Trojaner-Board
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Nach Virusdesinfiktion - pdf, Fotos, Word-Datei gesperrt (https://www.trojaner-board.de/182432-virusdesinfiktion-pdf-fotos-word-datei-gesperrt.html)

deeprybka 23.10.2016 12:55
Schritt 1
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

ThinkGreen 23.10.2016 18:42
Es wurden anscheinend keine infizierten Objekte gefunden von dem Scan-Programm.

Hier der Code dazu vom Report:

Code:
19:40:20.0610 0x1998  TDSS rootkit removing tool 3.1.0.11 Aug  5 2016 12:13:31
19:40:22.0485 0x1998  ============================================================
19:40:22.0485 0x1998  Current date / time: 2016/10/23 19:40:22.0485
19:40:22.0485 0x1998  SystemInfo:
19:40:22.0485 0x1998 
19:40:22.0485 0x1998  OS Version: 10.0.14393 ServicePack: 0.0
19:40:22.0485 0x1998  Product type: Workstation
19:40:22.0485 0x1998  ComputerName: OTTO-2
19:40:22.0485 0x1998  UserName: Kamen-2
19:40:22.0485 0x1998  Windows directory: C:\WINDOWS
19:40:22.0485 0x1998  System windows directory: C:\WINDOWS
19:40:22.0485 0x1998  Running under WOW64
19:40:22.0485 0x1998  Processor architecture: Intel x64
19:40:22.0485 0x1998  Number of processors: 4
19:40:22.0485 0x1998  Page size: 0x1000
19:40:22.0485 0x1998  Boot type: Normal boot
19:40:22.0486 0x1998  CodeIntegrityOptions = 0x00000001
19:40:22.0486 0x1998  ============================================================
19:40:22.0655 0x1998  KLMD registered as C:\WINDOWS\system32\drivers\55438812.sys
19:40:22.0655 0x1998  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.321, osProperties = 0x19
19:40:22.0822 0x1998  System UUID: {1742255A-1722-82F2-BAD9-15E44332C4FD}
19:40:23.0203 0x1998  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:40:23.0221 0x1998  ============================================================
19:40:23.0221 0x1998  \Device\Harddisk0\DR0:
19:40:23.0221 0x1998  MBR partitions:
19:40:23.0221 0x1998  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:40:23.0221 0x1998  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1977BA63
19:40:23.0221 0x1998  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x19891930, BlocksNum 0x5AE74480
19:40:23.0221 0x1998  ============================================================
19:40:23.0240 0x1998  C: <-> \Device\Harddisk0\DR0\Partition2
19:40:23.0266 0x1998  D: <-> \Device\Harddisk0\DR0\Partition3
19:40:23.0266 0x1998  ============================================================
19:40:23.0266 0x1998  Initialize success
19:40:23.0266 0x1998  ============================================================
19:40:25.0230 0x2838  ============================================================
19:40:25.0230 0x2838  Scan started
19:40:25.0230 0x2838  Mode: Manual;
19:40:25.0230 0x2838  ============================================================
19:40:25.0230 0x2838  KSN ping started
19:40:25.0355 0x2838  KSN ping finished: true
19:40:25.0887 0x2838  ================ Scan system memory ========================
19:40:25.0887 0x2838  System memory - ok
19:40:25.0888 0x2838  ================ Scan services =============================
19:40:25.0985 0x2838  1394ohci - ok
19:40:25.0988 0x2838  3ware - ok
19:40:25.0990 0x2838  ACPI - ok
19:40:25.0993 0x2838  AcpiDev - ok
19:40:25.0996 0x2838  acpiex - ok
19:40:25.0999 0x2838  acpipagr - ok
19:40:26.0015 0x2838  AcpiPmi - ok
19:40:26.0018 0x2838  acpitime - ok
19:40:26.0071 0x2838  [ DC00FD73505DAEDD99CAF4533B0C05BD, 2863D1F0587B79254FBE093C191C73892768CF2AC59BEF97745EE66CEE3473AF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:40:26.0072 0x2838  AdobeARMservice - ok
19:40:26.0138 0x2838  [ 1E30AB3A4D3EB916FF6C1B71B9F2331A, 4D1D703CD16FAE5096A8897DDC69C925FA3BFF1F45E1EA55898BF251AF0D3E9A ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:40:26.0141 0x2838  AdobeFlashPlayerUpdateSvc - ok
19:40:26.0146 0x2838  ADP80XX - ok
19:40:26.0151 0x2838  AFD - ok
19:40:26.0156 0x2838  ahcache - ok
19:40:26.0165 0x2838  AJRouter - ok
19:40:26.0178 0x2838  ALG - ok
19:40:26.0180 0x2838  AmdK8 - ok
19:40:26.0184 0x2838  AmdPPM - ok
19:40:26.0187 0x2838  amdsata - ok
19:40:26.0190 0x2838  amdsbs - ok
19:40:26.0192 0x2838  amdxata - ok
19:40:26.0205 0x2838  [ E3C6DAE5493E9B07EE98711D04D863FF, D11722E50D8EBFBDB344F155BBCB6C552289F0BA882F48711B9178AF77E17C5B ] ampa            C:\Windows\system32\ampa.sys
19:40:26.0206 0x2838  ampa - ok
19:40:26.0230 0x2838  [ E71711D37C48AC40FD3E2866A5ABBA51, C85DB75741B17A0A84B045DC461B5A6C5EA2A34BCD661107D355CE8DF4A29E03 ] anvsnddrv      C:\WINDOWS\system32\drivers\anvsnddrv.sys
19:40:26.0231 0x2838  anvsnddrv - ok
19:40:26.0247 0x2838  AppHostSvc - ok
19:40:26.0251 0x2838  AppID - ok
19:40:26.0254 0x2838  AppIDSvc - ok
19:40:26.0266 0x2838  Appinfo - ok
19:40:26.0352 0x2838  [ 3B3774C868868257533EC7E715BB6D53, 4AF1DADCEDBD80BE6EDEC696DF59E65B51D31E33F4C84413CA03C7BD959FF4E5 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:40:26.0353 0x2838  Apple Mobile Device Service - ok
19:40:26.0371 0x2838  applockerfltr - ok
19:40:26.0391 0x2838  AppReadiness - ok
19:40:26.0403 0x2838  AppXSvc - ok
19:40:26.0406 0x2838  arcsas - ok
19:40:26.0453 0x2838  aspnet_state - ok
19:40:26.0455 0x2838  AsyncMac - ok
19:40:26.0459 0x2838  atapi - ok
19:40:26.0470 0x2838  athr - ok
19:40:26.0493 0x2838  AudioEndpointBuilder - ok
19:40:26.0510 0x2838  Audiosrv - ok
19:40:26.0520 0x2838  [ 6A300AD0E23A155B2C3A7FAB0D4AABD1, AD283CC530482C0C155727C3234BFA4773C8C80B4C9912448196F83407C3CFD4 ] avmaura        C:\WINDOWS\system32\DRIVERS\avmaura.sys
19:40:26.0522 0x2838  avmaura - ok
19:40:26.0570 0x2838  [ 03B45C52179E8DAE51A0F685C30D06D6, E06F066B4BFE5344BBF5749B9B8B8CFBA0C02920FD2B9C73BDDA7E34F1785DA7 ] AVP17.0.0      C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
19:40:26.0574 0x2838  AVP17.0.0 - ok
19:40:26.0577 0x2838  AxInstSV - ok
19:40:26.0580 0x2838  b06bdrv - ok
19:40:26.0583 0x2838  BasicDisplay - ok
19:40:26.0587 0x2838  BasicRender - ok
19:40:26.0591 0x2838  bcmfn - ok
19:40:26.0594 0x2838  bcmfn2 - ok
19:40:26.0597 0x2838  BDESVC - ok
19:40:26.0601 0x2838  Beep - ok
19:40:26.0607 0x2838  BFE - ok
19:40:26.0610 0x2838  BITS - ok
19:40:26.0654 0x2838  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:40:26.0660 0x2838  Bonjour Service - ok
19:40:26.0663 0x2838  bowser - ok
19:40:26.0666 0x2838  BrokerInfrastructure - ok
19:40:26.0669 0x2838  Browser - ok
19:40:26.0682 0x2838  BthAvrcpTg - ok
19:40:26.0701 0x2838  BthHFEnum - ok
19:40:26.0704 0x2838  bthhfhid - ok
19:40:26.0718 0x2838  BthHFSrv - ok
19:40:26.0721 0x2838  BTHMODEM - ok
19:40:26.0725 0x2838  bthserv - ok
19:40:26.0733 0x2838  buttonconverter - ok
19:40:26.0736 0x2838  CapImg - ok
19:40:26.0738 0x2838  cdfs - ok
19:40:26.0741 0x2838  CDPSvc - ok
19:40:26.0744 0x2838  CDPUserSvc - ok
19:40:26.0790 0x2838  cdrom - ok
19:40:26.0793 0x2838  CertPropSvc - ok
19:40:26.0796 0x2838  cht4iscsi - ok
19:40:26.0798 0x2838  cht4vbd - ok
19:40:26.0811 0x2838  circlass - ok
19:40:26.0814 0x2838  CLFS - ok
19:40:26.0817 0x2838  ClipSVC - ok
19:40:26.0820 0x2838  clreg - ok
19:40:26.0827 0x2838  CmBatt - ok
19:40:26.0850 0x2838  [ B29A764A1E76473CD9D64C9438705C19, CD0497EB84DE60E1E491CA495AF981A8DFC4949BB373C1978CAF1BCF4321D30E ] cm_km          C:\WINDOWS\system32\DRIVERS\cm_km.sys
19:40:26.0853 0x2838  cm_km - ok
19:40:26.0866 0x2838  CNG - ok
19:40:26.0868 0x2838  cnghwassist - ok
19:40:26.0921 0x2838  [ 1635CED9C1FB6182B11BD62AA4F744B6, E781DADC786E07731F15DA2C6701B1426CAFC45F28FFEB7CD4BB546E4CDE1869 ] CnxtHdAudService C:\WINDOWS\system32\drivers\CHDRT64.sys
19:40:26.0941 0x2838  CnxtHdAudService - ok
19:40:26.0985 0x2838  CompositeBus - ok
19:40:26.0988 0x2838  COMSysApp - ok
19:40:26.0991 0x2838  condrv - ok
19:40:27.0003 0x2838  CoreMessagingRegistrar - ok
19:40:27.0059 0x2838  [ A28D6FA203CE094BDE7ED8CEC6079E42, 5DCA8BA21F5FD0D9F00620E7592949ABCF3BA202CF7AF3D84F93DF7C13E2D4C9 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
19:40:27.0065 0x2838  cphs - ok
19:40:27.0083 0x2838  CryptSvc - ok
19:40:27.0128 0x2838  [ 9A59DF2CA690019FEA3B265D5A7EB619, F15D51B3C78A213BA6D6FF7CEA58549673CEAFE97C0A6C90C93591637CE4D5B2 ] CxUtilSvc      C:\Program Files\Conexant\SA3\CxUtilSvc.exe
19:40:27.0130 0x2838  CxUtilSvc - ok
19:40:27.0144 0x2838  dam - ok
19:40:27.0157 0x2838  DcomLaunch - ok
19:40:27.0169 0x2838  DcpSvc - ok
19:40:27.0192 0x2838  [ B56714DED87E29377F1EE930691DADA2, B3C3BC4F546A786A93823C1471D560BF678A9C95237065E3B99B2B80E6C28131 ] DDDriver        C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys
19:40:27.0193 0x2838  DDDriver - ok
19:40:27.0197 0x2838  defragsvc - ok
19:40:27.0216 0x2838  [ 66C87079CFCB61B650086802693114E0, B1EE411DF69BB98D5D9FA2D88C4C9FE1E4877FD8BBF572C3F444C90576ED0724 ] DellProf        C:\WINDOWS\system32\drivers\DellProf.sys
19:40:27.0216 0x2838  DellProf - ok
19:40:27.0220 0x2838  DeviceAssociationService - ok
19:40:27.0223 0x2838  DeviceInstall - ok
19:40:27.0235 0x2838  DevQueryBroker - ok
19:40:27.0247 0x2838  Dfsc - ok
19:40:27.0251 0x2838  Dhcp - ok
19:40:27.0288 0x2838  diagnosticshub.standardcollector.service - ok
19:40:27.0300 0x2838  DiagTrack - ok
19:40:27.0311 0x2838  disk - ok
19:40:27.0323 0x2838  DmEnrollmentSvc - ok
19:40:27.0325 0x2838  dmvsc - ok
19:40:27.0329 0x2838  dmwappushservice - ok
19:40:27.0345 0x2838  Dnscache - ok
19:40:27.0350 0x2838  dot3svc - ok
19:40:27.0353 0x2838  DPS - ok
19:40:27.0365 0x2838  drmkaud - ok
19:40:27.0377 0x2838  DsmSvc - ok
19:40:27.0380 0x2838  DsSvc - ok
19:40:27.0383 0x2838  DXGKrnl - ok
19:40:27.0386 0x2838  EapHost - ok
19:40:27.0389 0x2838  ebdrv - ok
19:40:27.0392 0x2838  EFS - ok
19:40:27.0395 0x2838  EhStorClass - ok
19:40:27.0415 0x2838  EhStorTcgDrv - ok
19:40:27.0425 0x2838  embeddedmode - ok
19:40:27.0428 0x2838  EntAppSvc - ok
19:40:27.0430 0x2838  ErrDev - ok
19:40:27.0438 0x2838  EventSystem - ok
19:40:27.0440 0x2838  exfat - ok
19:40:27.0443 0x2838  fastfat - ok
19:40:27.0449 0x2838  Fax - ok
19:40:27.0453 0x2838  fdc - ok
19:40:27.0456 0x2838  fdPHost - ok
19:40:27.0458 0x2838  FDResPub - ok
19:40:27.0463 0x2838  fhsvc - ok
19:40:27.0477 0x2838  FileCrypt - ok
19:40:27.0479 0x2838  FileInfo - ok
19:40:27.0482 0x2838  Filetrace - ok
19:40:27.0485 0x2838  flpydisk - ok
19:40:27.0489 0x2838  FltMgr - ok
19:40:27.0508 0x2838  FontCache - ok
19:40:27.0556 0x2838  FontCache3.0.0.0 - ok
19:40:27.0571 0x2838  FrameServer - ok
19:40:27.0574 0x2838  FsDepends - ok
19:40:27.0576 0x2838  Fs_Rec - ok
19:40:27.0580 0x2838  fvevol - ok
19:40:27.0605 0x2838  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM    C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
19:40:27.0606 0x2838  GEARAspiWDM - ok
19:40:27.0621 0x2838  gencounter - ok
19:40:27.0623 0x2838  genericusbfn - ok
19:40:27.0685 0x2838  [ 4CEDC66C726F7BE116BE7694B3CD22CD, C55DDC432F640C215E57C5AC9B7D801F7B2DA21E50BFA9ABC209AADC3070C744 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
19:40:27.0700 0x2838  GfExperienceService - ok
19:40:27.0704 0x2838  GPIOClx0101 - ok
19:40:27.0720 0x2838  gpsvc - ok
19:40:27.0723 0x2838  GpuEnergyDrv - ok
19:40:27.0766 0x2838  [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B99A296EFEE5737 ] gupdate        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:40:27.0769 0x2838  gupdate - ok
19:40:27.0773 0x2838  [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B99A296EFEE5737 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:40:27.0775 0x2838  gupdatem - ok
19:40:27.0778 0x2838  HDAudBus - ok
19:40:27.0781 0x2838  HidBatt - ok
19:40:27.0784 0x2838  HidBth - ok
19:40:27.0787 0x2838  hidi2c - ok
19:40:27.0790 0x2838  hidinterrupt - ok
19:40:27.0799 0x2838  HidIr - ok
19:40:27.0802 0x2838  hidserv - ok
19:40:27.0805 0x2838  HidUsb - ok
19:40:27.0808 0x2838  HomeGroupListener - ok
19:40:27.0817 0x2838  HomeGroupProvider - ok
19:40:27.0820 0x2838  HpSAMD - ok
19:40:27.0823 0x2838  HTTP - ok
19:40:27.0826 0x2838  HvHost - ok
19:40:27.0838 0x2838  hvservice - ok
19:40:27.0841 0x2838  hwpolicy - ok
19:40:27.0845 0x2838  hyperkbd - ok
19:40:27.0858 0x2838  i8042prt - ok
19:40:27.0860 0x2838  iagpio - ok
19:40:27.0863 0x2838  iai2c - ok
19:40:27.0868 0x2838  iaLPSS2i_GPIO2 - ok
19:40:27.0871 0x2838  iaLPSS2i_I2C - ok
19:40:27.0874 0x2838  iaLPSSi_GPIO - ok
19:40:27.0877 0x2838  iaLPSSi_I2C - ok
19:40:27.0879 0x2838  iaStorAV - ok
19:40:27.0883 0x2838  iaStorV - ok
19:40:27.0886 0x2838  ibbus - ok
19:40:27.0922 0x2838  [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS            C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
19:40:27.0925 0x2838  ICCS - ok
19:40:27.0940 0x2838  icssvc - ok
19:40:28.0025 0x2838  [ 9CE4D3A79D3180AC5A141E2F7E7137F4, 1D717D2156B78632895281779D2646AB066619EA1DB293A9505BF7C174F53271 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
19:40:28.0072 0x2838  igfx - ok
19:40:28.0095 0x2838  [ 6A9C613D0F5F9676D128F39B63ACE45B, 027B9568C740E336C7CBBE952309E2719E8FFA14E7DFC2B85B49E0C0CE7D2149 ] igfxCUIService1.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
19:40:28.0103 0x2838  igfxCUIService1.0.0.0 - ok
19:40:28.0106 0x2838  IKEEXT - ok
19:40:28.0109 0x2838  IndirectKmd - ok
19:40:28.0142 0x2838  [ 41CD73C13FCAEA4942F0CF7608B7530F, 835BF370E6624975E3CB7106D4835488D6F527C545E7B0ECD26A161D36CABABB ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
19:40:28.0143 0x2838  intaud_WaveExtensible - ok
19:40:28.0169 0x2838  [ 87871AB7AC797F922A6F3D4C874CED96, 2BCD89911E42827CD294DD7D1486A7845D1F98019E51958E0F488384401B2944 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
19:40:28.0175 0x2838  IntcDAud - ok
19:40:28.0233 0x2838  [ 2D66067C7A8A0112156BCD1C0BAA7042, 89F77EEE59FF3AD2E777DA15187F1447F6E112E8831417A0DE656ACB82E7B22E ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
19:40:28.0241 0x2838  Intel(R) Capability Licensing Service Interface - ok
19:40:28.0251 0x2838  intelide - ok
19:40:28.0254 0x2838  intelpep - ok
19:40:28.0257 0x2838  intelppm - ok
19:40:28.0260 0x2838  iorate - ok
19:40:28.0262 0x2838  IpFilterDriver - ok
19:40:28.0266 0x2838  iphlpsvc - ok
19:40:28.0270 0x2838  IPMIDRV - ok
19:40:28.0272 0x2838  IPNAT - ok
19:40:28.0304 0x2838  [ F96B9EDC032E61EB87652896E92ED526, F9E3CD2FA2D963C56034A4F606869467FDC6647B916CF457249270E6C337A8A5 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
19:40:28.0312 0x2838  iPod Service - ok
19:40:28.0315 0x2838  irda - ok
19:40:28.0318 0x2838  IRENUM - ok
19:40:28.0321 0x2838  irmon - ok
19:40:28.0324 0x2838  isapnp - ok
19:40:28.0327 0x2838  iScsiPrt - ok
19:40:28.0349 0x2838  [ 846354992EBB373F452EB9182D501B08, 453459133DCA875E93CAAE9852E652F3794F8C31CE53526C47A181FDBABE6849 ] iusb3hcs        C:\WINDOWS\system32\drivers\iusb3hcs.sys
19:40:28.0350 0x2838  iusb3hcs - ok
19:40:28.0374 0x2838  [ 48B904D31F2369D7B0122617038D3F5B, 8A43CB37667929CCCC37B6E79E82509BBCA6C8884B44059DC87BCA7C21BE7FE1 ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
19:40:28.0375 0x2838  iwdbus - ok
19:40:28.0408 0x2838  [ 12DADA7E8BE1AED392F049CD6258C351, AD0C5C3A6C382738440A321A3E9DEBDFDDD267F521855F8414D81C215F884669 ] jhi_service    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
19:40:28.0411 0x2838  jhi_service - ok
19:40:28.0418 0x2838  kbdclass - ok
19:40:28.0430 0x2838  kbdhid - ok
19:40:28.0437 0x2838  kdnic - ok
19:40:28.0439 0x2838  KeyIso - ok
19:40:28.0467 0x2838  [ 97E3E8F35632EECD0ABD2DE6519A9666, ABE96FDEB1076E380D7FB4975C020B43ED4E821097EFC6AFE8C75D764167D6E8 ] kl1            C:\WINDOWS\system32\DRIVERS\kl1.sys
19:40:28.0474 0x2838  kl1 - ok
19:40:28.0497 0x2838  [ B01AD8DA034EE42D4C2282F77FDB03AE, 3FF55F3CEE4A0E5D559F04F5A639297EA0F36580720E94CF9DD56DEBF2E98F39 ] klbackupdisk    C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys
19:40:28.0499 0x2838  klbackupdisk - ok
19:40:28.0523 0x2838  [ 10549B5BFD9A3DCF4FFA6287236FA959, 6BDFA335A8E3A69425CB23230660D3168CB82911ACB3AAAF85C19263511EAF51 ] klbackupflt    C:\WINDOWS\system32\DRIVERS\klbackupflt.sys
19:40:28.0525 0x2838  klbackupflt - ok
19:40:28.0550 0x2838  [ 7DAA9047F50BF5A3F8C147719FC520AF, 0740387075AF46DB1E9AEE3B12C65A06EDFE58EADB8B562C36CB1FEFF9905C26 ] kldisk          C:\WINDOWS\system32\DRIVERS\kldisk.sys
19:40:28.0552 0x2838  kldisk - ok
19:40:28.0578 0x2838  [ 5766A27C85EE813029831D125D2EFB45, BB5BAFD5A58E80C7F0B8D24121352E0386B3422FFC16B56F1D1B1C6A482AC9F0 ] klelam          C:\WINDOWS\system32\DRIVERS\klelam.sys
19:40:28.0579 0x2838  klelam - ok
19:40:28.0607 0x2838  [ 63FD545876EF4248BE3C8788D8270758, 5FF6529F8D7F94848E68142D8B2CAA446342AF95644C9223E689E303E8AB7336 ] klflt          C:\WINDOWS\system32\DRIVERS\klflt.sys
19:40:28.0610 0x2838  klflt - ok
19:40:28.0641 0x2838  [ 3524D3B8F5BEF8C01EAF7EEFFA5EAB3F, 0908A6E3E62017F7099900850D58A1B775D808F7DC0951B09781689DF3994DA2 ] klhk            C:\WINDOWS\System32\drivers\klhk.sys
19:40:28.0647 0x2838  klhk - ok
19:40:28.0710 0x2838  [ 7796EAD58D8C1A42AAB6B6CA9A3F106C, 7DA8A05A0210F63C7D120DCF0101AD895D53368C0DED23E275F2BA79239FCE28 ] klids          C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys
19:40:28.0712 0x2838  klids - ok
19:40:28.0754 0x2838  [ BBF9B967A410120E67FB6E7F53E7A7CA, E6C8703A14271C08BDCEDB9F09B5E0392C9D337C9816E12D860A4DF3D5D3F7EE ] KLIF            C:\WINDOWS\system32\DRIVERS\klif.sys
19:40:28.0767 0x2838  KLIF - ok
19:40:28.0776 0x2838  [ DDCD4AF37C41EAAA47E99D9D2605AC8D, FA9A0E068DD45645E62C19995279078726D6DF79AD54EDBD53F7D1E1D059372B ] KLIM6          C:\WINDOWS\system32\DRIVERS\klim6.sys
19:40:28.0777 0x2838  KLIM6 - ok
19:40:28.0791 0x2838  [ 5480CC93737F48282552C84FA7EBA59B, B7D92424399B647132F6B9409FE75EAA310C984F796FC0B65BBE2EA180110968 ] klkbdflt        C:\WINDOWS\system32\DRIVERS\klkbdflt.sys
19:40:28.0793 0x2838  klkbdflt - ok
19:40:28.0809 0x2838  [ FD47C92A63B6EADEA830BFA96C06EAEE, C15C39B6FA53CBD01A2F95243845C4B706B4229F8FFB75C7128819B9CEE5B2CB ] klmouflt        C:\WINDOWS\system32\DRIVERS\klmouflt.sys
19:40:28.0810 0x2838  klmouflt - ok
19:40:28.0838 0x2838  [ 6B0C605591C892CBB683F63EA47822DC, E74C0A0501A1B4B56B417402108521F34DA6A23FCD1C05E4E524E41EBA0906FF ] klpd            C:\WINDOWS\system32\DRIVERS\klpd.sys
19:40:28.0840 0x2838  klpd - ok
19:40:28.0863 0x2838  [ 828B042A95F055648DA190DF6C7AB1B6, 0457B0EF03BCB4CC1297EB25A25C162937F456BF406EC7B1A5E9A0AA13A9BCD7 ] kltap          C:\WINDOWS\System32\drivers\kltap.sys
19:40:28.0865 0x2838  kltap - ok
19:40:28.0896 0x2838  [ A10F8B0584926404E5CCF915704D27AA, 1020162B59EB928E1ADEC174505AA6187B38DA1828DFC8A41D9C8B532EDD58F3 ] klupd_klif_arkmon C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
19:40:28.0900 0x2838  klupd_klif_arkmon - ok
19:40:28.0928 0x2838  [ 3140F62A49A37687EFB50475F960B44A, 506601819244E10AB891E4AFC91E7AC7276715B00A5D6932A57B01267FB97117 ] klupd_klif_klark C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
19:40:28.0931 0x2838  klupd_klif_klark - ok
19:40:28.0944 0x2838  [ 0E1A21C54398C8D8E791718AACF0E1EF, B08E47099BE3D6C654DB4C7E5D86B09D8650B24BEB53955591939AED30C6202A ] klupd_klif_klbg C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
19:40:28.0946 0x2838  klupd_klif_klbg - ok
19:40:28.0977 0x2838  [ EBC4BEEC7E807C49F9BC7546E5A67FEF, 2433EABE495A0B4CC7AC2D9BC728D1148ABADF074551CD1CCDA4A3DFD794F52A ] klupd_klif_mark C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
19:40:28.0979 0x2838  klupd_klif_mark - ok
19:40:28.0989 0x2838  [ 4C5305295B51BA72FC9C8CDAB32F95C3, 0E5850AC4CA14D971E7B04FED23CB2F6CEEE2796E905AADA0104677982ECD58A ] klwfp          C:\WINDOWS\system32\DRIVERS\klwfp.sys
19:40:28.0990 0x2838  klwfp - ok
19:40:29.0005 0x2838  [ 9A234E6404390862643FDD2EBFDE41FA, 011C9F7D6F04AFCE887BCC7A83CEC14806B6937D290F9F14830187FCEAF25D4A ] Klwtp          C:\WINDOWS\system32\DRIVERS\klwtp.sys
19:40:29.0007 0x2838  Klwtp - ok
19:40:29.0035 0x2838  [ 67EFD862ACEFCB9687523832C62FA584, B3C9A36C535B706EB19E5C5437705E8C5EC71F45115A2C97E1348462EC2A3922 ] kneps          C:\WINDOWS\system32\DRIVERS\kneps.sys
19:40:29.0038 0x2838  kneps - ok
19:40:29.0071 0x2838  [ EFF5EA6088DB81C6EF6EDCDA5EE79909, 4D364B0BF012C335FA3B25BDF042D4AF672D961B9B48CB7C5BE34FCFD1D64979 ] KSDE1.0.0      C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
19:40:29.0075 0x2838  KSDE1.0.0 - ok
19:40:29.0089 0x2838  KSecDD - ok
19:40:29.0099 0x2838  KSecPkg - ok
19:40:29.0109 0x2838  ksthunk - ok
19:40:29.0118 0x2838  KtmRm - ok
19:40:29.0125 0x2838  LanmanServer - ok
19:40:29.0131 0x2838  LanmanWorkstation - ok
19:40:29.0189 0x2838  [ 20EE2F2ADCF8DBD091E931593F5AC268, 5F053F8B7C8B340A0364CE37B25D68B6755C2CCDB050C02E9B4E0929DF587E0F ] LBTServ        C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
19:40:29.0193 0x2838  LBTServ - ok
19:40:29.0224 0x2838  [ EAB70270BDDCFEF56FCC7425C2D9883D, 7B351EE3DA3DA4677DD8E4F91A5FFA6EBB3A15BF76F34EAC8879ECB16D01190F ] LEqdUsb        C:\WINDOWS\system32\DRIVERS\LEqdUsb.Sys
19:40:29.0226 0x2838  LEqdUsb - ok
19:40:29.0239 0x2838  lfsvc - ok
19:40:29.0242 0x2838  [ 5EBB7C1FC685D45A1D3D8B2B9A656E48, 8C4D984D3566DE29D13A294ED927525A7D7A106887E809986EBDDA8CC0B98FFB ] LHidEqd        C:\WINDOWS\system32\DRIVERS\LHidEqd.Sys
19:40:29.0243 0x2838  LHidEqd - ok
19:40:29.0261 0x2838  [ AFDFA4A6B0F7B15AA38E494FD4595741, 0D89CCEBC816F4A3F6DDB093B3F8BB8B85293E94559085961DA31F9330D43C21 ] LHidFilt        C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
19:40:29.0262 0x2838  LHidFilt - ok
19:40:29.0266 0x2838  LicenseManager - ok
19:40:29.0282 0x2838  lltdio - ok
19:40:29.0285 0x2838  lltdsvc - ok
19:40:29.0295 0x2838  lmhosts - ok
19:40:29.0307 0x2838  [ C3E82B320F34C97F32B8026F4C249BEF, CAF53CD4738D2C92E4764372F75B5D0D74EBA896E59E685ED15B915F4E7223A0 ] LMouFilt        C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
19:40:29.0308 0x2838  LMouFilt - ok
19:40:29.0334 0x2838  [ 8D82CBBF5A8532D9A21A64BBCB774EE7, 30D6477EA4B47D50F05E3435A68113B3676CA24EF51CC2693353C2224D28D2BB ] LMS            C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:40:29.0337 0x2838  LMS - ok
19:40:29.0354 0x2838  LSI_SAS - ok
19:40:29.0357 0x2838  LSI_SAS2i - ok
19:40:29.0360 0x2838  LSI_SAS3i - ok
19:40:29.0363 0x2838  LSI_SSS - ok
19:40:29.0372 0x2838  LSM - ok
19:40:29.0374 0x2838  luafv - ok
19:40:29.0391 0x2838  [ A0A527569856B9814E8920F52EBB67F5, 4347277C84B47E4CC048850BDEFB258CFB3B476AA99FD503FD71FBB70FFF5ACF ] lvrs64          C:\WINDOWS\system32\DRIVERS\lvrs64.sys
19:40:29.0396 0x2838  lvrs64 - ok
19:40:29.0486 0x2838  [ 415E344294D1C0D04627B29146F68481, B4A1A05BDF07E8F226A98E51F62BE18BE2C046A084C495BD8A95CABC79FD0614 ] LVUVC64        C:\WINDOWS\system32\DRIVERS\lvuvc64.sys
19:40:29.0545 0x2838  LVUVC64 - ok
19:40:29.0552 0x2838  MapsBroker - ok
19:40:29.0555 0x2838  megasas - ok
19:40:29.0569 0x2838  megasas2i - ok
19:40:29.0572 0x2838  megasr - ok
19:40:29.0596 0x2838  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
19:40:29.0598 0x2838  MEIx64 - ok
19:40:29.0601 0x2838  MessagingService - ok
19:40:29.0668 0x2838  Microsoft SharePoint Workspace Audit Service - ok
19:40:29.0672 0x2838  mlx4_bus - ok
19:40:29.0675 0x2838  MMCSS - ok
19:40:29.0677 0x2838  Modem - ok
19:40:29.0683 0x2838  monitor - ok
19:40:29.0686 0x2838  mouclass - ok
19:40:29.0689 0x2838  mouhid - ok
19:40:29.0691 0x2838  mountmgr - ok
19:40:29.0730 0x2838  [ 572BD5A99648652147A5D3C6DA946C99, FFDAD4A5682864977C926A5DDDB632CDB2A166BF025757801CC56F2828720023 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:40:29.0732 0x2838  MozillaMaintenance - ok
19:40:29.0735 0x2838  mpsdrv - ok
19:40:29.0738 0x2838  MpsSvc - ok
19:40:29.0774 0x2838  MQAC - ok
19:40:29.0777 0x2838  MRxDAV - ok
19:40:29.0780 0x2838  mrxsmb - ok
19:40:29.0790 0x2838  mrxsmb10 - ok
19:40:29.0799 0x2838  mrxsmb20 - ok
19:40:29.0807 0x2838  MsBridge - ok
19:40:29.0812 0x2838  MSDTC - ok
19:40:29.0818 0x2838  Msfs - ok
19:40:29.0821 0x2838  msgpiowin32 - ok
19:40:29.0824 0x2838  mshidkmdf - ok
19:40:29.0827 0x2838  mshidumdf - ok
19:40:29.0829 0x2838  msisadrv - ok
19:40:29.0833 0x2838  MSiSCSI - ok
19:40:29.0835 0x2838  msiserver - ok
19:40:29.0838 0x2838  MSKSSRV - ok
19:40:29.0841 0x2838  MsLldp - ok
19:40:29.0849 0x2838  MSMQ - ok
19:40:29.0852 0x2838  MSPCLOCK - ok
19:40:29.0855 0x2838  MSPQM - ok
19:40:29.0858 0x2838  MsRPC - ok
19:40:29.0862 0x2838  mssmbios - ok
19:40:29.0940 0x2838  MSSQL$SQLEXPRESS - ok
19:40:29.0982 0x2838  [ F1761C8FB2B25A32C6D63E36BB88C3AE, C88F5EF7B547DAA2394888362916FA18F07241E0BF2B938297428A1C04FFD806 ] MSSQLServerADHelper100 C:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
19:40:29.0983 0x2838  MSSQLServerADHelper100 - ok
19:40:29.0985 0x2838  MSTEE - ok
19:40:29.0989 0x2838  MTConfig - ok
19:40:29.0992 0x2838  Mup - ok
19:40:29.0995 0x2838  mvumis - ok
19:40:30.0009 0x2838  NativeWifiP - ok
19:40:30.0012 0x2838  NcaSvc - ok
19:40:30.0017 0x2838  NcbService - ok
19:40:30.0020 0x2838  NcdAutoSetup - ok
19:40:30.0023 0x2838  ndfltr - ok
19:40:30.0039 0x2838  NDIS - ok
19:40:30.0042 0x2838  NdisCap - ok
19:40:30.0044 0x2838  NdisImPlatform - ok
19:40:30.0047 0x2838  NdisTapi - ok
19:40:30.0052 0x2838  Ndisuio - ok
19:40:30.0055 0x2838  NdisVirtualBus - ok
19:40:30.0058 0x2838  NdisWan - ok
19:40:30.0061 0x2838  ndiswanlegacy - ok
19:40:30.0064 0x2838  ndproxy - ok
19:40:30.0067 0x2838  Ndu - ok
19:40:30.0070 0x2838  NetAdapterCx - ok
19:40:30.0073 0x2838  NetBIOS - ok
19:40:30.0077 0x2838  NetBT - ok
19:40:30.0080 0x2838  Netlogon - ok
19:40:30.0083 0x2838  Netman - ok
19:40:30.0127 0x2838  NetMsmqActivator - ok
19:40:30.0129 0x2838  NetPipeActivator - ok
19:40:30.0133 0x2838  netprofm - ok
19:40:30.0143 0x2838  NetSetupSvc - ok
19:40:30.0145 0x2838  NetTcpActivator - ok
19:40:30.0148 0x2838  NetTcpPortSharing - ok
19:40:30.0154 0x2838  NgcCtnrSvc - ok
19:40:30.0156 0x2838  NgcSvc - ok
19:40:30.0159 0x2838  NlaSvc - ok
19:40:30.0161 0x2838  Npfs - ok
19:40:30.0165 0x2838  npsvctrig - ok
19:40:30.0168 0x2838  nsi - ok
19:40:30.0170 0x2838  nsiproxy - ok
19:40:30.0175 0x2838  NTFS - ok
19:40:30.0177 0x2838  Null - ok
19:40:30.0202 0x2838  [ E7015F1BB265BC148C60D4BC299C00B8, 1B1ED30F486F59FE65D5EE8856DC3D410F844B76B3BA8F8D3E7491BA62AB8E46 ] NVHDA          C:\WINDOWS\system32\drivers\nvhda64v.sys
19:40:30.0206 0x2838  NVHDA - ok
19:40:30.0508 0x2838  [ FB61714B56B76A452475878A57C045F8, 7A3D36A4E9B381E388114DAD8F86F7D737D3596E13CB124E2622D90594F2607A ] nvlddmkm        C:\WINDOWS\System32\DriverStore\FileRepository\nv_desktop_ref4wu.inf_amd64_6e17fae58779a6b0\nvlddmkm.sys
19:40:30.0676 0x2838  nvlddmkm - ok
19:40:30.0774 0x2838  [ FA9BC0048ED46C5FB5C93EAFFC97F63D, 2014C08B55940E055F6243E81F0227861272F2B6353D05BFEF364ED4F11EA9B0 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
19:40:30.0798 0x2838  NvNetworkService - ok
19:40:30.0803 0x2838  nvraid - ok
19:40:30.0806 0x2838  nvstor - ok
19:40:30.0868 0x2838  [ DEF76B479C3525952D0BD71E881E07B0, DC4B13AA97F61542F55F92769F9C8C5EB253BD6EB165EF064107D11158CD412F ] NvStreamKms    C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
19:40:30.0869 0x2838  NvStreamKms - ok
19:40:30.0939 0x2838  [ AF5BE3694A76365874B8967331049F2C, F704A0403B63E856EE9ECCE7C913650F5FF928F0872035EE73E1AE1CD54BC046 ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
19:40:30.0984 0x2838  NvStreamNetworkSvc - ok
19:40:31.0040 0x2838  [ 77BE9E1AFCE995652A1C4FF4C8A0F839, 4AD981BCC349D413B3CCDC06DC8D6D2C2648D049726D6825E35A9A91D4C072FF ] NvStreamSvc    C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
19:40:31.0071 0x2838  NvStreamSvc - ok
19:40:31.0117 0x2838  [ 85397430F424516BF8300FAAEF929366, 2EDF41407C7483AC8E4703BC0A13F764563E4B00D6923FD4678E6E361AC14D6B ] nvsvc          C:\WINDOWS\system32\nvvsvc.exe
19:40:31.0141 0x2838  nvsvc - ok
19:40:31.0164 0x2838  [ F37FE6B15A987AEEC08EEF531F2FAED7, CC768E7DE80C7A8CB2392F9BC528212B8A3A35A30A222ED0B0B959051E6F8065 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
19:40:31.0166 0x2838  nvvad_WaveExtensible - ok
19:40:31.0191 0x2838  OneSyncSvc - ok
19:40:31.0236 0x2838  [ 4965B005492CBA7719E82B71E3245495, 52AD72C05FACC1E0E416A1FA25F34FDD3CB274FAB973BEAAE911A2FACA42B650 ] ose64          C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:40:31.0238 0x2838  ose64 - ok
19:40:31.0362 0x2838  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc        C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:40:31.0422 0x2838  osppsvc - ok
19:40:31.0441 0x2838  p2pimsvc - ok
19:40:31.0449 0x2838  p2psvc - ok
19:40:31.0452 0x2838  Parport - ok
19:40:31.0459 0x2838  partmgr - ok
19:40:31.0461 0x2838  PcaSvc - ok
19:40:31.0473 0x2838  pci - ok
19:40:31.0487 0x2838  pciide - ok
19:40:31.0489 0x2838  pcmcia - ok
19:40:31.0492 0x2838  pcw - ok
19:40:31.0507 0x2838  pdc - ok
19:40:31.0586 0x2838  [ 531D80CCA3669925B79558DCFF223CC9, C4E252FECE6AB03078FCF79944C1A2B5E17DE5F4576FEB7FDC26C1330C49D162 ] PDF Architect 4 C:\Program Files\PDF Architect 4\ws.exe
19:40:31.0617 0x2838  PDF Architect 4 - ok
19:40:31.0647 0x2838  [ 44B650801B377105F3EE2EB4450634DE, 9F81BB741C63C0AE8413B4B15A02FF776F4FEC789406C8EE76A901B9C020F968 ] PDF Architect 4 CrashHandler C:\Program Files\PDF Architect 4\crash-handler-ws.exe
19:40:31.0660 0x2838  PDF Architect 4 CrashHandler - ok
19:40:31.0693 0x2838  [ C347A316028A456672E6220AC411E531, E0E826B544B948D4BC3C725B496D3B720D5B3AC247F68D6455B65D42729EE4D3 ] PDF Architect 4 Creator C:\Program Files\PDF Architect 4\creator-ws.exe
19:40:31.0704 0x2838  PDF Architect 4 Creator - ok
19:40:31.0758 0x2838  [ 06B2368D9B342AE8E02C929B72E07804, 4EBCFCE5FFE934369ADD035A804BC24160BF94A796A42592B328A35A26DAB79E ] PDF Architect 4 Manager C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe
19:40:31.0771 0x2838  PDF Architect 4 Manager - ok
19:40:31.0783 0x2838  PEAUTH - ok
19:40:31.0786 0x2838  percsas2i - ok
19:40:31.0789 0x2838  percsas3i - ok
19:40:31.0839 0x2838  PerfHost - ok
19:40:31.0854 0x2838  PhoneSvc - ok
19:40:31.0871 0x2838  PimIndexMaintenanceSvc - ok
19:40:31.0889 0x2838  pla - ok
19:40:31.0901 0x2838  PlugPlay - ok
19:40:31.0904 0x2838  PNRPAutoReg - ok
19:40:31.0907 0x2838  PNRPsvc - ok
19:40:31.0919 0x2838  PolicyAgent - ok
19:40:31.0923 0x2838  Power - ok
19:40:31.0925 0x2838  PptpMiniport - ok
19:40:32.0024 0x2838  [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify    C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
19:40:32.0065 0x2838  PrintNotify - ok
19:40:32.0072 0x2838  Processor - ok
19:40:32.0089 0x2838  ProfSvc - ok
19:40:32.0091 0x2838  Psched - ok
19:40:32.0095 0x2838  QWAVE - ok
19:40:32.0098 0x2838  QWAVEdrv - ok
19:40:32.0101 0x2838  RasAcd - ok
19:40:32.0110 0x2838  RasAgileVpn - ok
19:40:32.0114 0x2838  RasAuto - ok
19:40:32.0117 0x2838  Rasl2tp - ok
19:40:32.0120 0x2838  RasMan - ok
19:40:32.0123 0x2838  RasPppoe - ok
19:40:32.0125 0x2838  RasSstp - ok
19:40:32.0129 0x2838  rdbss - ok
19:40:32.0147 0x2838  rdpbus - ok
19:40:32.0150 0x2838  RDPDR - ok
19:40:32.0173 0x2838  RdpVideoMiniport - ok
19:40:32.0176 0x2838  rdyboost - ok
19:40:32.0179 0x2838  ReFSv1 - ok
19:40:32.0182 0x2838  RemoteAccess - ok
19:40:32.0185 0x2838  RemoteRegistry - ok
19:40:32.0199 0x2838  RetailDemo - ok
19:40:32.0203 0x2838  RmSvc - ok
19:40:32.0207 0x2838  RpcEptMapper - ok
19:40:32.0220 0x2838  RpcLocator - ok
19:40:32.0238 0x2838  RpcSs - ok
19:40:32.0241 0x2838  rspndr - ok
19:40:32.0254 0x2838  rt640x64 - ok
19:40:32.0263 0x2838  s3cap - ok
19:40:32.0267 0x2838  SamSs - ok
19:40:32.0269 0x2838  sbp2port - ok
19:40:32.0281 0x2838  SCardSvr - ok
19:40:32.0292 0x2838  ScDeviceEnum - ok
19:40:32.0295 0x2838  scfilter - ok
19:40:32.0299 0x2838  Schedule - ok
19:40:32.0301 0x2838  scmbus - ok
19:40:32.0304 0x2838  scmdisk0101 - ok
19:40:32.0311 0x2838  SCPolicySvc - ok
19:40:32.0326 0x2838  sdbus - ok
19:40:32.0329 0x2838  SDRSVC - ok
19:40:32.0332 0x2838  sdstor - ok
19:40:32.0335 0x2838  seclogon - ok
19:40:32.0346 0x2838  SENS - ok
19:40:32.0349 0x2838  SensorDataService - ok
19:40:32.0367 0x2838  SensorService - ok
19:40:32.0369 0x2838  SensrSvc - ok
19:40:32.0372 0x2838  SerCx - ok
19:40:32.0375 0x2838  SerCx2 - ok
19:40:32.0378 0x2838  Serenum - ok
19:40:32.0381 0x2838  Serial - ok
19:40:32.0384 0x2838  sermouse - ok
19:40:32.0391 0x2838  SessionEnv - ok
19:40:32.0396 0x2838  sfloppy - ok
19:40:32.0410 0x2838  SharedAccess - ok
19:40:32.0419 0x2838  ShellHWDetection - ok
19:40:32.0430 0x2838  shpamsvc - ok
19:40:32.0433 0x2838  SiSRaid2 - ok
19:40:32.0436 0x2838  SiSRaid4 - ok
19:40:32.0440 0x2838  smphost - ok
19:40:32.0443 0x2838  SmsRouter - ok
19:40:32.0466 0x2838  SNMPTRAP - ok
19:40:32.0483 0x2838  spaceport - ok
19:40:32.0485 0x2838  SpbCx - ok
19:40:32.0489 0x2838  Spooler - ok
19:40:32.0498 0x2838  sppsvc - ok
19:40:32.0595 0x2838  [ 8211A6F40B5EA8BF21C41F34C2895A6C, F394A78F80B0D7DA043AF39E99B2C16EA0CBF4AD4BFD61CFBA5ED08FB25E11C4 ] SQLAgent$SQLEXPRESS C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
19:40:32.0601 0x2838  SQLAgent$SQLEXPRESS - ok
19:40:32.0633 0x2838  [ 10D936DCED9EACD1A1B3FCDDA6D7A4EB, EE66162AEAF6A583A04BB5AF1220318C9ADD3A62987CDCEE0505C6FF37AB30FF ] SQLBrowser      C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
19:40:32.0636 0x2838  SQLBrowser - ok
19:40:32.0695 0x2838  [ F92E5F93BE572B512DA3C016B675EDE0, 3BBE8B952A329E4BCD6F0C8D6225F809B99217A196301B6FE543B26C3689A37B ] SQLWriter      C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
19:40:32.0697 0x2838  SQLWriter - ok
19:40:32.0708 0x2838  srv - ok
19:40:32.0711 0x2838  srv2 - ok
19:40:32.0714 0x2838  srvnet - ok
19:40:32.0725 0x2838  SSDPSRV - ok
19:40:32.0743 0x2838  SstpSvc - ok
19:40:32.0755 0x2838  StateRepository - ok
19:40:32.0818 0x2838  [ 0596DAFFF8A6709917E4BB80CD3A896B, 0097868A9EB81818D2EEB7FE4C511AB425E41F699DAE37D269F02C1982657CEC ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:40:32.0823 0x2838  Stereo Service - ok
19:40:32.0827 0x2838  stexstor - ok
19:40:32.0830 0x2838  stisvc - ok
19:40:32.0835 0x2838  storahci - ok
19:40:32.0838 0x2838  storflt - ok
19:40:32.0841 0x2838  stornvme - ok
19:40:32.0844 0x2838  storqosflt - ok
19:40:32.0847 0x2838  StorSvc - ok
19:40:32.0851 0x2838  storufs - ok
19:40:32.0855 0x2838  storvsc - ok
19:40:32.0858 0x2838  svsvc - ok
19:40:32.0861 0x2838  swenum - ok
19:40:32.0864 0x2838  swprv - ok
19:40:32.0879 0x2838  Synth3dVsc - ok
19:40:32.0882 0x2838  SysMain - ok
19:40:32.0896 0x2838  SystemEventsBroker - ok
19:40:32.0902 0x2838  TabletInputService - ok
19:40:32.0905 0x2838  TapiSrv - ok
19:40:32.0917 0x2838  Tcpip - ok
19:40:32.0920 0x2838  Tcpip6 - ok
19:40:32.0924 0x2838  tcpipreg - ok
19:40:32.0928 0x2838  tdx - ok
19:40:32.0932 0x2838  terminpt - ok
19:40:32.0935 0x2838  TermService - ok
19:40:32.0950 0x2838  Themes - ok
19:40:32.0962 0x2838  TieringEngineService - ok
19:40:32.0965 0x2838  tiledatamodelsvc - ok
19:40:32.0968 0x2838  TimeBrokerSvc - ok
19:40:32.0971 0x2838  TPM - ok
19:40:32.0974 0x2838  TrkWks - ok
19:40:32.0987 0x2838  TrustedInstaller - ok
19:40:32.0990 0x2838  tsusbflt - ok
19:40:32.0994 0x2838  TsUsbGD - ok
19:40:32.0997 0x2838  tunnel - ok
19:40:33.0010 0x2838  tzautoupdate - ok
19:40:33.0013 0x2838  UASPStor - ok
19:40:33.0016 0x2838  UcmCx0101 - ok
19:40:33.0019 0x2838  UcmTcpciCx0101 - ok
19:40:33.0022 0x2838  UcmUcsi - ok
19:40:33.0025 0x2838  Ucx01000 - ok
19:40:33.0028 0x2838  UdeCx - ok
19:40:33.0031 0x2838  udfs - ok
19:40:33.0034 0x2838  UEFI - ok
19:40:33.0037 0x2838  Ufx01000 - ok
19:40:33.0040 0x2838  UfxChipidea - ok
19:40:33.0043 0x2838  ufxsynopsys - ok
19:40:33.0050 0x2838  UI0Detect - ok
19:40:33.0053 0x2838  umbus - ok
19:40:33.0056 0x2838  UmPass - ok
19:40:33.0059 0x2838  UmRdpService - ok
19:40:33.0067 0x2838  UnistoreSvc - ok
19:40:33.0123 0x2838  [ 875A3B86D821151C84A4DFD40309C72D, FB251A3180F829B086C007807B68D7918276FEDB33618BB22C28A3DCEAFB751E ] UNS            C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
19:40:33.0128 0x2838  UNS - ok
19:40:33.0131 0x2838  upnphost - ok
19:40:33.0134 0x2838  UrsChipidea - ok
19:40:33.0137 0x2838  UrsCx01000 - ok
19:40:33.0140 0x2838  UrsSynopsys - ok
19:40:33.0153 0x2838  usbaudio - ok
19:40:33.0156 0x2838  usbccgp - ok
19:40:33.0160 0x2838  usbcir - ok
19:40:33.0163 0x2838  usbehci - ok
19:40:33.0166 0x2838  usbhub - ok
19:40:33.0169 0x2838  USBHUB3 - ok
19:40:33.0173 0x2838  usbohci - ok
19:40:33.0175 0x2838  usbprint - ok
19:40:33.0195 0x2838  [ 2EC7B2C8123236B1233A77281D378DF7, D97DB59C9CAE2B8B33C707E8CEA7A65BF88712842CC715D270F7432A99D21BB6 ] usbscan        C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:40:33.0197 0x2838  usbscan - ok
19:40:33.0201 0x2838  usbser - ok
19:40:33.0204 0x2838  USBSTOR - ok
19:40:33.0207 0x2838  usbuhci - ok
19:40:33.0210 0x2838  USBXHCI - ok
19:40:33.0216 0x2838  usb_rndisx - ok
19:40:33.0220 0x2838  UserDataSvc - ok
19:40:33.0225 0x2838  UserManager - ok
19:40:33.0235 0x2838  UsoSvc - ok
19:40:33.0237 0x2838  VaultSvc - ok
19:40:33.0240 0x2838  vdrvroot - ok
19:40:33.0244 0x2838  vds - ok
19:40:33.0247 0x2838  VerifierExt - ok
19:40:33.0251 0x2838  vhdmp - ok
19:40:33.0253 0x2838  vhf - ok
19:40:33.0258 0x2838  vmbus - ok
19:40:33.0261 0x2838  VMBusHID - ok
19:40:33.0264 0x2838  vmgid - ok
19:40:33.0271 0x2838  vmicguestinterface - ok
19:40:33.0274 0x2838  vmicheartbeat - ok
19:40:33.0276 0x2838  vmickvpexchange - ok
19:40:33.0286 0x2838  vmicrdv - ok
19:40:33.0289 0x2838  vmicshutdown - ok
19:40:33.0292 0x2838  vmictimesync - ok
19:40:33.0295 0x2838  vmicvmsession - ok
19:40:33.0299 0x2838  vmicvss - ok
19:40:33.0302 0x2838  volmgr - ok
19:40:33.0306 0x2838  volmgrx - ok
19:40:33.0309 0x2838  volsnap - ok
19:40:33.0312 0x2838  volume - ok
19:40:33.0315 0x2838  vpci - ok
19:40:33.0318 0x2838  vsmraid - ok
19:40:33.0321 0x2838  VSS - ok
19:40:33.0324 0x2838  VSTXRAID - ok
19:40:33.0327 0x2838  vwifibus - ok
19:40:33.0330 0x2838  vwififlt - ok
19:40:33.0334 0x2838  vwifimp - ok
19:40:33.0338 0x2838  W32Time - ok
19:40:33.0364 0x2838  w3logsvc - ok
19:40:33.0374 0x2838  W3SVC - ok
19:40:33.0377 0x2838  WacomPen - ok
19:40:33.0381 0x2838  WalletService - ok
19:40:33.0384 0x2838  wanarp - ok
19:40:33.0387 0x2838  wanarpv6 - ok
19:40:33.0390 0x2838  WAS - ok
19:40:33.0393 0x2838  wbengine - ok
19:40:33.0414 0x2838  WbioSrvc - ok
19:40:33.0417 0x2838  wcifs - ok
19:40:33.0420 0x2838  Wcmsvc - ok
19:40:33.0423 0x2838  wcncsvc - ok
19:40:33.0426 0x2838  wcnfs - ok
19:40:33.0429 0x2838  WdBoot - ok
19:40:33.0433 0x2838  Wdf01000 - ok
19:40:33.0436 0x2838  WdFilter - ok
19:40:33.0439 0x2838  WdiServiceHost - ok
19:40:33.0442 0x2838  WdiSystemHost - ok
19:40:33.0445 0x2838  wdiwifi - ok
19:40:33.0448 0x2838  WdNisDrv - ok
19:40:33.0456 0x2838  WdNisSvc - ok
19:40:33.0459 0x2838  WebClient - ok
19:40:33.0463 0x2838  Wecsvc - ok
19:40:33.0466 0x2838  WEPHOSTSVC - ok
19:40:33.0469 0x2838  wercplsupport - ok
19:40:33.0472 0x2838  WerSvc - ok
19:40:33.0475 0x2838  WFPLWFS - ok
19:40:33.0478 0x2838  WiaRpc - ok
19:40:33.0482 0x2838  WIMMount - ok
19:40:33.0485 0x2838  WinDefend - ok
19:40:33.0492 0x2838  WindowsTrustedRT - ok
19:40:33.0495 0x2838  WindowsTrustedRTProxy - ok
19:40:33.0499 0x2838  WinHttpAutoProxySvc - ok
19:40:33.0503 0x2838  WinMad - ok
19:40:33.0514 0x2838  Winmgmt - ok
19:40:33.0527 0x2838  WinRM - ok
19:40:33.0539 0x2838  WINUSB - ok
19:40:33.0542 0x2838  WinVerbs - ok
19:40:33.0553 0x2838  wisvc - ok
19:40:33.0556 0x2838  WlanSvc - ok
19:40:33.0563 0x2838  wlidsvc - ok
19:40:33.0566 0x2838  WmiAcpi - ok
19:40:33.0571 0x2838  wmiApSrv - ok
19:40:33.0586 0x2838  WMPNetworkSvc - ok
19:40:33.0600 0x2838  Wof - ok
19:40:33.0613 0x2838  workfolderssvc - ok
19:40:33.0617 0x2838  WPDBusEnum - ok
19:40:33.0620 0x2838  WpdUpFltr - ok
19:40:33.0624 0x2838  WpnService - ok
19:40:33.0627 0x2838  WpnUserService - ok
19:40:33.0632 0x2838  ws2ifsl - ok
19:40:33.0636 0x2838  wscsvc - ok
19:40:33.0639 0x2838  WSearch - ok
19:40:33.0652 0x2838  wuauserv - ok
19:40:33.0655 0x2838  WudfPf - ok
19:40:33.0658 0x2838  WUDFRd - ok
19:40:33.0662 0x2838  wudfsvc - ok
19:40:33.0665 0x2838  WUDFWpdFs - ok
19:40:33.0669 0x2838  WwanSvc - ok
19:40:33.0686 0x2838  XblAuthManager - ok
19:40:33.0700 0x2838  XblGameSave - ok
19:40:33.0703 0x2838  xboxgip - ok
19:40:33.0706 0x2838  XboxNetApiSvc - ok
19:40:33.0724 0x2838  xinputhid - ok
19:40:33.0745 0x2838  [ 2E76E5E2CDF34D9BA30A0C463459D2B0, BC30345B884BB8FCD6BCE5659101FF3C2E795626DE81C64AD359FDF99489BBE7 ] ZAtheros Wlan Agent C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
19:40:33.0747 0x2838  ZAtheros Wlan Agent - ok
19:40:33.0747 0x2838  ================ Scan global ===============================
19:40:33.0775 0x2838  [ Global ] - ok
19:40:33.0775 0x2838  ================ Scan MBR ==================================
19:40:33.0789 0x2838  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:40:33.0955 0x2838  \Device\Harddisk0\DR0 - ok
19:40:33.0955 0x2838  ================ Scan VBR ==================================
19:40:33.0957 0x2838  [ 676E8B8AAF594460DF8F70E39663B5FD ] \Device\Harddisk0\DR0\Partition1
19:40:33.0958 0x2838  \Device\Harddisk0\DR0\Partition1 - ok
19:40:33.0960 0x2838  [ 22E1B3E9238E68A6B74B70FCCE248545 ] \Device\Harddisk0\DR0\Partition2
19:40:33.0961 0x2838  \Device\Harddisk0\DR0\Partition2 - ok
19:40:33.0964 0x2838  [ D8BD44E2EBEBDD73F7F3E0AE3D9CCA69 ] \Device\Harddisk0\DR0\Partition3
19:40:33.0965 0x2838  \Device\Harddisk0\DR0\Partition3 - ok
19:40:33.0966 0x2838  ================ Scan generic autorun ======================
19:40:33.0967 0x2838  Logitech Download Assistant - ok
19:40:34.0034 0x2838  [ AAFCA7631F21F9D2D9B7BFA9355A9E97, F8B7884A6AD3AB4A9C5431CBDEB4569AD15CF2DD69437CD24160DC7AF04ED337 ] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
19:40:34.0040 0x2838  cAudioFilterAgent - ok
19:40:34.0091 0x2838  [ CEA9CC9F13E82893327CBCE5FAA90D1A, 1E33ECF11841CEAC20BB26C05356180E31A4C1030BBA0E69F2952117BA02A946 ] C:\Program Files\CONEXANT\SA3\SACpl.exe
19:40:34.0110 0x2838  SmartAudio - ok
19:40:34.0196 0x2838  [ 948EB9C552C05DF39F79587E6979D9F5, 402B155395C32005A8D78C8B0F00F2391542CB41188AF944FF17ADE6BE97A62D ] C:\Program Files\Logitech\SetPointP\SetPoint.exe
19:40:34.0233 0x2838  EvtMgr6 - ok
19:40:34.0267 0x2838  [ CC9823AA6E3F6229CD6DA193551314A5, 76BCD2BCA391C2114BF9D28FA290D9B39D16379C410070E0E3A6376FDEE51CE1 ] C:\Program Files\iTunes\iTunesHelper.exe
19:40:34.0269 0x2838  iTunesHelper - ok
19:40:34.0348 0x2838  [ C8AC55CCB8AB33713522B4CAAFAC0F59, CCEA638F90395F5C1C9DA892227FF4F3A7BC7567DEF8A7B63AFE2A487DADA88A ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
19:40:34.0377 0x2838  NvBackend - ok
19:40:34.0380 0x2838  ShadowPlay - ok
19:40:34.0408 0x2838  [ 4D1DA8CE5E364D22B4FF00F163194514, 165DE474309206A0F51266F19EDB4AF3D7BAD19FDA61B636AEE7A04278DBBC2C ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
19:40:34.0412 0x2838  USB3MON - ok
19:40:34.0466 0x2838  [ 57C635C41750117D206C90DA9C599777, D5291ED79FC08217758FB526FC8CCC9D374B65B49446104D271C36B0C1298446 ] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
19:40:34.0481 0x2838  BrMfcWnd - ok
19:40:34.0505 0x2838  [ 4DE3EF07E0854547309C6B40235A9D44, F73D8E6D98583865D1C8DB728058D83C72A3908E21E04EF313FCB829C040A1EC ] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe
19:40:34.0507 0x2838  ControlCenter3 - ok
19:40:34.0560 0x2838  [ 8FFDB89A0FB7C8ABC3A8825E38047341, B9107FAA3A885CD9A08C20F78D31C3642FA76812E417F41C4F2ADF7D90CA8C72 ] D:\Programme\Logitech\LWS\Webcam Software\LWS.exe
19:40:34.0563 0x2838  LWS - ok
19:40:34.0621 0x2838  [ 6513807FEE68E6C32E67437EE3FFB6C8, 2AB388BD68E984C38EAAF2D42DE918A64B42DA229627FC0B1A896A8AD60B5F91 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
19:40:34.0628 0x2838  SunJavaUpdateSched - ok
19:40:34.0675 0x2838  OneDriveSetup - ok
19:40:34.0676 0x2838  OneDriveSetup - ok
19:40:34.0722 0x2838  [ CA7127466799DE4AEAA0A14586ED38C3, 6674241D4887321B81C72B66C4343DDB51F72CD08056821D7A51D749AC681590 ] C:\Program Files (x86)\Auto Mute\AutoMute.exe
19:40:34.0734 0x2838  AutoMute.exe - ok
19:40:34.0825 0x2838  [ FD9A7F99A09DB266D0C1361B0ACCBD7E, 579160BDACDFE39AE5DDD7B5C2964453E89BA8D933F3FB16C6E3897EA3BDED29 ] C:\Users\Kamen-2\AppData\Local\Microsoft\OneDrive\OneDrive.exe
19:40:34.0832 0x2838  OneDrive - ok
19:40:34.0888 0x2838  [ 614FEE71F590258B37787E264CD52013, 61B401518CB92F43D76DE72C928005A7E3233FF26406E073313BA0753CF4C31E ] C:\Users\Kamen-2\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
19:40:34.0895 0x2838  Octoshape Streaming Services - ok
19:40:34.0912 0x2838  Uninstall C:\Users\Kamen-2\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64 - ok
19:40:34.0914 0x2838  OneDriveSetup - ok
19:40:34.0935 0x2838  WAB Migrate - ok
19:40:34.0936 0x2838  OneDriveSetup - ok
19:40:34.0937 0x2838  Waiting for KSN requests completion. In queue: 68
19:40:35.0951 0x2838  AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\wmiav.exe ( 17.0.0.611 ), 0x41000 ( enabled : updated )
19:40:35.0951 0x2838  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x60100 ( disabled : updated )
19:40:35.0952 0x2838  FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\wmiav.exe ( 17.0.0.611 ), 0x41010 ( enabled )
19:40:36.0112 0x2838  ============================================================
19:40:36.0112 0x2838  Scan finished
19:40:36.0112 0x2838  ============================================================
19:40:36.0120 0x299c  Detected object count: 0
19:40:36.0120 0x299c  Actual detected object count: 0

deeprybka 24.10.2016 19:07
Gut.

Schritt 1

http://deeprybka.trojaner-board.de/m...mbamlogo4a.pnghttp://deeprybka.trojaner-board.de/m...mbamlogo4b.png
  • Download und Anleitung
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Unter Einstellungen/ Erkennung und Schutz setze bitte einen Haken bei "Suche nach Rootkits".
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass Deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Jetzt bitte Suchscan durchführen:

Schritt 2

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


ThinkGreen 24.10.2016 20:41
Anbei nun der Inhalt der mbam.txt

Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 24.10.2016
Suchlaufzeit: 21:02
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.10.24.09
Rootkit-Datenbank: v2016.09.26.02
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Kamen-2

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 498963
Abgelaufene Zeit: 23 Min., 57 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 13
PUP.Optional.SpyHunter, HKLM\SOFTWARE\ENIGMASOFTWAREGROUP\SpyHunter, In Quarantäne, [0702a1fce9b15ed87436dc2be91cab55],
PUP.Optional.Desk365, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{05193F6D-7AF7-46A0-98A1-B9259C64FEB1}, Löschen bei Neustart, [98719d0074260f2734f210e347bc6e92],
PUP.Optional.DealPly, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{0CCCB899-8DE4-4E33-B3B6-A08AB30BED65}, Löschen bei Neustart, [9e6baeefe3b7dc5a5808d1235ea58e72],
PUP.Optional.DealPly, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{4C657C21-B6CA-4AF8-886A-5D7153AFE0E7}, Löschen bei Neustart, [be4b05982b6fc076e779d91bb053c63a],
PUP.Optional.DealPly, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{65C8CD41-9C0E-43DF-A252-D92A6F149D9A}, Löschen bei Neustart, [ab5e059829716bcb6ff1a45038cb26da],
PUP.Optional.DealPly, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Dealply, Löschen bei Neustart, [21e8b4e9faa0be78f67e059a6b987090],
PUP.Optional.DealPly, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\DealPlyLiveUpdateTaskMachineCore, Löschen bei Neustart, [60a9dac3e5b563d32e468f1028db01ff],
PUP.Optional.DealPly, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\DealPlyLiveUpdateTaskMachineUA, Löschen bei Neustart, [62a71588e6b4f93d7400aaf529dac040],
PUP.Optional.Desk365, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Desk 365 RunAsStdUser, Löschen bei Neustart, [1aef207d55451d19ad21514e17ec31cf],
PUP.Optional.InstallCore, HKU\S-1-5-21-978911087-3551223929-1637386772-1000\SOFTWARE\csastats, In Quarantäne, [4bbe9805f3a7ff37bcb332c8976cda26],
PUP.Optional.YahooVNM, HKU\S-1-5-21-978911087-3551223929-1637386772-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}, In Quarantäne, [f7126e2fcad0d363c9fed4e850b3be42],
PUP.Optional.ProductSetup, HKU\S-1-5-21-978911087-3551223929-1637386772-1000\SOFTWARE\PRODUCTSETUP, In Quarantäne, [b059118cbcde1521169f149c1ee5df21],
PUP.Optional.DealPly, HKU\S-1-5-21-978911087-3551223929-1637386772-501\SOFTWARE\DealPlyLive, In Quarantäne, [f019732a0d8d3303d497f5aa9c675ca4],

Registrierungswerte: 7
PUP.Optional.Desk365, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{05193F6D-7AF7-46A0-98A1-B9259C64FEB1}|Path, \Desk 365 RunAsStdUser, Löschen bei Neustart, [98719d0074260f2734f210e347bc6e92]
PUP.Optional.DealPly, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{0CCCB899-8DE4-4E33-B3B6-A08AB30BED65}|Path, \DealPlyLiveUpdateTaskMachineCore, Löschen bei Neustart, [9e6baeefe3b7dc5a5808d1235ea58e72]
PUP.Optional.DealPly, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{4C657C21-B6CA-4AF8-886A-5D7153AFE0E7}|Path, \DealPlyLiveUpdateTaskMachineUA, Löschen bei Neustart, [be4b05982b6fc076e779d91bb053c63a]
PUP.Optional.DealPly, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{65C8CD41-9C0E-43DF-A252-D92A6F149D9A}|Path, \Dealply, Löschen bei Neustart, [ab5e059829716bcb6ff1a45038cb26da]
PUP.Optional.YahooVNM, HKU\S-1-5-21-978911087-3551223929-1637386772-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}|URL, https://at.search.yahoo.com/search?fr=vmn&type=vmn__webcompa__1_0__ya__ch_WCYID10028_AT_160503__yaie&p={searchTerms}, In Quarantäne, [f7126e2fcad0d363c9fed4e850b3be42]
PUP.Optional.YahooVNM, HKU\S-1-5-21-978911087-3551223929-1637386772-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}|TopResultURL, https://at.search.yahoo.com/search?fr=vmn&type=vmn__webcompa__1_0__ya__ch_WCYID10028_AT_160503__yaie&p={searchTerms}, In Quarantäne, [cf3aa9f4f9a17db97552bb01df243bc5]
PUP.Optional.ProductSetup, HKU\S-1-5-21-978911087-3551223929-1637386772-1000\SOFTWARE\PRODUCTSETUP|tb, 0D2Y1I1B1P2Y, In Quarantäne, [b059118cbcde1521169f149c1ee5df21]

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 2
PUP.Optional.SpyHunter, C:\Program Files\Enigma Software Group\SpyHunter, In Quarantäne, [a06948557f1b85b14502a364ad58af51],
PUP.Optional.SpyHunter, C:\Program Files\Enigma Software Group\SpyHunter\Log, In Quarantäne, [a06948557f1b85b14502a364ad58af51],

Dateien: 3
Rogue.Link, C:\Users\Kamen-2\Favorites\Free Porn, Sex, Tube Videos, XXX Pics, Pussy in Porno Movies - XNXX.COM.url, In Quarantäne, [bf4abce11e7c1224159cf11ba1628d73],
PUP.Optional.SpyHunter, C:\Program Files\Enigma Software Group\SpyHunter\INSTALL.LOG, In Quarantäne, [a06948557f1b85b14502a364ad58af51],
PUP.Optional.SpyHunter, C:\Program Files\Enigma Software Group\SpyHunter\Log\SpyHunter4_20130513_202817.log, In Quarantäne, [a06948557f1b85b14502a364ad58af51],

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

deeprybka 25.10.2016 18:35
OK...und ESET noch bitte...

ThinkGreen 25.10.2016 19:41
Hier ist nun die ESET:

Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=3de0f79f51b23c49a7f9e767556c79cf
# end=init
# utc_time=2016-10-24 07:46:09
# local_time=2016-10-24 09:46:09 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 31185
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=3de0f79f51b23c49a7f9e767556c79cf
# end=updated
# utc_time=2016-10-24 07:49:20
# local_time=2016-10-24 09:49:20 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=3de0f79f51b23c49a7f9e767556c79cf
# end=restart
# utc_time=2016-10-24 09:04:15
# local_time=2016-10-24 11:04:15 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 213451 8673671 0 0
# scanned=269620
# found=9
# cleaned=0
# scan_time=4494
sh=5339ABEE428B92A04DF04A1D1B81896A68CF7CBD ft=0 fh=0000000000000000 vn="Win32/DealPly.J evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\DealPly.crx.vir"
sh=B93A611E29C3BD6E13E9F3A2BD98F17EED127102 ft=0 fh=0000000000000000 vn="Win32/DealPly.J evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\DealPly.xpi.vir"
sh=D1337408DE8FC6409BCB0F52A3F84F2863A94C40 ft=1 fh=b4f71a4e9c68bca5 vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\DealPlyLiveBroker.exe.vir"
sh=E1124A98F09A6EBCE59FEA2E918FFE2DCB245146 ft=1 fh=c29d58234e843b86 vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\DealPlyLiveOnDemand.exe.vir"
sh=A658B92B519F7898937EE2AE8CF53A62F620C923 ft=1 fh=7f9bfa912e5e181c vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdate.dll.vir"
sh=6D00C85C60CAF98D39E5CD07AACE53C757A99C49 ft=1 fh=ed4a7cab0d6835d6 vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ru.dll.vir"
sh=7489D541CA03F640A02B20A33A88C70691D689D5 ft=1 fh=5216003ac57facf4 vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll.vir"
sh=0652CF8AA5ACCADDDD31EE32521742F0CF6A62B0 ft=1 fh=6730b7aa2ee36939 vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\psmachine.dll.vir"
sh=4990A2E5C73E3A5AE70FC1C50820018E3481A2B9 ft=1 fh=7b59edfb86d10a42 vn="Win32/JoyDownloader.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Kamen-2\AppData\Roaming\rmi\offer_downloader.exe"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=3de0f79f51b23c49a7f9e767556c79cf
# end=init
# utc_time=2016-10-24 09:04:32
# local_time=2016-10-24 11:04:32 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=3de0f79f51b23c49a7f9e767556c79cf
# end=init
# utc_time=2016-10-25 04:32:26
# local_time=2016-10-25 06:32:26 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 31195
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=3de0f79f51b23c49a7f9e767556c79cf
# end=updated
# utc_time=2016-10-25 04:33:58
# local_time=2016-10-25 06:33:58 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=3de0f79f51b23c49a7f9e767556c79cf
# engine=31195
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-10-25 06:34:59
# local_time=2016-10-25 08:34:59 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 290895 8751115 0 0
# scanned=416231
# found=9
# cleaned=0
# scan_time=7260
sh=5339ABEE428B92A04DF04A1D1B81896A68CF7CBD ft=0 fh=0000000000000000 vn="Win32/DealPly.J evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\DealPly.crx.vir"
sh=B93A611E29C3BD6E13E9F3A2BD98F17EED127102 ft=0 fh=0000000000000000 vn="Win32/DealPly.J evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\DealPly.xpi.vir"
sh=D1337408DE8FC6409BCB0F52A3F84F2863A94C40 ft=1 fh=b4f71a4e9c68bca5 vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\DealPlyLiveBroker.exe.vir"
sh=E1124A98F09A6EBCE59FEA2E918FFE2DCB245146 ft=1 fh=c29d58234e843b86 vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\DealPlyLiveOnDemand.exe.vir"
sh=A658B92B519F7898937EE2AE8CF53A62F620C923 ft=1 fh=7f9bfa912e5e181c vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdate.dll.vir"
sh=6D00C85C60CAF98D39E5CD07AACE53C757A99C49 ft=1 fh=ed4a7cab0d6835d6 vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ru.dll.vir"
sh=7489D541CA03F640A02B20A33A88C70691D689D5 ft=1 fh=5216003ac57facf4 vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll.vir"
sh=0652CF8AA5ACCADDDD31EE32521742F0CF6A62B0 ft=1 fh=6730b7aa2ee36939 vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\psmachine.dll.vir"
sh=4990A2E5C73E3A5AE70FC1C50820018E3481A2B9 ft=1 fh=7b59edfb86d10a42 vn="Win32/JoyDownloader.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Kamen-2\AppData\Roaming\rmi\offer_downloader.exe"


Alle Zeitangaben in WEZ +1. Es ist jetzt 20:59 Uhr.
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131