         C:\Windows\system32\DRIVERS\NNSProt.sys
03:40:37.0950 0x394c  NNSPROT - ok
03:40:37.0956 0x394c  [ B62B6CA0CBCF1A9D47DFF4BAC8008A44, 40DFF2098E0ADCAB99FCA201FC1D58D483EB724600CEBE70CAA5DAB4FF671FA1 ] NNSPRV          C:\Windows\system32\DRIVERS\NNSPrv.sys
03:40:37.0966 0x394c  NNSPRV - ok
03:40:37.0971 0x394c  [ 734D11039FCCEDDCF040B9973D4DB1A4, 25846E1511447AFA8F0EC44FB2852AC74044AAC853E53D10C61563C10579CAE8 ] NNSSMTP         C:\Windows\system32\DRIVERS\NNSSmtp.sys
03:40:37.0980 0x394c  NNSSMTP - ok
03:40:37.0988 0x394c  [ AE91263421F2EC327D333C2BCFB68119, AD13136CCF004B7C99472AE3367040B894F17ADDF537F44B795749B9F60B42A2 ] NNSSTRM         C:\Windows\system32\DRIVERS\NNSStrm.sys
03:40:37.0999 0x394c  NNSSTRM - ok
03:40:38.0004 0x394c  [ 2F40D7D2C226255F9AC79F0C761FD766, F3CDCE41B942E05B603A94EF32DD14C4A64DCAEDCDACC17130F631F450604FFB ] NNSTLSC         C:\Windows\system32\DRIVERS\NNSTlsc.sys
03:40:38.0014 0x394c  NNSTLSC - ok
03:40:38.0017 0x394c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
03:40:38.0041 0x394c  Npfs - ok
03:40:38.0043 0x394c  npggsvc - ok
03:40:38.0046 0x394c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
03:40:38.0069 0x394c  nsi - ok
03:40:38.0073 0x394c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
03:40:38.0099 0x394c  nsiproxy - ok
03:40:38.0134 0x394c  [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
03:40:38.0174 0x394c  Ntfs - ok
03:40:38.0178 0x394c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
03:40:38.0201 0x394c  Null - ok
03:40:38.0212 0x394c  [ CEF487606A4D64DC9A5F4D76EEE996AA, 0534E3EE033B0E821597328AAA62C818593D537BDCA54625CB3C1B99912ACC21 ] NvContainerLocalSystem C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
03:40:38.0227 0x394c  NvContainerLocalSystem - ok
03:40:38.0238 0x394c  [ CEF487606A4D64DC9A5F4D76EEE996AA, 0534E3EE033B0E821597328AAA62C818593D537BDCA54625CB3C1B99912ACC21 ] NvContainerNetworkService C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
03:40:38.0252 0x394c  NvContainerNetworkService - ok
03:40:38.0259 0x394c  [ D812362E8AF615B521AD4DF19A93BD5A, B1F04122DFE9FCC3FC56BE327D86912D624C89F2EFB9684BE66FC22115D0E19F ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
03:40:38.0269 0x394c  NVHDA - ok
03:40:38.0452 0x394c  [ B2E1A2E7911DF19A2A41156F16982ECC, A87B6761CFB0B64F3D1B28CAE861C8749CB4144EC4F7638BEC8D0D199AF1453E ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
03:40:38.0645 0x394c  nvlddmkm - ok
03:40:38.0668 0x394c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
03:40:38.0677 0x394c  nvraid - ok
03:40:38.0683 0x394c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
03:40:38.0693 0x394c  nvstor - ok
03:40:38.0696 0x394c  [ 05FECCB901276013D16A42AD4CFCE24B, 281E2F23E5C820FA670E908EA1798F3FA062C4DD37B16DF73CE13E58B6F3C56E ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
03:40:38.0704 0x394c  NvStreamKms - ok
03:40:38.0729 0x394c  [ C897258EFDF6740F5ABFB4A6A61B4995, 0678E4BE0E66A528A9ED3CE5540F193BF67449296F6E96E4FCAA13D637FCF5BC ] nvsvc           C:\Windows\system32\nvvsvc.exe
03:40:38.0752 0x394c  nvsvc - ok
03:40:38.0765 0x394c  [ 40B216E2D52371BC377C892FE83E63E9, AFD5466C86F0B0B54BE9AE6EF172D1B8F1F828C867FDA91CDD4E0A805D6EF71E ] NvTelemetryContainer C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
03:40:38.0781 0x394c  NvTelemetryContainer - ok
03:40:38.0787 0x394c  [ CA090120FB0C11D99A15DA648CD33EE8, 9760D42634867306DA422A1A17C872FBE8D9874295107F8B00A9D5564CE3BCFC ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
03:40:38.0795 0x394c  nvvad_WaveExtensible - ok
03:40:38.0799 0x394c  [ 8633AFA9759AD66649D9E0613FFDD847, 6B1F4C4B8AEFC963652C9E881C28C3FCE5665D23C3D79AFA8F9F896B722F7A95 ] nvvhci          C:\Windows\system32\DRIVERS\nvvhci.sys
03:40:38.0808 0x394c  nvvhci - ok
03:40:38.0813 0x394c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
03:40:38.0821 0x394c  nv_agp - ok
03:40:38.0837 0x394c  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
03:40:38.0851 0x394c  odserv - ok
03:40:38.0856 0x394c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
03:40:38.0866 0x394c  ohci1394 - ok
03:40:38.0926 0x394c  [ 107383EF78A7DC444F62594C927536E6, 7B1D2E3FE5D53AC168BE455881971E001845DB5BCADB4F0A49BB2DA8BCFFBACE ] OpenVPNService  E:\Program Files\OpenVPN\bin\openvpnserv.exe
03:40:38.0933 0x394c  OpenVPNService - ok
03:40:39.0024 0x394c  [ 2906AF02B5D06B0EFCD32382F19B88DB, 52A57816017591AC18693095ED6877EC6187F01A1B075ECC0F7E8FA73543E9D0 ] Origin Client Service E:\Games\Origin\OriginClientService.exe
03:40:39.0070 0x394c  Origin Client Service - ok
03:40:39.0081 0x394c  [ 7B9A1271FEFFA14D5A227E97BBFCD2D9, FE7736FA49500F3280C688A5C305C06D30D2B517BDEACDE47CA1E9DEC7CE224C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
03:40:39.0093 0x394c  ose - ok
03:40:39.0186 0x394c  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
03:40:39.0282 0x394c  osppsvc - ok
03:40:39.0299 0x394c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
03:40:39.0313 0x394c  p2pimsvc - ok
03:40:39.0324 0x394c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
03:40:39.0341 0x394c  p2psvc - ok
03:40:39.0345 0x394c  [ 7CB4A8CEFE80C1B924B82ABC8423D75A, 8114529E20433B20542AD7ADDC7D069768E8190A88B1B2ED9988324580D6059C ] PandaAgent      C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
03:40:39.0352 0x394c  PandaAgent - ok
03:40:39.0354 0x394c  panda_url_filtering - ok
03:40:39.0357 0x394c  panda_url_filteringd - ok
03:40:39.0363 0x394c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
03:40:39.0371 0x394c  Parport - ok
03:40:39.0376 0x394c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
03:40:39.0385 0x394c  partmgr - ok
03:40:39.0391 0x394c  [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc          C:\Windows\System32\pcasvc.dll
03:40:39.0402 0x394c  PcaSvc - ok
03:40:39.0409 0x394c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
03:40:39.0418 0x394c  pci - ok
03:40:39.0421 0x394c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
03:40:39.0428 0x394c  pciide - ok
03:40:39.0434 0x394c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
03:40:39.0445 0x394c  pcmcia - ok
03:40:39.0448 0x394c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
03:40:39.0456 0x394c  pcw - ok
03:40:39.0471 0x394c  [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
03:40:39.0491 0x394c  PEAUTH - ok
03:40:39.0520 0x394c  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
03:40:39.0551 0x394c  PeerDistSvc - ok
03:40:39.0565 0x394c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
03:40:39.0574 0x394c  PerfHost - ok
03:40:39.0608 0x394c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
03:40:39.0653 0x394c  pla - ok
03:40:39.0665 0x394c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
03:40:39.0685 0x394c  PlugPlay - ok
03:40:39.0688 0x394c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
03:40:39.0697 0x394c  PNRPAutoReg - ok
03:40:39.0705 0x394c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
03:40:39.0718 0x394c  PNRPsvc - ok
03:40:39.0731 0x394c  [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
03:40:39.0747 0x394c  PolicyAgent - ok
03:40:39.0755 0x394c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
03:40:39.0784 0x394c  Power - ok
03:40:39.0788 0x394c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
03:40:39.0813 0x394c  PptpMiniport - ok
03:40:39.0817 0x394c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
03:40:39.0826 0x394c  Processor - ok
03:40:39.0834 0x394c  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
03:40:39.0847 0x394c  ProfSvc - ok
03:40:39.0850 0x394c  [ CA69E856332E2D85294665F6B7E97254, A9693F836907FB0154DC1090D9476F1E9242ABE922D932D74D0385772D2EAB65 ] ProtectedStorage C:\Windows\system32\lsass.exe
03:40:39.0858 0x394c  ProtectedStorage - ok
03:40:39.0863 0x394c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
03:40:39.0887 0x394c  Psched - ok
03:40:39.0894 0x394c  [ FBBCC2BAEA51014CC5B24839F74CED3C, 69E8A6C6EFB9F35E33DA8C9EDCEB8D9DB5ED051ADCDCEAAB241F282685C1F684 ] PSINAflt        C:\Windows\system32\DRIVERS\PSINAflt.sys
03:40:39.0903 0x394c  PSINAflt - ok
03:40:39.0909 0x394c  [ F3936B5CC371E81900887EA9B1460737, A066ADCE60DCF3E09D3B4EA5992352CAE7B0C84A6249E36F8469576EEFEA6AF4 ] PSINFile        C:\Windows\system32\DRIVERS\PSINFile.sys
03:40:39.0918 0x394c  PSINFile - ok
03:40:39.0925 0x394c  [ 5A77C1C126B8CD67129878444F1CD1F5, CD3061DE79CCAA7541892B297308C559D23AE4717A5A14D88F2B90FECAD31CE6 ] PSINKNC         C:\Windows\system32\DRIVERS\psinknc.sys
03:40:39.0935 0x394c  PSINKNC - ok
03:40:39.0940 0x394c  [ 8BCC45C855ADDD1AC2483F42AF45F5AE, C6887AF0AE36CC9C8C67C2709856752B714F5CB40E9CA81903F9441B88631E07 ] PSINProc        C:\Windows\system32\DRIVERS\PSINProc.sys
03:40:39.0950 0x394c  PSINProc - ok
03:40:39.0955 0x394c  [ 0328A149C311E305F41DD665304F41CC, 0978DB25B327F498D78583AEFEEAE9106479066D3B617BC30E0ECA1469EEB494 ] PSINProt        C:\Windows\system32\DRIVERS\PSINProt.sys
03:40:39.0965 0x394c  PSINProt - ok
03:40:39.0969 0x394c  [ 422ABF1D3E93DB63D5769018DC936751, 6F71DDC639E7037844E578FF49675B33698008F133DB7B156A3841557C75C3E1 ] PSINReg         C:\Windows\system32\DRIVERS\PSINReg.sys
03:40:39.0978 0x394c  PSINReg - ok
03:40:39.0982 0x394c  [ 34309132ABE90878D54B6597B559EDEC, 4714EE9B65560E53CB558C2BBBA9446675939541EFC089E7B0B12D9161753D64 ] PSKMAD          C:\Windows\system32\DRIVERS\PSKMAD.sys
03:40:39.0990 0x394c  PSKMAD - ok
03:40:39.0997 0x394c  [ F8F2096FB17C1219C81008671F0FADA5, F16CB53622107A5690CF32E43104CCE0172A4D985FE7AD7182AFF2DF3AF01D28 ] PSUAService     C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
03:40:40.0004 0x394c  PSUAService - ok
03:40:40.0038 0x394c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
03:40:40.0074 0x394c  ql2300 - ok
03:40:40.0101 0x394c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
03:40:40.0111 0x394c  ql40xx - ok
03:40:40.0125 0x394c  QMUdisk - ok
03:40:40.0127 0x394c  QQPCRTP - ok
03:40:40.0135 0x394c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
03:40:40.0152 0x394c  QWAVE - ok
03:40:40.0156 0x394c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
03:40:40.0170 0x394c  QWAVEdrv - ok
03:40:40.0173 0x394c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
03:40:40.0198 0x394c  RasAcd - ok
03:40:40.0202 0x394c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
03:40:40.0227 0x394c  RasAgileVpn - ok
03:40:40.0231 0x394c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
03:40:40.0257 0x394c  RasAuto - ok
03:40:40.0262 0x394c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
03:40:40.0287 0x394c  Rasl2tp - ok
03:40:40.0296 0x394c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
03:40:40.0325 0x394c  RasMan - ok
03:40:40.0330 0x394c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
03:40:40.0358 0x394c  RasPppoe - ok
03:40:40.0362 0x394c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
03:40:40.0386 0x394c  RasSstp - ok
03:40:40.0394 0x394c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
03:40:40.0422 0x394c  rdbss - ok
03:40:40.0426 0x394c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
03:40:40.0436 0x394c  rdpbus - ok
03:40:40.0439 0x394c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
03:40:40.0464 0x394c  RDPCDD - ok
03:40:40.0471 0x394c  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
03:40:40.0482 0x394c  RDPDR - ok
03:40:40.0485 0x394c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
03:40:40.0510 0x394c  RDPENCDD - ok
03:40:40.0515 0x394c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
03:40:40.0539 0x394c  RDPREFMP - ok
03:40:40.0545 0x394c  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
03:40:40.0554 0x394c  RdpVideoMiniport - ok
03:40:40.0562 0x394c  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
03:40:40.0625 0x394c  RDPWD - ok
03:40:40.0632 0x394c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
03:40:40.0641 0x394c  rdyboost - ok
03:40:40.0646 0x394c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
03:40:40.0670 0x394c  RemoteAccess - ok
03:40:40.0677 0x394c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
03:40:40.0703 0x394c  RemoteRegistry - ok
03:40:40.0708 0x394c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
03:40:40.0733 0x394c  RpcEptMapper - ok
03:40:40.0736 0x394c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
03:40:40.0745 0x394c  RpcLocator - ok
03:40:40.0757 0x394c  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs           C:\Windows\system32\rpcss.dll
03:40:40.0774 0x394c  RpcSs - ok
03:40:40.0779 0x394c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
03:40:40.0803 0x394c  rspndr - ok
03:40:40.0859 0x394c  [ 24061B0958874C1CB2A5A8E9D25482D4, F84F8173242B95F9F3C4FEA99B5555B33F9CE37CA8188B643871D261CB081496 ] RTCore64        E:\Program Files (x86)\MSI Afterburner\RTCore64.sys
03:40:40.0866 0x394c  RTCore64 - ok
03:40:40.0873 0x394c  [ 3A50489C017292386C1C6CF6EB283F23, 42E2C75A83A45070BB548591B83C3744F5DF6BB3743221D0442C1BA23789AD5D ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
03:40:40.0883 0x394c  RtkAudioService - ok
03:40:40.0904 0x394c  [ 7461D3DA1AABB5F703504E958455A900, B77D36E095A476A8191C1771539F20529F82CACF3C945BF55D64C39EEF09D0EA ] RTL8192cu       C:\Windows\system32\DRIVERS\RTL8192cu.sys
03:40:40.0926 0x394c  RTL8192cu - ok
03:40:40.0930 0x394c  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
03:40:40.0938 0x394c  s3cap - ok
03:40:40.0942 0x394c  [ 4F55BC63DCA859A6DEDC1106E0062135, C9AA97130DBEEE4D47BE2DAB3A8B8E7F0484DA0FCD3701C664B2F76F7671ACCF ] S3XXx64         C:\Windows\system32\DRIVERS\S3XXx64.sys
03:40:40.0951 0x394c  S3XXx64 - ok
03:40:40.0954 0x394c  [ CA69E856332E2D85294665F6B7E97254, A9693F836907FB0154DC1090D9476F1E9242ABE922D932D74D0385772D2EAB65 ] SamSs           C:\Windows\system32\lsass.exe
03:40:40.0963 0x394c  SamSs - ok
03:40:40.0967 0x394c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
03:40:40.0976 0x394c  sbp2port - ok
03:40:40.0982 0x394c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
03:40:41.0009 0x394c  SCardSvr - ok
03:40:41.0012 0x394c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
03:40:41.0034 0x394c  scfilter - ok
03:40:41.0058 0x394c  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
03:40:41.0086 0x394c  Schedule - ok
03:40:41.0092 0x394c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
03:40:41.0119 0x394c  SCPolicySvc - ok
03:40:41.0125 0x394c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
03:40:41.0137 0x394c  SDRSVC - ok
03:40:41.0141 0x394c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
03:40:41.0150 0x394c  secdrv - ok
03:40:41.0153 0x394c  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
03:40:41.0163 0x394c  seclogon - ok
03:40:41.0167 0x394c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
03:40:41.0192 0x394c  SENS - ok
03:40:41.0195 0x394c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
03:40:41.0205 0x394c  SensrSvc - ok
03:40:41.0209 0x394c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
03:40:41.0218 0x394c  Serenum - ok
03:40:41.0222 0x394c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
03:40:41.0232 0x394c  Serial - ok
03:40:41.0235 0x394c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
03:40:41.0245 0x394c  sermouse - ok
03:40:41.0253 0x394c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
03:40:41.0278 0x394c  SessionEnv - ok
03:40:41.0282 0x394c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
03:40:41.0292 0x394c  sffdisk - ok
03:40:41.0295 0x394c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
03:40:41.0304 0x394c  sffp_mmc - ok
03:40:41.0308 0x394c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
03:40:41.0318 0x394c  sffp_sd - ok
03:40:41.0321 0x394c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
03:40:41.0330 0x394c  sfloppy - ok
03:40:41.0340 0x394c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
03:40:41.0371 0x394c  SharedAccess - ok
03:40:41.0381 0x394c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
03:40:41.0412 0x394c  ShellHWDetection - ok
03:40:41.0417 0x394c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
03:40:41.0425 0x394c  SiSRaid2 - ok
03:40:41.0429 0x394c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
03:40:41.0437 0x394c  SiSRaid4 - ok
03:40:41.0441 0x394c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
03:40:41.0466 0x394c  Smb - ok
03:40:41.0471 0x394c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
03:40:41.0481 0x394c  SNMPTRAP - ok
03:40:41.0483 0x394c  softaal - ok
03:40:41.0487 0x394c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
03:40:41.0494 0x394c  spldr - ok
03:40:41.0508 0x394c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
03:40:41.0526 0x394c  Spooler - ok
03:40:41.0589 0x394c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
03:40:41.0672 0x394c  sppsvc - ok
03:40:41.0680 0x394c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
03:40:41.0704 0x394c  sppuinotify - ok
03:40:41.0717 0x394c  [ EB15C46477EB84B6B520871ED5936CCF, 7366FD2E1315109B9A2F47DA08959CF0CBEEB1F20B2E2DEF449D39B508107D29 ] srv             C:\Windows\system32\DRIVERS\srv.sys
03:40:41.0734 0x394c  srv - ok
03:40:41.0743 0x394c  [ 7F4FDC9528BCE6FB919615B6A77D5724, C4843381504E0F50D4B8E4F8886C83112018CE5F64467B875F2809508EA2B182 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
03:40:41.0759 0x394c  srv2 - ok
03:40:41.0765 0x394c  [ 3F20CD2A11872284BD667DAD6D4801CC, 917EAA680CD10D3EA59EEF4B77BB3813D5718E7D1CB0846431255EE73035D834 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
03:40:41.0776 0x394c  srvnet - ok
03:40:41.0782 0x394c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
03:40:41.0808 0x394c  SSDPSRV - ok
03:40:41.0813 0x394c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
03:40:41.0838 0x394c  SstpSvc - ok
03:40:41.0844 0x394c  [ D08FFE34AF5B7AC5F69EEA1E0E8C6ECE, CC43752CE5C879E24229C84443DBEE667CE629ECF992AD0D42F0F77FE04F6751 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
03:40:41.0857 0x394c  ssudmdm - ok
03:40:41.0967 0x394c  [ 7DB9E612A2742ACEAB080B882E83141C, FFD1FA36E732F55223F3F4B5F845331DBB3073B023C2C5BF51A0E7680DEE7FA7 ] ss_conn_service E:\Programme\kies\USB Drivers\27_ssconn\conn\ss_conn_service.exe
03:40:41.0988 0x394c  ss_conn_service - ok
03:40:42.0023 0x394c  [ 5CBCEB3FF7C232ACC8891C8197BF3353, B1FE57C61E62B1FEC81B219551DAD68DC5DF17FC1603CDC0CBA097A3E687A027 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
03:40:42.0056 0x394c  Steam Client Service - ok
03:40:42.0069 0x394c  [ 84E3F6607842CD40A4F3B4EC2D5152B6, 1C1240069576B728BDE22C41DEB55CCFDF9085E36178761DDD91322009359EBF ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
03:40:42.0082 0x394c  Stereo Service - ok
03:40:42.0086 0x394c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
03:40:42.0094 0x394c  stexstor - ok
03:40:42.0108 0x394c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
03:40:42.0130 0x394c  stisvc - ok
03:40:42.0134 0x394c  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
03:40:42.0141 0x394c  storflt - ok
03:40:42.0144 0x394c  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
03:40:42.0152 0x394c  StorSvc - ok
03:40:42.0155 0x394c  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
03:40:42.0163 0x394c  storvsc - ok
03:40:42.0166 0x394c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
03:40:42.0172 0x394c  swenum - ok
03:40:42.0185 0x394c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
03:40:42.0217 0x394c  swprv - ok
03:40:42.0252 0x394c  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
03:40:42.0290 0x394c  SysMain - ok
03:40:42.0296 0x394c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
03:40:42.0310 0x394c  TabletInputService - ok
03:40:42.0375 0x394c  [ 37BEA19DBD43301FD987F5D277DFBEA5, E58F4E4FD589C33134C658A06CA4FEB9CA2A000A4D31314DEEABFD86DE4215A5 ] TabletServicePen C:\Windows\system32\Pen_Tablet.exe
03:40:42.0447 0x394c  TabletServicePen - ok
03:40:42.0454 0x394c  [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
03:40:42.0462 0x394c  tap0901 - ok
03:40:42.0471 0x394c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
03:40:42.0499 0x394c  TapiSrv - ok
03:40:42.0536 0x394c  [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
03:40:42.0575 0x394c  Tcpip - ok
03:40:42.0616 0x394c  [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
03:40:42.0654 0x394c  TCPIP6 - ok
03:40:42.0661 0x394c  [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
03:40:42.0669 0x394c  tcpipreg - ok
03:40:42.0674 0x394c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
03:40:42.0682 0x394c  TDPIPE - ok
03:40:42.0686 0x394c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
03:40:42.0693 0x394c  TDTCP - ok
03:40:42.0699 0x394c  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
03:40:42.0708 0x394c  tdx - ok
03:40:42.0712 0x394c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
03:40:42.0720 0x394c  TermDD - ok
03:40:42.0735 0x394c  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
03:40:42.0755 0x394c  TermService - ok
03:40:42.0760 0x394c  [ 8221854F134EF1A0E260CFCBE7030EFA, D89A957F3623DBEDAB49F94F560BDCE6AC77E7E4EBFAE62838FAA9C5B2A4CB58 ] TesMon          C:\Windows\system32\TesMon.sys
03:40:42.0770 0x394c  TesMon - ok
03:40:42.0793 0x394c  [ C163DA99031A953AB160575E9D259AED, 117D7EE9F0F962839141098AADC2A42CC84051CBF3E4D6ADA6897FD5674E3987 ] TesSafe         C:\Windows\system32\TesSafe.sys
03:40:42.0821 0x394c  TesSafe - ok
03:40:42.0826 0x394c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
03:40:42.0838 0x394c  Themes - ok
03:40:42.0843 0x394c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
03:40:42.0870 0x394c  THREADORDER - ok
03:40:42.0876 0x394c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
03:40:42.0902 0x394c  TrkWks - ok
03:40:42.0908 0x394c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
03:40:42.0933 0x394c  TrustedInstaller - ok
03:40:42.0936 0x394c  TsDefenseBt - ok
03:40:42.0939 0x394c  tsnethlpx64 - ok
03:40:42.0943 0x394c  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
03:40:42.0951 0x394c  tssecsrv - ok
03:40:42.0955 0x394c  [ 986659F31F7065438FAC1A58B6271CB3, 2026DB49F657B7914628D5D59F8D3D57E793B8F6D681896BBED0C3C66F8C14FB ] TSSKX64         C:\Windows\system32\drivers\tsskx64.sys
03:40:42.0963 0x394c  TSSKX64 - ok
03:40:42.0967 0x394c  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
03:40:42.0975 0x394c  TsUsbFlt - ok
03:40:42.0979 0x394c  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
03:40:42.0987 0x394c  TsUsbGD - ok
03:40:42.0992 0x394c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
03:40:43.0016 0x394c  tunnel - ok
03:40:43.0020 0x394c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
03:40:43.0028 0x394c  uagp35 - ok
03:40:43.0036 0x394c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
03:40:43.0064 0x394c  udfs - ok
03:40:43.0069 0x394c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
03:40:43.0079 0x394c  UI0Detect - ok
03:40:43.0086 0x394c  [ 4AD47E4A6AEBB8D2D54414BCDAC0AA38, BE2E7529188C6B96FF10200C65DE1F2D31171F1E83DE134C060F15A8E6032549 ] ui11drdr        C:\Windows\system32\DRIVERS\ui11drdr.sys
03:40:43.0096 0x394c  ui11drdr - ok
03:40:43.0099 0x394c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
03:40:43.0109 0x394c  uliagpkx - ok
03:40:43.0113 0x394c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
03:40:43.0121 0x394c  umbus - ok
03:40:43.0124 0x394c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
03:40:43.0133 0x394c  UmPass - ok
03:40:43.0140 0x394c  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
03:40:43.0151 0x394c  UmRdpService - ok
03:40:43.0161 0x394c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
03:40:43.0190 0x394c  upnphost - ok
03:40:43.0195 0x394c  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
03:40:43.0204 0x394c  usbaudio - ok
03:40:43.0208 0x394c  [ 28B81917A195B67617AF7DCF4DFE5736, 40A4D2AAE1BDE5ABA8708ED150396E913C566ECD5CDA40D6C6DB256F1B9FD4A9 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
03:40:43.0218 0x394c  usbccgp - ok
03:40:43.0222 0x394c  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
03:40:43.0232 0x394c  usbcir - ok
03:40:43.0236 0x394c  [ B626F048318DAE65A3317F0592BE592C, 284D8FFE1D35F852EFDA182A72288AC3A10D6ED825FE2CC5812497D3FE291AF1 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
03:40:43.0245 0x394c  usbehci - ok
03:40:43.0254 0x394c  [ 390109E8E05BA00375DCB1ED64DC60AF, B8628502590B423BEFB6F7C8C69FAD0667AD0746FF6B444EE02016E8E1052B78 ] usbhub          C:\Windows\system32\drivers\usbhub.sys
03:40:43.0267 0x394c  usbhub - ok
03:40:43.0271 0x394c  [ B4DF0F4C1D9D25DFE1DAD1D8670F1D4F, 4317C2DEDC639527B53864BAEC46CBE022D298C0503E29E1072DD1C851D92BFC ] usbohci         C:\Windows\system32\drivers\usbohci.sys
03:40:43.0279 0x394c  usbohci - ok
03:40:43.0282 0x394c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
03:40:43.0292 0x394c  usbprint - ok
03:40:43.0296 0x394c  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
03:40:43.0305 0x394c  USBSTOR - ok
03:40:43.0309 0x394c  [ CFEAAF96E666E3DCBD8F6DFF516784AE, 006218A3DB5851790CC0A7F3DCD7B3AF82F624DA679296DE507AFD36C5468317 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
03:40:43.0317 0x394c  usbuhci - ok
03:40:43.0323 0x394c  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
03:40:43.0334 0x394c  usbvideo - ok
03:40:43.0337 0x394c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
03:40:43.0362 0x394c  UxSms - ok
03:40:43.0365 0x394c  [ CA69E856332E2D85294665F6B7E97254, A9693F836907FB0154DC1090D9476F1E9242ABE922D932D74D0385772D2EAB65 ] VaultSvc        C:\Windows\system32\lsass.exe
03:40:43.0373 0x394c  VaultSvc - ok
03:40:43.0376 0x394c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
03:40:43.0384 0x394c  vdrvroot - ok
03:40:43.0397 0x394c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
03:40:43.0431 0x394c  vds - ok
03:40:43.0435 0x394c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
03:40:43.0445 0x394c  vga - ok
03:40:43.0448 0x394c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
03:40:43.0471 0x394c  VgaSave - ok
03:40:43.0478 0x394c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
03:40:43.0488 0x394c  vhdmp - ok
03:40:43.0492 0x394c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
03:40:43.0499 0x394c  viaide - ok
03:40:43.0505 0x394c  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
03:40:43.0515 0x394c  vmbus - ok
03:40:43.0519 0x394c  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
03:40:43.0526 0x394c  VMBusHID - ok
03:40:43.0531 0x394c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
03:40:43.0539 0x394c  volmgr - ok
03:40:43.0548 0x394c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
03:40:43.0561 0x394c  volmgrx - ok
03:40:43.0570 0x394c  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
03:40:43.0581 0x394c  volsnap - ok
03:40:43.0588 0x394c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
03:40:43.0598 0x394c  vsmraid - ok
03:40:43.0630 0x394c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
03:40:43.0679 0x394c  VSS - ok
03:40:43.0684 0x394c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
03:40:43.0694 0x394c  vwifibus - ok
03:40:43.0698 0x394c  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
03:40:43.0710 0x394c  vwififlt - ok
03:40:43.0720 0x394c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
03:40:43.0750 0x394c  W32Time - ok
03:40:43.0755 0x394c  [ F39FC224758290A3193C68C091E6F11A, 6F5EEF38D269F41DE95389F0EB5D2642D4D6E3FDCAC95301F5D7DB87A35A7A96 ] wacmoumonitor   C:\Windows\system32\DRIVERS\wacmoumonitor.sys
03:40:43.0760 0x394c  wacmoumonitor - ok
03:40:43.0764 0x394c  [ E04D43C7D1641E95D35CAE6086C7E350, BF08ED680EC835D70C522B91560B8987F206793E8E2987117C1D7B77DEFF8556 ] wacommousefilter C:\Windows\system32\DRIVERS\wacommousefilter.sys
03:40:43.0770 0x394c  wacommousefilter - ok
03:40:43.0773 0x394c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
03:40:43.0781 0x394c  WacomPen - ok
03:40:43.0784 0x394c  [ 53B03E71E88109A5C3C074A33889258A, 67728D644C21F430D471A9F1FD2D09B43F56198B3A84C9A707D462E47743D8ED ] wacomvhid       C:\Windows\system32\DRIVERS\wacomvhid.sys
03:40:43.0790 0x394c  wacomvhid - ok
03:40:43.0793 0x394c  [ 8B4255329EDFBA3ECFBD0714476FAD38, DF1EEBB2672A0A0762B16CDB85896752F508A0CB86E8B644F34F5098C73B9814 ] WacomVKHid      C:\Windows\system32\DRIVERS\WacomVKHid.sys
03:40:43.0799 0x394c  WacomVKHid - ok
03:40:43.0803 0x394c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
03:40:43.0827 0x394c  WANARP - ok
03:40:43.0831 0x394c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
03:40:43.0857 0x394c  Wanarpv6 - ok
03:40:43.0888 0x394c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
03:40:43.0923 0x394c  wbengine - ok
03:40:43.0931 0x394c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
03:40:43.0946 0x394c  WbioSrvc - ok
03:40:43.0956 0x394c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
03:40:43.0973 0x394c  wcncsvc - ok
03:40:43.0977 0x394c  [ BC00873272B3771CCDA38336AF2B4D4B, 3E412DEC5F172B4C5FD5C227CD790EE56B90A00A8B538704E8F973D230BE2289 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
03:40:43.0986 0x394c  WcsPlugInService - ok
03:40:43.0989 0x394c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
03:40:43.0996 0x394c  Wd - ok
03:40:44.0014 0x394c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
03:40:44.0035 0x394c  Wdf01000 - ok
03:40:44.0040 0x394c  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
03:40:44.0050 0x394c  WdiServiceHost - ok
03:40:44.0054 0x394c  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
03:40:44.0064 0x394c  WdiSystemHost - ok
03:40:44.0071 0x394c  [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient       C:\Windows\System32\webclnt.dll
03:40:44.0084 0x394c  WebClient - ok
03:40:44.0092 0x394c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
03:40:44.0121 0x394c  Wecsvc - ok
03:40:44.0126 0x394c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
03:40:44.0151 0x394c  wercplsupport - ok
03:40:44.0156 0x394c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
03:40:44.0181 0x394c  WerSvc - ok
03:40:44.0184 0x394c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
03:40:44.0208 0x394c  WfpLwf - ok
03:40:44.0211 0x394c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
03:40:44.0218 0x394c  WIMMount - ok
03:40:44.0220 0x394c  WinDefend - ok
03:40:44.0224 0x394c  WinHttpAutoProxySvc - ok
03:40:44.0235 0x394c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
03:40:44.0263 0x394c  Winmgmt - ok
03:40:44.0301 0x394c  [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM           C:\Windows\system32\WsmSvc.dll
03:40:44.0345 0x394c  WinRM - ok
03:40:44.0353 0x394c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
03:40:44.0366 0x394c  WinUsb - ok
03:40:44.0385 0x394c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
03:40:44.0412 0x394c  Wlansvc - ok
03:40:44.0457 0x394c  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
03:40:44.0501 0x394c  wlidsvc - ok
03:40:44.0507 0x394c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
03:40:44.0515 0x394c  WmiAcpi - ok
03:40:44.0523 0x394c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
03:40:44.0535 0x394c  wmiApSrv - ok
03:40:44.0537 0x394c  WMPNetworkSvc - ok
03:40:44.0540 0x394c  [ CD04DC21E9A4CF93945BA3C469C1AB5F, 30F9529C52F4FC6A1AEA48F4D6ED90CC5A6BA854E8327CB296510684806542AC ] WNDA6200        C:\Program Files (x86)\NETGEAR\A6200\WifiService.exe
03:40:44.0548 0x394c  WNDA6200 - ok
03:40:44.0551 0x394c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
03:40:44.0560 0x394c  WPCSvc - ok
03:40:44.0565 0x394c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
03:40:44.0576 0x394c  WPDBusEnum - ok
03:40:44.0580 0x394c  [ 7CA09731EB7FC99B910C7F239E57720F, 502F8917A0811F37C39B2B3F5E9B4F38A0E899C30CB29D3ECD87A50FF228E536 ] WPRO_41_2001    C:\Windows\system32\drivers\WPRO_41_2001.sys
03:40:44.0587 0x394c  WPRO_41_2001 - ok
03:40:44.0591 0x394c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
03:40:44.0615 0x394c  ws2ifsl - ok
03:40:44.0620 0x394c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
03:40:44.0633 0x394c  wscsvc - ok
03:40:44.0636 0x394c  WSearch - ok
03:40:44.0648 0x394c  [ B91CC2B946124529044BBCD915DD0FE3, 0D5437CE441D516439FAF0CD298950EA8BE07A6925E14B5E706AD5BBBF0621F8 ] WTGService      C:\Program Files (x86)\XSManager\WTGService.exe
03:40:44.0660 0x394c  WTGService - ok
03:40:44.0711 0x394c  [ 31F32E0C1A8BA9A37EEC23DE5F27F847, 0180832BC6172C9A4C32B5B222BB3F91EA615A5EBDA98DB79ED4FED258C2D257 ] wuauserv        C:\Windows\system32\wuaueng.dll
03:40:44.0764 0x394c  wuauserv - ok
03:40:44.0771 0x394c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
03:40:44.0782 0x394c  WudfPf - ok
03:40:44.0789 0x394c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
03:40:44.0801 0x394c  WUDFRd - ok
03:40:44.0805 0x394c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
03:40:44.0816 0x394c  wudfsvc - ok
03:40:44.0823 0x394c  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
03:40:44.0835 0x394c  WwanSvc - ok
03:40:44.0837 0x394c  xhunter1 - ok
03:40:44.0855 0x394c  [ 4A5CE13408945E525503B5F73D29B9C5, D58BB31AF17752508EA67931BF170CE46877DC204FC5DA7EED5A078AEB0CA0FD ] xnacc           C:\Windows\system32\DRIVERS\xnacc.sys
03:40:44.0876 0x394c  xnacc - ok
03:40:44.0883 0x394c  [ C2F3D4B5BA078EB6CB08300990304F39, 45DC087206F0D8AE5F21F9EBB323E5747DE92FE7DCD550AC65FD2F4D7B1C46A3 ] XS Stick Service C:\Windows\service4g.exe
03:40:44.0891 0x394c  XS Stick Service - ok
03:40:44.0894 0x394c  [ 377F3E3467A8BFA3CDC921AD6425D513, 699271DA1D63E90FE1F9FE8AF3A8789CA588A0B7A2AFF5899EBA443361E041A5 ] XSplit_Dummy    C:\Windows\system32\drivers\xspltspk.sys
03:40:44.0901 0x394c  XSplit_Dummy - ok
03:40:44.0908 0x394c  ================ Scan global ===============================
03:40:44.0911 0x394c  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
03:40:44.0919 0x394c  [ B68AD91370FA58C1296DE9086BB4BA0A, 3B6B8170990B3B3B321752539A54D8EAB6E6241A25092682FDEE1A46BD39DBF6 ] C:\Windows\system32\winsrv.dll
03:40:44.0930 0x394c  [ B68AD91370FA58C1296DE9086BB4BA0A, 3B6B8170990B3B3B321752539A54D8EAB6E6241A25092682FDEE1A46BD39DBF6 ] C:\Windows\system32\winsrv.dll
03:40:44.0937 0x394c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
03:40:44.0947 0x394c  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
03:40:44.0952 0x394c  [ Global ] - ok
03:40:44.0953 0x394c  ================ Scan MBR ==================================
03:40:44.0954 0x394c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
03:40:45.0134 0x394c  \Device\Harddisk0\DR0 - ok
03:40:45.0137 0x394c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
03:40:45.0180 0x394c  \Device\Harddisk1\DR1 - ok
03:40:45.0180 0x394c  ================ Scan VBR ==================================
03:40:45.0182 0x394c  [ 639E7ED30A711D020904451D61BEA8F0 ] \Device\Harddisk0\DR0\Partition1
03:40:45.0183 0x394c  \Device\Harddisk0\DR0\Partition1 - ok
03:40:45.0185 0x394c  [ 587E11BEF865F5A8B00719E2FABA5F4C ] \Device\Harddisk1\DR1\Partition1
03:40:45.0186 0x394c  \Device\Harddisk1\DR1\Partition1 - ok
03:40:45.0187 0x394c  [ B0F2C1E711B85EB55BC57000BACA68E6 ] \Device\Harddisk1\DR1\Partition2
03:40:45.0188 0x394c  \Device\Harddisk1\DR1\Partition2 - ok
03:40:45.0189 0x394c  ================ Scan generic autorun ======================
03:40:45.0192 0x394c  [ 4503FA7E89950178CAD1B635B501640D, E607913AE096DB1E07B9FE1003DF9F9E294FC512F6CD3DEE8D0FB9851491BA37 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
03:40:45.0197 0x394c  IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
03:40:45.0464 0x394c  Detect skipped due to KSN trusted
03:40:45.0464 0x394c  IAStorIcon - ok
03:40:45.0473 0x394c  [ 3731A3AB53B6321E455CC6D1FB3DB8DD, 0FFA668F41EDBA5CDCC66C898B7EB8FC9D12E86D58040E0C0BD8B8CFAAE51F71 ] C:\Program Files (x86)\NETGEAR\A6200\A6200.exe
03:40:45.0487 0x394c  GENIE - ok
03:40:45.0491 0x394c  [ 15972BF70736F6AC32B0BA9470945E51, B6AEC29533F7B52A826BC41C806EEBE318B2CB067E961C67B1A2BFBA99D7D376 ] C:\Program Files (x86)\NETGEAR\A6200\LanuchApp.exe
03:40:45.0498 0x394c  LanuchApp - ok
03:40:45.0731 0x394c  [ 6DDA13FB28B620FEE52E0E616F4E7B70, 8C75E17E2C0C81BA3D1660ACB73591C181C3BD15237DF3A2E9734A7FF365C16A ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
03:40:45.0989 0x394c  RtHDVCpl - ok
03:40:46.0014 0x394c  [ 48515EEA1608ECD83FE26C7490460F59, C7C552D13ED12B4165FDE45F69E170D4F18B746D84B3B08E7254AAF8D9671D0C ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
03:40:46.0030 0x394c  AdobeAAMUpdater-1.0 - ok
03:40:46.0033 0x394c  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
03:40:46.0042 0x394c  ShadowPlay - ok
03:40:46.0047 0x394c  [ 70BDEE03032BF7CE279838866B25E697, 007C3AC1B4380BC56EC6E14EFC022C03F165D08447AD763854351C530E19D976 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
03:40:46.0056 0x394c  IMSS - ok
03:40:46.0064 0x394c  [ 0436F64FD296BE331B3BB0CE446548BF, 53A8F8E58F451A7B030AE61E30DBB9BDFD5342046674177941A838B66D80FD70 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
03:40:46.0076 0x394c  USB3MON - ok
03:40:46.0081 0x394c  [ 85B91052ADF40F50FAD6994A85C607F7, 114D6FBB162D6D8CFCD20C303836BE8E6DE31FBBBAFE9B5EBD134DBF7082E2B4 ] C:\Windows\starter4g.exe
03:40:46.0089 0x394c  starter4g - ok
03:40:46.0092 0x394c  [ 0C9D4FDAEBD8A5A977F06EB5E70D8606, 3A61DC4CCB24A496B292519D2C857646BFF3DBE8F3CFB90AD17FF8A464E1BB74 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
03:40:46.0100 0x394c  PSUAMain - ok
03:40:46.0160 0x394c  [ 308AD1E5746DBF1704EE3E87BD481A92, 40549EEE0D86A676D657114C50B2DC664E54591061BD16098C846C0D9F254501 ] C:\Program Files (x86)\Lioncast LM30 Gaming Mouse\LCmon.exe
03:40:46.0226 0x394c  LCgmmouseRun - detected UnsignedFile.Multi.Generic ( 1 )
03:40:46.0560 0x394c  LCgmmouseRun ( UnsignedFile.Multi.Generic ) - warning
03:40:46.0739 0x394c  [ 6302798F2560E25EB980992B1C4C5F81, E5029149F326C3CD0E418D87234B656A47E4ADFA1E8BC186F0F80B763224BD02 ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
03:40:46.0795 0x394c  Adobe Creative Cloud - ok
03:40:46.0802 0x394c  [ 0E34B7BB1FCF22BCC1E394D16F9E992B, 382CA8E6BAC301E2F277F8EDA03D263FF71272796A8EED582C36294EEE9191F9 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
03:40:46.0809 0x394c  GrooveMonitor - ok
03:40:46.0824 0x394c  [ 6EACC43D0542EF88226FB34B0B12EDB0, 6345E4B49D7F804F6DE042F981AB172822B6AB74C42209BEFB0582B019430884 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
03:40:46.0842 0x394c  SunJavaUpdateSched - ok
03:40:46.0934 0x394c  [ E2CB8918F91D39E24C4A488ED9F22325, F674C9AEECC6D2553E952B4D51BECEA3B18FA5AB191276FCA8D0434015971F67 ] E:\Adobe Documents\Acrobat DC\Acrobat\Acrotray.exe
03:40:46.0976 0x394c  Acrobat Assistant 8.0 - ok
03:40:47.0001 0x394c  Discord - ok
03:40:47.0004 0x394c  [ 42B6A94DD747DF2B5F628A2752E62A98, 4A49EAE1322E65FFA6C71F0BEA52CAEC97D1F30DE71FB068CD9FD8318C8287AB ] C:\Windows\system32\ctfmon.exe
03:40:47.0014 0x394c  ctfmon - ok
03:40:47.0094 0x394c  [ 7F3D0BC2FE61C249302E0515989C59E2, 18613B1D861D7289EF050EE1C0384FCF70F40FDF7E3CB586D36B5D19A7591F8F ] C:\Users\Neslihan\AppData\Local\Akamai\netsession_win.exe
03:40:47.0194 0x394c  Akamai NetSession Interface - ok
03:40:47.0239 0x394c  [ 1F963FAD87E58A1760B4902CB8F89079, F2FEE975FDBCD3CF910306EFAA115700C531825381CF969E14D1CD244CE1BAAF ] E:\Adobe Documents\Acrobat DC\Acrobat\AdobeCollabSync.exe
03:40:47.0264 0x394c  Adobe Acrobat Synchronizer - ok
03:40:47.0265 0x394c  Steam - ok
03:40:47.0354 0x394c  [ DAB21C14C09FA0F40DACD1A19C7A9125, DC215DAA9F79EA6B9D3B2C376A908AC4621871DC4B56374FAD7EDAED4FEB66D7 ] E:\Games\Origin\Origin.exe
03:40:47.0446 0x394c  EADM - ok
03:40:47.0450 0x394c  Waiting for KSN requests completion. In queue: 172
03:40:48.0468 0x394c  AV detected via SS2: Panda Free Antivirus, C:\Program Files (x86)\Panda Security\Panda Security Protection\PAV3WSC.exe ( 6.0.0.0 ), 0x71000 ( enabled : updated )
03:40:48.0470 0x394c  FW detected via SS2: Panda Firewall, C:\Program Files (x86)\Panda Security\Panda Security Protection\PAV3WSC.exe ( 6.0.0.0 ), 0x72010 ( disabled )
03:40:48.0471 0x394c  Win FW state via NFP2: enabled ( trusted )
03:40:48.0556 0x394c  ============================================================
03:40:48.0556 0x394c  Scan finished
03:40:48.0556 0x394c  ============================================================
03:40:48.0563 0x3010  Detected object count: 1
03:40:48.0563 0x3010  Actual detected object count: 1
03:43:35.0587 0x3010  LCgmmouseRun ( UnsignedFile.Multi.Generic ) - skipped by user
03:43:35.0587 0x3010  LCgmmouseRun ( UnsignedFile.Multi.Generic ) - User select action: Skip
         

Alt 26.03.2017, 03:14   #5
monchou
 
Ungewollte Browserextension / Verlangsamtes Laden (Chrome) - Standard

Ungewollte Browserextension / Verlangsamtes Laden (Chrome)



FRST
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
durchgeführt von Neslihan (Administrator) auf NESLIHAN-PC (25-03-2017 22:22:23)
Gestartet von C:\Users\Neslihan\Desktop
Geladene Profile: Neslihan (Verfügbare Profile: Neslihan & Gast)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\spd.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Visicom Media Inc.) C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(DEVGURU Co., LTD.) E:\Programme\kies\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Wacom Technology, Corp.) C:\Windows\System32\Pen_Tablet.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\NETGEAR\A6200\WifiService.exe
() C:\Program Files (x86)\XSManager\WTGService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(4G Systems GmbH & Co. KG) C:\Windows\service4g.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NETGEAR,Inc.) C:\Program Files (x86)\NETGEAR\A6200\A6200.exe
(Wacom Technology, Corp.) C:\Windows\System32\WTablet\Pen_TabletUser.exe
(Hammer & Chisel, Inc.) C:\Users\Neslihan\AppData\Local\Discord\app-0.0.297\Discord.exe
(Wacom Technology, Corp.) C:\Windows\System32\Pen_Tablet.exe
(Akamai Technologies, Inc.) C:\Users\Neslihan\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Neslihan\AppData\Local\Akamai\netsession_win.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(cv cryptovision GmbH) E:\Program Files (x86)\cv cryptovision\cv act sc interface\RegisterTool.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(4G Systems GmbH & Co. KG) C:\Windows\starter4g.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
() C:\Program Files (x86)\Lioncast LM30 Gaming Mouse\LCMon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hammer & Chisel, Inc.) C:\Users\Neslihan\AppData\Local\Discord\app-0.0.297\Discord.exe
(Adobe Systems Inc.) E:\Adobe Documents\Acrobat DC\Acrobat\acrotray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Hammer & Chisel, Inc.) C:\Users\Neslihan\AppData\Local\Discord\app-0.0.297\Discord.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Nullsoft, Inc.) E:\Program Files (x86)\Winamp\winamp.exe
(Last.fm) E:\Program Files (x86)\Last.fm\Last.fm Scrobbler.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-03-22] (Intel Corporation)
HKLM\...\Run: [GENIE] => C:\Program Files (x86)\NETGEAR\A6200\A6200.exe [348888 2013-02-18] (NETGEAR,Inc.)
HKLM\...\Run: [LanuchApp] => C:\Program Files (x86)\NETGEAR\A6200\LanuchApp.exe [15136 2012-07-11] ()
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-18] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-03-12] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291128 2013-03-06] (Intel Corporation)
HKLM-x32\...\Run: [starter4g] => C:\Windows\starter4g.exe [160424 2010-04-30] (4G Systems GmbH & Co. KG)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [54520 2015-10-22] (Panda Security, S.L.)
HKLM-x32\...\Run: [LCgmmouseRun] => C:\Program Files (x86)\Lioncast LM30 Gaming Mouse\LCmon.exe [3171840 2015-05-25] ()
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2384984 2016-12-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => E:\Adobe Documents\Acrobat DC\Acrobat\Acrotray.exe [1870928 2016-12-23] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\ScCertProp: 
HKU\S-1-5-21-2601677052-3802215475-160921258-1000\...\Run: [Discord] => C:\Users\Neslihan\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-2601677052-3802215475-160921258-1000\...\Run: [ctfmon] => C:\Windows\system32\ctfmon.exe [9728 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-2601677052-3802215475-160921258-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Neslihan\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2601677052-3802215475-160921258-1000\...\Run: [Adobe Acrobat Synchronizer] => E:\Adobe Documents\Acrobat DC\Acrobat\AdobeCollabSync.exe [886352 2016-12-23] (Adobe Systems Incorporated)
HKU\S-1-5-21-2601677052-3802215475-160921258-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2601677052-3802215475-160921258-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [333824 2010-11-21] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [panda] => reg.exe delete "HKCU\Software\AppDataLow\Software\panda" /f
HKU\S-1-5-18\...\RunOnce: [panda_XP] => reg.exe delete "HKCU\Software\panda" /f
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [!{6A86DAFA-242F-4E90-A4AD-D01E6B56E6EA}] -> {6A86DAFA-242F-4E90-A4AD-D01E6B56E6EA} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [QBOverlayIcon] -> {96959DE7-C855-42BD-8382-2AAABF2A8F52} => C:\Users\Neslihan\AppData\Local\Tencent\QQBrowser\User Data\IconOverlay\QBShellIcon3a6efae.dll [2016-12-27] (Tencent)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> Keine Datei
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\cv act sc interface RegisterTool.lnk [2014-06-23]
ShortcutTarget: cv act sc interface RegisterTool.lnk -> E:\Program Files (x86)\cv cryptovision\cv act sc interface\RegisterTool.exe (cv cryptovision GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk [2014-02-25]
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
GroupPolicyScripts-x32: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog9 01 C:\Windows\SysWOW64\xunyount.dll [135136 2016-05-08] (四川迅游网络科技股份有限公司)
Winsock: Catalog9 02 C:\Windows\SysWOW64\xunyount.dll [135136 2016-05-08] (四川迅游网络科技股份有限公司)
Winsock: Catalog9 03 C:\Windows\SysWOW64\xunyount.dll [135136 2016-05-08] (四川迅游网络科技股份有限公司)
Winsock: Catalog9 14 C:\Windows\SysWOW64\xunyount.dll [135136 2016-05-08] (四川迅游网络科技股份有限公司)
Winsock: Catalog9-x64 01 C:\Windows\system32\xunyount64.dll [176096 2016-05-08] (四川迅游网络科技股份有限公司)
Winsock: Catalog9-x64 02 C:\Windows\system32\xunyount64.dll [176096 2016-05-08] (四川迅游网络科技股份有限公司)
Winsock: Catalog9-x64 03 C:\Windows\system32\xunyount64.dll [176096 2016-05-08] (四川迅游网络科技股份有限公司)
Winsock: Catalog9-x64 14 C:\Windows\system32\xunyount64.dll [176096 2016-05-08] (四川迅游网络科技股份有限公司)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{08D6EAEC-989B-47E7-9A6B-FFC1DD3F1541}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{140BEABE-B131-48D8-A795-5BE12294B5ED}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{9541EBCD-4C46-48C8-AC3B-BF3B74ACB32D}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-2601677052-3802215475-160921258-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://hao.qq.com/?unc=o400493_1&s=o400493_1
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2601677052-3802215475-160921258-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2601677052-3802215475-160921258-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hao123.com/?tn=82013038_111_hao_pg
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2601677052-3802215475-160921258-1000 -> {3C3277C8-7F89-4F3F-AED7-71D9698B615D} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-2601677052-3802215475-160921258-1000 -> {3D8B4390-0AF1-440A-9B59-8F69A66B8CCB} URL = hxxp://www.google.com.hk/search?hl=zh-CN&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2601677052-3802215475-160921258-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-2601677052-3802215475-160921258-1000 -> {DBF90901-3B89-433A-BF74-7D34AEB1CB85} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-03-05] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-10-01] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2017-03-05] (Microsoft Corporation)
BHO: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2015-10-05] ()
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-03-05] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-10-01] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-03-05] (Microsoft Corporation)
BHO-x32: 应用宝一键安装插件 -> {50F4150A-48B2-417A-BE4C-C83F580FB904} -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhoneManagerExt.dll [2014-05-30] (腾讯公司)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-21] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-10-01] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2017-03-05] (Microsoft Corporation)
BHO-x32: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2015-10-05] ()
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-03-05] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-21] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-10-01] (Adobe Systems Incorporated)
Toolbar: HKLM - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2015-10-05] ()
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-10-01] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2015-10-05] ()
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-10-01] (Adobe Systems Incorporated)
DPF: HKLM-x32 {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} hxxp://dist.cdnetworks.co.jp/cdndist/neffy/NeffyLauncher_v1013.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-05] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-05] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-05] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-05] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF DefaultProfile: 6ghfa3rf.default-1436973638517
FF ProfilePath: C:\Users\Neslihan\AppData\Roaming\Mozilla\Firefox\Profiles\6ghfa3rf.default-1436973638517 [2017-03-05]
FF Session Restore: Mozilla\Firefox\Profiles\6ghfa3rf.default-1436973638517 -> ist aktiviert.
FF Keyword.URL: Mozilla\Firefox\Profiles\6ghfa3rf.default-1436973638517 -> hxxp://pandasecurity.mystart.com/results.php?pr=vmn&id=pandasecuritytb&v=4_3&idate=2015-09-16&ent=tb____campaignID___&mkt=us&u=D7FDE081746D1FC35579DD55F97CB820&q=
FF Extension: (Imperia OneClickEdit) - C:\Users\Neslihan\AppData\Roaming\Mozilla\Firefox\Profiles\6ghfa3rf.default-1436973638517\Extensions\oce@imperia.de.xpi [2016-08-10]
FF Extension: (Panda Security Toolbar) - C:\Users\Neslihan\AppData\Roaming\Mozilla\Firefox\Profiles\6ghfa3rf.default-1436973638517\Extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} [2015-09-16] [ist nicht signiert]
FF Extension: (Adblock Plus) - C:\Users\Neslihan\AppData\Roaming\Mozilla\Firefox\Profiles\6ghfa3rf.default-1436973638517\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-25]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - E:\Adobe Documents\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - E:\Adobe Documents\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2017-01-11]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-15] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> E:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-12-09] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-15] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-03-05] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-03-05] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-24] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-24] (NVIDIA Corporation)
FF Plugin-x32: @qq.com/npAndroidAssistant -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhoneManagerExt.dll [2014-05-30] (腾讯公司)
FF Plugin-x32: @qq.com/TXSSO -> C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.3.15\Bin\npSSOAxCtrlForPTLogin.dll [2015-06-20] (Tencent)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> E:\Adobe Documents\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-12-09] (Adobe Systems)
StartMenuInternet: FIREFOX.EXE - E:\Program Files (x86)\Mozilla Firefox\firefox.exe

Chrome: 
=======
CHR DefaultProfile: Default
CHR DefaultSearchURL: Default -> hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=orcl_default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://de.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Session Restore: Default -> ist aktiviert.
CHR Profile: C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default [2017-03-25]
CHR Extension: (Google Präsentationen) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-28]
CHR Extension: (Google Docs) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-28]
CHR Extension: (Google Drive) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (Skype-Anrufe) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2015-11-03]
CHR Extension: (YouTube) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Mogicons) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpgpffljkgjmijjdmjbdppndoojdgboe [2017-03-21]
CHR Extension: (Ecosia - Die Suchmaschine, die Bäume pflanzt) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\clellnciejhoedgepbdilbkdkaoecgpc [2017-01-09]
CHR Extension: (Google-Suche) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Icon Pack for Facebook) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjnigeodbhfkikngfpbpaponldpnajj [2017-03-25]
CHR Extension: (Full Page Screen Capture) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2016-09-02]
CHR Extension: (Google Tabellen) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-28]
CHR Extension: (Facebook™ Chat Privacy) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfpgaanechfneiboempkfjghninbibjn [2016-07-19]
CHR Extension: (Google Docs Offline) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (AdBlock) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-02-25]
CHR Extension: (Tag Assistant (by Google)) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk [2016-06-10]
CHR Extension: (TwitchAlerts Stream Labels) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgmggmdngboajiakmbpdknfpdelbjbcg [2016-12-08]
CHR Extension: (Noisli) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\klejemegaoblahjdpcajmpcnjjmkmkkf [2017-03-12]
CHR Extension: (Video DownloadHelper) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2016-12-21]
CHR Extension: (Ghostery) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2017-02-14]
CHR Extension: (F.B. Purity For Facebook) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncdlagniojmheiklojdcpdaeepochckl [2016-07-16]
CHR Extension: (F.B.(FluffBusting)Purity) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmkinhboiljjkhaknpaeaicmdjhagpep [2017-03-24]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (VK audio mp3 + video   by MyUpdate.ru) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofhhndfphhclgkigefjgbmghohfiomni [2015-10-11]
CHR Extension: (Spottster) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\oojdbjfeamokogkeipeejegidjceiaio [2016-03-25]
CHR Extension: (VK Downloader) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjdlpaffkkdggnabfdbhbfbncmcckio [2017-03-01]
CHR Extension: (Google Mail) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-10]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [753240 2016-12-09] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-02-27] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1447944 2016-12-12] ()
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-09-01] (BitRaider, LLC)
R2 cFosSpeedS; C:\Program Files\ASRock\XFast LAN\spd.exe [395136 2011-10-19] (cFos Software GmbH)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3294912 2017-03-05] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [399120 2017-02-14] (EasyAntiCheat Ltd)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2016-11-25] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-03-22] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation)
S3 intelsba; C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [48832 2013-01-28] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182248 2013-03-14] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142072 2015-10-18] (Panda Security, S.L.)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3521168 2015-07-22] (INCA Internet Co., Ltd.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-02-23] (NVIDIA Corporation)
S3 OpenVPNService; E:\Program Files\OpenVPN\bin\openvpnserv.exe [37176 2014-06-05] (The OpenVPN Project)
S3 Origin Client Service; E:\Games\Origin\OriginClientService.exe [2122248 2016-09-01] (Electronic Arts)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [73176 2016-02-22] (Panda Security, S.L.)
R2 panda_url_filtering; C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe [287752 2015-10-02] (Visicom Media Inc.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-10-22] (Panda Security, S.L.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [239176 2013-02-19] (Realtek Semiconductor)
R2 ss_conn_service; E:\Programme\kies\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WNDA6200; C:\Program Files (x86)\NETGEAR\A6200\WifiService.exe [29984 2012-09-24] ()
R2 WTGService; C:\Program Files (x86)\XSManager\WTGService.exe [329872 2013-01-30] ()
R2 XS Stick Service; C:\Windows\service4g.exe [145064 2010-04-30] (4G Systems GmbH & Co. KG)
S2 QQPCRTP; "e:\games\QQPCMgr\11.1.16892.209\QQPCRtp.exe" -r [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 A6200; C:\Windows\System32\DRIVERS\bcmwlhigh664.sys [2567984 2013-02-28] (Broadcom Corporation)
S3 AsrDrv101; C:\Windows\SysWOW64\Drivers\AsrDrv101.sys [22280 2014-02-28] (ASRock Incorporation)
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [34640 2012-08-09] (ASRock Inc.)
S3 cmnsusbser; C:\Windows\System32\DRIVERS\cmnsusbser.sys [126080 2014-11-18] (QUALCOMM Incorporated) [Datei ist nicht signiert]
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [496400 2013-02-26] (Intel Corporation)
S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [18816 2016-11-25] (Huawei Technologies Co., Ltd.)
S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [32320 2014-02-25] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [16648 2014-02-25] (FNet Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-11-25] (Huawei Technologies Co., Ltd.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-03-22] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21048 2013-03-14] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21048 2013-03-14] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-03-14] ()
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [94456 2015-07-09] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [201976 2015-07-09] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [110840 2015-07-09] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [110840 2015-07-09] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\System32\DRIVERS\NNSNAHSL.sys [57648 2015-05-20] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [103160 2015-07-09] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [73464 2015-08-31] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [124152 2015-07-09] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [300280 2015-07-09] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [170232 2015-07-09] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [113400 2015-07-09] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [257784 2015-07-09] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [106232 2015-07-09] (Panda Security, S.L.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-02-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47672 2017-01-20] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [59448 2017-01-20] (NVIDIA Corporation)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [164088 2015-07-19] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [121592 2015-07-19] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [197880 2015-07-19] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [124152 2015-07-19] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [134392 2015-07-19] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [107768 2015-07-19] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [61712 2015-05-22] (Panda Security, S.L.)
S3 RTCore64; E:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13512 2015-12-09] ()
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2011-04-08] (Realtek Semiconductor Corporation                           )
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 TesMon; C:\Windows\system32\TesMon.sys [60472 2016-12-30] (Tencent)
S3 TesSafe; C:\Windows\system32\TesSafe.sys [1020968 2016-12-30] (TENCENT)
S3 TSSKX64; C:\Windows\System32\drivers\tsskx64.sys [38200 2015-08-28] (电脑管家)
R1 ui11drdr; C:\Windows\System32\DRIVERS\ui11drdr.sys [201072 2012-09-24] (1&1 Internet AG)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2017-03-25] ()
R3 XSplit_Dummy; C:\Windows\System32\drivers\xspltspk.sys [26200 2015-05-25] (SplitmediaLabs Limited)
S3 AsrSetupDrv; \??\C:\Windows\SysWOW64\Drivers\AsrSetupDrv.sys [X]
S3 BCM42RLY; system32\drivers\BCM42RLY.sys [X]
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 panda_url_filteringd; \??\C:\Program Files\Panda Security URL Filtering\panda_url_filteringd.sys [X]
S1 QMUdisk; \??\e:\games\QQPCMgr\11.1.16892.209\QMUdisk64.sys [X]
S1 softaal; \??\e:\games\QQPCMgr\11.1.16892.209\softaal64.sys [X]
S1 TsDefenseBt; \??\e:\games\QQPCMgr\11.1.16892.209\TsDefenseBT64.sys [X]
S2 tsnethlpx64; \??\e:\games\QQPCMgr\11.1.16892.209\TsNetHlpX64.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-25 22:22 - 2017-03-25 22:22 - 00044686 _____ C:\Users\Neslihan\Desktop\FRST.txt
2017-03-25 22:22 - 2017-03-25 22:22 - 00000000 ____D C:\FRST
2017-03-25 22:01 - 2017-03-25 22:01 - 02424832 _____ (Farbar) C:\Users\Neslihan\Desktop\FRST64.exe
2017-03-23 21:16 - 2017-03-23 21:16 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsigndf8d44c91c38c0eb
2017-03-23 21:13 - 2017-03-23 21:13 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsignfd62bc2add33fb12
2017-03-23 21:13 - 2017-03-23 21:13 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign61b5bb42634075d3
2017-03-23 19:14 - 2017-03-23 19:14 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsigncf63fec69e463626
2017-03-22 18:58 - 2017-03-22 18:58 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign6b9d7f1807479434
2017-03-22 18:54 - 2017-03-22 18:54 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsigne5af52582f90f37f
2017-03-22 18:54 - 2017-03-22 18:54 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign60de42643c6f7a23
2017-03-22 18:54 - 2017-03-22 18:54 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign5f734d3f7262e6bc
2017-03-21 17:27 - 2017-03-21 17:27 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsigndb80571007b5bdd0
2017-03-21 17:27 - 2017-03-21 17:27 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign938b02d59e98a841
2017-03-21 17:27 - 2017-03-21 17:27 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign39e73bdd6f95bf51
2017-03-21 17:27 - 2017-03-21 17:27 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign05557c3ea402652b
2017-03-19 18:07 - 2017-03-19 18:07 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign7edce2e064fea208
2017-03-19 18:07 - 2017-03-19 18:07 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign49be87d93723542d
2017-03-19 18:07 - 2017-03-19 18:07 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign2993c1475cf259f3
2017-03-19 17:04 - 2017-03-19 17:04 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign62bdafbef23c872b
2017-03-19 17:04 - 2017-03-19 17:04 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign1f993a9833221052
2017-03-19 02:22 - 2017-03-19 02:23 - 00000000 ____D C:\Users\Neslihan\Documents\Tomb Raider - Legend
2017-03-18 19:17 - 2017-03-18 19:17 - 00000916 _____ C:\Users\Public\Desktop\XSplit Broadcaster.lnk
2017-03-18 19:16 - 2017-03-18 19:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
2017-03-15 04:46 - 2017-03-15 04:46 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsigneb98a71387055f9c
2017-03-15 03:04 - 2017-03-15 03:04 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign4ca960dc3bda00a8
2017-03-15 00:51 - 2017-03-15 00:51 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsignf0d4b64949b917a9
2017-03-15 00:51 - 2017-03-15 00:51 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsignef5abc0c4fb50efc
2017-03-15 00:51 - 2017-03-15 00:51 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign14096ac8487c58e6
2017-03-14 19:01 - 2017-03-04 08:59 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-03-14 19:01 - 2017-03-04 08:51 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-03-14 19:01 - 2017-03-02 19:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-03-14 19:01 - 2017-03-02 18:53 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-03-14 19:01 - 2017-03-02 18:35 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:14 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:14 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-03-14 19:01 - 2017-02-09 17:14 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 16:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-03-14 19:01 - 2017-02-09 16:49 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 16:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 16:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-03-14 19:01 - 2017-02-09 16:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-03-14 19:00 - 2017-03-04 18:24 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-03-14 19:00 - 2017-03-04 17:39 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-03-14 19:00 - 2017-03-04 09:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-03-14 19:00 - 2017-03-04 09:20 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-03-14 19:00 - 2017-03-04 09:02 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-03-14 19:00 - 2017-03-04 09:01 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-03-14 19:00 - 2017-03-04 09:01 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-03-14 19:00 - 2017-03-04 09:01 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-03-14 19:00 - 2017-03-04 09:01 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-03-14 19:00 - 2017-03-04 08:52 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-03-14 19:00 - 2017-03-04 08:48 - 25746944 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-03-14 19:00 - 2017-03-04 08:46 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-03-14 19:00 - 2017-03-04 08:45 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-03-14 19:00 - 2017-03-04 08:45 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-03-14 19:00 - 2017-03-04 08:45 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-03-14 19:00 - 2017-03-04 08:44 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-03-14 19:00 - 2017-03-04 08:36 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-03-14 19:00 - 2017-03-04 08:32 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-03-14 19:00 - 2017-03-04 08:31 - 06045696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-03-14 19:00 - 2017-03-04 08:23 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-03-14 19:00 - 2017-03-04 08:21 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-03-14 19:00 - 2017-03-04 08:16 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-03-14 19:00 - 2017-03-04 08:16 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-03-14 19:00 - 2017-03-04 08:13 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-03-14 19:00 - 2017-03-04 08:11 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-03-14 19:00 - 2017-03-04 07:57 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-03-14 19:00 - 2017-03-04 07:55 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-03-14 19:00 - 2017-03-04 07:54 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-03-14 19:00 - 2017-03-04 07:52 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-03-14 19:00 - 2017-03-04 07:52 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-03-14 19:00 - 2017-03-04 07:26 - 15259648 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-03-14 19:00 - 2017-03-04 07:25 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-03-14 19:00 - 2017-03-04 07:12 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-03-14 19:00 - 2017-03-04 07:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-03-14 19:00 - 2017-03-04 05:18 - 20281856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-03-14 19:00 - 2017-03-02 19:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-03-14 19:00 - 2017-03-02 19:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-03-14 19:00 - 2017-03-02 19:01 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-03-14 19:00 - 2017-03-02 19:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-03-14 19:00 - 2017-03-02 19:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-03-14 19:00 - 2017-03-02 18:55 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-03-14 19:00 - 2017-03-02 18:54 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-03-14 19:00 - 2017-03-02 18:51 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-03-14 19:00 - 2017-03-02 18:50 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-03-14 19:00 - 2017-03-02 18:49 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-03-14 19:00 - 2017-03-02 18:49 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-03-14 19:00 - 2017-03-02 18:41 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-03-14 19:00 - 2017-03-02 18:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-03-14 19:00 - 2017-03-02 18:32 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-03-14 19:00 - 2017-03-02 18:31 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-03-14 19:00 - 2017-03-02 18:29 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-03-14 19:00 - 2017-03-02 18:28 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-03-14 19:00 - 2017-03-02 18:22 - 04604416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-03-14 19:00 - 2017-03-02 18:21 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-03-14 19:00 - 2017-03-02 18:19 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-03-14 19:00 - 2017-03-02 18:17 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-03-14 19:00 - 2017-03-02 18:17 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-03-14 19:00 - 2017-03-02 18:11 - 13654528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-03-14 19:00 - 2017-03-02 17:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-03-14 19:00 - 2017-03-02 17:50 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-03-14 19:00 - 2017-03-02 17:50 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-03-14 19:00 - 2017-02-11 16:58 - 00462848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-03-14 19:00 - 2017-02-11 16:58 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-03-14 19:00 - 2017-02-11 16:58 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-03-14 19:00 - 2017-02-10 17:32 - 00803328 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-03-14 19:00 - 2017-02-10 17:32 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-03-14 19:00 - 2017-02-10 17:17 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2017-03-14 19:00 - 2017-02-10 17:17 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-03-14 19:00 - 2017-02-10 15:33 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-03-14 19:00 - 2017-02-09 17:36 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-03-14 19:00 - 2017-02-09 17:35 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-03-14 19:00 - 2017-02-09 17:35 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-03-14 19:00 - 2017-02-09 17:35 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-03-14 19:00 - 2017-02-09 17:35 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-03-14 19:00 - 2017-02-09 17:33 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-03-14 19:00 - 2017-02-09 17:32 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-03-14 19:00 - 2017-02-09 17:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-03-14 19:00 - 2017-02-09 17:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-03-14 19:00 - 2017-02-09 17:32 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-03-14 19:00 - 2017-02-09 17:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-03-14 19:00 - 2017-02-09 17:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-03-14 19:00 - 2017-02-09 17:32 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-03-14 19:00 - 2017-02-09 17:32 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-03-14 19:00 - 2017-02-09 17:32 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-03-14 19:00 - 2017-02-09 17:32 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-03-14 19:00 - 2017-02-09 17:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-03-14 19:00 - 2017-02-09 17:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-03-14 19:00 - 2017-02-09 17:32 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
2017-03-14 19:00 - 2017-02-09 17:32 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-03-14 19:00 - 2017-02-09 17:32 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-03-14 19:00 - 2017-02-09 17:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-03-14 19:00 - 2017-02-09 17:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-03-14 19:00 - 2017-02-09 17:31 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-03-14 19:00 - 2017-02-09 17:31 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-03-14 19:00 - 2017-02-09 17:31 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-03-14 19:00 - 2017-02-09 17:31 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-03-14 19:00 - 2017-02-09 17:31 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-03-14 19:00 - 2017-02-09 17:31 - 00625664 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2017-03-14 19:00 - 2017-02-09 17:31 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-03-14 19:00 - 2017-02-09 17:31 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-03-14 19:00 - 2017-02-09 17:31 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-03-14 19:00 - 2017-02-09 17:31 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2017-03-14 19:00 - 2017-02-09 17:31 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-03-14 19:00 - 2017-02-09 17:31 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-03-14 19:00 - 2017-02-09 17:31 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-03-14 19:00 - 2017-02-09 17:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-03-14 19:00 - 2017-02-09 17:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-03-14 19:00 - 2017-02-09 17:31 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-03-14 19:00 - 2017-02-09 17:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-03-14 19:00 - 2017-02-09 17:31 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-03-14 19:00 - 2017-02-09 17:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-03-14 19:00 - 2017-02-09 17:19 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-03-14 19:00 - 2017-02-09 17:19 - 03945192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-03-14 19:00 - 2017-02-09 17:16 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-03-14 19:00 - 2017-02-09 17:14 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-03-14 19:00 - 2017-02-09 17:14 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-03-14 19:00 - 2017-02-09 17:14 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-03-14 19:00 - 2017-02-09 17:14 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-03-14 19:00 - 2017-02-09 17:14 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-03-14 19:00 - 2017-02-09 17:14 - 00481792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2017-03-14 19:00 - 2017-02-09 17:14 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-03-14 19:00 - 2017-02-09 17:14 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-03-14 19:00 - 2017-02-09 17:14 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-03-14 19:00 - 2017-02-09 17:14 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-03-14 19:00 - 2017-02-09 17:14 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-03-14 19:00 - 2017-02-09 17:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2017-03-14 19:00 - 2017-02-09 17:14 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-03-14 19:00 - 2017-02-09 17:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-03-14 19:00 - 2017-02-09 17:14 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-03-14 19:00 - 2017-02-09 17:14 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-03-14 19:00 - 2017-02-09 17:14 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-03-14 19:00 - 2017-02-09 17:14 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-03-14 19:00 - 2017-02-09 17:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-03-14 19:00 - 2017-02-09 17:14 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-03-14 19:00 - 2017-02-09 17:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-03-14 19:00 - 2017-02-09 17:14 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-03-14 19:00 - 2017-02-09 17:14 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-03-14 19:00 - 2017-02-09 17:14 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-03-14 19:00 - 2017-02-09 17:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-03-14 19:00 - 2017-02-09 17:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-03-14 19:00 - 2017-02-09 17:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-03-14 19:00 - 2017-02-09 17:02 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-03-14 19:00 - 2017-02-09 17:00 - 03220480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-03-14 19:00 - 2017-02-09 16:59 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-03-14 19:00 - 2017-02-09 16:58 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-03-14 19:00 - 2017-02-09 16:55 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-03-14 19:00 - 2017-02-09 16:55 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-03-14 19:00 - 2017-02-09 16:55 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-03-14 19:00 - 2017-02-09 16:54 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-03-14 19:00 - 2017-02-09 16:54 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-03-14 19:00 - 2017-02-09 16:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-03-14 19:00 - 2017-02-09 16:51 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcsPlugInService.dll
2017-03-14 19:00 - 2017-02-09 16:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-03-14 19:00 - 2017-02-09 16:50 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-03-14 19:00 - 2017-02-09 16:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-03-14 19:00 - 2017-02-09 16:49 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-03-14 19:00 - 2017-02-09 15:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-03-14 19:00 - 2017-02-09 15:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-03-14 19:00 - 2017-02-06 17:14 - 00733696 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-03-14 19:00 - 2017-01-13 19:00 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2017-03-14 19:00 - 2017-01-13 19:00 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2017-03-14 19:00 - 2017-01-13 18:45 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2017-03-14 19:00 - 2017-01-13 18:45 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2017-03-14 19:00 - 2017-01-11 19:01 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2017-03-14 19:00 - 2017-01-11 19:01 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2017-03-14 19:00 - 2017-01-11 18:43 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2017-03-14 19:00 - 2017-01-11 18:43 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2017-03-14 19:00 - 2017-01-06 19:00 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-03-14 19:00 - 2017-01-06 18:44 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-03-14 18:33 - 2017-02-23 00:42 - 00084712 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-03-14 18:33 - 2017-02-23 00:37 - 01285632 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-03-14 18:33 - 2017-02-18 15:05 - 01609216 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-03-14 18:33 - 2017-02-18 15:05 - 00646656 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-03-14 18:33 - 2016-12-31 16:36 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-03-14 18:33 - 2016-12-31 16:36 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-03-14 18:33 - 2016-12-31 16:36 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-03-14 18:33 - 2016-12-31 16:36 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-03-14 18:33 - 2016-12-31 16:36 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-03-14 09:01 - 2017-03-14 09:01 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign05f5c3d3844488c3
2017-03-14 08:58 - 2017-03-14 08:58 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsigna38f4ae7ba94e769
2017-03-14 08:32 - 2017-03-14 08:32 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign19a76a8a80a1d27d
2017-03-14 08:31 - 2017-03-14 08:31 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign5259f0a813dc6f37
2017-03-14 08:24 - 2017-03-14 08:24 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign9a238826f0b8a724
2017-03-14 08:17 - 2017-03-14 08:17 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsigna15cf6525f7f16f8
2017-03-14 06:34 - 2017-03-14 06:34 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsigncd2372de63e22d65
2017-03-14 06:34 - 2017-03-14 06:34 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign303ddab9221d97b6
2017-03-14 06:34 - 2017-03-14 06:34 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign0aebfc68e533d90a
2017-03-14 06:12 - 2017-03-14 06:12 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign625b562275780c55
2017-03-14 06:10 - 2017-03-14 06:10 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsigne7fbe97d58c32c66
2017-03-14 05:46 - 2017-03-14 05:46 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign4fda5c802e32c16a
2017-03-14 05:46 - 2017-03-14 05:46 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign0c18fce3a5a32fd6
2017-03-14 05:18 - 2017-03-14 05:18 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsigncf1f9edd72789056
2017-03-14 05:18 - 2017-03-14 05:18 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign56e16e1b71d85407
2017-03-14 05:18 - 2017-03-14 05:18 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign439a51e3ac9c25c6
2017-03-14 05:17 - 2017-03-14 05:17 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign882bee4154f1702c
2017-03-13 20:59 - 2017-03-13 20:59 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign3788088892b6f25e
2017-03-13 14:30 - 2017-03-13 14:30 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsigna1cf4eb4b7978cf6
2017-03-13 14:29 - 2017-03-13 14:29 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsigncce7569a99c56917
2017-03-13 14:28 - 2017-03-13 14:28 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsignee575aedea082fcd
2017-03-13 14:28 - 2017-03-13 14:28 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign4b69bd5016b0db54
2017-03-13 14:28 - 2017-03-13 14:28 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign3d3ef6132e181240
2017-03-13 12:42 - 2017-03-13 12:42 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign2b1745fdde2929e8
2017-03-13 08:36 - 2017-03-13 08:36 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsigne52fe0a952a25ae0
2017-03-13 08:36 - 2017-03-13 08:36 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsignbe19441f5ccc3f7d
2017-03-13 08:36 - 2017-03-13 08:36 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsignb1904a5be34d8368
2017-03-13 07:53 - 2017-03-13 07:53 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsignfd931d1f93140af9
2017-03-13 07:11 - 2017-03-13 07:11 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign3bfdf3bc6658a468
2017-03-13 06:54 - 2017-03-13 06:54 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign5494f71aaf218633
2017-03-13 06:53 - 2017-03-13 06:53 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign953294dde6156a32
2017-03-13 06:49 - 2017-03-13 06:49 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign9eceebd87113727e
2017-03-13 05:51 - 2017-03-13 05:51 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign117550d388a1f2a7
2017-03-13 05:49 - 2017-03-13 05:49 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsignfec2cd7067cff811
2017-03-13 05:48 - 2017-03-13 05:48 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign99cae667b61981e1
2017-03-13 05:48 - 2017-03-13 05:48 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign912c2af5adecaf70
2017-03-13 05:46 - 2017-03-13 05:46 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign9e8ef3c8850bff80
2017-03-13 05:24 - 2017-03-13 05:24 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign8dc2a9876f691cfa
2017-03-13 04:58 - 2017-03-13 04:58 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsigndf2a16f010aecad4
2017-03-13 04:41 - 2017-03-13 04:41 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign8ee178e9ccf6c22e
2017-03-13 04:40 - 2017-03-13 04:40 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsignc2b066faff7858cc
2017-03-13 04:40 - 2017-03-13 04:40 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign3a87b62683d00b14
2017-03-13 04:02 - 2017-03-13 04:02 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsigna02fc1f627408854
2017-03-13 04:02 - 2017-03-13 04:02 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign9b44ea79fbe56291
2017-03-13 03:15 - 2017-03-13 03:15 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign2c8a83390b5b28e2
2017-03-12 15:10 - 2017-03-12 15:10 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsignaa87a2b5943753c4
2017-03-12 14:47 - 2017-03-12 14:47 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign273abf7d91d78979
2017-03-12 12:33 - 2017-03-12 12:33 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign03a8cb43e3755d71
2017-03-12 09:16 - 2017-03-12 09:16 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsignd9247430d9fb07f8
2017-03-12 07:39 - 2017-03-12 07:39 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign495109533bebc232
2017-03-12 07:39 - 2017-03-12 07:39 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign415b15f6f9776164
2017-03-12 06:22 - 2017-03-12 06:22 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign239cfce9ecb309ea
2017-03-12 05:41 - 2017-03-12 05:41 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsignd847b0767fd8206e
2017-03-12 05:34 - 2017-03-12 05:34 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign4d038378984def5b
2017-03-12 05:34 - 2017-03-12 05:34 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign11836441b8ca2800
2017-03-10 19:31 - 2017-03-10 19:31 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsignefb77ac9f46c8885
2017-03-10 18:20 - 2017-03-10 18:20 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign3437ded8bd76c275
2017-03-10 16:20 - 2017-03-10 16:20 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign42ca768a24fd7163
2017-03-10 15:43 - 2017-03-10 15:43 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign619ee5881d635b74
2017-03-10 15:07 - 2017-03-10 15:07 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsignc3d353708860cb12
2017-03-10 15:00 - 2017-03-10 15:00 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign8a1bd38b8301b694
2017-03-10 14:18 - 2017-03-10 14:18 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign96756aad01b87220
2017-03-10 13:16 - 2017-03-10 13:16 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsigna869d107c5d9fb8c
2017-03-10 13:15 - 2017-03-10 13:15 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsignfdde206322f4f403
2017-03-10 12:22 - 2017-03-10 12:22 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsigne22cb56c4baeee05
2017-03-10 12:22 - 2017-03-10 12:22 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign19d1c54040a068eb
2017-03-08 19:23 - 2017-03-08 19:23 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign38ded6488edea3de
2017-03-08 19:21 - 2017-03-08 19:21 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsignf04a034f70fd4c96
2017-03-08 19:21 - 2017-03-08 19:21 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsigna29c454c6fc1e230
2017-03-08 19:21 - 2017-03-08 19:21 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign429dcb279273e1a0
2017-03-08 14:08 - 2017-03-08 14:08 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsignb14fbe6dd2fa7c33
2017-03-08 14:08 - 2017-03-08 14:08 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign31e9a07bdd41e2a2
2017-03-08 14:04 - 2017-03-08 14:04 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsignbe91615a796ecbb3
2017-03-08 14:04 - 2017-03-08 14:04 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign06edc387a0021eac
2017-03-05 14:48 - 2017-03-05 14:48 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign835214551bdab20b
2017-03-05 14:11 - 2017-03-05 14:11 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign6b7588698b471b9c
2017-03-05 14:07 - 2017-03-05 14:07 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsignd3f3b00e27aac296
2017-03-05 14:05 - 2017-03-05 14:05 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign47904763b1a0c18b
2017-03-05 13:46 - 2017-03-05 13:46 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign8d0bade2f469ca8a
2017-03-05 13:46 - 2017-03-05 13:46 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign2d991fca5ea9fb5d
2017-03-05 11:57 - 2017-03-05 11:57 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign94ed36450b5169ea
2017-03-05 11:55 - 2017-03-05 11:55 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign88d8e739766bdba9
2017-03-05 11:54 - 2017-03-05 11:54 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsigna2f698cdf070c2fd
2017-03-05 11:53 - 2017-03-05 11:53 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsigncd2be3babab79827
2017-03-05 11:53 - 2017-03-05 11:53 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign8cf69fbe3711474b
2017-03-05 11:53 - 2017-03-05 11:53 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign876a68f00798f6e3
2017-03-05 11:53 - 2017-03-05 11:53 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign012e921f6a749f34
2017-03-05 06:32 - 2017-03-05 06:32 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign31f5c4a99661b77e
2017-03-05 04:24 - 2017-03-05 04:24 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsigna3311df5d23a5e5a
2017-03-05 04:24 - 2017-03-05 04:24 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign8654d848065f6b6e
2017-03-05 04:24 - 2017-03-05 04:24 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign3a38656a0e08befc
2017-03-03 16:06 - 2017-03-03 16:06 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign6893b9bee712a773
2017-03-03 16:06 - 2017-03-03 16:06 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign52fd9e23ec38e86d
2017-03-02 02:36 - 2017-03-02 02:36 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsigne0a8783060e6063b
2017-03-02 02:33 - 2017-03-02 02:33 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign2d573d36a7c42ecd
2017-03-02 02:33 - 2017-03-02 02:33 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign133cea06596ae90b
2017-03-02 02:33 - 2017-03-02 02:33 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign0af826f9836e726e
2017-03-01 06:50 - 2017-03-01 06:50 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsignc2dd5776b774c331
2017-03-01 06:46 - 2017-03-01 06:46 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign787cca1634e72c57
2017-03-01 06:26 - 2017-03-01 06:26 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsignceaf4b08691235ec
2017-03-01 06:21 - 2017-03-01 06:21 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign21634f6767d5fa18
2017-03-01 06:17 - 2017-03-01 06:17 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign9762b7fac04a4434
2017-03-01 06:07 - 2017-03-01 06:07 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsigne2d48c6b639c2c4e
2017-03-01 06:07 - 2017-03-01 06:07 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign7a8f9954848f4b84
2017-03-01 06:07 - 2017-03-01 06:07 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign2d8ae92b0ffcf353
2017-02-26 01:38 - 2017-02-26 01:38 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsigne4eec0e952b59ccc
2017-02-26 01:38 - 2017-02-26 01:38 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsignc548f0c7aefb2c3e
2017-02-26 01:36 - 2017-02-26 01:36 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign765c3d561f706472
2017-02-26 01:36 - 2017-02-26 01:36 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign34e2a9f71067d2c9
2017-02-25 19:13 - 2017-02-25 19:13 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsignc07647b8671ac18f
2017-02-25 19:02 - 2017-02-25 19:02 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign9a96748222dc59e2
2017-02-25 19:02 - 2017-02-25 19:02 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign47357fa607bb2f8b
2017-02-25 19:01 - 2017-02-25 19:01 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign35d61fe4df6244f1
2017-02-25 19:00 - 2017-02-25 19:00 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsignaa69387f1fc1d647
2017-02-25 19:00 - 2017-02-25 19:00 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Tempzxpsign8a66b98530dc7cc7

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-25 22:21 - 2014-09-25 22:35 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Last.fm
2017-03-25 22:11 - 2015-07-31 00:12 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Ubisoft Game Launcher
2017-03-25 12:46 - 2016-10-26 04:44 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Battle.net
2017-03-25 12:25 - 2015-11-09 23:00 - 00000000 ____D C:\ProgramData\NVIDIA
2017-03-25 12:02 - 2009-07-14 05:45 - 00031680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-25 12:02 - 2009-07-14 05:45 - 00031680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-25 12:00 - 2014-02-25 15:57 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Adobe
2017-03-25 11:55 - 2011-04-12 08:43 - 00689954 _____ C:\Windows\system32\perfh007.dat
2017-03-25 11:55 - 2011-04-12 08:43 - 00149424 _____ C:\Windows\system32\perfc007.dat
2017-03-25 11:55 - 2009-07-14 06:13 - 01623190 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-25 11:55 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-03-25 11:51 - 2015-09-03 14:50 - 00000000 ____D C:\Users\Neslihan\AppData\Roaming\WTablet
2017-03-25 11:49 - 2017-01-11 19:18 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2017-03-25 11:49 - 2014-02-25 15:39 - 00034752 _____ C:\Windows\system32\Drivers\WPRO_41_2001.sys
2017-03-25 11:49 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-24 20:48 - 2015-09-30 16:18 - 00000000 ____D C:\Users\Neslihan\AppData\Roaming\Spotify
2017-03-24 20:48 - 2015-09-30 16:18 - 00000000 ____D C:\Users\Neslihan\AppData\Local\Spotify
2017-03-24 18:26 - 2015-03-11 15:49 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-03-24 18:25 - 2014-03-16 23:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-03-19 17:03 - 2016-11-10 01:14 - 00000033 _____ C:\Users\Neslihan\AppData\Roaming\AdobeWLCMCache.dat
2017-03-18 21:46 - 2014-03-29 00:04 - 00000000 ____D C:\Users\Neslihan\AppData\Local\CrashDumps
2017-03-18 20:35 - 2017-02-16 01:34 - 00003852 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-18 20:35 - 2017-02-16 01:34 - 00001412 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-03-18 20:35 - 2017-02-16 01:33 - 00004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-18 20:35 - 2017-02-16 01:33 - 00003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-18 20:35 - 2017-02-16 01:33 - 00003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-18 20:35 - 2017-02-16 01:33 - 00003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-18 20:35 - 2017-02-16 01:33 - 00003554 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-18 20:35 - 2017-02-16 01:33 - 00003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-18 20:35 - 2014-02-25 23:13 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-03-18 20:35 - 2014-02-25 23:13 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-03-18 20:35 - 2014-02-25 23:11 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-03-15 19:43 - 2017-01-11 21:20 - 00000000 ____D C:\Windows\rescache
2017-03-15 19:18 - 2017-01-01 15:49 - 07385264 _____ C:\Windows\system32\FNTCACHE.DAT
2017-03-15 19:18 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\DVD Maker
2017-03-15 11:55 - 2014-04-04 22:45 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-03-15 11:55 - 2014-04-04 22:45 - 00004366 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-03-15 11:55 - 2014-04-04 22:45 - 00000000 ____D C:\Windows\system32\Macromed
2017-03-15 11:55 - 2014-02-26 22:01 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-03-15 11:55 - 2014-02-26 22:01 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-03-14 23:21 - 2014-12-11 17:22 - 00000000 ____D C:\Windows\system32\appraiser
2017-03-14 23:21 - 2014-04-24 10:49 - 00000000 ___SD C:\Windows\system32\CompatTel
2017-03-14 19:05 - 2014-02-26 02:00 - 00000000 ____D C:\Windows\system32\MRT
2017-03-14 19:03 - 2014-02-26 02:00 - 138634176 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-03-14 08:56 - 2017-02-01 19:11 - 00001456 _____ C:\Users\Neslihan\AppData\Local\Adobe Save for Web 13.0 Prefs
2017-03-05 12:35 - 2016-11-30 23:55 - 00000000 ____D C:\Users\Neslihan\AppData\LocalLow\Mozilla
2017-02-23 19:35 - 2017-02-16 01:34 - 01880512 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2017-02-23 19:35 - 2017-02-16 01:34 - 01755072 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2017-02-23 19:35 - 2017-02-16 01:34 - 01468864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2017-02-23 19:35 - 2017-02-16 01:34 - 01317312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2017-02-23 19:35 - 2017-02-16 01:34 - 00120256 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2017-02-23 15:32 - 2017-02-16 01:33 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2017-02-23 15:30 - 2017-02-16 01:33 - 00001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2017-02-23 00:56 - 2016-12-29 15:25 - 00002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-09-22 20:06 - 2016-01-02 00:53 - 0000132 _____ () C:\Users\Neslihan\AppData\Roaming\Adobe GIF-Format CC - Voreinstellungen
2014-08-06 11:44 - 2015-02-03 00:43 - 0000132 _____ () C:\Users\Neslihan\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2016-11-10 01:14 - 2017-03-19 17:03 - 0000033 _____ () C:\Users\Neslihan\AppData\Roaming\AdobeWLCMCache.dat
2016-12-27 18:50 - 2016-12-27 18:51 - 45331960 _____ (Tencent Inc.) C:\Users\Neslihan\AppData\Roaming\TXQBINSTX2.EXE
2015-09-10 17:47 - 2015-09-10 17:47 - 0000005 _____ () C:\Users\Neslihan\AppData\Roaming\version.ini
2014-03-01 17:43 - 2017-01-29 00:28 - 0001456 _____ () C:\Users\Neslihan\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2017-02-01 19:11 - 2017-03-14 08:56 - 0001456 _____ () C:\Users\Neslihan\AppData\Local\Adobe Save for Web 13.0 Prefs
2014-02-26 20:22 - 2015-08-19 02:05 - 0007605 _____ () C:\Users\Neslihan\AppData\Local\resmon.resmoncfg
2014-02-25 15:30 - 2014-02-25 15:30 - 0000003 _____ () C:\Users\Neslihan\AppData\Local\user_data.ini
2015-11-05 21:35 - 2016-12-30 21:24 - 0000271 _____ () C:\ProgramData\DP0004.dat
2015-10-26 21:40 - 2015-10-26 21:40 - 0000128 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\DP0004.dat


Einige Dateien in TEMP:
====================
2017-02-07 09:12 - 2017-02-07 09:12 - 0739904 _____ (Oracle Corporation) C:\Users\Neslihan\AppData\Local\Temp\jre-8u121-windows-au.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-03-24 19:01

==================== Ende von FRST.txt ============================
         


Alt 26.03.2017, 03:56   #6
monchou
 
Ungewollte Browserextension / Verlangsamtes Laden (Chrome) - Standard

Ungewollte Browserextension / Verlangsamtes Laden (Chrome)



ADDITION

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-03-2017
durchgeführt von Neslihan (25-03-2017 22:22:54)
Gestartet von C:\Users\Neslihan\Desktop
Windows 7 Professional Service Pack 1 (X64) (2014-02-25 13:50:22)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2601677052-3802215475-160921258-500 - Administrator - Disabled)
Gast (S-1-5-21-2601677052-3802215475-160921258-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-2601677052-3802215475-160921258-1002 - Limited - Enabled)
Neslihan (S-1-5-21-2601677052-3802215475-160921258-1000 - Administrator - Enabled) => C:\Users\Neslihan

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Panda Free Antivirus (Enabled - Up to date) {AAF74A68-8713-CDF1-004F-30003398BE9E}
AS: Panda Free Antivirus (Enabled - Up to date) {1196AB8C-A129-C27F-3AFF-0B72481FF423}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Firewall (Disabled) {92CCCB4D-CD7C-CCA9-2B10-9935CD4BF9E5}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

ÃÀͼ¿´¿´ 2.2.7 (HKU\S-1-5-21-2601677052-3802215475-160921258-1000\...\ÃÀͼ¿´¿´) (Version: 2.2.7 - Meitu, Inc.)
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.124 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.5.353 - Adobe Systems Incorporated)
Adobe Flash Player 25 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Adobe Illustrator CC 2017 (HKLM-x32\...\ILST_21_0_2) (Version: 21.0.2 - Adobe Systems Incorporated)
Adobe InDesign CC 2017 (HKLM-x32\...\IDSN_12_0_0) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0_1) (Version: 18.0.1 - Adobe Systems Incorporated)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.2 - Adobe Systems, Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-2601677052-3802215475-160921258-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Amazon Cloud Player (HKU\S-1-5-21-2601677052-3802215475-160921258-1000\...\Amazon Amazon Cloud Player) (Version: 2.3.0.422 - Amazon Services LLC)
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version: 1.17.1.44184 - Amazon)
AndreaMosaic 3.35.01 (HKLM-x32\...\AndreaMosaic) (Version:  - )
Apple Application Support (32-Bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ASRock App Charger v1.0.5 (HKLM\...\ASRock App Charger_is1) (Version:  - ASRock Inc.)
ASRock SmartConnect v1.0.6 (HKLM\...\ASRock SmartConnect_is1) (Version:  - ASRock Inc.)
ASRock XFast RAM v2.0.28 (HKLM\...\ASRock XFast RAM_is1) (Version:  - ASRock Inc.)
A-Tuning v1.0.17 (HKLM-x32\...\A-Tuning_is1) (Version: 1.0.17 - )
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Blade & Soul (HKLM-x32\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.260 - NC Interactive, LLC)
Blade & Soul (x32 Version: 1.0.63.260 - NC Interactive, LLC) Hidden
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.20 - Piriform)
Child of Light (HKLM-x32\...\Uplay Install 609) (Version:  - Ubisoft)
cv act sc/interface - Admin Edition (64-Bit) (HKLM\...\{05A84E0B-67C4-4ACA-8CAD-F62673D4C194}) (Version: 6.0.15 - cv cryptovision GmbH)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DC Universe Online (HKU\S-1-5-21-2601677052-3802215475-160921258-1000\...\DGC-DC Universe Online) (Version: 1.0.3.192 - Daybreak Game Company)
DC Universe Online Live (HKU\S-1-5-21-2601677052-3802215475-160921258-1000\...\DG0-DC Universe Online Live) (Version:  - Sony Online Entertainment)
Discord (HKU\S-1-5-21-2601677052-3802215475-160921258-1000\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
FileZilla Client 3.17.0.1 (HKLM-x32\...\FileZilla Client) (Version: 3.17.0.1 - Tim Kosse)
For Honor Open Beta (HKLM\...\Steam App 572600) (Version:  - Ubisoft Montreal)
ForHonor (HKLM-x32\...\Uplay Install 569) (Version:  - Ubisoft)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
H1Z1: Just Survive (HKLM\...\Steam App 295110) (Version:  - Daybreak Game Company)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
inSSIDer Home (HKLM-x32\...\{9E54E4AE-B67A-4925-8E92-0E1F9817FD73}) (Version: 3.1.2.1 - MetaGeek, LLC)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel(R) Network Connections 18.2.63.0 (HKLM\...\PROSetDX) (Version: 18.2.63.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.5.0.1066 - Intel Corporation)
Intel(R) Small Business Advantage (HKLM-x32\...\{6A6D86CD-B004-46b7-8951-7BB75A776F8C}) (Version: 2.0.30.6644 - Intel(R) Corporation)
Intel(R) Smart Connect Technology 4.1 x64 (HKLM\...\{1EF24D7D-7B14-4EBA-A686-9E91C9C6763D}) (Version: 4.1.40.2143 - Intel)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel(R) Update Manager (x32 Version: 1.0.0.36888 - Intel Corporation) Hidden
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.0.0.100 - Intel Corporation)
IsoBuster 3.3 (HKLM-x32\...\IsoBuster3_is1) (Version: 3.3 - Smart Projects)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Last.fm Scrobbler 2.1.37 (HKLM-x32\...\LastFM_is1) (Version:  - Last.fm)
Lioncast LM30 Gaming Mouse Version 1.1 (HKLM-x32\...\{BF8BC0AC-979B-4085-8F94-7933AF19CBD2}_is1) (Version: 1.1 - LIONCAST)
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Magic ISO Maker v5.5 (build 0281) (HKLM-x32\...\Magic ISO Maker v5.5 (build 0281)) (Version:  - )
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Expression Web 4 (HKLM-x32\...\Web_4.0.1460.0) (Version: 4.0.1460.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.7369.2120 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2601677052-3802215475-160921258-1000\...\OneDriveSetup.exe) (Version: 17.3.5951.0827 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 50.1.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 de)) (Version: 50.1.0 - Mozilla)
Mozilla Firefox 51.0.1 (x86 de) (HKU\S-1-5-21-2601677052-3802215475-160921258-1000\...\Mozilla Firefox 51.0.1 (x86 de)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.1.5828 - Mozilla)
MSI Afterburner 4.2.0 (HKLM-x32\...\Afterburner) (Version: 4.2.0 - MSI Co., LTD)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version:  - NCSOFT)
Nero 9 Lite (HKLM-x32\...\{7edf2ecd-a3de-4e25-8e3f-51e7baafa7bb}) (Version:  - Nero AG)
NETGEAR A6200 Genie (HKLM-x32\...\{48E61F3E-61D4-42A3-9D29-D0CF40838779}) (Version: 26.0.0.0 - NETGEAR)
Nexon Launcher (HKLM-x32\...\Nexon Nexon Launcher) (Version: 1.2.0 - Nexon)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.2.2 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 359.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 359.06 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.4.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.4.0.70 - NVIDIA Corporation)
NVIDIA Grafiktreiber 359.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.06 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
NvNodejs (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.3.16.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7369.2120 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7369.2120 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7369.2120 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7369.2120 - Microsoft Corporation) Hidden
One Piece Pirate Warriors 3 (HKLM-x32\...\One Piece Pirate Warriors 3_is1) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenVPN 2.3.4-I002  (HKLM\...\OpenVPN) (Version: 2.3.4-I002 - )
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Panda Devices Agent (x32 Version: 1.03.07 - Panda Security) Hidden
Panda Devices Agent (x32 Version: 1.06.00 - Panda Security) Hidden
Panda Free Antivirus (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 16.0.2 - Panda Security)
Panda Free Antivirus (Version: 8.04.00.0000 - Panda Security) Hidden
Panda Security Toolbar (HKLM-x32\...\pandasecuritytb) (Version: 4.3.1.9 - Panda Security and Visicom Media Inc.)
PatchCleaner (HKLM-x32\...\{727DA176-50BB-452C-8DB5-96EE0A573ED4}) (Version: 1.4.20 - HomeDev)
Poedit (HKLM-x32\...\{68EB2C37-083A-4303-B5D8-41FA67E50B8F}_is1) (Version: 1.8.8 - Vaclav Slavik)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6865 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RUBICon (HKLM-x32\...\{438134D3-0BD4-4C52-8575-5B2B63AD01C2}) (Version: 2.0.25 - RUB)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
SHIELD Streaming (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
Spotify (HKU\S-1-5-21-2601677052-3802215475-160921258-1000\...\Spotify) (Version: 1.0.47.13.gd8e05b1f - Spotify AB)
Star Citizen Launcher (HKU\S-1-5-21-2601677052-3802215475-160921258-1000\...\Star Citizen Launcher) (Version: 00.01.00.00 - Cloud Imperium Games)
Stardew Valley (HKLM\...\Steam App 413150) (Version:  - ConcernedApe)
Stifttablett (HKLM-x32\...\Pen Tablet Driver) (Version:  - Wacom Technology Corp.)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Team Fortress 2 (HKLM\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The Witcher 3: Wild Hunt (HKLM\...\Steam App 292030) (Version:  - CD PROJEKT RED)
TouchChip USB Driver 2.20 (Version: 2.20.0.0196 - AuthenTec Inc.) Hidden
TreeSize Free V3.4.5 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.4.5 - JAM Software)
Tunatic (HKLM-x32\...\Tunatic) (Version:  - )
TwitchAlerts (HKU\S-1-5-21-2601677052-3802215475-160921258-1000\...\fb3f6ca9b67f53a3) (Version: 1.0.0.8 - TwitchAlerts)
UE4 Prerequisites (x64) (HKLM-x32\...\{9514471f-b41e-41f7-af03-7da1d05b279e}) (Version: 1.0.8.0 - Epic Games, Inc.)
UE4 Prerequisites (x64) (Version: 1.0.8.0 - Epic Games, Inc.) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.40 (64-位) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
XFast LAN v6.61 (HKLM\...\XFast LAN) (Version: 6.61 - cFos Software GmbH, Bonn)
XFastUSB (HKLM-x32\...\XFastUSB) (Version: 3.02.31 - ASRock Inc.)
XSplit Broadcaster (HKLM-x32\...\{D03A2557-75B6-43EB-A4E5-0D6599A0C1FF}) (Version: 2.9.1701.1616 - SplitmediaLabs)
天涯明月刀 (HKLM-x32\...\天涯明月刀) (Version:  - Tencent)
美图秀秀 4.0.1  (HKLM-x32\...\美图秀秀) (Version:  - 美图网)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

HKU\S-1-5-21-2601677052-3802215475-160921258-1000\...\ChromeHTML: -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2601677052-3802215475-160921258-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0E61B214-E0C3-498C-90C7-4BCFC481634E} - \{819010D2-A0A3-49B0-AD47-F6FA41C287BE} -> Keine Datei <==== ACHTUNG
Task: {0EE0FDF9-B8EC-42D4-934B-194629235E95} - \{7716F4DC-9C3B-48F6-BD2D-D246152D50D5} -> Keine Datei <==== ACHTUNG
Task: {11621090-C6FF-4862-A84C-102D9D1A6070} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-03-05] (Microsoft Corporation)
Task: {182E280A-3024-4A3E-9578-4AA48FFF352A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-03-08] (Microsoft Corporation)
Task: {26A02431-EB4C-4A34-9168-B30C2ACE784F} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {2A9979F9-30A5-4D14-BAF8-B576C4F45429} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-02-23] (NVIDIA Corporation)
Task: {2E4351C9-377F-44B0-B875-70E3240BB284} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {2FE80C6B-6DD8-4DBC-8658-343117A6507F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {3242145C-4CAA-4AD0-8A59-9BE8E85B5D28} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {3FCD1689-C888-4C9E-92AE-FF38E0B76E38} - \{FB56A103-64B6-478E-A049-9B2D3062D7F5} -> Keine Datei <==== ACHTUNG
Task: {483CAB98-8A98-4031-BD4D-C806683CBFFC} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {4D52E475-C2D2-49A7-8244-B047655FEE7D} - \{5CD14BEA-4EA5-4E55-BEB2-096A9CEE323F} -> Keine Datei <==== ACHTUNG
Task: {506376F9-CF2E-45E8-BEA8-D8AED3DBC36F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-03-08] (Microsoft Corporation)
Task: {5428638B-1793-4D06-8160-E59DA94B6C03} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-02-23] (NVIDIA Corporation)
Task: {56E59397-8449-45D0-9A21-03E9519C7E1B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-07-13] (Piriform Ltd)
Task: {6A218976-BADF-41B1-B607-6EAAFC6F59AA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {7BE7A42F-0BDA-4D9F-A4F1-BE9569EB0545} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {7FDF5ED5-DB32-4865-8468-28D21E9FC9B0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-03-05] (Microsoft Corporation)
Task: {8E126DD9-3CD4-42BC-9D6D-C188C6B9A8F5} - \{44055574-0B85-44F3-A1C4-682E2FDE5C62} -> Keine Datei <==== ACHTUNG
Task: {92CDE40B-714D-4FFB-80BC-A591B91ACA43} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-03-08] (Microsoft Corporation)
Task: {9D86EFAD-6408-42DB-9C16-738DAA4D127B} - \{A13CFA64-A305-4CF8-B147-201BD908448B} -> Keine Datei <==== ACHTUNG
Task: {A359D49F-D812-483C-8C6D-454C4C9B0B37} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-02-23] (NVIDIA Corporation)
Task: {B31857D6-A81B-4D2A-94CC-E4489ED3136A} - System32\Tasks\AdobeAAMUpdater-1.0-Neslihan-PC-Neslihan => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {B47AC53A-91CF-4DC1-8812-1662818008D1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {BE0E3003-791E-4AEE-8414-A681F40CB476} - \{751E6175-316C-4642-809F-78BBE16BC1BB} -> Keine Datei <==== ACHTUNG
Task: {C1C8B78C-68BE-463D-ACBF-7A7EC3F8249E} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {DDBC4148-291F-4637-A8C9-2AC78F191579} - \{4ABDB9BE-1FF9-4E66-945F-902C72DA8C8F} -> Keine Datei <==== ACHTUNG
Task: {DEB6B19A-37D8-40C9-A00A-C6F124692FC5} - \{F0BA206F-7AF8-4FDB-B502-BE05D000D02D} -> Keine Datei <==== ACHTUNG
Task: {E01E7AA4-F6F0-43B9-9C73-258B96A2E328} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-15] (Adobe Systems Incorporated)
Task: {F6379081-512D-4EE8-BB0D-A2ED7CB25B94} - \{EEECA145-83F4-4879-86D0-176A6725C669} -> Keine Datei <==== ACHTUNG
Task: {FD5FA2A4-FE12-4075-B15C-C140815E24C7} - \{2C3E5067-F04D-40F9-8187-D7C85417554E} -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\Neslihan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.istartsurf.com/?type=sc&ts=1427555536&from=tugs&uid=ST1000DM003-1CH162_Z1D574ZAXXXXZ1D574ZA
ShortcutWithArgument: C:\Users\Neslihan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\TwitchAlerts Stream Labels.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=kgmggmdngboajiakmbpdknfpdelbjbcg
ShortcutWithArgument: C:\Users\Neslihan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.istartsurf.com/?type=sc&ts=1427555536&from=tugs&uid=ST1000DM003-1CH162_Z1D574ZAXXXXZ1D574ZA
ShortcutWithArgument: C:\Users\Neslihan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\TwitchAlerts Stream Labels.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=kgmggmdngboajiakmbpdknfpdelbjbcg
ShortcutWithArgument: C:\Users\Neslihan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\a06339e9776d4569\Instagram for Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=opnbmdkdflhjiclaoiiifmheknpccalb

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-11-09 23:00 - 2015-11-24 19:40 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-11-25 07:16 - 2016-11-25 07:16 - 00192200 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2013-03-14 14:42 - 2013-03-14 14:42 - 00182248 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-03-14 14:42 - 2013-03-14 14:42 - 00059880 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2017-02-16 01:33 - 2017-02-23 19:35 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-02-16 01:33 - 2017-02-23 19:35 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2014-03-04 15:46 - 2012-09-24 17:28 - 00029984 _____ () C:\Program Files (x86)\NETGEAR\A6200\WifiService.exe
2014-11-18 00:07 - 2013-01-30 20:36 - 00329872 ____N () C:\Program Files (x86)\XSManager\WTGService.exe
2016-10-25 09:57 - 2016-10-25 09:57 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-05-09 08:22 - 2016-05-09 08:22 - 00052912 _____ () E:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2016-09-17 19:02 - 2015-05-25 17:21 - 03171840 _____ () C:\Program Files (x86)\Lioncast LM30 Gaming Mouse\LCMon.exe
2016-12-23 18:21 - 2016-12-23 18:21 - 31723696 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2013-04-12 18:23 - 2013-04-12 18:23 - 00612664 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll
2015-08-26 01:42 - 2017-02-23 19:35 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2017-02-16 01:33 - 2017-02-23 19:35 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-02-16 01:33 - 2017-02-23 19:35 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2014-03-04 15:46 - 2013-02-18 16:13 - 00106496 _____ () C:\Program Files (x86)\NETGEAR\A6200\GWlanController.dll
2014-03-04 15:46 - 2013-03-26 17:00 - 00018944 _____ () C:\Program Files (x86)\NETGEAR\A6200\GWPSController.dll
2017-01-11 23:00 - 2017-01-04 14:28 - 01958912 _____ () C:\Users\Neslihan\AppData\Local\Discord\app-0.0.297\ffmpeg.dll
2017-01-12 22:49 - 2017-01-12 22:49 - 01082880 _____ () \\?\C:\Users\Neslihan\AppData\Roaming\discord\0.0.297\modules\discord_voice\discord_voice.node
2017-01-12 22:49 - 2017-01-12 22:49 - 03750400 _____ () \\?\C:\Users\Neslihan\AppData\Roaming\discord\0.0.297\modules\discord_voice\libdiscord.dll
2017-01-12 22:49 - 2017-01-12 22:49 - 00914432 _____ () \\?\C:\Users\Neslihan\AppData\Roaming\discord\0.0.297\modules\discord_utils\discord_utils.node
2017-02-16 14:20 - 2017-02-16 14:20 - 00062464 _____ () E:\Program Files (x86)\SplitmediaLabs\XSplit Broadcaster\ftl.dll
2016-09-17 19:02 - 2011-01-26 23:53 - 00028160 _____ () C:\Program Files (x86)\Lioncast LM30 Gaming Mouse\uiHook.dll
2016-12-09 15:09 - 2016-12-09 15:09 - 52051544 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2017-01-11 23:00 - 2017-01-04 14:28 - 02278912 _____ () C:\Users\Neslihan\AppData\Local\Discord\app-0.0.297\libglesv2.dll
2017-01-11 23:00 - 2017-01-04 14:28 - 00096768 _____ () C:\Users\Neslihan\AppData\Local\Discord\app-0.0.297\libegl.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 00010240 _____ () E:\Adobe Documents\Acrobat DC\Acrobat\locale\de_de\acrotray.deu
2016-05-09 08:22 - 2016-05-09 08:22 - 00048816 _____ () E:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2017-03-25 11:51 - 2017-03-25 11:51 - 00148992 _____ () \\?\C:\Users\Neslihan\AppData\Local\Temp\A9E5.tmp.node
2017-01-12 22:49 - 2017-01-12 22:49 - 02658304 _____ () \\?\C:\Users\Neslihan\AppData\Roaming\discord\0.0.297\modules\discord_rpc\discord_rpc.node
2017-01-12 22:49 - 2017-03-24 18:09 - 02665976 _____ () \\?\C:\Users\Neslihan\AppData\Roaming\discord\0.0.297\modules\discord_contact_import\discord_contact_import.node
2016-12-02 01:54 - 2016-12-02 01:54 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2016-12-02 01:54 - 2016-12-02 01:54 - 00223232 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2016-12-02 01:54 - 2016-12-02 01:54 - 00117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2016-12-02 01:54 - 2016-12-02 01:54 - 00124928 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2016-12-09 15:09 - 2016-12-09 15:09 - 00110680 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin7.dll
2016-12-02 01:54 - 2016-12-02 01:54 - 00086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2016-10-10 23:15 - 2016-10-10 23:15 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\fs-ext\build\Release\fs-ext.node
2016-10-10 23:15 - 2016-10-10 23:15 - 00117760 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ref\build\Release\binding.node
2016-10-10 23:15 - 2016-10-10 23:15 - 00125440 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ffi\build\Release\ffi_bindings.node
2016-10-10 23:17 - 2016-10-10 23:17 - 00223232 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2016-12-09 15:02 - 2016-12-09 15:02 - 00110680 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin7.dll
2016-10-10 23:14 - 2016-10-10 23:14 - 00121856 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\bufferutil\build\Release\bufferutil.node
2016-10-10 23:14 - 2016-10-10 23:14 - 00166400 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\idle-gc\build\Release\idle-gc.node
2017-02-16 01:33 - 2017-02-23 15:30 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2017-02-16 01:33 - 2017-02-23 15:30 - 00252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2017-02-16 01:33 - 2017-02-23 15:30 - 02443320 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2017-02-16 01:33 - 2017-02-23 15:30 - 00385592 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2017-02-16 01:33 - 2017-02-23 15:30 - 00543288 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2017-02-16 01:33 - 2017-02-23 15:30 - 00468536 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2017-02-07 18:16 - 2017-02-01 10:01 - 01870168 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-07 18:16 - 2017-02-01 10:01 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
2017-03-25 22:11 - 2017-03-25 22:11 - 00014336 _____ () C:\Users\Neslihan\AppData\Local\Temp\WDEF7B2.tmp\ml_online.lng
2017-03-25 22:11 - 2017-03-25 22:11 - 00036352 _____ () C:\Users\Neslihan\AppData\Local\Temp\WDEF7B2.tmp\ombrowser.lng
2014-09-25 22:35 - 2015-04-20 01:00 - 00738784 _____ () E:\Program Files (x86)\Last.fm\unicorn.dll
2014-09-25 22:35 - 2015-04-20 01:00 - 00034784 _____ () E:\Program Files (x86)\Last.fm\logger.dll
2014-09-25 22:35 - 2015-04-20 01:00 - 00353248 _____ () E:\Program Files (x86)\Last.fm\lastfm.dll
2014-09-25 22:35 - 2015-04-20 01:00 - 00128992 _____ () E:\Program Files (x86)\Last.fm\listener.dll
2014-09-25 22:35 - 2015-04-20 00:59 - 00304608 _____ () E:\Program Files (x86)\Last.fm\phonon.dll
2015-04-26 17:50 - 2015-04-20 01:00 - 00184800 _____ () E:\Program Files (x86)\Last.fm\plugins\phonon_backend\phonon_vlc.dll
2014-09-25 22:35 - 2015-04-20 00:59 - 00113120 _____ () E:\Program Files (x86)\Last.fm\libvlc.dll
2014-09-25 22:35 - 2015-04-20 00:59 - 02288608 _____ () E:\Program Files (x86)\Last.fm\libvlccore.dll
2015-04-26 17:50 - 2015-04-20 01:00 - 00051680 _____ () E:\Program Files (x86)\Last.fm\plugins\audio_output\libaout_directx_plugin.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-2601677052-3802215475-160921258-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-2601677052-3802215475-160921258-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-2601677052-3802215475-160921258-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-2601677052-3802215475-160921258-1000\...\sony.com -> sony.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2015-03-26 01:26 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2601677052-3802215475-160921258-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Neslihan\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: Amazon Cloud Player => "C:\Users\Neslihan\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe"
MSCONFIG\startupreg: EADM => "E:\Games\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: GIZMO2 => "C:\Program Files (x86)\GIZMO2\GIZMO.exe" -BootProcess
MSCONFIG\startupreg: LWS => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
MSCONFIG\startupreg: XFast LAN => C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe
MSCONFIG\startupreg: XFastUSB => "C:\Program Files (x86)\XFastUSB\XFastUsb.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{20BC7E89-392A-4205-84C9-44ADBA795383}E:\program files\openvpn\bin\openvpn.exe] => (Allow) E:\program files\openvpn\bin\openvpn.exe
FirewallRules: [UDP Query User{D23DF202-AF12-4852-A036-8A01E019C17B}E:\program files\openvpn\bin\openvpn.exe] => (Allow) E:\program files\openvpn\bin\openvpn.exe
FirewallRules: [TCP Query User{6360BCB9-7366-45C3-984E-D7226224C707}E:\program files\openvpn\bin\openvpn.exe] => (Allow) E:\program files\openvpn\bin\openvpn.exe
FirewallRules: [UDP Query User{8DB18B96-A706-4006-B625-3DC281453463}E:\program files\openvpn\bin\openvpn.exe] => (Allow) E:\program files\openvpn\bin\openvpn.exe
FirewallRules: [{211DC86D-591B-4451-AD01-534F509CEC12}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{305DECB8-BAFD-4F69-9CF9-4630DEAA0AD8}] => (Allow) LPort=2869
FirewallRules: [{549BF946-3002-4565-989F-A7C414B0F6E3}] => (Allow) LPort=1900
FirewallRules: [{3316B31C-2618-4552-901E-261EA5883023}] => (Allow) E:\Program Files (x86)\Hearthstone\Hearthstone\Hearthstone.exe
FirewallRules: [{515DEA60-FBA6-45FD-A823-30786F47959A}] => (Allow) E:\Program Files (x86)\Hearthstone\Hearthstone\Hearthstone.exe
FirewallRules: [{24054B22-0776-466B-A91F-94269576B9D4}] => (Allow) E:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{5D3D7B57-58B9-4B8B-B89E-41261D55F825}] => (Allow) E:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{451FDAA3-372F-4392-8E7E-C16A3C573EF2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{0E2AF16A-750C-4547-B315-7AD82C07DD39}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{2ED2CBBD-D27E-4B6D-A5D9-C848049E5862}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{97744521-7826-48C4-AF72-944BD7F8658F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8E3A9DD9-1159-4E17-A932-24E21E484EB2}] => (Allow) C:\Program Files (x86)\Tencent\QQmusic\QQMusicInstall\QQMusicMMInstaller.exe
FirewallRules: [{45A043E7-9D62-4DC3-862C-823841BEDC8E}] => (Allow) E:\SteamLibrary\steamapps\common\Mad Max\MadMax.exe
FirewallRules: [{F26B9C07-30A9-4C6F-B5E7-DBA76E50657A}] => (Allow) E:\SteamLibrary\steamapps\common\Mad Max\MadMax.exe
FirewallRules: [{DB2F6782-6F23-4EA9-9ABE-4E6841B2B868}] => (Allow) E:\SteamLibrary\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{0BE7144A-2A1F-47DA-933B-F4FDAAE7B02B}] => (Allow) E:\SteamLibrary\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [TCP Query User{80B3DB55-46AD-40BD-949C-A3F921F25EF3}C:\users\neslihan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\neslihan\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{EAE2E8ED-AC86-4786-BD96-37E070A0CE22}C:\users\neslihan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\neslihan\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9789DF36-463A-491F-AC33-B5A3243CA57C}] => (Allow) E:\SteamLibrary\steamapps\common\SotA\Shroud of the Avatar.exe
FirewallRules: [{AC7E671A-2C37-43BC-86C9-0DF144EFA9E8}] => (Allow) E:\SteamLibrary\steamapps\common\SotA\Shroud of the Avatar.exe
FirewallRules: [{C5ED12BD-9B03-409A-BA66-B99EFCACC2A0}] => (Allow) E:\SteamLibrary\steamapps\common\Tales of Zestiria\Tales of Zestiria.exe
FirewallRules: [{1F0E867F-036F-49B7-B111-A2F97BDB88C3}] => (Allow) E:\SteamLibrary\steamapps\common\Tales of Zestiria\Tales of Zestiria.exe
FirewallRules: [{E29AE97B-7B1F-4FCA-81ED-6E73A8A71F4C}] => (Allow) E:\SteamLibrary\steamapps\common\Warhammer End Times Vermintide\launcher\launcher.exe
FirewallRules: [{EAF232D4-7B10-4C09-A58D-D4EC2BB4E9EB}] => (Allow) E:\SteamLibrary\steamapps\common\Warhammer End Times Vermintide\launcher\launcher.exe
FirewallRules: [{8B09FA49-6079-430F-B1C6-FD67A62E0214}] => (Allow) E:\SteamLibrary\steamapps\common\Warhammer End Times Vermintide\binaries\vermintide.exe
FirewallRules: [{553650AF-B888-4AFE-9A3E-76FF654C95B1}] => (Allow) E:\SteamLibrary\steamapps\common\Warhammer End Times Vermintide\binaries\vermintide.exe
FirewallRules: [{91CAD956-1974-43DF-8786-12247970DCDA}] => (Allow) E:\SteamLibrary\steamapps\common\Broforce\Broforce_beta.exe
FirewallRules: [{BC6EBDE6-1053-43BF-ADD7-1A16DD3B8C0C}] => (Allow) E:\SteamLibrary\steamapps\common\Broforce\Broforce_beta.exe
FirewallRules: [{9FA9615D-E53B-4E76-9A29-CC4B578AC7FD}] => (Allow) c:\users\neslihan\appdata\roaming\tencent\天涯明月刀\8a6e0952da9baa6c24785a480f54d35a\teniodl\teniodl.exe
FirewallRules: [{C0158D5F-F632-457C-9E72-18AA812EB904}] => (Allow) c:\users\neslihan\appdata\roaming\tencent\天涯明月刀\8a6e0952da9baa6c24785a480f54d35a\teniodl\teniodl.exe
FirewallRules: [TCP Query User{35453FC1-E049-4628-BFD6-026043DF27D5}C:\users\neslihan\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\neslihan\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{5126F960-6396-422B-93DE-E61FF03FF7A3}C:\users\neslihan\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\neslihan\appdata\local\akamai\netsession_win.exe
FirewallRules: [{73F51FAE-2249-4EE1-B0AF-56B9AD3DEBA8}] => (Allow) E:\SteamLibrary\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{0798E8D3-7E67-474C-A307-CDEDB6DA93EB}] => (Allow) E:\SteamLibrary\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [TCP Query User{EC0413C3-5FB4-4ECF-939C-1C0BF41758F5}C:\users\neslihan\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\neslihan\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{25D336AF-658E-4257-9759-9E48A82F465B}C:\users\neslihan\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\neslihan\appdata\local\akamai\netsession_win.exe
FirewallRules: [{602FC368-8B2E-4BF1-A304-4E5264F953E0}] => (Allow) E:\SteamLibrary\steamapps\common\Tomb Raider Legend\trl.exe
FirewallRules: [{A6B3144F-040D-4C36-812E-02D26886306A}] => (Allow) E:\SteamLibrary\steamapps\common\Tomb Raider Legend\trl.exe
FirewallRules: [TCP Query User{D73DBAEE-4738-4EF0-882A-94BD324FB11A}E:\games\cloud imperium games\patcher\cigpatcher.exe] => (Allow) E:\games\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [UDP Query User{B3D08E34-69CE-4F58-B97C-8C7BB6E83DEC}E:\games\cloud imperium games\patcher\cigpatcher.exe] => (Allow) E:\games\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [{2B502E81-BDBA-438E-9165-F161B355D689}] => (Allow) E:\SteamLibrary\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{914DCCE0-53D5-442A-931B-4B293B560FF3}] => (Allow) E:\SteamLibrary\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{DD776E7A-223A-441C-A6B3-B65C61F532C9}] => (Allow) C:\Program Files (x86)\pandasecuritytb\cleanupie.exe
FirewallRules: [{2F2F6093-D210-4AD2-8F6B-E75F8FFDCEF4}] => (Allow) C:\Program Files (x86)\pandasecuritytb\cleanupie.exe
FirewallRules: [{1A7E9523-B848-475B-9F58-311618C5E0DD}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe
FirewallRules: [{0D26AAF6-5173-49B1-9F12-6B46252F12C6}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe
FirewallRules: [{089D295D-D29B-4008-A552-C18AFC79ECEF}] => (Allow) E:\SteamLibrary\steamapps\common\Tom Clancy's The Division\thedivision.exe
FirewallRules: [{58425B24-3732-4493-BDFA-E5F316B116AA}] => (Allow) E:\SteamLibrary\steamapps\common\Tom Clancy's The Division\thedivision.exe
FirewallRules: [{DCA69552-596F-4354-A6DB-EEB2D1A87606}] => (Allow) E:\SteamLibrary\steamapps\common\Alice Madness Returns\Binaries\Win32\AliceMadnessReturns.exe
FirewallRules: [{3FAA2378-DE1E-4EB0-A003-85929053C62C}] => (Allow) E:\SteamLibrary\steamapps\common\Alice Madness Returns\Binaries\Win32\AliceMadnessReturns.exe
FirewallRules: [{75ABE64B-0DFF-419D-9705-758C08585B8C}] => (Allow) E:\Games\Steam\Steam.exe
FirewallRules: [{4C628DE2-9A52-41BC-A868-41AC785282A7}] => (Allow) E:\Games\Steam\Steam.exe
FirewallRules: [{0EB9CA94-1F68-4577-A36D-D375861D9F12}] => (Allow) E:\Games\Steam\steamapps\common\DOOM\DOOMx64.exe
FirewallRules: [{AEEA5BF1-F17D-4651-95C3-20D83A92D388}] => (Allow) E:\Games\Steam\steamapps\common\DOOM\DOOMx64.exe
FirewallRules: [TCP Query User{9D7A0F72-EC4A-4CA0-A004-5116944F3D81}E:\program files (x86)\hearthstone\overwatch\overwatch.exe] => (Allow) E:\program files (x86)\hearthstone\overwatch\overwatch.exe
FirewallRules: [UDP Query User{495D0D3A-5724-4DA1-A050-CBFC88C177F9}E:\program files (x86)\hearthstone\overwatch\overwatch.exe] => (Allow) E:\program files (x86)\hearthstone\overwatch\overwatch.exe
FirewallRules: [{70A0125E-13F0-4252-9969-5542AC18844A}] => (Allow) E:\Games\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{DC368896-4DD8-45DB-8C07-A6273C1C202B}] => (Allow) E:\Games\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [TCP Query User{E35D35E4-7A7A-4E14-A986-E71BF362CD40}E:\program files (x86)\hearthstone\overwatch test\overwatch.exe] => (Allow) E:\program files (x86)\hearthstone\overwatch test\overwatch.exe
FirewallRules: [UDP Query User{45AB9449-FD05-48A3-8DFB-E060FF643AB8}E:\program files (x86)\hearthstone\overwatch test\overwatch.exe] => (Allow) E:\program files (x86)\hearthstone\overwatch test\overwatch.exe
FirewallRules: [{824C8913-5F78-44A0-A58F-9A9B6060A3A3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{25A2DCEA-A568-4CCC-B4EE-6FF2127DC2C8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{915AE0B8-77F0-4A90-8D04-222AA70D79F2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{0B92682D-F4F1-48FF-B93E-6D231A399759}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{3DAB5233-E764-442E-B426-68E919386EF7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{3A3DD2D5-1944-4354-B6F0-DB3A023BB28D}] => (Allow) E:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{53AEFA85-E2B3-44BB-A1B8-6F660B9BEE01}] => (Allow) E:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{A9C4D86F-340D-4F2C-8C82-CE002D8DA9B8}] => (Allow) E:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{6DDAB588-67AF-4F3C-AC56-64154957EAC8}] => (Allow) E:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{4303224E-ED75-4078-8AE0-DB1B923EAB4E}] => (Allow) c:\users\neslihan\appdata\roaming\tencent\天涯明月刀\bd8dd184d01af1e249e6c91baf701c80\teniodl\teniodl.exe
FirewallRules: [{22178D6F-DB1D-4294-8221-8262D15718F0}] => (Allow) c:\users\neslihan\appdata\roaming\tencent\天涯明月刀\bd8dd184d01af1e249e6c91baf701c80\teniodl\teniodl.exe
FirewallRules: [TCP Query User{1D96E34F-2648-40E2-B2F8-18AF7569C94D}E:\games\天涯明月刀\wuxia_client.exe] => (Allow) E:\games\天涯明月刀\wuxia_client.exe
FirewallRules: [UDP Query User{466137C0-9299-4C12-8C32-6DC60B34DA62}E:\games\天涯明月刀\wuxia_client.exe] => (Allow) E:\games\天涯明月刀\wuxia_client.exe
FirewallRules: [{9D1556FF-394A-47A1-AB52-F737D62ABFDF}] => (Allow) E:\Games\天涯明月刀\Cross\CrossProxy.exe
FirewallRules: [{438589E3-C083-4578-8D54-A4F2555AC6C0}] => (Allow) E:\Games\天涯明月刀\Cross\CrossProxy.exe
FirewallRules: [{E1758C05-819D-419E-B694-434181B5169C}] => (Allow) E:\Games\天涯明月刀\Cross\Apps\CQS\QTalk\Bin\miniQTalk.exe
FirewallRules: [{76AE8A6B-4AA7-490B-A822-13C93260E167}] => (Allow) E:\Games\天涯明月刀\Cross\Apps\CQS\QTalk\Bin\miniQTalk.exe
FirewallRules: [{776621DD-DE93-4018-A788-EB1F09180972}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\131\tencentdl.exe
FirewallRules: [{E7E4F2B2-6943-4A40-9C1A-743DA4D6130A}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\131\bugreport_xf.exe
FirewallRules: [{C634EEF9-0E43-470B-BE9B-9B680EE81EA7}] => (Allow) E:\Games\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{BE96DD78-3297-4BB1-A499-56B7DA611CDB}] => (Allow) E:\Games\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{D70B4C2B-EC34-44DF-A144-568FCA46DD95}] => (Allow) E:\Games\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [{311654A9-2B9C-4B26-8EFE-C3CE6CC10184}] => (Allow) E:\Games\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [TCP Query User{25E65068-A478-4BC2-A92F-2301AE63CE1C}E:\games\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) E:\games\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{64FD4181-D927-4664-ACD0-6D0CD801CB43}E:\games\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) E:\games\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{385DBFE5-7336-4C79-B655-223FF004B6B5}] => (Allow) E:\Games\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{69D85AAB-9AF0-432F-87EC-5AF0CD050D3A}] => (Allow) E:\Games\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{6BBB77AF-34C0-414E-8DE9-EDA7DC740FF2}] => (Allow) E:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{90C1DF8F-0FEA-4396-89E7-DCDB775226CA}] => (Allow) E:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C7270A60-1253-4DBB-B6A2-814F1383B60A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{BACF2223-7B7E-4B9F-9EF8-D9998839C075}E:\program files (x86)\ubisoft\ubisoft game launcher\games\forhonor\forhonor.exe] => (Allow) E:\program files (x86)\ubisoft\ubisoft game launcher\games\forhonor\forhonor.exe
FirewallRules: [UDP Query User{D024BD3C-3E13-4168-A2B0-41E177399577}E:\program files (x86)\ubisoft\ubisoft game launcher\games\forhonor\forhonor.exe] => (Allow) E:\program files (x86)\ubisoft\ubisoft game launcher\games\forhonor\forhonor.exe
FirewallRules: [{6DCE6C8D-982A-4ECA-973A-BC008F42C3DA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{1EEA627D-E0A3-41BC-9ED8-3262110922F4}] => (Allow) E:\Program Files (x86)\SplitmediaLabs\XSplit Broadcaster\XSplit.Core.exe
FirewallRules: [{6B2E07C8-47EC-4708-A1D2-AD5ACAA704D6}] => (Allow) E:\Program Files (x86)\SplitmediaLabs\XSplit Broadcaster\XSplit.cam.exe
FirewallRules: [{D15E7B4C-419C-43E6-BFE2-165A14EE194E}] => (Allow) E:\Program Files (x86)\SplitmediaLabs\XSplit Broadcaster\XSplit.Core.exe
FirewallRules: [{021036DC-C11E-4E5D-8F7E-EF2CA14932E9}] => (Allow) E:\Program Files (x86)\SplitmediaLabs\XSplit Broadcaster\XSplit.cam.exe
FirewallRules: [{EFF6F8A5-FA2C-4272-B7F1-B4918E674E59}] => (Allow) E:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{64A24666-C007-4AA9-BBF0-0D3AD51E6926}] => (Allow) E:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
StandardProfile\AuthorizedApplications: [E:\Program Files (x86)\Meitu\KanKan\KanKan.exe] => Enabled:KanKan

==================== Wiederherstellungspunkte =========================

21-03-2017 01:12:12 Windows Update
21-03-2017 19:00:10 Windows Update
22-03-2017 19:00:10 Windows Update
23-03-2017 19:00:10 Windows Update
24-03-2017 02:05:20 Windows Update
24-03-2017 19:00:10 Windows Update
24-03-2017 21:24:42 Windows Update
25-03-2017 19:00:10 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: softaal
Description: softaal
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: softaal
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: TSDefenseBt
Description: TSDefenseBt
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: TSDefenseBt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: tencent QMUdisk
Description: tencent QMUdisk
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: QMUdisk
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/25/2017 07:51:22 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (03/25/2017 07:02:08 PM) (Source: MsiInstaller) (EventID: 1013) (User: NT-AUTORITÄT)
Description: Internal MSI error. Installer terminated prematurely.

Error: (03/25/2017 11:58:15 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (03/25/2017 11:50:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (03/24/2017 09:26:39 PM) (Source: MsiInstaller) (EventID: 1013) (User: NT-AUTORITÄT)
Description: Internal MSI error. Installer terminated prematurely.

Error: (03/24/2017 07:02:07 PM) (Source: MsiInstaller) (EventID: 1013) (User: NT-AUTORITÄT)
Description: Internal MSI error. Installer terminated prematurely.

Error: (03/24/2017 06:26:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (03/24/2017 06:16:44 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (03/24/2017 06:09:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (03/24/2017 02:07:17 AM) (Source: MsiInstaller) (EventID: 1013) (User: NT-AUTORITÄT)
Description: Internal MSI error. Installer terminated prematurely.


Systemfehler:
=============
Error: (03/25/2017 07:02:29 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft Silverlight (KB4013867)

Error: (03/25/2017 05:02:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BCM42RLY" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (03/25/2017 04:02:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BCM42RLY" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (03/25/2017 11:50:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BCM42RLY" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (03/25/2017 11:49:58 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
TsDefenseBt

Error: (03/25/2017 11:49:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "QQPCMgr RTP Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (03/24/2017 09:26:39 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft Silverlight (KB4013867)

Error: (03/24/2017 08:52:40 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.

Error: (03/24/2017 08:52:40 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.

Error: (03/24/2017 07:02:27 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft Silverlight (KB4013867)


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4430 CPU @ 3.00GHz
Prozentuale Nutzung des RAM: 36%
Installierter physikalischer RAM: 16301.32 MB
Verfügbarer physikalischer RAM: 10382.55 MB
Summe virtueller Speicher: 20299.5 MB
Verfügbarer virtueller Speicher: 13781.67 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:119.14 GB) (Free:45.54 GB) NTFS
Drive e: () (Fixed) (Total:931.51 GB) (Free:61.84 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 29C690AD)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 29C690D5)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Alt 26.03.2017, 12:36   #7
M-K-D-B
/// TB-Ausbilder
 
Ungewollte Browserextension / Verlangsamtes Laden (Chrome) - Standard

Ungewollte Browserextension / Verlangsamtes Laden (Chrome)



Servus,





Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • Image File Execution Options Schlüssel
    • "Tracing" Schlüssel
    • "Prefetch" Dateien
    • Proxy
    • Winsock
    • Firewall
    • Internet Explorer Richtlinien
    • Chrome Richtlinien
  • Bestätige die Auswahl mit Ok.
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).





Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware 3
  • Installiere das Programm in den vorgegebenen Pfad.
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM nach dem Neustart, klicke auf Berichte.
  • Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
  • Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.





Schritt 3
  • Starte die FRST erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
  • FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die beiden neuen Logdateien von FRST.

Alt 29.03.2017, 18:43   #8
monchou
 
Ungewollte Browserextension / Verlangsamtes Laden (Chrome) - Standard

Ungewollte Browserextension / Verlangsamtes Laden (Chrome)



Hallo!
danke für die Tipps!

Ich habe nun allerdings ein neues Problem -
zunächst habe ich AdwCleaner und Malwarebytes ausführen können - danach war übrigens die Browserextension weg. Bevor ich die nächsten Schritte aber überhaupt erst machen konnte, wurde mein Rechner unsagbar langsam - das war er sonst nie. Wenn ich beispielsweise die Windowstaste drücke, kann ich manchmal gar nicht richtig einen der Icons/Verknüpfungen anklicken. Internetseiten bauen sich plötzlich mega langsam auf und irgendwann hängt einfach alles und ich kann nichts mehr machen. Ich bekomme eine Windowsfehlermeldung, dass dieser Prozess (Windows) nicht mehr richtig funktioniert, kann ihn aber nicht beenden, weil es so hängt. Gerade kam dann auch einfach ein schwarzer Bildschirm
Bin jetzt im abgesicherten Modus (mit Netzwerktreibern) und da ist alles prima. Nichts hängt.

Ich poste jetzt mal die Berichte, die ich schon habe. Falls ich das Restliche im abgesicherten Modus machen darf, bitte bescheid geben. Ansonsten scheint es nämlich nicht zu klappen.AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v6.044 - Bericht erstellt am 26/03/2017 um 19:19:50
# Aktualisiert am 28/02/2017 von Malwarebytes
# Datenbank : 2017-03-23.2 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (X64)
# Benutzername : Neslihan - NESLIHAN-PC
# Gestartet von : C:\Users\Neslihan\Desktop\AdwCleaner_6.044.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****

[-] Dienst gelöscht: QQPCRTP
[-] Dienst gelöscht: TSDefenseBt
[-] Dienst gelöscht: QMUdisk
[-] Dienst gelöscht: TSSKX64
[-] Dienst gelöscht: softaal
[-] Dienst gelöscht: tsnethlpx64
[-] Dienst gelöscht: panda_url_filtering


***** [ Ordner ] *****

[-] Ordner gelöscht: C:\Users\Neslihan\AppData\Local\TVWizard
[-] Ordner gelöscht: C:\Users\Neslihan\AppData\Local\YSearchUtil
[-] Ordner gelöscht: C:\Users\Neslihan\AppData\Local\Tencent
[-] Ordner gelöscht: C:\Users\Neslihan\AppData\LocalLow\pandasecuritytb
[-] Ordner gelöscht: C:\Users\Neslihan\AppData\Roaming\Tencent
[-] Ordner gelöscht: C:\Users\Neslihan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯游戏
[-] Ordner gelöscht: C:\Users\Neslihan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
[-] Ordner gelöscht: C:\Users\Gast\AppData\LocalLow\pandasecuritytb
[-] Ordner gelöscht: C:\Users\Neslihan\AppData\Roaming\Mozilla\Firefox\Profiles\6ghfa3rf.default-1436973638517\pandasecuritytb
[-] Ordner gelöscht: C:\Program Files\Panda Security URL Filtering
[-] Ordner gelöscht: C:\Program Files\Common Files\Tencent
[-] Ordner gelöscht: C:\Users\Neslihan\AppData\Local\VirtualStore\Program Files (x86)\Tencent
[-] Ordner gelöscht: C:\ProgramData\NetEngine
[-] Ordner gelöscht: C:\ProgramData\TXQMPC
[-] Ordner gelöscht: C:\ProgramData\Tencent
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\NetEngine
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\TXQMPC
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\Tencent
[-] Ordner gelöscht: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\腾讯游戏
[-] Ordner gelöscht: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\腾讯软件
[-] Ordner gelöscht: C:\Program Files (x86)\Tencent
[-] Ordner gelöscht: C:\Program Files (x86)\pandasecuritytb
[-] Ordner gelöscht: C:\Program Files (x86)\Common Files\Tencent
[-] Ordner gelöscht: C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent
[-] Ordner gelöscht: C:\Windows\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil
[-] Ordner gelöscht: C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\pandasecuritytb
[-] Ordner gelöscht: C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\npdicihegicnhaangkdmcgbjceoemeoo


***** [ Dateien ] *****

[-] Datei gelöscht: C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Hao123.lnk
[-] Datei gelöscht: C:\Users\Gast\Desktop\Hao123.lnk
[-] Datei gelöscht: C:\Users\Gast\Desktop\PepperZip.lnk
[-] Datei gelöscht: C:\Windows\SysNative\drivers\TSSKX64.sys
[-] Datei gelöscht: C:\Windows\SysNative\drivers\TFsFltX64.sys
[-] Datei gelöscht: C:\END
[-] Datei gelöscht: C:\Windows\SysWOW64\drivers\TS888x64.sys


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****

[#] Schlüssel mit Neustart gelöscht: HKLM\SYSTEM\CurrentControlSet\services\tsdefensebt
[#] Schlüssel mit Neustart gelöscht: HKLM\SYSTEM\CurrentControlSet\services\tsskx64
[#] Schlüssel mit Neustart gelöscht: HKLM\SYSTEM\CurrentControlSet\services\qmudisk
[#] Schlüssel mit Neustart gelöscht: HKLM\SYSTEM\CurrentControlSet\services\qqpcrtp
[-] Schlüssel gelöscht: HKU\S-1-5-21-2601677052-3802215475-160921258-1000\Software\Classes\PepperZip
[-] Schlüssel gelöscht: HKU\S-1-5-21-2601677052-3802215475-160921258-1000\Software\Classes\QQBrowser.File
[-] Schlüssel gelöscht: HKU\S-1-5-21-2601677052-3802215475-160921258-1000\Software\Classes\QQBrowser.Protocol
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Classes\PepperZip
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Classes\QQBrowser.File
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Classes\QQBrowser.Protocol
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\metnsd
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\qmgcfiles
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\QQAppIEAgentEx.AgentForAndroid
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\QQAppIEAgentEx.AgentForAndroid.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\QQBrowser.File
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\QQBrowser.Protocol
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\PepperZip
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\QQBrowser.File
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\QQBrowser.Protocol
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\metnsd
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\protector_dll.Protector
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\qmgcfiles
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\QQAppIEAgentEx.AgentForAndroid
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\QQAppIEAgentEx.AgentForAndroid.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\QQBrowser.File
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\QQBrowser.Protocol
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{50F4150A-48B2-417A-BE4C-C83F580FB904}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{B9E49847-9822-4139-BC55-7173ED1ADA11}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{6B3732AA-F6D4-4F16-9E22-49EDC52C9514}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{B9E49847-9822-4139-BC55-7173ED1ADA11}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{6E1533F0-E0B5-465A-9F16-98FF0C76D493}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{8519F1E4-E25B-42B1-B361-0C643F45CF11}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{50F4150A-48B2-417A-BE4C-C83F580FB904}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{50F4150A-48B2-417A-BE4C-C83F580FB904}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{29B6CFD5-0064-411A-8C42-9890C83F9921}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{50F4150A-48B2-417A-BE4C-C83F580FB904}
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved [{754DF2CE-51E8-4895-B53C-6381418B84AE}]
[-] Schlüssel gelöscht: HKU\S-1-5-21-2601677052-3802215475-160921258-1000\Software\QQBrowser
[-] Schlüssel gelöscht: HKU\S-1-5-21-2601677052-3802215475-160921258-1000\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\QQBrowser
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
[-] Schlüssel gelöscht: HKLM\SOFTWARE\MaxPower
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\QQBrowser
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
[-] Daten  wiederhergestellt: HKU\S-1-5-21-2601677052-3802215475-160921258-1000\Software\Policies\Microsoft\Internet Explorer\Main [Start Page] 
[-] Daten  wiederhergestellt: HKU\S-1-5-21-2601677052-3802215475-160921258-1000\Software\Microsoft\Internet Explorer\Main [Start Page] 
[-] Daten  wiederhergestellt: HKCU\Software\Policies\Microsoft\Internet Explorer\Main [Start Page] 
[-] Daten  wiederhergestellt: HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer\Main [Start Page] 
[-] Daten  wiederhergestellt: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] 
[-] Daten  wiederhergestellt: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] 
[-] Daten  wiederhergestellt: HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tab] 
[-] Daten  wiederhergestellt: [x64] HKCU\Software\Policies\Microsoft\Internet Explorer\Main [Start Page] 
[-] Daten  wiederhergestellt: [x64] HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer\Main [Start Page] 
[-] Daten  wiederhergestellt: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] 
[-] Daten  wiederhergestellt: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tab] 
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
[-] Schlüssel gelöscht: HKLM\SOFTWARE\MozillaPlugins\@qq.com/TXSSO
[-] Schlüssel gelöscht: HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP
[-] Schlüssel gelöscht: HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP
[-] Schlüssel gelöscht: HKLM\SOFTWARE\MozillaPlugins\@qq.com/npandroidassistant
[-] Schlüssel gelöscht: HKEY_CLASSES_ROOT\.qmgc
[-] Schlüssel gelöscht: HKCU\SOFTWARE\Classes\ChromeHTML
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Google\Chrome\Extensions\npdicihegicnhaangkdmcgbjceoemeoo


***** [ Browser ] *****

[-] [C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default] [extension] Gelöscht: npdicihegicnhaangkdmcgbjceoemeoo
[-] [C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default] [extension] Gelöscht: npdicihegicnhaangkdmcgbjceoemeoo


*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Image File Execution Options" Schlüssel gelöscht
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Firewall Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [11096 Bytes] - [26/03/2017 19:19:50]
C:\AdwCleaner\AdwCleaner[S0].txt - [10545 Bytes] - [26/03/2017 19:10:55]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [11244 Bytes] ##########
         
--- --- ---



MBAM
Code:
ATTFilter
Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 26.03.17
Scan-Zeit: 19:43
Protokolldatei: mbam.txt
Administrator: Ja

-Softwaredaten-
Version: 3.0.6.1469
Komponentenversion: 1.0.75
Version des Aktualisierungspakets: 1.0.1394
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Neslihan-PC\Neslihan

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 450660
Abgelaufene Zeit: 1 Min., 59 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 2
PUP.Optional.DriveTheLife, C:\Users\Neslihan\AppData\Roaming\DriveTheLife2013\Dtl2013DownLoad, In Quarantäne, [2975], [381097],1.0.1394
PUP.Optional.DriveTheLife, C:\USERS\NESLIHAN\APPDATA\ROAMING\DriveTheLife2013, In Quarantäne, [2975], [381097],1.0.1394

Datei: 0
(keine bösartigen Elemente erkannt)

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)


(end)
         

Alt 29.03.2017, 20:44   #9
M-K-D-B
/// TB-Ausbilder
 
Ungewollte Browserextension / Verlangsamtes Laden (Chrome) - Standard

Ungewollte Browserextension / Verlangsamtes Laden (Chrome)



Servus,


komisch... ich sehe jetzt nicht, dass AdwCleaner bei dir was "falsches" gelöscht hätte...



AdwCleaner bitte nochmal im Abgesicherten Modus ausführen (wie beschrieben) und wieder die Logdatei posten.


Dann FRST im normalen Modus ausführen (nur wenn es GAR NICHT geht, im abgesicherten Modus).

Alt 02.04.2017, 09:36   #10
M-K-D-B
/// TB-Ausbilder
 
Ungewollte Browserextension / Verlangsamtes Laden (Chrome) - Standard

Ungewollte Browserextension / Verlangsamtes Laden (Chrome)



Fehlende Rückmeldung
Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten.
PM an mich falls Du denoch weiter machen willst.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen!

Antwort

Themen zu Ungewollte Browserextension / Verlangsamtes Laden (Chrome)
computer, deinstallieren, extension, faust, folge, funkt, google, hallo zusammen, kurzem, laden, langsam, lädt, namens, panda, panda security, programme, programmen, scan, security, server, software, tab, ungewollte, virenscan, zusammen




Ähnliche Themen: Ungewollte Browserextension / Verlangsamtes Laden (Chrome)


  1. Chrome braucht lange um Inhalte zu laden (Scrollen) - Samsung Update nicht erfolgreich
    Alles rund um Windows - 13.01.2017 (15)
  2. Win10 Edge und Chrome bringen Werbung ungewollte Weiterleitungen
    Plagegeister aller Art und deren Bekämpfung - 27.10.2016 (38)
  3. Probleme mit Chrome & Firefox: Ewiges Laden, nicht killbare Prozesse und öffnen von Tabs
    Log-Analyse und Auswertung - 22.11.2015 (10)
  4. Windows 8 Firewall lässt sich nicht aktivieren und Browser (Firefox und Chrome) laden nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 26.05.2015 (3)
  5. Ständig Werbung und Popup Fenster und verlangsamtes Surfen
    Plagegeister aller Art und deren Bekämpfung - 24.01.2015 (6)
  6. Chrome: Seiten laden nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 19.10.2014 (13)
  7. Laptop läd Programme sehr langsam, Programme-Fehlermeldung (keine Rückmeldung) & im Chrome Seiten laden nicht
    Plagegeister aller Art und deren Bekämpfung - 06.10.2014 (5)
  8. (Yawtix ads) ungewollte Suche-Chrome Popups aufdringlich
    Plagegeister aller Art und deren Bekämpfung - 23.06.2014 (5)
  9. Geräusche im Hintergrund und verlangsamtes Laden von Websites
    Plagegeister aller Art und deren Bekämpfung - 04.02.2014 (15)
  10. Win7, Google Chrome seit heute mit Werbung-einige Webseiten funktionieren nicht mehr richtig, ungewollte Sounds in Windows
    Log-Analyse und Auswertung - 27.12.2013 (9)
  11. Ungewollte Startseite bei Chrome: " http://wisersearch.com/?channel=de_nt" - Wie entfernen?
    Plagegeister aller Art und deren Bekämpfung - 07.12.2013 (17)
  12. Ständige Disconnects, Verlangsamtes Internet, Stotternder Sound
    Log-Analyse und Auswertung - 04.09.2013 (3)
  13. Sm.de und Delta-Search beim Laden von Chrome
    Plagegeister aller Art und deren Bekämpfung - 25.06.2013 (54)
  14. Startk verlangsamtes Internet: Verdacht auf Spyware
    Log-Analyse und Auswertung - 24.04.2013 (26)
  15. Verlangsamtes System und unterstrichene Werbelinks in sämtlichen Texten, off- und online.
    Log-Analyse und Auswertung - 23.03.2013 (8)
  16. Bluescreens/Verlangsamtes Windows/MBytes bricht ab
    Plagegeister aller Art und deren Bekämpfung - 08.12.2012 (17)
  17. Ungewollte pop-ups/ungewollte links aus Google -PLEASE HELP -log inside
    Log-Analyse und Auswertung - 25.01.2010 (13)

Zum Thema Ungewollte Browserextension / Verlangsamtes Laden (Chrome) - Hallo zusammen Seit kurzem lädt Instagram auffällig langsam (es liegt nicht an deren Server) - eher hab ich den Eindruck, dass irgendwas unterwünschtes dazwischenfunkt! Dann habe ich beim Googlen festgeställt, - Ungewollte Browserextension / Verlangsamtes Laden (Chrome)...
Archiv
Du betrachtest: Ungewollte Browserextension / Verlangsamtes Laden (Chrome) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.