Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Commerzbank TAN-Abfrade Trojaner….

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 16.10.2014, 13:59   #1
csak09
 
Commerzbank TAN-Abfrade Trojaner…. - Standard

Commerzbank TAN-Abfrade Trojaner….



Hallo zusammen,
haben leider wie viele diesen Commerzbank-trojaner. habe erstmal mir avira-antivirus runtergeladen. Nach dem ersten durchlauf und einem Fund, wurde mir empfohlen einen Neustart zu machen. Jetzt geht gar nichts mehr..nur noch dunkler Bildschirm.
Kann ich jetzt noch was machen oder besser gleich wo hin bringen?

Danke für die Antworten im Voraus

lg

Alt 16.10.2014, 14:09   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Commerzbank TAN-Abfrade Trojaner…. - Standard

Commerzbank TAN-Abfrade Trojaner….



hi,

Scan mit Farbar's Recovery Scan Tool (Recovery Mode - Windows Vista, 7, 8)
Hinweise für Windows 8-Nutzer: Anleitung 1 (FRST-Variante) und Anleitung 2 (zweiter Teil)
  • Downloade dir bitte die passende Version des Tools (im Zweifel beide) und speichere diese auf einen USB Stick: FRST Download FRST 32-Bit | FRST 64-Bit
  • Schließe den USB Stick an das infizierte System an und boote das System in die System Reparatur Option.
  • Scanne jetzt nach der bebilderten Anleitung oder verwende die folgende Kurzanleitung:
Über den Boot Manager:
  • Starte den Rechner neu.
  • Während dem Hochfahren drücke mehrmals die F8 Taste
  • Wähle nun Computer reparieren.
  • Wähle dein Betriebssystem und Benutzerkonto und klicke jeweils "Weiter".
Mit Windows CD/DVD (auch bei Windows 8 möglich):
  • Lege die Windows CD in dein Laufwerk.
  • Starte den Rechner neu und starte von der CD.
  • Wähle die Spracheinstellungen und klicke "Weiter".
  • Klicke auf Computerreparaturoptionen !
  • Wähle dein Betriebssystem und Benutzerkonto und klicke jeweils "Weiter".
Wähle in den Reparaturoptionen: Eingabeaufforderung
  • Gib nun bitte notepad ein und drücke Enter.
  • Im öffnenden Textdokument: Datei > Speichern unter... und wähle Computer.
    Hier wird dir der Laufwerksbuchstabe deines USB Sticks angezeigt, merke ihn dir.
  • Schließe Notepad wieder
  • Gib nun bitte folgenden Befehl ein.
    e:\frst.exe bzw. e:\frst64.exe
    Hinweis: e steht für den Laufwerksbuchstaben deines USB Sticks, den du dir gemerkt hast. Gegebenfalls anpassen.
  • Akzeptiere den Disclaimer mit Ja und klicke Untersuchen
Das Tool erstellt eine FRST.txt auf deinem USB Stick. Poste den Inhalt bitte hier nach Möglichkeit in Code-Tags (Anleitung).

__________________

__________________

Alt 16.10.2014, 15:25   #3
csak09
 
Commerzbank TAN-Abfrade Trojaner…. - Standard

Commerzbank TAN-Abfrade Trojaner….



Hi, danke für die rasche Antwort. Der scan ist fertig... melde mich gleich mit dem Code-tag



FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-10-2014 02
Ran by oem (administrator) on OEM-VAIO on 16-10-2014 14:18:56
Running from C:\Users\oem\Downloads
Loaded Profile: oem (Available profiles: oem)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
() C:\ProgramData\ywmpnrl\welyj.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.07\AllShareFrameworkManagerDMS.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.07\AllShareFrameworkDMS.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
() C:\Program Files (x86)\SupTab\HpUI.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link Service.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
() C:\Program Files (x86)\SupTab\Loader64.exe
() C:\Program Files (x86)\SupTab\Loader32.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Windows Net) C:\Users\oem\AppData\Roaming\Windows Net Data\net.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
() C:\Program Files (x86)\PricePeep\PricePeepUpdater.exe
() C:\ProgramData\sqbufu\vseon.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Sony Corporation) C:\Program Files\Sony\VCM Manager Settings\VcmMgrNotification64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\chrome.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\chrome.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\chrome.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\chrome.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [518784 2011-03-29] (Conexant Systems, Inc.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790176 2011-03-31] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657056 2011-03-31] (Atheros Commnucations)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
HKLM\...\Run: [Samsung Link] => C:\Program Files\Samsung\Samsung Link\utils\Samsung Link Launcher.exe [407384 2013-04-23] (Samsung Electronics)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-27] (Sony Corporation)
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-09-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [165168 2014-09-23] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-610130894-2640221141-4098085956-1000\...\Run: [Elbserver] => C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe [83344 2011-04-02] (Sony Corporation)
HKU\S-1-5-21-610130894-2640221141-4098085956-1000\...\Run: [Nokia Internet Modem] => "C:\Program Files (x86)\Nokia\Nokia Internet Modem\WellPhone2.exe" /background
HKU\S-1-5-21-610130894-2640221141-4098085956-1000\...\Run: [ulesxkaz] => C:\Users\oem\AppData\Local\Temp\Fxrgpr\drkyrmexkaz.exe [84992 2014-06-18] () <===== ATTENTION
HKU\S-1-5-21-610130894-2640221141-4098085956-1000\...\Run: [iwjzozup] => C:\Users\oem\AppData\Roaming\Gjywxtb\cewarueozup.exe
HKU\S-1-5-21-610130894-2640221141-4098085956-1000\...\Run: [Play Now Radio] => C:\Users\oem\AppData\Local\playnowradio\playnowradio\1.3.14.6\playnowradio.exe
HKU\S-1-5-21-610130894-2640221141-4098085956-1000\...\RunOnce: [64dbpj] => C:\ProgramData\sqbufu\vseon.exe [292864 2014-10-16] ()
HKU\S-1-5-21-610130894-2640221141-4098085956-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-610130894-2640221141-4098085956-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-610130894-2640221141-4098085956-1000\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-610130894-2640221141-4098085956-1000\...\Policies\Explorer: [NoLogOff] 0
HKU\S-1-5-21-610130894-2640221141-4098085956-1000\...\MountPoints2: E - E:\AutoRun.exe
HKU\S-1-5-21-610130894-2640221141-4098085956-1000\...\MountPoints2: {57f72a0c-566f-11e1-b4dc-90004eba3664} - E:\AutoRun.exe
HKU\S-1-5-21-610130894-2640221141-4098085956-1000\...\MountPoints2: {57f72a1e-566f-11e1-b4dc-90004eba3664} - E:\AutoRun.exe
HKU\S-1-5-21-610130894-2640221141-4098085956-1000\...\MountPoints2: {5a4ff2ca-45a3-11e1-a25d-90004eba3664} - E:\application\Setup.exe
HKU\S-1-5-21-610130894-2640221141-4098085956-1000\...\Winlogon: [Shell] C:\ProgramData\ywmpnrl\welyj.exe,explorer.exe <==== ATTENTION 
HKU\S-1-5-18\...\RunOnce: [64dbpj] => C:\ProgramData\sqbufu\vseon.exe [292864 2014-10-16] ()
HKU\S-1-5-18\...\Winlogon: [Shell] C:\ProgramData\ywmpnrl\welyj.exe,explorer.exe <==== ATTENTION 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\net.lnk
ShortcutTarget: net.lnk -> C:\Users\oem\AppData\Roaming\Windows Net Data\net.exe (Windows Net)
Startup: C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PricePeepUpdater.lnk
ShortcutTarget: PricePeepUpdater.lnk -> C:\Program Files (x86)\PricePeep\PricePeepUpdater.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=6.8&ts=1379541600000.000008&tguid=66920-6787-1379541600000.000008-C793F11DACE3475CC9748FD4179532EE&st=chrome&q=
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://astromenda.com/?f=1&a=ast_md_14_40_ch&cd=2XzuyEtN2Y1L1Qzu0AtBtDtDyE0E0B0AtAyCyCtAtB0EtB0FtN0D0Tzu0StCtDtDyBtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StDzytCzz0F0A0F0DtG0AyD0AyCtGzzyDyD0FtGyE0E0FtCtGyCzy0DyCyCzytAtBtD0AtCyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0EzyyD0B0DtDtBtAtGyD0FyCyEtGyEtAyB0FtGzzzytAyCtG0A0D0FyD0B0BtCzz0FzyyE0F2Q&cr=1983010800&ir=
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=6.8&ts=1379541600000.000008&tguid=66920-6787-1379541600000.000008-C793F11DACE3475CC9748FD4179532EE&st=chrome&q=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=6.8&ts=1379541600000.000008&tguid=66920-6787-1379541600000.000008-C793F11DACE3475CC9748FD4179532EE&st=chrome&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mystartsearch.com/?type=hp&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=6.8&ts=1379541600000.000008&tguid=66920-6787-1379541600000.000008-C793F11DACE3475CC9748FD4179532EE&st=chrome&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=6.8&ts=1379541600000.000008&tguid=66920-6787-1379541600000.000008-C793F11DACE3475CC9748FD4179532EE&st=chrome&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=6.8&ts=1379541600000.000008&tguid=66920-6787-1379541600000.000008-C793F11DACE3475CC9748FD4179532EE&st=chrome&q=
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE&q={searchTerms}
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKLM - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = 
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2001} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=0&systemid=1&apn_dtid=IME001&apn_ptnrs=AGE&o=APN10653&apn_uid=0555958787904070&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = 
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=DE&userid=d9e3580c-aa30-c45b-5366-2557d5ace247&searchtype=ds&q={searchTerms}&installDate=06/12/2013
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE&q={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE&q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=DE&userid=d9e3580c-aa30-c45b-5366-2557d5ace247&searchtype=ds&q={searchTerms}&installDate=06/12/2013
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3317742&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP323D6C4D-2BFC-42AE-A7F7-93B98C5CFA49&q={searchTerms}&SSPV=
SearchScopes: HKCU - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=6.8&ts=1379541600000.000008&tguid=66920-6787-1379541600000.000008-C793F11DACE3475CC9748FD4179532EE&q={searchTerms}
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE&q={searchTerms}
BHO: click-n-mark-5 -> {11111111-1111-1111-1111-110411511182} -> C:\Program Files (x86)\click-n-mark-5\click-n-mark-5-bho64.dll (Remarkable)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Plus-HD-3.8 -> {11111111-1111-1111-1111-110311901130} -> C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-bho.dll ()
BHO-x32: click-n-mark-5 -> {11111111-1111-1111-1111-110411511182} -> C:\Program Files (x86)\click-n-mark-5\click-n-mark-5-bho.dll ()
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: PricePeep -> {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} -> C:\Program Files (x86)\PricePeep\pricepeep.dll (PricePeep)
BHO-x32: Yontoo -> {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} -> C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll (Samsung)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
FF Extension: Widget context - C:\Users\oem\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{140A2D0E-85CC-4ed3-9BA5-8FA35DA7FABA}.xpi [2014-02-06]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-04-15]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff

Chrome: 
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U22) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Samsung Link PC Plugin) - C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll (Samsung)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll No File
CHR Profile: C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2014-10-15]
CHR Extension: (Docs) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-22]
CHR Extension: (Google Drive) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-22]
CHR Extension: (Movie2kDownloader 2) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\blaofbhgbmeikidhlkmjhbkbfohpgekf [2014-06-22]
CHR Extension: (YouTube) -"6a=ast_md_14_40_ch&cd=2XzuyEtN2Y1L1Qzu0AtBtDtDyE0E0B0AtAyCyCtAtB0EtB0FtN0D0Tzu0StCtDtDyBtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StDzytCzz0F0A0F0DtG0AyD0AyCtGzzyDyD0FtGyE0E0FtCtGyCzy0DyCyCzytAtBtD0AtCyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0EzyyD0B0DtDtBtAtGyD0FyCyEtGyEtAyB0FtGzzzytAyCtG0A0D0FyD0B0BtCzz0FzyyE0F2Q&cr=1983010800&ir=
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=6.8&ts=1379541600000.000008&tguid=66920-6787-1379541600000.000008-C793F11DACE3475CC9748FD4179532EE&st=chrome&q=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=6.8&ts=1379541600000.000008&tguid=66920-6787-1379541600000.000008-C793F11DACE3475CC9748FD4179532EE&st=chrome&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mystartsearch.com/?type=hp&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=6.8&ts=1379541600000.000008&tguid=66920-6787-1379541600000.000008-C793F11DACE3475CC9748FD4179532EE&st=chrome&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=6.8&ts=1379541600000.000008&tguid=66920-6787-1379541600000.000008-C793F11DACE3475CC9748FD4179532EE&st=chrome&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=6.8&ts=1379541600000.000008&tguid=66920-6787-1379541600000.000008-C793F11DACE3475CC9748FD4179532EE&st=chrome&q=
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE&q={searchTerms}
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKLM - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = 
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2001} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=0&systemid=1&apn_dtid=IME001&apn_ptnrs=AGE&o=APN10653&apn_uid=0555958787904070&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = 
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=DE&userid=d9e3580c-aa30-c45b-5366-2557d5ace247&searchtype=ds&q={searchTerms}&installDate=06/12/2013
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE&q={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE&q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=DE&userid=d9e3580c-aa30-c45b-5366-2557d5ace247&searchtype=ds&q={searchTerms}&installDate=06/12/2013
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3317742&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP323D6C4D-2BFC-42AE-A7F7-93B98C5CFA49&q={searchTerms}&SSPV=
SearchScopes: HKCU - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=6.8&ts=1379541600000.000008&tguid=66920-6787-1379541600000.000008-C793F11DACE3475CC9748FD4179532EE&q={searchTerms}
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE&q={searchTerms}
BHO: click-n-mark-5 -> {11111111-1111-1111-1111-110411511182} -> C:\Program Files (x86)\click-n-mark-5\click-n-mark-5-bho64.dll (Remarkable)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Plus-HD-3.8 -> {11111111-1111-1111-1111-110311901130} -> C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-bho.dll ()
BHO-x32: click-n-mark-5 -> {11111111-1111-1111-1111-110411511182} -> C:\Program Files (x86)\click-n-mark-5\click-n-mark-5-bho.dll ()
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: PricePeep -> {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} -> C:\Program Files (x86)\PricePeep\pricepeep.dll (PricePeep)
BHO-x32: Yontoo -> {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} -> C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll (Samsung)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
FF Extension: Widget context - C:\Users\oem\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{140A2D0E-85CC-4ed3-9BA5-8FA35DA7FABA}.xpi [2014-02-06]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-04-15]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff

Chrome: 
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U22) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Samsung Link PC Plugin) - C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll (Samsung)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll No File
CHR Profile: C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2014-10-15]
CHR Extension: (Docs) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-22]
CHR Extension: (Google Drive) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-22]
CHR Extension: (Movie2kDownloader 2) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\blaofbhgbmeikidhlkmjhbkbfohpgekf [2014-06-22]
CHR Extension: (YouTube) -"6a=ast_md_14_40_ch&cd=2XzuyEtN2Y1L1Qzu0AtBtDtDyE0E0B0AtAyCyCtAtB0EtB0FtN0D0Tzu0StCtDtDyBtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StDzytCzz0F0A0F0DtG0AyD0AyCtGzzyDyD0FtGyE0E0FtCtGyCzy0DyCyCzytAtBtD0AtCyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0EzyyD0B0DtDtBtAtGyD0FyCyEtGyEtAyB0FtGzzzytAyCtG0A0D0FyD0B0BtCzz0FzyyE0F2Q&cr=1983010800&ir=
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=6.8&ts=1379541600000.000008&tguid=66920-6787-1379541600000.000008-C793F11DACE3475CC9748FD4179532EE&st=chrome&q=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=6.8&ts=1379541600000.000008&tguid=66920-6787-1379541600000.000008-C793F11DACE3475CC9748FD4179532EE&st=chrome&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mystartsearch.com/?type=hp&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=6.8&ts=1379541600000.000008&tguid=66920-6787-1379541600000.000008-C793F11DACE3475CC9748FD4179532EE&st=chrome&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=6.8&ts=1379541600000.000008&tguid=66920-6787-1379541600000.000008-C793F11DACE3475CC9748FD4179532EE&st=chrome&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=6.8&ts=1379541600000.000008&tguid=66920-6787-1379541600000.000008-C793F11DACE3475CC9748FD4179532EE&st=chrome&q=
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE&q={searchTerms}
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKLM - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = 
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2001} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=0&systemid=1&apn_dtid=IME001&apn_ptnrs=AGE&o=APN10653&apn_uid=0555958787904070&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = 
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=DE&userid=d9e3580c-aa30-c45b-5366-2557d5ace247&searchtype=ds&q={searchTerms}&installDate=06/12/2013
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE&q={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE&q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=DE&userid=d9e3580c-aa30-c45b-5366-2557d5ace247&searchtype=ds&q={searchTerms}&installDate=06/12/2013
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3317742&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP323D6C4D-2BFC-42AE-A7F7-93B98C5CFA49&q={searchTerms}&SSPV=
SearchScopes: HKCU - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=6.8&ts=1379541600000.000008&tguid=66920-6787-1379541600000.000008-C793F11DACE3475CC9748FD4179532EE&q={searchTerms}
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE&q={searchTerms}
BHO: click-n-mark-5 -> {11111111-1111-1111-1111-110411511182} -> C:\Program Files (x86)\click-n-mark-5\click-n-mark-5-bho64.dll (Remarkable)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Plus-HD-3.8 -> {11111111-1111-1111-1111-110311901130} -> C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-bho.dll ()
BHO-x32: click-n-mark-5 -> {11111111-1111-1111-1111-110411511182} -> C:\Program Files (x86)\click-n-mark-5\click-n-mark-5-bho.dll ()
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: PricePeep -> {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} -> C:\Program Files (x86)\PricePeep\pricepeep.dll (PricePeep)
BHO-x32: Yontoo -> {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} -> C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll (Samsung)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
FF Extension: Widget context - C:\Users\oem\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{140A2D0E-85CC-4ed3-9BA5-8FA35DA7FABA}.xpi [2014-02-06]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-04-15]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff

Chrome: 
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U22) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Samsung Link PC Plugin) - C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll (Samsung)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll No File
CHR Profile: C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2014-10-15]
CHR Extension: (Docs) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-22]
CHR Extension: (Google Drive) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-22]
CHR Extension: (Movie2kDownloader 2) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\blaofbhgbmeikidhlkmjhbkbfohpgekf [2014-06-22]
CHR Extension: (YouTube) -"6a=ast_md_14_40_ch&cd=2XzuyEtN2Y1L1Qzu0AtBtDtDyE0E0B0AtAyCyCtAtB0EtB0FtN0D0Tzu0StCtDtDyBtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StDzytCzz0F0A0F0DtG0AyD0AyCtGzzyDyD0FtGyE0E0FtCtGyCzy0DyCyCzytAtBtD0AtCyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0EzyyD0B0DtDtBtAtGyD0FyCyEtGyEtAyB0FtGzzzytAyCtG0A0D0FyD0B0BtCzz0FzyyE0F2Q&cr=1983010800&ir=
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=6.8&ts=1379541600000.000008&tguid=66920-6787-1379541600000.000008-C793F11DACE3475CC9748FD4179532EE&st=chrome&q=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=6.8&ts=1379541600000.000008&tguid=66920-6787-1379541600000.000008-C793F11DACE3475CC9748FD4179532EE&st=chrome&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mystartsearch.com/?type=hp&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=6.8&ts=1379541600000.000008&tguid=66920-6787-1379541600000.000008-C793F11DACE3475CC9748FD4179532EE&st=chrome&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=6.8&ts=1379541600000.000008&tguid=66920-6787-1379541600000.000008-C793F11DACE3475CC9748FD4179532EE&st=chrome&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=6.8&ts=1379541600000.000008&tguid=66920-6787-1379541600000.000008-C793F11DACE3475CC9748FD4179532EE&st=chrome&q=
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE&q={searchTerms}
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKLM - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = 
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2001} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=0&systemid=1&apn_dtid=IME001&apn_ptnrs=AGE&o=APN10653&apn_uid=0555958787904070&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = 
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=DE&userid=d9e3580c-aa30-c45b-5366-2557d5ace247&searchtype=ds&q={searchTerms}&installDate=06/12/2013
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE&q={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE&q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=DE&userid=d9e3580c-aa30-c45b-5366-2557d5ace247&searchtype=ds&q={searchTerms}&installDate=06/12/2013
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3317742&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP323D6C4D-2BFC-42AE-A7F7-93B98C5CFA49&q={searchTerms}&SSPV=
SearchScopes: HKCU - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=6.8&ts=1379541600000.000008&tguid=66920-6787-1379541600000.000008-C793F11DACE3475CC9748FD4179532EE&q={searchTerms}
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE&q={searchTerms}
BHO: click-n-mark-5 -> {11111111-1111-1111-1111-110411511182} -> C:\Program Files (x86)\click-n-mark-5\click-n-mark-5-bho64.dll (Remarkable)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Plus-HD-3.8 -> {11111111-1111-1111-1111-110311901130} -> C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-bho.dll ()
BHO-x32: click-n-mark-5 -> {11111111-1111-1111-1111-110411511182} -> C:\Program Files (x86)\click-n-mark-5\click-n-mark-5-bho.dll ()
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: PricePeep -> {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} -> C:\Program Files (x86)\PricePeep\pricepeep.dll (PricePeep)
BHO-x32: Yontoo -> {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} -> C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll (Samsung)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
FF Extension: Widget context - C:\Users\oem\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{140A2D0E-85CC-4ed3-9BA5-8FA35DA7FABA}.xpi [2014-02-06]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-04-15]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff

Chrome: 
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U22) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Samsung Link PC Plugin) - C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll (Samsung)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll No File
CHR Profile: C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2014-10-15]
CHR Extension: (Docs) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-22]
CHR Extension: (Google Drive) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-22]
CHR Extension: (Movie2kDownloader 2) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\blaofbhgbmeikidhlkmjhbkbfohpgekf [2014-06-22]
CHR Extension: (YouTube) -"6a=ast_md_14_40_ch&cd=2XzuyEtN2Y1L1Qzu0AtBtDtDyE0E0B0AtAyCyCtAtB0EtB0FtN0D0Tzu0StCtDtDyBtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StDzytCzz0F0A0F0DtG0AyD0AyCtGzzyDyD0FtGyE0E0FtCtGyCzy0DyCyCzytAtBtD0AtCyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0EzyyD0B0DtDtBtAtGyD0FyCyEtGyEtAyB0FtGzzzytAyCtG0A0D0FyD0B0BtCzz0FzyyE0F2Q&cr=1983010800&ir=
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=6.8&ts=1379541600000.000008&tguid=66920-6787-1379541600000.000008-C793F11DACE3475CC9748FD4179532EE&st=chrome&q=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=6.8&ts=1379541600000.000008&tguid=66920-6787-1379541600000.000008-C793F11DACE3475CC9748FD4179532EE&st=chrome&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mystartsearch.com/?type=hp&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=6.8&ts=1379541600000.000008&tguid=66920-6787-1379541600000.000008-C793F11DACE3475CC9748FD4179532EE&st=chrome&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=6.8&ts=1379541600000.000008&tguid=66920-6787-1379541600000.000008-C793F11DACE3475CC9748FD4179532EE&st=chrome&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=6.8&ts=1379541600000.000008&tguid=66920-6787-1379541600000.000008-C793F11DACE3475CC9748FD4179532EE&st=chrome&q=
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE&q={searchTerms}
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKLM - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = 
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2001} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=0&systemid=1&apn_dtid=IME001&apn_ptnrs=AGE&o=APN10653&apn_uid=0555958787904070&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = 
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=DE&userid=d9e3580c-aa30-c45b-5366-2557d5ace247&searchtype=ds&q={searchTerms}&installDate=06/12/2013
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE&q={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE&q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=DE&userid=d9e3580c-aa30-c45b-5366-2557d5ace247&searchtype=ds&q={searchTerms}&installDate=06/12/2013
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3317742&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP323D6C4D-2BFC-42AE-A7F7-93B98C5CFA49&q={searchTerms}&SSPV=
SearchScopes: HKCU - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=6.8&ts=1379541600000.000008&tguid=66920-6787-1379541600000.000008-C793F11DACE3475CC9748FD4179532EE&q={searchTerms}
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE&q={searchTerms}
BHO: click-n-mark-5 -> {11111111-1111-1111-1111-110411511182} -> C:\Program Files (x86)\click-n-mark-5\click-n-mark-5-bho64.dll (Remarkable)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Plus-HD-3.8 -> {11111111-1111-1111-1111-110311901130} -> C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-bho.dll ()
BHO-x32: click-n-mark-5 -> {11111111-1111-1111-1111-110411511182} -> C:\Program Files (x86)\click-n-mark-5\click-n-mark-5-bho.dll ()
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: PricePeep -> {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} -> C:\Program Files (x86)\PricePeep\pricepeep.dll (PricePeep)
BHO-x32: Yontoo -> {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} -> C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
Toolbar%

Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll (Samsung)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
FF Extension: Widget context - C:\Users\oem\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{140A2D0E-85CC-4ed3-9BA5-8FA35DA7FABA}.xpi [2014-02-06]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-04-15]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff

Chrome: 
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U22) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Samsung Link PC Plugin) - C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll (Samsung)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll No File
CHR Profile: C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2014-10-15]
CHR Extension: (Docs) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-22]
CHR Extension: (Google Drive) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-22]
CHR Extension: (Movie2kDownloader 2) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\blaofbhgbmeikidhlkmjhbkbfohpgekf [2014-06-22]
CHR Extension: (YouTube) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-22]
CHR Extension: (Google-Suche) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-22]
CHR Extension: (click-n-mark-5) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld [2014-06-22]
CHR Extension: (Skype Click to Call) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-07-26]
CHR Extension: (Google Wallet) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-22]
CHR Extension: (Google Mail) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-22]
CHR HKLM-x32\...\Chrome\Extension: [blaofbhgbmeikidhlkmjhbkbfohpgekf] - C:\Program Files (x86)\Movie2KDownloader.com\Movie2KDownloader10.crx [2012-12-13]
CHR HKLM-x32\...\Chrome\Extension: [kiplfnciaokpcennlkldkdaeaaomamof] - C:\Users\oem\AppData\Local\Torch\Plugins\TorchPlugin.crx [2012-12-13]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-10-11]
CHR StartMenuInternet: Google Chrome - chrome.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.07\AllShareFrameworkManagerDMS.exe [405896 2013-04-16] (Samsung) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-09-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-09-24] (Avira Operations GmbH & Co. KG)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-03-31] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [75936 2011-03-31] (Atheros Commnucations) [File not signed]
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160560 2014-09-23] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2361344 2011-03-29] (Realsil Microelectronics Inc.) [File not signed]
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [715656 2014-10-11] (Cherished Technololgy LIMITED)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation)
R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link Service.exe [605768 2013-04-23] (Copyright 2013 SAMSUNG)
S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe [234096 2013-09-19] (soft Xpansion)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1359408 2013-03-26] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-09-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-09-24] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-09-24] (Avira Operations GmbH & Co. KG)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [52736 2012-02-15] (Apple, Inc.) [File not signed]
S3 zte_cdc_acm; C:\Windows\System32\DRIVERS\zte_cdc_acm.sys [79872 2011-05-23] (ZTE) [File not signed]
S3 zte_cdc_ecm; C:\Windows\System32\DRIVERS\zte_cdc_ecm.sys [36864 2011-05-23] (ZTE) [File not signed]
S3 zte_cpo; C:\Windows\System32\DRIVERS\zte_cpo.sys [14336 2011-05-23] (ZTE) [File not signed]
S3 zte_ecm_enum; C:\Windows\System32\DRIVERS\zte_ecm_enum.sys [56320 2011-05-23] (ZTE) [File not signed]
S3 zte_ecm_enum_filter; C:\Windows\System32\DRIVERS\zte_ecm_enum_filter.sys [56320 2011-05-23] (ZTE) [File not signed]
S3 ApfiltrService; \SystemRoot\system32\drivers\Apfiltr.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-16 14:18 - 2014-10-16 14:19 - 00030168 _____ () C:\Users\oem\Downloads\FRST.txt
2014-10-16 14:18 - 2014-10-16 14:19 - 00000000 ____D () C:\FRST
2014-10-16 14:17 - 2014-10-16 14:17 - 02111488 _____ (Farbar) C:\Users\oem\Downloads\FRST64.exe
2014-10-16 14:16 - 2014-10-16 14:16 - 01102848 _____ (Farbar) C:\Users\oem\Downloads\FRST.exe
2014-10-16 13:58 - 2014-10-16 13:58 - 00000000 ___RD () C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-10-16 13:56 - 2014-10-16 13:56 - 00003288 ____N () C:\bootsqm.dat
2014-10-16 13:53 - 2014-10-16 13:53 - 00000000 __SHD () C:\found.000
2014-10-16 13:32 - 2014-10-16 14:07 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-10-16 13:31 - 2014-10-16 14:07 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-16 13:31 - 2014-10-16 13:31 - 00000000 ____D () C:\Users\oem\AppData\Roaming\Avira
2014-10-16 13:30 - 2014-10-16 14:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-10-16 13:30 - 2014-10-16 13:30 - 00002066 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-10-16 13:29 - 2014-10-16 14:07 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-10-16 13:29 - 2014-10-16 13:32 - 00000000 ____D () C:\ProgramData\Avira
2014-10-16 13:29 - 2014-09-24 12:44 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-10-16 13:29 - 2014-09-24 12:44 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-10-16 13:29 - 2014-09-24 12:44 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-10-16 13:24 - 2014-10-16 13:37 - 641245184 _____ () C:\Users\oem\Downloads\rescue-09system.iso
2014-10-16 13:23 - 2014-10-16 13:27 - 150010760 _____ () C:\Users\oem\Downloads\avira07_free_antivirus_de.exe
2014-10-11 23:51 - 2014-10-11 23:51 - 00000000 ____D () C:\ProgramData\Xunlei
2014-10-11 23:51 - 2014-10-11 23:51 - 00000000 ____D () C:\ProgramData\Thunder Network
2014-10-11 23:50 - 2014-10-11 23:50 - 00000000 ____D () C:\ProgramData\374311380
2014-10-11 23:48 - 2014-10-15 11:34 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2014-10-11 23:48 - 2014-10-15 11:34 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2014-10-11 23:48 - 2014-10-12 00:09 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2014-10-11 23:48 - 2014-10-11 23:49 - 00002824 _____ () C:\Windows\System32\Tasks\APSnotifierPP1
2014-10-11 23:48 - 2014-10-11 23:49 - 00002822 _____ () C:\Windows\System32\Tasks\APSnotifierPP3
2014-10-11 23:48 - 2014-10-11 23:49 - 00002822 _____ () C:\Windows\System32\Tasks\APSnotifierPP2
2014-10-11 23:48 - 2014-10-11 23:48 - 00627560 _____ (CMI Limited) C:\Users\oem\AppData\Local\nsbAA21.tmp
2014-10-11 23:48 - 2014-10-11 23:48 - 00000000 ____D () C:\Users\oem\AppData\Roaming\ap_movie
2014-10-11 23:48 - 2014-10-11 23:48 - 00000000 ____D () C:\Users\oem\AppData\Roaming\AnyProtectEx
2014-10-11 22:35 - 2014-10-11 23:53 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-10-11 22:35 - 2014-10-11 22:35 - 00000000 ____D () C:\Users\oem\Desktop\Documents\Optimizer Pro
2014-10-11 22:35 - 2014-10-11 22:35 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-10-11 22:35 - 2014-10-11 22:35 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-10-11 22:34 - 2014-10-11 22:34 - 00000000 ____D () C:\Users\oem\AppData\Local\playnowradio
2014-10-11 22:33 - 2014-10-16 13:58 - 00001678 _____ () C:\Windows\Tasks\UGZFZYOQ.job
2014-10-11 22:33 - 2014-10-11 22:33 - 02002848 _____ (home) C:\Users\oem\AppData\Roaming\UGZFZYOQ.exe
2014-10-11 22:33 - 2014-10-11 22:33 - 01539488 _____ (home) C:\Users\oem\AppData\Roaming\TRSM.exe
2014-10-11 22:33 - 2014-10-11 22:33 - 00004700 _____ () C:\Windows\System32\Tasks\UGZFZYOQ
2014-10-11 22:32 - 2014-10-11 22:32 - 00397328 _____ () C:\Users\oem\Downloads\HDvid-codec-Chrome.exe
2014-10-09 17:37 - 2014-10-09 17:44 - 202031678 _____ () C:\Users\oem\Downloads\gparted-live-0.19.1-1-amd64.zip
2014-10-05 14:44 - 2014-10-05 14:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\partypoker
2014-10-04 17:06 - 2014-10-04 17:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-10-03 23:59 - 2014-10-03 23:59 - 00003104 _____ () C:\Windows\System32\Tasks\{D9854648-0B3F-4E3D-941D-D3CD33B55BAB}
2014-10-03 23:58 - 2014-10-03 23:58 - 00000000 ____D () C:\Users\oem\Desktop\Documents\PC Speed Maximizer
2014-10-03 23:54 - 2014-10-16 13:14 - 00000284 _____ () C:\Windows\Tasks\WSE_Astromenda.job
2014-10-03 23:54 - 2014-10-03 23:54 - 00003220 _____ () C:\Windows\System32\Tasks\WSE_Astromenda
2014-10-03 23:54 - 2014-10-03 23:54 - 00000000 ___HD () C:\Users\oem\AppData\Roaming\GoldenGate
2014-10-03 23:53 - 2014-10-04 00:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlvPlayer
2014-10-03 23:53 - 2014-10-03 23:54 - 00000000 ____D () C:\Users\oem\AppData\Local\Gameo
2014-10-03 23:53 - 2014-10-03 23:53 - 00000169 _____ () C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
2014-10-03 23:52 - 2014-10-03 23:52 - 00806392 _____ ( ) C:\Users\oem\Downloads\FlvPlayerSetup.exe
2014-10-01 22:21 - 2014-10-01 22:21 - 00000000 _____ () C:\Windows\SysWOW64\shoDAF.tmp
2014-10-01 14:33 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 14:33 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-10-01 14:33 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-10-01 14:33 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-16 14:12 - 2014-07-01 21:43 - 00000000 ____D () C:\ProgramData\sjd
2014-10-16 14:12 - 2011-10-28 00:33 - 00000000 ____D () C:\Users\oem\AppData\Local\CrashDumps
2014-10-16 14:07 - 2011-08-23 13:07 - 01639182 _____ () C:\Windows\WindowsUpdate.log
2014-10-16 14:06 - 2009-07-14 06:45 - 00021264 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-16 14:06 - 2009-07-14 06:45 - 00021264 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-16 14:02 - 2011-04-21 08:42 - 00700118 _____ () C:\Windows\system32\perfh007.dat
2014-10-16 14:02 - 2011-04-21 08:42 - 00149968 _____ () C:\Windows\system32\perfc007.dat
2014-10-16 14:02 - 2009-07-14 07:13 - 01622164 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-16 13:59 - 2012-04-20 08:08 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-16 13:58 - 2014-06-23 13:28 - 00000000 ____D () C:\ProgramData\fymlcg
2014-10-16 13:58 - 2014-06-22 00:16 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-16 13:58 - 2014-05-08 19:35 - 00000000 ____D () C:\ProgramData\wrefxe
2014-10-16 13:58 - 2014-05-08 19:15 - 00000000 ____D () C:\ProgramData\sjdhuvd
2014-10-16 13:58 - 2013-12-06 14:46 - 00001350 _____ () C:\Windows\Tasks\click-n-mark-5-updater.job
2014-10-16 13:58 - 2013-12-06 14:46 - 00001256 _____ () C:\Windows\Tasks\click-n-mark-5-codedownloader.job
2014-10-16 13:58 - 2013-12-06 14:46 - 00001156 _____ () C:\Windows\Tasks\click-n-mark-5-enabler.job
2014-10-16 13:58 - 2013-12-06 14:45 - 00001968 _____ () C:\Windows\Tasks\click-n-mark-5-chromeinstaller.job
2014-10-16 13:58 - 2013-12-06 14:45 - 00001894 _____ () C:\Windows\Tasks\click-n-mark-5-firefoxinstaller.job
2014-10-16 13:57 - 2010-11-21 05:47 - 00433434 _____ () C:\Windows\PFRO.log
2014-10-16 13:57 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-16 13:57 - 2009-07-14 06:51 - 00151432 _____ () C:\Windows\setupact.log
2014-10-16 13:38 - 2014-06-23 13:28 - 00000000 ____D () C:\ProgramData\ywmpnrl
2014-10-16 13:38 - 2014-06-23 13:28 - 00000000 ____D () C:\ProgramData\sqbufu
2014-10-16 13:26 - 2014-06-22 00:16 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-16 13:15 - 2011-04-20 23:53 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-10-15 12:20 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-10-15 11:36 - 2013-05-01 15:09 - 00000000 ____D () C:\Samsung Link
2014-10-15 09:46 - 2011-08-27 12:19 - 00000000 ____D () C:\Users\oem\AppData\Roaming\SoftGrid Client
2014-10-14 18:39 - 2013-12-23 20:32 - 00000000 ____D () C:\Users\oem\AppData\Local\PokerStars.EU
2014-10-12 10:12 - 2014-08-03 16:58 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-10-11 22:34 - 2014-06-22 00:16 - 00002451 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-11 22:34 - 2011-08-23 13:08 - 00001629 _____ () C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-11 14:31 - 2013-03-21 18:05 - 00000000 ____D () C:\Users\oem\Desktop\Auto
2014-10-09 15:54 - 2012-02-14 21:16 - 00000000 ____D () C:\Users\oem\AppData\Roaming\Skype
2014-10-05 14:44 - 2014-04-12 23:45 - 00001537 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\partypoker.lnk
2014-10-05 14:44 - 2014-04-12 23:45 - 00001531 _____ () C:\Users\oem\Desktop\partypoker.lnk
2014-10-05 14:44 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-10-05 12:40 - 2011-04-20 23:32 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-10-04 17:06 - 2014-03-12 20:24 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-10-04 17:06 - 2011-04-20 23:52 - 00000000 ____D () C:\ProgramData\Skype
2014-10-03 22:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-01 15:29 - 2012-01-27 17:12 - 00033421 _____ () C:\test.xml
2014-10-01 14:59 - 2012-04-20 08:08 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-10-01 14:59 - 2012-04-20 08:08 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-10-01 14:59 - 2011-09-18 11:30 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

Files to move or delete:
====================
C:\Users\oem\AppData\Local\Temp\Fxrgpr\drkyrmexkaz.exe
C:\Users\oem\em.exe


Some content of TEMP:
====================
C:\Users\oem\AppData\Local\Temp\avgnt.exe
C:\Users\oem\AppData\Local\Temp\nsl9801.exe
C:\Users\oem\AppData\Local\Temp\optprosetup.exe
C:\Users\oem\AppData\Local\Temp\res.dll
C:\Users\oem\AppData\Local\Temp\SkypeSetup.exe
C:\Users\oem\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Users\oem\AppData\Local\Temp\tbu1969.exe
C:\Users\oem\AppData\Local\Temp\tbu1BC9.exe
C:\Users\oem\AppData\Local\Temp\tbu3878.exe
C:\Users\oem\AppData\Local\Temp\tbu3F4C.exe
C:\Users\oem\AppData\Local\Temp\tbu6882.exe
C:\Users\oem\AppData\Local\Temp\tbu95AA.exe
C:\Users\oem\AppData\Local\Temp\tbuA037.exe
C:\Users\oem\AppData\Local\Temp\tbuA3E2.exe
C:\Users\oem\AppData\Local\Temp\tbuB8DA.exe
C:\Users\oem\AppData\Local\Temp\tbuC503.exe
C:\Users\oem\AppData\Local\Temp\tbuC512.exe
C:\Users\oem\AppData\Local\Temp\tbuE679.exe
C:\Users\oem\AppData\Local\Temp\tbuEF61.exe
C:\Users\oem\AppData\Local\Temp\tbuF4AA.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-16 13:15

==================== End Of Log ============================
         
--- --- ---
__________________

Geändert von csak09 (16.10.2014 um 15:24 Uhr)

Alt 17.10.2014, 09:22   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Commerzbank TAN-Abfrade Trojaner…. - Standard

Commerzbank TAN-Abfrade Trojaner….



Drücke bitte die + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
HKU\S-1-5-21-610130894-2640221141-4098085956-1000\...\Run: [ulesxkaz] => C:\Users\oem\AppData\Local\Temp\Fxrgpr\drkyrmexkaz.exe [84992 2014-06-18] () <===== ATTENTION
HKU\S-1-5-21-610130894-2640221141-4098085956-1000\...\Run: [iwjzozup] => C:\Users\oem\AppData\Roaming\Gjywxtb\cewarueozup.exe
HKU\S-1-5-21-610130894-2640221141-4098085956-1000\...\RunOnce: [64dbpj] => C:\ProgramData\sqbufu\vseon.exe [292864 2014-10-16] ()
HKU\S-1-5-21-610130894-2640221141-4098085956-1000\...\Winlogon: [Shell] C:\ProgramData\ywmpnrl\welyj.exe,explorer.exe <==== ATTENTION 
HKU\S-1-5-18\...\RunOnce: [64dbpj] => C:\ProgramData\sqbufu\vseon.exe [292864 2014-10-16] ()
HKU\S-1-5-18\...\Winlogon: [Shell] C:\ProgramData\ywmpnrl\welyj.exe,explorer.exe <==== ATTENTION 
2014-10-11 22:33 - 2014-10-16 13:58 - 00001678 _____ () C:\Windows\Tasks\UGZFZYOQ.job
2014-10-11 22:33 - 2014-10-11 22:33 - 02002848 _____ (home) C:\Users\oem\AppData\Roaming\UGZFZYOQ.exe
2014-10-11 22:33 - 2014-10-11 22:33 - 01539488 _____ (home) C:\Users\oem\AppData\Roaming\TRSM.exe
2014-10-11 22:33 - 2014-10-11 22:33 - 00004700 _____ () C:\Windows\System32\Tasks\UGZFZYOQ
C:\Users\oem\AppData\Local\Temp\Fxrgpr\drkyrmexkaz.exe
C:\Users\oem\em.exe
C:\Users\oem\AppData\Roaming\Gjywxtb
C:\ProgramData\sqbufu
C:\ProgramData\ywmpnrl
Emptytemp:
         
Speichere diese bitte als Fixlist.txt auf deinem USB Stick.
  • Starte deinen Rechner erneut in die Reparaturoptionen
  • Starte nun die FRST.exe erneut und klicke den Entfernen Button.

Das Tool erstellt eine Fixlog.txt auf deinem USB Stick. Poste den Inhalt bitte hier.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 17.10.2014, 11:53   #5
csak09
 
Commerzbank TAN-Abfrade Trojaner…. - Standard

Commerzbank TAN-Abfrade Trojaner….



Hallo, hat alles gut geklappt. Laptop geht sogar wieder an.

Hab nach dem Neustart wieder die Avirameldung: Der Zugriff auf die Datei 'C:\ProgramData\sqbufu\vseon.exe' mit dem Virus oder unerwünschten Programm 'TR/Crypt.ZPACK.87847 wurde blockiert.

hier das Fixlog Ergebnis:
Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-10-2014
Ran by oem at 2014-10-17 11:30:59 Run:1
Running from C:\Users\oem\Desktop
Loaded Profile: oem (Available profiles: oem)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKU\S-1-5-21-610130894-2640221141-4098085956-1000\...\Run: [ulesxkaz] => C:\Users\oem\AppData\Local\Temp\Fxrgpr\drkyrmexkaz.exe [84992 2014-06-18] () <===== ATTENTION
HKU\S-1-5-21-610130894-2640221141-4098085956-1000\...\Run: [iwjzozup] => C:\Users\oem\AppData\Roaming\Gjywxtb\cewarueozup.exe
HKU\S-1-5-21-610130894-2640221141-4098085956-1000\...\RunOnce: [64dbpj] => C:\ProgramData\sqbufu\vseon.exe [292864 2014-10-16] ()
HKU\S-1-5-21-610130894-2640221141-4098085956-1000\...\Winlogon: [Shell] C:\ProgramData\ywmpnrl\welyj.exe,explorer.exe <==== ATTENTION 
HKU\S-1-5-18\...\RunOnce: [64dbpj] => C:\ProgramData\sqbufu\vseon.exe [292864 2014-10-16] ()
HKU\S-1-5-18\...\Winlogon: [Shell] C:\ProgramData\ywmpnrl\welyj.exe,explorer.exe <==== ATTENTION 
2014-10-11 22:33 - 2014-10-16 13:58 - 00001678 _____ () C:\Windows\Tasks\UGZFZYOQ.job
2014-10-11 22:33 - 2014-10-11 22:33 - 02002848 _____ (home) C:\Users\oem\AppData\Roaming\UGZFZYOQ.exe
2014-10-11 22:33 - 2014-10-11 22:33 - 01539488 _____ (home) C:\Users\oem\AppData\Roaming\TRSM.exe
2014-10-11 22:33 - 2014-10-11 22:33 - 00004700 _____ () C:\Windows\System32\Tasks\UGZFZYOQ
C:\Users\oem\AppData\Local\Temp\Fxrgpr\drkyrmexkaz.exe
C:\Users\oem\em.exe
C:\Users\oem\AppData\Roaming\Gjywxtb
C:\ProgramData\sqbufu
C:\ProgramData\ywmpnrl
Emptytemp:
*****************

HKU\S-1-5-21-610130894-2640221141-4098085956-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ulesxkaz => value deleted successfully.
HKU\S-1-5-21-610130894-2640221141-4098085956-1000\Software\Microsoft\Windows\CurrentVersion\Run\\iwjzozup => value deleted successfully.
HKU\S-1-5-21-610130894-2640221141-4098085956-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\64dbpj => value deleted successfully.
HKU\S-1-5-21-610130894-2640221141-4098085956-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value deleted successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\64dbpj => value deleted successfully.
HKU\S-1-5-18\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value deleted successfully.
C:\Windows\Tasks\UGZFZYOQ.job => Moved successfully.
C:\Users\oem\AppData\Roaming\UGZFZYOQ.exe => Moved successfully.
C:\Users\oem\AppData\Roaming\TRSM.exe => Moved successfully.
C:\Windows\System32\Tasks\UGZFZYOQ => Moved successfully.
C:\Users\oem\AppData\Local\Temp\Fxrgpr\drkyrmexkaz.exe => Moved successfully.
C:\Users\oem\em.exe => Moved successfully.
C:\Users\oem\AppData\Roaming\Gjywxtb => Moved successfully.
C:\ProgramData\sqbufu => Moved successfully.
C:\ProgramData\ywmpnrl => Moved successfully.
EmptyTemp: => Removed 2 GB temporary data.


The system needed a reboot. 

==== End of Fixlog ====
         


Alt 18.10.2014, 00:39   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Commerzbank TAN-Abfrade Trojaner…. - Standard

Commerzbank TAN-Abfrade Trojaner….



hi,

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
--> Commerzbank TAN-Abfrade Trojaner….

Alt 18.10.2014, 15:42   #7
csak09
 
Commerzbank TAN-Abfrade Trojaner…. - Standard

Commerzbank TAN-Abfrade Trojaner….



hallo schrauber,

hier das Ergebnis:

Code:
ATTFilter
15:33:58.0282 0x1ea4  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
15:34:01.0834 0x1ea4  ============================================================
15:34:01.0834 0x1ea4  Current date / time: 2014/10/18 15:34:01.0834
15:34:01.0834 0x1ea4  SystemInfo:
15:34:01.0834 0x1ea4  
15:34:01.0834 0x1ea4  OS Version: 6.1.7601 ServicePack: 1.0
15:34:01.0834 0x1ea4  Product type: Workstation
15:34:01.0835 0x1ea4  ComputerName: OEM-VAIO
15:34:01.0836 0x1ea4  UserName: oem
15:34:01.0836 0x1ea4  Windows directory: C:\Windows
15:34:01.0836 0x1ea4  System windows directory: C:\Windows
15:34:01.0836 0x1ea4  Running under WOW64
15:34:01.0836 0x1ea4  Processor architecture: Intel x64
15:34:01.0836 0x1ea4  Number of processors: 2
15:34:01.0836 0x1ea4  Page size: 0x1000
15:34:01.0836 0x1ea4  Boot type: Normal boot
15:34:01.0836 0x1ea4  ============================================================
15:34:03.0729 0x1ea4  KLMD registered as C:\Windows\system32\drivers\31276208.sys
15:34:05.0005 0x1ea4  System UUID: {5B398748-44E6-4C5A-13C3-15EE174F57CC}
15:34:06.0233 0x1ea4  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:34:06.0238 0x1ea4  ============================================================
15:34:06.0238 0x1ea4  \Device\Harddisk0\DR0:
15:34:06.0239 0x1ea4  MBR partitions:
15:34:06.0239 0x1ea4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x220C000, BlocksNum 0x32000
15:34:06.0239 0x1ea4  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x223E000, BlocksNum 0x38148030
15:34:06.0239 0x1ea4  ============================================================
15:34:06.0284 0x1ea4  C: <-> \Device\Harddisk0\DR0\Partition2
15:34:06.0284 0x1ea4  ============================================================
15:34:06.0284 0x1ea4  Initialize success
15:34:06.0284 0x1ea4  ============================================================
15:35:00.0567 0x108c  ============================================================
15:35:00.0567 0x108c  Scan started
15:35:00.0567 0x108c  Mode: Manual; SigCheck; TDLFS; 
15:35:00.0567 0x108c  ============================================================
15:35:00.0567 0x108c  KSN ping started
15:35:15.0361 0x108c  KSN ping finished: true
15:35:20.0916 0x108c  ================ Scan system memory ========================
15:35:20.0916 0x108c  System memory - ok
15:35:20.0919 0x108c  ================ Scan services =============================
15:35:21.0751 0x108c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
15:35:22.0032 0x108c  1394ohci - ok
15:35:22.0154 0x108c  [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon        C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
15:35:22.0233 0x108c  ACDaemon - ok
15:35:22.0298 0x108c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:35:22.0322 0x108c  ACPI - ok
15:35:22.0350 0x108c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
15:35:22.0589 0x108c  AcpiPmi - ok
15:35:22.0691 0x108c  [ 1474F121C3DF1232D3E7239C03691EE6, 26D0F55010CB7C51269D94ECB5C5AA94802607685B9E9791A78B643C6227214F ] AdobeActiveFileMonitor9.0 C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
15:35:22.0707 0x108c  AdobeActiveFileMonitor9.0 - ok
15:35:22.0805 0x108c  [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:35:22.0819 0x108c  AdobeARMservice - ok
15:35:23.0160 0x108c  [ 4ECFCAAE5CB380F58934F0DCF5F64E7F, D82B37E57D93484D7A3CB65470BCD54A578A695F0203A8DD441B1348C1EEA751 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:35:23.0222 0x108c  AdobeFlashPlayerUpdateSvc - ok
15:35:23.0473 0x108c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
15:35:23.0508 0x108c  adp94xx - ok
15:35:23.0571 0x108c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
15:35:23.0596 0x108c  adpahci - ok
15:35:23.0649 0x108c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
15:35:23.0668 0x108c  adpu320 - ok
15:35:23.0702 0x108c  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:35:23.0851 0x108c  AeLookupSvc - ok
15:35:23.0931 0x108c  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
15:35:24.0147 0x108c  AFD - ok
15:35:24.0187 0x108c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
15:35:24.0201 0x108c  agp440 - ok
15:35:24.0239 0x108c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
15:35:24.0439 0x108c  ALG - ok
15:35:24.0516 0x108c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:35:24.0528 0x108c  aliide - ok
15:35:24.0642 0x108c  [ 67D796466331935F831FB45E0E7B1AA8, 6D515902FC8B32E93A12CD822B4EC82088345EF151D65B18539AD154FBD03651 ] AllShare Framework DMS C:\Program Files\Samsung\AllShare Framework DMS\1.3.07\AllShareFrameworkManagerDMS.exe
15:35:24.0781 0x108c  AllShare Framework DMS - detected UnsignedFile.Multi.Generic ( 1 )
15:35:28.0520 0x108c  AllShare Framework DMS ( UnsignedFile.Multi.Generic ) - warning
15:35:31.0363 0x108c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
15:35:31.0376 0x108c  amdide - ok
15:35:31.0494 0x108c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
15:35:31.0562 0x108c  AmdK8 - ok
15:35:31.0689 0x108c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
15:35:31.0797 0x108c  AmdPPM - ok
15:35:32.0044 0x108c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
15:35:32.0059 0x108c  amdsata - ok
15:35:32.0255 0x108c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
15:35:32.0335 0x108c  amdsbs - ok
15:35:32.0420 0x108c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
15:35:32.0432 0x108c  amdxata - ok
15:35:32.0793 0x108c  [ FCFCD84A3F84375CF2EADA10650C3289, A5AC6E167C60451B2EC9561FA83C9DA5ADDF4152E1AD01A38C80D00B3118EE9A ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
15:35:32.0850 0x108c  AntiVirSchedulerService - ok
15:35:32.0920 0x108c  [ FCFCD84A3F84375CF2EADA10650C3289, A5AC6E167C60451B2EC9561FA83C9DA5ADDF4152E1AD01A38C80D00B3118EE9A ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
15:35:32.0948 0x108c  AntiVirService - ok
15:35:32.0976 0x108c  ApfiltrService - ok
15:35:33.0027 0x108c  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
15:35:33.0093 0x108c  AppID - ok
15:35:33.0125 0x108c  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:35:33.0205 0x108c  AppIDSvc - ok
15:35:33.0246 0x108c  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
15:35:33.0334 0x108c  Appinfo - ok
15:35:33.0654 0x108c  [ 6B73E94F9FE82D45781B8C8A09483082, C35EEAE7457168387A7C77A315524A3703ABDE49D9F23F59057315D9249D3473 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:35:33.0664 0x108c  Apple Mobile Device - ok
15:35:33.0703 0x108c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
15:35:33.0718 0x108c  arc - ok
15:35:33.0749 0x108c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
15:35:33.0764 0x108c  arcsas - ok
15:35:33.0795 0x108c  [ C130BC4A51B1382B2BE8E44579EC4C0A, CC1FD33ED7CAD87A504D8678F8482CAECACD18C727BB97FFB86F39255563EEF2 ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
15:35:33.0807 0x108c  ArcSoftKsUFilter - ok
15:35:33.0908 0x108c  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:35:34.0026 0x108c  aspnet_state - ok
15:35:34.0063 0x108c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:35:34.0227 0x108c  AsyncMac - ok
15:35:34.0302 0x108c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
15:35:34.0317 0x108c  atapi - ok
15:35:34.0347 0x108c  [ 50F257E19554421B6891E3F998EDCA90, 32D368632B714864D77C700B1115F4404EAA72C5F734BF6A2B96F48C3935A5D9 ] AthBTPort       C:\Windows\system32\DRIVERS\btath_flt.sys
15:35:34.0376 0x108c  AthBTPort - ok
15:35:34.0420 0x108c  [ 4119870B90E1B5E7797D6433D21F9216, 5CDA3748A6C89B1046173F20D857D164F4170A5028370B5BB9843212CEA86C8F ] ATHDFU          C:\Windows\System32\Drivers\AthDfu.sys
15:35:34.0468 0x108c  ATHDFU - ok
15:35:34.0536 0x108c  [ 650F111D5CDA64C10AE4B9D1BA9D4FFF, 99AD83993D724538687F084318404DBF314C2249AB593AF9DD3783B0AB6B3B25 ] Atheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
15:35:34.0556 0x108c  Atheros Bt&Wlan Coex Agent - detected UnsignedFile.Multi.Generic ( 1 )
15:35:37.0633 0x108c  Detect skipped due to KSN trusted
15:35:37.0633 0x108c  Atheros Bt&Wlan Coex Agent - ok
15:35:37.0811 0x108c  [ 4D643CD9E892E559355B7A77D532BD38, 1B820B0ECDC55C8F090D55B641267A79330684C20C483A66EF148A3F88638B4A ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
15:35:37.0840 0x108c  AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
15:35:40.0744 0x108c  Detect skipped due to KSN trusted
15:35:40.0744 0x108c  AtherosSvc - ok
15:35:41.0145 0x108c  [ C8679A07267F030704168E45E27C3D43, E682D9B6439D8F8ED17D9A5536154ED6BA99EE22DD4885CFB7F442D15BB81477 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
15:35:41.0347 0x108c  athr - ok
15:35:41.0666 0x108c  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:35:41.0867 0x108c  AudioEndpointBuilder - ok
15:35:41.0938 0x108c  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:35:42.0003 0x108c  AudioSrv - ok
15:35:42.0085 0x108c  [ 1B87A1F2FA5B91AC1A7D171B8D952441, 4CB21F6567021DAE6B2E35B9BA84D015580E2DDFEBEB1AA9637BD93F42883DD2 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
15:35:42.0102 0x108c  avgntflt - ok
15:35:42.0141 0x108c  [ AF61774060F277FE45CBD3A9A8E7D45A, 2F96DC9735BAF017603D72A258BF7A772BF8C4AFECB5AA0CAD8F8E3CCAA0F2B5 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
15:35:42.0159 0x108c  avipbb - ok
15:35:42.0303 0x108c  [ 485B85B3FF68FB7454984CB92A0532D9, 287F6C6ADF3D96C8AC1BD1FFAD82563DA72A26CF0DECDEA7E987A020EBE06552 ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
15:35:42.0360 0x108c  Avira.OE.ServiceHost - ok
15:35:42.0423 0x108c  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
15:35:42.0442 0x108c  avkmgr - ok
15:35:42.0584 0x108c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:35:42.0656 0x108c  AxInstSV - ok
15:35:42.0823 0x108c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
15:35:42.0915 0x108c  b06bdrv - ok
15:35:43.0025 0x108c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
15:35:43.0108 0x108c  b57nd60a - ok
15:35:43.0260 0x108c  [ 01A24B415926BB5F772DBE12459D97DE, 1FA2EEF283025D788051E6145DAEF26CB481F87F641156FC4D89B8DEE4B244A5 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
15:35:43.0277 0x108c  BBSvc - ok
15:35:43.0692 0x108c  [ 785DE7ABDA13309D6065305542829E76, 78F49A5349B66042836615EF99B4EB70FA708369D315D105513C04F33070D297 ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
15:35:43.0714 0x108c  BBUpdate - ok
15:35:43.0899 0x108c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:35:43.0959 0x108c  BDESVC - ok
15:35:44.0045 0x108c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:35:44.0126 0x108c  Beep - ok
15:35:44.0359 0x108c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
15:35:44.0455 0x108c  BFE - ok
15:35:44.0608 0x108c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
15:35:44.0732 0x108c  BITS - ok
15:35:44.0811 0x108c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
15:35:44.0864 0x108c  blbdrive - ok
15:35:45.0118 0x108c  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:35:45.0147 0x108c  Bonjour Service - ok
15:35:45.0218 0x108c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:35:45.0252 0x108c  bowser - ok
15:35:45.0301 0x108c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
15:35:45.0354 0x108c  BrFiltLo - ok
15:35:45.0385 0x108c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
15:35:45.0415 0x108c  BrFiltUp - ok
15:35:45.0895 0x108c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
15:35:45.0963 0x108c  Browser - ok
15:35:46.0065 0x108c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
15:35:46.0154 0x108c  Brserid - ok
15:35:46.0249 0x108c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:35:46.0279 0x108c  BrSerWdm - ok
15:35:46.0394 0x108c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:35:46.0443 0x108c  BrUsbMdm - ok
15:35:46.0476 0x108c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:35:46.0519 0x108c  BrUsbSer - ok
15:35:46.0696 0x108c  [ B3BCD755FA9A359D10208CC9F09847CC, 8DE11815A2C76051DFF0F68BC8CF38CADD7BCA3A75EED4CC03B38DEB9F658296 ] BTATH_A2DP      C:\Windows\system32\drivers\btath_a2dp.sys
15:35:46.0735 0x108c  BTATH_A2DP - ok
15:35:46.0803 0x108c  [ 9BBBA9D6DBDEFC8A6542BC7A6EBAF710, EE6932310F97F9DC07F8EC66B3939BA73FF8B7C7B9D84CE9852C85B770681A60 ] btath_avdt      C:\Windows\system32\drivers\btath_avdt.sys
15:35:46.0837 0x108c  btath_avdt - ok
15:35:46.0978 0x108c  [ D838DD1BCB328EFCFAD7A52DE9E3CAFD, A364C50240069D7606119E4FD3BC839F307947F680295C3A68AE1CE42B9A6108 ] BTATH_BUS       C:\Windows\system32\drivers\btath_bus.sys
15:35:47.0046 0x108c  BTATH_BUS - ok
15:35:47.0289 0x108c  [ A441B800E04CF8443FAF519207563ABB, AAA865453E000B38D4DCCB435731F3843394FFA224F577B88DBBB31256F1BC39 ] BTATH_HCRP      C:\Windows\system32\drivers\btath_hcrp.sys
15:35:47.0379 0x108c  BTATH_HCRP - ok
15:35:48.0432 0x108c  [ B16F8429A35BBA2A8EF9DB2E08675B97, B38952519A8AC2E0A211F685CB4AC453AA2885AA0DA39DBF92CE61FE649BC309 ] BTATH_LWFLT     C:\Windows\system32\DRIVERS\btath_lwflt.sys
15:35:48.0541 0x108c  BTATH_LWFLT - ok
15:35:48.0683 0x108c  [ C24231C6BDFE21735930084A22089AAB, DF5104AC26A8D3E1C204D479F32204FE66B225DBA7EFDAC7149A02D0B5CEB714 ] BTATH_RCP       C:\Windows\system32\drivers\btath_rcp.sys
15:35:48.0816 0x108c  BTATH_RCP - ok
15:35:49.0020 0x108c  [ 6C4911B6FB92984FBEF775674795CFA2, BA0BA9F482D5257BBEAF39F1F7251EFE9ACB8C32D8B070F7820202C9012E24FD ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
15:35:49.0114 0x108c  BtFilter - ok
15:35:49.0310 0x108c  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
15:35:49.0346 0x108c  BthEnum - ok
15:35:49.0441 0x108c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
15:35:49.0569 0x108c  BTHMODEM - ok
15:35:49.0639 0x108c  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
15:35:49.0998 0x108c  BthPan - ok
15:35:50.0190 0x108c  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
15:35:50.0309 0x108c  BTHPORT - ok
15:35:50.0340 0x108c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
15:35:50.0393 0x108c  bthserv - ok
15:35:50.0463 0x108c  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
15:35:50.0504 0x108c  BTHUSB - ok
15:35:50.0846 0x108c  [ 1F79342D9EB530A48742F651E570983A, 99E0B613C23FA8591E248DFA6FF2D3EE19E262BE6E070A0E43E256B69687017F ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
15:35:50.0964 0x108c  c2cautoupdatesvc - ok
15:35:51.0209 0x108c  [ E4938E0A376CF0B9D989EE5C0A146891, 9DF6AB5781CD60862D9664CA9A8AF0696A1FB6D09D804CD8DE9630F40DE59E90 ] c2cpnrsvc       C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
15:35:51.0319 0x108c  c2cpnrsvc - ok
15:35:51.0367 0x108c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:35:51.0485 0x108c  cdfs - ok
15:35:51.0634 0x108c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:35:51.0835 0x108c  cdrom - ok
15:35:51.0945 0x108c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
15:35:52.0014 0x108c  CertPropSvc - ok
15:35:52.0174 0x108c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
15:35:52.0250 0x108c  circlass - ok
15:35:52.0310 0x108c  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
15:35:52.0337 0x108c  CLFS - ok
15:35:52.0468 0x108c  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:35:52.0494 0x108c  clr_optimization_v2.0.50727_32 - ok
15:35:52.0605 0x108c  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:35:52.0627 0x108c  clr_optimization_v2.0.50727_64 - ok
15:35:52.0972 0x108c  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:35:53.0101 0x108c  clr_optimization_v4.0.30319_32 - ok
15:35:53.0154 0x108c  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:35:53.0287 0x108c  clr_optimization_v4.0.30319_64 - ok
15:35:53.0376 0x108c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
15:35:53.0409 0x108c  CmBatt - ok
15:35:53.0482 0x108c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:35:53.0497 0x108c  cmdide - ok
15:35:53.0599 0x108c  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
15:35:53.0674 0x108c  CNG - ok
15:35:54.0109 0x108c  [ 1F394DF3714ED4280047810790E6DF69, 92AD804E0F0559BF76EA8DAE038B4CDE4EBB4C4BD7A53913B714BF936B03B85E ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
15:35:54.0227 0x108c  CnxtHdAudService - ok
15:35:54.0345 0x108c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
15:35:54.0376 0x108c  Compbatt - ok
15:35:54.0468 0x108c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
15:35:54.0505 0x108c  CompositeBus - ok
15:35:54.0536 0x108c  COMSysApp - ok
15:35:54.0559 0x108c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
15:35:54.0573 0x108c  crcdisk - ok
15:35:54.0820 0x108c  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:35:54.0910 0x108c  CryptSvc - ok
15:35:55.0216 0x108c  [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
15:35:55.0287 0x108c  cvhsvc - ok
15:35:55.0465 0x108c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:35:55.0568 0x108c  DcomLaunch - ok
15:35:55.0660 0x108c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
15:35:55.0747 0x108c  defragsvc - ok
15:35:55.0818 0x108c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:35:55.0882 0x108c  DfsC - ok
15:35:55.0953 0x108c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:35:56.0074 0x108c  Dhcp - ok
15:35:56.0162 0x108c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
15:35:56.0229 0x108c  discache - ok
15:35:56.0370 0x108c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
15:35:56.0385 0x108c  Disk - ok
15:35:56.0468 0x108c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:35:56.0534 0x108c  Dnscache - ok
15:35:56.0618 0x108c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:35:56.0709 0x108c  dot3svc - ok
15:35:56.0916 0x108c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
15:35:57.0044 0x108c  DPS - ok
15:35:57.0197 0x108c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:35:57.0228 0x108c  drmkaud - ok
15:35:57.0472 0x108c  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:35:57.0665 0x108c  DXGKrnl - ok
15:35:57.0759 0x108c  [ 50AD8FC1DC800FF36087994C8F7FDFF2, E3DA8DCE76599E0E1F0D80AA1483D6BECFE0F7242147D986A6AF3A4362FC2C80 ] e1yexpress      C:\Windows\system32\DRIVERS\e1y60x64.sys
15:35:57.0860 0x108c  e1yexpress - ok
15:35:57.0904 0x108c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
15:35:58.0005 0x108c  EapHost - ok
15:35:58.0428 0x108c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
15:35:58.0724 0x108c  ebdrv - ok
15:35:58.0757 0x108c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
15:35:58.0832 0x108c  EFS - ok
15:35:59.0022 0x108c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:35:59.0192 0x108c  ehRecvr - ok
15:35:59.0224 0x108c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
15:35:59.0252 0x108c  ehSched - ok
15:35:59.0398 0x108c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
15:35:59.0474 0x108c  elxstor - ok
15:35:59.0504 0x108c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:35:59.0580 0x108c  ErrDev - ok
15:35:59.0788 0x108c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
15:35:59.0926 0x108c  EventSystem - ok
15:36:00.0019 0x108c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
15:36:00.0114 0x108c  exfat - ok
15:36:00.0197 0x108c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:36:00.0290 0x108c  fastfat - ok
15:36:00.0410 0x108c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
15:36:00.0513 0x108c  Fax - ok
15:36:00.0556 0x108c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
15:36:00.0663 0x108c  fdc - ok
15:36:00.0750 0x108c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
15:36:00.0823 0x108c  fdPHost - ok
15:36:00.0852 0x108c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:36:00.0943 0x108c  FDResPub - ok
15:36:00.0977 0x108c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:36:00.0999 0x108c  FileInfo - ok
15:36:01.0039 0x108c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:36:01.0129 0x108c  Filetrace - ok
15:36:01.0197 0x108c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
15:36:01.0236 0x108c  flpydisk - ok
15:36:01.0399 0x108c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:36:01.0432 0x108c  FltMgr - ok
15:36:01.0654 0x108c  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
15:36:01.0863 0x108c  FontCache - ok
15:36:01.0915 0x108c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:36:01.0936 0x108c  FontCache3.0.0.0 - ok
15:36:01.0965 0x108c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:36:01.0978 0x108c  FsDepends - ok
15:36:02.0010 0x108c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:36:02.0026 0x108c  Fs_Rec - ok
15:36:02.0118 0x108c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:36:02.0146 0x108c  fvevol - ok
15:36:02.0183 0x108c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
15:36:02.0197 0x108c  gagp30kx - ok
15:36:02.0243 0x108c  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:36:02.0255 0x108c  GEARAspiWDM - ok
15:36:02.0406 0x108c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
15:36:02.0565 0x108c  gpsvc - ok
15:36:02.0816 0x108c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:36:02.0836 0x108c  gupdate - ok
15:36:02.0935 0x108c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:36:02.0947 0x108c  gupdatem - ok
15:36:02.0998 0x108c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:36:03.0071 0x108c  hcw85cir - ok
15:36:03.0214 0x108c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:36:03.0381 0x108c  HdAudAddService - ok
15:36:03.0796 0x108c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
15:36:03.0872 0x108c  HDAudBus - ok
15:36:04.0038 0x108c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
15:36:04.0092 0x108c  HidBatt - ok
15:36:04.0140 0x108c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
15:36:04.0199 0x108c  HidBth - ok
15:36:04.0243 0x108c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
15:36:04.0272 0x108c  HidIr - ok
15:36:04.0323 0x108c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
15:36:04.0424 0x108c  hidserv - ok
15:36:04.0522 0x108c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
15:36:04.0551 0x108c  HidUsb - ok
15:36:04.0629 0x108c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:36:04.0679 0x108c  hkmsvc - ok
15:36:04.0703 0x108c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:36:04.0782 0x108c  HomeGroupListener - ok
15:36:04.0829 0x108c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:36:04.0871 0x108c  HomeGroupProvider - ok
15:36:04.0907 0x108c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:36:04.0924 0x108c  HpSAMD - ok
15:36:05.0050 0x108c  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:36:05.0148 0x108c  HTTP - ok
15:36:05.0209 0x108c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:36:05.0228 0x108c  hwpolicy - ok
15:36:05.0266 0x108c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
15:36:05.0288 0x108c  i8042prt - ok
15:36:05.0357 0x108c  [ F7CE9BE72EDAC499B713ECA6DAE5D26F, AF158C8ADF0815C406435AB051C8D8DD0ECBDBA8644CB75D7611980D70662193 ] iaStor          C:\Windows\system32\drivers\iaStor.sys
15:36:05.0387 0x108c  iaStor - ok
15:36:05.0755 0x108c  [ B25F192EA1F84A316EB7C19EFCCCF33D, 00BACE87CCA40722FF3AD7243439201CDCC23D0BA01E25F928BF63DA12816F8F ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
15:36:05.0770 0x108c  IAStorDataMgrSvc - ok
15:36:05.0855 0x108c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:36:05.0885 0x108c  iaStorV - ok
15:36:06.0556 0x108c  [ 6F3909A3D40CC9F4B28E03B027F918D8, D1C07E1AE91BB20948BB09FAB2D4BC2811A50BD621A4FB46CC713ABF84930194 ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
15:36:06.0723 0x108c  IconMan_R - detected UnsignedFile.Multi.Generic ( 1 )
15:36:09.0485 0x108c  Detect skipped due to KSN trusted
15:36:09.0486 0x108c  IconMan_R - ok
15:36:09.0581 0x108c  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:36:09.0818 0x108c  idsvc - ok
15:36:09.0879 0x108c  IEEtwCollectorService - ok
15:36:10.0064 0x108c  IePluginServices - ok
15:36:11.0168 0x108c  [ EFE5A0AF39A8E179624117C521F1E012, 185BB1106E42256A6E7C63B09737A7059DD14DEA7C1D85ADF66C50D63CFDA556 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
15:36:11.0842 0x108c  igfx - ok
15:36:11.0889 0x108c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
15:36:11.0903 0x108c  iirsp - ok
15:36:12.0049 0x108c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
15:36:12.0176 0x108c  IKEEXT - ok
15:36:12.0318 0x108c  [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
15:36:12.0357 0x108c  IntcDAud - ok
15:36:12.0391 0x108c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
15:36:12.0411 0x108c  intelide - ok
15:36:12.0477 0x108c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
15:36:12.0520 0x108c  intelppm - ok
15:36:12.0615 0x108c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:36:12.0687 0x108c  IPBusEnum - ok
15:36:12.0710 0x108c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:36:12.0751 0x108c  IpFilterDriver - ok
15:36:12.0873 0x108c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:36:12.0968 0x108c  iphlpsvc - ok
15:36:13.0016 0x108c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
15:36:13.0050 0x108c  IPMIDRV - ok
15:36:13.0076 0x108c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:36:13.0142 0x108c  IPNAT - ok
15:36:13.0335 0x108c  [ 0FA89CB1B99AD494CE36DD2DE717D696, 5B35B26C625306A7AD5A00FCAC46FD6D60061F1C8171352B5EF1C916A667AC92 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
15:36:13.0385 0x108c  iPod Service - ok
15:36:13.0478 0x108c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:36:13.0512 0x108c  IRENUM - ok
15:36:13.0552 0x108c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:36:13.0570 0x108c  isapnp - ok
15:36:13.0633 0x108c  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:36:13.0675 0x108c  iScsiPrt - ok
15:36:13.0756 0x108c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
15:36:13.0781 0x108c  kbdclass - ok
15:36:13.0852 0x108c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
15:36:13.0888 0x108c  kbdhid - ok
15:36:13.0922 0x108c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
15:36:13.0946 0x108c  KeyIso - ok
15:36:14.0006 0x108c  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:36:14.0029 0x108c  KSecDD - ok
15:36:14.0076 0x108c  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:36:14.0093 0x108c  KSecPkg - ok
15:36:14.0152 0x108c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:36:14.0244 0x108c  ksthunk - ok
15:36:14.0371 0x108c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:36:14.0525 0x108c  KtmRm - ok
15:36:14.0608 0x108c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:36:14.0695 0x108c  LanmanServer - ok
15:36:14.0730 0x108c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:36:14.0784 0x108c  LanmanWorkstation - ok
15:36:14.0840 0x108c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:36:14.0883 0x108c  lltdio - ok
15:36:14.0966 0x108c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:36:15.0219 0x108c  lltdsvc - ok
15:36:15.0249 0x108c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:36:15.0307 0x108c  lmhosts - ok
15:36:15.0407 0x108c  [ 98B16E756243BEA9410E32025B19C06F, C4F8663FF4C2F1123CC92D88004090AD06ED12FCD07706AE168333A33B269A53 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
15:36:15.0479 0x108c  LMS - ok
15:36:15.0532 0x108c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
15:36:15.0553 0x108c  LSI_FC - ok
15:36:15.0572 0x108c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
15:36:15.0592 0x108c  LSI_SAS - ok
15:36:15.0622 0x108c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
15:36:15.0640 0x108c  LSI_SAS2 - ok
15:36:15.0671 0x108c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
15:36:15.0688 0x108c  LSI_SCSI - ok
15:36:15.0745 0x108c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
15:36:15.0809 0x108c  luafv - ok
15:36:16.0067 0x108c  [ 1704A8189EE5580AB147CFD25C5C8770, DFA076FD36B5CC844D4BE3B865E9A1F809E14CCB1D78D82A2D8D8EE38210E6EB ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
15:36:16.0160 0x108c  McComponentHostService - ok
15:36:16.0244 0x108c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:36:16.0326 0x108c  Mcx2Svc - ok
15:36:16.0392 0x108c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
15:36:16.0409 0x108c  megasas - ok
15:36:16.0444 0x108c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
15:36:16.0483 0x108c  MegaSR - ok
15:36:16.0528 0x108c  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\drivers\HECIx64.sys
15:36:16.0549 0x108c  MEIx64 - ok
15:36:16.0592 0x108c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
15:36:16.0636 0x108c  MMCSS - ok
15:36:16.0667 0x108c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
15:36:16.0725 0x108c  Modem - ok
15:36:16.0772 0x108c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:36:16.0825 0x108c  monitor - ok
15:36:16.0858 0x108c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:36:16.0886 0x108c  mouclass - ok
15:36:16.0909 0x108c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:36:16.0950 0x108c  mouhid - ok
15:36:16.0968 0x108c  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:36:16.0983 0x108c  mountmgr - ok
15:36:17.0003 0x108c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:36:17.0022 0x108c  mpio - ok
15:36:17.0053 0x108c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:36:17.0102 0x108c  mpsdrv - ok
15:36:17.0157 0x108c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:36:17.0262 0x108c  MpsSvc - ok
15:36:17.0310 0x108c  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:36:17.0343 0x108c  MRxDAV - ok
15:36:17.0414 0x108c  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:36:17.0678 0x108c  mrxsmb - ok
15:36:17.0777 0x108c  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:36:17.0848 0x108c  mrxsmb10 - ok
15:36:17.0871 0x108c  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:36:17.0895 0x108c  mrxsmb20 - ok
15:36:17.0980 0x108c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:36:17.0998 0x108c  msahci - ok
15:36:18.0027 0x108c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:36:18.0044 0x108c  msdsm - ok
15:36:18.0064 0x108c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
15:36:18.0117 0x108c  MSDTC - ok
15:36:18.0175 0x108c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:36:18.0238 0x108c  Msfs - ok
15:36:18.0273 0x108c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:36:18.0344 0x108c  mshidkmdf - ok
15:36:18.0360 0x108c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:36:18.0374 0x108c  msisadrv - ok
15:36:18.0409 0x108c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:36:18.0498 0x108c  MSiSCSI - ok
15:36:18.0505 0x108c  msiserver - ok
15:36:18.0558 0x108c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:36:18.0615 0x108c  MSKSSRV - ok
15:36:18.0703 0x108c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:36:18.0761 0x108c  MSPCLOCK - ok
15:36:18.0773 0x108c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:36:18.0834 0x108c  MSPQM - ok
15:36:18.0915 0x108c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:36:18.0960 0x108c  MsRPC - ok
15:36:18.0998 0x108c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
15:36:19.0011 0x108c  mssmbios - ok
15:36:19.0078 0x108c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:36:19.0127 0x108c  MSTEE - ok
15:36:19.0147 0x108c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
15:36:19.0177 0x108c  MTConfig - ok
15:36:19.0206 0x108c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
15:36:19.0220 0x108c  Mup - ok
15:36:19.0287 0x108c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
15:36:19.0377 0x108c  napagent - ok
15:36:19.0435 0x108c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:36:19.0515 0x108c  NativeWifiP - ok
15:36:19.0675 0x108c  [ E59AFB64C2F6E0C99350E1C944C75088, 10A9044192D0A83857A57286EABB05037922860483DA2B05AFCC485A8311E4EF ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
15:36:19.0762 0x108c  NAUpdate - ok
15:36:19.0916 0x108c  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:36:19.0988 0x108c  NDIS - ok
15:36:20.0030 0x108c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:36:20.0102 0x108c  NdisCap - ok
15:36:20.0130 0x108c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:36:20.0178 0x108c  NdisTapi - ok
15:36:20.0206 0x108c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:36:20.0286 0x108c  Ndisuio - ok
15:36:20.0318 0x108c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:36:20.0384 0x108c  NdisWan - ok
15:36:20.0411 0x108c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:36:20.0456 0x108c  NDProxy - ok
15:36:20.0491 0x108c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:36:20.0549 0x108c  NetBIOS - ok
15:36:20.0588 0x108c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:36:20.0650 0x108c  NetBT - ok
15:36:20.0701 0x108c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
15:36:20.0714 0x108c  Netlogon - ok
15:36:20.0771 0x108c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
15:36:20.0849 0x108c  Netman - ok
15:36:20.0918 0x108c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:36:21.0103 0x108c  NetMsmqActivator - ok
15:36:21.0111 0x108c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:36:21.0130 0x108c  NetPipeActivator - ok
15:36:21.0202 0x108c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
15:36:21.0339 0x108c  netprofm - ok
15:36:21.0358 0x108c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:36:21.0377 0x108c  NetTcpActivator - ok
15:36:21.0402 0x108c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:36:21.0419 0x108c  NetTcpPortSharing - ok
15:36:21.0450 0x108c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
15:36:21.0463 0x108c  nfrd960 - ok
15:36:21.0489 0x108c  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:36:21.0514 0x108c  NlaSvc - ok
15:36:21.0536 0x108c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:36:21.0577 0x108c  Npfs - ok
15:36:21.0604 0x108c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
15:36:21.0644 0x108c  nsi - ok
15:36:21.0663 0x108c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:36:21.0756 0x108c  nsiproxy - ok
15:36:21.0976 0x108c  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:36:22.0066 0x108c  Ntfs - ok
15:36:22.0090 0x108c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
15:36:22.0154 0x108c  Null - ok
15:36:22.0683 0x108c  [ DD81FBC57AB9134CDDC5CE90880BFD80, 16DF4D9645238D1014FA9189FF171DCF7B7C7573F759B5AC73025518139D86B1 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:36:23.0207 0x108c  nvlddmkm - ok
15:36:23.0257 0x108c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:36:23.0275 0x108c  nvraid - ok
15:36:23.0312 0x108c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:36:23.0330 0x108c  nvstor - ok
15:36:23.0350 0x108c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:36:23.0368 0x108c  nv_agp - ok
15:36:23.0391 0x108c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:36:23.0437 0x108c  ohci1394 - ok
15:36:23.0494 0x108c  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:36:23.0540 0x108c  ose - ok
15:36:23.0822 0x108c  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:36:24.0270 0x108c  osppsvc - ok
15:36:24.0397 0x108c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:36:24.0449 0x108c  p2pimsvc - ok
15:36:24.0499 0x108c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
15:36:24.0570 0x108c  p2psvc - ok
15:36:24.0603 0x108c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
15:36:24.0670 0x108c  Parport - ok
15:36:24.0709 0x108c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:36:24.0723 0x108c  partmgr - ok
15:36:24.0765 0x108c  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:36:24.0804 0x108c  PcaSvc - ok
15:36:24.0856 0x108c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
15:36:24.0889 0x108c  pci - ok
15:36:24.0924 0x108c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
15:36:24.0948 0x108c  pciide - ok
15:36:24.0987 0x108c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
15:36:25.0025 0x108c  pcmcia - ok
15:36:25.0053 0x108c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
15:36:25.0067 0x108c  pcw - ok
15:36:25.0110 0x108c  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:36:25.0190 0x108c  PEAUTH - ok
15:36:25.0448 0x108c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:36:25.0503 0x108c  PerfHost - ok
15:36:25.0690 0x108c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
15:36:26.0003 0x108c  pla - ok
15:36:26.0090 0x108c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:36:26.0176 0x108c  PlugPlay - ok
15:36:26.0276 0x108c  [ 63694C307273062A2167AE4CE80730EF, 788E762D02A8BE9802143361A5768364A994B20E769A9733FA5827F526432893 ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
15:36:26.0309 0x108c  PMBDeviceInfoProvider - ok
15:36:26.0336 0x108c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:36:26.0456 0x108c  PNRPAutoReg - ok
15:36:26.0498 0x108c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:36:26.0561 0x108c  PNRPsvc - ok
15:36:26.0613 0x108c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:36:26.0767 0x108c  PolicyAgent - ok
15:36:26.0883 0x108c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
15:36:26.0992 0x108c  Power - ok
15:36:27.0086 0x108c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:36:27.0179 0x108c  PptpMiniport - ok
15:36:27.0201 0x108c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
15:36:27.0288 0x108c  Processor - ok
15:36:27.0350 0x108c  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
15:36:27.0496 0x108c  ProfSvc - ok
15:36:27.0589 0x108c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:36:27.0606 0x108c  ProtectedStorage - ok
15:36:27.0669 0x108c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:36:27.0724 0x108c  Psched - ok
15:36:27.0762 0x108c  [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
15:36:27.0778 0x108c  PxHlpa64 - ok
15:36:27.0858 0x108c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
15:36:27.0976 0x108c  ql2300 - ok
15:36:28.0037 0x108c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
15:36:28.0053 0x108c  ql40xx - ok
15:36:28.0091 0x108c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
15:36:28.0141 0x108c  QWAVE - ok
15:36:28.0170 0x108c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:36:28.0241 0x108c  QWAVEdrv - ok
15:36:28.0264 0x108c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:36:28.0366 0x108c  RasAcd - ok
15:36:28.0415 0x108c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
15:36:28.0454 0x108c  RasAgileVpn - ok
15:36:28.0490 0x108c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
15:36:28.0571 0x108c  RasAuto - ok
15:36:28.0622 0x108c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:36:28.0692 0x108c  Rasl2tp - ok
15:36:28.0744 0x108c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
15:36:28.0871 0x108c  RasMan - ok
15:36:28.0906 0x108c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:36:29.0004 0x108c  RasPppoe - ok
15:36:29.0023 0x108c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:36:29.0083 0x108c  RasSstp - ok
15:36:29.0115 0x108c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:36:29.0201 0x108c  rdbss - ok
15:36:29.0234 0x108c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
15:36:29.0279 0x108c  rdpbus - ok
15:36:29.0304 0x108c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:36:29.0344 0x108c  RDPCDD - ok
15:36:29.0365 0x108c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:36:29.0503 0x108c  RDPENCDD - ok
15:36:29.0548 0x108c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:36:29.0652 0x108c  RDPREFMP - ok
15:36:29.0985 0x108c  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:36:30.0187 0x108c  RdpVideoMiniport - ok
15:36:30.0368 0x108c  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:36:30.0517 0x108c  RDPWD - ok
15:36:30.0603 0x108c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:36:30.0634 0x108c  rdyboost - ok
15:36:30.0705 0x108c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:36:30.0794 0x108c  RemoteAccess - ok
15:36:30.0898 0x108c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:36:30.0981 0x108c  RemoteRegistry - ok
15:36:31.0067 0x108c  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
15:36:31.0108 0x108c  RFCOMM - ok
15:36:31.0155 0x108c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:36:31.0245 0x108c  RpcEptMapper - ok
15:36:31.0271 0x108c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
15:36:31.0311 0x108c  RpcLocator - ok
15:36:31.0361 0x108c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
15:36:31.0458 0x108c  RpcSs - ok
15:36:31.0566 0x108c  [ 546D7F426776090B90EF5F195B6AE662, E67598E1CA5F98184DD7380E7AFD65C18C99EDC3326909EBFF2A61F95C3A027D ] RSPCIESTOR      C:\Windows\system32\DRIVERS\RtsPStor.sys
15:36:31.0645 0x108c  RSPCIESTOR - ok
15:36:31.0687 0x108c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:36:31.0740 0x108c  rspndr - ok
15:36:31.0925 0x108c  [ EA5532868BA76923D75BCB2A1448D810, C1489714C9BC95BB76134E6B8F28C5A3D044E9B2857F01BFEEEE7C8A25C74E7D ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
15:36:31.0980 0x108c  RTL8167 - ok
15:36:32.0014 0x108c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
15:36:32.0079 0x108c  SamSs - ok
15:36:32.0279 0x108c  [ EB9E44092535C0978D37E048EC91C725, 5ADACE86C440FD8FBCE837E77AC022977F4E0863117AE9456E364A42ECA9865B ] Samsung Link Service C:\Program Files\Samsung\Samsung Link\Samsung Link Service.exe
15:36:32.0356 0x108c  Samsung Link Service - ok
15:36:32.0400 0x108c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:36:32.0426 0x108c  sbp2port - ok
15:36:32.0450 0x108c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:36:32.0531 0x108c  SCardSvr - ok
15:36:32.0550 0x108c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:36:32.0654 0x108c  scfilter - ok
15:36:32.0889 0x108c  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
15:36:33.0105 0x108c  Schedule - ok
15:36:33.0182 0x108c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:36:33.0291 0x108c  SCPolicySvc - ok
15:36:33.0334 0x108c  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
15:36:33.0399 0x108c  sdbus - ok
15:36:33.0448 0x108c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:36:33.0559 0x108c  SDRSVC - ok
15:36:33.0581 0x108c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:36:33.0644 0x108c  secdrv - ok
15:36:33.0665 0x108c  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
15:36:33.0791 0x108c  seclogon - ok
15:36:33.0816 0x108c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
15:36:33.0884 0x108c  SENS - ok
15:36:33.0931 0x108c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:36:33.0975 0x108c  SensrSvc - ok
15:36:34.0009 0x108c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
15:36:34.0033 0x108c  Serenum - ok
15:36:34.0064 0x108c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
15:36:34.0092 0x108c  Serial - ok
15:36:34.0110 0x108c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
15:36:34.0143 0x108c  sermouse - ok
15:36:34.0178 0x108c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
15:36:34.0229 0x108c  SessionEnv - ok
15:36:34.0268 0x108c  [ 286D3889E6AB5589646FF8A63CB928AE, 98D9D34521328F4F0B0B7C2CAB97BA0EC998B9F3F996B5ED08E17292F1CD9452 ] SFEP            C:\Windows\system32\drivers\SFEP.sys
15:36:34.0293 0x108c  SFEP - ok
15:36:34.0307 0x108c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:36:34.0331 0x108c  sffdisk - ok
15:36:34.0351 0x108c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:36:34.0392 0x108c  sffp_mmc - ok
15:36:34.0442 0x108c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:36:34.0479 0x108c  sffp_sd - ok
15:36:34.0503 0x108c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
15:36:34.0529 0x108c  sfloppy - ok
15:36:34.0651 0x108c  [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
15:36:34.0710 0x108c  Sftfs - ok
15:36:34.0850 0x108c  [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
15:36:35.0007 0x108c  sftlist - ok
15:36:35.0114 0x108c  [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
15:36:35.0157 0x108c  Sftplay - ok
15:36:35.0178 0x108c  [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
15:36:35.0191 0x108c  Sftredir - ok
15:36:35.0232 0x108c  [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
15:36:35.0248 0x108c  Sftvol - ok
15:36:35.0282 0x108c  [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
15:36:35.0305 0x108c  sftvsa - ok
15:36:35.0353 0x108c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:36:35.0438 0x108c  SharedAccess - ok
15:36:35.0492 0x108c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:36:35.0556 0x108c  ShellHWDetection - ok
15:36:35.0592 0x108c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
15:36:35.0606 0x108c  SiSRaid2 - ok
15:36:35.0628 0x108c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
15:36:35.0644 0x108c  SiSRaid4 - ok
15:36:35.0910 0x108c  [ 388AE59FE75F1B959DFA0900923C61BB, 0D47F8B4B4FBE5BF041DBE75B0A14D905E9310FFA6F0160746455B38A349EA54 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
15:36:36.0076 0x108c  Skype C2C Service - ok
15:36:36.0114 0x108c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:36:36.0182 0x108c  Smb - ok
15:36:36.0244 0x108c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:36:36.0264 0x108c  SNMPTRAP - ok
15:36:36.0372 0x108c  [ DDF2EC98AF6FC70608A4F9CE4DB52758, A3F18822C9D0EE508CCAA5323937D631950320D9642C46FD93DB764A06A78F0D ] SOHCImp         C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
15:36:36.0388 0x108c  SOHCImp - ok
15:36:36.0406 0x108c  [ 5FA03F5EA6EFEF6D17B4A1A48C40A23C, E99AD063DA8E89ECD2993D1B1AAB346A3EB4E48D687E7378C03037DD00600BB8 ] SOHDs           C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
15:36:36.0417 0x108c  SOHDs - ok
15:36:36.0494 0x108c  [ 65E5659E9C2A0762D05657C0E22A7CA2, A6EE72878CFA901A94485C7BEC7675702ED207DB54F5A8ED70835B6A8A8F5754 ] SpfService      C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
15:36:36.0514 0x108c  SpfService - ok
15:36:36.0539 0x108c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:36:36.0555 0x108c  spldr - ok
15:36:36.0643 0x108c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
15:36:36.0732 0x108c  Spooler - ok
15:36:36.0929 0x108c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
15:36:37.0257 0x108c  sppsvc - ok
15:36:37.0280 0x108c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
15:36:37.0333 0x108c  sppuinotify - ok
15:36:37.0406 0x108c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:36:37.0457 0x108c  srv - ok
15:36:37.0493 0x108c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:36:37.0522 0x108c  srv2 - ok
15:36:37.0550 0x108c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:36:37.0572 0x108c  srvnet - ok
15:36:37.0621 0x108c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:36:37.0669 0x108c  SSDPSRV - ok
15:36:37.0720 0x108c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:36:37.0764 0x108c  SstpSvc - ok
15:36:37.0794 0x108c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
15:36:37.0810 0x108c  stexstor - ok
15:36:37.0863 0x108c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
15:36:37.0966 0x108c  stisvc - ok
15:36:37.0987 0x108c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
15:36:38.0000 0x108c  swenum - ok
15:36:38.0099 0x108c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
15:36:38.0212 0x108c  swprv - ok
15:36:38.0297 0x108c  [ B54FD2CFB84FAC78D136434530461BA4, 5FEDAD9CD96B73ABA43223CAA66CFF981C09CFE188BFBEA2BE9018663A9444F0 ] SXDS10          C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe
15:36:38.0347 0x108c  SXDS10 - ok
15:36:38.0458 0x108c  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
15:36:38.0596 0x108c  SysMain - ok
15:36:38.0619 0x108c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:36:38.0653 0x108c  TabletInputService - ok
15:36:38.0693 0x108c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:36:38.0800 0x108c  TapiSrv - ok
15:36:38.0821 0x108c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
15:36:38.0887 0x108c  TBS - ok
15:36:38.0997 0x108c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:36:39.0107 0x108c  Tcpip - ok
15:36:39.0201 0x108c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:36:39.0267 0x108c  TCPIP6 - ok
15:36:39.0347 0x108c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:36:39.0366 0x108c  tcpipreg - ok
15:36:39.0419 0x108c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:36:39.0468 0x108c  TDPIPE - ok
15:36:39.0489 0x108c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:36:39.0509 0x108c  TDTCP - ok
15:36:39.0548 0x108c  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:36:39.0614 0x108c  tdx - ok
15:36:39.0639 0x108c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
15:36:39.0657 0x108c  TermDD - ok
15:36:39.0824 0x108c  [ 4FC4C50985E5B840F4D72E57286887B8, 0BCBB4A938803AE3A3532B6D8FFC85594AA9AEF5D8F9792684841BEA8780AE9E ] TermService     C:\Windows\System32\termsrv.dll
15:36:39.0895 0x108c  TermService - ok
15:36:39.0930 0x108c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
15:36:39.0950 0x108c  Themes - ok
15:36:39.0977 0x108c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
15:36:40.0020 0x108c  THREADORDER - ok
15:36:40.0065 0x108c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
15:36:40.0121 0x108c  TrkWks - ok
15:36:40.0174 0x108c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:36:40.0220 0x108c  TrustedInstaller - ok
15:36:40.0268 0x108c  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:36:40.0295 0x108c  tssecsrv - ok
15:36:40.0362 0x108c  [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:36:40.0444 0x108c  TsUsbFlt - ok
15:36:40.0478 0x108c  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
15:36:40.0518 0x108c  TsUsbGD - ok
15:36:40.0552 0x108c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:36:40.0613 0x108c  tunnel - ok
15:36:40.0651 0x108c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
15:36:40.0665 0x108c  uagp35 - ok
15:36:40.0722 0x108c  [ 1FE69F3C1CA1CF4B7EC7E2E9090FFFDC, 30BD61BA46955BD6A48EC78538FAAB46026DD048347F8280352335EB0ECE16AD ] uCamMonitor     C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
15:36:40.0737 0x108c  uCamMonitor - ok
15:36:40.0783 0x108c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:36:40.0863 0x108c  udfs - ok
15:36:40.0909 0x108c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:36:40.0942 0x108c  UI0Detect - ok
15:36:40.0987 0x108c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:36:41.0001 0x108c  uliagpkx - ok
15:36:41.0034 0x108c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
15:36:41.0066 0x108c  umbus - ok
15:36:41.0084 0x108c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
15:36:41.0115 0x108c  UmPass - ok
15:36:41.0273 0x108c  [ 7A78ED1088890114DFDE2C4AB038D6B6, B52357594A90A8BCF5F96FA630F52BB1274A2FE814AF0270D21C892871D076FC ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
15:36:41.0421 0x108c  UNS - ok
15:36:41.0464 0x108c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
15:36:41.0546 0x108c  upnphost - ok
15:36:41.0604 0x108c  [ FB251567F41BC61988B26731DEC19E4B, 6A535F5A18EB43DD2E18AF0A05301630A1D1484B7D85DA79A7CD122DA4D018E2 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
15:36:41.0621 0x108c  USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 )
15:36:51.0622 0x108c  USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
15:36:56.0408 0x108c  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:36:56.0452 0x108c  usbccgp - ok
15:36:56.0504 0x108c  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:36:56.0553 0x108c  usbcir - ok
15:36:56.0593 0x108c  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
15:36:56.0625 0x108c  usbehci - ok
15:36:56.0662 0x108c  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:36:56.0711 0x108c  usbhub - ok
15:36:56.0744 0x108c  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
15:36:56.0763 0x108c  usbohci - ok
15:36:56.0794 0x108c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
15:36:56.0819 0x108c  usbprint - ok
15:36:56.0879 0x108c  [ AAA2513C8AED8B54B189FD0C6B1634C0, 02FEE0B756AA559C29477A19861AC16D5A3152DC3C897C7D466423438B6A5E42 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
15:36:56.0897 0x108c  usbscan - ok
15:36:56.0966 0x108c  [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser          C:\Windows\system32\drivers\usbser.sys
15:36:57.0003 0x108c  usbser - ok
15:36:57.0024 0x108c  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:36:57.0065 0x108c  USBSTOR - ok
15:36:57.0115 0x108c  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
15:36:57.0128 0x108c  usbuhci - ok
15:36:57.0229 0x108c  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
15:36:57.0270 0x108c  usbvideo - ok
15:36:57.0372 0x108c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
15:36:57.0455 0x108c  UxSms - ok
15:36:57.0574 0x108c  [ DCB1F83AD167D16D263CE57C94E9EEDF, 2389268A1F83F0D354111553FB5F48E77A8FE4C0A1C22376A313A961252ED259 ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
15:36:57.0591 0x108c  VAIO Event Service - ok
15:36:57.0622 0x108c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
15:36:57.0641 0x108c  VaultSvc - ok
15:36:57.0771 0x108c  [ D00058C1FFF3F3DE990444A5734E9639, 450192C5F458888D71328994E29A6CB0E04F387BF63D49E7EABA1E1AECD680F9 ] VCFw            C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
15:36:57.0874 0x108c  VCFw - ok
15:36:57.0972 0x108c  [ 4B7ED2D6F738219068361BB14D19CBDE, 20A41B2D6F8423839D455A87FEDA646FFBF4CFD95928C2D410E77396CC675373 ] VcmIAlzMgr      C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
15:36:58.0022 0x108c  VcmIAlzMgr - ok
15:36:58.0074 0x108c  [ 2F06D134554BA84FE253DBC481DCFE6D, A88780610A1B4FAFF1818CF3D86AC83B27DDDCD9CDB9F1A38C5BBFEE5632CF5E ] VcmINSMgr       C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
15:36:58.0113 0x108c  VcmINSMgr - ok
15:36:58.0148 0x108c  [ 32A3735F6874B7783C6209ED5CA36D9D, B6DA3D749A000D99B6F0BF475C47AC0867595B634CC6502C8758B241759F531C ] VcmXmlIfHelper  C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
15:36:58.0169 0x108c  VcmXmlIfHelper - ok
15:36:58.0195 0x108c  [ D347D3ABE070AA09C22FC37121555D52, EE62F6A3489AAA54A5E3BD6264C473EF091CF848F9047A8446D2947D79B0A672 ] VCService       C:\Program Files\Sony\VAIO Care\VCService.exe
15:36:58.0206 0x108c  VCService - ok
15:36:58.0240 0x108c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:36:58.0252 0x108c  vdrvroot - ok
15:36:58.0315 0x108c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
15:36:58.0381 0x108c  vds - ok
15:36:58.0414 0x108c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:36:58.0432 0x108c  vga - ok
15:36:58.0455 0x108c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:36:58.0512 0x108c  VgaSave - ok
15:36:58.0539 0x108c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
15:36:58.0558 0x108c  vhdmp - ok
15:36:58.0594 0x108c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:36:58.0609 0x108c  viaide - ok
15:36:58.0637 0x108c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:36:58.0651 0x108c  volmgr - ok
15:36:58.0681 0x108c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:36:58.0715 0x108c  volmgrx - ok
15:36:58.0755 0x108c  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:36:58.0778 0x108c  volsnap - ok
15:36:58.0842 0x108c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
15:36:58.0877 0x108c  vsmraid - ok
15:36:59.0043 0x108c  [ 0ED394BFBA3EB4740F063E0BA5EC7104, F8555E976DC72423D760322107A4470A7938CEAC8BE81E4B83EFCD2FA4A21816 ] VSNService      C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
15:36:59.0127 0x108c  VSNService - ok
15:36:59.0231 0x108c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
15:36:59.0458 0x108c  VSS - ok
15:36:59.0629 0x108c  [ 630BC8454C8F1398CE4FAEA1FBF62789, 5868EEC4859B0D3652D0874A2251D33A7797B21645172C2171C348894A3461D2 ] VUAgent         C:\Program Files\Sony\VAIO Update\VUAgent.exe
15:36:59.0705 0x108c  VUAgent - ok
15:36:59.0738 0x108c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
15:36:59.0765 0x108c  vwifibus - ok
15:36:59.0813 0x108c  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
15:36:59.0833 0x108c  vwififlt - ok
15:36:59.0868 0x108c  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
15:36:59.0897 0x108c  vwifimp - ok
15:36:59.0931 0x108c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
15:36:59.0993 0x108c  W32Time - ok
15:37:00.0019 0x108c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
15:37:00.0045 0x108c  WacomPen - ok
15:37:00.0074 0x108c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:37:00.0136 0x108c  WANARP - ok
15:37:00.0160 0x108c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:37:00.0199 0x108c  Wanarpv6 - ok
15:37:00.0324 0x108c  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
15:37:00.0451 0x108c  WatAdminSvc - ok
15:37:00.0526 0x108c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
15:37:00.0678 0x108c  wbengine - ok
15:37:00.0705 0x108c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:37:00.0744 0x108c  WbioSrvc - ok
15:37:00.0779 0x108c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:37:00.0842 0x108c  wcncsvc - ok
15:37:00.0869 0x108c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:37:00.0928 0x108c  WcsPlugInService - ok
15:37:00.0974 0x108c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
15:37:00.0986 0x108c  Wd - ok
15:37:01.0043 0x108c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:37:01.0098 0x108c  Wdf01000 - ok
15:37:01.0137 0x108c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:37:01.0235 0x108c  WdiServiceHost - ok
15:37:01.0245 0x108c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:37:01.0267 0x108c  WdiSystemHost - ok
15:37:01.0369 0x108c  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
15:37:01.0450 0x108c  WebClient - ok
15:37:01.0483 0x108c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:37:01.0557 0x108c  Wecsvc - ok
15:37:01.0587 0x108c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:37:01.0632 0x108c  wercplsupport - ok
15:37:01.0674 0x108c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:37:01.0718 0x108c  WerSvc - ok
15:37:01.0745 0x108c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:37:01.0784 0x108c  WfpLwf - ok
15:37:01.0814 0x108c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:37:01.0827 0x108c  WIMMount - ok
15:37:01.0862 0x108c  WinDefend - ok
15:37:01.0883 0x108c  WinHttpAutoProxySvc - ok
15:37:01.0936 0x108c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:37:02.0031 0x108c  Winmgmt - ok
15:37:02.0170 0x108c  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
15:37:02.0349 0x108c  WinRM - ok
15:37:02.0430 0x108c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
15:37:02.0458 0x108c  WinUsb - ok
15:37:02.0519 0x108c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:37:02.0638 0x108c  Wlansvc - ok
15:37:02.0691 0x108c  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:37:02.0709 0x108c  wlcrasvc - ok
15:37:02.0833 0x108c  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:37:02.0945 0x108c  wlidsvc - ok
15:37:02.0967 0x108c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
15:37:03.0009 0x108c  WmiAcpi - ok
15:37:03.0054 0x108c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:37:03.0092 0x108c  wmiApSrv - ok
15:37:03.0136 0x108c  WMPNetworkSvc - ok
15:37:03.0164 0x108c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:37:03.0206 0x108c  WPCSvc - ok
15:37:03.0224 0x108c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:37:03.0250 0x108c  WPDBusEnum - ok
15:37:03.0282 0x108c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:37:03.0332 0x108c  ws2ifsl - ok
15:37:03.0359 0x108c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
15:37:03.0401 0x108c  wscsvc - ok
15:37:03.0417 0x108c  WSearch - ok
15:37:03.0550 0x108c  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:37:03.0689 0x108c  wuauserv - ok
15:37:03.0742 0x108c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:37:03.0808 0x108c  WudfPf - ok
15:37:03.0854 0x108c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:37:03.0895 0x108c  WUDFRd - ok
15:37:03.0940 0x108c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:37:04.0007 0x108c  wudfsvc - ok
15:37:04.0060 0x108c  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:37:04.0120 0x108c  WwanSvc - ok
15:37:04.0177 0x108c  [ 64BDF610DF79A733A6F32FB85895D251, 55F656E6FB9B9DC2532E5E3257505CB18E3241BC7C497F5801140A873B83F93D ] zte_cdc_acm     C:\Windows\system32\DRIVERS\zte_cdc_acm.sys
15:37:04.0198 0x108c  zte_cdc_acm - detected UnsignedFile.Multi.Generic ( 1 )
15:37:06.0982 0x108c  Detect skipped due to KSN trusted
15:37:06.0982 0x108c  zte_cdc_acm - ok
15:37:07.0041 0x108c  [ 133DAC1A4B6727168793EBBE7D05FFE3, 205BCF0343663B28D355F73D11C86CA2F9C4A0668E8E7A6B9C5FA4F474436F1B ] zte_cdc_ecm     C:\Windows\system32\DRIVERS\zte_cdc_ecm.sys
15:37:07.0080 0x108c  zte_cdc_ecm - detected UnsignedFile.Multi.Generic ( 1 )
15:37:09.0833 0x108c  Detect skipped due to KSN trusted
15:37:09.0833 0x108c  zte_cdc_ecm - ok
15:37:09.0901 0x108c  [ D29A8421C4C685B47B6A74A68AA2B1AE, EFBBA5D870BDAE2F33DB890B8011924279793F2640B7CC3B0C67A7748DA52D0E ] zte_cpo         C:\Windows\system32\DRIVERS\zte_cpo.sys
15:37:09.0918 0x108c  zte_cpo - detected UnsignedFile.Multi.Generic ( 1 )
15:37:12.0676 0x108c  Detect skipped due to KSN trusted
15:37:12.0677 0x108c  zte_cpo - ok
15:37:12.0793 0x108c  [ F86B43A522D9D986D2538EADC90388C2, 0D1E7260E5F945058360892A437D2AF448FE7198CC562D7B2C997C4D90488F7F ] zte_ecm_enum    C:\Windows\system32\DRIVERS\zte_ecm_enum.sys
15:37:12.0809 0x108c  zte_ecm_enum - detected UnsignedFile.Multi.Generic ( 1 )
15:37:15.0598 0x108c  Detect skipped due to KSN trusted
15:37:15.0598 0x108c  zte_ecm_enum - ok
15:37:15.0636 0x108c  [ F86B43A522D9D986D2538EADC90388C2, 0D1E7260E5F945058360892A437D2AF448FE7198CC562D7B2C997C4D90488F7F ] zte_ecm_enum_filter C:\Windows\system32\DRIVERS\zte_ecm_enum_filter.sys
15:37:15.0643 0x108c  zte_ecm_enum_filter - detected UnsignedFile.Multi.Generic ( 1 )
15:37:15.0643 0x108c  Detect skipped due to KSN trusted
15:37:15.0643 0x108c  zte_ecm_enum_filter - ok
15:37:15.0671 0x108c  ================ Scan global ===============================
15:37:15.0700 0x108c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
15:37:15.0750 0x108c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
15:37:15.0783 0x108c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
15:37:15.0820 0x108c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
15:37:15.0859 0x108c  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
15:37:15.0881 0x108c  [ Global ] - ok
15:37:15.0884 0x108c  ================ Scan MBR ==================================
15:37:15.0898 0x108c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:37:16.0192 0x108c  \Device\Harddisk0\DR0 - ok
15:37:16.0195 0x108c  ================ Scan VBR ==================================
15:37:16.0223 0x108c  [ 17E4E9336971E6A27C013BBE38BD2E65 ] \Device\Harddisk0\DR0\Partition1
15:37:16.0225 0x108c  \Device\Harddisk0\DR0\Partition1 - ok
15:37:16.0232 0x108c  [ 3269B3F96ECBC4F83615E362A583E3DC ] \Device\Harddisk0\DR0\Partition2
15:37:16.0234 0x108c  \Device\Harddisk0\DR0\Partition2 - ok
15:37:16.0236 0x108c  ================ Scan generic autorun ======================
15:37:16.0290 0x108c  [ 7D1B808410A734E427A229B31EAE8891, 36BB31B9119062A53D2AB6CCBFF820D8195776836D84AF7008CE1F18D2519009 ] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
15:37:16.0336 0x108c  cAudioFilterAgent - ok
15:37:16.0396 0x108c  [ B6B8B397608F2889F6BEC3B4EBE508BC, 12BF8E5AEB930B0667D913C3C829EB90C744CA92A7DE1EECFAF4BA0C01C24450 ] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
15:37:16.0472 0x108c  AtherosBtStack - detected UnsignedFile.Multi.Generic ( 1 )
15:37:19.0217 0x108c  Detect skipped due to KSN trusted
15:37:19.0217 0x108c  AtherosBtStack - ok
15:37:19.0347 0x108c  [ 28134B8E1660951DBD4D400A33D9ED85, 35E524678992A02DA2334FC94A89BBBE3C644E7068F07DF16973AAE4CA51888B ] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
15:37:19.0396 0x108c  AthBtTray - detected UnsignedFile.Multi.Generic ( 1 )
15:37:22.0319 0x108c  Detect skipped due to KSN trusted
15:37:22.0319 0x108c  AthBtTray - ok
15:37:22.0357 0x108c  [ F3D6BB4A1438BA85CFA53037BB46A17F, A85052121EC3788849F4C8FEB10DB10FB65C00C0CC841E1B58C56F2F8F413E5B ] C:\Windows\system32\igfxtray.exe
15:37:22.0374 0x108c  IgfxTray - ok
15:37:22.0404 0x108c  [ 6AC7F2CCB2BE55670CD907507D8B9F11, 12E53954A898F5A42ECA6B6476655751D6135D596BBB55BB3FFF8D4D0C64BC14 ] C:\Windows\system32\hkcmd.exe
15:37:22.0436 0x108c  HotKeysCmds - ok
15:37:22.0465 0x108c  [ BDEDDD060A654205F155C94D7DECD936, 96FF8637582F00AC9CCE20126249459081E26E9E99C20EBDE261E045907EBA52 ] C:\Windows\system32\igfxpers.exe
15:37:22.0513 0x108c  Persistence - ok
15:37:22.0599 0x108c  [ BB7481A1306823D1B6592263F1AB8DD7, 2D48A5DD217D81E99D134580721A1BC65EEFFB22FE9D2C03EAA3D9879F86A5D5 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
15:37:22.0641 0x108c  AdobeAAMUpdater-1.0 - ok
15:37:22.0708 0x108c  [ 844B844AC32D7E96E8C730CC34CAE6C5, 3297A9F21EE69EF4615F5077AD231FA474728BE144596ABC7F689ED645E995C4 ] C:\Program Files\Samsung\Samsung Link\utils\Samsung Link Launcher.exe
15:37:22.0741 0x108c  Samsung Link - ok
15:37:23.0096 0x108c  [ C0B97E53A0E39A48EEA2DCD500EEA07A, 111FBD91850E52E61E6A4D8065BF56C9C6B89C55BA6312F726125F1CE4B09EE1 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
15:37:23.0126 0x108c  IAStorIcon - ok
15:37:23.0274 0x108c  [ 440699F90786EF6A7722B4417BB0F5C7, 75C8743E944E847541848AE972B90480AD33CA7607ECA9D4FF4C90D442AEC8FB ] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
15:37:23.0448 0x108c  ISBMgr.exe - ok
15:37:23.0524 0x108c  [ 48B9248CED8A5DE4EB0917CB676CB8D5, E39AF20AE2D8B768C9E6CD060BEB7E24F71B1398472274BA7178AB9ADF8A3248 ] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
15:37:23.0568 0x108c  PMBVolumeWatcher - ok
15:37:23.0606 0x108c  mobilegeni daemon - ok
15:37:23.0714 0x108c  [ 603668084332DDB58D8C5AACE30B04FC, B6FA6BBE18D433F41F96640726444B7CB9D669BAE87A545E1408391B9469EDB9 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
15:37:23.0752 0x108c  iTunesHelper - ok
15:37:24.0085 0x108c  [ DAA21DC0AA2E688370D356757892816D, 97EBF3B8A4B8544B6C1379A391AA4079F38EB4D507931249BC1427D961F58F8C ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
15:37:24.0127 0x108c  avgnt - ok
15:37:24.0212 0x108c  [ 7632A6EA63FEEBC2798D3852CE754972, 291409858E75B7E84397EED3270E737958255E7F733A3B2FE7BD282A2604B247 ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
15:37:24.0227 0x108c  Avira Systray - ok
15:37:24.0335 0x108c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:37:24.0570 0x108c  Sidebar - ok
15:37:24.0603 0x108c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:37:24.0649 0x108c  mctadmin - ok
15:37:24.0754 0x108c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:37:24.0814 0x108c  Sidebar - ok
15:37:24.0825 0x108c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:37:24.0847 0x108c  mctadmin - ok
15:37:24.0890 0x108c  [ FED1E7E085EE23781A61B6153FEAB2E8, 7DA193CADA7B9840D27F9A5D7C180A9AA3C141CC097DD2CE3CB4B70DFFD48ADA ] C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe
15:37:24.0902 0x108c  Elbserver - ok
15:37:24.0904 0x108c  Nokia Internet Modem - ok
15:37:24.0982 0x108c  Play Now Radio - ok
15:37:24.0985 0x108c  Waiting for KSN requests completion. In queue: 16
15:37:25.0985 0x108c  Waiting for KSN requests completion. In queue: 16
15:37:26.0985 0x108c  Waiting for KSN requests completion. In queue: 16
15:37:28.0234 0x108c  AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.7.266 ), 0x41000 ( enabled : updated )
15:37:28.0393 0x108c  Win FW state via NFP2: enabled
15:37:31.0197 0x108c  ============================================================
15:37:31.0198 0x108c  Scan finished
15:37:31.0198 0x108c  ============================================================
15:37:31.0217 0x1a48  Detected object count: 2
15:37:31.0217 0x1a48  Actual detected object count: 2
15:37:37.0143 0x1a48  AllShare Framework DMS ( UnsignedFile.Multi.Generic ) - skipped by user
15:37:37.0143 0x1a48  AllShare Framework DMS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:37:37.0143 0x1a48  USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
15:37:37.0143 0x1a48  USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:38:35.0504 0x1eac  Deinitialize success
         
lieben Gruß

es gibt noch eine zweite textdatei...die hat aber nur die größe von 4 kb...brauchst du diese auch?

Alt 19.10.2014, 09:33   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Commerzbank TAN-Abfrade Trojaner…. - Standard

Commerzbank TAN-Abfrade Trojaner….





Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 21.10.2014, 15:45   #9
csak09
 
Commerzbank TAN-Abfrade Trojaner…. - Standard

Commerzbank TAN-Abfrade Trojaner….



so, combofix durchgeführt... und hier das Ergebnis

Code:
ATTFilter
ComboFix 14-10-20.01 - oem 21.10.2014  15:20:21.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4044.2239 [GMT 2:00]
ausgeführt von:: c:\users\oem\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\click-n-mark-5\clICk-n-mark-5-bho64.dll
c:\program files (x86)\PricePeep
c:\program files (x86)\SearchProtect
c:\program files (x86)\SearchProtect\EULA.txt
c:\program files (x86)\SearchProtect\Main\rep\SystemRepository.dat
c:\program files (x86)\SearchProtect\UI\dialogs\Images\Apply-default.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\Apply-onclick.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\Apply-Rollover.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bg-uninstall.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bg-with-logo.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bg.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bgNotif.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bgSettings.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bgSettingsDS.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bgUninstall.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\btnBlue.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\btnClose.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\btnSilver.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\button-bg.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\checkbox.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\checkbox_checked.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\checkbox_def.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\close-win-def.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\close-win-over-click.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\gray-bg.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\hez-def.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\hez-selected.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\hez.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\icon-win.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\info-icon.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\menu-rollover.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\menu-selected.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\radio-button-def.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\radio-button-selected.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\radio-button.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\radio-button2.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\Settings-icon.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\text-field.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\v.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\x.png
c:\program files (x86)\SearchProtect\UI\dialogs\protection\protection.css
c:\program files (x86)\SearchProtect\UI\dialogs\protection\protection.html
c:\program files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.css
c:\program files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.html
c:\program files (x86)\SearchProtect\UI\dialogs\settings.html
c:\program files (x86)\SearchProtect\UI\dialogs\settings\settings.css
c:\program files (x86)\SearchProtect\UI\dialogs\settings\settings.html
c:\program files (x86)\SearchProtect\UI\dialogs\style.css
c:\program files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.css
c:\program files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.html
c:\program files (x86)\Windows NT\klijddmmexa.txt
c:\programdata\2433f433
c:\programdata\374311380
c:\programdata\374311380\BITEDC2.tmp
c:\programdata\daihcc
c:\programdata\daihcc\nkcpuq.exe
c:\programdata\hkfwsj
c:\programdata\hkfwsj\ulgb.exe
c:\programdata\piqfj
c:\programdata\piqfj\yxuxld.exe
c:\programdata\sqbufu
c:\programdata\sqbufu\vseon.exe
c:\users\oem\4.0
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_dgiiggndjhacnnhnhmaljgbgcaneehld_0
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_dgiiggndjhacnnhnhmaljgbgcaneehld_0\1
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\background.html
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\crossriderManifest.json
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\manifest.xml
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins.json
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\1_base.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\101_cortica_m.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\102_dealply_m.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\103_intext_5_m.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\104_jollywallet_m.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\105_corticas_m.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\108_icm_m.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\116_ads_only_5_m.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\117_coupons_intext_ads_5_m.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\119_similar_web_m.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\120_luck_m.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\123_intext_adv_m.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\124_superfish_no_search_no_coupons_m.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\125_arcadi2_m.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\126_revizer_ws_m.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\127_revizer_p_m.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\128_superfish_pricora_m.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\129_widdit_m.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\13_CrossriderAppUtils.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\135_arcadi3_m.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\138_getdeal_m.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\14_CrossriderUtils.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\141_corticas_ru_m.js.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\142_intext_fa_m.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\155_ibario_pops_m.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\158_50onred_ads_only_no_fb_m.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\159_cortica_rollover_m.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\17_jQuery.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\170_icm1_5_m.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\171_arcadi2_sourceID_m.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\174_arcadi_serp_dynamic_id_m.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\175_coolmirage_m.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\178_revizer_ws_dynamic_m.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\179_revizer_p_dynamic_m.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\19_CHAppAPIWrapper.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\21_debug.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\22_resources.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\28_initializer.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\4_jquery_1_7_1.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\47_resources_background.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\64_appApiMessage.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\7_hooks.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\72_appApiValidation.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\78_CrossriderInfo.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\80_CHPopupAppAPI.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\87_ginyas_wrapper.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\9_search_engine_hook.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\91_monetizationLoader.js.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\92_superfish_m.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\93_superfish_no_coupons_m.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\plugins\97_resourceApiWrapper.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\userCode\background.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\extensionData\userCode\extension.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\icons\actions\1.png
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\icons\icon128.png
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\icons\icon16.png
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\icons\icon48.png
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\js\api\chrome.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\js\api\cookie.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\js\api\message.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\js\api\pageAction.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\js\api\pageActionBG.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\js\background.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\js\lib\app_api.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\js\lib\bg_app_api.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\js\lib\consts.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\js\lib\cookie_store.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\js\lib\crossriderAPI.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\js\lib\delegate.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\js\lib\events.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\js\lib\extensionDataStore.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\js\lib\installer.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\js\lib\logFile.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\js\lib\logging.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\js\lib\onBGDocumentLoad.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\js\lib\popupResource\newPopup.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\js\lib\popupResource\popup.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\js\lib\reports.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\js\lib\storageWrapper.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\js\lib\updateManager.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\js\lib\util.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\js\lib\xhr.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\js\main.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\manifest.json
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.25.6_0\popup.html
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\background.html
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\chromeCoreFilesIndex.txt
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\crossriderManifest.json
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\extensionData\manifest.xml
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\extensionData\plugins.json
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\extensionData\plugins\1.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\extensionData\plugins\13.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\extensionData\plugins\14.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\extensionData\plugins\17.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\extensionData\plugins\177.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\extensionData\plugins\182.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\extensionData\plugins\183.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\extensionData\plugins\19.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\extensionData\plugins\207.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\extensionData\plugins\21.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\extensionData\plugins\22.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\extensionData\plugins\246.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\extensionData\plugins\28.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\extensionData\plugins\4.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\extensionData\plugins\47.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\extensionData\plugins\64.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\extensionData\plugins\72.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\extensionData\plugins\78.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\extensionData\plugins\80.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\extensionData\plugins\91.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\extensionData\plugins\97.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\extensionData\userCode\background.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\extensionData\userCode\extension.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\icons\actions\1.png
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\icons\icon128.png
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\icons\icon16.png
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\icons\icon48.png
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\js\api\chrome.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\js\api\cookie.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\js\api\message.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\js\api\monitor.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\js\api\pageAction.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\js\api\pageActionBG.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\js\background.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\js\lib\app_api.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\js\lib\bg_app_api.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\js\lib\consts.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\js\lib\cookie_store.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\js\lib\crossriderAPI.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\js\lib\delegate.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\js\lib\events.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\js\lib\extensionDataStore.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\js\lib\installer.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\js\lib\logFile.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\js\lib\logging.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\js\lib\onBGDocumentLoad.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\js\lib\popupResource\newPopup.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\js\lib\popupResource\popup.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\js\lib\reports.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\js\lib\storageWrapper.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\js\lib\updateManager.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\js\lib\util.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\js\lib\xhr.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\js\main.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\js\platformVersion.js
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\manifest.json
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiiggndjhacnnhnhmaljgbgcaneehld\1.26.26_0\popup.html
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dgiiggndjhacnnhnhmaljgbgcaneehld
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dgiiggndjhacnnhnhmaljgbgcaneehld\000005.sst
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dgiiggndjhacnnhnhmaljgbgcaneehld\000011.sst
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dgiiggndjhacnnhnhmaljgbgcaneehld\000014.sst
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dgiiggndjhacnnhnhmaljgbgcaneehld\000032.sst
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dgiiggndjhacnnhnhmaljgbgcaneehld\000035.log
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dgiiggndjhacnnhnhmaljgbgcaneehld\CURRENT
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dgiiggndjhacnnhnhmaljgbgcaneehld\LOCK
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dgiiggndjhacnnhnhmaljgbgcaneehld\LOG
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dgiiggndjhacnnhnhmaljgbgcaneehld\LOG.old
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dgiiggndjhacnnhnhmaljgbgcaneehld\MANIFEST-000033
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dgiiggndjhacnnhnhmaljgbgcaneehld_0.localstorage-journal
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dgiiggndjhacnnhnhmaljgbgcaneehld_0.localstorage
c:\users\oem\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\oem\AppData\Local\lollipop
c:\users\oem\AppData\Local\lollipop\logo.ico
c:\users\oem\AppData\Local\lollipop\lollipop_01272101.dat
c:\users\oem\AppData\Local\lollipop\lollipop_04211550.bat
c:\users\oem\AppData\Local\lollipop\lollipop_04211550.dat
c:\users\oem\AppData\Local\lollipop\lollipop_04211550.lpd
c:\users\oem\AppData\Local\lollipop\lollipop_04211550_cfg.lpd
c:\users\oem\AppData\Local\lollipop\lollipop_04211550_ps.lpd
c:\users\oem\AppData\Local\nsbAA21.tmp
c:\users\oem\AppData\Local\playnowradio
c:\users\oem\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\users\oem\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
c:\users\oem\AppData\Local\TempFullTiltPokerEuSetup.exe
c:\users\oem\AppData\Roaming\2433f433
c:\users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PricePeepUpdater.lnk
c:\users\oem\AppData\Roaming\Windows Net Data
c:\users\oem\AppData\Roaming\Windows Net Data\id.dat
c:\users\oem\AppData\Roaming\Windows Net Data\net.exe
c:\users\oem\AppData\Roaming\Windows Net Data\uninstaller.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-09-21 bis 2014-10-21  ))))))))))))))))))))))))))))))
.
.
2014-10-17 10:09 . 2014-09-18 02:00	3241472	----a-w-	c:\windows\system32\msi.dll
2014-10-17 10:09 . 2014-09-18 01:32	2363904	----a-w-	c:\windows\SysWow64\msi.dll
2014-10-17 10:02 . 2014-08-29 02:07	44032	----a-w-	c:\windows\system32\tsgqec.dll
2014-10-17 10:02 . 2014-08-29 02:07	322560	----a-w-	c:\windows\system32\aaclient.dll
2014-10-17 10:02 . 2014-08-29 02:06	1125888	----a-w-	c:\windows\system32\mstsc.exe
2014-10-17 10:02 . 2014-08-29 01:44	37376	----a-w-	c:\windows\SysWow64\tsgqec.dll
2014-10-17 10:02 . 2014-08-29 01:44	4922368	----a-w-	c:\windows\SysWow64\mstscax.dll
2014-10-17 10:02 . 2014-08-29 01:44	269312	----a-w-	c:\windows\SysWow64\aaclient.dll
2014-10-17 10:02 . 2014-08-29 01:44	1050112	----a-w-	c:\windows\SysWow64\mstsc.exe
2014-10-17 10:02 . 2014-08-29 02:07	5780480	----a-w-	c:\windows\system32\mstscax.dll
2014-10-17 10:02 . 2014-08-29 02:07	3179520	----a-w-	c:\windows\system32\rdpcorets.dll
2014-10-17 09:55 . 2014-09-29 00:58	3198976	----a-w-	c:\windows\system32\win32k.sys
2014-10-17 09:55 . 2014-06-18 22:23	1943696	----a-w-	c:\windows\system32\dfshim.dll
2014-10-17 09:55 . 2014-06-18 22:23	156312	----a-w-	c:\windows\system32\mscorier.dll
2014-10-17 09:55 . 2014-06-18 22:23	156824	----a-w-	c:\windows\SysWow64\mscorier.dll
2014-10-17 09:55 . 2014-06-18 22:23	1131664	----a-w-	c:\windows\SysWow64\dfshim.dll
2014-10-17 09:55 . 2014-06-18 22:23	73880	----a-w-	c:\windows\system32\mscories.dll
2014-10-17 09:55 . 2014-06-18 22:23	81560	----a-w-	c:\windows\SysWow64\mscories.dll
2014-10-17 09:55 . 2014-09-13 01:58	77312	----a-w-	c:\windows\system32\packager.dll
2014-10-17 09:55 . 2014-09-13 01:40	67072	----a-w-	c:\windows\SysWow64\packager.dll
2014-10-17 09:41 . 2014-10-17 21:30	--------	d-----w-	c:\programdata\ywmpnrl
2014-10-17 09:27 . 2014-10-17 09:25	43064	----a-w-	c:\windows\system32\drivers\avnetflt.sys
2014-10-16 12:18 . 2014-10-17 09:40	--------	d-----w-	C:\FRST
2014-10-16 11:53 . 2014-10-16 11:53	--------	d-----w-	C:\found.000
2014-10-16 11:31 . 2014-10-16 12:07	--------	d-----w-	c:\programdata\Package Cache
2014-10-16 11:31 . 2014-10-16 11:31	--------	d-----w-	c:\users\oem\AppData\Roaming\Avira
2014-10-16 11:29 . 2014-09-24 10:44	28600	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2014-10-16 11:29 . 2014-09-24 10:44	131608	----a-w-	c:\windows\system32\drivers\avipbb.sys
2014-10-16 11:29 . 2014-09-24 10:44	119272	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2014-10-16 11:29 . 2014-10-16 12:07	--------	d-----w-	c:\program files (x86)\Avira
2014-10-16 11:29 . 2014-10-16 11:32	--------	d-----w-	c:\programdata\Avira
2014-10-11 21:51 . 2014-10-11 21:51	--------	d-----w-	c:\programdata\Xunlei
2014-10-11 21:51 . 2014-10-11 21:51	--------	d-----w-	c:\programdata\Thunder Network
2014-10-11 21:48 . 2014-10-11 21:48	--------	d-----w-	c:\users\oem\AppData\Roaming\ap_logs
2014-10-11 21:48 . 2014-10-11 21:48	--------	d-----w-	c:\users\oem\AppData\Roaming\AnyProtectEx
2014-10-11 21:48 . 2014-10-11 21:48	--------	d-----w-	c:\users\oem\AppData\Roaming\ap_movie
2014-10-11 20:35 . 2014-10-11 20:35	--------	d-----w-	c:\programdata\IePluginServices
2014-10-11 20:35 . 2014-10-11 21:53	--------	d-----w-	c:\programdata\WindowsMangerProtect
2014-10-11 20:35 . 2014-10-11 20:35	--------	d-----w-	c:\program files (x86)\SupTab
2014-10-04 15:06 . 2014-10-04 15:06	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2014-10-03 21:54 . 2014-10-03 21:54	--------	d--h--w-	c:\users\oem\AppData\Roaming\GoldenGate
2014-10-03 21:53 . 2014-10-03 21:54	--------	d-----w-	c:\users\oem\AppData\Local\Gameo
2014-10-01 20:21 . 2014-10-01 20:21	0	----a-w-	c:\windows\SysWow64\shoDAF.tmp
2014-10-01 12:33 . 2014-09-25 02:08	371712	----a-w-	c:\windows\system32\qdvd.dll
2014-10-01 12:33 . 2014-09-25 01:40	519680	----a-w-	c:\windows\SysWow64\qdvd.dll
2014-10-01 12:33 . 2014-09-09 22:11	2048	----a-w-	c:\windows\system32\tzres.dll
2014-10-01 12:33 . 2014-09-09 21:47	2048	----a-w-	c:\windows\SysWow64\tzres.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-10-18 01:02 . 2011-09-25 20:49	103265616	----a-w-	c:\windows\system32\MRT.exe
2014-10-01 12:59 . 2012-04-20 06:08	701104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-10-01 12:59 . 2011-09-18 09:30	71344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-15 07:06 . 2010-11-21 03:27	278152	------w-	c:\windows\system32\MpSigStub.exe
2014-09-09 02:05 . 2014-10-14 09:14	11578928	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{F467B2A8-F88A-4AFC-92F8-2795E90D8250}\mpengine.dll
2014-09-07 10:54 . 2010-06-24 09:33	23256	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-08-26 13:57 . 2014-08-26 13:57	0	----a-w-	c:\windows\SysWow64\sho41B3.tmp
2014-08-23 02:07 . 2014-08-27 19:21	404480	----a-w-	c:\windows\system32\gdi32.dll
2014-08-23 01:45 . 2014-08-27 19:21	311808	----a-w-	c:\windows\SysWow64\gdi32.dll
2014-08-01 11:53 . 2014-09-14 11:34	1031168	----a-w-	c:\windows\system32\TSWorkspace.dll
2014-08-01 11:35 . 2014-09-14 11:34	793600	----a-w-	c:\windows\SysWow64\TSWorkspace.dll
2014-07-25 00:35 . 2014-07-25 00:35	875688	----a-w-	c:\windows\SysWow64\msvcr120_clr0400.dll
2014-07-24 21:47 . 2014-07-24 21:47	869544	----a-w-	c:\windows\system32\msvcr120_clr0400.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11111111-1111-1111-1111-110311901130}]
2013-09-19 08:00	752488	----a-w-	c:\program files (x86)\Plus-HD-3.8\Plus-HD-3.8-bho.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11111111-1111-1111-1111-110411511182}]
2013-12-06 12:46	641024	----a-w-	c:\program files (x86)\click-n-mark-5\click-n-mark-5-bho.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
2014-10-11 20:35	515464	----a-w-	c:\program files (x86)\SupTab\SupTab.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
2013-02-15 19:59	197920	----a-w-	c:\program files (x86)\Yontoo\YontooIEClient.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Elbserver"="c:\program files (x86)\Sony\Media Gallery\ElbServer.exe" [2011-04-02 83344]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-13 283160]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2011-02-15 2757312]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-11-26 648032]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-07-08 152392]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-09-24 703736]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2014-09-23 165168]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.150\SSScheduler.exe [2014-4-9 332016]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\System32\Drivers\AthDfu.sys;c:\windows\SYSNATIVE\Drivers\AthDfu.sys [x]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y60x64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SXDS10;soft Xpansion Dispatch Service;c:\program files (x86)\Common Files\soft Xpansion\sxds10.exe \Service;c:\program files (x86)\Common Files\soft Xpansion\sxds10.exe \Service [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 zte_cdc_acm;ZTE All CDC-ACM driver;c:\windows\system32\DRIVERS\zte_cdc_acm.sys;c:\windows\SYSNATIVE\DRIVERS\zte_cdc_acm.sys [x]
R3 zte_cdc_ecm;zte_cdc_ecm;c:\windows\system32\DRIVERS\zte_cdc_ecm.sys;c:\windows\SYSNATIVE\DRIVERS\zte_cdc_ecm.sys [x]
R3 zte_cpo;ZTE All Install;c:\windows\system32\DRIVERS\zte_cpo.sys;c:\windows\SYSNATIVE\DRIVERS\zte_cpo.sys [x]
R3 zte_ecm_enum;ZTE All DC Enumerator;c:\windows\system32\DRIVERS\zte_ecm_enum.sys;c:\windows\SYSNATIVE\DRIVERS\zte_ecm_enum.sys [x]
R3 zte_ecm_enum_filter;zte_ecm_enum_filter;c:\windows\system32\DRIVERS\zte_ecm_enum_filter.sys;c:\windows\SYSNATIVE\DRIVERS\zte_ecm_enum_filter.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [x]
S2 AllShare Framework DMS;AllShare Framework DMS;c:\program files\Samsung\AllShare Framework DMS\1.3.07\AllShareFrameworkManagerDMS.exe;c:\program files\Samsung\AllShare Framework DMS\1.3.07\AllShareFrameworkManagerDMS.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
S2 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 IePluginServices;IePlugin Services;c:\programdata\IePluginServices\PluginService.exe;c:\programdata\IePluginServices\PluginService.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [x]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe;c:\program files\Sony\VAIO Care\VCPerfService.exe [x]
S2 Samsung Link Service;Samsung Link Service;c:\program files\Samsung\Samsung Link\Samsung Link Service.exe;c:\program files\Samsung\Samsung Link\Samsung Link Service.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S2 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [x]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x]
S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [x]
S2 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [x]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe;c:\program files\Sony\VAIO Smart Network\VSNService.exe [x]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\drivers\btath_bus.sys;c:\windows\SYSNATIVE\drivers\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\drivers\btath_hcrp.sys;c:\windows\SYSNATIVE\drivers\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\drivers\btath_rcp.sys;c:\windows\SYSNATIVE\drivers\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys;c:\windows\SYSNATIVE\drivers\SFEP.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [x]
S3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [x]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe;c:\program files\Sony\VAIO Care\VCService.exe [x]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update\VUAgent.exe;c:\program files\Sony\VAIO Update\VUAgent.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-06-21 22:16	1177552	----a-w-	c:\program files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-10-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-20 12:59]
.
2014-10-21 c:\windows\Tasks\click-n-mark-5-chromeinstaller.job
- c:\program files (x86)\click-n-mark-5\click-n-mark-5-chromeinstaller.exe [2013-12-06 12:45]
.
2014-10-21 c:\windows\Tasks\click-n-mark-5-codedownloader.job
- c:\program files (x86)\click-n-mark-5\click-n-mark-5-codedownloader.exe [2013-12-06 12:45]
.
2014-10-21 c:\windows\Tasks\click-n-mark-5-enabler.job
- c:\program files (x86)\click-n-mark-5\click-n-mark-5-enabler.exe [2013-12-06 12:46]
.
2014-10-21 c:\windows\Tasks\click-n-mark-5-firefoxinstaller.job
- c:\program files (x86)\click-n-mark-5\click-n-mark-5-firefoxinstaller.exe [2013-12-06 12:45]
.
2014-10-21 c:\windows\Tasks\click-n-mark-5-updater.job
- c:\program files (x86)\click-n-mark-5\click-n-mark-5-updater.exe [2013-12-06 12:46]
.
2014-10-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-06-21 22:16]
.
2014-10-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-06-21 22:16]
.
2014-08-05 c:\windows\Tasks\Plus-HD-3.8-codedownloader.job
- c:\program files (x86)\Plus-HD-3.8\Plus-HD-3.8-codedownloader.exe [2013-09-19 08:00]
.
2014-08-05 c:\windows\Tasks\Plus-HD-3.8-enabler.job
- c:\program files (x86)\Plus-HD-3.8\Plus-HD-3.8-enabler.exe [2013-09-19 20:00]
.
2014-08-05 c:\windows\Tasks\Plus-HD-3.8-updater.job
- c:\program files (x86)\Plus-HD-3.8\Plus-HD-3.8-updater.exe [2013-09-19 08:00]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2011-03-29 518784]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-03-31 790176]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-03-31 657056]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-29 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-29 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-29 418328]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-07-28 497648]
"Samsung Link"="c:\program files\Samsung\Samsung Link\utils\Samsung Link Launcher.exe" [2013-04-23 407384]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://astromenda.com/?f=1&a=ast_md_14_40_ch&cd=2XzuyEtN2Y1L1Qzu0AtBtDtDyE0E0B0AtAyCyCtAtB0EtB0FtN0D0Tzu0StCtDtDyBtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StDzytCzz0F0A0F0DtG0AyD0AyCtGzzyDyD0FtGyE0E0FtCtGyCzy0DyCyCzytAtBtD0AtCyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0EzyyD0B0DtDtBtAtGyD0FyCyEtGyEtAyB0FtGzzzytAyCtG0A0D0FyD0B0BtCzz0FzyyE0F2Q&cr=1983010800&ir=
uDefault_Search_URL = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=6.8&ts=1379541600000.000008&tguid=66920-6787-1379541600000.000008-C793F11DACE3475CC9748FD4179532EE&st=chrome&q=
mDefault_Search_URL = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=6.8&ts=1379541600000.000008&tguid=66920-6787-1379541600000.000008-C793F11DACE3475CC9748FD4179532EE&st=chrome&q=
mDefault_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE
mStart Page = about:newtab
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=6.8&ts=1379541600000.000008&tguid=66920-6787-1379541600000.000008-C793F11DACE3475CC9748FD4179532EE&st=chrome&q=
mSearch Bar = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=6.8&ts=1379541600000.000008&tguid=66920-6787-1379541600000.000008-C793F11DACE3475CC9748FD4179532EE&st=chrome&q=
uInternet Settings,ProxyOverride = <local>;*.local
uSearchAssistant = hxxp://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=DE&userid=d9e3580c-aa30-c45b-5366-2557d5ace247&searchtype=ds&q={searchTerms}&installDate=06/12/2013
uSearchURL,(Default) = hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=6.8&ts=1379541600000.000008&tguid=66920-6787-1379541600000.000008-C793F11DACE3475CC9748FD4179532EE&q=%s
IE: {{07BA1DA9-F501-4796-8728-74D1B91A6CD5} - c:\program files (x86)\PokerStars.EU\PokerStarsUpdate.exe
TCP: DhcpNameServer = 195.34.133.21 212.186.211.21
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} - c:\program files (x86)\PricePeep\pricepeep.dll
Toolbar-10 - (no file)
Wow6432Node-HKCU-Run-Nokia Internet Modem - c:\program files (x86)\Nokia\Nokia Internet Modem\WellPhone2.exe
Wow6432Node-HKCU-Run-Play Now Radio - c:\users\oem\AppData\Local\playnowradio\playnowradio\1.3.14.6\playnowradio.exe
Wow6432Node-HKLM-Run-mobilegeni daemon - c:\program files (x86)\Mobogenie\DaemonProcess.exe
Wow6432Node-HKU-Default-RunOnce-64dbpj - c:\programdata\sqbufu\vseon.exe
c:\users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\net.lnk - c:\users\oem\AppData\Roaming\Windows Net Data\net.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-10 - (no file)
AddRemove-PricePeep - c:\program files (x86)\PricePeep\uninstall.exe
AddRemove-Windows Utils - c:\users\oem\AppData\Roaming\Windows Net Data\uninstaller.exe
AddRemove-lollipop_04211550 - c:\users\oem\appdata\local\lollipop\lollipop_04211550.bat
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_167_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_167_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files\Samsung\AllShare Framework DMS\1.3.07\AllShareFrameworkDMS.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Sony\VAIO Event Service\VESMgr.exe
c:\program files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
c:\program files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
c:\windows\SysWOW64\DllHost.exe
c:\windows\SysWOW64\DllHost.exe
c:\program files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files\Sony\VAIO Care\listener.exe
c:\program files\Sony\VAIO Personalization Manager\VpmIfPav.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-10-21  15:43:00 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-10-21 13:42
.
Vor Suchlauf: 20 Verzeichnis(se), 364.639.170.560 Bytes frei
Nach Suchlauf: 28 Verzeichnis(se), 364.257.566.720 Bytes frei
.
- - End Of File - - D8C15B4A68D5B9A5501CAF9604B9477D
         

Alt 22.10.2014, 11:11   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Commerzbank TAN-Abfrade Trojaner…. - Standard

Commerzbank TAN-Abfrade Trojaner….



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.11.2014, 13:40   #11
csak09
 
Commerzbank TAN-Abfrade Trojaner…. - Standard

Commerzbank TAN-Abfrade Trojaner….



Hallo, sorry für die kleine Pause...

hier das erste Ergebnis:
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 08.11.2014
Suchlauf-Zeit: 13:07:30
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.3.1025
Malware Datenbank: v2014.11.08.02
Rootkit Datenbank: v2014.11.01.02
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: oem

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 351550
Verstrichene Zeit: 27 Min, 51 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 0
(Keine schädliche Elemente erkannt)

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 0
(Keine schädliche Elemente erkannt)

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
         

Alt 09.11.2014, 07:42   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Commerzbank TAN-Abfrade Trojaner…. - Standard

Commerzbank TAN-Abfrade Trojaner….



und weiter
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 09.11.2014, 19:56   #13
csak09
 
Commerzbank TAN-Abfrade Trojaner…. - Standard

Commerzbank TAN-Abfrade Trojaner….



ups, nachricht nicht übermittelt...
das zweite Programm lässt sich nicht ausführen, wegen "nicht genügend Systemressourcen" :/.
Wie gehe ich am Besten vor?
danke

Alt 10.11.2014, 16:41   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Commerzbank TAN-Abfrade Trojaner…. - Standard

Commerzbank TAN-Abfrade Trojaner….



Reboote den Rechner mal und versuche es wieder.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 12.11.2014, 20:53   #15
csak09
 
Commerzbank TAN-Abfrade Trojaner…. - Standard

Commerzbank TAN-Abfrade Trojaner….



Ergebnis vom AdwCleaner...:
Code:
ATTFilter
# AdwCleaner v4.101 - Bericht erstellt am 12/11/2014 um 15:18:33
# Aktualisiert 09/11/2014 von Xplode
# Database : 2014-11-11.2 [Live]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : oem - OEM-VAIO
# Gestartet von : C:\Users\oem\Downloads\adwcleaner_4.101.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\SoftwareUpdater
Ordner Gelöscht : C:\ProgramData\Systweak
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlvPlayer
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDvidCodec.com
Ordner Gelöscht : C:\Program Files (x86)\globalUpdate
Ordner Gelöscht : C:\Program Files (x86)\Mobogenie
Ordner Gelöscht : C:\Program Files (x86)\Movie2KDownloader.com
Ordner Gelöscht : C:\Program Files (x86)\MyPC Backup
Ordner Gelöscht : C:\Program Files (x86)\Settings Manager
Ordner Gelöscht : C:\Users\oem\AppData\Local\DownloadGuide
Ordner Gelöscht : C:\Users\oem\AppData\Local\emaze
Ordner Gelöscht : C:\Users\oem\AppData\Local\genienext
Ordner Gelöscht : C:\Users\oem\AppData\Local\globalUpdate
Ordner Gelöscht : C:\Users\oem\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\oem\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\oem\AppData\Roaming\Activeris
Ordner Gelöscht : C:\Users\oem\AppData\Roaming\AnyProtectEx
Ordner Gelöscht : C:\Users\oem\AppData\Roaming\ap_logs
Ordner Gelöscht : C:\Users\oem\AppData\Roaming\DesktopIconForAmazon
Ordner Gelöscht : C:\Users\oem\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\oem\AppData\Roaming\OCS
Ordner Gelöscht : C:\Users\oem\AppData\Roaming\SimplyTech
Ordner Gelöscht : C:\Users\oem\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\oem\Desktop\Documents\Mobogenie
Ordner Gelöscht : C:\Users\oem\Desktop\Documents\Optimizer Pro
Ordner Gelöscht : C:\Users\oem\Desktop\Documents\PC Speed Maximizer
Ordner Gelöscht : C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\blaofbhgbmeikidhlkmjhbkbfohpgekf
Ordner Gelöscht : C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Users\oem\daemonprocess.txt
Datei Gelöscht : C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\lollipop.lnk
Datei Gelöscht : C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\Users\Public\Desktop\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\oem\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\oem\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\oem\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\oem\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk

***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\blaofbhgbmeikidhlkmjhbkbfohpgekf
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\kiplfnciaokpcennlkldkdaeaaomamof
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{503E067F-2914-4EDD-8432-2D6C52635E23}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355905530}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455515582}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366906630}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466516682}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{503E067F-2914-4EDD-8432-2D6C52635E23}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2830488C-079B-45C2-88B6-AFE4EAA2DF85}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355905530}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455515582}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366906630}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466516682}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2001}
Schlüssel Gelöscht : HKCU\Software\AnyProtect
Schlüssel Gelöscht : HKCU\Software\GlobalUpdate
Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gelöscht : HKCU\Software\InstalledThirdPartyPrograms
Schlüssel Gelöscht : HKCU\Software\lollipop
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Optimizer Pro
Schlüssel Gelöscht : HKCU\Software\simplytech
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\torch
Schlüssel Gelöscht : HKCU\Software\visualbee
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\simplytech
Schlüssel Gelöscht : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\SOFTWARE\DeviceVM
Schlüssel Gelöscht : HKLM\SOFTWARE\FlvPlayer
Schlüssel Gelöscht : HKLM\SOFTWARE\GlobalUpdate
Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\torch
Schlüssel Gelöscht : HKLM\SOFTWARE\VBMZ
Schlüssel Gelöscht : HKLM\SOFTWARE\visualbee
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DeviceVM
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledThirdPartyPrograms
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Speedchecker Limited
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17344


-\\ Mozilla Firefox v


-\\ Google Chrome v29.0.1547.66

[C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://de.ask.com/web?q={searchTerms}
[C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=6.9&ts=1379541600000.000008&tguid=66920-6787-1379541600000.000008-C793F11DACE3475CC9748FD4179532EE&q={searchTerms}
[C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.default-search.net/search?sid=498&aid=133&itype=n&ver=13588&tm=429&src=ds&p={searchTerms}
[C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_md_14_40_ch&cd=2XzuyEtN2Y1L1Qzu0AtBtDtDyE0E0B0AtAyCyCtAtB0EtB0FtN0D0Tzu0StCtDtDyBtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StDzytCzz0F0A0F0DtG0AyD0AyCtGzzyDyD0FtGyE0E0FtCtGyCzy0DyCyCzytAtBtD0AtCyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0EzyyD0B0DtDtBtAtGyD0FyCyEtGyEtAyB0FtGzzzytAyCtG0A0D0FyD0B0BtCzz0FzyyE0F2Q&cr=1983010800&ir=
[C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE&q={searchTerms}
[C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE&q={searchTerms}
[C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\preferences] - Gelöscht [Extension] : blaofbhgbmeikidhlkmjhbkbfohpgekf
[C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\preferences] - Gelöscht [Extension] : dhdepfaagokllfmhfbcfmocaeigmoebo
[C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\preferences] - Gelöscht [Extension] : fbmimoidopbghbcmdmpkjaffffmcbmbg
[C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\preferences] - Gelöscht [Extension] : hphibigbodkkohoglgfkddblldpfohjl
[C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\preferences] - Gelöscht [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej
[C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\preferences] - Gelöscht [Extension] : kincjchfokkeneeofpeefomkikfkiedl
[C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\preferences] - Gelöscht [Extension] : kkkeikdkpjenmoiicggnnodbkebafgpc
[C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\preferences] - Gelöscht [Extension] : pgmfkblbflahhponhjmkcnpjinenhlnc
[C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\preferences] - Gelöscht [Extension] : lifbcibllhkdhoafpjfnlhfpfgnpldfl
[C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\preferences] - Gelöscht [Extension] : geggofhlfbcmanadhknllmlajiafopoh
[C:\Users\oem\AppData\Local\Chromium\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.default-search.net/search?sid=498&aid=133&itype=n&ver=13588&tm=429&src=ds&p={searchTerms}

-\\ Chromium v

[C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://de.ask.com/web?q={searchTerms}
[C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=6.9&ts=1379541600000.000008&tguid=66920-6787-1379541600000.000008-C793F11DACE3475CC9748FD4179532EE&q={searchTerms}
[C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.default-search.net/search?sid=498&aid=133&itype=n&ver=13588&tm=429&src=ds&p={searchTerms}
[C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_md_14_40_ch&cd=2XzuyEtN2Y1L1Qzu0AtBtDtDyE0E0B0AtAyCyCtAtB0EtB0FtN0D0Tzu0StCtDtDyBtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StDzytCzz0F0A0F0DtG0AyD0AyCtGzzyDyD0FtGyE0E0FtCtGyCzy0DyCyCzytAtBtD0AtCyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0EzyyD0B0DtDtBtAtGyD0FyCyEtGyEtAyB0FtGzzzytAyCtG0A0D0FyD0B0BtCzz0FzyyE0F2Q&cr=1983010800&ir=
[C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE&q={searchTerms}
[C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1413059680&from=ild&uid=ST9500325AS_5VEHFSPEXXXX5VEHFSPE&q={searchTerms}
[C:\Users\oem\AppData\Local\Chromium\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.default-search.net/search?sid=498&aid=133&itype=n&ver=13588&tm=429&src=ds&p={searchTerms}

*************************

AdwCleaner[R0].txt - [22610 octets] - [12/11/2014 15:16:02]
AdwCleaner[S0].txt - [24024 octets] - [12/11/2014 15:18:33]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [24085 octets] ##########
         

Antwort

Themen zu Commerzbank TAN-Abfrade Trojaner….
antworten, besser, bringe, commerzbank, dunkler, durchlauf, empfohlen, fund, gen, hallo zusammen, neustart, nichts, troja, worte, zusammen



Ähnliche Themen: Commerzbank TAN-Abfrade Trojaner….


  1. Commerzbank sagt mein PC ist mit einem Trojaner verseucht
    Log-Analyse und Auswertung - 16.02.2015 (23)
  2. Commerzbank TAN Abfrage Trojaner
    Log-Analyse und Auswertung - 25.05.2013 (12)
  3. 100 TAN Trojaner Commerzbank
    Plagegeister aller Art und deren Bekämpfung - 24.05.2013 (9)
  4. 2x | Commerzbank 100 Tan Abfrage Trojaner Windows 8
    Mülltonne - 24.04.2013 (1)
  5. Commerzbank 100 TAN Trojaner
    Log-Analyse und Auswertung - 14.03.2013 (15)
  6. Commerzbank Trojaner (100 TAN Abfrage)
    Plagegeister aller Art und deren Bekämpfung - 08.12.2012 (14)
  7. Commerzbank Trojaner (100 TAN Abfrage)
    Diskussionsforum - 01.12.2012 (2)
  8. Commerzbank 100 Tan Trojaner
    Plagegeister aller Art und deren Bekämpfung - 17.09.2012 (15)
  9. Commerzbank Trojaner (100 TAN Abfrage)
    Plagegeister aller Art und deren Bekämpfung - 15.08.2012 (13)
  10. Commerzbank Trojaner fordert mehrere TAN-Nummern nach Log-In
    Plagegeister aller Art und deren Bekämpfung - 14.12.2011 (4)
  11. 100 Tan Trojaner Commerzbank
    Plagegeister aller Art und deren Bekämpfung - 10.08.2011 (1)
  12. Commerzbank Trojaner
    Plagegeister aller Art und deren Bekämpfung - 23.07.2011 (23)
  13. Trojaner 100-Pin Commerzbank
    Plagegeister aller Art und deren Bekämpfung - 08.07.2011 (4)
  14. Commerzbank Trojaner
    Plagegeister aller Art und deren Bekämpfung - 30.06.2011 (18)
  15. Commerzbank hat bei mir einen Trojaner entdeckt - Was nun?
    Plagegeister aller Art und deren Bekämpfung - 08.12.2010 (14)
  16. Trojan.Banker - 100 tan Trojaner Commerzbank
    Plagegeister aller Art und deren Bekämpfung - 01.12.2010 (5)
  17. TAN Trojaner bei Commerzbank
    Plagegeister aller Art und deren Bekämpfung - 10.11.2010 (15)

Zum Thema Commerzbank TAN-Abfrade Trojaner…. - Hallo zusammen, haben leider wie viele diesen Commerzbank-trojaner. habe erstmal mir avira-antivirus runtergeladen. Nach dem ersten durchlauf und einem Fund, wurde mir empfohlen einen Neustart zu machen. Jetzt geht gar - Commerzbank TAN-Abfrade Trojaner…....
Archiv
Du betrachtest: Commerzbank TAN-Abfrade Trojaner…. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.