Trojaner-Board - svhost.exe in /Roaming/Microsoft kommt immer wieder

Code:

ComboFix 13-07-07.01 - Leo 07.07.2013  17:13:03.2.4 - x64

Microsoft Windows 7 Ultimate   6.1.7601.1.1252.49.1031.18.4095.2477 [GMT 2:00]

ausgeführt von:: c:\users\Leo\Desktop\ComboFix.exe

Benutzte Befehlsschalter :: c:\users\Leo\Desktop\CFScript.txt

AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

FW: AVG Internet Security 2012 *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}

SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

FILE ::

"c:\windows\system32\drivers\uxpatch.sys"

.

.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files (x86)\IObit

c:\program files (x86)\IObit\Game Booster 3\Boost.log

c:\program files (x86)\IObit\Game Booster 3\GameBooster.log

c:\program files (x86)\IObit\Game Booster 3\GBV3ContextMenu.dll

c:\program files (x86)\IObit\Game Booster 3\LatestGames\LatestGames.ini

c:\program files (x86)\IObit\Game Booster 3\LatestNews\LatestNews.ini

c:\program files (x86)\IObit\Game Booster 3\unins000.exe

c:\program files (x86)\IObit\Game Booster 3\Update\Update.Ini

c:\program files (x86)\IObit\Game Booster 3\UpdateCheck.exe

c:\program files (x86)\SoftwareUpdater

c:\program files (x86)\SoftwareUpdater\config

c:\program files (x86)\SoftwareUpdater\Maintenance.exe

c:\program files (x86)\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe

c:\program files (x86)\SoftwareUpdater\SoftwareUpdater.dll

c:\program files (x86)\SoftwareUpdater\SoftwareUpdater.Ui.exe

c:\program files (x86)\SoftwareUpdater\SystemStore.exe

c:\users\Leo\AppData\Roaming\Microsoft\svhost.exe

.

Infizierte Kopie von c:\windows\System32\mspaint.exe wurde gefunden und desinfiziert 

Kopie von - c:\windows\winsxs\amd64_microsoft-windows-mspaint_31bf3856ad364e35_6.1.7600.16385_none_ea12784c0842bfc1\mspaint.exe wurde wiederhergestellt 

.

.

(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Legacy_UXPATCH

-------\Legacy_WINRING0_1_2_0

-------\Service_SystemStoreService

-------\Service_uxpatch

-------\Service_WinRing0_1_2_0

.

.

(((((((((((((((((((((((   Dateien erstellt von 2013-06-07 bis 2013-07-07  ))))))))))))))))))))))))))))))

.

.

2013-07-07 15:48 . 2013-07-07 15:48        --------        d-----w-        c:\windows\system32\config\systemprofile\AppData\Local\temp

2013-07-07 15:48 . 2013-07-07 15:48        --------        d-----w-        c:\users\UpdatusUser\AppData\Local\temp

2013-07-07 15:48 . 2013-07-07 15:48        --------        d-----w-        c:\users\hedev\AppData\Local\temp

2013-07-07 15:48 . 2013-07-07 15:48        --------        d-----w-        c:\users\Default\AppData\Local\temp

2013-07-07 15:48 . 2013-07-07 15:48        --------        d-----w-        c:\users\Administrator\AppData\Local\temp

2013-07-07 12:10 . 2013-07-07 12:10        --------        d-----w-        c:\programdata\Picroma

2013-07-04 17:36 . 2013-07-04 17:36        --------        d-----w-        c:\program files (x86)\Secure Banking

2013-07-04 17:06 . 2013-07-04 17:06        96168        ----a-w-        c:\windows\SysWow64\WindowsAccessBridge-32.dll

2013-07-04 17:06 . 2013-07-04 17:06        --------        d-----w-        c:\program files (x86)\Java

2013-07-04 17:01 . 2013-07-04 17:01        --------        d-----w-        c:\windows\ERUNT

2013-07-03 22:52 . 2013-07-03 23:28        --------        d-----w-        c:\programdata\Malwarebytes' Anti-Malware (portable)

2013-07-02 18:24 . 2013-07-02 18:24        --------        d-----w-        c:\program files (x86)\LogMeIn Hamachi

2013-07-01 00:16 . 2013-04-23 15:03        435712        ----a-w-        c:\users\Leo\AppData\Roaming\Microsoft\IE10\svhost.exe

2013-06-28 11:07 . 2012-01-18 12:15        2580552        ----a-w-        c:\windows\SysWow64\pbsvc.exe

2013-06-28 09:23 . 2013-06-28 09:23        177680        ----a-w-        c:\windows\system32\mfevtps.exe.c48c.deleteme

2013-06-28 09:23 . 2013-06-28 09:23        --------        d-----w-        C:\Stinger_Quarantine

2013-06-28 09:20 . 2013-06-28 11:10        --------        d-----w-        c:\program files\stinger

2013-06-27 20:15 . 2013-07-05 21:58        --------        d-----w-        c:\users\Leo\AppData\Roaming\Media Player Classic

2013-06-27 10:07 . 2013-03-17 16:21        3649536        ----a-w-        c:\windows\SysWow64\x264vfw.dll

2013-06-27 10:07 . 2011-12-07 17:32        216064        ----a-w-        c:\windows\SysWow64\lagarith.dll

2013-06-27 10:07 . 2011-06-24 14:44        243200        ----a-w-        c:\windows\SysWow64\xvidvfw.dll

2013-06-27 10:07 . 2011-06-24 14:28        650752        ----a-w-        c:\windows\SysWow64\xvidcore.dll

2013-06-27 10:07 . 2004-05-18 18:16        39936        ----a-w-        c:\windows\SysWow64\huffyuv.dll

2013-06-27 10:07 . 2011-12-21 17:14        151552        ----a-w-        c:\windows\SysWow64\ac3acm.acm

2013-06-27 10:07 . 2013-05-31 18:00        112640        ----a-w-        c:\windows\SysWow64\ff_vfw.dll

2013-06-26 09:16 . 2013-04-23 15:03        87054        ----a-w-        c:\users\Leo\AppData\Roaming\Microsoft\IE10\libpdcurses.dll

2013-06-26 09:16 . 2013-04-23 15:03        45056        ----a-w-        c:\users\Leo\AppData\Roaming\Microsoft\IE10\pthreadGC2.dll

2013-06-26 09:16 . 2013-04-23 15:03        323584        ----a-w-        c:\users\Leo\AppData\Roaming\Microsoft\IE10\ssleay32.dll

2013-06-26 09:16 . 2013-04-23 15:03        309248        ----a-w-        c:\users\Leo\AppData\Roaming\Microsoft\IE10\libcurl-4.dll

2013-06-26 09:16 . 2013-04-23 15:03        224256        ----a-w-        c:\users\Leo\AppData\Roaming\Microsoft\IE10\libidn-11.dll

2013-06-26 09:16 . 2013-04-23 15:03        1479680        ----a-w-        c:\users\Leo\AppData\Roaming\Microsoft\IE10\libeay32.dll

2013-06-26 09:16 . 2013-04-23 15:03        122368        ----a-w-        c:\users\Leo\AppData\Roaming\Microsoft\IE10\zlib1.dll

2013-06-26 09:16 . 2013-04-23 15:03        104960        ----a-w-        c:\users\Leo\AppData\Roaming\Microsoft\IE10\libusb-1.0.dll

2013-06-26 09:16 . 2013-07-07 15:05        587776        ----a-w-        c:\users\Leo\AppData\Roaming\Microsoft\IE10\7z.exe

2013-06-24 21:39 . 2013-05-07 17:26        1751552        ----a-w-        c:\users\Leo\AppData\Roaming\Microsoft\VSA\9.0\VSA.exe

2013-06-24 21:39 . 2013-06-24 21:39        --------        d-----w-        c:\users\Leo\AppData\Roaming\EvolutionClips

2013-06-24 16:31 . 2013-06-24 16:31        --------        d-----w-        c:\users\Leo\AppData\Local\ESN

2013-06-24 16:01 . 2013-06-28 13:37        291088        ----a-w-        c:\windows\SysWow64\PnkBstrB.exe

2013-06-24 02:32 . 2013-06-24 02:32        --------        d-----w-        c:\program files\x264vfw64

2013-06-24 02:25 . 2013-06-24 02:33        --------        d-----w-        c:\program files (x86)\x264vfw

2013-06-23 15:23 . 2013-06-24 11:01        --------        d-----w-        c:\users\Leo\AppData\Roaming\Audacity

2013-06-23 13:22 . 2013-06-23 13:22        --------        d-----w-        c:\program files (x86)\Audacity

2013-06-23 13:19 . 2012-06-09 17:21        178688        ----a-w-        c:\windows\SysWow64\unrar.dll

2013-06-23 13:19 . 2013-06-27 10:07        --------        d-----w-        c:\program files (x86)\K-Lite Codec Pack

2013-06-14 14:23 . 2013-06-14 14:23        --------        d-----w-        c:\users\Leo\AppData\Roaming\FlashFXP

2013-06-14 14:23 . 2013-06-14 14:23        --------        d-----w-        c:\programdata\regid.2000-02.com.flashfxp

2013-06-14 14:23 . 2013-06-14 14:23        --------        d-----w-        c:\programdata\FlashFXP

2013-06-14 14:23 . 2013-06-14 14:23        --------        d-----w-        c:\program files (x86)\FlashFXP 4

2013-06-14 14:23 . 2013-06-14 14:23        --------        dc-h--w-        c:\programdata\{21F111D4-06E9-47C8-955F-5B9171A7DF34}

2013-06-13 18:10 . 2013-06-13 22:21        --------        d-----w-        c:\users\Leo\AppData\Local\Daedalic Entertainment

2013-06-12 20:41 . 2013-05-08 06:39        1910632        ----a-w-        c:\windows\system32\drivers\tcpip.sys

2013-06-12 20:41 . 2013-04-26 05:51        751104        ----a-w-        c:\windows\system32\win32spl.dll

2013-06-12 20:41 . 2013-04-26 04:55        492544        ----a-w-        c:\windows\SysWow64\win32spl.dll

2013-06-12 20:41 . 2013-05-10 05:49        30720        ----a-w-        c:\windows\system32\cryptdlg.dll

2013-06-12 20:41 . 2013-05-10 03:20        24576        ----a-w-        c:\windows\SysWow64\cryptdlg.dll

2013-06-12 20:41 . 2013-04-17 06:24        1424384        ----a-w-        c:\windows\system32\WindowsCodecs.dll

2013-06-12 20:41 . 2013-04-17 07:02        1230336        ----a-w-        c:\windows\SysWow64\WindowsCodecs.dll

2013-06-12 20:41 . 2013-05-13 05:51        1464320        ----a-w-        c:\windows\system32\crypt32.dll

2013-06-12 20:41 . 2013-05-13 03:43        1192448        ----a-w-        c:\windows\system32\certutil.exe

2013-06-12 20:41 . 2013-05-13 03:08        903168        ----a-w-        c:\windows\SysWow64\certutil.exe

2013-06-12 20:41 . 2013-05-13 05:51        184320        ----a-w-        c:\windows\system32\cryptsvc.dll

2013-06-12 20:41 . 2013-05-13 04:45        1160192        ----a-w-        c:\windows\SysWow64\crypt32.dll

2013-06-12 20:40 . 2013-05-13 05:51        139776        ----a-w-        c:\windows\system32\cryptnet.dll

2013-06-12 20:40 . 2013-05-13 05:50        52224        ----a-w-        c:\windows\system32\certenc.dll

2013-06-12 20:40 . 2013-05-13 04:45        140288        ----a-w-        c:\windows\SysWow64\cryptsvc.dll

2013-06-12 20:40 . 2013-05-13 04:45        103936        ----a-w-        c:\windows\SysWow64\cryptnet.dll

2013-06-12 20:40 . 2013-05-13 03:08        43008        ----a-w-        c:\windows\SysWow64\certenc.dll

2013-06-12 20:40 . 2013-04-25 23:30        1505280        ----a-w-        c:\windows\SysWow64\d3d11.dll

2013-06-12 20:40 . 2013-03-31 22:52        1887232        ----a-w-        c:\windows\system32\d3d11.dll

.

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-07-04 17:06 . 2012-08-01 03:22        867240        ----a-w-        c:\windows\SysWow64\npDeployJava1.dll

2013-07-04 17:06 . 2012-02-21 19:24        789416        ----a-w-        c:\windows\SysWow64\deployJava1.dll

2013-06-28 13:37 . 2011-11-14 23:32        291088        ----a-w-        c:\windows\SysWow64\PnkBstrB.xtr

2013-06-28 13:37 . 2011-11-14 23:33        280904        ----a-w-        c:\windows\SysWow64\PnkBstrB.ex0

2013-06-24 22:12 . 2011-11-14 23:06        76888        ----a-w-        c:\windows\SysWow64\PnkBstrA.exe

2013-06-13 01:03 . 2011-11-14 02:19        75825640        ----a-w-        c:\windows\system32\MRT.exe

2013-06-12 13:15 . 2012-04-01 13:32        692104        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe

2013-06-12 13:15 . 2011-11-14 17:11        71048        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-05-23 14:07 . 2013-05-23 14:07        466456        ----a-w-        c:\windows\system32\wrap_oal.dll

2013-05-23 14:07 . 2013-05-23 14:07        444952        ----a-w-        c:\windows\SysWow64\wrap_oal.dll

2013-05-23 14:07 . 2013-05-23 14:07        122904        ----a-w-        c:\windows\system32\OpenAL32.dll

2013-05-23 14:07 . 2013-05-23 14:07        109080        ----a-w-        c:\windows\SysWow64\OpenAL32.dll

2013-05-02 15:29 . 2011-11-14 18:18        278800        ------w-        c:\windows\system32\MpSigStub.exe

2013-04-13 05:49 . 2013-05-15 00:18        135168        ----a-w-        c:\windows\apppatch\AppPatch64\AcXtrnal.dll

2013-04-13 05:49 . 2013-05-15 00:18        350208        ----a-w-        c:\windows\apppatch\AppPatch64\AcLayers.dll

2013-04-13 05:49 . 2013-05-15 00:18        308736        ----a-w-        c:\windows\apppatch\AppPatch64\AcGenral.dll

2013-04-13 05:49 . 2013-05-15 00:18        111104        ----a-w-        c:\windows\apppatch\AppPatch64\acspecfc.dll

2013-04-13 04:45 . 2013-05-15 00:18        474624        ----a-w-        c:\windows\apppatch\AcSpecfc.dll

2013-04-13 04:45 . 2013-05-15 00:18        2176512        ----a-w-        c:\windows\apppatch\AcGenral.dll

2013-04-12 14:45 . 2013-04-24 07:19        1656680        ----a-w-        c:\windows\system32\drivers\ntfs.sys

2013-04-11 01:18 . 2013-04-11 01:18        384800        ----a-w-        c:\windows\system32\drivers\avgtdia.sys

2013-04-10 06:01 . 2013-05-15 00:18        265064        ----a-w-        c:\windows\system32\drivers\dxgmms1.sys

2013-04-10 06:01 . 2013-05-15 00:18        983400        ----a-w-        c:\windows\system32\drivers\dxgkrnl.sys

2013-04-10 03:30 . 2013-05-15 00:18        3153920        ----a-w-        c:\windows\system32\win32k.sys

2006-05-03 10:06        163328        --sha-r-        c:\windows\SysWOW64\flvDX.dll

2007-02-21 11:47        31232        --sha-r-        c:\windows\SysWOW64\msfDX.dll

2008-03-16 13:30        216064        --sha-r-        c:\windows\SysWOW64\nbDX.dll

2010-01-06 23:00        107520        --sha-r-        c:\windows\SysWOW64\TAKDSDecoder.dll

.

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

2012-03-13 17:30        1869152        ----a-w-        c:\program files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll" [2012-03-13 1869152]

.

[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]

[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]

[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2013-03-12 06:39        129272        ----a-w-        c:\users\Leo\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2013-03-12 06:39        129272        ----a-w-        c:\users\Leo\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2013-03-12 06:39        129272        ----a-w-        c:\users\Leo\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2013-03-12 06:39        129272        ----a-w-        c:\users\Leo\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]

"VSA"="c:\users\Leo\AppData\Roaming\Microsoft\VSA\9.0\VSA.exe" [2013-05-07 1751552]

"SecureBanking"="c:\program files (x86)\Secure Banking\SecureBanking.exe" [2013-06-30 507904]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-11-19 2598520]

"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2013-05-20 450560]

"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-06-28 2255184]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

RAT 9 Charge Indicator.lnk - c:\windows\Installer\{72A099DE-9782-4679-85AD-0731EF87EA53}\_5B5E5C8CB886861B14F432.exe [2012-5-10 75993]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

"EnableSecureUIAPath"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"mixer3"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute        REG_MULTI_SZ           autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]

"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe"

"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R2 UnsignedThemes;Unsigned Themes;c:\windows\UnsignedThemesSvc.exe;c:\windows\UnsignedThemesSvc.exe [x]

R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]

R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]

R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]

R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe;c:\program files (x86)\Tunngle\TnglCtrl.exe [x]

R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]

R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]

R3 X6va005;X6va005;c:\users\Leo\AppData\Local\Temp\00537AC.tmp;c:\users\Leo\AppData\Local\Temp\00537AC.tmp [x]

R3 xsherlock;xsherlock;c:\windows\system32\xsherlock.xem;c:\windows\SYSNATIVE\xsherlock.xem [x]

R4 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]

R4 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]

R4 Cherry Device Interface;Cherry Device Interface;c:\program files (x86)\Cherry\CDI\cdi.exe;c:\program files (x86)\Cherry\CDI\cdi.exe [x]

R4 DTProTS;DTProTS 2.02;c:\program files (x86)\DTProTS\DTProTS.exe;c:\program files (x86)\DTProTS\DTProTS.exe [x]

R4 hshld;Hotspot Shield Service;c:\program files (x86)\Hotspot Shield\bin\openvpnas.exe;c:\program files (x86)\Hotspot Shield\bin\openvpnas.exe [x]

R4 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [x]

R4 vToolbarUpdater10.2.0;vToolbarUpdater10.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe [x]

R4 WCUService_STC_IE;Splashtop Connect IE Software Updater Service;c:\program files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe;c:\program files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe [x]

S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]

S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]

S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]

S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys;c:\windows\SYSNATIVE\DRIVERS\avgfwd6a.sys [x]

S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]

S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]

S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]

S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys;c:\windows\SYSNATIVE\DRIVERS\hssdrv6.sys [x]

S2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2012\avgfws.exe;c:\program files (x86)\AVG\AVG2012\avgfws.exe [x]

S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [x]

S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [x]

S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]

S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]

S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [x]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]

S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]

S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsfiltera.sys [x]

S3 nvoclk64;NVIDIA Enthusiasts Platform KDM;c:\windows\system32\DRIVERS\nvoclk64.sys;c:\windows\SYSNATIVE\DRIVERS\nvoclk64.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]

S3 SaiK0CFA;SaiK0CFA;c:\windows\system32\DRIVERS\SaiK0CFA.sys;c:\windows\SYSNATIVE\DRIVERS\SaiK0CFA.sys [x]

S3 SaiU0CFA;SaiU0CFA;c:\windows\system32\DRIVERS\SaiU0CFA.sys;c:\windows\SYSNATIVE\DRIVERS\SaiU0CFA.sys [x]

S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901t.sys [x]

.

.

Inhalt des "geplante Tasks" Ordners

.

2013-07-07 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 13:15]

.

2012-08-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-04 19:45]

.

2012-08-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-04 19:45]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2013-03-12 06:39        162552        ----a-w-        c:\users\Leo\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2013-03-12 06:39        162552        ----a-w-        c:\users\Leo\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2013-03-12 06:39        162552        ----a-w-        c:\users\Leo\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2013-03-12 06:39        162552        ----a-w-        c:\users\Leo\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RunDLLEntry"="c:\windows\system32\AmbRunE.dll" [2009-02-26 17920]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-10-17 13307496]

"ProfilerU"="c:\program files\SmartTechnology\Software\ProfilerU.exe" [2012-01-23 432640]

"SaiMfd"="c:\program files\SmartTechnology\Software\SaiMfd.exe" [2012-01-23 158208]

.

------- Zusätzlicher Suchlauf -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.google.de/

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: Free YouTube to MP3 Converter - c:\users\Leo\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

Trusted Zone: clonewarsadventures.com

Trusted Zone: freerealms.com

Trusted Zone: soe.com

Trusted Zone: sony.com

TCP: DhcpNameServer = 192.168.2.1

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll

DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

FF - ProfilePath - c:\users\Leo\AppData\Roaming\Mozilla\Firefox\Profiles\dreqoy82.default\

FF - prefs.js: browser.startup.homepage - google.de

FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B60213ed7-a40c-46be-8925-2a1a31b06034%7D&mid=fc76d5004d2e47d1aed7d16c646dabf4-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&ds=AVG&v=10.0.0.7&lang=de&pr=pr&d=2012-02-19%2017%3A06%3A35&sap=ku&q=

FF - prefs.js: network.proxy.type - 0

FF - ExtSQL: 2013-07-04 19:32; {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}; c:\users\Leo\AppData\Roaming\Mozilla\Firefox\Profiles\dreqoy82.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}

FF - user.js: network.http.max-persistent-connections-per-server - 4

FF - user.js: nglayout.initialpaint.delay - 600

FF - user.js: content.notify.interval - 600000

FF - user.js: content.max.tokenizing.time - 1800000

FF - user.js: content.switch.threshold - 600000

.

- - - - Entfernte verwaiste Registrierungseinträge - - - -

.

BHO-{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - (no file)

AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe

AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\services\X6va005]

"ImagePath"="\??\c:\users\Leo\AppData\Local\Temp\00537AC.tmp"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\services\xsherlock]

"ImagePath"="c:\windows\system32\xsherlock.xem"

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]

"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

   00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Weitere laufende Prozesse ------------------------

.

c:\windows\SysWOW64\PnkBstrA.exe

c:\windows\SysWOW64\UAService7.exe

.

**************************************************************************

.

Zeit der Fertigstellung: 2013-07-07  17:55:45 - PC wurde neu gestartet

ComboFix-quarantined-files.txt  2013-07-07 15:55

ComboFix2.txt  2013-07-07 11:59

.

Vor Suchlauf: 24 Verzeichnis(se), 18.903.183.360 Bytes frei

Nach Suchlauf: 25 Verzeichnis(se), 18.529.783.808 Bytes frei

.

- - End Of File - - D00F4333FA5BD941187F4FCF67663BAF

A36C5E4F47E84449FF07ED3517B43A31

Code:

20:04:02.0023 0492  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

20:04:02.0216 0492  ============================================================

20:04:02.0216 0492  Current date / time: 2013/07/07 20:04:02.0216

20:04:02.0216 0492  SystemInfo:

20:04:02.0216 0492  

20:04:02.0216 0492  OS Version: 6.1.7601 ServicePack: 1.0

20:04:02.0216 0492  Product type: Workstation

20:04:02.0216 0492  ComputerName: LEO-PC

20:04:02.0216 0492  UserName: Leo

20:04:02.0216 0492  Windows directory: C:\Windows

20:04:02.0216 0492  System windows directory: C:\Windows

20:04:02.0216 0492  Running under WOW64

20:04:02.0216 0492  Processor architecture: Intel x64

20:04:02.0216 0492  Number of processors: 4

20:04:02.0216 0492  Page size: 0x1000

20:04:02.0216 0492  Boot type: Normal boot

20:04:02.0216 0492  ============================================================

20:04:03.0272 0492  Drive \Device\Harddisk0\DR0 - Size: 0x132C570000 (76.69 Gb), SectorSize: 0x200, Cylinders: 0x271B, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

20:04:03.0276 0492  Drive \Device\Harddisk1\DR1 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

20:04:03.0693 0492  ============================================================

20:04:03.0693 0492  \Device\Harddisk0\DR0:

20:04:03.0693 0492  MBR partitions:

20:04:03.0693 0492  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x995C65B

20:04:03.0693 0492  \Device\Harddisk1\DR1:

20:04:03.0693 0492  MBR partitions:

20:04:03.0693 0492  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xA8686482

20:04:03.0715 0492  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0xA8686CC1, BlocksNum 0x63FFA80

20:04:03.0715 0492  ============================================================

20:04:03.0727 0492  C: <-> \Device\Harddisk0\DR0\Partition1

20:04:03.0775 0492  E: <-> \Device\Harddisk1\DR1\Partition1

20:04:03.0796 0492  F: <-> \Device\Harddisk1\DR1\Partition2

20:04:03.0797 0492  ============================================================

20:04:03.0797 0492  Initialize success

20:04:03.0797 0492  ============================================================

20:04:57.0460 1736  ============================================================

20:04:57.0460 1736  Scan started

20:04:57.0460 1736  Mode: Manual; SigCheck; TDLFS; 

20:04:57.0460 1736  ============================================================

20:04:58.0139 1736  ================ Scan system memory ========================

20:04:58.0139 1736  System memory - ok

20:04:58.0139 1736  ================ Scan services =============================

20:04:58.0263 1736  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys

20:04:58.0352 1736  1394ohci - ok

20:04:58.0400 1736  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys

20:04:58.0419 1736  ACPI - ok

20:04:58.0433 1736  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys

20:04:58.0494 1736  AcpiPmi - ok

20:04:58.0588 1736  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

20:04:58.0600 1736  AdobeARMservice - ok

20:04:58.0718 1736  [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

20:04:58.0735 1736  AdobeFlashPlayerUpdateSvc - ok

20:04:58.0761 1736  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys

20:04:58.0785 1736  adp94xx - ok

20:04:58.0814 1736  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys

20:04:58.0833 1736  adpahci - ok

20:04:58.0848 1736  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys

20:04:58.0863 1736  adpu320 - ok

20:04:58.0894 1736  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll

20:04:59.0016 1736  AeLookupSvc - ok

20:04:59.0052 1736  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys

20:04:59.0098 1736  AFD - ok

20:04:59.0120 1736  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys

20:04:59.0132 1736  agp440 - ok

20:04:59.0171 1736  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe

20:04:59.0198 1736  ALG - ok

20:04:59.0212 1736  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys

20:04:59.0222 1736  aliide - ok

20:04:59.0245 1736  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys

20:04:59.0257 1736  amdide - ok

20:04:59.0278 1736  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys

20:04:59.0319 1736  AmdK8 - ok

20:04:59.0333 1736  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys

20:04:59.0369 1736  AmdPPM - ok

20:04:59.0395 1736  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys

20:04:59.0409 1736  amdsata - ok

20:04:59.0428 1736  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys

20:04:59.0444 1736  amdsbs - ok

20:04:59.0454 1736  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys

20:04:59.0466 1736  amdxata - ok

20:04:59.0490 1736  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys

20:04:59.0671 1736  AppID - ok

20:04:59.0694 1736  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll

20:04:59.0759 1736  AppIDSvc - ok

20:04:59.0791 1736  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll

20:04:59.0837 1736  Appinfo - ok

20:04:59.0864 1736  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll

20:04:59.0898 1736  AppMgmt - ok

20:04:59.0912 1736  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys

20:04:59.0925 1736  arc - ok

20:04:59.0943 1736  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys

20:04:59.0957 1736  arcsas - ok

20:05:00.0053 1736  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

20:05:00.0065 1736  aspnet_state - ok

20:05:00.0088 1736  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys

20:05:00.0140 1736  AsyncMac - ok

20:05:00.0167 1736  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys

20:05:00.0178 1736  atapi - ok

20:05:00.0210 1736  [ B4BDE3F758A34658A37DFED3D9783CD8 ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys

20:05:00.0301 1736  atksgt - ok

20:05:00.0387 1736  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

20:05:00.0439 1736  AudioEndpointBuilder - ok

20:05:00.0453 1736  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll

20:05:00.0490 1736  AudioSrv - ok

20:05:00.0532 1736  [ 96B4456F1DCA4EDA506ED31C7D2D6B05 ] Avgfwfd         C:\Windows\system32\DRIVERS\avgfwd6a.sys

20:05:00.0542 1736  Avgfwfd - ok

20:05:00.0649 1736  [ 6C469E3CB15CF33AD3E757096E6C7026 ] avgfws          C:\Program Files (x86)\AVG\AVG2012\avgfws.exe

20:05:00.0693 1736  avgfws - ok

20:05:00.0850 1736  [ 231B6AD3DB2866BC3FDB9979E6B2B61E ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe

20:05:00.0926 1736  AVGIDSAgent - ok

20:05:00.0981 1736  [ 633360E94804E7BAFE642017817C9413 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys

20:05:00.0993 1736  AVGIDSDriver - ok

20:05:01.0015 1736  [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter    C:\Windows\system32\DRIVERS\avgidsfiltera.sys

20:05:01.0023 1736  AVGIDSFilter - ok

20:05:01.0038 1736  [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys

20:05:01.0048 1736  AVGIDSHA - ok

20:05:01.0097 1736  [ BE8BC5D10ABA05D7F6E79D8296906C86 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys

20:05:01.0114 1736  Avgldx64 - ok

20:05:01.0149 1736  [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys

20:05:01.0159 1736  Avgmfx64 - ok

20:05:01.0205 1736  [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys

20:05:01.0214 1736  Avgrkx64 - ok

20:05:01.0259 1736  [ A441A655D6D9DDDDBA11994530F84981 ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys

20:05:01.0277 1736  Avgtdia - ok

20:05:01.0326 1736  [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd           C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

20:05:01.0336 1736  avgwd - ok

20:05:01.0345 1736  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll

20:05:01.0417 1736  AxInstSV - ok

20:05:01.0456 1736  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys

20:05:01.0505 1736  b06bdrv - ok

20:05:01.0531 1736  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys

20:05:01.0562 1736  b57nd60a - ok

20:05:01.0592 1736  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll

20:05:01.0636 1736  BDESVC - ok

20:05:01.0652 1736  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys

20:05:01.0705 1736  Beep - ok

20:05:01.0759 1736  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll

20:05:01.0805 1736  BFE - ok

20:05:01.0851 1736  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll

20:05:01.0922 1736  BITS - ok

20:05:01.0951 1736  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys

20:05:01.0978 1736  blbdrive - ok

20:05:02.0014 1736  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys

20:05:02.0037 1736  bowser - ok

20:05:02.0053 1736  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys

20:05:02.0129 1736  BrFiltLo - ok

20:05:02.0153 1736  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys

20:05:02.0167 1736  BrFiltUp - ok

20:05:02.0222 1736  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys

20:05:02.0268 1736  BridgeMP - ok

20:05:02.0303 1736  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll

20:05:02.0342 1736  Browser - ok

20:05:02.0365 1736  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys

20:05:02.0416 1736  Brserid - ok

20:05:02.0429 1736  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys

20:05:02.0454 1736  BrSerWdm - ok

20:05:02.0471 1736  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys

20:05:02.0505 1736  BrUsbMdm - ok

20:05:02.0518 1736  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys

20:05:02.0544 1736  BrUsbSer - ok

20:05:02.0639 1736  [ 173BBAE8027339608CBD5C5369BCDDDD ] BstHdAndroidSvc C:\Program Files (x86)\BlueStacks\HD-Service.exe

20:05:02.0660 1736  BstHdAndroidSvc - ok

20:05:02.0726 1736  [ 6EE2AB13C21AFE72E8622304CFAF97B5 ] BstHdDrv        C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys

20:05:02.0737 1736  BstHdDrv - ok

20:05:02.0790 1736  [ D9BD54860A00FE88B660D26E66EB075A ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe

20:05:02.0808 1736  BstHdLogRotatorSvc - ok

20:05:02.0823 1736  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys

20:05:02.0849 1736  BTHMODEM - ok

20:05:02.0884 1736  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll

20:05:02.0933 1736  bthserv - ok

20:05:03.0084 1736  catchme - ok

20:05:03.0106 1736  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys

20:05:03.0150 1736  cdfs - ok

20:05:03.0176 1736  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys

20:05:03.0208 1736  cdrom - ok

20:05:03.0237 1736  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll

20:05:03.0282 1736  CertPropSvc - ok

20:05:03.0364 1736  [ 1CE3F63D0C5867D16B01435F8CDAEF8B ] Cherry Device Interface C:\Program Files (x86)\Cherry\CDI\cdi.exe

20:05:03.0389 1736  Cherry Device Interface ( UnsignedFile.Multi.Generic ) - warning

20:05:03.0389 1736  Cherry Device Interface - detected UnsignedFile.Multi.Generic (1)

20:05:03.0418 1736  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys

20:05:03.0448 1736  circlass - ok

20:05:03.0482 1736  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys

20:05:03.0499 1736  CLFS - ok

20:05:03.0540 1736  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

20:05:03.0551 1736  clr_optimization_v2.0.50727_32 - ok

20:05:03.0589 1736  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

20:05:03.0600 1736  clr_optimization_v2.0.50727_64 - ok

20:05:03.0635 1736  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

20:05:03.0646 1736  clr_optimization_v4.0.30319_32 - ok

20:05:03.0664 1736  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

20:05:03.0676 1736  clr_optimization_v4.0.30319_64 - ok

20:05:03.0704 1736  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys

20:05:03.0731 1736  CmBatt - ok

20:05:03.0747 1736  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys

20:05:03.0759 1736  cmdide - ok

20:05:03.0795 1736  [ B892A4B13279852E34892443EDBA33B2 ] cmuda3          C:\Windows\system32\drivers\cmudax3.sys

20:05:03.0829 1736  cmuda3 ( UnsignedFile.Multi.Generic ) - warning

20:05:03.0830 1736  cmuda3 - detected UnsignedFile.Multi.Generic (1)

20:05:03.0864 1736  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys

20:05:03.0901 1736  CNG - ok

20:05:03.0925 1736  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys

20:05:03.0935 1736  Compbatt - ok

20:05:03.0952 1736  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys

20:05:03.0980 1736  CompositeBus - ok

20:05:03.0985 1736  COMSysApp - ok

20:05:03.0999 1736  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys

20:05:04.0010 1736  crcdisk - ok

20:05:04.0054 1736  [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc        C:\Windows\system32\cryptsvc.dll

20:05:04.0090 1736  CryptSvc - ok

20:05:04.0128 1736  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys

20:05:04.0190 1736  CSC - ok

20:05:04.0225 1736  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll

20:05:04.0273 1736  CscService - ok

20:05:04.0314 1736  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll

20:05:04.0370 1736  DcomLaunch - ok

20:05:04.0410 1736  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll

20:05:04.0464 1736  defragsvc - ok

20:05:04.0487 1736  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys

20:05:04.0534 1736  DfsC - ok

20:05:04.0591 1736  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll

20:05:04.0639 1736  Dhcp - ok

20:05:04.0654 1736  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys

20:05:04.0703 1736  discache - ok

20:05:04.0723 1736  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys

20:05:04.0736 1736  Disk - ok

20:05:04.0779 1736  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll

20:05:04.0819 1736  Dnscache - ok

20:05:04.0847 1736  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll

20:05:04.0891 1736  dot3svc - ok

20:05:04.0920 1736  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll

20:05:04.0967 1736  DPS - ok

20:05:05.0010 1736  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys

20:05:05.0036 1736  drmkaud - ok

20:05:05.0073 1736  [ 5E68B29B22CC14CAF15C889006EF7951 ] DTProTS         C:\Program Files (x86)\DTProTS\DTProTS.exe

20:05:05.0106 1736  DTProTS ( UnsignedFile.Multi.Generic ) - warning

20:05:05.0106 1736  DTProTS - detected UnsignedFile.Multi.Generic (1)

20:05:05.0166 1736  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys

20:05:05.0200 1736  DXGKrnl - ok

20:05:05.0233 1736  EagleX64 - ok

20:05:05.0271 1736  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll

20:05:05.0316 1736  EapHost - ok

20:05:05.0460 1736  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys

20:05:05.0583 1736  ebdrv - ok

20:05:05.0613 1736  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe

20:05:05.0661 1736  EFS - ok

20:05:05.0720 1736  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe

20:05:05.0778 1736  ehRecvr - ok

20:05:05.0807 1736  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe

20:05:05.0849 1736  ehSched - ok

20:05:05.0884 1736  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys

20:05:05.0909 1736  elxstor - ok

20:05:05.0927 1736  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys

20:05:05.0956 1736  ErrDev - ok

20:05:06.0002 1736  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll

20:05:06.0049 1736  EventSystem - ok

20:05:06.0077 1736  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys

20:05:06.0113 1736  exfat - ok

20:05:06.0145 1736  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys

20:05:06.0196 1736  fastfat - ok

20:05:06.0237 1736  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe

20:05:06.0295 1736  Fax - ok

20:05:06.0312 1736  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys

20:05:06.0324 1736  fdc - ok

20:05:06.0344 1736  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll

20:05:06.0392 1736  fdPHost - ok

20:05:06.0412 1736  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll

20:05:06.0457 1736  FDResPub - ok

20:05:06.0480 1736  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys

20:05:06.0493 1736  FileInfo - ok

20:05:06.0505 1736  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys

20:05:06.0551 1736  Filetrace - ok

20:05:06.0581 1736  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys

20:05:06.0594 1736  flpydisk - ok

20:05:06.0631 1736  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys

20:05:06.0645 1736  FltMgr - ok

20:05:06.0717 1736  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll

20:05:06.0765 1736  FontCache - ok

20:05:06.0804 1736  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

20:05:06.0813 1736  FontCache3.0.0.0 - ok

20:05:06.0839 1736  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys

20:05:06.0850 1736  FsDepends - ok

20:05:06.0869 1736  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys

20:05:06.0880 1736  Fs_Rec - ok

20:05:06.0917 1736  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys

20:05:06.0936 1736  fvevol - ok

20:05:06.0959 1736  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys

20:05:06.0971 1736  gagp30kx - ok

20:05:07.0010 1736  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll

20:05:07.0062 1736  gpsvc - ok

20:05:07.0138 1736  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

20:05:07.0150 1736  gupdate - ok

20:05:07.0177 1736  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

20:05:07.0187 1736  gupdatem - ok

20:05:07.0221 1736  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys

20:05:07.0231 1736  hamachi - ok

20:05:07.0349 1736  [ B1E3F445943F06E36DC079AF28D0F86B ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe

20:05:07.0391 1736  Hamachi2Svc - ok

20:05:07.0411 1736  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys

20:05:07.0433 1736  hcw85cir - ok

20:05:07.0468 1736  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

20:05:07.0501 1736  HdAudAddService - ok

20:05:07.0521 1736  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys

20:05:07.0549 1736  HDAudBus - ok

20:05:07.0582 1736  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys

20:05:07.0593 1736  HidBatt - ok

20:05:07.0610 1736  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys

20:05:07.0637 1736  HidBth - ok

20:05:07.0653 1736  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys

20:05:07.0679 1736  HidIr - ok

20:05:07.0701 1736  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll

20:05:07.0751 1736  hidserv - ok

20:05:07.0776 1736  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys

20:05:07.0791 1736  HidUsb - ok

20:05:08.0299 1736  [ 1256F6834307B38594CEB034BAF52568 ] HiPatchService  E:\Spiele\Tribes\HiPatchService.exe

20:05:08.0316 1736  HiPatchService ( UnsignedFile.Multi.Generic ) - warning

20:05:08.0316 1736  HiPatchService - detected UnsignedFile.Multi.Generic (1)

20:05:08.0343 1736  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll

20:05:08.0395 1736  hkmsvc - ok

20:05:08.0425 1736  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

20:05:08.0468 1736  HomeGroupListener - ok

20:05:08.0490 1736  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

20:05:08.0518 1736  HomeGroupProvider - ok

20:05:08.0546 1736  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys

20:05:08.0559 1736  HpSAMD - ok

20:05:08.0575 1736  hshld - ok

20:05:08.0632 1736  [ BBC89DA4065BDCE34257BE95B2F636EE ] HssDRV6         C:\Windows\system32\DRIVERS\hssdrv6.sys

20:05:08.0642 1736  HssDRV6 - ok

20:05:08.0678 1736  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys

20:05:08.0730 1736  HTTP - ok

20:05:08.0749 1736  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys

20:05:08.0760 1736  hwpolicy - ok

20:05:08.0785 1736  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys

20:05:08.0798 1736  i8042prt - ok

20:05:08.0818 1736  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys

20:05:08.0840 1736  iaStorV - ok

20:05:08.0900 1736  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

20:05:08.0929 1736  idsvc - ok

20:05:08.0955 1736  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys

20:05:08.0967 1736  iirsp - ok

20:05:08.0999 1736  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll

20:05:09.0058 1736  IKEEXT - ok

20:05:09.0156 1736  [ F2744FD54BE1580BE05916D1C755C92A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

20:05:09.0258 1736  IntcAzAudAddService - ok

20:05:09.0288 1736  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys

20:05:09.0300 1736  intelide - ok

20:05:09.0331 1736  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys

20:05:09.0354 1736  intelppm - ok

20:05:09.0386 1736  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll

20:05:09.0435 1736  IPBusEnum - ok

20:05:09.0455 1736  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys

20:05:09.0504 1736  IpFilterDriver - ok

20:05:09.0577 1736  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll

20:05:09.0663 1736  iphlpsvc - ok

20:05:09.0690 1736  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys

20:05:09.0714 1736  IPMIDRV - ok

20:05:09.0748 1736  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys

20:05:09.0795 1736  IPNAT - ok

20:05:09.0814 1736  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys

20:05:09.0868 1736  IRENUM - ok

20:05:09.0887 1736  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys

20:05:09.0899 1736  isapnp - ok

20:05:09.0929 1736  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys

20:05:09.0947 1736  iScsiPrt - ok

20:05:09.0963 1736  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys

20:05:09.0975 1736  kbdclass - ok

20:05:09.0986 1736  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys

20:05:10.0011 1736  kbdhid - ok

20:05:10.0032 1736  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe

20:05:10.0044 1736  KeyIso - ok

20:05:10.0066 1736  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys

20:05:10.0080 1736  KSecDD - ok

20:05:10.0106 1736  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys

20:05:10.0121 1736  KSecPkg - ok

20:05:10.0140 1736  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys

20:05:10.0186 1736  ksthunk - ok

20:05:10.0219 1736  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll

20:05:10.0272 1736  KtmRm - ok

20:05:10.0325 1736  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll

20:05:10.0377 1736  LanmanServer - ok

20:05:10.0403 1736  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

20:05:10.0455 1736  LanmanWorkstation - ok

20:05:10.0513 1736  [ 955982BF4421B77722196552B62E8DC2 ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys

20:05:10.0525 1736  lirsgt - ok

20:05:10.0582 1736  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys

20:05:10.0685 1736  lltdio - ok

20:05:10.0728 1736  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll

20:05:10.0784 1736  lltdsvc - ok

20:05:10.0803 1736  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll

20:05:10.0837 1736  lmhosts - ok

20:05:10.0858 1736  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys

20:05:10.0872 1736  LSI_FC - ok

20:05:10.0899 1736  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys

20:05:10.0913 1736  LSI_SAS - ok

20:05:10.0928 1736  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys

20:05:10.0941 1736  LSI_SAS2 - ok

20:05:10.0957 1736  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys

20:05:10.0970 1736  LSI_SCSI - ok

20:05:10.0985 1736  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys

20:05:11.0035 1736  luafv - ok

20:05:11.0062 1736  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll

20:05:11.0092 1736  Mcx2Svc - ok

20:05:11.0120 1736  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys

20:05:11.0132 1736  megasas - ok

20:05:11.0148 1736  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys

20:05:11.0167 1736  MegaSR - ok

20:05:11.0195 1736  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll

20:05:11.0228 1736  MMCSS - ok

20:05:11.0251 1736  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys

20:05:11.0300 1736  Modem - ok

20:05:11.0315 1736  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys

20:05:11.0340 1736  monitor - ok

20:05:11.0365 1736  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys

20:05:11.0377 1736  mouclass - ok

20:05:11.0412 1736  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys

20:05:11.0437 1736  mouhid - ok

20:05:11.0461 1736  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys

20:05:11.0475 1736  mountmgr - ok

20:05:11.0587 1736  [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

20:05:11.0599 1736  MozillaMaintenance - ok

20:05:11.0618 1736  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys

20:05:11.0634 1736  mpio - ok

20:05:11.0659 1736  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys

20:05:11.0706 1736  mpsdrv - ok

20:05:11.0755 1736  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll

20:05:11.0809 1736  MpsSvc - ok

20:05:11.0839 1736  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys

20:05:11.0874 1736  MRxDAV - ok

20:05:11.0904 1736  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys

20:05:11.0947 1736  mrxsmb - ok

20:05:11.0962 1736  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys

20:05:11.0991 1736  mrxsmb10 - ok

20:05:12.0016 1736  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys

20:05:12.0043 1736  mrxsmb20 - ok

20:05:12.0067 1736  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys

20:05:12.0079 1736  msahci - ok

20:05:12.0097 1736  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys

20:05:12.0112 1736  msdsm - ok

20:05:12.0133 1736  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe

20:05:12.0162 1736  MSDTC - ok

20:05:12.0196 1736  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys

20:05:12.0228 1736  Msfs - ok

20:05:12.0239 1736  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys

20:05:12.0282 1736  mshidkmdf - ok

20:05:12.0312 1736  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys

20:05:12.0324 1736  msisadrv - ok

20:05:12.0350 1736  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll

20:05:12.0394 1736  MSiSCSI - ok

20:05:12.0398 1736  msiserver - ok

20:05:12.0426 1736  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys

20:05:12.0474 1736  MSKSSRV - ok

20:05:12.0488 1736  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys

20:05:12.0520 1736  MSPCLOCK - ok

20:05:12.0536 1736  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys

20:05:12.0584 1736  MSPQM - ok

20:05:12.0627 1736  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys

20:05:12.0647 1736  MsRPC - ok

20:05:12.0672 1736  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys

20:05:12.0682 1736  mssmbios - ok

20:05:12.0704 1736  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys

20:05:12.0754 1736  MSTEE - ok

20:05:12.0770 1736  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys

20:05:12.0796 1736  MTConfig - ok

20:05:12.0819 1736  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys

20:05:12.0832 1736  Mup - ok

20:05:12.0866 1736  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll

20:05:12.0918 1736  napagent - ok

20:05:12.0962 1736  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys

20:05:13.0001 1736  NativeWifiP - ok

20:05:13.0042 1736  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys

20:05:13.0075 1736  NDIS - ok

20:05:13.0099 1736  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys

20:05:13.0148 1736  NdisCap - ok

20:05:13.0167 1736  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys

20:05:13.0209 1736  NdisTapi - ok

20:05:13.0251 1736  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys

20:05:13.0296 1736  Ndisuio - ok

20:05:13.0321 1736  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys

20:05:13.0370 1736  NdisWan - ok

20:05:13.0387 1736  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys

20:05:13.0433 1736  NDProxy - ok

20:05:13.0459 1736  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys

20:05:13.0502 1736  NetBIOS - ok

20:05:13.0532 1736  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys

20:05:13.0582 1736  NetBT - ok

20:05:13.0601 1736  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe

20:05:13.0612 1736  Netlogon - ok

20:05:13.0639 1736  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll

20:05:13.0687 1736  Netman - ok

20:05:13.0726 1736  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

20:05:13.0738 1736  NetMsmqActivator - ok

20:05:13.0743 1736  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

20:05:13.0753 1736  NetPipeActivator - ok

20:05:13.0783 1736  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll

20:05:13.0834 1736  netprofm - ok

20:05:13.0868 1736  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

20:05:13.0879 1736  NetTcpActivator - ok

20:05:13.0884 1736  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

20:05:13.0895 1736  NetTcpPortSharing - ok

20:05:13.0911 1736  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys

20:05:13.0923 1736  nfrd960 - ok

20:05:13.0943 1736  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll

20:05:13.0967 1736  NlaSvc - ok

20:05:13.0982 1736  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys

20:05:14.0015 1736  Npfs - ok

20:05:14.0031 1736  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll

20:05:14.0081 1736  nsi - ok

20:05:14.0108 1736  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys

20:05:14.0151 1736  nsiproxy - ok

20:05:14.0213 1736  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys

20:05:14.0280 1736  Ntfs - ok

20:05:14.0301 1736  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys

20:05:14.0346 1736  Null - ok

20:05:14.0373 1736  [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys

20:05:14.0386 1736  NVHDA - ok

20:05:14.0679 1736  [ FCBA1C22727939E7CFF9EB08FE9692AB ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys

20:05:15.0031 1736  nvlddmkm - ok

20:05:15.0051 1736  [ 8C1D181480796D7D3366A9381FD7782D ] nvoclk64        C:\Windows\system32\DRIVERS\nvoclk64.sys

20:05:15.0060 1736  nvoclk64 - ok

20:05:15.0089 1736  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys

20:05:15.0103 1736  nvraid - ok

20:05:15.0112 1736  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys

20:05:15.0127 1736  nvstor - ok

20:05:15.0174 1736  [ 10C232F6CFFD51D2332898AE7AE0FF23 ] nvsvc           C:\Windows\system32\nvvsvc.exe

20:05:15.0195 1736  nvsvc - ok

20:05:15.0264 1736  [ FB660F80BDC4F13D594996976AFAECD9 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

20:05:15.0305 1736  nvUpdatusService - ok

20:05:15.0333 1736  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys

20:05:15.0346 1736  nv_agp - ok

20:05:15.0362 1736  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys

20:05:15.0376 1736  ohci1394 - ok

20:05:15.0444 1736  [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

20:05:15.0456 1736  ose - ok

20:05:15.0480 1736  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll

20:05:15.0529 1736  p2pimsvc - ok

20:05:15.0558 1736  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll

20:05:15.0579 1736  p2psvc - ok

20:05:15.0608 1736  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys

20:05:15.0622 1736  Parport - ok

20:05:15.0644 1736  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys

20:05:15.0658 1736  partmgr - ok

20:05:15.0678 1736  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll

20:05:15.0714 1736  PcaSvc - ok

20:05:15.0776 1736  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys

20:05:15.0792 1736  pci - ok

20:05:15.0811 1736  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\DRIVERS\pciide.sys

20:05:15.0823 1736  pciide - ok

20:05:15.0848 1736  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys

20:05:15.0865 1736  pcmcia - ok

20:05:15.0889 1736  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys

20:05:15.0901 1736  pcw - ok

20:05:15.0929 1736  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys

20:05:15.0967 1736  PEAUTH - ok

20:05:16.0021 1736  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll

20:05:16.0086 1736  PeerDistSvc - ok

20:05:16.0149 1736  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe

20:05:16.0174 1736  PerfHost - ok

20:05:16.0239 1736  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll

20:05:16.0314 1736  pla - ok

20:05:16.0346 1736  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll

20:05:16.0390 1736  PlugPlay - ok

20:05:16.0427 1736  PnkBstrA - ok

20:05:16.0450 1736  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll

20:05:16.0463 1736  PNRPAutoReg - ok

20:05:16.0479 1736  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll

20:05:16.0495 1736  PNRPsvc - ok

20:05:16.0539 1736  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll

20:05:16.0593 1736  PolicyAgent - ok

20:05:16.0618 1736  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll

20:05:16.0674 1736  Power - ok

20:05:16.0721 1736  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys

20:05:16.0769 1736  PptpMiniport - ok

20:05:16.0799 1736  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys

20:05:16.0822 1736  Processor - ok

20:05:16.0843 1736  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll

20:05:16.0884 1736  ProfSvc - ok

20:05:16.0904 1736  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

20:05:16.0916 1736  ProtectedStorage - ok

20:05:16.0962 1736  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys

20:05:17.0011 1736  Psched - ok

20:05:17.0058 1736  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys

20:05:17.0108 1736  ql2300 - ok

20:05:17.0140 1736  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys

20:05:17.0155 1736  ql40xx - ok

20:05:17.0179 1736  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll

20:05:17.0217 1736  QWAVE - ok

20:05:17.0247 1736  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys

20:05:17.0275 1736  QWAVEdrv - ok

20:05:17.0289 1736  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys

20:05:17.0334 1736  RasAcd - ok

20:05:17.0360 1736  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys

20:05:17.0394 1736  RasAgileVpn - ok

20:05:17.0444 1736  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll

20:05:17.0495 1736  RasAuto - ok

20:05:17.0518 1736  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys

20:05:17.0565 1736  Rasl2tp - ok

20:05:17.0626 1736  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll

20:05:17.0682 1736  RasMan - ok

20:05:17.0713 1736  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys

20:05:17.0763 1736  RasPppoe - ok

20:05:17.0779 1736  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys

20:05:17.0835 1736  RasSstp - ok

20:05:17.0884 1736  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys

20:05:17.0940 1736  rdbss - ok

20:05:17.0967 1736  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys

20:05:17.0992 1736  rdpbus - ok

20:05:18.0010 1736  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys

20:05:18.0055 1736  RDPCDD - ok

20:05:18.0106 1736  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys

20:05:18.0121 1736  RDPDR - ok

20:05:18.0143 1736  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys

20:05:18.0188 1736  RDPENCDD - ok

20:05:18.0223 1736  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys

20:05:18.0265 1736  RDPREFMP - ok

20:05:18.0295 1736  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys

20:05:18.0339 1736  RdpVideoMiniport - ok

20:05:18.0362 1736  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys

20:05:18.0400 1736  RDPWD - ok

20:05:18.0427 1736  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys

20:05:18.0444 1736  rdyboost - ok

20:05:18.0487 1736  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll

20:05:18.0541 1736  RemoteAccess - ok

20:05:18.0578 1736  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll

20:05:18.0628 1736  RemoteRegistry - ok

20:05:18.0678 1736  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll

20:05:18.0728 1736  RpcEptMapper - ok

20:05:18.0755 1736  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe

20:05:18.0786 1736  RpcLocator - ok

20:05:18.0825 1736  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll

20:05:18.0863 1736  RpcSs - ok

20:05:18.0907 1736  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys

20:05:18.0954 1736  rspndr - ok

20:05:18.0983 1736  [ F65F171165FBB613F7AA3CC78E8CAB42 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys

20:05:19.0029 1736  RTL8167 - ok

20:05:19.0047 1736  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys

20:05:19.0084 1736  s3cap - ok

20:05:19.0136 1736  [ ACBB94340905D4596C2B10B622160D02 ] SaiK0CFA        C:\Windows\system32\DRIVERS\SaiK0CFA.sys

20:05:19.0150 1736  SaiK0CFA - ok

20:05:19.0165 1736  [ E124BCFB55ADCD4AA273E73C3D666F9F ] SaiMini         C:\Windows\system32\DRIVERS\SaiMini.sys

20:05:19.0175 1736  SaiMini - ok

20:05:19.0183 1736  [ 94AB59E2D3F301DC2B6EA97A027CEBFA ] SaiNtBus        C:\Windows\system32\drivers\SaiBus.sys

20:05:19.0193 1736  SaiNtBus - ok

20:05:19.0243 1736  [ C4541B918865B015E4B04416E456AAB7 ] SaiU0CFA        C:\Windows\system32\DRIVERS\SaiU0CFA.sys

20:05:19.0254 1736  SaiU0CFA - ok

20:05:19.0267 1736  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe

20:05:19.0279 1736  SamSs - ok

20:05:19.0339 1736  SANDRA - ok

20:05:19.0387 1736  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys

20:05:19.0402 1736  sbp2port - ok

20:05:19.0459 1736  [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService  C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

20:05:19.0484 1736  SBSDWSCService - ok

20:05:19.0524 1736  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll

20:05:19.0579 1736  SCardSvr - ok

20:05:19.0602 1736  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys

20:05:19.0649 1736  scfilter - ok

20:05:19.0707 1736  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll

20:05:19.0762 1736  Schedule - ok

20:05:19.0986 1736  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll

20:05:20.0017 1736  SCPolicySvc - ok

20:05:20.0040 1736  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll

20:05:20.0089 1736  SDRSVC - ok

20:05:20.0114 1736  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys

20:05:20.0158 1736  secdrv - ok

20:05:20.0182 1736  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll

20:05:20.0233 1736  seclogon - ok

20:05:20.0255 1736  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll

20:05:20.0301 1736  SENS - ok

20:05:20.0335 1736  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll

20:05:20.0629 1736  SensrSvc - ok

20:05:20.0683 1736  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys

20:05:20.0709 1736  Serenum - ok

20:05:20.0739 1736  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys

20:05:20.0766 1736  Serial - ok

20:05:20.0788 1736  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys

20:05:20.0809 1736  sermouse - ok

20:05:20.0848 1736  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll

20:05:20.0899 1736  SessionEnv - ok

20:05:20.0938 1736  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys

20:05:20.0965 1736  sffdisk - ok

20:05:20.0980 1736  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys

20:05:21.0006 1736  sffp_mmc - ok

20:05:21.0021 1736  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys

20:05:21.0049 1736  sffp_sd - ok

20:05:21.0068 1736  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys

20:05:21.0080 1736  sfloppy - ok

20:05:21.0136 1736  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll

20:05:21.0189 1736  SharedAccess - ok

20:05:21.0234 1736  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

20:05:21.0286 1736  ShellHWDetection - ok

20:05:21.0304 1736  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys

20:05:21.0317 1736  SiSRaid2 - ok

20:05:21.0340 1736  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys

20:05:21.0352 1736  SiSRaid4 - ok

20:05:21.0365 1736  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys

20:05:21.0411 1736  Smb - ok

20:05:21.0440 1736  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe

20:05:21.0468 1736  SNMPTRAP - ok

20:05:21.0486 1736  [ 12583AF6CBE0050651EAF2723B3AD7B3 ] speedfan        C:\Windows\syswow64\speedfan.sys

20:05:21.0498 1736  speedfan - ok

20:05:21.0520 1736  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys

20:05:21.0534 1736  spldr - ok

20:05:21.0571 1736  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe

20:05:21.0594 1736  Spooler - ok

20:05:21.0716 1736  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe

20:05:21.0878 1736  sppsvc - ok

20:05:21.0903 1736  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll

20:05:21.0949 1736  sppuinotify - ok

20:05:21.0998 1736  [ A6CFF1AF7664627A296B6A0A96CF876E ] sptd            C:\Windows\System32\Drivers\sptd.sys

20:05:21.0999 1736  Suspicious file (NoAccess): C:\Windows\System32\Drivers\sptd.sys. md5: A6CFF1AF7664627A296B6A0A96CF876E

20:05:22.0018 1736  sptd ( LockedFile.Multi.Generic ) - warning

20:05:22.0018 1736  sptd - detected LockedFile.Multi.Generic (1)

20:05:22.0064 1736  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys

20:05:22.0110 1736  srv - ok

20:05:22.0140 1736  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys

20:05:22.0175 1736  srv2 - ok

20:05:22.0194 1736  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys

20:05:22.0225 1736  srvnet - ok

20:05:22.0342 1736  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll

20:05:22.0447 1736  SSDPSRV - ok

20:05:22.0491 1736  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll

20:05:22.0526 1736  SstpSvc - ok

20:05:22.0536 1736  Steam Client Service - ok

20:05:22.0618 1736  [ 5A19667A580B1CE886EAF968B9743F45 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

20:05:22.0632 1736  Stereo Service - ok

20:05:22.0652 1736  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys

20:05:22.0664 1736  stexstor - ok

20:05:22.0725 1736  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll

20:05:22.0748 1736  stisvc - ok

20:05:22.0763 1736  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys

20:05:22.0776 1736  storflt - ok

20:05:22.0803 1736  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys

20:05:22.0816 1736  storvsc - ok

20:05:22.0832 1736  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys

20:05:22.0843 1736  swenum - ok

20:05:22.0888 1736  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll

20:05:22.0948 1736  swprv - ok

20:05:22.0967 1736  Synth3dVsc - ok

20:05:23.0037 1736  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll

20:05:23.0131 1736  SysMain - ok

20:05:23.0160 1736  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

20:05:23.0191 1736  TabletInputService - ok

20:05:23.0237 1736  [ B08740047145B9BCE15BF75CA0F9718A ] tap0901t        C:\Windows\system32\DRIVERS\tap0901t.sys

20:05:23.0271 1736  tap0901t ( UnsignedFile.Multi.Generic ) - warning

20:05:23.0271 1736  tap0901t - detected UnsignedFile.Multi.Generic (1)

20:05:23.0318 1736  [ B70DF208E97536CA9F29289E609F5B16 ] taphss          C:\Windows\system32\DRIVERS\taphss.sys

20:05:23.0328 1736  taphss - ok

20:05:23.0358 1736  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll

20:05:23.0410 1736  TapiSrv - ok

20:05:23.0447 1736  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll

20:05:23.0498 1736  TBS - ok

20:05:23.0564 1736  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip           C:\Windows\system32\drivers\tcpip.sys

20:05:23.0641 1736  Tcpip - ok

20:05:23.0689 1736  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys

20:05:23.0727 1736  TCPIP6 - ok

20:05:23.0777 1736  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys

20:05:23.0801 1736  tcpipreg - ok

20:05:23.0844 1736  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys

20:05:23.0881 1736  TDPIPE - ok

20:05:23.0902 1736  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys

20:05:23.0928 1736  TDTCP - ok

20:05:23.0955 1736  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys

20:05:23.0988 1736  tdx - ok

20:05:24.0142 1736  [ A4D2CE94B028EF1E437CF4AC3D8FF26C ] TeamViewer7     C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe

20:05:24.0243 1736  TeamViewer7 - ok

20:05:24.0265 1736  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys

20:05:24.0277 1736  TermDD - ok

20:05:24.0346 1736  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll

20:05:24.0407 1736  TermService - ok

20:05:24.0445 1736  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll

20:05:24.0472 1736  Themes - ok

20:05:24.0499 1736  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll

20:05:24.0535 1736  THREADORDER - ok

20:05:24.0551 1736  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll

20:05:24.0598 1736  TrkWks - ok

20:05:24.0643 1736  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

20:05:24.0689 1736  TrustedInstaller - ok

20:05:24.0727 1736  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys

20:05:24.0760 1736  tssecsrv - ok

20:05:24.0778 1736  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys

20:05:24.0818 1736  TsUsbFlt - ok

20:05:24.0822 1736  tsusbhub - ok

20:05:24.0850 1736  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys

20:05:24.0884 1736  tunnel - ok

20:05:24.0990 1736  [ 2FD0FE0A0C721C8E47C5A3AE16E519B1 ] TunngleService  C:\Program Files (x86)\Tunngle\TnglCtrl.exe

20:05:25.0014 1736  TunngleService - ok

20:05:25.0043 1736  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys

20:05:25.0057 1736  uagp35 - ok

20:05:25.0084 1736  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys

20:05:25.0133 1736  udfs - ok

20:05:25.0166 1736  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe

20:05:25.0180 1736  UI0Detect - ok

20:05:25.0192 1736  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys

20:05:25.0206 1736  uliagpkx - ok

20:05:25.0237 1736  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys

20:05:25.0266 1736  umbus - ok

20:05:25.0286 1736  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys

20:05:25.0298 1736  UmPass - ok

20:05:25.0328 1736  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll

20:05:25.0344 1736  UmRdpService - ok

20:05:25.0370 1736  [ 8F387A1CC015A3F5020700C657A0FC85 ] UnsignedThemes  C:\Windows\UnsignedThemesSvc.exe

20:05:25.0381 1736  UnsignedThemes - ok

20:05:25.0400 1736  UpdateCenterService - ok

20:05:25.0430 1736  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll

20:05:25.0488 1736  upnphost - ok

20:05:25.0509 1736  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys

20:05:25.0545 1736  usbccgp - ok

20:05:25.0565 1736  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys

20:05:25.0582 1736  usbcir - ok

20:05:25.0601 1736  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys

20:05:25.0627 1736  usbehci - ok

20:05:25.0650 1736  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys

20:05:25.0678 1736  usbhub - ok

20:05:25.0706 1736  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys

20:05:25.0725 1736  usbohci - ok

20:05:25.0748 1736  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys

20:05:25.0776 1736  usbprint - ok

20:05:25.0804 1736  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS

20:05:25.0842 1736  USBSTOR - ok

20:05:25.0854 1736  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys

20:05:25.0879 1736  usbuhci - ok

20:05:25.0883 1736  UserAccess7 - ok

20:05:25.0909 1736  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll

20:05:25.0958 1736  UxSms - ok

20:05:25.0982 1736  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe

20:05:25.0994 1736  VaultSvc - ok

20:05:26.0000 1736  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys

20:05:26.0011 1736  vdrvroot - ok

20:05:26.0044 1736  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe

20:05:26.0096 1736  vds - ok

20:05:26.0124 1736  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys

20:05:26.0139 1736  vga - ok

20:05:26.0153 1736  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys

20:05:26.0200 1736  VgaSave - ok

20:05:26.0204 1736  VGPU - ok

20:05:26.0233 1736  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys

20:05:26.0250 1736  vhdmp - ok

20:05:26.0274 1736  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys

20:05:26.0286 1736  viaide - ok

20:05:26.0306 1736  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys

20:05:26.0323 1736  vmbus - ok

20:05:26.0346 1736  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys

20:05:26.0358 1736  VMBusHID - ok

20:05:26.0379 1736  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys

20:05:26.0391 1736  volmgr - ok

20:05:26.0425 1736  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys

20:05:26.0443 1736  volmgrx - ok

20:05:26.0463 1736  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys

20:05:26.0482 1736  volsnap - ok

20:05:26.0509 1736  [ B4A73CA4EF9A02B9738CEA9AD5FE5917 ] vpcbus          C:\Windows\system32\DRIVERS\vpchbus.sys

20:05:26.0524 1736  vpcbus - ok

20:05:26.0584 1736  [ E675FB2B48C54F09895482E2253B289C ] vpcnfltr        C:\Windows\system32\DRIVERS\vpcnfltr.sys

20:05:26.0630 1736  vpcnfltr - ok

20:05:26.0657 1736  [ 5FB42082B0D19A0268705F1DD343DF20 ] vpcusb          C:\Windows\system32\DRIVERS\vpcusb.sys

20:05:26.0681 1736  vpcusb - ok

20:05:26.0756 1736  [ 207B6539799CC1C112661A9B620DD233 ] vpcvmm          C:\Windows\system32\drivers\vpcvmm.sys

20:05:26.0775 1736  vpcvmm - ok

20:05:26.0805 1736  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys

20:05:26.0820 1736  vsmraid - ok

20:05:26.0886 1736  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe

20:05:26.0977 1736  VSS - ok

20:05:27.0120 1736  [ 3080F1F093869A19FB3D1F0226C73809 ] vToolbarUpdater10.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe

20:05:27.0151 1736  vToolbarUpdater10.2.0 - ok

20:05:27.0163 1736  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys

20:05:27.0179 1736  vwifibus - ok

20:05:27.0213 1736  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll

20:05:27.0256 1736  W32Time - ok

20:05:27.0288 1736  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys

20:05:27.0317 1736  WacomPen - ok

20:05:27.0347 1736  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys

20:05:27.0393 1736  WANARP - ok

20:05:27.0397 1736  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys

20:05:27.0431 1736  Wanarpv6 - ok

20:05:27.0515 1736  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe

20:05:27.0557 1736  WatAdminSvc - ok

20:05:27.0610 1736  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe

20:05:27.0675 1736  wbengine - ok

20:05:27.0701 1736  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll

20:05:27.0721 1736  WbioSrvc - ok

20:05:27.0755 1736  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll

20:05:27.0781 1736  wcncsvc - ok

20:05:27.0804 1736  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

20:05:27.0845 1736  WcsPlugInService - ok

20:05:27.0875 1736  [ 147C60622CB53E901EFD8BB6D44A4C46 ] WCUService_STC_IE C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe

20:05:27.0899 1736  WCUService_STC_IE - ok

20:05:27.0927 1736  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys

20:05:27.0940 1736  Wd - ok

20:05:27.0983 1736  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys

20:05:28.0008 1736  Wdf01000 - ok

20:05:28.0020 1736  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll

20:05:28.0092 1736  WdiServiceHost - ok

20:05:28.0112 1736  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll

20:05:28.0132 1736  WdiSystemHost - ok

20:05:28.0184 1736  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll

20:05:28.0220 1736  WebClient - ok

20:05:28.0253 1736  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll

20:05:28.0303 1736  Wecsvc - ok

20:05:28.0327 1736  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll

20:05:28.0375 1736  wercplsupport - ok

20:05:28.0402 1736  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll

20:05:28.0454 1736  WerSvc - ok

20:05:28.0481 1736  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys

20:05:28.0513 1736  WfpLwf - ok

20:05:28.0527 1736  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys

20:05:28.0539 1736  WIMMount - ok

20:05:28.0564 1736  WinDefend - ok

20:05:28.0590 1736  WinHttpAutoProxySvc - ok

20:05:28.0646 1736  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll

20:05:28.0693 1736  Winmgmt - ok

20:05:28.0757 1736  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll

20:05:28.0846 1736  WinRM - ok

20:05:28.0891 1736  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll

20:05:28.0938 1736  Wlansvc - ok

20:05:29.0070 1736  [ 98F138897EF4246381D197CB81846D62 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

20:05:29.0160 1736  wlidsvc - ok

20:05:29.0184 1736  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys

20:05:29.0207 1736  WmiAcpi - ok

20:05:29.0247 1736  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe

20:05:29.0275 1736  wmiApSrv - ok

20:05:29.0299 1736  WMPNetworkSvc - ok

20:05:29.0320 1736  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll

20:05:29.0341 1736  WPCSvc - ok

20:05:29.0366 1736  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll

20:05:29.0384 1736  WPDBusEnum - ok

20:05:29.0400 1736  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys

20:05:29.0434 1736  ws2ifsl - ok

20:05:29.0479 1736  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll

20:05:29.0525 1736  wscsvc - ok

20:05:29.0530 1736  WSearch - ok

20:05:29.0634 1736  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll

20:05:29.0724 1736  wuauserv - ok

20:05:29.0750 1736  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys

20:05:29.0790 1736  WudfPf - ok

20:05:29.0807 1736  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys

20:05:29.0824 1736  WUDFRd - ok

20:05:29.0842 1736  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll

20:05:29.0868 1736  wudfsvc - ok

20:05:29.0901 1736  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll

20:05:29.0944 1736  WwanSvc - ok

20:05:30.0002 1736  X6va005 - ok

20:05:30.0031 1736  xsherlock - ok

20:05:30.0079 1736  [ 2C6BC21B2D5B58D8B1D638C1704CB494 ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys

20:05:30.0092 1736  xusb21 - ok

20:05:30.0136 1736  ================ Scan global ===============================

20:05:30.0179 1736  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

20:05:30.0208 1736  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll

20:05:30.0218 1736  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll

20:05:30.0248 1736  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

20:05:30.0263 1736  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

20:05:30.0266 1736  [Global] - ok

20:05:30.0267 1736  ================ Scan MBR ==================================

20:05:30.0280 1736  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

20:05:30.0649 1736  \Device\Harddisk0\DR0 - ok

20:05:30.0653 1736  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1

20:05:31.0153 1736  \Device\Harddisk1\DR1 - ok

20:05:31.0153 1736  ================ Scan VBR ==================================

20:05:31.0163 1736  [ 850E697EC9FA9CF0DBE2F303E7195370 ] \Device\Harddisk0\DR0\Partition1

20:05:31.0164 1736  \Device\Harddisk0\DR0\Partition1 - ok

20:05:31.0168 1736  [ 011A8D43E8F21291B499405E52E7DB5A ] \Device\Harddisk1\DR1\Partition1

20:05:31.0171 1736  \Device\Harddisk1\DR1\Partition1 - ok

20:05:31.0175 1736  [ 41FAFCB6D6A50F65ED6BD10D90DCE47B ] \Device\Harddisk1\DR1\Partition2

20:05:31.0177 1736  \Device\Harddisk1\DR1\Partition2 - ok

20:05:31.0177 1736  ============================================================

20:05:31.0177 1736  Scan finished

20:05:31.0177 1736  ============================================================

20:05:31.0191 1352  Detected object count: 6

20:05:31.0191 1352  Actual detected object count: 6

20:06:13.0741 1352  Cherry Device Interface ( UnsignedFile.Multi.Generic ) - skipped by user

20:06:13.0741 1352  Cherry Device Interface ( UnsignedFile.Multi.Generic ) - User select action: Skip 

20:06:13.0742 1352  cmuda3 ( UnsignedFile.Multi.Generic ) - skipped by user

20:06:13.0743 1352  cmuda3 ( UnsignedFile.Multi.Generic ) - User select action: Skip 

20:06:13.0745 1352  DTProTS ( UnsignedFile.Multi.Generic ) - skipped by user

20:06:13.0745 1352  DTProTS ( UnsignedFile.Multi.Generic ) - User select action: Skip 

20:06:13.0747 1352  HiPatchService ( UnsignedFile.Multi.Generic ) - skipped by user

20:06:13.0747 1352  HiPatchService ( UnsignedFile.Multi.Generic ) - User select action: Skip 

20:06:13.0748 1352  sptd ( LockedFile.Multi.Generic ) - skipped by user

20:06:13.0749 1352  sptd ( LockedFile.Multi.Generic ) - User select action: Skip 

20:06:13.0750 1352  tap0901t ( UnsignedFile.Multi.Generic ) - skipped by user

20:06:13.0750 1352  tap0901t ( UnsignedFile.Multi.Generic ) - User select action: Skip 

20:06:42.0455 0660  Deinitialize success