Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Bitdefender deaktiviert sich nach Trojanerfund-Meldung

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 27.02.2013, 14:34   #1
steaf
 
Bitdefender deaktiviert sich nach Trojanerfund-Meldung - Standard

Bitdefender deaktiviert sich nach Trojanerfund-Meldung



Moin,

ich habe folgendes Problem. Bitdefender Total Security 2013 deaktiviert sich seit Kurzem. Nach jedem Neustart muss ich es manuell aktivieren. Es deaktiviert sich aber auch im laufenden Betrieb.

Das Ganze tritt ungefähr auf seit Bitderfender mir folgende Fund gemeldet hat: "Bitdefender hat ein infiziertes Element erkannt in c:/program files/pd/bin/tclpip85.dll. Virus Name: Trojan.Generic.KDZ.8601."

Wie gehe ich nun am besten vor?
Logs von GMER, OTL und Defogger habe ich angehängt.
Vielen Dank im Voraus für die Mühen!!

cheers,
steaf

Alt 27.02.2013, 14:58   #2
markusg
/// Malware-holic
 
Bitdefender deaktiviert sich nach Trojanerfund-Meldung - Standard

Bitdefender deaktiviert sich nach Trojanerfund-Meldung



Hi,
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________

__________________

Alt 27.02.2013, 15:21   #3
steaf
 
Bitdefender deaktiviert sich nach Trojanerfund-Meldung - Standard

Bitdefender deaktiviert sich nach Trojanerfund-Meldung



Hi Markus,

vielen Dank für die schnelle Beantwortung.

Logfile von TDSSKiller:

Code:
ATTFilter
15:07:53.0213 7040  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:07:55.0226 7040  ============================================================
15:07:55.0226 7040  Current date / time: 2013/02/27 15:07:55.0226
15:07:55.0226 7040  SystemInfo:
15:07:55.0226 7040  
15:07:55.0226 7040  OS Version: 6.1.7601 ServicePack: 1.0
15:07:55.0226 7040  Product type: Workstation
15:07:55.0226 7040  ComputerName: LEON
15:07:55.0226 7040  UserName: steaf
15:07:55.0226 7040  Windows directory: C:\Windows
15:07:55.0226 7040  System windows directory: C:\Windows
15:07:55.0226 7040  Processor architecture: Intel x86
15:07:55.0226 7040  Number of processors: 2
15:07:55.0226 7040  Page size: 0x1000
15:07:55.0226 7040  Boot type: Normal boot
15:07:55.0226 7040  ============================================================
15:07:57.0191 7040  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:07:57.0597 7040  Drive \Device\Harddisk1\DR1 - Size: 0x73A00000 (1.81 Gb), SectorSize: 0x200, Cylinders: 0xEB, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:07:57.0597 7040  ============================================================
15:07:57.0597 7040  \Device\Harddisk0\DR0:
15:07:57.0597 7040  MBR partitions:
15:07:57.0597 7040  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xAB58FB, BlocksNum 0xA027966
15:07:57.0597 7040  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xAADD800, BlocksNum 0x7F3B800
15:07:57.0597 7040  \Device\Harddisk1\DR1:
15:07:57.0597 7040  MBR partitions:
15:07:57.0597 7040  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x6, StartLBA 0x5E8, BlocksNum 0x39CA18
15:07:57.0597 7040  ============================================================
15:07:57.0722 7040  C: <-> \Device\Harddisk0\DR0\Partition1
15:07:57.0815 7040  D: <-> \Device\Harddisk0\DR0\Partition2
15:07:57.0831 7040  ============================================================
15:07:57.0831 7040  Initialize success
15:07:57.0831 7040  ============================================================
15:09:07.0970 6296  ============================================================
15:09:07.0970 6296  Scan started
15:09:07.0970 6296  Mode: Manual; SigCheck; TDLFS; 
15:09:07.0970 6296  ============================================================
15:09:09.0155 6296  ================ Scan system memory ========================
15:09:09.0155 6296  System memory - ok
15:09:09.0155 6296  ================ Scan services =============================
15:09:09.0452 6296  [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
15:09:09.0935 6296  1394ohci - ok
15:09:10.0029 6296  [ 5B5D041F877EE2C25C5620A10BA9472E ] a8djavs         C:\Windows\system32\Drivers\a8djavs.sys
15:09:10.0122 6296  a8djavs - ok
15:09:10.0138 6296  [ AB59D8967E50195265FC963C5E6488FA ] a8djusb         C:\Windows\system32\Drivers\a8djusb.sys
15:09:10.0263 6296  a8djusb - ok
15:09:10.0325 6296  [ AB59D8967E50195265FC963C5E6488FA ] a8djusb_svc     C:\Windows\system32\Drivers\a8djusb.sys
15:09:10.0388 6296  a8djusb_svc - ok
15:09:10.0544 6296  [ 656F06850D02BAED19F0E2E72B047CE2 ] ABBYY.Licensing.FineReader.Professional.11.0 C:\Program Files\ABBYY FineReader 11\NetworkLicenseServer.exe
15:09:10.0778 6296  ABBYY.Licensing.FineReader.Professional.11.0 - ok
15:09:10.0840 6296  [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:09:10.0887 6296  ACPI - ok
15:09:10.0934 6296  [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
15:09:11.0090 6296  AcpiPmi - ok
15:09:11.0152 6296  [ 45D8E2A2D8B9F33C32A7ADB6900C6E04 ] acsock          C:\Windows\system32\DRIVERS\acsock.sys
15:09:11.0261 6296  acsock - ok
15:09:11.0417 6296  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
15:09:11.0526 6296  AdobeARMservice - ok
15:09:11.0620 6296  [ EC807244904FA170C299AB06D87FBDBE ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:09:11.0760 6296  AdobeFlashPlayerUpdateSvc - ok
15:09:11.0823 6296  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
15:09:11.0885 6296  adp94xx - ok
15:09:11.0901 6296  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
15:09:11.0932 6296  adpahci - ok
15:09:11.0948 6296  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
15:09:11.0979 6296  adpu320 - ok
15:09:12.0010 6296  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:09:12.0135 6296  AeLookupSvc - ok
15:09:12.0213 6296  [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD             C:\Windows\system32\drivers\afd.sys
15:09:12.0322 6296  AFD - ok
15:09:12.0369 6296  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\Windows\system32\drivers\agp440.sys
15:09:12.0416 6296  agp440 - ok
15:09:12.0447 6296  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
15:09:12.0494 6296  aic78xx - ok
15:09:12.0556 6296  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\Windows\System32\alg.exe
15:09:12.0665 6296  ALG - ok
15:09:12.0728 6296  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:09:12.0759 6296  aliide - ok
15:09:12.0790 6296  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
15:09:12.0821 6296  amdagp - ok
15:09:12.0837 6296  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\Windows\system32\drivers\amdide.sys
15:09:12.0884 6296  amdide - ok
15:09:12.0946 6296  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
15:09:13.0071 6296  AmdK8 - ok
15:09:13.0102 6296  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
15:09:13.0164 6296  AmdPPM - ok
15:09:13.0242 6296  [ D320BF87125326F996D4904FE24300FC ] amdsata         C:\Windows\system32\drivers\amdsata.sys
15:09:13.0274 6296  amdsata - ok
15:09:13.0305 6296  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
15:09:13.0352 6296  amdsbs - ok
15:09:13.0383 6296  [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
15:09:13.0398 6296  amdxata - ok
15:09:13.0492 6296  [ 40C279A23BD43553BFBA6E88A9B38AE2 ] AnyDVD          C:\Windows\system32\Drivers\AnyDVD.sys
15:09:13.0586 6296  AnyDVD - ok
15:09:13.0648 6296  [ AEA177F783E20150ACE5383EE368DA19 ] AppID           C:\Windows\system32\drivers\appid.sys
15:09:13.0820 6296  AppID - ok
15:09:13.0866 6296  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:09:13.0976 6296  AppIDSvc - ok
15:09:14.0007 6296  [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo         C:\Windows\System32\appinfo.dll
15:09:14.0116 6296  Appinfo - ok
15:09:14.0163 6296  [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt         C:\Windows\System32\appmgmts.dll
15:09:14.0288 6296  AppMgmt - ok
15:09:14.0334 6296  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\Windows\system32\DRIVERS\arc.sys
15:09:14.0366 6296  arc - ok
15:09:14.0397 6296  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
15:09:14.0428 6296  arcsas - ok
15:09:14.0553 6296  [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
15:09:14.0646 6296  aspnet_state - ok
15:09:14.0678 6296  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:09:14.0880 6296  AsyncMac - ok
15:09:15.0021 6296  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\Windows\system32\drivers\atapi.sys
15:09:15.0052 6296  atapi - ok
15:09:15.0130 6296  [ 547F07839F71A4357A5E503646CAC2B0 ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
15:09:15.0333 6296  atksgt - ok
15:09:15.0426 6296  [ 51D379DB1C53C2A55FDF9372E748E5C7 ] ATSwpWDF        C:\Windows\system32\Drivers\ATSwpWDF.sys
15:09:15.0645 6296  ATSwpWDF - ok
15:09:15.0723 6296  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:09:15.0863 6296  AudioEndpointBuilder - ok
15:09:15.0879 6296  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
15:09:15.0941 6296  Audiosrv - ok
15:09:16.0035 6296  [ F3D3B0AFFD227AA2BFC80C1A4536BAA0 ] avc3            C:\Windows\system32\DRIVERS\avc3.sys
15:09:16.0175 6296  avc3 - ok
15:09:16.0284 6296  [ 7F9B99B564E7C9FBB6729ED95B5BBB24 ] avchv           C:\Windows\system32\DRIVERS\avchv.sys
15:09:16.0378 6296  avchv - ok
15:09:16.0456 6296  [ C7BE750843A8A39167187FD28634A25E ] avckf           C:\Windows\system32\DRIVERS\avckf.sys
15:09:16.0565 6296  avckf - ok
15:09:16.0628 6296  [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:09:16.0721 6296  AxInstSV - ok
15:09:16.0768 6296  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
15:09:16.0862 6296  b06bdrv - ok
15:09:16.0986 6296  [ 3D3F40545C81032297625655CAD40963 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
15:09:17.0049 6296  b57nd60x - ok
15:09:17.0189 6296  [ 7F68862A3A4BE1A032B5BF3A992423E1 ] BdDesktopParental C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe
15:09:17.0252 6296  BdDesktopParental - ok
15:09:17.0314 6296  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:09:17.0423 6296  BDESVC - ok
15:09:17.0532 6296  [ 2C8F82DC54215B2FE064EFF996F39D9B ] BdfNdisf        c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys
15:09:17.0595 6296  BdfNdisf - ok
15:09:17.0657 6296  [ 2F66C9DF34134419928BAC00E21E2679 ] bdfwfpf         C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
15:09:17.0766 6296  bdfwfpf - ok
15:09:17.0860 6296  [ B6CBFC9D825BB2D955620CD4D8EF07F9 ] BDSandBox       C:\Windows\system32\drivers\bdsandbox.sys
15:09:17.0922 6296  BDSandBox - ok
15:09:18.0047 6296  [ A7478F77584F8DB6AD74B2BBE1144886 ] bdselfpr        C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys
15:09:18.0203 6296  bdselfpr - ok
15:09:18.0266 6296  [ B82A4AE7C1259411421D2389BD1AB058 ] BDVEDISK        C:\Windows\system32\DRIVERS\bdvedisk.sys
15:09:18.0344 6296  BDVEDISK - ok
15:09:18.0390 6296  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:09:18.0484 6296  Beep - ok
15:09:18.0562 6296  [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE             C:\Windows\System32\bfe.dll
15:09:18.0671 6296  BFE - ok
15:09:18.0749 6296  [ E585445D5021971FAE10393F0F1C3961 ] BITS            C:\Windows\System32\qmgr.dll
15:09:18.0968 6296  BITS - ok
15:09:18.0999 6296  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
15:09:19.0046 6296  blbdrive - ok
15:09:19.0108 6296  [ 4FFD431D6714A63D61E6F0D24DF6AF2E ] bomebus         C:\Windows\system32\DRIVERS\bomebus.sys
15:09:19.0186 6296  bomebus - ok
15:09:19.0233 6296  [ 48DC03F9ECCF5FD615652B5424DAE98F ] bomemidi        C:\Windows\system32\drivers\bomemidi.sys
15:09:19.0280 6296  bomemidi - ok
15:09:19.0389 6296  [ F832F1505AD8B83474BD9A5B1B985E01 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:09:19.0467 6296  Bonjour Service - ok
15:09:19.0498 6296  [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:09:19.0592 6296  bowser - ok
15:09:19.0607 6296  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:09:19.0701 6296  BrFiltLo - ok
15:09:19.0748 6296  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:09:19.0826 6296  BrFiltUp - ok
15:09:19.0872 6296  [ 77361D72A04F18809D0EFB6CCEB74D4B ] Bridge          C:\Windows\system32\DRIVERS\bridge.sys
15:09:19.0950 6296  Bridge - ok
15:09:20.0013 6296  [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
15:09:20.0075 6296  BridgeMP - ok
15:09:20.0122 6296  [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser         C:\Windows\System32\browser.dll
15:09:20.0216 6296  Browser - ok
15:09:20.0262 6296  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
15:09:20.0356 6296  Brserid - ok
15:09:20.0387 6296  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:09:20.0434 6296  BrSerWdm - ok
15:09:20.0450 6296  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:09:20.0512 6296  BrUsbMdm - ok
15:09:20.0528 6296  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:09:20.0606 6296  BrUsbSer - ok
15:09:20.0668 6296  [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
15:09:20.0777 6296  BthEnum - ok
15:09:20.0793 6296  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
15:09:20.0855 6296  BTHMODEM - ok
15:09:20.0902 6296  [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
15:09:20.0964 6296  BthPan - ok
15:09:21.0058 6296  [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
15:09:21.0167 6296  BTHPORT - ok
15:09:21.0245 6296  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\Windows\system32\bthserv.dll
15:09:21.0323 6296  bthserv - ok
15:09:21.0370 6296  [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
15:09:21.0417 6296  BTHUSB - ok
15:09:21.0510 6296  [ 390946C125C045BD548CD66354607EB6 ] BTWAMPFL        C:\Windows\system32\DRIVERS\btwampfl.sys
15:09:21.0604 6296  BTWAMPFL - ok
15:09:21.0666 6296  [ EF40D262C20A61A2D7E463DFF4810149 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
15:09:21.0713 6296  btwaudio - ok
15:09:21.0744 6296  [ 51E18B21FBE47FEB1668FAF622AA07D7 ] btwavdt         C:\Windows\system32\DRIVERS\btwavdt.sys
15:09:21.0791 6296  btwavdt - ok
15:09:21.0916 6296  [ DF931297D4B3E25528A3F2F60894ACF9 ] btwdins         C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
15:09:22.0088 6296  btwdins - ok
15:09:22.0150 6296  [ D0A0301F724DA299411790FD244F6B9B ] BTWDPAN         C:\Windows\system32\DRIVERS\btwdpan.sys
15:09:22.0212 6296  BTWDPAN - ok
15:09:22.0290 6296  [ 53F0EDC6FAF9CE6C5E53EE7EF8D411C0 ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
15:09:22.0337 6296  btwl2cap - ok
15:09:22.0368 6296  [ 3EDAFCDE2A519F191B9CD64CAC014DC1 ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
15:09:22.0415 6296  btwrchid - ok
15:09:22.0462 6296  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:09:22.0540 6296  cdfs - ok
15:09:22.0618 6296  [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:09:22.0696 6296  cdrom - ok
15:09:22.0758 6296  [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc     C:\Windows\System32\certprop.dll
15:09:22.0868 6296  CertPropSvc - ok
15:09:22.0914 6296  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
15:09:22.0992 6296  circlass - ok
15:09:23.0055 6296  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\Windows\system32\CLFS.sys
15:09:23.0102 6296  CLFS - ok
15:09:23.0180 6296  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:09:23.0226 6296  clr_optimization_v2.0.50727_32 - ok
15:09:23.0320 6296  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:09:23.0398 6296  clr_optimization_v4.0.30319_32 - ok
15:09:23.0445 6296  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
15:09:23.0507 6296  CmBatt - ok
15:09:23.0538 6296  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:09:23.0570 6296  cmdide - ok
15:09:23.0632 6296  [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG             C:\Windows\system32\Drivers\cng.sys
15:09:23.0741 6296  CNG - ok
15:09:23.0788 6296  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
15:09:23.0819 6296  Compbatt - ok
15:09:23.0882 6296  [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
15:09:23.0928 6296  CompositeBus - ok
15:09:23.0944 6296  COMSysApp - ok
15:09:23.0975 6296  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
15:09:24.0006 6296  crcdisk - ok
15:09:24.0053 6296  [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:09:24.0131 6296  CryptSvc - ok
15:09:24.0178 6296  [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC             C:\Windows\system32\drivers\csc.sys
15:09:24.0287 6296  CSC - ok
15:09:24.0318 6296  [ 15F93B37F6801943360D9EB42485D5D3 ] CscService      C:\Windows\System32\cscsvc.dll
15:09:24.0381 6296  CscService - ok
15:09:24.0459 6296  [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:09:24.0552 6296  DcomLaunch - ok
15:09:24.0630 6296  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\Windows\System32\defragsvc.dll
15:09:24.0724 6296  defragsvc - ok
15:09:24.0771 6296  [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:09:24.0864 6296  DfsC - ok
15:09:24.0927 6296  [ 649705E3DAE598BC0F957BACBF9A2BD5 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
15:09:24.0989 6296  dg_ssudbus - ok
15:09:25.0067 6296  [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:09:25.0145 6296  Dhcp - ok
15:09:25.0176 6296  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\Windows\system32\drivers\discache.sys
15:09:25.0270 6296  discache - ok
15:09:25.0332 6296  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\Windows\system32\DRIVERS\disk.sys
15:09:25.0379 6296  Disk - ok
15:09:25.0410 6296  [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:09:25.0504 6296  Dnscache - ok
15:09:25.0551 6296  [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:09:25.0644 6296  dot3svc - ok
15:09:25.0676 6296  [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS             C:\Windows\system32\dps.dll
15:09:25.0769 6296  DPS - ok
15:09:25.0832 6296  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:09:25.0894 6296  drmkaud - ok
15:09:25.0956 6296  [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:09:26.0019 6296  DXGKrnl - ok
15:09:26.0066 6296  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\Windows\System32\eapsvc.dll
15:09:26.0144 6296  EapHost - ok
15:09:26.0300 6296  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
15:09:26.0502 6296  ebdrv - ok
15:09:26.0549 6296  [ 81951F51E318AECC2D68559E47485CC4 ] EFS             C:\Windows\System32\lsass.exe
15:09:26.0643 6296  EFS - ok
15:09:26.0736 6296  [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:09:26.0846 6296  ehRecvr - ok
15:09:26.0908 6296  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\Windows\ehome\ehsched.exe
15:09:26.0986 6296  ehSched - ok
15:09:27.0048 6296  [ D71233D7CCC2E64F8715A20428D5A33B ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
15:09:27.0111 6296  ElbyCDIO - ok
15:09:27.0173 6296  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
15:09:27.0236 6296  elxstor - ok
15:09:27.0298 6296  [ 539CA34FBC74EC366A0D751028C32A08 ] epmntdrv        C:\Windows\system32\epmntdrv.sys
15:09:27.0376 6296  epmntdrv ( UnsignedFile.Multi.Generic ) - warning
15:09:27.0376 6296  epmntdrv - detected UnsignedFile.Multi.Generic (1)
15:09:27.0407 6296  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:09:27.0470 6296  ErrDev - ok
15:09:27.0516 6296  [ 1F2F4AB15CE03ECC257FEB2F6DC5A013 ] EuGdiDrv        C:\Windows\system32\EuGdiDrv.sys
15:09:27.0579 6296  EuGdiDrv ( UnsignedFile.Multi.Generic ) - warning
15:09:27.0579 6296  EuGdiDrv - detected UnsignedFile.Multi.Generic (1)
15:09:27.0641 6296  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\Windows\system32\es.dll
15:09:27.0735 6296  EventSystem - ok
15:09:27.0860 6296  [ 00FA69825F68032B601AA1C60E75F06A ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
15:09:28.0031 6296  EvtEng - ok
15:09:28.0094 6296  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\Windows\system32\drivers\exfat.sys
15:09:28.0203 6296  exfat - ok
15:09:28.0218 6296  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:09:28.0312 6296  fastfat - ok
15:09:28.0374 6296  [ 967EA5B213E9984CBE270205DF37755B ] Fax             C:\Windows\system32\fxssvc.exe
15:09:28.0468 6296  Fax - ok
15:09:28.0499 6296  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
15:09:28.0577 6296  fdc - ok
15:09:28.0640 6296  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\Windows\system32\fdPHost.dll
15:09:28.0702 6296  fdPHost - ok
15:09:28.0718 6296  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\Windows\system32\fdrespub.dll
15:09:28.0827 6296  FDResPub - ok
15:09:28.0842 6296  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:09:28.0889 6296  FileInfo - ok
15:09:28.0889 6296  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:09:28.0998 6296  Filetrace - ok
15:09:29.0030 6296  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
15:09:29.0092 6296  flpydisk - ok
15:09:29.0139 6296  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:09:29.0186 6296  FltMgr - ok
15:09:29.0279 6296  [ E12C4928B32ACE04610259647F072635 ] FontCache       C:\Windows\system32\FntCache.dll
15:09:29.0482 6296  FontCache - ok
15:09:29.0576 6296  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:09:29.0607 6296  FontCache3.0.0.0 - ok
15:09:29.0654 6296  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:09:29.0669 6296  FsDepends - ok
15:09:29.0716 6296  [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:09:29.0747 6296  Fs_Rec - ok
15:09:29.0810 6296  [ 8A73E79089B282100B9393B644CB853B ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:09:29.0856 6296  fvevol - ok
15:09:29.0888 6296  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
15:09:29.0934 6296  gagp30kx - ok
15:09:30.0012 6296  [ 007AEA2E06E7CEF7372E40C277163959 ] ggflt           C:\Windows\system32\DRIVERS\ggflt.sys
15:09:30.0059 6296  ggflt - ok
15:09:30.0075 6296  [ C73DE35960CA75C5AB4AE636B127C64E ] ggsemc          C:\Windows\system32\DRIVERS\ggsemc.sys
15:09:30.0137 6296  ggsemc - ok
15:09:30.0184 6296  [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc           C:\Windows\System32\gpsvc.dll
15:09:30.0293 6296  gpsvc - ok
15:09:30.0434 6296  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
15:09:30.0714 6296  gupdate - ok
15:09:30.0746 6296  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
15:09:30.0824 6296  gupdatem - ok
15:09:30.0886 6296  [ C1B577B2169900F4CF7190C39F085794 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
15:09:31.0011 6296  gusvc - ok
15:09:31.0089 6296  [ 479664FA3E1BD3E0B828971A0D500D4E ] gzflt           C:\Windows\system32\DRIVERS\gzflt.sys
15:09:31.0229 6296  gzflt - ok
15:09:31.0276 6296  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:09:31.0401 6296  hcw85cir - ok
15:09:31.0541 6296  [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:09:31.0619 6296  HdAudAddService - ok
15:09:31.0650 6296  [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
15:09:31.0728 6296  HDAudBus - ok
15:09:31.0760 6296  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
15:09:31.0822 6296  HidBatt - ok
15:09:31.0869 6296  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
15:09:31.0931 6296  HidBth - ok
15:09:31.0962 6296  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
15:09:32.0025 6296  HidIr - ok
15:09:32.0056 6296  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\Windows\system32\hidserv.dll
15:09:32.0150 6296  hidserv - ok
15:09:32.0212 6296  [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:09:32.0274 6296  HidUsb - ok
15:09:32.0306 6296  [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:09:32.0384 6296  hkmsvc - ok
15:09:32.0430 6296  [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:09:32.0508 6296  HomeGroupListener - ok
15:09:32.0555 6296  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:09:32.0633 6296  HomeGroupProvider - ok
15:09:32.0696 6296  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:09:32.0742 6296  HpSAMD - ok
15:09:32.0805 6296  [ 871917B07A141BFF43D76D8844D48106 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:09:32.0914 6296  HTTP - ok
15:09:32.0945 6296  [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:09:32.0976 6296  hwpolicy - ok
15:09:33.0070 6296  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
15:09:33.0132 6296  i8042prt - ok
15:09:33.0195 6296  [ F4037A3FEDB92DD97C95F320766EA5C9 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
15:09:33.0288 6296  iaStor - ok
15:09:33.0460 6296  [ 8FFF9083252C16FE3960173722605E9E ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
15:09:33.0600 6296  IAStorDataMgrSvc - ok
15:09:33.0647 6296  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:09:33.0694 6296  iaStorV - ok
15:09:33.0803 6296  [ 6F95324909B502E2651442C1548AB12F ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
15:09:33.0959 6296  IDriverT ( UnsignedFile.Multi.Generic ) - warning
15:09:33.0959 6296  IDriverT - detected UnsignedFile.Multi.Generic (1)
15:09:34.0053 6296  [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:09:34.0100 6296  idsvc - ok
15:09:34.0131 6296  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
15:09:34.0178 6296  iirsp - ok
15:09:34.0256 6296  [ F95622F161474511B8D80D6B093AA610 ] IKEEXT          C:\Windows\System32\ikeext.dll
15:09:34.0365 6296  IKEEXT - ok
15:09:34.0536 6296  [ F2C17D2C3D70C389193D9954E375E5E3 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
15:09:34.0739 6296  IntcAzAudAddService - ok
15:09:34.0786 6296  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\Windows\system32\drivers\intelide.sys
15:09:34.0802 6296  intelide - ok
15:09:34.0848 6296  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:09:34.0911 6296  intelppm - ok
15:09:34.0926 6296  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:09:35.0020 6296  IPBusEnum - ok
15:09:35.0036 6296  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:09:35.0145 6296  IpFilterDriver - ok
15:09:35.0238 6296  [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:09:35.0332 6296  iphlpsvc - ok
15:09:35.0379 6296  [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
15:09:35.0426 6296  IPMIDRV - ok
15:09:35.0457 6296  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:09:35.0550 6296  IPNAT - ok
15:09:35.0597 6296  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:09:35.0660 6296  IRENUM - ok
15:09:35.0691 6296  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:09:35.0722 6296  isapnp - ok
15:09:35.0769 6296  [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:09:35.0800 6296  iScsiPrt - ok
15:09:35.0878 6296  [ FE8300320281D658A7854D5CFC02A63F ] k750bus         C:\Windows\system32\DRIVERS\k750bus.sys
15:09:35.0972 6296  k750bus - ok
15:09:36.0065 6296  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:09:36.0112 6296  kbdclass - ok
15:09:36.0159 6296  [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:09:36.0221 6296  kbdhid - ok
15:09:36.0252 6296  [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso          C:\Windows\system32\lsass.exe
15:09:36.0299 6296  KeyIso - ok
15:09:36.0346 6296  [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:09:36.0377 6296  KSecDD - ok
15:09:36.0424 6296  [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:09:36.0471 6296  KSecPkg - ok
15:09:36.0518 6296  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:09:36.0627 6296  KtmRm - ok
15:09:36.0705 6296  [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:09:36.0783 6296  LanmanServer - ok
15:09:36.0814 6296  [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:09:36.0908 6296  LanmanWorkstation - ok
15:09:36.0970 6296  [ 3C3F7F424E324C6971632C5DE5FF458F ] lenovo.smi      C:\Windows\system32\DRIVERS\smiif32.sys
15:09:37.0017 6296  lenovo.smi - ok
15:09:37.0079 6296  [ F8A7212D0864EF5E9185FB95E6623F4D ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
15:09:37.0142 6296  lirsgt - ok
15:09:37.0204 6296  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:09:37.0282 6296  lltdio - ok
15:09:37.0313 6296  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:09:37.0407 6296  lltdsvc - ok
15:09:37.0438 6296  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:09:37.0532 6296  lmhosts - ok
15:09:37.0578 6296  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
15:09:37.0610 6296  LSI_FC - ok
15:09:37.0625 6296  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
15:09:37.0672 6296  LSI_SAS - ok
15:09:37.0703 6296  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:09:37.0750 6296  LSI_SAS2 - ok
15:09:37.0781 6296  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:09:37.0828 6296  LSI_SCSI - ok
15:09:37.0875 6296  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\Windows\system32\drivers\luafv.sys
15:09:37.0937 6296  luafv - ok
15:09:38.0000 6296  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:09:38.0046 6296  Mcx2Svc - ok
15:09:38.0078 6296  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
15:09:38.0109 6296  megasas - ok
15:09:38.0171 6296  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
15:09:38.0218 6296  MegaSR - ok
15:09:38.0265 6296  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\Windows\system32\mmcss.dll
15:09:38.0343 6296  MMCSS - ok
15:09:38.0374 6296  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\Windows\system32\drivers\modem.sys
15:09:38.0468 6296  Modem - ok
15:09:38.0483 6296  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:09:38.0561 6296  monitor - ok
15:09:38.0592 6296  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:09:38.0639 6296  mouclass - ok
15:09:38.0670 6296  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:09:38.0780 6296  mouhid - ok
15:09:38.0842 6296  [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:09:38.0873 6296  mountmgr - ok
15:09:38.0998 6296  [ 5C5E45DDABEFBC9F564F1D5C83258B8F ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
15:09:39.0045 6296  MozillaMaintenance - ok
15:09:39.0076 6296  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:09:39.0123 6296  mpio - ok
15:09:39.0138 6296  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:09:39.0232 6296  mpsdrv - ok
15:09:39.0310 6296  [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:09:39.0419 6296  MpsSvc - ok
15:09:39.0482 6296  [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:09:39.0560 6296  MRxDAV - ok
15:09:39.0622 6296  [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:09:39.0716 6296  mrxsmb - ok
15:09:39.0762 6296  [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:09:39.0825 6296  mrxsmb10 - ok
15:09:39.0856 6296  [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:09:39.0903 6296  mrxsmb20 - ok
15:09:39.0950 6296  [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci          C:\Windows\system32\drivers\msahci.sys
15:09:39.0996 6296  msahci - ok
15:09:40.0043 6296  [ 55055F8AD8BE27A64C831322A780A228 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:09:40.0074 6296  msdsm - ok
15:09:40.0121 6296  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\Windows\System32\msdtc.exe
15:09:40.0168 6296  MSDTC - ok
15:09:40.0215 6296  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:09:40.0308 6296  Msfs - ok
15:09:40.0324 6296  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:09:40.0433 6296  mshidkmdf - ok
15:09:40.0496 6296  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:09:40.0527 6296  msisadrv - ok
15:09:40.0605 6296  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:09:40.0698 6296  MSiSCSI - ok
15:09:40.0698 6296  msiserver - ok
15:09:40.0745 6296  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:09:40.0808 6296  MSKSSRV - ok
15:09:40.0823 6296  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:09:40.0901 6296  MSPCLOCK - ok
15:09:40.0932 6296  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:09:40.0995 6296  MSPQM - ok
15:09:41.0026 6296  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:09:41.0057 6296  MsRPC - ok
15:09:41.0104 6296  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
15:09:41.0135 6296  mssmbios - ok
15:09:41.0151 6296  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:09:41.0198 6296  MSTEE - ok
15:09:41.0213 6296  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
15:09:41.0229 6296  MTConfig - ok
15:09:41.0244 6296  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\Windows\system32\Drivers\mup.sys
15:09:41.0276 6296  Mup - ok
15:09:41.0322 6296  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent        C:\Windows\system32\qagentRT.dll
15:09:41.0400 6296  napagent - ok
15:09:41.0478 6296  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:09:41.0525 6296  NativeWifiP - ok
15:09:41.0603 6296  [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:09:41.0728 6296  NDIS - ok
15:09:41.0775 6296  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:09:41.0853 6296  NdisCap - ok
15:09:41.0884 6296  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:09:41.0978 6296  NdisTapi - ok
15:09:42.0009 6296  [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:09:42.0087 6296  Ndisuio - ok
15:09:42.0134 6296  [ 38FBE267E7E6983311179230FACB1017 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:09:42.0212 6296  NdisWan - ok
15:09:42.0243 6296  [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:09:42.0305 6296  NDProxy - ok
15:09:42.0352 6296  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:09:42.0430 6296  NetBIOS - ok
15:09:42.0477 6296  [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:09:42.0570 6296  NetBT - ok
15:09:42.0602 6296  [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon        C:\Windows\system32\lsass.exe
15:09:42.0633 6296  Netlogon - ok
15:09:42.0680 6296  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\Windows\System32\netman.dll
15:09:42.0789 6296  Netman - ok
15:09:42.0851 6296  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:09:42.0914 6296  NetMsmqActivator - ok
15:09:42.0929 6296  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:09:42.0945 6296  NetPipeActivator - ok
15:09:43.0054 6296  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\Windows\System32\netprofm.dll
15:09:43.0116 6296  netprofm - ok
15:09:43.0132 6296  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:09:43.0148 6296  NetTcpActivator - ok
15:09:43.0148 6296  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:09:43.0163 6296  NetTcpPortSharing - ok
15:09:43.0397 6296  [ 58218EC6B61B1169CF54AAB0D00F5FE2 ] netw5v32        C:\Windows\system32\DRIVERS\netw5v32.sys
15:09:43.0662 6296  netw5v32 - ok
15:09:43.0709 6296  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
15:09:43.0740 6296  nfrd960 - ok
15:09:43.0803 6296  [ 37260A293B6A89373AE76791E6CC5A12 ] nhcDriverDevice C:\Windows\system32\drivers\nhcDriver.sys
15:09:43.0850 6296  nhcDriverDevice ( UnsignedFile.Multi.Generic ) - warning
15:09:43.0850 6296  nhcDriverDevice - detected UnsignedFile.Multi.Generic (1)
15:09:44.0286 6296  [ FEB33E85DA105767265C89F97201135F ] NIHardwareService C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
15:09:44.0910 6296  NIHardwareService ( UnsignedFile.Multi.Generic ) - warning
15:09:44.0910 6296  NIHardwareService - detected UnsignedFile.Multi.Generic (1)
15:09:44.0988 6296  [ EA7BB4CC7C9AB8A3B70F4F696E6B3DDB ] NIWinCDEmu      C:\Windows\system32\DRIVERS\NIWinCDEmu.sys
15:09:45.0020 6296  NIWinCDEmu - ok
15:09:45.0129 6296  [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:09:45.0191 6296  NlaSvc - ok
15:09:45.0300 6296  [ D858D1E264F99A0E06FFCADC05641B28 ] Notebook Hardware Control Service C:\Program Files\Notebook Hardware Control\nhcservice.exe
15:09:45.0394 6296  Notebook Hardware Control Service ( UnsignedFile.Multi.Generic ) - warning
15:09:45.0394 6296  Notebook Hardware Control Service - detected UnsignedFile.Multi.Generic (1)
15:09:45.0425 6296  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:09:45.0488 6296  Npfs - ok
15:09:45.0534 6296  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\Windows\system32\nsisvc.dll
15:09:45.0628 6296  nsi - ok
15:09:45.0675 6296  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:09:45.0800 6296  nsiproxy - ok
15:09:45.0909 6296  [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:09:45.0987 6296  Ntfs - ok
15:09:46.0018 6296  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\Windows\system32\drivers\Null.sys
15:09:46.0096 6296  Null - ok
15:09:46.0424 6296  [ 05B288B25C2EBD9A4E9E5114AE790876 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:09:46.0892 6296  nvlddmkm - ok
15:09:46.0954 6296  [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:09:47.0001 6296  nvraid - ok
15:09:47.0048 6296  [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:09:47.0094 6296  nvstor - ok
15:09:47.0188 6296  [ 1B089DD0725DC6B885765A170BBEE311 ] NVStrap         C:\Windows\system32\drivers\NVStrap.sys
15:09:47.0250 6296  NVStrap ( UnsignedFile.Multi.Generic ) - warning
15:09:47.0250 6296  NVStrap - detected UnsignedFile.Multi.Generic (1)
15:09:47.0360 6296  [ E937A615D4289E83E234C3EC26092431 ] nvsvc           C:\Windows\system32\nvvsvc.exe
15:09:47.0453 6296  nvsvc - ok
15:09:47.0500 6296  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:09:47.0531 6296  nv_agp - ok
15:09:47.0578 6296  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:09:47.0640 6296  ohci1394 - ok
15:09:47.0672 6296  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:09:47.0781 6296  p2pimsvc - ok
15:09:47.0812 6296  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\Windows\system32\p2psvc.dll
15:09:47.0890 6296  p2psvc - ok
15:09:47.0937 6296  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
15:09:47.0984 6296  Parport - ok
15:09:48.0015 6296  [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:09:48.0062 6296  partmgr - ok
15:09:48.0077 6296  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
15:09:48.0124 6296  Parvdm - ok
15:09:48.0155 6296  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:09:48.0202 6296  PcaSvc - ok
15:09:48.0249 6296  [ 673E55C3498EB970088E812EA820AA8F ] pci             C:\Windows\system32\drivers\pci.sys
15:09:48.0280 6296  pci - ok
15:09:48.0327 6296  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\Windows\system32\drivers\pciide.sys
15:09:48.0358 6296  pciide - ok
15:09:48.0374 6296  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
15:09:48.0420 6296  pcmcia - ok
15:09:48.0436 6296  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\Windows\system32\drivers\pcw.sys
15:09:48.0483 6296  pcw - ok
15:09:48.0545 6296  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:09:48.0654 6296  PEAUTH - ok
15:09:48.0748 6296  [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
15:09:48.0826 6296  PeerDistSvc - ok
15:09:48.0935 6296  [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla             C:\Windows\system32\pla.dll
15:09:49.0076 6296  pla - ok
15:09:49.0138 6296  [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:09:49.0232 6296  PlugPlay - ok
15:09:49.0263 6296  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:09:49.0325 6296  PNRPAutoReg - ok
15:09:49.0356 6296  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:09:49.0403 6296  PNRPsvc - ok
15:09:49.0450 6296  [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:09:49.0544 6296  PolicyAgent - ok
15:09:49.0590 6296  [ F87D30E72E03D579A5199CCB3831D6EA ] Power           C:\Windows\system32\umpo.dll
15:09:49.0653 6296  Power - ok
15:09:49.0700 6296  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:09:49.0778 6296  PptpMiniport - ok
15:09:49.0793 6296  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
15:09:49.0840 6296  Processor - ok
15:09:49.0887 6296  [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc         C:\Windows\system32\profsvc.dll
15:09:49.0965 6296  ProfSvc - ok
15:09:49.0996 6296  [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:09:50.0027 6296  ProtectedStorage - ok
15:09:50.0105 6296  [ 72DE205CD4006DC45B1401859C506679 ] psadd           C:\Windows\system32\DRIVERS\psadd.sys
15:09:50.0152 6296  psadd - ok
15:09:50.0168 6296  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:09:50.0230 6296  Psched - ok
15:09:50.0324 6296  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
15:09:50.0417 6296  ql2300 - ok
15:09:50.0433 6296  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
15:09:50.0480 6296  ql40xx - ok
15:09:50.0526 6296  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\Windows\system32\qwave.dll
15:09:50.0604 6296  QWAVE - ok
15:09:50.0636 6296  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:09:50.0682 6296  QWAVEdrv - ok
15:09:50.0698 6296  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:09:50.0792 6296  RasAcd - ok
15:09:50.0838 6296  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
15:09:50.0916 6296  RasAgileVpn - ok
15:09:50.0948 6296  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\Windows\System32\rasauto.dll
15:09:51.0026 6296  RasAuto - ok
15:09:51.0057 6296  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:09:51.0150 6296  Rasl2tp - ok
15:09:51.0228 6296  [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan          C:\Windows\System32\rasmans.dll
15:09:51.0322 6296  RasMan - ok
15:09:51.0369 6296  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:09:51.0431 6296  RasPppoe - ok
15:09:51.0462 6296  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:09:51.0540 6296  RasSstp - ok
15:09:51.0587 6296  [ D528BC58A489409BA40334EBF96A311B ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:09:51.0665 6296  rdbss - ok
15:09:51.0681 6296  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
15:09:51.0743 6296  rdpbus - ok
15:09:51.0790 6296  [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:09:51.0868 6296  RDPCDD - ok
15:09:51.0930 6296  [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
15:09:52.0008 6296  RDPDR - ok
15:09:52.0040 6296  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:09:52.0118 6296  RDPENCDD - ok
15:09:52.0149 6296  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:09:52.0227 6296  RDPREFMP - ok
15:09:52.0305 6296  [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:09:52.0367 6296  RdpVideoMiniport - ok
15:09:52.0414 6296  [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:09:52.0508 6296  RDPWD - ok
15:09:52.0586 6296  [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:09:52.0617 6296  rdyboost - ok
15:09:52.0710 6296  [ 7031A7D5C3B773BFA14EA5956A18942A ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
15:09:52.0835 6296  RegSrvc - ok
15:09:52.0882 6296  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:09:52.0960 6296  RemoteAccess - ok
15:09:53.0007 6296  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:09:53.0100 6296  RemoteRegistry - ok
15:09:53.0163 6296  [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
15:09:53.0225 6296  RFCOMM - ok
15:09:53.0288 6296  [ D65AC8797F0286ED269500747D6290A4 ] rimmptsk        C:\Windows\system32\DRIVERS\rimmptsk.sys
15:09:53.0397 6296  rimmptsk - ok
15:09:53.0444 6296  [ 49EC82B44EB93374ED9988DA7E0E0151 ] rimsptsk        C:\Windows\system32\DRIVERS\rimsptsk.sys
15:09:53.0584 6296  rimsptsk - ok
15:09:53.0646 6296  [ ACE2CE73D7B04EAC48FB80482E05E770 ] risdptsk        C:\Windows\system32\DRIVERS\risdptsk.sys
15:09:53.0740 6296  risdptsk - ok
15:09:53.0802 6296  [ 2A2554CB24506E0A0508FC395C4A1B42 ] rismxdp         C:\Windows\system32\DRIVERS\rixdptsk.sys
15:09:53.0849 6296  rismxdp - ok
15:09:53.0912 6296  [ C0C8909BE3ECC9DF8089112BF9BE954E ] RivaTuner32     C:\Program Files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner32.sys
15:09:53.0990 6296  RivaTuner32 ( UnsignedFile.Multi.Generic ) - warning
15:09:53.0990 6296  RivaTuner32 - detected UnsignedFile.Multi.Generic (1)
15:09:54.0021 6296  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:09:54.0099 6296  RpcEptMapper - ok
15:09:54.0114 6296  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\Windows\system32\locator.exe
15:09:54.0177 6296  RpcLocator - ok
15:09:54.0239 6296  [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs           C:\Windows\system32\rpcss.dll
15:09:54.0317 6296  RpcSs - ok
15:09:54.0333 6296  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:09:54.0411 6296  rspndr - ok
15:09:54.0520 6296  [ 23B7D6E41C7000ACE3FFE16214C9ED98 ] rtpMIDIService  C:\Program Files\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe
15:09:54.0879 6296  rtpMIDIService ( UnsignedFile.Multi.Generic ) - warning
15:09:54.0879 6296  rtpMIDIService - detected UnsignedFile.Multi.Generic (1)
15:09:54.0941 6296  [ E1AB463B36A7EF31D8A73A97A9B57AFA ] s115bus         C:\Windows\system32\DRIVERS\s115bus.sys
15:09:54.0988 6296  s115bus - ok
15:09:55.0019 6296  [ E24113FC13B8737C94CF4E3415488C76 ] s115mdfl        C:\Windows\system32\DRIVERS\s115mdfl.sys
15:09:55.0035 6296  s115mdfl - ok
15:09:55.0066 6296  [ 4029E49E7C673AA0670BD206B0AF1B5B ] s115mdm         C:\Windows\system32\DRIVERS\s115mdm.sys
15:09:55.0144 6296  s115mdm - ok
15:09:55.0160 6296  [ EB02AB4CA8BCCECFDE236CAD8FC6E135 ] s115mgmt        C:\Windows\system32\DRIVERS\s115mgmt.sys
15:09:55.0191 6296  s115mgmt - ok
15:09:55.0253 6296  [ 089869DB9FFD2AC807FA87FE82AC7761 ] s115obex        C:\Windows\system32\DRIVERS\s115obex.sys
15:09:55.0347 6296  s115obex - ok
15:09:55.0378 6296  [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
15:09:55.0472 6296  s3cap - ok
15:09:55.0581 6296  [ 1E94612C7364C9D17A3B0A989957A603 ] SafeBox         C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
15:09:55.0674 6296  SafeBox - ok
15:09:55.0690 6296  [ 81951F51E318AECC2D68559E47485CC4 ] SamSs           C:\Windows\system32\lsass.exe
15:09:55.0721 6296  SamSs - ok
15:09:55.0752 6296  SANDRA - ok
15:09:55.0893 6296  SASDIFSV - ok
15:09:55.0955 6296  SASKUTIL - ok
15:09:56.0033 6296  [ BA96AB2A659E4FEBF764BA820FD47694 ] SbieDrv         C:\Program Files\Sandboxie\SbieDrv.sys
15:09:56.0096 6296  SbieDrv - ok
15:09:56.0142 6296  [ 381A725D0CD34C42D0EB059F47FCE713 ] SbieSvc         C:\Program Files\Sandboxie\SbieSvc.exe
15:09:56.0189 6296  SbieSvc - ok
15:09:56.0236 6296  [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:09:56.0267 6296  sbp2port - ok
15:09:56.0314 6296  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:09:56.0408 6296  SCardSvr - ok
15:09:56.0501 6296  [ 16B1ABE7F3E35F21DAC57592B6C5D464 ] SCDEmu          C:\Windows\system32\drivers\SCDEmu.sys
15:09:56.0548 6296  SCDEmu ( UnsignedFile.Multi.Generic ) - warning
15:09:56.0548 6296  SCDEmu - detected UnsignedFile.Multi.Generic (1)
15:09:56.0595 6296  [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:09:56.0673 6296  scfilter - ok
15:09:56.0735 6296  [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule        C:\Windows\system32\schedsvc.dll
15:09:56.0844 6296  Schedule - ok
15:09:56.0876 6296  [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:09:56.0922 6296  SCPolicySvc - ok
15:09:56.0985 6296  [ 0328BE1C7F1CBA23848179F8762E391C ] sdbus           C:\Windows\system32\drivers\sdbus.sys
15:09:57.0047 6296  sdbus - ok
15:09:57.0110 6296  [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:09:57.0203 6296  SDRSVC - ok
15:09:57.0250 6296  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:09:57.0375 6296  secdrv - ok
15:09:57.0406 6296  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\Windows\system32\seclogon.dll
15:09:57.0500 6296  seclogon - ok
15:09:57.0531 6296  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\Windows\System32\sens.dll
15:09:57.0609 6296  SENS - ok
15:09:57.0640 6296  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:09:57.0702 6296  SensrSvc - ok
15:09:57.0718 6296  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
15:09:57.0780 6296  Serenum - ok
15:09:57.0827 6296  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
15:09:57.0936 6296  Serial - ok
15:09:57.0999 6296  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
15:09:58.0046 6296  sermouse - ok
15:09:58.0108 6296  [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv      C:\Windows\system32\sessenv.dll
15:09:58.0186 6296  SessionEnv - ok
15:09:58.0217 6296  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:09:58.0280 6296  sffdisk - ok
15:09:58.0295 6296  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:09:58.0358 6296  sffp_mmc - ok
15:09:58.0389 6296  [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:09:58.0436 6296  sffp_sd - ok
15:09:58.0482 6296  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
15:09:58.0529 6296  sfloppy - ok
15:09:58.0560 6296  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:09:58.0654 6296  SharedAccess - ok
15:09:58.0701 6296  [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:09:58.0794 6296  ShellHWDetection - ok
15:09:58.0826 6296  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\Windows\system32\drivers\sisagp.sys
15:09:58.0857 6296  sisagp - ok
15:09:58.0904 6296  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:09:58.0950 6296  SiSRaid2 - ok
15:09:58.0982 6296  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
15:09:59.0013 6296  SiSRaid4 - ok
15:09:59.0106 6296  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
15:09:59.0216 6296  SkypeUpdate - ok
15:09:59.0247 6296  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:09:59.0340 6296  Smb - ok
15:09:59.0418 6296  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:09:59.0465 6296  SNMPTRAP - ok
15:09:59.0528 6296  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:09:59.0590 6296  spldr - ok
15:09:59.0715 6296  [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler         C:\Windows\System32\spoolsv.exe
15:09:59.0808 6296  Spooler - ok
15:09:59.0964 6296  [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc          C:\Windows\system32\sppsvc.exe
15:10:00.0136 6296  sppsvc - ok
15:10:00.0167 6296  [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
15:10:00.0245 6296  sppuinotify - ok
15:10:00.0292 6296  [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:10:00.0386 6296  srv - ok
15:10:00.0432 6296  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:10:00.0479 6296  srv2 - ok
15:10:00.0526 6296  [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:10:00.0588 6296  srvnet - ok
15:10:00.0620 6296  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:10:00.0698 6296  SSDPSRV - ok
15:10:00.0713 6296  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:10:00.0776 6296  SstpSvc - ok
15:10:00.0869 6296  [ 6D82CB78DE57A073E95431F3486B1B27 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
15:10:00.0916 6296  ssudmdm - ok
15:10:00.0947 6296  StarOpen - ok
15:10:00.0978 6296  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
15:10:01.0010 6296  stexstor - ok
15:10:01.0088 6296  [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc          C:\Windows\System32\wiaservc.dll
15:10:01.0166 6296  StiSvc - ok
15:10:01.0212 6296  [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
15:10:01.0244 6296  storflt - ok
15:10:01.0275 6296  [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
15:10:01.0306 6296  storvsc - ok
15:10:01.0431 6296  [ 6EA2F517373771CAC5188E82617C9C0B ] SUService       C:\Program Files\Lenovo\System Update\SUService.exe
15:10:01.0509 6296  SUService ( UnsignedFile.Multi.Generic ) - warning
15:10:01.0509 6296  SUService - detected UnsignedFile.Multi.Generic (1)
15:10:01.0571 6296  [ 6ED7ABF6CB1E6EC0DEBB53E0F104ED64 ] SWDUMon         C:\Windows\system32\DRIVERS\SWDUMon.sys
15:10:01.0634 6296  SWDUMon - ok
15:10:01.0665 6296  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\Windows\system32\drivers\swenum.sys
15:10:01.0696 6296  swenum - ok
15:10:01.0743 6296  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\Windows\System32\swprv.dll
15:10:01.0836 6296  swprv - ok
15:10:01.0868 6296  Synth3dVsc - ok
15:10:01.0914 6296  [ 6BEF3ACD6EE22EEC55B68699E8AACE09 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
15:10:01.0992 6296  SynTP - ok
15:10:02.0086 6296  [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain         C:\Windows\system32\sysmain.dll
15:10:02.0148 6296  SysMain - ok
15:10:02.0164 6296  [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:10:02.0242 6296  TabletInputService - ok
15:10:02.0320 6296  [ 613BF4820361543956909043A265C6AC ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:10:02.0382 6296  TapiSrv - ok
15:10:02.0445 6296  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\Windows\System32\tbssvc.dll
15:10:02.0554 6296  TBS - ok
15:10:02.0648 6296  [ 7C0507D2391AF5933600CBCED799F277 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:10:02.0741 6296  Tcpip - ok
15:10:02.0804 6296  [ 7C0507D2391AF5933600CBCED799F277 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:10:02.0897 6296  TCPIP6 - ok
15:10:02.0928 6296  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:10:02.0991 6296  tcpipreg - ok
15:10:03.0022 6296  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:10:03.0116 6296  TDPIPE - ok
15:10:03.0162 6296  [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:10:03.0225 6296  TDTCP - ok
15:10:03.0256 6296  [ B459575348C20E8121D6039DA063C704 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:10:03.0350 6296  tdx - ok
15:10:03.0584 6296  [ 5E53CF8AD0FD33B35000C113656AB37B ] TeamViewer7     C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
15:10:03.0849 6296  TeamViewer7 - ok
15:10:03.0880 6296  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD          C:\Windows\system32\drivers\termdd.sys
15:10:03.0911 6296  TermDD - ok
15:10:03.0958 6296  [ 382C804C92811BE57829D8E550A900E2 ] TermService     C:\Windows\System32\termsrv.dll
15:10:04.0067 6296  TermService - ok
15:10:04.0098 6296  [ F6B5B4E5AFA31B402E912811B8CE5A4C ] teVirtualMIDI32 C:\Windows\system32\DRIVERS\teVirtualMIDI32.sys
15:10:04.0176 6296  teVirtualMIDI32 - ok
15:10:04.0208 6296  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\Windows\system32\themeservice.dll
15:10:04.0270 6296  Themes - ok
15:10:04.0332 6296  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\Windows\system32\mmcss.dll
15:10:04.0395 6296  THREADORDER - ok
15:10:04.0410 6296  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\Windows\System32\trkwks.dll
15:10:04.0488 6296  TrkWks - ok
15:10:04.0582 6296  [ BE45DAD1C73A3216EDC8C485916F6594 ] truecrypt       C:\Windows\system32\drivers\truecrypt.sys
15:10:04.0629 6296  truecrypt - ok
15:10:04.0707 6296  [ F2AEE22231046CAD8D2F94D2C0F9BEFB ] trufos          C:\Windows\system32\DRIVERS\trufos.sys
15:10:04.0754 6296  trufos - ok
15:10:04.0832 6296  [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:10:04.0910 6296  TrustedInstaller - ok
15:10:04.0941 6296  [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:10:05.0019 6296  tssecsrv - ok
15:10:05.0081 6296  [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:10:05.0112 6296  TsUsbFlt - ok
15:10:05.0128 6296  tsusbhub - ok
15:10:05.0175 6296  [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:10:05.0253 6296  tunnel - ok
15:10:05.0300 6296  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
15:10:05.0346 6296  uagp35 - ok
15:10:05.0378 6296  [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:10:05.0440 6296  udfs - ok
15:10:05.0471 6296  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:10:05.0549 6296  UI0Detect - ok
15:10:05.0612 6296  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:10:05.0658 6296  uliagpkx - ok
15:10:05.0705 6296  [ D295BED4B898F0FD999FCFA9B32B071B ] umbus           C:\Windows\system32\drivers\umbus.sys
15:10:05.0768 6296  umbus - ok
15:10:05.0799 6296  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
15:10:05.0861 6296  UmPass - ok
15:10:05.0908 6296  [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService    C:\Windows\System32\umrdp.dll
15:10:05.0986 6296  UmRdpService - ok
15:10:06.0126 6296  [ 32BE9DFF9A8DFE2EACA30E0A63C523AE ] UPDATESRV       C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe
15:10:06.0173 6296  UPDATESRV - ok
15:10:06.0220 6296  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\Windows\System32\upnphost.dll
15:10:06.0329 6296  upnphost - ok
15:10:06.0360 6296  [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:10:06.0423 6296  usbccgp - ok
15:10:06.0470 6296  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:10:06.0532 6296  usbcir - ok
15:10:06.0579 6296  [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
15:10:06.0626 6296  usbehci - ok
15:10:06.0688 6296  [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:10:06.0750 6296  usbhub - ok
15:10:06.0813 6296  [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
15:10:06.0875 6296  usbohci - ok
15:10:06.0906 6296  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:10:06.0984 6296  usbprint - ok
15:10:07.0031 6296  [ F991AB9CC6B908DB552166768176896A ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:10:07.0109 6296  USBSTOR - ok
15:10:07.0187 6296  [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
15:10:07.0234 6296  usbuhci - ok
15:10:07.0296 6296  [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
15:10:07.0374 6296  usbvideo - ok
15:10:07.0437 6296  [ D82F43D15FDAA666856C0190CB73E7C9 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
15:10:07.0499 6296  usb_rndisx - ok
15:10:07.0546 6296  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\Windows\System32\uxsms.dll
15:10:07.0608 6296  UxSms - ok
15:10:07.0640 6296  [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc        C:\Windows\system32\lsass.exe
15:10:07.0686 6296  VaultSvc - ok
15:10:07.0733 6296  [ 226CD9E42BE28A84EC56430FBB57224F ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
15:10:07.0796 6296  VBoxNetAdp - ok
15:10:07.0811 6296  VBoxNetFlt - ok
15:10:07.0889 6296  [ FCE98C43B5C5DB8E0DA8EA0E2B45E044 ] VClone          C:\Windows\system32\DRIVERS\VClone.sys
15:10:07.0967 6296  VClone - ok
15:10:08.0030 6296  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:10:08.0061 6296  vdrvroot - ok
15:10:08.0123 6296  [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds             C:\Windows\System32\vds.exe
15:10:08.0201 6296  vds - ok
15:10:08.0248 6296  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:10:08.0310 6296  vga - ok
15:10:08.0326 6296  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:10:08.0404 6296  VgaSave - ok
15:10:08.0435 6296  VGPU - ok
15:10:08.0482 6296  [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
15:10:08.0529 6296  vhdmp - ok
15:10:08.0591 6296  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
15:10:08.0622 6296  viaagp - ok
15:10:08.0669 6296  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
15:10:08.0747 6296  ViaC7 - ok
15:10:08.0794 6296  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\Windows\system32\drivers\viaide.sys
15:10:08.0825 6296  viaide - ok
15:10:08.0903 6296  [ C2F2911156FDC7817C52829C86DA494E ] vmbus           C:\Windows\system32\drivers\vmbus.sys
15:10:08.0934 6296  vmbus - ok
15:10:08.0966 6296  [ D4D77455211E204F370D08F4963063CE ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
15:10:09.0012 6296  VMBusHID - ok
15:10:09.0044 6296  [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:10:09.0075 6296  volmgr - ok
15:10:09.0122 6296  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:10:09.0168 6296  volmgrx - ok
15:10:09.0231 6296  [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:10:09.0262 6296  volsnap - ok
15:10:09.0402 6296  [ 80E63B86C40C5E067475DC98F845A6DD ] vpnagent        C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
15:10:09.0512 6296  vpnagent - ok
15:10:09.0574 6296  [ EA39F36302DACBCDCDB113313718E768 ] vpnva           C:\Windows\system32\DRIVERS\vpnva.sys
15:10:09.0636 6296  vpnva - ok
15:10:09.0714 6296  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
15:10:09.0761 6296  vsmraid - ok
15:10:09.0855 6296  [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS             C:\Windows\system32\vssvc.exe
15:10:09.0995 6296  VSS - ok
15:10:10.0136 6296  [ 9E4307E413FE90098AC21CC7B9DE4146 ] VSSERV          C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe
15:10:10.0229 6296  VSSERV - ok
15:10:10.0260 6296  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
15:10:10.0307 6296  vwifibus - ok
15:10:10.0385 6296  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\Windows\system32\w32time.dll
15:10:10.0494 6296  W32Time - ok
15:10:10.0541 6296  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
15:10:10.0588 6296  WacomPen - ok
15:10:10.0666 6296  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:10:10.0760 6296  WANARP - ok
15:10:10.0760 6296  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:10:10.0791 6296  Wanarpv6 - ok
15:10:10.0869 6296  [ 691E3285E53DCA558E1A84667F13E15A ] wbengine        C:\Windows\system32\wbengine.exe
15:10:10.0994 6296  wbengine - ok
15:10:11.0025 6296  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:10:11.0072 6296  WbioSrvc - ok
15:10:11.0134 6296  [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:10:11.0196 6296  wcncsvc - ok
15:10:11.0243 6296  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:10:11.0306 6296  WcsPlugInService - ok
15:10:11.0337 6296  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\Windows\system32\DRIVERS\wd.sys
15:10:11.0352 6296  Wd - ok
15:10:11.0415 6296  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:10:11.0446 6296  Wdf01000 - ok
15:10:11.0477 6296  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:10:11.0555 6296  WdiServiceHost - ok
15:10:11.0571 6296  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:10:11.0586 6296  WdiSystemHost - ok
15:10:11.0649 6296  [ A9D880F97530D5B8FEE278923349929D ] WebClient       C:\Windows\System32\webclnt.dll
15:10:11.0680 6296  WebClient - ok
15:10:11.0758 6296  [ F56A25B240391620B6E31ACF656F2018 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:10:11.0820 6296  Wecsvc - ok
15:10:11.0867 6296  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:10:11.0945 6296  wercplsupport - ok
15:10:11.0992 6296  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:10:12.0070 6296  WerSvc - ok
15:10:12.0101 6296  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:10:12.0195 6296  WfpLwf - ok
15:10:12.0210 6296  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:10:12.0242 6296  WIMMount - ok
15:10:12.0304 6296  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
15:10:12.0382 6296  WinDefend - ok
15:10:12.0413 6296  WinHttpAutoProxySvc - ok
15:10:12.0507 6296  [ 320B13F43726EB73B2D7AE8869AFAACE ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:10:12.0585 6296  Winmgmt - ok
15:10:12.0741 6296  [ 895AD0D039FAAE12D4C25E028051344C ] WinRM           C:\Windows\system32\WsmSvc.dll
15:10:13.0037 6296  WinRM - ok
15:10:13.0146 6296  [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
15:10:13.0209 6296  WinUsb - ok
15:10:13.0271 6296  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:10:13.0365 6296  Wlansvc - ok
15:10:13.0427 6296  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
15:10:13.0474 6296  WmiAcpi - ok
15:10:13.0521 6296  [ A1BCA34F741D285E8A7CD3F3E734BBBD ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:10:13.0568 6296  wmiApSrv - ok
15:10:13.0677 6296  [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
15:10:13.0770 6296  WMPNetworkSvc - ok
15:10:13.0802 6296  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:10:13.0911 6296  WPCSvc - ok
15:10:13.0958 6296  [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:10:14.0051 6296  WPDBusEnum - ok
15:10:14.0129 6296  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:10:14.0223 6296  ws2ifsl - ok
15:10:14.0254 6296  [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc          C:\Windows\System32\wscsvc.dll
15:10:14.0301 6296  wscsvc - ok
15:10:14.0301 6296  WSearch - ok
15:10:14.0394 6296  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
15:10:14.0472 6296  wuauserv - ok
15:10:14.0504 6296  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:10:14.0535 6296  WudfPf - ok
15:10:14.0566 6296  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:10:14.0582 6296  WUDFRd - ok
15:10:14.0628 6296  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:10:14.0644 6296  wudfsvc - ok
15:10:14.0675 6296  [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:10:14.0722 6296  WwanSvc - ok
15:10:14.0784 6296  ================ Scan global ===============================
15:10:14.0831 6296  [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
15:10:14.0878 6296  [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
15:10:14.0878 6296  [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
15:10:14.0909 6296  [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
15:10:14.0940 6296  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
15:10:14.0956 6296  [Global] - ok
15:10:14.0956 6296  ================ Scan MBR ==================================
15:10:14.0956 6296  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:10:16.0204 6296  \Device\Harddisk0\DR0 - ok
15:10:16.0220 6296  [ DDAE9D649DB12F6AFF24483F2C298989 ] \Device\Harddisk1\DR1
15:10:16.0391 6296  \Device\Harddisk1\DR1 - ok
15:10:16.0391 6296  ================ Scan VBR ==================================
15:10:16.0407 6296  [ 4F06C2A8A8663D9D1F6B7CCDD9800533 ] \Device\Harddisk0\DR0\Partition1
15:10:16.0407 6296  \Device\Harddisk0\DR0\Partition1 - ok
15:10:16.0422 6296  [ 6614EB9EC682444256531D0A57AD6B57 ] \Device\Harddisk0\DR0\Partition2
15:10:16.0422 6296  \Device\Harddisk0\DR0\Partition2 - ok
15:10:16.0438 6296  [ 334767A10F71411753E7944DD3C22738 ] \Device\Harddisk1\DR1\Partition1
15:10:16.0438 6296  \Device\Harddisk1\DR1\Partition1 - ok
15:10:16.0438 6296  ============================================================
15:10:16.0438 6296  Scan finished
15:10:16.0438 6296  ============================================================
15:10:16.0469 6996  Detected object count: 11
15:10:16.0469 6996  Actual detected object count: 11
15:11:14.0127 6996  epmntdrv ( UnsignedFile.Multi.Generic ) - skipped by user
15:11:14.0127 6996  epmntdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:11:14.0128 6996  EuGdiDrv ( UnsignedFile.Multi.Generic ) - skipped by user
15:11:14.0128 6996  EuGdiDrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:11:14.0130 6996  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
15:11:14.0130 6996  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:11:14.0133 6996  nhcDriverDevice ( UnsignedFile.Multi.Generic ) - skipped by user
15:11:14.0133 6996  nhcDriverDevice ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:11:14.0136 6996  NIHardwareService ( UnsignedFile.Multi.Generic ) - skipped by user
15:11:14.0136 6996  NIHardwareService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:11:14.0138 6996  Notebook Hardware Control Service ( UnsignedFile.Multi.Generic ) - skipped by user
15:11:14.0138 6996  Notebook Hardware Control Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:11:14.0149 6996  NVStrap ( UnsignedFile.Multi.Generic ) - skipped by user
15:11:14.0149 6996  NVStrap ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:11:14.0151 6996  RivaTuner32 ( UnsignedFile.Multi.Generic ) - skipped by user
15:11:14.0151 6996  RivaTuner32 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:11:14.0152 6996  rtpMIDIService ( UnsignedFile.Multi.Generic ) - skipped by user
15:11:14.0152 6996  rtpMIDIService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:11:14.0155 6996  SCDEmu ( UnsignedFile.Multi.Generic ) - skipped by user
15:11:14.0155 6996  SCDEmu ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:11:14.0157 6996  SUService ( UnsignedFile.Multi.Generic ) - skipped by user
15:11:14.0157 6996  SUService ( UnsignedFile.Multi.Generic ) - User select action: Skip
         
__________________

Alt 27.02.2013, 15:36   #4
markusg
/// Malware-holic
 
Bitdefender deaktiviert sich nach Trojanerfund-Meldung - Standard

Bitdefender deaktiviert sich nach Trojanerfund-Meldung



Hi,
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 27.02.2013, 16:46   #5
steaf
 
Bitdefender deaktiviert sich nach Trojanerfund-Meldung - Standard

Bitdefender deaktiviert sich nach Trojanerfund-Meldung



Hi,

für den Scan mit Combofix habe ich versucht, alle Module von Bitdefender auszuschalten. Dennoch gab letzterer während des Scans ca. 300 Warnungen aus.
ComboFix lief dann auch durch, wurde dann aber kurz vorm Reboot unplanmäßig beendet.
Dazu gab's folgendes Log

bdlog:

Code:
ATTFilter
2011-06-23 13:47:02.446 PROFILE  [Midas stop] [85ms]
2011-06-23 13:47:02.664 PROFILE  [StopProxies] [211ms]
2011-06-23 13:47:07.282 PROFILE  [Stop Drivers] [4s:836ms]
2011-06-23 13:47:07.376 PROFILE  [Unload html] [79ms]
2011-06-23 13:47:07.376 PROFILE  [Registration data] [0ms]
2011-06-23 13:47:07.376 PROFILE  [NPCOMM_MSG_VSSERVDOWN NPC_BDAGENT_MAIN] [0ms]
2011-06-23 13:47:07.376 PROFILE  [GM unload] [0ms]
2011-06-23 13:47:07.422 PROFILE  [Vulner uninit] [56ms]
2011-06-23 13:47:10.496 PROFILE  [Parental uninit] [0ms]
2011-06-23 13:47:10.496 PROFILE  [WSACleanup] [0ms]
2011-06-23 13:47:10.698 PROFILE  [Free SF] [214ms]
2011-06-23 13:47:10.698 PROFILE  [UninitializeMultiUserSupport] [0ms]
2011-06-23 13:47:10.792 PROFILE  [AntiPh & AS unload] [85ms]
2011-06-23 13:47:10.901 PROFILE  [LogUnInit] [0ms]
2011-06-23 15:41:42.974 PROFILE  [Midas stop] [0ms]
2011-06-23 15:41:43.192 PROFILE  [StopProxies] [223ms]
2011-06-23 15:41:45.688 PROFILE  [Stop Drivers] [2s:709ms]
2011-06-23 15:41:45.735 PROFILE  [Unload html] [46ms]
2011-06-23 15:41:45.735 PROFILE  [Registration data] [0ms]
2011-06-23 15:41:45.735 PROFILE  [NPCOMM_MSG_VSSERVDOWN NPC_BDAGENT_MAIN] [0ms]
2011-06-23 15:41:45.735 PROFILE  [GM unload] [0ms]
2011-06-23 15:41:45.735 PROFILE  [Vulner uninit] [0ms]
2011-06-23 15:41:48.480 PROFILE  [Parental uninit] [0ms]
2011-06-23 15:41:48.480 PROFILE  [WSACleanup] [0ms]
2011-06-23 15:41:48.652 PROFILE  [Free SF] [173ms]
2011-06-23 15:41:48.652 PROFILE  [UninitializeMultiUserSupport] [0ms]
2011-06-23 15:41:48.714 PROFILE  [AntiPh & AS unload] [61ms]
2011-06-23 15:41:49.120 PROFILE  [LogUnInit] [0ms]
2011-06-26 11:06:40.982 PROFILE  [Midas stop] [0ms]
2011-06-26 11:06:41.076 PROFILE  [StopProxies] [83ms]
2011-06-26 11:06:45.101 PROFILE  [Stop Drivers] [4s:107ms]
2011-06-26 11:06:45.272 PROFILE  [Unload html] [178ms]
2011-06-26 11:06:45.272 PROFILE  [Registration data] [0ms]
2011-06-26 11:06:45.272 PROFILE  [NPCOMM_MSG_VSSERVDOWN NPC_BDAGENT_MAIN] [0ms]
2011-06-26 11:06:45.272 PROFILE  [GM unload] [0ms]
2011-06-26 11:06:46.458 PROFILE  [Vulner uninit] [1s:173ms]
2011-06-26 11:06:51.497 PROFILE  [Parental uninit] [26ms]
2011-06-26 11:06:51.497 PROFILE  [WSACleanup] [0ms]
2011-06-26 11:06:52.589 PROFILE  [Free SF] [1s:89ms]
2011-06-26 11:06:52.589 PROFILE  [UninitializeMultiUserSupport] [0ms]
2011-06-26 11:06:52.589 PROFILE  [AntiPh & AS unload] [0ms]
2011-06-26 11:06:53.151 PROFILE  [LogUnInit] [0ms]
2011-06-30 08:39:05.357 PROFILE  [Midas stop] [139ms]
2011-06-30 08:39:05.357 PROFILE  [StopProxies] [0ms]
2011-06-30 08:39:07.869 PROFILE  [Stop Drivers] [2s:502ms]
2011-06-30 08:39:07.931 PROFILE  [Unload html] [67ms]
2011-06-30 08:39:07.931 PROFILE  [Registration data] [0ms]
2011-06-30 08:39:07.931 PROFILE  [NPCOMM_MSG_VSSERVDOWN NPC_BDAGENT_MAIN] [0ms]
2011-06-30 08:39:07.931 PROFILE  [GM unload] [0ms]
2011-06-30 08:39:07.931 PROFILE  [Vulner uninit] [0ms]
2011-06-30 08:39:11.472 PROFILE  [Parental uninit] [0ms]
2011-06-30 08:39:11.472 PROFILE  [WSACleanup] [0ms]
2011-06-30 08:39:12.455 PROFILE  [Free SF] [974ms]
2011-06-30 08:39:12.455 PROFILE  [UninitializeMultiUserSupport] [0ms]
2011-06-30 08:39:12.455 PROFILE  [AntiPh & AS unload] [0ms]
2011-06-30 08:39:12.486 PROFILE  [LogUnInit] [0ms]
2011-06-30 20:15:41.892 PROFILE  [Midas stop] [0ms]
2011-06-30 20:15:41.892 PROFILE  [StopProxies] [0ms]
2011-06-30 20:15:46.790 PROFILE  [Stop Drivers] [4s:889ms]
2011-06-30 20:15:46.837 PROFILE  [Unload html] [48ms]
2011-06-30 20:15:46.837 PROFILE  [Registration data] [0ms]
2011-06-30 20:15:46.837 PROFILE  [NPCOMM_MSG_VSSERVDOWN NPC_BDAGENT_MAIN] [0ms]
2011-06-30 20:15:46.837 PROFILE  [GM unload] [0ms]
2011-06-30 20:15:46.915 PROFILE  [Vulner uninit] [87ms]
2011-06-30 20:15:54.715 PROFILE  [Parental uninit] [0ms]
2011-06-30 20:15:54.715 PROFILE  [WSACleanup] [0ms]
2011-06-30 20:15:55.417 PROFILE  [Free SF] [697ms]
2011-06-30 20:15:58.225 PROFILE  [UninitializeMultiUserSupport] [2s:815ms]
2011-06-30 20:15:58.225 PROFILE  [AntiPh & AS unload] [0ms]
2011-06-30 20:15:58.334 PROFILE  [LogUnInit] [0ms]
2011-07-02 13:57:27.119 PROFILE  [Midas stop] [0ms]
2011-07-02 13:57:27.121 PROFILE  [StopProxies] [0ms]
2011-07-02 13:57:27.860 PROFILE  [Stop Drivers] [739ms]
2011-07-02 13:57:27.890 PROFILE  [Unload html] [29ms]
2011-07-02 13:57:27.890 PROFILE  [Registration data] [0ms]
2011-07-02 13:57:27.890 PROFILE  [NPCOMM_MSG_VSSERVDOWN NPC_BDAGENT_MAIN] [0ms]
2011-07-02 13:57:27.891 PROFILE  [GM unload] [0ms]
2011-07-02 13:57:27.893 PROFILE  [Vulner uninit] [2ms]
2011-07-02 13:57:28.155 PROFILE  [Parental uninit] [9ms]
2011-07-02 13:57:28.155 PROFILE  [WSACleanup] [0ms]
2011-07-02 13:57:28.317 PROFILE  [Free SF] [161ms]
2011-07-02 13:57:28.317 PROFILE  [UninitializeMultiUserSupport] [0ms]
2011-07-02 13:57:28.317 PROFILE  [AntiPh & AS unload] [0ms]
2011-07-02 13:57:28.321 PROFILE  [LogUnInit] [0ms]
2011-07-02 13:57:37.319 PROFILE  [CM Stop & eventq uninit] [8s:996ms]
2011-07-02 13:57:37.319 PROFILE  [npcomm uninit] [0ms]
2011-07-02 13:57:37.326 PROFILE  [STOP Received - time] [10s:242ms]
2012-04-16 23:08:30.410 PROFILE  [Midas stop] [0ms]
2012-04-16 23:08:30.410 PROFILE  [StopProxies] [0ms]
2012-04-16 23:08:31.955 PROFILE  [Stop Drivers] [1s:535ms]
2012-04-16 23:08:32.142 PROFILE  [Unload html] [188ms]
2012-04-16 23:08:32.142 PROFILE  [Registration data] [0ms]
2012-04-16 23:08:32.142 PROFILE  [NPCOMM_MSG_VSSERVDOWN NPC_BDAGENT_MAIN] [0ms]
2012-04-16 23:08:32.142 PROFILE  [GM unload] [0ms]
2012-04-16 23:08:32.610 PROFILE  [Vulner uninit] [476ms]
2012-04-16 23:08:34.934 PROFILE  [Parental uninit] [0ms]
2012-04-16 23:08:34.934 PROFILE  [WSACleanup] [0ms]
2012-04-16 23:08:35.948 PROFILE  [Free SF] [1s:12ms]
2012-04-16 23:08:35.948 PROFILE  [UninitializeMultiUserSupport] [0ms]
2012-04-16 23:08:35.948 PROFILE  [AntiPh & AS unload] [0ms]
2012-04-16 23:08:35.979 PROFILE  [LogUnInit] [0ms]
2012-04-16 23:08:49.286 PROFILE  [CM Stop & eventq uninit] [13s:305ms]
2012-04-16 23:08:49.286 PROFILE  [npcomm uninit] [0ms]
2012-04-16 23:08:49.286 PROFILE  [STOP Received - time] [19s:46ms]
2012-05-09 11:22:01.869 PROFILE  [Midas stop] [0ms]
2012-05-09 11:22:01.900 PROFILE  [StopProxies] [26ms]
2012-05-09 11:22:03.959 PROFILE  [Stop Drivers] [2s:96ms]
2012-05-09 11:22:04.084 PROFILE  [Unload html] [119ms]
2012-05-09 11:22:04.084 PROFILE  [Registration data] [0ms]
2012-05-09 11:22:04.084 PROFILE  [NPCOMM_MSG_VSSERVDOWN NPC_BDAGENT_MAIN] [0ms]
2012-05-09 11:22:04.084 PROFILE  [GM unload] [0ms]
2012-05-09 11:22:04.193 PROFILE  [Vulner uninit] [105ms]
2012-05-09 11:22:22.476 PROFILE  [Parental uninit] [0ms]
2012-05-09 11:22:22.476 PROFILE  [WSACleanup] [0ms]
2012-05-09 11:22:23.225 PROFILE  [Free SF] [738ms]
2012-05-09 11:22:23.225 PROFILE  [UninitializeMultiUserSupport] [0ms]
2012-05-09 11:22:23.225 PROFILE  [AntiPh & AS unload] [0ms]
2012-05-09 11:22:23.288 PROFILE  [LogUnInit] [0ms]
2012-05-09 11:23:30.383 PROFILE  [CM Stop & eventq uninit] [67s:88ms]
2012-05-09 11:23:30.383 PROFILE  [npcomm uninit] [0ms]
2012-05-10 08:46:44.471 PROFILE  [Midas stop] [0ms]
2012-05-10 08:46:44.502 PROFILE  [StopProxies] [26ms]
2012-05-10 08:46:45.501 PROFILE  [Stop Drivers] [1s:24ms]
2012-05-10 08:46:45.516 PROFILE  [Unload html] [21ms]
2012-05-10 08:46:45.516 PROFILE  [Registration data] [0ms]
2012-05-10 08:46:45.516 PROFILE  [NPCOMM_MSG_VSSERVDOWN NPC_BDAGENT_MAIN] [0ms]
2012-05-10 08:46:45.516 PROFILE  [GM unload] [0ms]
2012-05-10 08:46:45.797 PROFILE  [Vulner uninit] [276ms]
2012-05-10 08:46:46.016 PROFILE  [Parental uninit] [0ms]
2012-05-10 08:46:46.016 PROFILE  [WSACleanup] [0ms]
2012-05-10 08:46:46.515 PROFILE  [Free SF] [498ms]
2012-05-10 08:46:46.515 PROFILE  [UninitializeMultiUserSupport] [0ms]
2012-05-10 08:46:46.515 PROFILE  [AntiPh & AS unload] [0ms]
2012-05-10 08:46:46.546 PROFILE  [LogUnInit] [0ms]
2012-05-10 08:46:57.060 PROFILE  [CM Stop & eventq uninit] [10s:506ms]
2012-05-10 08:46:57.060 PROFILE  [npcomm uninit] [0ms]
2012-05-10 08:46:57.107 PROFILE  [STOP Received - time] [12s:741ms]
2012-05-15 14:37:07.614 PROFILE  [Midas stop] [15ms]
2012-05-15 14:37:07.630 PROFILE  [StopProxies] [0ms]
2012-05-15 14:37:09.125 PROFILE  [Stop Drivers] [1s:495ms]
2012-05-15 14:37:09.359 PROFILE  [Unload html] [233ms]
2012-05-15 14:37:09.359 PROFILE  [Registration data] [0ms]
2012-05-15 14:37:09.359 PROFILE  [NPCOMM_MSG_VSSERVDOWN NPC_BDAGENT_MAIN] [0ms]
2012-05-15 14:37:09.360 PROFILE  [GM unload] [0ms]
2012-05-15 14:37:09.995 PROFILE  [Vulner uninit] [635ms]
2012-05-15 14:37:38.075 PROFILE  [Parental uninit] [0ms]
2012-05-15 14:37:38.075 PROFILE  [WSACleanup] [0ms]
2012-05-15 14:37:44.081 PROFILE  [Free SF] [6s:7ms]
2012-05-15 14:37:44.081 PROFILE  [UninitializeMultiUserSupport] [0ms]
2012-05-15 14:37:44.081 PROFILE  [AntiPh & AS unload] [0ms]
2012-05-15 14:37:44.316 PROFILE  [LogUnInit] [0ms]
2013-01-29 17:51:43.757 PROFILE  [Midas stop] [292ms]
2013-01-29 17:51:45.411 PROFILE  [Stop Drivers] [1s:663ms]
2013-01-29 17:51:45.411 PROFILE  [Registration data] [0ms]
2013-01-29 17:51:45.411 PROFILE  [NPCOMM_MSG_VSSERVDOWN NPC_BDAGENT_MAIN] [0ms]
2013-01-29 17:51:45.411 PROFILE  [GM unload] [0ms]
2013-01-29 17:51:45.411 PROFILE  [Parental uninit] [0ms]
2013-01-29 17:51:45.411 PROFILE  [WSACleanup] [0ms]
2013-01-29 17:51:46.659 PROFILE  [Free SF] [1s:246ms]
2013-01-29 17:51:46.659 PROFILE  [UninitializeMultiUserSupport] [0ms]
2013-01-29 17:51:46.659 PROFILE  [AntiPh & AS unload] [0ms]
2013-01-29 17:51:46.659 PROFILE  [OBK unload] [0ms]
2013-01-29 17:51:46.706 PROFILE  [LogUnInit] [0ms]
2013-01-29 17:51:53.445 PROFILE  [CM Stop & eventq uninit] [6s:732ms]
2013-01-29 17:51:53.445 PROFILE  [npcomm uninit] [0ms]
2013-01-29 17:51:53.445 PROFILE  [STOP Received - time] [10s:479ms]
2013-01-31 10:08:01.890 PROFILE  [Midas stop] [0ms]
2013-01-31 10:08:02.140 PROFILE  [Stop Drivers] [260ms]
2013-01-31 10:08:02.140 PROFILE  [Registration data] [0ms]
2013-01-31 10:08:02.140 PROFILE  [NPCOMM_MSG_VSSERVDOWN NPC_BDAGENT_MAIN] [0ms]
2013-01-31 10:08:02.140 PROFILE  [GM unload] [0ms]
2013-01-31 10:08:02.155 PROFILE  [Parental uninit] [0ms]
2013-01-31 10:08:02.155 PROFILE  [WSACleanup] [0ms]
2013-01-31 10:08:03.388 PROFILE  [Free SF] [1s:220ms]
2013-01-31 10:08:03.388 PROFILE  [UninitializeMultiUserSupport] [0ms]
2013-01-31 10:08:03.388 PROFILE  [AntiPh & AS unload] [0ms]
2013-01-31 10:08:03.388 PROFILE  [OBK unload] [0ms]
2013-01-31 10:08:04.807 PROFILE  [LogUnInit] [0ms]
2013-01-31 10:08:13.153 PROFILE  [CM Stop & eventq uninit] [8s:342ms]
2013-01-31 10:08:13.153 PROFILE  [npcomm uninit] [0ms]
2013-01-31 10:08:13.169 PROFILE  [STOP Received - time] [11s:330ms]
2013-01-31 18:58:40.645 PROFILE  [Midas stop] [29ms]
2013-01-31 18:58:41.488 PROFILE  [Stop Drivers] [853ms]
2013-01-31 18:58:41.488 PROFILE  [Registration data] [0ms]
2013-01-31 18:58:41.488 PROFILE  [NPCOMM_MSG_VSSERVDOWN NPC_BDAGENT_MAIN] [0ms]
2013-01-31 18:58:41.503 PROFILE  [GM unload] [18ms]
2013-01-31 18:58:41.550 PROFILE  [Parental uninit] [0ms]
2013-01-31 18:58:41.550 PROFILE  [WSACleanup] [0ms]
2013-01-31 18:58:42.283 PROFILE  [Free SF] [744ms]
2013-01-31 18:58:42.283 PROFILE  [UninitializeMultiUserSupport] [0ms]
2013-01-31 18:58:42.315 PROFILE  [AntiPh & AS unload] [16ms]
2013-01-31 18:58:42.315 PROFILE  [OBK unload] [11ms]
2013-01-31 18:58:42.408 PROFILE  [LogUnInit] [0ms]
2013-01-31 18:59:02.376 PROFILE  [CM Stop & eventq uninit] [19s:971ms]
2013-01-31 18:59:02.376 PROFILE  [npcomm uninit] [0ms]
2013-01-31 18:59:02.392 PROFILE  [STOP Received - time] [21s:949ms]
2013-01-31 19:33:04.370 PROFILE  [Midas stop] [0ms]
2013-01-31 19:33:04.401 PROFILE  [Stop Drivers] [32ms]
2013-01-31 19:33:04.401 PROFILE  [Registration data] [0ms]
2013-01-31 19:33:04.417 PROFILE  [NPCOMM_MSG_VSSERVDOWN NPC_BDAGENT_MAIN] [0ms]
2013-01-31 19:33:04.417 PROFILE  [GM unload] [0ms]
2013-01-31 19:33:04.417 PROFILE  [Parental uninit] [0ms]
2013-01-31 19:33:04.417 PROFILE  [WSACleanup] [0ms]
2013-01-31 19:33:04.479 PROFILE  [Free SF] [72ms]
2013-01-31 19:33:04.479 PROFILE  [UninitializeMultiUserSupport] [0ms]
2013-01-31 19:33:04.479 PROFILE  [AntiPh & AS unload] [0ms]
2013-01-31 19:33:04.479 PROFILE  [OBK unload] [0ms]
2013-01-31 19:33:04.510 PROFILE  [LogUnInit] [0ms]
2013-01-31 19:33:06.835 PROFILE  [CM Stop & eventq uninit] [2s:334ms]
2013-01-31 19:33:06.835 PROFILE  [npcomm uninit] [0ms]
2013-01-31 19:33:06.835 PROFILE  [STOP Received - time] [2s:568ms]
2013-01-31 20:52:37.618 PROFILE  [Midas stop] [22ms]
2013-01-31 20:52:38.117 PROFILE  [Stop Drivers] [489ms]
2013-01-31 20:52:38.164 PROFILE  [Registration data] [0ms]
2013-01-31 20:52:38.164 PROFILE  [NPCOMM_MSG_VSSERVDOWN NPC_BDAGENT_MAIN] [0ms]
2013-01-31 20:52:38.164 PROFILE  [GM unload] [0ms]
2013-01-31 20:52:38.164 PROFILE  [Parental uninit] [0ms]
2013-01-31 20:52:38.164 PROFILE  [WSACleanup] [0ms]
2013-01-31 20:52:38.336 PROFILE  [Free SF] [173ms]
2013-01-31 20:52:38.336 PROFILE  [UninitializeMultiUserSupport] [0ms]
2013-01-31 20:52:38.336 PROFILE  [AntiPh & AS unload] [0ms]
2013-01-31 20:52:38.336 PROFILE  [OBK unload] [0ms]
2013-01-31 20:52:38.351 PROFILE  [LogUnInit] [0ms]
2013-01-31 20:53:00.051 PROFILE  [CM Stop & eventq uninit] [21s:700ms]
2013-01-31 20:53:00.051 PROFILE  [npcomm uninit] [0ms]
2013-01-31 20:53:00.566 PROFILE  [STOP Received - time] [22s:963ms]
2013-02-13 12:53:20.454 PROFILE  [Midas stop] [0ms]
2013-02-13 12:53:21.390 PROFILE  [Stop Drivers] [927ms]
2013-02-13 12:53:21.390 PROFILE  [Registration data] [0ms]
2013-02-13 12:53:21.390 PROFILE  [NPCOMM_MSG_VSSERVDOWN NPC_BDAGENT_MAIN] [0ms]
2013-02-13 12:53:21.421 PROFILE  [GM unload] [35ms]
2013-02-13 12:53:21.452 PROFILE  [Parental uninit] [0ms]
2013-02-13 12:53:21.515 PROFILE  [WSACleanup] [0ms]
2013-02-13 12:53:22.575 PROFILE  [Free SF] [1s:57ms]
2013-02-13 12:53:22.575 PROFILE  [UninitializeMultiUserSupport] [0ms]
2013-02-13 12:53:22.591 PROFILE  [AntiPh & AS unload] [15ms]
2013-02-13 12:53:22.591 PROFILE  [OBK unload] [0ms]
2013-02-13 12:53:23.199 PROFILE  [LogUnInit] [0ms]
2013-02-13 12:53:45.367 PROFILE  [CM Stop & eventq uninit] [22s:165ms]
2013-02-13 12:53:45.367 PROFILE  [npcomm uninit] [0ms]
2013-02-13 12:53:45.383 PROFILE  [STOP Received - time] [25s:45ms]
2013-02-19 11:06:56.410 PROFILE  [Midas stop] [0ms]
2013-02-19 11:06:57.361 PROFILE  [Stop Drivers] [949ms]
2013-02-19 11:06:57.361 PROFILE  [Registration data] [0ms]
2013-02-19 11:06:57.361 PROFILE  [NPCOMM_MSG_VSSERVDOWN NPC_BDAGENT_MAIN] [0ms]
2013-02-19 11:06:57.361 PROFILE  [GM unload] [0ms]
2013-02-19 11:06:57.393 PROFILE  [Parental uninit] [27ms]
2013-02-19 11:06:57.393 PROFILE  [WSACleanup] [0ms]
2013-02-19 11:06:58.313 PROFILE  [Free SF] [919ms]
2013-02-19 11:06:58.313 PROFILE  [UninitializeMultiUserSupport] [0ms]
2013-02-19 11:06:58.313 PROFILE  [AntiPh & AS unload] [0ms]
2013-02-19 11:06:58.313 PROFILE  [OBK unload] [0ms]
2013-02-19 11:06:58.407 PROFILE  [LogUnInit] [0ms]
2013-02-19 11:07:18.624 PROFILE  [CM Stop & eventq uninit] [20s:214ms]
2013-02-19 11:07:18.640 PROFILE  [npcomm uninit] [12ms]
2013-02-19 11:07:18.655 PROFILE  [STOP Received - time] [22s:395ms]
2013-02-21 00:01:30.143 PROFILE  [Midas stop] [0ms]
2013-02-21 00:01:30.853 PROFILE  [Stop Drivers] [710ms]
2013-02-21 00:01:30.853 PROFILE  [Registration data] [0ms]
2013-02-21 00:01:30.853 PROFILE  [NPCOMM_MSG_VSSERVDOWN NPC_BDAGENT_MAIN] [0ms]
2013-02-21 00:01:30.854 PROFILE  [GM unload] [0ms]
2013-02-21 00:01:30.854 PROFILE  [Parental uninit] [0ms]
2013-02-21 00:01:30.854 PROFILE  [WSACleanup] [0ms]
2013-02-21 00:01:31.893 PROFILE  [Free SF] [1s:38ms]
2013-02-21 00:01:31.893 PROFILE  [UninitializeMultiUserSupport] [0ms]
2013-02-21 00:01:31.893 PROFILE  [AntiPh & AS unload] [0ms]
2013-02-21 00:01:31.893 PROFILE  [OBK unload] [0ms]
2013-02-21 00:01:31.945 PROFILE  [LogUnInit] [0ms]
2013-02-21 00:01:49.545 PROFILE  [CM Stop & eventq uninit] [17s:599ms]
2013-02-21 00:01:49.545 PROFILE  [npcomm uninit] [0ms]
2013-02-21 00:01:49.602 PROFILE  [STOP Received - time] [19s:603ms]
2013-02-21 15:56:46.081 PROFILE  [Midas stop] [0ms]
2013-02-21 15:56:47.204 PROFILE  [Stop Drivers] [1s:117ms]
2013-02-21 15:56:47.204 PROFILE  [Registration data] [0ms]
2013-02-21 15:56:47.204 PROFILE  [NPCOMM_MSG_VSSERVDOWN NPC_BDAGENT_MAIN] [0ms]
2013-02-21 15:56:47.204 PROFILE  [GM unload] [0ms]
2013-02-21 15:56:47.204 PROFILE  [Parental uninit] [0ms]
2013-02-21 15:56:47.204 PROFILE  [WSACleanup] [0ms]
2013-02-21 15:56:48.608 PROFILE  [Free SF] [1s:396ms]
2013-02-21 15:56:48.608 PROFILE  [UninitializeMultiUserSupport] [0ms]
2013-02-21 15:56:48.608 PROFILE  [AntiPh & AS unload] [0ms]
2013-02-21 15:56:48.608 PROFILE  [OBK unload] [0ms]
2013-02-21 15:56:48.670 PROFILE  [LogUnInit] [0ms]
2013-02-21 18:04:57.319 PROFILE  [Midas stop] [18ms]
2013-02-21 18:04:57.542 PROFILE  [Stop Drivers] [223ms]
2013-02-21 18:04:57.543 PROFILE  [Registration data] [0ms]
2013-02-21 18:04:57.543 PROFILE  [NPCOMM_MSG_VSSERVDOWN NPC_BDAGENT_MAIN] [0ms]
2013-02-21 18:04:57.543 PROFILE  [GM unload] [0ms]
2013-02-21 18:04:57.580 PROFILE  [Parental uninit] [0ms]
2013-02-21 18:04:57.580 PROFILE  [WSACleanup] [0ms]
2013-02-21 18:04:57.947 PROFILE  [Free SF] [367ms]
2013-02-21 18:04:57.948 PROFILE  [UninitializeMultiUserSupport] [0ms]
2013-02-21 18:04:57.948 PROFILE  [AntiPh & AS unload] [0ms]
2013-02-21 18:04:57.948 PROFILE  [OBK unload] [0ms]
2013-02-21 18:04:58.011 PROFILE  [LogUnInit] [0ms]
2013-02-21 18:05:07.654 PROFILE  [CM Stop & eventq uninit] [9s:642ms]
2013-02-21 18:05:07.654 PROFILE  [npcomm uninit] [0ms]
2013-02-21 18:05:07.659 PROFILE  [STOP Received - time] [10s:451ms]
2013-02-26 22:47:02.316 PROFILE  [Midas stop] [27ms]
2013-02-26 22:47:02.753 PROFILE  [Stop Drivers] [438ms]
2013-02-26 22:47:02.753 PROFILE  [Registration data] [0ms]
2013-02-26 22:47:02.753 PROFILE  [NPCOMM_MSG_VSSERVDOWN NPC_BDAGENT_MAIN] [0ms]
2013-02-26 22:47:02.753 PROFILE  [GM unload] [0ms]
2013-02-26 22:47:02.753 PROFILE  [Parental uninit] [0ms]
2013-02-26 22:47:02.753 PROFILE  [WSACleanup] [0ms]
2013-02-26 22:47:03.517 PROFILE  [Free SF] [760ms]
2013-02-26 22:47:03.517 PROFILE  [UninitializeMultiUserSupport] [0ms]
2013-02-26 22:47:03.517 PROFILE  [AntiPh & AS unload] [0ms]
2013-02-26 22:47:03.517 PROFILE  [OBK unload] [0ms]
2013-02-26 22:47:03.517 PROFILE  [LogUnInit] [0ms]
2013-02-26 22:47:25.576 PROFILE  [CM Stop & eventq uninit] [22s:60ms]
2013-02-26 22:47:25.576 PROFILE  [npcomm uninit] [0ms]
2013-02-26 22:47:25.591 PROFILE  [STOP Received - time] [23s:463ms]
2013-02-26 23:10:51.410 PROFILE  [Midas stop] [0ms]
2013-02-26 23:10:51.597 PROFILE  [Stop Drivers] [200ms]
2013-02-26 23:10:51.597 PROFILE  [Registration data] [0ms]
2013-02-26 23:10:51.597 PROFILE  [NPCOMM_MSG_VSSERVDOWN NPC_BDAGENT_MAIN] [0ms]
2013-02-26 23:10:51.644 PROFILE  [GM unload] [43ms]
2013-02-26 23:10:51.706 PROFILE  [Parental uninit] [0ms]
2013-02-26 23:10:51.706 PROFILE  [WSACleanup] [0ms]
2013-02-26 23:10:51.800 PROFILE  [Free SF] [97ms]
2013-02-26 23:10:51.800 PROFILE  [UninitializeMultiUserSupport] [0ms]
2013-02-26 23:10:51.847 PROFILE  [AntiPh & AS unload] [44ms]
2013-02-26 23:10:51.847 PROFILE  [OBK unload] [0ms]
2013-02-26 23:10:51.940 PROFILE  [LogUnInit] [0ms]
2013-02-26 23:10:55.762 PROFILE  [CM Stop & eventq uninit] [3s:820ms]
2013-02-26 23:10:55.762 PROFILE  [npcomm uninit] [0ms]
2013-02-26 23:10:55.762 PROFILE  [STOP Received - time] [4s:699ms]
2013-02-27 15:13:15.808 PROFILE  [Midas stop] [0ms]
2013-02-27 15:13:16.526 PROFILE  [Stop Drivers] [714ms]
2013-02-27 15:13:16.526 PROFILE  [Registration data] [0ms]
2013-02-27 15:13:16.526 PROFILE  [NPCOMM_MSG_VSSERVDOWN NPC_BDAGENT_MAIN] [0ms]
2013-02-27 15:13:16.526 PROFILE  [GM unload] [0ms]
2013-02-27 15:13:16.526 PROFILE  [Parental uninit] [0ms]
2013-02-27 15:13:16.526 PROFILE  [WSACleanup] [0ms]
2013-02-27 15:13:17.898 PROFILE  [Free SF] [1s:383ms]
2013-02-27 15:13:17.898 PROFILE  [UninitializeMultiUserSupport] [0ms]
2013-02-27 15:13:17.898 PROFILE  [AntiPh & AS unload] [0ms]
2013-02-27 15:13:17.930 PROFILE  [OBK unload] [23ms]
2013-02-27 15:13:18.117 PROFILE  [LogUnInit] [0ms]
2013-02-27 15:13:29.037 PROFILE  [CM Stop & eventq uninit] [10s:917ms]
2013-02-27 15:13:29.037 PROFILE  [npcomm uninit] [0ms]
2013-02-27 15:13:29.037 PROFILE  [STOP Received - time] [13s:305ms]
2013-02-27 16:32:13.347 PROFILE  [Midas stop] [0ms]
2013-02-27 16:32:13.425 PROFILE  [Stop Drivers] [67ms]
2013-02-27 16:32:13.425 PROFILE  [Registration data] [0ms]
2013-02-27 16:32:13.425 PROFILE  [NPCOMM_MSG_VSSERVDOWN NPC_BDAGENT_MAIN] [0ms]
2013-02-27 16:32:13.441 PROFILE  [GM unload] [21ms]
2013-02-27 16:32:13.456 PROFILE  [Parental uninit] [0ms]
2013-02-27 16:32:13.456 PROFILE  [WSACleanup] [0ms]
2013-02-27 16:32:13.534 PROFILE  [Free SF] [84ms]
2013-02-27 16:32:13.534 PROFILE  [UninitializeMultiUserSupport] [0ms]
2013-02-27 16:32:13.534 PROFILE  [AntiPh & AS unload] [0ms]
2013-02-27 16:32:13.534 PROFILE  [OBK unload] [0ms]
2013-02-27 16:32:13.566 PROFILE  [LogUnInit] [0ms]
2013-02-27 16:32:17.949 PROFILE  [CM Stop & eventq uninit] [4s:376ms]
2013-02-27 16:32:17.949 PROFILE  [npcomm uninit] [0ms]
2013-02-27 16:32:17.949 PROFILE  [STOP Received - time] [4s:632ms]
         


Alt 27.02.2013, 16:48   #6
markusg
/// Malware-holic
 
Bitdefender deaktiviert sich nach Trojanerfund-Meldung - Standard

Bitdefender deaktiviert sich nach Trojanerfund-Meldung



starte neu,drücke f8 wähle abgesicherter modus, im betroffenen konto anmelden, cf noch mal ausführen, dann neustart und log posten
__________________
--> Bitdefender deaktiviert sich nach Trojanerfund-Meldung

Alt 27.02.2013, 17:42   #7
steaf
 
Bitdefender deaktiviert sich nach Trojanerfund-Meldung - Standard

Bitdefender deaktiviert sich nach Trojanerfund-Meldung



Hi,

Mit dem log von cf hats nun geklappt.
Allerdings komme ich mit den rechner nicht mehr ins netz!!!
Grad schreib ich vom handy.
Any clues?

Hi,

Mit dem log von cf hats nun geklappt.
Allerdings komme ich mit den rechner ins netz!!!
Grad schreib ich vom handy.
Any clues?

Geändert von steaf (27.02.2013 um 17:51 Uhr) Grund: schreibfehler

Alt 27.02.2013, 18:34   #8
markusg
/// Malware-holic
 
Bitdefender deaktiviert sich nach Trojanerfund-Meldung - Standard

Bitdefender deaktiviert sich nach Trojanerfund-Meldung



welche fehlermeldung gibts wenn du ins netz willst
Ein Leitfaden und Tutorium zur Nutzung von ComboFix
versuch mal die reperatur
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 27.02.2013, 20:23   #9
steaf
 
Bitdefender deaktiviert sich nach Trojanerfund-Meldung - Standard

Bitdefender deaktiviert sich nach Trojanerfund-Meldung



Ne Fehlermeldung gibt's überhaupt nicht. Chrome und Ff laden eben keine Seiten mehr. Wenn ichs im Win Netz- und freigabecenter checke gibt's aber noch traffic.

Alt 27.02.2013, 20:28   #10
markusg
/// Malware-holic
 
Bitdefender deaktiviert sich nach Trojanerfund-Meldung - Standard

Bitdefender deaktiviert sich nach Trojanerfund-Meldung



hattest du die reperatur versucht. kommt gar keine seite, oder seite nicht gefunden?
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 27.02.2013, 20:54   #11
steaf
 
Bitdefender deaktiviert sich nach Trojanerfund-Meldung - Standard

Bitdefender deaktiviert sich nach Trojanerfund-Meldung



Reparatur hab ich noch nicht versucht.
Krieg immer die meldung "seite konnte nicht gefunden werden."
Grad bin ich aber nicht am rechner. Ich probiers morgen nochmal so wie im cf tutorial beschrieben und meld mich dann wieder.
Vielen dank einstweilen und gute n8.

Hi,

Das sieht alles gar nicht gut aus. Reparieren hat nix gebracht.
Zusätzlich kann man bitdefender nun nach dem neustart nicht mal megr einschalten

Hi,

Das sieht alles gar nicht gut aus. Reparieren hat nix gebracht. Zusätzlich kann man bitdefender nun nach dem neustart nicht mal mehr einschalten

Hi,

Das sieht alles gar nicht gut aus. Reparieren hat nix gebracht. Zusätzlich kann man bitdefender nun nach dem neustart nicht mal mehr einschalten

Hi,

Das sieht alles gar nicht gut aus. Reparieren hat nix gebracht. Zusätzlich kann man bitdefender nun nach dem neustart nicht mal mehr einschalten.

Hi,

sitz jetzt wieder an dem betroffenen Rechner. Mache derzeit einen Scan mit Knopicilin. Die Reparatur des WLAN-Adapters hat keine Besserung gebracht.
Es gibt nun zusätzlich folgendes Problem: Bitdefender lässt sich nun überhaupt nicht mehr aktivieren.
Ich poste mal das CF Log

Code:
ATTFilter
ComboFix 13-02-26.01 - steaf 27.02.2013  16:54:06.3.2 - x86 MINIMAL

Microsoft Windows 7 Ultimate   6.1.7601.1.1252.49.1031.18.3070.2149 [GMT 1:00]

ausgeführt von:: c:\users\steaf\Desktop\ComboFix.exe

AV: Bitdefender Virenschutz *Disabled/Outdated* {9B5F5313-CAF9-DD97-C460-E778420237B4}

FW: Bitdefender Firewall *Disabled* {A364D236-8096-DCCF-EF3F-4E4DBCD170CF}

SP: Bitdefender Spyware-Schutz *Disabled/Outdated* {203EB2F7-ECC3-D219-FED0-DC0A39857D09}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 * Neuer Wiederherstellungspunkt wurde erstellt

.

.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\windows\system32\drivers\ati4irxx.sys

.

.

(((((((((((((((((((((((   Dateien erstellt von 2013-01-27 bis 2013-02-27  ))))))))))))))))))))))))))))))

.

.

2013-02-27 16:04 . 2013-02-27 16:12	--------	d-----w-	c:\users\steaf\AppData\Local\temp

2013-02-27 16:04 . 2013-02-27 16:04	--------	d-----w-	c:\users\TRAKTOR\AppData\Local\temp

2013-02-27 16:04 . 2013-02-27 16:04	--------	d-----w-	c:\users\Default\AppData\Local\temp

2013-02-27 16:04 . 2013-02-27 16:04	--------	d-----w-	c:\users\Administrator\AppData\Local\temp

2013-02-27 13:42 . 2013-02-27 13:42	--------	d-----w-	c:\program files\ESET

2013-02-27 13:38 . 2012-12-14 15:49	21104	----a-w-	c:\windows\system32\drivers\mbam.sys

2013-02-26 19:32 . 2013-01-13 19:53	187392	----a-w-	c:\windows\system32\UIAnimation.dll

2013-02-21 14:54 . 2010-10-12 23:10	189760	----a-w-	c:\windows\system32\bmidilib.dll

2013-02-21 14:52 . 2010-10-12 23:10	27720	----a-w-	c:\windows\system32\drivers\bomebus.sys

2013-02-21 14:52 . 2010-10-12 23:10	24136	----a-w-	c:\windows\system32\drivers\bomemidi.sys

2013-02-21 14:52 . 2013-02-21 14:52	--------	d-----w-	c:\program files\Bome's Virtual MIDI Port

2013-02-21 14:52 . 2013-02-21 14:52	--------	d-----w-	c:\program files\Bonjour

2013-02-21 14:51 . 2013-02-21 14:51	--------	d-----w-	c:\program files\TouchOSC Bridge

2013-02-21 11:19 . 2013-02-21 16:12	--------	d-----w-	c:\program files\Mozilla Thunderbird

2013-02-20 22:35 . 2013-02-21 00:56	--------	d-----w-	c:\program files\Tobias Erichsen

2013-02-20 22:34 . 2013-02-20 22:34	--------	d-----w-	c:\program files\Bonjour Print Services

2013-02-19 21:20 . 2013-02-19 21:20	--------	d-----w-	c:\program files\Common Files\Java

2013-02-19 21:20 . 2013-02-19 21:19	94112	----a-w-	c:\windows\system32\WindowsAccessBridge.dll

2013-02-19 10:30 . 2013-02-05 16:52	821824	----a-w-	c:\windows\system32\dgderapi.dll

2013-02-17 17:13 . 2013-02-17 17:13	--------	d-----w-	c:\users\steaf\AppData\Local\bdch

2013-02-17 17:12 . 2013-02-17 17:12	--------	d-----w-	c:\programdata\bdch

2013-02-15 22:31 . 2013-02-15 22:31	186432	----a-w-	c:\program files\Internet Explorer\PLUGINS\nppdf32.dll

2013-02-13 10:02 . 2013-01-08 22:01	768000	----a-w-	c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll

2013-02-13 09:53 . 2013-01-05 05:00	3967848	----a-w-	c:\windows\system32\ntkrnlpa.exe

2013-02-13 09:53 . 2013-01-05 05:00	3913064	----a-w-	c:\windows\system32\ntoskrnl.exe

2013-02-13 09:51 . 2013-01-03 05:05	1293672	----a-w-	c:\windows\system32\drivers\tcpip.sys

2013-02-13 09:51 . 2013-01-03 05:04	187752	----a-w-	c:\windows\system32\drivers\FWPKCLNT.SYS

2013-02-13 09:51 . 2013-01-04 03:00	2347008	----a-w-	c:\windows\system32\win32k.sys

2013-02-13 09:51 . 2013-01-04 04:50	169984	----a-w-	c:\windows\system32\winsrv.dll

2013-02-07 13:46 . 2013-02-07 13:46	--------	d-----w-	c:\users\steaf\AppData\Local\PDF24

2013-02-07 13:45 . 2013-02-07 13:46	--------	d-----w-	c:\program files\PDF24

2013-02-06 17:33 . 2013-02-06 17:33	--------	d-----w-	c:\program files\Evernote

2013-02-06 06:42 . 2013-02-06 06:42	83864	----a-w-	c:\windows\system32\drivers\ssudbus.sys

2013-02-06 06:42 . 2013-02-06 06:42	181784	----a-w-	c:\windows\system32\drivers\ssudmdm.sys

2013-02-05 16:52 . 2013-02-05 16:52	90112	----a-w-	c:\windows\MAMCityDownload.ocx

2013-02-05 16:52 . 2013-02-05 16:52	330240	----a-w-	c:\windows\MASetupCaller.dll

2013-02-05 16:52 . 2013-02-05 16:52	30568	----a-w-	c:\windows\MusiccityDownload.exe

2013-01-31 10:24 . 2013-01-31 10:24	--------	d-----w-	c:\users\TRAKTOR\AppData\Local\Macromedia

2013-01-31 10:22 . 2013-01-31 10:22	--------	d-----w-	c:\users\TRAKTOR\AppData\Local\Mozilla

2013-01-31 09:21 . 2013-01-31 09:21	--------	d-----w-	c:\users\TRAKTOR\AppData\Roaming\OpenOffice.org

2013-01-31 09:15 . 2013-01-31 09:15	--------	d-----w-	c:\users\TRAKTOR\AppData\Roaming\Bitdefender

2013-01-29 10:48 . 2012-04-17 12:40	72704	----a-w-	c:\windows\system32\drivers\bdvedisk.sys

2013-01-29 10:48 . 2013-01-30 20:38	66392	----a-w-	c:\windows\system32\drivers\bdsandbox.sys

2013-01-29 10:48 . 2012-07-06 13:13	77192	----a-w-	c:\windows\system32\drivers\BdfNdisf6.sys

2013-01-29 10:48 . 2007-04-11 09:11	511328	----a-w-	c:\windows\capicom.dll

2013-01-29 10:48 . 2012-11-02 12:17	242504	----a-w-	c:\windows\system32\drivers\avchv.sys

2013-01-29 10:48 . 2013-01-30 20:38	482928	----a-w-	c:\windows\system32\drivers\avckf.sys

2013-01-29 10:48 . 2013-01-30 20:38	625128	----a-w-	c:\windows\system32\drivers\avc3.sys

2013-01-29 10:47 . 2013-01-29 16:55	--------	d-----w-	c:\users\steaf\AppData\Roaming\Bitdefender

2013-01-29 10:47 . 2013-01-29 10:50	--------	d-----w-	c:\programdata\Bitdefender

2013-01-29 10:44 . 2012-08-29 16:24	161312	----a-w-	c:\windows\system32\drivers\gzflt.sys

2013-01-29 10:44 . 2012-10-31 11:13	343456	----a-w-	c:\windows\system32\drivers\trufos.sys

.

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-02-19 21:19 . 2012-06-25 05:28	861088	----a-w-	c:\windows\system32\npdeployJava1.dll

2013-02-19 21:19 . 2010-05-14 06:40	782240	----a-w-	c:\windows\system32\deployJava1.dll

2013-02-18 10:35 . 2011-05-19 18:30	22528	----a-w-	c:\windows\system32\drivers\nhcDriver.sys

2013-02-10 18:49 . 2012-04-09 11:00	697712	----a-w-	c:\windows\system32\FlashPlayerApp.exe

2013-02-10 18:49 . 2011-05-21 07:50	74096	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl

2013-02-05 16:53 . 2012-07-28 08:48	4659712	----a-w-	c:\windows\system32\Redemption.dll

2013-01-31 18:41 . 2012-07-24 19:16	83872	----a-w-	c:\windows\system32\drivers\atksgt.sys

2013-01-31 18:41 . 2012-07-24 19:16	25888	----a-w-	c:\windows\system32\drivers\lirsgt.sys

2013-01-24 02:36 . 2012-08-04 08:39	42971	----a-w-	c:\windows\system32\pdreceive.exe

2013-01-24 02:36 . 2012-08-04 08:39	35836	----a-w-	c:\windows\system32\pdsend.exe

2012-12-28 09:01 . 2012-08-04 08:39	37587	----a-w-	c:\windows\system32\cyclist.exe

2012-12-16 14:13 . 2012-12-27 11:33	295424	----a-w-	c:\windows\system32\atmfd.dll

2012-12-16 14:13 . 2012-12-27 11:33	34304	----a-w-	c:\windows\system32\atmlib.dll

2012-12-07 12:26 . 2013-01-09 11:26	308736	----a-w-	c:\windows\system32\Wpc.dll

2012-12-07 12:20 . 2013-01-09 11:26	2576384	----a-w-	c:\windows\system32\gameux.dll

2012-12-07 10:46 . 2013-01-09 11:26	43520	----a-w-	c:\windows\system32\csrr.rs

2012-12-07 10:46 . 2013-01-09 11:26	30720	----a-w-	c:\windows\system32\usk.rs

2012-12-07 10:46 . 2013-01-09 11:26	45568	----a-w-	c:\windows\system32\oflc-nz.rs

2012-12-07 10:46 . 2013-01-09 11:26	44544	----a-w-	c:\windows\system32\pegibbfc.rs

2012-12-07 10:46 . 2013-01-09 11:26	20480	----a-w-	c:\windows\system32\pegi-pt.rs

2012-12-07 10:46 . 2013-01-09 11:26	23552	----a-w-	c:\windows\system32\oflc.rs

2012-12-07 10:46 . 2013-01-09 11:26	20480	----a-w-	c:\windows\system32\pegi-fi.rs

2012-12-07 10:46 . 2013-01-09 11:26	46592	----a-w-	c:\windows\system32\fpb.rs

2012-12-07 10:46 . 2013-01-09 11:26	20480	----a-w-	c:\windows\system32\pegi.rs

2012-12-07 10:46 . 2013-01-09 11:26	21504	----a-w-	c:\windows\system32\grb.rs

2012-12-07 10:46 . 2013-01-09 11:26	40960	----a-w-	c:\windows\system32\cob-au.rs

2012-12-07 10:46 . 2013-01-09 11:26	15360	----a-w-	c:\windows\system32\djctq.rs

2012-12-07 10:46 . 2013-01-09 11:26	55296	----a-w-	c:\windows\system32\cero.rs

2012-12-07 10:46 . 2013-01-09 11:26	51712	----a-w-	c:\windows\system32\esrb.rs

2012-11-30 04:47 . 2013-01-09 11:27	293376	----a-w-	c:\windows\system32\KernelBase.dll

2012-11-30 04:45 . 2013-01-09 11:27	4608	---ha-w-	c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 11:27	4096	---ha-w-	c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 11:27	4096	---ha-w-	c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 11:27	4096	---ha-w-	c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 11:27	4096	---ha-w-	c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 11:27	3584	---ha-w-	c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 11:27	3584	---ha-w-	c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 11:27	3584	---ha-w-	c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 11:27	3584	---ha-w-	c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 11:27	3584	---ha-w-	c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 11:27	3584	---ha-w-	c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 11:27	3072	---ha-w-	c:\windows\system32\api-ms-win-core-string-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 11:27	3072	---ha-w-	c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 11:27	3072	---ha-w-	c:\windows\system32\api-ms-win-core-io-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 11:26	4096	---ha-w-	c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 11:26	3072	---ha-w-	c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 11:27	5120	---ha-w-	c:\windows\system32\api-ms-win-core-file-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 11:27	3072	---ha-w-	c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 11:27	3072	---ha-w-	c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 11:27	3072	---ha-w-	c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 11:27	3072	---ha-w-	c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 11:27	3072	---ha-w-	c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 11:27	3072	---ha-w-	c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 11:26	3072	---ha-w-	c:\windows\system32\api-ms-win-core-console-l1-1-0.dll

2012-11-30 02:55 . 2013-01-09 11:27	271360	----a-w-	c:\windows\system32\conhost.exe

2012-11-30 02:38 . 2013-01-09 11:26	6144	---ha-w-	c:\windows\system32\api-ms-win-security-base-l1-1-0.dll

2012-11-30 02:38 . 2013-01-09 11:26	4608	---ha-w-	c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2012-11-30 02:38 . 2013-01-09 11:26	3584	---ha-w-	c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2012-11-30 02:38 . 2013-01-09 11:26	3072	---ha-w-	c:\windows\system32\api-ms-win-core-util-l1-1-0.dll

2013-02-20 16:14 . 2013-02-20 16:13	263064	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll

.

.

------- Sigcheck -------

Note: Unsigned files aren't necessarily malware.

.

Kryptografiedienst Fehler !!

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32	129272	----a-w-	c:\users\steaf\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32	129272	----a-w-	c:\users\steaf\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32	129272	----a-w-	c:\users\steaf\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox1]

@="{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}"

[HKEY_CLASSES_ROOT\CLSID\{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}]

2012-10-18 16:25	240920	----a-w-	c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox2]

@="{342DAA0B-D796-460D-8566-901E08A1CCAD}"

[HKEY_CLASSES_ROOT\CLSID\{342DAA0B-D796-460D-8566-901E08A1CCAD}]

2012-10-18 16:25	240920	----a-w-	c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox3]

@="{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}"

[HKEY_CLASSES_ROOT\CLSID\{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}]

2012-10-18 16:25	240920	----a-w-	c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox4]

@="{33816773-98AE-4723-ADE0-EBE54C8B5A67}"

[HKEY_CLASSES_ROOT\CLSID\{33816773-98AE-4723-ADE0-EBE54C8B5A67}]

2012-10-18 16:25	240920	----a-w-	c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]

"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]

"SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2012-02-06 451856]

"KiesPreload"="c:\program files\Samsung\Kies\Kies.exe" [2013-02-13 1509232]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-08-28 1557800]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2012-12-18 38112]

"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]

"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-11-05 283160]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-06 13605408]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-06 92704]

"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2000-01-01 10996368]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]

"Bdagent"="c:\program files\Bitdefender\Bitdefender 2013\bdagent.exe" [2013-01-30 1615368]

"PDFPrint"="c:\program files\PDF24\pdf24.exe" [2012-12-12 163000]

"NotebookHardwareControl"="c:\program files\Notebook Hardware Control\nhc.exe" [2007-05-04 2629632]

"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2013-02-13 310128]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

.

c:\users\steaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dropbox.lnk - c:\users\steaf\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-1-20 28539272]

EvernoteClipper.lnk - c:\program files\Evernote\Evernote\EvernoteClipper.exe [2013-1-29 1078624]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2011-5-12 894240]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"midi1"=myokent.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2012-12-03 07:35	946352	----a-w-	c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]

2012-10-11 20:56	59280	----a-w-	c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bonus.SSR.FR11]

2011-08-30 21:43	925960	----a-w-	c:\program files\ABBYY FineReader 11\Bonus.ScreenshotReader.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cisco AnyConnect Secure Mobility Agent for Windows]

2012-08-03 19:52	685048	----a-w-	c:\program files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]

2012-07-11 20:51	138096	----atw-	c:\users\steaf\AppData\Local\Facebook\Update\FacebookUpdate.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KeePass 2 PreLoad]

2010-09-05 08:30	1655296	----a-w-	c:\program files\KeePass Password Safe 2\KeePass.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]

2013-02-13 18:38	844144	----a-w-	c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]

2013-02-13 18:38	1509232	----a-w-	c:\program files\Samsung\Kies\Kies.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]

2013-02-13 18:38	310128	----a-w-	c:\program files\Samsung\Kies\KiesTrayAgent.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NotebookHardwareControl]

2007-05-04 00:33	2629632	----a-w-	c:\program files\Notebook Hardware Control\nhc.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]

2009-03-06 09:52	13605408	----a-w-	c:\windows\System32\nvcpl.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]

2009-03-06 09:52	92704	----a-w-	c:\windows\System32\nvmctray.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2012-10-25 02:12	421888	----a-w-	c:\program files\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

2012-07-03 08:04	252848	----a-w-	c:\program files\Common Files\Java\Java Update\jusched.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceAndNoImpersonation	REG_MULTI_SZ   	SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc

GPSvcGroup	REG_MULTI_SZ   	GPSvc

.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalService

FontCache

.

.

Inhalt des "geplante Tasks" Ordners

.

2013-02-27 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-09 18:49]

.

2013-02-26 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3663126332-4148620046-1305769861-1001Core.job

- c:\users\steaf\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-02-08 20:51]

.

2013-02-27 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3663126332-4148620046-1305769861-1001UA.job

- c:\users\steaf\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-02-08 20:51]

.

2013-02-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-28 19:31]

.

2013-02-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-28 19:31]

.

2013-02-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3663126332-4148620046-1305769861-1001Core.job

- c:\users\steaf\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-08 14:37]

.

2013-02-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3663126332-4148620046-1305769861-1001UA.job

- c:\users\steaf\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-08 14:37]

.

.

------- Zusätzlicher Suchlauf -------

.

mStart Page = about:blank

uInternet Settings,ProxyOverride = *.local

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: &Citavi Picker... - file://c:\programdata\Swiss Academic Software\Citavi Picker\Internet Explorer\ShowContextMenu.html

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: An vorhandene PDF-Datei anfügen - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

IE: Bild an &Bluetooth-Gerät senden... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm

IE: Free YouTube Download - c:\users\steaf\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm

IE: Free YouTube to MP3 Converter - c:\users\steaf\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

IE: Linkziel an vorhandene PDF-Datei anhängen - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Linkziel in Adobe PDF konvertieren - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Neue Notiz - c:\program files\Evernote\Evernote\\EvernoteIERes\NewNote.html

IE: Seite an &Bluetooth-Gerät senden... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm

IE: Zu Evernote 4 hinzufügen - c:\program files\Evernote\Evernote\\EvernoteIERes\Clip.html

Trusted Zone: uni-frankfurt.de\vpn-einwahl

TCP: DhcpNameServer = 192.168.2.1

TCP: Interfaces\{13F2E3EC-45EA-41E7-A5AC-5EB6C31FD282}\75C414E4D2030313144364136413035433: DhcpNameServer = 192.168.2.1

DPF: {816BE035-1450-40D0-8A3B-BA7825A83A77} - hxxp://support.lenovo.com/Resources/Lenovo/AutoDetect/Lenovo_AutoDetect2.cab

FF - ProfilePath - c:\users\steaf\AppData\Roaming\Mozilla\Firefox\Profiles\q7w4xs56.default\

.

.

------- Dateityp-Verknüpfung -------

.

vbefile\shell\open2\command="%SystemRoot%\System32\CScript.exe" "%1" %*

vbsfile\shell\open2\command="%SystemRoot%\System32\CScript.exe" "%1" %*

jsefile\shell\open2\command=c:\windows\System32\CScript.exe "%1" %*

.

- - - - Entfernte verwaiste Registrierungseinträge - - - -

.

HKCU-Run-ALBATTTOOL - c:\program files\AkkuLine.de\AkkuLine Batterie-Tool\AL-Batterie-Tool.exe

HKCU-Run-KiesAirMessage - c:\program files\Samsung\Kies\KiesAirMessage.exe

MSConfigStartUp-Acrobat Assistant 8 - c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe

MSConfigStartUp-Adobe Acrobat Speed Launcher - c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe

MSConfigStartUp-AllShareAgent - c:\program files\Samsung\AllShare\AllShareAgent.exe

MSConfigStartUp-DriverMax_RESTART - c:\program files\Innovative Solutions\DriverMax\devices.exe

MSConfigStartUp-GMX MediaCenter Syncmanager - c:\users\steaf\AppData\Roaming\GMX\GMX MediaCenter Syncmanager\SmartDriveSync.exe

MSConfigStartUp-KiesAirMessage - c:\program files\Samsung\Kies\KiesAirMessage.exe

MSConfigStartUp-MWS Reader 4 - c:\program files\MWS Reader 4\mwsr4.exe

AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe

AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe

AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe

AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe

AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe

AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe

AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe

AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe

AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe

AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe

AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe

.

.

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

--------------------- Durch laufende Prozesse gestartete DLLs ---------------------

.

- - - - - - - > 'Explorer.exe'(4776)

c:\users\steaf\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll

c:\program files\Lenovo\Bluetooth Software\btmmhook.dll

c:\windows\system32\SAMLIB.dll

c:\windows\system32\samcli.dll

c:\windows\system32\netutils.dll

c:\windows\system32\MPR.dll

c:\windows\System32\nlaapi.dll

c:\program files\Lenovo\Bluetooth Software\btncopy.dll

c:\windows\system32\dhcpcsvc.DLL

c:\windows\system32\dhcpcsvc6.DLL

c:\windows\system32\Wlanapi.dll

c:\windows\system32\wlanutil.dll

c:\windows\System32\netprofm.dll

c:\windows\system32\wkscli.dll

.

------------------------ Weitere laufende Prozesse ------------------------

.

c:\program files\Bitdefender\Bitdefender 2013\vsserv.exe

c:\windows\system32\nvvsvc.exe

c:\program files\Sandboxie\SbieSvc.exe

c:\windows\system32\rundll32.exe

c:\program files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe

c:\windows\system32\WLANExt.exe

c:\windows\system32\conhost.exe

c:\program files\ABBYY FineReader 11\NetworkLicenseServer.exe

c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\program files\Lenovo\Bluetooth Software\btwdins.exe

c:\program files\Intel\WiFi\bin\EvtEng.exe

c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe

c:\program files\Notebook Hardware Control\nhcservice.exe

c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe

c:\program files\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe

c:\program files\TeamViewer\Version7\TeamViewer_Service.exe

c:\program files\Bitdefender\Bitdefender 2013\updatesrv.exe

c:\program files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe

c:\windows\System32\WUDFHost.exe

c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

c:\program files\Windows Media Player\wmpnetwk.exe

c:\windows\system32\taskhost.exe

c:\windows\system32\conhost.exe

c:\windows\System32\rundll32.exe

c:\program files\Synaptics\SynTP\SynTPHelper.exe

.

**************************************************************************

.

Zeit der Fertigstellung: 2013-02-27  17:18:10 - PC wurde neu gestartet

ComboFix-quarantined-files.txt  2013-02-27 16:18

.

Vor Suchlauf: 4.899.651.584 Bytes frei

Nach Suchlauf: 4.598.808.576 Bytes frei

.

- - End Of File - - 2B15A719F2787DCA81DB2B901287E899
         
WARUM hängt das Forum meine weiteren Beiträge denn immer an den letzten an und macht keinen neuen??

Außerdem kann ich keine alten Beiträge editieren!!

Versteh ich nicht

Alt 28.02.2013, 13:07   #12
markusg
/// Malware-holic
 
Bitdefender deaktiviert sich nach Trojanerfund-Meldung - Standard

Bitdefender deaktiviert sich nach Trojanerfund-Meldung



öffne mal internet explorer, extras einstellungen
verbindungen, einstellungen, prüfe ob ein proxy server gewählt ist, falls ja, lösche die Einträge und wähle keinen proxy verwenden, auf ok klicken.
dann noch mal internet explorer testen ob er läuft
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 28.02.2013, 13:27   #13
steaf
 
Bitdefender deaktiviert sich nach Trojanerfund-Meldung - Standard

Bitdefender deaktiviert sich nach Trojanerfund-Meldung



Okay,
ein proxy ist nicht gesetzt. Mittlerweile laden die Browser auch wieder.

Allerdings verhält sich BD total komisch. Alles war verstellt bzw. die Konfig war auf "Benutzerdefiniert" eingestellt und da waren alle Einzeldienste ausgeschaltet.

[EDIT] Insbesondere lässt sich der Zugriffs-Schutz nicht wieder aktivieren. [/EDIT]
[EDIT] eben gerade gemerkt, dass sich die Einzeldienste immer gleich wieder deaktivieren. Hilfe. ich trenne den rechner jetzt mal besser vom netz. verfolge dies hier aber von anderer stelle weiter[/EDIT]

Geändert von steaf (28.02.2013 um 13:44 Uhr) Grund: redundante infos

Alt 28.02.2013, 16:57   #14
markusg
/// Malware-holic
 
Bitdefender deaktiviert sich nach Trojanerfund-Meldung - Standard

Bitdefender deaktiviert sich nach Trojanerfund-Meldung



wir schaun mal weiter.
malwarebytes:
Downloade Dir bitte Malwarebytes
  • Installiere
    das Programm in den vorgegebenen Pfad.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Starte Malwarebytes, klicke auf Aktualisierung --> Suche
    nach Aktualisierung
  • Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
  • Wenn der Scan beendet
    ist, klicke auf Ergebnisse anzeigen.
  • Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
  • Poste
    das Logfile, welches sich in Notepad öffnet, hier in den Thread.
  • Nachträglich kannst du den Bericht unter "Log Dateien" finden.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 07.03.2013, 09:46   #15
steaf
 
Bitdefender deaktiviert sich nach Trojanerfund-Meldung - Standard

Bitdefender deaktiviert sich nach Trojanerfund-Meldung



Hallo again,

ich bin jetzt doch zunehmend verunsichert. Der letzte Stand war, dass BD sich auf dem Rechner mit dem Ausgangsproblem ständig ausschaltete bzw. irgendwie der ANtivirusschutz auf "benutzerdefiniert" gestellt wurde und dort sämtliche Optionen enthakt waren. Nach jeder Korrektur wiederholte sich das.

Mein weiteres Vorgehen war dann folgendes. Ich habe die HDD aus dem betroffenen Rechner aus- und in eine Icy-Box eingebaut und die mit meinem anderen REchner (auch BD) durchgescannt. Dies ergab keine Funde.

Wenig später fing mein anderer Rechner (ist erst ein paar Tage alt und läuft mit Win8) ebenfalls an. Nach jedem Neustart war der Autoscan von BD deaktiviert und ich musste händisch nachbessern. Auch hier scheinen sich Einstellungen von BD wie von Geisterhand zu ändern.

Was soll ich nun tun? Der neue REchner ist mir derzeit wichtiger. Wie kann ich mich adäquat um das Problem kümmern?

---------------------------------

Update: Ich habe nun den neuen Rechner mit Malewarebytes gescannt.
Hier jetzt das LOg dazu:

Code:
ATTFilter
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Datenbank Version: v2013.03.06.11

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16484
******* :: ZENBOOK [Administrator]

07/03/2013 10:07:29
mbam-log-2013-03-07 (10-07-29).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 449175
Laufzeit: 1 Stunde(n), 10 Minute(n), 45 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         

Antwort

Themen zu Bitdefender deaktiviert sich nach Trojanerfund-Meldung
aktiviere, beste, besten, bitdefender, deaktiviert, defender, defogger, erkannt, folge, folgendes, fund, gemeldet, gmer, infiziertes, laufe, laufenden, manuell, neustart, security, total, total security, tritt, troja, virus



Ähnliche Themen: Bitdefender deaktiviert sich nach Trojanerfund-Meldung


  1. Windows 7 Bitdefender scheint deaktiviert, Netstat schließt sich von alleine
    Log-Analyse und Auswertung - 16.07.2014 (10)
  2. Win 7 - aktives Fenster deaktiviert sich nach kurzer Zeit von selbst..
    Log-Analyse und Auswertung - 23.06.2014 (32)
  3. McAfee Echtzeit-Scan deaktiviert sich nach ein paar Sekunden automatisch
    Log-Analyse und Auswertung - 30.12.2013 (5)
  4. Trojanerfund nach LAN-Party
    Log-Analyse und Auswertung - 19.11.2013 (11)
  5. Windows Update deaktiviert sich nach Neustart / Internet sporadisch nicht erreichbar / Java Exploits
    Plagegeister aller Art und deren Bekämpfung - 12.04.2013 (9)
  6. Bitdefender deaktiviert sich nach Trojaner-Fund VERSUCH Nr. 2!
    Plagegeister aller Art und deren Bekämpfung - 28.02.2013 (2)
  7. Computer hängt sich auf / bluescreen nach einer installtion und deinstalltion von bitdefender
    Plagegeister aller Art und deren Bekämpfung - 31.01.2013 (7)
  8. Bitdefender Autoscan deaktiviert sich ständig
    Plagegeister aller Art und deren Bekämpfung - 13.07.2012 (29)
  9. Nach BKA Trojaner, Windows Firewall deaktiviert sich (Windows XP)
    Plagegeister aller Art und deren Bekämpfung - 10.06.2012 (1)
  10. Nach Trojanerfund (TR/Riner)-PC versucht sich selber auszuschalten
    Plagegeister aller Art und deren Bekämpfung - 31.12.2010 (22)
  11. Win.Firewall deaktiviert sich für wenige Sekunden nach start
    Plagegeister aller Art und deren Bekämpfung - 13.07.2010 (14)
  12. Bitdefender antivirus und update prüfung deaktiviert???
    Antiviren-, Firewall- und andere Schutzprogramme - 30.09.2009 (3)
  13. Sound deaktiviert sich und Ip kann nach ner zeit nicht mehr gefunden werden
    Log-Analyse und Auswertung - 12.06.2009 (0)
  14. falsche IE Startseite / Plötzliche Meldung von Trojanerfund QLowZones-15
    Log-Analyse und Auswertung - 15.07.2006 (4)
  15. Firewall, Updates & Bitdefender sind deaktiviert & AntiVir-Installation unmöglich!!!
    Alles rund um Windows - 21.02.2006 (5)
  16. XP meldet: Bitdefender 8 Virusscan deaktiviert // und DSL langsam
    Antiviren-, Firewall- und andere Schutzprogramme - 09.02.2005 (2)
  17. Internet deaktiviert sich nach einiger Zeit / Ab und zu Virus Meldung :: Bitte Hilfee
    Log-Analyse und Auswertung - 01.11.2004 (3)

Zum Thema Bitdefender deaktiviert sich nach Trojanerfund-Meldung - Moin, ich habe folgendes Problem. Bitdefender Total Security 2013 deaktiviert sich seit Kurzem. Nach jedem Neustart muss ich es manuell aktivieren. Es deaktiviert sich aber auch im laufenden Betrieb. Das - Bitdefender deaktiviert sich nach Trojanerfund-Meldung...
Archiv
Du betrachtest: Bitdefender deaktiviert sich nach Trojanerfund-Meldung auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.