Gelbes "i"-Icon" mitten auf dem Desktop
 

Hallo zusammen,

habe folgendes Problem,

schon bei Windows 8.1 hatte ich auf einmal mitten auf dem Desktop ein gelbes Icon mit einen "i", was sich aber nicht anklicken ließ (einfach nur ein Bild"). Auch wurden zum Teil die Fraben beim Desktop in ein Grüngelb verändert. Weiß jemand, wie sich das beseitigen lässt? Hatte schon Norton und Malwarebytes ohne Erfolg laufen lassen.
Vielen Dank für die Hilfe schon jetzt einmal...

Addition.txt fehlt noch.

FRST Additions Logfile:
--- --- ---

hi,

Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

• Starte bitte die mbar.exe.
• Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
• Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
• Klicke auf den CleanUp Button und erlaube den Neustart.
• Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
• Nach dem Neustart starte die mbar.exe erneut.
• Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop

• Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
• Drücke Start Scan
  
• Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
  TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
  Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Hier sind beide Logfiles, nichts gefunden...
 

Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
main: v2015.12.09.01
rootkit: v2015.12.07.01

Windows 10 x64 NTFS
Internet Explorer 11.11.10586.0
Olli :: OLLISDESKTOP [administrator]

09.12.2015 08:25:45
mbar-log-2015-12-09 (08-25-45).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 405550
Time elapsed: 23 minute(s), 23 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)








19:44:17.0396 0x320c TDSS rootkit removing tool 3.1.0.7 Nov 29 2015 22:37:04
19:44:22.0122 0x320c ============================================================
19:44:22.0122 0x320c Current date / time: 2015/12/09 19:44:22.0122
19:44:22.0122 0x320c SystemInfo:
19:44:22.0122 0x320c
19:44:22.0123 0x320c OS Version: 10.0.10586 ServicePack: 0.0
19:44:22.0123 0x320c Product type: Workstation
19:44:22.0123 0x320c ComputerName: OLLISDESKTOP
19:44:22.0123 0x320c UserName: Olli
19:44:22.0123 0x320c Windows directory: C:\WINDOWS
19:44:22.0123 0x320c System windows directory: C:\WINDOWS
19:44:22.0123 0x320c Running under WOW64
19:44:22.0123 0x320c Processor architecture: Intel x64
19:44:22.0123 0x320c Number of processors: 4
19:44:22.0123 0x320c Page size: 0x1000
19:44:22.0123 0x320c Boot type: Normal boot
19:44:22.0123 0x320c ============================================================
19:44:22.0634 0x320c KLMD registered as C:\WINDOWS\system32\drivers\28315856.sys
19:44:22.0907 0x320c System UUID: {E5FDFDE2-CE7A-A914-26E7-1E66E39E5CF8}
19:44:23.0312 0x320c Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:44:23.0315 0x320c ============================================================
19:44:23.0315 0x320c \Device\Harddisk0\DR0:
19:44:23.0315 0x320c MBR partitions:
19:44:23.0315 0x320c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAF000
19:44:23.0315 0x320c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xAF800, BlocksNum 0x74575800
19:44:23.0315 0x320c ============================================================
19:44:23.0341 0x320c C: <-> \Device\Harddisk0\DR0\Partition2
19:44:23.0341 0x320c ============================================================
19:44:23.0342 0x320c Initialize success
19:44:23.0342 0x320c ============================================================
19:44:51.0031 0x2f64 ============================================================
19:44:51.0031 0x2f64 Scan started
19:44:51.0031 0x2f64 Mode: Manual; SigCheck; TDLFS;
19:44:51.0031 0x2f64 ============================================================
19:44:51.0031 0x2f64 KSN ping started
19:44:53.0484 0x2f64 KSN ping finished: true
19:44:55.0346 0x2f64 ================ Scan system memory ========================
19:44:55.0346 0x2f64 System memory - ok
19:44:55.0347 0x2f64 ================ Scan services =============================
19:44:55.0536 0x2f64 1394ohci - ok
19:44:55.0540 0x2f64 3ware - ok
19:44:55.0544 0x2f64 ACPI - ok
19:44:55.0547 0x2f64 acpiex - ok
19:44:55.0550 0x2f64 acpipagr - ok
19:44:55.0563 0x2f64 AcpiPmi - ok
19:44:55.0566 0x2f64 acpitime - ok
19:44:55.0627 0x2f64 [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:44:55.0669 0x2f64 AdobeARMservice - ok
19:44:55.0831 0x2f64 [ F54564025D2284AE498E51D7C139F971, AAA48F38B81DB894854E8C84DB2E1F5C8447AA982D27C0BB78FF2786D9F80F83 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:44:55.0842 0x2f64 AdobeFlashPlayerUpdateSvc - ok
19:44:55.0853 0x2f64 ADP80XX - ok
19:44:55.0864 0x2f64 AFD - ok
19:44:55.0876 0x2f64 agp440 - ok
19:44:55.0879 0x2f64 ahcache - ok
19:44:55.0900 0x2f64 AJRouter - ok
19:44:55.0930 0x2f64 ALG - ok
19:44:55.0964 0x2f64 [ 8F312E43E6BFED69705881D49B2A01B4, 7B8CB068ABD091E6F4764D6CF27C3318792C88064ECB5A7E5283AF74892FC3B4 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
19:44:55.0982 0x2f64 AMD External Events Utility - ok
19:44:55.0985 0x2f64 AmdK8 - ok
19:44:56.0013 0x2f64 [ F2FF8C1B41B3784EDBD5C6D5397F403C, 104873700D2BDF4812DC48200B4609F46A63E7A50594A0599100EF1438863708 ] amdkmafd C:\WINDOWS\system32\drivers\amdkmafd.sys
19:44:56.0026 0x2f64 amdkmafd - ok
19:44:56.0031 0x2f64 amdkmdag - ok
19:44:56.0078 0x2f64 [ 67A95F4B9F3C1E09F29017231E857F71, 984DA2D2264678EA001158939D2DA0F8A6D89362DCCEFFC1FFF00AEBF670B827 ] amdkmdap C:\WINDOWS\system32\DRIVERS\atikmpag.sys
19:44:56.0106 0x2f64 amdkmdap - ok
19:44:56.0109 0x2f64 AmdPPM - ok
19:44:56.0112 0x2f64 amdsata - ok
19:44:56.0114 0x2f64 amdsbs - ok
19:44:56.0116 0x2f64 amdxata - ok
19:44:56.0118 0x2f64 AppID - ok
19:44:56.0121 0x2f64 AppIDSvc - ok
19:44:56.0123 0x2f64 Appinfo - ok
19:44:56.0207 0x2f64 [ 2D564BB1C4559A517B390A031955714D, 3048C187FD107C958D43DD8B954AB55FDD1BC538D3E0066CBFCB428C7A8A87E1 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:44:56.0221 0x2f64 Apple Mobile Device Service - ok
19:44:56.0227 0x2f64 AppMgmt - ok
19:44:56.0233 0x2f64 AppReadiness - ok
19:44:56.0238 0x2f64 AppXSvc - ok
19:44:56.0242 0x2f64 arcsas - ok
19:44:56.0245 0x2f64 AsyncMac - ok
19:44:56.0248 0x2f64 atapi - ok
19:44:56.0277 0x2f64 [ 51B7849747A0582096A41A366454E88E, 0FB44320A676C0C67A47D1F70BD29EC6EA27B07D2BB60C8A172DD8D96A0722E6 ] AtherosSvc C:\Windows\system32\AdminService.exe
19:44:56.0363 0x2f64 AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
19:44:58.0893 0x2f64 Detect skipped due to KSN trusted
19:44:58.0893 0x2f64 AtherosSvc - ok
19:44:58.0947 0x2f64 [ AF6DD5993D46AF2492C19E1FF6D9A04C, 720F27791FF5D486AD07A447A4BC44D137AA245B91CE1D624E40B1DA78B6CACF ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWB6.sys
19:44:59.0013 0x2f64 AtiHDAudioService - ok
19:44:59.0016 0x2f64 AudioEndpointBuilder - ok
19:44:59.0018 0x2f64 Audiosrv - ok
19:44:59.0056 0x2f64 [ D1A9AE485FFF7C72CA50D8949B2210B9, 937E02439519E3837DBEFE3D17123104BA5B1636E7AC322B634DC135B3024B50 ] AVM WLAN Connection Service C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
19:44:59.0094 0x2f64 AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic ( 1 )
19:45:01.0586 0x2f64 Detect skipped due to KSN trusted
19:45:01.0586 0x2f64 AVM WLAN Connection Service - ok
19:45:01.0597 0x2f64 [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject C:\WINDOWS\system32\drivers\avmeject.sys
19:45:01.0609 0x2f64 avmeject - ok
19:45:01.0626 0x2f64 AxInstSV - ok
19:45:01.0631 0x2f64 b06bdrv - ok
19:45:01.0636 0x2f64 BasicDisplay - ok
19:45:01.0641 0x2f64 BasicRender - ok
19:45:01.0648 0x2f64 bcmfn - ok
19:45:01.0653 0x2f64 bcmfn2 - ok
19:45:01.0658 0x2f64 BDESVC - ok
19:45:01.0671 0x2f64 Beep - ok
19:45:01.0683 0x2f64 BFE - ok
19:45:01.0858 0x2f64 [ 9CF4428D09C73B6F633AF9E58B835689, 173D1A8A3E1B1CA6D0E4773B048B8B6549A8124E87942992BDE30211BEFFBE20 ] BHDrvx64 C:\Program Files (x86)\Norton Security\NortonData\22.1.0.9\Definitions\BASHDefs\20151113.001\BHDrvx64.sys
19:45:01.0894 0x2f64 BHDrvx64 - ok
19:45:01.0905 0x2f64 BITS - ok
19:45:01.0982 0x2f64 [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:45:02.0005 0x2f64 Bonjour Service - ok
19:45:02.0008 0x2f64 bowser - ok
19:45:02.0010 0x2f64 BrokerInfrastructure - ok
19:45:02.0013 0x2f64 Browser - ok
19:45:02.0050 0x2f64 [ 239A81CC18170F3369D389DA65E74342, 5E26976176A6651B149784B1ED86ECCA133B7755EBB8B04361A8DDB705767AA3 ] BtFilter C:\WINDOWS\system32\DRIVERS\btfilter.sys
19:45:02.0069 0x2f64 BtFilter - ok
19:45:02.0082 0x2f64 BthAvrcpTg - ok
19:45:02.0084 0x2f64 BthEnum - ok
19:45:02.0087 0x2f64 BthHFEnum - ok
19:45:02.0089 0x2f64 bthhfhid - ok
19:45:02.0092 0x2f64 BthHFSrv - ok
19:45:02.0095 0x2f64 BTHMODEM - ok
19:45:02.0098 0x2f64 BthPan - ok
19:45:02.0100 0x2f64 BTHPORT - ok
19:45:02.0102 0x2f64 bthserv - ok
19:45:02.0105 0x2f64 BTHUSB - ok
19:45:02.0107 0x2f64 buttonconverter - ok
19:45:02.0117 0x2f64 CapImg - ok
19:45:02.0197 0x2f64 [ 5A1C7DBDDB001BC6F1D1720E655445E2, 07A766C804D0709936FF18A2F67C49D6499BEF9CEEB1EF69F654A35268A11027 ] ccSet_NS C:\WINDOWS\system32\drivers\NSx64\1605050.00F\ccSetx64.sys
19:45:02.0212 0x2f64 ccSet_NS - ok
19:45:02.0215 0x2f64 cdfs - ok
19:45:02.0218 0x2f64 CDPSvc - ok
19:45:02.0220 0x2f64 cdrom - ok
19:45:02.0222 0x2f64 CertPropSvc - ok
19:45:02.0225 0x2f64 circlass - ok
19:45:02.0228 0x2f64 CLFS - ok
19:45:02.0356 0x2f64 [ 92547C9A6C5E9A3BEC689486C4885C4B, AB56F0BB2CBAB9AA6EA2E12F04F192271762DEBD7F6FBFB8CFAB6BA23121C295 ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
19:45:02.0416 0x2f64 ClickToRunSvc - ok
19:45:02.0421 0x2f64 ClipSVC - ok
19:45:02.0428 0x2f64 CmBatt - ok
19:45:02.0431 0x2f64 CNG - ok
19:45:02.0433 0x2f64 cnghwassist - ok
19:45:02.0533 0x2f64 [ 6FACA9C62024E14251C7ED33A8E8B660, F6E6810BBBF22600596D2F113009CF6246B0317159DA079DC491F51430F178E8 ] CodeMeter.exe C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
19:45:02.0586 0x2f64 CodeMeter.exe - ok
19:45:02.0643 0x2f64 CompositeBus - ok
19:45:02.0646 0x2f64 COMSysApp - ok
19:45:02.0649 0x2f64 condrv - ok
19:45:02.0651 0x2f64 CoreMessagingRegistrar - ok
19:45:02.0655 0x2f64 CryptSvc - ok
19:45:02.0658 0x2f64 CSC - ok
19:45:02.0660 0x2f64 CscService - ok
19:45:02.0662 0x2f64 dam - ok
19:45:02.0674 0x2f64 DcomLaunch - ok
19:45:02.0676 0x2f64 DcpSvc - ok
19:45:02.0684 0x2f64 defragsvc - ok
19:45:02.0686 0x2f64 DeviceAssociationService - ok
19:45:02.0688 0x2f64 DeviceInstall - ok
19:45:02.0690 0x2f64 DevQueryBroker - ok
19:45:02.0692 0x2f64 Dfsc - ok
19:45:02.0708 0x2f64 Dhcp - ok
19:45:02.0749 0x2f64 diagnosticshub.standardcollector.service - ok
19:45:02.0752 0x2f64 DiagTrack - ok
19:45:02.0755 0x2f64 disk - ok
19:45:02.0772 0x2f64 DmEnrollmentSvc - ok
19:45:02.0775 0x2f64 dmvsc - ok
19:45:02.0779 0x2f64 dmwappushservice - ok
19:45:02.0781 0x2f64 Dnscache - ok
19:45:02.0794 0x2f64 dot3svc - ok
19:45:02.0800 0x2f64 DPS - ok
19:45:02.0806 0x2f64 drmkaud - ok
19:45:02.0815 0x2f64 DsmSvc - ok
19:45:02.0818 0x2f64 DsSvc - ok
19:45:02.0822 0x2f64 DXGKrnl - ok
19:45:02.0825 0x2f64 Eaphost - ok
19:45:02.0828 0x2f64 ebdrv - ok
19:45:02.0883 0x2f64 [ DB817375F4D6D3F2556DE7777775D885, 6DC5CC936E26CBB468ACDD008F6F8B30F8D9D1EC631BCDDF7E692814C9A54D7D ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
19:45:02.0901 0x2f64 eeCtrl - ok
19:45:02.0904 0x2f64 EFS - ok
19:45:02.0907 0x2f64 EhStorClass - ok
19:45:02.0910 0x2f64 EhStorTcgDrv - ok
19:45:02.0912 0x2f64 embeddedmode - ok
19:45:02.0914 0x2f64 EntAppSvc - ok
19:45:02.0935 0x2f64 [ A47F76D4AAFD6193AAC5E049C560213D, 2B6E4EB31394C4D8D2444A197FFCC3C702BC17B0F7BDF0D6FF87DF5C14016FC1 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
19:45:02.0986 0x2f64 EraserUtilRebootDrv - ok
19:45:02.0988 0x2f64 ErrDev - ok
19:45:03.0059 0x2f64 EventSystem - ok
19:45:03.0084 0x2f64 exfat - ok
19:45:03.0088 0x2f64 fastfat - ok
19:45:03.0100 0x2f64 Fax - ok
19:45:03.0104 0x2f64 fdc - ok
19:45:03.0126 0x2f64 fdPHost - ok
19:45:03.0129 0x2f64 FDResPub - ok
19:45:03.0131 0x2f64 fhsvc - ok
19:45:03.0134 0x2f64 FileCrypt - ok
19:45:03.0136 0x2f64 FileInfo - ok
19:45:03.0139 0x2f64 Filetrace - ok
19:45:03.0141 0x2f64 flpydisk - ok
19:45:03.0145 0x2f64 FltMgr - ok
19:45:03.0148 0x2f64 FontCache - ok
19:45:03.0237 0x2f64 FontCache3.0.0.0 - ok
19:45:03.0242 0x2f64 FsDepends - ok
19:45:03.0247 0x2f64 Fs_Rec - ok
19:45:03.0251 0x2f64 fvevol - ok
19:45:03.0285 0x2f64 [ 630CB27253EA63BB0990C40C72BFCFE1, 311859973C622EC480206B5A95BE5ECCC49C10F3548C4811C403D1552C56E322 ] fwlanusbn C:\WINDOWS\system32\DRIVERS\fwlanusbn.sys
19:45:03.0377 0x2f64 fwlanusbn - ok
19:45:03.0383 0x2f64 gagp30kx - ok
19:45:03.0404 0x2f64 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
19:45:03.0415 0x2f64 GEARAspiWDM - ok
19:45:03.0420 0x2f64 gencounter - ok
19:45:03.0425 0x2f64 genericusbfn - ok
19:45:03.0440 0x2f64 [ 85A0D872535123FCD9F7E4C42732EBDC, F879B370FCA109D492EFA1287DF5C1B34B1535228F7D790351A0994E9C1764CE ] GeneStor C:\WINDOWS\system32\DRIVERS\GeneStor.sys
19:45:03.0451 0x2f64 GeneStor - ok
19:45:03.0454 0x2f64 GPIOClx0101 - ok
19:45:03.0456 0x2f64 gpsvc - ok
19:45:03.0459 0x2f64 GpuEnergyDrv - ok
19:45:03.0462 0x2f64 HdAudAddService - ok
19:45:03.0465 0x2f64 HDAudBus - ok
19:45:03.0468 0x2f64 HidBatt - ok
19:45:03.0471 0x2f64 HidBth - ok
19:45:03.0473 0x2f64 hidi2c - ok
19:45:03.0476 0x2f64 hidinterrupt - ok
19:45:03.0478 0x2f64 HidIr - ok
19:45:03.0481 0x2f64 hidserv - ok
19:45:03.0484 0x2f64 HidUsb - ok
19:45:03.0493 0x2f64 HomeGroupListener - ok
19:45:03.0505 0x2f64 HomeGroupProvider - ok
19:45:03.0506 0x2f64 HpSAMD - ok
19:45:03.0509 0x2f64 HTTP - ok
19:45:03.0511 0x2f64 hwpolicy - ok
19:45:03.0513 0x2f64 hyperkbd - ok
19:45:03.0520 0x2f64 i8042prt - ok
19:45:03.0522 0x2f64 iai2c - ok
19:45:03.0527 0x2f64 iaLPSS2i_I2C - ok
19:45:03.0531 0x2f64 iaLPSSi_GPIO - ok
19:45:03.0533 0x2f64 iaLPSSi_I2C - ok
19:45:03.0535 0x2f64 iaStorAV - ok
19:45:03.0538 0x2f64 iaStorV - ok
19:45:03.0540 0x2f64 ibbus - ok
19:45:03.0551 0x2f64 icssvc - ok
19:45:03.0699 0x2f64 [ 3448DB2B812AA873ED6E5D609B1DB067, E0F9B35FE59713C09BD838FAD5305DF5FDF24DF1D88F8849F7F88466CF93A7F7 ] IDSVia64 C:\Program Files (x86)\Norton Security\NortonData\22.1.0.9\Definitions\IPSDefs\20151205.001\IDSvia64.sys
19:45:03.0724 0x2f64 IDSVia64 - ok
19:45:03.0728 0x2f64 IEEtwCollectorService - ok
19:45:03.0730 0x2f64 IKEEXT - ok
19:45:03.0733 0x2f64 intelide - ok
19:45:03.0736 0x2f64 intelpep - ok
19:45:03.0738 0x2f64 intelppm - ok
19:45:03.0740 0x2f64 IoQos - ok
19:45:03.0743 0x2f64 IpFilterDriver - ok
19:45:03.0745 0x2f64 iphlpsvc - ok
19:45:03.0747 0x2f64 IPMIDRV - ok
19:45:03.0749 0x2f64 IPNAT - ok
19:45:03.0818 0x2f64 [ 043A93A498B3C4A88CACA3BCBC9B54C7, C08C5A03940806C6CB75ADDCBE6183145AD2AFE84D77BC85E620E7C1542F0893 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:45:03.0841 0x2f64 iPod Service - ok
19:45:03.0844 0x2f64 IRENUM - ok
19:45:03.0847 0x2f64 isapnp - ok
19:45:03.0850 0x2f64 iScsiPrt - ok
19:45:03.0852 0x2f64 kbdclass - ok
19:45:03.0854 0x2f64 kbdhid - ok
19:45:03.0856 0x2f64 kdnic - ok
19:45:03.0859 0x2f64 KeyIso - ok
19:45:03.0862 0x2f64 KSecDD - ok
19:45:03.0864 0x2f64 KSecPkg - ok
19:45:03.0867 0x2f64 ksthunk - ok
19:45:03.0878 0x2f64 KtmRm - ok
19:45:03.0881 0x2f64 LanmanServer - ok
19:45:03.0883 0x2f64 LanmanWorkstation - ok
19:45:03.0894 0x2f64 lfsvc - ok
19:45:03.0898 0x2f64 LicenseManager - ok
19:45:03.0902 0x2f64 lltdio - ok
19:45:03.0904 0x2f64 lltdsvc - ok
19:45:03.0909 0x2f64 lmhosts - ok
19:45:03.0912 0x2f64 LSI_SAS - ok
19:45:03.0915 0x2f64 LSI_SAS2i - ok
19:45:03.0917 0x2f64 LSI_SAS3i - ok
19:45:03.0919 0x2f64 LSI_SSS - ok
19:45:03.0922 0x2f64 LSM - ok
19:45:03.0924 0x2f64 luafv - ok
19:45:03.0932 0x2f64 MapsBroker - ok
19:45:03.0987 0x2f64 [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
19:45:03.0999 0x2f64 MBAMProtector - ok
19:45:04.0080 0x2f64 [ AB176B9E59C0435499D83047D84EDD59, 85B826A3972CE9AD885313B69B9C60328B850257667D0EB65DDE890D0BB06361 ] MBAMScheduler C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
19:45:04.0112 0x2f64 MBAMScheduler - ok
19:45:04.0157 0x2f64 [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
19:45:04.0183 0x2f64 MBAMService - ok
19:45:04.0210 0x2f64 [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
19:45:04.0219 0x2f64 MBAMSwissArmy - ok
19:45:04.0227 0x2f64 [ 08DECFCB9BA97786165A69AB1015BC30, EDC8C8447B57BD412E2DEBCA9B5B1B58C19D40105DC7CE9520DE214081696B05 ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
19:45:04.0233 0x2f64 MBAMWebAccessControl - ok
19:45:04.0237 0x2f64 megasas - ok
19:45:04.0239 0x2f64 megasr - ok
19:45:04.0262 0x2f64 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
19:45:04.0269 0x2f64 MEIx64 - ok
19:45:04.0272 0x2f64 MessagingService - ok
19:45:04.0275 0x2f64 mlx4_bus - ok
19:45:04.0278 0x2f64 MMCSS - ok
19:45:04.0280 0x2f64 Modem - ok
19:45:04.0283 0x2f64 monitor - ok
19:45:04.0285 0x2f64 mouclass - ok
19:45:04.0288 0x2f64 mouhid - ok
19:45:04.0290 0x2f64 mountmgr - ok
19:45:04.0350 0x2f64 [ 9FC679D10A7377BB04ECC3D0E2E26B53, 24ACD4EC1618A052C29E4463138B28F62C8B78D442DB82F4925E64FC5849A096 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:45:04.0370 0x2f64 MozillaMaintenance - ok
19:45:04.0375 0x2f64 mpsdrv - ok
19:45:04.0380 0x2f64 MpsSvc - ok
19:45:04.0384 0x2f64 MRxDAV - ok
19:45:04.0389 0x2f64 mrxsmb - ok
19:45:04.0393 0x2f64 mrxsmb10 - ok
19:45:04.0398 0x2f64 mrxsmb20 - ok
19:45:04.0402 0x2f64 MsBridge - ok
19:45:04.0404 0x2f64 MSDTC - ok
19:45:04.0408 0x2f64 Msfs - ok
19:45:04.0411 0x2f64 msgpiowin32 - ok
19:45:04.0413 0x2f64 mshidkmdf - ok
19:45:04.0416 0x2f64 mshidumdf - ok
19:45:04.0418 0x2f64 msisadrv - ok
19:45:04.0421 0x2f64 MSiSCSI - ok
19:45:04.0426 0x2f64 msiserver - ok
19:45:04.0428 0x2f64 MSKSSRV - ok
19:45:04.0430 0x2f64 MsLldp - ok
19:45:04.0433 0x2f64 MSPCLOCK - ok
19:45:04.0435 0x2f64 MSPQM - ok
19:45:04.0437 0x2f64 MsRPC - ok
19:45:04.0440 0x2f64 mssmbios - ok
19:45:04.0443 0x2f64 MSTEE - ok
19:45:04.0446 0x2f64 MTConfig - ok
19:45:04.0448 0x2f64 Mup - ok
19:45:04.0450 0x2f64 mvumis - ok
19:45:04.0454 0x2f64 NativeWifiP - ok
19:45:04.0545 0x2f64 [ 988CDC4DAE2186F3A5ED6EE7D3E6B5CA, DB40F7705F0475FF774452E365152EBEDDC77D8ACE48419DABE02DD385C6B725 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
19:45:04.0575 0x2f64 NAUpdate - ok
19:45:04.0632 0x2f64 [ FE7B38240E86075E6BC5953496B5C2F1, 13CBDCFD5E63A49D6E66D9EBA701037F014EEED9BBFE8588CE2968A35FF2E16E ] NAVENG C:\Program Files (x86)\Norton Security\NortonData\22.1.0.9\Definitions\VirusDefs\20151206.024\ENG64.SYS
19:45:04.0648 0x2f64 NAVENG - ok
19:45:04.0720 0x2f64 [ C002FA84570CA35F704ACF0AC4A5EAB0, E4246631E5D7AFD31CE642157A9102CB0DDE5B5051D08C3A5EA736CB3C99C6D9 ] NAVEX15 C:\Program Files (x86)\Norton Security\NortonData\22.1.0.9\Definitions\VirusDefs\20151206.024\EX64.SYS
19:45:04.0804 0x2f64 NAVEX15 - ok
19:45:04.0810 0x2f64 NcaSvc - ok
19:45:04.0812 0x2f64 NcbService - ok
19:45:04.0814 0x2f64 NcdAutoSetup - ok
19:45:04.0816 0x2f64 ndfltr - ok
19:45:04.0819 0x2f64 NDIS - ok
19:45:04.0821 0x2f64 NdisCap - ok
19:45:04.0823 0x2f64 NdisImPlatform - ok
19:45:04.0825 0x2f64 NdisTapi - ok
19:45:04.0828 0x2f64 Ndisuio - ok
19:45:04.0830 0x2f64 NdisVirtualBus - ok
19:45:04.0833 0x2f64 NdisWan - ok
19:45:04.0836 0x2f64 ndiswanlegacy - ok
19:45:04.0838 0x2f64 ndproxy - ok
19:45:04.0840 0x2f64 Ndu - ok
19:45:04.0843 0x2f64 NetBIOS - ok
19:45:04.0846 0x2f64 NetBT - ok
19:45:04.0848 0x2f64 Netlogon - ok
19:45:04.0851 0x2f64 Netman - ok
19:45:04.0853 0x2f64 netprofm - ok
19:45:04.0856 0x2f64 NetSetupSvc - ok
19:45:04.0886 0x2f64 NetTcpPortSharing - ok
19:45:04.0890 0x2f64 NgcCtnrSvc - ok
19:45:04.0892 0x2f64 NgcSvc - ok
19:45:04.0895 0x2f64 NlaSvc - ok
19:45:04.0897 0x2f64 Npfs - ok
19:45:04.0899 0x2f64 npsvctrig - ok
19:45:05.0052 0x2f64 [ AC11ABBEFC5EBA3116D5D15AE41B108C, 60222331169042DE4F783BD3661F99F6D15CB3A0E835E4588E50BD0E3C09EAD6 ] NS C:\Program Files (x86)\Norton Security\Engine\22.5.5.15\NS.exe
19:45:05.0073 0x2f64 NS - ok
19:45:05.0079 0x2f64 nsi - ok
19:45:05.0083 0x2f64 nsiproxy - ok
19:45:05.0090 0x2f64 NTFS - ok
19:45:05.0095 0x2f64 Null - ok
19:45:05.0100 0x2f64 nvraid - ok
19:45:05.0104 0x2f64 nvstor - ok
19:45:05.0109 0x2f64 nv_agp - ok
19:45:05.0132 0x2f64 OneSyncSvc - ok
19:45:05.0225 0x2f64 [ FCE83ABDE761C87D17EA65960455F0E5, E59C13E26845FE0537AEBF0E4A9DC0AF3E6DF55C7A54247FC8078AC5DE666AD4 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
19:45:05.0300 0x2f64 Origin Client Service - ok
19:45:05.0364 0x2f64 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:45:05.0385 0x2f64 ose - ok
19:45:05.0391 0x2f64 p2pimsvc - ok
19:45:05.0393 0x2f64 p2psvc - ok
19:45:05.0395 0x2f64 Parport - ok
19:45:05.0398 0x2f64 partmgr - ok
19:45:05.0400 0x2f64 PcaSvc - ok
19:45:05.0402 0x2f64 pci - ok
19:45:05.0405 0x2f64 pciide - ok
19:45:05.0407 0x2f64 pcmcia - ok
19:45:05.0409 0x2f64 pcw - ok
19:45:05.0412 0x2f64 pdc - ok
19:45:05.0506 0x2f64 [ 501015A7570DA3E2B159B6191B37B347, C202C053ED78E956C00EDB8F265CED53344BD90D3A614FBFF789B98B0C4D7A90 ] PDF Architect 3 C:\Program Files (x86)\PDF Architect 3\ws.exe
19:45:05.0611 0x2f64 PDF Architect 3 - ok
19:45:05.0658 0x2f64 [ 07DA9CEDFC7441AE061DFA7E2BD825F6, 35A8060EA0E2E34EBB1EB25F40BB72A6D3B83CBA8BD8CD4BF9E427A777D42D28 ] PDF Architect 3 CrashHandler C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe
19:45:05.0695 0x2f64 PDF Architect 3 CrashHandler - ok
19:45:05.0739 0x2f64 [ 1234BB5F8C7EC1E52F32A3EBF65F52EA, AEE529A96C6F21D27B3F5AEF6AADF42129C676584DEE550C8F42815D1C913B0C ] PDF Architect 3 Creator C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
19:45:05.0758 0x2f64 PDF Architect 3 Creator - ok
19:45:05.0761 0x2f64 PEAUTH - ok
19:45:05.0763 0x2f64 PeerDistSvc - ok
19:45:05.0766 0x2f64 percsas2i - ok
19:45:05.0768 0x2f64 percsas3i - ok
19:45:05.0825 0x2f64 PerfHost - ok
19:45:05.0831 0x2f64 PhoneSvc - ok
19:45:05.0833 0x2f64 PimIndexMaintenanceSvc - ok
19:45:05.0844 0x2f64 pla - ok
19:45:05.0858 0x2f64 PlugPlay - ok
19:45:05.0860 0x2f64 PNRPAutoReg - ok
19:45:05.0862 0x2f64 PNRPsvc - ok
19:45:05.0865 0x2f64 PolicyAgent - ok
19:45:05.0868 0x2f64 Power - ok
19:45:05.0870 0x2f64 PptpMiniport - ok
19:45:06.0018 0x2f64 [ 959F94AD1255BC749884EDDD14EC29C4, 2CD6DA9778EA36FA0B4080F6DB1C634712238E014E47546403CD3CDB35A1DCA8 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
19:45:06.0223 0x2f64 PrintNotify - ok
19:45:06.0232 0x2f64 Processor - ok
19:45:06.0249 0x2f64 ProfSvc - ok
19:45:06.0251 0x2f64 Psched - ok
19:45:06.0255 0x2f64 QWAVE - ok
19:45:06.0257 0x2f64 QWAVEdrv - ok
19:45:06.0260 0x2f64 RasAcd - ok
19:45:06.0262 0x2f64 RasAgileVpn - ok
19:45:06.0265 0x2f64 RasAuto - ok
19:45:06.0267 0x2f64 Rasl2tp - ok
19:45:06.0269 0x2f64 RasMan - ok
19:45:06.0271 0x2f64 RasPppoe - ok
19:45:06.0274 0x2f64 RasSstp - ok
19:45:06.0276 0x2f64 rdbss - ok
19:45:06.0279 0x2f64 rdpbus - ok
19:45:06.0282 0x2f64 RDPDR - ok
19:45:06.0286 0x2f64 RdpVideoMiniport - ok
19:45:06.0288 0x2f64 rdyboost - ok
19:45:06.0291 0x2f64 ReFSv1 - ok
19:45:06.0302 0x2f64 RemoteAccess - ok
19:45:06.0304 0x2f64 RemoteRegistry - ok
19:45:06.0306 0x2f64 RetailDemo - ok
19:45:06.0308 0x2f64 RFCOMM - ok
19:45:06.0311 0x2f64 RpcEptMapper - ok
19:45:06.0313 0x2f64 RpcLocator - ok
19:45:06.0318 0x2f64 RpcSs - ok
19:45:06.0320 0x2f64 rspndr - ok
19:45:06.0322 0x2f64 rt640x64 - ok
19:45:06.0325 0x2f64 s3cap - ok
19:45:06.0327 0x2f64 SamSs - ok
19:45:06.0330 0x2f64 sbp2port - ok
19:45:06.0332 0x2f64 SCardSvr - ok
19:45:06.0334 0x2f64 ScDeviceEnum - ok
19:45:06.0339 0x2f64 scfilter - ok
19:45:06.0341 0x2f64 Schedule - ok
19:45:06.0352 0x2f64 SCPolicySvc - ok
19:45:06.0354 0x2f64 sdbus - ok
19:45:06.0356 0x2f64 SDRSVC - ok
19:45:06.0367 0x2f64 sdstor - ok
19:45:06.0369 0x2f64 seclogon - ok
19:45:06.0371 0x2f64 SENS - ok
19:45:06.0373 0x2f64 SensorDataService - ok
19:45:06.0381 0x2f64 SensorService - ok
19:45:06.0383 0x2f64 SensrSvc - ok
19:45:06.0385 0x2f64 SerCx - ok
19:45:06.0388 0x2f64 SerCx2 - ok
19:45:06.0390 0x2f64 Serenum - ok
19:45:06.0392 0x2f64 Serial - ok
19:45:06.0395 0x2f64 sermouse - ok
19:45:06.0400 0x2f64 SessionEnv - ok
19:45:06.0402 0x2f64 sfloppy - ok
19:45:06.0407 0x2f64 SharedAccess - ok
19:45:06.0425 0x2f64 ShellHWDetection - ok
19:45:06.0427 0x2f64 SiSRaid2 - ok
19:45:06.0430 0x2f64 SiSRaid4 - ok
19:45:06.0432 0x2f64 smphost - ok
19:45:06.0435 0x2f64 SmsRouter - ok
19:45:06.0439 0x2f64 SNMPTRAP - ok
19:45:06.0441 0x2f64 spaceport - ok
19:45:06.0444 0x2f64 SpbCx - ok
19:45:06.0446 0x2f64 Spooler - ok
19:45:06.0448 0x2f64 sppsvc - ok
19:45:06.0504 0x2f64 [ AB3558A087FA03861162F8DE9B681AE8, ACEBE679C31BD9238D1836C38F2433C47FF1C7E8B4F8248404F5D14DE5014A37 ] SRTSP C:\WINDOWS\System32\Drivers\NSx64\1605050.00F\SRTSP64.SYS
19:45:06.0553 0x2f64 SRTSP - ok
19:45:06.0581 0x2f64 [ BA2ABBEA69BD1866C973DE11CB0CE9F8, 7A04BC2F4DA9A69A996911CC429064D24CF51F4046A2EE688D4326B44C9EDAFB ] SRTSPX C:\WINDOWS\system32\drivers\NSx64\1605050.00F\SRTSPX64.SYS
19:45:06.0588 0x2f64 SRTSPX - ok
19:45:06.0589 0x2f64 srv - ok
19:45:06.0592 0x2f64 srv2 - ok
19:45:06.0595 0x2f64 srvnet - ok
19:45:06.0598 0x2f64 SSDPSRV - ok
19:45:06.0600 0x2f64 SstpSvc - ok
19:45:06.0617 0x2f64 StateRepository - ok
19:45:06.0679 0x2f64 [ 0A3544D7E9AF7D8C991C904339157EDC, 1E1DE4D808AE1174B0CB37E93EBADFC98FEBCD70D612CFE393DDA513581CD123 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
19:45:06.0710 0x2f64 Steam Client Service - ok
19:45:06.0714 0x2f64 stexstor - ok
19:45:06.0723 0x2f64 stisvc - ok
19:45:06.0724 0x2f64 storahci - ok
19:45:06.0728 0x2f64 storflt - ok
19:45:06.0730 0x2f64 stornvme - ok
19:45:06.0732 0x2f64 storqosflt - ok
19:45:06.0735 0x2f64 StorSvc - ok
19:45:06.0737 0x2f64 storufs - ok
19:45:06.0739 0x2f64 storvsc - ok
19:45:06.0742 0x2f64 svsvc - ok
19:45:06.0744 0x2f64 swenum - ok
19:45:06.0746 0x2f64 swprv - ok
19:45:06.0798 0x2f64 [ 6F227CF9E64364578E2DABD1EF6E51A4, D5223B441A319D4C57FDBEA9BFBB8E5C95CA6F7B6AE6F4029BCE84A5CCE51B33 ] SymEFASI C:\WINDOWS\system32\drivers\NSx64\1605050.00F\SYMEFASI64.SYS
19:45:06.0852 0x2f64 SymEFASI - ok
19:45:06.0872 0x2f64 [ 1DE0CBF15AC67AE0E5B456ADEFB89493, C764815313BB4332279730AA02531A448A1D32F5B6D5689FF04549406A5B5212 ] SymELAM C:\WINDOWS\system32\drivers\NSx64\1605050.00F\SymELAM.sys
19:45:06.0883 0x2f64 SymELAM - ok
19:45:06.0918 0x2f64 [ 6DF8F618B93C821630C9BAA8DA3FAAAF, 553972D63F3347291EC8370AB910F741EF1DA61BC74FBA4192EF6E1DF567FB99 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
19:45:06.0927 0x2f64 SymEvent - ok
19:45:06.0959 0x2f64 [ 0891E59A27208B9B727BAB863B853E80, 7BBDD53CB7AB003DF803D6D596A2B5216425DCC7FA8D3F311AE5BD4EC19FBB0A ] SymIRON C:\WINDOWS\system32\drivers\NSx64\1605050.00F\Ironx64.SYS
19:45:06.0971 0x2f64 SymIRON - ok
19:45:07.0009 0x2f64 [ 751C968945EFD42469FE52D6CE384196, 3386681036909F60A249951009822190EFB1C390D2F46E7EFE44893F28D0F31C ] SymNetS C:\WINDOWS\System32\Drivers\NSx64\1605050.00F\SYMNETS.SYS
19:45:07.0028 0x2f64 SymNetS - ok
19:45:07.0041 0x2f64 Synth3dVsc - ok
19:45:07.0043 0x2f64 SysMain - ok
19:45:07.0055 0x2f64 SystemEventsBroker - ok
19:45:07.0057 0x2f64 TabletInputService - ok
19:45:07.0059 0x2f64 TapiSrv - ok
19:45:07.0062 0x2f64 Tcpip - ok
19:45:07.0064 0x2f64 Tcpip6 - ok
19:45:07.0067 0x2f64 tcpipreg - ok
19:45:07.0080 0x2f64 tdx - ok
19:45:07.0082 0x2f64 terminpt - ok
19:45:07.0084 0x2f64 TermService - ok
19:45:07.0086 0x2f64 Themes - ok
19:45:07.0089 0x2f64 TieringEngineService - ok
19:45:07.0091 0x2f64 tiledatamodelsvc - ok
19:45:07.0094 0x2f64 TimeBroker - ok
19:45:07.0096 0x2f64 TPM - ok
19:45:07.0098 0x2f64 TrkWks - ok
19:45:07.0124 0x2f64 TrustedInstaller - ok
19:45:07.0127 0x2f64 tsusbflt - ok
19:45:07.0129 0x2f64 TsUsbGD - ok
19:45:07.0132 0x2f64 tunnel - ok
19:45:07.0143 0x2f64 tzautoupdate - ok
19:45:07.0145 0x2f64 uagp35 - ok
19:45:07.0147 0x2f64 UASPStor - ok
19:45:07.0150 0x2f64 UcmCx0101 - ok
19:45:07.0153 0x2f64 UcmUcsi - ok
19:45:07.0155 0x2f64 Ucx01000 - ok
19:45:07.0158 0x2f64 UdeCx - ok
19:45:07.0160 0x2f64 udfs - ok
19:45:07.0162 0x2f64 UEFI - ok
19:45:07.0165 0x2f64 Ufx01000 - ok
19:45:07.0167 0x2f64 UfxChipidea - ok
19:45:07.0170 0x2f64 ufxsynopsys - ok
19:45:07.0174 0x2f64 UI0Detect - ok
19:45:07.0177 0x2f64 uliagpkx - ok
19:45:07.0179 0x2f64 umbus - ok
19:45:07.0181 0x2f64 UmPass - ok
19:45:07.0184 0x2f64 UmRdpService - ok
19:45:07.0186 0x2f64 UnistoreSvc - ok
19:45:07.0189 0x2f64 upnphost - ok
19:45:07.0192 0x2f64 UrsChipidea - ok
19:45:07.0195 0x2f64 UrsCx01000 - ok
19:45:07.0197 0x2f64 UrsSynopsys - ok
19:45:07.0218 0x2f64 [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\WINDOWS\System32\Drivers\usbaapl64.sys
19:45:07.0254 0x2f64 USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 )
19:45:09.0745 0x2f64 Detect skipped due to KSN trusted
19:45:09.0745 0x2f64 USBAAPL64 - ok
19:45:09.0749 0x2f64 usbccgp - ok
19:45:09.0755 0x2f64 usbcir - ok
19:45:09.0759 0x2f64 usbehci - ok
19:45:09.0764 0x2f64 usbhub - ok
19:45:09.0769 0x2f64 USBHUB3 - ok
19:45:09.0772 0x2f64 usbohci - ok
19:45:09.0774 0x2f64 usbprint - ok
19:45:09.0797 0x2f64 [ D67B6A4A6FB99D29444C2DBA2B636799, 62BC778D60593B2AB0DA13C4DB3EA5971895AE09DA06E8AB2D03973C940C890C ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:45:09.0826 0x2f64 usbscan - ok
19:45:09.0829 0x2f64 usbser - ok
19:45:09.0831 0x2f64 USBSTOR - ok
19:45:09.0834 0x2f64 usbuhci - ok
19:45:09.0836 0x2f64 USBXHCI - ok
19:45:09.0838 0x2f64 UserDataSvc - ok
19:45:09.0848 0x2f64 UserManager - ok
19:45:09.0851 0x2f64 UsoSvc - ok
19:45:09.0853 0x2f64 VaultSvc - ok
19:45:09.0855 0x2f64 vdrvroot - ok
19:45:09.0860 0x2f64 vds - ok
19:45:09.0862 0x2f64 VerifierExt - ok
19:45:09.0865 0x2f64 vhdmp - ok
19:45:09.0867 0x2f64 vhf - ok
19:45:09.0870 0x2f64 vmbus - ok
19:45:09.0872 0x2f64 VMBusHID - ok
19:45:09.0889 0x2f64 vmicguestinterface - ok
19:45:09.0891 0x2f64 vmicheartbeat - ok
19:45:09.0893 0x2f64 vmickvpexchange - ok
19:45:09.0897 0x2f64 vmicrdv - ok
19:45:09.0900 0x2f64 vmicshutdown - ok
19:45:09.0902 0x2f64 vmictimesync - ok
19:45:09.0905 0x2f64 vmicvmsession - ok
19:45:09.0907 0x2f64 vmicvss - ok
19:45:09.0909 0x2f64 volmgr - ok
19:45:09.0912 0x2f64 volmgrx - ok
19:45:09.0914 0x2f64 volsnap - ok
19:45:09.0916 0x2f64 vpci - ok
19:45:09.0921 0x2f64 vsmraid - ok
19:45:09.0923 0x2f64 VSS - ok
19:45:09.0926 0x2f64 VSTXRAID - ok
19:45:09.0928 0x2f64 vwifibus - ok
19:45:09.0931 0x2f64 vwififlt - ok
19:45:09.0933 0x2f64 W32Time - ok
19:45:09.0936 0x2f64 WacomPen - ok
19:45:09.0939 0x2f64 WalletService - ok
19:45:09.0941 0x2f64 wanarp - ok
19:45:09.0944 0x2f64 wanarpv6 - ok
19:45:09.0946 0x2f64 wbengine - ok
19:45:09.0956 0x2f64 WbioSrvc - ok
19:45:09.0957 0x2f64 Wcmsvc - ok
19:45:09.0960 0x2f64 wcncsvc - ok
19:45:09.0962 0x2f64 WcsPlugInService - ok
19:45:09.0965 0x2f64 WdBoot - ok
19:45:09.0968 0x2f64 Wdf01000 - ok
19:45:09.0970 0x2f64 WdFilter - ok
19:45:09.0973 0x2f64 WdiServiceHost - ok
19:45:09.0975 0x2f64 WdiSystemHost - ok
19:45:09.0978 0x2f64 wdiwifi - ok
19:45:09.0980 0x2f64 WdNisDrv - ok
19:45:09.0996 0x2f64 WdNisSvc - ok
19:45:09.0998 0x2f64 WebClient - ok
19:45:10.0001 0x2f64 Wecsvc - ok
19:45:10.0003 0x2f64 WEPHOSTSVC - ok
19:45:10.0005 0x2f64 wercplsupport - ok
19:45:10.0008 0x2f64 WerSvc - ok
19:45:10.0010 0x2f64 WFPLWFS - ok
19:45:10.0013 0x2f64 WiaRpc - ok
19:45:10.0018 0x2f64 WIMMount - ok
19:45:10.0019 0x2f64 WinDefend - ok
19:45:10.0024 0x2f64 WindowsTrustedRT - ok
19:45:10.0027 0x2f64 WindowsTrustedRTProxy - ok
19:45:10.0030 0x2f64 WinHttpAutoProxySvc - ok
19:45:10.0032 0x2f64 WinMad - ok
19:45:10.0068 0x2f64 Winmgmt - ok
19:45:10.0070 0x2f64 WinRM - ok
19:45:10.0074 0x2f64 WINUSB - ok
19:45:10.0077 0x2f64 WinVerbs - ok
19:45:10.0080 0x2f64 WlanSvc - ok
19:45:10.0082 0x2f64 wlidsvc - ok
19:45:10.0084 0x2f64 WmiAcpi - ok
19:45:10.0088 0x2f64 wmiApSrv - ok
19:45:10.0096 0x2f64 WMPNetworkSvc - ok
19:45:10.0107 0x2f64 [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof C:\WINDOWS\system32\drivers\Wof.sys
19:45:10.0122 0x2f64 Wof - ok
19:45:10.0126 0x2f64 workfolderssvc - ok
19:45:10.0129 0x2f64 wpcfltr - ok
19:45:10.0131 0x2f64 WPDBusEnum - ok
19:45:10.0135 0x2f64 WpdUpFltr - ok
19:45:10.0137 0x2f64 WpnService - ok
19:45:10.0139 0x2f64 ws2ifsl - ok
19:45:10.0142 0x2f64 wscsvc - ok
19:45:10.0144 0x2f64 WSearch - ok
19:45:10.0148 0x2f64 WSService - ok
19:45:10.0150 0x2f64 wuauserv - ok
19:45:10.0155 0x2f64 WudfPf - ok
19:45:10.0157 0x2f64 WUDFRd - ok
19:45:10.0159 0x2f64 wudfsvc - ok
19:45:10.0162 0x2f64 WUDFWpdFs - ok
19:45:10.0164 0x2f64 WUDFWpdMtp - ok
19:45:10.0167 0x2f64 WwanSvc - ok
19:45:10.0180 0x2f64 XblAuthManager - ok
19:45:10.0183 0x2f64 XblGameSave - ok
19:45:10.0186 0x2f64 xboxgip - ok
19:45:10.0188 0x2f64 XboxNetApiSvc - ok
19:45:10.0190 0x2f64 xinputhid - ok
19:45:10.0192 0x2f64 ================ Scan global ===============================
19:45:10.0220 0x2f64 [ Global ] - ok
19:45:10.0220 0x2f64 ================ Scan MBR ==================================
19:45:10.0236 0x2f64 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:45:10.0529 0x2f64 \Device\Harddisk0\DR0 - ok
19:45:10.0529 0x2f64 ================ Scan VBR ==================================
19:45:10.0531 0x2f64 [ 46DFE52F84553E8AB1DF9927ED7281F5 ] \Device\Harddisk0\DR0\Partition1
19:45:10.0562 0x2f64 \Device\Harddisk0\DR0\Partition1 - ok
19:45:10.0563 0x2f64 [ B2B1639B9C093B3D56BAE5983D41C2AB ] \Device\Harddisk0\DR0\Partition2
19:45:10.0602 0x2f64 \Device\Harddisk0\DR0\Partition2 - ok
19:45:10.0602 0x2f64 ================ Scan generic autorun ======================
19:45:10.0689 0x2f64 [ 69B43CBECDEEF3F8F2A96FA7B335E9A7, 2AA57756ABD1E25354E087FDE47C38F74A63021D7B57CDCBBCA0CADAD8DFCA7F ] C:\WINDOWS\SysWOW64\UMonit64.exe
19:45:10.0712 0x2f64 UMonit - ok
19:45:10.0795 0x2f64 [ 1BF113E377E570DB915EE7D228E594D6, FF4D198D412CA21C49E0A3E6FE52EAD69786B305429095B5BD25CB4FAFD33B51 ] C:\Program Files\iTunes\iTunesHelper.exe
19:45:10.0811 0x2f64 iTunesHelper - ok
19:45:10.0901 0x2f64 [ EA4F9B19B3614349C79CC97DCA4C23A8, EC330F2E4F002FE450CDC1FC84AC0122C21C7912A483A99143450822004795E3 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
19:45:10.0932 0x2f64 StartCCC - ok
19:45:10.0987 0x2f64 [ 851383DAEF93961E9868A1474AFFEEBD, 6262E7FF3D356FA4FC9523D941A0D9B09E7450AA466EA6063A0C264F1B99F1AE ] C:\Program Files (x86)\avmwlanstick\wlangui.exe
19:45:11.0078 0x2f64 AVMWlanClient - detected UnsignedFile.Multi.Generic ( 1 )
19:45:12.0197 0x0934 Object required for P2P: [ 92547C9A6C5E9A3BEC689486C4885C4B ] ClickToRunSvc
19:45:13.0667 0x2f64 Detect skipped due to KSN trusted
19:45:13.0667 0x2f64 AVMWlanClient - ok
19:45:13.0719 0x2f64 [ 9F3B239443E7AF5840454D8D3A0772CF, 82E135AA844B3170D030CE27259BF7BACBA1FA18670C10B74BD3F402CA9AD29E ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
19:45:13.0731 0x2f64 APSDaemon - ok
19:45:13.0782 0x2f64 [ F916BA0DA28A4B4F7B1ADE76EB42F088, FB3C91D44709D039E959B275F6ECE26AF9307D272FE3E25CC41EAC259AA3B596 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
19:45:13.0820 0x2f64 SunJavaUpdateSched - ok
19:45:13.0834 0x2f64 OneDriveSetup - ok
19:45:13.0835 0x2f64 OneDriveSetup - ok
19:45:13.0921 0x2f64 [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\Olli\AppData\Local\Dropbox\Update\DropboxUpdate.exe
19:45:13.0937 0x2f64 Dropbox Update - ok
19:45:14.0012 0x2f64 [ 9F2ECA252720B25E8FEC1CAB2984B98D, 476EE2929901CD43F15869B763376393AA0942A3B934532055E037C6DCE3CD2D ] C:\Users\Olli\AppData\Local\Microsoft\OneDrive\OneDrive.exe
19:45:14.0041 0x2f64 OneDrive - ok
19:45:14.0097 0x2f64 [ 5D47E37C1E1F03C1E7E8DCEDD4A4BCDF, 72F9675AEA8ED5ACF19161E8FDD481460BE158A65EF2B998AE4E93A7804B2172 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
19:45:14.0104 0x2f64 iCloudServices - ok
19:45:14.0126 0x2f64 [ BB9217E339B1DE7EB08E2ED0CD89F988, ED488890DD801506C0E6144C6CF7CD878B1E436E4F2B5C5A7C5DA4994532082F ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
19:45:14.0139 0x2f64 ApplePhotoStreams - ok
19:45:14.0165 0x2f64 [ 8C5A712AA2C4A0F106965D199D8B73B8, AED43CD6E85CC92AD72AE344842F47E39E288BEC78168CBF8BB6A6B9105FBFB8 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
19:45:14.0179 0x2f64 iCloudDrive - ok
19:45:14.0180 0x2f64 Waiting for KSN requests completion. In queue: 46
19:45:14.0700 0x0934 Object send P2P result: true
19:45:14.0704 0x0934 Object required for P2P: [ AC11ABBEFC5EBA3116D5D15AE41B108C ] NS
19:45:15.0181 0x2f64 Waiting for KSN requests completion. In queue: 27
19:45:16.0182 0x2f64 Waiting for KSN requests completion. In queue: 27
19:45:17.0156 0x0934 Object send P2P result: true
19:45:17.0218 0x2f64 AV detected via SS2: Norton Security, C:\Program Files (x86)\Norton Security\Engine\22.5.5.15\WSCStub.exe ( 22.5.0.0 ), 0x51000 ( enabled : updated )
19:45:17.0235 0x2f64 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.0 ), 0x60100 ( disabled : updated )
19:45:17.0243 0x2f64 FW detected via SS2: Norton Security, C:\Program Files (x86)\Norton Security\Engine\22.5.5.15\WSCStub.exe ( 22.5.0.0 ), 0x51010 ( enabled )
19:45:19.0646 0x2f64 ============================================================
19:45:19.0646 0x2f64 Scan finished
19:45:19.0646 0x2f64 ============================================================
19:45:19.0659 0x2424 Detected object count: 0
19:45:19.0659 0x2424 Actual detected object count: 0
19:58:18.0324 0x158c Deinitialize success

Hi,

da schrauber momentan keine Zeit hat spring ich ein.

Kann ich nur von dringend abraten. Der Windows Defender bietet dir bereits guten Schutz. Deinstalliere Norton. Gib Bescheid wenn da erledigt ist.

erledigt

Sind mit dem norton irgendwelche Nachteile verbunden? Kann doch nicht sein, dass ein teures Kaufprogramm schlechter ist als das Windowsprogramm?

Es war schon immer so, dass die Qualität nicht unbedingt etwas mit der Höhe des Preise zu tun hat.


Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!

1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner auf deinen Desktop.

• Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
• Starte die AdwCleaner.exe mit einem Doppelklick.
• Stimme den Nutzungsbedingungen zu.
• Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
  • "Tracing" Schlüssel löschen
  • Winsock Einstellungen zurücksetzen
  • Proxy Einstellungen zurücksetzen
  • Internet Explorer Richtlinien zurücksetzen
  • Chrome Richtlinien zurücksetzen
  • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
• Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
• Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
• Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
• Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

• Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
• Drücke eine beliebige Taste, um das Tool zu starten.
• Je nach System kann der Scan eine Weile dauern.
• Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
• Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

• Starte jetzt FRST.
• Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
• Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
• Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

adwcleaner/ jrt/ frst. Hinweis: addition-log wurde nicht erstellt!?
 

AdwCleaner Logfile:
--- --- ---


[/CODE]








FRST Logfile:
--- --- ---


[/CODE]

Logs IMMER vollständig posten. Das von JRT ist nicht vollständig.

jrt nochmal
 

Bitte auch ne neue Addition.txt erstellen, dazu FRST starten und einen Haken setzen bei Addition.txt, dann auf Untersuchen klicken.

http://www.trojaner-board.de/picture...&pictureid=611

additio.txt
 

FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

• Starte nun FRST erneut und klicke den Entfernen Button.
• Das Tool erstellt eine Fixlog.txt.
• Poste mir deren Inhalt.