| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: JS: Downloader-BQF [Trj] (Engine B) auf PC gefunden und falsch reagiertWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
02.09.2012, 10:41
| #1 |
| | ![JS: Downloader-BQF [Trj] (Engine B) auf PC gefunden und falsch reagiert - Standard](images/icons/icon1.gif){kind=icon} JS: Downloader-BQF [Trj] (Engine B) auf PC gefunden und falsch reagiert Hallo, seit Donnerstag habe ich bemerkt das auf meinem PC im Hintergrund irgendein Download läuft. Dieser startet sofort wenn ich den PC hochfahre und wiederholt sich jede Stunde. Ich habe kein weiteres Programm installiert welches sich updaten könnte. Darauf hin habe ich den Suchlauf meines Virenscanners laufen lassen und den im Titel genannten Trojaner gefunden: Code:
ATTFilter Virenprüfung mit G Data AntiVirus
Version 23.0.3.2 (04.06.2012)
Virensignaturen vom 29.08.2012
Startzeit: 31.08.2012 01:41:37
Engine(s): Engine A (AVA 22.5928), Engine B (AVL 22.1148)
Heuristik: Ein
Archive: Ein
Systembereiche: Ein
RootKits prüfen: Ein
Prüfung der Systembereiche...
Prüfung aller im Speicher befindlichen Prozesse und Verweise im Autostart...
Prüfung auf RootKits...
Prüfung aller lokalen Festplatten...
Analyse vollständig durchgeführt: 31.08.2012 02:57:31
154102 Dateien überprüft
1 infizierte Dateien gefunden
0 verdächtige Dateien gefunden
Objekt: 8F579d01
Pfad: C:\Users\Psychovayne\AppData\Local\Mozilla\Firefox\Profiles\q9n29tbc.default\Cache\8\F5
Status: Virus konnte nicht entfernt werden
Virus: JS: Downloader-BQF [Trj] (Engine B)
Da ich überhaupt keine Ahnung von dieser Thematik habe, habe ich im Anschluss glaube ich etwas blöd gehandelt und Firefox komplett gelöscht. Seit dem findet Gdata den Trojaner natürlich nicht mehr aber der unbekannte Hintergrunddownload geht stündlich weiter. Hier mein mbam-log: Code:
ATTFilter Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Datenbank Version: v2012.09.02.02 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Psychovayne :: PSYCHOVAYNES-PC [Administrator] 02.09.2012 09:24:17 mbam-log-2012-09-02 (09-24-17).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 324236 Laufzeit: 55 Minute(n), 4 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Der defogger-log Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 10:22 on 02/09/2012 (Psychovayne)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Der otl.txt log Code:
ATTFilter OTL logfile created on: 02.09.2012 10:27:30 - Run 1 OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\Psychovayne\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,99 Gb Total Physical Memory | 1,71 Gb Available Physical Memory | 57,22% Memory free 5,98 Gb Paging File | 4,25 Gb Available in Paging File | 71,05% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 156,15 Gb Total Space | 120,18 Gb Free Space | 76,97% Space Free | Partition Type: NTFS Drive D: | 439,92 Gb Total Space | 359,51 Gb Free Space | 81,72% Space Free | Partition Type: NTFS Drive E: | 3,25 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: PSYCHOVAYNES-PC | User Name: Psychovayne | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.09.02 08:37:34 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Psychovayne\Desktop\OTL.exe PRC - [2012.07.30 18:01:02 | 003,075,920 | ---- | M] (Emsisoft GmbH) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012.05.26 06:32:24 | 004,327,744 | -H-- | M] (Akamai Technologies, Inc) -- C:\Users\Psychovayne\AppData\Local\Akamai\netsession_win.exe PRC - [2012.05.25 14:19:24 | 001,540,120 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe PRC - [2012.05.24 05:23:01 | 000,985,624 | ---- | M] (G Data Software AG) -- D:\Programme\G Data\InternetSecurity\AVKTray\AVKTray.exe PRC - [2012.03.29 04:42:27 | 000,470,008 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe PRC - [2012.03.25 17:21:48 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2012.01.27 05:13:02 | 001,470,968 | ---- | M] (G Data Software AG) -- D:\Programme\G Data\InternetSecurity\Firewall\GDFirewallTray.exe PRC - [2012.01.27 04:43:34 | 000,468,472 | ---- | M] (G Data Software AG) -- D:\Programme\G Data\InternetSecurity\AVK\AVKService.exe ========== Modules (No Company Name) ========== ========== Win32 Services (SafeList) ========== SRV:64bit: - [2012.07.28 04:09:44 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2007.04.20 12:24:32 | 000,566,704 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxblcoms.exe -- (lxbl_device) SRV - [2012.08.26 09:07:13 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.07.30 18:01:02 | 003,075,920 | ---- | M] (Emsisoft GmbH) [Auto | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware) SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.07.10 19:56:16 | 004,419,392 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll -- (Akamai) SRV - [2012.06.04 11:50:20 | 001,766,464 | ---- | M] (G Data Software AG) [On_Demand | Running] -- D:\Programme\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe -- (GDFwSvc) SRV - [2012.06.01 05:05:18 | 002,011,056 | ---- | M] (G Data Software AG) [Auto | Running] -- D:\Programme\G Data\InternetSecurity\AVK\AVKWCtlx64.exe -- (AVKWCtl) SRV - [2012.05.25 14:19:24 | 001,540,120 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe -- (AVKProxy) SRV - [2012.03.29 04:42:27 | 000,470,008 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe -- (GDScan) SRV - [2012.03.25 17:21:48 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2012.01.27 04:43:34 | 000,468,472 | ---- | M] (G Data Software AG) [Auto | Running] -- D:\Programme\G Data\InternetSecurity\AVK\AVKService.exe -- (AVKService) SRV - [2011.12.12 21:53:34 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2011.06.29 15:59:18 | 000,155,344 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2007.04.20 12:24:20 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\lxblcoms.exe -- (lxbl_device) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.07.28 06:07:44 | 010,278,912 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2012.07.28 03:14:46 | 000,368,640 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2012.07.20 17:53:30 | 000,106,648 | ---- | M] (G Data Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\GRD.sys -- (GRD) DRV:64bit: - [2012.07.10 12:14:26 | 000,065,912 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gdwfpcd64.sys -- (gdwfpcd) DRV:64bit: - [2012.07.09 17:36:38 | 000,059,768 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PktIcpt.sys -- (GDPkIcpt) DRV:64bit: - [2012.07.09 17:36:21 | 000,122,744 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\MiniIcpt.sys -- (GDMnIcpt) DRV:64bit: - [2012.07.09 17:36:21 | 000,064,376 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\HookCentre.sys -- (HookCentre) DRV:64bit: - [2012.07.09 17:36:20 | 000,054,136 | ---- | M] (G Data Software AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\GDBehave.sys -- (GDBehave) DRV:64bit: - [2012.05.14 08:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 01:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM) DRV:64bit: - [2009.06.10 22:35:20 | 000,278,016 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1e6032e.sys -- (e1express) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2012.04.30 18:45:28 | 000,066,320 | ---- | M] (Emsisoft GmbH) [File_System | On_Demand | Running] -- C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys -- (a2acc) DRV - [2012.04.30 18:45:00 | 000,044,688 | ---- | M] (Emsisoft GmbH) [File_System | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys -- (a2injectiondriver) DRV - [2011.06.18 19:52:21 | 000,106,224 | ---- | M] (G Data Software) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\GRD.sys -- (GRD) DRV - [2011.05.19 14:10:34 | 000,023,208 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys -- (A2DDA) DRV - [2010.05.05 09:40:54 | 000,014,720 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys -- (a2util) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local> ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.102.0: C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll File not found FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.116.0: C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll File not found FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.122.0: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.07.27 00:13:43 | 000,000,000 | ---D | M] O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (G Data BankGuard) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files (x86)\Common Files\G DATA\AVKProxy\BanksafeBHO.dll (G Data Software AG) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [G Data AntiVirus Tray Application] D:\Programme\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG) O4 - HKLM..\Run: [GDFirewallTray] D:\Programme\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (G Data Software AG) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Psychovayne\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc) O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil64_11_3_300_271_ActiveX.exe -update activex File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Psychovayne\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Psychovayne\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - D:\Programme\ICQ7.4\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - D:\Programme\ICQ7.4\ICQ.exe (ICQ, LLC.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{67097538-F411-439D-BB1E-EDE4AB698777}: DhcpNameServer = 192.168.178.1 O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{3fe9e1a6-077d-11e1-af41-001a4d46d793}\Shell - "" = AutoRun O33 - MountPoints2\{3fe9e1a6-077d-11e1-af41-001a4d46d793}\Shell\AutoRun\command - "" = F:\Startme.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.09.02 09:32:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2012.09.02 09:32:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip [2012.09.02 08:37:34 | 000,597,504 | ---- | C] (OldTimer Tools) -- C:\Users\Psychovayne\Desktop\OTL.exe [2012.08.31 22:50:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battlelog Web Plugins [2012.08.31 22:12:27 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan [2012.08.31 22:12:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager [2012.08.31 22:12:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Security Task Manager [2012.08.31 20:36:40 | 000,000,000 | ---D | C] -- C:\Users\Psychovayne\AppData\Roaming\Malwarebytes [2012.08.31 20:36:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.08.31 20:36:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.08.31 20:36:08 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.08.31 20:36:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.08.31 20:15:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware [2012.08.31 20:14:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Emsisoft Anti-Malware [2012.08.31 20:14:40 | 000,000,000 | ---D | C] -- C:\Users\Psychovayne\Documents\Anti-Malware [2012.08.31 17:41:24 | 000,000,000 | ---D | C] -- C:\Users\Psychovayne\AppData\Roaming\NetMeter [2012.08.31 17:41:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetMeter [2012.08.31 03:01:39 | 000,000,000 | -H-D | C] -- C:\Users\Psychovayne\AppData\Local\G DATA [2012.08.31 02:40:18 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2012.08.30 09:52:10 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2012.08.30 09:49:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP [2012.08.30 09:49:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies [2012.08.30 09:49:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies [2012.08.30 09:49:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center [2012.08.30 09:48:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies [2012.08.30 09:48:06 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2012.08.30 09:47:59 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2012.08.30 09:47:04 | 000,000,000 | ---D | C] -- C:\AMD [2012.08.26 15:28:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net [2012.08.19 10:09:09 | 000,000,000 | -H-D | C] -- C:\Users\Psychovayne\AppData\Local\Diagnostics [2012.08.18 23:23:27 | 000,000,000 | -H-D | C] -- C:\Users\Psychovayne\AppData\Local\DDMSettings ========== Files - Modified Within 30 Days ========== [2012.09.02 10:22:19 | 000,000,000 | ---- | M] () -- C:\Users\Psychovayne\defogger_reenable [2012.09.02 10:04:05 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.09.02 09:04:29 | 000,050,477 | ---- | M] () -- C:\Users\Psychovayne\Desktop\Defogger.exe [2012.09.02 08:37:34 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Psychovayne\Desktop\OTL.exe [2012.09.02 07:50:12 | 000,014,800 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.09.02 07:50:12 | 000,014,800 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.09.02 07:42:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.09.02 07:42:20 | 2408,292,352 | -HS- | M] () -- C:\hiberfil.sys [2012.09.01 19:19:16 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.09.01 19:19:16 | 000,654,150 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.09.01 19:19:16 | 000,616,032 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.09.01 19:19:16 | 000,130,022 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.09.01 19:19:16 | 000,106,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.09.01 16:03:24 | 000,784,369 | ---- | M] () -- C:\Windows\SysWow64\sig.bin [2012.09.01 16:03:24 | 000,043,644 | ---- | M] () -- C:\Windows\SysWow64\nmp.map [2012.09.01 03:15:25 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2012.09.01 03:15:25 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012.08.31 23:52:03 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2012.08.31 20:36:15 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.08.31 20:15:11 | 000,001,091 | ---- | M] () -- C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk [2012.08.31 19:17:26 | 000,511,265 | ---- | M] () -- C:\Users\Psychovayne\Desktop\adwcleaner.exe [2012.08.31 19:01:37 | 000,094,279 | ---- | M] () -- C:\Users\Psychovayne\Documents\G Data Protokoll ID 541.html [2012.08.31 03:42:27 | 000,003,342 | ---- | M] () -- C:\Users\Psychovayne\Documents\cc_20120831_034159.reg [2012.08.31 03:41:17 | 000,017,650 | ---- | M] () -- C:\Users\Psychovayne\Documents\cc_20120831_034008.reg [2012.08.31 02:40:42 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012.08.30 09:51:24 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin [2012.08.26 23:12:58 | 000,001,433 | ---- | M] () -- C:\Users\Psychovayne\Desktop\settings.dat [2012.08.16 08:04:47 | 000,292,872 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT ========== Files Created - No Company Name ========== [2012.09.02 10:22:19 | 000,000,000 | ---- | C] () -- C:\Users\Psychovayne\defogger_reenable [2012.09.02 09:04:29 | 000,050,477 | ---- | C] () -- C:\Users\Psychovayne\Desktop\Defogger.exe [2012.08.31 20:36:15 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.08.31 20:15:11 | 000,001,091 | ---- | C] () -- C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk [2012.08.31 19:17:26 | 000,511,265 | ---- | C] () -- C:\Users\Psychovayne\Desktop\adwcleaner.exe [2012.08.31 19:01:37 | 000,094,279 | ---- | C] () -- C:\Users\Psychovayne\Documents\G Data Protokoll ID 541.html [2012.08.31 03:42:06 | 000,003,342 | ---- | C] () -- C:\Users\Psychovayne\Documents\cc_20120831_034159.reg [2012.08.31 03:40:15 | 000,017,650 | ---- | C] () -- C:\Users\Psychovayne\Documents\cc_20120831_034008.reg [2012.08.31 02:40:42 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012.08.30 09:51:24 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012.07.28 03:39:50 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012.07.28 03:39:50 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2011.08.24 18:22:28 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011.08.24 18:22:24 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011.08.24 18:22:20 | 000,000,317 | ---- | C] () -- C:\Windows\game.ini [2011.06.19 21:43:54 | 000,784,369 | ---- | C] () -- C:\Windows\SysWow64\sig.bin [2011.04.10 20:49:11 | 000,995,328 | ---- | C] ( ) -- C:\Windows\SysWow64\lxblusb1.dll [2011.04.10 20:49:11 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxblpmui.dll [2011.04.10 20:49:11 | 000,413,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxblinpa.dll [2011.04.10 20:49:11 | 000,397,312 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbliesc.dll [2011.04.10 20:49:11 | 000,385,024 | ---- | C] () -- C:\Windows\SysWow64\lxblcomx.dll [2011.04.10 20:49:11 | 000,274,432 | ---- | C] () -- C:\Windows\SysWow64\LXBLinst.dll [2011.04.10 20:49:10 | 001,224,704 | ---- | C] ( ) -- C:\Windows\SysWow64\lxblserv.dll [2011.04.10 20:49:10 | 000,696,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lxblhbn3.dll [2011.04.10 20:49:10 | 000,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\lxblcomc.dll [2011.04.10 20:49:10 | 000,585,728 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbllmpm.dll [2011.04.10 20:49:10 | 000,537,520 | ---- | C] ( ) -- C:\Windows\SysWow64\lxblcoms.exe [2011.04.10 20:49:10 | 000,421,888 | ---- | C] ( ) -- C:\Windows\SysWow64\lxblcomm.dll [2011.04.10 20:49:10 | 000,385,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxblih.exe [2011.04.10 20:49:10 | 000,381,872 | ---- | C] ( ) -- C:\Windows\SysWow64\lxblcfg.exe [2011.04.10 20:49:10 | 000,181,168 | ---- | C] ( ) -- C:\Windows\SysWow64\lxblppls.exe [2011.04.10 20:49:10 | 000,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\lxblprox.dll [2011.04.10 20:49:10 | 000,094,208 | ---- | C] ( ) -- C:\Windows\SysWow64\lxblpplc.dll [2011.03.30 19:07:10 | 001,031,168 | ---- | C] () -- C:\Windows\SysWow64\spk.dll ========== LOP Check ========== [2011.05.09 20:57:09 | 000,000,000 | ---D | M] -- C:\Users\Psychovayne\AppData\Roaming\Amazon [2012.01.27 09:42:58 | 000,000,000 | ---D | M] -- C:\Users\Psychovayne\AppData\Roaming\DVDVideoSoft [2011.04.18 13:34:39 | 000,000,000 | ---D | M] -- C:\Users\Psychovayne\AppData\Roaming\DVDVideoSoftIEHelpers [2012.08.23 20:38:16 | 000,000,000 | ---D | M] -- C:\Users\Psychovayne\AppData\Roaming\ICQ [2012.04.08 18:09:31 | 000,000,000 | ---D | M] -- C:\Users\Psychovayne\AppData\Roaming\LolClient [2012.05.25 22:37:04 | 000,000,000 | ---D | M] -- C:\Users\Psychovayne\AppData\Roaming\LolClient2 [2011.07.10 10:37:33 | 000,000,000 | ---D | M] -- C:\Users\Psychovayne\AppData\Roaming\MobMapUpdater [2012.08.31 17:46:24 | 000,000,000 | ---D | M] -- C:\Users\Psychovayne\AppData\Roaming\NetMeter [2011.04.10 16:56:29 | 000,000,000 | ---D | M] -- C:\Users\Psychovayne\AppData\Roaming\OpenOffice.org [2012.08.21 16:19:52 | 000,000,000 | ---D | M] -- C:\Users\Psychovayne\AppData\Roaming\Origin [2012.05.02 16:53:56 | 000,000,000 | ---D | M] -- C:\Users\Psychovayne\AppData\Roaming\TS3Client [2012.06.04 16:39:27 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > Kann dieser Download wirklich mit dem Trojaner zusammenhängen? Ich hoffe mir ist noch zu helfen  Danke schon mal im Voraus für die Hilfe. MFG Dante |
|
03.09.2012, 12:54
| #2 |
| /// Selecta Jahrusso   | JS: Downloader-BQF [Trj] (Engine B) auf PC gefunden und falsch reagiert Mein Name ist Daniel und ich werde dir mit deinem Malware Relevanten Problemen helfen. Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Ne idee, was da herunter geladen wird ? Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen. Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
03.09.2012, 18:11
| #3 | |
| | JS: Downloader-BQF [Trj] (Engine B) auf PC gefunden und falsch reagiertZitat:
Schein also unabhängig von dem Trojaner zu sein. Hier das Logfile Code:
ATTFilter 18:56:46.0218 2712 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
18:56:47.0731 2712 ============================================================
18:56:47.0731 2712 Current date / time: 2012/09/03 18:56:47.0731
18:56:47.0731 2712 SystemInfo:
18:56:47.0731 2712
18:56:47.0731 2712 OS Version: 6.1.7601 ServicePack: 1.0
18:56:47.0731 2712 Product type: Workstation
18:56:47.0731 2712 ComputerName: PSYCHOVAYNES-PC
18:56:47.0731 2712 UserName: Psychovayne
18:56:47.0731 2712 Windows directory: C:\Windows
18:56:47.0731 2712 System windows directory: C:\Windows
18:56:47.0731 2712 Running under WOW64
18:56:47.0731 2712 Processor architecture: Intel x64
18:56:47.0731 2712 Number of processors: 2
18:56:47.0731 2712 Page size: 0x1000
18:56:47.0731 2712 Boot type: Normal boot
18:56:47.0731 2712 ============================================================
18:56:53.0215 2712 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x14301, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
18:56:53.0225 2712 ============================================================
18:56:53.0225 2712 \Device\Harddisk0\DR0:
18:56:53.0235 2712 MBR partitions:
18:56:53.0235 2712 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:56:53.0235 2712 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1384E000
18:56:53.0235 2712 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x13880800, BlocksNum 0x36FD7000
18:56:53.0235 2712 ============================================================
18:56:53.0315 2712 C: <-> \Device\Harddisk0\DR0\Partition2
18:56:53.0345 2712 D: <-> \Device\Harddisk0\DR0\Partition3
18:56:53.0345 2712 ============================================================
18:56:53.0345 2712 Initialize success
18:56:53.0345 2712 ============================================================
18:56:57.0125 2412 ============================================================
18:56:57.0125 2412 Scan started
18:56:57.0125 2412 Mode: Manual;
18:56:57.0125 2412 ============================================================
18:56:59.0545 2412 ================ Scan system memory ========================
18:56:59.0545 2412 System memory - ok
18:56:59.0545 2412 ================ Scan services =============================
18:56:59.0675 2412 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:56:59.0675 2412 1394ohci - ok
18:56:59.0785 2412 [ 2D6434E957F7CFA0035C20890F77BBC6 ] a2acc C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys
18:56:59.0785 2412 a2acc - ok
18:56:59.0855 2412 [ 0D050186CF421131B43D00024BD9B8BB ] a2AntiMalware C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
18:56:59.0905 2412 a2AntiMalware - ok
18:56:59.0925 2412 [ 3044D0F3FEB9FFE8BC953D8F34B5B504 ] A2DDA C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys
18:56:59.0935 2412 A2DDA - ok
18:56:59.0955 2412 [ 3D55CE53128C81E06CD6B024C3B9FAC3 ] a2injectiondriver C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys
18:56:59.0955 2412 a2injectiondriver - ok
18:56:59.0975 2412 [ E41D79682A209F72F4F578CFD4A53952 ] a2util C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys
18:56:59.0975 2412 a2util - ok
18:57:00.0025 2412 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:57:00.0025 2412 ACPI - ok
18:57:00.0065 2412 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:57:00.0065 2412 AcpiPmi - ok
18:57:00.0155 2412 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:57:00.0155 2412 AdobeARMservice - ok
18:57:00.0265 2412 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:57:00.0265 2412 AdobeFlashPlayerUpdateSvc - ok
18:57:00.0315 2412 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
18:57:00.0325 2412 adp94xx - ok
18:57:00.0345 2412 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
18:57:00.0355 2412 adpahci - ok
18:57:00.0365 2412 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
18:57:00.0365 2412 adpu320 - ok
18:57:00.0385 2412 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:57:00.0385 2412 AeLookupSvc - ok
18:57:00.0415 2412 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
18:57:00.0425 2412 AFD - ok
18:57:00.0455 2412 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:57:00.0465 2412 agp440 - ok
18:57:00.0465 2412 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
18:57:00.0475 2412 ALG - ok
18:57:00.0485 2412 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
18:57:00.0485 2412 aliide - ok
18:57:00.0525 2412 [ B3B263B419FC9E7B1D41E61FDAE45BD9 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:57:00.0525 2412 AMD External Events Utility - ok
18:57:00.0535 2412 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
18:57:00.0535 2412 amdide - ok
18:57:00.0555 2412 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
18:57:00.0565 2412 AmdK8 - ok
18:57:00.0745 2412 [ 9A6E9363F7A5E5A06629D9DDC76EE6B5 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
18:57:00.0915 2412 amdkmdag - ok
18:57:00.0935 2412 [ 957A4C13E1981B1701E600EF1E823C68 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
18:57:00.0945 2412 amdkmdap - ok
18:57:00.0955 2412 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
18:57:00.0955 2412 AmdPPM - ok
18:57:00.0995 2412 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:57:00.0995 2412 amdsata - ok
18:57:01.0015 2412 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
18:57:01.0015 2412 amdsbs - ok
18:57:01.0025 2412 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:57:01.0035 2412 amdxata - ok
18:57:01.0075 2412 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
18:57:01.0075 2412 AppID - ok
18:57:01.0095 2412 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:57:01.0095 2412 AppIDSvc - ok
18:57:01.0125 2412 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
18:57:01.0125 2412 Appinfo - ok
18:57:01.0145 2412 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
18:57:01.0145 2412 arc - ok
18:57:01.0155 2412 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
18:57:01.0155 2412 arcsas - ok
18:57:01.0185 2412 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:57:01.0185 2412 AsyncMac - ok
18:57:01.0205 2412 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
18:57:01.0205 2412 atapi - ok
18:57:01.0245 2412 [ B0790FF0E25B7A2674296052F2162C1A ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
18:57:01.0255 2412 AtiHDAudioService - ok
18:57:01.0295 2412 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:57:01.0315 2412 AudioEndpointBuilder - ok
18:57:01.0325 2412 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:57:01.0325 2412 AudioSrv - ok
18:57:01.0435 2412 [ FCC4933F96883FEC83D17697B75B0FDE ] AVKProxy C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
18:57:01.0465 2412 AVKProxy - ok
18:57:01.0565 2412 [ 29DA2D5958B352022A1BB5CE6FDB427C ] AVKService D:\Programme\G Data\InternetSecurity\AVK\AVKService.exe
18:57:01.0575 2412 AVKService - ok
18:57:01.0655 2412 [ 9A75BDDFCE451C173CDEAEFC1921A147 ] AVKWCtl D:\Programme\G Data\InternetSecurity\AVK\AVKWCtlX64.exe
18:57:01.0695 2412 AVKWCtl - ok
18:57:01.0765 2412 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:57:01.0765 2412 AxInstSV - ok
18:57:01.0805 2412 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
18:57:01.0825 2412 b06bdrv - ok
18:57:01.0865 2412 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:57:01.0865 2412 b57nd60a - ok
18:57:01.0905 2412 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
18:57:01.0905 2412 BDESVC - ok
18:57:01.0915 2412 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
18:57:01.0925 2412 Beep - ok
18:57:01.0985 2412 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
18:57:01.0995 2412 BFE - ok
18:57:02.0045 2412 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
18:57:02.0085 2412 BITS - ok
18:57:02.0105 2412 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:57:02.0105 2412 blbdrive - ok
18:57:02.0135 2412 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:57:02.0145 2412 bowser - ok
18:57:02.0155 2412 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:57:02.0155 2412 BrFiltLo - ok
18:57:02.0165 2412 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:57:02.0165 2412 BrFiltUp - ok
18:57:02.0195 2412 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
18:57:02.0205 2412 Browser - ok
18:57:02.0215 2412 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:57:02.0215 2412 Brserid - ok
18:57:02.0225 2412 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:57:02.0225 2412 BrSerWdm - ok
18:57:02.0235 2412 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:57:02.0235 2412 BrUsbMdm - ok
18:57:02.0235 2412 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:57:02.0235 2412 BrUsbSer - ok
18:57:02.0245 2412 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
18:57:02.0245 2412 BTHMODEM - ok
18:57:02.0255 2412 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
18:57:02.0255 2412 bthserv - ok
18:57:02.0275 2412 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:57:02.0275 2412 cdfs - ok
18:57:02.0325 2412 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:57:02.0325 2412 cdrom - ok
18:57:02.0355 2412 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
18:57:02.0365 2412 CertPropSvc - ok
18:57:02.0375 2412 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
18:57:02.0375 2412 circlass - ok
18:57:02.0395 2412 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
18:57:02.0405 2412 CLFS - ok
18:57:02.0455 2412 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:57:02.0465 2412 clr_optimization_v2.0.50727_32 - ok
18:57:02.0515 2412 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:57:02.0515 2412 clr_optimization_v2.0.50727_64 - ok
18:57:02.0585 2412 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:57:02.0605 2412 clr_optimization_v4.0.30319_32 - ok
18:57:02.0635 2412 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:57:02.0635 2412 clr_optimization_v4.0.30319_64 - ok
18:57:02.0665 2412 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:57:02.0665 2412 CmBatt - ok
18:57:02.0695 2412 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:57:02.0695 2412 cmdide - ok
18:57:02.0735 2412 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
18:57:02.0745 2412 CNG - ok
18:57:02.0765 2412 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:57:02.0765 2412 Compbatt - ok
18:57:02.0805 2412 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
18:57:02.0805 2412 CompositeBus - ok
18:57:02.0815 2412 COMSysApp - ok
18:57:02.0825 2412 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
18:57:02.0835 2412 crcdisk - ok
18:57:02.0875 2412 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:57:02.0875 2412 CryptSvc - ok
18:57:02.0915 2412 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:57:02.0925 2412 DcomLaunch - ok
18:57:02.0975 2412 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
18:57:02.0975 2412 defragsvc - ok
18:57:03.0025 2412 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:57:03.0025 2412 DfsC - ok
18:57:03.0065 2412 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
18:57:03.0065 2412 Dhcp - ok
18:57:03.0085 2412 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
18:57:03.0085 2412 discache - ok
18:57:03.0105 2412 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
18:57:03.0105 2412 Disk - ok
18:57:03.0135 2412 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:57:03.0135 2412 Dnscache - ok
18:57:03.0175 2412 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
18:57:03.0175 2412 dot3svc - ok
18:57:03.0205 2412 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
18:57:03.0205 2412 DPS - ok
18:57:03.0245 2412 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:57:03.0245 2412 drmkaud - ok
18:57:03.0285 2412 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:57:03.0305 2412 DXGKrnl - ok
18:57:03.0335 2412 [ 416A2007878ED1D6FC5DDDB9E1F6DB3E ] e1express C:\Windows\system32\DRIVERS\e1e6032e.sys
18:57:03.0335 2412 e1express - ok
18:57:03.0355 2412 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
18:57:03.0355 2412 EapHost - ok
18:57:03.0425 2412 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
18:57:03.0495 2412 ebdrv - ok
18:57:03.0525 2412 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
18:57:03.0525 2412 EFS - ok
18:57:03.0565 2412 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:57:03.0585 2412 ehRecvr - ok
18:57:03.0605 2412 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
18:57:03.0605 2412 ehSched - ok
18:57:03.0635 2412 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
18:57:03.0655 2412 elxstor - ok
18:57:03.0675 2412 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:57:03.0685 2412 ErrDev - ok
18:57:03.0715 2412 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
18:57:03.0715 2412 EventSystem - ok
18:57:03.0725 2412 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
18:57:03.0725 2412 exfat - ok
18:57:03.0745 2412 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:57:03.0745 2412 fastfat - ok
18:57:03.0795 2412 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
18:57:03.0805 2412 Fax - ok
18:57:03.0815 2412 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:57:03.0825 2412 fdc - ok
18:57:03.0835 2412 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
18:57:03.0835 2412 fdPHost - ok
18:57:03.0845 2412 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
18:57:03.0845 2412 FDResPub - ok
18:57:03.0865 2412 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:57:03.0865 2412 FileInfo - ok
18:57:03.0875 2412 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:57:03.0875 2412 Filetrace - ok
18:57:03.0885 2412 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:57:03.0885 2412 flpydisk - ok
18:57:03.0925 2412 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:57:03.0925 2412 FltMgr - ok
18:57:03.0965 2412 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
18:57:03.0995 2412 FontCache - ok
18:57:04.0035 2412 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:57:04.0035 2412 FontCache3.0.0.0 - ok
18:57:04.0045 2412 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:57:04.0045 2412 FsDepends - ok
18:57:04.0065 2412 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:57:04.0075 2412 Fs_Rec - ok
18:57:04.0105 2412 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:57:04.0105 2412 fvevol - ok
18:57:04.0125 2412 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
18:57:04.0135 2412 gagp30kx - ok
18:57:04.0175 2412 [ 116F4672A804DA33E1159C005AE88B9C ] GDBehave C:\Windows\system32\drivers\GDBehave.sys
18:57:04.0175 2412 GDBehave - ok
18:57:04.0255 2412 [ 2922B4D0AA4095797E66D87F08CA4D72 ] GDFwSvc D:\Programme\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
18:57:04.0285 2412 GDFwSvc - ok
18:57:04.0315 2412 [ E02AC68F1FC31D38EAD729E00BD68C93 ] GDMnIcpt C:\Windows\system32\drivers\MiniIcpt.sys
18:57:04.0315 2412 GDMnIcpt - ok
18:57:04.0335 2412 [ 290DDB8C97249F99569B77E9DF2F76FC ] GDPkIcpt C:\Windows\system32\drivers\PktIcpt.sys
18:57:04.0345 2412 GDPkIcpt - ok
18:57:04.0455 2412 [ 110C6DC36EA9F5DA664A584756B1B297 ] GDScan C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
18:57:04.0465 2412 GDScan - ok
18:57:04.0495 2412 [ 876D6FA58981D073DD4063225370B12F ] gdwfpcd C:\Windows\system32\drivers\gdwfpcd64.sys
18:57:04.0495 2412 gdwfpcd - ok
18:57:04.0535 2412 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
18:57:04.0555 2412 gpsvc - ok
18:57:04.0575 2412 [ 9580CBF03D2EE08BD1C0D701AAE4092A ] GRD C:\Windows\system32\drivers\GRD.sys
18:57:04.0575 2412 GRD - ok
18:57:04.0595 2412 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:57:04.0595 2412 hcw85cir - ok
18:57:04.0635 2412 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:57:04.0645 2412 HdAudAddService - ok
18:57:04.0665 2412 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
18:57:04.0665 2412 HDAudBus - ok
18:57:04.0675 2412 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
18:57:04.0685 2412 HidBatt - ok
18:57:04.0695 2412 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
18:57:04.0695 2412 HidBth - ok
18:57:04.0705 2412 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
18:57:04.0705 2412 HidIr - ok
18:57:04.0725 2412 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
18:57:04.0725 2412 hidserv - ok
18:57:04.0755 2412 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
18:57:04.0755 2412 HidUsb - ok
18:57:04.0785 2412 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:57:04.0785 2412 hkmsvc - ok
18:57:04.0815 2412 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:57:04.0815 2412 HomeGroupListener - ok
18:57:04.0845 2412 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:57:04.0855 2412 HomeGroupProvider - ok
18:57:04.0885 2412 [ 3CD18F0B3681FB267E67763CC3152D4E ] HookCentre C:\Windows\system32\drivers\HookCentre.sys
18:57:04.0885 2412 HookCentre - ok
18:57:04.0915 2412 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:57:04.0915 2412 HpSAMD - ok
18:57:04.0955 2412 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:57:04.0975 2412 HTTP - ok
18:57:05.0005 2412 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:57:05.0005 2412 hwpolicy - ok
18:57:05.0045 2412 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
18:57:05.0045 2412 i8042prt - ok
18:57:05.0075 2412 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:57:05.0085 2412 iaStorV - ok
18:57:05.0125 2412 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:57:05.0135 2412 idsvc - ok
18:57:05.0155 2412 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
18:57:05.0165 2412 iirsp - ok
18:57:05.0195 2412 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
18:57:05.0215 2412 IKEEXT - ok
18:57:05.0235 2412 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
18:57:05.0235 2412 intelide - ok
18:57:05.0265 2412 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:57:05.0265 2412 intelppm - ok
18:57:05.0285 2412 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:57:05.0285 2412 IPBusEnum - ok
18:57:05.0315 2412 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:57:05.0315 2412 IpFilterDriver - ok
18:57:05.0345 2412 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:57:05.0365 2412 iphlpsvc - ok
18:57:05.0405 2412 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:57:05.0415 2412 IPMIDRV - ok
18:57:05.0425 2412 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:57:05.0425 2412 IPNAT - ok
18:57:05.0445 2412 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:57:05.0445 2412 IRENUM - ok
18:57:05.0455 2412 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:57:05.0455 2412 isapnp - ok
18:57:05.0485 2412 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:57:05.0485 2412 iScsiPrt - ok
18:57:05.0525 2412 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
18:57:05.0525 2412 kbdclass - ok
18:57:05.0535 2412 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
18:57:05.0535 2412 kbdhid - ok
18:57:05.0545 2412 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
18:57:05.0555 2412 KeyIso - ok
18:57:05.0575 2412 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:57:05.0575 2412 KSecDD - ok
18:57:05.0585 2412 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:57:05.0595 2412 KSecPkg - ok
18:57:05.0605 2412 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:57:05.0605 2412 ksthunk - ok
18:57:05.0635 2412 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
18:57:05.0645 2412 KtmRm - ok
18:57:05.0655 2412 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:57:05.0655 2412 LanmanServer - ok
18:57:05.0685 2412 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:57:05.0695 2412 LanmanWorkstation - ok
18:57:05.0725 2412 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:57:05.0725 2412 lltdio - ok
18:57:05.0745 2412 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:57:05.0755 2412 lltdsvc - ok
18:57:05.0765 2412 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:57:05.0765 2412 lmhosts - ok
18:57:05.0785 2412 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
18:57:05.0795 2412 LSI_FC - ok
18:57:05.0805 2412 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
18:57:05.0805 2412 LSI_SAS - ok
18:57:05.0825 2412 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:57:05.0825 2412 LSI_SAS2 - ok
18:57:05.0835 2412 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:57:05.0845 2412 LSI_SCSI - ok
18:57:05.0855 2412 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
18:57:05.0855 2412 luafv - ok
18:57:05.0875 2412 lxbl_device - ok
18:57:05.0905 2412 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:57:05.0905 2412 Mcx2Svc - ok
18:57:05.0915 2412 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
18:57:05.0915 2412 megasas - ok
18:57:05.0925 2412 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
18:57:05.0925 2412 MegaSR - ok
18:57:05.0945 2412 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
18:57:05.0945 2412 MMCSS - ok
18:57:05.0955 2412 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
18:57:05.0965 2412 Modem - ok
18:57:05.0975 2412 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:57:05.0975 2412 monitor - ok
18:57:05.0985 2412 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
18:57:05.0985 2412 mouclass - ok
18:57:06.0005 2412 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:57:06.0005 2412 mouhid - ok
18:57:06.0045 2412 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:57:06.0045 2412 mountmgr - ok
18:57:06.0065 2412 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
18:57:06.0065 2412 mpio - ok
18:57:06.0075 2412 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:57:06.0075 2412 mpsdrv - ok
18:57:06.0115 2412 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:57:06.0135 2412 MpsSvc - ok
18:57:06.0165 2412 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:57:06.0165 2412 MRxDAV - ok
18:57:06.0195 2412 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:57:06.0205 2412 mrxsmb - ok
18:57:06.0245 2412 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:57:06.0245 2412 mrxsmb10 - ok
18:57:06.0255 2412 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:57:06.0255 2412 mrxsmb20 - ok
18:57:06.0275 2412 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
18:57:06.0275 2412 msahci - ok
18:57:06.0295 2412 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:57:06.0295 2412 msdsm - ok
18:57:06.0315 2412 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
18:57:06.0315 2412 MSDTC - ok
18:57:06.0335 2412 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:57:06.0335 2412 Msfs - ok
18:57:06.0345 2412 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:57:06.0345 2412 mshidkmdf - ok
18:57:06.0375 2412 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:57:06.0375 2412 msisadrv - ok
18:57:06.0385 2412 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:57:06.0395 2412 MSiSCSI - ok
18:57:06.0395 2412 msiserver - ok
18:57:06.0405 2412 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:57:06.0405 2412 MSKSSRV - ok
18:57:06.0425 2412 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:57:06.0425 2412 MSPCLOCK - ok
18:57:06.0435 2412 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:57:06.0435 2412 MSPQM - ok
18:57:06.0475 2412 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:57:06.0475 2412 MsRPC - ok
18:57:06.0495 2412 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
18:57:06.0495 2412 mssmbios - ok
18:57:06.0505 2412 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:57:06.0505 2412 MSTEE - ok
18:57:06.0515 2412 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
18:57:06.0525 2412 MTConfig - ok
18:57:06.0545 2412 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
18:57:06.0545 2412 Mup - ok
18:57:06.0575 2412 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
18:57:06.0585 2412 napagent - ok
18:57:06.0625 2412 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:57:06.0625 2412 NativeWifiP - ok
18:57:06.0655 2412 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
18:57:06.0675 2412 NDIS - ok
18:57:06.0695 2412 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:57:06.0695 2412 NdisCap - ok
18:57:06.0715 2412 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:57:06.0715 2412 NdisTapi - ok
18:57:06.0745 2412 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:57:06.0745 2412 Ndisuio - ok
18:57:06.0775 2412 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:57:06.0775 2412 NdisWan - ok
18:57:06.0815 2412 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:57:06.0815 2412 NDProxy - ok
18:57:06.0825 2412 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:57:06.0825 2412 NetBIOS - ok
18:57:06.0855 2412 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:57:06.0865 2412 NetBT - ok
18:57:06.0875 2412 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
18:57:06.0875 2412 Netlogon - ok
18:57:06.0905 2412 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
18:57:06.0925 2412 Netman - ok
18:57:06.0935 2412 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
18:57:06.0955 2412 netprofm - ok
18:57:06.0985 2412 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:57:06.0985 2412 NetTcpPortSharing - ok
18:57:07.0015 2412 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
18:57:07.0015 2412 nfrd960 - ok
18:57:07.0045 2412 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:57:07.0055 2412 NlaSvc - ok
18:57:07.0065 2412 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:57:07.0065 2412 Npfs - ok
18:57:07.0075 2412 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
18:57:07.0075 2412 nsi - ok
18:57:07.0095 2412 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:57:07.0095 2412 nsiproxy - ok
18:57:07.0155 2412 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:57:07.0195 2412 Ntfs - ok
18:57:07.0215 2412 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
18:57:07.0215 2412 Null - ok
18:57:07.0245 2412 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:57:07.0255 2412 nvraid - ok
18:57:07.0285 2412 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:57:07.0295 2412 nvstor - ok
18:57:07.0325 2412 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:57:07.0335 2412 nv_agp - ok
18:57:07.0355 2412 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:57:07.0355 2412 ohci1394 - ok
18:57:07.0385 2412 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:57:07.0395 2412 p2pimsvc - ok
18:57:07.0405 2412 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
18:57:07.0425 2412 p2psvc - ok
18:57:07.0445 2412 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
18:57:07.0455 2412 Parport - ok
18:57:07.0475 2412 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:57:07.0485 2412 partmgr - ok
18:57:07.0495 2412 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:57:07.0495 2412 PcaSvc - ok
18:57:07.0515 2412 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
18:57:07.0515 2412 pci - ok
18:57:07.0535 2412 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
18:57:07.0535 2412 pciide - ok
18:57:07.0545 2412 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
18:57:07.0555 2412 pcmcia - ok
18:57:07.0565 2412 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
18:57:07.0565 2412 pcw - ok
18:57:07.0585 2412 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:57:07.0605 2412 PEAUTH - ok
18:57:07.0665 2412 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:57:07.0705 2412 PerfHost - ok
18:57:07.0755 2412 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
18:57:07.0785 2412 pla - ok
18:57:07.0815 2412 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:57:07.0835 2412 PlugPlay - ok
18:57:07.0855 2412 PnkBstrA - ok
18:57:07.0885 2412 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:57:07.0895 2412 PNRPAutoReg - ok
18:57:07.0905 2412 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:57:07.0915 2412 PNRPsvc - ok
18:57:07.0935 2412 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:57:07.0945 2412 PolicyAgent - ok
18:57:07.0975 2412 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
18:57:07.0985 2412 Power - ok
18:57:08.0005 2412 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:57:08.0015 2412 PptpMiniport - ok
18:57:08.0035 2412 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
18:57:08.0035 2412 Processor - ok
18:57:08.0085 2412 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
18:57:08.0095 2412 ProfSvc - ok
18:57:08.0095 2412 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:57:08.0105 2412 ProtectedStorage - ok
18:57:08.0145 2412 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:57:08.0145 2412 Psched - ok
18:57:08.0185 2412 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
18:57:08.0215 2412 ql2300 - ok
18:57:08.0225 2412 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
18:57:08.0245 2412 ql40xx - ok
18:57:08.0255 2412 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
18:57:08.0265 2412 QWAVE - ok
18:57:08.0275 2412 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:57:08.0275 2412 QWAVEdrv - ok
18:57:08.0285 2412 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:57:08.0295 2412 RasAcd - ok
18:57:08.0305 2412 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:57:08.0315 2412 RasAgileVpn - ok
18:57:08.0325 2412 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
18:57:08.0325 2412 RasAuto - ok
18:57:08.0365 2412 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:57:08.0365 2412 Rasl2tp - ok
18:57:08.0405 2412 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
18:57:08.0425 2412 RasMan - ok
18:57:08.0435 2412 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:57:08.0435 2412 RasPppoe - ok
18:57:08.0445 2412 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:57:08.0455 2412 RasSstp - ok
18:57:08.0485 2412 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:57:08.0495 2412 rdbss - ok
18:57:08.0505 2412 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
18:57:08.0505 2412 rdpbus - ok
18:57:08.0515 2412 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:57:08.0525 2412 RDPCDD - ok
18:57:08.0545 2412 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:57:08.0545 2412 RDPENCDD - ok
18:57:08.0555 2412 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:57:08.0555 2412 RDPREFMP - ok
18:57:08.0585 2412 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:57:08.0595 2412 RDPWD - ok
18:57:08.0625 2412 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:57:08.0625 2412 rdyboost - ok
18:57:08.0645 2412 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:57:08.0655 2412 RemoteAccess - ok
18:57:08.0665 2412 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:57:08.0675 2412 RemoteRegistry - ok
18:57:08.0695 2412 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:57:08.0705 2412 RpcEptMapper - ok
18:57:08.0715 2412 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
18:57:08.0725 2412 RpcLocator - ok
18:57:08.0755 2412 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
18:57:08.0755 2412 RpcSs - ok
18:57:08.0765 2412 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:57:08.0775 2412 rspndr - ok
18:57:08.0785 2412 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
18:57:08.0785 2412 SamSs - ok
18:57:08.0825 2412 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:57:08.0825 2412 sbp2port - ok
18:57:08.0845 2412 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:57:08.0845 2412 SCardSvr - ok
18:57:08.0885 2412 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:57:08.0885 2412 scfilter - ok
18:57:08.0925 2412 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
18:57:08.0955 2412 Schedule - ok
18:57:08.0985 2412 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:57:08.0985 2412 SCPolicySvc - ok
18:57:09.0015 2412 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:57:09.0025 2412 SDRSVC - ok
18:57:09.0045 2412 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:57:09.0045 2412 secdrv - ok
18:57:09.0075 2412 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
18:57:09.0075 2412 seclogon - ok
18:57:09.0085 2412 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
18:57:09.0095 2412 SENS - ok
18:57:09.0105 2412 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:57:09.0115 2412 SensrSvc - ok
18:57:09.0125 2412 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
18:57:09.0125 2412 Serenum - ok
18:57:09.0135 2412 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
18:57:09.0135 2412 Serial - ok
18:57:09.0165 2412 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
18:57:09.0165 2412 sermouse - ok
18:57:09.0215 2412 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
18:57:09.0215 2412 SessionEnv - ok
18:57:09.0255 2412 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:57:09.0255 2412 sffdisk - ok
18:57:09.0265 2412 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:57:09.0265 2412 sffp_mmc - ok
18:57:09.0265 2412 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:57:09.0275 2412 sffp_sd - ok
18:57:09.0285 2412 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
18:57:09.0285 2412 sfloppy - ok
18:57:09.0305 2412 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:57:09.0325 2412 SharedAccess - ok
18:57:09.0365 2412 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:57:09.0375 2412 ShellHWDetection - ok
18:57:09.0405 2412 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:57:09.0405 2412 SiSRaid2 - ok
18:57:09.0415 2412 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
18:57:09.0425 2412 SiSRaid4 - ok
18:57:09.0455 2412 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:57:09.0455 2412 Smb - ok
18:57:09.0485 2412 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:57:09.0485 2412 SNMPTRAP - ok
18:57:09.0515 2412 [ 1A623F2B69E1F182F995F963C55DB935 ] Sony Ericsson PCCompanion C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
18:57:09.0525 2412 Sony Ericsson PCCompanion - ok
18:57:09.0525 2412 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
18:57:09.0535 2412 spldr - ok
18:57:09.0575 2412 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
18:57:09.0595 2412 Spooler - ok
18:57:09.0665 2412 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
18:57:09.0735 2412 sppsvc - ok
18:57:09.0755 2412 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:57:09.0765 2412 sppuinotify - ok
18:57:09.0795 2412 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
18:57:09.0805 2412 srv - ok
18:57:09.0815 2412 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:57:09.0825 2412 srv2 - ok
18:57:09.0835 2412 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:57:09.0835 2412 srvnet - ok
18:57:09.0865 2412 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:57:09.0875 2412 SSDPSRV - ok
18:57:09.0885 2412 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:57:09.0885 2412 SstpSvc - ok
18:57:09.0935 2412 Steam Client Service - ok
18:57:09.0955 2412 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
18:57:09.0955 2412 stexstor - ok
18:57:09.0985 2412 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
18:57:10.0005 2412 stisvc - ok
18:57:10.0045 2412 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
18:57:10.0045 2412 swenum - ok
18:57:10.0065 2412 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
18:57:10.0085 2412 swprv - ok
18:57:10.0145 2412 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
18:57:10.0185 2412 SysMain - ok
18:57:10.0215 2412 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:57:10.0215 2412 TabletInputService - ok
18:57:10.0245 2412 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:57:10.0265 2412 TapiSrv - ok
18:57:10.0285 2412 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
18:57:10.0295 2412 TBS - ok
18:57:10.0365 2412 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:57:10.0415 2412 Tcpip - ok
18:57:10.0455 2412 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:57:10.0465 2412 TCPIP6 - ok
18:57:10.0515 2412 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:57:10.0515 2412 tcpipreg - ok
18:57:10.0535 2412 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:57:10.0535 2412 TDPIPE - ok
18:57:10.0565 2412 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:57:10.0565 2412 TDTCP - ok
18:57:10.0605 2412 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:57:10.0605 2412 tdx - ok
18:57:10.0635 2412 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
18:57:10.0635 2412 TermDD - ok
18:57:10.0675 2412 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
18:57:10.0695 2412 TermService - ok
18:57:10.0715 2412 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
18:57:10.0725 2412 Themes - ok
18:57:10.0725 2412 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
18:57:10.0735 2412 THREADORDER - ok
18:57:10.0755 2412 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys
18:57:10.0765 2412 TPM - ok
18:57:10.0765 2412 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
18:57:10.0775 2412 TrkWks - ok
18:57:10.0825 2412 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:57:10.0845 2412 TrustedInstaller - ok
18:57:10.0875 2412 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:57:10.0875 2412 tssecsrv - ok
18:57:10.0925 2412 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:57:10.0925 2412 TsUsbFlt - ok
18:57:10.0965 2412 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:57:10.0965 2412 tunnel - ok
18:57:10.0975 2412 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
18:57:10.0975 2412 uagp35 - ok
18:57:11.0015 2412 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:57:11.0025 2412 udfs - ok
18:57:11.0045 2412 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:57:11.0045 2412 UI0Detect - ok
18:57:11.0065 2412 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:57:11.0075 2412 uliagpkx - ok
18:57:11.0105 2412 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
18:57:11.0105 2412 umbus - ok
18:57:11.0125 2412 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
18:57:11.0125 2412 UmPass - ok
18:57:11.0145 2412 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
18:57:11.0145 2412 upnphost - ok
18:57:11.0165 2412 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:57:11.0165 2412 usbccgp - ok
18:57:11.0205 2412 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:57:11.0215 2412 usbcir - ok
18:57:11.0215 2412 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:57:11.0225 2412 usbehci - ok
18:57:11.0235 2412 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:57:11.0245 2412 usbhub - ok
18:57:11.0255 2412 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:57:11.0255 2412 usbohci - ok
18:57:11.0275 2412 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:57:11.0285 2412 usbprint - ok
18:57:11.0295 2412 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:57:11.0295 2412 USBSTOR - ok
18:57:11.0305 2412 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
18:57:11.0315 2412 usbuhci - ok
18:57:11.0325 2412 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
18:57:11.0325 2412 UxSms - ok
18:57:11.0335 2412 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
18:57:11.0335 2412 VaultSvc - ok
18:57:11.0345 2412 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:57:11.0345 2412 vdrvroot - ok
18:57:11.0385 2412 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
18:57:11.0395 2412 vds - ok
18:57:11.0425 2412 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:57:11.0425 2412 vga - ok
18:57:11.0435 2412 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
18:57:11.0435 2412 VgaSave - ok
18:57:11.0455 2412 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:57:11.0455 2412 vhdmp - ok
18:57:11.0495 2412 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
18:57:11.0495 2412 viaide - ok
18:57:11.0505 2412 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:57:11.0515 2412 volmgr - ok
18:57:11.0545 2412 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:57:11.0555 2412 volmgrx - ok
18:57:11.0565 2412 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:57:11.0575 2412 volsnap - ok
18:57:11.0595 2412 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
18:57:11.0605 2412 vsmraid - ok
18:57:11.0655 2412 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
18:57:11.0685 2412 VSS - ok
18:57:11.0695 2412 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
18:57:11.0705 2412 vwifibus - ok
18:57:11.0715 2412 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
18:57:11.0735 2412 W32Time - ok
18:57:11.0745 2412 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
18:57:11.0745 2412 WacomPen - ok
18:57:11.0765 2412 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:57:11.0775 2412 WANARP - ok
18:57:11.0775 2412 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:57:11.0775 2412 Wanarpv6 - ok
18:57:11.0825 2412 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
18:57:11.0855 2412 wbengine - ok
18:57:11.0865 2412 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:57:11.0875 2412 WbioSrvc - ok
18:57:11.0905 2412 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:57:11.0925 2412 wcncsvc - ok
18:57:11.0935 2412 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:57:11.0945 2412 WcsPlugInService - ok
18:57:11.0955 2412 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
18:57:11.0965 2412 Wd - ok
18:57:11.0985 2412 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:57:12.0005 2412 Wdf01000 - ok
18:57:12.0015 2412 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:57:12.0015 2412 WdiServiceHost - ok
18:57:12.0015 2412 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:57:12.0025 2412 WdiSystemHost - ok
18:57:12.0055 2412 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
18:57:12.0075 2412 WebClient - ok
18:57:12.0095 2412 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:57:12.0095 2412 Wecsvc - ok
18:57:12.0115 2412 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:57:12.0115 2412 wercplsupport - ok
18:57:12.0135 2412 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
18:57:12.0135 2412 WerSvc - ok
18:57:12.0145 2412 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:57:12.0145 2412 WfpLwf - ok
18:57:12.0155 2412 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:57:12.0165 2412 WIMMount - ok
18:57:12.0165 2412 WinDefend - ok
18:57:12.0175 2412 WinHttpAutoProxySvc - ok
18:57:12.0225 2412 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:57:12.0225 2412 Winmgmt - ok
18:57:12.0285 2412 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
18:57:12.0315 2412 WinRM - ok
18:57:12.0365 2412 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
18:57:12.0365 2412 WinUsb - ok
18:57:12.0395 2412 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
18:57:12.0415 2412 Wlansvc - ok
18:57:12.0425 2412 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:57:12.0435 2412 WmiAcpi - ok
18:57:12.0455 2412 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:57:12.0455 2412 wmiApSrv - ok
18:57:12.0475 2412 WMPNetworkSvc - ok
18:57:12.0495 2412 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:57:12.0495 2412 WPCSvc - ok
18:57:12.0525 2412 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:57:12.0535 2412 WPDBusEnum - ok
18:57:12.0555 2412 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:57:12.0555 2412 ws2ifsl - ok
18:57:12.0565 2412 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
18:57:12.0575 2412 wscsvc - ok
18:57:12.0575 2412 WSearch - ok
18:57:12.0637 2412 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
18:57:12.0687 2412 wuauserv - ok
18:57:12.0717 2412 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:57:12.0727 2412 WudfPf - ok
18:57:12.0747 2412 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:57:12.0747 2412 WUDFRd - ok
18:57:12.0777 2412 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:57:12.0787 2412 wudfsvc - ok
18:57:12.0807 2412 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
18:57:12.0827 2412 WwanSvc - ok
18:57:12.0847 2412 ================ Scan global ===============================
18:57:12.0867 2412 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:57:12.0897 2412 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
18:57:12.0917 2412 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
18:57:12.0937 2412 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:57:12.0967 2412 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:57:12.0977 2412 [Global] - ok
18:57:12.0977 2412 ================ Scan MBR ==================================
18:57:12.0997 2412 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:57:13.0167 2412 \Device\Harddisk0\DR0 - ok
18:57:13.0167 2412 ================ Scan VBR ==================================
18:57:13.0167 2412 [ 6B246B8D36B47BEE51306B331ADC8EEF ] \Device\Harddisk0\DR0\Partition1
18:57:13.0177 2412 \Device\Harddisk0\DR0\Partition1 - ok
18:57:13.0187 2412 [ F796D13A707EE7B109AFC40D79599A34 ] \Device\Harddisk0\DR0\Partition2
18:57:13.0187 2412 \Device\Harddisk0\DR0\Partition2 - ok
18:57:13.0197 2412 [ 60F1F39082630A71AF90665BB9DDF081 ] \Device\Harddisk0\DR0\Partition3
18:57:13.0207 2412 \Device\Harddisk0\DR0\Partition3 - ok
18:57:13.0207 2412 ============================================================
18:57:13.0207 2412 Scan finished
18:57:13.0207 2412 ============================================================
18:57:13.0217 4968 Detected object count: 0
18:57:13.0217 4968 Actual detected object count: 0
|
|
03.09.2012, 18:58
| #4 |
| /// Selecta Jahrusso | JS: Downloader-BQF [Trj] (Engine B) auf PC gefunden und falsch reagiert Das was da gefunden wurde, ist grundsätzlich mal nichts. ESET Online Scanner
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
09.09.2012, 15:27
| #5 |
| /// Selecta Jahrusso | JS: Downloader-BQF [Trj] (Engine B) auf PC gefunden und falsch reagiert Fehlende Rückmeldung Dieses Thema wurde aus den Abos gelöscht. Somit bekomm ich keine Benachrichtigung über neue Antworten. PM an mich falls Du denoch weiter machen willst. Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist. Jeder andere bitte hier klicken und einen eigenen Thread erstellen
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
| Themen zu JS: Downloader-BQF [Trj] (Engine B) auf PC gefunden und falsch reagiert |
| adobe, akamai, autorun, bankguard, bho, browser, converter, emsisoft, festplatte, firefox, flash player, format, gdata, helper, home, hängen, infizierte, infizierte dateien, launch, logfile, mozilla, mp3, plug-in, programm, prozesse, registry, scan, security, software, trojaner, verweise |
![JS: Downloader-BQF [Trj] (Engine B) auf PC gefunden und falsch reagiert](iconimages/plagegeister-aller-art-deren-bekaempfung/js-downloader-bqf-trj-engine-b-pc-gefunden-falsch-reagiert_ltr.gif)
Linear-Darstellung
