Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
"Bundestrojaner"

"Bundestrojaner"


Plagegeister aller Art und deren Bekämpfung: "Bundestrojaner"

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 2 von 2 1 2
Alt 01.06.2012, 14:29   #16
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
"Bundestrojaner" - Standard

"Bundestrojaner"


Ich lösch das zweite Log mal bevor uns das völlig aus dem Konzept haut
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 01.06.2012, 14:32   #17
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
"Bundestrojaner" - Standard

"Bundestrojaner"


Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)


Code:
ATTFilter
:OTL
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: 63488 = C:\PROGRA~3\LOCALS~1\Temp\msotmoqvc.exe
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2179687536-1361230809-3296366687-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2179687536-1361230809-3296366687-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2179687536-1361230809-3296366687-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________

__________________
Alt 02.06.2012, 08:13   #18
feldba
 
"Bundestrojaner" - Standard

"Bundestrojaner"


Code:
ATTFilter
All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDrives deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\63488 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableLUA deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\PromptOnSecureDesktop deleted successfully.
Registry key HKEY_USERS\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\S-1-5-21-2179687536-1361230809-3296366687-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2179687536-1361230809-3296366687-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2179687536-1361230809-3296366687-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDrives deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Hofer
->Temp folder emptied: 4539427 bytes
->Temporary Internet Files folder emptied: 543566588 bytes
->Java cache emptied: 17087951 bytes
->Flash cache emptied: 101297 bytes
 
User: Patrick
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Public
->Temp folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 822712 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 36066959 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 574,00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: Default
 
User: Default User
 
User: Hofer
->Flash cache emptied: 0 bytes
 
User: Patrick
 
User: Public
 
Total Flash Files Cleaned = 0,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.43.1 log created on 06022012_090219

Files\Folders moved on Reboot...
C:\Users\Hofer\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Hofer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8BHM7HG0\115699-bundestrojaner-2[1].htm moved successfully.
C:\Users\Hofer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8BHM7HG0\data_sync[1].htm moved successfully.
C:\Users\Hofer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\87FLLSRW\115699-bundestrojaner-2[1].htm moved successfully.
C:\Users\Hofer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0NQM1FD3\aclk[1].htm moved successfully.
C:\Users\Hofer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0NQM1FD3\ads[2].htm moved successfully.
C:\Users\Hofer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0NQM1FD3\search[1].htm moved successfully.

Registry entries deleted on Reboot...
__________________
Alt 02.06.2012, 18:31   #19
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
"Bundestrojaner" - Standard

"Bundestrojaner"


Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 04.06.2012, 07:50   #20
feldba
 
"Bundestrojaner" - Standard

"Bundestrojaner"


Code:
ATTFilter
08:48:09.0450 5952	TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
08:48:10.0152 5952	============================================================
08:48:10.0152 5952	Current date / time: 2012/06/04 08:48:10.0152
08:48:10.0152 5952	SystemInfo:
08:48:10.0152 5952	
08:48:10.0152 5952	OS Version: 6.1.7600 ServicePack: 0.0
08:48:10.0152 5952	Product type: Workstation
08:48:10.0152 5952	ComputerName: HOFER-PC1
08:48:10.0152 5952	UserName: Hofer
08:48:10.0152 5952	Windows directory: C:\Windows
08:48:10.0152 5952	System windows directory: C:\Windows
08:48:10.0152 5952	Running under WOW64
08:48:10.0152 5952	Processor architecture: Intel x64
08:48:10.0152 5952	Number of processors: 4
08:48:10.0152 5952	Page size: 0x1000
08:48:10.0152 5952	Boot type: Normal boot
08:48:10.0152 5952	============================================================
08:48:11.0525 5952	Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:48:11.0541 5952	Drive \Device\Harddisk5\DR5 - Size: 0x3C3FFE00 (0.94 Gb), SectorSize: 0x200, Cylinders: 0x7A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
08:48:11.0556 5952	============================================================
08:48:11.0556 5952	\Device\Harddisk0\DR0:
08:48:11.0556 5952	MBR partitions:
08:48:11.0556 5952	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2B800, BlocksNum 0x123F000
08:48:11.0556 5952	\Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x126A800, BlocksNum 0x495ED000
08:48:11.0556 5952	\Device\Harddisk5\DR5:
08:48:11.0556 5952	MBR partitions:
08:48:11.0556 5952	\Device\Harddisk5\DR5\Partition0: MBR, Type 0xE, StartLBA 0x3F, BlocksNum 0x1E1FC0
08:48:11.0556 5952	============================================================
08:48:11.0572 5952	C: <-> \Device\Harddisk0\DR0\Partition1
08:48:11.0572 5952	============================================================
08:48:11.0572 5952	Initialize success
08:48:11.0572 5952	============================================================
08:48:30.0791 5188	============================================================
08:48:30.0791 5188	Scan started
08:48:30.0791 5188	Mode: Manual; SigCheck; TDLFS; 
08:48:30.0791 5188	============================================================
08:48:31.0431 5188	0009051338363234mcinstcleanup - ok
08:48:31.0540 5188	1394ohci        (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
08:48:31.0711 5188	1394ohci - ok
08:48:31.0743 5188	ACPI            (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
08:48:31.0758 5188	ACPI - ok
08:48:31.0774 5188	AcpiPmi         (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
08:48:31.0867 5188	AcpiPmi - ok
08:48:31.0899 5188	adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
08:48:31.0945 5188	adp94xx - ok
08:48:31.0992 5188	adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
08:48:32.0023 5188	adpahci - ok
08:48:32.0039 5188	adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
08:48:32.0070 5188	adpu320 - ok
08:48:32.0086 5188	AeLookupSvc     (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
08:48:32.0257 5188	AeLookupSvc - ok
08:48:32.0304 5188	AERTFilters     (3ac22a3dfa8a050e35f0e3cd99d0cdf2) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
08:48:32.0429 5188	AERTFilters - ok
08:48:32.0491 5188	AFD             (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
08:48:32.0569 5188	AFD - ok
08:48:32.0616 5188	agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
08:48:32.0632 5188	agp440 - ok
08:48:32.0663 5188	ALG             (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
08:48:32.0741 5188	ALG - ok
08:48:32.0757 5188	aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
08:48:32.0772 5188	aliide - ok
08:48:32.0788 5188	amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
08:48:32.0803 5188	amdide - ok
08:48:32.0819 5188	AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
08:48:32.0866 5188	AmdK8 - ok
08:48:32.0897 5188	AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
08:48:32.0913 5188	AmdPPM - ok
08:48:32.0959 5188	amdsata         (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
08:48:32.0975 5188	amdsata - ok
08:48:33.0022 5188	amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
08:48:33.0037 5188	amdsbs - ok
08:48:33.0069 5188	amdxata         (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
08:48:33.0084 5188	amdxata - ok
08:48:33.0115 5188	AppID           (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
08:48:33.0225 5188	AppID - ok
08:48:33.0240 5188	AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
08:48:33.0334 5188	AppIDSvc - ok
08:48:33.0365 5188	Appinfo         (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
08:48:33.0427 5188	Appinfo - ok
08:48:33.0474 5188	AppMgmt         (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
08:48:33.0521 5188	AppMgmt - ok
08:48:33.0537 5188	arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
08:48:33.0552 5188	arc - ok
08:48:33.0583 5188	arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
08:48:33.0599 5188	arcsas - ok
08:48:33.0615 5188	AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
08:48:33.0693 5188	AsyncMac - ok
08:48:33.0708 5188	atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
08:48:33.0724 5188	atapi - ok
08:48:33.0771 5188	AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
08:48:33.0833 5188	AudioEndpointBuilder - ok
08:48:33.0833 5188	AudioSrv        (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
08:48:33.0864 5188	AudioSrv - ok
08:48:33.0895 5188	AxInstSV        (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
08:48:34.0005 5188	AxInstSV - ok
08:48:34.0036 5188	b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
08:48:34.0114 5188	b06bdrv - ok
08:48:34.0145 5188	b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
08:48:34.0223 5188	b57nd60a - ok
08:48:34.0239 5188	BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
08:48:34.0270 5188	BDESVC - ok
08:48:34.0285 5188	Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
08:48:34.0379 5188	Beep - ok
08:48:34.0457 5188	BFE             (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
08:48:34.0566 5188	BFE - ok
08:48:34.0629 5188	BITS            (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\system32\qmgr.dll
08:48:34.0707 5188	BITS - ok
08:48:34.0753 5188	blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
08:48:34.0800 5188	blbdrive - ok
08:48:34.0847 5188	bowser          (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
08:48:34.0941 5188	bowser - ok
08:48:34.0956 5188	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:48:35.0003 5188	BrFiltLo - ok
08:48:35.0019 5188	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:48:35.0034 5188	BrFiltUp - ok
08:48:35.0065 5188	BridgeMP        (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
08:48:35.0175 5188	BridgeMP - ok
08:48:35.0206 5188	Browser         (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
08:48:35.0284 5188	Browser - ok
08:48:35.0315 5188	Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
08:48:35.0377 5188	Brserid - ok
08:48:35.0393 5188	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
08:48:35.0440 5188	BrSerWdm - ok
08:48:35.0471 5188	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
08:48:35.0533 5188	BrUsbMdm - ok
08:48:35.0611 5188	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
08:48:35.0689 5188	BrUsbSer - ok
08:48:35.0783 5188	BthEnum         (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
08:48:35.0845 5188	BthEnum - ok
08:48:35.0861 5188	BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
08:48:35.0908 5188	BTHMODEM - ok
08:48:35.0970 5188	BthPan          (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
08:48:36.0033 5188	BthPan - ok
08:48:36.0126 5188	BTHPORT         (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys
08:48:36.0173 5188	BTHPORT - ok
08:48:36.0220 5188	bthserv         (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
08:48:36.0282 5188	bthserv - ok
08:48:36.0329 5188	BTHUSB          (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys
08:48:36.0360 5188	BTHUSB - ok
08:48:36.0376 5188	catchme - ok
08:48:36.0407 5188	cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
08:48:36.0485 5188	cdfs - ok
08:48:36.0516 5188	cdrom           (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
08:48:36.0594 5188	cdrom - ok
08:48:36.0625 5188	CertPropSvc     (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
08:48:36.0719 5188	CertPropSvc - ok
08:48:36.0766 5188	cfwids          (274ce03459896006f7a5069266e0469e) C:\Windows\system32\drivers\cfwids.sys
08:48:36.0797 5188	cfwids - ok
08:48:36.0828 5188	circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
08:48:36.0875 5188	circlass - ok
08:48:36.0922 5188	CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
08:48:36.0953 5188	CLFS - ok
08:48:37.0000 5188	clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:48:37.0031 5188	clr_optimization_v2.0.50727_32 - ok
08:48:37.0062 5188	clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:48:37.0093 5188	clr_optimization_v2.0.50727_64 - ok
08:48:37.0171 5188	clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:48:37.0203 5188	clr_optimization_v4.0.30319_32 - ok
08:48:37.0265 5188	clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:48:37.0296 5188	clr_optimization_v4.0.30319_64 - ok
08:48:37.0327 5188	CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
08:48:37.0343 5188	CmBatt - ok
08:48:37.0359 5188	cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
08:48:37.0374 5188	cmdide - ok
08:48:37.0421 5188	CNG             (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
08:48:37.0437 5188	CNG - ok
08:48:37.0452 5188	Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
08:48:37.0468 5188	Compbatt - ok
08:48:37.0483 5188	CompositeBus    (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
08:48:37.0546 5188	CompositeBus - ok
08:48:37.0546 5188	COMSysApp - ok
08:48:37.0577 5188	crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
08:48:37.0593 5188	crcdisk - ok
08:48:37.0639 5188	CryptSvc        (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
08:48:37.0717 5188	CryptSvc - ok
08:48:37.0764 5188	CSC             (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys
08:48:37.0842 5188	CSC - ok
08:48:37.0905 5188	CscService      (873fbf927c06e5cee04dec617502f8fd) C:\Windows\System32\cscsvc.dll
08:48:37.0998 5188	CscService - ok
08:48:38.0061 5188	DcomLaunch      (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
08:48:38.0154 5188	DcomLaunch - ok
08:48:38.0185 5188	defragsvc       (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
08:48:38.0248 5188	defragsvc - ok
08:48:38.0295 5188	DfsC            (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
08:48:38.0357 5188	DfsC - ok
08:48:38.0388 5188	Dhcp            (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
08:48:38.0497 5188	Dhcp - ok
08:48:38.0513 5188	discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
08:48:38.0591 5188	discache - ok
08:48:38.0653 5188	Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
08:48:38.0685 5188	Disk - ok
08:48:38.0716 5188	Dnscache        (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
08:48:38.0778 5188	Dnscache - ok
08:48:38.0794 5188	dot3svc         (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
08:48:38.0856 5188	dot3svc - ok
08:48:38.0887 5188	DPS             (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
08:48:38.0934 5188	DPS - ok
08:48:38.0997 5188	drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
08:48:39.0028 5188	drmkaud - ok
08:48:39.0106 5188	DXGKrnl         (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
08:48:39.0168 5188	DXGKrnl - ok
08:48:39.0184 5188	EapHost         (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
08:48:39.0262 5188	EapHost - ok
08:48:39.0480 5188	ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
08:48:39.0574 5188	ebdrv - ok
08:48:39.0667 5188	EFS             (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
08:48:39.0730 5188	EFS - ok
08:48:39.0823 5188	ehRecvr         (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
08:48:39.0901 5188	ehRecvr - ok
08:48:39.0948 5188	ehSched         (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
08:48:39.0995 5188	ehSched - ok
08:48:40.0073 5188	elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
08:48:40.0104 5188	elxstor - ok
08:48:40.0104 5188	ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
08:48:40.0135 5188	ErrDev - ok
08:48:40.0198 5188	EventSystem     (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
08:48:40.0260 5188	EventSystem - ok
08:48:40.0291 5188	exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
08:48:40.0385 5188	exfat - ok
08:48:40.0416 5188	fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
08:48:40.0494 5188	fastfat - ok
08:48:40.0557 5188	Fax             (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
08:48:40.0619 5188	Fax - ok
08:48:40.0635 5188	fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
08:48:40.0650 5188	fdc - ok
08:48:40.0681 5188	fdPHost         (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
08:48:40.0744 5188	fdPHost - ok
08:48:40.0791 5188	FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
08:48:40.0853 5188	FDResPub - ok
08:48:40.0900 5188	FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
08:48:40.0915 5188	FileInfo - ok
08:48:40.0931 5188	Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
08:48:41.0025 5188	Filetrace - ok
08:48:41.0040 5188	flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
08:48:41.0071 5188	flpydisk - ok
08:48:41.0118 5188	FltMgr          (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
08:48:41.0149 5188	FltMgr - ok
08:48:41.0243 5188	FontCache       (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll
08:48:41.0337 5188	FontCache - ok
08:48:41.0368 5188	FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:48:41.0383 5188	FontCache3.0.0.0 - ok
08:48:41.0415 5188	FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
08:48:41.0446 5188	FsDepends - ok
08:48:41.0477 5188	Fs_Rec          (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
08:48:41.0493 5188	Fs_Rec - ok
08:48:41.0555 5188	fvevol          (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
08:48:41.0571 5188	fvevol - ok
08:48:41.0602 5188	gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
08:48:41.0602 5188	gagp30kx - ok
08:48:41.0664 5188	gpsvc           (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
08:48:41.0742 5188	gpsvc - ok
08:48:41.0758 5188	hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
08:48:41.0851 5188	hcw85cir - ok
08:48:41.0883 5188	HDAudBus        (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
08:48:41.0945 5188	HDAudBus - ok
08:48:41.0976 5188	HECIx64         (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
08:48:41.0992 5188	HECIx64 - ok
08:48:42.0007 5188	HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
08:48:42.0054 5188	HidBatt - ok
08:48:42.0085 5188	HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
08:48:42.0132 5188	HidBth - ok
08:48:42.0163 5188	HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
08:48:42.0195 5188	HidIr - ok
08:48:42.0195 5188	hidserv         (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
08:48:42.0257 5188	hidserv - ok
08:48:42.0288 5188	HidUsb          (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
08:48:42.0319 5188	HidUsb - ok
08:48:42.0335 5188	hkmsvc          (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
08:48:42.0397 5188	hkmsvc - ok
08:48:42.0429 5188	HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
08:48:42.0491 5188	HomeGroupListener - ok
08:48:42.0522 5188	HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
08:48:42.0553 5188	HomeGroupProvider - ok
08:48:42.0600 5188	HpSAMD          (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
08:48:42.0616 5188	HpSAMD - ok
08:48:42.0678 5188	HTTP            (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
08:48:42.0756 5188	HTTP - ok
08:48:42.0787 5188	hwpolicy        (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
08:48:42.0819 5188	hwpolicy - ok
08:48:42.0834 5188	i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
08:48:42.0850 5188	i8042prt - ok
08:48:42.0881 5188	iaStorV         (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
08:48:42.0912 5188	iaStorV - ok
08:48:43.0084 5188	idsvc           (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:48:43.0131 5188	idsvc - ok
08:48:43.0162 5188	iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
08:48:43.0177 5188	iirsp - ok
08:48:43.0240 5188	IKEEXT          (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
08:48:43.0302 5188	IKEEXT - ok
08:48:43.0536 5188	IntcAzAudAddService (f04d22d7a49a1b2210dbadf0b803e870) C:\Windows\system32\drivers\RTKVHD64.sys
08:48:43.0583 5188	IntcAzAudAddService - ok
08:48:43.0692 5188	IntcDAud        (49072edbc5c2f964917d1b585c90ed0a) C:\Windows\system32\DRIVERS\IntcDAud.sys
08:48:43.0770 5188	IntcDAud - ok
08:48:43.0801 5188	intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
08:48:43.0817 5188	intelide - ok
08:48:43.0864 5188	intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
08:48:43.0911 5188	intelppm - ok
08:48:43.0957 5188	IPBusEnum       (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
08:48:44.0020 5188	IPBusEnum - ok
08:48:44.0067 5188	IpFilterDriver  (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:48:44.0098 5188	IpFilterDriver - ok
08:48:44.0145 5188	iphlpsvc        (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
08:48:44.0207 5188	iphlpsvc - ok
08:48:44.0223 5188	IPMIDRV         (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
08:48:44.0254 5188	IPMIDRV - ok
08:48:44.0285 5188	IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
08:48:44.0347 5188	IPNAT - ok
08:48:44.0394 5188	IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
08:48:44.0425 5188	IRENUM - ok
08:48:44.0425 5188	isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
08:48:44.0441 5188	isapnp - ok
08:48:44.0457 5188	iScsiPrt        (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
08:48:44.0488 5188	iScsiPrt - ok
08:48:44.0535 5188	k57nd60a        (9d7ea8c7215d8d4ae7be110eee61085d) C:\Windows\system32\DRIVERS\k57nd60a.sys
08:48:44.0566 5188	k57nd60a - ok
08:48:44.0581 5188	kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
08:48:44.0597 5188	kbdclass - ok
08:48:44.0628 5188	kbdhid          (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
08:48:44.0659 5188	kbdhid - ok
08:48:44.0722 5188	KeyIso          (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
08:48:44.0753 5188	KeyIso - ok
08:48:44.0784 5188	KSecDD          (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
08:48:44.0800 5188	KSecDD - ok
08:48:44.0815 5188	KSecPkg         (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
08:48:44.0831 5188	KSecPkg - ok
08:48:44.0831 5188	ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
08:48:44.0893 5188	ksthunk - ok
08:48:44.0956 5188	KtmRm           (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
08:48:45.0018 5188	KtmRm - ok
08:48:45.0081 5188	LanmanServer    (81f1d04d4d0e433099365127375fd501) C:\Windows\System32\srvsvc.dll
08:48:45.0127 5188	LanmanServer - ok
08:48:45.0159 5188	LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
08:48:45.0237 5188	LanmanWorkstation - ok
08:48:45.0268 5188	lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
08:48:45.0346 5188	lltdio - ok
08:48:45.0393 5188	lltdsvc         (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
08:48:45.0455 5188	lltdsvc - ok
08:48:45.0471 5188	lmhosts         (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
08:48:45.0502 5188	lmhosts - ok
08:48:45.0533 5188	LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
08:48:45.0549 5188	LSI_FC - ok
08:48:45.0564 5188	LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
08:48:45.0595 5188	LSI_SAS - ok
08:48:45.0611 5188	LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
08:48:45.0611 5188	LSI_SAS2 - ok
08:48:45.0642 5188	LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
08:48:45.0658 5188	LSI_SCSI - ok
08:48:45.0673 5188	luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
08:48:45.0720 5188	luafv - ok
08:48:45.0767 5188	MBAMProtector   (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
08:48:45.0798 5188	MBAMProtector - ok
08:48:45.0892 5188	MBAMService     (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
08:48:45.0923 5188	MBAMService - ok
08:48:46.0063 5188	McMPFSvc        (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
08:48:46.0095 5188	McMPFSvc - ok
08:48:46.0095 5188	mcmscsvc        (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
08:48:46.0110 5188	mcmscsvc - ok
08:48:46.0126 5188	McNaiAnn        (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
08:48:46.0141 5188	McNaiAnn - ok
08:48:46.0141 5188	McNASvc         (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
08:48:46.0157 5188	McNASvc - ok
08:48:46.0235 5188	McODS           (dd01bf24dd6bf70a90549f9a7bb2d1eb) C:\Program Files\McAfee\VirusScan\mcods.exe
08:48:46.0266 5188	McODS - ok
08:48:46.0282 5188	McProxy         (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
08:48:46.0297 5188	McProxy - ok
08:48:46.0360 5188	McShield        (e998e3b12101288d716558466cbf6ae1) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
08:48:46.0375 5188	McShield - ok
08:48:46.0453 5188	Mcx2Svc         (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
08:48:46.0516 5188	Mcx2Svc - ok
08:48:46.0531 5188	megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
08:48:46.0563 5188	megasas - ok
08:48:46.0594 5188	MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
08:48:46.0609 5188	MegaSR - ok
08:48:46.0641 5188	mfeapfk         (01884cb7655c8908b43ff5e364fe6fd2) C:\Windows\system32\drivers\mfeapfk.sys
08:48:46.0672 5188	mfeapfk - ok
08:48:46.0719 5188	mfeavfk         (dab9a9cdfb04e4d68924492aa043019d) C:\Windows\system32\drivers\mfeavfk.sys
08:48:46.0734 5188	mfeavfk - ok
08:48:46.0750 5188	mfeavfk01 - ok
08:48:46.0797 5188	mfefire         (b26782c3d6045b4464017d7926877560) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
08:48:46.0812 5188	mfefire - ok
08:48:46.0875 5188	mfefirek        (ce9a3680675c0907ade16404ca967b49) C:\Windows\system32\drivers\mfefirek.sys
08:48:46.0937 5188	mfefirek - ok
08:48:46.0999 5188	mfehidk         (60cf67458dd29cd17e77f2327b1a9a54) C:\Windows\system32\drivers\mfehidk.sys
08:48:47.0031 5188	mfehidk - ok
08:48:47.0062 5188	mfenlfk         (a8129cfb919347f8533c934b365e9202) C:\Windows\system32\DRIVERS\mfenlfk.sys
08:48:47.0077 5188	mfenlfk - ok
08:48:47.0109 5188	mferkdet        (5041fa2bd2b3a2693b015771bfbf6dca) C:\Windows\system32\drivers\mferkdet.sys
08:48:47.0140 5188	mferkdet - ok
08:48:47.0358 5188	mfevtp          (723a5eb6cef7f408c3d0f15a82a6bff8) C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
08:48:47.0374 5188	mfevtp - ok
08:48:47.0405 5188	mfewfpk         (919c56db14a0e1e2ab6da5d2821dc26e) C:\Windows\system32\drivers\mfewfpk.sys
08:48:47.0452 5188	mfewfpk - ok
08:48:47.0483 5188	MMCSS           (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
08:48:47.0545 5188	MMCSS - ok
08:48:47.0577 5188	Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
08:48:47.0655 5188	Modem - ok
08:48:47.0701 5188	monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
08:48:47.0748 5188	monitor - ok
08:48:47.0795 5188	mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
08:48:47.0811 5188	mouclass - ok
08:48:47.0842 5188	mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
08:48:47.0857 5188	mouhid - ok
08:48:47.0873 5188	mountmgr        (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
08:48:47.0889 5188	mountmgr - ok
08:48:47.0904 5188	mpio            (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
08:48:47.0935 5188	mpio - ok
08:48:47.0951 5188	mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
08:48:48.0013 5188	mpsdrv - ok
08:48:48.0060 5188	MpsSvc          (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
08:48:48.0154 5188	MpsSvc - ok
08:48:48.0169 5188	MRxDAV          (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
08:48:48.0232 5188	MRxDAV - ok
08:48:48.0279 5188	mrxsmb          (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
08:48:48.0310 5188	mrxsmb - ok
08:48:48.0341 5188	mrxsmb10        (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:48:48.0372 5188	mrxsmb10 - ok
08:48:48.0388 5188	mrxsmb20        (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:48:48.0419 5188	mrxsmb20 - ok
08:48:48.0450 5188	msahci          (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
08:48:48.0450 5188	msahci - ok
08:48:48.0481 5188	msdsm           (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
08:48:48.0497 5188	msdsm - ok
08:48:48.0513 5188	MSDTC           (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
08:48:48.0559 5188	MSDTC - ok
08:48:48.0606 5188	Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
08:48:48.0653 5188	Msfs - ok
08:48:48.0684 5188	mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
08:48:48.0747 5188	mshidkmdf - ok
08:48:48.0778 5188	msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
08:48:48.0778 5188	msisadrv - ok
08:48:48.0809 5188	MSiSCSI         (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
08:48:48.0871 5188	MSiSCSI - ok
08:48:48.0871 5188	msiserver - ok
08:48:49.0012 5188	MSK80Service    (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
08:48:49.0027 5188	MSK80Service - ok
08:48:49.0059 5188	MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
08:48:49.0137 5188	MSKSSRV - ok
08:48:49.0168 5188	MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
08:48:49.0215 5188	MSPCLOCK - ok
08:48:49.0230 5188	MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
08:48:49.0277 5188	MSPQM - ok
08:48:49.0339 5188	MsRPC           (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
08:48:49.0371 5188	MsRPC - ok
08:48:49.0402 5188	mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
08:48:49.0417 5188	mssmbios - ok
08:48:49.0480 5188	MSSQL$SQLEXPRESS - ok
08:48:49.0511 5188	MSSQLFDLauncher$SQLEXPRESS (aa511eb28672011a1d832f73e302f0a0) c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\fdlauncher.exe
08:48:49.0527 5188	MSSQLFDLauncher$SQLEXPRESS - ok
08:48:49.0605 5188	MSSQLServerADHelper100 (04ef36eaf5c4dbce424d81b76f1e9231) c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
08:48:49.0620 5188	MSSQLServerADHelper100 - ok
08:48:49.0620 5188	MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
08:48:49.0714 5188	MSTEE - ok
08:48:49.0729 5188	MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
08:48:49.0776 5188	MTConfig - ok
08:48:49.0807 5188	Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
08:48:49.0823 5188	Mup - ok
08:48:49.0854 5188	napagent        (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
08:48:49.0963 5188	napagent - ok
08:48:50.0010 5188	NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
08:48:50.0088 5188	NativeWifiP - ok
08:48:50.0166 5188	NDIS            (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
08:48:50.0197 5188	NDIS - ok
08:48:50.0213 5188	NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
08:48:50.0291 5188	NdisCap - ok
08:48:50.0338 5188	NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
08:48:50.0431 5188	NdisTapi - ok
08:48:50.0463 5188	Ndisuio         (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
08:48:50.0525 5188	Ndisuio - ok
08:48:50.0572 5188	NdisWan         (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
08:48:50.0619 5188	NdisWan - ok
08:48:50.0634 5188	NDProxy         (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
08:48:50.0681 5188	NDProxy - ok
08:48:50.0728 5188	NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
08:48:50.0806 5188	NetBIOS - ok
08:48:50.0837 5188	NetBT           (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
08:48:50.0884 5188	NetBT - ok
08:48:50.0915 5188	Netlogon        (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
08:48:50.0946 5188	Netlogon - ok
08:48:50.0993 5188	Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
08:48:51.0055 5188	Netman - ok
08:48:51.0087 5188	netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
08:48:51.0196 5188	netprofm - ok
08:48:51.0258 5188	NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
08:48:51.0289 5188	NetTcpPortSharing - ok
08:48:51.0321 5188	nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
08:48:51.0321 5188	nfrd960 - ok
08:48:51.0352 5188	NlaSvc          (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
08:48:51.0399 5188	NlaSvc - ok
08:48:51.0461 5188	nmwcdx64        (ad8c3895155ee8d057f073856b2d5851) C:\Windows\system32\drivers\nmwcdx64.sys
08:48:51.0539 5188	nmwcdx64 - ok
08:48:51.0570 5188	Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
08:48:51.0633 5188	Npfs - ok
08:48:51.0648 5188	nsi             (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
08:48:51.0711 5188	nsi - ok
08:48:51.0742 5188	nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
08:48:51.0835 5188	nsiproxy - ok
08:48:51.0960 5188	Ntfs            (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
08:48:52.0007 5188	Ntfs - ok
08:48:52.0085 5188	Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
08:48:52.0147 5188	Null - ok
08:48:52.0163 5188	NVHDA           (ad37248bd442d41c9a896e53eb8a85ee) C:\Windows\system32\drivers\nvhda64v.sys
08:48:52.0194 5188	NVHDA - ok
08:48:52.0834 5188	nvlddmkm        (fe625499f48a992fcb0b676f08833ffc) C:\Windows\system32\DRIVERS\nvlddmkm.sys
08:48:53.0099 5188	nvlddmkm - ok
08:48:53.0208 5188	nvraid          (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
08:48:53.0239 5188	nvraid - ok
08:48:53.0286 5188	nvstor          (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
08:48:53.0302 5188	nvstor - ok
08:48:53.0349 5188	nvsvc           (d2755afef371fadcfc5d9b83dcd4f4d4) C:\Windows\system32\nvvsvc.exe
08:48:53.0380 5188	nvsvc - ok
08:48:53.0411 5188	nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
08:48:53.0458 5188	nv_agp - ok
08:48:53.0567 5188	odserv          (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
08:48:53.0598 5188	odserv - ok
08:48:53.0614 5188	ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
08:48:53.0645 5188	ohci1394 - ok
08:48:53.0707 5188	ose             (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:48:53.0739 5188	ose - ok
08:48:53.0785 5188	p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
08:48:53.0863 5188	p2pimsvc - ok
08:48:53.0926 5188	p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
08:48:53.0957 5188	p2psvc - ok
08:48:53.0973 5188	Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
08:48:53.0988 5188	Parport - ok
08:48:54.0019 5188	partmgr         (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys
08:48:54.0035 5188	partmgr - ok
08:48:54.0051 5188	PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
08:48:54.0113 5188	PcaSvc - ok
08:48:54.0160 5188	pci             (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
08:48:54.0191 5188	pci - ok
08:48:54.0207 5188	pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
08:48:54.0222 5188	pciide - ok
08:48:54.0238 5188	pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
08:48:54.0269 5188	pcmcia - ok
08:48:54.0285 5188	pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
08:48:54.0285 5188	pcw - ok
08:48:54.0331 5188	PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
08:48:54.0409 5188	PEAUTH - ok
08:48:54.0534 5188	PeerDistSvc     (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
08:48:54.0612 5188	PeerDistSvc - ok
08:48:54.0675 5188	PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
08:48:54.0721 5188	PerfHost - ok
08:48:54.0877 5188	pla             (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
08:48:54.0971 5188	pla - ok
08:48:55.0065 5188	PlugPlay        (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
08:48:55.0143 5188	PlugPlay - ok
08:48:55.0158 5188	PNRPAutoReg     (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
08:48:55.0205 5188	PNRPAutoReg - ok
08:48:55.0236 5188	PNRPsvc         (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
08:48:55.0252 5188	PNRPsvc - ok
08:48:55.0299 5188	PolicyAgent     (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
08:48:55.0377 5188	PolicyAgent - ok
08:48:55.0423 5188	Power           (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
08:48:55.0501 5188	Power - ok
08:48:55.0564 5188	PptpMiniport    (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
08:48:55.0626 5188	PptpMiniport - ok
08:48:55.0657 5188	Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
08:48:55.0689 5188	Processor - ok
08:48:55.0735 5188	ProfSvc         (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
08:48:55.0767 5188	ProfSvc - ok
08:48:55.0798 5188	ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
08:48:55.0829 5188	ProtectedStorage - ok
08:48:55.0860 5188	Psched          (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
08:48:55.0954 5188	Psched - ok
08:48:56.0063 5188	ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
08:48:56.0125 5188	ql2300 - ok
08:48:56.0219 5188	ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
08:48:56.0250 5188	ql40xx - ok
08:48:56.0281 5188	QWAVE           (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
08:48:56.0297 5188	QWAVE - ok
08:48:56.0313 5188	QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
08:48:56.0359 5188	QWAVEdrv - ok
08:48:56.0359 5188	RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
08:48:56.0437 5188	RasAcd - ok
08:48:56.0484 5188	RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
08:48:56.0547 5188	RasAgileVpn - ok
08:48:56.0562 5188	RasAuto         (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
08:48:56.0609 5188	RasAuto - ok
08:48:56.0625 5188	Rasl2tp         (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
08:48:56.0718 5188	Rasl2tp - ok
08:48:56.0749 5188	RasMan          (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
08:48:56.0827 5188	RasMan - ok
08:48:56.0843 5188	RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
08:48:56.0905 5188	RasPppoe - ok
08:48:56.0921 5188	RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
08:48:56.0999 5188	RasSstp - ok
08:48:57.0046 5188	rdbss           (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
08:48:57.0108 5188	rdbss - ok
08:48:57.0139 5188	rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
08:48:57.0155 5188	rdpbus - ok
08:48:57.0155 5188	RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
08:48:57.0186 5188	RDPCDD - ok
08:48:57.0217 5188	RDPDR           (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys
08:48:57.0295 5188	RDPDR - ok
08:48:57.0327 5188	RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
08:48:57.0389 5188	RDPENCDD - ok
08:48:57.0420 5188	RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
08:48:57.0467 5188	RDPREFMP - ok
08:48:57.0514 5188	RDPWD           (074ac702d8b8b660b0e1371555995386) C:\Windows\system32\drivers\RDPWD.sys
08:48:57.0561 5188	RDPWD - ok
08:48:57.0576 5188	rdyboost        (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
08:48:57.0607 5188	rdyboost - ok
08:48:57.0639 5188	RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
08:48:57.0732 5188	RemoteAccess - ok
08:48:57.0779 5188	RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
08:48:57.0873 5188	RemoteRegistry - ok
08:48:58.0107 5188	ReportServer$SQLEXPRESS (499556b74a1022906de888fab0389bfa) c:\Program Files\Microsoft SQL Server\MSRS10_50.SQLEXPRESS\Reporting Services\ReportServer\bin\ReportingServicesService.exe
08:48:58.0153 5188	ReportServer$SQLEXPRESS - ok
08:48:58.0263 5188	RFCOMM          (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
08:48:58.0325 5188	RFCOMM - ok
08:48:58.0356 5188	RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
08:48:58.0419 5188	RpcEptMapper - ok
08:48:58.0434 5188	RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
08:48:58.0481 5188	RpcLocator - ok
08:48:58.0512 5188	RpcSs           (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
08:48:58.0559 5188	RpcSs - ok
08:48:58.0606 5188	RsFx0150        (eb1c539e621a35a49f7692b0eb565ab9) C:\Windows\system32\DRIVERS\RsFx0150.sys
08:48:58.0637 5188	RsFx0150 - ok
08:48:58.0668 5188	rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
08:48:58.0699 5188	rspndr - ok
08:48:58.0715 5188	s3cap           (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys
08:48:58.0777 5188	s3cap - ok
08:48:58.0824 5188	SamSs           (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
08:48:58.0840 5188	SamSs - ok
08:48:58.0855 5188	sbp2port        (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
08:48:58.0871 5188	sbp2port - ok
08:48:58.0902 5188	SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
08:48:58.0980 5188	SCardSvr - ok
08:48:59.0011 5188	scfilter        (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
08:48:59.0074 5188	scfilter - ok
08:48:59.0152 5188	Schedule        (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
08:48:59.0245 5188	Schedule - ok
08:48:59.0277 5188	SCPolicySvc     (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
08:48:59.0308 5188	SCPolicySvc - ok
08:48:59.0323 5188	SDRSVC          (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
08:48:59.0386 5188	SDRSVC - ok
08:48:59.0417 5188	secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
08:48:59.0495 5188	secdrv - ok
08:48:59.0526 5188	seclogon        (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
08:48:59.0589 5188	seclogon - ok
08:48:59.0620 5188	SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
08:48:59.0698 5188	SENS - ok
08:48:59.0729 5188	SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
08:48:59.0791 5188	SensrSvc - ok
08:48:59.0807 5188	Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
08:48:59.0823 5188	Serenum - ok
08:48:59.0854 5188	Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
08:48:59.0901 5188	Serial - ok
08:48:59.0947 5188	sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
08:48:59.0963 5188	sermouse - ok
08:48:59.0994 5188	SessionEnv      (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
08:49:00.0041 5188	SessionEnv - ok
08:49:00.0057 5188	sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
08:49:00.0088 5188	sffdisk - ok
08:49:00.0119 5188	sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
08:49:00.0150 5188	sffp_mmc - ok
08:49:00.0181 5188	sffp_sd         (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
08:49:00.0228 5188	sffp_sd - ok
08:49:00.0244 5188	sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
08:49:00.0275 5188	sfloppy - ok
08:49:00.0369 5188	SftService      (7f475425582163602ef1589c0071e521) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
08:49:00.0400 5188	SftService - ok
08:49:00.0431 5188	SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
08:49:00.0493 5188	SharedAccess - ok
08:49:00.0509 5188	ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
08:49:00.0587 5188	ShellHWDetection - ok
08:49:00.0821 5188	SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
08:49:00.0852 5188	SiSRaid2 - ok
08:49:00.0868 5188	SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
08:49:00.0868 5188	SiSRaid4 - ok
08:49:00.0899 5188	Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
08:49:00.0930 5188	Smb - ok
08:49:00.0961 5188	SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
08:49:00.0993 5188	SNMPTRAP - ok
08:49:01.0024 5188	spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
08:49:01.0024 5188	spldr - ok
08:49:01.0086 5188	Spooler         (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
08:49:01.0164 5188	Spooler - ok
08:49:01.0367 5188	sppsvc          (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
08:49:01.0476 5188	sppsvc - ok
08:49:01.0570 5188	sppuinotify     (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
08:49:01.0648 5188	sppuinotify - ok
08:49:01.0726 5188	sprtsvc_DellSupportCenter (d630b6f2e8379b6f10dc16e82a426552) C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
08:49:01.0741 5188	sprtsvc_DellSupportCenter - ok
08:49:01.0851 5188	SQLAgent$SQLEXPRESS (70f05e8ece922c20e785a46224e12183) c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
08:49:01.0882 5188	SQLAgent$SQLEXPRESS - ok
08:49:01.0944 5188	SQLBrowser      (7d67c07c63796775cc5492bcfeaff125) c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
08:49:01.0960 5188	SQLBrowser - ok
08:49:02.0007 5188	SQLWriter       (f98ddfbfe0ee66d4c4b00693512b9527) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
08:49:02.0007 5188	SQLWriter - ok
08:49:02.0085 5188	srv             (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
08:49:02.0303 5188	srv - ok
08:49:02.0365 5188	srv2            (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
08:49:02.0381 5188	srv2 - ok
08:49:02.0428 5188	srvnet          (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
08:49:02.0475 5188	srvnet - ok
08:49:02.0537 5188	SSDPSRV         (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
08:49:02.0631 5188	SSDPSRV - ok
08:49:02.0662 5188	SstpSvc         (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
08:49:02.0740 5188	SstpSvc - ok
08:49:02.0771 5188	stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
08:49:02.0771 5188	stexstor - ok
08:49:02.0849 5188	stisvc          (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
08:49:02.0896 5188	stisvc - ok
08:49:02.0911 5188	storflt         (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys
08:49:02.0927 5188	storflt - ok
08:49:02.0943 5188	StorSvc         (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
08:49:03.0005 5188	StorSvc - ok
08:49:03.0036 5188	storvsc         (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys
08:49:03.0036 5188	storvsc - ok
08:49:03.0052 5188	swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
08:49:03.0067 5188	swenum - ok
08:49:03.0099 5188	swprv           (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
08:49:03.0177 5188	swprv - ok
08:49:03.0286 5188	SysMain         (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
08:49:03.0348 5188	SysMain - ok
08:49:03.0473 5188	TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
08:49:03.0535 5188	TabletInputService - ok
08:49:03.0582 5188	TapiSrv         (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
08:49:03.0676 5188	TapiSrv - ok
08:49:03.0723 5188	TBS             (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
08:49:03.0754 5188	TBS - ok
08:49:03.0894 5188	Tcpip           (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys
08:49:03.0957 5188	Tcpip - ok
08:49:04.0097 5188	TCPIP6          (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys
08:49:04.0144 5188	TCPIP6 - ok
08:49:04.0206 5188	tcpipreg        (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
08:49:04.0284 5188	tcpipreg - ok
08:49:04.0300 5188	TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
08:49:04.0315 5188	TDPIPE - ok
08:49:04.0347 5188	TDTCP           (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
08:49:04.0393 5188	TDTCP - ok
08:49:04.0440 5188	tdx             (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
08:49:04.0503 5188	tdx - ok
08:49:04.0612 5188	TeamViewer5     (d827a50cec8a16180eec4f1951b7a842) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
08:49:04.0627 5188	TeamViewer5 - ok
08:49:04.0659 5188	TermDD          (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
08:49:04.0659 5188	TermDD - ok
08:49:04.0737 5188	TermService     (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
08:49:04.0799 5188	TermService - ok
08:49:04.0830 5188	Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
08:49:04.0877 5188	Themes - ok
08:49:04.0924 5188	THREADORDER     (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
08:49:04.0955 5188	THREADORDER - ok
08:49:04.0971 5188	TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
08:49:05.0049 5188	TrkWks - ok
08:49:05.0111 5188	TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
08:49:05.0158 5188	TrustedInstaller - ok
08:49:05.0173 5188	tssecsrv        (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
08:49:05.0251 5188	tssecsrv - ok
08:49:05.0283 5188	tunnel          (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
08:49:05.0361 5188	tunnel - ok
08:49:05.0376 5188	uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
08:49:05.0392 5188	uagp35 - ok
08:49:05.0423 5188	udfs            (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
08:49:05.0517 5188	udfs - ok
08:49:05.0548 5188	UI0Detect       (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
08:49:05.0595 5188	UI0Detect - ok
08:49:05.0626 5188	uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
08:49:05.0641 5188	uliagpkx - ok
08:49:05.0657 5188	umbus           (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
08:49:05.0704 5188	umbus - ok
08:49:05.0735 5188	UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
08:49:05.0766 5188	UmPass - ok
08:49:05.0797 5188	UmRdpService    (af0ac98ee5077eb844413eb54287fde3) C:\Windows\System32\umrdp.dll
08:49:05.0813 5188	UmRdpService - ok
08:49:05.0891 5188	upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
08:49:06.0063 5188	upnphost - ok
08:49:06.0172 5188	usbccgp         (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
08:49:06.0250 5188	usbccgp - ok
08:49:06.0281 5188	usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
08:49:06.0328 5188	usbcir - ok
08:49:06.0375 5188	usbehci         (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\drivers\usbehci.sys
08:49:06.0406 5188	usbehci - ok
08:49:06.0437 5188	usbhub          (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
08:49:06.0499 5188	usbhub - ok
08:49:06.0531 5188	usbohci         (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
08:49:06.0562 5188	usbohci - ok
08:49:06.0577 5188	usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
08:49:06.0593 5188	usbprint - ok
08:49:06.0624 5188	USBSTOR         (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:49:06.0671 5188	USBSTOR - ok
08:49:06.0687 5188	usbuhci         (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
08:49:06.0718 5188	usbuhci - ok
08:49:06.0765 5188	UxSms           (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
08:49:06.0811 5188	UxSms - ok
08:49:06.0843 5188	VaultSvc        (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
08:49:06.0858 5188	VaultSvc - ok
08:49:06.0889 5188	vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
08:49:06.0905 5188	vdrvroot - ok
08:49:06.0936 5188	vds             (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
08:49:06.0967 5188	vds - ok
08:49:06.0983 5188	vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
08:49:06.0999 5188	vga - ok
08:49:07.0014 5188	VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
08:49:07.0077 5188	VgaSave - ok
08:49:07.0108 5188	vhdmp           (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
08:49:07.0139 5188	vhdmp - ok
08:49:07.0155 5188	viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
08:49:07.0170 5188	viaide - ok
08:49:07.0233 5188	VIP-Registrierung (a5014511b773cdc578e45d1c7a760d9d) C:\VIPReg\VIPRServ.exe
08:49:07.0264 5188	VIP-Registrierung ( UnsignedFile.Multi.Generic ) - warning
08:49:07.0264 5188	VIP-Registrierung - detected UnsignedFile.Multi.Generic (1)
08:49:07.0326 5188	vmbus           (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys
08:49:07.0357 5188	vmbus - ok
08:49:07.0373 5188	VMBusHID        (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys
08:49:07.0404 5188	VMBusHID - ok
08:49:07.0435 5188	volmgr          (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
08:49:07.0467 5188	volmgr - ok
08:49:07.0498 5188	volmgrx         (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
08:49:07.0513 5188	volmgrx - ok
08:49:07.0545 5188	volsnap         (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
08:49:07.0560 5188	volsnap - ok
08:49:07.0591 5188	vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
08:49:07.0623 5188	vsmraid - ok
08:49:07.0732 5188	VSS             (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
08:49:07.0810 5188	VSS - ok
08:49:07.0935 5188	vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
08:49:07.0966 5188	vwifibus - ok
08:49:07.0997 5188	W32Time         (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
08:49:08.0044 5188	W32Time - ok
08:49:08.0059 5188	WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
08:49:08.0106 5188	WacomPen - ok
08:49:08.0153 5188	WANARP          (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
08:49:08.0231 5188	WANARP - ok
08:49:08.0231 5188	Wanarpv6        (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
08:49:08.0278 5188	Wanarpv6 - ok
08:49:08.0403 5188	WatAdminSvc     (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
08:49:08.0449 5188	WatAdminSvc - ok
08:49:08.0543 5188	wbengine        (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
08:49:08.0621 5188	wbengine - ok
08:49:08.0699 5188	WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
08:49:08.0746 5188	WbioSrvc - ok
08:49:08.0793 5188	wcncsvc         (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
08:49:08.0871 5188	wcncsvc - ok
08:49:08.0886 5188	WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
08:49:08.0917 5188	WcsPlugInService - ok
08:49:08.0964 5188	Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
08:49:08.0980 5188	Wd - ok
08:49:09.0027 5188	Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
08:49:09.0042 5188	Wdf01000 - ok
08:49:09.0058 5188	WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
08:49:09.0089 5188	WdiServiceHost - ok
08:49:09.0089 5188	WdiSystemHost   (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
08:49:09.0105 5188	WdiSystemHost - ok
08:49:09.0136 5188	WebClient       (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
08:49:09.0167 5188	WebClient - ok
08:49:09.0198 5188	Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
08:49:09.0261 5188	Wecsvc - ok
08:49:09.0292 5188	wercplsupport   (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
08:49:09.0323 5188	wercplsupport - ok
08:49:09.0354 5188	WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
08:49:09.0432 5188	WerSvc - ok
08:49:09.0463 5188	WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
08:49:09.0495 5188	WfpLwf - ok
08:49:09.0541 5188	WimFltr         (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
08:49:09.0573 5188	WimFltr - ok
08:49:09.0588 5188	WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
08:49:09.0604 5188	WIMMount - ok
08:49:09.0619 5188	WinDefend - ok
08:49:09.0635 5188	WinHttpAutoProxySvc - ok
08:49:09.0682 5188	Winmgmt         (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
08:49:09.0729 5188	Winmgmt - ok
08:49:09.0853 5188	WinRM           (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
08:49:09.0931 5188	WinRM - ok
08:49:10.0056 5188	Wlansvc         (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
08:49:10.0119 5188	Wlansvc - ok
08:49:10.0150 5188	WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
08:49:10.0197 5188	WmiAcpi - ok
08:49:10.0275 5188	wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
08:49:10.0337 5188	wmiApSrv - ok
08:49:10.0384 5188	WMPNetworkSvc - ok
08:49:10.0399 5188	WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
08:49:10.0431 5188	WPCSvc - ok
08:49:10.0446 5188	WPDBusEnum      (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
08:49:10.0493 5188	WPDBusEnum - ok
08:49:10.0524 5188	ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
08:49:10.0587 5188	ws2ifsl - ok
08:49:10.0633 5188	wscsvc          (8f9f3969933c02da96eb0f84576db43e) C:\Windows\system32\wscsvc.dll
08:49:10.0727 5188	wscsvc - ok
08:49:10.0774 5188	WSDPrintDevice  (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
08:49:10.0821 5188	WSDPrintDevice - ok
08:49:10.0821 5188	WSearch - ok
08:49:10.0977 5188	wuauserv        (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll
08:49:11.0039 5188	wuauserv - ok
08:49:11.0117 5188	WudfPf          (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
08:49:11.0195 5188	WudfPf - ok
08:49:11.0226 5188	WUDFRd          (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
08:49:11.0289 5188	WUDFRd - ok
08:49:11.0304 5188	wudfsvc         (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
08:49:11.0351 5188	wudfsvc - ok
08:49:11.0398 5188	WwanSvc         (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
08:49:11.0445 5188	WwanSvc - ok
08:49:11.0460 5188	MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
08:49:11.0803 5188	\Device\Harddisk0\DR0 - ok
08:49:11.0803 5188	MBR (0x1B8)     (739b36f7a373fc81121d831231b6d311) \Device\Harddisk5\DR5
08:49:19.0213 5188	\Device\Harddisk5\DR5 - ok
08:49:19.0229 5188	Boot (0x1200)   (6d174b922b8db7dd72836bfc6e38680b) \Device\Harddisk0\DR0\Partition0
08:49:19.0229 5188	\Device\Harddisk0\DR0\Partition0 - ok
08:49:19.0245 5188	Boot (0x1200)   (297ed78a28dbe0e82a0a8bf8e9a98212) \Device\Harddisk0\DR0\Partition1
08:49:19.0245 5188	\Device\Harddisk0\DR0\Partition1 - ok
08:49:19.0245 5188	Boot (0x1200)   (f966e117376d30d46723186c7d5aa38a) \Device\Harddisk5\DR5\Partition0
08:49:19.0245 5188	\Device\Harddisk5\DR5\Partition0 - ok
08:49:19.0245 5188	============================================================
08:49:19.0245 5188	Scan finished
08:49:19.0245 5188	============================================================
08:49:19.0260 5180	Detected object count: 1
08:49:19.0260 5180	Actual detected object count: 1
08:49:40.0352 5180	VIP-Registrierung ( UnsignedFile.Multi.Generic ) - skipped by user
08:49:40.0352 5180	VIP-Registrierung ( UnsignedFile.Multi.Generic ) - User select action: Skip


Alt 04.06.2012, 12:55   #21
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
"Bundestrojaner" - Standard

"Bundestrojaner"


Zitat:
R2 VIP-Registrierung;VIP-Registrierung;c:\vipreg\VIPRServ.exe [2007-06-15 40960]
Sagt dir das irgendwas?
__________________
--> "Bundestrojaner"

Alt 04.06.2012, 12:56   #22
feldba
 
"Bundestrojaner" - Standard

"Bundestrojaner"


Zitat:
Zitat von cosinus Beitrag anzeigen
Sagt dir das irgendwas?
VIP ist die Software von einer Versicherung (Uniqa) - das dürfte schon passsen

Alt 04.06.2012, 16:15   #23
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
"Bundestrojaner" - Standard

"Bundestrojaner"


Ok, kannte ich nicht

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehalalrm!
  • Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort
Seite 2 von 2 1 2

Themen zu "Bundestrojaner"
adobe, cpu, defender, email, explorer, firefox, firewall, flash player, format, helper, intranet, logfile, mcafee firewall, nodrives, nvidia, office 2007, pdf, phishing, plug-in, programme, proxy, realtek, registry, searchscopes, security, svchost.exe, system, temp, usb, visual studio, windows


« Windows Verschlüsselungs trojaner eingefangen! | BKA-Virus durch E-Mail im Postfach mit Rechnungsanhang »


Ähnliche Themen: "Bundestrojaner"


  1. samsung galaxy tab 3 LITE "Bundestrojaner entfernen"
    Smartphone, Tablet & Handy Security - 24.02.2016 (17)
  2. Diverse Malware ("CoolSaleCoupon", "ddownlloaditkeep", "omiga-plus", "SaveSense", "SaleItCoupon"); lahmer PC & viel Werbung!
    Plagegeister aller Art und deren Bekämpfung - 11.01.2015 (16)
  3. "monstermarketplace.com" Infektion und ihre Folgen; "Anti-Virus-Blocker"," unsichtbare Toolbars" + "Browser-Hijacker" von selbst installiert
    Log-Analyse und Auswertung - 16.11.2013 (21)
  4. Bundestrojaner vor 1 Monat "entfernt", jedoch NICHT vollständig
    Log-Analyse und Auswertung - 07.08.2013 (13)
  5. "bundestrojaner" seit heute morgen auf pc
    Log-Analyse und Auswertung - 11.06.2013 (10)
  6. Bundestrojaner AppData\Roaming\Gyiv\dirao.exe aufgrund von Emailanhang "Vertrag Vorname Nachname.zip"
    Log-Analyse und Auswertung - 24.02.2013 (1)
  7. "Schweizer-Eidgenossenschafts-Trojaner" (dem "Bundestrojaner" sehr ähnlich)
    Plagegeister aller Art und deren Bekämpfung - 17.01.2013 (12)
  8. "Deutsche Post(eMail-Anhang)" Alle "EXE(Programme)" werden blockiert "WIN 7 Defender"
    Plagegeister aller Art und deren Bekämpfung - 27.12.2012 (3)
  9. Bundestrojaner Variante: "Ihr Computer wurde gesperrt"; " Ihr Computer wurde durch das Speichern der autom. Informationskontrolle gesperrt"
    Log-Analyse und Auswertung - 25.11.2012 (10)
  10. U-Cash "Bundestrojaner" Nachwirkungen beseitigen
    Plagegeister aller Art und deren Bekämpfung - 01.11.2012 (14)
  11. "The document has moved. Redirecting"+"Popup unten rechts"+"Nicht alle Links anklickbar"
    Plagegeister aller Art und deren Bekämpfung - 24.10.2012 (38)
  12. Bundestrojaner "Verstoß gegen Gesetze der Bundesrep Dtschl" Log Auswertung benötigt!
    Log-Analyse und Auswertung - 01.10.2012 (9)
  13. Probleme mit Internetverbindung über LAN und "wpbt0.dll-Fehlermeldung" nach entferntem Bundestrojaner
    Plagegeister aller Art und deren Bekämpfung - 04.09.2012 (1)
  14. C:\Users\HP\AppData\Local\Temp\0_0u_I.exe !!! "Bundestrojaner" ?!? Fehlermeldung
    Log-Analyse und Auswertung - 08.07.2012 (5)
  15. Nach "Bundestrojaner" verschlüsselte Datein entschlüsseln?
    Plagegeister aller Art und deren Bekämpfung - 27.04.2012 (1)
  16. "Adware.Virtumonde"/"Downloader.MisleadApp"/"TR/VB.agt.4"/"NewDotNet.A.1350"/"Fakerec
    Plagegeister aller Art und deren Bekämpfung - 22.08.2008 (6)
  17. ">"">><meta http-equiv="Refresh" content="0;url=http://askimizsonsuza.com/code/">"">
    Plagegeister aller Art und deren Bekämpfung - 04.09.2006 (4)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema "Bundestrojaner" - Ich lösch das zweite Log mal bevor uns das völlig aus dem Konzept haut - "Bundestrojaner"...
Archiv
Du betrachtest: "Bundestrojaner" auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129