| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Pc friert ein Sound verzerrt !Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
06.12.2012, 12:49
| #1 |
 |  Pc friert ein Sound verzerrt ! Hallo liebe Trojaner community, hab mich eben hier angemeldet um Hilfe zu finden weiß aber leider nicht ob es ein Virus ist oder was auch immer. Zu meinem Problem: In letzter Zeit friert mein Pc öfters ein, aber Merkwürdig ! Ich hatte vor ein paar Monaten schonmal das selbe Problem aber das ist nicht das merkwürde an der Sache sondern erst friert der Pc ein, der Sound zB Musik läuft erst weiter dann fängt der Sound an zu knacken und schließlich brummt es eintönig. ( Inerhalb 2- 3 Sekunden nachdem der Pc eingefroren ist ) Danach rebootet der Pc von neu ohne das ich etwas drücke. ( ohne herunter zu fahren weil er ja eingefroren ist) Das einfrieren scheint willkürlich zu passieren allerdings (glaube ich) nur in Verbindung mit Musik oder Teamspeak also wenn Sound wiedergegeben wird aber da bin ich mir nicht sicher ist nur eine Vermutung. Wie gesagt ich hatte schoneinmal so ähnliche Probleme mit dem einfrieren, da war es aber noch merkwürdiger, undzwar lief beispielsweise Musik trotz einfrieren des Pc's im Hintergrund weiter o.O Hatte zB ein mehrstündiges Set am laufen bin weg gegangen vom Pc 10 min oder so Pc eingefroren Musik lief trotzdem weiter ! Hab Avira vor ein paar Tagen mal durchlaufen lassen und er hat auch was gefunden (Trojan Agent), natürlich wurde dieser Virus auch gleich beseitigt. Nun habe ich mir Kaspersky Virus Removal Tool geladen und genau wie Avira eben nochmal drüber schauen lassen doch es wurde nichts entdeckt. Könnte es sein das der Virus immer noch im meinem System ist ? kann ich das irgend wie herausfinden ? Würde ja Windoof neu aufsetzten doch finde die CD leider nicht ... d.h. es könnte noch ein wenig dauern bis ich ihn neu machen kann, sollte man das Problem natürlich Lösen können wäre das neuaufsetzten ja nicht mehr nötig. Ich hoffe das ihr mir einen Rat geben könnt oder das schonmal zumindest jemand dieses Problem selbst erfahren hat. Danke schon mal im voraus für eure Antworten!!! MFG DEXTER |
|
06.12.2012, 13:02
| #2 | |
| /// TB-Ausbilder  | Pc friert ein Sound verzerrt ! Ich werde dir bei deinem Problem helfen. Eine Bereinigung ist mitunter mit viel Arbeit für Dich (und mich) verbunden. Bevor es los geht, habe ich etwas Lesestoff für dich. Wir können einmal durchchecken, aber es ist nicht gesagt, dass es Malware ist.
__________________ |
|
06.12.2012, 13:12
| #3 |
| | Pc friert ein Sound verzerrt ! Habe alles verstanden und mir ist auch bewusst das es andere Gründe für mein Problem geben kann.
__________________ Also ich bin bereit! |
|
06.12.2012, 13:15
| #4 |
| /// TB-Ausbilder | Pc friert ein Sound verzerrt ! Na schön, dann leg mal die Ohren an!  Schritt 1: Laufwerksemulationen abschalten mit Defogger Downloade Dir bitte defogger von jpshortstuff auf Deinem Desktop und starte es:Schritt 2: Scan mit aswMBR Schritt 3: Scan mit dem TDSS-Killer Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen. Schritt 4: Scan mit DDS (+ attach) Downloade dir bitte DDS (von sUBs) von einem der folgenden Downloadspiegel und speichere die Datei auf deinem Desktop.
__________________  Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
06.12.2012, 13:17
| #5 | |
| /// TB-Ausbilder | Pc friert ein Sound verzerrt !-------------
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
06.12.2012, 13:30
| #6 |
| | Pc friert ein Sound verzerrt ! Entschuldige aber ich habe doch noch einen Frage. Wie poste ich Logs oder ähnliches in CODE - Tags ? Übringens danke für's schnelle Antworten Hätte mal die Seite aktualisieren sollen |
|
06.12.2012, 13:33
| #7 |
| /// TB-Ausbilder | Pc friert ein Sound verzerrt ! Hättest du mal
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
06.12.2012, 13:52
| #8 |
| | Pc friert ein Sound verzerrt !Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 13:19 on 06/12/2012 (Ryuk1337)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software Run date: 2012-12-06 13:22:36 ----------------------------- 13:22:36.934 OS Version: Windows x64 6.1.7600 13:22:36.934 Number of processors: 3 586 0x502 13:22:36.935 ComputerName: RYUK1337-PC UserName: Ryuk1337 13:22:38.858 Initialize success 13:25:18.312 AVAST engine defs: 12120501 13:25:30.020 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 13:25:30.022 Disk 0 Vendor: SAMSUNG_HD502HI 1AG01118 Size: 476940MB BusType: 3 13:25:30.033 Disk 0 MBR read successfully 13:25:30.035 Disk 0 MBR scan 13:25:30.066 Disk 0 Windows 7 default MBR code 13:25:30.069 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 476929 MB offset 63 13:25:30.106 Disk 0 scanning C:\Windows\system32\drivers 13:25:39.402 Service scanning 13:25:58.428 Modules scanning 13:25:58.434 Disk 0 trace - called modules: 13:25:58.445 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys 13:25:58.449 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800489f290] 13:25:58.452 3 CLASSPNP.SYS[fffff880010bf43f] -> nt!IofCallDriver -> [0xfffffa8004893520] 13:25:58.791 5 ACPI.sys[fffff88000e19781] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa800488f680] 13:26:00.023 AVAST engine scan C:\Windows 13:26:02.924 AVAST engine scan C:\Windows\system32 13:30:31.790 AVAST engine scan C:\Windows\system32\drivers 13:30:44.895 AVAST engine scan C:\Users\Ryuk1337 13:33:56.557 AVAST engine scan C:\ProgramData 13:34:19.958 Scan finished successfully 13:35:09.440 Disk 0 MBR has been saved successfully to "C:\Users\Ryuk1337\Desktop\MBR.dat" 13:35:09.445 The log file has been saved successfully to "C:\Users\Ryuk1337\Desktop\aswMBR.txt" UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT .DDS Logfile: Code:
ATTFilter DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 17.07.2012 11:26:05
System Uptime: 06.12.2012 11:35:27 (2 hours ago)
.
Motherboard: ASRock | | M3A770DE
Processor: AMD Athlon(tm) II X3 435 Processor | CPUSocket | 2893/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 466 GiB total, 343,667 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is FIXED (NTFS) - 932 GiB total, 62,086 GiB free.
G: is Removable
H: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Realtek RTL8168D/8111D-Familie-PCI-E-Gigabit-Ethernet-NIC (NDIS 6.20)
Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_81681849&REV_03\4&E057C7F&0&0050
Manufacturer: Realtek
Name: Realtek RTL8168D/8111D-Familie-PCI-E-Gigabit-Ethernet-NIC (NDIS 6.20)
PNP Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_81681849&REV_03\4&E057C7F&0&0050
Service: RTL8167
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
ATI Catalyst Install Manager
Avira Free Antivirus
Call of Duty: Black Ops II
Call of Duty: Black Ops II - Multiplayer
Call of Duty: Black Ops II - Zombies
Call of Duty: Modern Warfare 2
Call of Duty: Modern Warfare 2 - Multiplayer
CCleaner
Counter-Strike: Global Offensive
CyberLink PowerDVD 12
DAEMON Tools Lite
Defraggler
Google Chrome
Guitar Hero III
HTC BMP USB Driver
HTC Driver Installer
Java 7 Update 7 (64-bit)
Java 7 Update 9
Java Auto Updater
Malwarebytes Anti-Malware Version 1.65.1.1000
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile DEU Language Pack
Microsoft .NET Framework 4 Extended
Microsoft .NET Framework 4 Extended DEU Language Pack
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
NVIDIA 3D Vision Controller-Treiber 306.97
NVIDIA 3D Vision Treiber 306.97
NVIDIA Grafiktreiber 306.97
NVIDIA HD-Audiotreiber 1.3.18.0
NVIDIA Install Application
NVIDIA PhysX
NVIDIA PhysX-Systemsoftware 9.12.0604
NVIDIA Stereoscopic 3D Driver
NVIDIA Systemsteuerung 306.97
NVIDIA Update 1.10.8
NVIDIA Update Components
OpenOffice.org 3.4
PlanetSide 2
Platform
RocketDock 1.3.5
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Sony Vegas Pro 8.0
Steam
TeamSpeak 3 Client
Universal AntiCheat 3 v1.072 R3
VC80CRTRedist - 8.0.50727.6195
VIA Plattform-Geräte-Manager
Visual Studio 2008 x64 Redistributables
VLC media player 2.0.2
WinRAR 4.20 (64-Bit)
.
==== End Of File ===========================
Code:
ATTFilter DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 8.0.7600.17051 BrowserJavaVersion: 10.9.2
Run by Ryuk1337 at 13:44:06 on 2012-12-06
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.49.1031.18.4095.2726 [GMT 1:00]
.
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.babylon.com/?affID=113480&tt=120812_bandext_3212_2&babsrc=HP_ss&mntrId=9866b1710000000000006234e25419fa
mWinlogon: Userinit = userinit.exe,
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [PowerDVD12DMREngine] "C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe"
mRun: [PowerDVD12Agent] "C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe"
mRunOnce: [GrpConv] grpconv -o
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files (x86)\PokerStars.EU\PokerStarsUpdate.exe
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: NameServer = 192.168.42.129
TCP: Interfaces\{A5CEB0E2-EDA1-4A5B-B861-796E55890ADD} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{B2A6497D-13C7-4501-9D79-3E9B4F059D74} : DHCPNameServer = 192.168.42.129
TCP: Interfaces\{D8C5EE7C-9D26-40E0-B9BD-3505F6740669} : DHCPNameServer = 192.168.42.129
TCP: Interfaces\{F7B7718F-C40E-48FA-AF21-AC316B729A91} : DHCPNameServer = 192.168.42.129
AppInit_DLLs= c:\progra~3\browse~1\23787~1.43\{16cdf~1\browse~1.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.sys [2012-10-22 27800]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-7-22 283200]
R1 Magic Tune;MagicTune;C:\Windows\System32\drivers\MTiCtwl.sys [2012-12-4 23096]
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2012/12/05 07:40:07];C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [2012-4-17 146928]
R2 AntiVirSchedulerService;Avira Planer;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2012-10-22 85280]
R2 AntiVirService;Avira Echtzeit-Scanner;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2012-10-22 109344]
R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2012-10-22 98888]
R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [2012-12-5 87336]
R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2012-12-5 75048]
R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2012-12-5 296232]
R2 ntk_PowerDVD12;ntk_PowerDVD12;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2012-12-5 82928]
R3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-2 33736]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2012-8-28 1342064]
RUnknown 11131479;11131479; [x]
RUnknown 60742676;60742676; [x]
RUnknown 7056386drv;7056386drv; [x]
RUnknown 8507469drv;8507469drv; [x]
S2 {73526619-C24F-470B-9BED-53D455FBB5C6};Power Control [2012/12/05 07:42:11];C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [2012-4-17 146928]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\System32\drivers\htcnprot.sys [2010-6-25 36928]
S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-10-23 25928]
S3 npggsvc;nProtect GameGuard Service;C:\Windows\System32\GameMon.des -service --> C:\Windows\System32\GameMon.des -service [?]
S3 RTL8167;Realtek 8167 NT-Treiber;C:\Windows\System32\drivers\Rt64win7.sys [2009-6-10 187392]
S4 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-10-23 399432]
S4 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-10-23 676936]
S4 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-3-23 87040]
S4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-2 382824]
S4 VIAKaraokeService;VIA Karaoke digital mixer Service;C:\Windows\System32\ViakaraokeSrv.exe [2012-8-28 27760]
.
=============== Created Last 30 ================
.
2012-12-06 10:56:06 -------- d-----w- C:\ProgramData\Kaspersky Lab
2012-12-05 02:32:07 -------- d-----w- C:\Program Files\ATI
2012-12-05 02:31:39 -------- d-----w- C:\Program Files\ATI Technologies
2012-12-05 02:31:07 16440 ----a-w- C:\Windows\System32\drivers\AtiPcie.sys
2012-12-04 07:21:33 23096 ----a-w- C:\Windows\System32\drivers\MTiCtwl.sys
2012-12-04 07:21:00 -------- d-----w- C:\Program Files\MagicTune Premium
2012-12-04 07:07:38 -------- d-----w- C:\Samsung
2012-12-04 04:41:35 -------- d-----w- C:\Program Files (x86)\Stereoscopic Player
2012-12-04 04:06:21 -------- d-----w- C:\Users\Ryuk1337\AppData\Roaming\Stereoscopic Player
2012-12-02 15:09:29 -------- d-----w- C:\Program Files (x86)\inKline Global
2012-11-30 19:25:35 -------- d-----w- C:\Program Files (x86)\DExUS
2012-11-30 14:13:00 -------- d-----w- C:\Users\Ryuk1337\AppData\Local\SCE
2012-11-30 14:13:00 -------- d-----w- C:\Crash
2012-11-30 14:12:59 -------- d-----w- C:\Users\Ryuk1337\AppData\Local\Sony Online Entertainment
.
==================== Find3M ====================
.
2012-11-30 16:28:58 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-11-30 16:28:58 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-11-13 11:51:25 98888 ----a-w- C:\Windows\System32\drivers\avgntflt.sys
2012-10-18 00:31:53 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2012-10-18 00:31:52 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-10-18 00:31:52 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-10-02 19:51:15 3536817 ----a-w- C:\Windows\System32\nvcoproc.bin
2012-10-02 19:51:11 3293544 ----a-w- C:\Windows\System32\nvsvc64.dll
2012-10-02 19:51:04 6200680 ----a-w- C:\Windows\System32\nvcpl.dll
2012-10-02 19:50:57 891240 ----a-w- C:\Windows\System32\nvvsvc.exe
2012-10-02 19:50:57 63336 ----a-w- C:\Windows\System32\nvshext.dll
2012-10-02 19:50:57 2557800 ----a-w- C:\Windows\System32\nvsvcr.dll
2012-10-02 19:50:57 118120 ----a-w- C:\Windows\System32\nvmctray.dll
2012-10-02 12:15:52 430952 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2012-09-29 17:54:26 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-09-24 07:58:11 27800 ----a-w- C:\Windows\System32\drivers\avkmgr.sys
2012-09-18 23:19:47 108008 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2012-09-18 23:19:46 916456 ----a-w- C:\Windows\System32\deployJava1.dll
2012-09-18 23:19:46 1034216 ----a-w- C:\Windows\System32\npDeployJava1.dll
2012-09-10 16:49:00 4581296 ----a-w- C:\Windows\SysWow64\GameMon.des
2012-07-03 14:41:12 168864 ----a-w- C:\Program Files\Common Files\WireHelpSvc.exe
.
============= FINISH: 13:44:32,08 ===============
So, ich will hoffen das ich es richtig gemacht habe falls ich es falsch gemacht habe und hätte den CODE nur einmal setzten dürfen werde ich das selbstverständlich korigieren ! MFG |
|
06.12.2012, 13:56
| #9 | |
| /// TB-Ausbilder | Pc friert ein Sound verzerrt ! Nein alles okay. Aber oh oh oh Wir werden das jetzt bereinigen. Schritt 1: Starte aswMBR und mache "Fix MBR". Das geht ganz schnell. Neustart. Schritt 2: TDSSKiller starten. Diesmal das TDSS-Filesystem entfernen. Neustart Neues Logfile mit TDSSKiller machen. Schritt 3: Berichte ob das geklappt hat.
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
06.12.2012, 14:10
| #10 |
| | Pc friert ein Sound verzerrt ! Ok, done. Du meintest bei Schritt 2 den haken wieder entfernen den wir gesetzt haben oder ? Wenn ja dann ist alles korrekt verlaufen von meiner Seite! Code:
ATTFilter 14:04:20.0392 3916 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
14:04:22.0392 3916 ============================================================
14:04:22.0392 3916 Current date / time: 2012/12/06 14:04:22.0392
14:04:22.0392 3916 SystemInfo:
14:04:22.0392 3916
14:04:22.0392 3916 OS Version: 6.1.7600 ServicePack: 0.0
14:04:22.0392 3916 Product type: Workstation
14:04:22.0392 3916 ComputerName: RYUK1337-PC
14:04:22.0392 3916 UserName: Ryuk1337
14:04:22.0392 3916 Windows directory: C:\Windows
14:04:22.0392 3916 System windows directory: C:\Windows
14:04:22.0392 3916 Running under WOW64
14:04:22.0392 3916 Processor architecture: Intel x64
14:04:22.0392 3916 Number of processors: 3
14:04:22.0392 3916 Page size: 0x1000
14:04:22.0392 3916 Boot type: Normal boot
14:04:22.0392 3916 ============================================================
14:04:24.0220 3916 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:04:24.0220 3916 Drive \Device\Harddisk1\DR1 - Size: 0x1E6C60000 (7.61 Gb), SectorSize: 0x200, Cylinders: 0x3E0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:04:24.0220 3916 Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:04:24.0236 3916 ============================================================
14:04:24.0236 3916 \Device\Harddisk0\DR0:
14:04:24.0236 3916 MBR partitions:
14:04:24.0236 3916 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A380D41
14:04:24.0236 3916 \Device\Harddisk1\DR1:
14:04:24.0236 3916 MBR partitions:
14:04:24.0236 3916 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x800, BlocksNum 0xF35800
14:04:24.0236 3916 \Device\Harddisk2\DR2:
14:04:24.0236 3916 MBR partitions:
14:04:24.0236 3916 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x747059C1
14:04:24.0236 3916 ============================================================
14:04:24.0267 3916 C: <-> \Device\Harddisk0\DR0\Partition1
14:04:24.0283 3916 F: <-> \Device\Harddisk2\DR2\Partition1
14:04:24.0283 3916 ============================================================
14:04:24.0283 3916 Initialize success
14:04:24.0283 3916 ============================================================
14:05:58.0064 0328 ============================================================
14:05:58.0064 0328 Scan started
14:05:58.0064 0328 Mode: Manual;
14:05:58.0064 0328 ============================================================
14:05:59.0095 0328 ================ Scan system memory ========================
14:05:59.0095 0328 System memory - ok
14:05:59.0095 0328 ================ Scan services =============================
14:05:59.0251 0328 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
14:05:59.0251 0328 1394ohci - ok
14:05:59.0298 0328 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
14:05:59.0314 0328 ACPI - ok
14:05:59.0330 0328 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
14:05:59.0330 0328 AcpiPmi - ok
14:05:59.0423 0328 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:05:59.0439 0328 AdobeFlashPlayerUpdateSvc - ok
14:05:59.0486 0328 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
14:05:59.0486 0328 adp94xx - ok
14:05:59.0501 0328 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
14:05:59.0517 0328 adpahci - ok
14:05:59.0533 0328 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
14:05:59.0548 0328 adpu320 - ok
14:05:59.0564 0328 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:05:59.0564 0328 AeLookupSvc - ok
14:05:59.0595 0328 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
14:05:59.0611 0328 AFD - ok
14:05:59.0626 0328 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
14:05:59.0642 0328 agp440 - ok
14:05:59.0658 0328 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
14:05:59.0673 0328 ALG - ok
14:05:59.0673 0328 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
14:05:59.0673 0328 aliide - ok
14:05:59.0783 0328 ALSysIO - ok
14:05:59.0798 0328 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
14:05:59.0798 0328 amdide - ok
14:05:59.0798 0328 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:05:59.0814 0328 AmdK8 - ok
14:05:59.0845 0328 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:05:59.0845 0328 AmdPPM - ok
14:05:59.0861 0328 [ 7A4B413614C055935567CF88A9734D38 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
14:05:59.0861 0328 amdsata - ok
14:05:59.0876 0328 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
14:05:59.0876 0328 amdsbs - ok
14:05:59.0892 0328 [ B4AD0CACBAB298671DD6F6EF7E20679D ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
14:05:59.0908 0328 amdxata - ok
14:05:59.0986 0328 [ 07194A09DC27C99A2474251DE27F6E17 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
14:06:00.0017 0328 AntiVirSchedulerService - ok
14:06:00.0033 0328 [ F0964ECD283591E7686AF912298B9F39 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
14:06:00.0048 0328 AntiVirService - ok
14:06:00.0080 0328 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
14:06:00.0080 0328 AppID - ok
14:06:00.0111 0328 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:06:00.0111 0328 AppIDSvc - ok
14:06:00.0126 0328 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
14:06:00.0126 0328 Appinfo - ok
14:06:00.0173 0328 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
14:06:00.0173 0328 AppMgmt - ok
14:06:00.0205 0328 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
14:06:00.0205 0328 arc - ok
14:06:00.0220 0328 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
14:06:00.0220 0328 arcsas - ok
14:06:00.0345 0328 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:06:00.0361 0328 aspnet_state - ok
14:06:00.0376 0328 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:06:00.0376 0328 AsyncMac - ok
14:06:00.0392 0328 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
14:06:00.0392 0328 atapi - ok
14:06:00.0455 0328 [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
14:06:00.0455 0328 AtiPcie - ok
14:06:00.0501 0328 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:06:00.0517 0328 AudioEndpointBuilder - ok
14:06:00.0517 0328 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:06:00.0533 0328 AudioSrv - ok
14:06:00.0580 0328 [ 58AEE8F9E26595ADEB6F008FBB0D6174 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
14:06:00.0595 0328 avgntflt - ok
14:06:00.0595 0328 [ 37D3D3D28B107BCBC1C0137FF31AE480 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
14:06:00.0611 0328 avipbb - ok
14:06:00.0626 0328 [ CD0E732347BF09717E0BDDC0C66699AB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
14:06:00.0626 0328 avkmgr - ok
14:06:00.0658 0328 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:06:00.0658 0328 AxInstSV - ok
14:06:00.0689 0328 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
14:06:00.0705 0328 b06bdrv - ok
14:06:00.0720 0328 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:06:00.0720 0328 b57nd60a - ok
14:06:00.0751 0328 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
14:06:00.0751 0328 BDESVC - ok
14:06:00.0767 0328 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
14:06:00.0783 0328 Beep - ok
14:06:00.0814 0328 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
14:06:00.0830 0328 BFE - ok
14:06:00.0861 0328 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\System32\qmgr.dll
14:06:00.0892 0328 BITS - ok
14:06:00.0908 0328 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:06:00.0923 0328 blbdrive - ok
14:06:00.0939 0328 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:06:00.0939 0328 bowser - ok
14:06:00.0955 0328 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:06:00.0955 0328 BrFiltLo - ok
14:06:00.0955 0328 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:06:00.0955 0328 BrFiltUp - ok
14:06:00.0986 0328 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\Windows\System32\browser.dll
14:06:00.0986 0328 Browser - ok
14:06:01.0017 0328 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:06:01.0017 0328 Brserid - ok
14:06:01.0033 0328 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:06:01.0033 0328 BrSerWdm - ok
14:06:01.0033 0328 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:06:01.0033 0328 BrUsbMdm - ok
14:06:01.0048 0328 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:06:01.0048 0328 BrUsbSer - ok
14:06:01.0048 0328 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:06:01.0064 0328 BTHMODEM - ok
14:06:01.0064 0328 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
14:06:01.0080 0328 bthserv - ok
14:06:01.0095 0328 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:06:01.0095 0328 cdfs - ok
14:06:01.0111 0328 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:06:01.0126 0328 cdrom - ok
14:06:01.0158 0328 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
14:06:01.0158 0328 CertPropSvc - ok
14:06:01.0189 0328 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
14:06:01.0189 0328 circlass - ok
14:06:01.0205 0328 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
14:06:01.0220 0328 CLFS - ok
14:06:01.0330 0328 [ 2454CF8626B183D023D47FEEB17285B5 ] CLHNServiceForPowerDVD12 C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
14:06:01.0330 0328 CLHNServiceForPowerDVD12 - ok
14:06:01.0408 0328 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:06:01.0423 0328 clr_optimization_v2.0.50727_32 - ok
14:06:01.0470 0328 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:06:01.0486 0328 clr_optimization_v2.0.50727_64 - ok
14:06:01.0548 0328 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:06:01.0580 0328 clr_optimization_v4.0.30319_32 - ok
14:06:01.0595 0328 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:06:01.0595 0328 clr_optimization_v4.0.30319_64 - ok
14:06:01.0642 0328 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:06:01.0642 0328 CmBatt - ok
14:06:01.0658 0328 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
14:06:01.0658 0328 cmdide - ok
14:06:01.0705 0328 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\Windows\system32\Drivers\cng.sys
14:06:01.0720 0328 CNG - ok
14:06:01.0736 0328 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:06:01.0736 0328 Compbatt - ok
14:06:01.0751 0328 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
14:06:01.0767 0328 CompositeBus - ok
14:06:01.0783 0328 COMSysApp - ok
14:06:01.0783 0328 cpuz130 - ok
14:06:01.0798 0328 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
14:06:01.0798 0328 crcdisk - ok
14:06:01.0845 0328 [ F02786B66375292E58C8777082D4396D ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:06:01.0845 0328 CryptSvc - ok
14:06:01.0861 0328 [ 4A6173C2279B498CD8F57CAE504564CB ] CSC C:\Windows\system32\drivers\csc.sys
14:06:01.0876 0328 CSC - ok
14:06:01.0923 0328 [ 873FBF927C06E5CEE04DEC617502F8FD ] CscService C:\Windows\System32\cscsvc.dll
14:06:01.0939 0328 CscService - ok
14:06:01.0986 0328 [ D392F813979EC80EFA16A79EEEAAC8AF ] CyberLink PowerDVD 12 Media Server Monitor Service C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
14:06:01.0986 0328 CyberLink PowerDVD 12 Media Server Monitor Service - ok
14:06:02.0001 0328 [ F5E32A49478A509EB8215171D8E187BC ] CyberLink PowerDVD 12 Media Server Service C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
14:06:02.0017 0328 CyberLink PowerDVD 12 Media Server Service - ok
14:06:02.0048 0328 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:06:02.0048 0328 DcomLaunch - ok
14:06:02.0080 0328 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
14:06:02.0080 0328 defragsvc - ok
14:06:02.0126 0328 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:06:02.0142 0328 DfsC - ok
14:06:02.0158 0328 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
14:06:02.0173 0328 Dhcp - ok
14:06:02.0205 0328 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
14:06:02.0205 0328 discache - ok
14:06:02.0236 0328 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
14:06:02.0236 0328 Disk - ok
14:06:02.0267 0328 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:06:02.0283 0328 Dnscache - ok
14:06:02.0314 0328 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
14:06:02.0330 0328 dot3svc - ok
14:06:02.0345 0328 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
14:06:02.0345 0328 DPS - ok
14:06:02.0376 0328 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:06:02.0376 0328 drmkaud - ok
14:06:02.0408 0328 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
14:06:02.0408 0328 dtsoftbus01 - ok
14:06:02.0439 0328 [ EBCE0B0924835F635F620D19F0529DCE ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:06:02.0455 0328 DXGKrnl - ok
14:06:02.0470 0328 [ EDC6E9C057C9D7F83EEA22B4CEF5DCAD ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
14:06:02.0486 0328 E1G60 - ok
14:06:02.0501 0328 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
14:06:02.0501 0328 EapHost - ok
14:06:02.0564 0328 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
14:06:02.0595 0328 ebdrv - ok
14:06:02.0642 0328 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe
14:06:02.0642 0328 EFS - ok
14:06:02.0720 0328 [ B91D81B3B54A54CCAFC03733DBC2E29E ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:06:02.0736 0328 ehRecvr - ok
14:06:02.0736 0328 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
14:06:02.0751 0328 ehSched - ok
14:06:02.0798 0328 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
14:06:02.0814 0328 elxstor - ok
14:06:02.0830 0328 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
14:06:02.0830 0328 ErrDev - ok
14:06:02.0861 0328 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
14:06:02.0876 0328 EventSystem - ok
14:06:02.0908 0328 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
14:06:02.0908 0328 exfat - ok
14:06:02.0939 0328 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:06:02.0939 0328 fastfat - ok
14:06:02.0986 0328 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
14:06:03.0001 0328 Fax - ok
14:06:03.0017 0328 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:06:03.0017 0328 fdc - ok
14:06:03.0048 0328 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
14:06:03.0048 0328 fdPHost - ok
14:06:03.0064 0328 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
14:06:03.0064 0328 FDResPub - ok
14:06:03.0080 0328 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:06:03.0095 0328 FileInfo - ok
14:06:03.0095 0328 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:06:03.0111 0328 Filetrace - ok
14:06:03.0111 0328 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:06:03.0126 0328 flpydisk - ok
14:06:03.0142 0328 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:06:03.0142 0328 FltMgr - ok
14:06:03.0173 0328 [ 8AC4CB4EA61E41009FAE9AE7B2B5DA3A ] FontCache C:\Windows\system32\FntCache.dll
14:06:03.0205 0328 FontCache - ok
14:06:03.0236 0328 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:06:03.0251 0328 FontCache3.0.0.0 - ok
14:06:03.0267 0328 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:06:03.0267 0328 FsDepends - ok
14:06:03.0298 0328 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:06:03.0298 0328 Fs_Rec - ok
14:06:03.0314 0328 [ B8B2A6E1558F8F5DE5CE431C5B2C7B09 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:06:03.0330 0328 fvevol - ok
14:06:03.0361 0328 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
14:06:03.0361 0328 gagp30kx - ok
14:06:03.0423 0328 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
14:06:03.0439 0328 gpsvc - ok
14:06:03.0486 0328 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
14:06:03.0486 0328 hamachi - ok
14:06:03.0501 0328 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:06:03.0517 0328 hcw85cir - ok
14:06:03.0564 0328 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:06:03.0564 0328 HdAudAddService - ok
14:06:03.0611 0328 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:06:03.0611 0328 HDAudBus - ok
14:06:03.0611 0328 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
14:06:03.0626 0328 HidBatt - ok
14:06:03.0626 0328 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
14:06:03.0642 0328 HidBth - ok
14:06:03.0642 0328 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
14:06:03.0658 0328 HidIr - ok
14:06:03.0673 0328 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
14:06:03.0673 0328 hidserv - ok
14:06:03.0689 0328 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:06:03.0705 0328 HidUsb - ok
14:06:03.0720 0328 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:06:03.0720 0328 hkmsvc - ok
14:06:03.0736 0328 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:06:03.0751 0328 HomeGroupListener - ok
14:06:03.0783 0328 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:06:03.0783 0328 HomeGroupProvider - ok
14:06:03.0798 0328 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
14:06:03.0814 0328 HpSAMD - ok
14:06:03.0830 0328 [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
14:06:03.0830 0328 HTCAND64 - ok
14:06:03.0892 0328 [ B8B1B284362E1D8135112573395D5DA5 ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
14:06:03.0892 0328 htcnprot - ok
14:06:03.0923 0328 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:06:03.0939 0328 HTTP - ok
14:06:03.0955 0328 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:06:03.0955 0328 hwpolicy - ok
14:06:03.0970 0328 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
14:06:03.0970 0328 i8042prt - ok
14:06:04.0001 0328 [ D83EFB6FD45DF9D55E9A1AFC63640D50 ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
14:06:04.0001 0328 iaStorV - ok
14:06:04.0064 0328 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:06:04.0080 0328 idsvc - ok
14:06:04.0095 0328 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
14:06:04.0111 0328 iirsp - ok
14:06:04.0126 0328 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
14:06:04.0158 0328 IKEEXT - ok
14:06:04.0158 0328 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
14:06:04.0158 0328 intelide - ok
14:06:04.0205 0328 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:06:04.0205 0328 intelppm - ok
14:06:04.0220 0328 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:06:04.0236 0328 IPBusEnum - ok
14:06:04.0236 0328 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:06:04.0236 0328 IpFilterDriver - ok
14:06:04.0267 0328 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:06:04.0283 0328 iphlpsvc - ok
14:06:04.0283 0328 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
14:06:04.0298 0328 IPMIDRV - ok
14:06:04.0298 0328 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:06:04.0314 0328 IPNAT - ok
14:06:04.0345 0328 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:06:04.0361 0328 IRENUM - ok
14:06:04.0376 0328 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
14:06:04.0392 0328 isapnp - ok
14:06:04.0423 0328 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
14:06:04.0423 0328 iScsiPrt - ok
14:06:04.0455 0328 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:06:04.0455 0328 kbdclass - ok
14:06:04.0470 0328 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:06:04.0486 0328 kbdhid - ok
14:06:04.0501 0328 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe
14:06:04.0501 0328 KeyIso - ok
14:06:04.0533 0328 [ 07071C1E3CD8F0F9114AAC8B072CA1E5 ] KMWDFILTER C:\Windows\system32\DRIVERS\KMWDFILTER.sys
14:06:04.0533 0328 KMWDFILTER - ok
14:06:04.0564 0328 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:06:04.0580 0328 KSecDD - ok
14:06:04.0611 0328 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:06:04.0611 0328 KSecPkg - ok
14:06:04.0626 0328 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:06:04.0626 0328 ksthunk - ok
14:06:04.0658 0328 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
14:06:04.0673 0328 KtmRm - ok
14:06:04.0705 0328 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:06:04.0720 0328 LanmanServer - ok
14:06:04.0736 0328 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:06:04.0751 0328 LanmanWorkstation - ok
14:06:04.0783 0328 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:06:04.0798 0328 lltdio - ok
14:06:04.0814 0328 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:06:04.0830 0328 lltdsvc - ok
14:06:04.0861 0328 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:06:04.0861 0328 lmhosts - ok
14:06:04.0892 0328 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
14:06:04.0892 0328 LSI_FC - ok
14:06:04.0908 0328 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
14:06:04.0923 0328 LSI_SAS - ok
14:06:04.0939 0328 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:06:04.0939 0328 LSI_SAS2 - ok
14:06:04.0955 0328 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:06:04.0970 0328 LSI_SCSI - ok
14:06:04.0986 0328 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
14:06:04.0986 0328 luafv - ok
14:06:05.0064 0328 [ B3B7C5F26F3F8C7992350B7EDE64F5C9 ] Magic Tune C:\Windows\system32\Drivers\MtiCtwl.sys
14:06:05.0064 0328 Magic Tune - ok
14:06:05.0111 0328 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
14:06:05.0111 0328 MBAMProtector - ok
14:06:05.0142 0328 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
14:06:05.0142 0328 MBAMScheduler - ok
14:06:05.0173 0328 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
14:06:05.0189 0328 MBAMService - ok
14:06:05.0220 0328 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:06:05.0236 0328 Mcx2Svc - ok
14:06:05.0236 0328 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
14:06:05.0251 0328 megasas - ok
14:06:05.0267 0328 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
14:06:05.0267 0328 MegaSR - ok
14:06:05.0298 0328 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
14:06:05.0314 0328 MMCSS - ok
14:06:05.0314 0328 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
14:06:05.0330 0328 Modem - ok
14:06:05.0345 0328 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:06:05.0345 0328 monitor - ok
14:06:05.0376 0328 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:06:05.0376 0328 mouclass - ok
14:06:05.0392 0328 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:06:05.0392 0328 mouhid - ok
14:06:05.0439 0328 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:06:05.0439 0328 mountmgr - ok
14:06:05.0455 0328 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
14:06:05.0470 0328 mpio - ok
14:06:05.0486 0328 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:06:05.0486 0328 mpsdrv - ok
14:06:05.0517 0328 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:06:05.0533 0328 MpsSvc - ok
14:06:05.0548 0328 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:06:05.0564 0328 MRxDAV - ok
14:06:05.0595 0328 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:06:05.0595 0328 mrxsmb - ok
14:06:05.0626 0328 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:06:05.0626 0328 mrxsmb10 - ok
14:06:05.0658 0328 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:06:05.0658 0328 mrxsmb20 - ok
14:06:05.0673 0328 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
14:06:05.0673 0328 msahci - ok
14:06:05.0689 0328 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
14:06:05.0705 0328 msdsm - ok
14:06:05.0720 0328 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
14:06:05.0736 0328 MSDTC - ok
14:06:05.0751 0328 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:06:05.0767 0328 Msfs - ok
14:06:05.0783 0328 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:06:05.0783 0328 mshidkmdf - ok
14:06:05.0798 0328 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
14:06:05.0798 0328 msisadrv - ok
14:06:05.0845 0328 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:06:05.0845 0328 MSiSCSI - ok
14:06:05.0845 0328 msiserver - ok
14:06:05.0876 0328 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:06:05.0876 0328 MSKSSRV - ok
14:06:05.0892 0328 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:06:05.0892 0328 MSPCLOCK - ok
14:06:05.0908 0328 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:06:05.0908 0328 MSPQM - ok
14:06:05.0923 0328 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:06:05.0939 0328 MsRPC - ok
14:06:05.0955 0328 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
14:06:05.0955 0328 mssmbios - ok
14:06:05.0970 0328 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:06:05.0970 0328 MSTEE - ok
14:06:05.0986 0328 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
14:06:05.0986 0328 MTConfig - ok
14:06:06.0017 0328 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
14:06:06.0017 0328 Mup - ok
14:06:06.0048 0328 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
14:06:06.0048 0328 napagent - ok
14:06:06.0064 0328 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:06:06.0080 0328 NativeWifiP - ok
14:06:06.0111 0328 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
14:06:06.0126 0328 NDIS - ok
14:06:06.0158 0328 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:06:06.0158 0328 NdisCap - ok
14:06:06.0189 0328 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:06:06.0189 0328 NdisTapi - ok
14:06:06.0220 0328 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:06:06.0220 0328 Ndisuio - ok
14:06:06.0236 0328 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:06:06.0236 0328 NdisWan - ok
14:06:06.0267 0328 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:06:06.0267 0328 NDProxy - ok
14:06:06.0283 0328 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:06:06.0298 0328 NetBIOS - ok
14:06:06.0314 0328 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:06:06.0314 0328 NetBT - ok
14:06:06.0330 0328 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\Windows\system32\lsass.exe
14:06:06.0330 0328 Netlogon - ok
14:06:06.0361 0328 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
14:06:06.0361 0328 Netman - ok
14:06:06.0408 0328 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:06:06.0439 0328 NetMsmqActivator - ok
14:06:06.0455 0328 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:06:06.0455 0328 NetPipeActivator - ok
14:06:06.0470 0328 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
14:06:06.0486 0328 netprofm - ok
14:06:06.0533 0328 [ EED1FBDE98CF5F6D5C0C5B27AB1F68EC ] netr28ux C:\Windows\system32\DRIVERS\netr28ux.sys
14:06:06.0564 0328 netr28ux - ok
14:06:06.0564 0328 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:06:06.0580 0328 NetTcpActivator - ok
14:06:06.0580 0328 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:06:06.0580 0328 NetTcpPortSharing - ok
14:06:06.0595 0328 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
14:06:06.0595 0328 nfrd960 - ok
14:06:06.0626 0328 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:06:06.0626 0328 NlaSvc - ok
14:06:06.0658 0328 NLNdisMP - ok
14:06:06.0689 0328 NLNdisPT - ok
14:06:06.0705 0328 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:06:06.0705 0328 Npfs - ok
14:06:06.0736 0328 npggsvc - ok
14:06:06.0751 0328 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
14:06:06.0751 0328 nsi - ok
14:06:06.0767 0328 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:06:06.0767 0328 nsiproxy - ok
14:06:06.0814 0328 [ 356698A13C4630D5B31C37378D469196 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:06:06.0845 0328 Ntfs - ok
14:06:06.0876 0328 [ EAAC965642EF5F818AED508CADF83E4B ] ntk_PowerDVD12 C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys
14:06:06.0892 0328 ntk_PowerDVD12 - ok
14:06:06.0892 0328 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
14:06:06.0908 0328 Null - ok
14:06:06.0939 0328 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
14:06:06.0955 0328 NVHDA - ok
14:06:07.0173 0328 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:06:07.0251 0328 nvlddmkm - ok
14:06:07.0267 0328 [ 3E38712941E9BB4DDBEE00AFFE3FED3D ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
14:06:07.0267 0328 nvraid - ok
14:06:07.0298 0328 [ 477DC4D6DEB99BE37084C9AC6D013DA1 ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
14:06:07.0314 0328 nvstor - ok
14:06:07.0345 0328 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe
14:06:07.0376 0328 nvsvc - ok
14:06:07.0439 0328 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
14:06:07.0470 0328 nvUpdatusService - ok
14:06:07.0501 0328 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
14:06:07.0501 0328 nv_agp - ok
14:06:07.0533 0328 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
14:06:07.0533 0328 ohci1394 - ok
14:06:07.0564 0328 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:06:07.0580 0328 p2pimsvc - ok
14:06:07.0611 0328 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
14:06:07.0611 0328 p2psvc - ok
14:06:07.0642 0328 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:06:07.0642 0328 Parport - ok
14:06:07.0673 0328 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:06:07.0689 0328 partmgr - ok
14:06:07.0736 0328 [ AFADA8B97BE3C9398DC6C770409C3544 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
14:06:07.0751 0328 PassThru Service - ok
14:06:07.0767 0328 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:06:07.0767 0328 PcaSvc - ok
14:06:07.0798 0328 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
14:06:07.0798 0328 pci - ok
14:06:07.0814 0328 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
14:06:07.0814 0328 pciide - ok
14:06:07.0830 0328 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
14:06:07.0845 0328 pcmcia - ok
14:06:07.0861 0328 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
14:06:07.0876 0328 pcw - ok
14:06:07.0908 0328 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:06:07.0923 0328 PEAUTH - ok
14:06:07.0955 0328 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
14:06:07.0986 0328 PeerDistSvc - ok
14:06:08.0080 0328 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:06:08.0080 0328 PerfHost - ok
14:06:08.0111 0328 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
14:06:08.0142 0328 pla - ok
14:06:08.0189 0328 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:06:08.0205 0328 PlugPlay - ok
14:06:08.0220 0328 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:06:08.0220 0328 PNRPAutoReg - ok
14:06:08.0236 0328 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:06:08.0236 0328 PNRPsvc - ok
14:06:08.0267 0328 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:06:08.0267 0328 PolicyAgent - ok
14:06:08.0298 0328 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
14:06:08.0314 0328 Power - ok
14:06:08.0361 0328 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:06:08.0361 0328 PptpMiniport - ok
14:06:08.0392 0328 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
14:06:08.0392 0328 Processor - ok
14:06:08.0423 0328 [ F381975E1F4346DE875CB07339CE8D3A ] ProfSvc C:\Windows\system32\profsvc.dll
14:06:08.0423 0328 ProfSvc - ok
14:06:08.0455 0328 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:06:08.0455 0328 ProtectedStorage - ok
14:06:08.0470 0328 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:06:08.0486 0328 Psched - ok
14:06:08.0517 0328 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
14:06:08.0533 0328 ql2300 - ok
14:06:08.0564 0328 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
14:06:08.0580 0328 ql40xx - ok
14:06:08.0595 0328 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
14:06:08.0611 0328 QWAVE - ok
14:06:08.0611 0328 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:06:08.0611 0328 QWAVEdrv - ok
14:06:08.0642 0328 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:06:08.0642 0328 RasAcd - ok
14:06:08.0673 0328 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:06:08.0673 0328 RasAgileVpn - ok
14:06:08.0705 0328 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
14:06:08.0705 0328 RasAuto - ok
14:06:08.0705 0328 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:06:08.0720 0328 Rasl2tp - ok
14:06:08.0736 0328 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
14:06:08.0751 0328 RasMan - ok
14:06:08.0767 0328 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:06:08.0767 0328 RasPppoe - ok
14:06:08.0798 0328 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:06:08.0798 0328 RasSstp - ok
14:06:08.0814 0328 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:06:08.0830 0328 rdbss - ok
14:06:08.0830 0328 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:06:08.0830 0328 rdpbus - ok
14:06:08.0861 0328 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:06:08.0861 0328 RDPCDD - ok
14:06:08.0876 0328 [ 9706B84DBABFC4B4CA46C5A82B14DFA3 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
14:06:08.0892 0328 RDPDR - ok
14:06:08.0908 0328 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:06:08.0908 0328 RDPENCDD - ok
14:06:08.0923 0328 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:06:08.0923 0328 RDPREFMP - ok
14:06:08.0955 0328 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:06:08.0955 0328 RDPWD - ok
14:06:08.0986 0328 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:06:08.0986 0328 rdyboost - ok
14:06:09.0017 0328 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:06:09.0033 0328 RemoteAccess - ok
14:06:09.0048 0328 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:06:09.0048 0328 RemoteRegistry - ok
14:06:09.0064 0328 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:06:09.0080 0328 RpcEptMapper - ok
14:06:09.0095 0328 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
14:06:09.0095 0328 RpcLocator - ok
14:06:09.0126 0328 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
14:06:09.0126 0328 RpcSs - ok
14:06:09.0142 0328 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:06:09.0142 0328 rspndr - ok
14:06:09.0205 0328 [ BAEFEE35D27A5440D35092CE10267BEC ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
14:06:09.0205 0328 RTL8167 - ok
14:06:09.0236 0328 [ 88AF6E02AB19DF7FD07ECDF9C91E9AF6 ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys
14:06:09.0236 0328 s3cap - ok
14:06:09.0251 0328 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\Windows\system32\lsass.exe
14:06:09.0251 0328 SamSs - ok
14:06:09.0283 0328 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
14:06:09.0283 0328 sbp2port - ok
14:06:09.0314 0328 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:06:09.0314 0328 SCardSvr - ok
14:06:09.0330 0328 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:06:09.0330 0328 scfilter - ok
14:06:09.0361 0328 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
14:06:09.0392 0328 Schedule - ok
14:06:09.0423 0328 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:06:09.0423 0328 SCPolicySvc - ok
14:06:09.0439 0328 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:06:09.0455 0328 SDRSVC - ok
14:06:09.0470 0328 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:06:09.0486 0328 secdrv - ok
14:06:09.0501 0328 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
14:06:09.0501 0328 seclogon - ok
14:06:09.0517 0328 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
14:06:09.0533 0328 SENS - ok
14:06:09.0533 0328 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:06:09.0548 0328 SensrSvc - ok
14:06:09.0595 0328 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:06:09.0595 0328 Serenum - ok
14:06:09.0611 0328 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:06:09.0626 0328 Serial - ok
14:06:09.0626 0328 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
14:06:09.0642 0328 sermouse - ok
14:06:09.0658 0328 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
14:06:09.0673 0328 SessionEnv - ok
14:06:09.0689 0328 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
14:06:09.0689 0328 sffdisk - ok
14:06:09.0689 0328 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
14:06:09.0705 0328 sffp_mmc - ok
14:06:09.0705 0328 [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
14:06:09.0705 0328 sffp_sd - ok
14:06:09.0705 0328 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
14:06:09.0705 0328 sfloppy - ok
14:06:09.0736 0328 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:06:09.0751 0328 SharedAccess - ok
14:06:09.0767 0328 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:06:09.0783 0328 ShellHWDetection - ok
14:06:09.0798 0328 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:06:09.0798 0328 SiSRaid2 - ok
14:06:09.0814 0328 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
14:06:09.0814 0328 SiSRaid4 - ok
14:06:09.0845 0328 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:06:09.0845 0328 Smb - ok
14:06:09.0861 0328 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:06:09.0876 0328 SNMPTRAP - ok
14:06:09.0876 0328 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
14:06:09.0892 0328 spldr - ok
14:06:09.0908 0328 [ F8E1FA03CB70D54A9892AC88B91D1E7B ] Spooler C:\Windows\System32\spoolsv.exe
14:06:09.0923 0328 Spooler - ok
14:06:09.0986 0328 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
14:06:10.0033 0328 sppsvc - ok
14:06:10.0048 0328 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:06:10.0064 0328 sppuinotify - ok
14:06:10.0095 0328 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
14:06:10.0111 0328 srv - ok
14:06:10.0142 0328 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:06:10.0142 0328 srv2 - ok
14:06:10.0158 0328 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:06:10.0173 0328 srvnet - ok
14:06:10.0205 0328 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:06:10.0205 0328 SSDPSRV - ok
14:06:10.0236 0328 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:06:10.0236 0328 SstpSvc - ok
14:06:10.0283 0328 Steam Client Service - ok
14:06:10.0345 0328 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
14:06:10.0361 0328 Stereo Service - ok
14:06:10.0392 0328 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
14:06:10.0392 0328 stexstor - ok
14:06:10.0439 0328 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
14:06:10.0455 0328 stisvc - ok
14:06:10.0486 0328 [ FFD7A6F15B14234B5B0E5D49E7961895 ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
14:06:10.0486 0328 storflt - ok
14:06:10.0517 0328 [ 8FCCBEFC5C440B3C23454656E551B09A ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys
14:06:10.0517 0328 storvsc - ok
14:06:10.0533 0328 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
14:06:10.0533 0328 swenum - ok
14:06:10.0564 0328 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
14:06:10.0580 0328 swprv - ok
14:06:10.0626 0328 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
14:06:10.0642 0328 SysMain - ok
14:06:10.0658 0328 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:06:10.0658 0328 TabletInputService - ok
14:06:10.0689 0328 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
14:06:10.0689 0328 TapiSrv - ok
14:06:10.0705 0328 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
14:06:10.0720 0328 TBS - ok
14:06:10.0767 0328 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:06:10.0798 0328 Tcpip - ok
14:06:10.0830 0328 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:06:10.0845 0328 TCPIP6 - ok
14:06:10.0876 0328 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:06:10.0876 0328 tcpipreg - ok
14:06:10.0908 0328 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:06:10.0908 0328 TDPIPE - ok
14:06:10.0923 0328 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:06:10.0939 0328 TDTCP - ok
14:06:10.0970 0328 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:06:10.0970 0328 tdx - ok
14:06:10.0986 0328 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
14:06:10.0986 0328 TermDD - ok
14:06:11.0017 0328 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
14:06:11.0033 0328 TermService - ok
14:06:11.0048 0328 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
14:06:11.0048 0328 Themes - ok
14:06:11.0080 0328 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
14:06:11.0080 0328 THREADORDER - ok
14:06:11.0111 0328 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
14:06:11.0111 0328 TrkWks - ok
14:06:11.0158 0328 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:06:11.0173 0328 TrustedInstaller - ok
14:06:11.0189 0328 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:06:11.0189 0328 tssecsrv - ok
14:06:11.0220 0328 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:06:11.0220 0328 tunnel - ok
14:06:11.0236 0328 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
14:06:11.0251 0328 uagp35 - ok
14:06:11.0267 0328 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:06:11.0283 0328 udfs - ok
14:06:11.0298 0328 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:06:11.0298 0328 UI0Detect - ok
14:06:11.0345 0328 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
14:06:11.0345 0328 uliagpkx - ok
14:06:11.0361 0328 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:06:11.0376 0328 umbus - ok
14:06:11.0392 0328 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
14:06:11.0392 0328 UmPass - ok
14:06:11.0423 0328 [ AF0AC98EE5077EB844413EB54287FDE3 ] UmRdpService C:\Windows\System32\umrdp.dll
14:06:11.0423 0328 UmRdpService - ok
14:06:11.0455 0328 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
14:06:11.0470 0328 upnphost - ok
14:06:11.0548 0328 [ 77B01BC848298223A95D4EC23E1785A1 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
14:06:11.0548 0328 usbaudio - ok
14:06:11.0580 0328 [ B26AFB54A534D634523C4FB66765B026 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:06:11.0595 0328 usbccgp - ok
14:06:11.0611 0328 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
14:06:11.0611 0328 usbcir - ok
14:06:11.0642 0328 [ 2EA4AFF7BE7EB4632E3AA8595B0803B5 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:06:11.0642 0328 usbehci - ok
14:06:11.0673 0328 [ 4C9042B8DF86C1E8E6240C218B99B39B ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:06:11.0673 0328 usbhub - ok
14:06:11.0689 0328 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
14:06:11.0705 0328 usbohci - ok
14:06:11.0720 0328 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:06:11.0720 0328 usbprint - ok
14:06:11.0736 0328 [ 080D3820DA6C046BE82FC8B45A893E83 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:06:11.0751 0328 USBSTOR - ok
14:06:11.0751 0328 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
14:06:11.0751 0328 usbuhci - ok
14:06:11.0783 0328 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
14:06:11.0783 0328 usb_rndisx - ok
14:06:11.0798 0328 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
14:06:11.0798 0328 UxSms - ok
14:06:11.0814 0328 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\Windows\system32\lsass.exe
14:06:11.0814 0328 VaultSvc - ok
14:06:11.0845 0328 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
14:06:11.0845 0328 vdrvroot - ok
14:06:11.0876 0328 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
14:06:11.0892 0328 vds - ok
14:06:11.0923 0328 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:06:11.0923 0328 vga - ok
14:06:11.0939 0328 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
14:06:11.0939 0328 VgaSave - ok
14:06:11.0970 0328 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
14:06:11.0970 0328 vhdmp - ok
14:06:12.0033 0328 [ 8F69C38A8BA725F891F26AAC8888696E ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
14:06:12.0064 0328 VIAHdAudAddService - ok
14:06:12.0080 0328 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
14:06:12.0080 0328 viaide - ok
14:06:12.0111 0328 [ 1236737C7993FB462610E1A0AA92C40B ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
14:06:12.0126 0328 VIAKaraokeService - ok
14:06:12.0142 0328 [ 1501699D7EDA984ABC4155A7DA5738D1 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys
14:06:12.0142 0328 vmbus - ok
14:06:12.0158 0328 [ AE10C35761889E65A6F7176937C5592C ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys
14:06:12.0158 0328 VMBusHID - ok
14:06:12.0189 0328 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
14:06:12.0189 0328 volmgr - ok
14:06:12.0205 0328 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:06:12.0220 0328 volmgrx - ok
14:06:12.0251 0328 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
14:06:12.0251 0328 volsnap - ok
14:06:12.0283 0328 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
14:06:12.0298 0328 vsmraid - ok
14:06:12.0345 0328 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
14:06:12.0361 0328 VSS - ok
14:06:12.0376 0328 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
14:06:12.0376 0328 vwifibus - ok
14:06:12.0392 0328 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:06:12.0408 0328 vwififlt - ok
14:06:12.0408 0328 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
14:06:12.0423 0328 W32Time - ok
14:06:12.0439 0328 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
14:06:12.0455 0328 WacomPen - ok
14:06:12.0486 0328 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:06:12.0486 0328 WANARP - ok
14:06:12.0486 0328 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:06:12.0486 0328 Wanarpv6 - ok
14:06:12.0517 0328 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
14:06:12.0548 0328 wbengine - ok
14:06:12.0564 0328 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:06:12.0580 0328 WbioSrvc - ok
14:06:12.0595 0328 [ 8321C2CA3B62B61B293CDA3451984468 ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:06:12.0611 0328 wcncsvc - ok
14:06:12.0626 0328 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:06:12.0642 0328 WcsPlugInService - ok
14:06:12.0658 0328 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
14:06:12.0658 0328 Wd - ok
14:06:12.0689 0328 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:06:12.0705 0328 Wdf01000 - ok
14:06:12.0720 0328 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:06:12.0736 0328 WdiServiceHost - ok
14:06:12.0736 0328 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:06:12.0736 0328 WdiSystemHost - ok
14:06:12.0751 0328 [ 8A438CBB8C032A0C798B0C642FFBE572 ] WebClient C:\Windows\System32\webclnt.dll
14:06:12.0767 0328 WebClient - ok
14:06:12.0783 0328 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:06:12.0798 0328 Wecsvc - ok
14:06:12.0798 0328 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:06:12.0814 0328 wercplsupport - ok
14:06:12.0845 0328 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
14:06:12.0845 0328 WerSvc - ok
14:06:12.0861 0328 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:06:12.0861 0328 WfpLwf - ok
14:06:12.0892 0328 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:06:12.0892 0328 WIMMount - ok
14:06:12.0908 0328 WinDefend - ok
14:06:12.0923 0328 WinHttpAutoProxySvc - ok
14:06:12.0986 0328 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:06:12.0986 0328 Winmgmt - ok
14:06:13.0048 0328 WinRing0_1_2_0 - ok
14:06:13.0111 0328 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
14:06:13.0142 0328 WinRM - ok
14:06:13.0173 0328 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
14:06:13.0189 0328 Wlansvc - ok
14:06:13.0236 0328 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
14:06:13.0236 0328 WmiAcpi - ok
14:06:13.0267 0328 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:06:13.0267 0328 wmiApSrv - ok
14:06:13.0283 0328 WMPNetworkSvc - ok
14:06:13.0283 0328 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:06:13.0298 0328 WPCSvc - ok
14:06:13.0314 0328 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:06:13.0314 0328 WPDBusEnum - ok
14:06:13.0330 0328 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:06:13.0330 0328 ws2ifsl - ok
14:06:13.0345 0328 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
14:06:13.0361 0328 wscsvc - ok
14:06:13.0361 0328 WSearch - ok
14:06:13.0455 0328 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
14:06:13.0486 0328 wuauserv - ok
14:06:13.0501 0328 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:06:13.0517 0328 WudfPf - ok
14:06:13.0533 0328 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:06:13.0533 0328 WUDFRd - ok
14:06:13.0548 0328 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:06:13.0548 0328 wudfsvc - ok
14:06:13.0595 0328 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
14:06:13.0595 0328 WwanSvc - ok
14:06:13.0720 0328 [ 74983ADDCA2D9618512C088D856D6615 ] {329F96B6-DF1E-4328-BFDA-39EA953C1312} C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl
14:06:13.0720 0328 {329F96B6-DF1E-4328-BFDA-39EA953C1312} - ok
14:06:13.0720 0328 [ 74983ADDCA2D9618512C088D856D6615 ] {73526619-C24F-470B-9BED-53D455FBB5C6} C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl
14:06:13.0720 0328 {73526619-C24F-470B-9BED-53D455FBB5C6} - ok
14:06:13.0751 0328 ================ Scan global ===============================
14:06:13.0767 0328 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:06:13.0798 0328 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
14:06:13.0814 0328 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
14:06:13.0845 0328 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:06:13.0861 0328 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:06:13.0876 0328 [Global] - ok
14:06:13.0876 0328 ================ Scan MBR ==================================
14:06:13.0892 0328 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:06:14.0017 0328 \Device\Harddisk0\DR0 - ok
14:06:14.0017 0328 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
14:06:19.0095 0328 \Device\Harddisk1\DR1 - ok
14:06:19.0111 0328 [ 4C54042F5B2569C9DDCF173120D730F9 ] \Device\Harddisk2\DR2
14:06:19.0126 0328 \Device\Harddisk2\DR2 - ok
14:06:19.0126 0328 ================ Scan VBR ==================================
14:06:19.0142 0328 [ 8F9B640488FAF6B6336D22735795E8FC ] \Device\Harddisk0\DR0\Partition1
14:06:19.0142 0328 \Device\Harddisk0\DR0\Partition1 - ok
14:06:19.0142 0328 [ 46BFD139364764B74D99D5D1411A0C37 ] \Device\Harddisk1\DR1\Partition1
14:06:19.0142 0328 \Device\Harddisk1\DR1\Partition1 - ok
14:06:19.0142 0328 [ 5F14C5E8679D77D25968B7AFB20291CF ] \Device\Harddisk2\DR2\Partition1
14:06:19.0142 0328 \Device\Harddisk2\DR2\Partition1 - ok
14:06:19.0142 0328 ============================================================
14:06:19.0142 0328 Scan finished
14:06:19.0142 0328 ============================================================
14:06:19.0158 3788 Detected object count: 0
14:06:19.0158 3788 Actual detected object count: 0
14:06:47.0432 3908 Deinitialize success
|
|
06.12.2012, 14:56
| #11 |
| /// TB-Ausbilder | Pc friert ein Sound verzerrt ! Nein. Schon nach TDDSFilesystem suchen und es dann auch entfernen mit cure oder remove.
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
06.12.2012, 17:55
| #12 |
| | Pc friert ein Sound verzerrt ! Ok hab ich jetzt gemacht  Dann mal vielen Dank für deine Hilfe |
|
06.12.2012, 18:21
| #13 | ||
| /// TB-Ausbilder | Pc friert ein Sound verzerrt ! Wir sind noch lange nicht fertig ... Scan mit Combofix
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
06.12.2012, 19:15
| #14 |
| | Pc friert ein Sound verzerrt ! Leider kann ich die Log Datei nicht finden, finde sie noch nicht mal bei der suche ... aber werden Combofix nochmal durchlaufen lassen und einfach auf dem Desktop abspeichern. Hab sie Code:
ATTFilter ComboFix 12-12-04.01 - Ryuk1337 06.12.2012 19:06:08.2.3 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.49.1031.18.4095.2813 [GMT 1:00]
ausgeführt von:: c:\users\Ryuk1337\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-11-06 bis 2012-12-06 ))))))))))))))))))))))))))))))
.
.
2012-12-06 18:11 . 2012-12-06 18:11 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-12-06 18:11 . 2012-12-06 18:11 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-06 18:11 . 2012-12-06 18:11 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2012-12-06 16:57 . 2012-12-06 16:57 -------- d-----w- C:\TDSSKiller_Quarantine
2012-12-06 10:56 . 2012-12-06 10:56 -------- d-----w- c:\programdata\Kaspersky Lab
2012-12-05 07:11 . 2012-12-05 07:11 -------- d-----w- c:\users\Administrator\AppData\Local\MediaServer
2012-12-05 07:11 . 2012-12-05 07:11 -------- d-----w- c:\users\Administrator\AppData\Roaming\CyberLink
2012-12-05 07:11 . 2012-12-05 07:11 -------- d-----w- c:\users\Administrator\AppData\Local\CyberLink
2012-12-05 06:38 . 2012-12-05 06:38 -------- d-----w- c:\program files (x86)\CyberLink
2012-12-05 02:32 . 2012-12-05 02:32 -------- d-----w- c:\program files\ATI
2012-12-05 02:31 . 2012-12-05 02:31 -------- d-----w- c:\program files\ATI Technologies
2012-12-05 02:31 . 2009-05-04 23:30 16440 ----a-w- c:\windows\system32\drivers\AtiPcie.sys
2012-12-04 07:21 . 2008-11-04 12:12 23096 ----a-w- c:\windows\system32\drivers\MTiCtwl.sys
2012-12-04 07:21 . 2012-12-05 01:26 -------- d-----w- c:\program files\MagicTune Premium
2012-12-04 07:07 . 2012-12-04 07:12 -------- d-----w- C:\Samsung
2012-12-04 04:41 . 2012-12-04 08:56 -------- d-----w- c:\program files (x86)\Stereoscopic Player
2012-12-04 04:06 . 2012-12-04 04:06 -------- d-----w- c:\users\Ryuk1337\AppData\Roaming\Stereoscopic Player
2012-12-02 15:09 . 2012-12-02 15:09 -------- d-----w- c:\program files (x86)\inKline Global
2012-11-30 19:25 . 2012-11-30 19:25 -------- d-----w- c:\program files (x86)\DExUS
2012-11-30 14:13 . 2012-11-30 14:13 -------- d-----w- c:\users\Ryuk1337\AppData\Local\SCE
2012-11-30 14:13 . 2012-11-30 14:13 -------- d-----w- C:\Crash
2012-11-30 14:12 . 2012-11-30 14:12 -------- d-----w- c:\users\Ryuk1337\AppData\Local\Sony Online Entertainment
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-30 16:28 . 2012-09-02 13:49 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-11-30 16:28 . 2012-09-02 13:49 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-11-13 11:51 . 2012-10-22 16:37 98888 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-11-13 11:51 . 2012-10-22 16:37 129216 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-10-18 00:31 . 2012-10-18 00:31 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-10-18 00:31 . 2012-10-18 00:32 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-10-18 00:31 . 2012-10-18 00:32 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-10-02 22:21 . 2012-11-05 13:48 9146728 ----a-w- c:\windows\system32\nvcuda.dll
2012-10-02 22:21 . 2012-11-05 13:48 7697768 ----a-w- c:\windows\SysWow64\nvcuda.dll
2012-10-02 22:21 . 2012-11-05 13:48 6127464 ----a-w- c:\windows\SysWow64\nvopencl.dll
2012-10-02 22:21 . 2012-11-05 13:48 2747240 ----a-w- c:\windows\system32\nvcuvid.dll
2012-10-02 22:21 . 2012-11-05 13:48 26331496 ----a-w- c:\windows\system32\nvoglv64.dll
2012-10-02 22:21 . 2012-11-05 13:48 2574696 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2012-10-02 22:21 . 2012-11-05 13:48 25256296 ----a-w- c:\windows\system32\nvcompiler.dll
2012-10-02 22:21 . 2012-11-05 13:48 19906920 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2012-10-02 22:21 . 2012-11-05 13:48 1867112 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2012-10-02 22:21 . 2012-11-05 13:48 18252136 ----a-w- c:\windows\system32\nvd3dumx.dll
2012-10-02 22:21 . 2012-11-05 13:48 13443944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-10-02 22:21 . 2012-11-05 13:48 831848 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2012-10-02 22:21 . 2012-11-05 13:48 7414632 ----a-w- c:\windows\system32\nvopencl.dll
2012-10-02 22:21 . 2012-11-05 13:48 247144 ----a-w- c:\windows\system32\nvinitx.dll
2012-10-02 22:21 . 2012-11-05 13:48 2428776 ----a-w- c:\windows\SysWow64\nvapi.dll
2012-10-02 22:21 . 2012-11-05 13:48 2218344 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-10-02 22:21 . 2012-11-05 13:48 202600 ----a-w- c:\windows\SysWow64\nvinit.dll
2012-10-02 22:21 . 2012-11-05 13:48 17559912 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2012-10-02 22:21 . 2012-11-05 13:48 12501352 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2012-10-02 22:21 . 2012-09-15 16:33 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll
2012-10-02 22:21 . 2012-07-25 22:27 973672 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-10-02 22:21 . 2012-07-25 22:27 2731880 ----a-w- c:\windows\system32\nvapi64.dll
2012-10-02 22:21 . 2012-07-25 22:27 1760104 ----a-w- c:\windows\system32\nvdispco64.dll
2012-10-02 22:21 . 2012-07-25 22:27 15309160 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2012-10-02 22:21 . 2012-07-25 22:27 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll
2012-10-02 19:51 . 2012-09-06 14:15 3536817 ----a-w- c:\windows\system32\nvcoproc.bin
2012-10-02 19:51 . 2012-07-25 22:28 3293544 ----a-w- c:\windows\system32\nvsvc64.dll
2012-10-02 19:51 . 2012-07-25 22:28 6200680 ----a-w- c:\windows\system32\nvcpl.dll
2012-10-02 19:50 . 2012-07-25 22:28 891240 ----a-w- c:\windows\system32\nvvsvc.exe
2012-10-02 19:50 . 2012-07-25 22:28 63336 ----a-w- c:\windows\system32\nvshext.dll
2012-10-02 19:50 . 2012-07-25 22:28 2557800 ----a-w- c:\windows\system32\nvsvcr.dll
2012-10-02 19:50 . 2012-07-25 22:28 118120 ----a-w- c:\windows\system32\nvmctray.dll
2012-10-02 12:15 . 2012-10-02 12:15 430952 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2012-09-29 17:54 . 2012-10-23 12:45 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-24 07:58 . 2012-10-22 16:37 27800 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2012-09-18 23:19 . 2012-09-18 23:19 108008 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2012-09-18 23:19 . 2012-09-18 23:20 916456 ----a-w- c:\windows\system32\deployJava1.dll
2012-09-18 23:19 . 2012-09-18 23:20 289768 ----a-w- c:\windows\system32\javaws.exe
2012-09-18 23:19 . 2012-09-18 23:20 1034216 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-09-18 23:19 . 2012-09-18 23:19 189416 ----a-w- c:\windows\system32\javaw.exe
2012-09-18 23:19 . 2012-09-18 23:19 188904 ----a-w- c:\windows\system32\java.exe
2012-09-10 16:49 . 2012-10-28 18:04 4581296 ----a-w- c:\windows\SysWow64\GameMon.des
2012-07-03 14:41 . 2012-08-02 22:29 168864 ----a-w- c:\program files\Common Files\WireHelpSvc.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"PowerDVD12DMREngine"="c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe" [2012-01-02 501544]
"PowerDVD12Agent"="c:\program files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe" [2012-02-21 371256]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 {73526619-C24F-470B-9BED-53D455FBB5C6};Power Control [2012/12/05 07:42];c:\program files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [2012-04-17 18:22 146928]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 ALSysIO;ALSysIO;c:\users\Ryuk1337\AppData\Local\Temp\ALSysIO64.sys [x]
R3 cpuz130;cpuz130;c:\users\Ryuk1337\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-25 36928]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928]
R3 NLNdisMP;NLNdisMP;c:\windows\system32\DRIVERS\nlndis.sys [x]
R3 NLNdisPT;NetLimiter Ndis Protocol Service;c:\windows\system32\DRIVERS\nlndis.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 RTL8167;Realtek 8167 NT-Treiber;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [x]
R4 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432]
R4 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936]
R4 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-03-23 87040]
R4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
R4 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe [2012-05-04 27760]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-09-24 27800]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-07-22 283200]
S1 Magic Tune;MagicTune;c:\windows\system32\Drivers\MtiCtwl.sys [2008-11-04 23096]
S2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2012/12/05 07:40];c:\program files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [2012-04-17 18:22 146928]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-11-27 85280]
S2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [2012-02-21 87336]
S2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2012-02-21 75048]
S2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2012-02-21 296232]
S2 ntk_PowerDVD12;ntk_PowerDVD12;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2011-10-27 82928]
S3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2010-08-04 1342064]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2012-12-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-02 16:28]
.
2012-12-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-784538080-20831510-1881987623-1000Core.job
- c:\users\Ryuk1337\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-29 01:14]
.
2012-12-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-784538080-20831510-1881987623-1000UA.job
- c:\users\Ryuk1337\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-29 01:14]
.
.
--------- X64 Entries -----------
.
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.babylon.com/?affID=113480&tt=120812_bandext_3212_2&babsrc=HP_ss&mntrId=9866b1710000000000006234e25419fa
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: {{07BA1DA9-F501-4796-8728-74D1B91A6CD5} - c:\program files (x86)\PokerStars.EU\PokerStarsUpdate.exe
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.42.129
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{329F96B6-DF1E-4328-BFDA-39EA953C1312}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{73526619-C24F-470B-9BED-53D455FBB5C6}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\DataMngr\Files\ChromeHomepage]
@Denied: (2) (LocalSystem)
"Flag"=dword:00000000
.
[HKEY_USERS\.Default\Software\DataMngr\Files\Homepage]
@Denied: (2) (LocalSystem)
"Flag"=dword:00000000
.
[HKEY_USERS\.Default\Software\DataMngr\Files\SelectedSearch]
@Denied: (2) (LocalSystem)
"Flag"=dword:00000000
.
[HKEY_USERS\.Default\Software\DataMngr\Files\UrlbarSearch]
@Denied: (2) (LocalSystem)
"Flag"=dword:00000000
.
[HKEY_USERS\.Default\Software\DataMngr\List\Item1]
@Denied: (2) (LocalSystem)
"Flag"=dword:00000000
.
[HKEY_USERS\.Default\Software\DataMngr\List\Item2]
@Denied: (2) (LocalSystem)
"Flag"=dword:00000000
.
[HKEY_USERS\.Default\Software\DataMngr\List\Item3]
@Denied: (2) (LocalSystem)
"Flag"=dword:00000000
.
[HKEY_USERS\.Default\Software\DataMngr\Toolbar]
@Denied: (2) (LocalSystem)
"Flag"=dword:00000000
.
[HKEY_USERS\.Default\Software\DataMngr_Toolbar]
@Denied: (2) (LocalSystem)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\DataMngr\List\Item1]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-784538080-20831510-1881987623-1000)
"Flag"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\DataMngr\List\Item2]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-784538080-20831510-1881987623-1000)
"Flag"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\DataMngr\List\Item3]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-784538080-20831510-1881987623-1000)
"Flag"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-12-06 19:12:47
ComboFix-quarantined-files.txt 2012-12-06 18:12
ComboFix2.txt 2012-12-06 18:00
.
Vor Suchlauf: 15 Verzeichnis(se), 368.258.592.768 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 368.052.301.824 Bytes frei
.
- - End Of File - - 18110FAE8EA47397A97E3F72B46DC81A
|
|
06.12.2012, 19:21
| #15 |
| /// TB-Ausbilder | Pc friert ein Sound verzerrt ! Das hilft mir leider gar nichts, ich brauche alle Logfiles - in meiner Anleitung wäre gestanden wo es sich befindet. Jetzt suche den Ordner c:\qoobox und poste mir die Dateien: ComboFix-quarantined-files.txt 2012-12-06 18:12 ComboFix2.txt 2012-12-06 18:00
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
| Themen zu Pc friert ein Sound verzerrt ! |
| agent, antworten, avira, einfrieren, eingefroren, friert, friert ein, gen, hintergrund, kaspersky, merkwürdig, musik, neu, neu aufsetzten, pc friert ein, problem, probleme, sekunden, sound, system, teamspeak, tool, trojan agent, trojaner, verbindung, virus, virus sound kratzt pc friert ein |
Linear-Darstellung
