BKA-Virus Version 1.13

**NH1109** · 17.09.2012, 12:14

"Der Windows-Ressourcenschutz hat keine Integritätsverletzungen gefunden." sagt der Scan...

TB · 18.09.2012, 07:50

Morgen NH1109,

Frage, was würde gegen eine Systemwiederherstellung sprechen? Deine persönlichen Daten bleiben davon unberührt...

Systemwiederherstellung im abgesicherten Modus starten:
Du findest die Systemwiederherstellung unter „Programme, Alle Programme, Zubehör, Systemprogramme“. Hier könntest du entweder automatisch zum letzten Wiederherstellungspunkt zurückkehren, was die von Windows empfohlene Wiederherstellung ist oder einen früheren aussuchen. In deinem Fall solltest du ein Datum vor der Infektion wählen!
Mach einem Klick auf „Fertig stellen“ startet die Systemwiederherstellung. Windows führt danach einen Neustart durch und hat seine Zeitreise rückwärts damit vollendet.

Hier noch eine Anleitung, wie du die Systemwiederherstellung über das erweiterte Menü starten kannst
http://blog.botfrei.de/2011/11/letzt...erherstellung/

Bitte berichten wie es aussieht...

**NH1109** · 18.09.2012, 11:35

Ich habe die Systemwiederherstellung durchgeführt (das hatte ich auch direkt nach der Infizierung mit dem Trojaner bereits gemacht) und jetzt ist der Desktop wieder da. Ich bin mir nur nicht sicher, ob es noch irgendwelche "Überreste" des Trojaners gibt...

TB · 18.09.2012, 11:45

Hallo NH1109,

100% sicher kannst du nur sein bei einer Formatierung mit Neuinstallation.

TDSSKiller von Kaspersky

Wichtig:

Lade den TDSSKiller und entpacke das Archiv auf Deinen Desktop.
Vergewissere Dich, dass die TDSSKiller.exe direkt auf dem Desktop liegt (nicht in einem Ordner auf dem Desktop).
Starte die TDSSKiller.exe durch Doppelklick.
Vista- und Windows7-User mit Rechtsklick und als Administrator starten.
Klicke auf Start Scan, um den Suchlauf zu starten.
In den Settings die Additional options nicht anhaken und mit Ok bestätigen.
Klicke erneut auf Start Scan, um den Suchlauf zu starten.
Sollte TDSSKiller Funde machen, wird das Tool fragen, was damit zu tun ist.
In diesem Fall wähle cure, was soviel wie desinfizieren bedeutet.
Bei Funden nach Beendigung des Scans das System neu starten.
Beim Hochfahren des Systems werden die Funde dann bereinigt und/oder gelöscht.
Den Bericht erhälst Du durch Klick auf Report rechts oben. Bitte hier in den Thread posten.
Da nur der letzte Report unter C:\TDSSKiller<random>.txt gespeichert wird, ggfs. ältere Berichte unter einem anderen Namen speichern.

Hier findest Du eine ausführlichere Anleitung.

**NH1109** · 18.09.2012, 12:05

Hier das Ergebnis des Scans:

Code:

13:02:30.0708 5948  TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
13:02:30.0855 5948  ============================================================
13:02:30.0855 5948  Current date / time: 2012/09/18 13:02:30.0855
13:02:30.0855 5948  SystemInfo:
13:02:30.0855 5948  
13:02:30.0855 5948  OS Version: 6.1.7601 ServicePack: 1.0
13:02:30.0855 5948  Product type: Workstation
13:02:30.0855 5948  ComputerName: NIKLAS-PC
13:02:30.0855 5948  UserName: Niklas
13:02:30.0855 5948  Windows directory: C:\windows
13:02:30.0856 5948  System windows directory: C:\windows
13:02:30.0856 5948  Running under WOW64
13:02:30.0856 5948  Processor architecture: Intel x64
13:02:30.0856 5948  Number of processors: 4
13:02:30.0856 5948  Page size: 0x1000
13:02:30.0856 5948  Boot type: Normal boot
13:02:30.0856 5948  ============================================================
13:02:31.0360 5948  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:02:31.0365 5948  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:02:31.0368 5948  ============================================================
13:02:31.0368 5948  \Device\Harddisk0\DR0:
13:02:31.0368 5948  MBR partitions:
13:02:31.0368 5948  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
13:02:31.0368 5948  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x34BA1000
13:02:31.0395 5948  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x34C06000, BlocksNum 0x39FD800
13:02:31.0395 5948  \Device\Harddisk1\DR1:
13:02:31.0396 5948  MBR partitions:
13:02:31.0396 5948  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
13:02:31.0396 5948  ============================================================
13:02:31.0434 5948  C: <-> \Device\Harddisk0\DR0\Partition2
13:02:31.0476 5948  D: <-> \Device\Harddisk0\DR0\Partition3
13:02:31.0499 5948  E: <-> \Device\Harddisk1\DR1\Partition1
13:02:31.0499 5948  ============================================================
13:02:31.0500 5948  Initialize success
13:02:31.0500 5948  ============================================================

Ich stehe einer Neuinstallation aufgeschlossen gegenüber...

TB · 18.09.2012, 12:30

Hallo NH1109,

Das kann aber nicht alles sein?!

**NH1109** · 18.09.2012, 12:41

Ich habs nochmal durchgeführt: In den Settings habe ich bei "loaded modules" kein Häkchen gesetzt...

Code:

13:35:06.0993 5364  TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
13:35:07.0180 5364  ============================================================
13:35:07.0180 5364  Current date / time: 2012/09/18 13:35:07.0180
13:35:07.0180 5364  SystemInfo:
13:35:07.0180 5364  
13:35:07.0180 5364  OS Version: 6.1.7601 ServicePack: 1.0
13:35:07.0180 5364  Product type: Workstation
13:35:07.0196 5364  ComputerName: NIKLAS-PC
13:35:07.0196 5364  UserName: Niklas
13:35:07.0196 5364  Windows directory: C:\windows
13:35:07.0196 5364  System windows directory: C:\windows
13:35:07.0196 5364  Running under WOW64
13:35:07.0196 5364  Processor architecture: Intel x64
13:35:07.0196 5364  Number of processors: 4
13:35:07.0196 5364  Page size: 0x1000
13:35:07.0196 5364  Boot type: Normal boot
13:35:07.0196 5364  ============================================================
13:35:09.0723 5364  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:35:09.0723 5364  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:35:09.0739 5364  ============================================================
13:35:09.0739 5364  \Device\Harddisk0\DR0:
13:35:09.0739 5364  MBR partitions:
13:35:09.0739 5364  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
13:35:09.0739 5364  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x34BA1000
13:35:10.0690 5364  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x34C06000, BlocksNum 0x39FD800
13:35:10.0690 5364  \Device\Harddisk1\DR1:
13:35:10.0706 5364  MBR partitions:
13:35:10.0706 5364  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
13:35:10.0706 5364  ============================================================
13:35:10.0768 5364  C: <-> \Device\Harddisk0\DR0\Partition2
13:35:12.0188 5364  D: <-> \Device\Harddisk0\DR0\Partition3
13:35:12.0203 5364  E: <-> \Device\Harddisk1\DR1\Partition1
13:35:12.0203 5364  ============================================================
13:35:12.0203 5364  Initialize success
13:35:12.0203 5364  ============================================================
13:37:03.0931 5424  ============================================================
13:37:03.0931 5424  Scan started
13:37:03.0931 5424  Mode: Manual; 
13:37:03.0931 5424  ============================================================
13:37:05.0974 5424  ================ Scan system memory ========================
13:37:05.0974 5424  System memory - ok
13:37:05.0974 5424  ================ Scan services =============================
13:37:06.0162 5424  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys
13:37:06.0162 5424  1394ohci - ok
13:37:06.0208 5424  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\windows\system32\drivers\ACPI.sys
13:37:06.0208 5424  ACPI - ok
13:37:06.0255 5424  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys
13:37:06.0255 5424  AcpiPmi - ok
13:37:06.0318 5424  [ DC201246A14CB3B274DF59FAF539AB07 ] ACPIVPC         C:\windows\system32\DRIVERS\AcpiVpc.sys
13:37:06.0318 5424  ACPIVPC - ok
13:37:06.0474 5424  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:37:06.0474 5424  AdobeARMservice - ok
13:37:06.0552 5424  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\windows\system32\DRIVERS\adp94xx.sys
13:37:06.0552 5424  adp94xx - ok
13:37:06.0614 5424  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\windows\system32\DRIVERS\adpahci.sys
13:37:06.0614 5424  adpahci - ok
13:37:06.0661 5424  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\windows\system32\DRIVERS\adpu320.sys
13:37:06.0661 5424  adpu320 - ok
13:37:06.0692 5424  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
13:37:06.0692 5424  AeLookupSvc - ok
13:37:06.0770 5424  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\windows\system32\drivers\afd.sys
13:37:06.0770 5424  AFD - ok
13:37:06.0817 5424  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\windows\system32\drivers\agp440.sys
13:37:06.0817 5424  agp440 - ok
13:37:06.0864 5424  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\windows\System32\alg.exe
13:37:06.0864 5424  ALG - ok
13:37:06.0895 5424  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\windows\system32\drivers\aliide.sys
13:37:06.0910 5424  aliide - ok
13:37:06.0910 5424  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\windows\system32\drivers\amdide.sys
13:37:06.0910 5424  amdide - ok
13:37:06.0957 5424  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\windows\system32\DRIVERS\amdk8.sys
13:37:06.0957 5424  AmdK8 - ok
13:37:06.0973 5424  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\windows\system32\DRIVERS\amdppm.sys
13:37:06.0973 5424  AmdPPM - ok
13:37:07.0020 5424  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\windows\system32\drivers\amdsata.sys
13:37:07.0035 5424  amdsata - ok
13:37:07.0082 5424  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\windows\system32\DRIVERS\amdsbs.sys
13:37:07.0098 5424  amdsbs - ok
13:37:07.0129 5424  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\windows\system32\drivers\amdxata.sys
13:37:07.0129 5424  amdxata - ok
13:37:07.0176 5424  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\windows\system32\drivers\appid.sys
13:37:07.0191 5424  AppID - ok
13:37:07.0222 5424  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\windows\System32\appidsvc.dll
13:37:07.0222 5424  AppIDSvc - ok
13:37:07.0456 5424  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\windows\System32\appinfo.dll
13:37:07.0456 5424  Appinfo - ok
13:37:07.0503 5424  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\windows\system32\DRIVERS\arc.sys
13:37:07.0503 5424  arc - ok
13:37:07.0534 5424  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\windows\system32\DRIVERS\arcsas.sys
13:37:07.0534 5424  arcsas - ok
13:37:07.0566 5424  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
13:37:07.0566 5424  AsyncMac - ok
13:37:07.0612 5424  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\windows\system32\drivers\atapi.sys
13:37:07.0612 5424  atapi - ok
13:37:07.0675 5424  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
13:37:07.0690 5424  AudioEndpointBuilder - ok
13:37:07.0706 5424  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\windows\System32\Audiosrv.dll
13:37:07.0706 5424  AudioSrv - ok
13:37:07.0768 5424  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\windows\System32\AxInstSV.dll
13:37:07.0768 5424  AxInstSV - ok
13:37:07.0831 5424  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\windows\system32\DRIVERS\bxvbda.sys
13:37:07.0831 5424  b06bdrv - ok
13:37:07.0909 5424  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\windows\system32\DRIVERS\b57nd60a.sys
13:37:07.0909 5424  b57nd60a - ok
13:37:08.0049 5424  [ 5B5C36B2EC500462A715DB6BCBAF5DA7 ] BCM43XX         C:\windows\system32\DRIVERS\bcmwl664.sys
13:37:08.0080 5424  BCM43XX - ok
13:37:08.0127 5424  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\windows\System32\bdesvc.dll
13:37:08.0143 5424  BDESVC - ok
13:37:08.0221 5424  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\windows\system32\drivers\Beep.sys
13:37:08.0221 5424  Beep - ok
13:37:08.0299 5424  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\windows\System32\bfe.dll
13:37:08.0299 5424  BFE - ok
13:37:08.0377 5424  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\windows\System32\qmgr.dll
13:37:08.0408 5424  BITS - ok
13:37:08.0470 5424  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\windows\system32\DRIVERS\blbdrive.sys
13:37:08.0470 5424  blbdrive - ok
13:37:08.0517 5424  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
13:37:08.0517 5424  bowser - ok
13:37:08.0564 5424  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\windows\system32\DRIVERS\BrFiltLo.sys
13:37:08.0564 5424  BrFiltLo - ok
13:37:08.0564 5424  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\windows\system32\DRIVERS\BrFiltUp.sys
13:37:08.0580 5424  BrFiltUp - ok
13:37:08.0611 5424  [ 34F786535F9245E4028C57B28248C9D8 ] Bridge0         C:\windows\system32\drivers\WDBridge.sys
13:37:08.0611 5424  Bridge0 - ok
13:37:08.0642 5424  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\windows\System32\browser.dll
13:37:08.0658 5424  Browser - ok
13:37:08.0673 5424  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\windows\System32\Drivers\Brserid.sys
13:37:08.0689 5424  Brserid - ok
13:37:08.0736 5424  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys
13:37:08.0736 5424  BrSerWdm - ok
13:37:08.0751 5424  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys
13:37:08.0751 5424  BrUsbMdm - ok
13:37:08.0767 5424  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys
13:37:08.0767 5424  BrUsbSer - ok
13:37:08.0814 5424  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\windows\system32\drivers\BthEnum.sys
13:37:08.0814 5424  BthEnum - ok
13:37:08.0829 5424  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\windows\system32\DRIVERS\bthmodem.sys
13:37:08.0829 5424  BTHMODEM - ok
13:37:08.0845 5424  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\windows\system32\DRIVERS\bthpan.sys
13:37:08.0845 5424  BthPan - ok
13:37:08.0892 5424  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\windows\System32\Drivers\BTHport.sys
13:37:08.0907 5424  BTHPORT - ok
13:37:08.0970 5424  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\windows\system32\bthserv.dll
13:37:08.0985 5424  bthserv - ok
13:37:08.0985 5424  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\windows\System32\Drivers\BTHUSB.sys
13:37:09.0001 5424  BTHUSB - ok
13:37:09.0048 5424  [ 2641A3FE3D7B0646308F33B67F3B5300 ] btusbflt        C:\windows\system32\drivers\btusbflt.sys
13:37:09.0048 5424  btusbflt - ok
13:37:09.0094 5424  [ A72A9101F9730DB7332714E566614E4D ] btwaudio        C:\windows\system32\drivers\btwaudio.sys
13:37:09.0094 5424  btwaudio - ok
13:37:09.0157 5424  [ 5CEEC634B617525F2B6AD29F871033F7 ] btwavdt         C:\windows\system32\drivers\btwavdt.sys
13:37:09.0157 5424  btwavdt - ok
13:37:09.0266 5424  [ FA77B00B7B825DF75960691871CCA3FF ] btwdins         C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
13:37:09.0266 5424  btwdins - ok
13:37:09.0297 5424  [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap        C:\windows\system32\DRIVERS\btwl2cap.sys
13:37:09.0297 5424  btwl2cap - ok
13:37:09.0344 5424  [ 2AF5604D28BEF77B7CF4B9D232FE7CD3 ] btwrchid        C:\windows\system32\DRIVERS\btwrchid.sys
13:37:09.0344 5424  btwrchid - ok
13:37:09.0391 5424  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
13:37:09.0391 5424  cdfs - ok
13:37:09.0438 5424  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\windows\system32\drivers\cdrom.sys
13:37:09.0438 5424  cdrom - ok
13:37:09.0484 5424  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\windows\System32\certprop.dll
13:37:09.0484 5424  CertPropSvc - ok
13:37:09.0531 5424  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\windows\system32\DRIVERS\circlass.sys
13:37:09.0531 5424  circlass - ok
13:37:09.0547 5424  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\windows\system32\CLFS.sys
13:37:09.0562 5424  CLFS - ok
13:37:09.0625 5424  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:37:09.0640 5424  clr_optimization_v2.0.50727_32 - ok
13:37:09.0672 5424  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:37:09.0672 5424  clr_optimization_v2.0.50727_64 - ok
13:37:09.0796 5424  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:37:09.0828 5424  clr_optimization_v4.0.30319_32 - ok
13:37:09.0874 5424  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:37:09.0874 5424  clr_optimization_v4.0.30319_64 - ok
13:37:09.0906 5424  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\windows\system32\DRIVERS\CmBatt.sys
13:37:09.0906 5424  CmBatt - ok
13:37:09.0937 5424  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\windows\system32\drivers\cmdide.sys
13:37:09.0937 5424  cmdide - ok
13:37:09.0999 5424  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\windows\system32\Drivers\cng.sys
13:37:09.0999 5424  CNG - ok
13:37:10.0077 5424  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\windows\system32\DRIVERS\compbatt.sys
13:37:10.0077 5424  Compbatt - ok
13:37:10.0108 5424  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\windows\system32\drivers\CompositeBus.sys
13:37:10.0108 5424  CompositeBus - ok
13:37:10.0124 5424  COMSysApp - ok
13:37:10.0140 5424  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\windows\system32\DRIVERS\crcdisk.sys
13:37:10.0155 5424  crcdisk - ok
13:37:10.0186 5424  [ 4F5414602E2544A4554D95517948B705 ] CryptSvc        C:\windows\system32\cryptsvc.dll
13:37:10.0202 5424  CryptSvc - ok
13:37:10.0358 5424  [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
13:37:10.0358 5424  cvhsvc - ok
13:37:10.0452 5424  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\windows\system32\rpcss.dll
13:37:10.0467 5424  DcomLaunch - ok
13:37:10.0514 5424  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\windows\System32\defragsvc.dll
13:37:10.0514 5424  defragsvc - ok
13:37:10.0592 5424  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\windows\system32\Drivers\dfsc.sys
13:37:10.0592 5424  DfsC - ok
13:37:10.0670 5424  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\windows\system32\dhcpcore.dll
13:37:10.0670 5424  Dhcp - ok
13:37:10.0732 5424  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\windows\system32\drivers\discache.sys
13:37:10.0732 5424  discache - ok
13:37:10.0857 5424  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\windows\system32\DRIVERS\disk.sys
13:37:10.0857 5424  Disk - ok
13:37:10.0951 5424  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\windows\System32\dnsrslvr.dll
13:37:10.0951 5424  Dnscache - ok
13:37:11.0013 5424  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\windows\System32\dot3svc.dll
13:37:11.0013 5424  dot3svc - ok
13:37:11.0060 5424  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\windows\system32\dps.dll
13:37:11.0060 5424  DPS - ok
13:37:11.0138 5424  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
13:37:11.0138 5424  drmkaud - ok
13:37:11.0325 5424  [ 3EEF0B3489EDBF725564E17C77CABAFD ] dsNcAdpt        C:\windows\system32\DRIVERS\dsNcAdpt.sys
13:37:11.0325 5424  dsNcAdpt - ok
13:37:11.0637 5424  [ 60AE3D932BC594FF9CDC91F7CD2C2015 ] dsNcService     C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
13:37:11.0653 5424  dsNcService - ok
13:37:11.0715 5424  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
13:37:11.0715 5424  DXGKrnl - ok
13:37:11.0793 5424  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\windows\System32\eapsvc.dll
13:37:11.0793 5424  EapHost - ok
13:37:11.0902 5424  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\windows\system32\DRIVERS\evbda.sys
13:37:11.0996 5424  ebdrv - ok
13:37:12.0058 5424  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\windows\System32\lsass.exe
13:37:12.0058 5424  EFS - ok
13:37:12.0152 5424  [ C49212D3D964B77D15755412CC55144C ] EgisTec Data Security Service C:\Program Files (x86)\EgisTec BioExcess\EgisDSService.exe
13:37:12.0152 5424  EgisTec Data Security Service - ok
13:37:12.0230 5424  [ FB74FD6A2CBB69926078645010B65943 ] EgisTec Service C:\Program Files (x86)\EgisTec BioExcess\EgisService.exe
13:37:12.0230 5424  EgisTec Service - ok
13:37:12.0339 5424  [ 7C27FA958D752CBF4B28087F44D6F604 ] EgisTec Service Help C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe
13:37:12.0339 5424  EgisTec Service Help - ok
13:37:12.0402 5424  [ 33708C6D915F8DE734CF3ABB0731515B ] EgisTecFF       C:\windows\system32\DRIVERS\EgisTecFF.sys
13:37:12.0402 5424  EgisTecFF - ok
13:37:12.0573 5424  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\windows\ehome\ehRecvr.exe
13:37:12.0573 5424  ehRecvr - ok
13:37:12.0620 5424  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\windows\ehome\ehsched.exe
13:37:12.0620 5424  ehSched - ok
13:37:12.0698 5424  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\windows\system32\DRIVERS\elxstor.sys
13:37:12.0698 5424  elxstor - ok
13:37:12.0932 5424  [ CDCA791AFA0483F44BBA576DBFAFD04D ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE
13:37:12.0932 5424  EPSON_PM_RPCV4_01 - ok
13:37:12.0963 5424  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\windows\system32\drivers\errdev.sys
13:37:12.0963 5424  ErrDev - ok
13:37:13.0119 5424  [ F6AD6E0674EF94390F0554BF946977AF ] ETD             C:\windows\system32\DRIVERS\ETD.sys
13:37:13.0119 5424  ETD - ok
13:37:13.0291 5424  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\windows\system32\es.dll
13:37:13.0291 5424  EventSystem - ok
13:37:13.0384 5424  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\windows\system32\drivers\exfat.sys
13:37:13.0384 5424  exfat - ok
13:37:13.0572 5424  [ D4980588ED87F8BB16BE43DDD0FBD5FE ] F-Secure Filter C:\Program Files (x86)\Vodafone-Sicherheitspaket\Anti-Virus\Win2K\FSfilter.sys
13:37:13.0572 5424  F-Secure Filter - ok
13:37:13.0681 5424  [ 169897DE484A79120AF8C201883EFDC4 ] F-Secure Gatekeeper C:\Program Files (x86)\Vodafone-Sicherheitspaket\Anti-Virus\minifilter\fsgk.sys
13:37:13.0681 5424  F-Secure Gatekeeper - ok
13:37:13.0728 5424  [ A9BE66E05254B20DF82E0F7CDDECA7DD ] F-Secure Gatekeeper Handler Starter C:\Program Files (x86)\Vodafone-Sicherheitspaket\Anti-Virus\fsgk32st.exe
13:37:13.0728 5424  F-Secure Gatekeeper Handler Starter - ok
13:37:13.0790 5424  [ 564AF68FBEC406CBECD42BFCBE144EF3 ] F-Secure HIPS   C:\Program Files (x86)\Vodafone-Sicherheitspaket\HIPS\drivers\fshs.sys
13:37:13.0790 5424  F-Secure HIPS - ok
13:37:13.0821 5424  [ 6CE1195511533C9359F91A9E63792F5E ] F-Secure Recognizer C:\Program Files (x86)\Vodafone-Sicherheitspaket\Anti-Virus\Win2K\FSrec.sys
13:37:13.0821 5424  F-Secure Recognizer - ok
13:37:13.0852 5424  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\windows\system32\drivers\fastfat.sys
13:37:13.0852 5424  fastfat - ok
13:37:13.0946 5424  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\windows\system32\fxssvc.exe
13:37:13.0962 5424  Fax - ok
13:37:13.0993 5424  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\windows\system32\DRIVERS\fdc.sys
13:37:13.0993 5424  fdc - ok
13:37:14.0040 5424  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\windows\system32\fdPHost.dll
13:37:14.0040 5424  fdPHost - ok
13:37:14.0071 5424  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\windows\system32\fdrespub.dll
13:37:14.0071 5424  FDResPub - ok
13:37:14.0102 5424  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
13:37:14.0102 5424  FileInfo - ok
13:37:14.0133 5424  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
13:37:14.0133 5424  Filetrace - ok
13:37:14.0149 5424  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\windows\system32\DRIVERS\flpydisk.sys
13:37:14.0149 5424  flpydisk - ok
13:37:14.0211 5424  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
13:37:14.0211 5424  FltMgr - ok
13:37:14.0274 5424  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\windows\system32\FntCache.dll
13:37:14.0289 5424  FontCache - ok
13:37:14.0352 5424  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:37:14.0352 5424  FontCache3.0.0.0 - ok
13:37:14.0398 5424  [ 54A9C5A6AA0BB0041A4AF7172FFC3D9F ] FPSensor        C:\windows\system32\Drivers\FPSensor.sys
13:37:14.0398 5424  FPSensor - ok
13:37:14.0476 5424  [ F59F2C574AA5D84477EB89F87C938F16 ] fsbts           C:\windows\system32\Drivers\fsbts.sys
13:37:14.0476 5424  fsbts - ok
13:37:14.0539 5424  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
13:37:14.0539 5424  FsDepends - ok
13:37:14.0617 5424  [ 153897703502463F810A365DBBC58B18 ] FSDFWD          C:\Program Files (x86)\Vodafone-Sicherheitspaket\FWES\Program\fsdfwd.exe
13:37:14.0632 5424  FSDFWD - ok
13:37:14.0679 5424  [ 740CCE07189F9833BF865844AC49C0B1 ] FSES            C:\windows\system32\drivers\fses.sys
13:37:14.0679 5424  FSES - ok
13:37:14.0929 5424  [ DEB4D284EBCD430C9F15C6624DC3382B ] FSFW            C:\windows\system32\drivers\fsdfw.sys
13:37:14.0929 5424  FSFW - ok
13:37:15.0241 5424  [ 392E85687A902239C01BADDF212B1A36 ] FSMA            C:\Program Files (x86)\Vodafone-Sicherheitspaket\Common\FSMA32.EXE
13:37:15.0256 5424  FSMA - ok
13:37:15.0381 5424  [ 42AEF6A385354ACA65FC210CE7CE4D7C ] FSORSPClient    C:\Program Files (x86)\Vodafone-Sicherheitspaket\ORSP Client\fsorsp.exe
13:37:15.0381 5424  FSORSPClient - ok
13:37:15.0600 5424  [ 3FCBE4E9C764E05505D4E4B1D6F36786 ] fsvista         C:\Program Files (x86)\Vodafone-Sicherheitspaket\Anti-Virus\minifilter\fsvista.sys
13:37:15.0600 5424  fsvista - ok
13:37:15.0709 5424  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
13:37:15.0709 5424  Fs_Rec - ok
13:37:15.0880 5424  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
13:37:15.0880 5424  fvevol - ok
13:37:15.0990 5424  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\windows\system32\DRIVERS\gagp30kx.sys
13:37:16.0005 5424  gagp30kx - ok
13:37:16.0146 5424  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\windows\System32\gpsvc.dll
13:37:16.0161 5424  gpsvc - ok
13:37:16.0208 5424  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys
13:37:16.0208 5424  hcw85cir - ok
13:37:16.0442 5424  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
13:37:16.0442 5424  HdAudAddService - ok
13:37:16.0520 5424  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\windows\system32\drivers\HDAudBus.sys
13:37:16.0520 5424  HDAudBus - ok
13:37:16.0614 5424  [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64         C:\windows\system32\DRIVERS\HECIx64.sys
13:37:16.0614 5424  HECIx64 - ok
13:37:16.0676 5424  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\windows\system32\DRIVERS\HidBatt.sys
13:37:16.0676 5424  HidBatt - ok
13:37:16.0770 5424  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\windows\system32\DRIVERS\hidbth.sys
13:37:16.0770 5424  HidBth - ok
13:37:16.0941 5424  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\windows\system32\DRIVERS\hidir.sys
13:37:16.0941 5424  HidIr - ok
13:37:17.0019 5424  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\windows\system32\hidserv.dll
13:37:17.0019 5424  hidserv - ok
13:37:17.0175 5424  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\windows\system32\drivers\hidusb.sys
13:37:17.0175 5424  HidUsb - ok
13:37:17.0347 5424  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\windows\system32\kmsvc.dll
13:37:17.0347 5424  hkmsvc - ok
13:37:17.0550 5424  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
13:37:17.0550 5424  HomeGroupListener - ok
13:37:17.0643 5424  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
13:37:17.0643 5424  HomeGroupProvider - ok
13:37:17.0799 5424  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
13:37:17.0799 5424  HpSAMD - ok
13:37:17.0940 5424  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\windows\system32\drivers\HTTP.sys
13:37:17.0940 5424  HTTP - ok
13:37:18.0033 5424  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
13:37:18.0033 5424  hwpolicy - ok
13:37:18.0127 5424  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\windows\system32\drivers\i8042prt.sys
13:37:18.0127 5424  i8042prt - ok
13:37:18.0376 5424  [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON        C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
13:37:18.0423 5424  IAANTMON - ok
13:37:18.0517 5424  [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor          C:\windows\system32\DRIVERS\iaStor.sys
13:37:18.0517 5424  iaStor - ok
13:37:18.0610 5424  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
13:37:18.0626 5424  iaStorV - ok
13:37:18.0954 5424  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:37:19.0032 5424  idsvc - ok
13:37:19.0406 5424  [ 677AA5991026A65ADA128C4B59CF2BAD ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys
13:37:19.0609 5424  igfx - ok
13:37:19.0702 5424  [ D951D20153E51928F9DB2227D6FF5C7A ] IGRS            C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe
13:37:19.0702 5424  IGRS - ok
13:37:19.0780 5424  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\windows\system32\DRIVERS\iirsp.sys
13:37:19.0780 5424  iirsp - ok
13:37:19.0843 5424  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\windows\System32\ikeext.dll
13:37:19.0858 5424  IKEEXT - ok
13:37:19.0905 5424  [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd           C:\windows\system32\DRIVERS\Impcd.sys
13:37:19.0905 5424  Impcd - ok
13:37:20.0030 5424  [ DAECB75C7C2A4BDEAFEAD19A6FD327C5 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
13:37:20.0046 5424  IntcAzAudAddService - ok
13:37:20.0108 5424  [ 58CF58DEE26C909BD6F977B61D246295 ] IntcDAud        C:\windows\system32\DRIVERS\IntcDAud.sys
13:37:20.0108 5424  IntcDAud - ok
13:37:20.0155 5424  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\windows\system32\drivers\intelide.sys
13:37:20.0155 5424  intelide - ok
13:37:20.0217 5424  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys
13:37:20.0217 5424  intelppm - ok
13:37:20.0264 5424  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\windows\system32\ipbusenum.dll
13:37:20.0264 5424  IPBusEnum - ok
13:37:20.0295 5424  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
13:37:20.0295 5424  IpFilterDriver - ok
13:37:20.0389 5424  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
13:37:20.0404 5424  iphlpsvc - ok
13:37:20.0451 5424  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys
13:37:20.0451 5424  IPMIDRV - ok
13:37:20.0482 5424  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\windows\system32\drivers\ipnat.sys
13:37:20.0482 5424  IPNAT - ok
13:37:20.0514 5424  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\windows\system32\drivers\irenum.sys
13:37:20.0514 5424  IRENUM - ok
13:37:20.0576 5424  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\windows\system32\drivers\isapnp.sys
13:37:20.0576 5424  isapnp - ok
13:37:20.0607 5424  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys
13:37:20.0623 5424  iScsiPrt - ok
13:37:20.0654 5424  [ 7DBAFE10C1B777305C80BEA42FBDA710 ] k57nd60a        C:\windows\system32\DRIVERS\k57nd60a.sys
13:37:20.0670 5424  k57nd60a - ok
13:37:20.0701 5424  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\windows\system32\DRIVERS\kbdclass.sys
13:37:20.0701 5424  kbdclass - ok
13:37:20.0763 5424  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\windows\system32\DRIVERS\kbdhid.sys
13:37:20.0763 5424  kbdhid - ok
13:37:20.0794 5424  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\windows\system32\lsass.exe
13:37:20.0794 5424  KeyIso - ok
13:37:20.0841 5424  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
13:37:20.0841 5424  KSecDD - ok
13:37:20.0919 5424  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
13:37:20.0919 5424  KSecPkg - ok
13:37:20.0997 5424  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
13:37:20.0997 5424  ksthunk - ok
13:37:21.0044 5424  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\windows\system32\msdtckrm.dll
13:37:21.0044 5424  KtmRm - ok
13:37:21.0169 5424  [ 55480B9C63F3F91A8EBBADCBF28FE581 ] L1C             C:\windows\system32\DRIVERS\L1C62x64.sys
13:37:21.0169 5424  L1C - ok
13:37:21.0294 5424  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\windows\system32\srvsvc.dll
13:37:21.0309 5424  LanmanServer - ok
13:37:21.0372 5424  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
13:37:21.0372 5424  LanmanWorkstation - ok
13:37:21.0668 5424  [ 7FCB3EC66361F157BCD5B5C33CE2AC16 ] Lenovo ReadyComm AppSvc C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
13:37:21.0684 5424  Lenovo ReadyComm AppSvc - ok
13:37:21.0730 5424  [ 5287074E79E4BA82510886F684DC5F72 ] Lenovo ReadyComm ConnSvc C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
13:37:21.0730 5424  Lenovo ReadyComm ConnSvc - ok
13:37:21.0793 5424  [ BE166935083F9C38EDFDC21B9A7A679B ] LHDmgr          C:\windows\system32\DRIVERS\LhdX64.sys
13:37:21.0793 5424  LHDmgr - ok
13:37:21.0824 5424  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
13:37:21.0824 5424  lltdio - ok
13:37:21.0902 5424  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\windows\System32\lltdsvc.dll
13:37:21.0918 5424  lltdsvc - ok
13:37:21.0949 5424  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\windows\System32\lmhsvc.dll
13:37:21.0964 5424  lmhosts - ok
13:37:22.0058 5424  [ 0B4F38AA22D5634C48EDB18FE257F005 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
13:37:22.0058 5424  LMS - ok
13:37:22.0105 5424  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\windows\system32\DRIVERS\lsi_fc.sys
13:37:22.0105 5424  LSI_FC - ok
13:37:22.0120 5424  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\windows\system32\DRIVERS\lsi_sas.sys
13:37:22.0136 5424  LSI_SAS - ok
13:37:22.0152 5424  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\windows\system32\DRIVERS\lsi_sas2.sys
13:37:22.0152 5424  LSI_SAS2 - ok
13:37:22.0167 5424  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\windows\system32\DRIVERS\lsi_scsi.sys
13:37:22.0167 5424  LSI_SCSI - ok
13:37:22.0198 5424  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\windows\system32\drivers\luafv.sys
13:37:22.0198 5424  luafv - ok
13:37:22.0261 5424  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\windows\system32\Mcx2Svc.dll
13:37:22.0276 5424  Mcx2Svc - ok
13:37:22.0292 5424  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\windows\system32\DRIVERS\megasas.sys
13:37:22.0292 5424  megasas - ok
13:37:22.0323 5424  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\windows\system32\DRIVERS\MegaSR.sys
13:37:22.0323 5424  MegaSR - ok
13:37:22.0354 5424  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\windows\system32\mmcss.dll
13:37:22.0354 5424  MMCSS - ok
13:37:22.0370 5424  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\windows\system32\drivers\modem.sys
13:37:22.0370 5424  Modem - ok
13:37:22.0401 5424  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\windows\system32\DRIVERS\monitor.sys
13:37:22.0401 5424  monitor - ok
13:37:22.0448 5424  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys
13:37:22.0448 5424  mouclass - ok
13:37:22.0479 5424  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys
13:37:22.0495 5424  mouhid - ok
13:37:22.0557 5424  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
13:37:22.0557 5424  mountmgr - ok
13:37:22.0651 5424  [ E8D79312373F254DC13F3965BDB3D521 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:37:22.0651 5424  MozillaMaintenance - ok
13:37:22.0682 5424  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\windows\system32\drivers\mpio.sys
13:37:22.0682 5424  mpio - ok
13:37:22.0713 5424  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
13:37:22.0713 5424  mpsdrv - ok
13:37:22.0760 5424  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\windows\system32\mpssvc.dll
13:37:22.0776 5424  MpsSvc - ok
13:37:22.0869 5424  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
13:37:22.0869 5424  MRxDAV - ok
13:37:22.0916 5424  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
13:37:22.0916 5424  mrxsmb - ok
13:37:22.0963 5424  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
13:37:22.0963 5424  mrxsmb10 - ok
13:37:22.0994 5424  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
13:37:22.0994 5424  mrxsmb20 - ok
13:37:23.0025 5424  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\windows\system32\drivers\msahci.sys
13:37:23.0025 5424  msahci - ok
13:37:23.0041 5424  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\windows\system32\drivers\msdsm.sys
13:37:23.0056 5424  msdsm - ok
13:37:23.0072 5424  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\windows\System32\msdtc.exe
13:37:23.0072 5424  MSDTC - ok
13:37:23.0134 5424  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\windows\system32\drivers\Msfs.sys
13:37:23.0134 5424  Msfs - ok
13:37:23.0166 5424  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
13:37:23.0166 5424  mshidkmdf - ok
13:37:23.0181 5424  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
13:37:23.0181 5424  msisadrv - ok
13:37:23.0228 5424  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\windows\system32\iscsiexe.dll
13:37:23.0228 5424  MSiSCSI - ok
13:37:23.0244 5424  msiserver - ok
13:37:23.0275 5424  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
13:37:23.0275 5424  MSKSSRV - ok
13:37:23.0306 5424  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
13:37:23.0306 5424  MSPCLOCK - ok
13:37:23.0337 5424  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
13:37:23.0337 5424  MSPQM - ok
13:37:23.0368 5424  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
13:37:23.0368 5424  MsRPC - ok
13:37:23.0400 5424  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\windows\system32\drivers\mssmbios.sys
13:37:23.0400 5424  mssmbios - ok
13:37:23.0431 5424  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
13:37:23.0431 5424  MSTEE - ok
13:37:23.0446 5424  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\windows\system32\DRIVERS\MTConfig.sys
13:37:23.0446 5424  MTConfig - ok
13:37:23.0462 5424  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\windows\system32\Drivers\mup.sys
13:37:23.0462 5424  Mup - ok
13:37:23.0493 5424  [ 6FFECC25B39DC7652A0CEC0ADA9DB589 ] mwlPSDFilter    C:\windows\system32\DRIVERS\mwlPSDFilter.sys
13:37:23.0493 5424  mwlPSDFilter - ok
13:37:23.0509 5424  [ 0BEFE32CA56D6EE89D58175725596A85 ] mwlPSDNServ     C:\windows\system32\DRIVERS\mwlPSDNServ.sys
13:37:23.0509 5424  mwlPSDNServ - ok
13:37:23.0524 5424  [ D43BC633B8660463E446E28E14A51262 ] mwlPSDVDisk     C:\windows\system32\DRIVERS\mwlPSDVDisk.sys
13:37:23.0524 5424  mwlPSDVDisk - ok
13:37:23.0571 5424  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\windows\system32\qagentRT.dll
13:37:23.0571 5424  napagent - ok
13:37:23.0618 5424  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
13:37:23.0634 5424  NativeWifiP - ok
13:37:23.0696 5424  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\windows\system32\drivers\ndis.sys
13:37:23.0712 5424  NDIS - ok
13:37:23.0743 5424  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
13:37:23.0758 5424  NdisCap - ok
13:37:23.0790 5424  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
13:37:23.0790 5424  NdisTapi - ok
13:37:23.0836 5424  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
13:37:23.0836 5424  Ndisuio - ok
13:37:23.0883 5424  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
13:37:23.0883 5424  NdisWan - ok
13:37:23.0946 5424  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
13:37:23.0946 5424  NDProxy - ok
13:37:23.0992 5424  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
13:37:23.0992 5424  NetBIOS - ok
13:37:24.0039 5424  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
13:37:24.0055 5424  NetBT - ok
13:37:24.0070 5424  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\windows\system32\lsass.exe
13:37:24.0086 5424  Netlogon - ok
13:37:24.0133 5424  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\windows\System32\netman.dll
13:37:24.0133 5424  Netman - ok
13:37:24.0148 5424  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\windows\System32\netprofm.dll
13:37:24.0164 5424  netprofm - ok
13:37:24.0195 5424  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:37:24.0195 5424  NetTcpPortSharing - ok
13:37:24.0336 5424  [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64        C:\windows\system32\DRIVERS\netw5v64.sys
13:37:24.0460 5424  netw5v64 - ok
13:37:24.0507 5424  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\windows\system32\DRIVERS\nfrd960.sys
13:37:24.0507 5424  nfrd960 - ok
13:37:24.0554 5424  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\windows\System32\nlasvc.dll
13:37:24.0554 5424  NlaSvc - ok
13:37:24.0570 5424  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\windows\system32\drivers\Npfs.sys
13:37:24.0570 5424  Npfs - ok
13:37:24.0601 5424  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\windows\system32\nsisvc.dll
13:37:24.0601 5424  nsi - ok
13:37:24.0632 5424  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
13:37:24.0632 5424  nsiproxy - ok
13:37:24.0710 5424  [ A2F74975097F52A00745F9637451FDD8 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
13:37:24.0726 5424  Ntfs - ok
13:37:24.0757 5424  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\windows\system32\drivers\Null.sys
13:37:24.0757 5424  Null - ok
13:37:25.0194 5424  [ 9F6ADE7EC1D5480AD1EF370859B26D5A ] nvlddmkm        C:\windows\system32\DRIVERS\nvlddmkm.sys
13:37:25.0240 5424  nvlddmkm - ok
13:37:25.0303 5424  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\windows\system32\drivers\nvraid.sys
13:37:25.0303 5424  nvraid - ok
13:37:25.0350 5424  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\windows\system32\drivers\nvstor.sys
13:37:25.0350 5424  nvstor - ok
13:37:25.0396 5424  [ 628167D7E894807EF883A13E34172C3C ] nvsvc           C:\windows\system32\nvvsvc.exe
13:37:25.0396 5424  nvsvc - ok
13:37:25.0521 5424  [ 1681E56145A43C0F1EDA60618D7AFD60 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
13:37:25.0537 5424  nvUpdatusService - ok
13:37:25.0584 5424  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
13:37:25.0584 5424  nv_agp - ok
13:37:25.0615 5424  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\windows\system32\drivers\ohci1394.sys
13:37:25.0630 5424  ohci1394 - ok
13:37:25.0724 5424  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:37:25.0724 5424  ose - ok
13:37:25.0896 5424  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:37:26.0020 5424  osppsvc - ok
13:37:26.0098 5424  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
13:37:26.0098 5424  p2pimsvc - ok
13:37:26.0145 5424  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\windows\system32\p2psvc.dll
13:37:26.0145 5424  p2psvc - ok
13:37:26.0192 5424  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\windows\system32\DRIVERS\parport.sys
13:37:26.0192 5424  Parport - ok
13:37:26.0223 5424  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\windows\system32\drivers\partmgr.sys
13:37:26.0223 5424  partmgr - ok
13:37:26.0239 5424  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\windows\System32\pcasvc.dll
13:37:26.0239 5424  PcaSvc - ok
13:37:26.0270 5424  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\windows\system32\drivers\pci.sys
13:37:26.0270 5424  pci - ok
13:37:26.0301 5424  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\windows\system32\drivers\pciide.sys
13:37:26.0301 5424  pciide - ok
13:37:26.0317 5424  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\windows\system32\DRIVERS\pcmcia.sys
13:37:26.0332 5424  pcmcia - ok
13:37:26.0348 5424  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\windows\system32\drivers\pcw.sys
13:37:26.0348 5424  pcw - ok
13:37:26.0379 5424  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\windows\system32\drivers\peauth.sys
13:37:26.0395 5424  PEAUTH - ok
13:37:26.0504 5424  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\windows\SysWow64\perfhost.exe
13:37:26.0504 5424  PerfHost - ok
13:37:26.0566 5424  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\windows\system32\pla.dll
13:37:26.0629 5424  pla - ok
13:37:26.0691 5424  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
13:37:26.0691 5424  PlugPlay - ok
13:37:26.0754 5424  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
13:37:26.0754 5424  PNRPAutoReg - ok
13:37:26.0785 5424  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
13:37:26.0785 5424  PNRPsvc - ok
13:37:26.0847 5424  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
13:37:26.0847 5424  PolicyAgent - ok
13:37:26.0878 5424  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\windows\system32\umpo.dll
13:37:26.0894 5424  Power - ok
13:37:26.0941 5424  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
13:37:26.0941 5424  PptpMiniport - ok
13:37:26.0972 5424  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\windows\system32\DRIVERS\processr.sys
13:37:26.0972 5424  Processor - ok
13:37:27.0034 5424  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\windows\system32\profsvc.dll
13:37:27.0034 5424  ProfSvc - ok
13:37:27.0050 5424  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
13:37:27.0050 5424  ProtectedStorage - ok
13:37:27.0097 5424  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\windows\system32\DRIVERS\pacer.sys
13:37:27.0097 5424  Psched - ok
13:37:27.0097 5424  PS_MDP - ok
13:37:27.0175 5424  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\windows\system32\DRIVERS\ql2300.sys
13:37:27.0222 5424  ql2300 - ok
13:37:27.0253 5424  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\windows\system32\DRIVERS\ql40xx.sys
13:37:27.0268 5424  ql40xx - ok
13:37:27.0300 5424  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\windows\system32\qwave.dll
13:37:27.0300 5424  QWAVE - ok
13:37:27.0331 5424  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
13:37:27.0331 5424  QWAVEdrv - ok
13:37:27.0346 5424  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
13:37:27.0346 5424  RasAcd - ok
13:37:27.0378 5424  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
13:37:27.0378 5424  RasAgileVpn - ok
13:37:27.0409 5424  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\windows\System32\rasauto.dll
13:37:27.0424 5424  RasAuto - ok
13:37:27.0456 5424  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
13:37:27.0456 5424  Rasl2tp - ok
13:37:27.0502 5424  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\windows\System32\rasmans.dll
13:37:27.0502 5424  RasMan - ok
13:37:27.0549 5424  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
13:37:27.0549 5424  RasPppoe - ok
13:37:27.0580 5424  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
13:37:27.0580 5424  RasSstp - ok
13:37:27.0627 5424  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
13:37:27.0627 5424  rdbss - ok
13:37:27.0643 5424  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\windows\system32\DRIVERS\rdpbus.sys
13:37:27.0643 5424  rdpbus - ok
13:37:27.0674 5424  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
13:37:27.0674 5424  RDPCDD - ok
13:37:27.0721 5424  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys
13:37:27.0721 5424  RDPENCDD - ok
13:37:27.0768 5424  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys
13:37:27.0768 5424  RDPREFMP - ok
13:37:27.0861 5424  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
13:37:27.0877 5424  RDPWD - ok
13:37:27.0908 5424  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
13:37:27.0924 5424  rdyboost - ok
13:37:27.0939 5424  ReadyComm.DirectRouter - ok
13:37:27.0970 5424  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\windows\System32\mprdim.dll
13:37:27.0970 5424  RemoteAccess - ok
13:37:28.0017 5424  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\windows\system32\regsvc.dll
13:37:28.0017 5424  RemoteRegistry - ok
13:37:28.0080 5424  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\windows\system32\DRIVERS\rfcomm.sys
13:37:28.0080 5424  RFCOMM - ok
13:37:28.0095 5424  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
13:37:28.0111 5424  RpcEptMapper - ok
13:37:28.0126 5424  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\windows\system32\locator.exe
13:37:28.0126 5424  RpcLocator - ok
13:37:28.0189 5424  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\windows\system32\rpcss.dll
13:37:28.0204 5424  RpcSs - ok
13:37:28.0251 5424  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
13:37:28.0251 5424  rspndr - ok
13:37:28.0298 5424  [ 79BAD3E977966AF21DF982DEF5A99C76 ] RSUSBSTOR       C:\windows\system32\Drivers\RtsUStor.sys
13:37:28.0314 5424  RSUSBSTOR - ok
13:37:28.0345 5424  [ 0D2BB5612CC0AF08EDD08FF8E196A9A5 ] RtLedService    C:\Program Files\Realtek\RtLED\RtLEDService.exe
13:37:28.0345 5424  RtLedService - ok
13:37:28.0376 5424  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\windows\system32\lsass.exe
13:37:28.0376 5424  SamSs - ok
13:37:28.0407 5424  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
13:37:28.0407 5424  sbp2port - ok
13:37:28.0438 5424  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\windows\System32\SCardSvr.dll
13:37:28.0454 5424  SCardSvr - ok
13:37:28.0470 5424  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
13:37:28.0470 5424  scfilter - ok
13:37:28.0516 5424  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\windows\system32\schedsvc.dll
13:37:28.0563 5424  Schedule - ok
13:37:28.0594 5424  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\windows\System32\certprop.dll
13:37:28.0594 5424  SCPolicySvc - ok
13:37:28.0626 5424  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\windows\System32\SDRSVC.dll
13:37:28.0641 5424  SDRSVC - ok
13:37:28.0735 5424  [ 331E7BDE228914574FC9AE6CD520DAFA ] SeaPort         C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
13:37:28.0750 5424  SeaPort - ok
13:37:28.0813 5424  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\windows\system32\drivers\secdrv.sys
13:37:28.0813 5424  secdrv - ok
13:37:28.0844 5424  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\windows\system32\seclogon.dll
13:37:28.0860 5424  seclogon - ok
13:37:28.0922 5424  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\windows\System32\sens.dll
13:37:28.0922 5424  SENS - ok
13:37:28.0969 5424  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\windows\system32\sensrsvc.dll
13:37:28.0984 5424  SensrSvc - ok
13:37:29.0016 5424  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\windows\system32\DRIVERS\serenum.sys
13:37:29.0016 5424  Serenum - ok
13:37:29.0062 5424  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\windows\system32\DRIVERS\serial.sys
13:37:29.0062 5424  Serial - ok
13:37:29.0125 5424  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\windows\system32\DRIVERS\sermouse.sys
13:37:29.0125 5424  sermouse - ok
13:37:29.0172 5424  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\windows\system32\sessenv.dll
13:37:29.0172 5424  SessionEnv - ok
13:37:29.0203 5424  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\windows\system32\drivers\sffdisk.sys
13:37:29.0218 5424  sffdisk - ok
13:37:29.0234 5424  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys
13:37:29.0234 5424  sffp_mmc - ok
13:37:29.0234 5424  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\windows\system32\drivers\sffp_sd.sys
13:37:29.0250 5424  sffp_sd - ok
13:37:29.0265 5424  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\windows\system32\DRIVERS\sfloppy.sys
13:37:29.0265 5424  sfloppy - ok
13:37:29.0328 5424  [ C6CC9297BD53E5229653303E556AA539 ] Sftfs           C:\windows\system32\DRIVERS\Sftfslh.sys
13:37:29.0343 5424  Sftfs - ok
13:37:29.0437 5424  [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
13:37:29.0452 5424  sftlist - ok
13:37:29.0499 5424  [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay         C:\windows\system32\DRIVERS\Sftplaylh.sys
13:37:29.0499 5424  Sftplay - ok
13:37:29.0546 5424  [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir        C:\windows\system32\DRIVERS\Sftredirlh.sys
13:37:29.0546 5424  Sftredir - ok
13:37:29.0577 5424  [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol          C:\windows\system32\DRIVERS\Sftvollh.sys
13:37:29.0593 5424  Sftvol - ok
13:37:29.0640 5424  [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
13:37:29.0640 5424  sftvsa - ok
13:37:29.0686 5424  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\windows\System32\ipnathlp.dll
13:37:29.0686 5424  SharedAccess - ok
13:37:29.0733 5424  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
13:37:29.0749 5424  ShellHWDetection - ok
13:37:29.0827 5424  [ C42DD1B109A6EBF9ED52E5B53801A03A ] Shockprf        C:\windows\system32\DRIVERS\Apsx64.sys
13:37:29.0827 5424  Shockprf - ok
13:37:29.0858 5424  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\windows\system32\DRIVERS\SiSRaid2.sys
13:37:29.0858 5424  SiSRaid2 - ok
13:37:29.0889 5424  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\windows\system32\DRIVERS\sisraid4.sys
13:37:29.0889 5424  SiSRaid4 - ok
13:37:29.0983 5424  [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
13:37:29.0983 5424  SkypeUpdate - ok
13:37:30.0014 5424  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\windows\system32\DRIVERS\smb.sys
13:37:30.0014 5424  Smb - ok
13:37:30.0092 5424  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\windows\System32\snmptrap.exe
13:37:30.0092 5424  SNMPTRAP - ok
13:37:30.0123 5424  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\windows\system32\drivers\spldr.sys
13:37:30.0123 5424  spldr - ok
13:37:30.0186 5424  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\windows\System32\spoolsv.exe
13:37:30.0201 5424  Spooler - ok
13:37:30.0435 5424  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\windows\system32\sppsvc.exe
13:37:30.0544 5424  sppsvc - ok
13:37:30.0607 5424  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\windows\system32\sppuinotify.dll
13:37:30.0607 5424  sppuinotify - ok
13:37:30.0669 5424  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\windows\system32\DRIVERS\srv.sys
13:37:30.0669 5424  srv - ok
13:37:30.0716 5424  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
13:37:30.0716 5424  srv2 - ok
13:37:30.0747 5424  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
13:37:30.0763 5424  srvnet - ok
13:37:30.0794 5424  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
13:37:30.0810 5424  SSDPSRV - ok
13:37:30.0810 5424  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\windows\system32\sstpsvc.dll
13:37:30.0825 5424  SstpSvc - ok
13:37:30.0841 5424  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\windows\system32\DRIVERS\stexstor.sys
13:37:30.0856 5424  stexstor - ok
13:37:30.0888 5424  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\windows\System32\wiaservc.dll
13:37:30.0903 5424  stisvc - ok
13:37:30.0934 5424  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\windows\system32\drivers\swenum.sys
13:37:30.0934 5424  swenum - ok
13:37:30.0966 5424  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\windows\System32\swprv.dll
13:37:30.0966 5424  swprv - ok
13:37:31.0044 5424  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\windows\system32\sysmain.dll
13:37:31.0106 5424  SysMain - ok
13:37:31.0153 5424  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
13:37:31.0168 5424  TabletInputService - ok
13:37:31.0200 5424  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\windows\System32\tapisrv.dll
13:37:31.0215 5424  TapiSrv - ok
13:37:31.0231 5424  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\windows\System32\tbssvc.dll
13:37:31.0231 5424  TBS - ok
13:37:31.0402 5424  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip           C:\windows\system32\drivers\tcpip.sys
13:37:31.0418 5424  Tcpip - ok
13:37:31.0496 5424  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
13:37:31.0512 5424  TCPIP6 - ok
13:37:31.0543 5424  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
13:37:31.0543 5424  tcpipreg - ok
13:37:31.0574 5424  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys
13:37:31.0590 5424  TDPIPE - ok
13:37:31.0621 5424  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\windows\system32\drivers\tdtcp.sys
13:37:31.0621 5424  TDTCP - ok
13:37:31.0652 5424  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
13:37:31.0652 5424  tdx - ok
13:37:31.0699 5424  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\windows\system32\drivers\termdd.sys
13:37:31.0699 5424  TermDD - ok
13:37:31.0746 5424  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\windows\System32\termsrv.dll
13:37:31.0761 5424  TermService - ok
13:37:31.0792 5424  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\windows\system32\themeservice.dll
13:37:31.0792 5424  Themes - ok
13:37:31.0808 5424  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\windows\system32\mmcss.dll
13:37:31.0808 5424  THREADORDER - ok
13:37:31.0808 5424  [ 74868C001C7214FBD88B1A57EBB04811 ] TPDIGIMN        C:\windows\system32\DRIVERS\ApsHM64.sys
13:37:31.0808 5424  TPDIGIMN - ok
13:37:31.0839 5424  [ 130E6B36A8EEE48AA4F0AC404236836B ] TPHDEXLGSVC     C:\windows\system32\TPHDEXLG64.exe
13:37:31.0855 5424  TPHDEXLGSVC - ok
13:37:31.0870 5424  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\windows\System32\trkwks.dll
13:37:31.0870 5424  TrkWks - ok
13:37:31.0948 5424  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
13:37:31.0948 5424  TrustedInstaller - ok
13:37:31.0980 5424  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys
13:37:31.0980 5424  tssecsrv - ok
13:37:32.0026 5424  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
13:37:32.0042 5424  TsUsbFlt - ok
13:37:32.0104 5424  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
13:37:32.0104 5424  tunnel - ok
13:37:32.0136 5424  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\windows\system32\DRIVERS\uagp35.sys
13:37:32.0136 5424  uagp35 - ok
13:37:32.0198 5424  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
13:37:32.0214 5424  udfs - ok
13:37:32.0276 5424  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\windows\system32\UI0Detect.exe
13:37:32.0276 5424  UI0Detect - ok
13:37:32.0292 5424  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
13:37:32.0292 5424  uliagpkx - ok
13:37:32.0354 5424  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\windows\system32\drivers\umbus.sys
13:37:32.0354 5424  umbus - ok
13:37:32.0385 5424  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\windows\system32\DRIVERS\umpass.sys
13:37:32.0401 5424  UmPass - ok
13:37:32.0510 5424  [ 6FDB1CA1ADD261F893C90738EBA37197 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
13:37:32.0604 5424  UNS - ok
13:37:32.0650 5424  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\windows\System32\upnphost.dll
13:37:32.0650 5424  upnphost - ok
13:37:32.0697 5424  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\windows\system32\DRIVERS\usbccgp.sys
13:37:32.0697 5424  usbccgp - ok
13:37:32.0744 5424  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\windows\system32\drivers\usbcir.sys
13:37:32.0744 5424  usbcir - ok
13:37:32.0775 5424  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\windows\system32\drivers\usbehci.sys
13:37:32.0775 5424  usbehci - ok
13:37:32.0806 5424  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys
13:37:32.0806 5424  usbhub - ok
13:37:32.0838 5424  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\windows\system32\drivers\usbohci.sys
13:37:32.0838 5424  usbohci - ok
13:37:32.0884 5424  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\windows\system32\DRIVERS\usbprint.sys
13:37:32.0884 5424  usbprint - ok
13:37:32.0931 5424  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\windows\system32\DRIVERS\usbscan.sys
13:37:32.0931 5424  usbscan - ok
13:37:32.0947 5424  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS
13:37:32.0947 5424  USBSTOR - ok
13:37:32.0978 5424  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\windows\system32\drivers\usbuhci.sys
13:37:32.0978 5424  usbuhci - ok
13:37:33.0025 5424  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\windows\System32\Drivers\usbvideo.sys
13:37:33.0025 5424  usbvideo - ok
13:37:33.0056 5424  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\windows\System32\uxsms.dll
13:37:33.0056 5424  UxSms - ok
13:37:33.0087 5424  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\windows\system32\lsass.exe
13:37:33.0087 5424  VaultSvc - ok
13:37:33.0118 5424  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
13:37:33.0118 5424  vdrvroot - ok
13:37:33.0165 5424  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\windows\System32\vds.exe
13:37:33.0181 5424  vds - ok
13:37:33.0243 5424  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\windows\system32\DRIVERS\vgapnp.sys
13:37:33.0259 5424  vga - ok
13:37:33.0274 5424  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\windows\System32\drivers\vga.sys
13:37:33.0274 5424  VgaSave - ok
13:37:33.0337 5424  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\windows\system32\drivers\vhdmp.sys
13:37:33.0337 5424  vhdmp - ok
13:37:33.0384 5424  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\windows\system32\drivers\viaide.sys
13:37:33.0384 5424  viaide - ok
13:37:33.0477 5424  [ 4D7427E0212D98CACB81C919E777B909 ] vm331avs        C:\windows\system32\Drivers\vm331avs.sys
13:37:33.0477 5424  vm331avs - ok
13:37:33.0524 5424  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\windows\system32\drivers\volmgr.sys
13:37:33.0524 5424  volmgr - ok
13:37:33.0571 5424  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
13:37:33.0571 5424  volmgrx - ok
13:37:33.0586 5424  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\windows\system32\drivers\volsnap.sys
13:37:33.0602 5424  volsnap - ok
13:37:33.0649 5424  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\windows\system32\DRIVERS\vsmraid.sys
13:37:33.0649 5424  vsmraid - ok
13:37:33.0711 5424  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\windows\system32\vssvc.exe
13:37:33.0758 5424  VSS - ok
13:37:33.0774 5424  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\windows\system32\DRIVERS\vwifibus.sys
13:37:33.0774 5424  vwifibus - ok
13:37:33.0789 5424  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
13:37:33.0805 5424  vwififlt - ok
13:37:33.0852 5424  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\windows\system32\w32time.dll
13:37:33.0867 5424  W32Time - ok
13:37:33.0898 5424  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\windows\system32\DRIVERS\wacompen.sys
13:37:33.0898 5424  WacomPen - ok
13:37:33.0945 5424  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys
13:37:33.0945 5424  WANARP - ok
13:37:33.0976 5424  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
13:37:33.0976 5424  Wanarpv6 - ok
13:37:34.0054 5424  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\windows\system32\wbengine.exe
13:37:34.0117 5424  wbengine - ok
13:37:34.0179 5424  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
13:37:34.0195 5424  WbioSrvc - ok
13:37:34.0226 5424  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\windows\System32\wcncsvc.dll
13:37:34.0242 5424  wcncsvc - ok
13:37:34.0288 5424  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
13:37:34.0288 5424  WcsPlugInService - ok
13:37:34.0320 5424  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\windows\system32\DRIVERS\wd.sys
13:37:34.0320 5424  Wd - ok
13:37:34.0351 5424  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
13:37:34.0351 5424  Wdf01000 - ok
13:37:34.0366 5424  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\windows\system32\wdi.dll
13:37:34.0382 5424  WdiServiceHost - ok
13:37:34.0382 5424  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\windows\system32\wdi.dll
13:37:34.0382 5424  WdiSystemHost - ok
13:37:34.0429 5424  [ 2A444ACF7DD446505BCC801F8F6AE5FD ] wdmirror        C:\windows\system32\DRIVERS\WDMirror.sys
13:37:34.0429 5424  wdmirror - ok
13:37:34.0491 5424  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\windows\System32\webclnt.dll
13:37:34.0491 5424  WebClient - ok
13:37:34.0507 5424  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\windows\system32\wecsvc.dll
13:37:34.0522 5424  Wecsvc - ok
13:37:34.0538 5424  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\windows\System32\wercplsupport.dll
13:37:34.0538 5424  wercplsupport - ok
13:37:34.0585 5424  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\windows\System32\WerSvc.dll
13:37:34.0585 5424  WerSvc - ok
13:37:34.0616 5424  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys
13:37:34.0616 5424  WfpLwf - ok
13:37:34.0632 5424  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\windows\system32\drivers\wimmount.sys
13:37:34.0632 5424  WIMMount - ok
13:37:34.0663 5424  WinDefend - ok
13:37:34.0663 5424  WinHttpAutoProxySvc - ok
13:37:34.0725 5424  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
13:37:34.0725 5424  Winmgmt - ok
13:37:34.0803 5424  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\windows\system32\WsmSvc.dll
13:37:34.0850 5424  WinRM - ok
13:37:34.0912 5424  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys
13:37:34.0912 5424  WinUsb - ok
13:37:34.0959 5424  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\windows\System32\wlansvc.dll
13:37:34.0990 5424  Wlansvc - ok
13:37:35.0006 5424  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\windows\system32\drivers\wmiacpi.sys
13:37:35.0006 5424  WmiAcpi - ok
13:37:35.0037 5424  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
13:37:35.0037 5424  wmiApSrv - ok
13:37:35.0084 5424  WMPNetworkSvc - ok
13:37:35.0131 5424  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\windows\System32\wpcsvc.dll
13:37:35.0146 5424  WPCSvc - ok
13:37:35.0178 5424  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
13:37:35.0193 5424  WPDBusEnum - ok
13:37:35.0209 5424  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
13:37:35.0209 5424  ws2ifsl - ok
13:37:35.0224 5424  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\windows\System32\wscsvc.dll
13:37:35.0240 5424  wscsvc - ok
13:37:35.0240 5424  WSearch - ok
13:37:35.0287 5424  [ 83575C43B2BFE9AB0661A7F957E843C0 ] wsvd            C:\windows\system32\DRIVERS\wsvd.sys
13:37:35.0287 5424  wsvd - ok
13:37:35.0458 5424  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\windows\system32\wuaueng.dll
13:37:35.0552 5424  wuauserv - ok
13:37:35.0583 5424  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
13:37:35.0583 5424  WudfPf - ok
13:37:35.0630 5424  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\windows\system32\DRIVERS\WUDFRd.sys
13:37:35.0630 5424  WUDFRd - ok
13:37:35.0661 5424  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
13:37:35.0661 5424  wudfsvc - ok
13:37:35.0692 5424  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\windows\System32\wwansvc.dll
13:37:35.0692 5424  WwanSvc - ok
13:37:35.0739 5424  ================ Scan global ===============================
13:37:35.0770 5424  [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
13:37:35.0802 5424  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
13:37:35.0817 5424  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
13:37:35.0864 5424  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
13:37:35.0911 5424  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
13:37:35.0911 5424  [Global] - ok
13:37:35.0911 5424  ================ Scan MBR ==================================
13:37:35.0926 5424  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
13:37:36.0192 5424  \Device\Harddisk0\DR0 - ok
13:37:36.0207 5424  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
13:37:36.0207 5424  \Device\Harddisk1\DR1 - ok
13:37:36.0207 5424  ================ Scan VBR ==================================
13:37:36.0223 5424  [ 20BE5F0A0CF51897DDB8D3A92DDADCCB ] \Device\Harddisk0\DR0\Partition1
13:37:36.0223 5424  \Device\Harddisk0\DR0\Partition1 - ok
13:37:36.0238 5424  [ FF6BA3418DB57495847A039FB4A87F0D ] \Device\Harddisk0\DR0\Partition2
13:37:36.0238 5424  \Device\Harddisk0\DR0\Partition2 - ok
13:37:36.0270 5424  [ 8FE3BB16407C4458CF09EB233A8EAD61 ] \Device\Harddisk0\DR0\Partition3
13:37:36.0270 5424  \Device\Harddisk0\DR0\Partition3 - ok
13:37:36.0270 5424  [ 782596A8CB4911398A9F70708D962354 ] \Device\Harddisk1\DR1\Partition1
13:37:36.0270 5424  \Device\Harddisk1\DR1\Partition1 - ok
13:37:36.0270 5424  ============================================================
13:37:36.0270 5424  Scan finished
13:37:36.0270 5424  ============================================================
13:37:36.0285 5408  Detected object count: 0
13:37:36.0285 5408  Actual detected object count: 0

TB · 18.09.2012, 13:16

Sieht ja soweit gut aus...

Online Scanner ESET

ESET Online Scanner

Bitte während der Online-Scans evtl. vorhandene externe Festplatten einschalten! Bitte während der Scans alle Hintergrundwächter (Anti-Virus-Programm, Firewall, Skriptblocking und ähnliches) abstellen und nicht vergessen, alles hinterher wieder einzuschalten.

Unterstützte Betriebssysteme: Microsoft Windows 98/ME/NT 4.0/2000/XP und Windows Vista/ W7
Anmerkung für Vista/W7-User: Bitte den Browser unbedingt als Administrator starten.
Dein Anti-Virus-Programm während des Scans deaktivieren.
Button "ESET Online Scanner" drücken.
Firefox-User müssen ein zusätzliches Addon (esetsmartinstaller_enu.exe) installieren.
Das Firefox-Addon auf dem Desktop speichern und dann installieren.
IE-User müssen das Installieren eines ActiveX Elements erlauben.
Einen Haken bei "Remove found threads" und "Scan archives" machen.
Start drücken.
Signaturen werden heruntergeladen.
Der Scan beginnt automatisch.
Finish drücken.
Browser schließen.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt suchen und mit Deinem Editor öffnen.
Logfile hier posten.
Deinstallation: Systemsteuerung => Software => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Poste mir das Logfile hier in den Thread.

**NH1109** · 18.09.2012, 19:21

Hier das Logfile des ESET-Scans:

Code:

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=1b2fdc64e48b3f4b9f40a13a293590aa
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-09-14 05:32:57
# local_time=2012-09-14 07:32:57 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=2304 16777215 100 0 0 0 0 0
# compatibility_mode=5893 16776573 100 94 15735 99266789 0 0
# compatibility_mode=8192 67108863 100 0 615 615 0 0
# scanned=316600
# found=1
# cleaned=1
# scan_time=7038
C:\_OTL\MovedFiles\09142012_132456\C_ProgramData\fgkkasirjzrkohc\main.html	HTML/Ransom.B trojan (cleaned by deleting - quarantined)	00000000000000000000000000000000	C
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=6a97ff34c5a9b649953d82e20f9ad8c1
# end=stopped
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-09-18 05:23:07
# local_time=2012-09-18 07:23:07 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=2304 16777215 100 0 0 0 0 0
# compatibility_mode=5893 16776573 100 94 20438 99615464 0 0
# compatibility_mode=8192 67108863 100 0 349290 349290 0 0
# scanned=4840
# found=0
# cleaned=0
# scan_time=3394
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=6a97ff34c5a9b649953d82e20f9ad8c1
# end=stopped
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-09-18 06:16:52
# local_time=2012-09-18 08:16:52 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=2304 16777215 100 0 0 0 0 0
# compatibility_mode=5893 16776573 100 94 82 99618987 0 0
# compatibility_mode=8192 67108863 100 0 352813 352813 0 0
# scanned=5753
# found=0
# cleaned=0
# scan_time=3094

TB · 19.09.2012, 07:54

Morgen NH1109,

sieht doch eigentlich schon ganz gut aus, wie läuft dein System jetzt?

Mach mal bitte weiter mit Java, was bei die hoffnungslos veraltet ist und mal schauen was secunia im Anschluss noch zutage bringt...

1.)
Welche Java-Version ist installiert?

Viele Schädlinge kommen über Sicherheitslücken in Java (sog. Exploits) auf ein System. Sofern Java benötigt wird, ist es unbedingt erforderlich, alte Versionen (falls vorhanden) zu deinstallieren und das Risiko zu minimieren, indem Java immer topaktuell gehalten wird.

Da mittlerweise selbst in den aktuellsten Versionen Sicherheitslücken vorhanden sind, Java am besten nur dann installieren, wenn es zwingend benötigt wird. Einige Kollegen haben Java inzwischen komplett von ihrem System verbannt und konnten keinerlei Einschränkungen feststellen. In diesem Artikel von helpster.de wird erklärt, was Java ist und wozu es benötigt wird.

Bei zscaler.com kannst Du testen, ob Deine Java-Version von bekannten Sicherheitslücken betroffen ist. Falls im Firefox das Addon NoScript installiert ist, Skripte auf dieser Seite erlauben.

Kontrolliere über Systemsteuerung => Programme, welche Java-Version installiert ist.
Falls es nicht Java Version 7 Update 6 ist:

Eventuell vorhandene ältere Versionen von Java über Systemsteuerung => Programme deinstallieren
ggfs. auch im Firefox unter Addons => Erweiterungen die alten Java-Versionen entfernen.
Bei Dir sehe ich:

Die Offline-Version von Java Version 7 Update 6 von Oracle findest Du hier.
Eventuell angebotene Toolbars nicht mitinstallieren, ggfs. also den Haken beim Toolbar-Angebot entfernen.

User mit 64Bit-System sollten die 32Bit-Version installieren. Es hat sich mehrfach gezeigt, dass die 64Bit-Version Probleme bereitet.

Unter Systemsteuerung => Java => Aktualisierung einstellen:
Benachrichtigung ausgeben => Vor der Installation
Haken bei Automatisch nach Aktualisierung suchen machen und unter Erweitert auf "Wöchentlich" einstellen.

Java-Cache leeren

Start => Systemsteuerung => Java => Allgemein => Temporäre Internet-Dateien "Einstellungen" => Dateien löschen => Haken bei "Anwendungen und Applets" sowie bei "Verfolgungs- und Protokolldateien" setzen => OK

Heute: Oracle stopft mit Patch die Sicherheitslücke in Java
http://www.heise.de/newsticker/meldu...e-1696086.html

2.)
Update veralteter Software?