Facebook IP greift auf PC zu?

Gersh · 12.01.2013, 12:41

Hallo!

Hatte gestern abend kurz eine Ping-Explosion für einige Sekunden und nen Freeze. Danach meldete McAfee, dass ein PC versuche eine Verbindung herzustellen.

Habe mir jetzt mal die letzten Meldungen zu blockierten eingehenden Verbindungen angesehen und festgestellt, dass mehrmals täglich diverse IPs geblockt wurden. Die IPs verweisen alle auf facebook selbst.

Zur Info: ich war nicht bei facebook eingeloggt, als die Meldug gestern kam.

Ich kann mit den Meldungen von McAffee leider auch nicht wirklich was anfangen. Es heisst nur, von IP xy sei versucht worden auf den Port zuzugreifen.

Weiss jemand, was da vor sich geht? Ist das "normal"? Habe im Netz nicht wirklich was dazu gefunden.

Ich konnte bisher nicht feststellen, dass jemand an meinem Konto rumgefuhrwerkt hätte. Hab dort auch die Meldungen und sicheren Verbindungen aktiviert und da ist mir bisher nichts aufgefallen.

Bin für jeden Tipp sehr, sehr dankbar.

cosinus · 12.01.2013, 16:14

Ohne die Logs deiner McAfee-Firewall wird das ziemlicher

Gersh · 12.01.2013, 17:33

Das würde ich gerne, finde die file aber nicht. Hab heute schon eine Stunde gesucht

Seit dem letzten Interfaceupdate gibt es keine direkte Verbindung. Ich kann mir die Ereignisse zwar im Interface anzeigen lassen, aber dort kann ich nix damit tun.

In den entsprechenden Ordnern ist auch nichts zu finden ausser haufenweise Updatelogs.

Im Internet fand ich bisher auch nichts sinnvolles dazu.

cosinus · 12.01.2013, 17:52

Dann können nichts zu deiner Ausgangsfrage sagen

Andere Fragen? Hattest du vllt mal Virenfunde?

Gersh · 12.01.2013, 18:53

Ja sorry, hört sich sicher total doof an, aber ich finds halt wirklich nicht.

Das einzige was ich auslesen kann, sind die Logs im Interface.

Ich schreibe mal was ab:

Verdächtige eingehende Netzwerkverbindung blockiert 12.01.2013 15:42:13
Ausgangs-IP-Adresse: 69.171.235.16

Verdächtige eingehende Netzwerkverbindung blockiert 12.01.2013 15:04:07
Ausgangs-IP-Adresse: 85.183.195.227

Verdächtige eingehende Netzwerkverbindung blockiert 12.01.2013 13:57:43
Ausgangs-IP-Adresse: 173.194.69.102

Verdächtige eingehende Netzwerkverbindung blockiert 11.01.2013 23:45:34
Ausgangs-IP-Adresse: 69.171.235.16

Verdächtige eingehende Netzwerkverbindung blockiert 11.01.2013 23:45:11
Ausgangs-IP-Adresse: 31.13.64.23

Virenfunde hatte ich mit McAfee seit Ewigkeiten keine. Im Frühsommer habe ich mir mal nen DriveBy BKA inkl Cam Virus eingefangen. Danach hatte ich mehrere Scans mit McAfee, Malwarebites usw gemacht bis nix mehr gefunden wurde, dann Zurücksetzung des Betriebssystems und danach weitere Scans, aber es wurde seither nie was gefunden.

Ich nutze kein Torrents oder ähnliches und lade ausser offizielle Updates für Win, McAfee, Games, etc nichts herunter. Kein Spammails geöffnet, nix. Kanns mir also nicht wirklich erklären. Vllt sind das ja auch "normale" Vorgänge, k.a.

Gestern war nichts mehr und heute gerade vorhin den PC angemacht:

Verdächtige eingehende Netzwerkverbindung blockiert 13.01.2013 13:16:40
Ausgangs-IP-Adresse: 108.61.5.130

Und 5 mal um 13:16:39

Neue Info:

Malwarebytes findet nichts:

Zitat:

Malwarebytes Anti-Malware 1.70.0.1100
Malwarebytes : Free Anti-Malware download

Datenbank Version: v2013.01.13.03

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421

13.01.2013 13:49:05
mbam-log-2013-01-13 (13-49-05).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 500452
Laufzeit: 3 Stunde(n), 6 Minute(n), 29 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Dennoch dauernd diese Zugriffsversuche...

cosinus · 13.01.2013, 19:49

Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.

Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.
Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.
Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!
Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!
Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.

Erstmal eine Kontrolle mit OTL bitte:

Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Setze oben mittig den Haken bei Scanne alle Benutzer
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt
Poste die Logfiles hier in CODE-Tags in den Thread.

Gersh · 13.01.2013, 22:21

Hier die Logs:

Extras.txt:

Code:

ATTFilter

OTL Extras logfile created on: 13.01.2013 21:58:02 - Run 4
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Micha\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,49 Gb Available Physical Memory | 49,62% Memory free
6,00 Gb Paging File | 4,34 Gb Available in Paging File | 72,43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 95,74 Gb Free Space | 64,24% Space Free | Partition Type: NTFS
Drive D: | 137,33 Gb Total Space | 67,46 Gb Free Space | 49,12% Space Free | Partition Type: NTFS
 
Computer Name: MICHA-PC | User Name: Micha | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-2346782842-2880189148-1154082226-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0294BB2F-6178-459D-8C46-8D1C40D6AD6B}" = rport=445 | protocol=6 | dir=out | app=system | 
"{057550CC-1C7E-4C7B-A2F8-3A8DDC978C8C}" = lport=138 | protocol=17 | dir=in | app=system | 
"{08E024BB-596A-4DFF-A430-159062EB67CE}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{128B61E5-B469-4090-85E4-11CF89AC50C8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{166EAC20-A98A-43F2-A05C-47C4C9770DF8}" = rport=139 | protocol=6 | dir=out | app=system | 
"{19A5737B-0BEE-43C8-BCD3-3CC714AA4FD3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{19E8810C-8F1D-49CE-B408-63D037A0B4EA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{225DF82A-6DA8-4CC0-BA2D-52E49744015D}" = rport=138 | protocol=17 | dir=out | app=system | 
"{22AD5D30-848E-43AD-8EB2-E165BDB01BFE}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{25B9D31D-64EC-44F5-900B-17177C3E5D3C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{295EF879-34FC-4A05-A484-51AA1443280E}" = lport=445 | protocol=6 | dir=in | app=system | 
"{2FA65B31-3A9D-4C20-AFC6-469495F0EF44}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{4084E937-EAAA-47EE-9520-7BE7CE434C09}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{44883AC5-AAA9-4234-B043-0C4034BBC602}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{484CC0EE-B2D6-4E86-AA9F-ECD678438F51}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{4BF5EB07-06A2-40E2-B5B6-244EF5C49A0F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{4C83E9DD-C10D-4100-A3E2-F3C7D80B5C17}" = lport=138 | protocol=17 | dir=in | app=system | 
"{4DB27F02-8C39-42F8-8FE7-4E5623895409}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{5456EA1E-AF45-48BD-9C96-AB99A6CCF1D9}" = lport=139 | protocol=6 | dir=in | app=system | 
"{5FDB2EFD-69F1-4A7C-90BC-A4B329220177}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{6364B77A-8796-4078-B3CC-5963A3E70B4F}" = rport=139 | protocol=6 | dir=out | app=system | 
"{6EFD3216-D4DB-448C-81DA-E8838C66FFD2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{7C7BD74E-D59D-40F9-8481-A74C4729E9DD}" = rport=138 | protocol=17 | dir=out | app=system | 
"{7D02539A-FA4A-4A22-A716-54499665DEC2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{83104DB9-A742-45AA-B1CA-0DC3D09A1CB5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{86444BB3-291D-4D31-A046-BB4AA3243C28}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{877BED06-E356-4CE4-81E3-4EE04804A521}" = lport=137 | protocol=17 | dir=in | app=system | 
"{8D7AF6C9-A3B9-4828-A544-ED864DF6C18A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{983B25F3-6D3C-4810-B6C7-32136519F446}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{99C945F1-6E96-42BE-9302-8A69D0439094}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{9B9B3581-27B3-4F27-9ECE-AC9FF546BCE2}" = lport=139 | protocol=6 | dir=in | app=system | 
"{AF8150A9-8B4A-4262-900E-D368942052B3}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{B03335A9-C3B2-48D4-B31B-A5D49F778D22}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{B9DB0ACD-18D4-41AD-9513-E90281E2FF3D}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{BE10AB93-C4A6-464B-BE93-069E778BFF99}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{C232D951-55E7-4D04-9346-F88A07FC0B22}" = lport=137 | protocol=17 | dir=in | app=system | 
"{C428A183-FD79-40B5-990D-895328F43AC8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{C6CA68A7-7538-4270-B66E-0F2C02558B82}" = lport=445 | protocol=6 | dir=in | app=system | 
"{C89A1918-EEAC-4080-B282-4310114CC4AF}" = rport=445 | protocol=6 | dir=out | app=system | 
"{C99410F2-B5EC-4101-A977-7C9DF5CDA2DC}" = rport=137 | protocol=17 | dir=out | app=system | 
"{CCA271E1-936A-405C-92F4-95FD48CC7F8C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{CF0676E6-E2EC-438A-9741-7029DEBD00CE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{F534D21D-02A4-4E48-A237-A3745ED5E6D3}" = rport=137 | protocol=17 | dir=out | app=system | 
"{F9C1EEE5-72B7-40C6-BC7C-64E9DF7DEB39}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{002563E3-45BA-46D7-BD33-48EFCE72CB89}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{003C7A18-60D9-4C89-94D8-DE42C1AA1D76}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{02A4D600-582A-4C14-ADFE-C125CF0CB18F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{1473D86F-6F04-46A3-9153-CD04272511DC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{1FCB558B-A314-4B2F-9C31-60E5010648D8}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe | 
"{1FD786E2-B640-41DC-AB73-68218DC3D695}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{241DF502-41DF-46CB-BA58-61920B50B66E}" = protocol=6 | dir=in | app=c:\program files\icq7.1\aolload.exe | 
"{25DF1644-EA4F-4003-840A-78F8A9E78857}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{27FBF777-593F-4E75-A043-AF0C29C42883}" = protocol=17 | dir=in | app=c:\program files\icq7.1\icq.exe | 
"{2DF46237-19C0-41DE-AC87-605F3A3FAEBD}" = protocol=6 | dir=out | app=system | 
"{30DF2C73-CBA4-48E6-B272-78F4929BB044}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe | 
"{32579A0C-A5C2-4D62-8845-E05106549F13}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{34F6D8B5-1B79-46F2-83A7-8FCD9BB590D4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{4849799C-D8E9-4360-8F9A-6B5F2BCC7EA4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{56E808A1-BFD0-4B79-B567-B9FA848D697F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{59BED5CD-C943-48EC-815F-6998BF141238}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{61FB8AD2-C831-45AB-9DFB-D685C3A8300D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{62F27534-2769-4D2F-B42F-E96E62F64F44}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{64B1B722-3165-4B76-9C5F-DA938F3F26B6}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{65901CFC-D156-4C8F-90EA-C26D256CA195}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{68F6992D-6E9D-4F14-88EC-3E0B8BEC7EFF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{6A9651A8-ADB9-4FE5-BF34-517E0EB5FCCC}" = protocol=17 | dir=in | app=c:\program files\icq7.1\aolload.exe | 
"{76213788-DF3D-464B-90BD-3FB7F7EB6C76}" = dir=in | app=c:\program files\itunes\itunes.exe | 
"{774E7BFB-0EDD-45A8-86F9-B54ABB19DD40}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"{7A97A189-6A46-4E7A-B264-08373D8E5A03}" = protocol=17 | dir=in | app=c:\program files\icq7.1\icq.exe | 
"{7F4AB55E-DC59-4CE5-96DF-9D45A58AC7E2}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 
"{81B4BAD8-A17D-4410-BA03-A3F05F90E09D}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{84DD0593-0324-4E70-8AE9-5ABA7F91E2EB}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"{8642AF85-31DC-4BB3-8E9D-1E478C224084}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{8BE0334E-0F55-4A87-A0AC-17E1037866F4}" = protocol=6 | dir=in | app=c:\program files\icq7.1\icq.exe | 
"{944E8BE4-C6E7-46A6-BA3D-0F183BBB6E7F}" = protocol=6 | dir=in | app=c:\program files\icq7.1\icq.exe | 
"{9872DE6F-A182-4489-969C-1F15686A3594}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{9D3F560D-6E11-4D44-A591-19240F7B274D}" = protocol=58 | dir=in | app=system | 
"{A12503A8-E9DD-41F8-9A48-9C88912C140A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{A5589677-56C4-46C1-A86B-1F0B5425786F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{A84F3F8E-FEBF-497D-8442-7067078FED94}" = protocol=17 | dir=in | app=d:\games\steam\steamapps\common\mountblade warband\mb_warband.exe | 
"{A96F7E7E-D0E0-4F76-AD28-8E65FE47AAF5}" = protocol=6 | dir=in | app=d:\games\steam\steamapps\common\mountblade warband\mb_warband.exe | 
"{AB3FBA72-52C3-4476-9A38-230DBE05659B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{AE060FE0-1846-4E25-844C-2A09D181350E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{AFA1D8A7-836A-4B3C-BDFF-BE78F3C4A193}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{B94ED569-A0DD-46B0-9FAD-9241152441A7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{BC7833D1-AE4B-4CAB-BDD5-6EA587E5C763}" = protocol=6 | dir=out | app=system | 
"{C7E4BFB4-6209-40AB-B939-FB769159F706}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{CA912AB9-D1B4-4788-A0AD-55DE106EB8A4}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 | 
"{CE504808-152F-4073-8BB9-0F8E7C4D30C6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{CEE644D2-B53A-4AC0-BC8D-6B224DF8257D}" = protocol=17 | dir=in | app=c:\program files\icq7.1\aolload.exe | 
"{D3648D1D-2BA3-4973-9B7E-EDC907B6E342}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{D73909E9-CC2C-4747-93DB-8288A43FF3C0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{D8375989-209B-4865-8F57-68B38082AC39}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{E8715BB0-E132-4617-B344-62E03BFE2C1C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{E926E57D-011D-4F63-BCC5-FFCFDC28D091}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{EB11A3E5-43EB-44B6-85DD-0A5BC8DACE68}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{EB980EDB-E501-47B2-922B-315D09807400}" = protocol=6 | dir=in | app=c:\program files\icq7.1\aolload.exe | 
"{EFA98652-B437-42AA-B7D3-EFFD71ED4ECD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{F77C675C-828F-4CC9-A24C-E1DFCCB0EEBB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{F7DCF881-DB9D-4779-8D1C-CCCBAC7C73FF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{071B843C-9A39-40B3-BB01-BBD6A8D2E1C5}" = lingDIALOG
"{0886900B-B2F3-452C-B580-60F1253F7F80}" = Native Instruments Controller Editor
"{09298F26-A95C-31E2-9D95-2C60F586F075}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{0DB06704-7DB8-43FC-BE1D-8ACFEFA85C43}" = TortoiseSVN 1.6.16.21511 (32 bit)
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1945A4B5-73B6-4DE9-99A3-05261B7FDED0}" = Shared C Run-time for x86
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks
"{26A24AE4-039D-4CA4-87B4-2F83216018F0}" = Java(TM) 6 Update 18
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX
"{378317B3-D201-4BC0-BEC9-9451C9ACAEED}" = Alcor Micro USB Card Reader
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{4905C2C7-96CB-4DD9-A706-C427913DE5AE}" = Barbarian Invasion
"{490BF87E-1F75-4453-BF55-9F540543A3CA}" = Steinberg Drum Loop Expansion 01
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}" = Steinberg Cubase 5
"{4D454CF8-12FD-464D-B57B-B46FE27B78BB}" = Steinberg LoopMash Content
"{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}" = Paint.NET v3.5.10
"{532B917B-8235-4FA5-BE36-643A8BB053A5}" = Steinberg REVerence Content 01
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}" = iTunes
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect
"{71BFC818-0CED-42D6-9C87-5142918957EE}" = ICQ7.1
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7B63B2922B174135AFC0E1377DD81EC2}" = 
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{842ED5C6-2530-4469-A9A0-0DCDDDA94481}_is1" = M&B Module Updater v1.0
"{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}" = Steinberg HALionOne Studio Drum Set
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2
"{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}" = Apple Mobile Device Support
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{96472D82-0239-11E0-9776-199EDFD72085}" = M-Audio FastTrack Driver 6.0.6 (x86)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BCAC864-84C0-409F-8D12-364109622D18}_is1" = Europa Barbarorum 1.1
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{9D6D7811-43B3-463C-BC79-5D1755269989}" = Net4Switch
"{A642BB6B-CA1D-4142-8DD4-318C3F3DC834}" = Rome - Total War(TM)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.5) - Deutsch
"{AC997F93-0757-4ED4-A701-F40C2D654D09}" = Steinberg HALionOne GM Drum Set
"{AD3E68F5-D141-49C0-B002-28B48030B902}_is1" = Europa Barbarorum 1.2
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B962AD08-335F-46f7-A182-257D37672E5C}" = Native Instruments Rig Kontrol 3 Driver
"{BD86F1AC-B594-46E4-85DC-1258AC9E2232}" = Steinberg Groove Agent ONE Content
"{C7FAFC98-5ECC-40FC-B440-A5D5FE3A6A6E}" = Native Instruments Guitar Rig 4
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}" = Steinberg HALionOne Studio Set
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D82CDA0D-C182-42C8-8FF2-5649C98D6003}" = Steinberg HALionOne Pro Set
"{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}" = Steinberg HALionOne Expression Set
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{E70E7159-93B1-470D-9FBD-D8E9EF34B538}" = Steinberg HALionOne
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F057965A-D974-4C64-ADB1-4381CD4B8956}" = Steinberg HALionOne GM Set
"{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}" = ASUS FancyStart
"{F3AFD063-8BAD-485E-B641-E7F5A2C5AE71}" = Steinberg HALionOne Additional Content Set 01
"{FA2092C5-7979-412D-A962-6485274AE1EE}" = ASUS Data Security Manager
"AC3Filter" = AC3Filter (remove only)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AmUStor" = Alcor Micro USB Card Reader
"ASIO4ALL" = ASIO4ALL
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.11 (Unicode)
"CA’s Vanilla Soundmod " = CA’s Vanilla Soundmod 
"CCleaner" = CCleaner
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup" = DivX-Setup
"EB Documentation_is1" = EB Documentation 1.1
"EB Trivial Script_is1" = EB Trivial Script 0.125
"FUSSBALL MANAGER 12" = FUSSBALL MANAGER 12
"Graphical Enhancement Textures" = Graphical Enhancement Textures 2.5
"InstallShield_{071B843C-9A39-40B3-BB01-BBD6A8D2E1C5}" = lingDIALOG
"InstallShield_{A642BB6B-CA1D-4142-8DD4-318C3F3DC834}" = Rome - Total War(TM)
"Kurs 2 5.0 Italienisch" = Langenscheidt Kurs 2 5.0 Italienisch
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"McAfee Virtual Technician" = McAfee Virtual Technician
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mount&Blade" = Mount&Blade
"Mozilla Firefox 18.0 (x86 de)" = Mozilla Firefox 18.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSC" = McAfee AntiVirus Plus
"Native Instruments Controller Editor" = Native Instruments Controller Editor
"Native Instruments Guitar Rig 4" = Native Instruments Guitar Rig 4
"Native Instruments Rig Kontrol 3 Driver" = Native Instruments Rig Kontrol 3 Driver
"Native Instruments Service Center" = Native Instruments Service Center
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"Recruitment Viewer_is1" = Recruitment Viewer 0.9
"Scourge of War - Gettysburg v1.4" = Scourge of War - Gettysburg v1.4
"SecureW2 EAP Suite" = SecureW2 EAP Suite 1.1.1 for Windows
"Softube Acoustic Feedback VST RTAS_is1" = Softube Acoustic Feedback VST RTAS v1.0.7
"Softube Bass Amp Room VST RTAS_is1" = Softube Bass Amp Room VST RTAS v1.0.2
"Softube FET Compressor VST RTAS_is1" = Softube FET Compressor VST RTAS v1.0.3
"Softube Metal Amp Room VST RTAS_is1" = Softube Metal Amp Room VST RTAS v1.1.5
"Softube Passive-Active Pack VST RTAS_is1" = Softube Passive-Active Pack VST RTAS v1.0.2
"Softube Spring Reverb VST RTAS_is1" = Softube Spring Reverb VST RTAS v1.0.4
"Softube Tube Delay VST RTAS_is1" = Softube Tube Delay VST RTAS v1.0.5
"Softube Tube-Tech CL 1B VST RTAS_is1" = Softube Tube-Tech CL 1B VST RTAS v1.0.3
"Softube Vintage Amp Room VST RTAS_is1" = Softube Vintage Amp Room VST RTAS v1.0.8
"Steam App 48700" = Mount and Blade: Warband
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam
"WinRAR archiver" = WinRAR
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 09.12.2012 14:00:01 | Computer Name = Micha-PC | Source = Windows Backup | ID = 4103
Description = 
 
Error - 13.12.2012 16:41:26 | Computer Name = Micha-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: mcupdmgr.exe, Version: 11.6.434.0,
 Zeitstempel: 0x5050b3c5  Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.1,
 Zeitstempel: 0x4d5f0c22  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00011891  ID des fehlerhaften
 Prozesses: 0x16a0  Startzeit der fehlerhaften Anwendung: 0x01cdd9721d82648d  Pfad der
 fehlerhaften Anwendung: c:\PROGRA~1\mcafee\msc\mcupdmgr.exe  Pfad des fehlerhaften
 Moduls: C:\Windows\system32\MSVCR100.dll  Berichtskennung: 763493fe-4565-11e2-bded-002618392f30
 
Error - 16.12.2012 14:00:01 | Computer Name = Micha-PC | Source = Windows Backup | ID = 4103
Description = 
 
Error - 23.12.2012 18:30:20 | Computer Name = Micha-PC | Source = Windows Backup | ID = 4103
Description = 
 
Error - 30.12.2012 14:00:02 | Computer Name = Micha-PC | Source = Windows Backup | ID = 4103
Description = 
 
Error - 06.01.2013 14:00:02 | Computer Name = Micha-PC | Source = Windows Backup | ID = 4103
Description = 
 
Error - 12.01.2013 10:42:47 | Computer Name = Micha-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 12.01.2013 10:42:47 | Computer Name = Micha-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 15553
 
Error - 12.01.2013 10:42:47 | Computer Name = Micha-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 15553
 
Error - 13.01.2013 14:00:01 | Computer Name = Micha-PC | Source = Windows Backup | ID = 4103
Description = 
 
[ System Events ]
Error - 13.01.2013 12:55:21 | Computer Name = Micha-PC | Source = PNRPSvc | ID = 102
Description = 
 
Error - 13.01.2013 12:55:21 | Computer Name = Micha-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler
 beendet:   %%-2140993535
 
Error - 13.01.2013 12:55:21 | Computer Name = Micha-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
 Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet 
wurde:   %%-2140993535
 
Error - 13.01.2013 12:55:28 | Computer Name = Micha-PC | Source = PNRPSvc | ID = 102
Description = 
 
Error - 13.01.2013 12:55:28 | Computer Name = Micha-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler
 beendet:   %%-2140993535
 
Error - 13.01.2013 12:55:28 | Computer Name = Micha-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
 Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet 
wurde:   %%-2140993535
 
Error - 13.01.2013 12:55:32 | Computer Name = Micha-PC | Source = PNRPSvc | ID = 102
Description = 
 
Error - 13.01.2013 12:55:32 | Computer Name = Micha-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler
 beendet:   %%-2140993535
 
Error - 13.01.2013 12:55:32 | Computer Name = Micha-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
 Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet 
wurde:   %%-2140993535
 
Error - 13.01.2013 14:41:42 | Computer Name = Micha-PC | Source = DCOM | ID = 10000
Description = 
 
 
< End of report >

Und die OTL:

Code:

ATTFilter

OTL logfile created on: 13.01.2013 21:58:02 - Run 4
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Micha\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,49 Gb Available Physical Memory | 49,62% Memory free
6,00 Gb Paging File | 4,34 Gb Available in Paging File | 72,43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 95,74 Gb Free Space | 64,24% Space Free | Partition Type: NTFS
Drive D: | 137,33 Gb Total Space | 67,46 Gb Free Space | 49,12% Space Free | Partition Type: NTFS
 
Computer Name: MICHA-PC | User Name: Micha | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Micha\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe (Adobe Systems, Inc.)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - c:\Programme\McAfee\SiteAdvisor\saUI.exe (McAfee, Inc.)
PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\McAfee\Supportability\MVT\MvtApp.exe (McAfee, Inc.)
PRC - C:\Windows\System32\rpcnet.exe (Absolute Software Corp.)
PRC - C:\Windows\System32\mfevtps.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\Mcafee\SystemCore\mfefire.exe (McAfee, Inc.)
PRC - C:\Programme\McAfee\MSC\McAPExe.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\Mcafee\Platform\McUICnt.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\Mcafee\AMCore\mcshield.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
PRC - C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Programme\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation)
PRC - C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation)
PRC - C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Programme\TortoiseSVN\bin\TSVNCache.exe (hxxp://tortoisesvn.net)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\M-AudioTaskBarIcon.exe (Avid Technology, Inc.)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\ASUS\ATK Hotkey\HControl.exe (ASUS)
PRC - C:\Programme\ASUS\ATK Media\DMedia.exe (ASUS)
PRC - C:\Programme\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Programme\AmIcoSingLun\AmIcoSinglun.exe (AlcorMicro Co., Ltd.)
PRC - C:\Programme\ASUS\Splendid\ACMON.exe (ATK)
PRC - C:\Programme\Common Files\Native Instruments\Hardware\NIHardwareService.exe (Native Instruments GmbH)
PRC - C:\Programme\ASUS\ASUS CopyProtect\ASPG.exe (ASUS)
PRC - C:\Programme\ASUS\ASUS Data Security Manager\ADSMTray.exe (ASUSTek Computer Inc.)
PRC - C:\Programme\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
PRC - C:\Programme\ASUS\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Programme\ASUS\ATK Hotkey\AsLdrSrv.exe (ASUS)
PRC - C:\Programme\ASUS\SmartLogon\sensorsrv.exe (ASUS)
PRC - C:\Programme\ASUS\ATK Hotkey\WDC.exe (ASUS)
PRC - C:\Programme\ASUS\ATK Hotkey\KBFiltr.exe (ASUS)
PRC - C:\Programme\ASUS\ASUS Data Security Manager\ADSMSrv.exe (ASUSTek Computer Inc.)
PRC - C:\Programme\ASUS\ASUS Live Update\ALU.exe ()
PRC - C:\Programme\ASUS\Net4Switch\Net4Switch.exe (ASUS)
PRC - C:\Programme\ATKGFNEX\GFNEXSrv.exe ()
PRC - C:\Programme\ASUS\NB Probe\SPM\spmgr.exe ()
PRC - C:\Programme\Wireless Console 2\wcourier.exe ()
PRC - C:\Windows\System32\ACEngSvr.exe (ASUSTeK)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
MOD - C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Programme\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Windows\System32\CmdLineExt03.dll ()
MOD - C:\Programme\ASUS\Net4Switch\ipswsysmon.dll ()
MOD - C:\Programme\ASUS\Net4Switch\ipsw_cfgmgr.dll ()
MOD - C:\Programme\ASUS\Net4Switch\LogonStartup.dll ()
MOD - C:\Programme\ASUS\Net4Switch\iphelper.dll ()
MOD - C:\Programme\ASUS\Net4Switch\ipswui.dll ()
MOD - C:\Programme\ASUS\Net4Switch\ipswobj.dll ()
MOD - C:\Programme\ASUS\Net4Switch\ipswhlp.dll ()
MOD - C:\Programme\ASUS\Net4Switch\ipswgblset.dll ()
MOD - C:\Programme\ASUS\Net4Switch\ipswds.dll ()
MOD - C:\Programme\ASUS\Net4Switch\ipswcore.dll ()
MOD - C:\Programme\ASUS\Net4Switch\cxcmrt.dll ()
MOD - C:\Programme\ASUS\Net4Switch\ipswresmgr.dll ()
MOD - C:\Programme\ASUS\Splendid\GLCDdll.dll ()
MOD - C:\Programme\ASUS\ASUS Live Update\ALU.exe ()
MOD - C:\Programme\ASUS\Net4Switch\ResItf.dll ()
MOD - C:\Programme\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll ()
MOD - C:\Programme\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (McODS) -- C:\Programme\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV - (rpcnet) -- C:\Windows\System32\rpcnet.exe (Absolute Software Corp.)
SRV - (mfevtp) -- C:\Windows\System32\mfevtps.exe (McAfee, Inc.)
SRV - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SRV - (McProxy) -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (mcpltsvc) -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNaiAnn) -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McMPFSvc) -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (HomeNetSvc) -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (mfecore) -- C:\Programme\Common Files\Mcafee\AMCore\mcshield.exe (McAfee, Inc.)
SRV - (McAfee SiteAdvisor Service) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (nvUpdatusService) -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (NIHardwareService) -- C:\Programme\Common Files\Native Instruments\Hardware\NIHardwareService.exe (Native Instruments GmbH)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (ASLDRService) -- C:\Programme\ASUS\ATK Hotkey\AsLdrSrv.exe (ASUS)
SRV - (ADSMService) -- C:\Programme\ASUS\ASUS Data Security Manager\ADSMSrv.exe (ASUSTek Computer Inc.)
SRV - (ATKGFNEXSrv) -- C:\Programme\ATKGFNEX\GFNEXSrv.exe ()
SRV - (spmgr) -- C:\Programme\ASUS\NB Probe\SPM\spmgr.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV - (mfeavfk01) --  File not found
DRV - (ipswuio) -- System32\DRIVERS\ipswuio.sys File not found
DRV - (IntcAzAudAddService) -- system32\drivers\RTKVHDA.sys File not found
DRV - (catchme) -- C:\Users\Micha\AppData\Local\Temp\catchme.sys File not found
DRV - (am7rsanf) --  File not found
DRV - (cfwids) -- C:\Windows\System32\drivers\cfwids.sys (McAfee, Inc.)
DRV - (mfewfpk) -- C:\Windows\System32\drivers\mfewfpk.sys (McAfee, Inc.)
DRV - (mfehidk) -- C:\Windows\System32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mfefirek) -- C:\Windows\System32\drivers\mfefirek.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\Windows\System32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (mfeavfk) -- C:\Windows\System32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfeapfk) -- C:\Windows\System32\drivers\mfeapfk.sys (McAfee, Inc.)
DRV - (mfencbdc) -- C:\Windows\System32\drivers\mfencbdc.sys (McAfee, Inc.)
DRV - (mfencrk) -- C:\Windows\System32\drivers\mfencrk.sys (McAfee, Inc.)
DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (HipShieldK) -- C:\Windows\System32\drivers\HipShieldK.sys (McAfee, Inc.)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (MAUSBFASTTRACK) -- C:\Windows\System32\drivers\MAudioFastTrack.sys (Avid Technology, Inc.)
DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys ()
DRV - (taphss) -- C:\Windows\System32\drivers\taphss.sys (AnchorFree Inc)
DRV - (AsDsm) -- C:\Windows\System32\drivers\AsDsm.sys (ASUSTek Computer Inc)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( )
DRV - (SiSGbeLH) -- C:\Windows\System32\drivers\SiSGB6.sys (Silicon Integrated Systems Corp.)
DRV - (lullaby) -- C:\Windows\System32\drivers\lullaby.sys (Windows (R) Win 7 DDK provider)
DRV - (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()
DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ASUS)
DRV - (acedrv11) -- C:\Windows\System32\drivers\acedrv11.sys (Protect Software GmbH)
DRV - (ghaio) -- C:\Programme\ASUS\NB Probe\SPM\ghaio.sys ()
DRV - (ASMMAP) -- C:\Programme\ATKGFNEX\ASMMAP.sys ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\.DEFAULT\..\URLSearchHook:  - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-18\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
 
IE - HKU\S-1-5-21-2346782842-2880189148-1154082226-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-2346782842-2880189148-1154082226-1001\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-21-2346782842-2880189148-1154082226-1001\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-2346782842-2880189148-1154082226-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2346782842-2880189148-1154082226-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2346782842-2880189148-1154082226-1001\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKU\S-1-5-21-2346782842-2880189148-1154082226-1001\..\SearchScopes\{79E664B5-9BE4-4794-8FA9-93106D142C5E}: "URL" = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
IE - HKU\S-1-5-21-2346782842-2880189148-1154082226-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2346782842-2880189148-1154082226-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.facebook.com/"
FF - prefs.js..extensions.enabledAddons: firefox%40ghostery.com:2.8.4
FF - prefs.js..extensions.enabledAddons: %7B4ED1F68A-5463-4931-9384-8FFF5ED91D92%7D:3.6.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=mcafee&p="
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MVT: C:\Program Files\McAfee\Supportability\MVT\NPMVTPlugin.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2012.12.20 18:02:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.12.17 20:36:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.01.11 21:05:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.01.11 21:04:58 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.01.11 21:05:17 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.01.11 21:04:58 | 000,000,000 | ---D | M]
 
[2010.01.26 18:37:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Micha\AppData\Roaming\mozilla\Extensions
[2010.01.26 18:37:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Micha\AppData\Roaming\mozilla\Extensions\{a79fe89b-6662-4ff4-8e88-09950ad4dfde}
[2013.01.08 21:17:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Micha\AppData\Roaming\mozilla\Firefox\Profiles\749obg49.default\extensions
[2011.06.30 11:38:18 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Micha\AppData\Roaming\mozilla\Firefox\Profiles\749obg49.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2013.01.08 21:17:16 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\Micha\AppData\Roaming\mozilla\Firefox\Profiles\749obg49.default\extensions\firefox@ghostery.com
[2012.11.15 19:54:29 | 000,328,449 | ---- | M] () (No name found) -- C:\Users\Micha\AppData\Roaming\mozilla\firefox\profiles\749obg49.default\extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}.xpi
[2012.01.23 18:24:07 | 000,001,107 | ---- | M] () -- C:\Users\Micha\AppData\Roaming\mozilla\firefox\profiles\749obg49.default\searchplugins\dictcc-en-de-pocket.xml
[2013.01.13 03:57:40 | 000,001,398 | ---- | M] () -- C:\Users\Micha\AppData\Roaming\mozilla\firefox\profiles\749obg49.default\searchplugins\dictcc-en-de.xml
[2013.01.13 03:57:39 | 000,000,947 | ---- | M] () -- C:\Users\Micha\AppData\Roaming\mozilla\firefox\profiles\749obg49.default\searchplugins\icqplugin.xml
[2013.01.11 21:04:49 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.12.20 18:02:54 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
[2013.01.11 21:05:16 | 000,262,704 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.04.20 17:01:36 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.17 13:01:27 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.04.20 17:01:36 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.04.20 17:01:36 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.04.20 22:42:30 | 000,002,027 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2012.04.20 17:01:36 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.04.20 17:01:36 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2012.07.13 09:32:53 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O4 - HKLM..\Run: [ADSMTray] C:\Programme\ASUS\ASUS Data Security Manager\ADSMTray.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [AmIcoSinglun] C:\Programme\AmIcoSingLun\AmIcoSinglun.exe (AlcorMicro Co., Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Programme\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Programme\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [DivXMediaServer] C:\Programme\DivX\DivX Media Server\DivXMediaServer.exe ()
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HControlUser] C:\Programme\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [M-Audio Taskbar Icon] C:\Windows\System32\M-AudioTaskBarIcon.exe (Avid Technology, Inc.)
O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [ROC_roc_ssl_v12] "C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12 File not found
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-21-2346782842-2880189148-1154082226-1006..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2346782842-2880189148-1154082226-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2346782842-2880189148-1154082226-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-2346782842-2880189148-1154082226-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Programme\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Programme\ICQ7.1\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 10.7.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{13866C12-7E69-4E54-A0E2-F6B2B7E9BB7F}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Programme\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.01.13 21:56:44 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Micha\Desktop\OTL.exe
[2013.01.13 19:41:47 | 000,000,000 | ---D | C] -- C:\Users\Micha\AppData\Roaming\McAfee
[2013.01.13 13:47:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.01.13 13:47:23 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013.01.13 13:47:22 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013.01.13 13:47:12 | 000,000,000 | ---D | C] -- C:\Users\Micha\AppData\Local\Programs
[2013.01.13 13:46:20 | 010,156,344 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Micha\Desktop\mbam-setup-1.70.0.1100.exe
[2013.01.13 13:11:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2013.01.12 14:47:36 | 000,000,000 | ---D | C] -- C:\Users\Micha\AppData\Roaming\NVIDIA
[2013.01.11 21:04:47 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.01.08 21:21:51 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2013.01.08 21:21:32 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\System32\oflc-nz.rs
[2013.01.08 21:21:31 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\System32\fpb.rs
[2013.01.08 21:21:31 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\System32\csrr.rs
[2013.01.08 21:21:31 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\System32\cob-au.rs
[2013.01.08 21:21:30 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\System32\pegibbfc.rs
[2013.01.08 21:21:30 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\System32\usk.rs
[2013.01.08 21:21:30 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\System32\grb.rs
[2013.01.08 21:21:30 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\System32\djctq.rs
[2013.01.08 21:21:29 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2013.01.08 21:21:29 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi-pt.rs
[2013.01.08 21:21:29 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi.rs
[2013.01.08 21:21:28 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wpc.dll
[2013.01.08 21:21:23 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\System32\esrb.rs
[2013.01.08 21:21:22 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\System32\cero.rs
[2013.01.08 21:21:22 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\System32\oflc.rs
[2013.01.08 21:21:22 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi-fi.rs
[2013.01.08 21:20:00 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.01.08 21:19:39 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2013.01.08 21:19:38 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2013.01.08 21:19:36 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2013.01.08 21:19:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.01.08 21:19:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2013.01.08 21:19:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.01.08 21:19:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2013.01.08 21:19:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2013.01.08 21:19:33 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2013.01.08 21:19:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2013.01.08 21:19:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.01.08 21:19:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.01.08 21:19:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2013.01.08 21:19:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2013.01.08 21:19:32 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2013.01.08 21:19:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.08 21:19:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2013.01.08 21:19:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2013.01.08 21:19:31 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2013.01.08 21:19:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2013.01.08 21:19:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2013.01.08 21:19:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2013.01.08 21:19:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2013.01.08 21:19:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2013.01.08 21:19:30 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2013.01.08 21:19:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2013.01.08 21:19:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2013.01.08 21:19:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.01.08 21:19:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2013.01.08 21:19:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2013.01.08 21:18:25 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
[2013.01.08 20:40:44 | 000,147,472 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\HipShieldK.sys
[2013.01.08 20:38:06 | 000,167,344 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe
[2012.12.22 17:59:04 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012.12.22 17:59:04 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012.12.17 20:37:59 | 000,000,000 | ---D | C] -- C:\Users\Micha\AppData\Local\DDMSettings
[2010.10.24 13:17:58 | 009,535,488 | ---- | C] (Softube) -- C:\Program Files\Tube Delay.dll
[2008.08.11 21:45:20 | 000,155,648 | ---- | C] (ASUS) -- C:\Program Files\Common Files\MSIactionall.dll
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.01.13 22:03:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.01.13 21:56:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Micha\Desktop\OTL.exe
[2013.01.13 21:42:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.01.13 20:42:00 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.01.13 13:47:35 | 000,001,078 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.01.13 13:46:41 | 010,156,344 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Micha\Desktop\mbam-setup-1.70.0.1100.exe
[2013.01.13 13:11:12 | 000,014,832 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.13 13:11:12 | 000,014,832 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.13 13:03:59 | 000,017,408 | ---- | M] () -- C:\Windows\System32\rpcnetp.exe
[2013.01.13 13:03:57 | 000,058,288 | ---- | M] (Absolute Software Corp.) -- C:\Windows\System32\rpcnet.dll
[2013.01.13 13:03:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.01.13 13:03:43 | 2415,345,664 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.12 17:21:29 | 000,000,671 | ---- | M] () -- C:\Users\Micha\Micha - Verknüpfung.lnk
[2013.01.08 21:48:00 | 000,292,672 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.01.08 21:28:00 | 000,664,868 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.01.08 21:28:00 | 000,625,010 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.01.08 21:28:00 | 000,135,004 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.01.08 21:28:00 | 000,110,648 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.01.08 21:03:53 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.01.08 21:03:53 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.12.16 15:13:28 | 000,295,424 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012.12.16 15:13:20 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.01.13 13:47:35 | 000,001,078 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.01.12 17:21:29 | 000,000,671 | ---- | C] () -- C:\Users\Micha\Micha - Verknüpfung.lnk
[2013.01.08 20:40:15 | 000,002,641 | ---- | C] () -- C:\Windows\System32\drivers\mfencrk.inf
[2013.01.08 20:40:14 | 000,002,946 | ---- | C] () -- C:\Windows\System32\drivers\mfencbdc.inf
[2012.08.30 09:40:14 | 000,429,416 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2012.07.23 16:14:53 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.07.23 16:14:53 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.07.23 16:14:53 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.07.23 16:14:53 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.07.23 16:14:53 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.07.19 19:18:16 | 000,000,209 | ---- | C] () -- C:\Windows\RomeTW.ini
[2012.07.08 19:04:12 | 004,503,728 | ---- | C] () -- C:\ProgramData\go_0molg.pad
[2012.05.22 23:47:22 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2011.10.01 08:48:09 | 000,007,599 | ---- | C] () -- C:\Users\Micha\AppData\Local\Resmon.ResmonCfg
[2011.09.18 01:24:06 | 000,000,218 | ---- | C] () -- C:\Users\Micha\.recently-used.xbel
[2011.08.19 13:48:01 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2011.04.30 23:42:50 | 000,668,160 | ---- | C] () -- C:\Windows\System32\autochk.exe
[2011.04.06 15:22:05 | 000,004,608 | ---- | C] () -- C:\Users\Micha\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.11.27 19:46:50 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.04.08 10:31:56 | 000,106,496 | ---- | C] () -- C:\Program Files\Common Files\CPInstallAction.dll
[2008.05.22 08:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files\Common Files\banner.jpg
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >

Danke für die Geduld

cosinus · 13.01.2013, 22:32

Malwarebytes Anti-Rootkit

Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Entpacke das Archiv auf deinem Desktop.
Im neu erstellten Ordner starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Gersh · 14.01.2013, 01:33

Bittesehr:

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.01.0.1016
www.malwarebytes.org

Database version: v2013.01.13.09

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Micha :: MICHA-PC [administrator]

14.01.2013 01:31:18
mbar-log-2013-01-14 (01-31-18).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 27571
Time elapsed: 12 minute(s), 23 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

cosinus · 14.01.2013, 08:59

1. aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!

Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
Klicke auf Scan.
Warte bitte bis Scan finished successfully im DOS Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.

2. TDSS-Killer

Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

Gersh · 14.01.2013, 21:20

Hier die beiden Logs:

ASW:

Code:

ATTFilter

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-01-14 20:53:49
-----------------------------
20:53:49.637    OS Version: Windows 6.1.7601 Service Pack 1
20:53:49.637    Number of processors: 2 586 0xF0D
20:53:49.653    ComputerName: MICHA-PC  UserName: Micha
20:53:50.620    Initialize success
20:54:01.212    AVAST engine defs: 13011401
20:54:04.910    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
20:54:04.925    Disk 0 Vendor: ST9320320AS 0303 Size: 305245MB BusType: 3
20:54:04.941    Disk 0 MBR read successfully
20:54:04.941    Disk 0 MBR scan
20:54:04.972    Disk 0 Windows 7 default MBR code
20:54:04.988    Disk 0 Partition 1 00     1C Hidd FAT32 LBA MSDOS5.0    12001 MB offset 63
20:54:05.034    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS       152617 MB offset 24579450
20:54:05.066    Disk 0 Partition - 00     0F Extended LBA            140623 MB offset 337140090
20:54:05.081    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       140623 MB offset 337140153
20:54:05.112    Disk 0 scanning sectors +625137345
20:54:05.253    Disk 0 scanning C:\Windows\system32\drivers
20:54:26.952    Service scanning
20:55:00.212    Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32
20:55:10.336    Modules scanning
20:55:22.957    Disk 0 trace - called modules:
20:55:22.988    ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll >>UNKNOWN [0xc32391f8]<<
20:55:22.988    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xc340d948]
20:55:23.003    3 CLASSPNP.SYS[bbfcb59e] -> nt!IofCallDriver -> [0xc32d3848]
20:55:23.019    5 ACPI.sys[bb7c13d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0xc32ea908]
20:55:23.019    \Driver\atapi[0xc32e03d0] -> IRP_MJ_CREATE -> 0xc32391f8
20:55:24.002    AVAST engine scan C:\Windows
20:55:27.247    AVAST engine scan C:\Windows\system32
21:00:58.410    AVAST engine scan C:\Windows\system32\drivers
21:01:26.646    AVAST engine scan C:\Users\Micha
21:06:06.403    AVAST engine scan C:\ProgramData
21:08:39.284    Scan finished successfully
21:14:01.445    Disk 0 MBR has been saved successfully to "C:\Users\Micha\Desktop\MBR.dat"
21:14:01.476    The log file has been saved successfully to "C:\Users\Micha\Desktop\aswMBRLog.txt"

TDSS:

Code:

ATTFilter

21:14:18.0876 1732  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
21:14:20.0888 1732  ============================================================
21:14:20.0888 1732  Current date / time: 2013/01/14 21:14:20.0888
21:14:20.0888 1732  SystemInfo:
21:14:20.0888 1732  
21:14:20.0888 1732  OS Version: 6.1.7601 ServicePack: 1.0
21:14:20.0888 1732  Product type: Workstation
21:14:20.0888 1732  ComputerName: MICHA-PC
21:14:20.0888 1732  UserName: Micha
21:14:20.0888 1732  Windows directory: C:\Windows
21:14:20.0888 1732  System windows directory: C:\Windows
21:14:20.0888 1732  Processor architecture: Intel x86
21:14:20.0888 1732  Number of processors: 2
21:14:20.0888 1732  Page size: 0x1000
21:14:20.0888 1732  Boot type: Normal boot
21:14:20.0888 1732  ============================================================
21:14:22.0558 1732  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:14:22.0604 1732  ============================================================
21:14:22.0604 1732  \Device\Harddisk0\DR0:
21:14:22.0604 1732  MBR partitions:
21:14:22.0604 1732  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1770D7A, BlocksNum 0x12A14C00
21:14:22.0636 1732  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x141859B9, BlocksNum 0x112A7D08
21:14:22.0636 1732  ============================================================
21:14:22.0698 1732  C: <-> \Device\Harddisk0\DR0\Partition1
21:14:22.0729 1732  D: <-> \Device\Harddisk0\DR0\Partition2
21:14:22.0729 1732  ============================================================
21:14:22.0729 1732  Initialize success
21:14:22.0729 1732  ============================================================
21:14:40.0968 1676  ============================================================
21:14:40.0968 1676  Scan started
21:14:40.0968 1676  Mode: Manual; SigCheck; TDLFS; 
21:14:40.0968 1676  ============================================================
21:14:42.0450 1676  ================ Scan system memory ========================
21:14:42.0450 1676  System memory - ok
21:14:42.0450 1676  ================ Scan services =============================
21:14:42.0715 1676  [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
21:14:42.0949 1676  1394ohci - ok
21:14:43.0011 1676  [ A6FE70357A68AD1E279CD1012419CCE6 ] acedrv11        C:\Windows\system32\drivers\acedrv11.sys
21:14:43.0261 1676  acedrv11 - ok
21:14:43.0308 1676  [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:14:43.0401 1676  ACPI - ok
21:14:43.0448 1676  [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
21:14:43.0604 1676  AcpiPmi - ok
21:14:43.0854 1676  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
21:14:44.0056 1676  AdobeARMservice - ok
21:14:44.0119 1676  [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:14:44.0181 1676  AdobeFlashPlayerUpdateSvc - ok
21:14:44.0244 1676  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
21:14:44.0322 1676  adp94xx - ok
21:14:44.0337 1676  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
21:14:44.0400 1676  adpahci - ok
21:14:44.0431 1676  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
21:14:44.0493 1676  adpu320 - ok
21:14:44.0649 1676  [ C0BF554D2277F7A4C735D475ADE2E3B2 ] ADSMService     C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
21:14:44.0696 1676  ADSMService ( UnsignedFile.Multi.Generic ) - warning
21:14:44.0696 1676  ADSMService - detected UnsignedFile.Multi.Generic (1)
21:14:44.0727 1676  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:14:44.0868 1676  AeLookupSvc - ok
21:14:45.0070 1676  [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD             C:\Windows\system32\drivers\afd.sys
21:14:45.0195 1676  AFD - ok
21:14:45.0304 1676  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\Windows\system32\drivers\agp440.sys
21:14:45.0367 1676  agp440 - ok
21:14:45.0414 1676  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
21:14:45.0492 1676  aic78xx - ok
21:14:45.0538 1676  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\Windows\System32\alg.exe
21:14:45.0616 1676  ALG - ok
21:14:45.0648 1676  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:14:45.0757 1676  aliide - ok
21:14:45.0804 1676  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
21:14:45.0866 1676  amdagp - ok
21:14:45.0960 1676  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\Windows\system32\drivers\amdide.sys
21:14:46.0038 1676  amdide - ok
21:14:46.0084 1676  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
21:14:46.0194 1676  AmdK8 - ok
21:14:46.0194 1676  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
21:14:46.0381 1676  AmdPPM - ok
21:14:46.0443 1676  [ D320BF87125326F996D4904FE24300FC ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:14:46.0521 1676  amdsata - ok
21:14:46.0552 1676  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
21:14:46.0599 1676  amdsbs - ok
21:14:46.0615 1676  [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:14:46.0677 1676  amdxata - ok
21:14:46.0724 1676  [ AEA177F783E20150ACE5383EE368DA19 ] AppID           C:\Windows\system32\drivers\appid.sys
21:14:46.0849 1676  AppID - ok
21:14:46.0880 1676  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:14:46.0989 1676  AppIDSvc - ok
21:14:47.0020 1676  [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo         C:\Windows\System32\appinfo.dll
21:14:47.0130 1676  Appinfo - ok
21:14:47.0223 1676  [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:14:47.0348 1676  Apple Mobile Device - ok
21:14:47.0410 1676  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\Windows\system32\DRIVERS\arc.sys
21:14:47.0473 1676  arc - ok
21:14:47.0488 1676  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
21:14:47.0535 1676  arcsas - ok
21:14:47.0551 1676  [ 104DB777372411C55850C4A2AE6877EF ] AsDsm           C:\Windows\system32\drivers\AsDsm.sys
21:14:47.0691 1676  AsDsm - ok
21:14:47.0800 1676  [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService    C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
21:14:47.0847 1676  ASLDRService - ok
21:14:47.0894 1676  [ 7B4D08D2017AC06689D422E06C43F0AA ] ASMMAP          C:\Program Files\ATKGFNEX\ASMMAP.sys
21:14:47.0925 1676  ASMMAP - ok
21:14:48.0034 1676  [ 39CDCB109BF200CC8A05B9C7E6272D11 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
21:14:48.0112 1676  aspnet_state - ok
21:14:48.0128 1676  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:14:48.0206 1676  AsyncMac - ok
21:14:48.0253 1676  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\Windows\system32\drivers\atapi.sys
21:14:48.0300 1676  atapi - ok
21:14:48.0378 1676  [ 31CB2740BFDBAC1E48E2B7EAD38F0D27 ] athr            C:\Windows\system32\DRIVERS\athr.sys
21:14:48.0534 1676  athr - ok
21:14:48.0565 1676  [ 7C157574A181B19B9DCF5F339E25337E ] ATKGFNEXSrv     C:\Program Files\ATKGFNEX\GFNEXSrv.exe
21:14:48.0627 1676  ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - warning
21:14:48.0627 1676  ATKGFNEXSrv - detected UnsignedFile.Multi.Generic (1)
21:14:48.0674 1676  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:14:48.0768 1676  AudioEndpointBuilder - ok
21:14:48.0783 1676  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
21:14:48.0846 1676  Audiosrv - ok
21:14:48.0892 1676  [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:14:48.0986 1676  AxInstSV - ok
21:14:49.0033 1676  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
21:14:49.0126 1676  b06bdrv - ok
21:14:49.0189 1676  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
21:14:49.0236 1676  b57nd60x - ok
21:14:49.0298 1676  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\Windows\System32\bdesvc.dll
21:14:49.0376 1676  BDESVC - ok
21:14:49.0407 1676  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:14:49.0470 1676  Beep - ok
21:14:49.0516 1676  [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE             C:\Windows\System32\bfe.dll
21:14:49.0594 1676  BFE - ok
21:14:49.0641 1676  [ E585445D5021971FAE10393F0F1C3961 ] BITS            C:\Windows\system32\qmgr.dll
21:14:49.0782 1676  BITS - ok
21:14:49.0813 1676  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
21:14:49.0860 1676  blbdrive - ok
21:14:49.0953 1676  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:14:50.0000 1676  Bonjour Service - ok
21:14:50.0047 1676  [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:14:50.0140 1676  bowser - ok
21:14:50.0156 1676  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:14:50.0250 1676  BrFiltLo - ok
21:14:50.0265 1676  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:14:50.0374 1676  BrFiltUp - ok
21:14:50.0452 1676  [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
21:14:50.0530 1676  BridgeMP - ok
21:14:50.0577 1676  [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser         C:\Windows\System32\browser.dll
21:14:50.0686 1676  Browser - ok
21:14:50.0718 1676  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
21:14:50.0811 1676  Brserid - ok
21:14:50.0842 1676  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
21:14:50.0920 1676  BrSerWdm - ok
21:14:50.0936 1676  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
21:14:51.0014 1676  BrUsbMdm - ok
21:14:51.0030 1676  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
21:14:51.0092 1676  BrUsbSer - ok
21:14:51.0123 1676  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
21:14:51.0170 1676  BTHMODEM - ok
21:14:51.0217 1676  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\Windows\system32\bthserv.dll
21:14:51.0279 1676  bthserv - ok
21:14:51.0482 1676  catchme - ok
21:14:51.0513 1676  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:14:51.0607 1676  cdfs - ok
21:14:51.0669 1676  [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
21:14:51.0747 1676  cdrom - ok
21:14:51.0794 1676  [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc     C:\Windows\System32\certprop.dll
21:14:51.0856 1676  CertPropSvc - ok
21:14:51.0919 1676  [ 67B20DA4727F54AEA29FDDAD810C898D ] cfwids          C:\Windows\system32\drivers\cfwids.sys
21:14:51.0966 1676  cfwids - ok
21:14:51.0997 1676  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
21:14:52.0059 1676  circlass - ok
21:14:52.0106 1676  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\Windows\system32\CLFS.sys
21:14:52.0153 1676  CLFS - ok
21:14:52.0200 1676  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:14:52.0340 1676  clr_optimization_v2.0.50727_32 - ok
21:14:52.0434 1676  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:14:52.0574 1676  clr_optimization_v4.0.30319_32 - ok
21:14:52.0590 1676  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
21:14:52.0652 1676  CmBatt - ok
21:14:52.0683 1676  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:14:52.0730 1676  cmdide - ok
21:14:52.0746 1676  [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG             C:\Windows\system32\Drivers\cng.sys
21:14:52.0808 1676  CNG - ok
21:14:52.0870 1676  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
21:14:52.0917 1676  Compbatt - ok
21:14:52.0964 1676  [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
21:14:53.0011 1676  CompositeBus - ok
21:14:53.0026 1676  COMSysApp - ok
21:14:53.0042 1676  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
21:14:53.0089 1676  crcdisk - ok
21:14:53.0136 1676  [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:14:53.0229 1676  CryptSvc - ok
21:14:53.0276 1676  [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:14:53.0354 1676  DcomLaunch - ok
21:14:53.0401 1676  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\Windows\System32\defragsvc.dll
21:14:53.0494 1676  defragsvc - ok
21:14:53.0541 1676  [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:14:53.0619 1676  DfsC - ok
21:14:53.0697 1676  [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:14:53.0838 1676  Dhcp - ok
21:14:53.0869 1676  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\Windows\system32\drivers\discache.sys
21:14:53.0947 1676  discache - ok
21:14:53.0978 1676  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\Windows\system32\DRIVERS\disk.sys
21:14:54.0025 1676  Disk - ok
21:14:54.0056 1676  [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:14:54.0134 1676  Dnscache - ok
21:14:54.0165 1676  [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:14:54.0243 1676  dot3svc - ok
21:14:54.0274 1676  [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS             C:\Windows\system32\dps.dll
21:14:54.0352 1676  DPS - ok
21:14:54.0384 1676  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:14:54.0462 1676  drmkaud - ok
21:14:54.0508 1676  [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:14:54.0586 1676  DXGKrnl - ok
21:14:54.0649 1676  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\Windows\System32\eapsvc.dll
21:14:54.0711 1676  EapHost - ok
21:14:54.0820 1676  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
21:14:54.0961 1676  ebdrv - ok
21:14:55.0008 1676  [ 81951F51E318AECC2D68559E47485CC4 ] EFS             C:\Windows\System32\lsass.exe
21:14:55.0117 1676  EFS - ok
21:14:55.0179 1676  [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:14:55.0288 1676  ehRecvr - ok
21:14:55.0320 1676  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\Windows\ehome\ehsched.exe
21:14:55.0398 1676  ehSched - ok
21:14:55.0476 1676  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
21:14:55.0538 1676  elxstor - ok
21:14:55.0616 1676  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:14:55.0788 1676  ErrDev - ok
21:14:55.0866 1676  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\Windows\system32\es.dll
21:14:55.0944 1676  EventSystem - ok
21:14:55.0959 1676  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\Windows\system32\drivers\exfat.sys
21:14:56.0053 1676  exfat - ok
21:14:56.0084 1676  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:14:56.0146 1676  fastfat - ok
21:14:56.0193 1676  [ 967EA5B213E9984CBE270205DF37755B ] Fax             C:\Windows\system32\fxssvc.exe
21:14:56.0287 1676  Fax - ok
21:14:56.0302 1676  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
21:14:56.0365 1676  fdc - ok
21:14:56.0396 1676  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\Windows\system32\fdPHost.dll
21:14:56.0490 1676  fdPHost - ok
21:14:56.0505 1676  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\Windows\system32\fdrespub.dll
21:14:56.0583 1676  FDResPub - ok
21:14:56.0599 1676  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:14:56.0661 1676  FileInfo - ok
21:14:56.0692 1676  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:14:56.0770 1676  Filetrace - ok
21:14:56.0770 1676  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
21:14:56.0817 1676  flpydisk - ok
21:14:56.0864 1676  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:14:56.0911 1676  FltMgr - ok
21:14:56.0958 1676  [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache       C:\Windows\system32\FntCache.dll
21:14:57.0082 1676  FontCache - ok
21:14:57.0160 1676  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:14:57.0238 1676  FontCache3.0.0.0 - ok
21:14:57.0254 1676  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:14:57.0316 1676  FsDepends - ok
21:14:57.0332 1676  [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:14:57.0394 1676  Fs_Rec - ok
21:14:57.0441 1676  [ 8A73E79089B282100B9393B644CB853B ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:14:57.0488 1676  fvevol - ok
21:14:57.0519 1676  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
21:14:57.0566 1676  gagp30kx - ok
21:14:57.0613 1676  [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:14:57.0660 1676  GEARAspiWDM - ok
21:14:57.0722 1676  [ 31B40F40E09513ADDC460F6A297AD474 ] ghaio           C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys
21:14:57.0769 1676  ghaio - ok
21:14:57.0816 1676  [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc           C:\Windows\System32\gpsvc.dll
21:14:57.0925 1676  gpsvc - ok
21:14:57.0987 1676  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
21:14:58.0034 1676  gupdate - ok
21:14:58.0050 1676  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
21:14:58.0096 1676  gupdatem - ok
21:14:58.0112 1676  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
21:14:58.0206 1676  hcw85cir - ok
21:14:58.0252 1676  [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:14:58.0299 1676  HdAudAddService - ok
21:14:58.0346 1676  [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
21:14:58.0408 1676  HDAudBus - ok
21:14:58.0440 1676  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
21:14:58.0486 1676  HidBatt - ok
21:14:58.0502 1676  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
21:14:58.0564 1676  HidBth - ok
21:14:58.0596 1676  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
21:14:58.0642 1676  HidIr - ok
21:14:58.0674 1676  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\Windows\System32\hidserv.dll
21:14:58.0752 1676  hidserv - ok
21:14:58.0783 1676  [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:14:58.0845 1676  HidUsb - ok
21:14:58.0892 1676  [ 8F72C4916A288485812745DC5AF873FC ] HipShieldK      C:\Windows\system32\drivers\HipShieldK.sys
21:14:58.0939 1676  HipShieldK - ok
21:14:58.0970 1676  [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:14:59.0048 1676  hkmsvc - ok
21:14:59.0064 1676  [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:14:59.0142 1676  HomeGroupListener - ok
21:14:59.0173 1676  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:14:59.0266 1676  HomeGroupProvider - ok
21:14:59.0376 1676  [ 31FB9D7453C424D14A6C3927483E5E60 ] HomeNetSvc      C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
21:14:59.0422 1676  HomeNetSvc - ok
21:14:59.0469 1676  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:14:59.0516 1676  HpSAMD - ok
21:14:59.0563 1676  [ 871917B07A141BFF43D76D8844D48106 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:14:59.0641 1676  HTTP - ok
21:14:59.0672 1676  [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:14:59.0750 1676  hwpolicy - ok
21:14:59.0797 1676  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
21:14:59.0844 1676  i8042prt - ok
21:14:59.0875 1676  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:14:59.0922 1676  iaStorV - ok
21:14:59.0984 1676  [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:15:00.0078 1676  idsvc - ok
21:15:00.0124 1676  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
21:15:00.0171 1676  iirsp - ok
21:15:00.0234 1676  [ F95622F161474511B8D80D6B093AA610 ] IKEEXT          C:\Windows\System32\ikeext.dll
21:15:00.0312 1676  IKEEXT - ok
21:15:00.0358 1676  IntcAzAudAddService - ok
21:15:00.0390 1676  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\Windows\system32\drivers\intelide.sys
21:15:00.0452 1676  intelide - ok
21:15:00.0483 1676  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
21:15:00.0530 1676  intelppm - ok
21:15:00.0577 1676  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:15:00.0639 1676  IPBusEnum - ok
21:15:00.0670 1676  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:15:00.0764 1676  IpFilterDriver - ok
21:15:00.0811 1676  [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:15:00.0936 1676  iphlpsvc - ok
21:15:00.0982 1676  [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
21:15:01.0076 1676  IPMIDRV - ok
21:15:01.0107 1676  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:15:01.0185 1676  IPNAT - ok
21:15:01.0248 1676  [ E6BE7A41A28D8F2DB174957454D32448 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
21:15:01.0310 1676  iPod Service - ok
21:15:01.0326 1676  ipswuio - ok
21:15:01.0372 1676  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:15:01.0466 1676  IRENUM - ok
21:15:01.0482 1676  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:15:01.0544 1676  isapnp - ok
21:15:01.0575 1676  [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
21:15:01.0622 1676  iScsiPrt - ok
21:15:01.0653 1676  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
21:15:01.0747 1676  kbdclass - ok
21:15:01.0762 1676  [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
21:15:01.0856 1676  kbdhid - ok
21:15:01.0903 1676  [ 3EB803312987FF44265C87CB960DF6AB ] kbfiltr         C:\Windows\system32\DRIVERS\kbfiltr.sys
21:15:01.0981 1676  kbfiltr - ok
21:15:01.0996 1676  [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso          C:\Windows\system32\lsass.exe
21:15:02.0043 1676  KeyIso - ok
21:15:02.0074 1676  [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:15:02.0121 1676  KSecDD - ok
21:15:02.0152 1676  [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:15:02.0246 1676  KSecPkg - ok
21:15:02.0293 1676  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:15:02.0371 1676  KtmRm - ok
21:15:02.0402 1676  [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer    C:\Windows\System32\srvsvc.dll
21:15:02.0496 1676  LanmanServer - ok
21:15:02.0511 1676  [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:15:02.0620 1676  LanmanWorkstation - ok
21:15:02.0667 1676  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:15:02.0730 1676  lltdio - ok
21:15:02.0776 1676  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:15:02.0854 1676  lltdsvc - ok
21:15:02.0886 1676  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:15:02.0964 1676  lmhosts - ok
21:15:03.0010 1676  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
21:15:03.0057 1676  LSI_FC - ok
21:15:03.0073 1676  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
21:15:03.0135 1676  LSI_SAS - ok
21:15:03.0135 1676  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:15:03.0198 1676  LSI_SAS2 - ok
21:15:03.0213 1676  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:15:03.0276 1676  LSI_SCSI - ok
21:15:03.0322 1676  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\Windows\system32\drivers\luafv.sys
21:15:03.0400 1676  luafv - ok
21:15:03.0463 1676  [ 969D61D7463D78037DC6B020A435FC0C ] lullaby         C:\Windows\system32\DRIVERS\lullaby.sys
21:15:03.0510 1676  lullaby - ok
21:15:03.0556 1676  [ 862D7BD3BE3399670A7E3358CE7E6344 ] MAUSBFASTTRACK  C:\Windows\system32\DRIVERS\MAudioFastTrack.sys
21:15:03.0619 1676  MAUSBFASTTRACK - ok
21:15:03.0666 1676  [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
21:15:03.0712 1676  MBAMProtector - ok
21:15:03.0759 1676  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
21:15:03.0822 1676  MBAMScheduler - ok
21:15:03.0853 1676  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
21:15:03.0915 1676  MBAMService - ok
21:15:03.0993 1676  [ ECAB006AC6136F1307E140B633CDB8C2 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
21:15:04.0040 1676  McAfee SiteAdvisor Service - ok
21:15:04.0071 1676  [ 31FB9D7453C424D14A6C3927483E5E60 ] McMPFSvc        C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
21:15:04.0118 1676  McMPFSvc - ok
21:15:04.0149 1676  [ 31FB9D7453C424D14A6C3927483E5E60 ] McNaiAnn        C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
21:15:04.0196 1676  McNaiAnn - ok
21:15:04.0290 1676  [ 2D5BA691B249789E70ED787B8C769A53 ] McODS           C:\Program Files\McAfee\VirusScan\mcods.exe
21:15:04.0336 1676  McODS - ok
21:15:04.0368 1676  [ 31FB9D7453C424D14A6C3927483E5E60 ] mcpltsvc        C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
21:15:04.0414 1676  mcpltsvc - ok
21:15:04.0461 1676  [ 31FB9D7453C424D14A6C3927483E5E60 ] McProxy         C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
21:15:04.0508 1676  McProxy - ok
21:15:04.0539 1676  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:15:04.0602 1676  Mcx2Svc - ok
21:15:04.0617 1676  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
21:15:04.0680 1676  megasas - ok
21:15:04.0711 1676  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
21:15:04.0758 1676  MegaSR - ok
21:15:04.0836 1676  [ BA3004F4C0A0CD19DB9C2C0AB3A84EFE ] mfeapfk         C:\Windows\system32\drivers\mfeapfk.sys
21:15:04.0882 1676  mfeapfk - ok
21:15:04.0929 1676  [ 39C20B7D9AC19BFE616CA09DD3A240AF ] mfeavfk         C:\Windows\system32\drivers\mfeavfk.sys
21:15:04.0976 1676  mfeavfk - ok
21:15:05.0007 1676  mfeavfk01 - ok
21:15:05.0023 1676  [ E3470DECDA0A4015A0CA00ED645F2EBE ] mfebopk         C:\Windows\system32\drivers\mfebopk.sys
21:15:05.0085 1676  mfebopk - ok
21:15:05.0132 1676  [ A687B3EEED3E8B305AC247DEC61EE362 ] mfecore         C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
21:15:05.0194 1676  mfecore - ok
21:15:05.0272 1676  [ 4E13EA496E202BCB4FCC342D96FAF83A ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
21:15:05.0335 1676  mfefire - ok
21:15:05.0397 1676  [ C8AC8147E02ED8795E1FD946165BACCF ] mfefirek        C:\Windows\system32\drivers\mfefirek.sys
21:15:05.0444 1676  mfefirek - ok
21:15:05.0506 1676  [ 7AAF92954D8D2801B17A1163C60ABFE9 ] mfehidk         C:\Windows\system32\drivers\mfehidk.sys
21:15:05.0569 1676  mfehidk - ok
21:15:05.0647 1676  [ 7401E85D5D4B5B0F6A3098EBEE0639AA ] mfencbdc        C:\Windows\system32\DRIVERS\mfencbdc.sys
21:15:05.0694 1676  mfencbdc - ok
21:15:05.0725 1676  [ 439B06E366643B32D549B939780742BE ] mfencrk         C:\Windows\system32\DRIVERS\mfencrk.sys
21:15:05.0787 1676  mfencrk - ok
21:15:05.0818 1676  [ 82B7415D5A8FB24D3F6736400F5E1600 ] mfevtp          C:\Windows\system32\mfevtps.exe
21:15:05.0881 1676  mfevtp - ok
21:15:05.0928 1676  [ 15F92BCD5CB189F5CC7D2F2381F179AC ] mfewfpk         C:\Windows\system32\drivers\mfewfpk.sys
21:15:05.0990 1676  mfewfpk - ok
21:15:06.0021 1676  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\Windows\system32\mmcss.dll
21:15:06.0099 1676  MMCSS - ok
21:15:06.0130 1676  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\Windows\system32\drivers\modem.sys
21:15:06.0255 1676  Modem - ok
21:15:06.0302 1676  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:15:06.0364 1676  monitor - ok
21:15:06.0396 1676  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:15:06.0442 1676  mouclass - ok
21:15:06.0474 1676  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:15:06.0536 1676  mouhid - ok
21:15:06.0567 1676  [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:15:06.0614 1676  mountmgr - ok
21:15:06.0692 1676  [ 730A519505621DF46BCBF9CDAC9FB6AD ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
21:15:06.0754 1676  MozillaMaintenance - ok
21:15:06.0801 1676  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:15:06.0848 1676  mpio - ok
21:15:06.0879 1676  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:15:06.0973 1676  mpsdrv - ok
21:15:07.0020 1676  [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:15:07.0098 1676  MpsSvc - ok
21:15:07.0129 1676  [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:15:07.0222 1676  MRxDAV - ok
21:15:07.0254 1676  [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:15:07.0332 1676  mrxsmb - ok
21:15:07.0363 1676  [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:15:07.0425 1676  mrxsmb10 - ok
21:15:07.0441 1676  [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:15:07.0503 1676  mrxsmb20 - ok
21:15:07.0550 1676  [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci          C:\Windows\system32\drivers\msahci.sys
21:15:07.0612 1676  msahci - ok
21:15:07.0644 1676  [ 55055F8AD8BE27A64C831322A780A228 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:15:07.0706 1676  msdsm - ok
21:15:07.0722 1676  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\Windows\System32\msdtc.exe
21:15:07.0800 1676  MSDTC - ok
21:15:07.0846 1676  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:15:07.0924 1676  Msfs - ok
21:15:07.0940 1676  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:15:08.0018 1676  mshidkmdf - ok
21:15:08.0034 1676  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:15:08.0096 1676  msisadrv - ok
21:15:08.0143 1676  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:15:08.0221 1676  MSiSCSI - ok
21:15:08.0236 1676  msiserver - ok
21:15:08.0283 1676  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:15:08.0377 1676  MSKSSRV - ok
21:15:08.0408 1676  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:15:08.0486 1676  MSPCLOCK - ok
21:15:08.0517 1676  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:15:08.0595 1676  MSPQM - ok
21:15:08.0611 1676  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:15:08.0673 1676  MsRPC - ok
21:15:08.0704 1676  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
21:15:08.0751 1676  mssmbios - ok
21:15:08.0782 1676  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:15:08.0845 1676  MSTEE - ok
21:15:08.0860 1676  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
21:15:08.0923 1676  MTConfig - ok
21:15:08.0954 1676  [ 2E71504A74BE4E3D4EA94568EFF7556E ] MTsensor        C:\Windows\system32\DRIVERS\ATKACPI.sys
21:15:09.0001 1676  MTsensor - ok
21:15:09.0016 1676  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\Windows\system32\Drivers\mup.sys
21:15:09.0063 1676  Mup - ok
21:15:09.0110 1676  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent        C:\Windows\system32\qagentRT.dll
21:15:09.0188 1676  napagent - ok
21:15:09.0235 1676  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:15:09.0313 1676  NativeWifiP - ok
21:15:09.0360 1676  [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:15:09.0438 1676  NDIS - ok
21:15:09.0469 1676  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:15:09.0562 1676  NdisCap - ok
21:15:09.0594 1676  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:15:09.0656 1676  NdisTapi - ok
21:15:09.0703 1676  [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:15:09.0750 1676  Ndisuio - ok
21:15:09.0812 1676  [ 38FBE267E7E6983311179230FACB1017 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:15:09.0890 1676  NdisWan - ok
21:15:09.0921 1676  [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:15:09.0984 1676  NDProxy - ok
21:15:10.0015 1676  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:15:10.0093 1676  NetBIOS - ok
21:15:10.0124 1676  [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:15:10.0218 1676  NetBT - ok
21:15:10.0249 1676  [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon        C:\Windows\system32\lsass.exe
21:15:10.0296 1676  Netlogon - ok
21:15:10.0358 1676  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\Windows\System32\netman.dll
21:15:10.0467 1676  Netman - ok
21:15:10.0498 1676  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\Windows\System32\netprofm.dll
21:15:10.0576 1676  netprofm - ok
21:15:10.0623 1676  [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:15:10.0670 1676  NetTcpPortSharing - ok
21:15:10.0701 1676  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
21:15:10.0748 1676  nfrd960 - ok
21:15:10.0935 1676  [ 25C774E9C3AB49C741FD413857CCE6C6 ] NIHardwareService C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
21:15:11.0076 1676  NIHardwareService ( UnsignedFile.Multi.Generic ) - warning
21:15:11.0076 1676  NIHardwareService - detected UnsignedFile.Multi.Generic (1)
21:15:11.0107 1676  [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:15:11.0200 1676  NlaSvc - ok
21:15:11.0232 1676  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:15:11.0310 1676  Npfs - ok
21:15:11.0341 1676  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\Windows\system32\nsisvc.dll
21:15:11.0419 1676  nsi - ok
21:15:11.0450 1676  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:15:11.0512 1676  nsiproxy - ok
21:15:11.0575 1676  [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:15:11.0668 1676  Ntfs - ok
21:15:11.0715 1676  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\Windows\system32\drivers\Null.sys
21:15:11.0793 1676  Null - ok
21:15:12.0105 1676  [ D3F22DA8F670EFD15D348B5952769CEF ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:15:12.0526 1676  nvlddmkm - ok
21:15:12.0573 1676  [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:15:12.0636 1676  nvraid - ok
21:15:12.0682 1676  [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:15:12.0729 1676  nvstor - ok
21:15:12.0792 1676  [ A3B80E6B7CDE9660F639658739A5824E ] nvsvc           C:\Windows\system32\nvvsvc.exe
21:15:12.0870 1676  nvsvc - ok
21:15:12.0932 1676  [ 61FF84F865B4414EFDC11856BF5757AD ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
21:15:13.0010 1676  nvUpdatusService - ok
21:15:13.0041 1676  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:15:13.0088 1676  nv_agp - ok
21:15:13.0119 1676  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
21:15:13.0197 1676  ohci1394 - ok
21:15:13.0244 1676  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:15:13.0306 1676  p2pimsvc - ok
21:15:13.0353 1676  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\Windows\system32\p2psvc.dll
21:15:13.0416 1676  p2psvc - ok
21:15:13.0447 1676  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
21:15:13.0509 1676  Parport - ok
21:15:13.0556 1676  [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:15:13.0603 1676  partmgr - ok
21:15:13.0634 1676  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
21:15:13.0681 1676  Parvdm - ok
21:15:13.0696 1676  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:15:13.0790 1676  PcaSvc - ok
21:15:13.0806 1676  [ 673E55C3498EB970088E812EA820AA8F ] pci             C:\Windows\system32\drivers\pci.sys
21:15:13.0868 1676  pci - ok
21:15:13.0899 1676  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\Windows\system32\drivers\pciide.sys
21:15:13.0930 1676  pciide - ok
21:15:13.0962 1676  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
21:15:14.0024 1676  pcmcia - ok
21:15:14.0040 1676  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\Windows\system32\drivers\pcw.sys
21:15:14.0086 1676  pcw - ok
21:15:14.0118 1676  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:15:14.0196 1676  PEAUTH - ok
21:15:14.0289 1676  [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla             C:\Windows\system32\pla.dll
21:15:14.0398 1676  pla - ok
21:15:14.0430 1676  [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:15:14.0570 1676  PlugPlay - ok
21:15:14.0601 1676  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:15:14.0664 1676  PNRPAutoReg - ok
21:15:14.0679 1676  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:15:14.0742 1676  PNRPsvc - ok
21:15:14.0788 1676  [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:15:14.0851 1676  PolicyAgent - ok
21:15:14.0898 1676  [ F87D30E72E03D579A5199CCB3831D6EA ] Power           C:\Windows\system32\umpo.dll
21:15:14.0976 1676  Power - ok
21:15:15.0022 1676  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:15:15.0116 1676  PptpMiniport - ok
21:15:15.0132 1676  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
21:15:15.0178 1676  Processor - ok
21:15:15.0210 1676  [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc         C:\Windows\system32\profsvc.dll
21:15:15.0303 1676  ProfSvc - ok
21:15:15.0334 1676  [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:15:15.0381 1676  ProtectedStorage - ok
21:15:15.0412 1676  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:15:15.0506 1676  Psched - ok
21:15:15.0553 1676  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
21:15:15.0678 1676  ql2300 - ok
21:15:15.0724 1676  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
21:15:15.0787 1676  ql40xx - ok
21:15:15.0818 1676  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\Windows\system32\qwave.dll
21:15:15.0927 1676  QWAVE - ok
21:15:15.0958 1676  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:15:16.0021 1676  QWAVEdrv - ok
21:15:16.0052 1676  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:15:16.0130 1676  RasAcd - ok
21:15:16.0161 1676  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
21:15:16.0239 1676  RasAgileVpn - ok
21:15:16.0270 1676  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\Windows\System32\rasauto.dll
21:15:16.0348 1676  RasAuto - ok
21:15:16.0395 1676  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:15:16.0489 1676  Rasl2tp - ok
21:15:16.0536 1676  [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan          C:\Windows\System32\rasmans.dll
21:15:16.0707 1676  RasMan - ok
21:15:16.0754 1676  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:15:16.0957 1676  RasPppoe - ok
21:15:17.0253 1676  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:15:17.0362 1676  RasSstp - ok
21:15:17.0394 1676  [ D528BC58A489409BA40334EBF96A311B ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:15:17.0456 1676  rdbss - ok
21:15:17.0503 1676  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
21:15:17.0565 1676  rdpbus - ok
21:15:17.0612 1676  [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:15:17.0690 1676  RDPCDD - ok
21:15:17.0737 1676  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:15:17.0784 1676  RDPENCDD - ok
21:15:17.0815 1676  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
21:15:17.0877 1676  RDPREFMP - ok
21:15:17.0908 1676  [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:15:17.0986 1676  RdpVideoMiniport - ok
21:15:18.0002 1676  [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:15:18.0096 1676  RDPWD - ok
21:15:18.0142 1676  [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:15:18.0220 1676  rdyboost - ok
21:15:18.0252 1676  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:15:18.0361 1676  RemoteAccess - ok
21:15:18.0392 1676  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:15:18.0470 1676  RemoteRegistry - ok
21:15:18.0501 1676  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:15:18.0595 1676  RpcEptMapper - ok
21:15:18.0626 1676  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\Windows\system32\locator.exe
21:15:18.0704 1676  RpcLocator - ok
21:15:18.0735 1676  [ 6684437F3628EF237C354F77D33426D1 ] rpcnet          C:\Windows\system32\rpcnet.exe
21:15:18.0922 1676  rpcnet - ok
21:15:18.0938 1676  [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs           C:\Windows\system32\rpcss.dll
21:15:19.0016 1676  RpcSs - ok
21:15:19.0047 1676  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:15:19.0141 1676  rspndr - ok
21:15:19.0156 1676  [ 81951F51E318AECC2D68559E47485CC4 ] SamSs           C:\Windows\system32\lsass.exe
21:15:19.0219 1676  SamSs - ok
21:15:19.0250 1676  [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:15:19.0312 1676  sbp2port - ok
21:15:19.0328 1676  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:15:19.0422 1676  SCardSvr - ok
21:15:19.0437 1676  [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:15:19.0531 1676  scfilter - ok
21:15:19.0578 1676  [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule        C:\Windows\system32\schedsvc.dll
21:15:19.0671 1676  Schedule - ok
21:15:19.0718 1676  [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:15:19.0796 1676  SCPolicySvc - ok
21:15:19.0827 1676  [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:15:19.0921 1676  SDRSVC - ok
21:15:19.0968 1676  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:15:20.0046 1676  secdrv - ok
21:15:20.0092 1676  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\Windows\system32\seclogon.dll
21:15:20.0186 1676  seclogon - ok
21:15:20.0202 1676  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\Windows\system32\sens.dll
21:15:20.0311 1676  SENS - ok
21:15:20.0326 1676  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:15:20.0436 1676  SensrSvc - ok
21:15:20.0467 1676  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
21:15:20.0545 1676  Serenum - ok
21:15:20.0545 1676  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
21:15:20.0607 1676  Serial - ok
21:15:20.0670 1676  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
21:15:20.0716 1676  sermouse - ok
21:15:20.0763 1676  [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv      C:\Windows\system32\sessenv.dll
21:15:20.0857 1676  SessionEnv - ok
21:15:20.0888 1676  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:15:20.0950 1676  sffdisk - ok
21:15:20.0982 1676  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:15:21.0044 1676  sffp_mmc - ok
21:15:21.0060 1676  [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:15:21.0122 1676  sffp_sd - ok
21:15:21.0153 1676  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
21:15:21.0200 1676  sfloppy - ok
21:15:21.0278 1676  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:15:21.0372 1676  SharedAccess - ok
21:15:21.0403 1676  [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:15:21.0496 1676  ShellHWDetection - ok
21:15:21.0528 1676  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\Windows\system32\drivers\sisagp.sys
21:15:21.0574 1676  sisagp - ok
21:15:21.0621 1676  [ 6F0C643C7F49F2091B01D014EAE72E1A ] SiSGbeLH        C:\Windows\system32\DRIVERS\SiSGB6.sys
21:15:21.0699 1676  SiSGbeLH - ok
21:15:21.0730 1676  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:15:21.0793 1676  SiSRaid2 - ok
21:15:21.0793 1676  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
21:15:21.0855 1676  SiSRaid4 - ok
21:15:21.0902 1676  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
21:15:21.0949 1676  SkypeUpdate - ok
21:15:21.0949 1676  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:15:22.0027 1676  Smb - ok
21:15:22.0089 1676  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:15:22.0152 1676  SNMPTRAP - ok
21:15:22.0230 1676  [ 1A122A796DF161477D70CA9088A842EB ] SNP2UVC         C:\Windows\system32\DRIVERS\snp2uvc.sys
21:15:22.0323 1676  SNP2UVC - ok
21:15:22.0386 1676  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:15:22.0464 1676  spldr - ok
21:15:22.0557 1676  [ 739DB668DBD812285ECC553E64A5E212 ] spmgr           C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
21:15:22.0604 1676  spmgr - ok
21:15:22.0635 1676  [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler         C:\Windows\System32\spoolsv.exe
21:15:22.0729 1676  Spooler - ok
21:15:22.0838 1676  [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc          C:\Windows\system32\sppsvc.exe
21:15:23.0025 1676  sppsvc - ok
21:15:23.0072 1676  [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
21:15:23.0181 1676  sppuinotify - ok
21:15:23.0244 1676  [ CDDDEC541BC3C96F91ECB48759673505 ] sptd            C:\Windows\system32\Drivers\sptd.sys
21:15:23.0244 1676  Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505
21:15:23.0259 1676  sptd ( LockedFile.Multi.Generic ) - warning
21:15:23.0259 1676  sptd - detected LockedFile.Multi.Generic (1)
21:15:23.0275 1676  [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:15:23.0384 1676  srv - ok
21:15:23.0446 1676  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:15:23.0524 1676  srv2 - ok
21:15:23.0556 1676  [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:15:23.0618 1676  srvnet - ok
21:15:23.0649 1676  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:15:23.0727 1676  SSDPSRV - ok
21:15:23.0758 1676  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:15:23.0852 1676  SstpSvc - ok
21:15:23.0899 1676  Steam Client Service - ok
21:15:23.0992 1676  [ A766CCAD980235FF34E7F8089D3175A3 ] Stereo Service  C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
21:15:24.0039 1676  Stereo Service - ok
21:15:24.0070 1676  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
21:15:24.0117 1676  stexstor - ok
21:15:24.0164 1676  [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc          C:\Windows\System32\wiaservc.dll
21:15:24.0258 1676  StiSvc - ok
21:15:24.0289 1676  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\Windows\system32\drivers\swenum.sys
21:15:24.0336 1676  swenum - ok
21:15:24.0382 1676  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\Windows\System32\swprv.dll
21:15:24.0476 1676  swprv - ok
21:15:24.0523 1676  [ 3F4982DE07D89A1084861E9D59F7EBB1 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
21:15:24.0570 1676  SynTP - ok
21:15:24.0632 1676  [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain         C:\Windows\system32\sysmain.dll
21:15:24.0741 1676  SysMain - ok
21:15:24.0772 1676  [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:15:24.0850 1676  TabletInputService - ok
21:15:24.0897 1676  [ 0C3B2A9C4BD2DD9A6C2E4084314DD719 ] taphss          C:\Windows\system32\DRIVERS\taphss.sys
21:15:24.0944 1676  taphss - ok
21:15:24.0975 1676  [ 613BF4820361543956909043A265C6AC ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:15:25.0084 1676  TapiSrv - ok
21:15:25.0131 1676  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\Windows\System32\tbssvc.dll
21:15:25.0225 1676  TBS - ok
21:15:25.0287 1676  [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:15:25.0381 1676  Tcpip - ok
21:15:25.0443 1676  [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:15:25.0506 1676  TCPIP6 - ok
21:15:25.0537 1676  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:15:25.0584 1676  tcpipreg - ok
21:15:25.0615 1676  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:15:25.0708 1676  TDPIPE - ok
21:15:25.0724 1676  [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:15:25.0786 1676  TDTCP - ok
21:15:25.0818 1676  [ B459575348C20E8121D6039DA063C704 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:15:25.0880 1676  tdx - ok
21:15:25.0927 1676  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD          C:\Windows\system32\drivers\termdd.sys
21:15:25.0974 1676  TermDD - ok
21:15:26.0020 1676  [ 382C804C92811BE57829D8E550A900E2 ] TermService     C:\Windows\System32\termsrv.dll
21:15:26.0130 1676  TermService - ok
21:15:26.0176 1676  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\Windows\system32\themeservice.dll
21:15:26.0254 1676  Themes - ok
21:15:26.0270 1676  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\Windows\system32\mmcss.dll
21:15:26.0348 1676  THREADORDER - ok
21:15:26.0364 1676  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\Windows\System32\trkwks.dll
21:15:26.0457 1676  TrkWks - ok
21:15:26.0520 1676  [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:15:26.0644 1676  TrustedInstaller - ok
21:15:26.0676 1676  [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:15:26.0769 1676  tssecsrv - ok
21:15:26.0847 1676  [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:15:26.0925 1676  TsUsbFlt - ok
21:15:26.0988 1676  [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:15:27.0081 1676  tunnel - ok
21:15:27.0112 1676  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
21:15:27.0159 1676  uagp35 - ok
21:15:27.0190 1676  [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:15:27.0268 1676  udfs - ok
21:15:27.0300 1676  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:15:27.0362 1676  UI0Detect - ok
21:15:27.0378 1676  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:15:27.0440 1676  uliagpkx - ok
21:15:27.0456 1676  [ D295BED4B898F0FD999FCFA9B32B071B ] umbus           C:\Windows\system32\drivers\umbus.sys
21:15:27.0580 1676  umbus - ok
21:15:27.0643 1676  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
21:15:27.0705 1676  UmPass - ok
21:15:27.0752 1676  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\Windows\System32\upnphost.dll
21:15:27.0846 1676  upnphost - ok
21:15:27.0908 1676  [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
21:15:27.0970 1676  usbaudio - ok
21:15:28.0002 1676  [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:15:28.0080 1676  usbccgp - ok
21:15:28.0111 1676  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:15:28.0158 1676  usbcir - ok
21:15:28.0189 1676  [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
21:15:28.0251 1676  usbehci - ok
21:15:28.0314 1676  [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:15:28.0376 1676  usbhub - ok
21:15:28.0407 1676  [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
21:15:28.0454 1676  usbohci - ok
21:15:28.0485 1676  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
21:15:28.0548 1676  usbprint - ok
21:15:28.0579 1676  [ F991AB9CC6B908DB552166768176896A ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:15:28.0688 1676  USBSTOR - ok
21:15:28.0688 1676  [ 78780C3EBCE17405B1CCD07A3A8A7D72 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
21:15:28.0766 1676  usbuhci - ok
21:15:28.0797 1676  [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
21:15:28.0860 1676  usbvideo - ok
21:15:28.0891 1676  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\Windows\System32\uxsms.dll
21:15:28.0953 1676  UxSms - ok
21:15:28.0969 1676  [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc        C:\Windows\system32\lsass.exe
21:15:29.0031 1676  VaultSvc - ok
21:15:29.0062 1676  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:15:29.0109 1676  vdrvroot - ok
21:15:29.0156 1676  [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds             C:\Windows\System32\vds.exe
21:15:29.0281 1676  vds - ok
21:15:29.0296 1676  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:15:29.0359 1676  vga - ok
21:15:29.0390 1676  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:15:29.0468 1676  VgaSave - ok
21:15:29.0499 1676  [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
21:15:29.0562 1676  vhdmp - ok
21:15:29.0593 1676  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
21:15:29.0640 1676  viaagp - ok
21:15:29.0671 1676  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
21:15:29.0733 1676  ViaC7 - ok
21:15:29.0749 1676  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\Windows\system32\drivers\viaide.sys
21:15:29.0811 1676  viaide - ok
21:15:29.0827 1676  [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:15:29.0874 1676  volmgr - ok
21:15:29.0889 1676  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:15:29.0952 1676  volmgrx - ok
21:15:29.0967 1676  [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:15:30.0030 1676  volsnap - ok
21:15:30.0045 1676  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
21:15:30.0123 1676  vsmraid - ok
21:15:30.0186 1676  [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS             C:\Windows\system32\vssvc.exe
21:15:30.0295 1676  VSS - ok
21:15:30.0295 1676  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
21:15:30.0373 1676  vwifibus - ok
21:15:30.0404 1676  [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
21:15:30.0466 1676  vwififlt - ok
21:15:30.0513 1676  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\Windows\system32\w32time.dll
21:15:30.0591 1676  W32Time - ok
21:15:30.0607 1676  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
21:15:30.0685 1676  WacomPen - ok
21:15:30.0747 1676  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
21:15:30.0810 1676  WANARP - ok
21:15:30.0810 1676  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:15:30.0888 1676  Wanarpv6 - ok
21:15:30.0966 1676  [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
21:15:31.0059 1676  WatAdminSvc - ok
21:15:31.0122 1676  [ 691E3285E53DCA558E1A84667F13E15A ] wbengine        C:\Windows\system32\wbengine.exe
21:15:31.0262 1676  wbengine - ok
21:15:31.0309 1676  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:15:31.0402 1676  WbioSrvc - ok
21:15:31.0434 1676  [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:15:31.0512 1676  wcncsvc - ok
21:15:31.0527 1676  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:15:31.0605 1676  WcsPlugInService - ok
21:15:31.0636 1676  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\Windows\system32\DRIVERS\wd.sys
21:15:31.0699 1676  Wd - ok
21:15:31.0792 1676  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:15:31.0886 1676  Wdf01000 - ok
21:15:31.0917 1676  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:15:32.0104 1676  WdiServiceHost - ok
21:15:32.0104 1676  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:15:32.0167 1676  WdiSystemHost - ok
21:15:32.0198 1676  [ A9D880F97530D5B8FEE278923349929D ] WebClient       C:\Windows\System32\webclnt.dll
21:15:32.0292 1676  WebClient - ok
21:15:32.0323 1676  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:15:32.0401 1676  Wecsvc - ok
21:15:32.0432 1676  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:15:32.0510 1676  wercplsupport - ok
21:15:32.0557 1676  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:15:32.0635 1676  WerSvc - ok
21:15:32.0806 1676  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
21:15:32.0869 1676  WfpLwf - ok
21:15:33.0009 1676  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:15:33.0056 1676  WIMMount - ok
21:15:33.0134 1676  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
21:15:33.0212 1676  WinDefend - ok
21:15:33.0228 1676  WinHttpAutoProxySvc - ok
21:15:33.0306 1676  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:15:33.0399 1676  Winmgmt - ok
21:15:33.0462 1676  [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM           C:\Windows\system32\WsmSvc.dll
21:15:33.0586 1676  WinRM - ok
21:15:33.0649 1676  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:15:33.0852 1676  Wlansvc - ok
21:15:33.0883 1676  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
21:15:33.0961 1676  WmiAcpi - ok
21:15:33.0992 1676  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:15:34.0070 1676  wmiApSrv - ok
21:15:34.0148 1676  [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
21:15:34.0226 1676  WMPNetworkSvc - ok
21:15:34.0273 1676  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:15:34.0366 1676  WPCSvc - ok
21:15:34.0398 1676  [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:15:34.0507 1676  WPDBusEnum - ok
21:15:34.0538 1676  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:15:34.0600 1676  ws2ifsl - ok
21:15:34.0632 1676  [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc          C:\Windows\system32\wscsvc.dll
21:15:34.0694 1676  wscsvc - ok
21:15:34.0694 1676  WSearch - ok
21:15:34.0772 1676  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
21:15:34.0897 1676  wuauserv - ok
21:15:34.0928 1676  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:15:34.0990 1676  WudfPf - ok
21:15:35.0037 1676  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:15:35.0115 1676  WUDFRd - ok
21:15:35.0162 1676  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:15:35.0209 1676  wudfsvc - ok
21:15:35.0256 1676  [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:15:35.0318 1676  WwanSvc - ok
21:15:35.0334 1676  ================ Scan global ===============================
21:15:35.0365 1676  [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
21:15:35.0380 1676  [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
21:15:35.0490 1676  [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
21:15:35.0521 1676  [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
21:15:35.0568 1676  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
21:15:35.0583 1676  [Global] - ok
21:15:35.0583 1676  ================ Scan MBR ==================================
21:15:35.0599 1676  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:15:36.0067 1676  \Device\Harddisk0\DR0 - ok
21:15:36.0067 1676  ================ Scan VBR ==================================
21:15:36.0082 1676  [ 559AD70701ACDEAE391D3FD4477873FD ] \Device\Harddisk0\DR0\Partition1
21:15:36.0082 1676  \Device\Harddisk0\DR0\Partition1 - ok
21:15:36.0082 1676  [ 1576D690C23A899537FD15EE974096D6 ] \Device\Harddisk0\DR0\Partition2
21:15:36.0082 1676  \Device\Harddisk0\DR0\Partition2 - ok
21:15:36.0082 1676  ============================================================
21:15:36.0082 1676  Scan finished
21:15:36.0082 1676  ============================================================
21:15:36.0098 4928  Detected object count: 4
21:15:36.0098 4928  Actual detected object count: 4
21:15:53.0555 4928  ADSMService ( UnsignedFile.Multi.Generic ) - skipped by user
21:15:53.0555 4928  ADSMService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:15:53.0570 4928  ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - skipped by user
21:15:53.0570 4928  ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:15:53.0570 4928  NIHardwareService ( UnsignedFile.Multi.Generic ) - skipped by user
21:15:53.0570 4928  NIHardwareService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:15:53.0570 4928  sptd ( LockedFile.Multi.Generic ) - skipped by user
21:15:53.0570 4928  sptd ( LockedFile.Multi.Generic ) - User select action: Skip

cosinus · 14.01.2013, 22:21

Bislang alles sehr unauffällig
Kann es sein, dass andere in deinem Heimnetz Facebook nutzen?

Gersh · 15.01.2013, 01:33

Hab mich halt gewundert. Die anderen IPs kamen dann ja auch von verschiedensten Orten.

Kann folgendes möglich sein?

Ich habe bei Fb als Standard die sichere Verbindung, bei der das Gerät identifiziert werden muss. Dort muss man ja ein Gerät anmelden. Ich kriege aber jedes mal, wenn ich mich einlogge den Screen bei dem man das Gerät angeben muss. Dachte immer, das passiert, weil die ne fixe IP abfragen. Kann es aber sein, dass die meinen PC anpingen bzw ne MAC abrufen wollen?

12.01.2013, 16:14	#2
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Facebook IP greift auf PC zu? Ohne die Logs deiner McAfee-Firewall wird das ziemlicher __________________ __________________

12.01.2013, 17:52	#4
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Facebook IP greift auf PC zu? Dann können nichts zu deiner Ausgangsfrage sagen Andere Fragen? Hattest du vllt mal Virenfunde? __________________ Logfiles bitte immer in CODE-Tags posten

14.01.2013, 22:21	#12
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Facebook IP greift auf PC zu? Bislang alles sehr unauffällig Kann es sein, dass andere in deinem Heimnetz Facebook nutzen? __________________ Logfiles bitte immer in CODE-Tags posten

Facebook IP greift auf PC zu?

Plagegeister aller Art und deren Bekämpfung: Facebook IP greift auf PC zu?