| |
| |||||||
Log-Analyse und Auswertung: Avast VisthAux.exe deaktiviert (Windows 8)Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
13.02.2013, 23:44
| #1 |
 |  Avast VisthAux.exe deaktiviert (Windows 8) Hallo, heute Abend ist mir zufällig aufgefallen, dass Avast nicht mehr ordentlich läuft und sogar deaktiviert ist. Das grundsätzliche Problem wurde in diesem Thread schon einmal beschrieben: http://www.trojaner-board.de/124918-...e-gelesen.html Nun gehe ich davon aus, dass bei mir ebenfalls ein Trojaner auf dem Rechner gelandet ist, was soweit nicht schlimm ist, da keinerlei sensible Daten auf dem Rechner liegen. Trotzdem würde ich das Problem so schnell es geht in den Griff bekommen, sprich von meinem Computer schmeißen. Ein erster Test mit Anti-Malware hat ergeben, dass alles in Ordnung sei (s. anhängende log-Datei). Im erwähnten Thread werden weitere Analysen vorgeschlagen, soll ich das auch direkt machen? Vielen Herzlichen Dank schon einmal direkt im voraus, ich hoffe die Geschichte wird schnell aus der Welt sein... Mit besten Grüßen, painfiller Hier ist die Log-Datei von aswMBR.exe: aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software Run date: 2013-02-13 23:47:53 ----------------------------- 23:47:53.968 OS Version: Windows x64 6.2.9200 23:47:53.968 Number of processors: 4 586 0x3A09 23:47:53.970 ComputerName: KRISTOFFER UserName: krist_000 23:47:53.980 Initialze error 1 23:47:54.067 AVAST engine defs: 13020501 23:47:55.995 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000048 23:47:55.997 Disk 0 Vendor: ADATA_XM11_256GB 5.0.2a Size: 244198MB BusType: 11 23:47:56.001 Disk 0 MBR read successfully 23:47:56.004 Disk 0 MBR scan 23:47:56.021 Disk 0 unknown MBR code 23:47:56.024 Disk 0 Partition 1 00 EE GPT 244198 MB offset 1 23:47:56.060 Disk 0 scanning C:\Windows\system32\drivers 23:47:56.063 Service scanning 23:47:56.594 Modules scanning 23:47:56.597 Disk 0 trace - called modules: 23:47:56.604 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll iaStorA.sys 23:47:56.608 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800f3fd060] 23:47:56.611 3 CLASSPNP.SYS[fffff88000c028aa] -> nt!IofCallDriver -> [0xfffffa800ef64e40] 23:47:56.615 5 ACPI.sys[fffff8800100ca91] -> nt!IofCallDriver -> \Device\00000048[0xfffffa800ef6a060] 23:47:56.622 AVAST engine scan C:\Windows 23:47:56.627 AVAST engine scan C:\Windows\system32 23:47:56.632 AVAST engine scan C:\Windows\system32\drivers 23:47:56.638 AVAST engine scan C:\Users\krist_000 23:47:56.643 AVAST engine scan C:\ProgramData 23:47:56.648 Scan finished successfully 23:48:35.148 Disk 0 MBR has been saved successfully to "C:\Users\krist_000\Downloads\Avast logs\MBR.dat" 23:48:35.153 The log file has been saved successfully to "C:\Users\krist_000\Downloads\Avast logs\aswMBR.txt" |
|
14.02.2013, 13:24
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Avast VisthAux.exe deaktiviert (Windows 8) Hallo und
__________________ Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Bevor wir uns an die weitere Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Erstmal eine Kontrolle mit OTL bitte:
__________________ |
|
14.02.2013, 15:24
| #3 |
| | Avast VisthAux.exe deaktiviert (Windows 8) Hi Cosinus!
__________________Leider kann ich nur die Logfile vom Malwarebytes anbieten und zwar die folgenden: Code:
ATTFilter Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Datenbank Version: v2013.02.13.09 Windows 8 x64 NTFS Internet Explorer 10.0.9200.16466 krist_000 :: KRISTOFFER [Administrator] 13.02.2013 23:23:34 mbam-log-2013-02-13 (23-23-34).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 457553 Laufzeit: 16 Minute(n), 47 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter OTL logfile created on: 14.02.2013 15:13:58 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\krist_000\Downloads 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16484) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,89 Gb Total Physical Memory | 1,27 Gb Available Physical Memory | 32,57% Memory free 12,39 Gb Paging File | 9,38 Gb Available in Paging File | 75,70% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 102,54 Gb Total Space | 33,83 Gb Free Space | 32,99% Space Free | Partition Type: NTFS Drive D: | 110,93 Gb Total Space | 71,07 Gb Free Space | 64,07% Space Free | Partition Type: NTFS Computer Name: KRISTOFFER | User Name: krist_000 | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\krist_000\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Users\krist_000\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) PRC - C:\Users\krist_000\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe (TeamViewer GmbH) PRC - C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe (TeamViewer GmbH) PRC - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe (ASUSTeK Computer Inc.) PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) PRC - C:\Windows\SysWOW64\WWAHost.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS) PRC - C:\Windows\SysWOW64\ACEngSvr.exe (ASUSTeK) PRC - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Motorola Solutions, Inc.) PRC - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions, Inc.) PRC - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe (ASUS) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUSTek Computer Inc.) PRC - C:\Windows\SysWOW64\irstrtsv.exe (Intel Corporation) PRC - C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe (ASUSTeK Computer Inc.) PRC - C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTek Computer Inc.) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUSTek Computer Inc.) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTek Computer Inc.) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) PRC - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe (Microsoft Corporation.) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUSTek Computer Inc.) PRC - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe (ASUS) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS) ========== Modules (No Company Name) ========== MOD - C:\Users\krist_000\AppData\Local\Google\Chrome\User Data\PepperFlash\11.6.602.167\pepflashplayer.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\e1ec8b9a6d4f9af9d6065c4187fb1b5f\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\f641b786d36d1cc5a5531a746c96ce1b\System.Xaml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\38638a559066bf7f2325a53ed53629bc\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\05cc6faa6704d01e78700561b22937e3\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\6824c9f11ea82b4148780cd92c9d6745\PresentationFramework.Aero2.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\8347ac8367f91309fa888d79a54c7450\PresentationFramework.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\1c7f4533b2b24c10a628793a8b93e1a7\PresentationCore.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\15cc4fff434f274c1f6ab56a385dcb54\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\a7811936e59aaee26b1d9d467174d6d4\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\374a0cc6603f58864831897ef723bd4a\mscorlib.ni.dll () MOD - C:\Users\krist_000\AppData\Local\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll () MOD - C:\Users\krist_000\AppData\Local\Google\Chrome\Application\24.0.1312.57\pdf.dll () MOD - C:\Users\krist_000\AppData\Local\Google\Chrome\Application\24.0.1312.57\libglesv2.dll () MOD - C:\Users\krist_000\AppData\Local\Google\Chrome\Application\24.0.1312.57\libegl.dll () MOD - C:\Users\krist_000\AppData\Local\Google\Chrome\Application\24.0.1312.57\ffmpegsumo.dll () MOD - C:\Users\krist_000\AppData\Roaming\Spotify\Data\libcef.dll () MOD - C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll () ========== Services (SafeList) ========== SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation) SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation) SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation) SRV:64bit: - (OfficeSvc) -- C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe (Microsoft Corporation) SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation) SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation) SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation) SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation) SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation) SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation) SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation) SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation) SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation) SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation) SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation) SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation) SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation) SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation) SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation) SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation) SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation) SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation) SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (ZeroConfigService) -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel® Corporation) SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe () SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) SRV:64bit: - (AMPPALR3) -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel Corporation) SRV:64bit: - (BTHSSecurityMgr) -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel(R) Corporation) SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (TeamViewer8) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (HPSLPSVC) -- C:\Users\KRIST_~1\AppData\Local\Temp\7zS71D5\hpslpsvc64.dll (Hewlett-Packard Co.) SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation) SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation) SRV - (Bluetooth OBEX Service) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Motorola Solutions, Inc.) SRV - (Bluetooth Device Monitor) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions, Inc.) SRV - (irstrtsv) -- C:\Windows\SysWOW64\irstrtsv.exe (Intel Corporation) SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation) SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUSTek Computer Inc.) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe (Microsoft Corporation.) SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe (Microsoft Corporation.) SRV - (ASUS InstantOn) -- C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe (ASUS) SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS) ========== Driver Services (SafeList) ========== DRV:64bit: - (aswnet) -- C:\Windows\SysNative\Drivers\aswnet.sys (AVAST Software) DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation) DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation) DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation) DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation) DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation) DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation) DRV:64bit: - (ATP) -- C:\Windows\SysNative\Drivers\AsusTP.sys (ASUS Corporation) DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software) DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software) DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\Drivers\aswMonFlt.sys (AVAST Software) DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software) DRV:64bit: - (LVUVC64) -- C:\Windows\SysNative\Drivers\lvuvc64.sys (Logitech Inc.) DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\Drivers\lvrs64.sys (Logitech Inc.) DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\Drivers\aswRdr2.sys (AVAST Software) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation) DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation) DRV:64bit: - (StillCam) -- C:\Windows\SysNative\Drivers\serscan.sys (Microsoft Corporation) DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation) DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation) DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation) DRV:64bit: - (NETwNe64) -- C:\Windows\SysNative\Drivers\NETwew00.sys (Intel Corporation) DRV:64bit: - (igfx) -- C:\Windows\SysNative\Drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (intaud_WaveExtensible) -- C:\Windows\SysNative\Drivers\intelaud.sys (Intel Corporation) DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\Drivers\iwdbus.sys (Intel Corporation) DRV:64bit: - (XHCIPort) -- C:\Windows\SysNative\Drivers\xHCIPort.sys (Windows (R) Win 7 DDK provider) DRV:64bit: - (usb3Hub) -- C:\Windows\SysNative\Drivers\usb3Hub.sys (Windows (R) Win 7 DDK provider) DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\Drivers\kbfiltr.sys ( ) DRV:64bit: - (irstrtdv) -- C:\Windows\SysNative\Drivers\irstrtdv.sys (Intel Corporation) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation) DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation) DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation) DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation) DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation) DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation) DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation) DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation) DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation) DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation) DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation) DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation) DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation) DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation) DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\Drivers\WSDPrint.sys (Microsoft Corporation) DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation) DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation) DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation) DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation) DRV:64bit: - (acpials) -- C:\Windows\SysNative\Drivers\acpials.sys (Microsoft Corporation) DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation) DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation) DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation) DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation) DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation) DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation) DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation) DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation) DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation) DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation) DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\Drivers\BthLEEnum.sys (Microsoft Corporation) DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation) DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation) DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation) DRV:64bit: - (AiCharger) -- C:\Windows\SysNative\Drivers\AiCharger.sys (ASUSTek Computer Inc.) DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\Drivers\iaStorA.sys (Intel Corporation) DRV:64bit: - (AMPPALP) -- C:\Windows\SysNative\Drivers\AmpPal.sys (Windows (R) Win 7 DDK provider) DRV:64bit: - (AMPPAL) -- C:\Windows\SysNative\Drivers\AmpPal.sys (Windows (R) Win 7 DDK provider) DRV:64bit: - (btmhsf) -- C:\Windows\SysNative\Drivers\btmhsf.sys (Intel Corporation) DRV:64bit: - (DptfManager) -- C:\Windows\SysNative\Drivers\DptfManager.sys (Intel Corporation) DRV:64bit: - (DptfDevGen) -- C:\Windows\SysNative\Drivers\DptfDevGen.sys (Intel Corporation) DRV:64bit: - (DptfDevDram) -- C:\Windows\SysNative\Drivers\DptfDevDram.sys (Intel Corporation) DRV:64bit: - (DptfDevFan) -- C:\Windows\SysNative\Drivers\DptfDevFan.sys (Intel Corporation) DRV:64bit: - (DptfDevPch) -- C:\Windows\SysNative\Drivers\DptfDevPch.sys (Intel Corporation) DRV:64bit: - (DptfDevProc) -- C:\Windows\SysNative\Drivers\DptfDevProc.sys (Intel Corporation) DRV:64bit: - (AX88772) -- C:\Windows\SysNative\Drivers\ax88772.sys (ASIX Electronics Corp.) DRV:64bit: - (iBtFltCoex) -- C:\Windows\SysNative\Drivers\iBtFltCoex.sys (Intel Corporation) DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\Drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\Drivers\IntcDAud.sys (Intel(R) Corporation) DRV:64bit: - (RSUSBVSTOR) -- C:\Windows\SysNative\Drivers\RtsUVStor.sys (Realtek Semiconductor Corp.) DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\Drivers\agrsm64.sys (LSI Corp) DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\Drivers\Rt630x64.sys (Realtek ) DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\Drivers\NETwNs64.sys (Intel Corporation) DRV:64bit: - (e1iexpress) -- C:\Windows\SysNative\Drivers\e1i63x64.sys (Intel Corporation) DRV:64bit: - (athr) -- C:\Windows\SysNative\Drivers\athrx.sys (Qualcomm Atheros Communications, Inc.) DRV:64bit: - (HIDSwitch) -- C:\Windows\SysNative\Drivers\AsHIDSwitch64.sys (ASUS) DRV:64bit: - (btmaux) -- C:\Windows\SysNative\Drivers\btmaux.sys (Intel Corporation) DRV - (ATKWMIACPIIO) -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (ASUS) DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2347345409-2648239615-1393546621-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com IE - HKU\S-1-5-21-2347345409-2648239615-1393546621-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startfenster.com IE - HKU\S-1-5-21-2347345409-2648239615-1393546621-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-2347345409-2648239615-1393546621-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\krist_000\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\krist_000\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.12.28 14:09:10 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2012.12.28 14:09:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\krist_000\AppData\Roaming\mozilla\Extensions ========== Chrome ========== CHR - homepage: hxxp://www.google.de/ CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}, CHR - homepage: hxxp://www.google.de/ CHR - plugin: Shockwave Flash (Enabled) = C:\Users\krist_000\AppData\Local\Google\Chrome\Application\24.0.1312.57\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\krist_000\AppData\Local\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\krist_000\AppData\Local\Google\Chrome\Application\24.0.1312.57\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll CHR - plugin: Google Update (Enabled) = C:\Users\krist_000\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~2\mcafee\msc\npmcsn~1.dll CHR - Extension: Google Drive = C:\Users\krist_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Users\krist_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Auf den Amazon-Wunschzettel = C:\Users\krist_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\ CHR - Extension: Google-Suche = C:\Users\krist_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Google Kalender = C:\Users\krist_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\ CHR - Extension: avast! WebRep = C:\Users\krist_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\ CHR - Extension: Evernote Web = C:\Users\krist_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0\ CHR - Extension: dict-cc = C:\Users\krist_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nknonnojlmhnmjhpeokdbeineeajcemh\1.6.87_0\ CHR - Extension: Google Mail = C:\Users\krist_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2012.07.26 06:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [ACMON] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS) O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Motorola Solutions, Inc.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe (ASUS Cloud Corporation) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKU\S-1-5-21-2347345409-2648239615-1393546621-1001..\Run: [Spotify] C:\Users\krist_000\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd) O4 - Startup: C:\Users\krist_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\krist_000\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: An Bluetooth senden - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm () O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation) O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: An Bluetooth senden - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm () O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4CFCC10A-995C-47A7-B25A-23C4A6801240}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{79C36127-07F5-4EE7-95D1-833D01F9258D}: DhcpNameServer = 192.168.0.1 O18:64bit: - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation) O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O30 - LSA: Security Packages - (livessp) - File not found O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.02.14 00:31:33 | 006,967,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2013.02.14 00:31:10 | 003,966,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.02.14 00:31:09 | 000,907,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll [2013.02.14 00:31:09 | 000,854,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.02.14 00:31:09 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.02.14 00:31:09 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.02.14 00:31:09 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013.02.14 00:31:09 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013.02.14 00:31:08 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013.02.14 00:31:08 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UXInit.dll [2013.02.14 00:31:08 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013.02.14 00:31:08 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UXInit.dll [2013.02.14 00:31:08 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013.02.14 00:24:25 | 002,094,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmc.exe [2013.02.14 00:24:24 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlidsvc.dll [2013.02.14 00:24:24 | 001,611,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmc.exe [2013.02.14 00:24:21 | 001,886,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setupapi.dll [2013.02.14 00:24:21 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msctf.dll [2013.02.14 00:24:21 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netprofmsvc.dll [2013.02.14 00:24:20 | 000,438,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsm.dll [2013.02.14 00:24:20 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Media.dll [2013.02.14 00:24:20 | 000,028,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\msgpiowin32.sys [2013.02.14 00:24:17 | 000,666,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MP4SDECD.DLL [2013.02.14 00:24:17 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Networking.dll [2013.02.14 00:24:17 | 000,303,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys [2013.02.14 00:24:17 | 000,194,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sdbus.sys [2013.02.14 00:24:17 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetpp.dll [2013.02.14 00:24:17 | 000,124,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpsd.sys [2013.02.14 00:24:16 | 000,728,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samsrv.dll [2013.02.14 00:24:16 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MP4SDECD.DLL [2013.02.14 00:24:16 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Networking.dll [2013.02.14 00:24:16 | 000,261,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Media.dll [2013.02.14 00:24:16 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSDMon.dll [2013.02.14 00:24:16 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsquirt.exe [2013.02.14 00:24:16 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncbservice.dll [2013.02.14 00:24:16 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\httpprxm.dll [2013.02.14 00:24:16 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wiaacmgr.exe [2013.02.14 00:24:16 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wiaacmgr.exe [2013.02.14 00:24:16 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adhsvc.dll [2013.02.14 00:24:15 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adhapi.dll [2013.02.14 00:24:15 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\httpprxp.dll [2013.02.14 00:24:15 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\keepaliveprovider.dll [2013.02.14 00:24:08 | 001,690,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\GdiPlus.dll [2013.02.14 00:24:07 | 001,437,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\GdiPlus.dll [2013.02.14 00:02:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive [2013.02.14 00:02:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google [2013.02.14 00:02:32 | 000,984,144 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2013.02.14 00:02:32 | 000,468,144 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswnet.sys [2013.02.14 00:02:32 | 000,370,288 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2013.02.14 00:02:32 | 000,071,600 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2013.02.14 00:02:32 | 000,054,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys [2013.02.14 00:02:32 | 000,025,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2013.02.14 00:02:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus [2013.02.14 00:02:23 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2013.02.14 00:02:22 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe [2013.02.13 23:22:21 | 000,000,000 | ---D | C] -- C:\Users\krist_000\AppData\Roaming\Malwarebytes [2013.02.13 23:22:13 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2013.02.13 23:22:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013.02.13 23:22:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.02.13 23:22:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Anti-Malware [2013.02.13 12:02:24 | 000,000,000 | ---D | C] -- C:\Users\krist_000\AppData\Local\Diagnostics [2013.02.05 10:14:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2013.01.31 21:38:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices [2013.01.31 21:37:06 | 000,000,000 | ---D | C] -- C:\Users\krist_000\Documents\Meine empfangenen Dateien [2013.01.29 20:31:05 | 000,000,000 | R--D | C] -- C:\Users\krist_000\SkyDrive [2013.01.29 20:31:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SkyDrive [2013.01.29 20:30:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft SkyDrive [2013.01.29 20:10:59 | 000,000,000 | ---D | C] -- C:\Users\krist_000\Documents\Benutzerdefinierte Office-Vorlagen [2013.01.29 19:38:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 [2013.01.29 19:37:38 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office 15 [2013.01.28 19:55:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\logishrd [2013.01.28 19:55:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\logishrd [2013.01.17 01:01:43 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBREG [2013.01.17 01:01:37 | 000,000,000 | ---D | C] -- C:\Users\krist_000\AppData\Roaming\HP [2013.01.17 01:01:37 | 000,000,000 | ---D | C] -- C:\Users\krist_000\AppData\Local\HP [2013.01.17 00:59:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft [2013.01.17 00:59:36 | 000,000,000 | ---D | C] -- C:\Users\krist_000\AppData\Roaming\HpUpdate [2013.01.17 00:59:24 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant [2013.01.17 00:58:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\HP [2013.01.17 00:58:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Hewlett-Packard [2013.01.17 00:58:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP [2013.01.17 00:58:31 | 000,138,752 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\hpf3l101.dll [2013.01.17 00:58:27 | 000,000,000 | -H-D | C] -- C:\Config.Msi [2013.01.17 00:57:42 | 001,175,552 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hposwia_p04b.dll [2013.01.17 00:57:42 | 000,643,200 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpzids40.dll [2013.01.17 00:57:41 | 001,421,824 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\hpost_p04b.dll [2013.01.17 00:57:41 | 000,521,216 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\hposc_p04a.dll [2013.01.17 00:32:14 | 000,000,000 | ---D | C] -- C:\Users\krist_000\AppData\Roaming\TeamViewer [2013.01.17 00:31:58 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2013.01.17 00:31:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour [2013.01.17 00:31:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple [2013.01.17 00:31:55 | 000,377,344 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpbrprtmon.dll [2013.01.17 00:31:55 | 000,355,840 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpbprtmon.dll [2013.01.17 00:31:55 | 000,170,496 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpbprtmonui.dll [2013.01.17 00:31:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP [2013.01.17 00:30:18 | 000,000,000 | ---D | C] -- C:\ProgramData\HP [2013.01.17 00:29:23 | 000,000,000 | ---D | C] -- C:\HP_ePrint_Mobile [2013.01.17 00:27:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer ========== Files - Modified Within 30 Days ========== [2013.02.14 15:12:00 | 000,001,138 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.02.14 14:56:01 | 000,001,158 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2347345409-2648239615-1393546621-1001UA.job [2013.02.14 13:23:00 | 000,000,870 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job [2013.02.14 12:56:01 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2347345409-2648239615-1393546621-1001Core.job [2013.02.14 11:27:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.02.14 07:52:45 | 001,745,416 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.02.14 07:52:45 | 000,753,134 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.02.14 07:52:45 | 000,710,244 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.02.14 07:52:45 | 000,155,826 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.02.14 07:52:45 | 000,132,614 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.02.14 07:50:57 | 000,000,500 | ---- | M] () -- C:\Users\krist_000\AppData\Roaming\sp_data.sys [2013.02.14 07:50:45 | 000,001,134 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.02.14 07:50:42 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job [2013.02.14 00:34:44 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2013.02.14 00:34:41 | 3340,271,616 | -HS- | M] () -- C:\hiberfil.sys [2013.02.14 00:05:27 | 000,468,144 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswnet.sys [2013.02.14 00:05:27 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswnet.sys.sum [2013.02.14 00:02:32 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2013.02.07 00:06:14 | 000,692,576 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013.02.07 00:06:14 | 000,078,176 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013.01.31 20:56:59 | 000,002,286 | ---- | M] () -- D:\Desktop\Google Chrome.lnk [2013.01.28 10:22:35 | 001,074,307 | ---- | M] () -- C:\Users\krist_000\Semesterprogramm FSS2013.pdf [2013.01.25 08:45:14 | 000,001,059 | ---- | M] () -- C:\Users\krist_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013.01.17 01:01:36 | 000,250,294 | ---- | M] () -- C:\Windows\hpoins47.dat [2013.01.17 00:59:07 | 000,002,101 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2013.01.16 01:35:49 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UXInit.dll [2013.01.16 01:31:26 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UXInit.dll [2013.01.16 01:25:17 | 001,437,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\GdiPlus.dll [2013.01.16 01:23:19 | 001,690,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\GdiPlus.dll ========== Files Created - No Company Name ========== [2013.02.14 00:24:15 | 000,386,577 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml [2013.02.14 00:02:34 | 000,001,138 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.02.14 00:02:34 | 000,001,134 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.01.29 20:31:03 | 000,002,198 | ---- | C] () -- C:\Users\krist_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk [2013.01.28 10:22:35 | 001,074,307 | ---- | C] () -- C:\Users\krist_000\Semesterprogramm FSS2013.pdf [2013.01.17 00:59:07 | 000,002,101 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2013.01.17 00:57:56 | 000,250,294 | ---- | C] () -- C:\Windows\hpoins47.dat [2013.01.17 00:57:56 | 000,000,478 | ---- | C] () -- C:\Windows\hpomdl47.dat [2013.01.17 00:27:51 | 000,001,180 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk [2013.01.10 09:58:46 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll [2013.01.03 14:18:32 | 000,121,435 | ---- | C] () -- C:\Users\krist_000\H&M – Mode und Qualität zum besten Preis.pdf [2012.12.31 19:06:57 | 000,000,021 | ---- | C] () -- C:\Users\krist_000\AppData\Roaming\my_intel.sys [2012.12.22 12:38:40 | 000,000,500 | ---- | C] () -- C:\Users\krist_000\AppData\Roaming\sp_data.sys [2012.10.26 16:42:24 | 000,336,232 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll [2012.10.26 16:42:22 | 010,919,784 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll [2012.10.26 16:42:22 | 000,103,272 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe [2012.10.08 01:29:12 | 000,185,216 | ---- | C] () -- C:\Windows\SysWow64\dptfinvalidpolicyremover.exe [2012.10.08 01:29:12 | 000,004,362 | ---- | C] () -- C:\Windows\SysWow64\dptfinvalidpolicyremover.ini [2012.08.30 09:27:12 | 000,598,780 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin [2012.08.30 09:26:51 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2012.08.30 09:26:48 | 000,755,048 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin [2012.08.17 01:52:29 | 000,024,576 | ---- | C] () -- C:\ProgramData\SetStretch.exe [2012.08.17 01:52:28 | 000,000,217 | ---- | C] () -- C:\ProgramData\SetStretch.cmd [2012.07.26 09:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2012.07.26 09:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2012.07.26 08:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2012.07.26 02:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2012.07.25 21:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2012.07.25 21:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2012.07.25 21:22:56 | 000,267,284 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin [2012.07.25 21:22:54 | 000,963,376 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin [2012.06.02 15:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2012.04.20 13:59:44 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll ========== ZeroAccess Check ========== [2012.10.08 01:39:23 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.01.10 00:23:07 | 019,791,360 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.01.10 00:26:23 | 017,560,576 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 04:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 04:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 04:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012.12.22 12:38:44 | 000,000,000 | ---D | M] -- C:\Users\krist_000\AppData\Roaming\ASUS WebStorage [2013.02.14 11:29:46 | 000,000,000 | ---D | M] -- C:\Users\krist_000\AppData\Roaming\Dropbox [2013.01.03 17:44:01 | 000,000,000 | ---D | M] -- C:\Users\krist_000\AppData\Roaming\IrfanView [2013.01.08 14:04:42 | 000,000,000 | ---D | M] -- C:\Users\krist_000\AppData\Roaming\pdfforge [2013.02.14 15:02:13 | 000,000,000 | ---D | M] -- C:\Users\krist_000\AppData\Roaming\Spotify [2013.01.17 01:07:02 | 000,000,000 | ---D | M] -- C:\Users\krist_000\AppData\Roaming\TeamViewer [2012.12.28 14:09:14 | 000,000,000 | ---D | M] -- C:\Users\krist_000\AppData\Roaming\Thunderbird ========== Purity Check ========== < End of report > Nach der Neuinstallation lief alles wieder einwandfrei, mich beschleicht aber ein ungutes Gefühl. Daher würde ich vorsichtshalber schauen ob es noch einen Trojaner irgendwo gibt und vor allem ein wenig Prophylaxe betreiben. Ich hoffe die Neuinstallation hat jetzt nicht alle Bemühungen zu Nichte gemacht, geschweige denn eure Zeit verschwendet. Vielen Dank und beste Grüße, painfiller |
|
14.02.2013, 15:55
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Avast VisthAux.exe deaktiviert (Windows 8) Bitte nun Logs mit GMER (<<< klick für Anleitung) und MBAR (Anleitung etwas weiter unten) erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim zweiten Mal nicht will, lass es einfach weg und führ nur MBAR aus. Anleitung MBAR: Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
15.02.2013, 22:06
| #5 |
| | Avast VisthAux.exe deaktiviert (Windows 8) So, Tests habe ich durchgeführt. Wie du vermutet hast, hat der GMER Test nicht funktioniert. Dafür aber der andere, hier das Ergebnis: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.01.0.1020
www.malwarebytes.org
Database version: v2013.02.15.08
Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16484
krist_000 :: KRISTOFFER [administrator]
15.02.2013 22:00:17
mbar-log-2013-02-15 (22-00-17).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 7691
Time elapsed: 10 minute(s), 32 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
Wie geht es weiter? |
|
16.02.2013, 17:20
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Avast VisthAux.exe deaktiviert (Windows 8) Probier GMER noch einmal bitte. Dann TDSSKiller Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ --> Avast VisthAux.exe deaktiviert (Windows 8) |
|
21.02.2013, 21:04
| #7 |
| | Avast VisthAux.exe deaktiviert (Windows 8) So, da bin ich wieder, hat leider etwas länger gedauert... GMER wollte wieder nicht. Startet zwar, aber nach ner Sekunde bricht es zusammen und mit ihm zusammen das ganze System. TDSS habe ich genau wie GMER ohne alles, also ohne Verbindungen/Programme durchlaufen lassen und dabei wurde folgendes gefunden: Code:
ATTFilter 21:01:05.0353 4132 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
21:01:05.0353 4132 UEFI system
21:01:05.0369 4132 ============================================================
21:01:05.0369 4132 Current date / time: 2013/02/21 21:01:05.0369
21:01:05.0369 4132 SystemInfo:
21:01:05.0369 4132
21:01:05.0369 4132 OS Version: 6.2.9200 ServicePack: 0.0
21:01:05.0369 4132 Product type: Workstation
21:01:05.0369 4132 ComputerName: KRISTOFFER
21:01:05.0369 4132 UserName: krist_000
21:01:05.0369 4132 Windows directory: C:\Windows
21:01:05.0369 4132 System windows directory: C:\Windows
21:01:05.0369 4132 Running under WOW64
21:01:05.0369 4132 Processor architecture: Intel x64
21:01:05.0369 4132 Number of processors: 4
21:01:05.0369 4132 Page size: 0x1000
21:01:05.0369 4132 Boot type: Normal boot
21:01:05.0369 4132 ============================================================
21:01:05.0556 4132 Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 (238.47 Gb), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:01:05.0556 4132 ============================================================
21:01:05.0556 4132 \Device\Harddisk0\DR0:
21:01:05.0556 4132 GPT partitions:
21:01:05.0556 4132 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {712BD1FE-327A-4E44-81B5-187BBF608EA2}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x96000
21:01:05.0556 4132 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {EA03EB7D-3EA5-49BC-9260-2597EA786BE7}, Name: Basic data partition, StartLBA 0x96800, BlocksNum 0x12C000
21:01:05.0556 4132 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {1DED6C01-F3F2-434C-B7FF-A75E9BFD45B5}, Name: Microsoft reserved partition, StartLBA 0x1C2800, BlocksNum 0x40000
21:01:05.0556 4132 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {B5FF348F-B336-4661-81D8-62AD1DCFD1BF}, Name: Basic data partition, StartLBA 0x202800, BlocksNum 0xCD16800
21:01:05.0556 4132 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {E4D25D5D-A133-4168-B55E-09BE811DFEB7}, Name: Basic data partition, StartLBA 0xCF19000, BlocksNum 0xDDDA000
21:01:05.0556 4132 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {D3BFE2DE-3DAF-11DF-BA40-E3A556D89593}, UniqueGUID: {E8E7B207-DBAF-44A8-B0C6-10EEDF8F8582}, Name: Basic data partition, StartLBA 0x1ACF3000, BlocksNum 0x800000
21:01:05.0556 4132 \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {743E711E-F7A6-4157-AAE6-6E322527B444}, Name: Basic data partition, StartLBA 0x1B4F3000, BlocksNum 0x2800000
21:01:05.0556 4132 MBR partitions:
21:01:05.0556 4132 ============================================================
21:01:05.0556 4132 C: <-> \Device\Harddisk0\DR0\Partition4
21:01:05.0556 4132 D: <-> \Device\Harddisk0\DR0\Partition5
21:01:05.0556 4132 ============================================================
21:01:05.0556 4132 Initialize success
21:01:05.0556 4132 ============================================================
21:01:17.0697 6184 ============================================================
21:01:17.0697 6184 Scan started
21:01:17.0697 6184 Mode: Manual; SigCheck; TDLFS;
21:01:17.0697 6184 ============================================================
21:01:17.0822 6184 ================ Scan system memory ========================
21:01:17.0822 6184 System memory - ok
21:01:17.0822 6184 ================ Scan services =============================
21:01:17.0885 6184 [ E890C46E4754F0DF51BAFCC8D2E07498 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys
21:01:17.0916 6184 1394ohci - ok
21:01:17.0916 6184 [ 4F18D4C7EA14F11A7211F60D553C03DB ] 3ware C:\Windows\system32\drivers\3ware.sys
21:01:17.0932 6184 3ware - ok
21:01:17.0932 6184 [ 975AABEB243B800C23626D6B652C5A9C ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:01:17.0947 6184 ACPI - ok
21:01:17.0963 6184 [ E3530CCC4018BBFC39176E579E438BE6 ] acpials C:\Windows\system32\DRIVERS\acpials.sys
21:01:17.0963 6184 acpials - ok
21:01:17.0979 6184 [ DC968C37822117E576B933F34A2D130C ] acpiex C:\Windows\system32\Drivers\acpiex.sys
21:01:17.0979 6184 acpiex - ok
21:01:17.0994 6184 [ 0CA9F7C3A78227C21A0A7854E245CFB2 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys
21:01:17.0994 6184 acpipagr - ok
21:01:17.0994 6184 [ 8EB8DA03B142D3DD1EB9ED8107A76C43 ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys
21:01:18.0010 6184 AcpiPmi - ok
21:01:18.0010 6184 [ CBCE725C5D86ABA7D2604E22951AA9B8 ] acpitime C:\Windows\System32\drivers\acpitime.sys
21:01:18.0026 6184 acpitime - ok
21:01:18.0026 6184 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:01:18.0041 6184 AdobeARMservice - ok
21:01:18.0041 6184 [ 93C6388592B99925C1D1576E465BC80F ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
21:01:18.0057 6184 adp94xx - ok
21:01:18.0072 6184 [ D27763E0247292654E7F7D16444C7C72 ] adpahci C:\Windows\system32\drivers\adpahci.sys
21:01:18.0088 6184 adpahci - ok
21:01:18.0088 6184 [ 67B90070FF48F794AF19F9FCF0080D75 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
21:01:18.0104 6184 adpu320 - ok
21:01:18.0104 6184 [ 974AE60BF5B90E31412D93596C968E5B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:01:18.0119 6184 AeLookupSvc - ok
21:01:18.0135 6184 [ 36D6A3201721558A8AFBCC09C2DA4C2C ] AFD C:\Windows\system32\drivers\afd.sys
21:01:18.0151 6184 AFD - ok
21:01:18.0166 6184 [ 98022774D9930ECBB292E70DB7601DF6 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
21:01:18.0182 6184 AgereSoftModem - ok
21:01:18.0182 6184 [ 01590377A5AB19E792528C628A2A68F9 ] agp440 C:\Windows\system32\drivers\agp440.sys
21:01:18.0197 6184 agp440 - ok
21:01:18.0197 6184 [ 16F6F6B7903B913AB41AB848C8BB5658 ] AiCharger C:\Windows\system32\DRIVERS\AiCharger.sys
21:01:18.0213 6184 AiCharger - ok
21:01:18.0213 6184 [ D1BE8E6E5B3AF23A4393AF1BF867977A ] ALG C:\Windows\System32\alg.exe
21:01:18.0229 6184 ALG - ok
21:01:18.0244 6184 [ 025E8C755BE293E50854D26D1BBE5133 ] AllUserInstallAgent C:\Windows\system32\AUInstallAgent.dll
21:01:18.0244 6184 AllUserInstallAgent - ok
21:01:18.0260 6184 [ 5A81054B824004B1ECC04F0034A1CDF9 ] AmdK8 C:\Windows\System32\drivers\amdk8.sys
21:01:18.0260 6184 AmdK8 - ok
21:01:18.0276 6184 [ B849D453E644FAB9BC8EF6DC8CA9C4C6 ] AmdPPM C:\Windows\System32\drivers\amdppm.sys
21:01:18.0276 6184 AmdPPM - ok
21:01:18.0291 6184 [ 35A0EB5AECB0FA3C41A2FB514A562304 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:01:18.0291 6184 amdsata - ok
21:01:18.0307 6184 [ 00452671904F5EE94B50BF0219C97164 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
21:01:18.0322 6184 amdsbs - ok
21:01:18.0322 6184 [ EA3FFE53E92E59C87E3ECA9BEB20D9B7 ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:01:18.0322 6184 amdxata - ok
21:01:18.0338 6184 [ FB88245C1815EB1588DBC364A8D24522 ] AMPPAL C:\Windows\System32\drivers\AMPPAL.sys
21:01:18.0338 6184 AMPPAL - ok
21:01:18.0338 6184 [ FB88245C1815EB1588DBC364A8D24522 ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
21:01:18.0354 6184 AMPPALP - ok
21:01:18.0369 6184 [ A73CEA1B1B0A4F6D10BFD3B9AD9DC5F9 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
21:01:18.0385 6184 AMPPALR3 - ok
21:01:18.0385 6184 [ 83B3682CE922FB0F415734B26D9D6233 ] AppID C:\Windows\system32\drivers\appid.sys
21:01:18.0401 6184 AppID - ok
21:01:18.0401 6184 [ CE2BEAD7F31816FF0AC490D048C969F9 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:01:18.0416 6184 AppIDSvc - ok
21:01:18.0416 6184 [ D64C4AFEE8277F35EF729A2B924666B0 ] Appinfo C:\Windows\System32\appinfo.dll
21:01:18.0432 6184 Appinfo - ok
21:01:18.0432 6184 [ E933401B392387F4BE34DE8BAF1722A7 ] arc C:\Windows\system32\drivers\arc.sys
21:01:18.0447 6184 arc - ok
21:01:18.0447 6184 [ 07CA323EF2E8247A568AB0F3662AD644 ] arcsas C:\Windows\system32\drivers\arcsas.sys
21:01:18.0463 6184 arcsas - ok
21:01:18.0463 6184 [ FA713019412C061385F09BD373BF747A ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
21:01:18.0479 6184 ASLDRService - ok
21:01:18.0479 6184 [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
21:01:18.0479 6184 ASMMAP64 - ok
21:01:18.0494 6184 [ 6A122B4F0E5293CACFA8A5F2CBA9B356 ] ASUS InstantOn C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
21:01:18.0494 6184 ASUS InstantOn - ok
21:01:18.0510 6184 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
21:01:18.0510 6184 aswFsBlk - ok
21:01:18.0510 6184 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
21:01:18.0526 6184 aswMonFlt - ok
21:01:18.0526 6184 [ 7415A03DEF5A4D5068112E8782FCEF75 ] aswnet C:\Windows\System32\Drivers\aswnet.sys
21:01:18.0541 6184 aswnet - ok
21:01:18.0541 6184 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
21:01:18.0557 6184 aswRdr - ok
21:01:18.0557 6184 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
21:01:18.0588 6184 aswSnx - ok
21:01:18.0588 6184 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys
21:01:18.0604 6184 aswSP - ok
21:01:18.0604 6184 [ 74DBAEC35366C4EE7670428808715A6A ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:01:18.0619 6184 AsyncMac - ok
21:01:18.0619 6184 [ A721FF570C2387E383BDDEA9632863C9 ] atapi C:\Windows\system32\drivers\atapi.sys
21:01:18.0635 6184 atapi - ok
21:01:18.0651 6184 [ DECE3E2832F125A41A02FB59F4C54EEA ] athr C:\Windows\system32\DRIVERS\athrx.sys
21:01:18.0713 6184 athr - ok
21:01:18.0713 6184 [ DBC598E47E7A382E60E2A4745D41FEF9 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
21:01:18.0713 6184 ATKGFNEXSrv - ok
21:01:18.0713 6184 [ 41CEAFFCF3550785E59E3EC9BEE8D97A ] ATKWMIACPIIO C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
21:01:18.0729 6184 ATKWMIACPIIO - ok
21:01:18.0729 6184 [ 437EB91CB20144375DDE145149778405 ] ATP C:\Windows\System32\drivers\AsusTP.sys
21:01:18.0744 6184 ATP - ok
21:01:18.0744 6184 [ 810ED88782952228AF9C0985FB7D259E ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
21:01:18.0760 6184 AudioEndpointBuilder - ok
21:01:18.0760 6184 [ 25CA8B87479A374919563B3EE7136F32 ] Audiosrv C:\Windows\System32\Audiosrv.dll
21:01:18.0791 6184 Audiosrv - ok
21:01:18.0791 6184 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
21:01:18.0791 6184 avast! Antivirus - ok
21:01:18.0807 6184 [ 555C879F7CD2A5E476F2F46D3FBD5537 ] AX88772 C:\Windows\system32\DRIVERS\ax88772.sys
21:01:18.0807 6184 AX88772 - ok
21:01:18.0822 6184 [ 89491EF71D5EA011127832C588002853 ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:01:18.0838 6184 AxInstSV - ok
21:01:18.0838 6184 [ 87AB5BB072A3F128541D5B815F82FFDD ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
21:01:18.0854 6184 b06bdrv - ok
21:01:18.0854 6184 [ 81703BC5D68DEDBB086C2368FBE7B334 ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys
21:01:18.0869 6184 BasicDisplay - ok
21:01:18.0869 6184 [ 5EC68164E14D25675C98BBB5F09E8606 ] BasicRender C:\Windows\System32\drivers\BasicRender.sys
21:01:18.0885 6184 BasicRender - ok
21:01:18.0901 6184 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
21:01:18.0901 6184 BBSvc - ok
21:01:18.0916 6184 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
21:01:18.0916 6184 BBUpdate - ok
21:01:18.0932 6184 [ 89143A7BA7850F5C7E61B43BB44B6418 ] BDESVC C:\Windows\System32\bdesvc.dll
21:01:18.0932 6184 BDESVC - ok
21:01:18.0947 6184 [ 9E7AEA59776D904607985AFFE7E5E183 ] Beep C:\Windows\system32\drivers\Beep.sys
21:01:18.0947 6184 Beep - ok
21:01:18.0963 6184 [ 9E6A544F465C582AB42444A217CF04DC ] BFE C:\Windows\System32\bfe.dll
21:01:18.0979 6184 BFE - ok
21:01:18.0994 6184 [ D598C44A7072D3108D8D8102EC5E07F7 ] BITS C:\Windows\System32\qmgr.dll
21:01:19.0057 6184 BITS - ok
21:01:19.0072 6184 [ 4AF14827F1584D084BC136A51FAA8397 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
21:01:19.0088 6184 Bluetooth Device Monitor - ok
21:01:19.0104 6184 [ BC89A4C6A2A9C65E8E88AD0B3BF180FD ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
21:01:19.0119 6184 Bluetooth OBEX Service - ok
21:01:19.0135 6184 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:01:19.0151 6184 Bonjour Service - ok
21:01:19.0151 6184 [ B17AC10B47C7FCB44D22A1F06415840E ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:01:19.0166 6184 bowser - ok
21:01:19.0166 6184 [ 975398A3D2C1FEA73FC93931978DF354 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
21:01:19.0182 6184 BrokerInfrastructure - ok
21:01:19.0182 6184 [ 310068BDA80B1D55C36580FD8A873FAF ] Browser C:\Windows\System32\browser.dll
21:01:19.0197 6184 Browser - ok
21:01:19.0197 6184 [ 3AA4309EBD9491E516F13FE3DC752FEE ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys
21:01:19.0213 6184 BthAvrcpTg - ok
21:01:19.0213 6184 [ A8B20D852B07AE19A13B5D47EC4E4C3B ] BthEnum C:\Windows\System32\drivers\BthEnum.sys
21:01:19.0229 6184 BthEnum - ok
21:01:19.0229 6184 [ 616EB8748C988AEE98D93DA141C3D3B4 ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys
21:01:19.0260 6184 BthHFEnum - ok
21:01:19.0260 6184 [ DCB4EBD928A6FB368BE6CAE522412DE1 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys
21:01:19.0276 6184 bthhfhid - ok
21:01:19.0276 6184 [ 42201C346F0B8C458E1E9CDE04D68A2C ] BthLEEnum C:\Windows\system32\DRIVERS\BthLEEnum.sys
21:01:19.0307 6184 BthLEEnum - ok
21:01:19.0307 6184 [ 033916CE8784A848B9A3D686B7F66D97 ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys
21:01:19.0322 6184 BTHMODEM - ok
21:01:19.0322 6184 [ 091BB978E9504D0AD14586929431A957 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
21:01:19.0338 6184 BthPan - ok
21:01:19.0354 6184 [ B2FD839F9AF51B8580C02B89AC6C6C89 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
21:01:19.0385 6184 BTHPORT - ok
21:01:19.0385 6184 [ A4387C3D271959313E2577DB7BE8BA7A ] bthserv C:\Windows\system32\bthserv.dll
21:01:19.0401 6184 bthserv - ok
21:01:19.0401 6184 [ 9310C81BE4D5EA33798A99355BB53E94 ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
21:01:19.0401 6184 BTHSSecurityMgr - ok
21:01:19.0416 6184 [ 1F715957F5236D30B6020A19A4271F6A ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
21:01:19.0416 6184 BTHUSB - ok
21:01:19.0432 6184 [ 0E39863E0568BAF18DA8A49F0C5D55EB ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
21:01:19.0432 6184 btmaux - ok
21:01:19.0447 6184 [ 1134650C2F97611ACCDB02BC904AD35D ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
21:01:19.0463 6184 btmhsf - ok
21:01:19.0479 6184 [ 990B1BABE6E81FB18E65A87EBEFB1772 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:01:19.0494 6184 cdfs - ok
21:01:19.0494 6184 [ 339BFF85D788268752DA8C9644B188EE ] cdrom C:\Windows\System32\drivers\cdrom.sys
21:01:19.0510 6184 cdrom - ok
21:01:19.0510 6184 [ BAF8F0F55BC300E5F882E521F054E345 ] CertPropSvc C:\Windows\System32\certprop.dll
21:01:19.0526 6184 CertPropSvc - ok
21:01:19.0526 6184 [ F64B7D1A37CC1D5F421D5359EEC81E2E ] circlass C:\Windows\System32\drivers\circlass.sys
21:01:19.0541 6184 circlass - ok
21:01:19.0557 6184 [ 9905168708DB68849B879B5548F68AB3 ] CLFS C:\Windows\system32\drivers\CLFS.sys
21:01:19.0572 6184 CLFS - ok
21:01:19.0572 6184 [ 2DC8538A2260647484A6C921CA837313 ] CmBatt C:\Windows\System32\drivers\CmBatt.sys
21:01:19.0588 6184 CmBatt - ok
21:01:19.0604 6184 [ E708BFF0473EC6B271EA46B65B16CA56 ] CNG C:\Windows\system32\Drivers\cng.sys
21:01:19.0619 6184 CNG - ok
21:01:19.0619 6184 [ 0E5B1E9E7122EDAAF1F6CE047965CA92 ] CompositeBus C:\Windows\System32\drivers\CompositeBus.sys
21:01:19.0651 6184 CompositeBus - ok
21:01:19.0651 6184 COMSysApp - ok
21:01:19.0651 6184 [ D9CB0782AF819548072AA45B70F8B22D ] condrv C:\Windows\system32\drivers\condrv.sys
21:01:19.0666 6184 condrv - ok
21:01:19.0697 6184 [ 9F5AFC3EE57412798B1A559B620386A0 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
21:01:19.0697 6184 cphs - ok
21:01:19.0713 6184 [ F0E78B119D12BA81F163D48C0FF30B9A ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:01:19.0729 6184 CryptSvc - ok
21:01:19.0729 6184 [ C4D01BD86D6B207275FC143EEA951D75 ] dam C:\Windows\system32\drivers\dam.sys
21:01:19.0744 6184 dam - ok
21:01:19.0744 6184 [ 1EC6E533C954BDDF2A37E7851A7E58FD ] DcomLaunch C:\Windows\system32\rpcss.dll
21:01:19.0776 6184 DcomLaunch - ok
21:01:19.0776 6184 [ C8650D1F61149AA546BDBC99172EBBC1 ] defragsvc C:\Windows\System32\defragsvc.dll
21:01:19.0791 6184 defragsvc - ok
21:01:19.0807 6184 [ 5EAEF67AE2AF4D2DC664B649DB7B2E16 ] DeviceAssociationService C:\Windows\system32\das.dll
21:01:19.0822 6184 DeviceAssociationService - ok
21:01:19.0838 6184 [ 799BE46D45D486704CE0F37CA5385262 ] DeviceInstall C:\Windows\system32\umpnpmgr.dll
21:01:19.0854 6184 DeviceInstall - ok
21:01:19.0854 6184 [ 09D9EB9E7898F8E6561473A20CC808B9 ] Dfsc C:\Windows\system32\Drivers\dfsc.sys
21:01:19.0869 6184 Dfsc - ok
21:01:19.0869 6184 [ 9E0E72222264745ADEB0E5AC680B0ED6 ] Dhcp C:\Windows\system32\dhcpcore.dll
21:01:19.0885 6184 Dhcp - ok
21:01:19.0885 6184 [ 3C736FAE17BA6F91BA37594AAB139CD0 ] discache C:\Windows\system32\drivers\discache.sys
21:01:19.0901 6184 discache - ok
21:01:19.0916 6184 [ 560495FF4CA22E1D9B1972FA18F43B6F ] disk C:\Windows\system32\drivers\disk.sys
21:01:19.0916 6184 disk - ok
21:01:19.0916 6184 [ 82A7C72593793FE1EADA7A305BD1567A ] dmvsc C:\Windows\System32\drivers\dmvsc.sys
21:01:19.0932 6184 dmvsc - ok
21:01:19.0947 6184 [ 066B9710B36AB550E01EEFCA52155968 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:01:19.0947 6184 Dnscache - ok
21:01:19.0963 6184 [ 9949AD2ABA168A618D46C799D6CC898C ] dot3svc C:\Windows\System32\dot3svc.dll
21:01:19.0979 6184 dot3svc - ok
21:01:19.0979 6184 [ 109FC3F80BF4F4DC5A071058074F13C1 ] DPS C:\Windows\system32\dps.dll
21:01:19.0994 6184 DPS - ok
21:01:20.0010 6184 [ 0EB108FDBF4662E2666DAEDF79BBFED9 ] DptfDevDram C:\Windows\system32\DRIVERS\DptfDevDram.sys
21:01:20.0010 6184 DptfDevDram - ok
21:01:20.0010 6184 [ 02262B2DD70E27D7C9F05D7F44135D28 ] DptfDevFan C:\Windows\system32\DRIVERS\DptfDevFan.sys
21:01:20.0026 6184 DptfDevFan - ok
21:01:20.0026 6184 [ 1A251FC32063972B4EEDEC43637061ED ] DptfDevGen C:\Windows\system32\DRIVERS\DptfDevGen.sys
21:01:20.0026 6184 DptfDevGen - ok
21:01:20.0041 6184 [ 2986DF25D67710EB415BFDEB5EBDD486 ] DptfDevPch C:\Windows\system32\DRIVERS\DptfDevPch.sys
21:01:20.0041 6184 DptfDevPch - ok
21:01:20.0057 6184 [ 6C3A9CF2037ADDFDC3AB96B04797AE12 ] DptfDevProc C:\Windows\system32\DRIVERS\DptfDevProc.sys
21:01:20.0057 6184 DptfDevProc - ok
21:01:20.0073 6184 [ 593BFE1580F26864AFA2B3CDF3EEF71F ] DptfManager C:\Windows\system32\DRIVERS\DptfManager.sys
21:01:20.0073 6184 DptfManager - ok
21:01:20.0073 6184 [ 9C7C183F937951AE17C5B8B3259CF3FF ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:01:20.0088 6184 drmkaud - ok
21:01:20.0088 6184 [ BF48F32EE248C3D371DA5DC93BBEADA7 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll
21:01:20.0104 6184 DsmSvc - ok
21:01:20.0119 6184 [ ED120AA770A78B5079F8C7BB5AF8A035 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:01:20.0166 6184 DXGKrnl - ok
21:01:20.0166 6184 [ 651FBD69A9713D623D456A240F96179C ] e1iexpress C:\Windows\system32\DRIVERS\e1i63x64.sys
21:01:20.0182 6184 e1iexpress - ok
21:01:20.0198 6184 [ 58BA473DD88F5FC1932282BA683AA03E ] Eaphost C:\Windows\System32\eapsvc.dll
21:01:20.0213 6184 Eaphost - ok
21:01:20.0244 6184 [ 5AB97B3282D7D6114949D1EB5C8598E4 ] ebdrv C:\Windows\system32\drivers\evbda.sys
21:01:20.0307 6184 ebdrv - ok
21:01:20.0307 6184 [ F702AB6181513303AB0FC8D59E52708B ] EFS C:\Windows\System32\lsass.exe
21:01:20.0323 6184 EFS - ok
21:01:20.0323 6184 [ 66D60BD9A4C05616ABECA2A901475098 ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys
21:01:20.0338 6184 EhStorClass - ok
21:01:20.0338 6184 [ A61D0F543024E458C0FE32352E1978E2 ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys
21:01:20.0354 6184 EhStorTcgDrv - ok
21:01:20.0354 6184 [ D790D058D67582DB9C84C2D33695FE6B ] ErrDev C:\Windows\System32\drivers\errdev.sys
21:01:20.0369 6184 ErrDev - ok
21:01:20.0385 6184 [ F9E01C2D9F8BC049E04CF5DC24A5F638 ] EventSystem C:\Windows\system32\es.dll
21:01:20.0401 6184 EventSystem - ok
21:01:20.0401 6184 [ E67E289FA8AA393223AD7F9AFB738FD6 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
21:01:20.0416 6184 EvtEng - ok
21:01:20.0432 6184 [ 7A4D6FEB8C52B3FE855E4DCDF9107E03 ] exfat C:\Windows\system32\drivers\exfat.sys
21:01:20.0448 6184 exfat - ok
21:01:20.0448 6184 [ 60996602A7111FD2D086E803F33E4282 ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:01:20.0463 6184 fastfat - ok
21:01:20.0463 6184 [ F0E7F8382ED5E138B0DFA4CB5058BCFE ] Fax C:\Windows\system32\fxssvc.exe
21:01:20.0494 6184 Fax - ok
21:01:20.0494 6184 [ 73B2D11DF0B6E03A0CB0323218ACB3E4 ] fdc C:\Windows\System32\drivers\fdc.sys
21:01:20.0494 6184 fdc - ok
21:01:20.0510 6184 [ 0828E3E7BD77C89149EAD3232BFD38DB ] fdPHost C:\Windows\system32\fdPHost.dll
21:01:20.0526 6184 fdPHost - ok
21:01:20.0526 6184 [ 872506AAB591E8908DF4461475AF92DF ] FDResPub C:\Windows\system32\fdrespub.dll
21:01:20.0541 6184 FDResPub - ok
21:01:20.0541 6184 [ 0588950D93A426F97C7AAADB1A9B0458 ] fhsvc C:\Windows\system32\fhsvc.dll
21:01:20.0557 6184 fhsvc - ok
21:01:20.0573 6184 [ 88A9EBACD1058ABB237A6B4E96E7F397 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:01:20.0573 6184 FileInfo - ok
21:01:20.0573 6184 [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:01:20.0588 6184 Filetrace - ok
21:01:20.0604 6184 [ B1D4C168FF7B8579E3745888658FFB1D ] flpydisk C:\Windows\System32\drivers\flpydisk.sys
21:01:20.0604 6184 flpydisk - ok
21:01:20.0619 6184 [ B33EC133AE4E6C1881D2302D93D2467D ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:01:20.0635 6184 FltMgr - ok
21:01:20.0651 6184 [ 0BCDC0FF11B984162B0CF0FF6E9E0146 ] FontCache C:\Windows\system32\FntCache.dll
21:01:20.0666 6184 FontCache - ok
21:01:20.0666 6184 [ 0B56259F5611787222A04A8F254E51D4 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:01:20.0682 6184 FontCache3.0.0.0 - ok
21:01:20.0682 6184 [ A5F7873A39E4E9FAAAE59B7E9E36B705 ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:01:20.0698 6184 FsDepends - ok
21:01:20.0698 6184 [ A6DD7D491F587F4BC13FB972977DC8E8 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:01:20.0713 6184 Fs_Rec - ok
21:01:20.0713 6184 [ FA228F4BB10DC7ED7E7D131C034E2331 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:01:20.0729 6184 fvevol - ok
21:01:20.0729 6184 [ A969D92973DFA895E7776B4BFE36DBB2 ] FxPPM C:\Windows\System32\drivers\fxppm.sys
21:01:20.0744 6184 FxPPM - ok
21:01:20.0744 6184 [ 52BC441E07A827EBAB70CDC7EAEDB28D ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
21:01:20.0760 6184 gagp30kx - ok
21:01:20.0760 6184 [ 721F8EEF5E9747F32670DEFF7FB92541 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys
21:01:20.0776 6184 gencounter - ok
21:01:20.0776 6184 [ CA18ECFCFFDD638ECE80799A9056B238 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys
21:01:20.0791 6184 GPIOClx0101 - ok
21:01:20.0807 6184 [ 5358678C6370F2ADC5291849F6503262 ] gpsvc C:\Windows\System32\gpsvc.dll
21:01:20.0838 6184 gpsvc - ok
21:01:20.0838 6184 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:01:20.0838 6184 gupdate - ok
21:01:20.0854 6184 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:01:20.0854 6184 gupdatem - ok
21:01:20.0854 6184 [ C2504AA983B5D411F7D31402E8B57725 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:01:20.0869 6184 HdAudAddService - ok
21:01:20.0885 6184 [ 7D87B5B6C7188D553E11B59DC7F0B111 ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys
21:01:20.0885 6184 HDAudBus - ok
21:01:20.0901 6184 [ 3F76BBA53D65E85A7F53E7A71082082C ] HidBatt C:\Windows\System32\drivers\HidBatt.sys
21:01:20.0901 6184 HidBatt - ok
21:01:20.0916 6184 [ A25BAE8C1F2830C8E5625EC7E4E968BE ] HidBth C:\Windows\System32\drivers\hidbth.sys
21:01:20.0932 6184 HidBth - ok
21:01:20.0932 6184 [ CC4A07E51D89575CAB6F4EB590D87CD4 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys
21:01:20.0948 6184 hidi2c - ok
21:01:20.0948 6184 [ DC96F7DACB777CDEAEF9958A50BFDA06 ] HidIr C:\Windows\System32\drivers\hidir.sys
21:01:20.0963 6184 HidIr - ok
21:01:20.0979 6184 [ FAC37D7B3D6354A5A5E19A45B50B4008 ] hidserv C:\Windows\system32\hidserv.dll
21:01:20.0979 6184 hidserv - ok
21:01:20.0994 6184 [ A9F2301B8D28BB4D887F5AEBB55ACB3A ] HIDSwitch C:\Windows\System32\drivers\AsHIDSwitch64.sys
21:01:20.0994 6184 HIDSwitch - ok
21:01:20.0994 6184 [ 590B6F71BCDA4368B4BF7D8DF22B60F7 ] HidUsb C:\Windows\System32\drivers\hidusb.sys
21:01:21.0010 6184 HidUsb - ok
21:01:21.0010 6184 [ 43F884B61A24377567CD0FEB35236334 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:01:21.0026 6184 hkmsvc - ok
21:01:21.0041 6184 [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:01:21.0057 6184 HomeGroupListener - ok
21:01:21.0057 6184 [ E0D9F6FE18FA7F53ADD29AF719CE2B7E ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:01:21.0073 6184 HomeGroupProvider - ok
21:01:21.0088 6184 [ 930370725FA0FE272346583A7A7D6BDB ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
21:01:21.0088 6184 hpqcxs08 - ok
21:01:21.0104 6184 [ EE281DD6843F3F697C1AD7933EEB1E9B ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
21:01:21.0104 6184 hpqddsvc - ok
21:01:21.0104 6184 [ 64DB7A8D97CA53DCCF93D0A1E08342CF ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:01:21.0119 6184 HpSAMD - ok
21:01:21.0135 6184 [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC C:\Users\KRIST_~1\AppData\Local\Temp\7zS71D5\hpslpsvc64.dll
21:01:21.0151 6184 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
21:01:21.0151 6184 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
21:01:21.0166 6184 [ 29CB98187BB5711F7759540976D295FC ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:01:21.0182 6184 HTTP - ok
21:01:21.0198 6184 [ 2A98301068801700906C06649860FE94 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:01:21.0198 6184 hwpolicy - ok
21:01:21.0198 6184 [ DC76901D82097C9E297F20C287CB9A27 ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys
21:01:21.0213 6184 hyperkbd - ok
21:01:21.0213 6184 [ 716413AB3CA12DE0A7222D28C1C9352C ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys
21:01:21.0229 6184 HyperVideo - ok
21:01:21.0229 6184 [ C9E9CBF73AFFBFE3E801EFB516787BA3 ] i8042prt C:\Windows\System32\drivers\i8042prt.sys
21:01:21.0244 6184 i8042prt - ok
21:01:21.0260 6184 [ 0FE66A51D81A25AACEAAE4C26308121D ] iaStorA C:\Windows\system32\drivers\iaStorA.sys
21:01:21.0276 6184 iaStorA - ok
21:01:21.0276 6184 [ 5E394EBD26FD68AA9300332C46BEDD62 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:01:21.0291 6184 iaStorV - ok
21:01:21.0291 6184 [ 43E864824FCEBEE7119E1572B2703EB9 ] iBtFltCoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
21:01:21.0307 6184 iBtFltCoex - ok
21:01:21.0385 6184 [ 11A31FC2481BFE69B0507ED8C80215F4 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
21:01:21.0494 6184 igfx - ok
21:01:21.0494 6184 [ 24847A06B84339FEEDE5CABF3D27D320 ] iirsp C:\Windows\system32\drivers\iirsp.sys
21:01:21.0494 6184 iirsp - ok
21:01:21.0510 6184 [ 531B5A98145DA689741A0AC18F14EA94 ] IKEEXT C:\Windows\System32\ikeext.dll
21:01:21.0541 6184 IKEEXT - ok
21:01:21.0541 6184 [ FD2032D2EAE8D7F3381EBA5FA3E7FEEA ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
21:01:21.0557 6184 intaud_WaveExtensible - ok
21:01:21.0588 6184 [ DC052337C24A87AA1ACC8FCE4F2D5C7F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:01:21.0651 6184 IntcAzAudAddService - ok
21:01:21.0651 6184 [ F5495B38BFB9149925F54F65AB40EFBF ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
21:01:21.0666 6184 IntcDAud - ok
21:01:21.0666 6184 [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
21:01:21.0682 6184 Intel(R) Capability Licensing Service Interface - ok
21:01:21.0698 6184 [ 9656F8E29F6C3161A3E99BCD3A472FF9 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
21:01:21.0698 6184 Intel(R) ME Service - ok
21:01:21.0698 6184 [ 4F37726CF764CA18A8A84F85EF3A7F24 ] intelide C:\Windows\system32\drivers\intelide.sys
21:01:21.0713 6184 intelide - ok
21:01:21.0713 6184 [ E15CDF68DD73423F15D4AC404793AF0D ] intelppm C:\Windows\System32\drivers\intelppm.sys
21:01:21.0729 6184 intelppm - ok
21:01:21.0729 6184 [ 8FCA66234A0933D796BB780B7953BAB9 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:01:21.0744 6184 IpFilterDriver - ok
21:01:21.0760 6184 [ C217B8D2E58C57A319B16125C3D4B69C ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:01:21.0776 6184 iphlpsvc - ok
21:01:21.0776 6184 [ 6E98A046A12AA113F8898AA5D612BD6E ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys
21:01:21.0791 6184 IPMIDRV - ok
21:01:21.0791 6184 [ 3969B9C218DD3FAA9F4ED2FFC3651C02 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:01:21.0807 6184 IPNAT - ok
21:01:21.0823 6184 [ 25CD7C4BB2863FFC2B0B311F0AEBF77C ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:01:21.0823 6184 IRENUM - ok
21:01:21.0823 6184 [ 4D9B9A794F22415B8C3E0CCFBE61BC7A ] irstrtdv C:\Windows\System32\drivers\irstrtdv.sys
21:01:21.0838 6184 irstrtdv - ok
21:01:21.0869 6184 [ E145E934392E7A49FDC6775AC3A347F8 ] irstrtsv C:\Windows\SysWOW64\irstrtsv.exe
21:01:21.0869 6184 irstrtsv - ok
21:01:21.0885 6184 [ D940C5BB9DC92E588533C19ABCC3D2C2 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:01:21.0885 6184 isapnp - ok
21:01:21.0901 6184 [ 69C8BF0BC2B0EA10F130F4D3104DC2EF ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys
21:01:21.0916 6184 iScsiPrt - ok
21:01:21.0916 6184 [ C59B9CE2855E667809F9E63C20FC44A5 ] iwdbus C:\Windows\System32\drivers\iwdbus.sys
21:01:21.0916 6184 iwdbus - ok
21:01:21.0932 6184 [ 78ABBE558F57144047F10A0F50FE4B2F ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
21:01:21.0932 6184 jhi_service - ok
21:01:21.0932 6184 [ 8FBD94B69D6423E20ABCD59D86368B21 ] kbdclass C:\Windows\System32\drivers\kbdclass.sys
21:01:21.0948 6184 kbdclass - ok
21:01:21.0948 6184 [ E88C932ABDF8185A62C8F2FC7B051FB6 ] kbdhid C:\Windows\System32\drivers\kbdhid.sys
21:01:21.0963 6184 kbdhid - ok
21:01:21.0963 6184 [ A8080BEBCDB7A16495CE1205921DCAC5 ] kbfiltr C:\Windows\System32\drivers\kbfiltr.sys
21:01:21.0979 6184 kbfiltr - ok
21:01:21.0979 6184 [ FB6C185092E18011EF49989425C2AA87 ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys
21:01:21.0979 6184 kdnic - ok
21:01:21.0994 6184 [ F702AB6181513303AB0FC8D59E52708B ] KeyIso C:\Windows\system32\lsass.exe
21:01:21.0994 6184 KeyIso - ok
21:01:22.0010 6184 [ DFA480F6DED551464F3A5B959F437800 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:01:22.0010 6184 KSecDD - ok
21:01:22.0026 6184 [ 127FB0AAD232BAAD2C9BBACD374F4FC5 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:01:22.0026 6184 KSecPkg - ok
21:01:22.0041 6184 [ 81492FEEBF2F26455B00EE8DBAE8A1B0 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:01:22.0041 6184 ksthunk - ok
21:01:22.0057 6184 [ 5825DBACEDC3812B5CF8D40B997BF210 ] KtmRm C:\Windows\system32\msdtckrm.dll
21:01:22.0073 6184 KtmRm - ok
21:01:22.0073 6184 [ 256EE31588257E8A555DBFAA13F1908E ] LanmanServer C:\Windows\system32\srvsvc.dll
21:01:22.0088 6184 LanmanServer - ok
21:01:22.0104 6184 [ 16650912BE5A94B40E0B3B4C39652B56 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:01:22.0119 6184 LanmanWorkstation - ok
21:01:22.0119 6184 [ CEEFD29FC551F289810B0B9381B321DC ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:01:22.0135 6184 lltdio - ok
21:01:22.0135 6184 [ BCF53485E0A94722CDE3C4A93CD8EB8C ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:01:22.0151 6184 lltdsvc - ok
21:01:22.0166 6184 [ 5A2F7F1CBC2E631A497DAD16164E06D2 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:01:22.0166 6184 lmhosts - ok
21:01:22.0182 6184 [ 2C24DC448DBE8DB9BE1441B824C57E79 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:01:22.0182 6184 LMS - ok
21:01:22.0198 6184 [ 022CDD12161B063D7852B1075BF3FFF2 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
21:01:22.0198 6184 LSI_SAS - ok
21:01:22.0213 6184 [ 07AD59D669B996F29F91817F0ECFA34F ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
21:01:22.0213 6184 LSI_SAS2 - ok
21:01:22.0213 6184 [ 216FB796AA4E252ACCE93B1BCB80B5EC ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
21:01:22.0229 6184 LSI_SCSI - ok
21:01:22.0229 6184 [ 5E80530AF37102488EE980B4A92AF99F ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys
21:01:22.0244 6184 LSI_SSS - ok
21:01:22.0244 6184 [ A57BA284F5996FFD32DCDBC41A4657DB ] LSM C:\Windows\System32\lsm.dll
21:01:22.0260 6184 LSM - ok
21:01:22.0276 6184 [ 2BDC5D711FA61307CE6190D47C956368 ] luafv C:\Windows\system32\drivers\luafv.sys
21:01:22.0291 6184 luafv - ok
21:01:22.0291 6184 [ A0A527569856B9814E8920F52EBB67F5 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
21:01:22.0307 6184 LVRS64 - ok
21:01:22.0354 6184 [ 415E344294D1C0D04627B29146F68481 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
21:01:22.0416 6184 LVUVC64 - ok
21:01:22.0432 6184 [ 9B0D829C3BE4E7472DB9DD2B79908E3C ] megasas C:\Windows\system32\drivers\megasas.sys
21:01:22.0432 6184 megasas - ok
21:01:22.0432 6184 [ ECC3F54C7AFC318271C4F0B4606D8DB0 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
21:01:22.0448 6184 MegaSR - ok
21:01:22.0463 6184 [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64 C:\Windows\System32\drivers\HECIx64.sys
21:01:22.0463 6184 MEIx64 - ok
21:01:22.0463 6184 [ EEE908BE7143FCA48CF0CB87214E2AB8 ] MMCSS C:\Windows\system32\mmcss.dll
21:01:22.0479 6184 MMCSS - ok
21:01:22.0479 6184 [ 780098AD5DA8A4822E2563984C85EF7B ] Modem C:\Windows\system32\drivers\modem.sys
21:01:22.0495 6184 Modem - ok
21:01:22.0510 6184 [ 83EB0BF7E6EBD5B1AAC97F9DBD5EB935 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:01:22.0510 6184 monitor - ok
21:01:22.0510 6184 [ 618446B98C79776654340CE27C73485E ] mouclass C:\Windows\System32\drivers\mouclass.sys
21:01:22.0526 6184 mouclass - ok
21:01:22.0526 6184 [ CB2527B8B87D83E56FBF3944BBB6F606 ] mouhid C:\Windows\System32\drivers\mouhid.sys
21:01:22.0541 6184 mouhid - ok
21:01:22.0541 6184 [ 89D263DBF08119CE16273991C120D6DD ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:01:22.0557 6184 mountmgr - ok
21:01:22.0557 6184 [ 8121C6DD654970FEDDBC195596D9706E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:01:22.0573 6184 MozillaMaintenance - ok
21:01:22.0573 6184 [ 0D1609DD82C7440F5D5BF21A9D4D5C0C ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:01:22.0588 6184 mpsdrv - ok
21:01:22.0604 6184 [ 3031573A739DBEE8923851929D0AF423 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:01:22.0620 6184 MpsSvc - ok
21:01:22.0620 6184 [ 3D70147F55F1EC84EB9139ED7FFE48BC ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:01:22.0635 6184 MRxDAV - ok
21:01:22.0651 6184 [ 877D60D6E4156EC4A2E0B6871D41BED9 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:01:22.0651 6184 mrxsmb - ok
21:01:22.0666 6184 [ 06D5F2FA3C61E8EA91648EA8E9F99FD3 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:01:22.0682 6184 mrxsmb10 - ok
21:01:22.0682 6184 [ E078446D4B8622AA6030C7B8A1A08962 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:01:22.0698 6184 mrxsmb20 - ok
21:01:22.0698 6184 [ 98487487D6B3797CA927E9D7B030AE13 ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys
21:01:22.0713 6184 MsBridge - ok
21:01:22.0713 6184 [ 4A07458EB4F17573BD39F22029A991C1 ] MSDTC C:\Windows\System32\msdtc.exe
21:01:22.0729 6184 MSDTC - ok
21:01:22.0745 6184 [ 3886F1F2A4D2900ABAA7E4486BEEE6A2 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:01:22.0745 6184 Msfs - ok
21:01:22.0760 6184 [ C32A7A39B960A42BA9D4FBE47213CA03 ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys
21:01:22.0760 6184 msgpiowin32 - ok
21:01:22.0760 6184 [ D3857A767B91A061B408CCAB02DA4F40 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:01:22.0776 6184 mshidkmdf - ok
21:01:22.0776 6184 [ 839B48910FB1E887635C48F3EC11A05E ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys
21:01:22.0791 6184 mshidumdf - ok
21:01:22.0791 6184 [ 55C0DB741E3AB7463242B185B1C2997C ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:01:22.0807 6184 msisadrv - ok
21:01:22.0807 6184 [ 216C6B035A4BA5560E1255BD8E5BB89F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:01:22.0823 6184 MSiSCSI - ok
21:01:22.0823 6184 msiserver - ok
21:01:22.0823 6184 [ 509809566E49F4411055864EA8D437CD ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:01:22.0838 6184 MSKSSRV - ok
21:01:22.0838 6184 [ 63145201D6458E4958E572E7D6FC2604 ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys
21:01:22.0854 6184 MsLldp - ok
21:01:22.0854 6184 [ 99D526E803DB6D7FF290FD98B6204641 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:01:22.0870 6184 MSPCLOCK - ok
21:01:22.0870 6184 [ 06FA77C3E2A491ADCD704C5E73006269 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:01:22.0885 6184 MSPQM - ok
21:01:22.0885 6184 [ E134EC4DE11CF78CB01432D180710D84 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:01:22.0916 6184 MsRPC - ok
21:01:22.0916 6184 [ B5AECF12F09DEE97C9FCAA5BA016CE1E ] mssmbios C:\Windows\System32\drivers\mssmbios.sys
21:01:22.0916 6184 mssmbios - ok
21:01:22.0932 6184 [ 72D66A05E0F99F2528F6C6204FD22AA1 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:01:22.0932 6184 MSTEE - ok
21:01:22.0948 6184 [ 8AAAE399FC255FA105D4158CBA289001 ] MTConfig C:\Windows\System32\drivers\MTConfig.sys
21:01:22.0948 6184 MTConfig - ok
21:01:22.0963 6184 [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A ] Mup C:\Windows\system32\Drivers\mup.sys
21:01:22.0963 6184 Mup - ok
21:01:22.0963 6184 [ 3A1E095277BBD406CEA8EA6B76950664 ] mvumis C:\Windows\system32\drivers\mvumis.sys
21:01:22.0979 6184 mvumis - ok
21:01:22.0995 6184 [ 431F065E2A99FC3C670BD20694117C8B ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
21:01:22.0995 6184 MyWiFiDHCPDNS - ok
21:01:23.0010 6184 [ 4B18840511D720BA118D3017E8165875 ] napagent C:\Windows\system32\qagentRT.dll
21:01:23.0026 6184 napagent - ok
21:01:23.0026 6184 [ 43D7388A90A4C6EA346A4D6FF0377479 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:01:23.0041 6184 NativeWifiP - ok
21:01:23.0057 6184 [ 6A0C3996DA7DAE6D6939676D786EEEC4 ] NcaSvc C:\Windows\System32\ncasvc.dll
21:01:23.0073 6184 NcaSvc - ok
21:01:23.0073 6184 [ C982FE4CC91DECE2259F494FCEB4030F ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll
21:01:23.0088 6184 NcdAutoSetup - ok
21:01:23.0104 6184 [ 0F89AE618DBA5D8AB7A2DFCC375F4159 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:01:23.0120 6184 NDIS - ok
21:01:23.0120 6184 [ 39C8A1D9D46F5E83A016BCAB72455284 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:01:23.0135 6184 NdisCap - ok
21:01:23.0151 6184 [ 762941932B7E4C588E48A577BA9D6440 ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys
21:01:23.0166 6184 NdisImPlatform - ok
21:01:23.0166 6184 [ 7A6F8A6D0E01432EBA294EF29CDD0FA7 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:01:23.0166 6184 NdisTapi - ok
21:01:23.0182 6184 [ 79AB68BB3FFF974AD4F41FA559F4EC67 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:01:23.0182 6184 Ndisuio - ok
21:01:23.0198 6184 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:01:23.0213 6184 NdisWan - ok
21:01:23.0213 6184 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NDISWANLEGACY C:\Windows\system32\DRIVERS\ndiswan.sys
21:01:23.0229 6184 NDISWANLEGACY - ok
21:01:23.0229 6184 [ CE6EBC0AD38CC6482D8FBB744FF15CE2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:01:23.0245 6184 NDProxy - ok
21:01:23.0245 6184 [ D3F60A4345FCA9C1BE68AD7D0D6DE770 ] Ndu C:\Windows\system32\drivers\Ndu.sys
21:01:23.0260 6184 Ndu - ok
21:01:23.0260 6184 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\System32\HPZinw12.dll
21:01:23.0276 6184 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
21:01:23.0276 6184 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
21:01:23.0276 6184 [ 7C203A76394F9AE68F69EEE5F9612C4A ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:01:23.0291 6184 NetBIOS - ok
21:01:23.0291 6184 [ 7CEC25C682D319D484630B3952C31A11 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:01:23.0307 6184 NetBT - ok
21:01:23.0323 6184 [ F702AB6181513303AB0FC8D59E52708B ] Netlogon C:\Windows\system32\lsass.exe
21:01:23.0323 6184 Netlogon - ok
21:01:23.0338 6184 [ 89519D29CBEC2121CA65CC29C4D345E0 ] Netman C:\Windows\System32\netman.dll
21:01:23.0354 6184 Netman - ok
21:01:23.0354 6184 [ C166E3CD90AB0781ECDF10EC765B083A ] netprofm C:\Windows\System32\netprofmsvc.dll
21:01:23.0385 6184 netprofm - ok
21:01:23.0385 6184 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:01:23.0401 6184 NetTcpPortSharing - ok
21:01:23.0432 6184 [ 6C9793D9E1E26E74B6421B0791971F89 ] NETwNe64 C:\Windows\system32\DRIVERS\NETwew00.sys
21:01:23.0495 6184 NETwNe64 - ok
21:01:23.0573 6184 [ 57B9C04D673F236D41FAB03842C8640B ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
21:01:23.0682 6184 NETwNs64 - ok
21:01:23.0682 6184 [ 12DD2800E4EEA37DC9AE256AD62423B4 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
21:01:23.0698 6184 nfrd960 - ok
21:01:23.0698 6184 [ 80ABCD4C2DE9FD832477303AE0CA3BE5 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:01:23.0713 6184 NlaSvc - ok
21:01:23.0729 6184 [ 17E19A742FB30C002F8B43575451DBE1 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:01:23.0729 6184 Npfs - ok
21:01:23.0745 6184 [ 8ED299C30792544264E558BEA79F0947 ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys
21:01:23.0760 6184 npsvctrig - ok
21:01:23.0760 6184 [ 832B5FDF0B5577713FD7F2465FCD0ACE ] nsi C:\Windows\system32\nsisvc.dll
21:01:23.0776 6184 nsi - ok
21:01:23.0776 6184 [ 689B3B1E95C70ABF7AFF29F9406EF1E0 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:01:23.0791 6184 nsiproxy - ok
21:01:23.0807 6184 [ 11D7A4A4A1DA60F394F53B413DCDF0DE ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:01:23.0854 6184 Ntfs - ok
21:01:23.0854 6184 [ 4163ADE07DB51843AE31F65B94F5398D ] Null C:\Windows\system32\drivers\Null.sys
21:01:23.0870 6184 Null - ok
21:01:23.0870 6184 [ D6D34118263412D3AAA8348A9572B7F2 ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:01:23.0885 6184 nvraid - ok
21:01:23.0885 6184 [ 27AFC428D1D32ABD04A86763A4EDDEA9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:01:23.0901 6184 nvstor - ok
21:01:23.0901 6184 [ 051CFB5107BAAE510419BDC41F8C4036 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:01:23.0916 6184 nv_agp - ok
21:01:23.0932 6184 [ 9CF7E8EF673BB0B8BBF520AB1F0331E2 ] OfficeSvc C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
21:01:23.0963 6184 OfficeSvc - ok
21:01:23.0979 6184 [ 11E0B35479C895888BA3D7F619DCFFF3 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:01:23.0979 6184 ose64 - ok
21:01:23.0995 6184 [ AB76700D764A342D7475FB8F47CAB18C ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:01:24.0010 6184 p2pimsvc - ok
21:01:24.0010 6184 [ 4319FD931DCD796435ECB5DB4A04FBA5 ] p2psvc C:\Windows\system32\p2psvc.dll
21:01:24.0041 6184 p2psvc - ok
21:01:24.0041 6184 [ 4563DAF8C6A740AD7F501E219BD10766 ] Parport C:\Windows\System32\drivers\parport.sys
21:01:24.0057 6184 Parport - ok
21:01:24.0057 6184 [ D6ACCF9F2EEEEA711C14EFD976E573F3 ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:01:24.0057 6184 partmgr - ok
21:01:24.0073 6184 [ 4811D9EC53649105A5A8BEA661B0F936 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:01:24.0088 6184 PcaSvc - ok
21:01:24.0088 6184 [ 4A003E8F718C1E6A2050CA98CD53E3E2 ] pci C:\Windows\system32\drivers\pci.sys
21:01:24.0104 6184 pci - ok
21:01:24.0104 6184 [ F9908D274D458220F91E89B54D78D837 ] pciide C:\Windows\system32\drivers\pciide.sys
21:01:24.0120 6184 pciide - ok
21:01:24.0120 6184 [ 84D19CB6102627932DCB5DFDF89FE269 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
21:01:24.0135 6184 pcmcia - ok
21:01:24.0135 6184 [ CEBBAD5391C2644560C55628A40BFD27 ] pcw C:\Windows\system32\drivers\pcw.sys
21:01:24.0151 6184 pcw - ok
21:01:24.0151 6184 [ EF9B4F3136B4C45F421ADE6871659FB6 ] pdc C:\Windows\system32\drivers\pdc.sys
21:01:24.0166 6184 pdc - ok
21:01:24.0166 6184 [ 70DBB6A8B52B3830922F1C5789E1BEEB ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:01:24.0198 6184 PEAUTH - ok
21:01:24.0229 6184 [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:01:24.0245 6184 PerfHost - ok
21:01:24.0260 6184 [ 6E84BFF58F7643499277F29DFA2F8C8D ] pla C:\Windows\system32\pla.dll
21:01:24.0291 6184 pla - ok
21:01:24.0291 6184 [ 799BE46D45D486704CE0F37CA5385262 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:01:24.0307 6184 PlugPlay - ok
21:01:24.0323 6184 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\System32\HPZipm12.dll
21:01:24.0323 6184 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
21:01:24.0323 6184 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
21:01:24.0323 6184 [ 8E2414E818C26C4A9C70CB2B8567F04F ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:01:24.0338 6184 PNRPAutoReg - ok
21:01:24.0338 6184 [ AB76700D764A342D7475FB8F47CAB18C ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:01:24.0354 6184 PNRPsvc - ok
21:01:24.0370 6184 [ 0108C8E5176D590F242701EF5A62CC26 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:01:24.0385 6184 PolicyAgent - ok
21:01:24.0401 6184 [ F1E067F56373F11EA4B785CAE823740A ] Power C:\Windows\system32\umpo.dll
21:01:24.0401 6184 Power - ok
21:01:24.0416 6184 [ 362D47E5B4D67270DE4B8606036F4ADD ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:01:24.0432 6184 PptpMiniport - ok
21:01:24.0448 6184 [ C2D3B3D0060619D5E03E696BD56FF59F ] PrintNotify C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
21:01:24.0495 6184 PrintNotify - ok
21:01:24.0495 6184 [ DD979EB6A7212F60E4AFBE96EDC7AE6D ] Processor C:\Windows\System32\drivers\processr.sys
21:01:24.0510 6184 Processor - ok
21:01:24.0510 6184 [ 429E8502AD2227CF88F8840FC5BD590D ] ProfSvc C:\Windows\system32\profsvc.dll
21:01:24.0526 6184 ProfSvc - ok
21:01:24.0541 6184 [ EB8034147D4820CD31BFCB11A2A652DF ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:01:24.0541 6184 Psched - ok
21:01:24.0557 6184 [ 0AFBF333B6F87A2F598EAB379AF100B8 ] QWAVE C:\Windows\system32\qwave.dll
21:01:24.0573 6184 QWAVE - ok
21:01:24.0573 6184 [ 13D47BB0CCA2FC51BD15F8E85C6A078E ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:01:24.0588 6184 QWAVEdrv - ok
21:01:24.0588 6184 [ 873C60F8178100557740A832FCE10B5F ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:01:24.0604 6184 RasAcd - ok
21:01:24.0604 6184 [ 69B93F623B130976243ECA3D84CC99CA ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:01:24.0620 6184 RasAgileVpn - ok
21:01:24.0620 6184 [ 005F6E54C4A2DA4EBF68FB0392CE8BB0 ] RasAuto C:\Windows\System32\rasauto.dll
21:01:24.0651 6184 RasAuto - ok
21:01:24.0651 6184 [ A14D625C5AEE5FFE0F47D1A1D419FAAE ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:01:24.0666 6184 Rasl2tp - ok
21:01:24.0666 6184 [ C923C785A2DE0B396AD6D13ACAFF2DE9 ] RasMan C:\Windows\System32\rasmans.dll
21:01:24.0698 6184 RasMan - ok
21:01:24.0698 6184 [ 00695B9C2DB6111064499C529E90C042 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:01:24.0713 6184 RasPppoe - ok
21:01:24.0713 6184 [ A7F24D8CD1956B0A1FDCB86CC5114DE4 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:01:24.0729 6184 RasSstp - ok
21:01:24.0729 6184 [ B72C33DBD5326B3864CF2091AF8B906B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:01:24.0745 6184 rdbss - ok
21:01:24.0760 6184 [ CA7DF5EC95D8DE0DD24BE7FF97369F68 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys
21:01:24.0760 6184 rdpbus - ok
21:01:24.0760 6184 [ B2A3AD74FF2E2FFA73AF2567108231B3 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
21:01:24.0776 6184 RDPDR - ok
21:01:24.0792 6184 [ 57F4787E4602A3FCA719C0A33137C6DA ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:01:24.0792 6184 RdpVideoMiniport - ok
21:01:24.0807 6184 [ B3CB0721E81E30419CE7D837EF4EA151 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:01:24.0823 6184 RDPWD - ok
21:01:24.0823 6184 [ 62C1F8A0685FE07E998AA296C4F697C4 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:01:24.0838 6184 rdyboost - ok
21:01:24.0838 6184 [ D4F8266D63800FF9ACFAC838005A974C ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
21:01:24.0854 6184 RegSrvc - ok
21:01:24.0854 6184 [ 3663CCF243EE0C04E9F6F91ED1737273 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:01:24.0870 6184 RemoteAccess - ok
21:01:24.0870 6184 [ E80DD61E52EDFFF9DA1ED7260A68855B ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:01:24.0901 6184 RemoteRegistry - ok
21:01:24.0901 6184 [ 17EF582CBC4809F96B9E6D0543480763 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
21:01:24.0917 6184 RFCOMM - ok
21:01:24.0932 6184 [ 73F2E030B5C24E4E41401B5F0D59E6FD ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:01:24.0948 6184 RpcEptMapper - ok
21:01:24.0948 6184 [ 10B21284B3D964AB3DC45490E57D422E ] RpcLocator C:\Windows\system32\locator.exe
21:01:24.0963 6184 RpcLocator - ok
21:01:24.0963 6184 [ 1EC6E533C954BDDF2A37E7851A7E58FD ] RpcSs C:\Windows\system32\rpcss.dll
21:01:24.0995 6184 RpcSs - ok
21:01:24.0995 6184 [ E04E770DD198B9399640717145E79EBF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:01:25.0010 6184 rspndr - ok
21:01:25.0010 6184 [ 8EB6DCEB7473C232D8BC9A886E3183AC ] RSUSBVSTOR C:\Windows\System32\Drivers\RtsUVStor.sys
21:01:25.0026 6184 RSUSBVSTOR - ok
21:01:25.0026 6184 [ 15923AA360F7675D3D43C9669316A0BA ] RTL8168 C:\Windows\system32\DRIVERS\Rt630x64.sys
21:01:25.0042 6184 RTL8168 - ok
21:01:25.0057 6184 [ 752EC7DCD2F96871A3857EEE6AFE965A ] s3cap C:\Windows\System32\drivers\vms3cap.sys
21:01:25.0057 6184 s3cap - ok
21:01:25.0073 6184 [ F702AB6181513303AB0FC8D59E52708B ] SamSs C:\Windows\system32\lsass.exe
21:01:25.0073 6184 SamSs - ok
21:01:25.0088 6184 [ 9C7B28CE0D136DB226E24DB3BC817F92 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:01:25.0088 6184 sbp2port - ok
21:01:25.0104 6184 [ 14316954FCE79C9DE5A0AFF9D42C83AA ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:01:25.0120 6184 SCardSvr - ok
21:01:25.0120 6184 [ 5D7733A12756B267FCA021672B26BC9E ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:01:25.0135 6184 scfilter - ok
21:01:25.0151 6184 [ EDCDF4DB82EF825B94B190D544C8C58B ] Schedule C:\Windows\system32\schedsvc.dll
21:01:25.0182 6184 Schedule - ok
21:01:25.0182 6184 [ BAF8F0F55BC300E5F882E521F054E345 ] SCPolicySvc C:\Windows\System32\certprop.dll
21:01:25.0198 6184 SCPolicySvc - ok
21:01:25.0198 6184 [ 12F06525912BBEF67837DE47D87C60A9 ] sdbus C:\Windows\System32\drivers\sdbus.sys
21:01:25.0213 6184 sdbus - ok
21:01:25.0213 6184 [ 92968277ED491E4B3DDA361E3952361E ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:01:25.0229 6184 SDRSVC - ok
21:01:25.0229 6184 [ BB107AA9980B0DA4E19A3A90C3BD4460 ] sdstor C:\Windows\System32\drivers\sdstor.sys
21:01:25.0245 6184 sdstor - ok
21:01:25.0245 6184 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:01:25.0260 6184 secdrv - ok
21:01:25.0260 6184 [ CD282626738B6BC92B6E7CD0AAE95B63 ] seclogon C:\Windows\system32\seclogon.dll
21:01:25.0276 6184 seclogon - ok
21:01:25.0292 6184 [ 9C51620998F0763039DFA6BF68E475ED ] SENS C:\Windows\System32\sens.dll
21:01:25.0307 6184 SENS - ok
21:01:25.0307 6184 [ DDA4CAF29D8C0A297F886BFE561E6659 ] SensorsAlsDriver C:\Windows\system32\DRIVERS\WUDFRd.sys
21:01:25.0323 6184 SensorsAlsDriver - ok
21:01:25.0323 6184 [ 0D50B4B860DAB65241628D04CD33ACAE ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:01:25.0338 6184 SensrSvc - ok
21:01:25.0354 6184 [ 87C46B239A7EEF30FDFDD5E9BD46130C ] SerCx C:\Windows\system32\drivers\SerCx.sys
21:01:25.0354 6184 SerCx - ok
21:01:25.0370 6184 [ 7A1F9347C85FD55E39B8A76B3A25C5AD ] Serenum C:\Windows\System32\drivers\serenum.sys
21:01:25.0370 6184 Serenum - ok
21:01:25.0385 6184 [ F640A0A218BBF857F1D04A15D7D939F6 ] Serial C:\Windows\System32\drivers\serial.sys
21:01:25.0385 6184 Serial - ok
21:01:25.0401 6184 [ F1A5F56B2620B862CC28FF96A0A6DAAB ] sermouse C:\Windows\System32\drivers\sermouse.sys
21:01:25.0401 6184 sermouse - ok
21:01:25.0417 6184 [ CB60A60340788C8D6DE2A269D28086AB ] SessionEnv C:\Windows\system32\sessenv.dll
21:01:25.0432 6184 SessionEnv - ok
21:01:25.0432 6184 [ 7EE65419B29302C795714FF8073969A1 ] sfloppy C:\Windows\System32\drivers\sfloppy.sys
21:01:25.0448 6184 sfloppy - ok
21:01:25.0463 6184 [ 090AE16F79C8EAD04E6031F863DA85F3 ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:01:25.0479 6184 SharedAccess - ok
21:01:25.0479 6184 [ A77F3ABE13FCC698511E5DEC7ACEBD5F ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:01:25.0510 6184 ShellHWDetection - ok
21:01:25.0510 6184 [ 2560721D6F16D5B611C36A3A9D28C1B2 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
21:01:25.0526 6184 SiSRaid2 - ok
21:01:25.0526 6184 [ 3AA8FDE1DBF65BB8B88B053529554A0D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
21:01:25.0542 6184 SiSRaid4 - ok
21:01:25.0542 6184 [ E660156A4588A84305CB772FD2C0DB21 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:01:25.0557 6184 SNMPTRAP - ok
21:01:25.0573 6184 [ 465F3C355CE5ED2779B8F460F14C5A78 ] spaceport C:\Windows\system32\drivers\spaceport.sys
21:01:25.0573 6184 spaceport - ok
21:01:25.0588 6184 [ 3D8679C8DF52EB26EB7583A4E0A29202 ] SpbCx C:\Windows\system32\drivers\SpbCx.sys
21:01:25.0588 6184 SpbCx - ok
21:01:25.0620 6184 [ 12583AF6CBE0050651EAF2723B3AD7B3 ] speedfan C:\Windows\syswow64\speedfan.sys
21:01:25.0635 6184 speedfan - ok
21:01:25.0635 6184 [ 3F215BF2D4D8D6756298B25B579772C2 ] Spooler C:\Windows\System32\spoolsv.exe
21:01:25.0667 6184 Spooler - ok
21:01:25.0713 6184 [ EC84D961501054F87A6878EC5D53388F ] sppsvc C:\Windows\system32\sppsvc.exe
21:01:25.0776 6184 sppsvc - ok
21:01:25.0776 6184 [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6 ] srv C:\Windows\system32\DRIVERS\srv.sys
21:01:25.0792 6184 srv - ok
21:01:25.0807 6184 [ C2106BB710AA34A046126AED7BCA6964 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:01:25.0823 6184 srv2 - ok
21:01:25.0823 6184 [ 9400C71F5A1A380B494B6922F007D485 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:01:25.0838 6184 srvnet - ok
21:01:25.0854 6184 [ 7A20882D76D4A78240A5AC9F2C2EBA21 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:01:25.0870 6184 SSDPSRV - ok
21:01:25.0870 6184 [ D233B16999A8E626F6004BD7814C57EC ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:01:25.0885 6184 SstpSvc - ok
21:01:25.0901 6184 [ 4E85355B94CFCB67C135F6521A4895A7 ] stexstor C:\Windows\system32\drivers\stexstor.sys
21:01:25.0901 6184 stexstor - ok
21:01:25.0901 6184 [ F38F79114380246B6D40CD53FB2CA28D ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
21:01:25.0917 6184 StillCam - ok
21:01:25.0932 6184 [ BAC8A721736AECC55A4F71523AEAB65F ] stisvc C:\Windows\System32\wiaservc.dll
21:01:25.0948 6184 stisvc - ok
21:01:25.0948 6184 [ C588BBD37B432CE3204E5765B459E6B2 ] storahci C:\Windows\system32\drivers\storahci.sys
21:01:25.0963 6184 storahci - ok
21:01:25.0963 6184 [ F74DBC95A57B1EE866D3732EB5F79BE2 ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
21:01:25.0979 6184 storflt - ok
21:01:25.0979 6184 [ 5337E138B49ED1F44CCBA4073BC35C20 ] StorSvc C:\Windows\system32\storsvc.dll
21:01:25.0995 6184 StorSvc - ok
21:01:25.0995 6184 [ 543CD3CC0E05B8D8815E0D4F040B6F59 ] storvsc C:\Windows\system32\drivers\storvsc.sys
21:01:26.0010 6184 storvsc - ok
21:01:26.0010 6184 [ 8BC1C1ED6EF9C985A3FAA6A72F41679A ] svsvc C:\Windows\system32\svsvc.dll
21:01:26.0026 6184 svsvc - ok
21:01:26.0026 6184 [ 4AFD66AAE74FFB5986BC240744DC5FC9 ] swenum C:\Windows\System32\drivers\swenum.sys
21:01:26.0042 6184 swenum - ok
21:01:26.0042 6184 [ 502F9488540051F3E6C39889ECFA76BB ] swprv C:\Windows\System32\swprv.dll
21:01:26.0073 6184 swprv - ok
21:01:26.0088 6184 [ DC21E1F06343773D7E24362DCEF7944B ] SysMain C:\Windows\system32\sysmain.dll
21:01:26.0120 6184 SysMain - ok
21:01:26.0120 6184 [ E219BF7BCCFE4881B0C053C7E0B47ECC ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
21:01:26.0135 6184 SystemEventsBroker - ok
21:01:26.0135 6184 [ A6C06C45C44AD06C70AF8899AEC15BDC ] TabletInputService C:\Windows\System32\TabSvc.dll
21:01:26.0151 6184 TabletInputService - ok
21:01:26.0167 6184 [ 88B7721AB551C4325036B25A34A2BF7B ] TapiSrv C:\Windows\System32\tapisrv.dll
21:01:26.0182 6184 TapiSrv - ok
21:01:26.0198 6184 [ D192288CE5FB395F0BBAFDD1A8B5285D ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:01:26.0245 6184 Tcpip - ok
21:01:26.0276 6184 [ D192288CE5FB395F0BBAFDD1A8B5285D ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:01:26.0307 6184 TCPIP6 - ok
21:01:26.0323 6184 [ 8F2A13A5DF99D72FDDE87F502A66F989 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:01:26.0323 6184 tcpipreg - ok
21:01:26.0338 6184 [ 73DC722CE5DF26D7638CE2446F2655C7 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:01:26.0354 6184 tdx - ok
21:01:26.0385 6184 [ 9F3E7CABE86BBDECA009DE291DB6D9E2 ] TeamViewer8 C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
21:01:26.0432 6184 TeamViewer8 - ok
21:01:26.0432 6184 [ F7C8AB5D8AFFAA318D6A21093D139BF4 ] terminpt C:\Windows\System32\drivers\terminpt.sys
21:01:26.0432 6184 terminpt - ok
21:01:26.0448 6184 [ 541EE228D0DEF392F7B2DFD885DD021B ] TermService C:\Windows\System32\termsrv.dll
21:01:26.0479 6184 TermService - ok
21:01:26.0479 6184 [ 519A6F672FFF56B7D8EE8C730CEC8ECD ] Themes C:\Windows\system32\themeservice.dll
21:01:26.0495 6184 Themes - ok
21:01:26.0495 6184 [ EEE908BE7143FCA48CF0CB87214E2AB8 ] THREADORDER C:\Windows\system32\mmcss.dll
21:01:26.0510 6184 THREADORDER - ok
21:01:26.0510 6184 [ FF4135424A79DCC2998276D8E39C9B4D ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll
21:01:26.0526 6184 TimeBroker - ok
21:01:26.0542 6184 [ B44EFE254C0B3719E4037088D24FE4B5 ] TPM C:\Windows\system32\drivers\tpm.sys
21:01:26.0542 6184 TPM - ok
21:01:26.0557 6184 [ 8C8CF3041B27E7657ADD0EE17F6DBFCA ] TrkWks C:\Windows\System32\trkwks.dll
21:01:26.0573 6184 TrkWks - ok
21:01:26.0573 6184 [ 8D516AEF3C1DF980664CF17BB1FF6093 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:01:26.0588 6184 TrustedInstaller - ok
21:01:26.0588 6184 [ 4E7C5FB10A50435523DE0CAA37DE2BD3 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:01:26.0604 6184 TsUsbFlt - ok
21:01:26.0604 6184 [ 16D684A820872EE54F6370703AC0B513 ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys
21:01:26.0620 6184 TsUsbGD - ok
21:01:26.0620 6184 [ 78C9EE193AC2B4CBDBC48B620314D740 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:01:26.0635 6184 tunnel - ok
21:01:26.0635 6184 [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A ] uagp35 C:\Windows\system32\drivers\uagp35.sys
21:01:26.0651 6184 uagp35 - ok
21:01:26.0651 6184 [ 6FD6D03B7752C78712E5CFF29A305026 ] UASPStor C:\Windows\System32\drivers\uaspstor.sys
21:01:26.0667 6184 UASPStor - ok
21:01:26.0667 6184 [ 1ED222DFE6C13DA50FE081ABF90CAFE1 ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys
21:01:26.0682 6184 UCX01000 - ok
21:01:26.0682 6184 [ DC5A461591C71AF7F19DC048A81E3F88 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:01:26.0698 6184 udfs - ok
21:01:26.0713 6184 [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:01:26.0729 6184 UI0Detect - ok
21:01:26.0729 6184 [ 07FEBCDF24FABA0D47B635D85A0FFB7A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:01:26.0745 6184 uliagpkx - ok
21:01:26.0745 6184 [ 02CEB3FE6152668A7BA420B93B664860 ] umbus C:\Windows\System32\drivers\umbus.sys
21:01:26.0760 6184 umbus - ok
21:01:26.0760 6184 [ 991EE6B5FC41EAEF99C8AF5B92F2CA09 ] UmPass C:\Windows\System32\drivers\umpass.sys
21:01:26.0776 6184 UmPass - ok
21:01:26.0776 6184 [ 43FEFB040A0CC30F795FBF544169594D ] UmRdpService C:\Windows\System32\umrdp.dll
21:01:26.0792 6184 UmRdpService - ok
21:01:26.0792 6184 [ E1A119AD21F5AFE22EB516C549306D3D ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
21:01:26.0807 6184 UNS - ok
21:01:26.0823 6184 [ 14D22C411854AA2560AFC94CD2D5E61F ] upnphost C:\Windows\System32\upnphost.dll
21:01:26.0838 6184 upnphost - ok
21:01:26.0838 6184 [ 30F02F642C2D141CAABD412B48A29D76 ] usb3Hub C:\Windows\System32\drivers\usb3Hub.sys
21:01:26.0854 6184 usb3Hub - ok
21:01:26.0854 6184 [ 3FBE0784E42E7BA93FCC5201D2BAFE23 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
21:01:26.0870 6184 usbaudio - ok
21:01:26.0885 6184 [ 2AF9F0E16D75B8F783A1ACE74EF51C9B ] usbccgp C:\Windows\System32\drivers\usbccgp.sys
21:01:26.0885 6184 usbccgp - ok
21:01:26.0901 6184 [ B395B62B62F28106218FA6FB17F4C797 ] usbcir C:\Windows\System32\drivers\usbcir.sys
21:01:26.0917 6184 usbcir - ok
21:01:26.0917 6184 [ 52F267AEE8CA5AA5CEB88C6A71EE1E86 ] usbehci C:\Windows\System32\drivers\usbehci.sys
21:01:26.0932 6184 usbehci - ok
21:01:26.0932 6184 [ FBB6794E3BBAD92D66D59D206C1F849F ] usbhub C:\Windows\System32\drivers\usbhub.sys
21:01:26.0963 6184 usbhub - ok
21:01:26.0963 6184 [ B7A948501424805571BF562BB0BFE31D ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys
21:01:26.0979 6184 USBHUB3 - ok
21:01:26.0979 6184 [ 325F6179009B5A7F6118951A5BA422AB ] usbohci C:\Windows\System32\drivers\usbohci.sys
21:01:26.0995 6184 usbohci - ok
21:01:26.0995 6184 [ BA3ABE0CD1C14B3295BAD0F076B84CAC ] usbprint C:\Windows\System32\drivers\usbprint.sys
21:01:27.0010 6184 usbprint - ok
21:01:27.0010 6184 [ F77177F6C95B2116EE7AD23B5EF57007 ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS
21:01:27.0026 6184 USBSTOR - ok
21:01:27.0026 6184 [ D25EF4A6EC244C5DE85D88A05B7C149D ] usbuhci C:\Windows\System32\drivers\usbuhci.sys
21:01:27.0042 6184 usbuhci - ok
21:01:27.0042 6184 [ 09799E701B4327097E9F63D3FE221083 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
21:01:27.0057 6184 usbvideo - ok
21:01:27.0073 6184 [ 9CD4259AD15F84DE27B94A956C978D6C ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS
21:01:27.0088 6184 USBXHCI - ok
21:01:27.0088 6184 [ F702AB6181513303AB0FC8D59E52708B ] VaultSvc C:\Windows\system32\lsass.exe
21:01:27.0104 6184 VaultSvc - ok
21:01:27.0104 6184 [ BACECBFF9C97F7627A60B0E0F1FE7EE8 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:01:27.0104 6184 vdrvroot - ok
21:01:27.0120 6184 [ 8A8CDA9E3CF2E0B4C6CC19FBC6FB9A71 ] vds C:\Windows\System32\vds.exe
21:01:27.0135 6184 vds - ok
21:01:27.0151 6184 [ 74FA2D4368DE6F6CE14393EDF1F342BE ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys
21:01:27.0151 6184 VerifierExt - ok
21:01:27.0167 6184 [ 8628FA679F0EC4B709CCD1F6B6A3233B ] vhdmp C:\Windows\System32\drivers\vhdmp.sys
21:01:27.0182 6184 vhdmp - ok
21:01:27.0182 6184 [ F5B4A14B00E89250C50982AC762DDD1D ] viaide C:\Windows\system32\drivers\viaide.sys
21:01:27.0198 6184 viaide - ok
21:01:27.0198 6184 [ 78DB50F7329F6D1311658DABFFFC8BE0 ] vmbus C:\Windows\system32\drivers\vmbus.sys
21:01:27.0214 6184 vmbus - ok
21:01:27.0214 6184 [ ECFEE2F2BA3932C7880D1A8F67D68F91 ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys
21:01:27.0229 6184 VMBusHID - ok
21:01:27.0229 6184 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicheartbeat C:\Windows\System32\ICSvc.dll
21:01:27.0245 6184 vmicheartbeat - ok
21:01:27.0245 6184 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
21:01:27.0260 6184 vmickvpexchange - ok
21:01:27.0276 6184 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicrdv C:\Windows\System32\ICSvc.dll
21:01:27.0276 6184 vmicrdv - ok
21:01:27.0292 6184 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicshutdown C:\Windows\System32\ICSvc.dll
21:01:27.0307 6184 vmicshutdown - ok
21:01:27.0307 6184 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmictimesync C:\Windows\System32\ICSvc.dll
21:01:27.0323 6184 vmictimesync - ok
21:01:27.0323 6184 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicvss C:\Windows\System32\ICSvc.dll
21:01:27.0339 6184 vmicvss - ok
21:01:27.0339 6184 [ CB60FAAED8B49B812EBBF77EB87D9B18 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:01:27.0354 6184 volmgr - ok
21:01:27.0354 6184 [ A74101DA9809251BCD0E5A26BAE0F824 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:01:27.0370 6184 volmgrx - ok
21:01:27.0385 6184 [ 2FB3CDFD5EAF4CD9D4AFAF96877D13AE ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:01:27.0401 6184 volsnap - ok
21:01:27.0401 6184 [ A8DA1C1B52ECEA3726DEBED4FF1B700D ] vpci C:\Windows\System32\drivers\vpci.sys
21:01:27.0417 6184 vpci - ok
21:01:27.0417 6184 [ 38A60CD9C009C55C6D3B5586F8E6A353 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
21:01:27.0432 6184 vsmraid - ok
21:01:27.0448 6184 [ EA658570314042C914964FC72AB50E6B ] VSS C:\Windows\system32\vssvc.exe
21:01:27.0479 6184 VSS - ok
21:01:27.0479 6184 [ A0F6FE0FC2F647C22BBFD6BD4249DBCC ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys
21:01:27.0495 6184 VSTXRAID - ok
21:01:27.0495 6184 [ 62460A45435A26A334907E3F2EA45611 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
21:01:27.0510 6184 vwifibus - ok
21:01:27.0510 6184 [ 095E943D27025E4D588AF0A72CC2318F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
21:01:27.0526 6184 vwififlt - ok
21:01:27.0526 6184 [ 73FA1A41A97A5C34ADC03B3577FF1A86 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
21:01:27.0542 6184 vwifimp - ok
21:01:27.0557 6184 [ F690B6EEAA94576727B24376D7ED3601 ] W32Time C:\Windows\system32\w32time.dll
21:01:27.0573 6184 W32Time - ok
21:01:27.0573 6184 [ 6B806E893714019969E2B50D7EF6A4D9 ] WacomPen C:\Windows\System32\drivers\wacompen.sys
21:01:27.0589 6184 WacomPen - ok
21:01:27.0589 6184 [ 6081CEC9EF9EB145D8B46655C7708D51 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
21:01:27.0604 6184 Wanarp - ok
21:01:27.0604 6184 [ 6081CEC9EF9EB145D8B46655C7708D51 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:01:27.0620 6184 Wanarpv6 - ok
21:01:27.0635 6184 [ 42DF22F8C448E7CD219F6D63743505E2 ] wbengine C:\Windows\system32\wbengine.exe
21:01:27.0667 6184 wbengine - ok
21:01:27.0667 6184 [ 31D37B2F6069C631EF0557D322924812 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:01:27.0682 6184 WbioSrvc - ok
21:01:27.0698 6184 [ D9C1E82651BF19C6FF69CEC6FD400124 ] Wcmsvc C:\Windows\System32\wcmsvc.dll
21:01:27.0714 6184 Wcmsvc - ok
21:01:27.0714 6184 [ 5B5FEAB51172F5513C2CF7B39CFA6A01 ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:01:27.0729 6184 wcncsvc - ok
21:01:27.0745 6184 [ E19556D414332E2BEBA1F368229006B4 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:01:27.0760 6184 WcsPlugInService - ok
21:01:27.0760 6184 [ B3A4D918DAB90505B6BC7B70632913CB ] Wd C:\Windows\system32\drivers\wd.sys
21:01:27.0760 6184 Wd - ok
21:01:27.0776 6184 [ 260F8DFC4D5748F4CCB9B19CFB0E58EA ] WdBoot C:\Windows\system32\drivers\WdBoot.sys
21:01:27.0776 6184 WdBoot - ok
21:01:27.0792 6184 [ 2ADC985B85A71BD7D99712EC0C24358B ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:01:27.0807 6184 Wdf01000 - ok
21:01:27.0807 6184 [ 880FFFC4D5BBBB4187B6B04AB2E8C32A ] WdFilter C:\Windows\system32\drivers\WdFilter.sys
21:01:27.0823 6184 WdFilter - ok
21:01:27.0839 6184 [ 240FC332484572227CD1DF82407F33E5 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:01:27.0854 6184 WdiServiceHost - ok
21:01:27.0854 6184 [ 240FC332484572227CD1DF82407F33E5 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:01:27.0870 6184 WdiSystemHost - ok
21:01:27.0885 6184 [ F2002DA5E6B78C15B2CD48CFF8F0FBB6 ] WebClient C:\Windows\System32\webclnt.dll
21:01:27.0901 6184 WebClient - ok
21:01:27.0901 6184 [ 35FD720943D4FCD75C3275BF062FF140 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:01:27.0917 6184 Wecsvc - ok
21:01:27.0932 6184 [ 4D2612E3C462B68F499D840B1133263E ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:01:27.0948 6184 wercplsupport - ok
21:01:27.0948 6184 [ 8E2426162ED6749A127B35D235F21E11 ] WerSvc C:\Windows\System32\WerSvc.dll
21:01:27.0979 6184 WerSvc - ok
21:01:27.0979 6184 [ FE762D3498719C3A23471BBA62F747B4 ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys
21:01:27.0995 6184 WFPLWFS - ok
21:01:27.0995 6184 [ 60E0C220593DA4F7C289CB909D2DBAE0 ] WiaRpc C:\Windows\System32\wiarpc.dll
21:01:28.0010 6184 WiaRpc - ok
21:01:28.0010 6184 [ A3C7624A42A3447EF5EDD1ED37FE4E60 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:01:28.0026 6184 WIMMount - ok
21:01:28.0026 6184 WinDefend - ok
21:01:28.0042 6184 [ 7911470B6018059A880469A63B65700A ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
21:01:28.0057 6184 WinHttpAutoProxySvc - ok
21:01:28.0073 6184 [ 3D6B518B71C75C8FA4115A33615C107A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:01:28.0089 6184 Winmgmt - ok
21:01:28.0104 6184 WinRing0_1_2_0 - ok
21:01:28.0120 6184 [ 8E212A627F33F6FC3B5F3BB47212F66E ] WinRM C:\Windows\system32\WsmSvc.dll
21:01:28.0167 6184 WinRM - ok
21:01:28.0182 6184 [ BB20956C424531003F7FA6CD36F11D5D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
21:01:28.0198 6184 WinUsb - ok
21:01:28.0214 6184 [ 6351724B8FA0255C2DBD970297F00B93 ] WlanSvc C:\Windows\System32\wlansvc.dll
21:01:28.0245 6184 WlanSvc - ok
21:01:28.0260 6184 [ B330CE47FB74A6BE9A3FFFF4B3F64D9B ] wlidsvc C:\Windows\system32\wlidsvc.dll
21:01:28.0292 6184 wlidsvc - ok
21:01:28.0307 6184 [ E2A596CACFC6504306CDB7B593B90084 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys
21:01:28.0307 6184 WmiAcpi - ok
21:01:28.0323 6184 [ D113499052C5E541906B727779F0F959 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:01:28.0339 6184 wmiApSrv - ok
21:01:28.0339 6184 WMPNetworkSvc - ok
21:01:28.0339 6184 [ C6FF953D5D6F2EAE3B8883474D5076B3 ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys
21:01:28.0354 6184 wpcfltr - ok
21:01:28.0354 6184 [ A6ED163169876BFD2437E872FE2F1509 ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:01:28.0370 6184 WPCSvc - ok
21:01:28.0370 6184 [ 94AA5150E35B3ABB7191FE641E3C2473 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:01:28.0385 6184 WPDBusEnum - ok
21:01:28.0385 6184 [ 0346CAFC181C91C6E2330332EB332ED6 ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys
21:01:28.0401 6184 WpdUpFltr - ok
21:01:28.0401 6184 [ BC8B5CB336E63BB25EAD1CE8EDD34B81 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:01:28.0417 6184 ws2ifsl - ok
21:01:28.0417 6184 [ FB0C1B7F94FA08E72F19F6F2CE7210E1 ] wscsvc C:\Windows\System32\wscsvc.dll
21:01:28.0432 6184 wscsvc - ok
21:01:28.0448 6184 [ 74EFDA0526862C3D8D01A776182798EA ] WSDPrintDevice C:\Windows\System32\drivers\WSDPrint.sys
21:01:28.0448 6184 WSDPrintDevice - ok
21:01:28.0448 6184 WSearch - ok
21:01:28.0479 6184 [ C10BFFEE7E0D7A1366E84F251796C51D ] WSService C:\Windows\System32\WSService.dll
21:01:28.0542 6184 WSService - ok
21:01:28.0557 6184 [ A8484C0CB54DB48180FB7CA00F1C3F8F ] wuauserv C:\Windows\system32\wuaueng.dll
21:01:28.0620 6184 wuauserv - ok
21:01:28.0620 6184 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:01:28.0635 6184 WudfPf - ok
21:01:28.0635 6184 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys
21:01:28.0651 6184 WUDFRd - ok
21:01:28.0651 6184 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFSensorLP C:\Windows\system32\DRIVERS\WUDFRd.sys
21:01:28.0667 6184 WUDFSensorLP - ok
21:01:28.0667 6184 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:01:28.0682 6184 wudfsvc - ok
21:01:28.0682 6184 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdFs C:\Windows\system32\DRIVERS\WUDFRd.sys
21:01:28.0698 6184 WUDFWpdFs - ok
21:01:28.0698 6184 [ F9D8D2E6ECE08B278621D5BF3A7240A6 ] WwanSvc C:\Windows\System32\wwansvc.dll
21:01:28.0729 6184 WwanSvc - ok
21:01:28.0729 6184 [ 6FDEE5E0741A3FFA5E5772C6C94E3F64 ] XHCIPort C:\Windows\System32\drivers\XHCIPort.sys
21:01:28.0745 6184 XHCIPort - ok
21:01:28.0760 6184 [ 97D3DCBBF3915782644DB56F5C191B9F ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
21:01:28.0807 6184 ZeroConfigService - ok
21:01:28.0823 6184 ================ Scan global ===============================
21:01:28.0823 6184 [ DDC1AFBF9DDF880CE9BD3896114D8DED ] C:\Windows\system32\basesrv.dll
21:01:28.0823 6184 [ E9343076AE704D20BB0D01F3AF3EFFEF ] C:\Windows\system32\winsrv.dll
21:01:28.0839 6184 [ BD7C6949984D19AAA609896B675E7357 ] C:\Windows\system32\sxssrv.dll
21:01:28.0839 6184 [ 8F226143046435C75C033B0C52E90FFE ] C:\Windows\system32\services.exe
21:01:28.0854 6184 [Global] - ok
21:01:28.0854 6184 ================ Scan MBR ==================================
21:01:28.0854 6184 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
21:01:28.0885 6184 \Device\Harddisk0\DR0 - ok
21:01:28.0885 6184 ================ Scan VBR ==================================
21:01:28.0885 6184 [ D742B4495A1633AE666E5CD4BC968322 ] \Device\Harddisk0\DR0\Partition1
21:01:28.0885 6184 \Device\Harddisk0\DR0\Partition1 - ok
21:01:28.0885 6184 [ 15D77E49287D407A5DFCC965E0C6D67B ] \Device\Harddisk0\DR0\Partition2
21:01:28.0885 6184 \Device\Harddisk0\DR0\Partition2 - ok
21:01:28.0885 6184 [ AA4CDC953A14B44C42C8D5680446883F ] \Device\Harddisk0\DR0\Partition3
21:01:28.0885 6184 \Device\Harddisk0\DR0\Partition3 - ok
21:01:28.0885 6184 [ 39B5E2108E68900C10387FF1F82A96D4 ] \Device\Harddisk0\DR0\Partition4
21:01:28.0885 6184 \Device\Harddisk0\DR0\Partition4 - ok
21:01:28.0901 6184 [ DECF8906D3DE8657F6A55FE0D553BE84 ] \Device\Harddisk0\DR0\Partition5
21:01:28.0901 6184 \Device\Harddisk0\DR0\Partition5 - ok
21:01:28.0901 6184 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition6
21:01:28.0901 6184 \Device\Harddisk0\DR0\Partition6 - ok
21:01:28.0901 6184 [ EB9129417A831481048F26D4D6ABCFB8 ] \Device\Harddisk0\DR0\Partition7
21:01:28.0901 6184 \Device\Harddisk0\DR0\Partition7 - ok
21:01:28.0901 6184 ============================================================
21:01:28.0901 6184 Scan finished
21:01:28.0901 6184 ============================================================
21:01:28.0917 5872 Detected object count: 3
21:01:28.0917 5872 Actual detected object count: 3
21:01:44.0996 5872 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
21:01:44.0996 5872 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:01:44.0996 5872 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
21:01:44.0996 5872 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:01:44.0996 5872 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
21:01:44.0996 5872 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
Vielen Dank für eure Mühen! Beste Grüße, painfiller |
|
21.02.2013, 21:23
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Avast VisthAux.exe deaktiviert (Windows 8) JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Im Anschluss: adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Danach eine Kontrolle mit OTL bitte:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.02.2013, 21:56
| #9 |
| | Avast VisthAux.exe deaktiviert (Windows 8) Hier JRT: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.5 (02.18.2013:1)
OS: Windows 8 x64
Ran by krist_000 on 21.02.2013 at 21:38:22,39
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 21.02.2013 at 21:42:43,77
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter # AdwCleaner v2.112 - Datei am 21/02/2013 um 21:45:02 erstellt
# Aktualisiert am 10/02/2013 von Xplode
# Betriebssystem : Windows 8 (64 bits)
# Benutzer : krist_000 - KRISTOFFER
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\krist_000\Downloads\adwcleaner0.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Users\krist_000\AppData\Roaming\Microsoft\Windows\Start Menu\Startfenster.lnk
***** [Registrierungsdatenbank] *****
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16482
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.startfenster.com --> hxxp://www.google.com
-\\ Google Chrome v24.0.1312.57
Datei : C:\Users\krist_000\AppData\Local\Google\Chrome\User Data\Default\Preferences
Gelöscht [l.19] : urls_to_restore_on_startup = [ "hxxp://google.de/", "hxxp://www.startfenster.com" ]
Gelöscht [l.2522] : urls_to_restore_on_startup = [ "hxxp://google.de/", "hxxp://www.startfenster.com" ]
*************************
AdwCleaner[S1].txt - [1068 octets] - [21/02/2013 21:45:02]
########## EOF - C:\AdwCleaner[S1].txt - [1128 octets] ##########
Code:
ATTFilter OTL logfile created on: 21.02.2013 21:49:35 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\krist_000\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16484)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,89 Gb Total Physical Memory | 2,12 Gb Available Physical Memory | 54,44% Memory free
12,39 Gb Paging File | 10,56 Gb Available in Paging File | 85,25% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 102,54 Gb Total Space | 35,15 Gb Free Space | 34,28% Space Free | Partition Type: NTFS
Drive D: | 110,93 Gb Total Space | 70,68 Gb Free Space | 63,71% Space Free | Partition Type: NTFS
Computer Name: KRISTOFFER | User Name: krist_000 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\krist_000\Downloads\OTL (1).exe (OldTimer Tools)
PRC - C:\Users\krist_000\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Users\krist_000\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS)
PRC - C:\Windows\SysWOW64\ACEngSvr.exe (ASUSTeK)
PRC - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Motorola Solutions, Inc.)
PRC - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions, Inc.)
PRC - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUSTek Computer Inc.)
PRC - C:\Windows\SysWOW64\irstrtsv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe (Microsoft Corporation.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
========== Modules (No Company Name) ==========
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\a91dc79bf846144ee47efc08e17bb3e2\UIAutomationTypes.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\9c95779cc3d65cda80695cabc367476b\System.Windows.Forms.ni.dll ()
MOD - C:\Users\krist_000\AppData\Local\Google\Chrome\User Data\PepperFlash\11.6.602.167\pepflashplayer.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\e1ec8b9a6d4f9af9d6065c4187fb1b5f\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\f641b786d36d1cc5a5531a746c96ce1b\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\38638a559066bf7f2325a53ed53629bc\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\05cc6faa6704d01e78700561b22937e3\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\6824c9f11ea82b4148780cd92c9d6745\PresentationFramework.Aero2.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\8347ac8367f91309fa888d79a54c7450\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\1c7f4533b2b24c10a628793a8b93e1a7\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\15cc4fff434f274c1f6ab56a385dcb54\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\a7811936e59aaee26b1d9d467174d6d4\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\374a0cc6603f58864831897ef723bd4a\mscorlib.ni.dll ()
MOD - C:\Users\krist_000\AppData\Local\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Users\krist_000\AppData\Local\Google\Chrome\Application\24.0.1312.57\pdf.dll ()
MOD - C:\Users\krist_000\AppData\Local\Google\Chrome\Application\24.0.1312.57\libglesv2.dll ()
MOD - C:\Users\krist_000\AppData\Local\Google\Chrome\Application\24.0.1312.57\libegl.dll ()
MOD - C:\Users\krist_000\AppData\Local\Google\Chrome\Application\24.0.1312.57\ffmpegsumo.dll ()
MOD - C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (OfficeSvc) -- C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (ZeroConfigService) -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel® Corporation)
SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV:64bit: - (AMPPALR3) -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel Corporation)
SRV:64bit: - (BTHSSecurityMgr) -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel(R) Corporation)
SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (TeamViewer8) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (HPSLPSVC) -- C:\Users\KRIST_~1\AppData\Local\Temp\7zS71D5\hpslpsvc64.dll (Hewlett-Packard Co.)
SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (Bluetooth OBEX Service) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Motorola Solutions, Inc.)
SRV - (Bluetooth Device Monitor) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions, Inc.)
SRV - (irstrtsv) -- C:\Windows\SysWOW64\irstrtsv.exe (Intel Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUSTek Computer Inc.)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe (Microsoft Corporation.)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe (Microsoft Corporation.)
SRV - (ASUS InstantOn) -- C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe (ASUS)
SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
========== Driver Services (SafeList) ==========
DRV:64bit: - (aswnet) -- C:\Windows\SysNative\Drivers\aswnet.sys (AVAST Software)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (ATP) -- C:\Windows\SysNative\Drivers\AsusTP.sys (ASUS Corporation)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\Drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (LVUVC64) -- C:\Windows\SysNative\Drivers\lvuvc64.sys (Logitech Inc.)
DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\Drivers\lvrs64.sys (Logitech Inc.)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\Drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\Drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (NETwNe64) -- C:\Windows\SysNative\Drivers\NETwew00.sys (Intel Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\Drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (intaud_WaveExtensible) -- C:\Windows\SysNative\Drivers\intelaud.sys (Intel Corporation)
DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\Drivers\iwdbus.sys (Intel Corporation)
DRV:64bit: - (XHCIPort) -- C:\Windows\SysNative\Drivers\xHCIPort.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (usb3Hub) -- C:\Windows\SysNative\Drivers\usb3Hub.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\Drivers\kbfiltr.sys ( )
DRV:64bit: - (irstrtdv) -- C:\Windows\SysNative\Drivers\irstrtdv.sys (Intel Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\Drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (acpials) -- C:\Windows\SysNative\Drivers\acpials.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\Drivers\BthLEEnum.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (AiCharger) -- C:\Windows\SysNative\Drivers\AiCharger.sys (ASUSTek Computer Inc.)
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\Drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (AMPPALP) -- C:\Windows\SysNative\Drivers\AmpPal.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (AMPPAL) -- C:\Windows\SysNative\Drivers\AmpPal.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (btmhsf) -- C:\Windows\SysNative\Drivers\btmhsf.sys (Intel Corporation)
DRV:64bit: - (DptfManager) -- C:\Windows\SysNative\Drivers\DptfManager.sys (Intel Corporation)
DRV:64bit: - (DptfDevGen) -- C:\Windows\SysNative\Drivers\DptfDevGen.sys (Intel Corporation)
DRV:64bit: - (DptfDevDram) -- C:\Windows\SysNative\Drivers\DptfDevDram.sys (Intel Corporation)
DRV:64bit: - (DptfDevFan) -- C:\Windows\SysNative\Drivers\DptfDevFan.sys (Intel Corporation)
DRV:64bit: - (DptfDevPch) -- C:\Windows\SysNative\Drivers\DptfDevPch.sys (Intel Corporation)
DRV:64bit: - (DptfDevProc) -- C:\Windows\SysNative\Drivers\DptfDevProc.sys (Intel Corporation)
DRV:64bit: - (AX88772) -- C:\Windows\SysNative\Drivers\ax88772.sys (ASIX Electronics Corp.)
DRV:64bit: - (iBtFltCoex) -- C:\Windows\SysNative\Drivers\iBtFltCoex.sys (Intel Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\Drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\Drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (RSUSBVSTOR) -- C:\Windows\SysNative\Drivers\RtsUVStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\Drivers\agrsm64.sys (LSI Corp)
DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\Drivers\Rt630x64.sys (Realtek )
DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\Drivers\NETwNs64.sys (Intel Corporation)
DRV:64bit: - (e1iexpress) -- C:\Windows\SysNative\Drivers\e1i63x64.sys (Intel Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\Drivers\athrx.sys (Qualcomm Atheros Communications, Inc.)
DRV:64bit: - (HIDSwitch) -- C:\Windows\SysNative\Drivers\AsHIDSwitch64.sys (ASUS)
DRV:64bit: - (btmaux) -- C:\Windows\SysNative\Drivers\btmaux.sys (Intel Corporation)
DRV - (ATKWMIACPIIO) -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (ASUS)
DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2347345409-2648239615-1393546621-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
IE - HKU\S-1-5-21-2347345409-2648239615-1393546621-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-2347345409-2648239615-1393546621-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2347345409-2648239615-1393546621-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\krist_000\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\krist_000\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.12.28 14:09:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK
[2012.12.28 14:09:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\krist_000\AppData\Roaming\mozilla\Extensions
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - Extension: avast! WebRep = C:\Users\krist_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
O1 HOSTS File: ([2012.07.26 06:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [ACMON] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Motorola Solutions, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe (ASUS Cloud Corporation)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKU\S-1-5-21-2347345409-2648239615-1393546621-1001..\Run: [Spotify] C:\Users\krist_000\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-2347345409-2648239615-1393546621-1001..\Run: [Spotify Web Helper] C:\Users\krist_000\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - Startup: C:\Users\krist_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\krist_000\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An Bluetooth senden - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: An Bluetooth senden - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4CFCC10A-995C-47A7-B25A-23C4A6801240}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{79C36127-07F5-4EE7-95D1-833D01F9258D}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.02.21 21:27:55 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.02.21 21:27:50 | 000,000,000 | ---D | C] -- C:\JRT
[2013.02.21 21:25:56 | 000,547,439 | ---- | C] (Oleg N. Scherbakov) -- D:\Desktop\JRT.exe
[2013.02.20 00:13:56 | 000,000,000 | ---D | C] -- C:\Users\krist_000\AppData\Local\ElevatedDiagnostics
[2013.02.17 16:13:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2013.02.14 00:31:33 | 006,967,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.02.14 00:31:10 | 003,966,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.02.14 00:31:09 | 000,907,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll
[2013.02.14 00:31:09 | 000,854,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.02.14 00:31:09 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.02.14 00:31:09 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.02.14 00:31:09 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.02.14 00:31:09 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.02.14 00:31:08 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.02.14 00:31:08 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UXInit.dll
[2013.02.14 00:31:08 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.02.14 00:31:08 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UXInit.dll
[2013.02.14 00:31:08 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.02.14 00:24:25 | 002,094,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmc.exe
[2013.02.14 00:24:24 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlidsvc.dll
[2013.02.14 00:24:24 | 001,611,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmc.exe
[2013.02.14 00:24:21 | 001,886,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setupapi.dll
[2013.02.14 00:24:21 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msctf.dll
[2013.02.14 00:24:21 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netprofmsvc.dll
[2013.02.14 00:24:20 | 000,438,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsm.dll
[2013.02.14 00:24:20 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Media.dll
[2013.02.14 00:24:20 | 000,028,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\msgpiowin32.sys
[2013.02.14 00:24:17 | 000,666,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MP4SDECD.DLL
[2013.02.14 00:24:17 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Networking.dll
[2013.02.14 00:24:17 | 000,303,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2013.02.14 00:24:17 | 000,194,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sdbus.sys
[2013.02.14 00:24:17 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetpp.dll
[2013.02.14 00:24:17 | 000,124,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpsd.sys
[2013.02.14 00:24:16 | 000,728,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samsrv.dll
[2013.02.14 00:24:16 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MP4SDECD.DLL
[2013.02.14 00:24:16 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Networking.dll
[2013.02.14 00:24:16 | 000,261,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Media.dll
[2013.02.14 00:24:16 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSDMon.dll
[2013.02.14 00:24:16 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsquirt.exe
[2013.02.14 00:24:16 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncbservice.dll
[2013.02.14 00:24:16 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\httpprxm.dll
[2013.02.14 00:24:16 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wiaacmgr.exe
[2013.02.14 00:24:16 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wiaacmgr.exe
[2013.02.14 00:24:16 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adhsvc.dll
[2013.02.14 00:24:15 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adhapi.dll
[2013.02.14 00:24:15 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\httpprxp.dll
[2013.02.14 00:24:15 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\keepaliveprovider.dll
[2013.02.14 00:24:08 | 001,690,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\GdiPlus.dll
[2013.02.14 00:24:07 | 001,437,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\GdiPlus.dll
[2013.02.14 00:02:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
[2013.02.14 00:02:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013.02.14 00:02:32 | 000,984,144 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013.02.14 00:02:32 | 000,468,144 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswnet.sys
[2013.02.14 00:02:32 | 000,370,288 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013.02.14 00:02:32 | 000,071,600 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013.02.14 00:02:32 | 000,054,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2013.02.14 00:02:32 | 000,025,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2013.02.14 00:02:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013.02.14 00:02:23 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013.02.14 00:02:22 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2013.02.13 23:22:21 | 000,000,000 | ---D | C] -- C:\Users\krist_000\AppData\Roaming\Malwarebytes
[2013.02.13 23:22:13 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.02.13 23:22:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.02.13 23:22:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.02.13 23:22:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Anti-Malware
[2013.02.13 23:21:40 | 010,156,344 | ---- | C] (Malwarebytes Corporation ) -- D:\Desktop\mbam-setup-1.70.0.1100.exe
[2013.02.13 23:14:28 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- D:\Desktop\tdsskiller.exe
[2013.02.13 12:02:24 | 000,000,000 | ---D | C] -- C:\Users\krist_000\AppData\Local\Diagnostics
[2013.01.31 21:38:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
[2013.01.31 21:37:06 | 000,000,000 | ---D | C] -- C:\Users\krist_000\Documents\Meine empfangenen Dateien
[2013.01.29 20:31:05 | 000,000,000 | R--D | C] -- C:\Users\krist_000\SkyDrive
[2013.01.29 20:31:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SkyDrive
[2013.01.29 20:30:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft SkyDrive
[2013.01.29 20:10:59 | 000,000,000 | ---D | C] -- C:\Users\krist_000\Documents\Benutzerdefinierte Office-Vorlagen
[2013.01.29 19:38:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
[2013.01.29 19:37:38 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office 15
[2013.01.28 19:55:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\logishrd
[2013.01.28 19:55:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\logishrd
========== Files - Modified Within 30 Days ==========
[2013.02.21 21:48:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.21 21:46:36 | 000,000,500 | ---- | M] () -- C:\Users\krist_000\AppData\Roaming\sp_data.sys
[2013.02.21 21:46:22 | 000,001,134 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.02.21 21:46:20 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2013.02.21 21:46:07 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013.02.21 21:46:06 | 3340,271,616 | -HS- | M] () -- C:\hiberfil.sys
[2013.02.21 21:26:07 | 000,547,439 | ---- | M] (Oleg N. Scherbakov) -- D:\Desktop\JRT.exe
[2013.02.21 21:17:01 | 000,001,138 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.02.21 21:01:00 | 000,001,158 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2347345409-2648239615-1393546621-1001UA.job
[2013.02.21 20:58:11 | 001,745,416 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.02.21 20:58:11 | 000,753,134 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.02.21 20:58:11 | 000,710,244 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.02.21 20:58:11 | 000,155,826 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.02.21 20:58:11 | 000,132,614 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.02.21 20:53:14 | 633,542,378 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013.02.21 20:50:31 | 000,376,832 | ---- | M] () -- D:\Desktop\gmer_2.1.19081.exe
[2013.02.20 18:01:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2347345409-2648239615-1393546621-1001Core.job
[2013.02.18 13:23:01 | 000,000,870 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2013.02.15 21:27:57 | 000,001,167 | ---- | M] () -- C:\WirelessDiagLog.csv
[2013.02.15 21:25:59 | 000,420,424 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.02.14 00:05:27 | 000,468,144 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswnet.sys
[2013.02.14 00:05:27 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswnet.sys.sum
[2013.02.14 00:02:32 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013.02.13 23:21:44 | 010,156,344 | ---- | M] (Malwarebytes Corporation ) -- D:\Desktop\mbam-setup-1.70.0.1100.exe
[2013.02.13 23:14:34 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- D:\Desktop\tdsskiller.exe
[2013.02.07 00:06:14 | 000,692,576 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.02.07 00:06:14 | 000,078,176 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.01.31 20:56:59 | 000,002,286 | ---- | M] () -- D:\Desktop\Google Chrome.lnk
[2013.01.28 10:22:35 | 001,074,307 | ---- | M] () -- C:\Users\krist_000\Semesterprogramm FSS2013.pdf
[2013.01.25 08:45:14 | 000,001,059 | ---- | M] () -- C:\Users\krist_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
========== Files Created - No Company Name ==========
[2013.02.21 20:52:27 | 000,376,832 | ---- | C] () -- D:\Desktop\gmer_2.1.19081.exe
[2013.02.15 21:27:42 | 000,001,167 | ---- | C] () -- C:\WirelessDiagLog.csv
[2013.02.15 21:25:57 | 000,420,424 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.02.14 00:24:15 | 000,386,577 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2013.02.14 00:02:34 | 000,001,138 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.02.14 00:02:34 | 000,001,134 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.01.29 20:31:03 | 000,002,198 | ---- | C] () -- C:\Users\krist_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
[2013.01.28 10:22:35 | 001,074,307 | ---- | C] () -- C:\Users\krist_000\Semesterprogramm FSS2013.pdf
[2013.01.17 00:57:56 | 000,250,294 | ---- | C] () -- C:\Windows\hpoins47.dat
[2013.01.17 00:57:56 | 000,000,478 | ---- | C] () -- C:\Windows\hpomdl47.dat
[2013.01.10 09:58:46 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2013.01.03 14:18:32 | 000,121,435 | ---- | C] () -- C:\Users\krist_000\H&M – Mode und Qualität zum besten Preis.pdf
[2012.12.31 19:06:57 | 000,000,021 | ---- | C] () -- C:\Users\krist_000\AppData\Roaming\my_intel.sys
[2012.12.22 12:38:40 | 000,000,500 | ---- | C] () -- C:\Users\krist_000\AppData\Roaming\sp_data.sys
[2012.10.26 16:42:24 | 000,336,232 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012.10.26 16:42:22 | 010,919,784 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012.10.26 16:42:22 | 000,103,272 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2012.10.08 01:29:12 | 000,185,216 | ---- | C] () -- C:\Windows\SysWow64\dptfinvalidpolicyremover.exe
[2012.10.08 01:29:12 | 000,004,362 | ---- | C] () -- C:\Windows\SysWow64\dptfinvalidpolicyremover.ini
[2012.08.30 09:27:12 | 000,598,780 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
[2012.08.30 09:26:51 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.08.30 09:26:48 | 000,755,048 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2012.08.17 01:52:29 | 000,024,576 | ---- | C] () -- C:\ProgramData\SetStretch.exe
[2012.08.17 01:52:28 | 000,000,217 | ---- | C] () -- C:\ProgramData\SetStretch.cmd
[2012.07.26 09:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2012.07.26 09:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2012.07.26 08:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2012.07.26 02:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2012.07.25 21:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012.07.25 21:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012.07.25 21:22:56 | 000,267,284 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin
[2012.07.25 21:22:54 | 000,963,376 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin
[2012.06.02 15:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2012.04.20 13:59:44 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
========== ZeroAccess Check ==========
[2012.10.08 01:39:23 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.01.10 00:23:07 | 019,791,360 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.01.10 00:26:23 | 017,560,576 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 04:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 04:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 04:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012.12.22 12:38:44 | 000,000,000 | ---D | M] -- C:\Users\krist_000\AppData\Roaming\ASUS WebStorage
[2013.02.21 21:48:47 | 000,000,000 | ---D | M] -- C:\Users\krist_000\AppData\Roaming\Dropbox
[2013.01.03 17:44:01 | 000,000,000 | ---D | M] -- C:\Users\krist_000\AppData\Roaming\IrfanView
[2013.02.21 21:42:12 | 000,000,000 | ---D | M] -- C:\Users\krist_000\AppData\Roaming\Spotify
[2013.01.17 01:07:02 | 000,000,000 | ---D | M] -- C:\Users\krist_000\AppData\Roaming\TeamViewer
[2012.12.28 14:09:14 | 000,000,000 | ---D | M] -- C:\Users\krist_000\AppData\Roaming\Thunderbird
========== Purity Check ==========
< End of report >
|
|
21.02.2013, 22:47
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Avast VisthAux.exe deaktiviert (Windows 8) Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes - denk bitte vorher daran, Malwarebytes über den Updatebutton zu aktualisieren Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
22.02.2013, 00:43
| #11 |
| | Avast VisthAux.exe deaktiviert (Windows 8) Malwarebytes: Code:
ATTFilter Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Datenbank Version: v2013.02.21.11 Windows 8 x64 NTFS Internet Explorer 10.0.9200.16484 krist_000 :: KRISTOFFER [Administrator] 21.02.2013 23:07:51 mbam-log-2013-02-21 (23-07-51).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 206617 Laufzeit: 2 Minute(n), 29 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=4a0dd5a6ed623a49b919288b0963d404
# engine=13217
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-02-21 11:40:40
# local_time=2013-02-22 12:40:40 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode=774 16777213 100 91 693489 138199912 0 0
# compatibility_mode=5893 16776574 100 94 4253751 20996151 0 0
# scanned=260059
# found=1
# cleaned=0
# scan_time=5101
sh=2EA01BDDE25D4303699A47C59405AACF07BCE798 ft=1 fh=ff4d777e01df7e28 vn="Win32/StartPage.OPH trojan" ac=I fn="C:\Users\krist_000\Downloads\Nützliche Programme\vlc-2.0.4-win64.exe"
|
|
22.02.2013, 01:41
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Avast VisthAux.exe deaktiviert (Windows 8) Sieht soweit ok aus Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
22.02.2013, 09:42
| #13 |
| | Avast VisthAux.exe deaktiviert (Windows 8) Hallo, sonst läuft alles soweit rund! Allerdings wollte ich nochmal kurz nachfragen, wie man den Computer in Zukunft möglichst gut schützen kann. Abgesehen von regelmäßigen Updates aller Programme, lohnt es sich eine kostenpflichtige Anti-Viren-Software (ich dachte dann auch an Avast) oder Firewall zuzulegen? Worauf sollte man noch achten, außer unvorsichtig Dateien öffnen oder Passwörter eintippen? Vielen Dank nochmal für deine Hilfe und beste Grüße, painfiller |
|
22.02.2013, 11:09
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Avast VisthAux.exe deaktiviert (Windows 8) Also ich weiß nicht wie oft ich das schon gepostet hab, das steht hier auch schon zuhauf in vielen Diskussionen - es ist eigentlich immer wieder das gleiche Fazit => Es gibt nicht den besten Virenscanner! Die Frage - welcher Virenscanner oder ob der installierte reicht - taucht ständig auf. Der Virenscanner - egal welcher - kann und wird niemals 100% Schutz bieten können. Neue/unbekannte Schädlinge können immer durch die Lappen gehen. Geld ausgeben muss man nicht für einen Scanner, sowas wie Avast oder Microsoft Security Essentials sind für die privaten Gebrauch völlig ausreichend. Abgesehen davon nutzen verschiedene Virenscanner unterschiedliche Signaturen und Techniken, das führt dazu, dass zB Scanner1 Schädling X entdeckt, aber Schädling Y übersieht. Scanner2 erkennt Schädling Y, dafür aber Schädling X nicht... Wichtiger ist, dass du dich an Regeln hälst. Der beste Virenscanner bringt nichts, wenn du dich falsch verhälst und fahrlässig/unvorsichtig bist. Airbag und Sicherheitsgurt im Auto sind ja auch keine Gründe dafür auf die Verkehrsregeln zu pfeifen. Lesestoff: Goldene Sicherheitsregeln Halte Dich am besten grob an diese Regeln:
Alles noch genauer erklärt steht hier => Kompromittierung unvermeidbar?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Avast VisthAux.exe deaktiviert (Windows 8) |
| analyse, anhänge, anti-malware, avast, beste, besten, classpnp.sys, computer, daten, deaktiviert, direkt, ebenfalls, geschichte, griff, grundsätzliche, hal.dll, herzlichen, log-datei, nicht mehr, problem, rechner, schnell, test, thread, trojaner, unknown mbr, windows, würde, zufällig |
Linear-Darstellung
