| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: BKA - Virus und HarddiscWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
25.12.2012, 00:41
| #1 |
| |  BKA - Virus und Harddisc Hallo! Ich hab mir gestern den BKA-Virus trotz aktiviertem Virusschutz eingefangen. Dank eines zweiten Users (meine damit einen zweiten Account auf meinem Rechner) konnte ich das Problem umgehen, dass der Trojaner auch im abgesicherten Modus alles blockiert hat. Lasse grad Malwarebytes, AdwCleaner, Emsisoft Anti-Malware und Eset Online Scanner bei meinem Rechner drüberlaufen (nacheinander), Java-Update/Bereinigung kommt auch noch... Ich fürchte aber, dass ich mir von dem Trojaner noch ein Problem eingetreten habe. Eine meiner zwei externen Festplatten ist im Explorer nicht mehr sichtbar und macht rythmische summ-tacker-Geräusche. Das einzige, was dagegen hilft ist die Stromversorgung zu unterbrechen. Auf meinem Zweitrechner (Ubuntu) wird sie auch nicht (mehr) erkannt. Selbstverständlich sind wichtige Daten drauf, die ich - genauso sebverständlich - nur zum Teil gesichert habe.  Kann mir irgenwer helfen? Ok, habe alle Antivirenprogramme drüberlaufen lassen, Java auf den aktuellen Stand gebracht und auch sonst alles gemacht, wozu hier standardmäßig geraten wird. ABER: Hat jemand einen Tip wegen der externen Festplatte? Da komme ich nicht weiter... Irgendwer eine Idee? |
|
26.12.2012, 11:58
| #2 |
| /// TB-Ausbilder   | BKA - Virus und Harddisc Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Wir kümmern uns in diesem Bereich des Forums nur um die Entfernung von Malware. Wegen deines Hardwareproblems leite ich dich anschließend ins passende Unterforum weiter.  Poste mir bitte alle Logdateien von MBAM, AdwCleaner und ESET sowie die folgenden: Schritt 1 Downloade dir bitte DDS ( von sUBs ) von einem der folgenden Downloadspiegel und speichere die Datei auf deinem Desktop. dds.com dds.exe
Schritt 2 Downloade Dir bitte defogger von jpshortstuff auf Deinem Desktop.
Schritt 3 Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit. Schritt 4 Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen. Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
26.12.2012, 14:25
| #3 |
| | BKA - Virus und Harddisc Hallo Matthias!
__________________Danke zuallererst, dass du Dich meines Problems annimmst. Ich finde es toll, dass es so hilfsbereite Leute die Dich und Deine Kollegen hier im Forum gibt! Hier jetzt die Logfiles: dds.txt DDS Logfile: Code:
ATTFilter DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.10.2
Run by bertl at 13:20:04 on 2012-12-26
.
============== Running Processes ================
.
C:\PROGRA~1\AVG\AVG2013\avgrsx.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\ibmpmsvc.exe
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG2013\avgidsagent.exe
C:\Program Files\AVG\AVG2013\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Secunia\PSI\PSIA.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Secunia\PSI\psi_tray.exe
C:\Program Files\Secunia\PSI\sua.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\AVG\AVG2013\avgnsx.exe
C:\Program Files\AVG\AVG2013\avgemcx.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\OpenOffice.org 3\program\swriter.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Panda USB Vaccine\USBVaccine.exe
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Program Files\Comodo\Dragon\dragon_updater.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
C:\Program Files\COMODO\COMODO Internet Security\cis.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k SDRSVC
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://feed.snap.do/?publisher=SnapdoIMonetizer&dpid=SnapdoEMon&co=AT&userid=acdb4e60-080b-458c-a116-b0295ea93435&searchtype=hp
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mURLSearchHooks: ZoneAlarm-Sicherheit Toolbar: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - c:\program files\zonealarm-sicherheit\tbZone.dll
mWinlogon: Userinit = c:\windows\system32\userinit.exe
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - c:\program files\adawaretb\adawareDx.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: ZoneAlarm Security Engine Registrar: {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: ZoneAlarm Security Engine: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
TB: ZoneAlarm-Sicherheit Toolbar: {FC2B76FC-2132-4D80-A9A3-1F5C6E49066B} - c:\program files\zonealarm-sicherheit\tbZone.dll
TB: ZoneAlarm-Sicherheit Toolbar: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - c:\program files\zonealarm-sicherheit\tbZone.dll
TB: ZoneAlarm Security Engine: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
TB: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - c:\program files\adawaretb\adawareDx.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [FileHippo.com] "c:\program files\filehippo.com\UpdateChecker.exe" /background
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [ZoneAlarm] "c:\program files\checkpoint\zonealarm\zatray.exe"
mRun: [ISW] c:\program files\checkpoint\zaforcefield\ForceField.exe /icon="hidden"
mRun: [Ad-Aware Browsing Protection] "c:\programdata\ad-aware browsing protection\adawarebp.exe"
mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
mRun: [COMODO Internet Security] c:\program files\comodo\comodo internet security\cistray.exe
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab
TCP: NameServer = 195.34.133.21 212.186.211.21
TCP: Interfaces\{21BDA8A7-92B3-4839-B1AA-EA15804780B8} : DHCPNameServer = 195.34.133.21 212.186.211.21
TCP: Interfaces\{CA7BD992-722E-4EBD-BFF0-16CBF0599A0D}\55053403034353438363 : DHCPNameServer = 195.34.133.21 212.186.211.21
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\bertl\appdata\roaming\mozilla\firefox\profiles\jes2v9mu.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.at/
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\checkpoint\zaforcefield\trustchecker\bin\npFFApi.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npicaN.dll
FF - plugin: c:\users\bertl\appdata\roaming\mozilla\firefox\profiles\jes2v9mu.default\extensions\2020player_ikea@2020technologies.com\plugins\NP_2020Player_IKEA.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_135.dll
FF - ExtSQL: 2012-12-25 14:19; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\bertl\appdata\roaming\mozilla\firefox\profiles\jes2v9mu.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2012-12-25 14:23; {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}; c:\users\bertl\appdata\roaming\mozilla\firefox\profiles\jes2v9mu.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF - ExtSQL: 2012-12-25 14:23; {73a6fe31-595d-460b-a920-fcc0f8843232}; c:\users\bertl\appdata\roaming\mozilla\firefox\profiles\jes2v9mu.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF - ExtSQL: !HIDDEN! 2011-05-28 19:55; smartwebprinting@hp.com; c:\program files\hp\digital imaging\smart web printing\MozillaAddOn3
.
============= SERVICES / DRIVERS ===============
.
R? b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? cmderd;COMODO Internet Security Eradication Driver
R? cmdvirth;COMODO Virtual Service Manager
R? Lavasoft Kernexplorer;Lavasoft helper driver
R? SBRE;SBRE
R? TsUsbFlt;TsUsbFlt
R? TsUsbGD;Remote Desktop Generic USB Device
R? WatAdminSvc;Windows-Aktivierungstechnologieservice
S? AVGIDSAgent;AVGIDSAgent
S? AVGIDSDriver;AVGIDSDriver
S? AVGIDSHX;AVGIDSHX
S? AVGIDSShim;AVGIDSShim
S? Avgldx86;AVG AVI Loader Driver
S? Avglogx;AVG Logging Driver
S? Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield
S? Avgrkx86;AVG Anti-Rootkit Driver
S? Avgtdix;AVG TDI Driver
S? avgwd;AVG WatchDog
S? cmdGuard;COMODO Internet Security Sandbox Driver
S? cmdHlp;COMODO Internet Security Helper Driver
S? ctxusbm;Citrix USB Monitor Driver
S? DragonUpdater;COMODO Dragon Update Service
S? ISWKL;ZoneAlarm LTD Toolbar ISWKL
S? IswSvc;ZoneAlarm LTD Toolbar IswSvc
S? pneteth;PdaNet Broadband
S? PSI;PSI
S? Secunia PSI Agent;Secunia PSI Agent
S? Secunia Update Agent;Secunia Update Agent
S? SrvHsfHDA;SrvHsfHDA
S? SrvHsfV92;SrvHsfV92
S? SrvHsfWinac;SrvHsfWinac
.
=============== Created Last 30 ================
.
2012-12-26 11:38:41 60872 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{4952c0e5-99b4-469b-855d-6401a7c2c3d3}\offreg.dll
2012-12-26 11:08:53 6812136 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{4952c0e5-99b4-469b-855d-6401a7c2c3d3}\mpengine.dll
2012-12-26 10:44:18 -------- d-s---w- c:\programdata\Shared Space
2012-12-26 10:00:10 -------- d-----w- c:\programdata\Comodo
2012-12-25 23:58:57 42760 ----a-w- c:\windows\system32\certsentry.dll
2012-12-25 23:50:55 -------- d-----w- c:\users\bertl\appdata\local\Comodo
2012-12-25 23:48:23 -------- d-----w- c:\program files\Comodo
2012-12-25 23:46:24 -------- d-----w- c:\programdata\Comodo Downloader
2012-12-25 20:02:55 -------- d-----w- c:\programdata\Panda Security
2012-12-25 20:02:44 -------- d-----w- c:\program files\Panda USB Vaccine
2012-12-25 19:13:57 -------- d-----w- c:\program files\Defraggler
2012-12-25 15:34:26 -------- d-----w- c:\program files\iPod
2012-12-25 15:34:24 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2012-12-25 15:34:24 -------- d-----w- c:\program files\iTunes
2012-12-25 13:37:09 -------- d-----w- c:\program files\PHP
2012-12-25 13:27:38 -------- d-----w- c:\program files\FileHippo.com
2012-12-25 13:27:18 -------- d-----w- c:\users\bertl\appdata\local\Secunia PSI
2012-12-25 13:26:23 -------- d-----w- c:\program files\Secunia
2012-12-25 13:22:14 -------- d-----w- c:\users\bertl\appdata\roaming\AVG2013
2012-12-25 13:19:27 -------- d--h--w- C:\$AVG
2012-12-25 13:19:26 -------- d-----w- c:\programdata\AVG2013
2012-12-25 13:18:25 -------- d-----w- c:\program files\AVG
2012-12-25 13:17:06 -------- d-----w- c:\users\bertl\appdata\local\MFAData
2012-12-25 13:17:06 -------- d-----w- c:\users\bertl\appdata\local\Avg2013
2012-12-25 13:17:06 -------- d-----w- c:\programdata\MFAData
2012-12-25 12:24:58 93640 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-12-24 17:07:20 -------- d-----w- c:\program files\Emsisoft Anti-Malware
2012-12-24 12:51:16 -------- d-----w- c:\programdata\Malwarebytes
2012-12-24 00:22:33 -------- d-----w- c:\windows\pss
2012-12-21 08:59:37 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-21 08:59:37 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 16:19:40 -------- d-----w- c:\users\bertl\appdata\local\Alt.Binz
2012-12-16 16:15:44 -------- d-----w- c:\program files\Alt.Binz
2012-12-16 16:00:28 -------- d-----w- c:\users\bertl\appdata\roaming\GrabIt
2012-12-16 13:06:05 -------- d-----w- c:\program files\GrabIt
2012-12-15 20:23:02 -------- d-----w- c:\users\bertl\appdata\local\QuickPar
2012-12-15 13:40:23 -------- d-----w- c:\program files\QuickPar
2012-12-14 19:45:42 43880 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2012-12-14 19:45:40 574848 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2012-12-14 19:45:40 20224 ----a-w- c:\windows\system32\drivers\cmderd.sys
2012-12-14 19:45:32 35640 ----a-w- c:\windows\system32\cmdcsr.dll
2012-12-14 19:45:30 350272 ----a-w- c:\windows\system32\guard32.dll
2012-12-14 19:45:14 260304 ----a-w- c:\windows\system32\cmdvrt32.dll
2012-12-13 19:12:08 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-12-08 19:20:55 96224 ----a-w- c:\program files\mozilla firefox\webapprt-stub.exe
.
==================== Find3M ====================
.
2012-12-13 20:54:15 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-13 20:54:15 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-11-14 02:09:22 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-09 04:42:49 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-02 05:11:31 376832 ----a-w- c:\windows\system32\dpnet.dll
2012-10-25 02:12:26 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2012-10-25 02:12:26 69632 ----a-w- c:\windows\system32\QuickTime.qts
2012-10-22 12:02:46 179936 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2012-10-17 07:23:05 821736 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-10-17 07:23:05 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-10-16 07:39:52 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-15 02:48:52 55776 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2012-10-09 17:40:31 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-10-09 17:40:31 193536 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-10-04 16:47:18 169984 ----a-w- c:\windows\system32\winsrv.dll
2012-10-04 16:43:05 293376 ----a-w- c:\windows\system32\KernelBase.dll
2012-10-04 14:57:58 271360 ----a-w- c:\windows\system32\conhost.exe
2012-10-04 14:41:50 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-10-04 14:41:50 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-04 14:41:50 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-10-04 14:41:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-10-03 16:58:30 1293680 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-10-03 16:42:26 52224 ----a-w- c:\windows\system32\nlaapi.dll
2012-10-03 16:42:26 242176 ----a-w- c:\windows\system32\nlasvc.dll
2012-10-03 16:42:24 18944 ----a-w- c:\windows\system32\netevent.dll
2012-10-03 16:42:24 175104 ----a-w- c:\windows\system32\netcorehc.dll
2012-10-03 16:42:23 156672 ----a-w- c:\windows\system32\ncsi.dll
2012-10-03 16:40:35 499712 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-10-03 15:21:38 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2012-10-02 02:30:38 159712 ----a-w- c:\windows\system32\drivers\avgldx86.sys
.
============= FINISH: 13:21:38,10 ===============
attach.txt HTML-Code: . ==== Installed Programs ====================== . 32 Bit HP CIO Components Installer 7-Zip 9.20 Acquia Dev Desktop ActiveState ActivePython 2.7.2.5 (32-bit) Ad-Aware Security Add-on Adobe Digital Editions Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader XI - Deutsch Alt.Binz 0.39.4 Amazon Kindle Apple Application Support Apple Mobile Device Support Apple Software Update µTorrent Auto Gordian Knot 2.55 AVG 2013 AviSynth 2.5 BIPA FotoShop Bonjour BufferChm BurnAware Free 4.9 Citrix Online Plug-in - Web Citrix Online Plug-in (DV) Citrix Online Plug-in (HDX) Citrix Online Plug-in (USB) Citrix Online Plug-in (Web) Comodo Dragon COMODO Internet Security Copy D3DX10 Defraggler Destinations DeviceDiscovery DJ_AIO_06_F4500_SW_MIN doPDF 7.2 printer Duplicate Files Finder DVD Shrink 3.2 F4500 FileHippo.com Update Checker FileZilla Client 3.6.0.2 Foxit PDF Editor Foxit Reader Free RAR Extract Frog Freemake Video Converter Version 2.3.4 GIMP 2.8.2 GPBaseService2 GrabIt 1.7.2 Beta 6 (build 1008) Hewlett-Packard ACLM.NET v1.1.0.0 HP Customer Participation Program 14.0 HP Deskjet F4500 All-in-One Driver Software 14.0 Rel. 6 HP Imaging Device Functions 14.0 HP Product Detection HP Smart Web Printing 4.60 HP Solution Center 14.0 HP Update HPPhotoGadget HPProductAssistant HPSSupply Image Resizer Powertoy Clone for Windows Intel(R) Graphics Media Accelerator Driver IrfanView (remove only) iTunes Java 7 Update 10 Java Auto Updater Junk Mail filter update K-Lite Codec Pack 7.0.0 (Full) MarketResearch Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Mozilla Firefox 17.0.1 (x86 de) Mozilla Maintenance Service Mozilla Thunderbird 17.0 (x86 de) MSVCRT MSVCRT110 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MyPhoneExplorer Network Nvu 1.0 OpenOffice.org 3.4.1 Panda USB Vaccine 1.0.1.4 PdaNet for Android 3.50 PDF-OVER Photo Common PHP 5.3.4 Picasa 3 Power Sound Editor Free Python 2.7 pycrypto-2.1.0 QuickPar 0.9 QuickTime Scan Secunia PSI (3.0.0.6001) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Shop for HP Supplies SmartWebPrinting SolutionCenter Status TeraCopy 2.27 ThinkPad Power Management Driver Toolbox TrayApp TreeSize Free V2.5 Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) VC 9.0 Runtime VLC media player 2.0.1 VobSub v2.23 (Remove Only) WebReg Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live MIME IFilter Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Mobile-Gerätecenter XviD MPEG4 Video Codec (remove only) ZoneAlarm Firewall ZoneAlarm Free Firewall ZoneAlarm LTD Toolbar ZoneAlarm Security . ==== End Of File =========================== HTML-Code: defogger_disable by jpshortstuff (23.02.10.1) Log created at 13:24 on 26/12/2012 (bertl) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. Checking for services/drivers... -=E.O.F=- HTML-Code: aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software Run date: 2012-12-26 13:26:30 ----------------------------- 13:26:30.517 OS Version: Windows 6.1.7601 Service Pack 1 13:26:30.517 Number of processors: 2 586 0xF02 13:26:30.517 ComputerName: BERTL-PC UserName: bertl 13:26:31.500 Initialize success 13:26:43.012 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-2 13:26:43.012 Disk 0 Vendor: Hitachi_HTS545050B9A300 PB4OC64G Size: 476940MB BusType: 11 13:26:43.044 Disk 0 MBR read successfully 13:26:43.044 Disk 0 MBR scan 13:26:43.059 Disk 0 Windows 7 default MBR code 13:26:43.059 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100000 MB offset 63 13:26:43.059 Disk 0 Partition - 00 0F Extended LBA 376936 MB offset 204800400 13:26:43.090 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 376936 MB offset 204800463 13:26:43.106 Disk 0 scanning sectors +976767120 13:26:43.168 Disk 0 scanning C:\Windows\system32\drivers 13:26:51.202 Service scanning 13:27:11.748 Modules scanning 13:27:32.246 Disk 0 trace - called modules: 13:27:32.308 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS halmacpi.dll PCIIDEX.SYS msahci.sys 13:27:32.823 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8619b810] 13:27:32.823 3 CLASSPNP.SYS[8b3d459e] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-2[0x85d0c908] 13:27:32.839 Scan finished successfully 13:27:45.085 Disk 0 MBR has been saved successfully to "C:\Users\bertl\Desktop\MBR.dat" 13:27:45.100 The log file has been saved successfully to "C:\Users\bertl\Desktop\aswMBR.txt" HTML-Code: 13:29:08.0330 3584 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 13:29:08.0954 3584 ============================================================ 13:29:08.0954 3584 Current date / time: 2012/12/26 13:29:08.0954 13:29:08.0954 3584 SystemInfo: 13:29:08.0954 3584 13:29:08.0954 3584 OS Version: 6.1.7601 ServicePack: 1.0 13:29:08.0954 3584 Product type: Workstation 13:29:08.0954 3584 ComputerName: BERTL-PC 13:29:08.0954 3584 UserName: bertl 13:29:08.0954 3584 Windows directory: C:\Windows 13:29:08.0954 3584 System windows directory: C:\Windows 13:29:08.0954 3584 Processor architecture: Intel x86 13:29:08.0954 3584 Number of processors: 2 13:29:08.0954 3584 Page size: 0x1000 13:29:08.0954 3584 Boot type: Normal boot 13:29:08.0954 3584 ============================================================ 13:29:10.0124 3584 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050 13:29:10.0124 3584 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 13:29:10.0139 3584 ============================================================ 13:29:10.0139 3584 \Device\Harddisk0\DR0: 13:29:10.0139 3584 MBR partitions: 13:29:10.0139 3584 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC350151 13:29:10.0170 3584 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC3501CF, BlocksNum 0x2E0346C1 13:29:10.0170 3584 \Device\Harddisk1\DR1: 13:29:10.0170 3584 MBR partitions: 13:29:10.0170 3584 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800 13:29:10.0170 3584 ============================================================ 13:29:10.0186 3584 C: <-> \Device\Harddisk0\DR0\Partition1 13:29:10.0576 3584 D: <-> \Device\Harddisk0\DR0\Partition2 13:29:10.0638 3584 J: <-> \Device\Harddisk1\DR1\Partition1 13:29:10.0638 3584 ============================================================ 13:29:10.0638 3584 Initialize success 13:29:10.0638 3584 ============================================================ 13:29:16.0457 4528 ============================================================ 13:29:16.0457 4528 Scan started 13:29:16.0457 4528 Mode: Manual; 13:29:16.0457 4528 ============================================================ 13:29:21.0122 4528 ================ Scan system memory ======================== 13:29:21.0122 4528 System memory - ok 13:29:21.0122 4528 ================ Scan services ============================= 13:29:21.0309 4528 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 13:29:21.0309 4528 1394ohci - ok 13:29:21.0340 4528 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys 13:29:21.0340 4528 ACPI - ok 13:29:21.0356 4528 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 13:29:21.0371 4528 AcpiPmi - ok 13:29:21.0480 4528 [ B1EA9681502EE57F87DB71D726288A5B ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe 13:29:21.0480 4528 AdobeARMservice - ok 13:29:21.0590 4528 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 13:29:21.0605 4528 AdobeFlashPlayerUpdateSvc - ok 13:29:21.0652 4528 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 13:29:21.0652 4528 adp94xx - ok 13:29:21.0683 4528 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\drivers\adpahci.sys 13:29:21.0683 4528 adpahci - ok 13:29:21.0699 4528 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 13:29:21.0699 4528 adpu320 - ok 13:29:21.0761 4528 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 13:29:21.0761 4528 AeLookupSvc - ok 13:29:21.0792 4528 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys 13:29:21.0808 4528 AFD - ok 13:29:21.0824 4528 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys 13:29:21.0824 4528 agp440 - ok 13:29:21.0855 4528 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\drivers\djsvs.sys 13:29:21.0855 4528 aic78xx - ok 13:29:21.0902 4528 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe 13:29:21.0902 4528 ALG - ok 13:29:21.0933 4528 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys 13:29:21.0933 4528 aliide - ok 13:29:21.0948 4528 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys 13:29:21.0964 4528 amdagp - ok 13:29:21.0980 4528 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys 13:29:21.0980 4528 amdide - ok 13:29:22.0026 4528 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 13:29:22.0026 4528 AmdK8 - ok 13:29:22.0058 4528 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 13:29:22.0073 4528 AmdPPM - ok 13:29:22.0120 4528 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys 13:29:22.0120 4528 amdsata - ok 13:29:22.0151 4528 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 13:29:22.0151 4528 amdsbs - ok 13:29:22.0182 4528 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys 13:29:22.0182 4528 amdxata - ok 13:29:22.0214 4528 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys 13:29:22.0214 4528 AppID - ok 13:29:22.0276 4528 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll 13:29:22.0276 4528 AppIDSvc - ok 13:29:22.0323 4528 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll 13:29:22.0323 4528 Appinfo - ok 13:29:22.0401 4528 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 13:29:22.0401 4528 Apple Mobile Device - ok 13:29:22.0448 4528 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\drivers\arc.sys 13:29:22.0448 4528 arc - ok 13:29:22.0479 4528 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\drivers\arcsas.sys 13:29:22.0479 4528 arcsas - ok 13:29:22.0510 4528 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 13:29:22.0510 4528 AsyncMac - ok 13:29:22.0526 4528 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys 13:29:22.0526 4528 atapi - ok 13:29:22.0619 4528 [ 614A60AEE03A6151FDCBAC295854A9CB ] athr C:\Windows\system32\DRIVERS\athr.sys 13:29:22.0635 4528 athr - ok 13:29:22.0697 4528 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 13:29:22.0713 4528 AudioEndpointBuilder - ok 13:29:22.0728 4528 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll 13:29:22.0728 4528 Audiosrv - ok 13:29:23.0040 4528 [ 56C73C5BC1656656CAC38A23B4310466 ] AVGIDSAgent C:\Program Files\AVG\AVG2013\avgidsagent.exe 13:29:23.0103 4528 AVGIDSAgent - ok 13:29:23.0134 4528 [ 7BB2C605094DBCA536D127B434214862 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdriverx.sys 13:29:23.0150 4528 AVGIDSDriver - ok 13:29:23.0181 4528 [ 8F50F98686C9A397A19FCBAE284DB1C5 ] AVGIDSHX C:\Windows\system32\DRIVERS\avgidshx.sys 13:29:23.0181 4528 AVGIDSHX - ok 13:29:23.0212 4528 [ A8DE230CC8536790CA07D37FBCD87A74 ] AVGIDSShim C:\Windows\system32\DRIVERS\avgidsshimx.sys 13:29:23.0212 4528 AVGIDSShim - ok 13:29:23.0228 4528 [ D53D35031365A0ECCB1DC1BC1B15B18E ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys 13:29:23.0228 4528 Avgldx86 - ok 13:29:23.0274 4528 [ 95889A9D23F3133250FA8AD13C982D58 ] Avglogx C:\Windows\system32\DRIVERS\avglogx.sys 13:29:23.0290 4528 Avglogx - ok 13:29:23.0306 4528 [ 6C7C00B8DD22B4343B47FED148387057 ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys 13:29:23.0306 4528 Avgmfx86 - ok 13:29:23.0321 4528 [ F3D57358DE0B8B3491013C615754A7C7 ] Avgrkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys 13:29:23.0321 4528 Avgrkx86 - ok 13:29:23.0368 4528 [ BA73B38E9033FC6018DB736B635706AE ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys 13:29:23.0368 4528 Avgtdix - ok 13:29:23.0415 4528 [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd C:\Program Files\AVG\AVG2013\avgwdsvc.exe 13:29:23.0415 4528 avgwd - ok 13:29:23.0446 4528 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll 13:29:23.0462 4528 AxInstSV - ok 13:29:23.0493 4528 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys 13:29:23.0493 4528 b06bdrv - ok 13:29:23.0524 4528 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys 13:29:23.0524 4528 b57nd60x - ok 13:29:23.0555 4528 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll 13:29:23.0555 4528 BDESVC - ok 13:29:23.0571 4528 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys 13:29:23.0571 4528 Beep - ok 13:29:23.0602 4528 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll 13:29:23.0618 4528 BFE - ok 13:29:23.0664 4528 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll 13:29:23.0680 4528 BITS - ok 13:29:23.0711 4528 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 13:29:23.0711 4528 blbdrive - ok 13:29:23.0820 4528 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 13:29:23.0836 4528 Bonjour Service - ok 13:29:23.0883 4528 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 13:29:23.0883 4528 bowser - ok 13:29:23.0898 4528 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 13:29:23.0898 4528 BrFiltLo - ok 13:29:23.0961 4528 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 13:29:23.0961 4528 BrFiltUp - ok 13:29:24.0008 4528 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll 13:29:24.0008 4528 Browser - ok 13:29:24.0039 4528 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys 13:29:24.0054 4528 Brserid - ok 13:29:24.0070 4528 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 13:29:24.0070 4528 BrSerWdm - ok 13:29:24.0101 4528 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 13:29:24.0101 4528 BrUsbMdm - ok 13:29:24.0148 4528 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 13:29:24.0148 4528 BrUsbSer - ok 13:29:24.0179 4528 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 13:29:24.0179 4528 BTHMODEM - ok 13:29:24.0226 4528 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll 13:29:24.0226 4528 bthserv - ok 13:29:24.0257 4528 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 13:29:24.0257 4528 cdfs - ok 13:29:24.0304 4528 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 13:29:24.0304 4528 cdrom - ok 13:29:24.0351 4528 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll 13:29:24.0366 4528 CertPropSvc - ok 13:29:24.0398 4528 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\drivers\circlass.sys 13:29:24.0398 4528 circlass - ok 13:29:24.0429 4528 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys 13:29:24.0429 4528 CLFS - ok 13:29:24.0522 4528 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 13:29:24.0538 4528 clr_optimization_v2.0.50727_32 - ok 13:29:24.0647 4528 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 13:29:24.0647 4528 clr_optimization_v4.0.30319_32 - ok 13:29:24.0678 4528 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 13:29:24.0678 4528 CmBatt - ok 13:29:24.0834 4528 [ 0316F61AC15E20C4269A96C01003402F ] cmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe 13:29:24.0897 4528 cmdAgent - ok 13:29:24.0944 4528 [ A0D7F1EE84B57BA540CDF8FA626E2DDC ] cmderd C:\Windows\system32\DRIVERS\cmderd.sys 13:29:24.0944 4528 cmderd - ok 13:29:24.0990 4528 [ 632305A7771869764F5A7AC4A0E4391B ] cmdGuard C:\Windows\system32\DRIVERS\cmdguard.sys 13:29:24.0990 4528 cmdGuard - ok 13:29:25.0022 4528 [ A069D60666C3A3061EA8D4FE6E718A1C ] cmdHlp C:\Windows\system32\DRIVERS\cmdhlp.sys 13:29:25.0022 4528 cmdHlp - ok 13:29:25.0053 4528 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys 13:29:25.0053 4528 cmdide - ok 13:29:25.0084 4528 [ A3AB9C4EC29DA0902D428C7EEAC4B249 ] cmdvirth C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe 13:29:25.0084 4528 cmdvirth - ok 13:29:25.0146 4528 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys 13:29:25.0162 4528 CNG - ok 13:29:25.0193 4528 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 13:29:25.0193 4528 Compbatt - ok 13:29:25.0224 4528 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys 13:29:25.0224 4528 CompositeBus - ok 13:29:25.0256 4528 COMSysApp - ok 13:29:25.0271 4528 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 13:29:25.0271 4528 crcdisk - ok 13:29:25.0334 4528 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll 13:29:25.0334 4528 CryptSvc - ok 13:29:25.0380 4528 [ A1998B05CDB931DEB5C653DE13D56E13 ] ctxusbm C:\Windows\system32\DRIVERS\ctxusbm.sys 13:29:25.0396 4528 ctxusbm - ok 13:29:25.0427 4528 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll 13:29:25.0443 4528 DcomLaunch - ok 13:29:25.0474 4528 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll 13:29:25.0474 4528 defragsvc - ok 13:29:25.0521 4528 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 13:29:25.0521 4528 DfsC - ok 13:29:25.0568 4528 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll 13:29:25.0568 4528 Dhcp - ok 13:29:25.0583 4528 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys 13:29:25.0583 4528 discache - ok 13:29:25.0614 4528 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\drivers\disk.sys 13:29:25.0630 4528 Disk - ok 13:29:25.0661 4528 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll 13:29:25.0661 4528 Dnscache - ok 13:29:25.0708 4528 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll 13:29:25.0708 4528 dot3svc - ok 13:29:25.0755 4528 [ B5E479EB83707DD698F66953E922042C ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys 13:29:25.0755 4528 Dot4 - ok 13:29:25.0770 4528 [ CAEFD09B6A6249C53A67D55A9A9FCABF ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys 13:29:25.0786 4528 Dot4Print - ok 13:29:25.0802 4528 [ CF491FF38D62143203C065260567E2F7 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys 13:29:25.0802 4528 dot4usb - ok 13:29:25.0802 4528 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll 13:29:25.0833 4528 DPS - ok 13:29:25.0958 4528 [ 02F0870C07872CC506C33E79883082B3 ] DragonUpdater C:\Program Files\Comodo\Dragon\dragon_updater.exe 13:29:25.0989 4528 DragonUpdater - ok 13:29:26.0020 4528 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 13:29:26.0020 4528 drmkaud - ok 13:29:26.0082 4528 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 13:29:26.0098 4528 DXGKrnl - ok 13:29:26.0145 4528 [ CF0A6015F437161698C5B2A0A12CF052 ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys 13:29:26.0145 4528 e1express - ok 13:29:26.0192 4528 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll 13:29:26.0223 4528 EapHost - ok 13:29:26.0363 4528 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\drivers\evbdx.sys 13:29:26.0394 4528 ebdrv - ok 13:29:26.0441 4528 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe 13:29:26.0457 4528 EFS - ok 13:29:26.0597 4528 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 13:29:26.0613 4528 ehRecvr - ok 13:29:26.0644 4528 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe 13:29:26.0644 4528 ehSched - ok 13:29:26.0675 4528 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\drivers\elxstor.sys 13:29:26.0691 4528 elxstor - ok 13:29:26.0706 4528 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys 13:29:26.0706 4528 ErrDev - ok 13:29:26.0753 4528 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll 13:29:26.0769 4528 EventSystem - ok 13:29:26.0800 4528 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys 13:29:26.0800 4528 exfat - ok 13:29:26.0847 4528 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys 13:29:26.0847 4528 fastfat - ok 13:29:26.0878 4528 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe 13:29:26.0894 4528 Fax - ok 13:29:26.0925 4528 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\drivers\fdc.sys 13:29:26.0925 4528 fdc - ok 13:29:26.0972 4528 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll 13:29:26.0972 4528 fdPHost - ok 13:29:26.0987 4528 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll 13:29:26.0987 4528 FDResPub - ok 13:29:27.0003 4528 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 13:29:27.0003 4528 FileInfo - ok 13:29:27.0018 4528 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 13:29:27.0018 4528 Filetrace - ok 13:29:27.0018 4528 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 13:29:27.0018 4528 flpydisk - ok 13:29:27.0050 4528 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 13:29:27.0050 4528 FltMgr - ok 13:29:27.0159 4528 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll 13:29:27.0159 4528 FontCache - ok 13:29:27.0221 4528 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 13:29:27.0237 4528 FontCache3.0.0.0 - ok 13:29:27.0268 4528 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 13:29:27.0284 4528 FsDepends - ok 13:29:27.0330 4528 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 13:29:27.0330 4528 Fs_Rec - ok 13:29:27.0362 4528 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 13:29:27.0362 4528 fvevol - ok 13:29:27.0377 4528 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 13:29:27.0393 4528 gagp30kx - ok 13:29:27.0440 4528 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 13:29:27.0440 4528 GEARAspiWDM - ok 13:29:27.0502 4528 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll 13:29:27.0518 4528 gpsvc - ok 13:29:27.0549 4528 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 13:29:27.0564 4528 gusvc - ok 13:29:27.0611 4528 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 13:29:27.0611 4528 hcw85cir - ok 13:29:27.0642 4528 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 13:29:27.0658 4528 HdAudAddService - ok 13:29:27.0674 4528 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 13:29:27.0689 4528 HDAudBus - ok 13:29:27.0705 4528 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 13:29:27.0705 4528 HidBatt - ok 13:29:27.0720 4528 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\drivers\hidbth.sys 13:29:27.0720 4528 HidBth - ok 13:29:27.0783 4528 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\drivers\hidir.sys 13:29:27.0783 4528 HidIr - ok 13:29:27.0814 4528 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll 13:29:27.0830 4528 hidserv - ok 13:29:27.0861 4528 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 13:29:27.0861 4528 HidUsb - ok 13:29:27.0876 4528 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll 13:29:27.0876 4528 hkmsvc - ok 13:29:27.0892 4528 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll 13:29:27.0908 4528 HomeGroupListener - ok 13:29:27.0939 4528 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 13:29:27.0939 4528 HomeGroupProvider - ok 13:29:28.0032 4528 [ 5DA42D24712E00728CEA2342A65009B2 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll 13:29:28.0048 4528 hpqcxs08 - ok 13:29:28.0079 4528 [ D86A39BF100069444D026D22D9A6E555 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll 13:29:28.0079 4528 hpqddsvc - ok 13:29:28.0110 4528 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 13:29:28.0110 4528 HpSAMD - ok 13:29:28.0157 4528 [ A04F4AC48895774A2CF9D1C9EAAACEF0 ] HPSLPSVC C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL 13:29:28.0188 4528 HPSLPSVC - ok 13:29:28.0220 4528 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys 13:29:28.0220 4528 HTTP - ok 13:29:28.0235 4528 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 13:29:28.0235 4528 hwpolicy - ok 13:29:28.0266 4528 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 13:29:28.0266 4528 i8042prt - ok 13:29:28.0329 4528 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 13:29:28.0329 4528 iaStorV - ok 13:29:28.0360 4528 [ BF648877413F6160E480814A24942B65 ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys 13:29:28.0360 4528 IBMPMDRV - ok 13:29:28.0391 4528 [ A75CE11915E4ECC5E1597D6E0F7BB2DB ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe 13:29:28.0391 4528 IBMPMSVC - ok 13:29:28.0438 4528 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 13:29:28.0454 4528 idsvc - ok 13:29:28.0641 4528 [ 9467514EA189475A6E7FDC5D7BDE9D3F ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys 13:29:28.0688 4528 igfx - ok 13:29:28.0719 4528 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\drivers\iirsp.sys 13:29:28.0734 4528 iirsp - ok 13:29:28.0766 4528 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll 13:29:28.0797 4528 IKEEXT - ok 13:29:28.0844 4528 [ 8863992EB5B21D871F9BD240B704A2D2 ] inspect C:\Windows\system32\DRIVERS\inspect.sys 13:29:28.0844 4528 inspect - ok 13:29:28.0859 4528 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys 13:29:28.0859 4528 intelide - ok 13:29:28.0906 4528 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 13:29:28.0906 4528 intelppm - ok 13:29:28.0953 4528 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll 13:29:28.0953 4528 IPBusEnum - ok 13:29:28.0968 4528 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 13:29:28.0968 4528 IpFilterDriver - ok 13:29:29.0015 4528 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 13:29:29.0031 4528 iphlpsvc - ok 13:29:29.0062 4528 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 13:29:29.0062 4528 IPMIDRV - ok 13:29:29.0093 4528 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys 13:29:29.0093 4528 IPNAT - ok 13:29:29.0156 4528 [ E8A39D41474BE42FD8830CED32932D6C ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 13:29:29.0171 4528 iPod Service - ok 13:29:29.0187 4528 [ 9F7E491FB0BA0F9E370163834FC1FE31 ] irda C:\Windows\system32\DRIVERS\irda.sys 13:29:29.0187 4528 irda - ok 13:29:29.0218 4528 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys 13:29:29.0218 4528 IRENUM - ok 13:29:29.0265 4528 [ 4220D2F03D5C4226D0A1AA4B84025E45 ] Irmon C:\Windows\System32\irmon.dll 13:29:29.0280 4528 Irmon - ok 13:29:29.0312 4528 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys 13:29:29.0312 4528 isapnp - ok 13:29:29.0343 4528 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 13:29:29.0343 4528 iScsiPrt - ok 13:29:29.0436 4528 [ EE8BED092A58A4FAEB08DC140729189E ] ISWKL C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys 13:29:29.0436 4528 ISWKL - ok 13:29:29.0483 4528 [ AA7FD6A7532EF23FDCFC030195C148F9 ] IswSvc C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe 13:29:29.0499 4528 IswSvc - ok 13:29:29.0530 4528 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 13:29:29.0546 4528 kbdclass - ok 13:29:29.0561 4528 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 13:29:29.0561 4528 kbdhid - ok 13:29:29.0577 4528 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe 13:29:29.0577 4528 KeyIso - ok 13:29:29.0608 4528 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 13:29:29.0608 4528 KSecDD - ok 13:29:29.0639 4528 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 13:29:29.0639 4528 KSecPkg - ok 13:29:29.0686 4528 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll 13:29:29.0733 4528 KtmRm - ok 13:29:29.0764 4528 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll 13:29:29.0780 4528 LanmanServer - ok 13:29:29.0795 4528 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 13:29:29.0795 4528 LanmanWorkstation - ok 13:29:29.0842 4528 Lavasoft Kernexplorer - ok 13:29:29.0873 4528 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 13:29:29.0889 4528 lltdio - ok 13:29:29.0936 4528 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll 13:29:29.0951 4528 lltdsvc - ok 13:29:29.0967 4528 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll 13:29:29.0967 4528 lmhosts - ok 13:29:30.0029 4528 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 13:29:30.0029 4528 LSI_FC - ok 13:29:30.0076 4528 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 13:29:30.0076 4528 LSI_SAS - ok 13:29:30.0092 4528 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 13:29:30.0107 4528 LSI_SAS2 - ok 13:29:30.0123 4528 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 13:29:30.0123 4528 LSI_SCSI - ok 13:29:30.0154 4528 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys 13:29:30.0154 4528 luafv - ok 13:29:30.0232 4528 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 13:29:30.0232 4528 Mcx2Svc - ok 13:29:30.0279 4528 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\drivers\megasas.sys 13:29:30.0279 4528 megasas - ok 13:29:30.0326 4528 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 13:29:30.0326 4528 MegaSR - ok 13:29:30.0372 4528 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll 13:29:30.0372 4528 MMCSS - ok 13:29:30.0388 4528 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys 13:29:30.0404 4528 Modem - ok 13:29:30.0419 4528 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 13:29:30.0419 4528 monitor - ok 13:29:30.0435 4528 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 13:29:30.0450 4528 mouclass - ok 13:29:30.0466 4528 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 13:29:30.0482 4528 mouhid - ok 13:29:30.0497 4528 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 13:29:30.0497 4528 mountmgr - ok 13:29:30.0560 4528 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 13:29:30.0575 4528 MozillaMaintenance - ok 13:29:30.0591 4528 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys 13:29:30.0591 4528 mpio - ok 13:29:30.0606 4528 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 13:29:30.0622 4528 mpsdrv - ok 13:29:30.0653 4528 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll 13:29:30.0653 4528 MpsSvc - ok 13:29:30.0684 4528 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 13:29:30.0684 4528 MRxDAV - ok 13:29:30.0716 4528 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 13:29:30.0716 4528 mrxsmb - ok 13:29:30.0747 4528 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 13:29:30.0762 4528 mrxsmb10 - ok 13:29:30.0778 4528 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 13:29:30.0778 4528 mrxsmb20 - ok 13:29:30.0809 4528 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys 13:29:30.0809 4528 msahci - ok 13:29:30.0825 4528 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys 13:29:30.0840 4528 msdsm - ok 13:29:30.0872 4528 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe 13:29:30.0872 4528 MSDTC - ok 13:29:30.0903 4528 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys 13:29:30.0903 4528 Msfs - ok 13:29:30.0918 4528 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 13:29:30.0918 4528 mshidkmdf - ok 13:29:30.0934 4528 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 13:29:30.0934 4528 msisadrv - ok 13:29:30.0981 4528 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 13:29:30.0981 4528 MSiSCSI - ok 13:29:30.0996 4528 msiserver - ok 13:29:31.0028 4528 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 13:29:31.0028 4528 MSKSSRV - ok 13:29:31.0043 4528 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 13:29:31.0043 4528 MSPCLOCK - ok 13:29:31.0059 4528 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 13:29:31.0059 4528 MSPQM - ok 13:29:31.0074 4528 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 13:29:31.0074 4528 MsRPC - ok 13:29:31.0106 4528 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 13:29:31.0106 4528 mssmbios - ok 13:29:31.0121 4528 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 13:29:31.0121 4528 MSTEE - ok 13:29:31.0137 4528 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 13:29:31.0137 4528 MTConfig - ok 13:29:31.0152 4528 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys 13:29:31.0152 4528 Mup - ok 13:29:31.0199 4528 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll 13:29:31.0215 4528 napagent - ok 13:29:31.0262 4528 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 13:29:31.0262 4528 NativeWifiP - ok 13:29:31.0324 4528 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys 13:29:31.0324 4528 NDIS - ok 13:29:31.0371 4528 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 13:29:31.0371 4528 NdisCap - ok 13:29:31.0402 4528 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 13:29:31.0418 4528 NdisTapi - ok 13:29:31.0433 4528 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 13:29:31.0433 4528 Ndisuio - ok 13:29:31.0449 4528 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 13:29:31.0449 4528 NdisWan - ok 13:29:31.0480 4528 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 13:29:31.0480 4528 NDProxy - ok 13:29:31.0542 4528 [ A081CB6FB9A12668F233EB5414BE3A0E ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll 13:29:31.0542 4528 Net Driver HPZ12 - ok 13:29:31.0558 4528 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 13:29:31.0558 4528 NetBIOS - ok 13:29:31.0605 4528 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 13:29:31.0620 4528 NetBT - ok 13:29:31.0620 4528 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe 13:29:31.0636 4528 Netlogon - ok 13:29:31.0667 4528 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll 13:29:31.0683 4528 Netman - ok 13:29:31.0698 4528 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll 13:29:31.0714 4528 netprofm - ok 13:29:31.0730 4528 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 13:29:31.0745 4528 NetTcpPortSharing - ok 13:29:31.0792 4528 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 13:29:31.0792 4528 nfrd960 - ok 13:29:31.0839 4528 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll 13:29:31.0839 4528 NlaSvc - ok 13:29:31.0854 4528 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys 13:29:31.0854 4528 Npfs - ok 13:29:31.0886 4528 [ 6D8D2E5652FC2442C810C5D8BE784148 ] NSCIRDA C:\Windows\system32\DRIVERS\nscirda.sys 13:29:31.0886 4528 NSCIRDA - ok 13:29:31.0932 4528 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll 13:29:31.0932 4528 nsi - ok 13:29:31.0964 4528 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 13:29:31.0964 4528 nsiproxy - ok 13:29:32.0042 4528 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 13:29:32.0057 4528 Ntfs - ok 13:29:32.0104 4528 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys 13:29:32.0104 4528 Null - ok 13:29:32.0135 4528 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys 13:29:32.0151 4528 nvraid - ok 13:29:32.0182 4528 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys 13:29:32.0198 4528 nvstor - ok 13:29:32.0229 4528 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 13:29:32.0229 4528 nv_agp - ok 13:29:32.0244 4528 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 13:29:32.0244 4528 ohci1394 - ok 13:29:32.0291 4528 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 13:29:32.0291 4528 p2pimsvc - ok 13:29:32.0338 4528 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll 13:29:32.0338 4528 p2psvc - ok 13:29:32.0385 4528 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys 13:29:32.0400 4528 Parport - ok 13:29:32.0447 4528 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys 13:29:32.0447 4528 partmgr - ok 13:29:32.0478 4528 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys 13:29:32.0478 4528 Parvdm - ok 13:29:32.0510 4528 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll 13:29:32.0525 4528 PcaSvc - ok 13:29:32.0541 4528 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys 13:29:32.0541 4528 pci - ok 13:29:32.0556 4528 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys 13:29:32.0556 4528 pciide - ok 13:29:32.0603 4528 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 13:29:32.0603 4528 pcmcia - ok 13:29:32.0619 4528 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys 13:29:32.0619 4528 pcw - ok 13:29:32.0681 4528 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys 13:29:32.0681 4528 PEAUTH - ok 13:29:32.0759 4528 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll 13:29:32.0790 4528 pla - ok 13:29:32.0822 4528 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll 13:29:32.0837 4528 PlugPlay - ok 13:29:32.0868 4528 [ 65BC271F337637731D3C71455AE1F476 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll 13:29:32.0868 4528 Pml Driver HPZ12 - ok 13:29:32.0931 4528 [ 713E294439D982BB161317DE0136FAA0 ] pneteth C:\Windows\system32\DRIVERS\pneteth.sys 13:29:32.0931 4528 pneteth - ok 13:29:32.0946 4528 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 13:29:32.0962 4528 PNRPAutoReg - ok 13:29:32.0978 4528 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 13:29:32.0978 4528 PNRPsvc - ok 13:29:33.0024 4528 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 13:29:33.0040 4528 PolicyAgent - ok 13:29:33.0071 4528 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll 13:29:33.0071 4528 Power - ok 13:29:33.0118 4528 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 13:29:33.0118 4528 PptpMiniport - ok 13:29:33.0134 4528 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\drivers\processr.sys 13:29:33.0149 4528 Processor - ok 13:29:33.0196 4528 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll 13:29:33.0196 4528 ProfSvc - ok 13:29:33.0212 4528 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe 13:29:33.0212 4528 ProtectedStorage - ok 13:29:33.0243 4528 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys 13:29:33.0243 4528 Psched - ok 13:29:33.0274 4528 [ D24DFD16A1E2A76034DF5AA18125C35D ] PSI C:\Windows\system32\DRIVERS\psi_mf.sys 13:29:33.0274 4528 PSI - ok 13:29:33.0368 4528 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 13:29:33.0383 4528 ql2300 - ok 13:29:33.0399 4528 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 13:29:33.0414 4528 ql40xx - ok 13:29:33.0446 4528 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll 13:29:33.0477 4528 QWAVE - ok 13:29:33.0492 4528 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 13:29:33.0492 4528 QWAVEdrv - ok 13:29:33.0586 4528 [ 8F97D374AD1857E1EED85A79F29A1D3D ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll 13:29:33.0586 4528 RapiMgr - ok 13:29:33.0617 4528 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 13:29:33.0617 4528 RasAcd - ok 13:29:33.0633 4528 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 13:29:33.0648 4528 RasAgileVpn - ok 13:29:33.0680 4528 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll 13:29:33.0695 4528 RasAuto - ok 13:29:33.0726 4528 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 13:29:33.0726 4528 Rasl2tp - ok 13:29:33.0789 4528 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll 13:29:33.0804 4528 RasMan - ok 13:29:33.0836 4528 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 13:29:33.0851 4528 RasPppoe - ok 13:29:33.0867 4528 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 13:29:33.0882 4528 RasSstp - ok 13:29:33.0914 4528 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 13:29:33.0914 4528 rdbss - ok 13:29:33.0929 4528 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\drivers\rdpbus.sys 13:29:33.0945 4528 rdpbus - ok 13:29:33.0976 4528 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 13:29:33.0976 4528 RDPCDD - ok 13:29:34.0023 4528 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 13:29:34.0038 4528 RDPENCDD - ok 13:29:34.0070 4528 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 13:29:34.0085 4528 RDPREFMP - ok 13:29:34.0179 4528 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 13:29:34.0194 4528 RDPWD - ok 13:29:34.0288 4528 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 13:29:34.0288 4528 rdyboost - ok 13:29:34.0319 4528 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll 13:29:34.0350 4528 RemoteAccess - ok 13:29:34.0382 4528 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll 13:29:34.0397 4528 RemoteRegistry - ok 13:29:34.0444 4528 [ 0F6756EF8BDA6DFA7BE50465C83132BB ] RimUsb C:\Windows\system32\Drivers\RimUsb.sys 13:29:34.0444 4528 RimUsb - ok 13:29:34.0491 4528 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 13:29:34.0491 4528 RpcEptMapper - ok 13:29:34.0522 4528 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe 13:29:34.0522 4528 RpcLocator - ok 13:29:34.0600 4528 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll 13:29:34.0616 4528 RpcSs - ok 13:29:34.0694 4528 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 13:29:34.0694 4528 rspndr - ok 13:29:34.0740 4528 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe 13:29:34.0740 4528 SamSs - ok 13:29:34.0787 4528 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 13:29:34.0787 4528 sbp2port - ok 13:29:34.0818 4528 SBRE - ok 13:29:34.0850 4528 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll 13:29:34.0850 4528 SCardSvr - ok 13:29:34.0865 4528 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 13:29:34.0865 4528 scfilter - ok 13:29:35.0037 4528 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll 13:29:35.0052 4528 Schedule - ok 13:29:35.0068 4528 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll 13:29:35.0068 4528 SCPolicySvc - ok 13:29:35.0099 4528 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll 13:29:35.0130 4528 SDRSVC - ok 13:29:35.0162 4528 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys 13:29:35.0162 4528 secdrv - ok 13:29:35.0193 4528 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll 13:29:35.0193 4528 seclogon - ok 13:29:35.0271 4528 [ 306F9390976E41063D21AB9AB6D48122 ] Secunia PSI Agent C:\Program Files\Secunia\PSI\PSIA.exe 13:29:35.0302 4528 Secunia PSI Agent - ok 13:29:35.0349 4528 [ 29C852880E9634F8C6BD77A4E68B5B34 ] Secunia Update Agent C:\Program Files\Secunia\PSI\sua.exe 13:29:35.0364 4528 Secunia Update Agent - ok 13:29:35.0396 4528 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll 13:29:35.0411 4528 SENS - ok 13:29:35.0442 4528 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll 13:29:35.0458 4528 SensrSvc - ok 13:29:35.0474 4528 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 13:29:35.0489 4528 Serenum - ok 13:29:35.0520 4528 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys 13:29:35.0520 4528 Serial - ok 13:29:35.0536 4528 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\drivers\sermouse.sys 13:29:35.0536 4528 sermouse - ok 13:29:35.0583 4528 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll 13:29:35.0598 4528 SessionEnv - ok 13:29:35.0614 4528 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 13:29:35.0614 4528 sffdisk - ok 13:29:35.0630 4528 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 13:29:35.0630 4528 sffp_mmc - ok 13:29:35.0661 4528 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 13:29:35.0661 4528 sffp_sd - ok 13:29:35.0661 4528 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 13:29:35.0676 4528 sfloppy - ok 13:29:35.0723 4528 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll 13:29:35.0723 4528 SharedAccess - ok 13:29:35.0770 4528 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 13:29:35.0770 4528 ShellHWDetection - ok 13:29:35.0801 4528 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys 13:29:35.0801 4528 sisagp - ok 13:29:35.0817 4528 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 13:29:35.0817 4528 SiSRaid2 - ok 13:29:35.0832 4528 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 13:29:35.0848 4528 SiSRaid4 - ok 13:29:35.0879 4528 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys 13:29:35.0879 4528 Smb - ok 13:29:35.0926 4528 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 13:29:35.0942 4528 SNMPTRAP - ok 13:29:35.0957 4528 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys 13:29:35.0957 4528 spldr - ok 13:29:36.0035 4528 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe 13:29:36.0051 4528 Spooler - ok 13:29:36.0144 4528 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe 13:29:36.0254 4528 sppsvc - ok 13:29:36.0285 4528 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll 13:29:36.0285 4528 sppuinotify - ok 13:29:36.0316 4528 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys 13:29:36.0332 4528 srv - ok 13:29:36.0363 4528 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 13:29:36.0363 4528 srv2 - ok 13:29:36.0394 4528 [ E00FDFAFF025E94F9821153750C35A6D ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL3.SYS 13:29:36.0394 4528 SrvHsfHDA - ok 13:29:36.0425 4528 [ CEB4E3B6890E1E42DCA6694D9E59E1A0 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV3.SYS 13:29:36.0441 4528 SrvHsfV92 - ok 13:29:36.0488 4528 [ BC0C7EA89194C299F051C24119000E17 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT3.SYS 13:29:36.0488 4528 SrvHsfWinac - ok 13:29:36.0519 4528 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 13:29:36.0519 4528 srvnet - ok 13:29:36.0566 4528 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 13:29:36.0581 4528 SSDPSRV - ok 13:29:36.0597 4528 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll 13:29:36.0597 4528 SstpSvc - ok 13:29:36.0628 4528 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\drivers\stexstor.sys 13:29:36.0628 4528 stexstor - ok 13:29:36.0675 4528 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll 13:29:36.0690 4528 StiSvc - ok 13:29:36.0706 4528 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 13:29:36.0706 4528 swenum - ok 13:29:36.0753 4528 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll 13:29:36.0768 4528 swprv - ok 13:29:36.0800 4528 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll 13:29:36.0831 4528 SysMain - ok 13:29:36.0846 4528 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll 13:29:36.0846 4528 TabletInputService - ok 13:29:36.0893 4528 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll 13:29:36.0893 4528 TapiSrv - ok 13:29:36.0924 4528 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll 13:29:36.0924 4528 TBS - ok 13:29:37.0034 4528 [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 13:29:37.0049 4528 Tcpip - ok 13:29:37.0158 4528 [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 13:29:37.0174 4528 TCPIP6 - ok 13:29:37.0205 4528 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 13:29:37.0205 4528 tcpipreg - ok 13:29:37.0236 4528 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 13:29:37.0236 4528 TDPIPE - ok 13:29:37.0283 4528 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 13:29:37.0283 4528 TDTCP - ok 13:29:37.0299 4528 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 13:29:37.0314 4528 tdx - ok 13:29:37.0314 4528 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 13:29:37.0314 4528 TermDD - ok 13:29:37.0361 4528 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll 13:29:37.0377 4528 TermService - ok 13:29:37.0392 4528 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll 13:29:37.0408 4528 Themes - ok 13:29:37.0424 4528 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll 13:29:37.0424 4528 THREADORDER - ok 13:29:37.0455 4528 [ 5AD05191DC8B444A7BA4D79B76C42A30 ] TPM C:\Windows\system32\drivers\tpm.sys 13:29:37.0455 4528 TPM - ok 13:29:37.0548 4528 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll 13:29:37.0564 4528 TrkWks - ok 13:29:37.0595 4528 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 13:29:37.0611 4528 TrustedInstaller - ok 13:29:37.0626 4528 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 13:29:37.0626 4528 tssecsrv - ok 13:29:37.0642 4528 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 13:29:37.0642 4528 TsUsbFlt - ok 13:29:37.0673 4528 [ 01246F0BAAD7B68EC0F472AA41E33282 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 13:29:37.0673 4528 TsUsbGD - ok 13:29:37.0720 4528 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 13:29:37.0720 4528 tunnel - ok 13:29:37.0751 4528 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\drivers\uagp35.sys 13:29:37.0751 4528 uagp35 - ok 13:29:37.0782 4528 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys 13:29:37.0782 4528 udfs - ok 13:29:37.0829 4528 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe 13:29:37.0845 4528 UI0Detect - ok 13:29:37.0876 4528 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 13:29:37.0876 4528 uliagpkx - ok 13:29:37.0923 4528 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys 13:29:37.0923 4528 umbus - ok 13:29:37.0970 4528 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\drivers\umpass.sys 13:29:37.0970 4528 UmPass - ok 13:29:38.0016 4528 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll 13:29:38.0032 4528 upnphost - ok 13:29:38.0094 4528 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys 13:29:38.0094 4528 USBAAPL - ok 13:29:38.0157 4528 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 13:29:38.0157 4528 usbccgp - ok 13:29:38.0219 4528 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys 13:29:38.0219 4528 usbcir - ok 13:29:38.0250 4528 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 13:29:38.0250 4528 usbehci - ok 13:29:38.0282 4528 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 13:29:38.0297 4528 usbhub - ok 13:29:38.0313 4528 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys 13:29:38.0313 4528 usbohci - ok 13:29:38.0344 4528 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 13:29:38.0360 4528 usbprint - ok 13:29:38.0375 4528 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 13:29:38.0391 4528 usbscan - ok 13:29:38.0406 4528 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 13:29:38.0406 4528 USBSTOR - ok 13:29:38.0438 4528 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys 13:29:38.0453 4528 usbuhci - ok 13:29:38.0484 4528 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll 13:29:38.0500 4528 UxSms - ok 13:29:38.0500 4528 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe 13:29:38.0500 4528 VaultSvc - ok 13:29:38.0547 4528 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 13:29:38.0547 4528 vdrvroot - ok 13:29:38.0578 4528 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe 13:29:38.0594 4528 vds - ok 13:29:38.0609 4528 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 13:29:38.0609 4528 vga - ok 13:29:38.0625 4528 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys 13:29:38.0625 4528 VgaSave - ok 13:29:38.0656 4528 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 13:29:38.0656 4528 vhdmp - ok 13:29:38.0687 4528 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys 13:29:38.0687 4528 viaagp - ok 13:29:38.0718 4528 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\drivers\viac7.sys 13:29:38.0718 4528 ViaC7 - ok 13:29:38.0734 4528 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys 13:29:38.0734 4528 viaide - ok 13:29:38.0750 4528 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys 13:29:38.0750 4528 volmgr - ok 13:29:38.0796 4528 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 13:29:38.0812 4528 volmgrx - ok 13:29:38.0828 4528 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys 13:29:38.0843 4528 volsnap - ok 13:29:38.0906 4528 [ 6292C794BA68E0F46A6D45468461AFE1 ] Vsdatant C:\Windows\system32\DRIVERS\vsdatant.sys 13:29:38.0921 4528 Vsdatant - ok 13:29:38.0984 4528 vsmon - ok 13:29:39.0015 4528 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 13:29:39.0030 4528 vsmraid - ok 13:29:39.0155 4528 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe 13:29:39.0155 4528 VSS - ok 13:29:39.0171 4528 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 13:29:39.0171 4528 vwifibus - ok 13:29:39.0218 4528 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 13:29:39.0218 4528 vwififlt - ok 13:29:39.0249 4528 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys 13:29:39.0249 4528 vwifimp - ok 13:29:39.0296 4528 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll 13:29:39.0311 4528 W32Time - ok 13:29:39.0342 4528 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 13:29:39.0342 4528 WacomPen - ok 13:29:39.0389 4528 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 13:29:39.0389 4528 WANARP - ok 13:29:39.0405 4528 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 13:29:39.0405 4528 Wanarpv6 - ok 13:29:39.0498 4528 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 13:29:39.0530 4528 WatAdminSvc - ok 13:29:39.0576 4528 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe 13:29:39.0608 4528 wbengine - ok 13:29:39.0639 4528 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 13:29:39.0639 4528 WbioSrvc - ok 13:29:39.0686 4528 [ 59E19BD13C3BDB857646B9E436BA27F7 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll 13:29:39.0686 4528 WcesComm - ok 13:29:39.0717 4528 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll 13:29:39.0732 4528 wcncsvc - ok 13:29:39.0749 4528 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 13:29:39.0749 4528 WcsPlugInService - ok 13:29:39.0780 4528 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\drivers\wd.sys 13:29:39.0796 4528 Wd - ok 13:29:39.0874 4528 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 13:29:39.0889 4528 Wdf01000 - ok 13:29:39.0921 4528 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll 13:29:39.0936 4528 WdiServiceHost - ok 13:29:39.0936 4528 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll 13:29:39.0952 4528 WdiSystemHost - ok 13:29:39.0967 4528 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll 13:29:39.0983 4528 WebClient - ok 13:29:40.0014 4528 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll 13:29:40.0014 4528 Wecsvc - ok 13:29:40.0045 4528 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll 13:29:40.0045 4528 wercplsupport - ok 13:29:40.0061 4528 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll 13:29:40.0077 4528 WerSvc - ok 13:29:40.0108 4528 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 13:29:40.0108 4528 WfpLwf - ok 13:29:40.0139 4528 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys 13:29:40.0139 4528 WIMMount - ok 13:29:40.0279 4528 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll 13:29:40.0295 4528 WinDefend - ok 13:29:40.0311 4528 WinHttpAutoProxySvc - ok 13:29:40.0357 4528 Winmgmt - ok 13:29:40.0513 4528 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll 13:29:40.0560 4528 WinRM - ok 13:29:40.0638 4528 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 13:29:40.0638 4528 WinUsb - ok 13:29:40.0732 4528 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll 13:29:40.0747 4528 Wlansvc - ok 13:29:40.0998 4528 [ 5E7C103F8475C4289847D15E129C20F7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 13:29:41.0014 4528 wlidsvc - ok 13:29:41.0029 4528 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 13:29:41.0029 4528 WmiAcpi - ok 13:29:41.0154 4528 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 13:29:41.0170 4528 wmiApSrv - ok 13:29:41.0341 4528 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe 13:29:41.0357 4528 WMPNetworkSvc - ok 13:29:41.0388 4528 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll 13:29:41.0388 4528 WPCSvc - ok 13:29:41.0419 4528 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 13:29:41.0419 4528 WPDBusEnum - ok 13:29:41.0450 4528 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 13:29:41.0466 4528 ws2ifsl - ok 13:29:41.0497 4528 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll 13:29:41.0497 4528 wscsvc - ok 13:29:41.0513 4528 WSearch - ok 13:29:41.0591 4528 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll 13:29:41.0638 4528 wuauserv - ok 13:29:41.0684 4528 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 13:29:41.0684 4528 WudfPf - ok 13:29:41.0731 4528 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 13:29:41.0731 4528 WUDFRd - ok 13:29:41.0762 4528 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 13:29:41.0762 4528 wudfsvc - ok 13:29:41.0794 4528 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll 13:29:41.0809 4528 WwanSvc - ok 13:29:41.0856 4528 ================ Scan global =============================== 13:29:41.0903 4528 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll 13:29:41.0950 4528 [ 93F86C5CCC37D70EA09CE5E76F3E4338 ] C:\Windows\system32\winsrv.dll 13:29:41.0965 4528 [ 93F86C5CCC37D70EA09CE5E76F3E4338 ] C:\Windows\system32\winsrv.dll 13:29:42.0012 4528 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll 13:29:42.0059 4528 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe 13:29:42.0059 4528 [Global] - ok 13:29:42.0059 4528 ================ Scan MBR ================================== 13:29:42.0090 4528 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 13:29:42.0745 4528 \Device\Harddisk0\DR0 - ok 13:29:42.0761 4528 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1 13:29:42.0776 4528 \Device\Harddisk1\DR1 - ok 13:29:42.0776 4528 ================ Scan VBR ================================== 13:29:42.0776 4528 [ 437E73307EE5721E3EA7AFE419C9B74C ] \Device\Harddisk0\DR0\Partition1 13:29:42.0792 4528 \Device\Harddisk0\DR0\Partition1 - ok 13:29:42.0823 4528 [ C16B48FC1C6D81B42AE109BEF28CF2C9 ] \Device\Harddisk0\DR0\Partition2 13:29:42.0839 4528 \Device\Harddisk0\DR0\Partition2 - ok 13:29:42.0854 4528 [ 75680E57640BA4F05EBE2845EAF86993 ] \Device\Harddisk1\DR1\Partition1 13:29:42.0854 4528 \Device\Harddisk1\DR1\Partition1 - ok 13:29:42.0854 4528 ============================================================ 13:29:42.0854 4528 Scan finished 13:29:42.0854 4528 ============================================================ 13:29:42.0886 5720 Detected object count: 0 13:29:42.0886 5720 Actual detected object count: 0 13:30:18.0001 4524 Deinitialize success Mittlerweile hat sich noch ein Problemchen eingestellt: Ich kann das Windows-Sicherheitscenter nicht mehr aktivieren. Wenn ich versuche, ihn über die Prozesssteuerung zu aktivieren, kommt die Meldung im Anhang... Lg und danke!!!! |
|
26.12.2012, 21:05
| #4 | |
| /// TB-Ausbilder | BKA - Virus und Harddisc Servus, Schritt 1 Ich sehe, dass du sogenannte Peer to Peer oder Filesharing Programme verwendest. In deinem Fall µTorrent. Diese Programme erlauben es dir, Daten mit anderen Usern auszutauschen. Leider ist auch p2p oder Filesharing nicht ausgenommen, infizierte Dateien zu verteilen und das ist auch ein Grund warum sich Malware so schnell verbreitet. Es ist also möglich, dass du dir eine infizierte Datei herunter ladest. Du kannst niemals wissen, woher diese stammen. Daher sollte diese Art von Software mit äußerster Vorsicht benutzt werden. Ein ebenfalls wichtiger Punkt ist, dass das Verbreiten von Media und Entertainment Dateien in den meisten Ländern der Welt gegen Copyright Rechte verstößt. Natürlich gibt es auch einen legalen Weg zur Nutzung dieses Service. Zum Beispiel zum Downloaden von Linux oder Open Office. Denoch würde ich dich ersuchen, diese Art von Software nicht weiterhin zu verwenden. Bitte gehe zu Start --> Systemsteuerung --> Software / Programme deinstallieren und deinstalliere die oben genannte Software. Bitte sag bescheid wenn Du eines der gelisteten Programme nicht finden kannst. Schritt 2 Mir ist aufgefallen, dass Du mehr als ein Anti-Virus-Programm mit Hintergrundwächter laufen hast: Code:
ATTFilter AVG 2013
COMODO Internet Security
Berichte, für welches Anti-Virus-Programm Du Dich entschieden hast. Zitat:
Schritt 3 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 4 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.  Bitte lade Junkware Removal Tool auf Deinen Desktop.
Schritt 5 Scan mit Combofix
Bitte poste mit deiner nächsten Antwort
|
|
27.12.2012, 19:11
| #5 |
| | BKA - Virus und Harddisc Hallo! Schaut gar nicht gut aus... u-Torrent konnte ich fast nicht deinstallieren, bin zweimal in einen Bluescreen gelaufen; erst beim dritten Mal hats geklappt. Zone Alarm kriege ich nicht weg Hier ist das Logfile vom AdwCleaner: HTML-Code: # AdwCleaner v2.103 - Datei am 27/12/2012 um 15:26:39 erstellt
# Aktualisiert am 25/12/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzer : bertl - BERTL-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\bertl\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKLM\Software\PIP
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16457
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://feed.snap.do/?publisher=SnapdoIMonetizer&dpid=SnapdoEMon&co=AT&userid=acdb4e60-080b-458c-a116-b0295ea93435&searchtype=hp --> hxxp://www.google.com
-\\ Mozilla Firefox v17.0.1 (de)
Datei : C:\Users\bertl\AppData\Roaming\Mozilla\Firefox\Profiles\jes2v9mu.default\prefs.js
Gelöscht : user_pref("extensions.skipscreen.hostMatchStr", "hxxp://www.4shared.com/(get|audio|file|document|dir[...]
Datei : C:\Users\Susanna\AppData\Roaming\Mozilla\Firefox\Profiles\3wut21nm.default\prefs.js
[OK] Die Datei ist sauber.
*************************
AdwCleaner[S1].txt - [1789 octets] - [27/12/2012 15:26:39]
########## EOF - C:\AdwCleaner[S1].txt - [1849 octets] ########## HTML-Code: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.2.5 (12.24.2012:1)
OS: Windows 7 Home Premium x86
Ran by bertl on 27.12.2012 at 15:52:52,82
Blog: hxxp://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{6c97a91e-4524-4019-86af-2aa2d567bf5c}
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\searchurl\\Default
Successfully repaired: [Registry Value] hkey_users\S-1-5-21-2241422709-4272247109-2843487209-1000\software\microsoft\internet explorer\searchurl\\Default
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchurl\\Default
~~~ Registry Keys
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{6c97a91e-4524-4019-86af-2aa2d567bf5c}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Users\bertl\appdata\local\adawarebp"
Successfully deleted: [Folder] "C:\Users\bertl\appdata\locallow\adawaretb"
Successfully deleted: [Folder] "C:\Program Files\adawaretb"
~~~ FireFox
Successfully deleted: [File] "C:\Program Files\Mozilla Firefox\searchplugins\adawaretb.xml"
Successfully deleted: [Folder] C:\Users\bertl\AppData\Roaming\mozilla\firefox\profiles\jes2v9mu.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
Successfully deleted the following from C:\Users\bertl\AppData\Roaming\mozilla\firefox\profiles\jes2v9mu.default\prefs.js
user_pref("extensions.bootstrappedAddons", "{\"{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}\":{\"version\":\"6.5\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\bertl\\\\Ap
user_pref("extensions.helperbar.SmartbarDisabled", false);
user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
user_pref("extensions.skipscreen.hostMatchStr", "hxxp://www.4shared.com/(get|audio|file|document|dir)/.*|hxxp://.*depositfiles.com/(([a-z]{2})/files/|auth-).*|hxxp://(www.)*di
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27.12.2012 at 17:29:05,56
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Da bin ich wieder zwei Mal in einen Bluescreen gerannt, sieht so aus, als ob das routinemäßig passieren wird...  lg Norbert |
|
27.12.2012, 19:29
| #6 |
| /// TB-Ausbilder | BKA - Virus und Harddisc Servus, starte deinen Rechner nach dieser Anleitung im abgesicherten Modus mit Netzwerktreibern. Benenne die ComboFix.exe in NoMBR.exe um und starte ComboFix im abgesicherten Modus. Poste die Logdatei. |
|
29.12.2012, 21:52
| #7 |
| | BKA - Virus und Harddisc Hallo! Komme grad feiertagsbedingt  nicht zum Rechner, melde mich aber am Dienstag wieder. Bitte thread nicht schließen. Danke! |
|
30.12.2012, 11:25
| #8 |
| /// TB-Ausbilder | BKA - Virus und Harddisc Servus, vielen Dank für die Rückmeldung. Dann warte ich bis Dienstag.  |
|
01.01.2013, 16:10
| #9 |
| | BKA - Virus und Harddisc Servus! Also, das klappt leider auch nicht. Im abgesicherten Modus komme ich beim Initialisieren nur bis "Zielverzeichnis C:/32788R22FWJFW " dann passiert nix mehr. Im normalen Modus willdann irgendwann der Prozess pev.3xe ins Netz; wenn ich das zulasse, dann crasht die Kiste. Mist, sieht mir sehr nach Datensicherung und neu aufsetzen aus... Danke jedenfalls für die Hilfe bisher. Wenn du noch eine Idee hast, bin ich natürlich dankbar... |
|
01.01.2013, 16:15
| #10 |
| /// TB-Ausbilder | BKA - Virus und Harddisc Servus, ich bin ehrlich zu dir. Die Bereinigung ist nicht das Problem. Wir haben hier primär eher ein Hardwareproblem, daher empfehle ich dir hier an dieser Stelle eine eine Neuinstallation: Anleitung zum Neu aufsetzten Du solltest vorher allerdings deine privaten Daten sichern (nur Dokumente, Bilder, Videos, keine ausführbaren Dateien). Das mit deiner Festplatte hört sich wirklich nicht gut an. Leider bin ich diesbezüglich kein Experte. Gib mir kurz Bescheid, wie du fortfahren möchtest. Geändert von M-K-D-B (01.01.2013 um 16:20 Uhr) |
|
01.01.2013, 16:34
| #11 |
| | BKA - Virus und Harddisc Hallo! Meinte eh, dass ich die Kiste neu aufsetzen will. Da ich aber recht viel Gerümpel auf der Platte hab' das ich noch brauche, werde ich da mal großflächig sichern. Leider ist ja meine externe HD derzeit dafür nicht nutzbar, drum hab ich mir grad die 3TB Intenso Memory Box bestellt. Mit der alten HD geh ich mal zu einem Datensicherungsexperten, vll. weiss der weiter. Sind doch 700 GB legal konvertierte Mucke drauf. Dann gehts ans neu aufsetzen. Jucheee  Danke jedenfalls für die Mühe  |
|
01.01.2013, 16:42
| #12 |
| /// TB-Ausbilder | BKA - Virus und Harddisc Tut mir Leid, dass ich keine bessere Nachricht habe. Aber so ist es wirklich am Besten. Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM. Jeder andere bitte hier klicken und einen eigenen Thread erstellen. |
|
| Themen zu BKA - Virus und Harddisc |
| abgesicherten, alles blockiert, anti-malware, blockiert, daten, emsisoft, eset, explorer, externe, festplatte, festplatten, malwarebytes, modus, nicht mehr, online, platte, problem, rechner, scan, scanner, sichtbar, trojaner, trotz, ubuntu, umgehen, virus, wichtige, wichtige daten |
WARNUNG an die MITLESER: 
Linear-Darstellung
