|
Plagegeister aller Art und deren Bekämpfung: Facebook IP greift auf PC zu?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
12.01.2013, 12:41 | #1 |
| Facebook IP greift auf PC zu? Hallo! Hatte gestern abend kurz eine Ping-Explosion für einige Sekunden und nen Freeze. Danach meldete McAfee, dass ein PC versuche eine Verbindung herzustellen. Habe mir jetzt mal die letzten Meldungen zu blockierten eingehenden Verbindungen angesehen und festgestellt, dass mehrmals täglich diverse IPs geblockt wurden. Die IPs verweisen alle auf facebook selbst. Zur Info: ich war nicht bei facebook eingeloggt, als die Meldug gestern kam. Ich kann mit den Meldungen von McAffee leider auch nicht wirklich was anfangen. Es heisst nur, von IP xy sei versucht worden auf den Port zuzugreifen. Weiss jemand, was da vor sich geht? Ist das "normal"? Habe im Netz nicht wirklich was dazu gefunden. Ich konnte bisher nicht feststellen, dass jemand an meinem Konto rumgefuhrwerkt hätte. Hab dort auch die Meldungen und sicheren Verbindungen aktiviert und da ist mir bisher nichts aufgefallen. Bin für jeden Tipp sehr, sehr dankbar. |
12.01.2013, 16:14 | #2 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Facebook IP greift auf PC zu? Ohne die Logs deiner McAfee-Firewall wird das ziemlicher
__________________
__________________ |
12.01.2013, 17:33 | #3 |
| Facebook IP greift auf PC zu? Das würde ich gerne, finde die file aber nicht. Hab heute schon eine Stunde gesucht
__________________Seit dem letzten Interfaceupdate gibt es keine direkte Verbindung. Ich kann mir die Ereignisse zwar im Interface anzeigen lassen, aber dort kann ich nix damit tun. In den entsprechenden Ordnern ist auch nichts zu finden ausser haufenweise Updatelogs. Im Internet fand ich bisher auch nichts sinnvolles dazu. |
12.01.2013, 17:52 | #4 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Facebook IP greift auf PC zu? Dann können nichts zu deiner Ausgangsfrage sagen Andere Fragen? Hattest du vllt mal Virenfunde?
__________________ Logfiles bitte immer in CODE-Tags posten |
12.01.2013, 18:53 | #5 | |
| Facebook IP greift auf PC zu? Ja sorry, hört sich sicher total doof an, aber ich finds halt wirklich nicht. Das einzige was ich auslesen kann, sind die Logs im Interface. Ich schreibe mal was ab: Verdächtige eingehende Netzwerkverbindung blockiert 12.01.2013 15:42:13 Ausgangs-IP-Adresse: 69.171.235.16 Verdächtige eingehende Netzwerkverbindung blockiert 12.01.2013 15:04:07 Ausgangs-IP-Adresse: 85.183.195.227 Verdächtige eingehende Netzwerkverbindung blockiert 12.01.2013 13:57:43 Ausgangs-IP-Adresse: 173.194.69.102 Verdächtige eingehende Netzwerkverbindung blockiert 11.01.2013 23:45:34 Ausgangs-IP-Adresse: 69.171.235.16 Verdächtige eingehende Netzwerkverbindung blockiert 11.01.2013 23:45:11 Ausgangs-IP-Adresse: 31.13.64.23 Virenfunde hatte ich mit McAfee seit Ewigkeiten keine. Im Frühsommer habe ich mir mal nen DriveBy BKA inkl Cam Virus eingefangen. Danach hatte ich mehrere Scans mit McAfee, Malwarebites usw gemacht bis nix mehr gefunden wurde, dann Zurücksetzung des Betriebssystems und danach weitere Scans, aber es wurde seither nie was gefunden. Ich nutze kein Torrents oder ähnliches und lade ausser offizielle Updates für Win, McAfee, Games, etc nichts herunter. Kein Spammails geöffnet, nix. Kanns mir also nicht wirklich erklären. Vllt sind das ja auch "normale" Vorgänge, k.a. Gestern war nichts mehr und heute gerade vorhin den PC angemacht: Verdächtige eingehende Netzwerkverbindung blockiert 13.01.2013 13:16:40 Ausgangs-IP-Adresse: 108.61.5.130 Und 5 mal um 13:16:39 Neue Info: Malwarebytes findet nichts: Zitat:
|
13.01.2013, 19:49 | #6 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Facebook IP greift auf PC zu? Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Erstmal eine Kontrolle mit OTL bitte:
__________________ --> Facebook IP greift auf PC zu? |
13.01.2013, 22:21 | #7 |
| Facebook IP greift auf PC zu? Hier die Logs: Extras.txt: Code:
ATTFilter OTL Extras logfile created on: 13.01.2013 21:58:02 - Run 4 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Micha\Desktop Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,49 Gb Available Physical Memory | 49,62% Memory free 6,00 Gb Paging File | 4,34 Gb Available in Paging File | 72,43% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 149,04 Gb Total Space | 95,74 Gb Free Space | 64,24% Space Free | Partition Type: NTFS Drive D: | 137,33 Gb Total Space | 67,46 Gb Free Space | 49,12% Space Free | Partition Type: NTFS Computer Name: MICHA-PC | User Name: Micha | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-2346782842-2880189148-1154082226-1001\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0294BB2F-6178-459D-8C46-8D1C40D6AD6B}" = rport=445 | protocol=6 | dir=out | app=system | "{057550CC-1C7E-4C7B-A2F8-3A8DDC978C8C}" = lport=138 | protocol=17 | dir=in | app=system | "{08E024BB-596A-4DFF-A430-159062EB67CE}" = lport=10243 | protocol=6 | dir=in | app=system | "{128B61E5-B469-4090-85E4-11CF89AC50C8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{166EAC20-A98A-43F2-A05C-47C4C9770DF8}" = rport=139 | protocol=6 | dir=out | app=system | "{19A5737B-0BEE-43C8-BCD3-3CC714AA4FD3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{19E8810C-8F1D-49CE-B408-63D037A0B4EA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{225DF82A-6DA8-4CC0-BA2D-52E49744015D}" = rport=138 | protocol=17 | dir=out | app=system | "{22AD5D30-848E-43AD-8EB2-E165BDB01BFE}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{25B9D31D-64EC-44F5-900B-17177C3E5D3C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{295EF879-34FC-4A05-A484-51AA1443280E}" = lport=445 | protocol=6 | dir=in | app=system | "{2FA65B31-3A9D-4C20-AFC6-469495F0EF44}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{4084E937-EAAA-47EE-9520-7BE7CE434C09}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{44883AC5-AAA9-4234-B043-0C4034BBC602}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{484CC0EE-B2D6-4E86-AA9F-ECD678438F51}" = lport=2869 | protocol=6 | dir=in | app=system | "{4BF5EB07-06A2-40E2-B5B6-244EF5C49A0F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{4C83E9DD-C10D-4100-A3E2-F3C7D80B5C17}" = lport=138 | protocol=17 | dir=in | app=system | "{4DB27F02-8C39-42F8-8FE7-4E5623895409}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{5456EA1E-AF45-48BD-9C96-AB99A6CCF1D9}" = lport=139 | protocol=6 | dir=in | app=system | "{5FDB2EFD-69F1-4A7C-90BC-A4B329220177}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{6364B77A-8796-4078-B3CC-5963A3E70B4F}" = rport=139 | protocol=6 | dir=out | app=system | "{6EFD3216-D4DB-448C-81DA-E8838C66FFD2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{7C7BD74E-D59D-40F9-8481-A74C4729E9DD}" = rport=138 | protocol=17 | dir=out | app=system | "{7D02539A-FA4A-4A22-A716-54499665DEC2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{83104DB9-A742-45AA-B1CA-0DC3D09A1CB5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{86444BB3-291D-4D31-A046-BB4AA3243C28}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{877BED06-E356-4CE4-81E3-4EE04804A521}" = lport=137 | protocol=17 | dir=in | app=system | "{8D7AF6C9-A3B9-4828-A544-ED864DF6C18A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{983B25F3-6D3C-4810-B6C7-32136519F446}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{99C945F1-6E96-42BE-9302-8A69D0439094}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{9B9B3581-27B3-4F27-9ECE-AC9FF546BCE2}" = lport=139 | protocol=6 | dir=in | app=system | "{AF8150A9-8B4A-4262-900E-D368942052B3}" = lport=2869 | protocol=6 | dir=in | app=system | "{B03335A9-C3B2-48D4-B31B-A5D49F778D22}" = lport=10243 | protocol=6 | dir=in | app=system | "{B9DB0ACD-18D4-41AD-9513-E90281E2FF3D}" = rport=10243 | protocol=6 | dir=out | app=system | "{BE10AB93-C4A6-464B-BE93-069E778BFF99}" = rport=10243 | protocol=6 | dir=out | app=system | "{C232D951-55E7-4D04-9346-F88A07FC0B22}" = lport=137 | protocol=17 | dir=in | app=system | "{C428A183-FD79-40B5-990D-895328F43AC8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{C6CA68A7-7538-4270-B66E-0F2C02558B82}" = lport=445 | protocol=6 | dir=in | app=system | "{C89A1918-EEAC-4080-B282-4310114CC4AF}" = rport=445 | protocol=6 | dir=out | app=system | "{C99410F2-B5EC-4101-A977-7C9DF5CDA2DC}" = rport=137 | protocol=17 | dir=out | app=system | "{CCA271E1-936A-405C-92F4-95FD48CC7F8C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{CF0676E6-E2EC-438A-9741-7029DEBD00CE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{F534D21D-02A4-4E48-A237-A3745ED5E6D3}" = rport=137 | protocol=17 | dir=out | app=system | "{F9C1EEE5-72B7-40C6-BC7C-64E9DF7DEB39}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{002563E3-45BA-46D7-BD33-48EFCE72CB89}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{003C7A18-60D9-4C89-94D8-DE42C1AA1D76}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{02A4D600-582A-4C14-ADFE-C125CF0CB18F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{1473D86F-6F04-46A3-9153-CD04272511DC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{1FCB558B-A314-4B2F-9C31-60E5010648D8}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe | "{1FD786E2-B640-41DC-AB73-68218DC3D695}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{241DF502-41DF-46CB-BA58-61920B50B66E}" = protocol=6 | dir=in | app=c:\program files\icq7.1\aolload.exe | "{25DF1644-EA4F-4003-840A-78F8A9E78857}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{27FBF777-593F-4E75-A043-AF0C29C42883}" = protocol=17 | dir=in | app=c:\program files\icq7.1\icq.exe | "{2DF46237-19C0-41DE-AC87-605F3A3FAEBD}" = protocol=6 | dir=out | app=system | "{30DF2C73-CBA4-48E6-B272-78F4929BB044}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe | "{32579A0C-A5C2-4D62-8845-E05106549F13}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{34F6D8B5-1B79-46F2-83A7-8FCD9BB590D4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{4849799C-D8E9-4360-8F9A-6B5F2BCC7EA4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{56E808A1-BFD0-4B79-B567-B9FA848D697F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{59BED5CD-C943-48EC-815F-6998BF141238}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{61FB8AD2-C831-45AB-9DFB-D685C3A8300D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{62F27534-2769-4D2F-B42F-E96E62F64F44}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{64B1B722-3165-4B76-9C5F-DA938F3F26B6}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{65901CFC-D156-4C8F-90EA-C26D256CA195}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{68F6992D-6E9D-4F14-88EC-3E0B8BEC7EFF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{6A9651A8-ADB9-4FE5-BF34-517E0EB5FCCC}" = protocol=17 | dir=in | app=c:\program files\icq7.1\aolload.exe | "{76213788-DF3D-464B-90BD-3FB7F7EB6C76}" = dir=in | app=c:\program files\itunes\itunes.exe | "{774E7BFB-0EDD-45A8-86F9-B54ABB19DD40}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | "{7A97A189-6A46-4E7A-B264-08373D8E5A03}" = protocol=17 | dir=in | app=c:\program files\icq7.1\icq.exe | "{7F4AB55E-DC59-4CE5-96DF-9D45A58AC7E2}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | "{81B4BAD8-A17D-4410-BA03-A3F05F90E09D}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{84DD0593-0324-4E70-8AE9-5ABA7F91E2EB}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | "{8642AF85-31DC-4BB3-8E9D-1E478C224084}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{8BE0334E-0F55-4A87-A0AC-17E1037866F4}" = protocol=6 | dir=in | app=c:\program files\icq7.1\icq.exe | "{944E8BE4-C6E7-46A6-BA3D-0F183BBB6E7F}" = protocol=6 | dir=in | app=c:\program files\icq7.1\icq.exe | "{9872DE6F-A182-4489-969C-1F15686A3594}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{9D3F560D-6E11-4D44-A591-19240F7B274D}" = protocol=58 | dir=in | app=system | "{A12503A8-E9DD-41F8-9A48-9C88912C140A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{A5589677-56C4-46C1-A86B-1F0B5425786F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{A84F3F8E-FEBF-497D-8442-7067078FED94}" = protocol=17 | dir=in | app=d:\games\steam\steamapps\common\mountblade warband\mb_warband.exe | "{A96F7E7E-D0E0-4F76-AD28-8E65FE47AAF5}" = protocol=6 | dir=in | app=d:\games\steam\steamapps\common\mountblade warband\mb_warband.exe | "{AB3FBA72-52C3-4476-9A38-230DBE05659B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{AE060FE0-1846-4E25-844C-2A09D181350E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{AFA1D8A7-836A-4B3C-BDFF-BE78F3C4A193}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{B94ED569-A0DD-46B0-9FAD-9241152441A7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{BC7833D1-AE4B-4CAB-BDD5-6EA587E5C763}" = protocol=6 | dir=out | app=system | "{C7E4BFB4-6209-40AB-B939-FB769159F706}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{CA912AB9-D1B4-4788-A0AD-55DE106EB8A4}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 | "{CE504808-152F-4073-8BB9-0F8E7C4D30C6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{CEE644D2-B53A-4AC0-BC8D-6B224DF8257D}" = protocol=17 | dir=in | app=c:\program files\icq7.1\aolload.exe | "{D3648D1D-2BA3-4973-9B7E-EDC907B6E342}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{D73909E9-CC2C-4747-93DB-8288A43FF3C0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{D8375989-209B-4865-8F57-68B38082AC39}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{E8715BB0-E132-4617-B344-62E03BFE2C1C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{E926E57D-011D-4F63-BCC5-FFCFDC28D091}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{EB11A3E5-43EB-44B6-85DD-0A5BC8DACE68}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{EB980EDB-E501-47B2-922B-315D09807400}" = protocol=6 | dir=in | app=c:\program files\icq7.1\aolload.exe | "{EFA98652-B437-42AA-B7D3-EFFD71ED4ECD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{F77C675C-828F-4CC9-A24C-E1DFCCB0EEBB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{F7DCF881-DB9D-4779-8D1C-CCCBAC7C73FF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{071B843C-9A39-40B3-BB01-BBD6A8D2E1C5}" = lingDIALOG "{0886900B-B2F3-452C-B580-60F1253F7F80}" = Native Instruments Controller Editor "{09298F26-A95C-31E2-9D95-2C60F586F075}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology "{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center "{0DB06704-7DB8-43FC-BE1D-8ACFEFA85C43}" = TortoiseSVN 1.6.16.21511 (32 bit) "{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime "{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support "{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter "{1945A4B5-73B6-4DE9-99A3-05261B7FDED0}" = Shared C Run-time for x86 "{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3 "{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks "{26A24AE4-039D-4CA4-87B4-2F83216018F0}" = Java(TM) 6 Update 18 "{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9 "{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in "{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX "{378317B3-D201-4BC0-BEC9-9451C9ACAEED}" = Alcor Micro USB Card Reader "{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2 "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker "{4905C2C7-96CB-4DD9-A706-C427913DE5AE}" = Barbarian Invasion "{490BF87E-1F75-4453-BF55-9F540543A3CA}" = Steinberg Drum Loop Expansion 01 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}" = Steinberg Cubase 5 "{4D454CF8-12FD-464D-B57B-B46FE27B78BB}" = Steinberg LoopMash Content "{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}" = Paint.NET v3.5.10 "{532B917B-8235-4FA5-BE36-643A8BB053A5}" = Steinberg REVerence Content 01 "{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe "{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon "{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}" = iTunes "{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect "{71BFC818-0CED-42D6-9C87-5142918957EE}" = ICQ7.1 "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour "{7B63B2922B174135AFC0E1377DD81EC2}" = "{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey "{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2 "{842ED5C6-2530-4469-A9A0-0DCDDDA94481}_is1" = M&B Module Updater v1.0 "{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}" = Steinberg HALionOne Studio Drum Set "{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist "{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2 "{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}" = Apple Mobile Device Support "{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash "{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195 "{96472D82-0239-11E0-9776-199EDFD72085}" = M-Audio FastTrack Driver 6.0.6 (x86) "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BCAC864-84C0-409F-8D12-364109622D18}_is1" = Europa Barbarorum 1.1 "{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame "{9D6D7811-43B3-463C-BC79-5D1755269989}" = Net4Switch "{A642BB6B-CA1D-4142-8DD4-318C3F3DC834}" = Rome - Total War(TM) "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.5) - Deutsch "{AC997F93-0757-4ED4-A701-F40C2D654D09}" = Steinberg HALionOne GM Drum Set "{AD3E68F5-D141-49C0-B002-28B48030B902}_is1" = Europa Barbarorum 1.2 "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 306.23 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.23 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.23 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0604 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B962AD08-335F-46f7-A182-257D37672E5C}" = Native Instruments Rig Kontrol 3 Driver "{BD86F1AC-B594-46E4-85DC-1258AC9E2232}" = Steinberg Groove Agent ONE Content "{C7FAFC98-5ECC-40FC-B440-A5D5FE3A6A6E}" = Native Instruments Guitar Rig 4 "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media "{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}" = Steinberg HALionOne Studio Set "{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service "{D82CDA0D-C182-42C8-8FF2-5649C98D6003}" = Steinberg HALionOne Pro Set "{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}" = Steinberg HALionOne Expression Set "{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 "{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update "{E70E7159-93B1-470D-9FBD-D8E9EF34B538}" = Steinberg HALionOne "{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10 "{F057965A-D974-4C64-ADB1-4381CD4B8956}" = Steinberg HALionOne GM Set "{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}" = ASUS FancyStart "{F3AFD063-8BAD-485E-B641-E7F5A2C5AE71}" = Steinberg HALionOne Additional Content Set 01 "{FA2092C5-7979-412D-A962-6485274AE1EE}" = ASUS Data Security Manager "AC3Filter" = AC3Filter (remove only) "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "AmUStor" = Alcor Micro USB Card Reader "ASIO4ALL" = ASIO4ALL "Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.11 (Unicode) "CA’s Vanilla Soundmod " = CA’s Vanilla Soundmod "CCleaner" = CCleaner "DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters "DivX Setup" = DivX-Setup "EB Documentation_is1" = EB Documentation 1.1 "EB Trivial Script_is1" = EB Trivial Script 0.125 "FUSSBALL MANAGER 12" = FUSSBALL MANAGER 12 "Graphical Enhancement Textures" = Graphical Enhancement Textures 2.5 "InstallShield_{071B843C-9A39-40B3-BB01-BBD6A8D2E1C5}" = lingDIALOG "InstallShield_{A642BB6B-CA1D-4142-8DD4-318C3F3DC834}" = Rome - Total War(TM) "Kurs 2 5.0 Italienisch" = Langenscheidt Kurs 2 5.0 Italienisch "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100 "McAfee Virtual Technician" = McAfee Virtual Technician "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Mount&Blade" = Mount&Blade "Mozilla Firefox 18.0 (x86 de)" = Mozilla Firefox 18.0 (x86 de) "MozillaMaintenanceService" = Mozilla Maintenance Service "MSC" = McAfee AntiVirus Plus "Native Instruments Controller Editor" = Native Instruments Controller Editor "Native Instruments Guitar Rig 4" = Native Instruments Guitar Rig 4 "Native Instruments Rig Kontrol 3 Driver" = Native Instruments Rig Kontrol 3 Driver "Native Instruments Service Center" = Native Instruments Service Center "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "ProtectDisc Driver 11" = ProtectDisc Driver, Version 11 "Recruitment Viewer_is1" = Recruitment Viewer 0.9 "Scourge of War - Gettysburg v1.4" = Scourge of War - Gettysburg v1.4 "SecureW2 EAP Suite" = SecureW2 EAP Suite 1.1.1 for Windows "Softube Acoustic Feedback VST RTAS_is1" = Softube Acoustic Feedback VST RTAS v1.0.7 "Softube Bass Amp Room VST RTAS_is1" = Softube Bass Amp Room VST RTAS v1.0.2 "Softube FET Compressor VST RTAS_is1" = Softube FET Compressor VST RTAS v1.0.3 "Softube Metal Amp Room VST RTAS_is1" = Softube Metal Amp Room VST RTAS v1.1.5 "Softube Passive-Active Pack VST RTAS_is1" = Softube Passive-Active Pack VST RTAS v1.0.2 "Softube Spring Reverb VST RTAS_is1" = Softube Spring Reverb VST RTAS v1.0.4 "Softube Tube Delay VST RTAS_is1" = Softube Tube Delay VST RTAS v1.0.5 "Softube Tube-Tech CL 1B VST RTAS_is1" = Softube Tube-Tech CL 1B VST RTAS v1.0.3 "Softube Vintage Amp Room VST RTAS_is1" = Softube Vintage Amp Room VST RTAS v1.0.8 "Steam App 48700" = Mount and Blade: Warband "SynTPDeinstKey" = Synaptics Pointing Device Driver "USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam "WinRAR archiver" = WinRAR ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 09.12.2012 14:00:01 | Computer Name = Micha-PC | Source = Windows Backup | ID = 4103 Description = Error - 13.12.2012 16:41:26 | Computer Name = Micha-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: mcupdmgr.exe, Version: 11.6.434.0, Zeitstempel: 0x5050b3c5 Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.1, Zeitstempel: 0x4d5f0c22 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00011891 ID des fehlerhaften Prozesses: 0x16a0 Startzeit der fehlerhaften Anwendung: 0x01cdd9721d82648d Pfad der fehlerhaften Anwendung: c:\PROGRA~1\mcafee\msc\mcupdmgr.exe Pfad des fehlerhaften Moduls: C:\Windows\system32\MSVCR100.dll Berichtskennung: 763493fe-4565-11e2-bded-002618392f30 Error - 16.12.2012 14:00:01 | Computer Name = Micha-PC | Source = Windows Backup | ID = 4103 Description = Error - 23.12.2012 18:30:20 | Computer Name = Micha-PC | Source = Windows Backup | ID = 4103 Description = Error - 30.12.2012 14:00:02 | Computer Name = Micha-PC | Source = Windows Backup | ID = 4103 Description = Error - 06.01.2013 14:00:02 | Computer Name = Micha-PC | Source = Windows Backup | ID = 4103 Description = Error - 12.01.2013 10:42:47 | Computer Name = Micha-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 12.01.2013 10:42:47 | Computer Name = Micha-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 15553 Error - 12.01.2013 10:42:47 | Computer Name = Micha-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 15553 Error - 13.01.2013 14:00:01 | Computer Name = Micha-PC | Source = Windows Backup | ID = 4103 Description = [ System Events ] Error - 13.01.2013 12:55:21 | Computer Name = Micha-PC | Source = PNRPSvc | ID = 102 Description = Error - 13.01.2013 12:55:21 | Computer Name = Micha-PC | Source = Service Control Manager | ID = 7023 Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: %%-2140993535 Error - 13.01.2013 12:55:21 | Computer Name = Micha-PC | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%-2140993535 Error - 13.01.2013 12:55:28 | Computer Name = Micha-PC | Source = PNRPSvc | ID = 102 Description = Error - 13.01.2013 12:55:28 | Computer Name = Micha-PC | Source = Service Control Manager | ID = 7023 Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: %%-2140993535 Error - 13.01.2013 12:55:28 | Computer Name = Micha-PC | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%-2140993535 Error - 13.01.2013 12:55:32 | Computer Name = Micha-PC | Source = PNRPSvc | ID = 102 Description = Error - 13.01.2013 12:55:32 | Computer Name = Micha-PC | Source = Service Control Manager | ID = 7023 Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: %%-2140993535 Error - 13.01.2013 12:55:32 | Computer Name = Micha-PC | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%-2140993535 Error - 13.01.2013 14:41:42 | Computer Name = Micha-PC | Source = DCOM | ID = 10000 Description = < End of report > Code:
ATTFilter OTL logfile created on: 13.01.2013 21:58:02 - Run 4 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Micha\Desktop Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,49 Gb Available Physical Memory | 49,62% Memory free 6,00 Gb Paging File | 4,34 Gb Available in Paging File | 72,43% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 149,04 Gb Total Space | 95,74 Gb Free Space | 64,24% Space Free | Partition Type: NTFS Drive D: | 137,33 Gb Total Space | 67,46 Gb Free Space | 49,12% Space Free | Partition Type: NTFS Computer Name: MICHA-PC | User Name: Micha | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Micha\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe (Adobe Systems, Inc.) PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - c:\Programme\McAfee\SiteAdvisor\saUI.exe (McAfee, Inc.) PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe () PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Programme\McAfee\Supportability\MVT\MvtApp.exe (McAfee, Inc.) PRC - C:\Windows\System32\rpcnet.exe (Absolute Software Corp.) PRC - C:\Windows\System32\mfevtps.exe (McAfee, Inc.) PRC - C:\Programme\Common Files\Mcafee\SystemCore\mfefire.exe (McAfee, Inc.) PRC - C:\Programme\McAfee\MSC\McAPExe.exe (McAfee, Inc.) PRC - C:\Programme\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.) PRC - C:\Programme\Common Files\Mcafee\Platform\McUICnt.exe (McAfee, Inc.) PRC - C:\Programme\Common Files\Mcafee\AMCore\mcshield.exe (McAfee, Inc.) PRC - C:\Programme\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.) PRC - C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) PRC - C:\Programme\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) PRC - C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) PRC - C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Programme\TortoiseSVN\bin\TSVNCache.exe (hxxp://tortoisesvn.net) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Windows\System32\M-AudioTaskBarIcon.exe (Avid Technology, Inc.) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Programme\ASUS\ATK Hotkey\HControl.exe (ASUS) PRC - C:\Programme\ASUS\ATK Media\DMedia.exe (ASUS) PRC - C:\Programme\ASUS\ATKOSD2\ATKOSD2.exe (ASUS) PRC - C:\Programme\AmIcoSingLun\AmIcoSinglun.exe (AlcorMicro Co., Ltd.) PRC - C:\Programme\ASUS\Splendid\ACMON.exe (ATK) PRC - C:\Programme\Common Files\Native Instruments\Hardware\NIHardwareService.exe (Native Instruments GmbH) PRC - C:\Programme\ASUS\ASUS CopyProtect\ASPG.exe (ASUS) PRC - C:\Programme\ASUS\ASUS Data Security Manager\ADSMTray.exe (ASUSTek Computer Inc.) PRC - C:\Programme\ASUS\ATK Hotkey\HControlUser.exe (ASUS) PRC - C:\Programme\ASUS\ATK Hotkey\ATKOSD.exe (ASUS) PRC - C:\Programme\ASUS\ATK Hotkey\AsLdrSrv.exe (ASUS) PRC - C:\Programme\ASUS\SmartLogon\sensorsrv.exe (ASUS) PRC - C:\Programme\ASUS\ATK Hotkey\WDC.exe (ASUS) PRC - C:\Programme\ASUS\ATK Hotkey\KBFiltr.exe (ASUS) PRC - C:\Programme\ASUS\ASUS Data Security Manager\ADSMSrv.exe (ASUSTek Computer Inc.) PRC - C:\Programme\ASUS\ASUS Live Update\ALU.exe () PRC - C:\Programme\ASUS\Net4Switch\Net4Switch.exe (ASUS) PRC - C:\Programme\ATKGFNEX\GFNEXSrv.exe () PRC - C:\Programme\ASUS\NB Probe\SPM\spmgr.exe () PRC - C:\Programme\Wireless Console 2\wcourier.exe () PRC - C:\Windows\System32\ACEngSvr.exe (ASUSTeK) ========== Modules (No Company Name) ========== MOD - C:\Programme\Mozilla Firefox\mozjs.dll () MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_5_502_146.dll () MOD - C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll () MOD - C:\Programme\DivX\DivX Update\DivXUpdate.exe () MOD - C:\Programme\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll () MOD - C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll () MOD - C:\Windows\System32\CmdLineExt03.dll () MOD - C:\Programme\ASUS\Net4Switch\ipswsysmon.dll () MOD - C:\Programme\ASUS\Net4Switch\ipsw_cfgmgr.dll () MOD - C:\Programme\ASUS\Net4Switch\LogonStartup.dll () MOD - C:\Programme\ASUS\Net4Switch\iphelper.dll () MOD - C:\Programme\ASUS\Net4Switch\ipswui.dll () MOD - C:\Programme\ASUS\Net4Switch\ipswobj.dll () MOD - C:\Programme\ASUS\Net4Switch\ipswhlp.dll () MOD - C:\Programme\ASUS\Net4Switch\ipswgblset.dll () MOD - C:\Programme\ASUS\Net4Switch\ipswds.dll () MOD - C:\Programme\ASUS\Net4Switch\ipswcore.dll () MOD - C:\Programme\ASUS\Net4Switch\cxcmrt.dll () MOD - C:\Programme\ASUS\Net4Switch\ipswresmgr.dll () MOD - C:\Programme\ASUS\Splendid\GLCDdll.dll () MOD - C:\Programme\ASUS\ASUS Live Update\ALU.exe () MOD - C:\Programme\ASUS\Net4Switch\ResItf.dll () MOD - C:\Programme\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll () MOD - C:\Programme\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll () ========== Services (SafeList) ========== SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (McODS) -- C:\Programme\McAfee\VirusScan\mcods.exe (McAfee, Inc.) SRV - (rpcnet) -- C:\Windows\System32\rpcnet.exe (Absolute Software Corp.) SRV - (mfevtp) -- C:\Windows\System32\mfevtps.exe (McAfee, Inc.) SRV - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe () SRV - (McProxy) -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV - (mcpltsvc) -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV - (McNaiAnn) -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV - (McMPFSvc) -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV - (HomeNetSvc) -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV - (mfecore) -- C:\Programme\Common Files\Mcafee\AMCore\mcshield.exe (McAfee, Inc.) SRV - (McAfee SiteAdvisor Service) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV - (nvUpdatusService) -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) SRV - (Stereo Service) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies) SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation) SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) SRV - (NIHardwareService) -- C:\Programme\Common Files\Native Instruments\Hardware\NIHardwareService.exe (Native Instruments GmbH) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (ASLDRService) -- C:\Programme\ASUS\ATK Hotkey\AsLdrSrv.exe (ASUS) SRV - (ADSMService) -- C:\Programme\ASUS\ASUS Data Security Manager\ADSMSrv.exe (ASUSTek Computer Inc.) SRV - (ATKGFNEXSrv) -- C:\Programme\ATKGFNEX\GFNEXSrv.exe () SRV - (spmgr) -- C:\Programme\ASUS\NB Probe\SPM\spmgr.exe () ========== Driver Services (SafeList) ========== DRV - (mfeavfk01) -- File not found DRV - (ipswuio) -- System32\DRIVERS\ipswuio.sys File not found DRV - (IntcAzAudAddService) -- system32\drivers\RTKVHDA.sys File not found DRV - (catchme) -- C:\Users\Micha\AppData\Local\Temp\catchme.sys File not found DRV - (am7rsanf) -- File not found DRV - (cfwids) -- C:\Windows\System32\drivers\cfwids.sys (McAfee, Inc.) DRV - (mfewfpk) -- C:\Windows\System32\drivers\mfewfpk.sys (McAfee, Inc.) DRV - (mfehidk) -- C:\Windows\System32\drivers\mfehidk.sys (McAfee, Inc.) DRV - (mfefirek) -- C:\Windows\System32\drivers\mfefirek.sys (McAfee, Inc.) DRV - (mfebopk) -- C:\Windows\System32\drivers\mfebopk.sys (McAfee, Inc.) DRV - (mfeavfk) -- C:\Windows\System32\drivers\mfeavfk.sys (McAfee, Inc.) DRV - (mfeapfk) -- C:\Windows\System32\drivers\mfeapfk.sys (McAfee, Inc.) DRV - (mfencbdc) -- C:\Windows\System32\drivers\mfencbdc.sys (McAfee, Inc.) DRV - (mfencrk) -- C:\Windows\System32\drivers\mfencrk.sys (McAfee, Inc.) DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV - (HipShieldK) -- C:\Windows\System32\drivers\HipShieldK.sys (McAfee, Inc.) DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.) DRV - (MAUSBFASTTRACK) -- C:\Windows\System32\drivers\MAudioFastTrack.sys (Avid Technology, Inc.) DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys () DRV - (taphss) -- C:\Windows\System32\drivers\taphss.sys (AnchorFree Inc) DRV - (AsDsm) -- C:\Windows\System32\drivers\AsDsm.sys (ASUSTek Computer Inc) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( ) DRV - (SiSGbeLH) -- C:\Windows\System32\drivers\SiSGB6.sys (Silicon Integrated Systems Corp.) DRV - (lullaby) -- C:\Windows\System32\drivers\lullaby.sys (Windows (R) Win 7 DDK provider) DRV - (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys () DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ASUS) DRV - (acedrv11) -- C:\Windows\System32\drivers\acedrv11.sys (Protect Software GmbH) DRV - (ghaio) -- C:\Programme\ASUS\NB Probe\SPM\ghaio.sys () DRV - (ASMMAP) -- C:\Programme\ATKGFNEX\ASMMAP.sys () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\URLSearchHook: - No CLSID value found IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\.DEFAULT\..\URLSearchHook: - No CLSID value found IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKU\S-1-5-21-2346782842-2880189148-1154082226-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-2346782842-2880189148-1154082226-1001\..\URLSearchHook: - No CLSID value found IE - HKU\S-1-5-21-2346782842-2880189148-1154082226-1001\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) IE - HKU\S-1-5-21-2346782842-2880189148-1154082226-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-2346782842-2880189148-1154082226-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-2346782842-2880189148-1154082226-1001\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd IE - HKU\S-1-5-21-2346782842-2880189148-1154082226-1001\..\SearchScopes\{79E664B5-9BE4-4794-8FA9-93106D142C5E}: "URL" = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms} IE - HKU\S-1-5-21-2346782842-2880189148-1154082226-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2346782842-2880189148-1154082226-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.facebook.com/" FF - prefs.js..extensions.enabledAddons: firefox%40ghostery.com:2.8.4 FF - prefs.js..extensions.enabledAddons: %7B4ED1F68A-5463-4931-9384-8FFF5ED91D92%7D:3.6.0 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94 FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26 FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=mcafee&p=" FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL () FF - HKLM\Software\MozillaPlugins\@mcafee.com/MVT: C:\Program Files\McAfee\Supportability\MVT\NPMVTPlugin.dll (McAfee, Inc.) FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2012.12.20 18:02:54 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.12.17 20:36:05 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.01.11 21:05:17 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.01.11 21:04:58 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.01.11 21:05:17 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.01.11 21:04:58 | 000,000,000 | ---D | M] [2010.01.26 18:37:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Micha\AppData\Roaming\mozilla\Extensions [2010.01.26 18:37:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Micha\AppData\Roaming\mozilla\Extensions\{a79fe89b-6662-4ff4-8e88-09950ad4dfde} [2013.01.08 21:17:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Micha\AppData\Roaming\mozilla\Firefox\Profiles\749obg49.default\extensions [2011.06.30 11:38:18 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Micha\AppData\Roaming\mozilla\Firefox\Profiles\749obg49.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2013.01.08 21:17:16 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\Micha\AppData\Roaming\mozilla\Firefox\Profiles\749obg49.default\extensions\firefox@ghostery.com [2012.11.15 19:54:29 | 000,328,449 | ---- | M] () (No name found) -- C:\Users\Micha\AppData\Roaming\mozilla\firefox\profiles\749obg49.default\extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}.xpi [2012.01.23 18:24:07 | 000,001,107 | ---- | M] () -- C:\Users\Micha\AppData\Roaming\mozilla\firefox\profiles\749obg49.default\searchplugins\dictcc-en-de-pocket.xml [2013.01.13 03:57:40 | 000,001,398 | ---- | M] () -- C:\Users\Micha\AppData\Roaming\mozilla\firefox\profiles\749obg49.default\searchplugins\dictcc-en-de.xml [2013.01.13 03:57:39 | 000,000,947 | ---- | M] () -- C:\Users\Micha\AppData\Roaming\mozilla\firefox\profiles\749obg49.default\searchplugins\icqplugin.xml [2013.01.11 21:04:49 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2012.12.20 18:02:54 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR [2013.01.11 21:05:16 | 000,262,704 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012.04.20 17:01:36 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.09.17 13:01:27 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012.04.20 17:01:36 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012.04.20 17:01:36 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012.04.20 22:42:30 | 000,002,027 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml [2012.04.20 17:01:36 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012.04.20 17:01:36 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2012.07.13 09:32:53 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O4 - HKLM..\Run: [ADSMTray] C:\Programme\ASUS\ASUS Data Security Manager\ADSMTray.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [AmIcoSinglun] C:\Programme\AmIcoSingLun\AmIcoSinglun.exe (AlcorMicro Co., Ltd.) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [ATKMEDIA] C:\Programme\ASUS\ATK Media\DMedia.exe (ASUS) O4 - HKLM..\Run: [ATKOSD2] C:\Programme\ASUS\ATKOSD2\ATKOSD2.exe (ASUS) O4 - HKLM..\Run: [DivXMediaServer] C:\Programme\DivX\DivX Media Server\DivXMediaServer.exe () O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [HControlUser] C:\Programme\ASUS\ATK Hotkey\HControlUser.exe (ASUS) O4 - HKLM..\Run: [M-Audio Taskbar Icon] C:\Windows\System32\M-AudioTaskBarIcon.exe (Avid Technology, Inc.) O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.) O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.) O4 - HKLM..\Run: [ROC_roc_ssl_v12] "C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12 File not found O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKU\S-1-5-21-2346782842-2880189148-1154082226-1006..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2346782842-2880189148-1154082226-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2346782842-2880189148-1154082226-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-2346782842-2880189148-1154082226-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Programme\ICQ7.1\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Programme\ICQ7.1\ICQ.exe (ICQ, LLC.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 10.7.2) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{13866C12-7E69-4E54-A0E2-F6B2B7E9BB7F}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Programme\McAfee\MSC\McSnIePl.dll (McAfee, Inc.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.01.13 21:56:44 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Micha\Desktop\OTL.exe [2013.01.13 19:41:47 | 000,000,000 | ---D | C] -- C:\Users\Micha\AppData\Roaming\McAfee [2013.01.13 13:47:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013.01.13 13:47:23 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2013.01.13 13:47:22 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2013.01.13 13:47:12 | 000,000,000 | ---D | C] -- C:\Users\Micha\AppData\Local\Programs [2013.01.13 13:46:20 | 010,156,344 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Micha\Desktop\mbam-setup-1.70.0.1100.exe [2013.01.13 13:11:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee [2013.01.12 14:47:36 | 000,000,000 | ---D | C] -- C:\Users\Micha\AppData\Roaming\NVIDIA [2013.01.11 21:04:47 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2013.01.08 21:21:51 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll [2013.01.08 21:21:32 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\System32\oflc-nz.rs [2013.01.08 21:21:31 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\System32\fpb.rs [2013.01.08 21:21:31 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\System32\csrr.rs [2013.01.08 21:21:31 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\System32\cob-au.rs [2013.01.08 21:21:30 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\System32\pegibbfc.rs [2013.01.08 21:21:30 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\System32\usk.rs [2013.01.08 21:21:30 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\System32\grb.rs [2013.01.08 21:21:30 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\System32\djctq.rs [2013.01.08 21:21:29 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll [2013.01.08 21:21:29 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi-pt.rs [2013.01.08 21:21:29 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi.rs [2013.01.08 21:21:28 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wpc.dll [2013.01.08 21:21:23 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\System32\esrb.rs [2013.01.08 21:21:22 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\System32\cero.rs [2013.01.08 21:21:22 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\System32\oflc.rs [2013.01.08 21:21:22 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi-fi.rs [2013.01.08 21:20:00 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2013.01.08 21:19:39 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll [2013.01.08 21:19:38 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe [2013.01.08 21:19:36 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll [2013.01.08 21:19:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll [2013.01.08 21:19:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll [2013.01.08 21:19:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll [2013.01.08 21:19:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll [2013.01.08 21:19:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll [2013.01.08 21:19:33 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll [2013.01.08 21:19:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll [2013.01.08 21:19:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll [2013.01.08 21:19:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll [2013.01.08 21:19:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll [2013.01.08 21:19:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll [2013.01.08 21:19:32 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll [2013.01.08 21:19:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll [2013.01.08 21:19:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll [2013.01.08 21:19:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll [2013.01.08 21:19:31 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll [2013.01.08 21:19:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll [2013.01.08 21:19:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll [2013.01.08 21:19:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll [2013.01.08 21:19:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll [2013.01.08 21:19:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll [2013.01.08 21:19:30 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll [2013.01.08 21:19:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll [2013.01.08 21:19:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll [2013.01.08 21:19:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll [2013.01.08 21:19:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll [2013.01.08 21:19:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll [2013.01.08 21:18:25 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe [2013.01.08 20:40:44 | 000,147,472 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\HipShieldK.sys [2013.01.08 20:38:06 | 000,167,344 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe [2012.12.22 17:59:04 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2012.12.22 17:59:04 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2012.12.17 20:37:59 | 000,000,000 | ---D | C] -- C:\Users\Micha\AppData\Local\DDMSettings [2010.10.24 13:17:58 | 009,535,488 | ---- | C] (Softube) -- C:\Program Files\Tube Delay.dll [2008.08.11 21:45:20 | 000,155,648 | ---- | C] (ASUS) -- C:\Program Files\Common Files\MSIactionall.dll [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.01.13 22:03:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.01.13 21:56:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Micha\Desktop\OTL.exe [2013.01.13 21:42:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.01.13 20:42:00 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.01.13 13:47:35 | 000,001,078 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.01.13 13:46:41 | 010,156,344 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Micha\Desktop\mbam-setup-1.70.0.1100.exe [2013.01.13 13:11:12 | 000,014,832 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.01.13 13:11:12 | 000,014,832 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.01.13 13:03:59 | 000,017,408 | ---- | M] () -- C:\Windows\System32\rpcnetp.exe [2013.01.13 13:03:57 | 000,058,288 | ---- | M] (Absolute Software Corp.) -- C:\Windows\System32\rpcnet.dll [2013.01.13 13:03:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.01.13 13:03:43 | 2415,345,664 | -HS- | M] () -- C:\hiberfil.sys [2013.01.12 17:21:29 | 000,000,671 | ---- | M] () -- C:\Users\Micha\Micha - Verknüpfung.lnk [2013.01.08 21:48:00 | 000,292,672 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013.01.08 21:28:00 | 000,664,868 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013.01.08 21:28:00 | 000,625,010 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013.01.08 21:28:00 | 000,135,004 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013.01.08 21:28:00 | 000,110,648 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013.01.08 21:03:53 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2013.01.08 21:03:53 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2012.12.16 15:13:28 | 000,295,424 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2012.12.16 15:13:20 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.01.13 13:47:35 | 000,001,078 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.01.12 17:21:29 | 000,000,671 | ---- | C] () -- C:\Users\Micha\Micha - Verknüpfung.lnk [2013.01.08 20:40:15 | 000,002,641 | ---- | C] () -- C:\Windows\System32\drivers\mfencrk.inf [2013.01.08 20:40:14 | 000,002,946 | ---- | C] () -- C:\Windows\System32\drivers\mfencbdc.inf [2012.08.30 09:40:14 | 000,429,416 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe [2012.07.23 16:14:53 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2012.07.23 16:14:53 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2012.07.23 16:14:53 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2012.07.23 16:14:53 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2012.07.23 16:14:53 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2012.07.19 19:18:16 | 000,000,209 | ---- | C] () -- C:\Windows\RomeTW.ini [2012.07.08 19:04:12 | 004,503,728 | ---- | C] () -- C:\ProgramData\go_0molg.pad [2012.05.22 23:47:22 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat [2011.10.01 08:48:09 | 000,007,599 | ---- | C] () -- C:\Users\Micha\AppData\Local\Resmon.ResmonCfg [2011.09.18 01:24:06 | 000,000,218 | ---- | C] () -- C:\Users\Micha\.recently-used.xbel [2011.08.19 13:48:01 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini [2011.04.30 23:42:50 | 000,668,160 | ---- | C] () -- C:\Windows\System32\autochk.exe [2011.04.06 15:22:05 | 000,004,608 | ---- | C] () -- C:\Users\Micha\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.11.27 19:46:50 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2009.04.08 10:31:56 | 000,106,496 | ---- | C] () -- C:\Program Files\Common Files\CPInstallAction.dll [2008.05.22 08:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files\Common Files\banner.jpg ========== ZeroAccess Check ========== [2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report > |
13.01.2013, 22:32 | #8 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Facebook IP greift auf PC zu? Malwarebytes Anti-Rootkit Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ Logfiles bitte immer in CODE-Tags posten |
14.01.2013, 01:33 | #9 |
| Facebook IP greift auf PC zu? Bittesehr: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.01.0.1016 www.malwarebytes.org Database version: v2013.01.13.09 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 Micha :: MICHA-PC [administrator] 14.01.2013 01:31:18 mbar-log-2013-01-14 (01-31-18).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P Scan options disabled: Objects scanned: 27571 Time elapsed: 12 minute(s), 23 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) |
14.01.2013, 08:59 | #10 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Facebook IP greift auf PC zu? 1. aswMBR Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop. Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!
Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button. 2. TDSS-Killer Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!
__________________ Logfiles bitte immer in CODE-Tags posten |
14.01.2013, 21:20 | #11 |
| Facebook IP greift auf PC zu? Hier die beiden Logs: ASW: Code:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software Run date: 2013-01-14 20:53:49 ----------------------------- 20:53:49.637 OS Version: Windows 6.1.7601 Service Pack 1 20:53:49.637 Number of processors: 2 586 0xF0D 20:53:49.653 ComputerName: MICHA-PC UserName: Micha 20:53:50.620 Initialize success 20:54:01.212 AVAST engine defs: 13011401 20:54:04.910 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1 20:54:04.925 Disk 0 Vendor: ST9320320AS 0303 Size: 305245MB BusType: 3 20:54:04.941 Disk 0 MBR read successfully 20:54:04.941 Disk 0 MBR scan 20:54:04.972 Disk 0 Windows 7 default MBR code 20:54:04.988 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 12001 MB offset 63 20:54:05.034 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 152617 MB offset 24579450 20:54:05.066 Disk 0 Partition - 00 0F Extended LBA 140623 MB offset 337140090 20:54:05.081 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 140623 MB offset 337140153 20:54:05.112 Disk 0 scanning sectors +625137345 20:54:05.253 Disk 0 scanning C:\Windows\system32\drivers 20:54:26.952 Service scanning 20:55:00.212 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32 20:55:10.336 Modules scanning 20:55:22.957 Disk 0 trace - called modules: 20:55:22.988 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll >>UNKNOWN [0xc32391f8]<< 20:55:22.988 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xc340d948] 20:55:23.003 3 CLASSPNP.SYS[bbfcb59e] -> nt!IofCallDriver -> [0xc32d3848] 20:55:23.019 5 ACPI.sys[bb7c13d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0xc32ea908] 20:55:23.019 \Driver\atapi[0xc32e03d0] -> IRP_MJ_CREATE -> 0xc32391f8 20:55:24.002 AVAST engine scan C:\Windows 20:55:27.247 AVAST engine scan C:\Windows\system32 21:00:58.410 AVAST engine scan C:\Windows\system32\drivers 21:01:26.646 AVAST engine scan C:\Users\Micha 21:06:06.403 AVAST engine scan C:\ProgramData 21:08:39.284 Scan finished successfully 21:14:01.445 Disk 0 MBR has been saved successfully to "C:\Users\Micha\Desktop\MBR.dat" 21:14:01.476 The log file has been saved successfully to "C:\Users\Micha\Desktop\aswMBRLog.txt" Code:
ATTFilter 21:14:18.0876 1732 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 21:14:20.0888 1732 ============================================================ 21:14:20.0888 1732 Current date / time: 2013/01/14 21:14:20.0888 21:14:20.0888 1732 SystemInfo: 21:14:20.0888 1732 21:14:20.0888 1732 OS Version: 6.1.7601 ServicePack: 1.0 21:14:20.0888 1732 Product type: Workstation 21:14:20.0888 1732 ComputerName: MICHA-PC 21:14:20.0888 1732 UserName: Micha 21:14:20.0888 1732 Windows directory: C:\Windows 21:14:20.0888 1732 System windows directory: C:\Windows 21:14:20.0888 1732 Processor architecture: Intel x86 21:14:20.0888 1732 Number of processors: 2 21:14:20.0888 1732 Page size: 0x1000 21:14:20.0888 1732 Boot type: Normal boot 21:14:20.0888 1732 ============================================================ 21:14:22.0558 1732 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 21:14:22.0604 1732 ============================================================ 21:14:22.0604 1732 \Device\Harddisk0\DR0: 21:14:22.0604 1732 MBR partitions: 21:14:22.0604 1732 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1770D7A, BlocksNum 0x12A14C00 21:14:22.0636 1732 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x141859B9, BlocksNum 0x112A7D08 21:14:22.0636 1732 ============================================================ 21:14:22.0698 1732 C: <-> \Device\Harddisk0\DR0\Partition1 21:14:22.0729 1732 D: <-> \Device\Harddisk0\DR0\Partition2 21:14:22.0729 1732 ============================================================ 21:14:22.0729 1732 Initialize success 21:14:22.0729 1732 ============================================================ 21:14:40.0968 1676 ============================================================ 21:14:40.0968 1676 Scan started 21:14:40.0968 1676 Mode: Manual; SigCheck; TDLFS; 21:14:40.0968 1676 ============================================================ 21:14:42.0450 1676 ================ Scan system memory ======================== 21:14:42.0450 1676 System memory - ok 21:14:42.0450 1676 ================ Scan services ============================= 21:14:42.0715 1676 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 21:14:42.0949 1676 1394ohci - ok 21:14:43.0011 1676 [ A6FE70357A68AD1E279CD1012419CCE6 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys 21:14:43.0261 1676 acedrv11 - ok 21:14:43.0308 1676 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys 21:14:43.0401 1676 ACPI - ok 21:14:43.0448 1676 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 21:14:43.0604 1676 AcpiPmi - ok 21:14:43.0854 1676 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe 21:14:44.0056 1676 AdobeARMservice - ok 21:14:44.0119 1676 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 21:14:44.0181 1676 AdobeFlashPlayerUpdateSvc - ok 21:14:44.0244 1676 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys 21:14:44.0322 1676 adp94xx - ok 21:14:44.0337 1676 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys 21:14:44.0400 1676 adpahci - ok 21:14:44.0431 1676 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys 21:14:44.0493 1676 adpu320 - ok 21:14:44.0649 1676 [ C0BF554D2277F7A4C735D475ADE2E3B2 ] ADSMService C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe 21:14:44.0696 1676 ADSMService ( UnsignedFile.Multi.Generic ) - warning 21:14:44.0696 1676 ADSMService - detected UnsignedFile.Multi.Generic (1) 21:14:44.0727 1676 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 21:14:44.0868 1676 AeLookupSvc - ok 21:14:45.0070 1676 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys 21:14:45.0195 1676 AFD - ok 21:14:45.0304 1676 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys 21:14:45.0367 1676 agp440 - ok 21:14:45.0414 1676 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys 21:14:45.0492 1676 aic78xx - ok 21:14:45.0538 1676 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe 21:14:45.0616 1676 ALG - ok 21:14:45.0648 1676 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys 21:14:45.0757 1676 aliide - ok 21:14:45.0804 1676 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys 21:14:45.0866 1676 amdagp - ok 21:14:45.0960 1676 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys 21:14:46.0038 1676 amdide - ok 21:14:46.0084 1676 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 21:14:46.0194 1676 AmdK8 - ok 21:14:46.0194 1676 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 21:14:46.0381 1676 AmdPPM - ok 21:14:46.0443 1676 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys 21:14:46.0521 1676 amdsata - ok 21:14:46.0552 1676 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys 21:14:46.0599 1676 amdsbs - ok 21:14:46.0615 1676 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys 21:14:46.0677 1676 amdxata - ok 21:14:46.0724 1676 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys 21:14:46.0849 1676 AppID - ok 21:14:46.0880 1676 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll 21:14:46.0989 1676 AppIDSvc - ok 21:14:47.0020 1676 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll 21:14:47.0130 1676 Appinfo - ok 21:14:47.0223 1676 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 21:14:47.0348 1676 Apple Mobile Device - ok 21:14:47.0410 1676 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys 21:14:47.0473 1676 arc - ok 21:14:47.0488 1676 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys 21:14:47.0535 1676 arcsas - ok 21:14:47.0551 1676 [ 104DB777372411C55850C4A2AE6877EF ] AsDsm C:\Windows\system32\drivers\AsDsm.sys 21:14:47.0691 1676 AsDsm - ok 21:14:47.0800 1676 [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe 21:14:47.0847 1676 ASLDRService - ok 21:14:47.0894 1676 [ 7B4D08D2017AC06689D422E06C43F0AA ] ASMMAP C:\Program Files\ATKGFNEX\ASMMAP.sys 21:14:47.0925 1676 ASMMAP - ok 21:14:48.0034 1676 [ 39CDCB109BF200CC8A05B9C7E6272D11 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 21:14:48.0112 1676 aspnet_state - ok 21:14:48.0128 1676 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 21:14:48.0206 1676 AsyncMac - ok 21:14:48.0253 1676 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys 21:14:48.0300 1676 atapi - ok 21:14:48.0378 1676 [ 31CB2740BFDBAC1E48E2B7EAD38F0D27 ] athr C:\Windows\system32\DRIVERS\athr.sys 21:14:48.0534 1676 athr - ok 21:14:48.0565 1676 [ 7C157574A181B19B9DCF5F339E25337E ] ATKGFNEXSrv C:\Program Files\ATKGFNEX\GFNEXSrv.exe 21:14:48.0627 1676 ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - warning 21:14:48.0627 1676 ATKGFNEXSrv - detected UnsignedFile.Multi.Generic (1) 21:14:48.0674 1676 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 21:14:48.0768 1676 AudioEndpointBuilder - ok 21:14:48.0783 1676 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll 21:14:48.0846 1676 Audiosrv - ok 21:14:48.0892 1676 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll 21:14:48.0986 1676 AxInstSV - ok 21:14:49.0033 1676 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys 21:14:49.0126 1676 b06bdrv - ok 21:14:49.0189 1676 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys 21:14:49.0236 1676 b57nd60x - ok 21:14:49.0298 1676 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll 21:14:49.0376 1676 BDESVC - ok 21:14:49.0407 1676 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys 21:14:49.0470 1676 Beep - ok 21:14:49.0516 1676 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll 21:14:49.0594 1676 BFE - ok 21:14:49.0641 1676 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\system32\qmgr.dll 21:14:49.0782 1676 BITS - ok 21:14:49.0813 1676 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 21:14:49.0860 1676 blbdrive - ok 21:14:49.0953 1676 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 21:14:50.0000 1676 Bonjour Service - ok 21:14:50.0047 1676 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 21:14:50.0140 1676 bowser - ok 21:14:50.0156 1676 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys 21:14:50.0250 1676 BrFiltLo - ok 21:14:50.0265 1676 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys 21:14:50.0374 1676 BrFiltUp - ok 21:14:50.0452 1676 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys 21:14:50.0530 1676 BridgeMP - ok 21:14:50.0577 1676 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll 21:14:50.0686 1676 Browser - ok 21:14:50.0718 1676 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys 21:14:50.0811 1676 Brserid - ok 21:14:50.0842 1676 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 21:14:50.0920 1676 BrSerWdm - ok 21:14:50.0936 1676 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 21:14:51.0014 1676 BrUsbMdm - ok 21:14:51.0030 1676 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 21:14:51.0092 1676 BrUsbSer - ok 21:14:51.0123 1676 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 21:14:51.0170 1676 BTHMODEM - ok 21:14:51.0217 1676 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll 21:14:51.0279 1676 bthserv - ok 21:14:51.0482 1676 catchme - ok 21:14:51.0513 1676 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 21:14:51.0607 1676 cdfs - ok 21:14:51.0669 1676 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 21:14:51.0747 1676 cdrom - ok 21:14:51.0794 1676 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll 21:14:51.0856 1676 CertPropSvc - ok 21:14:51.0919 1676 [ 67B20DA4727F54AEA29FDDAD810C898D ] cfwids C:\Windows\system32\drivers\cfwids.sys 21:14:51.0966 1676 cfwids - ok 21:14:51.0997 1676 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys 21:14:52.0059 1676 circlass - ok 21:14:52.0106 1676 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys 21:14:52.0153 1676 CLFS - ok 21:14:52.0200 1676 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 21:14:52.0340 1676 clr_optimization_v2.0.50727_32 - ok 21:14:52.0434 1676 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 21:14:52.0574 1676 clr_optimization_v4.0.30319_32 - ok 21:14:52.0590 1676 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 21:14:52.0652 1676 CmBatt - ok 21:14:52.0683 1676 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys 21:14:52.0730 1676 cmdide - ok 21:14:52.0746 1676 [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG C:\Windows\system32\Drivers\cng.sys 21:14:52.0808 1676 CNG - ok 21:14:52.0870 1676 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 21:14:52.0917 1676 Compbatt - ok 21:14:52.0964 1676 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 21:14:53.0011 1676 CompositeBus - ok 21:14:53.0026 1676 COMSysApp - ok 21:14:53.0042 1676 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys 21:14:53.0089 1676 crcdisk - ok 21:14:53.0136 1676 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll 21:14:53.0229 1676 CryptSvc - ok 21:14:53.0276 1676 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll 21:14:53.0354 1676 DcomLaunch - ok 21:14:53.0401 1676 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll 21:14:53.0494 1676 defragsvc - ok 21:14:53.0541 1676 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 21:14:53.0619 1676 DfsC - ok 21:14:53.0697 1676 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll 21:14:53.0838 1676 Dhcp - ok 21:14:53.0869 1676 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys 21:14:53.0947 1676 discache - ok 21:14:53.0978 1676 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys 21:14:54.0025 1676 Disk - ok 21:14:54.0056 1676 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll 21:14:54.0134 1676 Dnscache - ok 21:14:54.0165 1676 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll 21:14:54.0243 1676 dot3svc - ok 21:14:54.0274 1676 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll 21:14:54.0352 1676 DPS - ok 21:14:54.0384 1676 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 21:14:54.0462 1676 drmkaud - ok 21:14:54.0508 1676 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 21:14:54.0586 1676 DXGKrnl - ok 21:14:54.0649 1676 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll 21:14:54.0711 1676 EapHost - ok 21:14:54.0820 1676 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys 21:14:54.0961 1676 ebdrv - ok 21:14:55.0008 1676 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe 21:14:55.0117 1676 EFS - ok 21:14:55.0179 1676 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 21:14:55.0288 1676 ehRecvr - ok 21:14:55.0320 1676 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe 21:14:55.0398 1676 ehSched - ok 21:14:55.0476 1676 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys 21:14:55.0538 1676 elxstor - ok 21:14:55.0616 1676 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys 21:14:55.0788 1676 ErrDev - ok 21:14:55.0866 1676 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll 21:14:55.0944 1676 EventSystem - ok 21:14:55.0959 1676 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys 21:14:56.0053 1676 exfat - ok 21:14:56.0084 1676 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys 21:14:56.0146 1676 fastfat - ok 21:14:56.0193 1676 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe 21:14:56.0287 1676 Fax - ok 21:14:56.0302 1676 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys 21:14:56.0365 1676 fdc - ok 21:14:56.0396 1676 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll 21:14:56.0490 1676 fdPHost - ok 21:14:56.0505 1676 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll 21:14:56.0583 1676 FDResPub - ok 21:14:56.0599 1676 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 21:14:56.0661 1676 FileInfo - ok 21:14:56.0692 1676 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 21:14:56.0770 1676 Filetrace - ok 21:14:56.0770 1676 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 21:14:56.0817 1676 flpydisk - ok 21:14:56.0864 1676 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 21:14:56.0911 1676 FltMgr - ok 21:14:56.0958 1676 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll 21:14:57.0082 1676 FontCache - ok 21:14:57.0160 1676 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 21:14:57.0238 1676 FontCache3.0.0.0 - ok 21:14:57.0254 1676 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 21:14:57.0316 1676 FsDepends - ok 21:14:57.0332 1676 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 21:14:57.0394 1676 Fs_Rec - ok 21:14:57.0441 1676 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 21:14:57.0488 1676 fvevol - ok 21:14:57.0519 1676 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys 21:14:57.0566 1676 gagp30kx - ok 21:14:57.0613 1676 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 21:14:57.0660 1676 GEARAspiWDM - ok 21:14:57.0722 1676 [ 31B40F40E09513ADDC460F6A297AD474 ] ghaio C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys 21:14:57.0769 1676 ghaio - ok 21:14:57.0816 1676 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll 21:14:57.0925 1676 gpsvc - ok 21:14:57.0987 1676 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe 21:14:58.0034 1676 gupdate - ok 21:14:58.0050 1676 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe 21:14:58.0096 1676 gupdatem - ok 21:14:58.0112 1676 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 21:14:58.0206 1676 hcw85cir - ok 21:14:58.0252 1676 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 21:14:58.0299 1676 HdAudAddService - ok 21:14:58.0346 1676 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys 21:14:58.0408 1676 HDAudBus - ok 21:14:58.0440 1676 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys 21:14:58.0486 1676 HidBatt - ok 21:14:58.0502 1676 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 21:14:58.0564 1676 HidBth - ok 21:14:58.0596 1676 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 21:14:58.0642 1676 HidIr - ok 21:14:58.0674 1676 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\System32\hidserv.dll 21:14:58.0752 1676 hidserv - ok 21:14:58.0783 1676 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 21:14:58.0845 1676 HidUsb - ok 21:14:58.0892 1676 [ 8F72C4916A288485812745DC5AF873FC ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys 21:14:58.0939 1676 HipShieldK - ok 21:14:58.0970 1676 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll 21:14:59.0048 1676 hkmsvc - ok 21:14:59.0064 1676 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll 21:14:59.0142 1676 HomeGroupListener - ok 21:14:59.0173 1676 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 21:14:59.0266 1676 HomeGroupProvider - ok 21:14:59.0376 1676 [ 31FB9D7453C424D14A6C3927483E5E60 ] HomeNetSvc C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe 21:14:59.0422 1676 HomeNetSvc - ok 21:14:59.0469 1676 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 21:14:59.0516 1676 HpSAMD - ok 21:14:59.0563 1676 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys 21:14:59.0641 1676 HTTP - ok 21:14:59.0672 1676 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 21:14:59.0750 1676 hwpolicy - ok 21:14:59.0797 1676 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 21:14:59.0844 1676 i8042prt - ok 21:14:59.0875 1676 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 21:14:59.0922 1676 iaStorV - ok 21:14:59.0984 1676 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 21:15:00.0078 1676 idsvc - ok 21:15:00.0124 1676 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys 21:15:00.0171 1676 iirsp - ok 21:15:00.0234 1676 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll 21:15:00.0312 1676 IKEEXT - ok 21:15:00.0358 1676 IntcAzAudAddService - ok 21:15:00.0390 1676 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys 21:15:00.0452 1676 intelide - ok 21:15:00.0483 1676 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 21:15:00.0530 1676 intelppm - ok 21:15:00.0577 1676 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll 21:15:00.0639 1676 IPBusEnum - ok 21:15:00.0670 1676 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 21:15:00.0764 1676 IpFilterDriver - ok 21:15:00.0811 1676 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 21:15:00.0936 1676 iphlpsvc - ok 21:15:00.0982 1676 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 21:15:01.0076 1676 IPMIDRV - ok 21:15:01.0107 1676 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys 21:15:01.0185 1676 IPNAT - ok 21:15:01.0248 1676 [ E6BE7A41A28D8F2DB174957454D32448 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 21:15:01.0310 1676 iPod Service - ok 21:15:01.0326 1676 ipswuio - ok 21:15:01.0372 1676 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys 21:15:01.0466 1676 IRENUM - ok 21:15:01.0482 1676 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys 21:15:01.0544 1676 isapnp - ok 21:15:01.0575 1676 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 21:15:01.0622 1676 iScsiPrt - ok 21:15:01.0653 1676 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys 21:15:01.0747 1676 kbdclass - ok 21:15:01.0762 1676 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys 21:15:01.0856 1676 kbdhid - ok 21:15:01.0903 1676 [ 3EB803312987FF44265C87CB960DF6AB ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys 21:15:01.0981 1676 kbfiltr - ok 21:15:01.0996 1676 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe 21:15:02.0043 1676 KeyIso - ok 21:15:02.0074 1676 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 21:15:02.0121 1676 KSecDD - ok 21:15:02.0152 1676 [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 21:15:02.0246 1676 KSecPkg - ok 21:15:02.0293 1676 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll 21:15:02.0371 1676 KtmRm - ok 21:15:02.0402 1676 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\System32\srvsvc.dll 21:15:02.0496 1676 LanmanServer - ok 21:15:02.0511 1676 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 21:15:02.0620 1676 LanmanWorkstation - ok 21:15:02.0667 1676 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 21:15:02.0730 1676 lltdio - ok 21:15:02.0776 1676 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll 21:15:02.0854 1676 lltdsvc - ok 21:15:02.0886 1676 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll 21:15:02.0964 1676 lmhosts - ok 21:15:03.0010 1676 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys 21:15:03.0057 1676 LSI_FC - ok 21:15:03.0073 1676 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys 21:15:03.0135 1676 LSI_SAS - ok 21:15:03.0135 1676 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys 21:15:03.0198 1676 LSI_SAS2 - ok 21:15:03.0213 1676 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys 21:15:03.0276 1676 LSI_SCSI - ok 21:15:03.0322 1676 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys 21:15:03.0400 1676 luafv - ok 21:15:03.0463 1676 [ 969D61D7463D78037DC6B020A435FC0C ] lullaby C:\Windows\system32\DRIVERS\lullaby.sys 21:15:03.0510 1676 lullaby - ok 21:15:03.0556 1676 [ 862D7BD3BE3399670A7E3358CE7E6344 ] MAUSBFASTTRACK C:\Windows\system32\DRIVERS\MAudioFastTrack.sys 21:15:03.0619 1676 MAUSBFASTTRACK - ok 21:15:03.0666 1676 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys 21:15:03.0712 1676 MBAMProtector - ok 21:15:03.0759 1676 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe 21:15:03.0822 1676 MBAMScheduler - ok 21:15:03.0853 1676 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe 21:15:03.0915 1676 MBAMService - ok 21:15:03.0993 1676 [ ECAB006AC6136F1307E140B633CDB8C2 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe 21:15:04.0040 1676 McAfee SiteAdvisor Service - ok 21:15:04.0071 1676 [ 31FB9D7453C424D14A6C3927483E5E60 ] McMPFSvc C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe 21:15:04.0118 1676 McMPFSvc - ok 21:15:04.0149 1676 [ 31FB9D7453C424D14A6C3927483E5E60 ] McNaiAnn C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe 21:15:04.0196 1676 McNaiAnn - ok 21:15:04.0290 1676 [ 2D5BA691B249789E70ED787B8C769A53 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe 21:15:04.0336 1676 McODS - ok 21:15:04.0368 1676 [ 31FB9D7453C424D14A6C3927483E5E60 ] mcpltsvc C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe 21:15:04.0414 1676 mcpltsvc - ok 21:15:04.0461 1676 [ 31FB9D7453C424D14A6C3927483E5E60 ] McProxy C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe 21:15:04.0508 1676 McProxy - ok 21:15:04.0539 1676 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 21:15:04.0602 1676 Mcx2Svc - ok 21:15:04.0617 1676 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys 21:15:04.0680 1676 megasas - ok 21:15:04.0711 1676 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys 21:15:04.0758 1676 MegaSR - ok 21:15:04.0836 1676 [ BA3004F4C0A0CD19DB9C2C0AB3A84EFE ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys 21:15:04.0882 1676 mfeapfk - ok 21:15:04.0929 1676 [ 39C20B7D9AC19BFE616CA09DD3A240AF ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys 21:15:04.0976 1676 mfeavfk - ok 21:15:05.0007 1676 mfeavfk01 - ok 21:15:05.0023 1676 [ E3470DECDA0A4015A0CA00ED645F2EBE ] mfebopk C:\Windows\system32\drivers\mfebopk.sys 21:15:05.0085 1676 mfebopk - ok 21:15:05.0132 1676 [ A687B3EEED3E8B305AC247DEC61EE362 ] mfecore C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe 21:15:05.0194 1676 mfecore - ok 21:15:05.0272 1676 [ 4E13EA496E202BCB4FCC342D96FAF83A ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe 21:15:05.0335 1676 mfefire - ok 21:15:05.0397 1676 [ C8AC8147E02ED8795E1FD946165BACCF ] mfefirek C:\Windows\system32\drivers\mfefirek.sys 21:15:05.0444 1676 mfefirek - ok 21:15:05.0506 1676 [ 7AAF92954D8D2801B17A1163C60ABFE9 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys 21:15:05.0569 1676 mfehidk - ok 21:15:05.0647 1676 [ 7401E85D5D4B5B0F6A3098EBEE0639AA ] mfencbdc C:\Windows\system32\DRIVERS\mfencbdc.sys 21:15:05.0694 1676 mfencbdc - ok 21:15:05.0725 1676 [ 439B06E366643B32D549B939780742BE ] mfencrk C:\Windows\system32\DRIVERS\mfencrk.sys 21:15:05.0787 1676 mfencrk - ok 21:15:05.0818 1676 [ 82B7415D5A8FB24D3F6736400F5E1600 ] mfevtp C:\Windows\system32\mfevtps.exe 21:15:05.0881 1676 mfevtp - ok 21:15:05.0928 1676 [ 15F92BCD5CB189F5CC7D2F2381F179AC ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys 21:15:05.0990 1676 mfewfpk - ok 21:15:06.0021 1676 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll 21:15:06.0099 1676 MMCSS - ok 21:15:06.0130 1676 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys 21:15:06.0255 1676 Modem - ok 21:15:06.0302 1676 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 21:15:06.0364 1676 monitor - ok 21:15:06.0396 1676 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 21:15:06.0442 1676 mouclass - ok 21:15:06.0474 1676 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 21:15:06.0536 1676 mouhid - ok 21:15:06.0567 1676 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 21:15:06.0614 1676 mountmgr - ok 21:15:06.0692 1676 [ 730A519505621DF46BCBF9CDAC9FB6AD ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 21:15:06.0754 1676 MozillaMaintenance - ok 21:15:06.0801 1676 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys 21:15:06.0848 1676 mpio - ok 21:15:06.0879 1676 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 21:15:06.0973 1676 mpsdrv - ok 21:15:07.0020 1676 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll 21:15:07.0098 1676 MpsSvc - ok 21:15:07.0129 1676 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 21:15:07.0222 1676 MRxDAV - ok 21:15:07.0254 1676 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 21:15:07.0332 1676 mrxsmb - ok 21:15:07.0363 1676 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 21:15:07.0425 1676 mrxsmb10 - ok 21:15:07.0441 1676 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 21:15:07.0503 1676 mrxsmb20 - ok 21:15:07.0550 1676 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys 21:15:07.0612 1676 msahci - ok 21:15:07.0644 1676 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys 21:15:07.0706 1676 msdsm - ok 21:15:07.0722 1676 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe 21:15:07.0800 1676 MSDTC - ok 21:15:07.0846 1676 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys 21:15:07.0924 1676 Msfs - ok 21:15:07.0940 1676 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 21:15:08.0018 1676 mshidkmdf - ok 21:15:08.0034 1676 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 21:15:08.0096 1676 msisadrv - ok 21:15:08.0143 1676 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 21:15:08.0221 1676 MSiSCSI - ok 21:15:08.0236 1676 msiserver - ok 21:15:08.0283 1676 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 21:15:08.0377 1676 MSKSSRV - ok 21:15:08.0408 1676 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 21:15:08.0486 1676 MSPCLOCK - ok 21:15:08.0517 1676 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 21:15:08.0595 1676 MSPQM - ok 21:15:08.0611 1676 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 21:15:08.0673 1676 MsRPC - ok 21:15:08.0704 1676 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 21:15:08.0751 1676 mssmbios - ok 21:15:08.0782 1676 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 21:15:08.0845 1676 MSTEE - ok 21:15:08.0860 1676 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys 21:15:08.0923 1676 MTConfig - ok 21:15:08.0954 1676 [ 2E71504A74BE4E3D4EA94568EFF7556E ] MTsensor C:\Windows\system32\DRIVERS\ATKACPI.sys 21:15:09.0001 1676 MTsensor - ok 21:15:09.0016 1676 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys 21:15:09.0063 1676 Mup - ok 21:15:09.0110 1676 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll 21:15:09.0188 1676 napagent - ok 21:15:09.0235 1676 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 21:15:09.0313 1676 NativeWifiP - ok 21:15:09.0360 1676 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys 21:15:09.0438 1676 NDIS - ok 21:15:09.0469 1676 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 21:15:09.0562 1676 NdisCap - ok 21:15:09.0594 1676 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 21:15:09.0656 1676 NdisTapi - ok 21:15:09.0703 1676 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 21:15:09.0750 1676 Ndisuio - ok 21:15:09.0812 1676 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 21:15:09.0890 1676 NdisWan - ok 21:15:09.0921 1676 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 21:15:09.0984 1676 NDProxy - ok 21:15:10.0015 1676 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 21:15:10.0093 1676 NetBIOS - ok 21:15:10.0124 1676 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 21:15:10.0218 1676 NetBT - ok 21:15:10.0249 1676 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe 21:15:10.0296 1676 Netlogon - ok 21:15:10.0358 1676 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll 21:15:10.0467 1676 Netman - ok 21:15:10.0498 1676 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll 21:15:10.0576 1676 netprofm - ok 21:15:10.0623 1676 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 21:15:10.0670 1676 NetTcpPortSharing - ok 21:15:10.0701 1676 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys 21:15:10.0748 1676 nfrd960 - ok 21:15:10.0935 1676 [ 25C774E9C3AB49C741FD413857CCE6C6 ] NIHardwareService C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe 21:15:11.0076 1676 NIHardwareService ( UnsignedFile.Multi.Generic ) - warning 21:15:11.0076 1676 NIHardwareService - detected UnsignedFile.Multi.Generic (1) 21:15:11.0107 1676 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll 21:15:11.0200 1676 NlaSvc - ok 21:15:11.0232 1676 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys 21:15:11.0310 1676 Npfs - ok 21:15:11.0341 1676 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll 21:15:11.0419 1676 nsi - ok 21:15:11.0450 1676 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 21:15:11.0512 1676 nsiproxy - ok 21:15:11.0575 1676 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 21:15:11.0668 1676 Ntfs - ok 21:15:11.0715 1676 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys 21:15:11.0793 1676 Null - ok 21:15:12.0105 1676 [ D3F22DA8F670EFD15D348B5952769CEF ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 21:15:12.0526 1676 nvlddmkm - ok 21:15:12.0573 1676 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys 21:15:12.0636 1676 nvraid - ok 21:15:12.0682 1676 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys 21:15:12.0729 1676 nvstor - ok 21:15:12.0792 1676 [ A3B80E6B7CDE9660F639658739A5824E ] nvsvc C:\Windows\system32\nvvsvc.exe 21:15:12.0870 1676 nvsvc - ok 21:15:12.0932 1676 [ 61FF84F865B4414EFDC11856BF5757AD ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe 21:15:13.0010 1676 nvUpdatusService - ok 21:15:13.0041 1676 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 21:15:13.0088 1676 nv_agp - ok 21:15:13.0119 1676 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 21:15:13.0197 1676 ohci1394 - ok 21:15:13.0244 1676 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 21:15:13.0306 1676 p2pimsvc - ok 21:15:13.0353 1676 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll 21:15:13.0416 1676 p2psvc - ok 21:15:13.0447 1676 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys 21:15:13.0509 1676 Parport - ok 21:15:13.0556 1676 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys 21:15:13.0603 1676 partmgr - ok 21:15:13.0634 1676 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys 21:15:13.0681 1676 Parvdm - ok 21:15:13.0696 1676 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll 21:15:13.0790 1676 PcaSvc - ok 21:15:13.0806 1676 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys 21:15:13.0868 1676 pci - ok 21:15:13.0899 1676 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys 21:15:13.0930 1676 pciide - ok 21:15:13.0962 1676 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 21:15:14.0024 1676 pcmcia - ok 21:15:14.0040 1676 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys 21:15:14.0086 1676 pcw - ok 21:15:14.0118 1676 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys 21:15:14.0196 1676 PEAUTH - ok 21:15:14.0289 1676 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll 21:15:14.0398 1676 pla - ok 21:15:14.0430 1676 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll 21:15:14.0570 1676 PlugPlay - ok 21:15:14.0601 1676 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 21:15:14.0664 1676 PNRPAutoReg - ok 21:15:14.0679 1676 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 21:15:14.0742 1676 PNRPsvc - ok 21:15:14.0788 1676 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 21:15:14.0851 1676 PolicyAgent - ok 21:15:14.0898 1676 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll 21:15:14.0976 1676 Power - ok 21:15:15.0022 1676 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 21:15:15.0116 1676 PptpMiniport - ok 21:15:15.0132 1676 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys 21:15:15.0178 1676 Processor - ok 21:15:15.0210 1676 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll 21:15:15.0303 1676 ProfSvc - ok 21:15:15.0334 1676 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe 21:15:15.0381 1676 ProtectedStorage - ok 21:15:15.0412 1676 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys 21:15:15.0506 1676 Psched - ok 21:15:15.0553 1676 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys 21:15:15.0678 1676 ql2300 - ok 21:15:15.0724 1676 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys 21:15:15.0787 1676 ql40xx - ok 21:15:15.0818 1676 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll 21:15:15.0927 1676 QWAVE - ok 21:15:15.0958 1676 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 21:15:16.0021 1676 QWAVEdrv - ok 21:15:16.0052 1676 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 21:15:16.0130 1676 RasAcd - ok 21:15:16.0161 1676 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 21:15:16.0239 1676 RasAgileVpn - ok 21:15:16.0270 1676 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll 21:15:16.0348 1676 RasAuto - ok 21:15:16.0395 1676 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 21:15:16.0489 1676 Rasl2tp - ok 21:15:16.0536 1676 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll 21:15:16.0707 1676 RasMan - ok 21:15:16.0754 1676 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 21:15:16.0957 1676 RasPppoe - ok 21:15:17.0253 1676 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 21:15:17.0362 1676 RasSstp - ok 21:15:17.0394 1676 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 21:15:17.0456 1676 rdbss - ok 21:15:17.0503 1676 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 21:15:17.0565 1676 rdpbus - ok 21:15:17.0612 1676 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 21:15:17.0690 1676 RDPCDD - ok 21:15:17.0737 1676 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 21:15:17.0784 1676 RDPENCDD - ok 21:15:17.0815 1676 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 21:15:17.0877 1676 RDPREFMP - ok 21:15:17.0908 1676 [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 21:15:17.0986 1676 RdpVideoMiniport - ok 21:15:18.0002 1676 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 21:15:18.0096 1676 RDPWD - ok 21:15:18.0142 1676 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 21:15:18.0220 1676 rdyboost - ok 21:15:18.0252 1676 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll 21:15:18.0361 1676 RemoteAccess - ok 21:15:18.0392 1676 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll 21:15:18.0470 1676 RemoteRegistry - ok 21:15:18.0501 1676 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 21:15:18.0595 1676 RpcEptMapper - ok 21:15:18.0626 1676 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe 21:15:18.0704 1676 RpcLocator - ok 21:15:18.0735 1676 [ 6684437F3628EF237C354F77D33426D1 ] rpcnet C:\Windows\system32\rpcnet.exe 21:15:18.0922 1676 rpcnet - ok 21:15:18.0938 1676 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll 21:15:19.0016 1676 RpcSs - ok 21:15:19.0047 1676 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 21:15:19.0141 1676 rspndr - ok 21:15:19.0156 1676 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe 21:15:19.0219 1676 SamSs - ok 21:15:19.0250 1676 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 21:15:19.0312 1676 sbp2port - ok 21:15:19.0328 1676 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll 21:15:19.0422 1676 SCardSvr - ok 21:15:19.0437 1676 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 21:15:19.0531 1676 scfilter - ok 21:15:19.0578 1676 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll 21:15:19.0671 1676 Schedule - ok 21:15:19.0718 1676 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll 21:15:19.0796 1676 SCPolicySvc - ok 21:15:19.0827 1676 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll 21:15:19.0921 1676 SDRSVC - ok 21:15:19.0968 1676 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys 21:15:20.0046 1676 secdrv - ok 21:15:20.0092 1676 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll 21:15:20.0186 1676 seclogon - ok 21:15:20.0202 1676 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\system32\sens.dll 21:15:20.0311 1676 SENS - ok 21:15:20.0326 1676 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll 21:15:20.0436 1676 SensrSvc - ok 21:15:20.0467 1676 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 21:15:20.0545 1676 Serenum - ok 21:15:20.0545 1676 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys 21:15:20.0607 1676 Serial - ok 21:15:20.0670 1676 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys 21:15:20.0716 1676 sermouse - ok 21:15:20.0763 1676 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll 21:15:20.0857 1676 SessionEnv - ok 21:15:20.0888 1676 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 21:15:20.0950 1676 sffdisk - ok 21:15:20.0982 1676 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 21:15:21.0044 1676 sffp_mmc - ok 21:15:21.0060 1676 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 21:15:21.0122 1676 sffp_sd - ok 21:15:21.0153 1676 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 21:15:21.0200 1676 sfloppy - ok 21:15:21.0278 1676 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll 21:15:21.0372 1676 SharedAccess - ok 21:15:21.0403 1676 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 21:15:21.0496 1676 ShellHWDetection - ok 21:15:21.0528 1676 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys 21:15:21.0574 1676 sisagp - ok 21:15:21.0621 1676 [ 6F0C643C7F49F2091B01D014EAE72E1A ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSGB6.sys 21:15:21.0699 1676 SiSGbeLH - ok 21:15:21.0730 1676 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys 21:15:21.0793 1676 SiSRaid2 - ok 21:15:21.0793 1676 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys 21:15:21.0855 1676 SiSRaid4 - ok 21:15:21.0902 1676 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe 21:15:21.0949 1676 SkypeUpdate - ok 21:15:21.0949 1676 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys 21:15:22.0027 1676 Smb - ok 21:15:22.0089 1676 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 21:15:22.0152 1676 SNMPTRAP - ok 21:15:22.0230 1676 [ 1A122A796DF161477D70CA9088A842EB ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys 21:15:22.0323 1676 SNP2UVC - ok 21:15:22.0386 1676 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys 21:15:22.0464 1676 spldr - ok 21:15:22.0557 1676 [ 739DB668DBD812285ECC553E64A5E212 ] spmgr C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe 21:15:22.0604 1676 spmgr - ok 21:15:22.0635 1676 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe 21:15:22.0729 1676 Spooler - ok 21:15:22.0838 1676 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe 21:15:23.0025 1676 sppsvc - ok 21:15:23.0072 1676 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll 21:15:23.0181 1676 sppuinotify - ok 21:15:23.0244 1676 [ CDDDEC541BC3C96F91ECB48759673505 ] sptd C:\Windows\system32\Drivers\sptd.sys 21:15:23.0244 1676 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505 21:15:23.0259 1676 sptd ( LockedFile.Multi.Generic ) - warning 21:15:23.0259 1676 sptd - detected LockedFile.Multi.Generic (1) 21:15:23.0275 1676 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys 21:15:23.0384 1676 srv - ok 21:15:23.0446 1676 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 21:15:23.0524 1676 srv2 - ok 21:15:23.0556 1676 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 21:15:23.0618 1676 srvnet - ok 21:15:23.0649 1676 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 21:15:23.0727 1676 SSDPSRV - ok 21:15:23.0758 1676 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll 21:15:23.0852 1676 SstpSvc - ok 21:15:23.0899 1676 Steam Client Service - ok 21:15:23.0992 1676 [ A766CCAD980235FF34E7F8089D3175A3 ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 21:15:24.0039 1676 Stereo Service - ok 21:15:24.0070 1676 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys 21:15:24.0117 1676 stexstor - ok 21:15:24.0164 1676 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll 21:15:24.0258 1676 StiSvc - ok 21:15:24.0289 1676 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys 21:15:24.0336 1676 swenum - ok 21:15:24.0382 1676 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll 21:15:24.0476 1676 swprv - ok 21:15:24.0523 1676 [ 3F4982DE07D89A1084861E9D59F7EBB1 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys 21:15:24.0570 1676 SynTP - ok 21:15:24.0632 1676 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll 21:15:24.0741 1676 SysMain - ok 21:15:24.0772 1676 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll 21:15:24.0850 1676 TabletInputService - ok 21:15:24.0897 1676 [ 0C3B2A9C4BD2DD9A6C2E4084314DD719 ] taphss C:\Windows\system32\DRIVERS\taphss.sys 21:15:24.0944 1676 taphss - ok 21:15:24.0975 1676 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll 21:15:25.0084 1676 TapiSrv - ok 21:15:25.0131 1676 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll 21:15:25.0225 1676 TBS - ok 21:15:25.0287 1676 [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 21:15:25.0381 1676 Tcpip - ok 21:15:25.0443 1676 [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 21:15:25.0506 1676 TCPIP6 - ok 21:15:25.0537 1676 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 21:15:25.0584 1676 tcpipreg - ok 21:15:25.0615 1676 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 21:15:25.0708 1676 TDPIPE - ok 21:15:25.0724 1676 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 21:15:25.0786 1676 TDTCP - ok 21:15:25.0818 1676 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 21:15:25.0880 1676 tdx - ok 21:15:25.0927 1676 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys 21:15:25.0974 1676 TermDD - ok 21:15:26.0020 1676 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll 21:15:26.0130 1676 TermService - ok 21:15:26.0176 1676 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll 21:15:26.0254 1676 Themes - ok 21:15:26.0270 1676 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll 21:15:26.0348 1676 THREADORDER - ok 21:15:26.0364 1676 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll 21:15:26.0457 1676 TrkWks - ok 21:15:26.0520 1676 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 21:15:26.0644 1676 TrustedInstaller - ok 21:15:26.0676 1676 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 21:15:26.0769 1676 tssecsrv - ok 21:15:26.0847 1676 [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 21:15:26.0925 1676 TsUsbFlt - ok 21:15:26.0988 1676 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 21:15:27.0081 1676 tunnel - ok 21:15:27.0112 1676 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 21:15:27.0159 1676 uagp35 - ok 21:15:27.0190 1676 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys 21:15:27.0268 1676 udfs - ok 21:15:27.0300 1676 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe 21:15:27.0362 1676 UI0Detect - ok 21:15:27.0378 1676 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 21:15:27.0440 1676 uliagpkx - ok 21:15:27.0456 1676 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys 21:15:27.0580 1676 umbus - ok 21:15:27.0643 1676 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 21:15:27.0705 1676 UmPass - ok 21:15:27.0752 1676 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll 21:15:27.0846 1676 upnphost - ok 21:15:27.0908 1676 [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 21:15:27.0970 1676 usbaudio - ok 21:15:28.0002 1676 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 21:15:28.0080 1676 usbccgp - ok 21:15:28.0111 1676 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys 21:15:28.0158 1676 usbcir - ok 21:15:28.0189 1676 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 21:15:28.0251 1676 usbehci - ok 21:15:28.0314 1676 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 21:15:28.0376 1676 usbhub - ok 21:15:28.0407 1676 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys 21:15:28.0454 1676 usbohci - ok 21:15:28.0485 1676 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 21:15:28.0548 1676 usbprint - ok 21:15:28.0579 1676 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 21:15:28.0688 1676 USBSTOR - ok 21:15:28.0688 1676 [ 78780C3EBCE17405B1CCD07A3A8A7D72 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys 21:15:28.0766 1676 usbuhci - ok 21:15:28.0797 1676 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys 21:15:28.0860 1676 usbvideo - ok 21:15:28.0891 1676 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll 21:15:28.0953 1676 UxSms - ok 21:15:28.0969 1676 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe 21:15:29.0031 1676 VaultSvc - ok 21:15:29.0062 1676 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 21:15:29.0109 1676 vdrvroot - ok 21:15:29.0156 1676 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe 21:15:29.0281 1676 vds - ok 21:15:29.0296 1676 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 21:15:29.0359 1676 vga - ok 21:15:29.0390 1676 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys 21:15:29.0468 1676 VgaSave - ok 21:15:29.0499 1676 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 21:15:29.0562 1676 vhdmp - ok 21:15:29.0593 1676 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys 21:15:29.0640 1676 viaagp - ok 21:15:29.0671 1676 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys 21:15:29.0733 1676 ViaC7 - ok 21:15:29.0749 1676 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys 21:15:29.0811 1676 viaide - ok 21:15:29.0827 1676 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys 21:15:29.0874 1676 volmgr - ok 21:15:29.0889 1676 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 21:15:29.0952 1676 volmgrx - ok 21:15:29.0967 1676 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys 21:15:30.0030 1676 volsnap - ok 21:15:30.0045 1676 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys 21:15:30.0123 1676 vsmraid - ok 21:15:30.0186 1676 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe 21:15:30.0295 1676 VSS - ok 21:15:30.0295 1676 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 21:15:30.0373 1676 vwifibus - ok 21:15:30.0404 1676 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 21:15:30.0466 1676 vwififlt - ok 21:15:30.0513 1676 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll 21:15:30.0591 1676 W32Time - ok 21:15:30.0607 1676 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys 21:15:30.0685 1676 WacomPen - ok 21:15:30.0747 1676 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 21:15:30.0810 1676 WANARP - ok 21:15:30.0810 1676 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 21:15:30.0888 1676 Wanarpv6 - ok 21:15:30.0966 1676 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 21:15:31.0059 1676 WatAdminSvc - ok 21:15:31.0122 1676 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe 21:15:31.0262 1676 wbengine - ok 21:15:31.0309 1676 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 21:15:31.0402 1676 WbioSrvc - ok 21:15:31.0434 1676 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll 21:15:31.0512 1676 wcncsvc - ok 21:15:31.0527 1676 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 21:15:31.0605 1676 WcsPlugInService - ok 21:15:31.0636 1676 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys 21:15:31.0699 1676 Wd - ok 21:15:31.0792 1676 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 21:15:31.0886 1676 Wdf01000 - ok 21:15:31.0917 1676 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll 21:15:32.0104 1676 WdiServiceHost - ok 21:15:32.0104 1676 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll 21:15:32.0167 1676 WdiSystemHost - ok 21:15:32.0198 1676 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll 21:15:32.0292 1676 WebClient - ok 21:15:32.0323 1676 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll 21:15:32.0401 1676 Wecsvc - ok 21:15:32.0432 1676 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll 21:15:32.0510 1676 wercplsupport - ok 21:15:32.0557 1676 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll 21:15:32.0635 1676 WerSvc - ok 21:15:32.0806 1676 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 21:15:32.0869 1676 WfpLwf - ok 21:15:33.0009 1676 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys 21:15:33.0056 1676 WIMMount - ok 21:15:33.0134 1676 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll 21:15:33.0212 1676 WinDefend - ok 21:15:33.0228 1676 WinHttpAutoProxySvc - ok 21:15:33.0306 1676 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 21:15:33.0399 1676 Winmgmt - ok 21:15:33.0462 1676 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll 21:15:33.0586 1676 WinRM - ok 21:15:33.0649 1676 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll 21:15:33.0852 1676 Wlansvc - ok 21:15:33.0883 1676 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 21:15:33.0961 1676 WmiAcpi - ok 21:15:33.0992 1676 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 21:15:34.0070 1676 wmiApSrv - ok 21:15:34.0148 1676 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe 21:15:34.0226 1676 WMPNetworkSvc - ok 21:15:34.0273 1676 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll 21:15:34.0366 1676 WPCSvc - ok 21:15:34.0398 1676 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 21:15:34.0507 1676 WPDBusEnum - ok 21:15:34.0538 1676 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 21:15:34.0600 1676 ws2ifsl - ok 21:15:34.0632 1676 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\system32\wscsvc.dll 21:15:34.0694 1676 wscsvc - ok 21:15:34.0694 1676 WSearch - ok 21:15:34.0772 1676 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll 21:15:34.0897 1676 wuauserv - ok 21:15:34.0928 1676 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 21:15:34.0990 1676 WudfPf - ok 21:15:35.0037 1676 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 21:15:35.0115 1676 WUDFRd - ok 21:15:35.0162 1676 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 21:15:35.0209 1676 wudfsvc - ok 21:15:35.0256 1676 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll 21:15:35.0318 1676 WwanSvc - ok 21:15:35.0334 1676 ================ Scan global =============================== 21:15:35.0365 1676 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll 21:15:35.0380 1676 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll 21:15:35.0490 1676 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll 21:15:35.0521 1676 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll 21:15:35.0568 1676 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe 21:15:35.0583 1676 [Global] - ok 21:15:35.0583 1676 ================ Scan MBR ================================== 21:15:35.0599 1676 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 21:15:36.0067 1676 \Device\Harddisk0\DR0 - ok 21:15:36.0067 1676 ================ Scan VBR ================================== 21:15:36.0082 1676 [ 559AD70701ACDEAE391D3FD4477873FD ] \Device\Harddisk0\DR0\Partition1 21:15:36.0082 1676 \Device\Harddisk0\DR0\Partition1 - ok 21:15:36.0082 1676 [ 1576D690C23A899537FD15EE974096D6 ] \Device\Harddisk0\DR0\Partition2 21:15:36.0082 1676 \Device\Harddisk0\DR0\Partition2 - ok 21:15:36.0082 1676 ============================================================ 21:15:36.0082 1676 Scan finished 21:15:36.0082 1676 ============================================================ 21:15:36.0098 4928 Detected object count: 4 21:15:36.0098 4928 Actual detected object count: 4 21:15:53.0555 4928 ADSMService ( UnsignedFile.Multi.Generic ) - skipped by user 21:15:53.0555 4928 ADSMService ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:15:53.0570 4928 ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - skipped by user 21:15:53.0570 4928 ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:15:53.0570 4928 NIHardwareService ( UnsignedFile.Multi.Generic ) - skipped by user 21:15:53.0570 4928 NIHardwareService ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:15:53.0570 4928 sptd ( LockedFile.Multi.Generic ) - skipped by user 21:15:53.0570 4928 sptd ( LockedFile.Multi.Generic ) - User select action: Skip |
14.01.2013, 22:21 | #12 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Facebook IP greift auf PC zu? Bislang alles sehr unauffällig Kann es sein, dass andere in deinem Heimnetz Facebook nutzen?
__________________ Logfiles bitte immer in CODE-Tags posten |
15.01.2013, 01:33 | #13 |
| Facebook IP greift auf PC zu? Hab mich halt gewundert. Die anderen IPs kamen dann ja auch von verschiedensten Orten. Kann folgendes möglich sein? Ich habe bei Fb als Standard die sichere Verbindung, bei der das Gerät identifiziert werden muss. Dort muss man ja ein Gerät anmelden. Ich kriege aber jedes mal, wenn ich mich einlogge den Screen bei dem man das Gerät angeben muss. Dachte immer, das passiert, weil die ne fixe IP abfragen. Kann es aber sein, dass die meinen PC anpingen bzw ne MAC abrufen wollen? |
Themen zu Facebook IP greift auf PC zu? |
aktiviert, diverse, festgestellt, geblockt, gen, gestern, greift, konnte, konto, mcafee, melde, meldungen, nichts, port, sekunden, sichere, sicheren, täglich, verbindung, verbindungen, versuche, versucht, verweisen, wirklich, worte |