Trojaner-Board
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Nach Virusdesinfiktion - pdf, Fotos, Word-Datei gesperrt (https://www.trojaner-board.de/182432-virusdesinfiktion-pdf-fotos-word-datei-gesperrt.html)

deeprybka 23.10.2016 12:55
Schritt 1
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

ThinkGreen 23.10.2016 18:42
Es wurden anscheinend keine infizierten Objekte gefunden von dem Scan-Programm.

Hier der Code dazu vom Report:

Code:
19:40:20.0610 0x1998  TDSS rootkit removing tool 3.1.0.11 Aug  5 2016 12:13:31
19:40:22.0485 0x1998  ============================================================
19:40:22.0485 0x1998  Current date / time: 2016/10/23 19:40:22.0485
19:40:22.0485 0x1998  SystemInfo:
19:40:22.0485 0x1998 
19:40:22.0485 0x1998  OS Version: 10.0.14393 ServicePack: 0.0
19:40:22.0485 0x1998  Product type: Workstation
19:40:22.0485 0x1998  ComputerName: OTTO-2
19:40:22.0485 0x1998  UserName: Kamen-2
19:40:22.0485 0x1998  Windows directory: C:\WINDOWS
19:40:22.0485 0x1998  System windows directory: C:\WINDOWS
19:40:22.0485 0x1998  Running under WOW64
19:40:22.0485 0x1998  Processor architecture: Intel x64
19:40:22.0485 0x1998  Number of processors: 4
19:40:22.0485 0x1998  Page size: 0x1000
19:40:22.0485 0x1998  Boot type: Normal boot
19:40:22.0486 0x1998  CodeIntegrityOptions = 0x00000001
19:40:22.0486 0x1998  ============================================================
19:40:22.0655 0x1998  KLMD registered as C:\WINDOWS\system32\drivers\55438812.sys
19:40:22.0655 0x1998  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.321, osProperties = 0x19
19:40:22.0822 0x1998  System UUID: {1742255A-1722-82F2-BAD9-15E44332C4FD}
19:40:23.0203 0x1998  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:40:23.0221 0x1998  ============================================================
19:40:23.0221 0x1998  \Device\Harddisk0\DR0:
19:40:23.0221 0x1998  MBR partitions:
19:40:23.0221 0x1998  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:40:23.0221 0x1998  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1977BA63
19:40:23.0221 0x1998  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x19891930, BlocksNum 0x5AE74480
19:40:23.0221 0x1998  ============================================================
19:40:23.0240 0x1998  C: <-> \Device\Harddisk0\DR0\Partition2
19:40:23.0266 0x1998  D: <-> \Device\Harddisk0\DR0\Partition3
19:40:23.0266 0x1998  ============================================================
19:40:23.0266 0x1998  Initialize success
19:40:23.0266 0x1998  ============================================================
19:40:25.0230 0x2838  ============================================================
19:40:25.0230 0x2838  Scan started
19:40:25.0230 0x2838  Mode: Manual;
19:40:25.0230 0x2838  ============================================================
19:40:25.0230 0x2838  KSN ping started
19:40:25.0355 0x2838  KSN ping finished: true
19:40:25.0887 0x2838  ================ Scan system memory ========================
19:40:25.0887 0x2838  System memory - ok
19:40:25.0888 0x2838  ================ Scan services =============================
19:40:25.0985 0x2838  1394ohci - ok
19:40:25.0988 0x2838  3ware - ok
19:40:25.0990 0x2838  ACPI - ok
19:40:25.0993 0x2838  AcpiDev - ok
19:40:25.0996 0x2838  acpiex - ok
19:40:25.0999 0x2838  acpipagr - ok
19:40:26.0015 0x2838  AcpiPmi - ok
19:40:26.0018 0x2838  acpitime - ok
19:40:26.0071 0x2838  [ DC00FD73505DAEDD99CAF4533B0C05BD, 2863D1F0587B79254FBE093C191C73892768CF2AC59BEF97745EE66CEE3473AF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:40:26.0072 0x2838  AdobeARMservice - ok
19:40:26.0138 0x2838  [ 1E30AB3A4D3EB916FF6C1B71B9F2331A, 4D1D703CD16FAE5096A8897DDC69C925FA3BFF1F45E1EA55898BF251AF0D3E9A ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:40:26.0141 0x2838  AdobeFlashPlayerUpdateSvc - ok
19:40:26.0146 0x2838  ADP80XX - ok
19:40:26.0151 0x2838  AFD - ok
19:40:26.0156 0x2838  ahcache - ok
19:40:26.0165 0x2838  AJRouter - ok
19:40:26.0178 0x2838  ALG - ok
19:40:26.0180 0x2838  AmdK8 - ok
19:40:26.0184 0x2838  AmdPPM - ok
19:40:26.0187 0x2838  amdsata - ok
19:40:26.0190 0x2838  amdsbs - ok
19:40:26.0192 0x2838  amdxata - ok
19:40:26.0205 0x2838  [ E3C6DAE5493E9B07EE98711D04D863FF, D11722E50D8EBFBDB344F155BBCB6C552289F0BA882F48711B9178AF77E17C5B ] ampa            C:\Windows\system32\ampa.sys
19:40:26.0206 0x2838  ampa - ok
19:40:26.0230 0x2838  [ E71711D37C48AC40FD3E2866A5ABBA51, C85DB75741B17A0A84B045DC461B5A6C5EA2A34BCD661107D355CE8DF4A29E03 ] anvsnddrv      C:\WINDOWS\system32\drivers\anvsnddrv.sys
19:40:26.0231 0x2838  anvsnddrv - ok
19:40:26.0247 0x2838  AppHostSvc - ok
19:40:26.0251 0x2838  AppID - ok
19:40:26.0254 0x2838  AppIDSvc - ok
19:40:26.0266 0x2838  Appinfo - ok
19:40:26.0352 0x2838  [ 3B3774C868868257533EC7E715BB6D53, 4AF1DADCEDBD80BE6EDEC696DF59E65B51D31E33F4C84413CA03C7BD959FF4E5 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:40:26.0353 0x2838  Apple Mobile Device Service - ok
19:40:26.0371 0x2838  applockerfltr - ok
19:40:26.0391 0x2838  AppReadiness - ok
19:40:26.0403 0x2838  AppXSvc - ok
19:40:26.0406 0x2838  arcsas - ok
19:40:26.0453 0x2838  aspnet_state - ok
19:40:26.0455 0x2838  AsyncMac - ok
19:40:26.0459 0x2838  atapi - ok
19:40:26.0470 0x2838  athr - ok
19:40:26.0493 0x2838  AudioEndpointBuilder - ok
19:40:26.0510 0x2838  Audiosrv - ok
19:40:26.0520 0x2838  [ 6A300AD0E23A155B2C3A7FAB0D4AABD1, AD283CC530482C0C155727C3234BFA4773C8C80B4C9912448196F83407C3CFD4 ] avmaura        C:\WINDOWS\system32\DRIVERS\avmaura.sys
19:40:26.0522 0x2838  avmaura - ok
19:40:26.0570 0x2838  [ 03B45C52179E8DAE51A0F685C30D06D6, E06F066B4BFE5344BBF5749B9B8B8CFBA0C02920FD2B9C73BDDA7E34F1785DA7 ] AVP17.0.0      C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
19:40:26.0574 0x2838  AVP17.0.0 - ok
19:40:26.0577 0x2838  AxInstSV - ok
19:40:26.0580 0x2838  b06bdrv - ok
19:40:26.0583 0x2838  BasicDisplay - ok
19:40:26.0587 0x2838  BasicRender - ok
19:40:26.0591 0x2838  bcmfn - ok
19:40:26.0594 0x2838  bcmfn2 - ok
19:40:26.0597 0x2838  BDESVC - ok
19:40:26.0601 0x2838  Beep - ok
19:40:26.0607 0x2838  BFE - ok
19:40:26.0610 0x2838  BITS - ok
19:40:26.0654 0x2838  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:40:26.0660 0x2838  Bonjour Service - ok
19:40:26.0663 0x2838  bowser - ok
19:40:26.0666 0x2838  BrokerInfrastructure - ok
19:40:26.0669 0x2838  Browser - ok
19:40:26.0682 0x2838  BthAvrcpTg - ok
19:40:26.0701 0x2838  BthHFEnum - ok
19:40:26.0704 0x2838  bthhfhid - ok
19:40:26.0718 0x2838  BthHFSrv - ok
19:40:26.0721 0x2838  BTHMODEM - ok
19:40:26.0725 0x2838  bthserv - ok
19:40:26.0733 0x2838  buttonconverter - ok
19:40:26.0736 0x2838  CapImg - ok
19:40:26.0738 0x2838  cdfs - ok
19:40:26.0741 0x2838  CDPSvc - ok
19:40:26.0744 0x2838  CDPUserSvc - ok
19:40:26.0790 0x2838  cdrom - ok
19:40:26.0793 0x2838  CertPropSvc - ok
19:40:26.0796 0x2838  cht4iscsi - ok
19:40:26.0798 0x2838  cht4vbd - ok
19:40:26.0811 0x2838  circlass - ok
19:40:26.0814 0x2838  CLFS - ok
19:40:26.0817 0x2838  ClipSVC - ok
19:40:26.0820 0x2838  clreg - ok
19:40:26.0827 0x2838  CmBatt - ok
19:40:26.0850 0x2838  [ B29A764A1E76473CD9D64C9438705C19, CD0497EB84DE60E1E491CA495AF981A8DFC4949BB373C1978CAF1BCF4321D30E ] cm_km          C:\WINDOWS\system32\DRIVERS\cm_km.sys
19:40:26.0853 0x2838  cm_km - ok
19:40:26.0866 0x2838  CNG - ok
19:40:26.0868 0x2838  cnghwassist - ok
19:40:26.0921 0x2838  [ 1635CED9C1FB6182B11BD62AA4F744B6, E781DADC786E07731F15DA2C6701B1426CAFC45F28FFEB7CD4BB546E4CDE1869 ] CnxtHdAudService C:\WINDOWS\system32\drivers\CHDRT64.sys
19:40:26.0941 0x2838  CnxtHdAudService - ok
19:40:26.0985 0x2838  CompositeBus - ok
19:40:26.0988 0x2838  COMSysApp - ok
19:40:26.0991 0x2838  condrv - ok
19:40:27.0003 0x2838  CoreMessagingRegistrar - ok
19:40:27.0059 0x2838  [ A28D6FA203CE094BDE7ED8CEC6079E42, 5DCA8BA21F5FD0D9F00620E7592949ABCF3BA202CF7AF3D84F93DF7C13E2D4C9 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
19:40:27.0065 0x2838  cphs - ok
19:40:27.0083 0x2838  CryptSvc - ok
19:40:27.0128 0x2838  [ 9A59DF2CA690019FEA3B265D5A7EB619, F15D51B3C78A213BA6D6FF7CEA58549673CEAFE97C0A6C90C93591637CE4D5B2 ] CxUtilSvc      C:\Program Files\Conexant\SA3\CxUtilSvc.exe
19:40:27.0130 0x2838  CxUtilSvc - ok
19:40:27.0144 0x2838  dam - ok
19:40:27.0157 0x2838  DcomLaunch - ok
19:40:27.0169 0x2838  DcpSvc - ok
19:40:27.0192 0x2838  [ B56714DED87E29377F1EE930691DADA2, B3C3BC4F546A786A93823C1471D560BF678A9C95237065E3B99B2B80E6C28131 ] DDDriver        C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys
19:40:27.0193 0x2838  DDDriver - ok
19:40:27.0197 0x2838  defragsvc - ok
19:40:27.0216 0x2838  [ 66C87079CFCB61B650086802693114E0, B1EE411DF69BB98D5D9FA2D88C4C9FE1E4877FD8BBF572C3F444C90576ED0724 ] DellProf        C:\WINDOWS\system32\drivers\DellProf.sys
19:40:27.0216 0x2838  DellProf - ok
19:40:27.0220 0x2838  DeviceAssociationService - ok
19:40:27.0223 0x2838  DeviceInstall - ok
19:40:27.0235 0x2838  DevQueryBroker - ok
19:40:27.0247 0x2838  Dfsc - ok
19:40:27.0251 0x2838  Dhcp - ok
19:40:27.0288 0x2838  diagnosticshub.standardcollector.service - ok
19:40:27.0300 0x2838  DiagTrack - ok
19:40:27.0311 0x2838  disk - ok
19:40:27.0323 0x2838  DmEnrollmentSvc - ok
19:40:27.0325 0x2838  dmvsc - ok
19:40:27.0329 0x2838  dmwappushservice - ok
19:40:27.0345 0x2838  Dnscache - ok
19:40:27.0350 0x2838  dot3svc - ok
19:40:27.0353 0x2838  DPS - ok
19:40:27.0365 0x2838  drmkaud - ok
19:40:27.0377 0x2838  DsmSvc - ok
19:40:27.0380 0x2838  DsSvc - ok
19:40:27.0383 0x2838  DXGKrnl - ok
19:40:27.0386 0x2838  EapHost - ok
19:40:27.0389 0x2838  ebdrv - ok
19:40:27.0392 0x2838  EFS - ok
19:40:27.0395 0x2838  EhStorClass - ok
19:40:27.0415 0x2838  EhStorTcgDrv - ok
19:40:27.0425 0x2838  embeddedmode - ok
19:40:27.0428 0x2838  EntAppSvc - ok
19:40:27.0430 0x2838  ErrDev - ok
19:40:27.0438 0x2838  EventSystem - ok
19:40:27.0440 0x2838  exfat - ok
19:40:27.0443 0x2838  fastfat - ok
19:40:27.0449 0x2838  Fax - ok
19:40:27.0453 0x2838  fdc - ok
19:40:27.0456 0x2838  fdPHost - ok
19:40:27.0458 0x2838  FDResPub - ok
19:40:27.0463 0x2838  fhsvc - ok
19:40:27.0477 0x2838  FileCrypt - ok
19:40:27.0479 0x2838  FileInfo - ok
19:40:27.0482 0x2838  Filetrace - ok
19:40:27.0485 0x2838  flpydisk - ok
19:40:27.0489 0x2838  FltMgr - ok
19:40:27.0508 0x2838  FontCache - ok
19:40:27.0556 0x2838  FontCache3.0.0.0 - ok
19:40:27.0571 0x2838  FrameServer - ok
19:40:27.0574 0x2838  FsDepends - ok
19:40:27.0576 0x2838  Fs_Rec - ok
19:40:27.0580 0x2838  fvevol - ok
19:40:27.0605 0x2838  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM    C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
19:40:27.0606 0x2838  GEARAspiWDM - ok
19:40:27.0621 0x2838  gencounter - ok
19:40:27.0623 0x2838  genericusbfn - ok
19:40:27.0685 0x2838  [ 4CEDC66C726F7BE116BE7694B3CD22CD, C55DDC432F640C215E57C5AC9B7D801F7B2DA21E50BFA9ABC209AADC3070C744 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
19:40:27.0700 0x2838  GfExperienceService - ok
19:40:27.0704 0x2838  GPIOClx0101 - ok
19:40:27.0720 0x2838  gpsvc - ok
19:40:27.0723 0x2838  GpuEnergyDrv - ok
19:40:27.0766 0x2838  [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B99A296EFEE5737 ] gupdate        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:40:27.0769 0x2838  gupdate - ok
19:40:27.0773 0x2838  [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B99A296EFEE5737 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:40:27.0775 0x2838  gupdatem - ok
19:40:27.0778 0x2838  HDAudBus - ok
19:40:27.0781 0x2838  HidBatt - ok
19:40:27.0784 0x2838  HidBth - ok
19:40:27.0787 0x2838  hidi2c - ok
19:40:27.0790 0x2838  hidinterrupt - ok
19:40:27.0799 0x2838  HidIr - ok
19:40:27.0802 0x2838  hidserv - ok
19:40:27.0805 0x2838  HidUsb - ok
19:40:27.0808 0x2838  HomeGroupListener - ok
19:40:27.0817 0x2838  HomeGroupProvider - ok
19:40:27.0820 0x2838  HpSAMD - ok
19:40:27.0823 0x2838  HTTP - ok
19:40:27.0826 0x2838  HvHost - ok
19:40:27.0838 0x2838  hvservice - ok
19:40:27.0841 0x2838  hwpolicy - ok
19:40:27.0845 0x2838  hyperkbd - ok
19:40:27.0858 0x2838  i8042prt - ok
19:40:27.0860 0x2838  iagpio - ok
19:40:27.0863 0x2838  iai2c - ok
19:40:27.0868 0x2838  iaLPSS2i_GPIO2 - ok
19:40:27.0871 0x2838  iaLPSS2i_I2C - ok
19:40:27.0874 0x2838  iaLPSSi_GPIO - ok
19:40:27.0877 0x2838  iaLPSSi_I2C - ok
19:40:27.0879 0x2838  iaStorAV - ok
19:40:27.0883 0x2838  iaStorV - ok
19:40:27.0886 0x2838  ibbus - ok
19:40:27.0922 0x2838  [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS            C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
19:40:27.0925 0x2838  ICCS - ok
19:40:27.0940 0x2838  icssvc - ok
19:40:28.0025 0x2838  [ 9CE4D3A79D3180AC5A141E2F7E7137F4, 1D717D2156B78632895281779D2646AB066619EA1DB293A9505BF7C174F53271 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
19:40:28.0072 0x2838  igfx - ok
19:40:28.0095 0x2838  [ 6A9C613D0F5F9676D128F39B63ACE45B, 027B9568C740E336C7CBBE952309E2719E8FFA14E7DFC2B85B49E0C0CE7D2149 ] igfxCUIService1.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
19:40:28.0103 0x2838  igfxCUIService1.0.0.0 - ok
19:40:28.0106 0x2838  IKEEXT - ok
19:40:28.0109 0x2838  IndirectKmd - ok
19:40:28.0142 0x2838  [ 41CD73C13FCAEA4942F0CF7608B7530F, 835BF370E6624975E3CB7106D4835488D6F527C545E7B0ECD26A161D36CABABB ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
19:40:28.0143 0x2838  intaud_WaveExtensible - ok
19:40:28.0169 0x2838  [ 87871AB7AC797F922A6F3D4C874CED96, 2BCD89911E42827CD294DD7D1486A7845D1F98019E51958E0F488384401B2944 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
19:40:28.0175 0x2838  IntcDAud - ok
19:40:28.0233 0x2838  [ 2D66067C7A8A0112156BCD1C0BAA7042, 89F77EEE59FF3AD2E777DA15187F1447F6E112E8831417A0DE656ACB82E7B22E ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
19:40:28.0241 0x2838  Intel(R) Capability Licensing Service Interface - ok
19:40:28.0251 0x2838  intelide - ok
19:40:28.0254 0x2838  intelpep - ok
19:40:28.0257 0x2838  intelppm - ok
19:40:28.0260 0x2838  iorate - ok
19:40:28.0262 0x2838  IpFilterDriver - ok
19:40:28.0266 0x2838  iphlpsvc - ok
19:40:28.0270 0x2838  IPMIDRV - ok
19:40:28.0272 0x2838  IPNAT - ok
19:40:28.0304 0x2838  [ F96B9EDC032E61EB87652896E92ED526, F9E3CD2FA2D963C56034A4F606869467FDC6647B916CF457249270E6C337A8A5 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
19:40:28.0312 0x2838  iPod Service - ok
19:40:28.0315 0x2838  irda - ok
19:40:28.0318 0x2838  IRENUM - ok
19:40:28.0321 0x2838  irmon - ok
19:40:28.0324 0x2838  isapnp - ok
19:40:28.0327 0x2838  iScsiPrt - ok
19:40:28.0349 0x2838  [ 846354992EBB373F452EB9182D501B08, 453459133DCA875E93CAAE9852E652F3794F8C31CE53526C47A181FDBABE6849 ] iusb3hcs        C:\WINDOWS\system32\drivers\iusb3hcs.sys
19:40:28.0350 0x2838  iusb3hcs - ok
19:40:28.0374 0x2838  [ 48B904D31F2369D7B0122617038D3F5B, 8A43CB37667929CCCC37B6E79E82509BBCA6C8884B44059DC87BCA7C21BE7FE1 ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
19:40:28.0375 0x2838  iwdbus - ok
19:40:28.0408 0x2838  [ 12DADA7E8BE1AED392F049CD6258C351, AD0C5C3A6C382738440A321A3E9DEBDFDDD267F521855F8414D81C215F884669 ] jhi_service    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
19:40:28.0411 0x2838  jhi_service - ok
19:40:28.0418 0x2838  kbdclass - ok
19:40:28.0430 0x2838  kbdhid - ok
19:40:28.0437 0x2838  kdnic - ok
19:40:28.0439 0x2838  KeyIso - ok
19:40:28.0467 0x2838  [ 97E3E8F35632EECD0ABD2DE6519A9666, ABE96FDEB1076E380D7FB4975C020B43ED4E821097EFC6AFE8C75D764167D6E8 ] kl1            C:\WINDOWS\system32\DRIVERS\kl1.sys
19:40:28.0474 0x2838  kl1 - ok
19:40:28.0497 0x2838  [ B01AD8DA034EE42D4C2282F77FDB03AE, 3FF55F3CEE4A0E5D559F04F5A639297EA0F36580720E94CF9DD56DEBF2E98F39 ] klbackupdisk    C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys
19:40:28.0499 0x2838  klbackupdisk - ok
19:40:28.0523 0x2838  [ 10549B5BFD9A3DCF4FFA6287236FA959, 6BDFA335A8E3A69425CB23230660D3168CB82911ACB3AAAF85C19263511EAF51 ] klbackupflt    C:\WINDOWS\system32\DRIVERS\klbackupflt.sys
19:40:28.0525 0x2838  klbackupflt - ok
19:40:28.0550 0x2838  [ 7DAA9047F50BF5A3F8C147719FC520AF, 0740387075AF46DB1E9AEE3B12C65A06EDFE58EADB8B562C36CB1FEFF9905C26 ] kldisk          C:\WINDOWS\system32\DRIVERS\kldisk.sys
19:40:28.0552 0x2838  kldisk - ok
19:40:28.0578 0x2838  [ 5766A27C85EE813029831D125D2EFB45, BB5BAFD5A58E80C7F0B8D24121352E0386B3422FFC16B56F1D1B1C6A482AC9F0 ] klelam          C:\WINDOWS\system32\DRIVERS\klelam.sys
19:40:28.0579 0x2838  klelam - ok
19:40:28.0607 0x2838  [ 63FD545876EF4248BE3C8788D8270758, 5FF6529F8D7F94848E68142D8B2CAA446342AF95644C9223E689E303E8AB7336 ] klflt          C:\WINDOWS\system32\DRIVERS\klflt.sys
19:40:28.0610 0x2838  klflt - ok
19:40:28.0641 0x2838  [ 3524D3B8F5BEF8C01EAF7EEFFA5EAB3F, 0908A6E3E62017F7099900850D58A1B775D808F7DC0951B09781689DF3994DA2 ] klhk            C:\WINDOWS\System32\drivers\klhk.sys
19:40:28.0647 0x2838  klhk - ok
19:40:28.0710 0x2838  [ 7796EAD58D8C1A42AAB6B6CA9A3F106C, 7DA8A05A0210F63C7D120DCF0101AD895D53368C0DED23E275F2BA79239FCE28 ] klids          C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys
19:40:28.0712 0x2838  klids - ok
19:40:28.0754 0x2838  [ BBF9B967A410120E67FB6E7F53E7A7CA, E6C8703A14271C08BDCEDB9F09B5E0392C9D337C9816E12D860A4DF3D5D3F7EE ] KLIF            C:\WINDOWS\system32\DRIVERS\klif.sys
19:40:28.0767 0x2838  KLIF - ok
19:40:28.0776 0x2838  [ DDCD4AF37C41EAAA47E99D9D2605AC8D, FA9A0E068DD45645E62C19995279078726D6DF79AD54EDBD53F7D1E1D059372B ] KLIM6          C:\WINDOWS\system32\DRIVERS\klim6.sys
19:40:28.0777 0x2838  KLIM6 - ok
19:40:28.0791 0x2838  [ 5480CC93737F48282552C84FA7EBA59B, B7D92424399B647132F6B9409FE75EAA310C984F796FC0B65BBE2EA180110968 ] klkbdflt        C:\WINDOWS\system32\DRIVERS\klkbdflt.sys
19:40:28.0793 0x2838  klkbdflt - ok
19:40:28.0809 0x2838  [ FD47C92A63B6EADEA830BFA96C06EAEE, C15C39B6FA53CBD01A2F95243845C4B706B4229F8FFB75C7128819B9CEE5B2CB ] klmouflt        C:\WINDOWS\system32\DRIVERS\klmouflt.sys
19:40:28.0810 0x2838  klmouflt - ok
19:40:28.0838 0x2838  [ 6B0C605591C892CBB683F63EA47822DC, E74C0A0501A1B4B56B417402108521F34DA6A23FCD1C05E4E524E41EBA0906FF ] klpd            C:\WINDOWS\system32\DRIVERS\klpd.sys
19:40:28.0840 0x2838  klpd - ok
19:40:28.0863 0x2838  [ 828B042A95F055648DA190DF6C7AB1B6, 0457B0EF03BCB4CC1297EB25A25C162937F456BF406EC7B1A5E9A0AA13A9BCD7 ] kltap          C:\WINDOWS\System32\drivers\kltap.sys
19:40:28.0865 0x2838  kltap - ok
19:40:28.0896 0x2838  [ A10F8B0584926404E5CCF915704D27AA, 1020162B59EB928E1ADEC174505AA6187B38DA1828DFC8A41D9C8B532EDD58F3 ] klupd_klif_arkmon C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
19:40:28.0900 0x2838  klupd_klif_arkmon - ok
19:40:28.0928 0x2838  [ 3140F62A49A37687EFB50475F960B44A, 506601819244E10AB891E4AFC91E7AC7276715B00A5D6932A57B01267FB97117 ] klupd_klif_klark C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
19:40:28.0931 0x2838  klupd_klif_klark - ok
19:40:28.0944 0x2838  [ 0E1A21C54398C8D8E791718AACF0E1EF, B08E47099BE3D6C654DB4C7E5D86B09D8650B24BEB53955591939AED30C6202A ] klupd_klif_klbg C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
19:40:28.0946 0x2838  klupd_klif_klbg - ok
19:40:28.0977 0x2838  [ EBC4BEEC7E807C49F9BC7546E5A67FEF, 2433EABE495A0B4CC7AC2D9BC728D1148ABADF074551CD1CCDA4A3DFD794F52A ] klupd_klif_mark C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
19:40:28.0979 0x2838  klupd_klif_mark - ok
19:40:28.0989 0x2838  [ 4C5305295B51BA72FC9C8CDAB32F95C3, 0E5850AC4CA14D971E7B04FED23CB2F6CEEE2796E905AADA0104677982ECD58A ] klwfp          C:\WINDOWS\system32\DRIVERS\klwfp.sys
19:40:28.0990 0x2838  klwfp - ok
19:40:29.0005 0x2838  [ 9A234E6404390862643FDD2EBFDE41FA, 011C9F7D6F04AFCE887BCC7A83CEC14806B6937D290F9F14830187FCEAF25D4A ] Klwtp          C:\WINDOWS\system32\DRIVERS\klwtp.sys
19:40:29.0007 0x2838  Klwtp - ok
19:40:29.0035 0x2838  [ 67EFD862ACEFCB9687523832C62FA584, B3C9A36C535B706EB19E5C5437705E8C5EC71F45115A2C97E1348462EC2A3922 ] kneps          C:\WINDOWS\system32\DRIVERS\kneps.sys
19:40:29.0038 0x2838  kneps - ok
19:40:29.0071 0x2838  [ EFF5EA6088DB81C6EF6EDCDA5EE79909, 4D364B0BF012C335FA3B25BDF042D4AF672D961B9B48CB7C5BE34FCFD1D64979 ] KSDE1.0.0      C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
19:40:29.0075 0x2838  KSDE1.0.0 - ok
19:40:29.0089 0x2838  KSecDD - ok
19:40:29.0099 0x2838  KSecPkg - ok
19:40:29.0109 0x2838  ksthunk - ok
19:40:29.0118 0x2838  KtmRm - ok
19:40:29.0125 0x2838  LanmanServer - ok
19:40:29.0131 0x2838  LanmanWorkstation - ok
19:40:29.0189 0x2838  [ 20EE2F2ADCF8DBD091E931593F5AC268, 5F053F8B7C8B340A0364CE37B25D68B6755C2CCDB050C02E9B4E0929DF587E0F ] LBTServ        C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
19:40:29.0193 0x2838  LBTServ - ok
19:40:29.0224 0x2838  [ EAB70270BDDCFEF56FCC7425C2D9883D, 7B351EE3DA3DA4677DD8E4F91A5FFA6EBB3A15BF76F34EAC8879ECB16D01190F ] LEqdUsb        C:\WINDOWS\system32\DRIVERS\LEqdUsb.Sys
19:40:29.0226 0x2838  LEqdUsb - ok
19:40:29.0239 0x2838  lfsvc - ok
19:40:29.0242 0x2838  [ 5EBB7C1FC685D45A1D3D8B2B9A656E48, 8C4D984D3566DE29D13A294ED927525A7D7A106887E809986EBDDA8CC0B98FFB ] LHidEqd        C:\WINDOWS\system32\DRIVERS\LHidEqd.Sys
19:40:29.0243 0x2838  LHidEqd - ok
19:40:29.0261 0x2838  [ AFDFA4A6B0F7B15AA38E494FD4595741, 0D89CCEBC816F4A3F6DDB093B3F8BB8B85293E94559085961DA31F9330D43C21 ] LHidFilt        C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
19:40:29.0262 0x2838  LHidFilt - ok
19:40:29.0266 0x2838  LicenseManager - ok
19:40:29.0282 0x2838  lltdio - ok
19:40:29.0285 0x2838  lltdsvc - ok
19:40:29.0295 0x2838  lmhosts - ok
19:40:29.0307 0x2838  [ C3E82B320F34C97F32B8026F4C249BEF, CAF53CD4738D2C92E4764372F75B5D0D74EBA896E59E685ED15B915F4E7223A0 ] LMouFilt        C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
19:40:29.0308 0x2838  LMouFilt - ok
19:40:29.0334 0x2838  [ 8D82CBBF5A8532D9A21A64BBCB774EE7, 30D6477EA4B47D50F05E3435A68113B3676CA24EF51CC2693353C2224D28D2BB ] LMS            C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:40:29.0337 0x2838  LMS - ok
19:40:29.0354 0x2838  LSI_SAS - ok
19:40:29.0357 0x2838  LSI_SAS2i - ok
19:40:29.0360 0x2838  LSI_SAS3i - ok
19:40:29.0363 0x2838  LSI_SSS - ok
19:40:29.0372 0x2838  LSM - ok
19:40:29.0374 0x2838  luafv - ok
19:40:29.0391 0x2838  [ A0A527569856B9814E8920F52EBB67F5, 4347277C84B47E4CC048850BDEFB258CFB3B476AA99FD503FD71FBB70FFF5ACF ] lvrs64          C:\WINDOWS\system32\DRIVERS\lvrs64.sys
19:40:29.0396 0x2838  lvrs64 - ok
19:40:29.0486 0x2838  [ 415E344294D1C0D04627B29146F68481, B4A1A05BDF07E8F226A98E51F62BE18BE2C046A084C495BD8A95CABC79FD0614 ] LVUVC64        C:\WINDOWS\system32\DRIVERS\lvuvc64.sys
19:40:29.0545 0x2838  LVUVC64 - ok
19:40:29.0552 0x2838  MapsBroker - ok
19:40:29.0555 0x2838  megasas - ok
19:40:29.0569 0x2838  megasas2i - ok
19:40:29.0572 0x2838  megasr - ok
19:40:29.0596 0x2838  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
19:40:29.0598 0x2838  MEIx64 - ok
19:40:29.0601 0x2838  MessagingService - ok
19:40:29.0668 0x2838  Microsoft SharePoint Workspace Audit Service - ok
19:40:29.0672 0x2838  mlx4_bus - ok
19:40:29.0675 0x2838  MMCSS - ok
19:40:29.0677 0x2838  Modem - ok
19:40:29.0683 0x2838  monitor - ok
19:40:29.0686 0x2838  mouclass - ok
19:40:29.0689 0x2838  mouhid - ok
19:40:29.0691 0x2838  mountmgr - ok
19:40:29.0730 0x2838  [ 572BD5A99648652147A5D3C6DA946C99, FFDAD4A5682864977C926A5DDDB632CDB2A166BF025757801CC56F2828720023 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:40:29.0732 0x2838  MozillaMaintenance - ok
19:40:29.0735 0x2838  mpsdrv - ok
19:40:29.0738 0x2838  MpsSvc - ok
19:40:29.0774 0x2838  MQAC - ok
19:40:29.0777 0x2838  MRxDAV - ok
19:40:29.0780 0x2838  mrxsmb - ok
19:40:29.0790 0x2838  mrxsmb10 - ok
19:40:29.0799 0x2838  mrxsmb20 - ok
19:40:29.0807 0x2838  MsBridge - ok
19:40:29.0812 0x2838  MSDTC - ok
19:40:29.0818 0x2838  Msfs - ok
19:40:29.0821 0x2838  msgpiowin32 - ok
19:40:29.0824 0x2838  mshidkmdf - ok
19:40:29.0827 0x2838  mshidumdf - ok
19:40:29.0829 0x2838  msisadrv - ok
19:40:29.0833 0x2838  MSiSCSI - ok
19:40:29.0835 0x2838  msiserver - ok
19:40:29.0838 0x2838  MSKSSRV - ok
19:40:29.0841 0x2838  MsLldp - ok
19:40:29.0849 0x2838  MSMQ - ok
19:40:29.0852 0x2838  MSPCLOCK - ok
19:40:29.0855 0x2838  MSPQM - ok
19:40:29.0858 0x2838  MsRPC - ok
19:40:29.0862 0x2838  mssmbios - ok
19:40:29.0940 0x2838  MSSQL$SQLEXPRESS - ok
19:40:29.0982 0x2838  [ F1761C8FB2B25A32C6D63E36BB88C3AE, C88F5EF7B547DAA2394888362916FA18F07241E0BF2B938297428A1C04FFD806 ] MSSQLServerADHelper100 C:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
19:40:29.0983 0x2838  MSSQLServerADHelper100 - ok
19:40:29.0985 0x2838  MSTEE - ok
19:40:29.0989 0x2838  MTConfig - ok
19:40:29.0992 0x2838  Mup - ok
19:40:29.0995 0x2838  mvumis - ok
19:40:30.0009 0x2838  NativeWifiP - ok
19:40:30.0012 0x2838  NcaSvc - ok
19:40:30.0017 0x2838  NcbService - ok
19:40:30.0020 0x2838  NcdAutoSetup - ok
19:40:30.0023 0x2838  ndfltr - ok
19:40:30.0039 0x2838  NDIS - ok
19:40:30.0042 0x2838  NdisCap - ok
19:40:30.0044 0x2838  NdisImPlatform - ok
19:40:30.0047 0x2838  NdisTapi - ok
19:40:30.0052 0x2838  Ndisuio - ok
19:40:30.0055 0x2838  NdisVirtualBus - ok
19:40:30.0058 0x2838  NdisWan - ok
19:40:30.0061 0x2838  ndiswanlegacy - ok
19:40:30.0064 0x2838  ndproxy - ok
19:40:30.0067 0x2838  Ndu - ok
19:40:30.0070 0x2838  NetAdapterCx - ok
19:40:30.0073 0x2838  NetBIOS - ok
19:40:30.0077 0x2838  NetBT - ok
19:40:30.0080 0x2838  Netlogon - ok
19:40:30.0083 0x2838  Netman - ok
19:40:30.0127 0x2838  NetMsmqActivator - ok
19:40:30.0129 0x2838  NetPipeActivator - ok
19:40:30.0133 0x2838  netprofm - ok
19:40:30.0143 0x2838  NetSetupSvc - ok
19:40:30.0145 0x2838  NetTcpActivator - ok
19:40:30.0148 0x2838  NetTcpPortSharing - ok
19:40:30.0154 0x2838  NgcCtnrSvc - ok
19:40:30.0156 0x2838  NgcSvc - ok
19:40:30.0159 0x2838  NlaSvc - ok
19:40:30.0161 0x2838  Npfs - ok
19:40:30.0165 0x2838  npsvctrig - ok
19:40:30.0168 0x2838  nsi - ok
19:40:30.0170 0x2838  nsiproxy - ok
19:40:30.0175 0x2838  NTFS - ok
19:40:30.0177 0x2838  Null - ok
19:40:30.0202 0x2838  [ E7015F1BB265BC148C60D4BC299C00B8, 1B1ED30F486F59FE65D5EE8856DC3D410F844B76B3BA8F8D3E7491BA62AB8E46 ] NVHDA          C:\WINDOWS\system32\drivers\nvhda64v.sys
19:40:30.0206 0x2838  NVHDA - ok
19:40:30.0508 0x2838  [ FB61714B56B76A452475878A57C045F8, 7A3D36A4E9B381E388114DAD8F86F7D737D3596E13CB124E2622D90594F2607A ] nvlddmkm        C:\WINDOWS\System32\DriverStore\FileRepository\nv_desktop_ref4wu.inf_amd64_6e17fae58779a6b0\nvlddmkm.sys
19:40:30.0676 0x2838  nvlddmkm - ok
19:40:30.0774 0x2838  [ FA9BC0048ED46C5FB5C93EAFFC97F63D, 2014C08B55940E055F6243E81F0227861272F2B6353D05BFEF364ED4F11EA9B0 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
19:40:30.0798 0x2838  NvNetworkService - ok
19:40:30.0803 0x2838  nvraid - ok
19:40:30.0806 0x2838  nvstor - ok
19:40:30.0868 0x2838  [ DEF76B479C3525952D0BD71E881E07B0, DC4B13AA97F61542F55F92769F9C8C5EB253BD6EB165EF064107D11158CD412F ] NvStreamKms    C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
19:40:30.0869 0x2838  NvStreamKms - ok
19:40:30.0939 0x2838  [ AF5BE3694A76365874B8967331049F2C, F704A0403B63E856EE9ECCE7C913650F5FF928F0872035EE73E1AE1CD54BC046 ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
19:40:30.0984 0x2838  NvStreamNetworkSvc - ok
19:40:31.0040 0x2838  [ 77BE9E1AFCE995652A1C4FF4C8A0F839, 4AD981BCC349D413B3CCDC06DC8D6D2C2648D049726D6825E35A9A91D4C072FF ] NvStreamSvc    C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
19:40:31.0071 0x2838  NvStreamSvc - ok
19:40:31.0117 0x2838  [ 85397430F424516BF8300FAAEF929366, 2EDF41407C7483AC8E4703BC0A13F764563E4B00D6923FD4678E6E361AC14D6B ] nvsvc          C:\WINDOWS\system32\nvvsvc.exe
19:40:31.0141 0x2838  nvsvc - ok
19:40:31.0164 0x2838  [ F37FE6B15A987AEEC08EEF531F2FAED7, CC768E7DE80C7A8CB2392F9BC528212B8A3A35A30A222ED0B0B959051E6F8065 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
19:40:31.0166 0x2838  nvvad_WaveExtensible - ok
19:40:31.0191 0x2838  OneSyncSvc - ok
19:40:31.0236 0x2838  [ 4965B005492CBA7719E82B71E3245495, 52AD72C05FACC1E0E416A1FA25F34FDD3CB274FAB973BEAAE911A2FACA42B650 ] ose64          C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:40:31.0238 0x2838  ose64 - ok
19:40:31.0362 0x2838  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc        C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:40:31.0422 0x2838  osppsvc - ok
19:40:31.0441 0x2838  p2pimsvc - ok
19:40:31.0449 0x2838  p2psvc - ok
19:40:31.0452 0x2838  Parport - ok
19:40:31.0459 0x2838  partmgr - ok
19:40:31.0461 0x2838  PcaSvc - ok
19:40:31.0473 0x2838  pci - ok
19:40:31.0487 0x2838  pciide - ok
19:40:31.0489 0x2838  pcmcia - ok
19:40:31.0492 0x2838  pcw - ok
19:40:31.0507 0x2838  pdc - ok
19:40:31.0586 0x2838  [ 531D80CCA3669925B79558DCFF223CC9, C4E252FECE6AB03078FCF79944C1A2B5E17DE5F4576FEB7FDC26C1330C49D162 ] PDF Architect 4 C:\Program Files\PDF Architect 4\ws.exe
19:40:31.0617 0x2838  PDF Architect 4 - ok
19:40:31.0647 0x2838  [ 44B650801B377105F3EE2EB4450634DE, 9F81BB741C63C0AE8413B4B15A02FF776F4FEC789406C8EE76A901B9C020F968 ] PDF Architect 4 CrashHandler C:\Program Files\PDF Architect 4\crash-handler-ws.exe
19:40:31.0660 0x2838  PDF Architect 4 CrashHandler - ok
19:40:31.0693 0x2838  [ C347A316028A456672E6220AC411E531, E0E826B544B948D4BC3C725B496D3B720D5B3AC247F68D6455B65D42729EE4D3 ] PDF Architect 4 Creator C:\Program Files\PDF Architect 4\creator-ws.exe
19:40:31.0704 0x2838  PDF Architect 4 Creator - ok
19:40:31.0758 0x2838  [ 06B2368D9B342AE8E02C929B72E07804, 4EBCFCE5FFE934369ADD035A804BC24160BF94A796A42592B328A35A26DAB79E ] PDF Architect 4 Manager C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe
19:40:31.0771 0x2838  PDF Architect 4 Manager - ok
19:40:31.0783 0x2838  PEAUTH - ok
19:40:31.0786 0x2838  percsas2i - ok
19:40:31.0789 0x2838  percsas3i - ok
19:40:31.0839 0x2838  PerfHost - ok
19:40:31.0854 0x2838  PhoneSvc - ok
19:40:31.0871 0x2838  PimIndexMaintenanceSvc - ok
19:40:31.0889 0x2838  pla - ok
19:40:31.0901 0x2838  PlugPlay - ok
19:40:31.0904 0x2838  PNRPAutoReg - ok
19:40:31.0907 0x2838  PNRPsvc - ok
19:40:31.0919 0x2838  PolicyAgent - ok
19:40:31.0923 0x2838  Power - ok
19:40:31.0925 0x2838  PptpMiniport - ok
19:40:32.0024 0x2838  [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify    C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
19:40:32.0065 0x2838  PrintNotify - ok
19:40:32.0072 0x2838  Processor - ok
19:40:32.0089 0x2838  ProfSvc - ok
19:40:32.0091 0x2838  Psched - ok
19:40:32.0095 0x2838  QWAVE - ok
19:40:32.0098 0x2838  QWAVEdrv - ok
19:40:32.0101 0x2838  RasAcd - ok
19:40:32.0110 0x2838  RasAgileVpn - ok
19:40:32.0114 0x2838  RasAuto - ok
19:40:32.0117 0x2838  Rasl2tp - ok
19:40:32.0120 0x2838  RasMan - ok
19:40:32.0123 0x2838  RasPppoe - ok
19:40:32.0125 0x2838  RasSstp - ok
19:40:32.0129 0x2838  rdbss - ok
19:40:32.0147 0x2838  rdpbus - ok
19:40:32.0150 0x2838  RDPDR - ok
19:40:32.0173 0x2838  RdpVideoMiniport - ok
19:40:32.0176 0x2838  rdyboost - ok
19:40:32.0179 0x2838  ReFSv1 - ok
19:40:32.0182 0x2838  RemoteAccess - ok
19:40:32.0185 0x2838  RemoteRegistry - ok
19:40:32.0199 0x2838  RetailDemo - ok
19:40:32.0203 0x2838  RmSvc - ok
19:40:32.0207 0x2838  RpcEptMapper - ok
19:40:32.0220 0x2838  RpcLocator - ok
19:40:32.0238 0x2838  RpcSs - ok
19:40:32.0241 0x2838  rspndr - ok
19:40:32.0254 0x2838  rt640x64 - ok
19:40:32.0263 0x2838  s3cap - ok
19:40:32.0267 0x2838  SamSs - ok
19:40:32.0269 0x2838  sbp2port - ok
19:40:32.0281 0x2838  SCardSvr - ok
19:40:32.0292 0x2838  ScDeviceEnum - ok
19:40:32.0295 0x2838  scfilter - ok
19:40:32.0299 0x2838  Schedule - ok
19:40:32.0301 0x2838  scmbus - ok
19:40:32.0304 0x2838  scmdisk0101 - ok
19:40:32.0311 0x2838  SCPolicySvc - ok
19:40:32.0326 0x2838  sdbus - ok
19:40:32.0329 0x2838  SDRSVC - ok
19:40:32.0332 0x2838  sdstor - ok
19:40:32.0335 0x2838  seclogon - ok
19:40:32.0346 0x2838  SENS - ok
19:40:32.0349 0x2838  SensorDataService - ok
19:40:32.0367 0x2838  SensorService - ok
19:40:32.0369 0x2838  SensrSvc - ok
19:40:32.0372 0x2838  SerCx - ok
19:40:32.0375 0x2838  SerCx2 - ok
19:40:32.0378 0x2838  Serenum - ok
19:40:32.0381 0x2838  Serial - ok
19:40:32.0384 0x2838  sermouse - ok
19:40:32.0391 0x2838  SessionEnv - ok
19:40:32.0396 0x2838  sfloppy - ok
19:40:32.0410 0x2838  SharedAccess - ok
19:40:32.0419 0x2838  ShellHWDetection - ok
19:40:32.0430 0x2838  shpamsvc - ok
19:40:32.0433 0x2838  SiSRaid2 - ok
19:40:32.0436 0x2838  SiSRaid4 - ok
19:40:32.0440 0x2838  smphost - ok
19:40:32.0443 0x2838  SmsRouter - ok
19:40:32.0466 0x2838  SNMPTRAP - ok
19:40:32.0483 0x2838  spaceport - ok
19:40:32.0485 0x2838  SpbCx - ok
19:40:32.0489 0x2838  Spooler - ok
19:40:32.0498 0x2838  sppsvc - ok
19:40:32.0595 0x2838  [ 8211A6F40B5EA8BF21C41F34C2895A6C, F394A78F80B0D7DA043AF39E99B2C16EA0CBF4AD4BFD61CFBA5ED08FB25E11C4 ] SQLAgent$SQLEXPRESS C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
19:40:32.0601 0x2838  SQLAgent$SQLEXPRESS - ok
19:40:32.0633 0x2838  [ 10D936DCED9EACD1A1B3FCDDA6D7A4EB, EE66162AEAF6A583A04BB5AF1220318C9ADD3A62987CDCEE0505C6FF37AB30FF ] SQLBrowser      C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
19:40:32.0636 0x2838  SQLBrowser - ok
19:40:32.0695 0x2838  [ F92E5F93BE572B512DA3C016B675EDE0, 3BBE8B952A329E4BCD6F0C8D6225F809B99217A196301B6FE543B26C3689A37B ] SQLWriter      C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
19:40:32.0697 0x2838  SQLWriter - ok
19:40:32.0708 0x2838  srv - ok
19:40:32.0711 0x2838  srv2 - ok
19:40:32.0714 0x2838  srvnet - ok
19:40:32.0725 0x2838  SSDPSRV - ok
19:40:32.0743 0x2838  SstpSvc - ok
19:40:32.0755 0x2838  StateRepository - ok
19:40:32.0818 0x2838  [ 0596DAFFF8A6709917E4BB80CD3A896B, 0097868A9EB81818D2EEB7FE4C511AB425E41F699DAE37D269F02C1982657CEC ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:40:32.0823 0x2838  Stereo Service - ok
19:40:32.0827 0x2838  stexstor - ok
19:40:32.0830 0x2838  stisvc - ok
19:40:32.0835 0x2838  storahci - ok
19:40:32.0838 0x2838  storflt - ok
19:40:32.0841 0x2838  stornvme - ok
19:40:32.0844 0x2838  storqosflt - ok
19:40:32.0847 0x2838  StorSvc - ok
19:40:32.0851 0x2838  storufs - ok
19:40:32.0855 0x2838  storvsc - ok
19:40:32.0858 0x2838  svsvc - ok
19:40:32.0861 0x2838  swenum - ok
19:40:32.0864 0x2838  swprv - ok
19:40:32.0879 0x2838  Synth3dVsc - ok
19:40:32.0882 0x2838  SysMain - ok
19:40:32.0896 0x2838  SystemEventsBroker - ok
19:40:32.0902 0x2838  TabletInputService - ok
19:40:32.0905 0x2838  TapiSrv - ok
19:40:32.0917 0x2838  Tcpip - ok
19:40:32.0920 0x2838  Tcpip6 - ok
19:40:32.0924 0x2838  tcpipreg - ok
19:40:32.0928 0x2838  tdx - ok
19:40:32.0932 0x2838  terminpt - ok
19:40:32.0935 0x2838  TermService - ok
19:40:32.0950 0x2838  Themes - ok
19:40:32.0962 0x2838  TieringEngineService - ok
19:40:32.0965 0x2838  tiledatamodelsvc - ok
19:40:32.0968 0x2838  TimeBrokerSvc - ok
19:40:32.0971 0x2838  TPM - ok
19:40:32.0974 0x2838  TrkWks - ok
19:40:32.0987 0x2838  TrustedInstaller - ok
19:40:32.0990 0x2838  tsusbflt - ok
19:40:32.0994 0x2838  TsUsbGD - ok
19:40:32.0997 0x2838  tunnel - ok
19:40:33.0010 0x2838  tzautoupdate - ok
19:40:33.0013 0x2838  UASPStor - ok
19:40:33.0016 0x2838  UcmCx0101 - ok
19:40:33.0019 0x2838  UcmTcpciCx0101 - ok
19:40:33.0022 0x2838  UcmUcsi - ok
19:40:33.0025 0x2838  Ucx01000 - ok
19:40:33.0028 0x2838  UdeCx - ok
19:40:33.0031 0x2838  udfs - ok
19:40:33.0034 0x2838  UEFI - ok
19:40:33.0037 0x2838  Ufx01000 - ok
19:40:33.0040 0x2838  UfxChipidea - ok
19:40:33.0043 0x2838  ufxsynopsys - ok
19:40:33.0050 0x2838  UI0Detect - ok
19:40:33.0053 0x2838  umbus - ok
19:40:33.0056 0x2838  UmPass - ok
19:40:33.0059 0x2838  UmRdpService - ok
19:40:33.0067 0x2838  UnistoreSvc - ok
19:40:33.0123 0x2838  [ 875A3B86D821151C84A4DFD40309C72D, FB251A3180F829B086C007807B68D7918276FEDB33618BB22C28A3DCEAFB751E ] UNS            C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
19:40:33.0128 0x2838  UNS - ok
19:40:33.0131 0x2838  upnphost - ok
19:40:33.0134 0x2838  UrsChipidea - ok
19:40:33.0137 0x2838  UrsCx01000 - ok
19:40:33.0140 0x2838  UrsSynopsys - ok
19:40:33.0153 0x2838  usbaudio - ok
19:40:33.0156 0x2838  usbccgp - ok
19:40:33.0160 0x2838  usbcir - ok
19:40:33.0163 0x2838  usbehci - ok
19:40:33.0166 0x2838  usbhub - ok
19:40:33.0169 0x2838  USBHUB3 - ok
19:40:33.0173 0x2838  usbohci - ok
19:40:33.0175 0x2838  usbprint - ok
19:40:33.0195 0x2838  [ 2EC7B2C8123236B1233A77281D378DF7, D97DB59C9CAE2B8B33C707E8CEA7A65BF88712842CC715D270F7432A99D21BB6 ] usbscan        C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:40:33.0197 0x2838  usbscan - ok
19:40:33.0201 0x2838  usbser - ok
19:40:33.0204 0x2838  USBSTOR - ok
19:40:33.0207 0x2838  usbuhci - ok
19:40:33.0210 0x2838  USBXHCI - ok
19:40:33.0216 0x2838  usb_rndisx - ok
19:40:33.0220 0x2838  UserDataSvc - ok
19:40:33.0225 0x2838  UserManager - ok
19:40:33.0235 0x2838  UsoSvc - ok
19:40:33.0237 0x2838  VaultSvc - ok
19:40:33.0240 0x2838  vdrvroot - ok
19:40:33.0244 0x2838  vds - ok
19:40:33.0247 0x2838  VerifierExt - ok
19:40:33.0251 0x2838  vhdmp - ok
19:40:33.0253 0x2838  vhf - ok
19:40:33.0258 0x2838  vmbus - ok
19:40:33.0261 0x2838  VMBusHID - ok
19:40:33.0264 0x2838  vmgid - ok
19:40:33.0271 0x2838  vmicguestinterface - ok
19:40:33.0274 0x2838  vmicheartbeat - ok
19:40:33.0276 0x2838  vmickvpexchange - ok
19:40:33.0286 0x2838  vmicrdv - ok
19:40:33.0289 0x2838  vmicshutdown - ok
19:40:33.0292 0x2838  vmictimesync - ok
19:40:33.0295 0x2838  vmicvmsession - ok
19:40:33.0299 0x2838  vmicvss - ok
19:40:33.0302 0x2838  volmgr - ok
19:40:33.0306 0x2838  volmgrx - ok
19:40:33.0309 0x2838  volsnap - ok
19:40:33.0312 0x2838  volume - ok
19:40:33.0315 0x2838  vpci - ok
19:40:33.0318 0x2838  vsmraid - ok
19:40:33.0321 0x2838  VSS - ok
19:40:33.0324 0x2838  VSTXRAID - ok
19:40:33.0327 0x2838  vwifibus - ok
19:40:33.0330 0x2838  vwififlt - ok
19:40:33.0334 0x2838  vwifimp - ok
19:40:33.0338 0x2838  W32Time - ok
19:40:33.0364 0x2838  w3logsvc - ok
19:40:33.0374 0x2838  W3SVC - ok
19:40:33.0377 0x2838  WacomPen - ok
19:40:33.0381 0x2838  WalletService - ok
19:40:33.0384 0x2838  wanarp - ok
19:40:33.0387 0x2838  wanarpv6 - ok
19:40:33.0390 0x2838  WAS - ok
19:40:33.0393 0x2838  wbengine - ok
19:40:33.0414 0x2838  WbioSrvc - ok
19:40:33.0417 0x2838  wcifs - ok
19:40:33.0420 0x2838  Wcmsvc - ok
19:40:33.0423 0x2838  wcncsvc - ok
19:40:33.0426 0x2838  wcnfs - ok
19:40:33.0429 0x2838  WdBoot - ok
19:40:33.0433 0x2838  Wdf01000 - ok
19:40:33.0436 0x2838  WdFilter - ok
19:40:33.0439 0x2838  WdiServiceHost - ok
19:40:33.0442 0x2838  WdiSystemHost - ok
19:40:33.0445 0x2838  wdiwifi - ok
19:40:33.0448 0x2838  WdNisDrv - ok
19:40:33.0456 0x2838  WdNisSvc - ok
19:40:33.0459 0x2838  WebClient - ok
19:40:33.0463 0x2838  Wecsvc - ok
19:40:33.0466 0x2838  WEPHOSTSVC - ok
19:40:33.0469 0x2838  wercplsupport - ok
19:40:33.0472 0x2838  WerSvc - ok
19:40:33.0475 0x2838  WFPLWFS - ok
19:40:33.0478 0x2838  WiaRpc - ok
19:40:33.0482 0x2838  WIMMount - ok
19:40:33.0485 0x2838  WinDefend - ok
19:40:33.0492 0x2838  WindowsTrustedRT - ok
19:40:33.0495 0x2838  WindowsTrustedRTProxy - ok
19:40:33.0499 0x2838  WinHttpAutoProxySvc - ok
19:40:33.0503 0x2838  WinMad - ok
19:40:33.0514 0x2838  Winmgmt - ok
19:40:33.0527 0x2838  WinRM - ok
19:40:33.0539 0x2838  WINUSB - ok
19:40:33.0542 0x2838  WinVerbs - ok
19:40:33.0553 0x2838  wisvc - ok
19:40:33.0556 0x2838  WlanSvc - ok
19:40:33.0563 0x2838  wlidsvc - ok
19:40:33.0566 0x2838  WmiAcpi - ok
19:40:33.0571 0x2838  wmiApSrv - ok
19:40:33.0586 0x2838  WMPNetworkSvc - ok
19:40:33.0600 0x2838  Wof - ok
19:40:33.0613 0x2838  workfolderssvc - ok
19:40:33.0617 0x2838  WPDBusEnum - ok
19:40:33.0620 0x2838  WpdUpFltr - ok
19:40:33.0624 0x2838  WpnService - ok
19:40:33.0627 0x2838  WpnUserService - ok
19:40:33.0632 0x2838  ws2ifsl - ok
19:40:33.0636 0x2838  wscsvc - ok
19:40:33.0639 0x2838  WSearch - ok
19:40:33.0652 0x2838  wuauserv - ok
19:40:33.0655 0x2838  WudfPf - ok
19:40:33.0658 0x2838  WUDFRd - ok
19:40:33.0662 0x2838  wudfsvc - ok
19:40:33.0665 0x2838  WUDFWpdFs - ok
19:40:33.0669 0x2838  WwanSvc - ok
19:40:33.0686 0x2838  XblAuthManager - ok
19:40:33.0700 0x2838  XblGameSave - ok
19:40:33.0703 0x2838  xboxgip - ok
19:40:33.0706 0x2838  XboxNetApiSvc - ok
19:40:33.0724 0x2838  xinputhid - ok
19:40:33.0745 0x2838  [ 2E76E5E2CDF34D9BA30A0C463459D2B0, BC30345B884BB8FCD6BCE5659101FF3C2E795626DE81C64AD359FDF99489BBE7 ] ZAtheros Wlan Agent C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
19:40:33.0747 0x2838  ZAtheros Wlan Agent - ok
19:40:33.0747 0x2838  ================ Scan global ===============================
19:40:33.0775 0x2838  [ Global ] - ok
19:40:33.0775 0x2838  ================ Scan MBR ==================================
19:40:33.0789 0x2838  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:40:33.0955 0x2838  \Device\Harddisk0\DR0 - ok
19:40:33.0955 0x2838  ================ Scan VBR ==================================
19:40:33.0957 0x2838  [ 676E8B8AAF594460DF8F70E39663B5FD ] \Device\Harddisk0\DR0\Partition1
19:40:33.0958 0x2838  \Device\Harddisk0\DR0\Partition1 - ok
19:40:33.0960 0x2838  [ 22E1B3E9238E68A6B74B70FCCE248545 ] \Device\Harddisk0\DR0\Partition2
19:40:33.0961 0x2838  \Device\Harddisk0\DR0\Partition2 - ok
19:40:33.0964 0x2838  [ D8BD44E2EBEBDD73F7F3E0AE3D9CCA69 ] \Device\Harddisk0\DR0\Partition3
19:40:33.0965 0x2838  \Device\Harddisk0\DR0\Partition3 - ok
19:40:33.0966 0x2838  ================ Scan generic autorun ======================
19:40:33.0967 0x2838  Logitech Download Assistant - ok
19:40:34.0034 0x2838  [ AAFCA7631F21F9D2D9B7BFA9355A9E97, F8B7884A6AD3AB4A9C5431CBDEB4569AD15CF2DD69437CD24160DC7AF04ED337 ] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
19:40:34.0040 0x2838  cAudioFilterAgent - ok
19:40:34.0091 0x2838  [ CEA9CC9F13E82893327CBCE5FAA90D1A, 1E33ECF11841CEAC20BB26C05356180E31A4C1030BBA0E69F2952117BA02A946 ] C:\Program Files\CONEXANT\SA3\SACpl.exe
19:40:34.0110 0x2838  SmartAudio - ok
19:40:34.0196 0x2838  [ 948EB9C552C05DF39F79587E6979D9F5, 402B155395C32005A8D78C8B0F00F2391542CB41188AF944FF17ADE6BE97A62D ] C:\Program Files\Logitech\SetPointP\SetPoint.exe
19:40:34.0233 0x2838  EvtMgr6 - ok
19:40:34.0267 0x2838  [ CC9823AA6E3F6229CD6DA193551314A5, 76BCD2BCA391C2114BF9D28FA290D9B39D16379C410070E0E3A6376FDEE51CE1 ] C:\Program Files\iTunes\iTunesHelper.exe
19:40:34.0269 0x2838  iTunesHelper - ok
19:40:34.0348 0x2838  [ C8AC55CCB8AB33713522B4CAAFAC0F59, CCEA638F90395F5C1C9DA892227FF4F3A7BC7567DEF8A7B63AFE2A487DADA88A ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
19:40:34.0377 0x2838  NvBackend - ok
19:40:34.0380 0x2838  ShadowPlay - ok
19:40:34.0408 0x2838  [ 4D1DA8CE5E364D22B4FF00F163194514, 165DE474309206A0F51266F19EDB4AF3D7BAD19FDA61B636AEE7A04278DBBC2C ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
19:40:34.0412 0x2838  USB3MON - ok
19:40:34.0466 0x2838  [ 57C635C41750117D206C90DA9C599777, D5291ED79FC08217758FB526FC8CCC9D374B65B49446104D271C36B0C1298446 ] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
19:40:34.0481 0x2838  BrMfcWnd - ok
19:40:34.0505 0x2838  [ 4DE3EF07E0854547309C6B40235A9D44, F73D8E6D98583865D1C8DB728058D83C72A3908E21E04EF313FCB829C040A1EC ] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe
19:40:34.0507 0x2838  ControlCenter3 - ok
19:40:34.0560 0x2838  [ 8FFDB89A0FB7C8ABC3A8825E38047341, B9107FAA3A885CD9A08C20F78D31C3642FA76812E417F41C4F2ADF7D90CA8C72 ] D:\Programme\Logitech\LWS\Webcam Software\LWS.exe
19:40:34.0563 0x2838  LWS - ok
19:40:34.0621 0x2838  [ 6513807FEE68E6C32E67437EE3FFB6C8, 2AB388BD68E984C38EAAF2D42DE918A64B42DA229627FC0B1A896A8AD60B5F91 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
19:40:34.0628 0x2838  SunJavaUpdateSched - ok
19:40:34.0675 0x2838  OneDriveSetup - ok
19:40:34.0676 0x2838  OneDriveSetup - ok
19:40:34.0722 0x2838  [ CA7127466799DE4AEAA0A14586ED38C3, 6674241D4887321B81C72B66C4343DDB51F72CD08056821D7A51D749AC681590 ] C:\Program Files (x86)\Auto Mute\AutoMute.exe
19:40:34.0734 0x2838  AutoMute.exe - ok
19:40:34.0825 0x2838  [ FD9A7F99A09DB266D0C1361B0ACCBD7E, 579160BDACDFE39AE5DDD7B5C2964453E89BA8D933F3FB16C6E3897EA3BDED29 ] C:\Users\Kamen-2\AppData\Local\Microsoft\OneDrive\OneDrive.exe
19:40:34.0832 0x2838  OneDrive - ok
19:40:34.0888 0x2838  [ 614FEE71F590258B37787E264CD52013, 61B401518CB92F43D76DE72C928005A7E3233FF26406E073313BA0753CF4C31E ] C:\Users\Kamen-2\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
19:40:34.0895 0x2838  Octoshape Streaming Services - ok
19:40:34.0912 0x2838  Uninstall C:\Users\Kamen-2\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64 - ok
19:40:34.0914 0x2838  OneDriveSetup - ok
19:40:34.0935 0x2838  WAB Migrate - ok
19:40:34.0936 0x2838  OneDriveSetup - ok
19:40:34.0937 0x2838  Waiting for KSN requests completion. In queue: 68
19:40:35.0951 0x2838  AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\wmiav.exe ( 17.0.0.611 ), 0x41000 ( enabled : updated )
19:40:35.0951 0x2838  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x60100 ( disabled : updated )
19:40:35.0952 0x2838  FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\wmiav.exe ( 17.0.0.611 ), 0x41010 ( enabled )
19:40:36.0112 0x2838  ============================================================
19:40:36.0112 0x2838  Scan finished
19:40:36.0112 0x2838  ============================================================
19:40:36.0120 0x299c  Detected object count: 0
19:40:36.0120 0x299c  Actual detected object count: 0

deeprybka 24.10.2016 19:07
Gut.

Schritt 1

http://deeprybka.trojaner-board.de/m...mbamlogo4a.pnghttp://deeprybka.trojaner-board.de/m...mbamlogo4b.png
  • Download und Anleitung
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Unter Einstellungen/ Erkennung und Schutz setze bitte einen Haken bei "Suche nach Rootkits".
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass Deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Jetzt bitte Suchscan durchführen:

Schritt 2

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


ThinkGreen 24.10.2016 20:41
Anbei nun der Inhalt der mbam.txt

Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 24.10.2016
Suchlaufzeit: 21:02
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.10.24.09
Rootkit-Datenbank: v2016.09.26.02
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Kamen-2

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 498963
Abgelaufene Zeit: 23 Min., 57 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 13
PUP.Optional.SpyHunter, HKLM\SOFTWARE\ENIGMASOFTWAREGROUP\SpyHunter, In Quarantäne, [0702a1fce9b15ed87436dc2be91cab55],
PUP.Optional.Desk365, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{05193F6D-7AF7-46A0-98A1-B9259C64FEB1}, Löschen bei Neustart, [98719d0074260f2734f210e347bc6e92],
PUP.Optional.DealPly, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{0CCCB899-8DE4-4E33-B3B6-A08AB30BED65}, Löschen bei Neustart, [9e6baeefe3b7dc5a5808d1235ea58e72],
PUP.Optional.DealPly, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{4C657C21-B6CA-4AF8-886A-5D7153AFE0E7}, Löschen bei Neustart, [be4b05982b6fc076e779d91bb053c63a],
PUP.Optional.DealPly, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{65C8CD41-9C0E-43DF-A252-D92A6F149D9A}, Löschen bei Neustart, [ab5e059829716bcb6ff1a45038cb26da],
PUP.Optional.DealPly, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Dealply, Löschen bei Neustart, [21e8b4e9faa0be78f67e059a6b987090],
PUP.Optional.DealPly, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\DealPlyLiveUpdateTaskMachineCore, Löschen bei Neustart, [60a9dac3e5b563d32e468f1028db01ff],
PUP.Optional.DealPly, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\DealPlyLiveUpdateTaskMachineUA, Löschen bei Neustart, [62a71588e6b4f93d7400aaf529dac040],
PUP.Optional.Desk365, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Desk 365 RunAsStdUser, Löschen bei Neustart, [1aef207d55451d19ad21514e17ec31cf],
PUP.Optional.InstallCore, HKU\S-1-5-21-978911087-3551223929-1637386772-1000\SOFTWARE\csastats, In Quarantäne, [4bbe9805f3a7ff37bcb332c8976cda26],
PUP.Optional.YahooVNM, HKU\S-1-5-21-978911087-3551223929-1637386772-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}, In Quarantäne, [f7126e2fcad0d363c9fed4e850b3be42],
PUP.Optional.ProductSetup, HKU\S-1-5-21-978911087-3551223929-1637386772-1000\SOFTWARE\PRODUCTSETUP, In Quarantäne, [b059118cbcde1521169f149c1ee5df21],
PUP.Optional.DealPly, HKU\S-1-5-21-978911087-3551223929-1637386772-501\SOFTWARE\DealPlyLive, In Quarantäne, [f019732a0d8d3303d497f5aa9c675ca4],

Registrierungswerte: 7
PUP.Optional.Desk365, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{05193F6D-7AF7-46A0-98A1-B9259C64FEB1}|Path, \Desk 365 RunAsStdUser, Löschen bei Neustart, [98719d0074260f2734f210e347bc6e92]
PUP.Optional.DealPly, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{0CCCB899-8DE4-4E33-B3B6-A08AB30BED65}|Path, \DealPlyLiveUpdateTaskMachineCore, Löschen bei Neustart, [9e6baeefe3b7dc5a5808d1235ea58e72]
PUP.Optional.DealPly, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{4C657C21-B6CA-4AF8-886A-5D7153AFE0E7}|Path, \DealPlyLiveUpdateTaskMachineUA, Löschen bei Neustart, [be4b05982b6fc076e779d91bb053c63a]
PUP.Optional.DealPly, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{65C8CD41-9C0E-43DF-A252-D92A6F149D9A}|Path, \Dealply, Löschen bei Neustart, [ab5e059829716bcb6ff1a45038cb26da]
PUP.Optional.YahooVNM, HKU\S-1-5-21-978911087-3551223929-1637386772-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}|URL, https://at.search.yahoo.com/search?fr=vmn&type=vmn__webcompa__1_0__ya__ch_WCYID10028_AT_160503__yaie&p={searchTerms}, In Quarantäne, [f7126e2fcad0d363c9fed4e850b3be42]
PUP.Optional.YahooVNM, HKU\S-1-5-21-978911087-3551223929-1637386772-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}|TopResultURL, https://at.search.yahoo.com/search?fr=vmn&type=vmn__webcompa__1_0__ya__ch_WCYID10028_AT_160503__yaie&p={searchTerms}, In Quarantäne, [cf3aa9f4f9a17db97552bb01df243bc5]
PUP.Optional.ProductSetup, HKU\S-1-5-21-978911087-3551223929-1637386772-1000\SOFTWARE\PRODUCTSETUP|tb, 0D2Y1I1B1P2Y, In Quarantäne, [b059118cbcde1521169f149c1ee5df21]

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 2
PUP.Optional.SpyHunter, C:\Program Files\Enigma Software Group\SpyHunter, In Quarantäne, [a06948557f1b85b14502a364ad58af51],
PUP.Optional.SpyHunter, C:\Program Files\Enigma Software Group\SpyHunter\Log, In Quarantäne, [a06948557f1b85b14502a364ad58af51],

Dateien: 3
Rogue.Link, C:\Users\Kamen-2\Favorites\Free Porn, Sex, Tube Videos, XXX Pics, Pussy in Porno Movies - XNXX.COM.url, In Quarantäne, [bf4abce11e7c1224159cf11ba1628d73],
PUP.Optional.SpyHunter, C:\Program Files\Enigma Software Group\SpyHunter\INSTALL.LOG, In Quarantäne, [a06948557f1b85b14502a364ad58af51],
PUP.Optional.SpyHunter, C:\Program Files\Enigma Software Group\SpyHunter\Log\SpyHunter4_20130513_202817.log, In Quarantäne, [a06948557f1b85b14502a364ad58af51],

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

deeprybka 25.10.2016 18:35
OK...und ESET noch bitte...

ThinkGreen 25.10.2016 19:41
Hier ist nun die ESET:

Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=3de0f79f51b23c49a7f9e767556c79cf
# end=init
# utc_time=2016-10-24 07:46:09
# local_time=2016-10-24 09:46:09 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 31185
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=3de0f79f51b23c49a7f9e767556c79cf
# end=updated
# utc_time=2016-10-24 07:49:20
# local_time=2016-10-24 09:49:20 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=3de0f79f51b23c49a7f9e767556c79cf
# end=restart
# utc_time=2016-10-24 09:04:15
# local_time=2016-10-24 11:04:15 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 213451 8673671 0 0
# scanned=269620
# found=9
# cleaned=0
# scan_time=4494
sh=5339ABEE428B92A04DF04A1D1B81896A68CF7CBD ft=0 fh=0000000000000000 vn="Win32/DealPly.J evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\DealPly.crx.vir"
sh=B93A611E29C3BD6E13E9F3A2BD98F17EED127102 ft=0 fh=0000000000000000 vn="Win32/DealPly.J evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\DealPly.xpi.vir"
sh=D1337408DE8FC6409BCB0F52A3F84F2863A94C40 ft=1 fh=b4f71a4e9c68bca5 vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\DealPlyLiveBroker.exe.vir"
sh=E1124A98F09A6EBCE59FEA2E918FFE2DCB245146 ft=1 fh=c29d58234e843b86 vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\DealPlyLiveOnDemand.exe.vir"
sh=A658B92B519F7898937EE2AE8CF53A62F620C923 ft=1 fh=7f9bfa912e5e181c vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdate.dll.vir"
sh=6D00C85C60CAF98D39E5CD07AACE53C757A99C49 ft=1 fh=ed4a7cab0d6835d6 vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ru.dll.vir"
sh=7489D541CA03F640A02B20A33A88C70691D689D5 ft=1 fh=5216003ac57facf4 vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll.vir"
sh=0652CF8AA5ACCADDDD31EE32521742F0CF6A62B0 ft=1 fh=6730b7aa2ee36939 vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\psmachine.dll.vir"
sh=4990A2E5C73E3A5AE70FC1C50820018E3481A2B9 ft=1 fh=7b59edfb86d10a42 vn="Win32/JoyDownloader.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Kamen-2\AppData\Roaming\rmi\offer_downloader.exe"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=3de0f79f51b23c49a7f9e767556c79cf
# end=init
# utc_time=2016-10-24 09:04:32
# local_time=2016-10-24 11:04:32 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=3de0f79f51b23c49a7f9e767556c79cf
# end=init
# utc_time=2016-10-25 04:32:26
# local_time=2016-10-25 06:32:26 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 31195
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=3de0f79f51b23c49a7f9e767556c79cf
# end=updated
# utc_time=2016-10-25 04:33:58
# local_time=2016-10-25 06:33:58 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=3de0f79f51b23c49a7f9e767556c79cf
# engine=31195
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-10-25 06:34:59
# local_time=2016-10-25 08:34:59 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 290895 8751115 0 0
# scanned=416231
# found=9
# cleaned=0
# scan_time=7260
sh=5339ABEE428B92A04DF04A1D1B81896A68CF7CBD ft=0 fh=0000000000000000 vn="Win32/DealPly.J evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\DealPly.crx.vir"
sh=B93A611E29C3BD6E13E9F3A2BD98F17EED127102 ft=0 fh=0000000000000000 vn="Win32/DealPly.J evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\DealPly.xpi.vir"
sh=D1337408DE8FC6409BCB0F52A3F84F2863A94C40 ft=1 fh=b4f71a4e9c68bca5 vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\DealPlyLiveBroker.exe.vir"
sh=E1124A98F09A6EBCE59FEA2E918FFE2DCB245146 ft=1 fh=c29d58234e843b86 vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\DealPlyLiveOnDemand.exe.vir"
sh=A658B92B519F7898937EE2AE8CF53A62F620C923 ft=1 fh=7f9bfa912e5e181c vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdate.dll.vir"
sh=6D00C85C60CAF98D39E5CD07AACE53C757A99C49 ft=1 fh=ed4a7cab0d6835d6 vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ru.dll.vir"
sh=7489D541CA03F640A02B20A33A88C70691D689D5 ft=1 fh=5216003ac57facf4 vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll.vir"
sh=0652CF8AA5ACCADDDD31EE32521742F0CF6A62B0 ft=1 fh=6730b7aa2ee36939 vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\psmachine.dll.vir"
sh=4990A2E5C73E3A5AE70FC1C50820018E3481A2B9 ft=1 fh=7b59edfb86d10a42 vn="Win32/JoyDownloader.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Kamen-2\AppData\Roaming\rmi\offer_downloader.exe"


Alle Zeitangaben in WEZ +1. Es ist jetzt 04:36 Uhr.
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55