| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Window 10 - Amazon Account wurde gehackt - Habe ich nun eine Schadsoftware auf dem PC?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
25.10.2015, 21:02
| #1 |
| |  Window 10 - Amazon Account wurde gehackt - Habe ich nun eine Schadsoftware auf dem PC? Habe ich gemacht. Allerdings hat wohl mein Kaspersky Internet Security sich während des Prozesses eingemischt. Als ich die Bereinigung über das TDSSKiller Programm ausgeführt habe hat das AV Programm das TDSSKiller Programm als Schadsoftware erkannt (C:\TDSSKiller_Quarantine\...) ich füge den Bericht vom AV auch mal mit rein. Nachdem Löschen hat TDSS keinen Neustart gefordert diesen habe ich dann manuell durchgeführt und den Scan wiederholt um sicherzugehen das dass AV nicht dazwischen "gefunkt" hat. Beim zweiten Scan wurden keine Bedrohungen mehr festgestellt. TDSS: Code:
ATTFilter 20:39:56.0950 0x1620 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
20:40:02.0109 0x1620 ============================================================
20:40:02.0109 0x1620 Current date / time: 2015/10/25 20:40:02.0109
20:40:02.0109 0x1620 SystemInfo:
20:40:02.0109 0x1620
20:40:02.0109 0x1620 OS Version: 10.0.10240 ServicePack: 0.0
20:40:02.0109 0x1620 Product type: Workstation
20:40:02.0109 0x1620 ComputerName: ROBERT
20:40:02.0109 0x1620 UserName: Admin
20:40:02.0109 0x1620 Windows directory: C:\WINDOWS
20:40:02.0109 0x1620 System windows directory: C:\WINDOWS
20:40:02.0109 0x1620 Running under WOW64
20:40:02.0109 0x1620 Processor architecture: Intel x64
20:40:02.0109 0x1620 Number of processors: 4
20:40:02.0109 0x1620 Page size: 0x1000
20:40:02.0109 0x1620 Boot type: Normal boot
20:40:02.0109 0x1620 ============================================================
20:40:02.0202 0x1620 KLMD registered as C:\WINDOWS\system32\drivers\83850129.sys
20:40:02.0296 0x1620 System UUID: {E640A2DA-AB51-2EBF-C8FB-3BE5D966A3AB}
20:40:02.0609 0x1620 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:40:02.0609 0x1620 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:40:09.0445 0x1620 Drive \Device\Harddisk2\DR2 - Size: 0x7470AFDE00 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:40:17.0996 0x1620 Drive \Device\Harddisk3\DR3 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:40:18.0116 0x1620 Drive \Device\Harddisk4\DR4 - Size: 0x2BAA1476000 ( 2794.52 Gb ), SectorSize: 0x200, Cylinders: 0x59101, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:40:18.0126 0x1620 ============================================================
20:40:18.0126 0x1620 \Device\Harddisk0\DR0:
20:40:18.0139 0x1620 MBR partitions:
20:40:18.0139 0x1620 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
20:40:18.0139 0x1620 \Device\Harddisk1\DR1:
20:40:18.0139 0x1620 MBR partitions:
20:40:18.0139 0x1620 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x9C40000
20:40:18.0139 0x1620 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x9C40800, BlocksNum 0x13584800
20:40:18.0139 0x1620 \Device\Harddisk2\DR2:
20:40:18.0140 0x1620 MBR partitions:
20:40:18.0140 0x1620 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D2DAFF8
20:40:18.0140 0x1620 \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x1D2DB800, BlocksNum 0x1D0A8800
20:40:18.0140 0x1620 \Device\Harddisk3\DR3:
20:40:18.0140 0x1620 MBR partitions:
20:40:18.0140 0x1620 \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
20:40:18.0140 0x1620 \Device\Harddisk4\DR4:
20:40:18.0141 0x1620 GPT partitions:
20:40:18.0141 0x1620 \Device\Harddisk4\DR4\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {9A92471B-CE4C-4D7B-8284-ED4281FDE868}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
20:40:18.0141 0x1620 \Device\Harddisk4\DR4\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {8806A743-81B3-463D-B620-D338F7351E32}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x5D4C9800
20:40:18.0141 0x1620 MBR partitions:
20:40:18.0141 0x1620 ============================================================
20:40:18.0166 0x1620 B: <-> \Device\Harddisk0\DR0\Partition1
20:40:18.0167 0x1620 C: <-> \Device\Harddisk1\DR1\Partition1
20:40:18.0213 0x1620 E: <-> \Device\Harddisk3\DR3\Partition1
20:40:18.0232 0x1620 F: <-> \Device\Harddisk4\DR4\Partition2
20:40:18.0330 0x1620 H: <-> \Device\Harddisk2\DR2\Partition2
20:40:18.0374 0x1620 J: <-> \Device\Harddisk2\DR2\Partition1
20:40:18.0375 0x1620 D: <-> \Device\Harddisk1\DR1\Partition2
20:40:18.0375 0x1620 ============================================================
20:40:18.0375 0x1620 Initialize success
20:40:18.0375 0x1620 ============================================================
20:41:42.0119 0x0ad4 ============================================================
20:41:42.0119 0x0ad4 Scan started
20:41:42.0119 0x0ad4 Mode: Manual; SigCheck; TDLFS;
20:41:42.0119 0x0ad4 ============================================================
20:41:42.0119 0x0ad4 KSN ping started
20:41:44.0499 0x0ad4 KSN ping finished: true
20:41:45.0206 0x0ad4 ================ Scan system memory ========================
20:41:45.0206 0x0ad4 System memory - ok
20:41:45.0206 0x0ad4 ================ Scan services =============================
20:41:45.0242 0x0ad4 1394ohci - ok
20:41:45.0242 0x0ad4 3ware - ok
20:41:45.0242 0x0ad4 ACPI - ok
20:41:45.0242 0x0ad4 acpiex - ok
20:41:45.0242 0x0ad4 acpipagr - ok
20:41:45.0242 0x0ad4 AcpiPmi - ok
20:41:45.0242 0x0ad4 acpitime - ok
20:41:45.0258 0x0ad4 ADP80XX - ok
20:41:45.0267 0x0ad4 AFD - ok
20:41:45.0269 0x0ad4 agp440 - ok
20:41:45.0272 0x0ad4 ahcache - ok
20:41:45.0275 0x0ad4 AJRouter - ok
20:41:45.0277 0x0ad4 ALG - ok
20:41:45.0279 0x0ad4 AmdK8 - ok
20:41:45.0282 0x0ad4 AmdPPM - ok
20:41:45.0284 0x0ad4 amdsata - ok
20:41:45.0287 0x0ad4 amdsbs - ok
20:41:45.0289 0x0ad4 amdxata - ok
20:41:45.0292 0x0ad4 AppID - ok
20:41:45.0294 0x0ad4 AppIDSvc - ok
20:41:45.0297 0x0ad4 Appinfo - ok
20:41:45.0299 0x0ad4 AppMgmt - ok
20:41:45.0302 0x0ad4 AppReadiness - ok
20:41:45.0305 0x0ad4 AppXSvc - ok
20:41:45.0307 0x0ad4 arcsas - ok
20:41:45.0309 0x0ad4 AsyncMac - ok
20:41:45.0312 0x0ad4 atapi - ok
20:41:45.0315 0x0ad4 AudioEndpointBuilder - ok
20:41:45.0317 0x0ad4 Audiosrv - ok
20:41:45.0328 0x0ad4 [ 50C3C62FFE6337E6E4F2F01CB07DF63C, CC9C7D2827E872F22A2A79D42195530F61DF6EA6A1C8F520E25DB35537574FAB ] AVP16.0.0 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
20:41:45.0355 0x0ad4 AVP16.0.0 - ok
20:41:45.0363 0x0ad4 AxInstSV - ok
20:41:45.0366 0x0ad4 b06bdrv - ok
20:41:45.0369 0x0ad4 BasicDisplay - ok
20:41:45.0372 0x0ad4 BasicRender - ok
20:41:45.0375 0x0ad4 bcmfn2 - ok
20:41:45.0378 0x0ad4 BDESVC - ok
20:41:45.0381 0x0ad4 Beep - ok
20:41:45.0383 0x0ad4 BFE - ok
20:41:45.0386 0x0ad4 BITS - ok
20:41:45.0389 0x0ad4 bowser - ok
20:41:45.0391 0x0ad4 BrokerInfrastructure - ok
20:41:45.0394 0x0ad4 Browser - ok
20:41:45.0397 0x0ad4 BthAvrcpTg - ok
20:41:45.0399 0x0ad4 BthHFEnum - ok
20:41:45.0403 0x0ad4 bthhfhid - ok
20:41:45.0405 0x0ad4 BthHFSrv - ok
20:41:45.0408 0x0ad4 BTHMODEM - ok
20:41:45.0411 0x0ad4 bthserv - ok
20:41:45.0416 0x0ad4 buttonconverter - ok
20:41:45.0417 0x0ad4 CapImg - ok
20:41:45.0420 0x0ad4 cdfs - ok
20:41:45.0422 0x0ad4 CDPSvc - ok
20:41:45.0424 0x0ad4 cdrom - ok
20:41:45.0426 0x0ad4 CertPropSvc - ok
20:41:45.0429 0x0ad4 circlass - ok
20:41:45.0431 0x0ad4 CLFS - ok
20:41:45.0433 0x0ad4 ClipSVC - ok
20:41:45.0438 0x0ad4 CmBatt - ok
20:41:45.0446 0x0ad4 [ B2A6D2A30E93B6F215F74AC7E1733C9C, 960299F7BF2501B46296EDEA050BF30313C17A9B785574B56B79C070BD1B6E1A ] cm_km C:\WINDOWS\system32\DRIVERS\cm_km.sys
20:41:45.0462 0x0ad4 cm_km - ok
20:41:45.0465 0x0ad4 CNG - ok
20:41:45.0467 0x0ad4 cnghwassist - ok
20:41:45.0478 0x0ad4 CompositeBus - ok
20:41:45.0481 0x0ad4 COMSysApp - ok
20:41:45.0483 0x0ad4 condrv - ok
20:41:45.0486 0x0ad4 CoreMessagingRegistrar - ok
20:41:45.0490 0x0ad4 CryptSvc - ok
20:41:45.0492 0x0ad4 CSC - ok
20:41:45.0494 0x0ad4 CscService - ok
20:41:45.0514 0x0ad4 [ A2D4288A7412D0D6AEA3490FB7D26BC8, 6FF5AAABA159E93E01FE6F5861D07C040DD4808597B85107E426F013DFAFE5AC ] cthda C:\WINDOWS\system32\drivers\cthda.sys
20:41:45.0541 0x0ad4 cthda - ok
20:41:45.0558 0x0ad4 [ 39DFCFD2C32A7A4F5E3F9C77389F3BE1, 81C06CA42A8E1D495017019E41DE1A5B1DEA450D41BDDFB131EA33E11B60337B ] CtHdaSvc C:\WINDOWS\sysWow64\CtHdaSvc.exe
20:41:45.0597 0x0ad4 CtHdaSvc - ok
20:41:45.0600 0x0ad4 [ 823702E03DBBADD5488992122EC86D7C, 8EFB9E871EEAD1A2CAE945356C8EC90B52845772BFAC02ACAFA0F8E5CEBB9C40 ] cthdb C:\WINDOWS\system32\DRIVERS\cthdb.sys
20:41:45.0605 0x0ad4 cthdb - ok
20:41:45.0608 0x0ad4 dam - ok
20:41:45.0611 0x0ad4 DcomLaunch - ok
20:41:45.0613 0x0ad4 DcpSvc - ok
20:41:45.0616 0x0ad4 defragsvc - ok
20:41:45.0618 0x0ad4 DeviceAssociationService - ok
20:41:45.0620 0x0ad4 DeviceInstall - ok
20:41:45.0622 0x0ad4 DevQueryBroker - ok
20:41:45.0625 0x0ad4 Dfsc - ok
20:41:45.0629 0x0ad4 [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
20:41:45.0644 0x0ad4 dg_ssudbus - ok
20:41:45.0647 0x0ad4 Dhcp - ok
20:41:45.0650 0x0ad4 diagnosticshub.standardcollector.service - ok
20:41:45.0652 0x0ad4 DiagTrack - ok
20:41:45.0654 0x0ad4 disk - ok
20:41:45.0656 0x0ad4 DmEnrollmentSvc - ok
20:41:45.0659 0x0ad4 dmvsc - ok
20:41:45.0661 0x0ad4 dmwappushservice - ok
20:41:45.0663 0x0ad4 Dnscache - ok
20:41:45.0667 0x0ad4 dot3svc - ok
20:41:45.0669 0x0ad4 DPS - ok
20:41:45.0671 0x0ad4 drmkaud - ok
20:41:45.0673 0x0ad4 DsmSvc - ok
20:41:45.0675 0x0ad4 DsSvc - ok
20:41:45.0677 0x0ad4 DXGKrnl - ok
20:41:45.0680 0x0ad4 Eaphost - ok
20:41:45.0682 0x0ad4 ebdrv - ok
20:41:45.0685 0x0ad4 EFS - ok
20:41:45.0687 0x0ad4 EhStorClass - ok
20:41:45.0689 0x0ad4 EhStorTcgDrv - ok
20:41:45.0691 0x0ad4 embeddedmode - ok
20:41:45.0694 0x0ad4 EntAppSvc - ok
20:41:45.0696 0x0ad4 ErrDev - ok
20:41:45.0701 0x0ad4 [ 8DB1E358940C48A6C7141991E144DC44, 4E492E1441A5BDEA248A2A908A10D5DB0B9AE530312E243D9C1AFB002794B965 ] EtronHub3 C:\WINDOWS\System32\Drivers\EtronHub3.sys
20:41:45.0717 0x0ad4 EtronHub3 - ok
20:41:45.0721 0x0ad4 [ 46BE469FB963932F7FA4E5B15AF3FC8F, 4EBF7F1394F0C9F90676802FFF5FC5DC34A8CF703DF347B432936ED09E64422E ] EtronXHCI C:\WINDOWS\System32\Drivers\EtronXHCI.sys
20:41:45.0733 0x0ad4 EtronXHCI - ok
20:41:45.0737 0x0ad4 EventSystem - ok
20:41:45.0739 0x0ad4 exfat - ok
20:41:45.0741 0x0ad4 fastfat - ok
20:41:45.0743 0x0ad4 Fax - ok
20:41:45.0745 0x0ad4 fcvsc - ok
20:41:45.0748 0x0ad4 fdc - ok
20:41:45.0750 0x0ad4 fdPHost - ok
20:41:45.0752 0x0ad4 FDResPub - ok
20:41:45.0754 0x0ad4 fhsvc - ok
20:41:45.0756 0x0ad4 FileCrypt - ok
20:41:45.0758 0x0ad4 FileInfo - ok
20:41:45.0760 0x0ad4 Filetrace - ok
20:41:45.0763 0x0ad4 flpydisk - ok
20:41:45.0766 0x0ad4 FltMgr - ok
20:41:45.0768 0x0ad4 FontCache - ok
20:41:45.0770 0x0ad4 FsDepends - ok
20:41:45.0772 0x0ad4 Fs_Rec - ok
20:41:45.0775 0x0ad4 fvevol - ok
20:41:45.0777 0x0ad4 gagp30kx - ok
20:41:45.0780 0x0ad4 gencounter - ok
20:41:45.0782 0x0ad4 genericusbfn - ok
20:41:45.0804 0x0ad4 [ 5031F3E650D242EEECEB92EB9900FB93, FB51ADB81AC3E0097362BAECEC4F0C83C46E5505277B7F35FDCE9BF88B72C963 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
20:41:45.0831 0x0ad4 GfExperienceService - ok
20:41:45.0835 0x0ad4 GPIOClx0101 - ok
20:41:45.0837 0x0ad4 gpsvc - ok
20:41:45.0839 0x0ad4 GpuEnergyDrv - ok
20:41:45.0844 0x0ad4 [ C6FF00DA1605982E616C03BE809FFE2D, 4D9C86B9FF2FA291DC320677D28DF00C26834409F7AD94D6C07D2233ED746B19 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:41:45.0851 0x0ad4 gupdate - ok
20:41:45.0855 0x0ad4 [ C6FF00DA1605982E616C03BE809FFE2D, 4D9C86B9FF2FA291DC320677D28DF00C26834409F7AD94D6C07D2233ED746B19 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:41:45.0861 0x0ad4 gupdatem - ok
20:41:45.0864 0x0ad4 HDAudBus - ok
20:41:45.0866 0x0ad4 HidBatt - ok
20:41:45.0868 0x0ad4 HidBth - ok
20:41:45.0870 0x0ad4 hidi2c - ok
20:41:45.0873 0x0ad4 hidinterrupt - ok
20:41:45.0875 0x0ad4 HidIr - ok
20:41:45.0877 0x0ad4 hidserv - ok
20:41:45.0879 0x0ad4 HidUsb - ok
20:41:45.0883 0x0ad4 HomeGroupListener - ok
20:41:45.0885 0x0ad4 HomeGroupProvider - ok
20:41:45.0887 0x0ad4 HpSAMD - ok
20:41:45.0889 0x0ad4 HTTP - ok
20:41:45.0891 0x0ad4 hwpolicy - ok
20:41:45.0893 0x0ad4 hyperkbd - ok
20:41:45.0896 0x0ad4 HyperVideo - ok
20:41:45.0898 0x0ad4 i8042prt - ok
20:41:45.0900 0x0ad4 iaLPSSi_GPIO - ok
20:41:45.0902 0x0ad4 iaLPSSi_I2C - ok
20:41:45.0904 0x0ad4 iaStorAV - ok
20:41:45.0907 0x0ad4 iaStorV - ok
20:41:45.0909 0x0ad4 ibbus - ok
20:41:45.0911 0x0ad4 icssvc - ok
20:41:45.0913 0x0ad4 IEEtwCollectorService - ok
20:41:45.0916 0x0ad4 IKEEXT - ok
20:41:45.0992 0x0ad4 [ 622868E4BAE8FBCD22CB1A5901A2C824, C1A2264C0984DD16C83B663C9CE43E049E1356E32C5771C3ACE225F285699138 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
20:41:46.0085 0x0ad4 IntcAzAudAddService - ok
20:41:46.0090 0x0ad4 intelide - ok
20:41:46.0093 0x0ad4 intelpep - ok
20:41:46.0095 0x0ad4 intelppm - ok
20:41:46.0097 0x0ad4 IoQos - ok
20:41:46.0099 0x0ad4 IpFilterDriver - ok
20:41:46.0102 0x0ad4 iphlpsvc - ok
20:41:46.0104 0x0ad4 IPMIDRV - ok
20:41:46.0106 0x0ad4 IPNAT - ok
20:41:46.0108 0x0ad4 IRENUM - ok
20:41:46.0110 0x0ad4 isapnp - ok
20:41:46.0113 0x0ad4 iScsiPrt - ok
20:41:46.0115 0x0ad4 kbdclass - ok
20:41:46.0118 0x0ad4 kbdhid - ok
20:41:46.0120 0x0ad4 kdnic - ok
20:41:46.0123 0x0ad4 KeyIso - ok
20:41:46.0134 0x0ad4 [ BEE1682DA217A4AD46C36896769AA580, 4D853D78E459F7BFE4F4217FCAD47CDACFAC19C2F6CF8261FBAA46BDB387FFDC ] kl1 C:\WINDOWS\system32\DRIVERS\kl1.sys
20:41:46.0149 0x0ad4 kl1 - ok
20:41:46.0153 0x0ad4 [ 86F40D79CE80ACBE6BEBAC8CE89D75A0, 8B800425160D1AF3C32EF7B5CA794658EE09CD3EE782473D8D38E1C7706076B3 ] klbackupdisk C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys
20:41:46.0161 0x0ad4 klbackupdisk - ok
20:41:46.0164 0x0ad4 [ 2B4BC41223326FF440E2DB32B9239138, E95D5BB3388D6B219A4C175D5DA77CEB620A27A13F5AA4E7E2C05694B6E26947 ] klbackupflt C:\WINDOWS\system32\DRIVERS\klbackupflt.sys
20:41:46.0174 0x0ad4 klbackupflt - ok
20:41:46.0178 0x0ad4 [ 1557DF622127972EDB3DD3A61E7763CC, F6E8F31760B549B882180EB6FB45B40CA6CEDC5E61B11E02609C26E053F7C902 ] kldisk C:\WINDOWS\system32\DRIVERS\kldisk.sys
20:41:46.0185 0x0ad4 kldisk - ok
20:41:46.0188 0x0ad4 [ E2097C8F18F1E8E3B7D09F12B51843A3, 0506A99BD0962AAE64692BD7F080DB080F8B678DC59685CF22830A47B486430C ] klelam C:\WINDOWS\system32\DRIVERS\klelam.sys
20:41:46.0200 0x0ad4 klelam - ok
20:41:46.0205 0x0ad4 [ BACE50477C184A3AA0755702C23B8B27, 5708A1B7C22702AD2E5DD4491A911A51D2FB768E46857639C0C5D8736E487D0F ] klflt C:\WINDOWS\system32\DRIVERS\klflt.sys
20:41:46.0214 0x0ad4 klflt - ok
20:41:46.0220 0x0ad4 [ 0698A6918DAF5B1710F5A5170C34FC03, 15CBA4089950812A5815D7517B6C25959A793A55A66F8AA6746618D42A849351 ] klhk C:\WINDOWS\system32\DRIVERS\klhk.sys
20:41:46.0230 0x0ad4 klhk - ok
20:41:46.0248 0x0ad4 [ EBDECA2C6072F1FA09BDB660EA6017FA, 0F2FCBE85350EB8AC709069C61E18797E18A33E0BD03D84C2B61059BEC705099 ] KLIF C:\WINDOWS\system32\DRIVERS\klif.sys
20:41:46.0270 0x0ad4 KLIF - ok
20:41:46.0274 0x0ad4 [ E62321376344231F5F488758ACC6D553, 1155C1FDD5C95B05EABBD4268A7D3FFF050D0C0921B61226179C312605AB46C3 ] KLIM6 C:\WINDOWS\system32\DRIVERS\klim6.sys
20:41:46.0280 0x0ad4 KLIM6 - ok
20:41:46.0283 0x0ad4 [ DAE5768E6FD34A36E3B9D1AF1FCA682B, 24DA0B71E3B4AC0FABEE0BF687DF8D35283DBF808CA3AB6F86E72B37471F6B33 ] klkbdflt C:\WINDOWS\system32\DRIVERS\klkbdflt.sys
20:41:46.0289 0x0ad4 klkbdflt - ok
20:41:46.0291 0x0ad4 klkbdflt2 - ok
20:41:46.0294 0x0ad4 [ FD47C92A63B6EADEA830BFA96C06EAEE, C15C39B6FA53CBD01A2F95243845C4B706B4229F8FFB75C7128819B9CEE5B2CB ] klmouflt C:\WINDOWS\system32\DRIVERS\klmouflt.sys
20:41:46.0301 0x0ad4 klmouflt - ok
20:41:46.0304 0x0ad4 [ F610F5F17BC87D61EF8954CCD793BAE4, A77FE26B4A474FE799C3D569BDD7858319C57FC14C1BB43ECFAB1FDB19AF5DC6 ] klpd C:\WINDOWS\system32\DRIVERS\klpd.sys
20:41:46.0310 0x0ad4 klpd - ok
20:41:46.0314 0x0ad4 [ 26D3895A519220E94D241A8858D40CD9, CBDE2B937D2897FC2F356F73D983023F7CBE3C9E8A2873877E5CAF40F3D9A680 ] klwfp C:\WINDOWS\system32\DRIVERS\klwfp.sys
20:41:46.0321 0x0ad4 klwfp - ok
20:41:46.0326 0x0ad4 [ 91234D71CEED29F2DBA16942CABDCA4F, 5D71BAC86C33BC77EEBF1ECB8F372DFE631991E4C5F36EAF0C8C957150BD6D52 ] Klwtp C:\WINDOWS\system32\DRIVERS\klwtp.sys
20:41:46.0333 0x0ad4 Klwtp - ok
20:41:46.0339 0x0ad4 [ 1686DE8288052316EFDD49EEA8929065, AD43D6ACCD8693BD76F218E1A4EE088BA061C1309A3E7DAA7EC94D875985D895 ] kneps C:\WINDOWS\system32\DRIVERS\kneps.sys
20:41:46.0348 0x0ad4 kneps - ok
20:41:46.0350 0x0ad4 KSecDD - ok
20:41:46.0353 0x0ad4 KSecPkg - ok
20:41:46.0355 0x0ad4 ksthunk - ok
20:41:46.0357 0x0ad4 KtmRm - ok
20:41:46.0359 0x0ad4 LanmanServer - ok
20:41:46.0361 0x0ad4 LanmanWorkstation - ok
20:41:46.0365 0x0ad4 lfsvc - ok
20:41:46.0367 0x0ad4 [ 17325C9B9ADB2BB99049936D0C9812C8, 70ADDC85FD5757BC9C4B97F382B25A19851FF8275021FFC04A81E208A604F83E ] LGBusEnum C:\WINDOWS\system32\drivers\LGBusEnum.sys
20:41:46.0377 0x0ad4 LGBusEnum - ok
20:41:46.0381 0x0ad4 [ 2D7F1C02B94D6F0F3E10107E5EA8E141, 93B266F38C3C3EAAB475D81597ABBD7CC07943035068BB6FD670DBBE15DE0131 ] LGCoreTemp C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys
20:41:46.0387 0x0ad4 LGCoreTemp - ok
20:41:46.0391 0x0ad4 [ C7AF05942E041D4B1F345ACF79993BB3, E8FAAE356C99A11F6CF17640FD9C67F87AFBFEFB70C458CB85178F2AD94DF848 ] LGJoyXlCore C:\WINDOWS\system32\drivers\LGJoyXlCore.sys
20:41:46.0401 0x0ad4 LGJoyXlCore - ok
20:41:46.0404 0x0ad4 [ 1DDB8DE3D6EEF31EDCF4977B2D2FAACC, 24291B522A596E2D9A1CDAC192DB1C7422D5DD0E87E5C8A5F5E2CAA90296BF23 ] LGVirHid C:\WINDOWS\system32\drivers\LGVirHid.sys
20:41:46.0413 0x0ad4 LGVirHid - ok
20:41:46.0416 0x0ad4 LicenseManager - ok
20:41:46.0418 0x0ad4 lltdio - ok
20:41:46.0420 0x0ad4 lltdsvc - ok
20:41:46.0422 0x0ad4 lmhosts - ok
20:41:46.0425 0x0ad4 LSI_SAS - ok
20:41:46.0427 0x0ad4 LSI_SAS2i - ok
20:41:46.0430 0x0ad4 LSI_SAS3i - ok
20:41:46.0432 0x0ad4 LSI_SSS - ok
20:41:46.0434 0x0ad4 LSM - ok
20:41:46.0436 0x0ad4 luafv - ok
20:41:46.0439 0x0ad4 MapsBroker - ok
20:41:46.0442 0x0ad4 [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
20:41:46.0453 0x0ad4 MBAMProtector - ok
20:41:46.0474 0x0ad4 [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
20:41:46.0524 0x0ad4 MBAMService - ok
20:41:46.0528 0x0ad4 [ 08DECFCB9BA97786165A69AB1015BC30, EDC8C8447B57BD412E2DEBCA9B5B1B58C19D40105DC7CE9520DE214081696B05 ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
20:41:46.0540 0x0ad4 MBAMWebAccessControl - ok
20:41:46.0542 0x0ad4 megasas - ok
20:41:46.0544 0x0ad4 megasr - ok
20:41:46.0549 0x0ad4 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
20:41:46.0555 0x0ad4 MEIx64 - ok
20:41:46.0557 0x0ad4 mlx4_bus - ok
20:41:46.0559 0x0ad4 MMCSS - ok
20:41:46.0561 0x0ad4 Modem - ok
20:41:46.0564 0x0ad4 monitor - ok
20:41:46.0566 0x0ad4 mouclass - ok
20:41:46.0568 0x0ad4 mouhid - ok
20:41:46.0570 0x0ad4 mountmgr - ok
20:41:46.0572 0x0ad4 mpsdrv - ok
20:41:46.0575 0x0ad4 MpsSvc - ok
20:41:46.0577 0x0ad4 MRxDAV - ok
20:41:46.0579 0x0ad4 mrxsmb - ok
20:41:46.0581 0x0ad4 mrxsmb10 - ok
20:41:46.0583 0x0ad4 mrxsmb20 - ok
20:41:46.0586 0x0ad4 MsBridge - ok
20:41:46.0588 0x0ad4 MSDTC - ok
20:41:46.0591 0x0ad4 Msfs - ok
20:41:46.0593 0x0ad4 msgpiowin32 - ok
20:41:46.0595 0x0ad4 mshidkmdf - ok
20:41:46.0597 0x0ad4 mshidumdf - ok
20:41:46.0600 0x0ad4 msisadrv - ok
20:41:46.0602 0x0ad4 MSiSCSI - ok
20:41:46.0604 0x0ad4 msiserver - ok
20:41:46.0606 0x0ad4 MSKSSRV - ok
20:41:46.0608 0x0ad4 MsLldp - ok
20:41:46.0610 0x0ad4 MSPCLOCK - ok
20:41:46.0612 0x0ad4 MSPQM - ok
20:41:46.0615 0x0ad4 MsRPC - ok
20:41:46.0618 0x0ad4 mssmbios - ok
20:41:46.0620 0x0ad4 MSTEE - ok
20:41:46.0622 0x0ad4 MTConfig - ok
20:41:46.0624 0x0ad4 Mup - ok
20:41:46.0626 0x0ad4 mvumis - ok
20:41:46.0630 0x0ad4 NativeWifiP - ok
20:41:46.0632 0x0ad4 NcaSvc - ok
20:41:46.0634 0x0ad4 NcbService - ok
20:41:46.0636 0x0ad4 NcdAutoSetup - ok
20:41:46.0638 0x0ad4 ndfltr - ok
20:41:46.0641 0x0ad4 NDIS - ok
20:41:46.0643 0x0ad4 NdisCap - ok
20:41:46.0645 0x0ad4 NdisImPlatform - ok
20:41:46.0647 0x0ad4 NdisTapi - ok
20:41:46.0650 0x0ad4 Ndisuio - ok
20:41:46.0652 0x0ad4 NdisVirtualBus - ok
20:41:46.0654 0x0ad4 NdisWan - ok
20:41:46.0656 0x0ad4 ndiswanlegacy - ok
20:41:46.0658 0x0ad4 ndproxy - ok
20:41:46.0661 0x0ad4 Ndu - ok
20:41:46.0664 0x0ad4 NetBIOS - ok
20:41:46.0668 0x0ad4 NetBT - ok
20:41:46.0670 0x0ad4 Netlogon - ok
20:41:46.0673 0x0ad4 Netman - ok
20:41:46.0675 0x0ad4 netprofm - ok
20:41:46.0680 0x0ad4 [ 5D046D71B18BEFB2E4D164C3DEEDD672, 536834D020889973854830919B23DF22CC1B27236AFAEDEBDF42D432CE48FCDE ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll
20:41:46.0805 0x0ad4 NetSetupSvc - ok
20:41:46.0811 0x0ad4 NetTcpPortSharing - ok
20:41:46.0813 0x0ad4 netvsc - ok
20:41:46.0816 0x0ad4 NgcCtnrSvc - ok
20:41:46.0818 0x0ad4 NgcSvc - ok
20:41:46.0820 0x0ad4 NlaSvc - ok
20:41:46.0823 0x0ad4 Npfs - ok
20:41:46.0825 0x0ad4 npsvctrig - ok
20:41:46.0827 0x0ad4 nsi - ok
20:41:46.0830 0x0ad4 nsiproxy - ok
20:41:46.0833 0x0ad4 NTFS - ok
20:41:46.0835 0x0ad4 Null - ok
20:41:46.0841 0x0ad4 [ B9E5A80F646DDFEF158773722A466EA3, 028979FE600D17DA70445F44D81FAE4EDA3478FCC81FA5506133CCAC37C4E2BF ] NVHDA C:\WINDOWS\system32\drivers\nvhda64v.sys
20:41:46.0850 0x0ad4 NVHDA - ok
20:41:47.0052 0x0ad4 [ DF0BB2C179476D312B7BC0056CEC50A6, 64CC3201FA903E0EC9C99BE167C439C14A4C9AC2A88898B64789EEB381DB97B6 ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
20:41:47.0268 0x0ad4 nvlddmkm - ok
20:41:47.0308 0x0ad4 [ 4EBEE69A8FE7DC85FD3C122821C617A0, 7193C14DEB4C5B0D86C5C6841C80879C28E1FDA8F77879EB18A3D2685C67B986 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
20:41:47.0339 0x0ad4 NvNetworkService - ok
20:41:47.0339 0x0ad4 nvraid - ok
20:41:47.0355 0x0ad4 nvstor - ok
20:41:47.0355 0x0ad4 [ 0EF30778078D7B5877F8F57151699798, B0409C79143BDBB774C3C740CCA8EB77CF67915E59EC6050DB993ED0575EC077 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
20:41:47.0355 0x0ad4 NvStreamKms - ok
20:41:47.0448 0x0ad4 [ D23A07D549243F5B77780BAA4FBF5BC3, 5BC5161CAE6BE6382BDCDE9B1CDD5F4DEBC3EA18D01B0E261AF716FDB04154BC ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
20:41:47.0558 0x0ad4 NvStreamSvc - ok
20:41:47.0573 0x0ad4 [ DFCCA437717EACA8418F47992A41B39A, E587A629B894EE6A16AC414747D492FFC6B6E9F051B40F7D25F0D4406E2FF919 ] nvsvc C:\WINDOWS\system32\nvvsvc.exe
20:41:47.0605 0x0ad4 nvsvc - ok
20:41:47.0620 0x0ad4 [ 4F00008B513F4019623ED61159363888, A1047FF1FCF3ED405C3426C8959AD10426F30E3F58E95BFD6ADF1DBC947AB379 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
20:41:47.0620 0x0ad4 nvvad_WaveExtensible - ok
20:41:47.0620 0x0ad4 nv_agp - ok
20:41:47.0620 0x0ad4 OneSyncSvc - ok
20:41:47.0636 0x0ad4 p2pimsvc - ok
20:41:47.0636 0x0ad4 p2psvc - ok
20:41:47.0636 0x0ad4 Parport - ok
20:41:47.0636 0x0ad4 partmgr - ok
20:41:47.0648 0x0ad4 PcaSvc - ok
20:41:47.0650 0x0ad4 pci - ok
20:41:47.0652 0x0ad4 pciide - ok
20:41:47.0655 0x0ad4 pcmcia - ok
20:41:47.0657 0x0ad4 pcw - ok
20:41:47.0659 0x0ad4 pdc - ok
20:41:47.0661 0x0ad4 PEAUTH - ok
20:41:47.0664 0x0ad4 PeerDistSvc - ok
20:41:47.0666 0x0ad4 percsas2i - ok
20:41:47.0668 0x0ad4 percsas3i - ok
20:41:47.0685 0x0ad4 PerfHost - ok
20:41:47.0690 0x0ad4 PimIndexMaintenanceSvc - ok
20:41:47.0694 0x0ad4 pla - ok
20:41:47.0696 0x0ad4 PlugPlay - ok
20:41:47.0699 0x0ad4 PNRPAutoReg - ok
20:41:47.0701 0x0ad4 PNRPsvc - ok
20:41:47.0703 0x0ad4 PolicyAgent - ok
20:41:47.0706 0x0ad4 Power - ok
20:41:47.0708 0x0ad4 PptpMiniport - ok
20:41:47.0768 0x0ad4 [ 12E2582F69ACA40A6BAE91DA578CBF34, 648C6394763906AA4163976DA2C3308F8B706486D9D8F16258CB1D61C2929930 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
20:41:47.0895 0x0ad4 PrintNotify - ok
20:41:47.0900 0x0ad4 Processor - ok
20:41:47.0903 0x0ad4 ProfSvc - ok
20:41:47.0905 0x0ad4 Psched - ok
20:41:47.0907 0x0ad4 QWAVE - ok
20:41:47.0909 0x0ad4 QWAVEdrv - ok
20:41:47.0911 0x0ad4 RasAcd - ok
20:41:47.0914 0x0ad4 RasAgileVpn - ok
20:41:47.0917 0x0ad4 RasAuto - ok
20:41:47.0919 0x0ad4 Rasl2tp - ok
20:41:47.0921 0x0ad4 RasMan - ok
20:41:47.0923 0x0ad4 RasPppoe - ok
20:41:47.0925 0x0ad4 RasSstp - ok
20:41:47.0927 0x0ad4 rdbss - ok
20:41:47.0933 0x0ad4 rdpbus - ok
20:41:47.0935 0x0ad4 RDPDR - ok
20:41:47.0939 0x0ad4 RdpVideoMiniport - ok
20:41:47.0941 0x0ad4 rdyboost - ok
20:41:47.0944 0x0ad4 ReFSv1 - ok
20:41:47.0948 0x0ad4 RemoteAccess - ok
20:41:47.0950 0x0ad4 RemoteRegistry - ok
20:41:47.0952 0x0ad4 RetailDemo - ok
20:41:47.0954 0x0ad4 RpcEptMapper - ok
20:41:47.0957 0x0ad4 RpcLocator - ok
20:41:47.0959 0x0ad4 RpcSs - ok
20:41:47.0961 0x0ad4 rspndr - ok
20:41:47.0963 0x0ad4 rt640x64 - ok
20:41:47.0966 0x0ad4 s3cap - ok
20:41:47.0968 0x0ad4 SamSs - ok
20:41:47.0971 0x0ad4 sbp2port - ok
20:41:47.0973 0x0ad4 SCardSvr - ok
20:41:47.0975 0x0ad4 ScDeviceEnum - ok
20:41:47.0977 0x0ad4 scfilter - ok
20:41:47.0980 0x0ad4 Schedule - ok
20:41:47.0982 0x0ad4 SCPolicySvc - ok
20:41:47.0985 0x0ad4 sdbus - ok
20:41:47.0987 0x0ad4 SDRSVC - ok
20:41:47.0989 0x0ad4 sdstor - ok
20:41:47.0991 0x0ad4 seclogon - ok
20:41:47.0993 0x0ad4 SENS - ok
20:41:47.0996 0x0ad4 SensorDataService - ok
20:41:47.0999 0x0ad4 SensorService - ok
20:41:48.0001 0x0ad4 SensrSvc - ok
20:41:48.0003 0x0ad4 SerCx - ok
20:41:48.0005 0x0ad4 SerCx2 - ok
20:41:48.0007 0x0ad4 Serenum - ok
20:41:48.0010 0x0ad4 Serial - ok
20:41:48.0012 0x0ad4 sermouse - ok
20:41:48.0015 0x0ad4 SessionEnv - ok
20:41:48.0017 0x0ad4 sfloppy - ok
20:41:48.0020 0x0ad4 SharedAccess - ok
20:41:48.0023 0x0ad4 ShellHWDetection - ok
20:41:48.0025 0x0ad4 SiSRaid2 - ok
20:41:48.0027 0x0ad4 SiSRaid4 - ok
20:41:48.0071 0x0ad4 [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate B:\Program Files (x86)\Skype\Updater\Updater.exe
20:41:48.0086 0x0ad4 SkypeUpdate - ok
20:41:48.0089 0x0ad4 smphost - ok
20:41:48.0091 0x0ad4 SmsRouter - ok
20:41:48.0094 0x0ad4 SNMPTRAP - ok
20:41:48.0097 0x0ad4 spaceport - ok
20:41:48.0100 0x0ad4 SpbCx - ok
20:41:48.0102 0x0ad4 Spooler - ok
20:41:48.0104 0x0ad4 sppsvc - ok
20:41:48.0106 0x0ad4 srv - ok
20:41:48.0108 0x0ad4 srv2 - ok
20:41:48.0111 0x0ad4 srvnet - ok
20:41:48.0113 0x0ad4 SSDPSRV - ok
20:41:48.0116 0x0ad4 SstpSvc - ok
20:41:48.0122 0x0ad4 [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
20:41:48.0131 0x0ad4 ssudmdm - ok
20:41:48.0134 0x0ad4 StateRepository - ok
20:41:48.0150 0x0ad4 [ D31201BD8782752BD69DBE1E5DDF9AC5, 98B72690B4E6CC1B694C655DD31CB1FB56B76B62A32CFB748AF78F4C072D9740 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
20:41:48.0173 0x0ad4 Steam Client Service - ok
20:41:48.0183 0x0ad4 [ 4392321C9F3FB8D6061CCB37E85E588D, 2992E6134E5F18ED25620DC4DE01F1561CBBEAF485EEF59E4446EC12BEED29D0 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
20:41:48.0196 0x0ad4 Stereo Service - ok
20:41:48.0199 0x0ad4 stexstor - ok
20:41:48.0201 0x0ad4 stisvc - ok
20:41:48.0203 0x0ad4 storahci - ok
20:41:48.0206 0x0ad4 storflt - ok
20:41:48.0208 0x0ad4 stornvme - ok
20:41:48.0210 0x0ad4 storqosflt - ok
20:41:48.0213 0x0ad4 StorSvc - ok
20:41:48.0215 0x0ad4 storufs - ok
20:41:48.0218 0x0ad4 storvsc - ok
20:41:48.0220 0x0ad4 svsvc - ok
20:41:48.0229 0x0ad4 swenum - ok
20:41:48.0231 0x0ad4 swprv - ok
20:41:48.0234 0x0ad4 Synth3dVsc - ok
20:41:48.0236 0x0ad4 SysMain - ok
20:41:48.0238 0x0ad4 SystemEventsBroker - ok
20:41:48.0241 0x0ad4 TabletInputService - ok
20:41:48.0244 0x0ad4 TapiSrv - ok
20:41:48.0246 0x0ad4 Tcpip - ok
20:41:48.0248 0x0ad4 Tcpip6 - ok
20:41:48.0252 0x0ad4 tcpipreg - ok
20:41:48.0255 0x0ad4 tdx - ok
20:41:48.0257 0x0ad4 terminpt - ok
20:41:48.0260 0x0ad4 TermService - ok
20:41:48.0262 0x0ad4 Themes - ok
20:41:48.0265 0x0ad4 tiledatamodelsvc - ok
20:41:48.0267 0x0ad4 TimeBroker - ok
20:41:48.0269 0x0ad4 TPM - ok
20:41:48.0272 0x0ad4 TrkWks - ok
20:41:48.0274 0x0ad4 TrustedInstaller - ok
20:41:48.0277 0x0ad4 TsUsbFlt - ok
20:41:48.0281 0x0ad4 TsUsbGD - ok
20:41:48.0284 0x0ad4 tunnel - ok
20:41:48.0286 0x0ad4 uagp35 - ok
20:41:48.0288 0x0ad4 UASPStor - ok
20:41:48.0290 0x0ad4 UcmCx0101 - ok
20:41:48.0293 0x0ad4 UcmUcsi - ok
20:41:48.0295 0x0ad4 Ucx01000 - ok
20:41:48.0297 0x0ad4 UdeCx - ok
20:41:48.0300 0x0ad4 udfs - ok
20:41:48.0303 0x0ad4 UEFI - ok
20:41:48.0305 0x0ad4 Ufx01000 - ok
20:41:48.0307 0x0ad4 UfxChipidea - ok
20:41:48.0309 0x0ad4 ufxsynopsys - ok
20:41:48.0314 0x0ad4 UI0Detect - ok
20:41:48.0316 0x0ad4 uliagpkx - ok
20:41:48.0319 0x0ad4 umbus - ok
20:41:48.0321 0x0ad4 UmPass - ok
20:41:48.0324 0x0ad4 UmRdpService - ok
20:41:48.0326 0x0ad4 UnistoreSvc - ok
20:41:48.0331 0x0ad4 upnphost - ok
20:41:48.0333 0x0ad4 UrsChipidea - ok
20:41:48.0336 0x0ad4 UrsCx01000 - ok
20:41:48.0338 0x0ad4 UrsSynopsys - ok
20:41:48.0340 0x0ad4 usbccgp - ok
20:41:48.0342 0x0ad4 usbcir - ok
20:41:48.0345 0x0ad4 usbehci - ok
20:41:48.0347 0x0ad4 usbhub - ok
20:41:48.0350 0x0ad4 USBHUB3 - ok
20:41:48.0353 0x0ad4 usbohci - ok
20:41:48.0355 0x0ad4 usbprint - ok
20:41:48.0358 0x0ad4 usbser - ok
20:41:48.0360 0x0ad4 USBSTOR - ok
20:41:48.0362 0x0ad4 usbuhci - ok
20:41:48.0367 0x0ad4 USBXHCI - ok
20:41:48.0369 0x0ad4 UserDataSvc - ok
20:41:48.0373 0x0ad4 UserManager - ok
20:41:48.0375 0x0ad4 UsoSvc - ok
20:41:48.0377 0x0ad4 VaultSvc - ok
20:41:48.0380 0x0ad4 vdrvroot - ok
20:41:48.0382 0x0ad4 vds - ok
20:41:48.0384 0x0ad4 VerifierExt - ok
20:41:48.0387 0x0ad4 vhdmp - ok
20:41:48.0389 0x0ad4 vhf - ok
20:41:48.0391 0x0ad4 vmbus - ok
20:41:48.0393 0x0ad4 VMBusHID - ok
20:41:48.0396 0x0ad4 vmicguestinterface - ok
20:41:48.0398 0x0ad4 vmicheartbeat - ok
20:41:48.0401 0x0ad4 vmickvpexchange - ok
20:41:48.0403 0x0ad4 vmicrdv - ok
20:41:48.0405 0x0ad4 vmicshutdown - ok
20:41:48.0407 0x0ad4 vmictimesync - ok
20:41:48.0409 0x0ad4 vmicvmsession - ok
20:41:48.0411 0x0ad4 vmicvss - ok
20:41:48.0414 0x0ad4 volmgr - ok
20:41:48.0416 0x0ad4 volmgrx - ok
20:41:48.0419 0x0ad4 volsnap - ok
20:41:48.0421 0x0ad4 vpci - ok
20:41:48.0423 0x0ad4 vsmraid - ok
20:41:48.0425 0x0ad4 VSS - ok
20:41:48.0433 0x0ad4 [ 79F4D90FAA0ACC1866F2F3E03E39CA89, EE08BCBF29A7E4AFFF520B8DF067281425F433EC275F8C86CE8F20F000E92E3D ] vssbrigde64 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe
20:41:48.0449 0x0ad4 vssbrigde64 - ok
20:41:48.0451 0x0ad4 VSTXRAID - ok
20:41:48.0454 0x0ad4 vwifibus - ok
20:41:48.0456 0x0ad4 vwififlt - ok
20:41:48.0459 0x0ad4 W32Time - ok
20:41:48.0461 0x0ad4 WacomPen - ok
20:41:48.0464 0x0ad4 WalletService - ok
20:41:48.0467 0x0ad4 wanarp - ok
20:41:48.0469 0x0ad4 wanarpv6 - ok
20:41:48.0471 0x0ad4 wbengine - ok
20:41:48.0473 0x0ad4 WbioSrvc - ok
20:41:48.0475 0x0ad4 Wcmsvc - ok
20:41:48.0478 0x0ad4 wcncsvc - ok
20:41:48.0481 0x0ad4 WcsPlugInService - ok
20:41:48.0483 0x0ad4 WdBoot - ok
20:41:48.0487 0x0ad4 Wdf01000 - ok
20:41:48.0489 0x0ad4 WdFilter - ok
20:41:48.0491 0x0ad4 WdiServiceHost - ok
20:41:48.0493 0x0ad4 WdiSystemHost - ok
20:41:48.0495 0x0ad4 wdiwifi - ok
20:41:48.0500 0x0ad4 WdNisDrv - ok
20:41:48.0502 0x0ad4 WdNisSvc - ok
20:41:48.0504 0x0ad4 WebClient - ok
20:41:48.0506 0x0ad4 Wecsvc - ok
20:41:48.0508 0x0ad4 WEPHOSTSVC - ok
20:41:48.0511 0x0ad4 wercplsupport - ok
20:41:48.0513 0x0ad4 WerSvc - ok
20:41:48.0516 0x0ad4 wfpcapture - ok
20:41:48.0518 0x0ad4 WFPLWFS - ok
20:41:48.0521 0x0ad4 WiaRpc - ok
20:41:48.0523 0x0ad4 WIMMount - ok
20:41:48.0524 0x0ad4 WinDefend - ok
20:41:48.0528 0x0ad4 WindowsTrustedRT - ok
20:41:48.0531 0x0ad4 WindowsTrustedRTProxy - ok
20:41:48.0534 0x0ad4 WinHttpAutoProxySvc - ok
20:41:48.0536 0x0ad4 WinMad - ok
20:41:48.0541 0x0ad4 Winmgmt - ok
20:41:48.0543 0x0ad4 WinRM - ok
20:41:48.0548 0x0ad4 WINUSB - ok
20:41:48.0551 0x0ad4 WinVerbs - ok
20:41:48.0553 0x0ad4 WlanSvc - ok
20:41:48.0555 0x0ad4 wlidsvc - ok
20:41:48.0557 0x0ad4 WmiAcpi - ok
20:41:48.0561 0x0ad4 wmiApSrv - ok
20:41:48.0563 0x0ad4 WMPNetworkSvc - ok
20:41:48.0566 0x0ad4 Wof - ok
20:41:48.0570 0x0ad4 workfolderssvc - ok
20:41:48.0572 0x0ad4 wpcfltr - ok
20:41:48.0575 0x0ad4 WPDBusEnum - ok
20:41:48.0577 0x0ad4 WpdUpFltr - ok
20:41:48.0579 0x0ad4 WpnService - ok
20:41:48.0582 0x0ad4 ws2ifsl - ok
20:41:48.0585 0x0ad4 wscsvc - ok
20:41:48.0587 0x0ad4 WSearch - ok
20:41:48.0590 0x0ad4 WSService - ok
20:41:48.0592 0x0ad4 wuauserv - ok
20:41:48.0594 0x0ad4 WudfPf - ok
20:41:48.0597 0x0ad4 WUDFRd - ok
20:41:48.0600 0x0ad4 wudfsvc - ok
20:41:48.0602 0x0ad4 WUDFWpdFs - ok
20:41:48.0604 0x0ad4 WUDFWpdMtp - ok
20:41:48.0606 0x0ad4 WwanSvc - ok
20:41:48.0609 0x0ad4 XblAuthManager - ok
20:41:48.0611 0x0ad4 XblGameSave - ok
20:41:48.0613 0x0ad4 xboxgip - ok
20:41:48.0616 0x0ad4 XboxNetApiSvc - ok
20:41:48.0619 0x0ad4 xinputhid - ok
20:41:48.0620 0x0ad4 ================ Scan global ===============================
20:41:48.0627 0x0ad4 [ Global ] - ok
20:41:48.0627 0x0ad4 ================ Scan MBR ==================================
20:41:48.0637 0x0ad4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:41:48.0848 0x0ad4 \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )
20:41:48.0848 0x0ad4 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
20:41:51.0248 0x0ad4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
20:41:51.0328 0x0ad4 \Device\Harddisk1\DR1 - ok
20:41:51.0328 0x0ad4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
20:41:52.0248 0x0ad4 \Device\Harddisk2\DR2 - ok
20:41:52.0261 0x0ad4 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk3\DR3
20:41:52.0359 0x0ad4 \Device\Harddisk3\DR3 - ok
20:41:52.0359 0x0ad4 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk4\DR4
20:41:52.0468 0x0ad4 \Device\Harddisk4\DR4 - ok
20:41:52.0468 0x0ad4 ================ Scan VBR ==================================
20:41:52.0484 0x0ad4 [ 39D76534846C0CAD2A042CD15AEAADFC ] \Device\Harddisk0\DR0\Partition1
20:41:52.0531 0x0ad4 \Device\Harddisk0\DR0\Partition1 - ok
20:41:52.0546 0x0ad4 [ 3235CE38B9A282248609E48C6CC4D306 ] \Device\Harddisk1\DR1\Partition1
20:41:52.0546 0x0ad4 \Device\Harddisk1\DR1\Partition1 - ok
20:41:52.0546 0x0ad4 [ 6D2E685F64233E56FAEC49E16F317868 ] \Device\Harddisk1\DR1\Partition2
20:41:52.0546 0x0ad4 \Device\Harddisk1\DR1\Partition2 - ok
20:41:52.0546 0x0ad4 [ 82A5F6039BC5183669E86D2188FA4ECC ] \Device\Harddisk2\DR2\Partition1
20:41:52.0562 0x0ad4 \Device\Harddisk2\DR2\Partition1 - ok
20:41:52.0567 0x0ad4 [ E7303E270CEE858ED489A5BFC58FD5AA ] \Device\Harddisk2\DR2\Partition2
20:41:52.0569 0x0ad4 \Device\Harddisk2\DR2\Partition2 - ok
20:41:52.0572 0x0ad4 [ 24FC52B0ADD922C074EE97768421E23A ] \Device\Harddisk3\DR3\Partition1
20:41:52.0627 0x0ad4 \Device\Harddisk3\DR3\Partition1 - ok
20:41:52.0631 0x0ad4 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk4\DR4\Partition1
20:41:52.0631 0x0ad4 \Device\Harddisk4\DR4\Partition1 - ok
20:41:52.0635 0x0ad4 [ E45F34AD2B3D99BEBE31630520539338 ] \Device\Harddisk4\DR4\Partition2
20:41:52.0696 0x0ad4 \Device\Harddisk4\DR4\Partition2 - ok
20:41:52.0696 0x0ad4 ================ Scan generic autorun ======================
20:41:52.0942 0x0ad4 [ 65E8545F1297CD83534C354A7BED1848, 19B3F3C17A335837454DC1851C6436D0BB2D8B1595AEB4DC71265FB20868B48F ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
20:41:53.0208 0x0ad4 RtHDVCpl - ok
20:41:53.0265 0x0ad4 [ 8F82FFC6CD0F4C83F4565E1A40332CCD, 45D17603664CBE2C4236AEDB3C21D585C8225A3D3B1118365EE2C6BFDB8A7890 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
20:41:53.0321 0x0ad4 NvBackend - ok
20:41:53.0324 0x0ad4 ShadowPlay - ok
20:41:53.0565 0x0ad4 [ 4914D5FCBE8C478DCCDCB58945EEFAFC, A59B49114429A4DB8789AD7DE35C44B8EED0BF5B39A1814512DD91DB2F94FCCB ] C:\Program Files\Logitech Gaming Software\LCore.exe
20:41:53.0846 0x0ad4 Launch LCore - ok
20:41:53.0870 0x0ad4 [ 7389FE13F97605BFC1C18E6073BD3BE2, 5EC5BDD2AEFBC40FB55CA9BD623DCD5A79028657E2555839D04F9859D36DF03D ] C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe
20:41:53.0898 0x0ad4 Sound Blaster Z-Series Control Panel - detected UnsignedFile.Multi.Generic ( 1 )
20:41:56.0267 0x0ad4 Detect skipped due to KSN trusted
20:41:56.0267 0x0ad4 Sound Blaster Z-Series Control Panel - ok
20:41:56.0282 0x0ad4 OneDriveSetup - ok
20:41:56.0283 0x0ad4 OneDriveSetup - ok
20:41:56.0294 0x0ad4 [ FC040252FB2AA74545D8B17FE9CD4D78, 5517B34263A25E5460E09635D5B593D0551EF35C3DC94BFBE3E5B4F12D9C20E6 ] C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe
20:41:56.0311 0x0ad4 OneDrive - ok
20:41:56.0358 0x0ad4 [ D5218EE66173405B26B716EBA68133F6, 265820925538A075E753701DC36F89702B3E4C0BE73B8166138495092F339E43 ] D:\Steam\steam.exe
20:41:56.0421 0x0ad4 Steam - ok
20:41:56.0452 0x0ad4 Skype - ok
20:41:56.0483 0x0ad4 [ 9D0D72B696B8CDF9AE368E542FD042CE, 8CD19E8B609041A6C226D57D40509175827C75DEF93378B53A814060BB7A9E0B ] C:\Users\Admin\AppData\Roaming\Spotify\SpotifyWebHelper.exe
20:41:56.0530 0x0ad4 Spotify Web Helper - ok
20:41:56.0671 0x0ad4 [ DC8DC7ED86A259614D3B2186B2F841EB, 6F305431EE35849D637AF41F213B716D936311015483422FA294E9435B82AB2A ] C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe
20:41:56.0811 0x0ad4 Spotify - ok
20:41:56.0827 0x0ad4 Waiting for KSN requests completion. In queue: 7
20:41:57.0827 0x0ad4 Waiting for KSN requests completion. In queue: 7
20:41:58.0828 0x0ad4 Waiting for KSN requests completion. In queue: 7
20:41:59.0287 0x1d88 Object required for P2P: [ 4914D5FCBE8C478DCCDCB58945EEFAFC ] C:\Program Files\Logitech Gaming Software\LCore.exe
20:41:59.0842 0x0ad4 Waiting for KSN requests completion. In queue: 5
20:42:00.0857 0x0ad4 Waiting for KSN requests completion. In queue: 5
20:42:01.0804 0x1d88 Object send P2P result: true
20:42:01.0804 0x1d88 Object required for P2P: [ D5218EE66173405B26B716EBA68133F6 ] D:\Steam\steam.exe
20:42:01.0865 0x0ad4 Waiting for KSN requests completion. In queue: 3
20:42:02.0865 0x0ad4 Waiting for KSN requests completion. In queue: 3
20:42:03.0865 0x0ad4 Waiting for KSN requests completion. In queue: 3
20:42:04.0866 0x0ad4 Waiting for KSN requests completion. In queue: 3
20:42:05.0877 0x0ad4 Waiting for KSN requests completion. In queue: 3
20:42:06.0884 0x0ad4 Waiting for KSN requests completion. In queue: 3
20:42:07.0885 0x0ad4 Waiting for KSN requests completion. In queue: 3
20:42:08.0535 0x1d88 Object send P2P result: true
20:42:08.0535 0x1d88 Object required for P2P: [ DC8DC7ED86A259614D3B2186B2F841EB ] C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe
20:42:08.0885 0x0ad4 Waiting for KSN requests completion. In queue: 1
20:42:09.0889 0x0ad4 Waiting for KSN requests completion. In queue: 1
20:42:10.0890 0x0ad4 Waiting for KSN requests completion. In queue: 1
20:42:10.0983 0x1d88 Object send P2P result: true
20:42:11.0912 0x0ad4 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.10240.16384 ), 0x60100 ( disabled : updated )
20:42:11.0912 0x0ad4 AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41000 ( enabled : updated )
20:42:11.0912 0x0ad4 FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41010 ( enabled )
20:42:14.0240 0x0ad4 ============================================================
20:42:14.0240 0x0ad4 Scan finished
20:42:14.0240 0x0ad4 ============================================================
20:42:14.0247 0x15cc Detected object count: 1
20:42:14.0247 0x15cc Actual detected object count: 1
20:43:48.0762 0x15cc \Device\Harddisk0\DR0\TDLFS\cfg.ini - copied to quarantine
20:43:48.0763 0x15cc \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
20:43:48.0764 0x15cc \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
20:43:48.0767 0x15cc \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
20:43:48.0769 0x15cc \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
20:43:48.0777 0x15cc \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
20:43:48.0786 0x15cc \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
20:43:48.0788 0x15cc \Device\Harddisk0\DR0\TDLFS\bckfg.tmp - copied to quarantine
20:43:48.0788 0x15cc \Device\Harddisk0\DR0\TDLFS - deleted
20:43:48.0788 0x15cc \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
20:44:27.0199 0x0530 Deinitialize success
AV Ergebniss: Code:
ATTFilter 25.10.2015 20.46.28 Aufgabe wurde gestartet. Web-Anti-Virus Zeitpunkt: 25.10.2015 20:46
25.10.2015 20.46.28 Aufgabe wurde gestartet. Aktivitätsmonitor Zeitpunkt: 25.10.2015 20:46
25.10.2015 20.46.28 Aufgabe wurde gestartet. Mail-Anti-Virus Zeitpunkt: 25.10.2015 20:46
25.10.2015 20.46.28 Aufgabe wurde gestartet. IM-Anti-Virus Zeitpunkt: 25.10.2015 20:46
25.10.2015 20.46.28 Aufgabe wurde gestartet. Schutz vor Netzwerkangriffen Zeitpunkt: 25.10.2015 20:46
25.10.2015 20.45.40 Das Programm wurde zur Gruppe Vertrauenswürdig hinzugefügt. Windows Problem Reporting Programm: Windows Problem Reporting Programmpfad: C:\Windows\SysWOW64\WerFault.exe Zeitpunkt: 25.10.2015 20:45
25.10.2015 20.45.39 Dem Programm wurde der Empfang eines Audiosignals erlaubt. Skype Programm: Skype Programmpfad: B:\Program Files (x86)\Skype\Phone\Skype.exe Zeitpunkt: 25.10.2015 20:45
25.10.2015 20.45.36 Das Programm wurde zur Gruppe Vertrauenswürdig hinzugefügt. Task Manager Programm: Task Manager Programmpfad: C:\Windows\System32\Taskmgr.exe Zeitpunkt: 25.10.2015 20:45
25.10.2015 20.45.14 Aufgabe wurde gestartet. Datei-Anti-Virus Zeitpunkt: 25.10.2015 20:45
25.10.2015 20.45.14 Aufgabe wurde gestartet. Programmkontrolle Zeitpunkt: 25.10.2015 20:45
25.10.2015 20.45.14 Aufgabe wurde gestartet. Firewall Zeitpunkt: 25.10.2015 20:45
25.10.2015 20.43.56 Gefundenes Objekt (Datei) wurde ins Backup verschoben. C:\TDSSKiller_Quarantine\25.10.2015_20.40.02\tdlfs0000\tsk0006.dta Programm: TDSS rootkit removing tool Datei: C:\TDSSKiller_Quarantine\25.10.2015_20.40.02\tdlfs0000\tsk0006.dta Zeitpunkt: 25.10.2015 20:43 Objektname: Backdoor.Win64.TDSS.a
25.10.2015 20.43.56 Gefundenes Objekt (Datei) wurde gelöscht. C:\TDSSKiller_Quarantine\25.10.2015_20.40.02\tdlfs0000\tsk0006.dta Programm: TDSS rootkit removing tool Datei: C:\TDSSKiller_Quarantine\25.10.2015_20.40.02\tdlfs0000\tsk0006.dta Zeitpunkt: 25.10.2015 20:43 Objektname: Backdoor.Win64.TDSS.a
25.10.2015 20.43.55 Objekt (Datei) wurde gefunden. C:\TDSSKiller_Quarantine\25.10.2015_20.40.02\tdlfs0000\tsk0006.dta Programm: TDSS rootkit removing tool Datei: C:\TDSSKiller_Quarantine\25.10.2015_20.40.02\tdlfs0000\tsk0006.dta Zeitpunkt: 25.10.2015 20:43 Objektname: Backdoor.Win64.TDSS.a
25.10.2015 20.43.55 Gefundenes Objekt (Datei) wurde ins Backup verschoben. C:\TDSSKiller_Quarantine\25.10.2015_20.40.02\tdlfs0000\tsk0005.dta Programm: TDSS rootkit removing tool Datei: C:\TDSSKiller_Quarantine\25.10.2015_20.40.02\tdlfs0000\tsk0005.dta Zeitpunkt: 25.10.2015 20:43 Objektname: Trojan-Spy.Win32.Agent.cvcf
25.10.2015 20.43.55 Gefundenes Objekt (Datei) wurde gelöscht. C:\TDSSKiller_Quarantine\25.10.2015_20.40.02\tdlfs0000\tsk0005.dta Programm: TDSS rootkit removing tool Datei: C:\TDSSKiller_Quarantine\25.10.2015_20.40.02\tdlfs0000\tsk0005.dta Zeitpunkt: 25.10.2015 20:43 Objektname: Trojan-Spy.Win32.Agent.cvcf
25.10.2015 20.43.55 Objekt (Datei) wurde gefunden. C:\TDSSKiller_Quarantine\25.10.2015_20.40.02\tdlfs0000\tsk0005.dta Programm: TDSS rootkit removing tool Datei: C:\TDSSKiller_Quarantine\25.10.2015_20.40.02\tdlfs0000\tsk0005.dta Zeitpunkt: 25.10.2015 20:43 Objektname: Trojan-Spy.Win32.Agent.cvcf
25.10.2015 20.43.55 Gefundenes Objekt (Datei) wurde ins Backup verschoben. C:\TDSSKiller_Quarantine\25.10.2015_20.40.02\tdlfs0000\tsk0003.dta Programm: TDSS rootkit removing tool Datei: C:\TDSSKiller_Quarantine\25.10.2015_20.40.02\tdlfs0000\tsk0003.dta Zeitpunkt: 25.10.2015 20:43 Objektname: Rootkit.Win32.TDSS.ajxr
25.10.2015 20.43.55 Gefundenes Objekt (Datei) wurde gelöscht. C:\TDSSKiller_Quarantine\25.10.2015_20.40.02\tdlfs0000\tsk0003.dta Programm: TDSS rootkit removing tool Datei: C:\TDSSKiller_Quarantine\25.10.2015_20.40.02\tdlfs0000\tsk0003.dta Zeitpunkt: 25.10.2015 20:43 Objektname: Rootkit.Win32.TDSS.ajxr
25.10.2015 20.43.51 Das Programm wurde zur Gruppe Vertrauenswürdig hinzugefügt. Kaspersky Anti-Virus Programm: Kaspersky Anti-Virus Programmpfad: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpuimain.dll Zeitpunkt: 25.10.2015 20:43
25.10.2015 20.43.51 Objekt (Datei) wurde gefunden. C:\TDSSKiller_Quarantine\25.10.2015_20.40.02\tdlfs0000\tsk0003.dta Programm: TDSS rootkit removing tool Datei: C:\TDSSKiller_Quarantine\25.10.2015_20.40.02\tdlfs0000\tsk0003.dta Zeitpunkt: 25.10.2015 20:43 Objektname: Rootkit.Win32.TDSS.ajxr
25.10.2015 20.06.06 Update der Datenbanken und Programm-Module Abgeschlossen. Durchschnittliche Übertragungsrate:: 7,61 KB/s Status:: Abgeschlossen. Heruntergeladen und aktualisiert:: 96,09 KB Gesamtdauer: 42 Sekunden Zeitpunkt: 25.10.2015 20:06
25.10.2015 18.41.38 Aufgabe wurde gestartet. Web-Anti-Virus Zeitpunkt: 25.10.2015 18:41
25.10.2015 18.41.38 Aufgabe wurde gestartet. Aktivitätsmonitor Zeitpunkt: 25.10.2015 18:41
25.10.2015 18.41.38 Aufgabe wurde gestartet. Mail-Anti-Virus Zeitpunkt: 25.10.2015 18:41
25.10.2015 18.41.38 Aufgabe wurde gestartet. IM-Anti-Virus Zeitpunkt: 25.10.2015 18:41
25.10.2015 18.41.38 Aufgabe wurde gestartet. Schutz vor Netzwerkangriffen Zeitpunkt: 25.10.2015 18:41
Code:
ATTFilter 20:45:24.0197 0x1a64 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
20:45:25.0961 0x1a64 ============================================================
20:45:25.0961 0x1a64 Current date / time: 2015/10/25 20:45:25.0961
20:45:25.0961 0x1a64 SystemInfo:
20:45:25.0961 0x1a64
20:45:25.0961 0x1a64 OS Version: 10.0.10240 ServicePack: 0.0
20:45:25.0961 0x1a64 Product type: Workstation
20:45:25.0961 0x1a64 ComputerName: ROBERT
20:45:25.0961 0x1a64 UserName: Admin
20:45:25.0961 0x1a64 Windows directory: C:\WINDOWS
20:45:25.0961 0x1a64 System windows directory: C:\WINDOWS
20:45:25.0961 0x1a64 Running under WOW64
20:45:25.0961 0x1a64 Processor architecture: Intel x64
20:45:25.0961 0x1a64 Number of processors: 4
20:45:25.0961 0x1a64 Page size: 0x1000
20:45:25.0961 0x1a64 Boot type: Normal boot
20:45:25.0961 0x1a64 ============================================================
20:45:26.0149 0x1a64 KLMD registered as C:\WINDOWS\system32\drivers\27715783.sys
20:45:26.0242 0x1a64 System UUID: {E640A2DA-AB51-2EBF-C8FB-3BE5D966A3AB}
20:45:26.0555 0x1a64 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:45:26.0555 0x1a64 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:45:26.0586 0x1a64 Drive \Device\Harddisk2\DR2 - Size: 0x7470AFDE00 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:45:26.0602 0x1a64 Drive \Device\Harddisk3\DR3 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:45:26.0602 0x1a64 Drive \Device\Harddisk4\DR4 - Size: 0x2BAA1476000 ( 2794.52 Gb ), SectorSize: 0x200, Cylinders: 0x59101, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:45:26.0602 0x1a64 ============================================================
20:45:26.0602 0x1a64 \Device\Harddisk0\DR0:
20:45:26.0602 0x1a64 MBR partitions:
20:45:26.0602 0x1a64 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
20:45:26.0602 0x1a64 \Device\Harddisk1\DR1:
20:45:26.0602 0x1a64 MBR partitions:
20:45:26.0602 0x1a64 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x9C40000
20:45:26.0602 0x1a64 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x9C40800, BlocksNum 0x13584800
20:45:26.0602 0x1a64 \Device\Harddisk2\DR2:
20:45:26.0602 0x1a64 MBR partitions:
20:45:26.0602 0x1a64 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D2DAFF8
20:45:26.0602 0x1a64 \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x1D2DB800, BlocksNum 0x1D0A8800
20:45:26.0602 0x1a64 \Device\Harddisk3\DR3:
20:45:26.0602 0x1a64 MBR partitions:
20:45:26.0602 0x1a64 \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
20:45:26.0602 0x1a64 \Device\Harddisk4\DR4:
20:45:26.0602 0x1a64 GPT partitions:
20:45:26.0617 0x1a64 \Device\Harddisk4\DR4\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {9A92471B-CE4C-4D7B-8284-ED4281FDE868}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
20:45:26.0617 0x1a64 \Device\Harddisk4\DR4\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {8806A743-81B3-463D-B620-D338F7351E32}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x5D4C9800
20:45:26.0617 0x1a64 MBR partitions:
20:45:26.0617 0x1a64 ============================================================
20:45:26.0617 0x1a64 B: <-> \Device\Harddisk0\DR0\Partition1
20:45:26.0617 0x1a64 C: <-> \Device\Harddisk1\DR1\Partition1
20:45:26.0649 0x1a64 E: <-> \Device\Harddisk3\DR3\Partition1
20:45:26.0680 0x1a64 F: <-> \Device\Harddisk4\DR4\Partition2
20:45:26.0711 0x1a64 H: <-> \Device\Harddisk2\DR2\Partition2
20:45:26.0727 0x1a64 J: <-> \Device\Harddisk2\DR2\Partition1
20:45:26.0727 0x1a64 D: <-> \Device\Harddisk1\DR1\Partition2
20:45:26.0727 0x1a64 ============================================================
20:45:26.0727 0x1a64 Initialize success
20:45:26.0727 0x1a64 ============================================================
20:46:16.0875 0x1e64 ============================================================
20:46:16.0875 0x1e64 Scan started
20:46:16.0875 0x1e64 Mode: Manual; SigCheck; TDLFS;
20:46:16.0875 0x1e64 ============================================================
20:46:16.0875 0x1e64 KSN ping started
20:46:19.0241 0x1e64 KSN ping finished: true
20:46:19.0722 0x1e64 ================ Scan system memory ========================
20:46:19.0722 0x1e64 System memory - ok
20:46:19.0722 0x1e64 ================ Scan services =============================
20:46:19.0751 0x1e64 1394ohci - ok
20:46:19.0753 0x1e64 3ware - ok
20:46:19.0755 0x1e64 ACPI - ok
20:46:19.0758 0x1e64 acpiex - ok
20:46:19.0760 0x1e64 acpipagr - ok
20:46:19.0764 0x1e64 AcpiPmi - ok
20:46:19.0766 0x1e64 acpitime - ok
20:46:19.0769 0x1e64 ADP80XX - ok
20:46:19.0772 0x1e64 AFD - ok
20:46:19.0774 0x1e64 agp440 - ok
20:46:19.0776 0x1e64 ahcache - ok
20:46:19.0779 0x1e64 AJRouter - ok
20:46:19.0785 0x1e64 ALG - ok
20:46:19.0787 0x1e64 AmdK8 - ok
20:46:19.0789 0x1e64 AmdPPM - ok
20:46:19.0791 0x1e64 amdsata - ok
20:46:19.0793 0x1e64 amdsbs - ok
20:46:19.0795 0x1e64 amdxata - ok
20:46:19.0797 0x1e64 AppID - ok
20:46:19.0800 0x1e64 AppIDSvc - ok
20:46:19.0802 0x1e64 Appinfo - ok
20:46:19.0804 0x1e64 AppMgmt - ok
20:46:19.0806 0x1e64 AppReadiness - ok
20:46:19.0808 0x1e64 AppXSvc - ok
20:46:19.0811 0x1e64 arcsas - ok
20:46:19.0813 0x1e64 AsyncMac - ok
20:46:19.0815 0x1e64 atapi - ok
20:46:19.0818 0x1e64 AudioEndpointBuilder - ok
20:46:19.0820 0x1e64 Audiosrv - ok
20:46:19.0830 0x1e64 [ 50C3C62FFE6337E6E4F2F01CB07DF63C, CC9C7D2827E872F22A2A79D42195530F61DF6EA6A1C8F520E25DB35537574FAB ] AVP16.0.0 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
20:46:19.0856 0x1e64 AVP16.0.0 - ok
20:46:19.0861 0x1e64 AxInstSV - ok
20:46:19.0864 0x1e64 b06bdrv - ok
20:46:19.0866 0x1e64 BasicDisplay - ok
20:46:19.0868 0x1e64 BasicRender - ok
20:46:19.0871 0x1e64 bcmfn2 - ok
20:46:19.0873 0x1e64 BDESVC - ok
20:46:19.0875 0x1e64 Beep - ok
20:46:19.0878 0x1e64 BFE - ok
20:46:19.0880 0x1e64 BITS - ok
20:46:19.0882 0x1e64 bowser - ok
20:46:19.0884 0x1e64 BrokerInfrastructure - ok
20:46:19.0886 0x1e64 Browser - ok
20:46:19.0888 0x1e64 BthAvrcpTg - ok
20:46:19.0891 0x1e64 BthHFEnum - ok
20:46:19.0893 0x1e64 bthhfhid - ok
20:46:19.0895 0x1e64 BthHFSrv - ok
20:46:19.0897 0x1e64 BTHMODEM - ok
20:46:19.0900 0x1e64 bthserv - ok
20:46:19.0902 0x1e64 buttonconverter - ok
20:46:19.0904 0x1e64 CapImg - ok
20:46:19.0906 0x1e64 cdfs - ok
20:46:19.0908 0x1e64 CDPSvc - ok
20:46:19.0911 0x1e64 cdrom - ok
20:46:19.0916 0x1e64 CertPropSvc - ok
20:46:19.0918 0x1e64 circlass - ok
20:46:19.0920 0x1e64 CLFS - ok
20:46:19.0922 0x1e64 ClipSVC - ok
20:46:19.0926 0x1e64 CmBatt - ok
20:46:19.0935 0x1e64 [ B2A6D2A30E93B6F215F74AC7E1733C9C, 960299F7BF2501B46296EDEA050BF30313C17A9B785574B56B79C070BD1B6E1A ] cm_km C:\WINDOWS\system32\DRIVERS\cm_km.sys
20:46:19.0950 0x1e64 cm_km - ok
20:46:19.0953 0x1e64 CNG - ok
20:46:19.0955 0x1e64 cnghwassist - ok
20:46:19.0966 0x1e64 CompositeBus - ok
20:46:19.0969 0x1e64 COMSysApp - ok
20:46:19.0971 0x1e64 condrv - ok
20:46:19.0974 0x1e64 CoreMessagingRegistrar - ok
20:46:19.0978 0x1e64 CryptSvc - ok
20:46:19.0981 0x1e64 CSC - ok
20:46:19.0983 0x1e64 CscService - ok
20:46:20.0003 0x1e64 [ A2D4288A7412D0D6AEA3490FB7D26BC8, 6FF5AAABA159E93E01FE6F5861D07C040DD4808597B85107E426F013DFAFE5AC ] cthda C:\WINDOWS\system32\drivers\cthda.sys
20:46:20.0029 0x1e64 cthda - ok
20:46:20.0049 0x1e64 [ 39DFCFD2C32A7A4F5E3F9C77389F3BE1, 81C06CA42A8E1D495017019E41DE1A5B1DEA450D41BDDFB131EA33E11B60337B ] CtHdaSvc C:\WINDOWS\sysWow64\CtHdaSvc.exe
20:46:20.0088 0x1e64 CtHdaSvc - ok
20:46:20.0092 0x1e64 [ 823702E03DBBADD5488992122EC86D7C, 8EFB9E871EEAD1A2CAE945356C8EC90B52845772BFAC02ACAFA0F8E5CEBB9C40 ] cthdb C:\WINDOWS\system32\DRIVERS\cthdb.sys
20:46:20.0097 0x1e64 cthdb - ok
20:46:20.0099 0x1e64 dam - ok
20:46:20.0102 0x1e64 DcomLaunch - ok
20:46:20.0104 0x1e64 DcpSvc - ok
20:46:20.0106 0x1e64 defragsvc - ok
20:46:20.0108 0x1e64 DeviceAssociationService - ok
20:46:20.0111 0x1e64 DeviceInstall - ok
20:46:20.0113 0x1e64 DevQueryBroker - ok
20:46:20.0117 0x1e64 Dfsc - ok
20:46:20.0121 0x1e64 [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
20:46:20.0135 0x1e64 dg_ssudbus - ok
20:46:20.0138 0x1e64 Dhcp - ok
20:46:20.0140 0x1e64 diagnosticshub.standardcollector.service - ok
20:46:20.0142 0x1e64 DiagTrack - ok
20:46:20.0145 0x1e64 disk - ok
20:46:20.0147 0x1e64 DmEnrollmentSvc - ok
20:46:20.0149 0x1e64 dmvsc - ok
20:46:20.0151 0x1e64 dmwappushservice - ok
20:46:20.0154 0x1e64 Dnscache - ok
20:46:20.0157 0x1e64 dot3svc - ok
20:46:20.0159 0x1e64 DPS - ok
20:46:20.0162 0x1e64 drmkaud - ok
20:46:20.0164 0x1e64 DsmSvc - ok
20:46:20.0166 0x1e64 DsSvc - ok
20:46:20.0168 0x1e64 DXGKrnl - ok
20:46:20.0170 0x1e64 Eaphost - ok
20:46:20.0172 0x1e64 ebdrv - ok
20:46:20.0174 0x1e64 EFS - ok
20:46:20.0176 0x1e64 EhStorClass - ok
20:46:20.0179 0x1e64 EhStorTcgDrv - ok
20:46:20.0183 0x1e64 embeddedmode - ok
20:46:20.0185 0x1e64 EntAppSvc - ok
20:46:20.0187 0x1e64 ErrDev - ok
20:46:20.0191 0x1e64 [ 8DB1E358940C48A6C7141991E144DC44, 4E492E1441A5BDEA248A2A908A10D5DB0B9AE530312E243D9C1AFB002794B965 ] EtronHub3 C:\WINDOWS\System32\Drivers\EtronHub3.sys
20:46:20.0206 0x1e64 EtronHub3 - ok
20:46:20.0211 0x1e64 [ 46BE469FB963932F7FA4E5B15AF3FC8F, 4EBF7F1394F0C9F90676802FFF5FC5DC34A8CF703DF347B432936ED09E64422E ] EtronXHCI C:\WINDOWS\System32\Drivers\EtronXHCI.sys
20:46:20.0223 0x1e64 EtronXHCI - ok
20:46:20.0227 0x1e64 EventSystem - ok
20:46:20.0229 0x1e64 exfat - ok
20:46:20.0231 0x1e64 fastfat - ok
20:46:20.0234 0x1e64 Fax - ok
20:46:20.0236 0x1e64 fcvsc - ok
20:46:20.0238 0x1e64 fdc - ok
20:46:20.0240 0x1e64 fdPHost - ok
20:46:20.0242 0x1e64 FDResPub - ok
20:46:20.0245 0x1e64 fhsvc - ok
20:46:20.0246 0x1e64 FileCrypt - ok
20:46:20.0249 0x1e64 FileInfo - ok
20:46:20.0251 0x1e64 Filetrace - ok
20:46:20.0253 0x1e64 flpydisk - ok
20:46:20.0255 0x1e64 FltMgr - ok
20:46:20.0258 0x1e64 FontCache - ok
20:46:20.0260 0x1e64 FsDepends - ok
20:46:20.0261 0x1e64 Fs_Rec - ok
20:46:20.0264 0x1e64 fvevol - ok
20:46:20.0266 0x1e64 gagp30kx - ok
20:46:20.0269 0x1e64 gencounter - ok
20:46:20.0271 0x1e64 genericusbfn - ok
20:46:20.0293 0x1e64 [ 5031F3E650D242EEECEB92EB9900FB93, FB51ADB81AC3E0097362BAECEC4F0C83C46E5505277B7F35FDCE9BF88B72C963 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
20:46:20.0319 0x1e64 GfExperienceService - ok
20:46:20.0322 0x1e64 GPIOClx0101 - ok
20:46:20.0324 0x1e64 gpsvc - ok
20:46:20.0326 0x1e64 GpuEnergyDrv - ok
20:46:20.0332 0x1e64 [ C6FF00DA1605982E616C03BE809FFE2D, 4D9C86B9FF2FA291DC320677D28DF00C26834409F7AD94D6C07D2233ED746B19 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:46:20.0339 0x1e64 gupdate - ok
20:46:20.0343 0x1e64 [ C6FF00DA1605982E616C03BE809FFE2D, 4D9C86B9FF2FA291DC320677D28DF00C26834409F7AD94D6C07D2233ED746B19 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:46:20.0349 0x1e64 gupdatem - ok
20:46:20.0352 0x1e64 HDAudBus - ok
20:46:20.0354 0x1e64 HidBatt - ok
20:46:20.0356 0x1e64 HidBth - ok
20:46:20.0358 0x1e64 hidi2c - ok
20:46:20.0360 0x1e64 hidinterrupt - ok
20:46:20.0363 0x1e64 HidIr - ok
20:46:20.0365 0x1e64 hidserv - ok
20:46:20.0367 0x1e64 HidUsb - ok
20:46:20.0368 0x1e64 HomeGroupListener - ok
20:46:20.0371 0x1e64 HomeGroupProvider - ok
20:46:20.0373 0x1e64 HpSAMD - ok
20:46:20.0374 0x1e64 HTTP - ok
20:46:20.0377 0x1e64 hwpolicy - ok
20:46:20.0380 0x1e64 hyperkbd - ok
20:46:20.0383 0x1e64 HyperVideo - ok
20:46:20.0385 0x1e64 i8042prt - ok
20:46:20.0387 0x1e64 iaLPSSi_GPIO - ok
20:46:20.0389 0x1e64 iaLPSSi_I2C - ok
20:46:20.0391 0x1e64 iaStorAV - ok
20:46:20.0394 0x1e64 iaStorV - ok
20:46:20.0396 0x1e64 ibbus - ok
20:46:20.0398 0x1e64 icssvc - ok
20:46:20.0400 0x1e64 IEEtwCollectorService - ok
20:46:20.0402 0x1e64 IKEEXT - ok
20:46:20.0479 0x1e64 [ 622868E4BAE8FBCD22CB1A5901A2C824, C1A2264C0984DD16C83B663C9CE43E049E1356E32C5771C3ACE225F285699138 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
20:46:20.0569 0x1e64 IntcAzAudAddService - ok
20:46:20.0575 0x1e64 intelide - ok
20:46:20.0577 0x1e64 intelpep - ok
20:46:20.0579 0x1e64 intelppm - ok
20:46:20.0581 0x1e64 IoQos - ok
20:46:20.0583 0x1e64 IpFilterDriver - ok
20:46:20.0585 0x1e64 iphlpsvc - ok
20:46:20.0587 0x1e64 IPMIDRV - ok
20:46:20.0590 0x1e64 IPNAT - ok
20:46:20.0592 0x1e64 IRENUM - ok
20:46:20.0594 0x1e64 isapnp - ok
20:46:20.0596 0x1e64 iScsiPrt - ok
20:46:20.0602 0x1e64 kbdclass - ok
20:46:20.0604 0x1e64 kbdhid - ok
20:46:20.0606 0x1e64 kdnic - ok
20:46:20.0608 0x1e64 KeyIso - ok
20:46:20.0619 0x1e64 [ BEE1682DA217A4AD46C36896769AA580, 4D853D78E459F7BFE4F4217FCAD47CDACFAC19C2F6CF8261FBAA46BDB387FFDC ] kl1 C:\WINDOWS\system32\DRIVERS\kl1.sys
20:46:20.0633 0x1e64 kl1 - ok
20:46:20.0637 0x1e64 [ 86F40D79CE80ACBE6BEBAC8CE89D75A0, 8B800425160D1AF3C32EF7B5CA794658EE09CD3EE782473D8D38E1C7706076B3 ] klbackupdisk C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys
20:46:20.0643 0x1e64 klbackupdisk - ok
20:46:20.0647 0x1e64 [ 2B4BC41223326FF440E2DB32B9239138, E95D5BB3388D6B219A4C175D5DA77CEB620A27A13F5AA4E7E2C05694B6E26947 ] klbackupflt C:\WINDOWS\system32\DRIVERS\klbackupflt.sys
20:46:20.0654 0x1e64 klbackupflt - ok
20:46:20.0658 0x1e64 [ 1557DF622127972EDB3DD3A61E7763CC, F6E8F31760B549B882180EB6FB45B40CA6CEDC5E61B11E02609C26E053F7C902 ] kldisk C:\WINDOWS\system32\DRIVERS\kldisk.sys
20:46:20.0665 0x1e64 kldisk - ok
20:46:20.0668 0x1e64 [ E2097C8F18F1E8E3B7D09F12B51843A3, 0506A99BD0962AAE64692BD7F080DB080F8B678DC59685CF22830A47B486430C ] klelam C:\WINDOWS\system32\DRIVERS\klelam.sys
20:46:20.0680 0x1e64 klelam - ok
20:46:20.0685 0x1e64 [ BACE50477C184A3AA0755702C23B8B27, 5708A1B7C22702AD2E5DD4491A911A51D2FB768E46857639C0C5D8736E487D0F ] klflt C:\WINDOWS\system32\DRIVERS\klflt.sys
20:46:20.0694 0x1e64 klflt - ok
20:46:20.0701 0x1e64 [ 0698A6918DAF5B1710F5A5170C34FC03, 15CBA4089950812A5815D7517B6C25959A793A55A66F8AA6746618D42A849351 ] klhk C:\WINDOWS\system32\DRIVERS\klhk.sys
20:46:20.0711 0x1e64 klhk - ok
20:46:20.0728 0x1e64 [ EBDECA2C6072F1FA09BDB660EA6017FA, 0F2FCBE85350EB8AC709069C61E18797E18A33E0BD03D84C2B61059BEC705099 ] KLIF C:\WINDOWS\system32\DRIVERS\klif.sys
20:46:20.0752 0x1e64 KLIF - ok
20:46:20.0755 0x1e64 [ E62321376344231F5F488758ACC6D553, 1155C1FDD5C95B05EABBD4268A7D3FFF050D0C0921B61226179C312605AB46C3 ] KLIM6 C:\WINDOWS\system32\DRIVERS\klim6.sys
20:46:20.0761 0x1e64 KLIM6 - ok
20:46:20.0764 0x1e64 [ DAE5768E6FD34A36E3B9D1AF1FCA682B, 24DA0B71E3B4AC0FABEE0BF687DF8D35283DBF808CA3AB6F86E72B37471F6B33 ] klkbdflt C:\WINDOWS\system32\DRIVERS\klkbdflt.sys
20:46:20.0770 0x1e64 klkbdflt - ok
20:46:20.0772 0x1e64 klkbdflt2 - ok
20:46:20.0775 0x1e64 [ FD47C92A63B6EADEA830BFA96C06EAEE, C15C39B6FA53CBD01A2F95243845C4B706B4229F8FFB75C7128819B9CEE5B2CB ] klmouflt C:\WINDOWS\system32\DRIVERS\klmouflt.sys
20:46:20.0781 0x1e64 klmouflt - ok
20:46:20.0784 0x1e64 [ F610F5F17BC87D61EF8954CCD793BAE4, A77FE26B4A474FE799C3D569BDD7858319C57FC14C1BB43ECFAB1FDB19AF5DC6 ] klpd C:\WINDOWS\system32\DRIVERS\klpd.sys
20:46:20.0790 0x1e64 klpd - ok
20:46:20.0794 0x1e64 [ 26D3895A519220E94D241A8858D40CD9, CBDE2B937D2897FC2F356F73D983023F7CBE3C9E8A2873877E5CAF40F3D9A680 ] klwfp C:\WINDOWS\system32\DRIVERS\klwfp.sys
20:46:20.0801 0x1e64 klwfp - ok
20:46:20.0805 0x1e64 [ 91234D71CEED29F2DBA16942CABDCA4F, 5D71BAC86C33BC77EEBF1ECB8F372DFE631991E4C5F36EAF0C8C957150BD6D52 ] Klwtp C:\WINDOWS\system32\DRIVERS\klwtp.sys
20:46:20.0812 0x1e64 Klwtp - ok
20:46:20.0818 0x1e64 [ 1686DE8288052316EFDD49EEA8929065, AD43D6ACCD8693BD76F218E1A4EE088BA061C1309A3E7DAA7EC94D875985D895 ] kneps C:\WINDOWS\system32\DRIVERS\kneps.sys
20:46:20.0826 0x1e64 kneps - ok
20:46:20.0829 0x1e64 KSecDD - ok
20:46:20.0831 0x1e64 KSecPkg - ok
20:46:20.0833 0x1e64 ksthunk - ok
20:46:20.0836 0x1e64 KtmRm - ok
20:46:20.0838 0x1e64 LanmanServer - ok
20:46:20.0840 0x1e64 LanmanWorkstation - ok
20:46:20.0843 0x1e64 lfsvc - ok
20:46:20.0852 0x1e64 [ 17325C9B9ADB2BB99049936D0C9812C8, 70ADDC85FD5757BC9C4B97F382B25A19851FF8275021FFC04A81E208A604F83E ] LGBusEnum C:\WINDOWS\system32\drivers\LGBusEnum.sys
20:46:20.0862 0x1e64 LGBusEnum - ok
20:46:20.0865 0x1e64 [ 2D7F1C02B94D6F0F3E10107E5EA8E141, 93B266F38C3C3EAAB475D81597ABBD7CC07943035068BB6FD670DBBE15DE0131 ] LGCoreTemp C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys
20:46:20.0870 0x1e64 LGCoreTemp - ok
20:46:20.0874 0x1e64 [ C7AF05942E041D4B1F345ACF79993BB3, E8FAAE356C99A11F6CF17640FD9C67F87AFBFEFB70C458CB85178F2AD94DF848 ] LGJoyXlCore C:\WINDOWS\system32\drivers\LGJoyXlCore.sys
20:46:20.0884 0x1e64 LGJoyXlCore - ok
20:46:20.0887 0x1e64 [ 1DDB8DE3D6EEF31EDCF4977B2D2FAACC, 24291B522A596E2D9A1CDAC192DB1C7422D5DD0E87E5C8A5F5E2CAA90296BF23 ] LGVirHid C:\WINDOWS\system32\drivers\LGVirHid.sys
20:46:20.0895 0x1e64 LGVirHid - ok
20:46:20.0897 0x1e64 LicenseManager - ok
20:46:20.0899 0x1e64 lltdio - ok
20:46:20.0901 0x1e64 lltdsvc - ok
20:46:20.0903 0x1e64 lmhosts - ok
20:46:20.0906 0x1e64 LSI_SAS - ok
20:46:20.0909 0x1e64 LSI_SAS2i - ok
20:46:20.0911 0x1e64 LSI_SAS3i - ok
20:46:20.0915 0x1e64 LSI_SSS - ok
20:46:20.0917 0x1e64 LSM - ok
20:46:20.0919 0x1e64 luafv - ok
20:46:20.0921 0x1e64 MapsBroker - ok
20:46:20.0924 0x1e64 [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
20:46:20.0929 0x1e64 MBAMProtector - ok
20:46:20.0951 0x1e64 [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
20:46:20.0978 0x1e64 MBAMService - ok
20:46:20.0982 0x1e64 [ 08DECFCB9BA97786165A69AB1015BC30, EDC8C8447B57BD412E2DEBCA9B5B1B58C19D40105DC7CE9520DE214081696B05 ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
20:46:20.0988 0x1e64 MBAMWebAccessControl - ok
20:46:20.0990 0x1e64 megasas - ok
20:46:20.0993 0x1e64 megasr - ok
20:46:20.0997 0x1e64 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
20:46:21.0002 0x1e64 MEIx64 - ok
20:46:21.0004 0x1e64 mlx4_bus - ok
20:46:21.0007 0x1e64 MMCSS - ok
20:46:21.0009 0x1e64 Modem - ok
20:46:21.0011 0x1e64 monitor - ok
20:46:21.0013 0x1e64 mouclass - ok
20:46:21.0016 0x1e64 mouhid - ok
20:46:21.0018 0x1e64 mountmgr - ok
20:46:21.0021 0x1e64 mpsdrv - ok
20:46:21.0023 0x1e64 MpsSvc - ok
20:46:21.0025 0x1e64 MRxDAV - ok
20:46:21.0028 0x1e64 mrxsmb - ok
20:46:21.0030 0x1e64 mrxsmb10 - ok
20:46:21.0032 0x1e64 mrxsmb20 - ok
20:46:21.0034 0x1e64 MsBridge - ok
20:46:21.0036 0x1e64 MSDTC - ok
20:46:21.0039 0x1e64 Msfs - ok
20:46:21.0041 0x1e64 msgpiowin32 - ok
20:46:21.0043 0x1e64 mshidkmdf - ok
20:46:21.0046 0x1e64 mshidumdf - ok
20:46:21.0050 0x1e64 msisadrv - ok
20:46:21.0053 0x1e64 MSiSCSI - ok
20:46:21.0055 0x1e64 msiserver - ok
20:46:21.0057 0x1e64 MSKSSRV - ok
20:46:21.0059 0x1e64 MsLldp - ok
20:46:21.0061 0x1e64 MSPCLOCK - ok
20:46:21.0063 0x1e64 MSPQM - ok
20:46:21.0065 0x1e64 MsRPC - ok
20:46:21.0069 0x1e64 mssmbios - ok
20:46:21.0071 0x1e64 MSTEE - ok
20:46:21.0073 0x1e64 MTConfig - ok
20:46:21.0075 0x1e64 Mup - ok
20:46:21.0077 0x1e64 mvumis - ok
20:46:21.0081 0x1e64 NativeWifiP - ok
20:46:21.0083 0x1e64 NcaSvc - ok
20:46:21.0085 0x1e64 NcbService - ok
20:46:21.0087 0x1e64 NcdAutoSetup - ok
20:46:21.0089 0x1e64 ndfltr - ok
20:46:21.0091 0x1e64 NDIS - ok
20:46:21.0094 0x1e64 NdisCap - ok
20:46:21.0096 0x1e64 NdisImPlatform - ok
20:46:21.0099 0x1e64 NdisTapi - ok
20:46:21.0101 0x1e64 Ndisuio - ok
20:46:21.0103 0x1e64 NdisVirtualBus - ok
20:46:21.0105 0x1e64 NdisWan - ok
20:46:21.0107 0x1e64 ndiswanlegacy - ok
20:46:21.0109 0x1e64 ndproxy - ok
20:46:21.0117 0x1e64 Ndu - ok
20:46:21.0120 0x1e64 NetBIOS - ok
20:46:21.0124 0x1e64 NetBT - ok
20:46:21.0127 0x1e64 Netlogon - ok
20:46:21.0129 0x1e64 Netman - ok
20:46:21.0131 0x1e64 netprofm - ok
20:46:21.0137 0x1e64 [ 5D046D71B18BEFB2E4D164C3DEEDD672, 536834D020889973854830919B23DF22CC1B27236AFAEDEBDF42D432CE48FCDE ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll
20:46:21.0251 0x1e64 NetSetupSvc - ok
20:46:21.0257 0x1e64 NetTcpPortSharing - ok
20:46:21.0259 0x1e64 netvsc - ok
20:46:21.0264 0x1e64 NgcCtnrSvc - ok
20:46:21.0266 0x1e64 NgcSvc - ok
20:46:21.0269 0x1e64 NlaSvc - ok
20:46:21.0271 0x1e64 Npfs - ok
20:46:21.0273 0x1e64 npsvctrig - ok
20:46:21.0275 0x1e64 nsi - ok
20:46:21.0277 0x1e64 nsiproxy - ok
20:46:21.0281 0x1e64 NTFS - ok
20:46:21.0283 0x1e64 Null - ok
20:46:21.0288 0x1e64 [ B9E5A80F646DDFEF158773722A466EA3, 028979FE600D17DA70445F44D81FAE4EDA3478FCC81FA5506133CCAC37C4E2BF ] NVHDA C:\WINDOWS\system32\drivers\nvhda64v.sys
20:46:21.0297 0x1e64 NVHDA - ok
20:46:21.0475 0x1e64 [ DF0BB2C179476D312B7BC0056CEC50A6, 64CC3201FA903E0EC9C99BE167C439C14A4C9AC2A88898B64789EEB381DB97B6 ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
20:46:21.0686 0x1e64 nvlddmkm - ok
20:46:21.0727 0x1e64 [ 4EBEE69A8FE7DC85FD3C122821C617A0, 7193C14DEB4C5B0D86C5C6841C80879C28E1FDA8F77879EB18A3D2685C67B986 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
20:46:21.0766 0x1e64 NvNetworkService - ok
20:46:21.0769 0x1e64 nvraid - ok
20:46:21.0771 0x1e64 nvstor - ok
20:46:21.0774 0x1e64 [ 0EF30778078D7B5877F8F57151699798, B0409C79143BDBB774C3C740CCA8EB77CF67915E59EC6050DB993ED0575EC077 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
20:46:21.0778 0x1e64 NvStreamKms - ok
20:46:21.0869 0x1e64 [ D23A07D549243F5B77780BAA4FBF5BC3, 5BC5161CAE6BE6382BDCDE9B1CDD5F4DEBC3EA18D01B0E261AF716FDB04154BC ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
20:46:21.0977 0x1e64 NvStreamSvc - ok
20:46:21.0998 0x1e64 [ DFCCA437717EACA8418F47992A41B39A, E587A629B894EE6A16AC414747D492FFC6B6E9F051B40F7D25F0D4406E2FF919 ] nvsvc C:\WINDOWS\system32\nvvsvc.exe
20:46:22.0031 0x1e64 nvsvc - ok
20:46:22.0035 0x1e64 [ 4F00008B513F4019623ED61159363888, A1047FF1FCF3ED405C3426C8959AD10426F30E3F58E95BFD6ADF1DBC947AB379 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
20:46:22.0041 0x1e64 nvvad_WaveExtensible - ok
20:46:22.0043 0x1e64 nv_agp - ok
20:46:22.0045 0x1e64 OneSyncSvc - ok
20:46:22.0052 0x1e64 p2pimsvc - ok
20:46:22.0054 0x1e64 p2psvc - ok
20:46:22.0056 0x1e64 Parport - ok
20:46:22.0058 0x1e64 partmgr - ok
20:46:22.0060 0x1e64 PcaSvc - ok
20:46:22.0062 0x1e64 pci - ok
20:46:22.0065 0x1e64 pciide - ok
20:46:22.0067 0x1e64 pcmcia - ok
20:46:22.0069 0x1e64 pcw - ok
20:46:22.0071 0x1e64 pdc - ok
20:46:22.0074 0x1e64 PEAUTH - ok
20:46:22.0076 0x1e64 PeerDistSvc - ok
20:46:22.0078 0x1e64 percsas2i - ok
20:46:22.0081 0x1e64 percsas3i - ok
20:46:22.0097 0x1e64 PerfHost - ok
20:46:22.0102 0x1e64 PimIndexMaintenanceSvc - ok
20:46:22.0106 0x1e64 pla - ok
20:46:22.0108 0x1e64 PlugPlay - ok
20:46:22.0111 0x1e64 PNRPAutoReg - ok
20:46:22.0113 0x1e64 PNRPsvc - ok
20:46:22.0115 0x1e64 PolicyAgent - ok
20:46:22.0118 0x1e64 Power - ok
20:46:22.0120 0x1e64 PptpMiniport - ok
20:46:22.0177 0x1e64 [ 12E2582F69ACA40A6BAE91DA578CBF34, 648C6394763906AA4163976DA2C3308F8B706486D9D8F16258CB1D61C2929930 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
20:46:22.0285 0x1e64 PrintNotify - ok
20:46:22.0289 0x1e64 Processor - ok
20:46:22.0292 0x1e64 ProfSvc - ok
20:46:22.0294 0x1e64 Psched - ok
20:46:22.0297 0x1e64 QWAVE - ok
20:46:22.0299 0x1e64 QWAVEdrv - ok
20:46:22.0301 0x1e64 RasAcd - ok
20:46:22.0303 0x1e64 RasAgileVpn - ok
20:46:22.0305 0x1e64 RasAuto - ok
20:46:22.0307 0x1e64 Rasl2tp - ok
20:46:22.0309 0x1e64 RasMan - ok
20:46:22.0312 0x1e64 RasPppoe - ok
20:46:22.0316 0x1e64 RasSstp - ok
20:46:22.0319 0x1e64 rdbss - ok
20:46:22.0321 0x1e64 rdpbus - ok
20:46:22.0324 0x1e64 RDPDR - ok
20:46:22.0328 0x1e64 RdpVideoMiniport - ok
20:46:22.0330 0x1e64 rdyboost - ok
20:46:22.0333 0x1e64 ReFSv1 - ok
20:46:22.0336 0x1e64 RemoteAccess - ok
20:46:22.0338 0x1e64 RemoteRegistry - ok
20:46:22.0341 0x1e64 RetailDemo - ok
20:46:22.0343 0x1e64 RpcEptMapper - ok
20:46:22.0345 0x1e64 RpcLocator - ok
20:46:22.0347 0x1e64 RpcSs - ok
20:46:22.0349 0x1e64 rspndr - ok
20:46:22.0351 0x1e64 rt640x64 - ok
20:46:22.0353 0x1e64 s3cap - ok
20:46:22.0355 0x1e64 SamSs - ok
20:46:22.0358 0x1e64 sbp2port - ok
20:46:22.0361 0x1e64 SCardSvr - ok
20:46:22.0363 0x1e64 ScDeviceEnum - ok
20:46:22.0365 0x1e64 scfilter - ok
20:46:22.0367 0x1e64 Schedule - ok
20:46:22.0369 0x1e64 SCPolicySvc - ok
20:46:22.0371 0x1e64 sdbus - ok
20:46:22.0373 0x1e64 SDRSVC - ok
20:46:22.0375 0x1e64 sdstor - ok
20:46:22.0378 0x1e64 seclogon - ok
20:46:22.0380 0x1e64 SENS - ok
20:46:22.0385 0x1e64 SensorDataService - ok
20:46:22.0387 0x1e64 SensorService - ok
20:46:22.0389 0x1e64 SensrSvc - ok
20:46:22.0391 0x1e64 SerCx - ok
20:46:22.0394 0x1e64 SerCx2 - ok
20:46:22.0396 0x1e64 Serenum - ok
20:46:22.0398 0x1e64 Serial - ok
20:46:22.0400 0x1e64 sermouse - ok
20:46:22.0402 0x1e64 SessionEnv - ok
20:46:22.0405 0x1e64 sfloppy - ok
20:46:22.0407 0x1e64 SharedAccess - ok
20:46:22.0409 0x1e64 ShellHWDetection - ok
20:46:22.0412 0x1e64 SiSRaid2 - ok
20:46:22.0415 0x1e64 SiSRaid4 - ok
20:46:22.0452 0x1e64 [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate B:\Program Files (x86)\Skype\Updater\Updater.exe
20:46:22.0466 0x1e64 SkypeUpdate - ok
20:46:22.0468 0x1e64 smphost - ok
20:46:22.0471 0x1e64 SmsRouter - ok
20:46:22.0474 0x1e64 SNMPTRAP - ok
20:46:22.0476 0x1e64 spaceport - ok
20:46:22.0478 0x1e64 SpbCx - ok
20:46:22.0480 0x1e64 Spooler - ok
20:46:22.0483 0x1e64 sppsvc - ok
20:46:22.0484 0x1e64 srv - ok
20:46:22.0486 0x1e64 srv2 - ok
20:46:22.0489 0x1e64 srvnet - ok
20:46:22.0491 0x1e64 SSDPSRV - ok
20:46:22.0493 0x1e64 SstpSvc - ok
20:46:22.0506 0x1e64 [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
20:46:22.0515 0x1e64 ssudmdm - ok
20:46:22.0517 0x1e64 StateRepository - ok
20:46:22.0538 0x1e64 [ D31201BD8782752BD69DBE1E5DDF9AC5, 98B72690B4E6CC1B694C655DD31CB1FB56B76B62A32CFB748AF78F4C072D9740 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
20:46:22.0558 0x1e64 Steam Client Service - ok
20:46:22.0570 0x1e64 [ 4392321C9F3FB8D6061CCB37E85E588D, 2992E6134E5F18ED25620DC4DE01F1561CBBEAF485EEF59E4446EC12BEED29D0 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
20:46:22.0581 0x1e64 Stereo Service - ok
20:46:22.0584 0x1e64 stexstor - ok
20:46:22.0586 0x1e64 stisvc - ok
20:46:22.0588 0x1e64 storahci - ok
20:46:22.0590 0x1e64 storflt - ok
20:46:22.0592 0x1e64 stornvme - ok
20:46:22.0595 0x1e64 storqosflt - ok
20:46:22.0597 0x1e64 StorSvc - ok
20:46:22.0599 0x1e64 storufs - ok
20:46:22.0601 0x1e64 storvsc - ok
20:46:22.0604 0x1e64 svsvc - ok
20:46:22.0616 0x1e64 swenum - ok
20:46:22.0619 0x1e64 swprv - ok
20:46:22.0621 0x1e64 Synth3dVsc - ok
20:46:22.0623 0x1e64 SysMain - ok
20:46:22.0625 0x1e64 SystemEventsBroker - ok
20:46:22.0629 0x1e64 TabletInputService - ok
20:46:22.0631 0x1e64 TapiSrv - ok
20:46:22.0633 0x1e64 Tcpip - ok
20:46:22.0637 0x1e64 Tcpip6 - ok
20:46:22.0641 0x1e64 tcpipreg - ok
20:46:22.0644 0x1e64 tdx - ok
20:46:22.0647 0x1e64 terminpt - ok
20:46:22.0649 0x1e64 TermService - ok
20:46:22.0651 0x1e64 Themes - ok
20:46:22.0653 0x1e64 tiledatamodelsvc - ok
20:46:22.0655 0x1e64 TimeBroker - ok
20:46:22.0657 0x1e64 TPM - ok
20:46:22.0660 0x1e64 TrkWks - ok
20:46:22.0663 0x1e64 TrustedInstaller - ok
20:46:22.0666 0x1e64 TsUsbFlt - ok
20:46:22.0669 0x1e64 TsUsbGD - ok
20:46:22.0671 0x1e64 tunnel - ok
20:46:22.0673 0x1e64 uagp35 - ok
20:46:22.0675 0x1e64 UASPStor - ok
20:46:22.0679 0x1e64 UcmCx0101 - ok
20:46:22.0681 0x1e64 UcmUcsi - ok
20:46:22.0684 0x1e64 Ucx01000 - ok
20:46:22.0686 0x1e64 UdeCx - ok
20:46:22.0688 0x1e64 udfs - ok
20:46:22.0690 0x1e64 UEFI - ok
20:46:22.0692 0x1e64 Ufx01000 - ok
20:46:22.0695 0x1e64 UfxChipidea - ok
20:46:22.0698 0x1e64 ufxsynopsys - ok
20:46:22.0702 0x1e64 UI0Detect - ok
20:46:22.0704 0x1e64 uliagpkx - ok
20:46:22.0706 0x1e64 umbus - ok
20:46:22.0708 0x1e64 UmPass - ok
20:46:22.0711 0x1e64 UmRdpService - ok
20:46:22.0713 0x1e64 UnistoreSvc - ok
20:46:22.0717 0x1e64 upnphost - ok
20:46:22.0720 0x1e64 UrsChipidea - ok
20:46:22.0722 0x1e64 UrsCx01000 - ok
20:46:22.0724 0x1e64 UrsSynopsys - ok
20:46:22.0726 0x1e64 usbccgp - ok
20:46:22.0729 0x1e64 usbcir - ok
20:46:22.0731 0x1e64 usbehci - ok
20:46:22.0733 0x1e64 usbhub - ok
20:46:22.0736 0x1e64 USBHUB3 - ok
20:46:22.0738 0x1e64 usbohci - ok
20:46:22.0740 0x1e64 usbprint - ok
20:46:22.0742 0x1e64 usbser - ok
20:46:22.0745 0x1e64 USBSTOR - ok
20:46:22.0747 0x1e64 usbuhci - ok
20:46:22.0749 0x1e64 USBXHCI - ok
20:46:22.0751 0x1e64 UserDataSvc - ok
20:46:22.0756 0x1e64 UserManager - ok
20:46:22.0758 0x1e64 UsoSvc - ok
20:46:22.0761 0x1e64 VaultSvc - ok
20:46:22.0764 0x1e64 vdrvroot - ok
20:46:22.0766 0x1e64 vds - ok
20:46:22.0768 0x1e64 VerifierExt - ok
20:46:22.0770 0x1e64 vhdmp - ok
20:46:22.0772 0x1e64 vhf - ok
20:46:22.0774 0x1e64 vmbus - ok
20:46:22.0777 0x1e64 VMBusHID - ok
20:46:22.0779 0x1e64 vmicguestinterface - ok
20:46:22.0781 0x1e64 vmicheartbeat - ok
20:46:22.0783 0x1e64 vmickvpexchange - ok
20:46:22.0785 0x1e64 vmicrdv - ok
20:46:22.0787 0x1e64 vmicshutdown - ok
20:46:22.0789 0x1e64 vmictimesync - ok
20:46:22.0791 0x1e64 vmicvmsession - ok
20:46:22.0793 0x1e64 vmicvss - ok
20:46:22.0795 0x1e64 volmgr - ok
20:46:22.0797 0x1e64 volmgrx - ok
20:46:22.0800 0x1e64 volsnap - ok
20:46:22.0802 0x1e64 vpci - ok
20:46:22.0804 0x1e64 vsmraid - ok
20:46:22.0807 0x1e64 VSS - ok
20:46:22.0816 0x1e64 [ 79F4D90FAA0ACC1866F2F3E03E39CA89, EE08BCBF29A7E4AFFF520B8DF067281425F433EC275F8C86CE8F20F000E92E3D ] vssbrigde64 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe
20:46:22.0824 0x1e64 vssbrigde64 - ok
20:46:22.0826 0x1e64 VSTXRAID - ok
20:46:22.0829 0x1e64 vwifibus - ok
20:46:22.0831 0x1e64 vwififlt - ok
20:46:22.0834 0x1e64 W32Time - ok
20:46:22.0835 0x1e64 WacomPen - ok
20:46:22.0838 0x1e64 WalletService - ok
20:46:22.0840 0x1e64 wanarp - ok
20:46:22.0842 0x1e64 wanarpv6 - ok
20:46:22.0844 0x1e64 wbengine - ok
20:46:22.0847 0x1e64 WbioSrvc - ok
20:46:22.0849 0x1e64 Wcmsvc - ok
20:46:22.0851 0x1e64 wcncsvc - ok
20:46:22.0853 0x1e64 WcsPlugInService - ok
20:46:22.0855 0x1e64 WdBoot - ok
20:46:22.0857 0x1e64 Wdf01000 - ok
20:46:22.0859 0x1e64 WdFilter - ok
20:46:22.0862 0x1e64 WdiServiceHost - ok
20:46:22.0864 0x1e64 WdiSystemHost - ok
20:46:22.0866 0x1e64 wdiwifi - ok
20:46:22.0868 0x1e64 WdNisDrv - ok
20:46:22.0870 0x1e64 WdNisSvc - ok
20:46:22.0872 0x1e64 WebClient - ok
20:46:22.0875 0x1e64 Wecsvc - ok
20:46:22.0877 0x1e64 WEPHOSTSVC - ok
20:46:22.0879 0x1e64 wercplsupport - ok
20:46:22.0881 0x1e64 WerSvc - ok
20:46:22.0883 0x1e64 wfpcapture - ok
20:46:22.0886 0x1e64 WFPLWFS - ok
20:46:22.0889 0x1e64 WiaRpc - ok
20:46:22.0891 0x1e64 WIMMount - ok
20:46:22.0893 0x1e64 WinDefend - ok
20:46:22.0896 0x1e64 WindowsTrustedRT - ok
20:46:22.0899 0x1e64 WindowsTrustedRTProxy - ok
20:46:22.0901 0x1e64 WinHttpAutoProxySvc - ok
20:46:22.0903 0x1e64 WinMad - ok
20:46:22.0908 0x1e64 Winmgmt - ok
20:46:22.0911 0x1e64 WinRM - ok
20:46:22.0915 0x1e64 WINUSB - ok
20:46:22.0917 0x1e64 WinVerbs - ok
20:46:22.0920 0x1e64 WlanSvc - ok
20:46:22.0922 0x1e64 wlidsvc - ok
20:46:22.0924 0x1e64 WmiAcpi - ok
20:46:22.0928 0x1e64 wmiApSrv - ok
20:46:22.0930 0x1e64 WMPNetworkSvc - ok
20:46:22.0932 0x1e64 Wof - ok
20:46:22.0935 0x1e64 workfolderssvc - ok
20:46:22.0937 0x1e64 wpcfltr - ok
20:46:22.0940 0x1e64 WPDBusEnum - ok
20:46:22.0942 0x1e64 WpdUpFltr - ok
20:46:22.0946 0x1e64 WpnService - ok
20:46:22.0948 0x1e64 ws2ifsl - ok
20:46:22.0950 0x1e64 wscsvc - ok
20:46:22.0952 0x1e64 WSearch - ok
20:46:22.0955 0x1e64 WSService - ok
20:46:22.0958 0x1e64 wuauserv - ok
20:46:22.0960 0x1e64 WudfPf - ok
20:46:22.0962 0x1e64 WUDFRd - ok
20:46:22.0965 0x1e64 wudfsvc - ok
20:46:22.0967 0x1e64 WUDFWpdFs - ok
20:46:22.0969 0x1e64 WUDFWpdMtp - ok
20:46:22.0971 0x1e64 WwanSvc - ok
20:46:22.0973 0x1e64 XblAuthManager - ok
20:46:22.0975 0x1e64 XblGameSave - ok
20:46:22.0978 0x1e64 xboxgip - ok
20:46:22.0980 0x1e64 XboxNetApiSvc - ok
20:46:22.0982 0x1e64 xinputhid - ok
20:46:22.0984 0x1e64 ================ Scan global ===============================
20:46:22.0991 0x1e64 [ Global ] - ok
20:46:22.0991 0x1e64 ================ Scan MBR ==================================
20:46:23.0001 0x1e64 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:46:23.0264 0x1e64 \Device\Harddisk0\DR0 - ok
20:46:23.0267 0x1e64 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
20:46:23.0341 0x1e64 \Device\Harddisk1\DR1 - ok
20:46:23.0344 0x1e64 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
20:46:24.0303 0x1e64 \Device\Harddisk2\DR2 - ok
20:46:24.0306 0x1e64 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk3\DR3
20:46:24.0396 0x1e64 \Device\Harddisk3\DR3 - ok
20:46:24.0398 0x1e64 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk4\DR4
20:46:24.0496 0x1e64 \Device\Harddisk4\DR4 - ok
20:46:24.0496 0x1e64 ================ Scan VBR ==================================
20:46:24.0498 0x1e64 [ 39D76534846C0CAD2A042CD15AEAADFC ] \Device\Harddisk0\DR0\Partition1
20:46:24.0541 0x1e64 \Device\Harddisk0\DR0\Partition1 - ok
20:46:24.0543 0x1e64 [ 3235CE38B9A282248609E48C6CC4D306 ] \Device\Harddisk1\DR1\Partition1
20:46:24.0544 0x1e64 \Device\Harddisk1\DR1\Partition1 - ok
20:46:24.0546 0x1e64 [ 6D2E685F64233E56FAEC49E16F317868 ] \Device\Harddisk1\DR1\Partition2
20:46:24.0547 0x1e64 \Device\Harddisk1\DR1\Partition2 - ok
20:46:24.0560 0x1e64 [ 82A5F6039BC5183669E86D2188FA4ECC ] \Device\Harddisk2\DR2\Partition1
20:46:24.0562 0x1e64 \Device\Harddisk2\DR2\Partition1 - ok
20:46:24.0562 0x1e64 [ E7303E270CEE858ED489A5BFC58FD5AA ] \Device\Harddisk2\DR2\Partition2
20:46:24.0565 0x1e64 \Device\Harddisk2\DR2\Partition2 - ok
20:46:24.0566 0x1e64 [ 24FC52B0ADD922C074EE97768421E23A ] \Device\Harddisk3\DR3\Partition1
20:46:24.0624 0x1e64 \Device\Harddisk3\DR3\Partition1 - ok
20:46:24.0627 0x1e64 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk4\DR4\Partition1
20:46:24.0627 0x1e64 \Device\Harddisk4\DR4\Partition1 - ok
20:46:24.0631 0x1e64 [ E45F34AD2B3D99BEBE31630520539338 ] \Device\Harddisk4\DR4\Partition2
20:46:24.0692 0x1e64 \Device\Harddisk4\DR4\Partition2 - ok
20:46:24.0692 0x1e64 ================ Scan generic autorun ======================
20:46:24.0941 0x1e64 [ 65E8545F1297CD83534C354A7BED1848, 19B3F3C17A335837454DC1851C6436D0BB2D8B1595AEB4DC71265FB20868B48F ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
20:46:25.0199 0x1e64 RtHDVCpl - ok
20:46:25.0256 0x1e64 [ 8F82FFC6CD0F4C83F4565E1A40332CCD, 45D17603664CBE2C4236AEDB3C21D585C8225A3D3B1118365EE2C6BFDB8A7890 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
20:46:25.0311 0x1e64 NvBackend - ok
20:46:25.0314 0x1e64 ShadowPlay - ok
20:46:25.0562 0x1e64 [ 4914D5FCBE8C478DCCDCB58945EEFAFC, A59B49114429A4DB8789AD7DE35C44B8EED0BF5B39A1814512DD91DB2F94FCCB ] C:\Program Files\Logitech Gaming Software\LCore.exe
20:46:25.0834 0x1e64 Launch LCore - ok
20:46:25.0857 0x1e64 [ 7389FE13F97605BFC1C18E6073BD3BE2, 5EC5BDD2AEFBC40FB55CA9BD623DCD5A79028657E2555839D04F9859D36DF03D ] C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe
20:46:25.0881 0x1e64 Sound Blaster Z-Series Control Panel - detected UnsignedFile.Multi.Generic ( 1 )
20:46:28.0246 0x1e64 Detect skipped due to KSN trusted
20:46:28.0246 0x1e64 Sound Blaster Z-Series Control Panel - ok
20:46:28.0261 0x1e64 OneDriveSetup - ok
20:46:28.0262 0x1e64 OneDriveSetup - ok
20:46:28.0272 0x1e64 [ FC040252FB2AA74545D8B17FE9CD4D78, 5517B34263A25E5460E09635D5B593D0551EF35C3DC94BFBE3E5B4F12D9C20E6 ] C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe
20:46:28.0286 0x1e64 OneDrive - ok
20:46:28.0336 0x1e64 [ D5218EE66173405B26B716EBA68133F6, 265820925538A075E753701DC36F89702B3E4C0BE73B8166138495092F339E43 ] D:\Steam\steam.exe
20:46:28.0389 0x1e64 Steam - ok
20:46:28.0417 0x1e64 Skype - ok
20:46:28.0457 0x1e64 [ 9D0D72B696B8CDF9AE368E542FD042CE, 8CD19E8B609041A6C226D57D40509175827C75DEF93378B53A814060BB7A9E0B ] C:\Users\Admin\AppData\Roaming\Spotify\SpotifyWebHelper.exe
20:46:28.0500 0x1e64 Spotify Web Helper - ok
20:46:28.0633 0x1e64 [ DC8DC7ED86A259614D3B2186B2F841EB, 6F305431EE35849D637AF41F213B716D936311015483422FA294E9435B82AB2A ] C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe
20:46:28.0770 0x1e64 Spotify - ok
20:46:28.0776 0x1e64 Waiting for KSN requests completion. In queue: 28
20:46:29.0777 0x1e64 Waiting for KSN requests completion. In queue: 28
20:46:30.0238 0x1f18 Object required for P2P: [ 4914D5FCBE8C478DCCDCB58945EEFAFC ] C:\Program Files\Logitech Gaming Software\LCore.exe
20:46:30.0778 0x1e64 Waiting for KSN requests completion. In queue: 5
20:46:31.0140 0x1f80 Object required for P2P: [ D5218EE66173405B26B716EBA68133F6 ] D:\Steam\steam.exe
20:46:31.0778 0x1e64 Waiting for KSN requests completion. In queue: 4
20:46:32.0698 0x1f18 Object send P2P result: true
20:46:32.0778 0x1e64 Waiting for KSN requests completion. In queue: 3
20:46:33.0574 0x1f80 Object send P2P result: true
20:46:33.0574 0x1f80 Object required for P2P: [ DC8DC7ED86A259614D3B2186B2F841EB ] C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe
20:46:33.0778 0x1e64 Waiting for KSN requests completion. In queue: 1
20:46:34.0778 0x1e64 Waiting for KSN requests completion. In queue: 1
20:46:35.0779 0x1e64 Waiting for KSN requests completion. In queue: 1
20:46:36.0025 0x1f80 Object send P2P result: true
20:46:36.0801 0x1e64 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.10240.16384 ), 0x60100 ( disabled : updated )
20:46:36.0803 0x1e64 AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41000 ( enabled : updated )
20:46:36.0804 0x1e64 FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41010 ( enabled )
20:46:39.0144 0x1e64 ============================================================
20:46:39.0144 0x1e64 Scan finished
20:46:39.0144 0x1e64 ============================================================
20:46:39.0157 0x1e5c Detected object count: 0
20:46:39.0157 0x1e5c Actual detected object count: 0
|
|
| Themen zu Window 10 - Amazon Account wurde gehackt - Habe ich nun eine Schadsoftware auf dem PC? |
| amazon account, antivirus, browser, cpu, defender, desktop, dnsapi.dll, euro, frage, google, internet, kaspersky, launch, musik, programm, prozesse, realtek, registry, rundll, scan, security, services.exe, svchost.exe, system, teamspeak, udp, window 10, windows, windows 10 pro, windows xp |
Hybrid-Darstellung
