Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Mögliche Rootkit infektion (TDSS Filesystem found)

Mögliche Rootkit infektion (TDSS Filesystem found)


Plagegeister aller Art und deren Bekämpfung: Mögliche Rootkit infektion (TDSS Filesystem found)

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 06.01.2017, 09:34   #1
Jakxx
 
Mögliche Rootkit infektion (TDSS Filesystem found) - Standard

Mögliche Rootkit infektion (TDSS Filesystem found)


Hallo!

Es sieht so aus, als hätte ich mir möglicherweise ein Rootkit eingefangen, allerdings bin ich mir nicht 100% sicher.

Ich habe TDSSKILLER drüberlaufen lassen, normal findet er nichts, aber wenn man die zusätzlichen optionen vor dem Suchlauf aktiviert, findet er auf laufwerk D ein TDSS Dateisystem.

Malwarebytes Anti Rootkit hat nichts gefunden und auch AVAST Anti virus scheint nicht anzuschlagen.

Ich habe hier einmal die logfile von TDSSKILLER, vielleicht kann mir ja jemand helfen ob ich hier ein Problem habe, oder nicht.

Teil1:

Code:
ATTFilter
09:22:59.0876 0x1718  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
09:23:03.0562 0x1718  ============================================================
09:23:03.0562 0x1718  Current date / time: 2017/01/06 09:23:03.0562
09:23:03.0562 0x1718  SystemInfo:
09:23:03.0562 0x1718  
09:23:03.0562 0x1718  OS Version: 10.0.10586 ServicePack: 0.0
09:23:03.0562 0x1718  Product type: Workstation
09:23:03.0562 0x1718  ComputerName: JAKXX-PC
09:23:03.0562 0x1718  UserName: Jakxx
09:23:03.0562 0x1718  Windows directory: C:\WINDOWS
09:23:03.0562 0x1718  System windows directory: C:\WINDOWS
09:23:03.0562 0x1718  Running under WOW64
09:23:03.0562 0x1718  Processor architecture: Intel x64
09:23:03.0562 0x1718  Number of processors: 12
09:23:03.0562 0x1718  Page size: 0x1000
09:23:03.0562 0x1718  Boot type: Normal boot
09:23:03.0562 0x1718  CodeIntegrityOptions = 0x00000001
09:23:03.0562 0x1718  ============================================================
09:23:03.0647 0x1718  KLMD registered as C:\WINDOWS\system32\drivers\09936151.sys
09:23:03.0647 0x1718  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 10586.672, osProperties = 0x19
09:23:03.0705 0x1718  System UUID: {3EB7F3DD-86BD-19EF-3BFF-46668D305A86}
09:23:03.0960 0x1718  Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:23:03.0960 0x1718  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0CADE00 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:23:03.0961 0x1718  Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:23:03.0961 0x1718  Drive \Device\Harddisk3\DR3 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:23:03.0962 0x1718  Drive \Device\Harddisk4\DR4 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:23:04.0288 0x1718  Drive \Device\Harddisk5\DR5 - Size: 0x25433D6000 ( 149.05 Gb ), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:23:04.0297 0x1718  Drive \Device\Harddisk6\DR6 - Size: 0x2BAA1476000 ( 2794.52 Gb ), SectorSize: 0x1000, Cylinders: 0xB220, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
09:23:07.0224 0x1718  ============================================================
09:23:07.0225 0x1718  \Device\Harddisk0\DR0:
09:23:07.0225 0x1718  MBR partitions:
09:23:07.0225 0x1718  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1DC11000
09:23:07.0225 0x1718  \Device\Harddisk1\DR1:
09:23:07.0225 0x1718  MBR partitions:
09:23:07.0226 0x1718  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x619000
09:23:07.0226 0x1718  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0xC350800, BlocksNum 0x683B5000
09:23:07.0226 0x1718  \Device\Harddisk2\DR2:
09:23:07.0229 0x1718  GPT partitions:
09:23:07.0230 0x1718  \Device\Harddisk2\DR2\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {5BB9F6DA-5900-430B-9495-470A35958106}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
09:23:07.0230 0x1718  \Device\Harddisk2\DR2\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {8E60BAD3-FB2D-4E65-B448-D0BACDD6AAC7}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x746C6000
09:23:07.0230 0x1718  MBR partitions:
09:23:07.0230 0x1718  \Device\Harddisk3\DR3:
09:23:07.0234 0x1718  GPT partitions:
09:23:07.0234 0x1718  \Device\Harddisk3\DR3\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {41C54113-D3A8-4D08-A7F0-7585D2F0767F}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
09:23:07.0234 0x1718  \Device\Harddisk3\DR3\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {6BA637E9-3CD2-4A70-900E-024033FB649F}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x746C6000
09:23:07.0234 0x1718  MBR partitions:
09:23:07.0234 0x1718  \Device\Harddisk4\DR4:
09:23:07.0264 0x1718  MBR partitions:
09:23:07.0264 0x1718  \Device\Harddisk4\DR4\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
09:23:07.0264 0x1718  \Device\Harddisk5\DR5:
09:23:07.0265 0x1718  MBR partitions:
09:23:07.0265 0x1718  \Device\Harddisk5\DR5\Partition1: MBR, Type 0x7, StartLBA 0x1770800, BlocksNum 0xB869800
09:23:07.0265 0x1718  \Device\Harddisk5\DR5\Partition2: MBR, Type 0x7, StartLBA 0xCFDA000, BlocksNum 0x5A3F000
09:23:07.0265 0x1718  \Device\Harddisk6\DR6:
09:23:07.0265 0x1718  MBR partitions:
09:23:07.0265 0x1718  \Device\Harddisk6\DR6\Partition1: MBR, Type 0x7, StartLBA 0x100, BlocksNum 0x2BAA1200
09:23:07.0265 0x1718  ============================================================
09:23:07.0269 0x1718  C: <-> \Device\Harddisk0\DR0\Partition1
09:23:07.0345 0x1718  D: <-> \Device\Harddisk1\DR1\Partition2
09:23:07.0360 0x1718  E: <-> \Device\Harddisk3\DR3\Partition2
09:23:07.0440 0x1718  G: <-> \Device\Harddisk5\DR5\Partition1
09:23:07.0517 0x1718  H: <-> \Device\Harddisk5\DR5\Partition2
09:23:07.0544 0x1718  I: <-> \Device\Harddisk1\DR1\Partition1
09:23:07.0580 0x1718  K: <-> \Device\Harddisk6\DR6\Partition1
09:23:07.0582 0x1718  M: <-> \Device\Harddisk2\DR2\Partition2
09:23:07.0590 0x1718  F: <-> \Device\Harddisk4\DR4\Partition1
09:23:07.0590 0x1718  ============================================================
09:23:07.0590 0x1718  Initialize success
09:23:07.0590 0x1718  ============================================================
09:23:13.0895 0x01b8  ============================================================
09:23:13.0895 0x01b8  Scan started
09:23:13.0895 0x01b8  Mode: Manual; 
09:23:13.0895 0x01b8  ============================================================
09:23:13.0895 0x01b8  KSN ping started
09:23:14.0019 0x01b8  KSN ping finished: true
09:23:15.0364 0x01b8  ================ Scan system memory ========================
09:23:15.0364 0x01b8  System memory - ok
09:23:15.0364 0x01b8  ================ Scan services =============================
09:23:15.0375 0x01b8  [ 970C70F6B2953ED43822D3797855D84C, CB22723678B514277BC6E6DDDD206F3B2377CD889C9D473A47A7056BE597BC6B ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
09:23:15.0377 0x01b8  !SASCORE - ok
09:23:15.0420 0x01b8  [ DF1C3D7E6C7929AD83BE22852B5B08CB, 9ECF6211CCD30273A23247E87C31B3A2ACDA623133CEF6E9B3243463C0609C5F ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
09:23:15.0423 0x01b8  1394ohci - ok
09:23:15.0428 0x01b8  [ 2C5B3035B86770ADD2FE9BFBAF5B35A4, 19E16F9144FE3E33B5FF248CF0040AB079ACAE22290B1369CC72AE4CB5FE3A90 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
09:23:15.0429 0x01b8  3ware - ok
09:23:15.0436 0x01b8  [ C515FAFDE87046D2EF465CDA999DB38F, B5AE0FBFF8EEE3C6E6086CCE6F8A2FA5CDD24C38A57D4DA2AB267EB32581DB87 ] a2djusb_x64     C:\WINDOWS\system32\Drivers\a2djusb_x64.sys
09:23:15.0440 0x01b8  a2djusb_x64 - ok
09:23:15.0451 0x01b8  [ 469441BAE3FF8A16826FC62C51EF5E18, E1204677B87F47222D05F670F8DF3DB65EA0881782A8DCFBE0103478ED71187C ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
09:23:15.0458 0x01b8  ACPI - ok
09:23:15.0463 0x01b8  [ 7EADED8087C392876521F7EBCE846EF4, 99BF1BD948F97C1ECBC049C7F949B71D73D0B41FB505B2F75B208E655F7DC8A3 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
09:23:15.0464 0x01b8  acpiex - ok
09:23:15.0467 0x01b8  [ C498887123327CDFD73A05E7A2780920, B45392C46254FCB8D79B6C3A82C8D894063199E6167D8E5F7EA7D60C75CD16EA ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
09:23:15.0468 0x01b8  acpipagr - ok
09:23:15.0470 0x01b8  [ C8DBE6EFFCF014CAA010B9BDDAC833EC, 96FC29340C62A6B0910DCCBF8945F32089FC300F45B451A540B8854D53734298 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
09:23:15.0471 0x01b8  AcpiPmi - ok
09:23:15.0473 0x01b8  [ 17039DBEB3B7B9ADCDB4B4533AA9771F, A4D38B144639A20B8B31E4F35FB776A028DB502FAC849FC73EECEB3CCD91830B ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
09:23:15.0474 0x01b8  acpitime - ok
09:23:15.0477 0x01b8  [ 2F0683FD2DF1D92E891CACA14B45A8C1, B4A8D6A183FA0B7D642FAD6B51C19FEC998481E1C49480D2B391E5D8B55F5BBD ] adfs            C:\WINDOWS\system32\drivers\adfs.sys
09:23:15.0480 0x01b8  adfs - ok
09:23:15.0489 0x01b8  [ C92B0A0957ACAD3CEEF502A2CA10ACB8, 78BF46318B69D9479ECDC83446DD8D454AA2A9A9D94B33C5FC68933DB18AFA3B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:23:15.0490 0x01b8  AdobeARMservice - ok
09:23:15.0511 0x01b8  [ F7D0CD345D2DA42E7042ABCD73662403, 03183F90A994D69066F15C3DFC1D7D7514AEAF46A5AAC059B1FB327F8C30A35C ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
09:23:15.0524 0x01b8  ADP80XX - ok
09:23:15.0537 0x01b8  [ 70148EFA9A562E7185B75BBE7D376BF7, 8200E3349A1AFA1040B3D956A17BAF3CDC784A1A3CA396125E7872B36C03D84A ] AFD             C:\WINDOWS\system32\drivers\afd.sys
09:23:15.0544 0x01b8  AFD - ok
09:23:15.0548 0x01b8  [ 870F1A2C936F92B5D053DF7EC75B352F, D617524FD5886D6D3BC2EFBBB5EA310E906454CD7CA7257C3D7BDEA8C4F2DA71 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
09:23:15.0549 0x01b8  agp440 - ok
09:23:15.0555 0x01b8  [ 655491B1173E0F6322F6972A596B93F7, 9AF06B8B9881D535C47582F456A1BF448397B3A28CA33D3E14B4F0E077C7FE53 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
09:23:15.0558 0x01b8  ahcache - ok
09:23:15.0561 0x01b8  [ 19707ECBCEA71080A85DB2336580DB39, A09AE69C9DE2F3765417F212453B6927C317A94801AE68FBA6A8E8A7CB16CED7 ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
09:23:15.0561 0x01b8  AJRouter - ok
09:23:15.0565 0x01b8  [ AA91A5E156D0364ABA7B01658C2EB014, F61055D581745023939C741CAB3370074D1416BB5A0BE0BD47642D5A75669E12 ] ALG             C:\WINDOWS\System32\alg.exe
09:23:15.0567 0x01b8  ALG - ok
09:23:15.0577 0x01b8  ALSysIO - ok
09:23:15.0581 0x01b8  [ B70F0F2F54B4A4DB6E9C830454752F5A, C882DEAC30812E5FA4479A8CB688603C6AF269EF08236688F4C5E7EBED1D4572 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
09:23:15.0583 0x01b8  AmdK8 - ok
09:23:15.0587 0x01b8  [ 35E890482C9728DD5C552B85DA8A5AB2, 1E0EB7D902AB4C38E23CAFC0BEA250E7F6E180E8814385B4F29730BFC373A191 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
09:23:15.0589 0x01b8  AmdPPM - ok
09:23:15.0592 0x01b8  [ 5B30BCFE6E02E45D3EE268FF001BC5E0, 9901DB728885CE36911F79998629B2DD42D56AF9633B5277834F498CC59B0346 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
09:23:15.0593 0x01b8  amdsata - ok
09:23:15.0600 0x01b8  [ F20B30F35A5C7888441B4DCA001ECF8E, 695A5BC1F18B65992EB06A202AD3CBFA17228E76DDFD1AE6977FD315724F75C2 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
09:23:15.0603 0x01b8  amdsbs - ok
09:23:15.0606 0x01b8  [ AFE838D7576C581D6483529621AB10CC, 14476A04CC64E7A0F1BBFDACCBD7A87F384BE1877C27656DBB973AF3975D4AE2 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
09:23:15.0606 0x01b8  amdxata - ok
09:23:15.0610 0x01b8  [ ADFFD587A8CBDCEB0566521ACEF707DB, 17CF539B17FAAF4CC4306B6D2BBD36D80C93FB49A614293D7351A92445C6C1D0 ] AppHostSvc      C:\WINDOWS\system32\inetsrv\apphostsvc.dll
09:23:15.0611 0x01b8  AppHostSvc - ok
09:23:15.0616 0x01b8  [ EDDB0D726DBECDFC1DBCC6DB464E5A13, 98D128D1E6FA270ED9ADBFE50078F68A794C00D4CBB86E28EC6161FFAD0CA8FF ] AppID           C:\WINDOWS\system32\drivers\appid.sys
09:23:15.0618 0x01b8  AppID - ok
09:23:15.0621 0x01b8  [ 86C97B5E6B5ACCF3C984D4B3EDBB3D0A, 29FCC4125489C43D838CE1F9736F0443D6CFEF74562D8CB39E88773B8B219745 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
09:23:15.0622 0x01b8  AppIDSvc - ok
09:23:15.0626 0x01b8  [ 56E219DF92BE16F62308F884739BE022, FE189EE8A52BC5A0E6B76C632021F84F60307A182F2A67C0C0C7CAA72DEFC723 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
09:23:15.0627 0x01b8  Appinfo - ok
09:23:15.0632 0x01b8  [ 7D811EA7A2AAA49B0446D42CBC1CD338, AFECE5E44E48F756C7EB81D95C9237552AF8A9C02CBE756E0F3D3C6524DE49AD ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:23:15.0634 0x01b8  Apple Mobile Device Service - ok
09:23:15.0639 0x01b8  [ B4AE5296C9597F45E1CFE0B1DBE7739E, C9DCA8EF32720D68119CC23DF4BCD783FFB5F999D14EDCC7937D17C590323B4B ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
09:23:15.0642 0x01b8  AppMgmt - ok
09:23:15.0652 0x01b8  [ BA8F02FBDACAB89E7F2210703193794C, CF46C024066AC139572F718E9B0063F1405C809B0CB779C8983C2D5EED685521 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
09:23:15.0658 0x01b8  AppReadiness - ok
09:23:15.0694 0x01b8  [ 2AFB974A3F25F9D67B82C77242C8DD27, 428AB8373DEB29AD1739D2C583E1477D70AD23FE91EFCBEF0B5CFDCC4C7B7DD3 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
09:23:15.0719 0x01b8  AppXSvc - ok
09:23:15.0724 0x01b8  [ E3FE8F610B1CC12BC3B2E6BC43DC97E2, 0E18542CF2095A9ADA1759AB8F986E78B0A50A3C6B2AD4EACD80A23D832A2C6D ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
09:23:15.0726 0x01b8  arcsas - ok
09:23:15.0741 0x01b8  [ E536856E96A7605EBF580D62A868E5FE, 70D0F6ECB05E923C1B274605CB3320091D35D7622003FF7E4806645519C70F01 ] ASGT            C:\Windows\SysWOW64\ASGT.exe
09:23:15.0742 0x01b8  ASGT - ok
09:23:15.0753 0x01b8  [ 00B0FDD484914F388B5441285FDE24CB, 90AA8A12BB235BFC3A924F0E23BCEE8742817E3BC5A85E49D8AF8B52E8158ECB ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:23:15.0754 0x01b8  aspnet_state - ok
09:23:15.0758 0x01b8  [ 9B480B472D6826E7257C90E2D0EE2954, C52C198602D180011A9345AE6F108EC4B1FD91234AF2E6296B2E39C1888B0D4D ] aswHwid         C:\WINDOWS\system32\drivers\aswHwid.sys
09:23:15.0759 0x01b8  aswHwid - ok
09:23:15.0763 0x01b8  [ 1BB00571CC2C78463ABD7E9C32970758, BF523468754CB1628D66F28B06FAF7C545C5724801B04888517A2FB4BF9582BF ] aswMonFlt       C:\WINDOWS\system32\drivers\aswMonFlt.sys
09:23:15.0764 0x01b8  aswMonFlt - ok
09:23:15.0769 0x01b8  [ 7010B57D708DA5C9686A5923EE621776, 5A554B8941C156EC341C602F34679A7475802B19EE6A99AA29AE2628A123ECB1 ] aswRdr          C:\WINDOWS\system32\drivers\aswRdr2.sys
09:23:15.0770 0x01b8  aswRdr - ok
09:23:15.0773 0x01b8  [ 937885085BFE5BD08EC1BC0245DD203B, 6DDD89245EEA3B8106C5F2EB6FA8CF525F3B42AA7032276DE78953E06FE7F4B4 ] aswRvrt         C:\WINDOWS\system32\drivers\aswRvrt.sys
09:23:15.0774 0x01b8  aswRvrt - ok
09:23:15.0791 0x01b8  [ 0B6352251C5D84130DF4252D33D266C2, C6A2E0074A7FCFB5799949431F5660B9AF6441001EA9B609F7B3900F4007EBD0 ] aswSnx          C:\WINDOWS\system32\drivers\aswSnx.sys
09:23:15.0803 0x01b8  aswSnx - ok
09:23:15.0814 0x01b8  [ 28213B34725B18387CC1B8C3D73858A1, D86113D89C62F090B393B68B522581248AEF3568F8FD0FF86B3625F2E6DD4DB8 ] aswSP           C:\WINDOWS\system32\drivers\aswSP.sys
09:23:15.0820 0x01b8  aswSP - ok
09:23:15.0827 0x01b8  [ 9C58B6E9663D0A76D00D83E43C765BDF, 3F474932E77318CD450A3A9C89667D2B26A7E3FAB9AA95D97FF3B1979623A7F2 ] aswStm          C:\WINDOWS\system32\drivers\aswStm.sys
09:23:15.0829 0x01b8  aswStm - ok
09:23:15.0836 0x01b8  [ D60D9201739400F0FBDB9E36A3212D91, 01A17516AB7F4D2C72E2DC51F7B49D1C4F50F564992F78A71E73821D7F8220E7 ] aswVmm          C:\WINDOWS\system32\drivers\aswVmm.sys
09:23:15.0840 0x01b8  aswVmm - ok
09:23:15.0843 0x01b8  [ 5E00748A1AD246CAECBBB7553BED36CC, DAD2C93F0894E7BB5E5D8D767D8286A909086B49172C504A01097C3A180998C6 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
09:23:15.0844 0x01b8  AsyncMac - ok
09:23:15.0846 0x01b8  [ 492B99D2E3D5D7BFD5F0AE1BE7BD37DD, A3F6BFC4FDC1933FBF3145019B118689A414108B04F43E2563946B2673C89324 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
09:23:15.0847 0x01b8  atapi - ok
09:23:15.0854 0x01b8  [ 42BF7FA295F453618104B5A50BEE105B, AB44BA2AD2FC5AF3B6BE4489C444C03FD1AB02C22109BF5F39BE459294C4CB18 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
09:23:15.0858 0x01b8  AudioEndpointBuilder - ok
09:23:15.0877 0x01b8  [ E172ACC75A73EDB416E641B9958DE6AA, A7920D48F010FF467540237AAFDEFA5A50A77DE1BAAA9731E83E50B5D0D2D29D ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
09:23:15.0890 0x01b8  Audiosrv - ok
09:23:15.0900 0x01b8  [ F4E0580B5789474385E7ACB189C4AF2C, DB5BE2C852AC102AB8EB186362E582E250B843BA52B3B71AF08A5FDA8A6F91AF ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
09:23:15.0903 0x01b8  avast! Antivirus - ok
09:23:15.0907 0x01b8  [ 7062CE507814D5306DCA5D6A15B7B6B6, 9D60506003A66C2E516B1FCB70CC5B26FB3A9948B95D97C828DD0328E76F2C91 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
09:23:15.0909 0x01b8  AxInstSV - ok
09:23:15.0920 0x01b8  [ 6447BA6FA709514B6C803D159B4C7D1E, 549DDCEAD93DF333F6BBD56A9258A867E4DA219741C00D48C68F8F230A87B11A ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
09:23:15.0926 0x01b8  b06bdrv - ok
09:23:15.0930 0x01b8  [ B4AC08B1D04D0CE085435E5CD0E663C5, 61E641388E5692B2EB351E44BA1DB86B5305DD105EE56865D59072CA9407C8AC ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
09:23:15.0931 0x01b8  BasicDisplay - ok
09:23:15.0934 0x01b8  [ 25B5BB369DEE2BAE4BF459C978FF9035, DBC2157B2AC0BC92B4011CE5E01F2DCDAAE71E37D9D21102503C6455FAAC4DCA ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
09:23:15.0935 0x01b8  BasicRender - ok
09:23:15.0938 0x01b8  [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn           C:\WINDOWS\System32\drivers\bcmfn.sys
09:23:15.0939 0x01b8  bcmfn - ok
09:23:15.0941 0x01b8  [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
09:23:15.0941 0x01b8  bcmfn2 - ok
09:23:15.0950 0x01b8  [ F374C27099807E99A156953F8416D34A, D267B8CD837290F9FC6B4FFD2DB8F54867D808FB155698FC7713BCAB3AE475B5 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
09:23:15.0954 0x01b8  BDESVC - ok
09:23:15.0957 0x01b8  [ 5A88834AEE15D97695FAE0837B73B3E4, 03035FB51DE218B8EDB15129A0376DDED0C7E7B6DA58DD95B12E4E5C8D852ED8 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
09:23:15.0957 0x01b8  Beep - ok
09:23:15.0972 0x01b8  [ 37F5E2385CB4D10AB42186974B9C241A, D38FA2B8CE19AC32056060F04B04D031F1621C07528DEDCCD5A8C01AB0A35995 ] BFE             C:\WINDOWS\System32\bfe.dll
09:23:15.0982 0x01b8  BFE - ok
09:23:16.0002 0x01b8  [ B79DB21084178D67B323005C0449F89A, EB5B1C3BC480905386057A1A7568DA2F791F0C8DB063D79D836894C789F05FF4 ] BITS            C:\WINDOWS\System32\qmgr.dll
09:23:16.0017 0x01b8  BITS - ok
09:23:16.0028 0x01b8  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:23:16.0034 0x01b8  Bonjour Service - ok
09:23:16.0038 0x01b8  [ 00B634714E8B9F6AF9A7A6BCACA87305, DE9714A8E782D7EE8167FC69021E0880D82E3D17E568B23805D317587AAAF07B ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
09:23:16.0040 0x01b8  bowser - ok
09:23:16.0052 0x01b8  [ C59B5FC1E0575C5910C4585A2503FFFA, F336325D1519C9B5B2526EF8A88411C7678CC69AAAE95E129D21C7B06E11F777 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
09:23:16.0059 0x01b8  BrokerInfrastructure - ok
09:23:16.0064 0x01b8  [ A617BE5E429A035A1CA8217C1B16F0BB, 197EE6C6EB22FF8A626540886F5A2163CC4CB177504C5423856F54BF01EB0FF1 ] Browser         C:\WINDOWS\System32\browser.dll
09:23:16.0067 0x01b8  Browser - ok
09:23:16.0070 0x01b8  [ CAE0272391FE4DBEC2901237FB412EFD, BC0D76C288CB28B1A9C43FFE56410890AE4DECD08E2F4CC11DEEBC096CD6CDD9 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
09:23:16.0070 0x01b8  BthAvrcpTg - ok
09:23:16.0074 0x01b8  [ 5F2B4B32E986C058525D3BA2A475A16C, CEC5BB0B025DD9525CFBBEDF6EB6F63336534798495A4F95763CE112DF915088 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
09:23:16.0075 0x01b8  BthHFEnum - ok
09:23:16.0078 0x01b8  [ 5406289E8AE2CB52FC408154E0A64BA7, 0A3795F2E6E2B51198452CF69A99159D8E11650E95F41DF0B575CB72F9C6C6B5 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
09:23:16.0079 0x01b8  bthhfhid - ok
09:23:16.0087 0x01b8  [ BAB101E7826BE287F79C4BA721621989, E6DD25C89267FE87253B8226292F2894F5E702075D3B23B09339D3B28744C060 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
09:23:16.0091 0x01b8  BthHFSrv - ok
09:23:16.0095 0x01b8  [ A76F20CCCA31895A1DA78A875E50F946, ECD4B3670DA5984AA24F4354457B4E45983938A89FF6DB03B556A633B4B37E3C ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
09:23:16.0096 0x01b8  BTHMODEM - ok
09:23:16.0100 0x01b8  [ CEEC73833A4C6B31E2F376A3FD4DA73E, F09FC6EAB8D9769DBAD0931CC7C7F5DFE1562D3EE09CE0EF086AA73D4B62E076 ] bthserv         C:\WINDOWS\system32\bthserv.dll
09:23:16.0102 0x01b8  bthserv - ok
09:23:16.0105 0x01b8  [ BF89BDBA5D3A0B4256D3F6FC8D31880D, 940F3BF55B88261C9E9A951A092331559FC5B24FE3BA0F1E1AB3450D2CA364C1 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
09:23:16.0106 0x01b8  buttonconverter - ok
09:23:16.0110 0x01b8  [ C24C27FDF93B85A4EFCF25F830253AA2, 35C87518BB59663B57C2361A13AD4E57E37392598F1EB9F07F86CA5A6321AF5A ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
09:23:16.0111 0x01b8  CapImg - ok
09:23:16.0115 0x01b8  [ 7F9C7226D743B232907ED2537B8A574F, 2211AFC30E8F8FA03020DB48EE14914CD31E50BB6A63FF20AC7C6FA481E72C18 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
09:23:16.0116 0x01b8  cdfs - ok
09:23:16.0123 0x01b8  [ 88E3BA684A7B1247762E1D401076D4C2, 88375BD1970848A71B9CF8C7C73ECA2E4A65E57D80D0C36F41547D381441A552 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
09:23:16.0126 0x01b8  CDPSvc - ok
09:23:16.0132 0x01b8  [ 82D97776BF982AA143BDC7DFB5054EA8, 954F56728371E6B3514586DCEAF15C4727BAED6CAFBF788654C4E03BD702942C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
09:23:16.0134 0x01b8  cdrom - ok
09:23:16.0140 0x01b8  [ 1B41261BF9CD5AFD4722A1DB7D6755C7, FBE088BE6ADC9DEE4DD8F93E8E6391A9A8AE19E393AD851A40E117BAB02682DE ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
09:23:16.0142 0x01b8  CertPropSvc - ok
09:23:16.0146 0x01b8  [ 0505C1D991D0F9D47F3353BB98597C7E, 3B801CCF4980256327A4A9FBD98007DA1E3ACE9C94E5A4C23AB21303B46E8B5A ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
09:23:16.0146 0x01b8  circlass - ok
09:23:16.0154 0x01b8  [ B65F379EA5987BCFEACEB56C02F07425, 63D944528BC39B7FE039862593BF00DDDFE6674B2A3B990FF59DD40FE3D47FD4 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
09:23:16.0159 0x01b8  CLFS - ok
09:23:16.0171 0x01b8  [ A3DF8BC0A3A59125CB675B1CCDCFC9FB, 7DC2C9707713507CE1B7F1901B16D924BF799C357EE93675474C86E62F8DC60A ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
09:23:16.0179 0x01b8  ClipSVC - ok
09:23:16.0186 0x01b8  [ 95832B049E2833B9F5189823CDF946C7, 72773A42A89220B4A6AC72D1633B16F11191A44D876A44FAB5CEFB717CE3223D ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
09:23:16.0187 0x01b8  CmBatt - ok
09:23:16.0199 0x01b8  [ F46A89204F657FA068ED763368526549, D1ABAEE40B760C67F5BA097FEEBABEC2586B817A3B625F6BEA484B340438485E ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
09:23:16.0206 0x01b8  CNG - ok
09:23:16.0209 0x01b8  [ 58D640BC2294C71BDE0953F12D4B432F, 0B3B7659FCB97791A2A1F895C8E6F9078F855C94C13EB47464492588C4B02B85 ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
09:23:16.0210 0x01b8  cnghwassist - ok
09:23:16.0221 0x01b8  [ 14F9883588398A1BDE49C75098C75DE6, D9D82DE89FAFE60BC902683BC44C7555533A030150FD5E5A35A24542FACC5CAD ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys
09:23:16.0222 0x01b8  CompositeBus - ok
09:23:16.0224 0x01b8  COMSysApp - ok
09:23:16.0228 0x01b8  [ 02B8E49148DE5E0A2F6FDF28CE94A6AC, EEA405823F441CA604BEAA44EB71A1D20BC80E124FF7B27380D0201AAF2E0849 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
09:23:16.0229 0x01b8  condrv - ok
09:23:16.0243 0x01b8  [ B2B3EAE325C093F8F9B0A358053DA37C, A99CD901F0A46A2B5D2B921A870F7D9945F1D50CF342CE01F3EB214F21ADED42 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
09:23:16.0253 0x01b8  CoreMessagingRegistrar - ok
09:23:16.0259 0x01b8  [ 3CA734CE373E5675FBC15CA2C45228E5, A6C6E9FABDE5EA18D266DB71C0CC6B51D682116D1898CCB4E9BA730F15C44B32 ] cpudrv64        C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys
09:23:16.0260 0x01b8  cpudrv64 - ok
09:23:16.0263 0x01b8  [ 17719A7F571D4CD08223F0B30F71B8B8, 1F4D4DB4ABE26E765A33AFB2501AC134D14CADEAA74AE8A0FAE420E4ECF58E0C ] cpuz134         C:\Windows\system32\drivers\cpuz134_x64.sys
09:23:16.0264 0x01b8  cpuz134 - ok
09:23:16.0270 0x01b8  [ 29872C7376C42E2A64FA838DAD98AA11, A072197177AAD26C31960694E38E2CAE85AFBAB070929E67E331B99D3A418CF4 ] cpuz140         C:\WINDOWS\TEMP\cpuz140\cpuz140_x64.sys
09:23:16.0270 0x01b8  cpuz140 - ok
09:23:16.0275 0x01b8  [ C8BD651E13895B93ED9EC5B4F1DF42BC, D86D6BF0BA3C09B49B3A52C86A7F3B3856A27F79EDD86A8FFA469D9A5F196E8D ] Creative ALchemy AL6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
09:23:16.0276 0x01b8  Creative ALchemy AL6 Licensing Service - ok
09:23:16.0279 0x01b8  [ C0EAD9F8AB83D41FF07303C75589C2B8, C89CAC39BCD2FA2DCC56D7EE84FF66127BCECCAE400E119FE41BF4C4D769504B ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
09:23:16.0280 0x01b8  Creative Audio Engine Licensing Service - ok
09:23:16.0285 0x01b8  [ 9E79A2208A9ED205A7383CBC92C28053, 2E6599DF30DF19BD7BE6FEF1B21FED7F349A3F2306CC5CFDB767ABA7283E8A55 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
09:23:16.0286 0x01b8  CryptSvc - ok
09:23:16.0297 0x01b8  [ 5D578EAAFB6FD4F59523E5878B541296, 73573124787B79179880AFAF9CB8427237A1605A9F13D7783228DE24D18963C0 ] CSC             C:\WINDOWS\system32\drivers\csc.sys
09:23:16.0303 0x01b8  CSC - ok
09:23:16.0317 0x01b8  [ 5F07CCEE514894C9474AEDCA50B6C2C7, 38F54897C91A2E7D80D00852CEB173B26E822D7C68F35D31228245F811E028A8 ] CscService      C:\WINDOWS\System32\cscsvc.dll
09:23:16.0327 0x01b8  CscService - ok
09:23:16.0335 0x01b8  [ 5CE3D0E1D1B3832EE052CFC442EEE0FA, 6B9DB2C350140ED547C7A96DB0EAD812E8987176B312C79AF52FC9B23EEEB8C4 ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
09:23:16.0339 0x01b8  CTAudSvcService - ok
09:23:16.0343 0x01b8  [ B3F50101E2609CDBF3825018B68C903E, F97CE176FDFC4EF62A17C660B22DAED3AA22FABF0E71B8701ECE3A3ACA24C96B ] Cymon           C:\Windows\system32\drivers\CYMON.SYS
09:23:16.0345 0x01b8  Cymon - ok
09:23:16.0349 0x01b8  [ C9325D1B5FD80DB9C2C6223475DFAD58, 5C544CC860FDDA443C464E94BE301E1F27DB59FA1C2EBB92E3FFB370DA19C863 ] CypherGuard cguard Service 32bit Edition C:\Program Files (x86)\Common Files\CypherTec\cgrdsrv32.exe
09:23:16.0350 0x01b8  CypherGuard cguard Service 32bit Edition - ok
09:23:16.0355 0x01b8  [ 6BBB688C550C552A0F64CBC3C6EBA75E, 161C6515AE7A74E7683732F2658A794F833F8FEBFCDF415BBEED8E5E8CB9102F ] CypherGuard cguard Service 64bit Edition C:\Program Files\Common Files\CypherTec\cgrdsrv64.exe
09:23:16.0357 0x01b8  CypherGuard cguard Service 64bit Edition - ok
09:23:16.0360 0x01b8  [ C73BAB46E838E54AB3E85C2918E73E1C, 3AC2211479B9D6696240DA961AD393B648F9714D5CCA0BA5B0E2980E4590DCAA ] CypherGuard Info Service C:\Program Files\Common Files\CypherTec\cthwsrv64.exe
09:23:16.0362 0x01b8  CypherGuard Info Service - ok
09:23:16.0366 0x01b8  [ 2619DC483579DB9FE804044C1ADFFD1A, 23A5420288735A980917091532BE7BB36EB51660AA4555C615AF736357EB02EC ] dam             C:\WINDOWS\system32\drivers\dam.sys
09:23:16.0367 0x01b8  dam - ok
09:23:16.0370 0x01b8  [ 958EF96991ABCCFDAC0953C4A24081DC, 9BFBB21592FB47B500660F9EF878CFCAE5289421D166B3E147759A1B7D552003 ] DAZContentManagementService C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe
09:23:16.0370 0x01b8  DAZContentManagementService - ok
09:23:16.0389 0x01b8  [ 68E07DF3E6D1DFED440B82D3D33542B1, A80C25C2B884F0A725B8256E985D670FCFBE9C870A0380C22B51BB140820B4A8 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
09:23:16.0401 0x01b8  DcomLaunch - ok
09:23:16.0407 0x01b8  [ 620921E77351FB651632322AD2C195C4, 5A98971995D7A2B5AE6BEA69344FCC6687B582FEF74BDA206D32FB2E6CEB0478 ] DcpSvc          C:\WINDOWS\system32\dcpsvc.dll
09:23:16.0410 0x01b8  DcpSvc - ok
09:23:16.0421 0x01b8  [ AEADFE9C3D3FBB3BE619AB369AE069B6, E7911628446C170375C70538192165F7DD9DF39B9098B4B2404E6521DBD191AE ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
09:23:16.0427 0x01b8  defragsvc - ok
09:23:16.0438 0x01b8  [ 0CADF20D9CBB7EEB26ACA0B5FDF01FB1, 2556861FB94F9942B2CA29A7E33F28883CECED56A2A5973F29A94C5D85219579 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
09:23:16.0443 0x01b8  DeviceAssociationService - ok
09:23:16.0449 0x01b8  [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
09:23:16.0452 0x01b8  DeviceInstall - ok
09:23:16.0455 0x01b8  [ 5BF8BD9B19D665452494C8D56DF4B28D, E5FC649207EF42C04B6737D442FECD3383E82F8998B140319FF400773F1D0978 ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
09:23:16.0457 0x01b8  DevQueryBroker - ok
09:23:16.0461 0x01b8  [ A4FC5B8A300394F7E219B173E2BF3A46, 8D4691E992BBC4A94EC13ED7B79C016C527CDE3AE13F21CB8E4897C863567684 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
09:23:16.0464 0x01b8  Dfsc - ok
09:23:16.0473 0x01b8  [ D461D2BECEFA661291EB1B748A8D2CCB, 7275859FCDE58DE6C0C683AFDAD910EB4602336CC724EEE42495A8839213469D ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
09:23:16.0477 0x01b8  Dhcp - ok
09:23:16.0481 0x01b8  [ 9F5AC03F5A0000DD96FA29CD68A6605B, 6964E077635E65DA902CA6C69E704A9DCD5856D22BA75E1CF823E63E62266AF7 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
09:23:16.0482 0x01b8  diagnosticshub.standardcollector.service - ok
09:23:16.0509 0x01b8  [ 4EB7EE8A830E6602EBDDB03FC5B6F672, 903D8878BC3B79EBB6FB7204D4D7C5B776BF5E755CE4EA15F4088413BECE4D54 ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
09:23:16.0529 0x01b8  DiagTrack - ok
09:23:16.0534 0x01b8  [ 4904B152E4942BF700F2D73228B4D477, 0E5646DCA05A24C71F057C9F9F64AE992D338DA72DF3126175C2FA178854C30F ] disk            C:\WINDOWS\system32\drivers\disk.sys
09:23:16.0535 0x01b8  disk - ok
09:23:16.0542 0x01b8  [ 126FCA1567A012BAEA80FC4F8068A48F, 74907F56CC88AA0DD345E271DBB1F8B6EB1618F798B895CDF441123E582E9A16 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
09:23:16.0548 0x01b8  DmEnrollmentSvc - ok
09:23:16.0552 0x01b8  [ 0197AE4B9790A4E73751CACFAA480126, 86BBB398F1A93754B2C329271F13A88FD2F285F30225C38F068F565CCA14EB9F ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
09:23:16.0552 0x01b8  dmvsc - ok
09:23:16.0555 0x01b8  [ 5EF8EC71A7A91F3DF7798BEFE6786B0E, A3A56B43C72926881C66B7A17C9EAA35C2D9603C8D3849438838536BCD3F4633 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
09:23:16.0557 0x01b8  dmwappushservice - ok
09:23:16.0564 0x01b8  [ 5839A317C25F70979433E0905DFABB1B, 7F1CD50C77A33A10259D8A208A355BE7ECAFEA69F810AD908EF8878A792741AF ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
09:23:16.0568 0x01b8  Dnscache - ok
09:23:16.0576 0x01b8  [ 1B15297A3A2CAB6BD586676154F389D8, 623D5F5FC8622B7D9AEEEB1787E6846C1570F0EEF94341239440B616D09D672A ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
09:23:16.0580 0x01b8  dot3svc - ok
09:23:16.0585 0x01b8  [ 316C2D8B8E3C0727969F1C3790EF7193, 631F8578FDB26578C8436E4B9C4DF21E1F58FCFE6DA66E5769AAC3739005D465 ] DPS             C:\WINDOWS\system32\dps.dll
09:23:16.0588 0x01b8  DPS - ok
09:23:16.0591 0x01b8  [ 25FA06D3B49D6ADF8E874FFCDCD76B50, 9AF09B96ED79D94EA36581ABE6CC73313A72891779774B15860D018BEA2BBA0F ] drmkaud         C:\WINDOWS\System32\drivers\drmkaud.sys
09:23:16.0591 0x01b8  drmkaud - ok
09:23:16.0607 0x01b8  [ FE71C99A5830F94D77A8792741D6E6C7, 4DB1E0FDC9E6CEFEB1D588668EA6161A977C372D841E7B87098CF90AA679ABFB ] DrvAgent64      C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
09:23:16.0608 0x01b8  DrvAgent64 - ok
09:23:16.0614 0x01b8  [ 16EE6701115BECF8C657D9D6E123F6A1, 16E115B5245C3C988F8B58B90D30F183021C7C7792D3D1C74BEC606E49672B2A ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
09:23:16.0617 0x01b8  DsmSvc - ok
09:23:16.0622 0x01b8  [ FBC8C56814642A7CA88ACBCA8DD1121F, 108690704A359991C3D6577477E232F5F2F46B36DF6B4B0738A893EF05D7D4EB ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
09:23:16.0624 0x01b8  DsSvc - ok
09:23:16.0656 0x01b8  [ B599B817F00A9EC43FFD624AC484A3F9, 664195A23C4BB0C7203AFF8ADFB7CB048BD0B4CBD340A84A26A900BAE9656D4A ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
09:23:16.0679 0x01b8  DXGKrnl - ok
09:23:16.0682 0x01b8  [ AB173501AB6BE92B1C2558CB2A60EB9F, 6C4C46B816E79F27E7007655FF2E9B113C308C1A6979F58885291631E2F23F59 ] DynDNS Updater  C:\Program Files (x86)\DynDNS Updater\DynUpSvc.exe
09:23:16.0688 0x01b8  DynDNS Updater - ok
09:23:16.0697 0x01b8  [ E716140ACA798A5EC48531F0739A0290, C585F1D9B08A406FE0ED35E07C2F20E793E67F8E153314A449701125C8EA7A4B ] e1iexpress      C:\WINDOWS\System32\drivers\e1i63x64.sys
09:23:16.0703 0x01b8  e1iexpress - ok
09:23:16.0708 0x01b8  [ 1FBC5FF75CE1B6DCC61DA0352E7C91AA, 4705B8DB74E73945066363F72B20B0942F1AB7EB56AA523817F5F9D477D84D99 ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
09:23:16.0710 0x01b8  Eaphost - ok
09:23:16.0762 0x01b8  [ 491275B864B704B54EC08168344E0F38, B4849400C3F819CF7809A2001EA2ECB527022483F7DFE31C3930F951EAFE50CE ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
09:23:16.0801 0x01b8  ebdrv - ok
09:23:16.0806 0x01b8  [ 28F844500ADA77447835BC586F15AAAE, A0368E0928E7AB459F7DF3E9C0ECAFDD33F5DAC6A7122689FA6CF4B55AFB4D15 ] EFS             C:\WINDOWS\System32\lsass.exe
09:23:16.0809 0x01b8  EFS - ok
09:23:16.0812 0x01b8  [ CEF108FCE06892CFA5F1B49527D4BF49, FA337584024B6E6EE4AF519F57FFA4C0FCA19EDC148FF309336C4CCA8F9C9CE8 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
09:23:16.0814 0x01b8  EhStorClass - ok
09:23:16.0818 0x01b8  [ 5B1EAAE3001A7A320C106FC3859F4111, 700BA2C7D4DFAFFEB78D3804B310A4EE5B4295C84600442665693FF661673951 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
09:23:16.0819 0x01b8  EhStorTcgDrv - ok
09:23:16.0823 0x01b8  [ E34DEFC09F2843C2C24C2248F1ABE6D8, 1FD67EB5820A1D2F4402DE9D95DE288DB69D421A8473074FF23491D7CA8B5ACE ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
09:23:16.0826 0x01b8  embeddedmode - ok
09:23:16.0832 0x01b8  [ B8B197787331426271457525DA7FC04D, 27EE1DA1211B506E06077656FDE55A140041CF91095EFF95F7A10120E60004D2 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
09:23:16.0837 0x01b8  EntAppSvc - ok
09:23:16.0840 0x01b8  [ 12C061D9F9621BE916D58191872EC281, 5285C5AF9ECDAF9CBB7A5D0FC97D882EC06778CF5688E86890A617E2670C413B ] ENTECH64        C:\Windows\system32\DRIVERS\ENTECH64.sys
09:23:16.0841 0x01b8  ENTECH64 - ok
09:23:16.0843 0x01b8  [ 7A2705148A4BB3CA255F81624338B461, 68AC8F8D2DD8AA4E8F2224A0054DE2AF67EA199217E87CD3C7299B021048F14F ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
09:23:16.0843 0x01b8  ErrDev - ok
09:23:16.0847 0x01b8  [ 84486624268E078255BC7AA47F0960BC, EC2540698B974572F0AC4A93D57C63295BAF66BF50F7416B9DFF5DE790EBDBE7 ] etdrv           C:\Windows\etdrv.sys
09:23:16.0847 0x01b8  etdrv - ok
09:23:16.0858 0x01b8  [ 17BE4A35829B37C742084DC02D48E5F0, 7FDA62B56DF585C3F2C6FFB10AC7C0D8F70FA921C4DEA47B2789745CFE2618CE ] EventSystem     C:\WINDOWS\system32\es.dll
09:23:16.0864 0x01b8  EventSystem - ok
09:23:16.0872 0x01b8  [ DFE8A33FBCF6F38182631A4D6097B92D, F9D06780830E74FD5309E6DC5C3EEDB9334A8AE284F381FA91EF2729297F8632 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
09:23:16.0876 0x01b8  exfat - ok
09:23:16.0884 0x01b8  [ C330883C06E2D4CE4F6982F048265D37, 26044DE176056B7F5BF2A50A659243CFD7F25CFEE035B3A3C3165B3699872926 ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
09:23:16.0888 0x01b8  fastfat - ok
09:23:16.0901 0x01b8  [ 952F10D2116B91BA433842D07879AE7A, 9E1EC0C719877EF198AA4DDBE896E9DDEAD360AAC1FC6DF305E7C5C73C7A761D ] Fax             C:\WINDOWS\system32\fxssvc.exe
09:23:16.0909 0x01b8  Fax - ok
09:23:16.0913 0x01b8  [ 9D299AE86D671488926126A84DF77BFD, C076EEDD0524B7D88BC56C97089E0A836CC1AD725E1A544CC4F8DDBB6670C366 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
09:23:16.0913 0x01b8  fdc - ok
09:23:16.0916 0x01b8  [ 47D09B8C312658ACE433E46DDF51C3A5, E76948DA0F51C7DC6D69B7E36D63CE6E98FDE619FA30E91637F75B5084107D22 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
09:23:16.0918 0x01b8  fdPHost - ok
09:23:16.0921 0x01b8  [ 177AC945B20C81400A1525ED7B49A425, FD215A2E718EA38A95D985F53AB3DD44B50C2549AA67F44BA98C4709E492051F ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
09:23:16.0922 0x01b8  FDResPub - ok
09:23:16.0926 0x01b8  [ 7B4F6B1006E43FCC768D348AA0E81B67, E63C407158CE9DBCE1264602879A702F83F6D28B59FB60E7A7064354936149CF ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
09:23:16.0928 0x01b8  fhsvc - ok
09:23:16.0932 0x01b8  [ 8F2523C9D8F1448FF2156452AF60FA00, 1D39CA54F5F1E62385D9EC041F9445BDDCB63740859B9418AE904FDF3D8388ED ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
09:23:16.0933 0x01b8  FileCrypt - ok
09:23:16.0937 0x01b8  [ 92ECCFA58C8195B8EA33ED942469D4E6, 8DB12E8CF80ECA22182F9A1F4CA922336A430297F1F596F204ECF4D9D19F30D9 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
09:23:16.0938 0x01b8  FileInfo - ok
09:23:16.0941 0x01b8  [ 87C51FDD50C17882BA93E28BBABB9847, 8987D80FB77D1D3F9E89B491B1287B027DA26FFC4E4BA7B01E07D4D4FC69E236 ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
09:23:16.0942 0x01b8  Filetrace - ok
09:23:16.0954 0x01b8  [ 1F63900E2EB00101B9ACA2B7A870704E, 5AFE1FC852937FECE6B33147BD0110436FE97F33BFDA3F69B1F5EDAD6FFC09C6 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
09:23:16.0962 0x01b8  FLEXnet Licensing Service - ok
09:23:16.0966 0x01b8  [ E99261DD76D1C9E05AF575939CAE5AC5, A789724FD2E22AFB2F921836F5C19A21D17F4BBD604771E2908C2651BD31989C ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
09:23:16.0966 0x01b8  flpydisk - ok
09:23:16.0975 0x01b8  [ 25D7A58625E1453E40D36825DE74E4F1, 74119803D35E3C3CC349B44C6CD9EDF6B797F88584B847F0BF9EED542719B86B ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
09:23:16.0980 0x01b8  FltMgr - ok
09:23:17.0007 0x01b8  [ FFF49D397DC82F804BD36A13B974A174, 5D29152A0A4A74036C13A52905335AFAD7E7F46B8EBB350415793D9B10164634 ] FontCache       C:\WINDOWS\system32\FntCache.dll
09:23:17.0027 0x01b8  FontCache - ok
09:23:17.0034 0x01b8  [ E79DAC43A5E191FC4DDB04197A704BFA, 2FA6C8B5B2DFE66C05828E3F55DFD6268A8210E9BD083F2D09367AD59AF1C6C1 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:23:17.0035 0x01b8  FontCache3.0.0.0 - ok
09:23:17.0038 0x01b8  [ B4175E8BE60B099686FF55CA7D692316, 3158FC5B4D1A2F1FC1346754392AE24AE58999B9061B1CE78A65E785BFFADD52 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
09:23:17.0039 0x01b8  FsDepends - ok
09:23:17.0042 0x01b8  [ CC71372CEB811A72F1DC99089C5CBF53, BB9DDE74D60E534A6F8A51B63DDBB441245F06A00A0AFD37DBBE86255690946D ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:23:17.0043 0x01b8  Fs_Rec - ok
09:23:17.0050 0x01b8  [ 7F1CA4D562EB7BBFEBAFE740F2618365, 4545D3CE95275D90A5D0B2CDFEF0052B1A59A9E229A1275A348C485ADD19D5A8 ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe
09:23:17.0054 0x01b8  Futuremark SystemInfo Service - ok
09:23:17.0067 0x01b8  [ 50DFE05C698E9B0A63D95E3D669A105C, 3A7D5AE4A01B90C2ECF22AD2783A84C2329EAB9BACFA5237A7DCC3DC5995A864 ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
09:23:17.0075 0x01b8  fvevol - ok
09:23:17.0079 0x01b8  [ B9981A4CB9F728B3312A3885BFAA7204, 12FB2EB2E5D2A912769823DD9C1B33DB358CD0B7FBFC788529EF83DD584334F8 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
09:23:17.0080 0x01b8  gagp30kx - ok
09:23:17.0083 0x01b8  [ 7907E14F9BCF3A4689C9A74A1A873CB6, 17927B93B2D6AB4271C158F039CAE2D60591D6A14458F5A5690AEC86F5D54229 ] gdrv            C:\Windows\gdrv.sys
09:23:17.0083 0x01b8  gdrv - ok
09:23:17.0086 0x01b8  [ A122514EF65B06521EFF6ED97EA0EE3E, F77DB8C0E92A7A667436F4B693C393AF1858A37FEE44829B49220946A850A268 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
09:23:17.0087 0x01b8  GEARAspiWDM - ok
09:23:17.0089 0x01b8  [ 77555B11B264991DDC26872FFCF1AB97, D5F230EEF74EB869F771F8A4AB19C1E6C845BB0EF4A1234882EBDA4FDC431E44 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
09:23:17.0090 0x01b8  gencounter - ok
09:23:17.0093 0x01b8  [ 3DEAA29F7DE0B6436E75277A6FE3E95F, 84A34FC404C427432D7B61F5DA425BE68114C06F3DBD98CD7B5BD0C4941DC442 ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
09:23:17.0093 0x01b8  genericusbfn - ok
09:23:17.0097 0x01b8  [ 604937407A431016577DDDB4E1DD2A85, C4A8837BFA0C230E2DEAA55F9DDE9319CB3BBE16ADF505EC91760E4BA1710B8B ] GEST Service    C:\Program Files (x86)\GIGABYTE\EnergySaver\GSvr.exe
09:23:17.0098 0x01b8  GEST Service - ok
09:23:17.0103 0x01b8  [ F802FBABF0C4DF1BAA733187B2E476F5, E2533284CEBBB872196B013DD1FBBCA794DB1CAAA37D64849BD9264ECDD2CEE6 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
09:23:17.0105 0x01b8  GPIOClx0101 - ok
09:23:17.0128 0x01b8  [ B89C353AFC8F56D961D07FF1FE7B4BCD, C4491A1E33E0151AF3D7589769D4DCFABC68518A22393A7584FB573B47643B2F ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
09:23:17.0144 0x01b8  gpsvc - ok
09:23:17.0148 0x01b8  [ D011B0ADB15F4815310CE1BF4780B33E, 3860630917F83A89FE7A6407CC544505FA4BD754619CF273DD630ABFBAAE42EE ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
09:23:17.0148 0x01b8  GpuEnergyDrv - ok
09:23:17.0153 0x01b8  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:23:17.0155 0x01b8  gupdate - ok
09:23:17.0159 0x01b8  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:23:17.0161 0x01b8  gupdatem - ok
09:23:17.0163 0x01b8  [ 8126331FBD4ED29EB3B356F9C905064D, A58BCE904591DD762410E99960FD956FB579C2CE78FA7BF1406075D29537EF82 ] GVTDrv64        C:\Windows\GVTDrv64.sys
09:23:17.0164 0x01b8  GVTDrv64 - ok
09:23:17.0167 0x01b8  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi         C:\WINDOWS\system32\DRIVERS\hamachi.sys
09:23:17.0168 0x01b8  hamachi - ok
09:23:17.0171 0x01b8  [ DB1409A2774DB8AD3611EA28C48CEB66, AB712A38E985AE1F9910AB91C2BA0D69C324F2743551FA92A3AA0396782DB04F ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
09:23:17.0173 0x01b8  HDAudBus - ok

 

Themen zu Mögliche Rootkit infektion (TDSS Filesystem found)
100%, antivirus, avast, bonjour, boot, browser, cdrom, computer, converter, google, harddisk, infektion, laufwerk, logfile, microsoft, problem, rootkit, scan, software, superantispyware, system32, tdss, temp, virus, windows


« Unerwünschte Werbung nach einer falschen Installation von Teamspeak3! | nach fake Anruf wird Systemmkennwort verlangt. Zurücksetzen von win10 funktioniert nicht »


Ähnliche Themen: Mögliche Rootkit infektion (TDSS Filesystem found)


  1. Mögliche Root-Kit Infektion Trojan.Multi.ProxyChanger.gen
    Plagegeister aller Art und deren Bekämpfung - 12.12.2016 (14)
  2. error: unkown filesystem
    Alles rund um Mac OSX & Linux - 13.09.2014 (14)
  3. mögliche Infektion
    Netzwerk und Hardware - 18.08.2013 (1)
  4. mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B
    Plagegeister aller Art und deren Bekämpfung - 26.03.2013 (19)
  5. Rootkit, Bootkit, Rootkit.win32.tdss.ld4 - ich weiss nicht weiter..
    Log-Analyse und Auswertung - 18.03.2013 (1)
  6. Rootkit Infektion, danach Windows-Neuinstallation, GMER zeigt erneut Rootkit Aktivitäten an (Avast! false positive?)
    Log-Analyse und Auswertung - 05.03.2013 (2)
  7. Mögliche Infektion mit ZeroAccess
    Plagegeister aller Art und deren Bekämpfung - 17.01.2013 (11)
  8. Mögliche Infektion mit ZeroAccess
    Plagegeister aller Art und deren Bekämpfung - 13.01.2013 (1)
  9. TR/Crypt.ULPM.Gen mögliche Infektion
    Plagegeister aller Art und deren Bekämpfung - 09.04.2012 (3)
  10. Starforce? Rootkit Rootkit.TDSS! Bluescreens und Mbr laufend beschädigt!
    Plagegeister aller Art und deren Bekämpfung - 02.03.2011 (9)
  11. Mögliche Infektion des PC und Bluescreen
    Log-Analyse und Auswertung - 10.01.2011 (8)
  12. Mögliche Infektion ?
    Log-Analyse und Auswertung - 31.03.2010 (1)
  13. Rootkit.Win32.TDSS.a
    Plagegeister aller Art und deren Bekämpfung - 16.05.2009 (15)
  14. Rootkit RKIT/TDss.G.22 Backdoorprogramm BDS/TDSS.adb und Trojaner TR/Proxy.GHY
    Log-Analyse und Auswertung - 21.12.2008 (28)
  15. Mögliche Infektion / Viele Verbindungen
    Plagegeister aller Art und deren Bekämpfung - 07.06.2008 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Mögliche Rootkit infektion (TDSS Filesystem found) - Hallo! Es sieht so aus, als hätte ich mir möglicherweise ein Rootkit eingefangen, allerdings bin ich mir nicht 100% sicher. Ich habe TDSSKILLER drüberlaufen lassen, normal findet er nichts, aber - Mögliche Rootkit infektion (TDSS Filesystem found)...
Archiv
Du betrachtest: Mögliche Rootkit infektion (TDSS Filesystem found) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132