Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Avast VisthAux.exe deaktiviert (Windows 8)

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 13.02.2013, 22:44   #1
painfiller
 
Avast VisthAux.exe deaktiviert (Windows 8) - Standard

Avast VisthAux.exe deaktiviert (Windows 8)



Hallo,

heute Abend ist mir zufällig aufgefallen, dass Avast nicht mehr ordentlich läuft und sogar deaktiviert ist.
Das grundsätzliche Problem wurde in diesem Thread schon einmal beschrieben:
http://www.trojaner-board.de/124918-...e-gelesen.html

Nun gehe ich davon aus, dass bei mir ebenfalls ein Trojaner auf dem Rechner gelandet ist, was soweit nicht schlimm ist, da keinerlei sensible Daten auf dem Rechner liegen.
Trotzdem würde ich das Problem so schnell es geht in den Griff bekommen, sprich von meinem Computer schmeißen.

Ein erster Test mit Anti-Malware hat ergeben, dass alles in Ordnung sei (s. anhängende log-Datei).
Im erwähnten Thread werden weitere Analysen vorgeschlagen, soll ich das auch direkt machen?

Vielen Herzlichen Dank schon einmal direkt im voraus, ich hoffe die Geschichte wird schnell aus der Welt sein...
Mit besten Grüßen,
painfiller

Hier ist die Log-Datei von aswMBR.exe:

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-02-13 23:47:53
-----------------------------
23:47:53.968 OS Version: Windows x64 6.2.9200
23:47:53.968 Number of processors: 4 586 0x3A09
23:47:53.970 ComputerName: KRISTOFFER UserName: krist_000
23:47:53.980 Initialze error 1
23:47:54.067 AVAST engine defs: 13020501
23:47:55.995 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000048
23:47:55.997 Disk 0 Vendor: ADATA_XM11_256GB 5.0.2a Size: 244198MB BusType: 11
23:47:56.001 Disk 0 MBR read successfully
23:47:56.004 Disk 0 MBR scan
23:47:56.021 Disk 0 unknown MBR code
23:47:56.024 Disk 0 Partition 1 00 EE GPT 244198 MB offset 1
23:47:56.060 Disk 0 scanning C:\Windows\system32\drivers
23:47:56.063 Service scanning
23:47:56.594 Modules scanning
23:47:56.597 Disk 0 trace - called modules:
23:47:56.604 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll iaStorA.sys
23:47:56.608 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800f3fd060]
23:47:56.611 3 CLASSPNP.SYS[fffff88000c028aa] -> nt!IofCallDriver -> [0xfffffa800ef64e40]
23:47:56.615 5 ACPI.sys[fffff8800100ca91] -> nt!IofCallDriver -> \Device\00000048[0xfffffa800ef6a060]
23:47:56.622 AVAST engine scan C:\Windows
23:47:56.627 AVAST engine scan C:\Windows\system32
23:47:56.632 AVAST engine scan C:\Windows\system32\drivers
23:47:56.638 AVAST engine scan C:\Users\krist_000
23:47:56.643 AVAST engine scan C:\ProgramData
23:47:56.648 Scan finished successfully
23:48:35.148 Disk 0 MBR has been saved successfully to "C:\Users\krist_000\Downloads\Avast logs\MBR.dat"
23:48:35.153 The log file has been saved successfully to "C:\Users\krist_000\Downloads\Avast logs\aswMBR.txt"
Angehängte Dateien
Dateityp: txt mbam-log-2013-02-13 (23-23-34).txt (2,1 KB, 137x aufgerufen)

Alt 14.02.2013, 12:24   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Avast VisthAux.exe deaktiviert (Windows 8) - Standard

Avast VisthAux.exe deaktiviert (Windows 8)



Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner?
Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.



Bevor wir uns an die weitere Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
  • Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.

  • Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.

  • Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!

  • Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!

  • Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.


Erstmal eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in CODE-Tags in den Thread.
__________________

__________________

Alt 14.02.2013, 14:24   #3
painfiller
 
Avast VisthAux.exe deaktiviert (Windows 8) - Standard

Avast VisthAux.exe deaktiviert (Windows 8)



Hi Cosinus!

Leider kann ich nur die Logfile vom Malwarebytes anbieten und zwar die folgenden:

Code:
ATTFilter
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Datenbank Version: v2013.02.13.09

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16466
krist_000 :: KRISTOFFER [Administrator]

13.02.2013 23:23:34
mbam-log-2013-02-13 (23-23-34).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 457553
Laufzeit: 16 Minute(n), 47 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         
Hier ist das Ergebnis von OTL:
Code:
ATTFilter
OTL logfile created on: 14.02.2013 15:13:58 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\krist_000\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16484)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,89 Gb Total Physical Memory | 1,27 Gb Available Physical Memory | 32,57% Memory free
12,39 Gb Paging File | 9,38 Gb Available in Paging File | 75,70% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 102,54 Gb Total Space | 33,83 Gb Free Space | 32,99% Space Free | Partition Type: NTFS
Drive D: | 110,93 Gb Total Space | 71,07 Gb Free Space | 64,07% Space Free | Partition Type: NTFS
 
Computer Name: KRISTOFFER | User Name: krist_000 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\krist_000\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Users\krist_000\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Users\krist_000\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Windows\SysWOW64\WWAHost.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS)
PRC - C:\Windows\SysWOW64\ACEngSvr.exe (ASUSTeK)
PRC - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Motorola Solutions, Inc.)
PRC - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions, Inc.)
PRC - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUSTek Computer Inc.)
PRC - C:\Windows\SysWOW64\irstrtsv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe (Microsoft Corporation.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Users\krist_000\AppData\Local\Google\Chrome\User Data\PepperFlash\11.6.602.167\pepflashplayer.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\e1ec8b9a6d4f9af9d6065c4187fb1b5f\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\f641b786d36d1cc5a5531a746c96ce1b\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\38638a559066bf7f2325a53ed53629bc\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\05cc6faa6704d01e78700561b22937e3\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\6824c9f11ea82b4148780cd92c9d6745\PresentationFramework.Aero2.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\8347ac8367f91309fa888d79a54c7450\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\1c7f4533b2b24c10a628793a8b93e1a7\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\15cc4fff434f274c1f6ab56a385dcb54\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\a7811936e59aaee26b1d9d467174d6d4\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\374a0cc6603f58864831897ef723bd4a\mscorlib.ni.dll ()
MOD - C:\Users\krist_000\AppData\Local\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Users\krist_000\AppData\Local\Google\Chrome\Application\24.0.1312.57\pdf.dll ()
MOD - C:\Users\krist_000\AppData\Local\Google\Chrome\Application\24.0.1312.57\libglesv2.dll ()
MOD - C:\Users\krist_000\AppData\Local\Google\Chrome\Application\24.0.1312.57\libegl.dll ()
MOD - C:\Users\krist_000\AppData\Local\Google\Chrome\Application\24.0.1312.57\ffmpegsumo.dll ()
MOD - C:\Users\krist_000\AppData\Roaming\Spotify\Data\libcef.dll ()
MOD - C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (OfficeSvc) -- C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (ZeroConfigService) -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel® Corporation)
SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV:64bit: - (AMPPALR3) -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel Corporation)
SRV:64bit: - (BTHSSecurityMgr) -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel(R) Corporation)
SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (TeamViewer8) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (HPSLPSVC) -- C:\Users\KRIST_~1\AppData\Local\Temp\7zS71D5\hpslpsvc64.dll (Hewlett-Packard Co.)
SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (Bluetooth OBEX Service) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Motorola Solutions, Inc.)
SRV - (Bluetooth Device Monitor) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions, Inc.)
SRV - (irstrtsv) -- C:\Windows\SysWOW64\irstrtsv.exe (Intel Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUSTek Computer Inc.)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe (Microsoft Corporation.)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe (Microsoft Corporation.)
SRV - (ASUS InstantOn) -- C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe (ASUS)
SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (aswnet) -- C:\Windows\SysNative\Drivers\aswnet.sys (AVAST Software)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (ATP) -- C:\Windows\SysNative\Drivers\AsusTP.sys (ASUS Corporation)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\Drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (LVUVC64) -- C:\Windows\SysNative\Drivers\lvuvc64.sys (Logitech Inc.)
DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\Drivers\lvrs64.sys (Logitech Inc.)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\Drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\Drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (NETwNe64) -- C:\Windows\SysNative\Drivers\NETwew00.sys (Intel Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\Drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (intaud_WaveExtensible) -- C:\Windows\SysNative\Drivers\intelaud.sys (Intel Corporation)
DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\Drivers\iwdbus.sys (Intel Corporation)
DRV:64bit: - (XHCIPort) -- C:\Windows\SysNative\Drivers\xHCIPort.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (usb3Hub) -- C:\Windows\SysNative\Drivers\usb3Hub.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\Drivers\kbfiltr.sys ( )
DRV:64bit: - (irstrtdv) -- C:\Windows\SysNative\Drivers\irstrtdv.sys (Intel Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\Drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (acpials) -- C:\Windows\SysNative\Drivers\acpials.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\Drivers\BthLEEnum.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (AiCharger) -- C:\Windows\SysNative\Drivers\AiCharger.sys (ASUSTek Computer Inc.)
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\Drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (AMPPALP) -- C:\Windows\SysNative\Drivers\AmpPal.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (AMPPAL) -- C:\Windows\SysNative\Drivers\AmpPal.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (btmhsf) -- C:\Windows\SysNative\Drivers\btmhsf.sys (Intel Corporation)
DRV:64bit: - (DptfManager) -- C:\Windows\SysNative\Drivers\DptfManager.sys (Intel Corporation)
DRV:64bit: - (DptfDevGen) -- C:\Windows\SysNative\Drivers\DptfDevGen.sys (Intel Corporation)
DRV:64bit: - (DptfDevDram) -- C:\Windows\SysNative\Drivers\DptfDevDram.sys (Intel Corporation)
DRV:64bit: - (DptfDevFan) -- C:\Windows\SysNative\Drivers\DptfDevFan.sys (Intel Corporation)
DRV:64bit: - (DptfDevPch) -- C:\Windows\SysNative\Drivers\DptfDevPch.sys (Intel Corporation)
DRV:64bit: - (DptfDevProc) -- C:\Windows\SysNative\Drivers\DptfDevProc.sys (Intel Corporation)
DRV:64bit: - (AX88772) -- C:\Windows\SysNative\Drivers\ax88772.sys (ASIX Electronics Corp.)
DRV:64bit: - (iBtFltCoex) -- C:\Windows\SysNative\Drivers\iBtFltCoex.sys (Intel Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\Drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\Drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (RSUSBVSTOR) -- C:\Windows\SysNative\Drivers\RtsUVStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\Drivers\agrsm64.sys (LSI Corp)
DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\Drivers\Rt630x64.sys (Realtek                                            )
DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\Drivers\NETwNs64.sys (Intel Corporation)
DRV:64bit: - (e1iexpress) -- C:\Windows\SysNative\Drivers\e1i63x64.sys (Intel Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\Drivers\athrx.sys (Qualcomm Atheros Communications, Inc.)
DRV:64bit: - (HIDSwitch) -- C:\Windows\SysNative\Drivers\AsHIDSwitch64.sys (ASUS)
DRV:64bit: - (btmaux) -- C:\Windows\SysNative\Drivers\btmaux.sys (Intel Corporation)
DRV - (ATKWMIACPIIO) -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (ASUS)
DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2347345409-2648239615-1393546621-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
IE - HKU\S-1-5-21-2347345409-2648239615-1393546621-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startfenster.com
IE - HKU\S-1-5-21-2347345409-2648239615-1393546621-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2347345409-2648239615-1393546621-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\krist_000\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\krist_000\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.12.28 14:09:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK
 
[2012.12.28 14:09:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\krist_000\AppData\Roaming\mozilla\Extensions
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.google.de/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: hxxp://www.google.de/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\krist_000\AppData\Local\Google\Chrome\Application\24.0.1312.57\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\krist_000\AppData\Local\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\krist_000\AppData\Local\Google\Chrome\Application\24.0.1312.57\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Google Update (Enabled) = C:\Users\krist_000\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~2\mcafee\msc\npmcsn~1.dll
CHR - Extension: Google Drive = C:\Users\krist_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\krist_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Auf den Amazon-Wunschzettel = C:\Users\krist_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\
CHR - Extension: Google-Suche = C:\Users\krist_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Google Kalender = C:\Users\krist_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\
CHR - Extension: avast! WebRep = C:\Users\krist_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: Evernote Web = C:\Users\krist_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0\
CHR - Extension: dict-cc = C:\Users\krist_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nknonnojlmhnmjhpeokdbeineeajcemh\1.6.87_0\
CHR - Extension: Google Mail = C:\Users\krist_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2012.07.26 06:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [ACMON] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Motorola Solutions, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe (ASUS Cloud Corporation)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKU\S-1-5-21-2347345409-2648239615-1393546621-1001..\Run: [Spotify] C:\Users\krist_000\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd)
O4 - Startup: C:\Users\krist_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\krist_000\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An Bluetooth senden - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: An Bluetooth senden - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4CFCC10A-995C-47A7-B25A-23C4A6801240}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{79C36127-07F5-4EE7-95D1-833D01F9258D}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.02.14 00:31:33 | 006,967,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.02.14 00:31:10 | 003,966,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.02.14 00:31:09 | 000,907,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll
[2013.02.14 00:31:09 | 000,854,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.02.14 00:31:09 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.02.14 00:31:09 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.02.14 00:31:09 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.02.14 00:31:09 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.02.14 00:31:08 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.02.14 00:31:08 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UXInit.dll
[2013.02.14 00:31:08 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.02.14 00:31:08 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UXInit.dll
[2013.02.14 00:31:08 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.02.14 00:24:25 | 002,094,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmc.exe
[2013.02.14 00:24:24 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlidsvc.dll
[2013.02.14 00:24:24 | 001,611,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmc.exe
[2013.02.14 00:24:21 | 001,886,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setupapi.dll
[2013.02.14 00:24:21 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msctf.dll
[2013.02.14 00:24:21 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netprofmsvc.dll
[2013.02.14 00:24:20 | 000,438,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsm.dll
[2013.02.14 00:24:20 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Media.dll
[2013.02.14 00:24:20 | 000,028,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\msgpiowin32.sys
[2013.02.14 00:24:17 | 000,666,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MP4SDECD.DLL
[2013.02.14 00:24:17 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Networking.dll
[2013.02.14 00:24:17 | 000,303,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2013.02.14 00:24:17 | 000,194,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sdbus.sys
[2013.02.14 00:24:17 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetpp.dll
[2013.02.14 00:24:17 | 000,124,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpsd.sys
[2013.02.14 00:24:16 | 000,728,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samsrv.dll
[2013.02.14 00:24:16 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MP4SDECD.DLL
[2013.02.14 00:24:16 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Networking.dll
[2013.02.14 00:24:16 | 000,261,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Media.dll
[2013.02.14 00:24:16 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSDMon.dll
[2013.02.14 00:24:16 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsquirt.exe
[2013.02.14 00:24:16 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncbservice.dll
[2013.02.14 00:24:16 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\httpprxm.dll
[2013.02.14 00:24:16 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wiaacmgr.exe
[2013.02.14 00:24:16 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wiaacmgr.exe
[2013.02.14 00:24:16 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adhsvc.dll
[2013.02.14 00:24:15 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adhapi.dll
[2013.02.14 00:24:15 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\httpprxp.dll
[2013.02.14 00:24:15 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\keepaliveprovider.dll
[2013.02.14 00:24:08 | 001,690,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\GdiPlus.dll
[2013.02.14 00:24:07 | 001,437,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\GdiPlus.dll
[2013.02.14 00:02:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
[2013.02.14 00:02:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013.02.14 00:02:32 | 000,984,144 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013.02.14 00:02:32 | 000,468,144 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswnet.sys
[2013.02.14 00:02:32 | 000,370,288 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013.02.14 00:02:32 | 000,071,600 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013.02.14 00:02:32 | 000,054,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2013.02.14 00:02:32 | 000,025,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2013.02.14 00:02:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013.02.14 00:02:23 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013.02.14 00:02:22 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2013.02.13 23:22:21 | 000,000,000 | ---D | C] -- C:\Users\krist_000\AppData\Roaming\Malwarebytes
[2013.02.13 23:22:13 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.02.13 23:22:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.02.13 23:22:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.02.13 23:22:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Anti-Malware
[2013.02.13 12:02:24 | 000,000,000 | ---D | C] -- C:\Users\krist_000\AppData\Local\Diagnostics
[2013.02.05 10:14:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2013.01.31 21:38:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
[2013.01.31 21:37:06 | 000,000,000 | ---D | C] -- C:\Users\krist_000\Documents\Meine empfangenen Dateien
[2013.01.29 20:31:05 | 000,000,000 | R--D | C] -- C:\Users\krist_000\SkyDrive
[2013.01.29 20:31:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SkyDrive
[2013.01.29 20:30:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft SkyDrive
[2013.01.29 20:10:59 | 000,000,000 | ---D | C] -- C:\Users\krist_000\Documents\Benutzerdefinierte Office-Vorlagen
[2013.01.29 19:38:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
[2013.01.29 19:37:38 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office 15
[2013.01.28 19:55:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\logishrd
[2013.01.28 19:55:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\logishrd
[2013.01.17 01:01:43 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBREG
[2013.01.17 01:01:37 | 000,000,000 | ---D | C] -- C:\Users\krist_000\AppData\Roaming\HP
[2013.01.17 01:01:37 | 000,000,000 | ---D | C] -- C:\Users\krist_000\AppData\Local\HP
[2013.01.17 00:59:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2013.01.17 00:59:36 | 000,000,000 | ---D | C] -- C:\Users\krist_000\AppData\Roaming\HpUpdate
[2013.01.17 00:59:24 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant
[2013.01.17 00:58:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\HP
[2013.01.17 00:58:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Hewlett-Packard
[2013.01.17 00:58:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2013.01.17 00:58:31 | 000,138,752 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\hpf3l101.dll
[2013.01.17 00:58:27 | 000,000,000 | -H-D | C] -- C:\Config.Msi
[2013.01.17 00:57:42 | 001,175,552 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hposwia_p04b.dll
[2013.01.17 00:57:42 | 000,643,200 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpzids40.dll
[2013.01.17 00:57:41 | 001,421,824 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\hpost_p04b.dll
[2013.01.17 00:57:41 | 000,521,216 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\hposc_p04a.dll
[2013.01.17 00:32:14 | 000,000,000 | ---D | C] -- C:\Users\krist_000\AppData\Roaming\TeamViewer
[2013.01.17 00:31:58 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2013.01.17 00:31:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2013.01.17 00:31:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2013.01.17 00:31:55 | 000,377,344 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpbrprtmon.dll
[2013.01.17 00:31:55 | 000,355,840 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpbprtmon.dll
[2013.01.17 00:31:55 | 000,170,496 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpbprtmonui.dll
[2013.01.17 00:31:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP
[2013.01.17 00:30:18 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2013.01.17 00:29:23 | 000,000,000 | ---D | C] -- C:\HP_ePrint_Mobile
[2013.01.17 00:27:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
 
========== Files - Modified Within 30 Days ==========
 
[2013.02.14 15:12:00 | 000,001,138 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.02.14 14:56:01 | 000,001,158 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2347345409-2648239615-1393546621-1001UA.job
[2013.02.14 13:23:00 | 000,000,870 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2013.02.14 12:56:01 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2347345409-2648239615-1393546621-1001Core.job
[2013.02.14 11:27:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.14 07:52:45 | 001,745,416 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.02.14 07:52:45 | 000,753,134 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.02.14 07:52:45 | 000,710,244 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.02.14 07:52:45 | 000,155,826 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.02.14 07:52:45 | 000,132,614 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.02.14 07:50:57 | 000,000,500 | ---- | M] () -- C:\Users\krist_000\AppData\Roaming\sp_data.sys
[2013.02.14 07:50:45 | 000,001,134 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.02.14 07:50:42 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2013.02.14 00:34:44 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013.02.14 00:34:41 | 3340,271,616 | -HS- | M] () -- C:\hiberfil.sys
[2013.02.14 00:05:27 | 000,468,144 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswnet.sys
[2013.02.14 00:05:27 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswnet.sys.sum
[2013.02.14 00:02:32 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013.02.07 00:06:14 | 000,692,576 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.02.07 00:06:14 | 000,078,176 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.01.31 20:56:59 | 000,002,286 | ---- | M] () -- D:\Desktop\Google Chrome.lnk
[2013.01.28 10:22:35 | 001,074,307 | ---- | M] () -- C:\Users\krist_000\Semesterprogramm FSS2013.pdf
[2013.01.25 08:45:14 | 000,001,059 | ---- | M] () -- C:\Users\krist_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013.01.17 01:01:36 | 000,250,294 | ---- | M] () -- C:\Windows\hpoins47.dat
[2013.01.17 00:59:07 | 000,002,101 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2013.01.16 01:35:49 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UXInit.dll
[2013.01.16 01:31:26 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UXInit.dll
[2013.01.16 01:25:17 | 001,437,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\GdiPlus.dll
[2013.01.16 01:23:19 | 001,690,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\GdiPlus.dll
 
========== Files Created - No Company Name ==========
 
[2013.02.14 00:24:15 | 000,386,577 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2013.02.14 00:02:34 | 000,001,138 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.02.14 00:02:34 | 000,001,134 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.01.29 20:31:03 | 000,002,198 | ---- | C] () -- C:\Users\krist_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
[2013.01.28 10:22:35 | 001,074,307 | ---- | C] () -- C:\Users\krist_000\Semesterprogramm FSS2013.pdf
[2013.01.17 00:59:07 | 000,002,101 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2013.01.17 00:57:56 | 000,250,294 | ---- | C] () -- C:\Windows\hpoins47.dat
[2013.01.17 00:57:56 | 000,000,478 | ---- | C] () -- C:\Windows\hpomdl47.dat
[2013.01.17 00:27:51 | 000,001,180 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk
[2013.01.10 09:58:46 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2013.01.03 14:18:32 | 000,121,435 | ---- | C] () -- C:\Users\krist_000\H&M – Mode und Qualität zum besten Preis.pdf
[2012.12.31 19:06:57 | 000,000,021 | ---- | C] () -- C:\Users\krist_000\AppData\Roaming\my_intel.sys
[2012.12.22 12:38:40 | 000,000,500 | ---- | C] () -- C:\Users\krist_000\AppData\Roaming\sp_data.sys
[2012.10.26 16:42:24 | 000,336,232 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012.10.26 16:42:22 | 010,919,784 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012.10.26 16:42:22 | 000,103,272 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2012.10.08 01:29:12 | 000,185,216 | ---- | C] () -- C:\Windows\SysWow64\dptfinvalidpolicyremover.exe
[2012.10.08 01:29:12 | 000,004,362 | ---- | C] () -- C:\Windows\SysWow64\dptfinvalidpolicyremover.ini
[2012.08.30 09:27:12 | 000,598,780 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
[2012.08.30 09:26:51 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.08.30 09:26:48 | 000,755,048 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2012.08.17 01:52:29 | 000,024,576 | ---- | C] () -- C:\ProgramData\SetStretch.exe
[2012.08.17 01:52:28 | 000,000,217 | ---- | C] () -- C:\ProgramData\SetStretch.cmd
[2012.07.26 09:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2012.07.26 09:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2012.07.26 08:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2012.07.26 02:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2012.07.25 21:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012.07.25 21:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012.07.25 21:22:56 | 000,267,284 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin
[2012.07.25 21:22:54 | 000,963,376 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin
[2012.06.02 15:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2012.04.20 13:59:44 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
 
========== ZeroAccess Check ==========
 
[2012.10.08 01:39:23 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.01.10 00:23:07 | 019,791,360 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.01.10 00:26:23 | 017,560,576 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 04:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 04:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 04:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.12.22 12:38:44 | 000,000,000 | ---D | M] -- C:\Users\krist_000\AppData\Roaming\ASUS WebStorage
[2013.02.14 11:29:46 | 000,000,000 | ---D | M] -- C:\Users\krist_000\AppData\Roaming\Dropbox
[2013.01.03 17:44:01 | 000,000,000 | ---D | M] -- C:\Users\krist_000\AppData\Roaming\IrfanView
[2013.01.08 14:04:42 | 000,000,000 | ---D | M] -- C:\Users\krist_000\AppData\Roaming\pdfforge
[2013.02.14 15:02:13 | 000,000,000 | ---D | M] -- C:\Users\krist_000\AppData\Roaming\Spotify
[2013.01.17 01:07:02 | 000,000,000 | ---D | M] -- C:\Users\krist_000\AppData\Roaming\TeamViewer
[2012.12.28 14:09:14 | 000,000,000 | ---D | M] -- C:\Users\krist_000\AppData\Roaming\Thunderbird
 
========== Purity Check ==========
 
 

< End of report >
         
Aus leichter Panik vermischt mit etwas Naivität habe ich gestern Avast deinstalliert und die aktuellste Version von der Avast-Homepage installiert.
Nach der Neuinstallation lief alles wieder einwandfrei, mich beschleicht aber ein ungutes Gefühl. Daher würde ich vorsichtshalber schauen ob es noch einen Trojaner irgendwo gibt und vor allem ein wenig Prophylaxe betreiben.
Ich hoffe die Neuinstallation hat jetzt nicht alle Bemühungen zu Nichte gemacht, geschweige denn eure Zeit verschwendet.

Vielen Dank und beste Grüße,
painfiller
__________________

Alt 14.02.2013, 14:55   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Avast VisthAux.exe deaktiviert (Windows 8) - Standard

Avast VisthAux.exe deaktiviert (Windows 8)



Bitte nun Logs mit GMER (<<< klick für Anleitung) und MBAR (Anleitung etwas weiter unten) erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim zweiten Mal nicht will, lass es einfach weg und führ nur MBAR aus.

Anleitung MBAR:

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 15.02.2013, 21:06   #5
painfiller
 
Avast VisthAux.exe deaktiviert (Windows 8) - Standard

Avast VisthAux.exe deaktiviert (Windows 8)



So, Tests habe ich durchgeführt. Wie du vermutet hast, hat der GMER Test nicht funktioniert. Dafür aber der andere, hier das Ergebnis:

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.01.0.1020
www.malwarebytes.org

Database version: v2013.02.15.08

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16484
krist_000 :: KRISTOFFER [administrator]

15.02.2013 22:00:17
mbar-log-2013-02-15 (22-00-17).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 7691
Time elapsed: 10 minute(s), 32 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
         
Und er hat nichts gefunden.
Wie geht es weiter?


Alt 16.02.2013, 16:20   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Avast VisthAux.exe deaktiviert (Windows 8) - Standard

Avast VisthAux.exe deaktiviert (Windows 8)



Probier GMER noch einmal bitte. Dann TDSSKiller

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
--> Avast VisthAux.exe deaktiviert (Windows 8)

Alt 21.02.2013, 20:04   #7
painfiller
 
Avast VisthAux.exe deaktiviert (Windows 8) - Standard

Avast VisthAux.exe deaktiviert (Windows 8)



So, da bin ich wieder, hat leider etwas länger gedauert...

GMER wollte wieder nicht. Startet zwar, aber nach ner Sekunde bricht es zusammen und mit ihm zusammen das ganze System.

TDSS habe ich genau wie GMER ohne alles, also ohne Verbindungen/Programme durchlaufen lassen und dabei wurde folgendes gefunden:

Code:
ATTFilter
21:01:05.0353 4132  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
21:01:05.0353 4132  UEFI system
21:01:05.0369 4132  ============================================================
21:01:05.0369 4132  Current date / time: 2013/02/21 21:01:05.0369
21:01:05.0369 4132  SystemInfo:
21:01:05.0369 4132  
21:01:05.0369 4132  OS Version: 6.2.9200 ServicePack: 0.0
21:01:05.0369 4132  Product type: Workstation
21:01:05.0369 4132  ComputerName: KRISTOFFER
21:01:05.0369 4132  UserName: krist_000
21:01:05.0369 4132  Windows directory: C:\Windows
21:01:05.0369 4132  System windows directory: C:\Windows
21:01:05.0369 4132  Running under WOW64
21:01:05.0369 4132  Processor architecture: Intel x64
21:01:05.0369 4132  Number of processors: 4
21:01:05.0369 4132  Page size: 0x1000
21:01:05.0369 4132  Boot type: Normal boot
21:01:05.0369 4132  ============================================================
21:01:05.0556 4132  Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 (238.47 Gb), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:01:05.0556 4132  ============================================================
21:01:05.0556 4132  \Device\Harddisk0\DR0:
21:01:05.0556 4132  GPT partitions:
21:01:05.0556 4132  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {712BD1FE-327A-4E44-81B5-187BBF608EA2}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x96000
21:01:05.0556 4132  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {EA03EB7D-3EA5-49BC-9260-2597EA786BE7}, Name: Basic data partition, StartLBA 0x96800, BlocksNum 0x12C000
21:01:05.0556 4132  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {1DED6C01-F3F2-434C-B7FF-A75E9BFD45B5}, Name: Microsoft reserved partition, StartLBA 0x1C2800, BlocksNum 0x40000
21:01:05.0556 4132  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {B5FF348F-B336-4661-81D8-62AD1DCFD1BF}, Name: Basic data partition, StartLBA 0x202800, BlocksNum 0xCD16800
21:01:05.0556 4132  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {E4D25D5D-A133-4168-B55E-09BE811DFEB7}, Name: Basic data partition, StartLBA 0xCF19000, BlocksNum 0xDDDA000
21:01:05.0556 4132  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {D3BFE2DE-3DAF-11DF-BA40-E3A556D89593}, UniqueGUID: {E8E7B207-DBAF-44A8-B0C6-10EEDF8F8582}, Name: Basic data partition, StartLBA 0x1ACF3000, BlocksNum 0x800000
21:01:05.0556 4132  \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {743E711E-F7A6-4157-AAE6-6E322527B444}, Name: Basic data partition, StartLBA 0x1B4F3000, BlocksNum 0x2800000
21:01:05.0556 4132  MBR partitions:
21:01:05.0556 4132  ============================================================
21:01:05.0556 4132  C: <-> \Device\Harddisk0\DR0\Partition4
21:01:05.0556 4132  D: <-> \Device\Harddisk0\DR0\Partition5
21:01:05.0556 4132  ============================================================
21:01:05.0556 4132  Initialize success
21:01:05.0556 4132  ============================================================
21:01:17.0697 6184  ============================================================
21:01:17.0697 6184  Scan started
21:01:17.0697 6184  Mode: Manual; SigCheck; TDLFS; 
21:01:17.0697 6184  ============================================================
21:01:17.0822 6184  ================ Scan system memory ========================
21:01:17.0822 6184  System memory - ok
21:01:17.0822 6184  ================ Scan services =============================
21:01:17.0885 6184  [ E890C46E4754F0DF51BAFCC8D2E07498 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
21:01:17.0916 6184  1394ohci - ok
21:01:17.0916 6184  [ 4F18D4C7EA14F11A7211F60D553C03DB ] 3ware           C:\Windows\system32\drivers\3ware.sys
21:01:17.0932 6184  3ware - ok
21:01:17.0932 6184  [ 975AABEB243B800C23626D6B652C5A9C ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:01:17.0947 6184  ACPI - ok
21:01:17.0963 6184  [ E3530CCC4018BBFC39176E579E438BE6 ] acpials         C:\Windows\system32\DRIVERS\acpials.sys
21:01:17.0963 6184  acpials - ok
21:01:17.0979 6184  [ DC968C37822117E576B933F34A2D130C ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
21:01:17.0979 6184  acpiex - ok
21:01:17.0994 6184  [ 0CA9F7C3A78227C21A0A7854E245CFB2 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
21:01:17.0994 6184  acpipagr - ok
21:01:17.0994 6184  [ 8EB8DA03B142D3DD1EB9ED8107A76C43 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
21:01:18.0010 6184  AcpiPmi - ok
21:01:18.0010 6184  [ CBCE725C5D86ABA7D2604E22951AA9B8 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
21:01:18.0026 6184  acpitime - ok
21:01:18.0026 6184  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:01:18.0041 6184  AdobeARMservice - ok
21:01:18.0041 6184  [ 93C6388592B99925C1D1576E465BC80F ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
21:01:18.0057 6184  adp94xx - ok
21:01:18.0072 6184  [ D27763E0247292654E7F7D16444C7C72 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
21:01:18.0088 6184  adpahci - ok
21:01:18.0088 6184  [ 67B90070FF48F794AF19F9FCF0080D75 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
21:01:18.0104 6184  adpu320 - ok
21:01:18.0104 6184  [ 974AE60BF5B90E31412D93596C968E5B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:01:18.0119 6184  AeLookupSvc - ok
21:01:18.0135 6184  [ 36D6A3201721558A8AFBCC09C2DA4C2C ] AFD             C:\Windows\system32\drivers\afd.sys
21:01:18.0151 6184  AFD - ok
21:01:18.0166 6184  [ 98022774D9930ECBB292E70DB7601DF6 ] AgereSoftModem  C:\Windows\system32\DRIVERS\agrsm64.sys
21:01:18.0182 6184  AgereSoftModem - ok
21:01:18.0182 6184  [ 01590377A5AB19E792528C628A2A68F9 ] agp440          C:\Windows\system32\drivers\agp440.sys
21:01:18.0197 6184  agp440 - ok
21:01:18.0197 6184  [ 16F6F6B7903B913AB41AB848C8BB5658 ] AiCharger       C:\Windows\system32\DRIVERS\AiCharger.sys
21:01:18.0213 6184  AiCharger - ok
21:01:18.0213 6184  [ D1BE8E6E5B3AF23A4393AF1BF867977A ] ALG             C:\Windows\System32\alg.exe
21:01:18.0229 6184  ALG - ok
21:01:18.0244 6184  [ 025E8C755BE293E50854D26D1BBE5133 ] AllUserInstallAgent C:\Windows\system32\AUInstallAgent.dll
21:01:18.0244 6184  AllUserInstallAgent - ok
21:01:18.0260 6184  [ 5A81054B824004B1ECC04F0034A1CDF9 ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
21:01:18.0260 6184  AmdK8 - ok
21:01:18.0276 6184  [ B849D453E644FAB9BC8EF6DC8CA9C4C6 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
21:01:18.0276 6184  AmdPPM - ok
21:01:18.0291 6184  [ 35A0EB5AECB0FA3C41A2FB514A562304 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:01:18.0291 6184  amdsata - ok
21:01:18.0307 6184  [ 00452671904F5EE94B50BF0219C97164 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
21:01:18.0322 6184  amdsbs - ok
21:01:18.0322 6184  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:01:18.0322 6184  amdxata - ok
21:01:18.0338 6184  [ FB88245C1815EB1588DBC364A8D24522 ] AMPPAL          C:\Windows\System32\drivers\AMPPAL.sys
21:01:18.0338 6184  AMPPAL - ok
21:01:18.0338 6184  [ FB88245C1815EB1588DBC364A8D24522 ] AMPPALP         C:\Windows\system32\DRIVERS\amppal.sys
21:01:18.0354 6184  AMPPALP - ok
21:01:18.0369 6184  [ A73CEA1B1B0A4F6D10BFD3B9AD9DC5F9 ] AMPPALR3        C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
21:01:18.0385 6184  AMPPALR3 - ok
21:01:18.0385 6184  [ 83B3682CE922FB0F415734B26D9D6233 ] AppID           C:\Windows\system32\drivers\appid.sys
21:01:18.0401 6184  AppID - ok
21:01:18.0401 6184  [ CE2BEAD7F31816FF0AC490D048C969F9 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:01:18.0416 6184  AppIDSvc - ok
21:01:18.0416 6184  [ D64C4AFEE8277F35EF729A2B924666B0 ] Appinfo         C:\Windows\System32\appinfo.dll
21:01:18.0432 6184  Appinfo - ok
21:01:18.0432 6184  [ E933401B392387F4BE34DE8BAF1722A7 ] arc             C:\Windows\system32\drivers\arc.sys
21:01:18.0447 6184  arc - ok
21:01:18.0447 6184  [ 07CA323EF2E8247A568AB0F3662AD644 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
21:01:18.0463 6184  arcsas - ok
21:01:18.0463 6184  [ FA713019412C061385F09BD373BF747A ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
21:01:18.0479 6184  ASLDRService - ok
21:01:18.0479 6184  [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
21:01:18.0479 6184  ASMMAP64 - ok
21:01:18.0494 6184  [ 6A122B4F0E5293CACFA8A5F2CBA9B356 ] ASUS InstantOn  C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
21:01:18.0494 6184  ASUS InstantOn - ok
21:01:18.0510 6184  [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
21:01:18.0510 6184  aswFsBlk - ok
21:01:18.0510 6184  [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
21:01:18.0526 6184  aswMonFlt - ok
21:01:18.0526 6184  [ 7415A03DEF5A4D5068112E8782FCEF75 ] aswnet          C:\Windows\System32\Drivers\aswnet.sys
21:01:18.0541 6184  aswnet - ok
21:01:18.0541 6184  [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr          C:\Windows\System32\Drivers\aswrdr2.sys
21:01:18.0557 6184  aswRdr - ok
21:01:18.0557 6184  [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
21:01:18.0588 6184  aswSnx - ok
21:01:18.0588 6184  [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
21:01:18.0604 6184  aswSP - ok
21:01:18.0604 6184  [ 74DBAEC35366C4EE7670428808715A6A ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:01:18.0619 6184  AsyncMac - ok
21:01:18.0619 6184  [ A721FF570C2387E383BDDEA9632863C9 ] atapi           C:\Windows\system32\drivers\atapi.sys
21:01:18.0635 6184  atapi - ok
21:01:18.0651 6184  [ DECE3E2832F125A41A02FB59F4C54EEA ] athr            C:\Windows\system32\DRIVERS\athrx.sys
21:01:18.0713 6184  athr - ok
21:01:18.0713 6184  [ DBC598E47E7A382E60E2A4745D41FEF9 ] ATKGFNEXSrv     C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
21:01:18.0713 6184  ATKGFNEXSrv - ok
21:01:18.0713 6184  [ 41CEAFFCF3550785E59E3EC9BEE8D97A ] ATKWMIACPIIO    C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
21:01:18.0729 6184  ATKWMIACPIIO - ok
21:01:18.0729 6184  [ 437EB91CB20144375DDE145149778405 ] ATP             C:\Windows\System32\drivers\AsusTP.sys
21:01:18.0744 6184  ATP - ok
21:01:18.0744 6184  [ 810ED88782952228AF9C0985FB7D259E ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
21:01:18.0760 6184  AudioEndpointBuilder - ok
21:01:18.0760 6184  [ 25CA8B87479A374919563B3EE7136F32 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
21:01:18.0791 6184  Audiosrv - ok
21:01:18.0791 6184  [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
21:01:18.0791 6184  avast! Antivirus - ok
21:01:18.0807 6184  [ 555C879F7CD2A5E476F2F46D3FBD5537 ] AX88772         C:\Windows\system32\DRIVERS\ax88772.sys
21:01:18.0807 6184  AX88772 - ok
21:01:18.0822 6184  [ 89491EF71D5EA011127832C588002853 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:01:18.0838 6184  AxInstSV - ok
21:01:18.0838 6184  [ 87AB5BB072A3F128541D5B815F82FFDD ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
21:01:18.0854 6184  b06bdrv - ok
21:01:18.0854 6184  [ 81703BC5D68DEDBB086C2368FBE7B334 ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
21:01:18.0869 6184  BasicDisplay - ok
21:01:18.0869 6184  [ 5EC68164E14D25675C98BBB5F09E8606 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
21:01:18.0885 6184  BasicRender - ok
21:01:18.0901 6184  [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
21:01:18.0901 6184  BBSvc - ok
21:01:18.0916 6184  [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
21:01:18.0916 6184  BBUpdate - ok
21:01:18.0932 6184  [ 89143A7BA7850F5C7E61B43BB44B6418 ] BDESVC          C:\Windows\System32\bdesvc.dll
21:01:18.0932 6184  BDESVC - ok
21:01:18.0947 6184  [ 9E7AEA59776D904607985AFFE7E5E183 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:01:18.0947 6184  Beep - ok
21:01:18.0963 6184  [ 9E6A544F465C582AB42444A217CF04DC ] BFE             C:\Windows\System32\bfe.dll
21:01:18.0979 6184  BFE - ok
21:01:18.0994 6184  [ D598C44A7072D3108D8D8102EC5E07F7 ] BITS            C:\Windows\System32\qmgr.dll
21:01:19.0057 6184  BITS - ok
21:01:19.0072 6184  [ 4AF14827F1584D084BC136A51FAA8397 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
21:01:19.0088 6184  Bluetooth Device Monitor - ok
21:01:19.0104 6184  [ BC89A4C6A2A9C65E8E88AD0B3BF180FD ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
21:01:19.0119 6184  Bluetooth OBEX Service - ok
21:01:19.0135 6184  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:01:19.0151 6184  Bonjour Service - ok
21:01:19.0151 6184  [ B17AC10B47C7FCB44D22A1F06415840E ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:01:19.0166 6184  bowser - ok
21:01:19.0166 6184  [ 975398A3D2C1FEA73FC93931978DF354 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
21:01:19.0182 6184  BrokerInfrastructure - ok
21:01:19.0182 6184  [ 310068BDA80B1D55C36580FD8A873FAF ] Browser         C:\Windows\System32\browser.dll
21:01:19.0197 6184  Browser - ok
21:01:19.0197 6184  [ 3AA4309EBD9491E516F13FE3DC752FEE ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
21:01:19.0213 6184  BthAvrcpTg - ok
21:01:19.0213 6184  [ A8B20D852B07AE19A13B5D47EC4E4C3B ] BthEnum         C:\Windows\System32\drivers\BthEnum.sys
21:01:19.0229 6184  BthEnum - ok
21:01:19.0229 6184  [ 616EB8748C988AEE98D93DA141C3D3B4 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
21:01:19.0260 6184  BthHFEnum - ok
21:01:19.0260 6184  [ DCB4EBD928A6FB368BE6CAE522412DE1 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
21:01:19.0276 6184  bthhfhid - ok
21:01:19.0276 6184  [ 42201C346F0B8C458E1E9CDE04D68A2C ] BthLEEnum       C:\Windows\system32\DRIVERS\BthLEEnum.sys
21:01:19.0307 6184  BthLEEnum - ok
21:01:19.0307 6184  [ 033916CE8784A848B9A3D686B7F66D97 ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
21:01:19.0322 6184  BTHMODEM - ok
21:01:19.0322 6184  [ 091BB978E9504D0AD14586929431A957 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
21:01:19.0338 6184  BthPan - ok
21:01:19.0354 6184  [ B2FD839F9AF51B8580C02B89AC6C6C89 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
21:01:19.0385 6184  BTHPORT - ok
21:01:19.0385 6184  [ A4387C3D271959313E2577DB7BE8BA7A ] bthserv         C:\Windows\system32\bthserv.dll
21:01:19.0401 6184  bthserv - ok
21:01:19.0401 6184  [ 9310C81BE4D5EA33798A99355BB53E94 ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
21:01:19.0401 6184  BTHSSecurityMgr - ok
21:01:19.0416 6184  [ 1F715957F5236D30B6020A19A4271F6A ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
21:01:19.0416 6184  BTHUSB - ok
21:01:19.0432 6184  [ 0E39863E0568BAF18DA8A49F0C5D55EB ] btmaux          C:\Windows\system32\DRIVERS\btmaux.sys
21:01:19.0432 6184  btmaux - ok
21:01:19.0447 6184  [ 1134650C2F97611ACCDB02BC904AD35D ] btmhsf          C:\Windows\system32\DRIVERS\btmhsf.sys
21:01:19.0463 6184  btmhsf - ok
21:01:19.0479 6184  [ 990B1BABE6E81FB18E65A87EBEFB1772 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:01:19.0494 6184  cdfs - ok
21:01:19.0494 6184  [ 339BFF85D788268752DA8C9644B188EE ] cdrom           C:\Windows\System32\drivers\cdrom.sys
21:01:19.0510 6184  cdrom - ok
21:01:19.0510 6184  [ BAF8F0F55BC300E5F882E521F054E345 ] CertPropSvc     C:\Windows\System32\certprop.dll
21:01:19.0526 6184  CertPropSvc - ok
21:01:19.0526 6184  [ F64B7D1A37CC1D5F421D5359EEC81E2E ] circlass        C:\Windows\System32\drivers\circlass.sys
21:01:19.0541 6184  circlass - ok
21:01:19.0557 6184  [ 9905168708DB68849B879B5548F68AB3 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
21:01:19.0572 6184  CLFS - ok
21:01:19.0572 6184  [ 2DC8538A2260647484A6C921CA837313 ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
21:01:19.0588 6184  CmBatt - ok
21:01:19.0604 6184  [ E708BFF0473EC6B271EA46B65B16CA56 ] CNG             C:\Windows\system32\Drivers\cng.sys
21:01:19.0619 6184  CNG - ok
21:01:19.0619 6184  [ 0E5B1E9E7122EDAAF1F6CE047965CA92 ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
21:01:19.0651 6184  CompositeBus - ok
21:01:19.0651 6184  COMSysApp - ok
21:01:19.0651 6184  [ D9CB0782AF819548072AA45B70F8B22D ] condrv          C:\Windows\system32\drivers\condrv.sys
21:01:19.0666 6184  condrv - ok
21:01:19.0697 6184  [ 9F5AFC3EE57412798B1A559B620386A0 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
21:01:19.0697 6184  cphs - ok
21:01:19.0713 6184  [ F0E78B119D12BA81F163D48C0FF30B9A ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:01:19.0729 6184  CryptSvc - ok
21:01:19.0729 6184  [ C4D01BD86D6B207275FC143EEA951D75 ] dam             C:\Windows\system32\drivers\dam.sys
21:01:19.0744 6184  dam - ok
21:01:19.0744 6184  [ 1EC6E533C954BDDF2A37E7851A7E58FD ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:01:19.0776 6184  DcomLaunch - ok
21:01:19.0776 6184  [ C8650D1F61149AA546BDBC99172EBBC1 ] defragsvc       C:\Windows\System32\defragsvc.dll
21:01:19.0791 6184  defragsvc - ok
21:01:19.0807 6184  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16 ] DeviceAssociationService C:\Windows\system32\das.dll
21:01:19.0822 6184  DeviceAssociationService - ok
21:01:19.0838 6184  [ 799BE46D45D486704CE0F37CA5385262 ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
21:01:19.0854 6184  DeviceInstall - ok
21:01:19.0854 6184  [ 09D9EB9E7898F8E6561473A20CC808B9 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
21:01:19.0869 6184  Dfsc - ok
21:01:19.0869 6184  [ 9E0E72222264745ADEB0E5AC680B0ED6 ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:01:19.0885 6184  Dhcp - ok
21:01:19.0885 6184  [ 3C736FAE17BA6F91BA37594AAB139CD0 ] discache        C:\Windows\system32\drivers\discache.sys
21:01:19.0901 6184  discache - ok
21:01:19.0916 6184  [ 560495FF4CA22E1D9B1972FA18F43B6F ] disk            C:\Windows\system32\drivers\disk.sys
21:01:19.0916 6184  disk - ok
21:01:19.0916 6184  [ 82A7C72593793FE1EADA7A305BD1567A ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
21:01:19.0932 6184  dmvsc - ok
21:01:19.0947 6184  [ 066B9710B36AB550E01EEFCA52155968 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:01:19.0947 6184  Dnscache - ok
21:01:19.0963 6184  [ 9949AD2ABA168A618D46C799D6CC898C ] dot3svc         C:\Windows\System32\dot3svc.dll
21:01:19.0979 6184  dot3svc - ok
21:01:19.0979 6184  [ 109FC3F80BF4F4DC5A071058074F13C1 ] DPS             C:\Windows\system32\dps.dll
21:01:19.0994 6184  DPS - ok
21:01:20.0010 6184  [ 0EB108FDBF4662E2666DAEDF79BBFED9 ] DptfDevDram     C:\Windows\system32\DRIVERS\DptfDevDram.sys
21:01:20.0010 6184  DptfDevDram - ok
21:01:20.0010 6184  [ 02262B2DD70E27D7C9F05D7F44135D28 ] DptfDevFan      C:\Windows\system32\DRIVERS\DptfDevFan.sys
21:01:20.0026 6184  DptfDevFan - ok
21:01:20.0026 6184  [ 1A251FC32063972B4EEDEC43637061ED ] DptfDevGen      C:\Windows\system32\DRIVERS\DptfDevGen.sys
21:01:20.0026 6184  DptfDevGen - ok
21:01:20.0041 6184  [ 2986DF25D67710EB415BFDEB5EBDD486 ] DptfDevPch      C:\Windows\system32\DRIVERS\DptfDevPch.sys
21:01:20.0041 6184  DptfDevPch - ok
21:01:20.0057 6184  [ 6C3A9CF2037ADDFDC3AB96B04797AE12 ] DptfDevProc     C:\Windows\system32\DRIVERS\DptfDevProc.sys
21:01:20.0057 6184  DptfDevProc - ok
21:01:20.0073 6184  [ 593BFE1580F26864AFA2B3CDF3EEF71F ] DptfManager     C:\Windows\system32\DRIVERS\DptfManager.sys
21:01:20.0073 6184  DptfManager - ok
21:01:20.0073 6184  [ 9C7C183F937951AE17C5B8B3259CF3FF ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:01:20.0088 6184  drmkaud - ok
21:01:20.0088 6184  [ BF48F32EE248C3D371DA5DC93BBEADA7 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
21:01:20.0104 6184  DsmSvc - ok
21:01:20.0119 6184  [ ED120AA770A78B5079F8C7BB5AF8A035 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:01:20.0166 6184  DXGKrnl - ok
21:01:20.0166 6184  [ 651FBD69A9713D623D456A240F96179C ] e1iexpress      C:\Windows\system32\DRIVERS\e1i63x64.sys
21:01:20.0182 6184  e1iexpress - ok
21:01:20.0198 6184  [ 58BA473DD88F5FC1932282BA683AA03E ] Eaphost         C:\Windows\System32\eapsvc.dll
21:01:20.0213 6184  Eaphost - ok
21:01:20.0244 6184  [ 5AB97B3282D7D6114949D1EB5C8598E4 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
21:01:20.0307 6184  ebdrv - ok
21:01:20.0307 6184  [ F702AB6181513303AB0FC8D59E52708B ] EFS             C:\Windows\System32\lsass.exe
21:01:20.0323 6184  EFS - ok
21:01:20.0323 6184  [ 66D60BD9A4C05616ABECA2A901475098 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
21:01:20.0338 6184  EhStorClass - ok
21:01:20.0338 6184  [ A61D0F543024E458C0FE32352E1978E2 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
21:01:20.0354 6184  EhStorTcgDrv - ok
21:01:20.0354 6184  [ D790D058D67582DB9C84C2D33695FE6B ] ErrDev          C:\Windows\System32\drivers\errdev.sys
21:01:20.0369 6184  ErrDev - ok
21:01:20.0385 6184  [ F9E01C2D9F8BC049E04CF5DC24A5F638 ] EventSystem     C:\Windows\system32\es.dll
21:01:20.0401 6184  EventSystem - ok
21:01:20.0401 6184  [ E67E289FA8AA393223AD7F9AFB738FD6 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
21:01:20.0416 6184  EvtEng - ok
21:01:20.0432 6184  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03 ] exfat           C:\Windows\system32\drivers\exfat.sys
21:01:20.0448 6184  exfat - ok
21:01:20.0448 6184  [ 60996602A7111FD2D086E803F33E4282 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:01:20.0463 6184  fastfat - ok
21:01:20.0463 6184  [ F0E7F8382ED5E138B0DFA4CB5058BCFE ] Fax             C:\Windows\system32\fxssvc.exe
21:01:20.0494 6184  Fax - ok
21:01:20.0494 6184  [ 73B2D11DF0B6E03A0CB0323218ACB3E4 ] fdc             C:\Windows\System32\drivers\fdc.sys
21:01:20.0494 6184  fdc - ok
21:01:20.0510 6184  [ 0828E3E7BD77C89149EAD3232BFD38DB ] fdPHost         C:\Windows\system32\fdPHost.dll
21:01:20.0526 6184  fdPHost - ok
21:01:20.0526 6184  [ 872506AAB591E8908DF4461475AF92DF ] FDResPub        C:\Windows\system32\fdrespub.dll
21:01:20.0541 6184  FDResPub - ok
21:01:20.0541 6184  [ 0588950D93A426F97C7AAADB1A9B0458 ] fhsvc           C:\Windows\system32\fhsvc.dll
21:01:20.0557 6184  fhsvc - ok
21:01:20.0573 6184  [ 88A9EBACD1058ABB237A6B4E96E7F397 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:01:20.0573 6184  FileInfo - ok
21:01:20.0573 6184  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:01:20.0588 6184  Filetrace - ok
21:01:20.0604 6184  [ B1D4C168FF7B8579E3745888658FFB1D ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
21:01:20.0604 6184  flpydisk - ok
21:01:20.0619 6184  [ B33EC133AE4E6C1881D2302D93D2467D ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:01:20.0635 6184  FltMgr - ok
21:01:20.0651 6184  [ 0BCDC0FF11B984162B0CF0FF6E9E0146 ] FontCache       C:\Windows\system32\FntCache.dll
21:01:20.0666 6184  FontCache - ok
21:01:20.0666 6184  [ 0B56259F5611787222A04A8F254E51D4 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:01:20.0682 6184  FontCache3.0.0.0 - ok
21:01:20.0682 6184  [ A5F7873A39E4E9FAAAE59B7E9E36B705 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:01:20.0698 6184  FsDepends - ok
21:01:20.0698 6184  [ A6DD7D491F587F4BC13FB972977DC8E8 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:01:20.0713 6184  Fs_Rec - ok
21:01:20.0713 6184  [ FA228F4BB10DC7ED7E7D131C034E2331 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:01:20.0729 6184  fvevol - ok
21:01:20.0729 6184  [ A969D92973DFA895E7776B4BFE36DBB2 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
21:01:20.0744 6184  FxPPM - ok
21:01:20.0744 6184  [ 52BC441E07A827EBAB70CDC7EAEDB28D ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
21:01:20.0760 6184  gagp30kx - ok
21:01:20.0760 6184  [ 721F8EEF5E9747F32670DEFF7FB92541 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
21:01:20.0776 6184  gencounter - ok
21:01:20.0776 6184  [ CA18ECFCFFDD638ECE80799A9056B238 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
21:01:20.0791 6184  GPIOClx0101 - ok
21:01:20.0807 6184  [ 5358678C6370F2ADC5291849F6503262 ] gpsvc           C:\Windows\System32\gpsvc.dll
21:01:20.0838 6184  gpsvc - ok
21:01:20.0838 6184  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:01:20.0838 6184  gupdate - ok
21:01:20.0854 6184  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:01:20.0854 6184  gupdatem - ok
21:01:20.0854 6184  [ C2504AA983B5D411F7D31402E8B57725 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:01:20.0869 6184  HdAudAddService - ok
21:01:20.0885 6184  [ 7D87B5B6C7188D553E11B59DC7F0B111 ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
21:01:20.0885 6184  HDAudBus - ok
21:01:20.0901 6184  [ 3F76BBA53D65E85A7F53E7A71082082C ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
21:01:20.0901 6184  HidBatt - ok
21:01:20.0916 6184  [ A25BAE8C1F2830C8E5625EC7E4E968BE ] HidBth          C:\Windows\System32\drivers\hidbth.sys
21:01:20.0932 6184  HidBth - ok
21:01:20.0932 6184  [ CC4A07E51D89575CAB6F4EB590D87CD4 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
21:01:20.0948 6184  hidi2c - ok
21:01:20.0948 6184  [ DC96F7DACB777CDEAEF9958A50BFDA06 ] HidIr           C:\Windows\System32\drivers\hidir.sys
21:01:20.0963 6184  HidIr - ok
21:01:20.0979 6184  [ FAC37D7B3D6354A5A5E19A45B50B4008 ] hidserv         C:\Windows\system32\hidserv.dll
21:01:20.0979 6184  hidserv - ok
21:01:20.0994 6184  [ A9F2301B8D28BB4D887F5AEBB55ACB3A ] HIDSwitch       C:\Windows\System32\drivers\AsHIDSwitch64.sys
21:01:20.0994 6184  HIDSwitch - ok
21:01:20.0994 6184  [ 590B6F71BCDA4368B4BF7D8DF22B60F7 ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
21:01:21.0010 6184  HidUsb - ok
21:01:21.0010 6184  [ 43F884B61A24377567CD0FEB35236334 ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:01:21.0026 6184  hkmsvc - ok
21:01:21.0041 6184  [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:01:21.0057 6184  HomeGroupListener - ok
21:01:21.0057 6184  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:01:21.0073 6184  HomeGroupProvider - ok
21:01:21.0088 6184  [ 930370725FA0FE272346583A7A7D6BDB ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
21:01:21.0088 6184  hpqcxs08 - ok
21:01:21.0104 6184  [ EE281DD6843F3F697C1AD7933EEB1E9B ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
21:01:21.0104 6184  hpqddsvc - ok
21:01:21.0104 6184  [ 64DB7A8D97CA53DCCF93D0A1E08342CF ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:01:21.0119 6184  HpSAMD - ok
21:01:21.0135 6184  [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC        C:\Users\KRIST_~1\AppData\Local\Temp\7zS71D5\hpslpsvc64.dll
21:01:21.0151 6184  HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
21:01:21.0151 6184  HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
21:01:21.0166 6184  [ 29CB98187BB5711F7759540976D295FC ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:01:21.0182 6184  HTTP - ok
21:01:21.0198 6184  [ 2A98301068801700906C06649860FE94 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:01:21.0198 6184  hwpolicy - ok
21:01:21.0198 6184  [ DC76901D82097C9E297F20C287CB9A27 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
21:01:21.0213 6184  hyperkbd - ok
21:01:21.0213 6184  [ 716413AB3CA12DE0A7222D28C1C9352C ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
21:01:21.0229 6184  HyperVideo - ok
21:01:21.0229 6184  [ C9E9CBF73AFFBFE3E801EFB516787BA3 ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
21:01:21.0244 6184  i8042prt - ok
21:01:21.0260 6184  [ 0FE66A51D81A25AACEAAE4C26308121D ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
21:01:21.0276 6184  iaStorA - ok
21:01:21.0276 6184  [ 5E394EBD26FD68AA9300332C46BEDD62 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:01:21.0291 6184  iaStorV - ok
21:01:21.0291 6184  [ 43E864824FCEBEE7119E1572B2703EB9 ] iBtFltCoex      C:\Windows\system32\DRIVERS\iBtFltCoex.sys
21:01:21.0307 6184  iBtFltCoex - ok
21:01:21.0385 6184  [ 11A31FC2481BFE69B0507ED8C80215F4 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
21:01:21.0494 6184  igfx - ok
21:01:21.0494 6184  [ 24847A06B84339FEEDE5CABF3D27D320 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
21:01:21.0494 6184  iirsp - ok
21:01:21.0510 6184  [ 531B5A98145DA689741A0AC18F14EA94 ] IKEEXT          C:\Windows\System32\ikeext.dll
21:01:21.0541 6184  IKEEXT - ok
21:01:21.0541 6184  [ FD2032D2EAE8D7F3381EBA5FA3E7FEEA ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
21:01:21.0557 6184  intaud_WaveExtensible - ok
21:01:21.0588 6184  [ DC052337C24A87AA1ACC8FCE4F2D5C7F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:01:21.0651 6184  IntcAzAudAddService - ok
21:01:21.0651 6184  [ F5495B38BFB9149925F54F65AB40EFBF ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
21:01:21.0666 6184  IntcDAud - ok
21:01:21.0666 6184  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
21:01:21.0682 6184  Intel(R) Capability Licensing Service Interface - ok
21:01:21.0698 6184  [ 9656F8E29F6C3161A3E99BCD3A472FF9 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
21:01:21.0698 6184  Intel(R) ME Service - ok
21:01:21.0698 6184  [ 4F37726CF764CA18A8A84F85EF3A7F24 ] intelide        C:\Windows\system32\drivers\intelide.sys
21:01:21.0713 6184  intelide - ok
21:01:21.0713 6184  [ E15CDF68DD73423F15D4AC404793AF0D ] intelppm        C:\Windows\System32\drivers\intelppm.sys
21:01:21.0729 6184  intelppm - ok
21:01:21.0729 6184  [ 8FCA66234A0933D796BB780B7953BAB9 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:01:21.0744 6184  IpFilterDriver - ok
21:01:21.0760 6184  [ C217B8D2E58C57A319B16125C3D4B69C ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:01:21.0776 6184  iphlpsvc - ok
21:01:21.0776 6184  [ 6E98A046A12AA113F8898AA5D612BD6E ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
21:01:21.0791 6184  IPMIDRV - ok
21:01:21.0791 6184  [ 3969B9C218DD3FAA9F4ED2FFC3651C02 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:01:21.0807 6184  IPNAT - ok
21:01:21.0823 6184  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:01:21.0823 6184  IRENUM - ok
21:01:21.0823 6184  [ 4D9B9A794F22415B8C3E0CCFBE61BC7A ] irstrtdv        C:\Windows\System32\drivers\irstrtdv.sys
21:01:21.0838 6184  irstrtdv - ok
21:01:21.0869 6184  [ E145E934392E7A49FDC6775AC3A347F8 ] irstrtsv        C:\Windows\SysWOW64\irstrtsv.exe
21:01:21.0869 6184  irstrtsv - ok
21:01:21.0885 6184  [ D940C5BB9DC92E588533C19ABCC3D2C2 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:01:21.0885 6184  isapnp - ok
21:01:21.0901 6184  [ 69C8BF0BC2B0EA10F130F4D3104DC2EF ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
21:01:21.0916 6184  iScsiPrt - ok
21:01:21.0916 6184  [ C59B9CE2855E667809F9E63C20FC44A5 ] iwdbus          C:\Windows\System32\drivers\iwdbus.sys
21:01:21.0916 6184  iwdbus - ok
21:01:21.0932 6184  [ 78ABBE558F57144047F10A0F50FE4B2F ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
21:01:21.0932 6184  jhi_service - ok
21:01:21.0932 6184  [ 8FBD94B69D6423E20ABCD59D86368B21 ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
21:01:21.0948 6184  kbdclass - ok
21:01:21.0948 6184  [ E88C932ABDF8185A62C8F2FC7B051FB6 ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
21:01:21.0963 6184  kbdhid - ok
21:01:21.0963 6184  [ A8080BEBCDB7A16495CE1205921DCAC5 ] kbfiltr         C:\Windows\System32\drivers\kbfiltr.sys
21:01:21.0979 6184  kbfiltr - ok
21:01:21.0979 6184  [ FB6C185092E18011EF49989425C2AA87 ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
21:01:21.0979 6184  kdnic - ok
21:01:21.0994 6184  [ F702AB6181513303AB0FC8D59E52708B ] KeyIso          C:\Windows\system32\lsass.exe
21:01:21.0994 6184  KeyIso - ok
21:01:22.0010 6184  [ DFA480F6DED551464F3A5B959F437800 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:01:22.0010 6184  KSecDD - ok
21:01:22.0026 6184  [ 127FB0AAD232BAAD2C9BBACD374F4FC5 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:01:22.0026 6184  KSecPkg - ok
21:01:22.0041 6184  [ 81492FEEBF2F26455B00EE8DBAE8A1B0 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
21:01:22.0041 6184  ksthunk - ok
21:01:22.0057 6184  [ 5825DBACEDC3812B5CF8D40B997BF210 ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:01:22.0073 6184  KtmRm - ok
21:01:22.0073 6184  [ 256EE31588257E8A555DBFAA13F1908E ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:01:22.0088 6184  LanmanServer - ok
21:01:22.0104 6184  [ 16650912BE5A94B40E0B3B4C39652B56 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:01:22.0119 6184  LanmanWorkstation - ok
21:01:22.0119 6184  [ CEEFD29FC551F289810B0B9381B321DC ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:01:22.0135 6184  lltdio - ok
21:01:22.0135 6184  [ BCF53485E0A94722CDE3C4A93CD8EB8C ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:01:22.0151 6184  lltdsvc - ok
21:01:22.0166 6184  [ 5A2F7F1CBC2E631A497DAD16164E06D2 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:01:22.0166 6184  lmhosts - ok
21:01:22.0182 6184  [ 2C24DC448DBE8DB9BE1441B824C57E79 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:01:22.0182 6184  LMS - ok
21:01:22.0198 6184  [ 022CDD12161B063D7852B1075BF3FFF2 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
21:01:22.0198 6184  LSI_SAS - ok
21:01:22.0213 6184  [ 07AD59D669B996F29F91817F0ECFA34F ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
21:01:22.0213 6184  LSI_SAS2 - ok
21:01:22.0213 6184  [ 216FB796AA4E252ACCE93B1BCB80B5EC ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
21:01:22.0229 6184  LSI_SCSI - ok
21:01:22.0229 6184  [ 5E80530AF37102488EE980B4A92AF99F ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
21:01:22.0244 6184  LSI_SSS - ok
21:01:22.0244 6184  [ A57BA284F5996FFD32DCDBC41A4657DB ] LSM             C:\Windows\System32\lsm.dll
21:01:22.0260 6184  LSM - ok
21:01:22.0276 6184  [ 2BDC5D711FA61307CE6190D47C956368 ] luafv           C:\Windows\system32\drivers\luafv.sys
21:01:22.0291 6184  luafv - ok
21:01:22.0291 6184  [ A0A527569856B9814E8920F52EBB67F5 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
21:01:22.0307 6184  LVRS64 - ok
21:01:22.0354 6184  [ 415E344294D1C0D04627B29146F68481 ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
21:01:22.0416 6184  LVUVC64 - ok
21:01:22.0432 6184  [ 9B0D829C3BE4E7472DB9DD2B79908E3C ] megasas         C:\Windows\system32\drivers\megasas.sys
21:01:22.0432 6184  megasas - ok
21:01:22.0432 6184  [ ECC3F54C7AFC318271C4F0B4606D8DB0 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
21:01:22.0448 6184  MegaSR - ok
21:01:22.0463 6184  [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64          C:\Windows\System32\drivers\HECIx64.sys
21:01:22.0463 6184  MEIx64 - ok
21:01:22.0463 6184  [ EEE908BE7143FCA48CF0CB87214E2AB8 ] MMCSS           C:\Windows\system32\mmcss.dll
21:01:22.0479 6184  MMCSS - ok
21:01:22.0479 6184  [ 780098AD5DA8A4822E2563984C85EF7B ] Modem           C:\Windows\system32\drivers\modem.sys
21:01:22.0495 6184  Modem - ok
21:01:22.0510 6184  [ 83EB0BF7E6EBD5B1AAC97F9DBD5EB935 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:01:22.0510 6184  monitor - ok
21:01:22.0510 6184  [ 618446B98C79776654340CE27C73485E ] mouclass        C:\Windows\System32\drivers\mouclass.sys
21:01:22.0526 6184  mouclass - ok
21:01:22.0526 6184  [ CB2527B8B87D83E56FBF3944BBB6F606 ] mouhid          C:\Windows\System32\drivers\mouhid.sys
21:01:22.0541 6184  mouhid - ok
21:01:22.0541 6184  [ 89D263DBF08119CE16273991C120D6DD ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:01:22.0557 6184  mountmgr - ok
21:01:22.0557 6184  [ 8121C6DD654970FEDDBC195596D9706E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:01:22.0573 6184  MozillaMaintenance - ok
21:01:22.0573 6184  [ 0D1609DD82C7440F5D5BF21A9D4D5C0C ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:01:22.0588 6184  mpsdrv - ok
21:01:22.0604 6184  [ 3031573A739DBEE8923851929D0AF423 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:01:22.0620 6184  MpsSvc - ok
21:01:22.0620 6184  [ 3D70147F55F1EC84EB9139ED7FFE48BC ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:01:22.0635 6184  MRxDAV - ok
21:01:22.0651 6184  [ 877D60D6E4156EC4A2E0B6871D41BED9 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:01:22.0651 6184  mrxsmb - ok
21:01:22.0666 6184  [ 06D5F2FA3C61E8EA91648EA8E9F99FD3 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:01:22.0682 6184  mrxsmb10 - ok
21:01:22.0682 6184  [ E078446D4B8622AA6030C7B8A1A08962 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:01:22.0698 6184  mrxsmb20 - ok
21:01:22.0698 6184  [ 98487487D6B3797CA927E9D7B030AE13 ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
21:01:22.0713 6184  MsBridge - ok
21:01:22.0713 6184  [ 4A07458EB4F17573BD39F22029A991C1 ] MSDTC           C:\Windows\System32\msdtc.exe
21:01:22.0729 6184  MSDTC - ok
21:01:22.0745 6184  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:01:22.0745 6184  Msfs - ok
21:01:22.0760 6184  [ C32A7A39B960A42BA9D4FBE47213CA03 ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
21:01:22.0760 6184  msgpiowin32 - ok
21:01:22.0760 6184  [ D3857A767B91A061B408CCAB02DA4F40 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:01:22.0776 6184  mshidkmdf - ok
21:01:22.0776 6184  [ 839B48910FB1E887635C48F3EC11A05E ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
21:01:22.0791 6184  mshidumdf - ok
21:01:22.0791 6184  [ 55C0DB741E3AB7463242B185B1C2997C ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:01:22.0807 6184  msisadrv - ok
21:01:22.0807 6184  [ 216C6B035A4BA5560E1255BD8E5BB89F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:01:22.0823 6184  MSiSCSI - ok
21:01:22.0823 6184  msiserver - ok
21:01:22.0823 6184  [ 509809566E49F4411055864EA8D437CD ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:01:22.0838 6184  MSKSSRV - ok
21:01:22.0838 6184  [ 63145201D6458E4958E572E7D6FC2604 ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
21:01:22.0854 6184  MsLldp - ok
21:01:22.0854 6184  [ 99D526E803DB6D7FF290FD98B6204641 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:01:22.0870 6184  MSPCLOCK - ok
21:01:22.0870 6184  [ 06FA77C3E2A491ADCD704C5E73006269 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:01:22.0885 6184  MSPQM - ok
21:01:22.0885 6184  [ E134EC4DE11CF78CB01432D180710D84 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:01:22.0916 6184  MsRPC - ok
21:01:22.0916 6184  [ B5AECF12F09DEE97C9FCAA5BA016CE1E ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
21:01:22.0916 6184  mssmbios - ok
21:01:22.0932 6184  [ 72D66A05E0F99F2528F6C6204FD22AA1 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:01:22.0932 6184  MSTEE - ok
21:01:22.0948 6184  [ 8AAAE399FC255FA105D4158CBA289001 ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
21:01:22.0948 6184  MTConfig - ok
21:01:22.0963 6184  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A ] Mup             C:\Windows\system32\Drivers\mup.sys
21:01:22.0963 6184  Mup - ok
21:01:22.0963 6184  [ 3A1E095277BBD406CEA8EA6B76950664 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
21:01:22.0979 6184  mvumis - ok
21:01:22.0995 6184  [ 431F065E2A99FC3C670BD20694117C8B ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
21:01:22.0995 6184  MyWiFiDHCPDNS - ok
21:01:23.0010 6184  [ 4B18840511D720BA118D3017E8165875 ] napagent        C:\Windows\system32\qagentRT.dll
21:01:23.0026 6184  napagent - ok
21:01:23.0026 6184  [ 43D7388A90A4C6EA346A4D6FF0377479 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:01:23.0041 6184  NativeWifiP - ok
21:01:23.0057 6184  [ 6A0C3996DA7DAE6D6939676D786EEEC4 ] NcaSvc          C:\Windows\System32\ncasvc.dll
21:01:23.0073 6184  NcaSvc - ok
21:01:23.0073 6184  [ C982FE4CC91DECE2259F494FCEB4030F ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
21:01:23.0088 6184  NcdAutoSetup - ok
21:01:23.0104 6184  [ 0F89AE618DBA5D8AB7A2DFCC375F4159 ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:01:23.0120 6184  NDIS - ok
21:01:23.0120 6184  [ 39C8A1D9D46F5E83A016BCAB72455284 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:01:23.0135 6184  NdisCap - ok
21:01:23.0151 6184  [ 762941932B7E4C588E48A577BA9D6440 ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
21:01:23.0166 6184  NdisImPlatform - ok
21:01:23.0166 6184  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:01:23.0166 6184  NdisTapi - ok
21:01:23.0182 6184  [ 79AB68BB3FFF974AD4F41FA559F4EC67 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:01:23.0182 6184  Ndisuio - ok
21:01:23.0198 6184  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:01:23.0213 6184  NdisWan - ok
21:01:23.0213 6184  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NDISWANLEGACY   C:\Windows\system32\DRIVERS\ndiswan.sys
21:01:23.0229 6184  NDISWANLEGACY - ok
21:01:23.0229 6184  [ CE6EBC0AD38CC6482D8FBB744FF15CE2 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:01:23.0245 6184  NDProxy - ok
21:01:23.0245 6184  [ D3F60A4345FCA9C1BE68AD7D0D6DE770 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
21:01:23.0260 6184  Ndu - ok
21:01:23.0260 6184  [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\System32\HPZinw12.dll
21:01:23.0276 6184  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
21:01:23.0276 6184  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
21:01:23.0276 6184  [ 7C203A76394F9AE68F69EEE5F9612C4A ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:01:23.0291 6184  NetBIOS - ok
21:01:23.0291 6184  [ 7CEC25C682D319D484630B3952C31A11 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:01:23.0307 6184  NetBT - ok
21:01:23.0323 6184  [ F702AB6181513303AB0FC8D59E52708B ] Netlogon        C:\Windows\system32\lsass.exe
21:01:23.0323 6184  Netlogon - ok
21:01:23.0338 6184  [ 89519D29CBEC2121CA65CC29C4D345E0 ] Netman          C:\Windows\System32\netman.dll
21:01:23.0354 6184  Netman - ok
21:01:23.0354 6184  [ C166E3CD90AB0781ECDF10EC765B083A ] netprofm        C:\Windows\System32\netprofmsvc.dll
21:01:23.0385 6184  netprofm - ok
21:01:23.0385 6184  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:01:23.0401 6184  NetTcpPortSharing - ok
21:01:23.0432 6184  [ 6C9793D9E1E26E74B6421B0791971F89 ] NETwNe64        C:\Windows\system32\DRIVERS\NETwew00.sys
21:01:23.0495 6184  NETwNe64 - ok
21:01:23.0573 6184  [ 57B9C04D673F236D41FAB03842C8640B ] NETwNs64        C:\Windows\system32\DRIVERS\NETwNs64.sys
21:01:23.0682 6184  NETwNs64 - ok
21:01:23.0682 6184  [ 12DD2800E4EEA37DC9AE256AD62423B4 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
21:01:23.0698 6184  nfrd960 - ok
21:01:23.0698 6184  [ 80ABCD4C2DE9FD832477303AE0CA3BE5 ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:01:23.0713 6184  NlaSvc - ok
21:01:23.0729 6184  [ 17E19A742FB30C002F8B43575451DBE1 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:01:23.0729 6184  Npfs - ok
21:01:23.0745 6184  [ 8ED299C30792544264E558BEA79F0947 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
21:01:23.0760 6184  npsvctrig - ok
21:01:23.0760 6184  [ 832B5FDF0B5577713FD7F2465FCD0ACE ] nsi             C:\Windows\system32\nsisvc.dll
21:01:23.0776 6184  nsi - ok
21:01:23.0776 6184  [ 689B3B1E95C70ABF7AFF29F9406EF1E0 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:01:23.0791 6184  nsiproxy - ok
21:01:23.0807 6184  [ 11D7A4A4A1DA60F394F53B413DCDF0DE ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:01:23.0854 6184  Ntfs - ok
21:01:23.0854 6184  [ 4163ADE07DB51843AE31F65B94F5398D ] Null            C:\Windows\system32\drivers\Null.sys
21:01:23.0870 6184  Null - ok
21:01:23.0870 6184  [ D6D34118263412D3AAA8348A9572B7F2 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:01:23.0885 6184  nvraid - ok
21:01:23.0885 6184  [ 27AFC428D1D32ABD04A86763A4EDDEA9 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:01:23.0901 6184  nvstor - ok
21:01:23.0901 6184  [ 051CFB5107BAAE510419BDC41F8C4036 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:01:23.0916 6184  nv_agp - ok
21:01:23.0932 6184  [ 9CF7E8EF673BB0B8BBF520AB1F0331E2 ] OfficeSvc       C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
21:01:23.0963 6184  OfficeSvc - ok
21:01:23.0979 6184  [ 11E0B35479C895888BA3D7F619DCFFF3 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:01:23.0979 6184  ose64 - ok
21:01:23.0995 6184  [ AB76700D764A342D7475FB8F47CAB18C ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:01:24.0010 6184  p2pimsvc - ok
21:01:24.0010 6184  [ 4319FD931DCD796435ECB5DB4A04FBA5 ] p2psvc          C:\Windows\system32\p2psvc.dll
21:01:24.0041 6184  p2psvc - ok
21:01:24.0041 6184  [ 4563DAF8C6A740AD7F501E219BD10766 ] Parport         C:\Windows\System32\drivers\parport.sys
21:01:24.0057 6184  Parport - ok
21:01:24.0057 6184  [ D6ACCF9F2EEEEA711C14EFD976E573F3 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:01:24.0057 6184  partmgr - ok
21:01:24.0073 6184  [ 4811D9EC53649105A5A8BEA661B0F936 ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:01:24.0088 6184  PcaSvc - ok
21:01:24.0088 6184  [ 4A003E8F718C1E6A2050CA98CD53E3E2 ] pci             C:\Windows\system32\drivers\pci.sys
21:01:24.0104 6184  pci - ok
21:01:24.0104 6184  [ F9908D274D458220F91E89B54D78D837 ] pciide          C:\Windows\system32\drivers\pciide.sys
21:01:24.0120 6184  pciide - ok
21:01:24.0120 6184  [ 84D19CB6102627932DCB5DFDF89FE269 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
21:01:24.0135 6184  pcmcia - ok
21:01:24.0135 6184  [ CEBBAD5391C2644560C55628A40BFD27 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:01:24.0151 6184  pcw - ok
21:01:24.0151 6184  [ EF9B4F3136B4C45F421ADE6871659FB6 ] pdc             C:\Windows\system32\drivers\pdc.sys
21:01:24.0166 6184  pdc - ok
21:01:24.0166 6184  [ 70DBB6A8B52B3830922F1C5789E1BEEB ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:01:24.0198 6184  PEAUTH - ok
21:01:24.0229 6184  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A ] PerfHost        C:\Windows\SysWow64\perfhost.exe
21:01:24.0245 6184  PerfHost - ok
21:01:24.0260 6184  [ 6E84BFF58F7643499277F29DFA2F8C8D ] pla             C:\Windows\system32\pla.dll
21:01:24.0291 6184  pla - ok
21:01:24.0291 6184  [ 799BE46D45D486704CE0F37CA5385262 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:01:24.0307 6184  PlugPlay - ok
21:01:24.0323 6184  [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\System32\HPZipm12.dll
21:01:24.0323 6184  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
21:01:24.0323 6184  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
21:01:24.0323 6184  [ 8E2414E818C26C4A9C70CB2B8567F04F ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:01:24.0338 6184  PNRPAutoReg - ok
21:01:24.0338 6184  [ AB76700D764A342D7475FB8F47CAB18C ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:01:24.0354 6184  PNRPsvc - ok
21:01:24.0370 6184  [ 0108C8E5176D590F242701EF5A62CC26 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:01:24.0385 6184  PolicyAgent - ok
21:01:24.0401 6184  [ F1E067F56373F11EA4B785CAE823740A ] Power           C:\Windows\system32\umpo.dll
21:01:24.0401 6184  Power - ok
21:01:24.0416 6184  [ 362D47E5B4D67270DE4B8606036F4ADD ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:01:24.0432 6184  PptpMiniport - ok
21:01:24.0448 6184  [ C2D3B3D0060619D5E03E696BD56FF59F ] PrintNotify     C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
21:01:24.0495 6184  PrintNotify - ok
21:01:24.0495 6184  [ DD979EB6A7212F60E4AFBE96EDC7AE6D ] Processor       C:\Windows\System32\drivers\processr.sys
21:01:24.0510 6184  Processor - ok
21:01:24.0510 6184  [ 429E8502AD2227CF88F8840FC5BD590D ] ProfSvc         C:\Windows\system32\profsvc.dll
21:01:24.0526 6184  ProfSvc - ok
21:01:24.0541 6184  [ EB8034147D4820CD31BFCB11A2A652DF ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:01:24.0541 6184  Psched - ok
21:01:24.0557 6184  [ 0AFBF333B6F87A2F598EAB379AF100B8 ] QWAVE           C:\Windows\system32\qwave.dll
21:01:24.0573 6184  QWAVE - ok
21:01:24.0573 6184  [ 13D47BB0CCA2FC51BD15F8E85C6A078E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:01:24.0588 6184  QWAVEdrv - ok
21:01:24.0588 6184  [ 873C60F8178100557740A832FCE10B5F ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:01:24.0604 6184  RasAcd - ok
21:01:24.0604 6184  [ 69B93F623B130976243ECA3D84CC99CA ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
21:01:24.0620 6184  RasAgileVpn - ok
21:01:24.0620 6184  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0 ] RasAuto         C:\Windows\System32\rasauto.dll
21:01:24.0651 6184  RasAuto - ok
21:01:24.0651 6184  [ A14D625C5AEE5FFE0F47D1A1D419FAAE ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:01:24.0666 6184  Rasl2tp - ok
21:01:24.0666 6184  [ C923C785A2DE0B396AD6D13ACAFF2DE9 ] RasMan          C:\Windows\System32\rasmans.dll
21:01:24.0698 6184  RasMan - ok
21:01:24.0698 6184  [ 00695B9C2DB6111064499C529E90C042 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:01:24.0713 6184  RasPppoe - ok
21:01:24.0713 6184  [ A7F24D8CD1956B0A1FDCB86CC5114DE4 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:01:24.0729 6184  RasSstp - ok
21:01:24.0729 6184  [ B72C33DBD5326B3864CF2091AF8B906B ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:01:24.0745 6184  rdbss - ok
21:01:24.0760 6184  [ CA7DF5EC95D8DE0DD24BE7FF97369F68 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
21:01:24.0760 6184  rdpbus - ok
21:01:24.0760 6184  [ B2A3AD74FF2E2FFA73AF2567108231B3 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
21:01:24.0776 6184  RDPDR - ok
21:01:24.0792 6184  [ 57F4787E4602A3FCA719C0A33137C6DA ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:01:24.0792 6184  RdpVideoMiniport - ok
21:01:24.0807 6184  [ B3CB0721E81E30419CE7D837EF4EA151 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:01:24.0823 6184  RDPWD - ok
21:01:24.0823 6184  [ 62C1F8A0685FE07E998AA296C4F697C4 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:01:24.0838 6184  rdyboost - ok
21:01:24.0838 6184  [ D4F8266D63800FF9ACFAC838005A974C ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
21:01:24.0854 6184  RegSrvc - ok
21:01:24.0854 6184  [ 3663CCF243EE0C04E9F6F91ED1737273 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:01:24.0870 6184  RemoteAccess - ok
21:01:24.0870 6184  [ E80DD61E52EDFFF9DA1ED7260A68855B ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:01:24.0901 6184  RemoteRegistry - ok
21:01:24.0901 6184  [ 17EF582CBC4809F96B9E6D0543480763 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
21:01:24.0917 6184  RFCOMM - ok
21:01:24.0932 6184  [ 73F2E030B5C24E4E41401B5F0D59E6FD ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:01:24.0948 6184  RpcEptMapper - ok
21:01:24.0948 6184  [ 10B21284B3D964AB3DC45490E57D422E ] RpcLocator      C:\Windows\system32\locator.exe
21:01:24.0963 6184  RpcLocator - ok
21:01:24.0963 6184  [ 1EC6E533C954BDDF2A37E7851A7E58FD ] RpcSs           C:\Windows\system32\rpcss.dll
21:01:24.0995 6184  RpcSs - ok
21:01:24.0995 6184  [ E04E770DD198B9399640717145E79EBF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:01:25.0010 6184  rspndr - ok
21:01:25.0010 6184  [ 8EB6DCEB7473C232D8BC9A886E3183AC ] RSUSBVSTOR      C:\Windows\System32\Drivers\RtsUVStor.sys
21:01:25.0026 6184  RSUSBVSTOR - ok
21:01:25.0026 6184  [ 15923AA360F7675D3D43C9669316A0BA ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys
21:01:25.0042 6184  RTL8168 - ok
21:01:25.0057 6184  [ 752EC7DCD2F96871A3857EEE6AFE965A ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
21:01:25.0057 6184  s3cap - ok
21:01:25.0073 6184  [ F702AB6181513303AB0FC8D59E52708B ] SamSs           C:\Windows\system32\lsass.exe
21:01:25.0073 6184  SamSs - ok
21:01:25.0088 6184  [ 9C7B28CE0D136DB226E24DB3BC817F92 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:01:25.0088 6184  sbp2port - ok
21:01:25.0104 6184  [ 14316954FCE79C9DE5A0AFF9D42C83AA ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:01:25.0120 6184  SCardSvr - ok
21:01:25.0120 6184  [ 5D7733A12756B267FCA021672B26BC9E ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:01:25.0135 6184  scfilter - ok
21:01:25.0151 6184  [ EDCDF4DB82EF825B94B190D544C8C58B ] Schedule        C:\Windows\system32\schedsvc.dll
21:01:25.0182 6184  Schedule - ok
21:01:25.0182 6184  [ BAF8F0F55BC300E5F882E521F054E345 ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:01:25.0198 6184  SCPolicySvc - ok
21:01:25.0198 6184  [ 12F06525912BBEF67837DE47D87C60A9 ] sdbus           C:\Windows\System32\drivers\sdbus.sys
21:01:25.0213 6184  sdbus - ok
21:01:25.0213 6184  [ 92968277ED491E4B3DDA361E3952361E ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:01:25.0229 6184  SDRSVC - ok
21:01:25.0229 6184  [ BB107AA9980B0DA4E19A3A90C3BD4460 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
21:01:25.0245 6184  sdstor - ok
21:01:25.0245 6184  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:01:25.0260 6184  secdrv - ok
21:01:25.0260 6184  [ CD282626738B6BC92B6E7CD0AAE95B63 ] seclogon        C:\Windows\system32\seclogon.dll
21:01:25.0276 6184  seclogon - ok
21:01:25.0292 6184  [ 9C51620998F0763039DFA6BF68E475ED ] SENS            C:\Windows\System32\sens.dll
21:01:25.0307 6184  SENS - ok
21:01:25.0307 6184  [ DDA4CAF29D8C0A297F886BFE561E6659 ] SensorsAlsDriver C:\Windows\system32\DRIVERS\WUDFRd.sys
21:01:25.0323 6184  SensorsAlsDriver - ok
21:01:25.0323 6184  [ 0D50B4B860DAB65241628D04CD33ACAE ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:01:25.0338 6184  SensrSvc - ok
21:01:25.0354 6184  [ 87C46B239A7EEF30FDFDD5E9BD46130C ] SerCx           C:\Windows\system32\drivers\SerCx.sys
21:01:25.0354 6184  SerCx - ok
21:01:25.0370 6184  [ 7A1F9347C85FD55E39B8A76B3A25C5AD ] Serenum         C:\Windows\System32\drivers\serenum.sys
21:01:25.0370 6184  Serenum - ok
21:01:25.0385 6184  [ F640A0A218BBF857F1D04A15D7D939F6 ] Serial          C:\Windows\System32\drivers\serial.sys
21:01:25.0385 6184  Serial - ok
21:01:25.0401 6184  [ F1A5F56B2620B862CC28FF96A0A6DAAB ] sermouse        C:\Windows\System32\drivers\sermouse.sys
21:01:25.0401 6184  sermouse - ok
21:01:25.0417 6184  [ CB60A60340788C8D6DE2A269D28086AB ] SessionEnv      C:\Windows\system32\sessenv.dll
21:01:25.0432 6184  SessionEnv - ok
21:01:25.0432 6184  [ 7EE65419B29302C795714FF8073969A1 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
21:01:25.0448 6184  sfloppy - ok
21:01:25.0463 6184  [ 090AE16F79C8EAD04E6031F863DA85F3 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:01:25.0479 6184  SharedAccess - ok
21:01:25.0479 6184  [ A77F3ABE13FCC698511E5DEC7ACEBD5F ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:01:25.0510 6184  ShellHWDetection - ok
21:01:25.0510 6184  [ 2560721D6F16D5B611C36A3A9D28C1B2 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
21:01:25.0526 6184  SiSRaid2 - ok
21:01:25.0526 6184  [ 3AA8FDE1DBF65BB8B88B053529554A0D ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
21:01:25.0542 6184  SiSRaid4 - ok
21:01:25.0542 6184  [ E660156A4588A84305CB772FD2C0DB21 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:01:25.0557 6184  SNMPTRAP - ok
21:01:25.0573 6184  [ 465F3C355CE5ED2779B8F460F14C5A78 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
21:01:25.0573 6184  spaceport - ok
21:01:25.0588 6184  [ 3D8679C8DF52EB26EB7583A4E0A29202 ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
21:01:25.0588 6184  SpbCx - ok
21:01:25.0620 6184  [ 12583AF6CBE0050651EAF2723B3AD7B3 ] speedfan        C:\Windows\syswow64\speedfan.sys
21:01:25.0635 6184  speedfan - ok
21:01:25.0635 6184  [ 3F215BF2D4D8D6756298B25B579772C2 ] Spooler         C:\Windows\System32\spoolsv.exe
21:01:25.0667 6184  Spooler - ok
21:01:25.0713 6184  [ EC84D961501054F87A6878EC5D53388F ] sppsvc          C:\Windows\system32\sppsvc.exe
21:01:25.0776 6184  sppsvc - ok
21:01:25.0776 6184  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6 ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:01:25.0792 6184  srv - ok
21:01:25.0807 6184  [ C2106BB710AA34A046126AED7BCA6964 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:01:25.0823 6184  srv2 - ok
21:01:25.0823 6184  [ 9400C71F5A1A380B494B6922F007D485 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:01:25.0838 6184  srvnet - ok
21:01:25.0854 6184  [ 7A20882D76D4A78240A5AC9F2C2EBA21 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:01:25.0870 6184  SSDPSRV - ok
21:01:25.0870 6184  [ D233B16999A8E626F6004BD7814C57EC ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:01:25.0885 6184  SstpSvc - ok
21:01:25.0901 6184  [ 4E85355B94CFCB67C135F6521A4895A7 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
21:01:25.0901 6184  stexstor - ok
21:01:25.0901 6184  [ F38F79114380246B6D40CD53FB2CA28D ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
21:01:25.0917 6184  StillCam - ok
21:01:25.0932 6184  [ BAC8A721736AECC55A4F71523AEAB65F ] stisvc          C:\Windows\System32\wiaservc.dll
21:01:25.0948 6184  stisvc - ok
21:01:25.0948 6184  [ C588BBD37B432CE3204E5765B459E6B2 ] storahci        C:\Windows\system32\drivers\storahci.sys
21:01:25.0963 6184  storahci - ok
21:01:25.0963 6184  [ F74DBC95A57B1EE866D3732EB5F79BE2 ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
21:01:25.0979 6184  storflt - ok
21:01:25.0979 6184  [ 5337E138B49ED1F44CCBA4073BC35C20 ] StorSvc         C:\Windows\system32\storsvc.dll
21:01:25.0995 6184  StorSvc - ok
21:01:25.0995 6184  [ 543CD3CC0E05B8D8815E0D4F040B6F59 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
21:01:26.0010 6184  storvsc - ok
21:01:26.0010 6184  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A ] svsvc           C:\Windows\system32\svsvc.dll
21:01:26.0026 6184  svsvc - ok
21:01:26.0026 6184  [ 4AFD66AAE74FFB5986BC240744DC5FC9 ] swenum          C:\Windows\System32\drivers\swenum.sys
21:01:26.0042 6184  swenum - ok
21:01:26.0042 6184  [ 502F9488540051F3E6C39889ECFA76BB ] swprv           C:\Windows\System32\swprv.dll
21:01:26.0073 6184  swprv - ok
21:01:26.0088 6184  [ DC21E1F06343773D7E24362DCEF7944B ] SysMain         C:\Windows\system32\sysmain.dll
21:01:26.0120 6184  SysMain - ok
21:01:26.0120 6184  [ E219BF7BCCFE4881B0C053C7E0B47ECC ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
21:01:26.0135 6184  SystemEventsBroker - ok
21:01:26.0135 6184  [ A6C06C45C44AD06C70AF8899AEC15BDC ] TabletInputService C:\Windows\System32\TabSvc.dll
21:01:26.0151 6184  TabletInputService - ok
21:01:26.0167 6184  [ 88B7721AB551C4325036B25A34A2BF7B ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:01:26.0182 6184  TapiSrv - ok
21:01:26.0198 6184  [ D192288CE5FB395F0BBAFDD1A8B5285D ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:01:26.0245 6184  Tcpip - ok
21:01:26.0276 6184  [ D192288CE5FB395F0BBAFDD1A8B5285D ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:01:26.0307 6184  TCPIP6 - ok
21:01:26.0323 6184  [ 8F2A13A5DF99D72FDDE87F502A66F989 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:01:26.0323 6184  tcpipreg - ok
21:01:26.0338 6184  [ 73DC722CE5DF26D7638CE2446F2655C7 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:01:26.0354 6184  tdx - ok
21:01:26.0385 6184  [ 9F3E7CABE86BBDECA009DE291DB6D9E2 ] TeamViewer8     C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
21:01:26.0432 6184  TeamViewer8 - ok
21:01:26.0432 6184  [ F7C8AB5D8AFFAA318D6A21093D139BF4 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
21:01:26.0432 6184  terminpt - ok
21:01:26.0448 6184  [ 541EE228D0DEF392F7B2DFD885DD021B ] TermService     C:\Windows\System32\termsrv.dll
21:01:26.0479 6184  TermService - ok
21:01:26.0479 6184  [ 519A6F672FFF56B7D8EE8C730CEC8ECD ] Themes          C:\Windows\system32\themeservice.dll
21:01:26.0495 6184  Themes - ok
21:01:26.0495 6184  [ EEE908BE7143FCA48CF0CB87214E2AB8 ] THREADORDER     C:\Windows\system32\mmcss.dll
21:01:26.0510 6184  THREADORDER - ok
21:01:26.0510 6184  [ FF4135424A79DCC2998276D8E39C9B4D ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
21:01:26.0526 6184  TimeBroker - ok
21:01:26.0542 6184  [ B44EFE254C0B3719E4037088D24FE4B5 ] TPM             C:\Windows\system32\drivers\tpm.sys
21:01:26.0542 6184  TPM - ok
21:01:26.0557 6184  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA ] TrkWks          C:\Windows\System32\trkwks.dll
21:01:26.0573 6184  TrkWks - ok
21:01:26.0573 6184  [ 8D516AEF3C1DF980664CF17BB1FF6093 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:01:26.0588 6184  TrustedInstaller - ok
21:01:26.0588 6184  [ 4E7C5FB10A50435523DE0CAA37DE2BD3 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:01:26.0604 6184  TsUsbFlt - ok
21:01:26.0604 6184  [ 16D684A820872EE54F6370703AC0B513 ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
21:01:26.0620 6184  TsUsbGD - ok
21:01:26.0620 6184  [ 78C9EE193AC2B4CBDBC48B620314D740 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:01:26.0635 6184  tunnel - ok
21:01:26.0635 6184  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A ] uagp35          C:\Windows\system32\drivers\uagp35.sys
21:01:26.0651 6184  uagp35 - ok
21:01:26.0651 6184  [ 6FD6D03B7752C78712E5CFF29A305026 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
21:01:26.0667 6184  UASPStor - ok
21:01:26.0667 6184  [ 1ED222DFE6C13DA50FE081ABF90CAFE1 ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
21:01:26.0682 6184  UCX01000 - ok
21:01:26.0682 6184  [ DC5A461591C71AF7F19DC048A81E3F88 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:01:26.0698 6184  udfs - ok
21:01:26.0713 6184  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:01:26.0729 6184  UI0Detect - ok
21:01:26.0729 6184  [ 07FEBCDF24FABA0D47B635D85A0FFB7A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:01:26.0745 6184  uliagpkx - ok
21:01:26.0745 6184  [ 02CEB3FE6152668A7BA420B93B664860 ] umbus           C:\Windows\System32\drivers\umbus.sys
21:01:26.0760 6184  umbus - ok
21:01:26.0760 6184  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09 ] UmPass          C:\Windows\System32\drivers\umpass.sys
21:01:26.0776 6184  UmPass - ok
21:01:26.0776 6184  [ 43FEFB040A0CC30F795FBF544169594D ] UmRdpService    C:\Windows\System32\umrdp.dll
21:01:26.0792 6184  UmRdpService - ok
21:01:26.0792 6184  [ E1A119AD21F5AFE22EB516C549306D3D ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
21:01:26.0807 6184  UNS - ok
21:01:26.0823 6184  [ 14D22C411854AA2560AFC94CD2D5E61F ] upnphost        C:\Windows\System32\upnphost.dll
21:01:26.0838 6184  upnphost - ok
21:01:26.0838 6184  [ 30F02F642C2D141CAABD412B48A29D76 ] usb3Hub         C:\Windows\System32\drivers\usb3Hub.sys
21:01:26.0854 6184  usb3Hub - ok
21:01:26.0854 6184  [ 3FBE0784E42E7BA93FCC5201D2BAFE23 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
21:01:26.0870 6184  usbaudio - ok
21:01:26.0885 6184  [ 2AF9F0E16D75B8F783A1ACE74EF51C9B ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
21:01:26.0885 6184  usbccgp - ok
21:01:26.0901 6184  [ B395B62B62F28106218FA6FB17F4C797 ] usbcir          C:\Windows\System32\drivers\usbcir.sys
21:01:26.0917 6184  usbcir - ok
21:01:26.0917 6184  [ 52F267AEE8CA5AA5CEB88C6A71EE1E86 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
21:01:26.0932 6184  usbehci - ok
21:01:26.0932 6184  [ FBB6794E3BBAD92D66D59D206C1F849F ] usbhub          C:\Windows\System32\drivers\usbhub.sys
21:01:26.0963 6184  usbhub - ok
21:01:26.0963 6184  [ B7A948501424805571BF562BB0BFE31D ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
21:01:26.0979 6184  USBHUB3 - ok
21:01:26.0979 6184  [ 325F6179009B5A7F6118951A5BA422AB ] usbohci         C:\Windows\System32\drivers\usbohci.sys
21:01:26.0995 6184  usbohci - ok
21:01:26.0995 6184  [ BA3ABE0CD1C14B3295BAD0F076B84CAC ] usbprint        C:\Windows\System32\drivers\usbprint.sys
21:01:27.0010 6184  usbprint - ok
21:01:27.0010 6184  [ F77177F6C95B2116EE7AD23B5EF57007 ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
21:01:27.0026 6184  USBSTOR - ok
21:01:27.0026 6184  [ D25EF4A6EC244C5DE85D88A05B7C149D ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
21:01:27.0042 6184  usbuhci - ok
21:01:27.0042 6184  [ 09799E701B4327097E9F63D3FE221083 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
21:01:27.0057 6184  usbvideo - ok
21:01:27.0073 6184  [ 9CD4259AD15F84DE27B94A956C978D6C ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
21:01:27.0088 6184  USBXHCI - ok
21:01:27.0088 6184  [ F702AB6181513303AB0FC8D59E52708B ] VaultSvc        C:\Windows\system32\lsass.exe
21:01:27.0104 6184  VaultSvc - ok
21:01:27.0104 6184  [ BACECBFF9C97F7627A60B0E0F1FE7EE8 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:01:27.0104 6184  vdrvroot - ok
21:01:27.0120 6184  [ 8A8CDA9E3CF2E0B4C6CC19FBC6FB9A71 ] vds             C:\Windows\System32\vds.exe
21:01:27.0135 6184  vds - ok
21:01:27.0151 6184  [ 74FA2D4368DE6F6CE14393EDF1F342BE ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
21:01:27.0151 6184  VerifierExt - ok
21:01:27.0167 6184  [ 8628FA679F0EC4B709CCD1F6B6A3233B ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
21:01:27.0182 6184  vhdmp - ok
21:01:27.0182 6184  [ F5B4A14B00E89250C50982AC762DDD1D ] viaide          C:\Windows\system32\drivers\viaide.sys
21:01:27.0198 6184  viaide - ok
21:01:27.0198 6184  [ 78DB50F7329F6D1311658DABFFFC8BE0 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
21:01:27.0214 6184  vmbus - ok
21:01:27.0214 6184  [ ECFEE2F2BA3932C7880D1A8F67D68F91 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
21:01:27.0229 6184  VMBusHID - ok
21:01:27.0229 6184  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
21:01:27.0245 6184  vmicheartbeat - ok
21:01:27.0245 6184  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
21:01:27.0260 6184  vmickvpexchange - ok
21:01:27.0276 6184  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicrdv         C:\Windows\System32\ICSvc.dll
21:01:27.0276 6184  vmicrdv - ok
21:01:27.0292 6184  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicshutdown    C:\Windows\System32\ICSvc.dll
21:01:27.0307 6184  vmicshutdown - ok
21:01:27.0307 6184  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmictimesync    C:\Windows\System32\ICSvc.dll
21:01:27.0323 6184  vmictimesync - ok
21:01:27.0323 6184  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicvss         C:\Windows\System32\ICSvc.dll
21:01:27.0339 6184  vmicvss - ok
21:01:27.0339 6184  [ CB60FAAED8B49B812EBBF77EB87D9B18 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:01:27.0354 6184  volmgr - ok
21:01:27.0354 6184  [ A74101DA9809251BCD0E5A26BAE0F824 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:01:27.0370 6184  volmgrx - ok
21:01:27.0385 6184  [ 2FB3CDFD5EAF4CD9D4AFAF96877D13AE ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:01:27.0401 6184  volsnap - ok
21:01:27.0401 6184  [ A8DA1C1B52ECEA3726DEBED4FF1B700D ] vpci            C:\Windows\System32\drivers\vpci.sys
21:01:27.0417 6184  vpci - ok
21:01:27.0417 6184  [ 38A60CD9C009C55C6D3B5586F8E6A353 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
21:01:27.0432 6184  vsmraid - ok
21:01:27.0448 6184  [ EA658570314042C914964FC72AB50E6B ] VSS             C:\Windows\system32\vssvc.exe
21:01:27.0479 6184  VSS - ok
21:01:27.0479 6184  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
21:01:27.0495 6184  VSTXRAID - ok
21:01:27.0495 6184  [ 62460A45435A26A334907E3F2EA45611 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
21:01:27.0510 6184  vwifibus - ok
21:01:27.0510 6184  [ 095E943D27025E4D588AF0A72CC2318F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
21:01:27.0526 6184  vwififlt - ok
21:01:27.0526 6184  [ 73FA1A41A97A5C34ADC03B3577FF1A86 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
21:01:27.0542 6184  vwifimp - ok
21:01:27.0557 6184  [ F690B6EEAA94576727B24376D7ED3601 ] W32Time         C:\Windows\system32\w32time.dll
21:01:27.0573 6184  W32Time - ok
21:01:27.0573 6184  [ 6B806E893714019969E2B50D7EF6A4D9 ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
21:01:27.0589 6184  WacomPen - ok
21:01:27.0589 6184  [ 6081CEC9EF9EB145D8B46655C7708D51 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
21:01:27.0604 6184  Wanarp - ok
21:01:27.0604 6184  [ 6081CEC9EF9EB145D8B46655C7708D51 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:01:27.0620 6184  Wanarpv6 - ok
21:01:27.0635 6184  [ 42DF22F8C448E7CD219F6D63743505E2 ] wbengine        C:\Windows\system32\wbengine.exe
21:01:27.0667 6184  wbengine - ok
21:01:27.0667 6184  [ 31D37B2F6069C631EF0557D322924812 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:01:27.0682 6184  WbioSrvc - ok
21:01:27.0698 6184  [ D9C1E82651BF19C6FF69CEC6FD400124 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
21:01:27.0714 6184  Wcmsvc - ok
21:01:27.0714 6184  [ 5B5FEAB51172F5513C2CF7B39CFA6A01 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:01:27.0729 6184  wcncsvc - ok
21:01:27.0745 6184  [ E19556D414332E2BEBA1F368229006B4 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:01:27.0760 6184  WcsPlugInService - ok
21:01:27.0760 6184  [ B3A4D918DAB90505B6BC7B70632913CB ] Wd              C:\Windows\system32\drivers\wd.sys
21:01:27.0760 6184  Wd - ok
21:01:27.0776 6184  [ 260F8DFC4D5748F4CCB9B19CFB0E58EA ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
21:01:27.0776 6184  WdBoot - ok
21:01:27.0792 6184  [ 2ADC985B85A71BD7D99712EC0C24358B ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:01:27.0807 6184  Wdf01000 - ok
21:01:27.0807 6184  [ 880FFFC4D5BBBB4187B6B04AB2E8C32A ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
21:01:27.0823 6184  WdFilter - ok
21:01:27.0839 6184  [ 240FC332484572227CD1DF82407F33E5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:01:27.0854 6184  WdiServiceHost - ok
21:01:27.0854 6184  [ 240FC332484572227CD1DF82407F33E5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:01:27.0870 6184  WdiSystemHost - ok
21:01:27.0885 6184  [ F2002DA5E6B78C15B2CD48CFF8F0FBB6 ] WebClient       C:\Windows\System32\webclnt.dll
21:01:27.0901 6184  WebClient - ok
21:01:27.0901 6184  [ 35FD720943D4FCD75C3275BF062FF140 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:01:27.0917 6184  Wecsvc - ok
21:01:27.0932 6184  [ 4D2612E3C462B68F499D840B1133263E ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:01:27.0948 6184  wercplsupport - ok
21:01:27.0948 6184  [ 8E2426162ED6749A127B35D235F21E11 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:01:27.0979 6184  WerSvc - ok
21:01:27.0979 6184  [ FE762D3498719C3A23471BBA62F747B4 ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
21:01:27.0995 6184  WFPLWFS - ok
21:01:27.0995 6184  [ 60E0C220593DA4F7C289CB909D2DBAE0 ] WiaRpc          C:\Windows\System32\wiarpc.dll
21:01:28.0010 6184  WiaRpc - ok
21:01:28.0010 6184  [ A3C7624A42A3447EF5EDD1ED37FE4E60 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:01:28.0026 6184  WIMMount - ok
21:01:28.0026 6184  WinDefend - ok
21:01:28.0042 6184  [ 7911470B6018059A880469A63B65700A ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
21:01:28.0057 6184  WinHttpAutoProxySvc - ok
21:01:28.0073 6184  [ 3D6B518B71C75C8FA4115A33615C107A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:01:28.0089 6184  Winmgmt - ok
21:01:28.0104 6184  WinRing0_1_2_0 - ok
21:01:28.0120 6184  [ 8E212A627F33F6FC3B5F3BB47212F66E ] WinRM           C:\Windows\system32\WsmSvc.dll
21:01:28.0167 6184  WinRM - ok
21:01:28.0182 6184  [ BB20956C424531003F7FA6CD36F11D5D ] WinUsb          C:\Windows\system32\DRIVERS\WinUSB.sys
21:01:28.0198 6184  WinUsb - ok
21:01:28.0214 6184  [ 6351724B8FA0255C2DBD970297F00B93 ] WlanSvc         C:\Windows\System32\wlansvc.dll
21:01:28.0245 6184  WlanSvc - ok
21:01:28.0260 6184  [ B330CE47FB74A6BE9A3FFFF4B3F64D9B ] wlidsvc         C:\Windows\system32\wlidsvc.dll
21:01:28.0292 6184  wlidsvc - ok
21:01:28.0307 6184  [ E2A596CACFC6504306CDB7B593B90084 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
21:01:28.0307 6184  WmiAcpi - ok
21:01:28.0323 6184  [ D113499052C5E541906B727779F0F959 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:01:28.0339 6184  wmiApSrv - ok
21:01:28.0339 6184  WMPNetworkSvc - ok
21:01:28.0339 6184  [ C6FF953D5D6F2EAE3B8883474D5076B3 ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
21:01:28.0354 6184  wpcfltr - ok
21:01:28.0354 6184  [ A6ED163169876BFD2437E872FE2F1509 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:01:28.0370 6184  WPCSvc - ok
21:01:28.0370 6184  [ 94AA5150E35B3ABB7191FE641E3C2473 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:01:28.0385 6184  WPDBusEnum - ok
21:01:28.0385 6184  [ 0346CAFC181C91C6E2330332EB332ED6 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
21:01:28.0401 6184  WpdUpFltr - ok
21:01:28.0401 6184  [ BC8B5CB336E63BB25EAD1CE8EDD34B81 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:01:28.0417 6184  ws2ifsl - ok
21:01:28.0417 6184  [ FB0C1B7F94FA08E72F19F6F2CE7210E1 ] wscsvc          C:\Windows\System32\wscsvc.dll
21:01:28.0432 6184  wscsvc - ok
21:01:28.0448 6184  [ 74EFDA0526862C3D8D01A776182798EA ] WSDPrintDevice  C:\Windows\System32\drivers\WSDPrint.sys
21:01:28.0448 6184  WSDPrintDevice - ok
21:01:28.0448 6184  WSearch - ok
21:01:28.0479 6184  [ C10BFFEE7E0D7A1366E84F251796C51D ] WSService       C:\Windows\System32\WSService.dll
21:01:28.0542 6184  WSService - ok
21:01:28.0557 6184  [ A8484C0CB54DB48180FB7CA00F1C3F8F ] wuauserv        C:\Windows\system32\wuaueng.dll
21:01:28.0620 6184  wuauserv - ok
21:01:28.0620 6184  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:01:28.0635 6184  WudfPf - ok
21:01:28.0635 6184  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
21:01:28.0651 6184  WUDFRd - ok
21:01:28.0651 6184  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFSensorLP    C:\Windows\system32\DRIVERS\WUDFRd.sys
21:01:28.0667 6184  WUDFSensorLP - ok
21:01:28.0667 6184  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:01:28.0682 6184  wudfsvc - ok
21:01:28.0682 6184  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdFs       C:\Windows\system32\DRIVERS\WUDFRd.sys
21:01:28.0698 6184  WUDFWpdFs - ok
21:01:28.0698 6184  [ F9D8D2E6ECE08B278621D5BF3A7240A6 ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:01:28.0729 6184  WwanSvc - ok
21:01:28.0729 6184  [ 6FDEE5E0741A3FFA5E5772C6C94E3F64 ] XHCIPort        C:\Windows\System32\drivers\XHCIPort.sys
21:01:28.0745 6184  XHCIPort - ok
21:01:28.0760 6184  [ 97D3DCBBF3915782644DB56F5C191B9F ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
21:01:28.0807 6184  ZeroConfigService - ok
21:01:28.0823 6184  ================ Scan global ===============================
21:01:28.0823 6184  [ DDC1AFBF9DDF880CE9BD3896114D8DED ] C:\Windows\system32\basesrv.dll
21:01:28.0823 6184  [ E9343076AE704D20BB0D01F3AF3EFFEF ] C:\Windows\system32\winsrv.dll
21:01:28.0839 6184  [ BD7C6949984D19AAA609896B675E7357 ] C:\Windows\system32\sxssrv.dll
21:01:28.0839 6184  [ 8F226143046435C75C033B0C52E90FFE ] C:\Windows\system32\services.exe
21:01:28.0854 6184  [Global] - ok
21:01:28.0854 6184  ================ Scan MBR ==================================
21:01:28.0854 6184  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
21:01:28.0885 6184  \Device\Harddisk0\DR0 - ok
21:01:28.0885 6184  ================ Scan VBR ==================================
21:01:28.0885 6184  [ D742B4495A1633AE666E5CD4BC968322 ] \Device\Harddisk0\DR0\Partition1
21:01:28.0885 6184  \Device\Harddisk0\DR0\Partition1 - ok
21:01:28.0885 6184  [ 15D77E49287D407A5DFCC965E0C6D67B ] \Device\Harddisk0\DR0\Partition2
21:01:28.0885 6184  \Device\Harddisk0\DR0\Partition2 - ok
21:01:28.0885 6184  [ AA4CDC953A14B44C42C8D5680446883F ] \Device\Harddisk0\DR0\Partition3
21:01:28.0885 6184  \Device\Harddisk0\DR0\Partition3 - ok
21:01:28.0885 6184  [ 39B5E2108E68900C10387FF1F82A96D4 ] \Device\Harddisk0\DR0\Partition4
21:01:28.0885 6184  \Device\Harddisk0\DR0\Partition4 - ok
21:01:28.0901 6184  [ DECF8906D3DE8657F6A55FE0D553BE84 ] \Device\Harddisk0\DR0\Partition5
21:01:28.0901 6184  \Device\Harddisk0\DR0\Partition5 - ok
21:01:28.0901 6184  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition6
21:01:28.0901 6184  \Device\Harddisk0\DR0\Partition6 - ok
21:01:28.0901 6184  [ EB9129417A831481048F26D4D6ABCFB8 ] \Device\Harddisk0\DR0\Partition7
21:01:28.0901 6184  \Device\Harddisk0\DR0\Partition7 - ok
21:01:28.0901 6184  ============================================================
21:01:28.0901 6184  Scan finished
21:01:28.0901 6184  ============================================================
21:01:28.0917 5872  Detected object count: 3
21:01:28.0917 5872  Actual detected object count: 3
21:01:44.0996 5872  HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
21:01:44.0996 5872  HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:01:44.0996 5872  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
21:01:44.0996 5872  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:01:44.0996 5872  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
21:01:44.0996 5872  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
         
Habe erstmal nichts mit den Befunden angestellt und bin gespannt was ihr dazu sagt!
Vielen Dank für eure Mühen!
Beste Grüße,
painfiller

Alt 21.02.2013, 20:23   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Avast VisthAux.exe deaktiviert (Windows 8) - Standard

Avast VisthAux.exe deaktiviert (Windows 8)



JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




Im Anschluss:

adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Danach eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles in CODE-Tags hier in den Thread.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 21.02.2013, 20:56   #9
painfiller
 
Avast VisthAux.exe deaktiviert (Windows 8) - Standard

Avast VisthAux.exe deaktiviert (Windows 8)



Hier JRT:

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.5 (02.18.2013:1)
OS: Windows 8 x64
Ran by krist_000 on 21.02.2013 at 21:38:22,39
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 21.02.2013 at 21:42:43,77
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Hier Adw:
Code:
ATTFilter
# AdwCleaner v2.112 - Datei am 21/02/2013 um 21:45:02 erstellt
# Aktualisiert am 10/02/2013 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzer : krist_000 - KRISTOFFER
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\krist_000\Downloads\adwcleaner0.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Users\krist_000\AppData\Roaming\Microsoft\Windows\Start Menu\Startfenster.lnk

***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16482

Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.startfenster.com --> hxxp://www.google.com

-\\ Google Chrome v24.0.1312.57

Datei : C:\Users\krist_000\AppData\Local\Google\Chrome\User Data\Default\Preferences

Gelöscht [l.19] : urls_to_restore_on_startup = [ "hxxp://google.de/", "hxxp://www.startfenster.com" ]
Gelöscht [l.2522] : urls_to_restore_on_startup = [ "hxxp://google.de/", "hxxp://www.startfenster.com" ]

*************************

AdwCleaner[S1].txt - [1068 octets] - [21/02/2013 21:45:02]

########## EOF - C:\AdwCleaner[S1].txt - [1128 octets] ##########
         
und zu guter Letzt OTL:

Code:
ATTFilter
OTL logfile created on: 21.02.2013 21:49:35 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\krist_000\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16484)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,89 Gb Total Physical Memory | 2,12 Gb Available Physical Memory | 54,44% Memory free
12,39 Gb Paging File | 10,56 Gb Available in Paging File | 85,25% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 102,54 Gb Total Space | 35,15 Gb Free Space | 34,28% Space Free | Partition Type: NTFS
Drive D: | 110,93 Gb Total Space | 70,68 Gb Free Space | 63,71% Space Free | Partition Type: NTFS
 
Computer Name: KRISTOFFER | User Name: krist_000 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\krist_000\Downloads\OTL (1).exe (OldTimer Tools)
PRC - C:\Users\krist_000\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Users\krist_000\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS)
PRC - C:\Windows\SysWOW64\ACEngSvr.exe (ASUSTeK)
PRC - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Motorola Solutions, Inc.)
PRC - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions, Inc.)
PRC - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUSTek Computer Inc.)
PRC - C:\Windows\SysWOW64\irstrtsv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe (Microsoft Corporation.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\a91dc79bf846144ee47efc08e17bb3e2\UIAutomationTypes.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\9c95779cc3d65cda80695cabc367476b\System.Windows.Forms.ni.dll ()
MOD - C:\Users\krist_000\AppData\Local\Google\Chrome\User Data\PepperFlash\11.6.602.167\pepflashplayer.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\e1ec8b9a6d4f9af9d6065c4187fb1b5f\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\f641b786d36d1cc5a5531a746c96ce1b\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\38638a559066bf7f2325a53ed53629bc\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\05cc6faa6704d01e78700561b22937e3\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\6824c9f11ea82b4148780cd92c9d6745\PresentationFramework.Aero2.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\8347ac8367f91309fa888d79a54c7450\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\1c7f4533b2b24c10a628793a8b93e1a7\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\15cc4fff434f274c1f6ab56a385dcb54\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\a7811936e59aaee26b1d9d467174d6d4\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\374a0cc6603f58864831897ef723bd4a\mscorlib.ni.dll ()
MOD - C:\Users\krist_000\AppData\Local\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Users\krist_000\AppData\Local\Google\Chrome\Application\24.0.1312.57\pdf.dll ()
MOD - C:\Users\krist_000\AppData\Local\Google\Chrome\Application\24.0.1312.57\libglesv2.dll ()
MOD - C:\Users\krist_000\AppData\Local\Google\Chrome\Application\24.0.1312.57\libegl.dll ()
MOD - C:\Users\krist_000\AppData\Local\Google\Chrome\Application\24.0.1312.57\ffmpegsumo.dll ()
MOD - C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (OfficeSvc) -- C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (ZeroConfigService) -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel® Corporation)
SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV:64bit: - (AMPPALR3) -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel Corporation)
SRV:64bit: - (BTHSSecurityMgr) -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel(R) Corporation)
SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (TeamViewer8) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (HPSLPSVC) -- C:\Users\KRIST_~1\AppData\Local\Temp\7zS71D5\hpslpsvc64.dll (Hewlett-Packard Co.)
SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (Bluetooth OBEX Service) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Motorola Solutions, Inc.)
SRV - (Bluetooth Device Monitor) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions, Inc.)
SRV - (irstrtsv) -- C:\Windows\SysWOW64\irstrtsv.exe (Intel Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUSTek Computer Inc.)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe (Microsoft Corporation.)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe (Microsoft Corporation.)
SRV - (ASUS InstantOn) -- C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe (ASUS)
SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (aswnet) -- C:\Windows\SysNative\Drivers\aswnet.sys (AVAST Software)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (ATP) -- C:\Windows\SysNative\Drivers\AsusTP.sys (ASUS Corporation)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\Drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (LVUVC64) -- C:\Windows\SysNative\Drivers\lvuvc64.sys (Logitech Inc.)
DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\Drivers\lvrs64.sys (Logitech Inc.)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\Drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\Drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (NETwNe64) -- C:\Windows\SysNative\Drivers\NETwew00.sys (Intel Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\Drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (intaud_WaveExtensible) -- C:\Windows\SysNative\Drivers\intelaud.sys (Intel Corporation)
DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\Drivers\iwdbus.sys (Intel Corporation)
DRV:64bit: - (XHCIPort) -- C:\Windows\SysNative\Drivers\xHCIPort.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (usb3Hub) -- C:\Windows\SysNative\Drivers\usb3Hub.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\Drivers\kbfiltr.sys ( )
DRV:64bit: - (irstrtdv) -- C:\Windows\SysNative\Drivers\irstrtdv.sys (Intel Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\Drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (acpials) -- C:\Windows\SysNative\Drivers\acpials.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\Drivers\BthLEEnum.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (AiCharger) -- C:\Windows\SysNative\Drivers\AiCharger.sys (ASUSTek Computer Inc.)
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\Drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (AMPPALP) -- C:\Windows\SysNative\Drivers\AmpPal.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (AMPPAL) -- C:\Windows\SysNative\Drivers\AmpPal.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (btmhsf) -- C:\Windows\SysNative\Drivers\btmhsf.sys (Intel Corporation)
DRV:64bit: - (DptfManager) -- C:\Windows\SysNative\Drivers\DptfManager.sys (Intel Corporation)
DRV:64bit: - (DptfDevGen) -- C:\Windows\SysNative\Drivers\DptfDevGen.sys (Intel Corporation)
DRV:64bit: - (DptfDevDram) -- C:\Windows\SysNative\Drivers\DptfDevDram.sys (Intel Corporation)
DRV:64bit: - (DptfDevFan) -- C:\Windows\SysNative\Drivers\DptfDevFan.sys (Intel Corporation)
DRV:64bit: - (DptfDevPch) -- C:\Windows\SysNative\Drivers\DptfDevPch.sys (Intel Corporation)
DRV:64bit: - (DptfDevProc) -- C:\Windows\SysNative\Drivers\DptfDevProc.sys (Intel Corporation)
DRV:64bit: - (AX88772) -- C:\Windows\SysNative\Drivers\ax88772.sys (ASIX Electronics Corp.)
DRV:64bit: - (iBtFltCoex) -- C:\Windows\SysNative\Drivers\iBtFltCoex.sys (Intel Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\Drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\Drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (RSUSBVSTOR) -- C:\Windows\SysNative\Drivers\RtsUVStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\Drivers\agrsm64.sys (LSI Corp)
DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\Drivers\Rt630x64.sys (Realtek                                            )
DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\Drivers\NETwNs64.sys (Intel Corporation)
DRV:64bit: - (e1iexpress) -- C:\Windows\SysNative\Drivers\e1i63x64.sys (Intel Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\Drivers\athrx.sys (Qualcomm Atheros Communications, Inc.)
DRV:64bit: - (HIDSwitch) -- C:\Windows\SysNative\Drivers\AsHIDSwitch64.sys (ASUS)
DRV:64bit: - (btmaux) -- C:\Windows\SysNative\Drivers\btmaux.sys (Intel Corporation)
DRV - (ATKWMIACPIIO) -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (ASUS)
DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-2347345409-2648239615-1393546621-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
IE - HKU\S-1-5-21-2347345409-2648239615-1393546621-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-2347345409-2648239615-1393546621-1001\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-2347345409-2648239615-1393546621-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\krist_000\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\krist_000\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.12.28 14:09:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK
 
[2012.12.28 14:09:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\krist_000\AppData\Roaming\mozilla\Extensions
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - Extension: avast! WebRep = C:\Users\krist_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
 
O1 HOSTS File: ([2012.07.26 06:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [ACMON] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Motorola Solutions, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe (ASUS Cloud Corporation)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKU\S-1-5-21-2347345409-2648239615-1393546621-1001..\Run: [Spotify] C:\Users\krist_000\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-2347345409-2648239615-1393546621-1001..\Run: [Spotify Web Helper] C:\Users\krist_000\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - Startup: C:\Users\krist_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\krist_000\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An Bluetooth senden - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: An Bluetooth senden - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4CFCC10A-995C-47A7-B25A-23C4A6801240}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{79C36127-07F5-4EE7-95D1-833D01F9258D}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.02.21 21:27:55 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.02.21 21:27:50 | 000,000,000 | ---D | C] -- C:\JRT
[2013.02.21 21:25:56 | 000,547,439 | ---- | C] (Oleg N. Scherbakov) -- D:\Desktop\JRT.exe
[2013.02.20 00:13:56 | 000,000,000 | ---D | C] -- C:\Users\krist_000\AppData\Local\ElevatedDiagnostics
[2013.02.17 16:13:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2013.02.14 00:31:33 | 006,967,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.02.14 00:31:10 | 003,966,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.02.14 00:31:09 | 000,907,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll
[2013.02.14 00:31:09 | 000,854,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.02.14 00:31:09 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.02.14 00:31:09 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.02.14 00:31:09 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.02.14 00:31:09 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.02.14 00:31:08 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.02.14 00:31:08 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UXInit.dll
[2013.02.14 00:31:08 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.02.14 00:31:08 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UXInit.dll
[2013.02.14 00:31:08 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.02.14 00:24:25 | 002,094,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmc.exe
[2013.02.14 00:24:24 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlidsvc.dll
[2013.02.14 00:24:24 | 001,611,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmc.exe
[2013.02.14 00:24:21 | 001,886,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setupapi.dll
[2013.02.14 00:24:21 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msctf.dll
[2013.02.14 00:24:21 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netprofmsvc.dll
[2013.02.14 00:24:20 | 000,438,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsm.dll
[2013.02.14 00:24:20 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Media.dll
[2013.02.14 00:24:20 | 000,028,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\msgpiowin32.sys
[2013.02.14 00:24:17 | 000,666,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MP4SDECD.DLL
[2013.02.14 00:24:17 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Networking.dll
[2013.02.14 00:24:17 | 000,303,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2013.02.14 00:24:17 | 000,194,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sdbus.sys
[2013.02.14 00:24:17 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetpp.dll
[2013.02.14 00:24:17 | 000,124,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpsd.sys
[2013.02.14 00:24:16 | 000,728,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samsrv.dll
[2013.02.14 00:24:16 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MP4SDECD.DLL
[2013.02.14 00:24:16 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Networking.dll
[2013.02.14 00:24:16 | 000,261,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Media.dll
[2013.02.14 00:24:16 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSDMon.dll
[2013.02.14 00:24:16 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsquirt.exe
[2013.02.14 00:24:16 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncbservice.dll
[2013.02.14 00:24:16 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\httpprxm.dll
[2013.02.14 00:24:16 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wiaacmgr.exe
[2013.02.14 00:24:16 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wiaacmgr.exe
[2013.02.14 00:24:16 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adhsvc.dll
[2013.02.14 00:24:15 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adhapi.dll
[2013.02.14 00:24:15 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\httpprxp.dll
[2013.02.14 00:24:15 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\keepaliveprovider.dll
[2013.02.14 00:24:08 | 001,690,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\GdiPlus.dll
[2013.02.14 00:24:07 | 001,437,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\GdiPlus.dll
[2013.02.14 00:02:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
[2013.02.14 00:02:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013.02.14 00:02:32 | 000,984,144 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013.02.14 00:02:32 | 000,468,144 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswnet.sys
[2013.02.14 00:02:32 | 000,370,288 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013.02.14 00:02:32 | 000,071,600 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013.02.14 00:02:32 | 000,054,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2013.02.14 00:02:32 | 000,025,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2013.02.14 00:02:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013.02.14 00:02:23 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013.02.14 00:02:22 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2013.02.13 23:22:21 | 000,000,000 | ---D | C] -- C:\Users\krist_000\AppData\Roaming\Malwarebytes
[2013.02.13 23:22:13 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.02.13 23:22:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.02.13 23:22:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.02.13 23:22:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Anti-Malware
[2013.02.13 23:21:40 | 010,156,344 | ---- | C] (Malwarebytes Corporation                                    ) -- D:\Desktop\mbam-setup-1.70.0.1100.exe
[2013.02.13 23:14:28 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- D:\Desktop\tdsskiller.exe
[2013.02.13 12:02:24 | 000,000,000 | ---D | C] -- C:\Users\krist_000\AppData\Local\Diagnostics
[2013.01.31 21:38:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
[2013.01.31 21:37:06 | 000,000,000 | ---D | C] -- C:\Users\krist_000\Documents\Meine empfangenen Dateien
[2013.01.29 20:31:05 | 000,000,000 | R--D | C] -- C:\Users\krist_000\SkyDrive
[2013.01.29 20:31:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SkyDrive
[2013.01.29 20:30:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft SkyDrive
[2013.01.29 20:10:59 | 000,000,000 | ---D | C] -- C:\Users\krist_000\Documents\Benutzerdefinierte Office-Vorlagen
[2013.01.29 19:38:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
[2013.01.29 19:37:38 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office 15
[2013.01.28 19:55:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\logishrd
[2013.01.28 19:55:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\logishrd
 
========== Files - Modified Within 30 Days ==========
 
[2013.02.21 21:48:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.21 21:46:36 | 000,000,500 | ---- | M] () -- C:\Users\krist_000\AppData\Roaming\sp_data.sys
[2013.02.21 21:46:22 | 000,001,134 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.02.21 21:46:20 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2013.02.21 21:46:07 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013.02.21 21:46:06 | 3340,271,616 | -HS- | M] () -- C:\hiberfil.sys
[2013.02.21 21:26:07 | 000,547,439 | ---- | M] (Oleg N. Scherbakov) -- D:\Desktop\JRT.exe
[2013.02.21 21:17:01 | 000,001,138 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.02.21 21:01:00 | 000,001,158 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2347345409-2648239615-1393546621-1001UA.job
[2013.02.21 20:58:11 | 001,745,416 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.02.21 20:58:11 | 000,753,134 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.02.21 20:58:11 | 000,710,244 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.02.21 20:58:11 | 000,155,826 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.02.21 20:58:11 | 000,132,614 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.02.21 20:53:14 | 633,542,378 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013.02.21 20:50:31 | 000,376,832 | ---- | M] () -- D:\Desktop\gmer_2.1.19081.exe
[2013.02.20 18:01:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2347345409-2648239615-1393546621-1001Core.job
[2013.02.18 13:23:01 | 000,000,870 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2013.02.15 21:27:57 | 000,001,167 | ---- | M] () -- C:\WirelessDiagLog.csv
[2013.02.15 21:25:59 | 000,420,424 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.02.14 00:05:27 | 000,468,144 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswnet.sys
[2013.02.14 00:05:27 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswnet.sys.sum
[2013.02.14 00:02:32 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013.02.13 23:21:44 | 010,156,344 | ---- | M] (Malwarebytes Corporation                                    ) -- D:\Desktop\mbam-setup-1.70.0.1100.exe
[2013.02.13 23:14:34 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- D:\Desktop\tdsskiller.exe
[2013.02.07 00:06:14 | 000,692,576 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.02.07 00:06:14 | 000,078,176 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.01.31 20:56:59 | 000,002,286 | ---- | M] () -- D:\Desktop\Google Chrome.lnk
[2013.01.28 10:22:35 | 001,074,307 | ---- | M] () -- C:\Users\krist_000\Semesterprogramm FSS2013.pdf
[2013.01.25 08:45:14 | 000,001,059 | ---- | M] () -- C:\Users\krist_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
 
========== Files Created - No Company Name ==========
 
[2013.02.21 20:52:27 | 000,376,832 | ---- | C] () -- D:\Desktop\gmer_2.1.19081.exe
[2013.02.15 21:27:42 | 000,001,167 | ---- | C] () -- C:\WirelessDiagLog.csv
[2013.02.15 21:25:57 | 000,420,424 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.02.14 00:24:15 | 000,386,577 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2013.02.14 00:02:34 | 000,001,138 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.02.14 00:02:34 | 000,001,134 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.01.29 20:31:03 | 000,002,198 | ---- | C] () -- C:\Users\krist_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
[2013.01.28 10:22:35 | 001,074,307 | ---- | C] () -- C:\Users\krist_000\Semesterprogramm FSS2013.pdf
[2013.01.17 00:57:56 | 000,250,294 | ---- | C] () -- C:\Windows\hpoins47.dat
[2013.01.17 00:57:56 | 000,000,478 | ---- | C] () -- C:\Windows\hpomdl47.dat
[2013.01.10 09:58:46 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2013.01.03 14:18:32 | 000,121,435 | ---- | C] () -- C:\Users\krist_000\H&M – Mode und Qualität zum besten Preis.pdf
[2012.12.31 19:06:57 | 000,000,021 | ---- | C] () -- C:\Users\krist_000\AppData\Roaming\my_intel.sys
[2012.12.22 12:38:40 | 000,000,500 | ---- | C] () -- C:\Users\krist_000\AppData\Roaming\sp_data.sys
[2012.10.26 16:42:24 | 000,336,232 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012.10.26 16:42:22 | 010,919,784 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012.10.26 16:42:22 | 000,103,272 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2012.10.08 01:29:12 | 000,185,216 | ---- | C] () -- C:\Windows\SysWow64\dptfinvalidpolicyremover.exe
[2012.10.08 01:29:12 | 000,004,362 | ---- | C] () -- C:\Windows\SysWow64\dptfinvalidpolicyremover.ini
[2012.08.30 09:27:12 | 000,598,780 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
[2012.08.30 09:26:51 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.08.30 09:26:48 | 000,755,048 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2012.08.17 01:52:29 | 000,024,576 | ---- | C] () -- C:\ProgramData\SetStretch.exe
[2012.08.17 01:52:28 | 000,000,217 | ---- | C] () -- C:\ProgramData\SetStretch.cmd
[2012.07.26 09:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2012.07.26 09:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2012.07.26 08:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2012.07.26 02:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2012.07.25 21:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012.07.25 21:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012.07.25 21:22:56 | 000,267,284 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin
[2012.07.25 21:22:54 | 000,963,376 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin
[2012.06.02 15:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2012.04.20 13:59:44 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
 
========== ZeroAccess Check ==========
 
[2012.10.08 01:39:23 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.01.10 00:23:07 | 019,791,360 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.01.10 00:26:23 | 017,560,576 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 04:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 04:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 04:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.12.22 12:38:44 | 000,000,000 | ---D | M] -- C:\Users\krist_000\AppData\Roaming\ASUS WebStorage
[2013.02.21 21:48:47 | 000,000,000 | ---D | M] -- C:\Users\krist_000\AppData\Roaming\Dropbox
[2013.01.03 17:44:01 | 000,000,000 | ---D | M] -- C:\Users\krist_000\AppData\Roaming\IrfanView
[2013.02.21 21:42:12 | 000,000,000 | ---D | M] -- C:\Users\krist_000\AppData\Roaming\Spotify
[2013.01.17 01:07:02 | 000,000,000 | ---D | M] -- C:\Users\krist_000\AppData\Roaming\TeamViewer
[2012.12.28 14:09:14 | 000,000,000 | ---D | M] -- C:\Users\krist_000\AppData\Roaming\Thunderbird
 
========== Purity Check ==========
 
 

< End of report >
         

Alt 21.02.2013, 21:47   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Avast VisthAux.exe deaktiviert (Windows 8) - Standard

Avast VisthAux.exe deaktiviert (Windows 8)



Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes - denk bitte vorher daran, Malwarebytes über den Updatebutton zu aktualisieren

Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 21.02.2013, 23:43   #11
painfiller
 
Avast VisthAux.exe deaktiviert (Windows 8) - Standard

Avast VisthAux.exe deaktiviert (Windows 8)



Malwarebytes:
Code:
ATTFilter
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Datenbank Version: v2013.02.21.11

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16484
krist_000 :: KRISTOFFER [Administrator]

21.02.2013 23:07:51
mbam-log-2013-02-21 (23-07-51).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 206617
Laufzeit: 2 Minute(n), 29 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         
ESET:
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=4a0dd5a6ed623a49b919288b0963d404
# engine=13217
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-02-21 11:40:40
# local_time=2013-02-22 12:40:40 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.2.9200 NT 
# compatibility_mode=774 16777213 100 91 693489 138199912 0 0
# compatibility_mode=5893 16776574 100 94 4253751 20996151 0 0
# scanned=260059
# found=1
# cleaned=0
# scan_time=5101
sh=2EA01BDDE25D4303699A47C59405AACF07BCE798 ft=1 fh=ff4d777e01df7e28 vn="Win32/StartPage.OPH trojan" ac=I fn="C:\Users\krist_000\Downloads\Nützliche Programme\vlc-2.0.4-win64.exe"
         

Alt 22.02.2013, 00:41   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Avast VisthAux.exe deaktiviert (Windows 8) - Standard

Avast VisthAux.exe deaktiviert (Windows 8)



Sieht soweit ok aus

Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat.

Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie )

Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller
Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird.

Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 22.02.2013, 08:42   #13
painfiller
 
Avast VisthAux.exe deaktiviert (Windows 8) - Standard

Avast VisthAux.exe deaktiviert (Windows 8)



Hallo,

sonst läuft alles soweit rund!

Allerdings wollte ich nochmal kurz nachfragen, wie man den Computer in Zukunft möglichst gut schützen kann.
Abgesehen von regelmäßigen Updates aller Programme, lohnt es sich eine kostenpflichtige Anti-Viren-Software (ich dachte dann auch an Avast) oder Firewall zuzulegen?
Worauf sollte man noch achten, außer unvorsichtig Dateien öffnen oder Passwörter eintippen?

Vielen Dank nochmal für deine Hilfe und beste Grüße,
painfiller

Alt 22.02.2013, 10:09   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Avast VisthAux.exe deaktiviert (Windows 8) - Standard

Avast VisthAux.exe deaktiviert (Windows 8)



Also ich weiß nicht wie oft ich das schon gepostet hab, das steht hier auch schon zuhauf in vielen Diskussionen - es ist eigentlich immer wieder das gleiche Fazit => Es gibt nicht den besten Virenscanner!

Die Frage - welcher Virenscanner oder ob der installierte reicht - taucht ständig auf.
Der Virenscanner - egal welcher - kann und wird niemals 100% Schutz bieten können. Neue/unbekannte Schädlinge können immer durch die Lappen gehen. Geld ausgeben muss man nicht für einen Scanner, sowas wie Avast oder Microsoft Security Essentials sind für die privaten Gebrauch völlig ausreichend.
Abgesehen davon nutzen verschiedene Virenscanner unterschiedliche Signaturen und Techniken, das führt dazu, dass zB Scanner1 Schädling X entdeckt, aber Schädling Y übersieht. Scanner2 erkennt Schädling Y, dafür aber Schädling X nicht...
Wichtiger ist, dass du dich an Regeln hälst. Der beste Virenscanner bringt nichts, wenn du dich falsch verhälst und fahrlässig/unvorsichtig bist. Airbag und Sicherheitsgurt im Auto sind ja auch keine Gründe dafür auf die Verkehrsregeln zu pfeifen.


Lesestoff:
Goldene Sicherheitsregeln
Halte Dich am besten grob an diese Regeln:
  1. Sei misstrauisch im Internet und v.a. bei unbekannten E-Mails, sei vorsichtig bei der Herausgabe persönlicher Daten!!
  2. Halte Windows und alle verwendeten Programme immer aktuell - unterstützen kann dich dabei Secunia PSI
  3. Führe regelmäßig Backups auf externe Medien durch
  4. Arbeite mit eingeschränkten Rechten
  5. automatische Wiedergabe von allen Laufwerken komplett deaktivieren, denn das ist ein unnötiges Sicherheitsrisiko
  6. Bei der Installation von Software möglichst darauf achten, dass die Setups aus offiziellen Quellen stammen und du bei der Installation nach Möglichkeit die benutzerdefinierte Methode wählst - dann hast du die Möglichkeit etwaigen Schrott (wie Toolbars oder sowas wie RegistryBooster) abzuwählen, welcher sonst einfach mitinstalliert wird.
  7. Bösartige bzw. ungewollte Sites von vornherein blockieren lassen mit Hilfe der MVPS Hosts File => Blocking Unwanted Parasites with a Hosts File
  8. Finger weg von: TuneUp, Registry-Cleanern aller Art, Softonic sowie illegalen Cracks/Keygens oder anderen "Tools" um ein kommerzielles Programm ohne Lizenz nutzen zu können
  9. dubiose Seiten bzw. Kinofilm-Streaming-Portale ebenfalls sein lassen, erstens handelt man sich dort schnell Malware ein oder kann in Abofallen geraten und zweitens bewegen sich diese Seiten in einer rechtlichen Grauzone.


Alles noch genauer erklärt steht hier => Kompromittierung unvermeidbar?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu Avast VisthAux.exe deaktiviert (Windows 8)
analyse, anhänge, anti-malware, avast, beste, besten, classpnp.sys, computer, daten, deaktiviert, direkt, ebenfalls, geschichte, griff, grundsätzliche, hal.dll, herzlichen, log-datei, nicht mehr, problem, rechner, schnell, test, thread, trojaner, unknown mbr, windows, würde, zufällig



Ähnliche Themen: Avast VisthAux.exe deaktiviert (Windows 8)


  1. Win7 Avast deaktiviert und nicht aktivierbar schwarzer bildschirm
    Log-Analyse und Auswertung - 24.07.2014 (15)
  2. mmc.exe versucht Win-Dateien zu verändern; Avast deaktiviert; PC langsam
    Plagegeister aller Art und deren Bekämpfung - 18.04.2014 (2)
  3. VisthAux.exe ?
    Antiviren-, Firewall- und andere Schutzprogramme - 16.03.2014 (5)
  4. Windows Vista: Updates deaktiviert, Sicherheitsmaßnahmen abgeschaltet, Avira deaktiviert
    Log-Analyse und Auswertung - 12.02.2014 (14)
  5. Windows 7 64-bit: laut Windows ist Avast (VistHaux.exe) deaktiviert; eine meiner Emailadressen war auf der BSI-Liste
    Log-Analyse und Auswertung - 26.01.2014 (3)
  6. Avast\VisthAux.exe lässt sich nicht starten + unerwünschter sleep bei Windows 7
    Log-Analyse und Auswertung - 26.12.2013 (6)
  7. Windows-Sicherheitscenter war deaktiviert - nun kann ich Windows-Defender nicht mehr starten
    Log-Analyse und Auswertung - 20.12.2013 (13)
  8. Avast nach Update plötzlich deaktiviert
    Plagegeister aller Art und deren Bekämpfung - 13.11.2013 (3)
  9. AVAST wurde deaktiviert und lässt sich nicht mehr aktivieren
    Plagegeister aller Art und deren Bekämpfung - 11.11.2013 (25)
  10. Windows 7: Windows Firewall deaktiviert, nicht bedienbar, Fehlercode: 0x6D9
    Mülltonne - 18.10.2013 (0)
  11. Bluescreen beim Anmelden, dann Neustart, dann ist Avast deaktiviert
    Log-Analyse und Auswertung - 09.08.2013 (7)
  12. Avast deaktiviert, Rechner bootet selbst neu, VisthAux.exe
    Log-Analyse und Auswertung - 14.06.2013 (33)
  13. bProtector for Windows scheint avast deaktiviert zu haben
    Plagegeister aller Art und deren Bekämpfung - 20.04.2013 (12)
  14. Avast Free deaktiviert, lässt sich nicht mehr aktivieren
    Log-Analyse und Auswertung - 11.02.2013 (7)
  15. Avast durch Malware deaktiviert
    Plagegeister aller Art und deren Bekämpfung - 03.11.2012 (4)
  16. Wahrscheinlich neuer Virus: Avast VisthAux.exe deaktiviert und erster Sektor der Festplatte kann nicht gelesen werden
    Plagegeister aller Art und deren Bekämpfung - 12.10.2012 (33)
  17. Anti Vir Guard deaktiviert, Windows Firewall deaktiviert und andere Miseren...
    Log-Analyse und Auswertung - 24.01.2009 (13)

Zum Thema Avast VisthAux.exe deaktiviert (Windows 8) - Hallo, heute Abend ist mir zufällig aufgefallen, dass Avast nicht mehr ordentlich läuft und sogar deaktiviert ist. Das grundsätzliche Problem wurde in diesem Thread schon einmal beschrieben: http://www.trojaner-board.de/124918-...e-gelesen.html Nun gehe - Avast VisthAux.exe deaktiviert (Windows 8)...
Archiv
Du betrachtest: Avast VisthAux.exe deaktiviert (Windows 8) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.