| |
| |||||||
Log-Analyse und Auswertung: searchnu.com/410 Trojaner eingefangenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
20.04.2012, 08:22
| #1 | |
| |  searchnu.com/410 Trojaner eingefangen Hallo, ich habe hier den Laptop meiner Freundin stehen. Sie hat mir berichtet, dass sie seit Download und Installation einer Audio-Software von Chip.de plötzlich hxxp://www.searchnu.com/410 als Startseite im Firefox hat und das nicht mehr weggeht. Dies ist am letzten Dienstag Abend (17.04.2012) passiert. 1. Bisherige Tätigkeiten: 1.1 Mehrfacher Versuch auf einen Systemwiederherstellungspunkt zu springen, der vor der Installation der dubiosen Software lag. - Jedesmal nach Systemwiederherstellung kam nach dem erforderlichen Reboot die Meldung, dass die Systemwiederherstellung nicht geklappt hat, da der Zugriff auf manche Dateien verweigert wurde. - daraufhin nochmal mit deaktiviertem Virenscanner versucht, etc.. Hat nichts gebracht. 1.2. Malwarebytes heruntergeladen (mit Offline-Definitionsdateien). Scan mit Malwarebytes hat KEINE Infetkionen gefunden. (Siehe Log). 1.3. Spybot S&D Scan durchgeführt. Spybot hat mehrere Sachen gefunden und entfern (siehe Log). Unter anderem "DoubleClick", "jZip.Toolbar" und "MediaPlex". 1.4. Searchnu als Startseite in den Browseroptionen entfernt. Es kommt seither auch nicht wieder. 1.5. Bandoo Data Manager aus dem MSCONFIG Autostart herausgenommen. 1.6. Heise DESINFECT 2012 DVD gebootet. Kompletten Scan mit allen 5 (vorher aktualisierten) Scannern durchgeführt. Die haben mehrere Sachen gefunden ("Trojan.Dropper.Agent.VDC", "Trojan.Generic.3571928", Win32.Worm.DElf.NEC") Die Funde wurden durch die DESINFECT-Scanner in Quarantäne geschoben und in .VIRUS umbenannt. 2. Logs nach Trojaner-Board Checkliste 2.1 Defogger Defogger wurde erfolgreich ohne Fehlermeldung ausgeführt 2.1b Gmer Es handelt sich um ein 64bit-Betriebssystem, daher nicht ausgeführt. 2.2 DDS-Logs: Siehe "logs.zip" im Anhang (außer den DDS-Logs sind hier noch die S&D Logs, sowie das MBAM-Log drin). Logs aus der DESINFECT-Session habe ich aktuell nicht. Ziel/Problem: Ich habe nicht das Gefühl, dass das Notebook wieder sauber ist und erbitte daher eure Hilfe. Vielen Dank! Seit Erstellung des Threads konnte ich noch folgende Dinge tun: ####################### 1. ESET Online Tool Scan Zitat:
2. Quarantäne Dateien gelöscht, die die Desinfec't DVD erstellt hat (unterhalb von C:\ProgramData\Avira\AntiVir Desktop\INFECTED) ######################### 3. Mit CCleaner die Registry gesäubert (Standarddurchlauf) ######################### 4. Searchqu Toolbar im IE deaktiviert und entfernt 5. Im Firefox die Searchqu Toolbar deaktiviert und entfernt (in den Addons) ######################### 6. Scan mit Microsoft Safety Scanner: Keine Funde 7. Erneuter Scan mit Spybot S&D: Keine Funde mehr ######################### 8. Durchführen von Hijackthis Entfehrnen von 3 HBO-Einträgen in HijackThis (siehe Screenshot) ######################### 9. Erneuter Scan mit ESET Online Tool: Keine Funde mehr 10. Vollscan mit installiertem AVIRA Antivir: Keine Funde ########################## 11. Manuelles Löschen des Ordners C:\Programme (x86)\Windows Searchqu Toolbar. - Die Dateien BrowserConnection.dll und DNSBHO.dll ließen sich in diesem Ordner nicht löschen. - Starten von Windows im abgesicherten Modus. - Erneutes Manuelles Löschen der beiden Dateien im abgesicherten Modus nun erfolgreich. ########################### 12. Scan mit TDSSKiller: Keine Funde Code:
ATTFilter 16:56:33.0777 4148 TDSS rootkit removing tool 2.7.30.0 Apr 19 2012 15:10:31
16:56:33.0855 4148 ============================================================
16:56:33.0855 4148 Current date / time: 2012/04/20 16:56:33.0855
16:56:33.0855 4148 SystemInfo:
16:56:33.0855 4148
16:56:33.0855 4148 OS Version: 6.1.7601 ServicePack: 1.0
16:56:33.0855 4148 Product type: Workstation
16:56:33.0855 4148 ComputerName: DSCHOANNI-PC
16:56:33.0855 4148 UserName: Dschoanni
16:56:33.0855 4148 Windows directory: C:\windows
16:56:33.0855 4148 System windows directory: C:\windows
16:56:33.0855 4148 Running under WOW64
16:56:33.0855 4148 Processor architecture: Intel x64
16:56:33.0855 4148 Number of processors: 4
16:56:33.0855 4148 Page size: 0x1000
16:56:33.0855 4148 Boot type: Normal boot
16:56:33.0855 4148 ============================================================
16:56:34.0276 4148 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:56:34.0292 4148 \Device\Harddisk0\DR0:
16:56:34.0292 4148 MBR partitions:
16:56:34.0292 4148 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
16:56:34.0292 4148 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x1F9A0000
16:56:34.0307 4148 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1FA05000, BlocksNum 0x3CA7000
16:56:34.0370 4148 C: <-> \Device\Harddisk0\DR0\Partition1
16:56:34.0417 4148 D: <-> \Device\Harddisk0\DR0\Partition2
16:56:34.0417 4148 Initialize success
16:56:34.0417 4148 ============================================================
16:56:45.0789 5032 ============================================================
16:56:45.0789 5032 Scan started
16:56:45.0789 5032 Mode: Manual;
16:56:45.0789 5032 ============================================================
16:56:46.0413 5032 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
16:56:46.0429 5032 1394ohci - ok
16:56:46.0460 5032 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
16:56:46.0460 5032 ACPI - ok
16:56:46.0475 5032 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
16:56:46.0475 5032 AcpiPmi - ok
16:56:46.0522 5032 ACPIVPC (dc201246a14cb3b274df59faf539ab07) C:\windows\system32\DRIVERS\AcpiVpc.sys
16:56:46.0522 5032 ACPIVPC - ok
16:56:46.0569 5032 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
16:56:46.0585 5032 adp94xx - ok
16:56:46.0647 5032 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
16:56:46.0678 5032 adpahci - ok
16:56:46.0694 5032 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
16:56:46.0694 5032 adpu320 - ok
16:56:46.0725 5032 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
16:56:46.0725 5032 AeLookupSvc - ok
16:56:46.0772 5032 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys
16:56:46.0803 5032 AFD - ok
16:56:46.0865 5032 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
16:56:46.0865 5032 agp440 - ok
16:56:46.0928 5032 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
16:56:46.0959 5032 ALG - ok
16:56:47.0006 5032 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
16:56:47.0021 5032 aliide - ok
16:56:47.0037 5032 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
16:56:47.0037 5032 amdide - ok
16:56:47.0084 5032 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
16:56:47.0084 5032 AmdK8 - ok
16:56:47.0131 5032 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
16:56:47.0146 5032 AmdPPM - ok
16:56:47.0193 5032 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
16:56:47.0193 5032 amdsata - ok
16:56:47.0240 5032 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
16:56:47.0240 5032 amdsbs - ok
16:56:47.0271 5032 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
16:56:47.0287 5032 amdxata - ok
16:56:47.0349 5032 AntiVirSchedulerService (c27d46b06d340293670450fce9dfb166) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
16:56:47.0349 5032 AntiVirSchedulerService - ok
16:56:47.0365 5032 AntiVirService (72d90e56563165984224493069c69ed4) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
16:56:47.0365 5032 AntiVirService - ok
16:56:47.0458 5032 ApfiltrService (ab25bbac4daab97473e9afe7c90db299) C:\windows\system32\DRIVERS\Apfiltr.sys
16:56:47.0474 5032 ApfiltrService - ok
16:56:47.0521 5032 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
16:56:47.0552 5032 AppID - ok
16:56:47.0567 5032 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
16:56:47.0583 5032 AppIDSvc - ok
16:56:47.0661 5032 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll
16:56:47.0661 5032 Appinfo - ok
16:56:47.0723 5032 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
16:56:47.0723 5032 arc - ok
16:56:47.0739 5032 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
16:56:47.0755 5032 arcsas - ok
16:56:47.0770 5032 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
16:56:47.0786 5032 AsyncMac - ok
16:56:47.0833 5032 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
16:56:47.0833 5032 atapi - ok
16:56:47.0895 5032 athr (cca705cdf038d5bc243203ce4416b345) C:\windows\system32\DRIVERS\athrx.sys
16:56:47.0926 5032 athr - ok
16:56:48.0004 5032 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
16:56:48.0035 5032 AudioEndpointBuilder - ok
16:56:48.0051 5032 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
16:56:48.0051 5032 AudioSrv - ok
16:56:48.0098 5032 avgntflt (b1224e6b086cd6548315b04ab575a23e) C:\windows\system32\DRIVERS\avgntflt.sys
16:56:48.0098 5032 avgntflt - ok
16:56:48.0129 5032 avipbb (ed45f12cfa62b83765c9c1496758cc87) C:\windows\system32\DRIVERS\avipbb.sys
16:56:48.0129 5032 avipbb - ok
16:56:48.0176 5032 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll
16:56:48.0207 5032 AxInstSV - ok
16:56:48.0301 5032 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
16:56:48.0316 5032 b06bdrv - ok
16:56:48.0347 5032 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
16:56:48.0363 5032 b57nd60a - ok
16:56:48.0410 5032 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
16:56:48.0410 5032 BDESVC - ok
16:56:48.0472 5032 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
16:56:48.0472 5032 Beep - ok
16:56:48.0535 5032 BFE (82974d6a2fd19445cc5171fc378668a4) C:\windows\System32\bfe.dll
16:56:48.0566 5032 BFE - ok
16:56:48.0597 5032 BITS (1ea7969e3271cbc59e1730697dc74682) C:\windows\System32\qmgr.dll
16:56:48.0628 5032 BITS - ok
16:56:48.0722 5032 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
16:56:48.0722 5032 blbdrive - ok
16:56:48.0769 5032 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
16:56:48.0769 5032 bowser - ok
16:56:48.0800 5032 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
16:56:48.0800 5032 BrFiltLo - ok
16:56:48.0815 5032 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
16:56:48.0831 5032 BrFiltUp - ok
16:56:48.0878 5032 Bridge0 (34f786535f9245e4028c57b28248c9d8) C:\windows\system32\drivers\WDBridge.sys
16:56:48.0878 5032 Bridge0 - ok
16:56:48.0909 5032 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll
16:56:48.0925 5032 Browser - ok
16:56:48.0987 5032 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
16:56:49.0018 5032 Brserid - ok
16:56:49.0034 5032 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
16:56:49.0034 5032 BrSerWdm - ok
16:56:49.0049 5032 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
16:56:49.0049 5032 BrUsbMdm - ok
16:56:49.0065 5032 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
16:56:49.0065 5032 BrUsbSer - ok
16:56:49.0112 5032 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\windows\system32\drivers\BthEnum.sys
16:56:49.0127 5032 BthEnum - ok
16:56:49.0143 5032 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
16:56:49.0143 5032 BTHMODEM - ok
16:56:49.0159 5032 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\windows\system32\DRIVERS\bthpan.sys
16:56:49.0174 5032 BthPan - ok
16:56:49.0205 5032 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\windows\System32\Drivers\BTHport.sys
16:56:49.0221 5032 BTHPORT - ok
16:56:49.0299 5032 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
16:56:49.0299 5032 bthserv - ok
16:56:49.0346 5032 BTHUSB (f188b7394d81010767b6df3178519a37) C:\windows\System32\Drivers\BTHUSB.sys
16:56:49.0377 5032 BTHUSB - ok
16:56:49.0393 5032 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
16:56:49.0408 5032 cdfs - ok
16:56:49.0424 5032 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\drivers\cdrom.sys
16:56:49.0439 5032 cdrom - ok
16:56:49.0471 5032 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
16:56:49.0486 5032 CertPropSvc - ok
16:56:49.0549 5032 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
16:56:49.0549 5032 circlass - ok
16:56:49.0595 5032 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
16:56:49.0595 5032 CLFS - ok
16:56:49.0658 5032 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:56:49.0673 5032 clr_optimization_v2.0.50727_32 - ok
16:56:49.0705 5032 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:56:49.0720 5032 clr_optimization_v2.0.50727_64 - ok
16:56:49.0783 5032 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:56:49.0798 5032 clr_optimization_v4.0.30319_32 - ok
16:56:49.0829 5032 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:56:49.0861 5032 clr_optimization_v4.0.30319_64 - ok
16:56:49.0907 5032 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
16:56:49.0923 5032 CmBatt - ok
16:56:49.0970 5032 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
16:56:49.0985 5032 cmdide - ok
16:56:50.0032 5032 CNG (c4943b6c962e4b82197542447ad599f4) C:\windows\system32\Drivers\cng.sys
16:56:50.0063 5032 CNG - ok
16:56:50.0126 5032 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
16:56:50.0126 5032 Compbatt - ok
16:56:50.0204 5032 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\drivers\CompositeBus.sys
16:56:50.0204 5032 CompositeBus - ok
16:56:50.0235 5032 COMSysApp - ok
16:56:50.0251 5032 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
16:56:50.0251 5032 crcdisk - ok
16:56:50.0313 5032 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\windows\system32\cryptsvc.dll
16:56:50.0329 5032 CryptSvc - ok
16:56:50.0360 5032 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
16:56:50.0375 5032 DcomLaunch - ok
16:56:50.0422 5032 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
16:56:50.0438 5032 defragsvc - ok
16:56:50.0485 5032 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
16:56:50.0500 5032 DfsC - ok
16:56:50.0563 5032 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll
16:56:50.0578 5032 Dhcp - ok
16:56:50.0625 5032 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
16:56:50.0625 5032 discache - ok
16:56:50.0672 5032 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
16:56:50.0672 5032 Disk - ok
16:56:50.0703 5032 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll
16:56:50.0734 5032 Dnscache - ok
16:56:50.0781 5032 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll
16:56:50.0797 5032 dot3svc - ok
16:56:50.0875 5032 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll
16:56:50.0875 5032 DPS - ok
16:56:50.0937 5032 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
16:56:50.0937 5032 drmkaud - ok
16:56:50.0984 5032 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
16:56:51.0015 5032 DXGKrnl - ok
16:56:51.0077 5032 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
16:56:51.0077 5032 EapHost - ok
16:56:51.0171 5032 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
16:56:51.0218 5032 ebdrv - ok
16:56:51.0296 5032 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe
16:56:51.0296 5032 EFS - ok
16:56:51.0374 5032 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe
16:56:51.0389 5032 ehRecvr - ok
16:56:51.0421 5032 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
16:56:51.0421 5032 ehSched - ok
16:56:51.0514 5032 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
16:56:51.0530 5032 elxstor - ok
16:56:51.0561 5032 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
16:56:51.0561 5032 ErrDev - ok
16:56:51.0608 5032 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
16:56:51.0608 5032 EventSystem - ok
16:56:51.0686 5032 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
16:56:51.0717 5032 exfat - ok
16:56:51.0733 5032 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
16:56:51.0748 5032 fastfat - ok
16:56:51.0795 5032 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe
16:56:51.0811 5032 Fax - ok
16:56:51.0873 5032 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
16:56:51.0889 5032 fdc - ok
16:56:51.0920 5032 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
16:56:51.0920 5032 fdPHost - ok
16:56:51.0935 5032 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
16:56:51.0951 5032 FDResPub - ok
16:56:51.0967 5032 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
16:56:51.0967 5032 FileInfo - ok
16:56:51.0982 5032 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
16:56:51.0982 5032 Filetrace - ok
16:56:51.0998 5032 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
16:56:51.0998 5032 flpydisk - ok
16:56:52.0045 5032 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
16:56:52.0060 5032 FltMgr - ok
16:56:52.0091 5032 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll
16:56:52.0123 5032 FontCache - ok
16:56:52.0201 5032 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:56:52.0216 5032 FontCache3.0.0.0 - ok
16:56:52.0279 5032 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
16:56:52.0279 5032 FsDepends - ok
16:56:52.0325 5032 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\windows\system32\drivers\Fs_Rec.sys
16:56:52.0341 5032 Fs_Rec - ok
16:56:52.0372 5032 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
16:56:52.0388 5032 fvevol - ok
16:56:52.0435 5032 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
16:56:52.0435 5032 gagp30kx - ok
16:56:52.0513 5032 ggflt (a4198f2bd8aa592cb90476277a81b5e1) C:\windows\system32\DRIVERS\ggflt.sys
16:56:52.0513 5032 ggflt - ok
16:56:52.0544 5032 ggsemc (d266350bdaab9eb6c1aec370eeaaff3a) C:\windows\system32\DRIVERS\ggsemc.sys
16:56:52.0544 5032 ggsemc - ok
16:56:52.0606 5032 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll
16:56:52.0637 5032 gpsvc - ok
16:56:52.0700 5032 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
16:56:52.0715 5032 hcw85cir - ok
16:56:52.0778 5032 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
16:56:52.0793 5032 HdAudAddService - ok
16:56:52.0840 5032 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\drivers\HDAudBus.sys
16:56:52.0840 5032 HDAudBus - ok
16:56:52.0856 5032 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
16:56:52.0856 5032 HidBatt - ok
16:56:52.0871 5032 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
16:56:52.0887 5032 HidBth - ok
16:56:52.0887 5032 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
16:56:52.0903 5032 HidIr - ok
16:56:52.0918 5032 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll
16:56:52.0934 5032 hidserv - ok
16:56:52.0996 5032 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys
16:56:52.0996 5032 HidUsb - ok
16:56:53.0043 5032 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll
16:56:53.0043 5032 hkmsvc - ok
16:56:53.0074 5032 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll
16:56:53.0090 5032 HomeGroupListener - ok
16:56:53.0137 5032 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll
16:56:53.0152 5032 HomeGroupProvider - ok
16:56:53.0183 5032 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
16:56:53.0183 5032 HpSAMD - ok
16:56:53.0277 5032 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
16:56:53.0324 5032 HTTP - ok
16:56:53.0371 5032 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
16:56:53.0371 5032 hwpolicy - ok
16:56:53.0402 5032 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\drivers\i8042prt.sys
16:56:53.0417 5032 i8042prt - ok
16:56:53.0495 5032 iaStor (85977cd13fc16069ce0af7943a811775) C:\windows\system32\DRIVERS\iaStor.sys
16:56:53.0495 5032 iaStor - ok
16:56:53.0558 5032 IAStorDataMgrSvc (f627bc830ee548527966288e4968aac0) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
16:56:53.0558 5032 IAStorDataMgrSvc - ok
16:56:53.0589 5032 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
16:56:53.0605 5032 iaStorV - ok
16:56:53.0698 5032 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:56:53.0745 5032 idsvc - ok
16:56:53.0963 5032 igfx (677aa5991026a65ada128c4b59cf2bad) C:\windows\system32\DRIVERS\igdkmd64.sys
16:56:54.0166 5032 igfx - ok
16:56:54.0244 5032 IGRS (d951d20153e51928f9db2227d6ff5c7a) C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe
16:56:54.0260 5032 IGRS - ok
16:56:54.0338 5032 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
16:56:54.0338 5032 iirsp - ok
16:56:54.0400 5032 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll
16:56:54.0416 5032 IKEEXT - ok
16:56:54.0463 5032 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\windows\system32\DRIVERS\Impcd.sys
16:56:54.0463 5032 Impcd - ok
16:56:54.0556 5032 IntcAzAudAddService (d6b90d1208cfc57e9f213357bcc41a3c) C:\windows\system32\drivers\RTKVHD64.sys
16:56:54.0619 5032 IntcAzAudAddService - ok
16:56:54.0728 5032 IntcDAud (58cf58dee26c909bd6f977b61d246295) C:\windows\system32\DRIVERS\IntcDAud.sys
16:56:54.0728 5032 IntcDAud - ok
16:56:54.0775 5032 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
16:56:54.0775 5032 intelide - ok
16:56:54.0806 5032 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
16:56:54.0821 5032 intelppm - ok
16:56:54.0853 5032 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
16:56:54.0884 5032 IPBusEnum - ok
16:56:54.0962 5032 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
16:56:54.0977 5032 IpFilterDriver - ok
16:56:55.0024 5032 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\windows\System32\iphlpsvc.dll
16:56:55.0040 5032 iphlpsvc - ok
16:56:55.0071 5032 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
16:56:55.0071 5032 IPMIDRV - ok
16:56:55.0118 5032 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
16:56:55.0118 5032 IPNAT - ok
16:56:55.0180 5032 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
16:56:55.0180 5032 IRENUM - ok
16:56:55.0211 5032 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
16:56:55.0211 5032 isapnp - ok
16:56:55.0243 5032 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
16:56:55.0243 5032 iScsiPrt - ok
16:56:55.0289 5032 k57nd60a (7dbafe10c1b777305c80bea42fbda710) C:\windows\system32\DRIVERS\k57nd60a.sys
16:56:55.0289 5032 k57nd60a - ok
16:56:55.0321 5032 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\drivers\kbdclass.sys
16:56:55.0336 5032 kbdclass - ok
16:56:55.0383 5032 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\drivers\kbdhid.sys
16:56:55.0399 5032 kbdhid - ok
16:56:55.0477 5032 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
16:56:55.0477 5032 KeyIso - ok
16:56:55.0492 5032 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\windows\system32\Drivers\ksecdd.sys
16:56:55.0508 5032 KSecDD - ok
16:56:55.0523 5032 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\windows\system32\Drivers\ksecpkg.sys
16:56:55.0539 5032 KSecPkg - ok
16:56:55.0586 5032 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
16:56:55.0586 5032 ksthunk - ok
16:56:55.0633 5032 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
16:56:55.0648 5032 KtmRm - ok
16:56:55.0711 5032 L1C (55480b9c63f3f91a8ebbadcbf28fe581) C:\windows\system32\DRIVERS\L1C62x64.sys
16:56:55.0726 5032 L1C - ok
16:56:55.0773 5032 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\system32\srvsvc.dll
16:56:55.0789 5032 LanmanServer - ok
16:56:55.0835 5032 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll
16:56:55.0851 5032 LanmanWorkstation - ok
16:56:55.0913 5032 Lenovo ReadyComm AppSvc (7fcb3ec66361f157bcd5b5c33ce2ac16) C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
16:56:55.0945 5032 Lenovo ReadyComm AppSvc - ok
16:56:55.0960 5032 Lenovo ReadyComm ConnSvc (5287074e79e4ba82510886f684dc5f72) C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
16:56:55.0991 5032 Lenovo ReadyComm ConnSvc - ok
16:56:56.0069 5032 LHDmgr (be166935083f9c38edfdc21b9a7a679b) C:\windows\system32\DRIVERS\LhdX64.sys
16:56:56.0069 5032 LHDmgr - ok
16:56:56.0116 5032 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
16:56:56.0132 5032 lltdio - ok
16:56:56.0179 5032 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
16:56:56.0179 5032 lltdsvc - ok
16:56:56.0225 5032 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
16:56:56.0225 5032 lmhosts - ok
16:56:56.0272 5032 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
16:56:56.0288 5032 LSI_FC - ok
16:56:56.0303 5032 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
16:56:56.0319 5032 LSI_SAS - ok
16:56:56.0335 5032 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
16:56:56.0335 5032 LSI_SAS2 - ok
16:56:56.0350 5032 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
16:56:56.0350 5032 LSI_SCSI - ok
16:56:56.0397 5032 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
16:56:56.0397 5032 luafv - ok
16:56:56.0444 5032 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll
16:56:56.0459 5032 Mcx2Svc - ok
16:56:56.0491 5032 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
16:56:56.0506 5032 megasas - ok
16:56:56.0553 5032 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
16:56:56.0569 5032 MegaSR - ok
16:56:56.0584 5032 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
16:56:56.0600 5032 MMCSS - ok
16:56:56.0615 5032 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
16:56:56.0615 5032 Modem - ok
16:56:56.0647 5032 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
16:56:56.0647 5032 monitor - ok
16:56:56.0709 5032 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\drivers\mouclass.sys
16:56:56.0709 5032 mouclass - ok
16:56:56.0787 5032 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
16:56:56.0787 5032 mouhid - ok
16:56:56.0849 5032 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
16:56:56.0849 5032 mountmgr - ok
16:56:56.0881 5032 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
16:56:56.0881 5032 mpio - ok
16:56:56.0912 5032 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
16:56:56.0912 5032 mpsdrv - ok
16:56:56.0974 5032 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\windows\system32\mpssvc.dll
16:56:56.0990 5032 MpsSvc - ok
16:56:57.0083 5032 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
16:56:57.0083 5032 MRxDAV - ok
16:56:57.0115 5032 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
16:56:57.0130 5032 mrxsmb - ok
16:56:57.0161 5032 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
16:56:57.0177 5032 mrxsmb10 - ok
16:56:57.0193 5032 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
16:56:57.0193 5032 mrxsmb20 - ok
16:56:57.0224 5032 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
16:56:57.0224 5032 msahci - ok
16:56:57.0271 5032 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
16:56:57.0271 5032 msdsm - ok
16:56:57.0333 5032 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
16:56:57.0349 5032 MSDTC - ok
16:56:57.0395 5032 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
16:56:57.0395 5032 Msfs - ok
16:56:57.0427 5032 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
16:56:57.0442 5032 mshidkmdf - ok
16:56:57.0473 5032 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
16:56:57.0473 5032 msisadrv - ok
16:56:57.0505 5032 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
16:56:57.0520 5032 MSiSCSI - ok
16:56:57.0567 5032 msiserver - ok
16:56:57.0614 5032 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
16:56:57.0614 5032 MSKSSRV - ok
16:56:57.0645 5032 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
16:56:57.0645 5032 MSPCLOCK - ok
16:56:57.0661 5032 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
16:56:57.0661 5032 MSPQM - ok
16:56:57.0707 5032 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
16:56:57.0707 5032 MsRPC - ok
16:56:57.0754 5032 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\drivers\mssmbios.sys
16:56:57.0754 5032 mssmbios - ok
16:56:57.0785 5032 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
16:56:57.0785 5032 MSTEE - ok
16:56:57.0848 5032 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
16:56:57.0863 5032 MTConfig - ok
16:56:57.0895 5032 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
16:56:57.0910 5032 Mup - ok
16:56:57.0957 5032 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll
16:56:57.0973 5032 napagent - ok
16:56:58.0051 5032 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
16:56:58.0066 5032 NativeWifiP - ok
16:56:58.0097 5032 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys
16:56:58.0113 5032 NDIS - ok
16:56:58.0144 5032 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
16:56:58.0144 5032 NdisCap - ok
16:56:58.0222 5032 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
16:56:58.0222 5032 NdisTapi - ok
16:56:58.0253 5032 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
16:56:58.0269 5032 Ndisuio - ok
16:56:58.0300 5032 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
16:56:58.0316 5032 NdisWan - ok
16:56:58.0347 5032 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
16:56:58.0363 5032 NDProxy - ok
16:56:58.0394 5032 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
16:56:58.0425 5032 NetBIOS - ok
16:56:58.0487 5032 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
16:56:58.0503 5032 NetBT - ok
16:56:58.0534 5032 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
16:56:58.0534 5032 Netlogon - ok
16:56:58.0581 5032 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
16:56:58.0597 5032 Netman - ok
16:56:58.0628 5032 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
16:56:58.0628 5032 netprofm - ok
16:56:58.0721 5032 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:56:58.0737 5032 NetTcpPortSharing - ok
16:56:58.0862 5032 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\windows\system32\DRIVERS\netw5v64.sys
16:56:58.0940 5032 netw5v64 - ok
16:56:59.0018 5032 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
16:56:59.0033 5032 nfrd960 - ok
16:56:59.0080 5032 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll
16:56:59.0096 5032 NlaSvc - ok
16:56:59.0111 5032 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
16:56:59.0127 5032 Npfs - ok
16:56:59.0143 5032 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
16:56:59.0158 5032 nsi - ok
16:56:59.0174 5032 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
16:56:59.0174 5032 nsiproxy - ok
16:56:59.0236 5032 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
16:56:59.0283 5032 Ntfs - ok
16:56:59.0345 5032 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
16:56:59.0345 5032 Null - ok
16:56:59.0564 5032 nvlddmkm (9f6ade7ec1d5480ad1ef370859b26d5a) C:\windows\system32\DRIVERS\nvlddmkm.sys
16:56:59.0782 5032 nvlddmkm - ok
16:56:59.0860 5032 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
16:56:59.0876 5032 nvraid - ok
16:56:59.0891 5032 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
16:56:59.0891 5032 nvstor - ok
16:56:59.0938 5032 nvsvc (628167d7e894807ef883a13e34172c3c) C:\windows\system32\nvvsvc.exe
16:56:59.0954 5032 nvsvc - ok
16:57:00.0001 5032 nvUpdatusService (1681e56145a43c0f1eda60618d7afd60) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
16:57:00.0032 5032 nvUpdatusService - ok
16:57:00.0110 5032 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
16:57:00.0110 5032 nv_agp - ok
16:57:00.0203 5032 odserv (84de1dd996b48b05ace31ad015fa108a) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:57:00.0250 5032 odserv - ok
16:57:00.0328 5032 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
16:57:00.0328 5032 ohci1394 - ok
16:57:00.0406 5032 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:57:00.0422 5032 ose - ok
16:57:00.0453 5032 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
16:57:00.0469 5032 p2pimsvc - ok
16:57:00.0515 5032 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
16:57:00.0531 5032 p2psvc - ok
16:57:00.0562 5032 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
16:57:00.0578 5032 Parport - ok
16:57:00.0625 5032 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\windows\system32\drivers\partmgr.sys
16:57:00.0625 5032 partmgr - ok
16:57:00.0656 5032 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
16:57:00.0671 5032 PcaSvc - ok
16:57:00.0734 5032 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
16:57:00.0749 5032 pci - ok
16:57:00.0765 5032 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
16:57:00.0781 5032 pciide - ok
16:57:00.0796 5032 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
16:57:00.0812 5032 pcmcia - ok
16:57:00.0843 5032 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
16:57:00.0843 5032 pcw - ok
16:57:00.0874 5032 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
16:57:00.0905 5032 PEAUTH - ok
16:57:00.0968 5032 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
16:57:00.0983 5032 PerfHost - ok
16:57:01.0077 5032 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll
16:57:01.0093 5032 pla - ok
16:57:01.0155 5032 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll
16:57:01.0171 5032 PlugPlay - ok
16:57:01.0217 5032 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
16:57:01.0217 5032 PNRPAutoReg - ok
16:57:01.0233 5032 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
16:57:01.0233 5032 PNRPsvc - ok
16:57:01.0280 5032 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll
16:57:01.0295 5032 PolicyAgent - ok
16:57:01.0327 5032 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
16:57:01.0327 5032 Power - ok
16:57:01.0420 5032 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
16:57:01.0436 5032 PptpMiniport - ok
16:57:01.0451 5032 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
16:57:01.0467 5032 Processor - ok
16:57:01.0514 5032 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\windows\system32\profsvc.dll
16:57:01.0529 5032 ProfSvc - ok
16:57:01.0561 5032 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
16:57:01.0561 5032 ProtectedStorage - ok
16:57:01.0639 5032 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
16:57:01.0639 5032 Psched - ok
16:57:01.0670 5032 PS_MDP - ok
16:57:01.0732 5032 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
16:57:01.0763 5032 ql2300 - ok
16:57:01.0810 5032 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
16:57:01.0826 5032 ql40xx - ok
16:57:01.0873 5032 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
16:57:01.0873 5032 QWAVE - ok
16:57:01.0904 5032 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
16:57:01.0919 5032 QWAVEdrv - ok
16:57:01.0919 5032 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
16:57:01.0935 5032 RasAcd - ok
16:57:01.0966 5032 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
16:57:01.0966 5032 RasAgileVpn - ok
16:57:01.0982 5032 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
16:57:01.0997 5032 RasAuto - ok
16:57:02.0029 5032 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
16:57:02.0044 5032 Rasl2tp - ok
16:57:02.0122 5032 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll
16:57:02.0138 5032 RasMan - ok
16:57:02.0169 5032 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
16:57:02.0169 5032 RasPppoe - ok
16:57:02.0200 5032 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
16:57:02.0200 5032 RasSstp - ok
16:57:02.0247 5032 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
16:57:02.0263 5032 rdbss - ok
16:57:02.0278 5032 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
16:57:02.0294 5032 rdpbus - ok
16:57:02.0309 5032 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
16:57:02.0325 5032 RDPCDD - ok
16:57:02.0403 5032 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
16:57:02.0403 5032 RDPENCDD - ok
16:57:02.0434 5032 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
16:57:02.0434 5032 RDPREFMP - ok
16:57:02.0465 5032 RDPWD (6d76e6433574b058adcb0c50df834492) C:\windows\system32\drivers\RDPWD.sys
16:57:02.0481 5032 RDPWD - ok
16:57:02.0528 5032 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
16:57:02.0528 5032 rdyboost - ok
16:57:02.0543 5032 ReadyComm.DirectRouter - ok
16:57:02.0606 5032 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
16:57:02.0606 5032 RemoteAccess - ok
16:57:02.0653 5032 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
16:57:02.0668 5032 RemoteRegistry - ok
16:57:02.0715 5032 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\windows\system32\DRIVERS\rfcomm.sys
16:57:02.0731 5032 RFCOMM - ok
16:57:02.0762 5032 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
16:57:02.0762 5032 RpcEptMapper - ok
16:57:02.0793 5032 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
16:57:02.0793 5032 RpcLocator - ok
16:57:02.0871 5032 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
16:57:02.0871 5032 RpcSs - ok
16:57:02.0902 5032 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
16:57:02.0918 5032 rspndr - ok
16:57:02.0965 5032 RSUSBSTOR (502b316947ea887cddd325d4745eb7d0) C:\windows\system32\Drivers\RtsUStor.sys
16:57:02.0980 5032 RSUSBSTOR - ok
16:57:02.0980 5032 RtsUIR - ok
16:57:03.0011 5032 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
16:57:03.0011 5032 SamSs - ok
16:57:03.0074 5032 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
16:57:03.0089 5032 sbp2port - ok
16:57:03.0136 5032 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
16:57:03.0152 5032 SCardSvr - ok
16:57:03.0199 5032 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
16:57:03.0199 5032 scfilter - ok
16:57:03.0245 5032 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll
16:57:03.0277 5032 Schedule - ok
16:57:03.0339 5032 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
16:57:03.0339 5032 SCPolicySvc - ok
16:57:03.0386 5032 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll
16:57:03.0386 5032 SDRSVC - ok
16:57:03.0448 5032 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
16:57:03.0448 5032 secdrv - ok
16:57:03.0464 5032 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll
16:57:03.0464 5032 seclogon - ok
16:57:03.0495 5032 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll
16:57:03.0511 5032 SENS - ok
16:57:03.0557 5032 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
16:57:03.0573 5032 SensrSvc - ok
16:57:03.0589 5032 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
16:57:03.0589 5032 Serenum - ok
16:57:03.0620 5032 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
16:57:03.0635 5032 Serial - ok
16:57:03.0667 5032 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
16:57:03.0667 5032 sermouse - ok
16:57:03.0713 5032 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll
16:57:03.0713 5032 SessionEnv - ok
16:57:03.0760 5032 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
16:57:03.0776 5032 sffdisk - ok
16:57:03.0791 5032 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
16:57:03.0807 5032 sffp_mmc - ok
16:57:03.0838 5032 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
16:57:03.0838 5032 sffp_sd - ok
16:57:03.0885 5032 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
16:57:03.0885 5032 sfloppy - ok
16:57:03.0932 5032 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll
16:57:03.0963 5032 SharedAccess - ok
16:57:03.0994 5032 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll
16:57:04.0010 5032 ShellHWDetection - ok
16:57:04.0057 5032 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
16:57:04.0057 5032 SiSRaid2 - ok
16:57:04.0072 5032 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
16:57:04.0072 5032 SiSRaid4 - ok
16:57:04.0135 5032 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
16:57:04.0135 5032 Smb - ok
16:57:04.0181 5032 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
16:57:04.0181 5032 SNMPTRAP - ok
16:57:04.0197 5032 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
16:57:04.0197 5032 spldr - ok
16:57:04.0244 5032 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe
16:57:04.0244 5032 Spooler - ok
16:57:04.0353 5032 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe
16:57:04.0431 5032 sppsvc - ok
16:57:04.0478 5032 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
16:57:04.0478 5032 sppuinotify - ok
16:57:04.0540 5032 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
16:57:04.0556 5032 srv - ok
16:57:04.0571 5032 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
16:57:04.0587 5032 srv2 - ok
16:57:04.0603 5032 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
16:57:04.0634 5032 srvnet - ok
16:57:04.0681 5032 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
16:57:04.0696 5032 SSDPSRV - ok
16:57:04.0727 5032 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
16:57:04.0727 5032 SstpSvc - ok
16:57:04.0774 5032 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
16:57:04.0774 5032 stexstor - ok
16:57:04.0837 5032 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll
16:57:04.0852 5032 stisvc - ok
16:57:04.0915 5032 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\drivers\swenum.sys
16:57:04.0915 5032 swenum - ok
16:57:04.0977 5032 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
16:57:04.0977 5032 swprv - ok
16:57:05.0039 5032 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll
16:57:05.0071 5032 SysMain - ok
16:57:05.0117 5032 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll
16:57:05.0133 5032 TabletInputService - ok
16:57:05.0164 5032 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll
16:57:05.0180 5032 TapiSrv - ok
16:57:05.0211 5032 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
16:57:05.0211 5032 TBS - ok
16:57:05.0273 5032 Tcpip (fc62769e7bff2896035aeed399108162) C:\windows\system32\drivers\tcpip.sys
16:57:05.0320 5032 Tcpip - ok
16:57:05.0414 5032 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\windows\system32\DRIVERS\tcpip.sys
16:57:05.0414 5032 TCPIP6 - ok
16:57:05.0461 5032 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
16:57:05.0461 5032 tcpipreg - ok
16:57:05.0492 5032 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
16:57:05.0492 5032 TDPIPE - ok
16:57:05.0539 5032 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys
16:57:05.0539 5032 TDTCP - ok
16:57:05.0585 5032 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
16:57:05.0585 5032 tdx - ok
16:57:05.0617 5032 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\drivers\termdd.sys
16:57:05.0617 5032 TermDD - ok
16:57:05.0648 5032 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll
16:57:05.0679 5032 TermService - ok
16:57:05.0741 5032 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
16:57:05.0741 5032 Themes - ok
16:57:05.0773 5032 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
16:57:05.0773 5032 THREADORDER - ok
16:57:05.0788 5032 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
16:57:05.0804 5032 TrkWks - ok
16:57:05.0835 5032 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe
16:57:05.0835 5032 TrustedInstaller - ok
16:57:05.0882 5032 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
16:57:05.0897 5032 tssecsrv - ok
16:57:05.0929 5032 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
16:57:05.0960 5032 TsUsbFlt - ok
16:57:06.0038 5032 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
16:57:06.0053 5032 tunnel - ok
16:57:06.0085 5032 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
16:57:06.0085 5032 uagp35 - ok
16:57:06.0131 5032 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
16:57:06.0147 5032 udfs - ok
16:57:06.0178 5032 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
16:57:06.0178 5032 UI0Detect - ok
16:57:06.0241 5032 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
16:57:06.0256 5032 uliagpkx - ok
16:57:06.0319 5032 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\drivers\umbus.sys
16:57:06.0334 5032 umbus - ok
16:57:06.0365 5032 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
16:57:06.0365 5032 UmPass - ok
16:57:06.0397 5032 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
16:57:06.0412 5032 upnphost - ok
16:57:06.0475 5032 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\windows\system32\drivers\usbaudio.sys
16:57:06.0490 5032 usbaudio - ok
16:57:06.0537 5032 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
16:57:06.0553 5032 usbccgp - ok
16:57:06.0553 5032 USBCCID - ok
16:57:06.0599 5032 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
16:57:06.0599 5032 usbcir - ok
16:57:06.0631 5032 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\drivers\usbehci.sys
16:57:06.0631 5032 usbehci - ok
16:57:06.0662 5032 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
16:57:06.0677 5032 usbhub - ok
16:57:06.0693 5032 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\drivers\usbohci.sys
16:57:06.0693 5032 usbohci - ok
16:57:06.0740 5032 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
16:57:06.0740 5032 usbprint - ok
16:57:06.0787 5032 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\windows\system32\DRIVERS\usbscan.sys
16:57:06.0787 5032 usbscan - ok
16:57:06.0865 5032 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS
16:57:06.0865 5032 USBSTOR - ok
16:57:06.0896 5032 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\drivers\usbuhci.sys
16:57:06.0911 5032 usbuhci - ok
16:57:06.0958 5032 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\System32\Drivers\usbvideo.sys
16:57:06.0958 5032 usbvideo - ok
16:57:06.0989 5032 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
16:57:06.0989 5032 UxSms - ok
16:57:07.0036 5032 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
16:57:07.0036 5032 VaultSvc - ok
16:57:07.0067 5032 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
16:57:07.0083 5032 vdrvroot - ok
16:57:07.0145 5032 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe
16:57:07.0161 5032 vds - ok
16:57:07.0192 5032 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
16:57:07.0192 5032 vga - ok
16:57:07.0208 5032 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
16:57:07.0208 5032 VgaSave - ok
16:57:07.0270 5032 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
16:57:07.0286 5032 vhdmp - ok
16:57:07.0317 5032 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
16:57:07.0317 5032 viaide - ok
16:57:07.0364 5032 vm331avs (c49ff968cf459dbe57cfadbc36988aae) C:\windows\system32\Drivers\vm331avs.sys
16:57:07.0364 5032 vm331avs - ok
16:57:07.0395 5032 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
16:57:07.0411 5032 volmgr - ok
16:57:07.0457 5032 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
16:57:07.0473 5032 volmgrx - ok
16:57:07.0535 5032 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
16:57:07.0551 5032 volsnap - ok
16:57:07.0598 5032 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
16:57:07.0598 5032 vsmraid - ok
16:57:07.0660 5032 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe
16:57:07.0691 5032 VSS - ok
16:57:07.0738 5032 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
16:57:07.0754 5032 vwifibus - ok
16:57:07.0801 5032 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
16:57:07.0816 5032 vwififlt - ok
16:57:07.0847 5032 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\windows\system32\DRIVERS\vwifimp.sys
16:57:07.0863 5032 vwifimp - ok
16:57:07.0894 5032 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
16:57:07.0910 5032 W32Time - ok
16:57:07.0957 5032 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
16:57:07.0957 5032 WacomPen - ok
16:57:08.0019 5032 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
16:57:08.0019 5032 WANARP - ok
16:57:08.0019 5032 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
16:57:08.0019 5032 Wanarpv6 - ok
16:57:08.0097 5032 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe
16:57:08.0128 5032 wbengine - ok
16:57:08.0175 5032 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
16:57:08.0191 5032 WbioSrvc - ok
16:57:08.0253 5032 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll
16:57:08.0269 5032 wcncsvc - ok
16:57:08.0284 5032 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
16:57:08.0300 5032 WcsPlugInService - ok
16:57:08.0331 5032 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
16:57:08.0331 5032 Wd - ok
16:57:08.0362 5032 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
16:57:08.0378 5032 Wdf01000 - ok
16:57:08.0456 5032 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
16:57:08.0456 5032 WdiServiceHost - ok
16:57:08.0456 5032 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
16:57:08.0471 5032 WdiSystemHost - ok
16:57:08.0503 5032 wdmirror (2a444acf7dd446505bcc801f8f6ae5fd) C:\windows\system32\DRIVERS\WDMirror.sys
16:57:08.0503 5032 wdmirror - ok
16:57:08.0549 5032 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll
16:57:08.0565 5032 WebClient - ok
16:57:08.0581 5032 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
16:57:08.0596 5032 Wecsvc - ok
16:57:08.0612 5032 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
16:57:08.0627 5032 wercplsupport - ok
16:57:08.0659 5032 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
16:57:08.0659 5032 WerSvc - ok
16:57:08.0737 5032 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
16:57:08.0737 5032 WfpLwf - ok
16:57:08.0783 5032 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\windows\system32\DRIVERS\wimfltr.sys
16:57:08.0783 5032 WimFltr - ok
16:57:08.0815 5032 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
16:57:08.0815 5032 WIMMount - ok
16:57:08.0846 5032 WinDefend - ok
16:57:08.0846 5032 WinHttpAutoProxySvc - ok
16:57:08.0908 5032 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
16:57:08.0924 5032 Winmgmt - ok
16:57:09.0017 5032 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll
16:57:09.0049 5032 WinRM - ok
16:57:09.0173 5032 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys
16:57:09.0173 5032 WinUsb - ok
16:57:09.0220 5032 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
16:57:09.0251 5032 Wlansvc - ok
16:57:09.0329 5032 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys
16:57:09.0329 5032 WmiAcpi - ok
16:57:09.0376 5032 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
16:57:09.0392 5032 wmiApSrv - ok
16:57:09.0423 5032 WMPNetworkSvc - ok
16:57:09.0470 5032 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
16:57:09.0470 5032 WPCSvc - ok
16:57:09.0548 5032 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll
16:57:09.0548 5032 WPDBusEnum - ok
16:57:09.0579 5032 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
16:57:09.0595 5032 ws2ifsl - ok
16:57:09.0626 5032 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\windows\System32\wscsvc.dll
16:57:09.0626 5032 wscsvc - ok
16:57:09.0641 5032 WSearch - ok
16:57:09.0751 5032 wsvd (83575c43b2bfe9ab0661a7f957e843c0) C:\windows\system32\DRIVERS\wsvd.sys
16:57:09.0766 5032 wsvd - ok
16:57:09.0829 5032 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\windows\system32\wuaueng.dll
16:57:09.0875 5032 wuauserv - ok
16:57:09.0907 5032 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
16:57:09.0938 5032 WudfPf - ok
16:57:10.0016 5032 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
16:57:10.0016 5032 WUDFRd - ok
16:57:10.0047 5032 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll
16:57:10.0063 5032 wudfsvc - ok
16:57:10.0094 5032 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll
16:57:10.0109 5032 WwanSvc - ok
16:57:10.0156 5032 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
16:57:10.0172 5032 \Device\Harddisk0\DR0 - ok
16:57:10.0172 5032 Boot (0x1200) (8a713d7c7d9005a59fc8344c692ce3ed) \Device\Harddisk0\DR0\Partition0
16:57:10.0172 5032 \Device\Harddisk0\DR0\Partition0 - ok
16:57:10.0187 5032 Boot (0x1200) (9d0954d04eba1546457cdcbd6dabec1b) \Device\Harddisk0\DR0\Partition1
16:57:10.0187 5032 \Device\Harddisk0\DR0\Partition1 - ok
16:57:10.0203 5032 Boot (0x1200) (a9020056230583a24c14c3a5993bd568) \Device\Harddisk0\DR0\Partition2
16:57:10.0203 5032 \Device\Harddisk0\DR0\Partition2 - ok
16:57:10.0203 5032 ============================================================
16:57:10.0203 5032 Scan finished
16:57:10.0203 5032 ============================================================
16:57:10.0219 5088 Detected object count: 0
16:57:10.0219 5088 Actual detected object count: 0
########################### 13. Durchsuchen der Registry nach "BrowserConnection.dll" -Es werden Einträge gefunden, welche ich aber nicht einfach löschen will. ########################### Jetzt bin ich mit meinem persönlichen Latein so ziemlich am Ende. Bin für jede Hilfe dankbar. |
| Themen zu searchnu.com/410 Trojaner eingefangen |
| autostart, bandoo, chip.de, dateien, dateien gelöscht, desinfec't, download, dvd, dxgkrnl, fehlermeldung, firefox, fontcache, gen, installation, lanmanworkstation, laptop, lenovo, log, malwarebytes, meldung, nicht mehr, notebook, plötzlich, policyagent, quarantäne, reboot, scan, searchnu trojaner, searchnu.com/410, searchqu toolbar, seite, spybot, startseite, trojan.generic., trojaner, trojaner-board, trustedinstaller, tunnel, virenscanner, win, win32/toolbar.searchsuite, wlansvc, wsearch, zugriff |
Baum-Darstellung