Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: RunDll fehler /AppData/Roaming....

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 02.03.2012, 17:53   #1
Denni
 
RunDll fehler /AppData/Roaming.... - Standard

RunDll fehler /AppData/Roaming....



Hallo, ich bin neu hier
Habe seit längerem ein Problem mit meinem PC (Win7 ul. )
Nach dem booten kommt im Windows die Meldung

C:\Users\Denis\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SCANHD~1.DLL

Der Computer ist extrem langsam geworden seitdem, zudem bootet er unheimlich lang! Und das alles trotz Kaspersky

Hab mich mal ein wenig durchgelesen und nun den log per Malwarebytes nach einer vollst. Untersuchung erstellt.


Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Datenbank Version: v2012.03.02.03

Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
Denis :: DENIS-PC [Administrator]

02.03.2012 15:44:05
mbam-log-2012-03-02 (18-52-01).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 544975
Laufzeit: 3 Stunde(n), 1 Minute(n), 41 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 4
HKCU\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Keine Aktion durchgeführt.
HKCU\Software\ErrorRepairPro (Rogue.ErrorRepairProfessional) -> Keine Aktion durchgeführt.
HKCU\Software\WEK9EMDHI9 (Trojan.Agent) -> Keine Aktion durchgeführt.
HKCU\Software\YVIBBBHA8C (Trojan.Agent) -> Keine Aktion durchgeführt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 3
C:\Program Files\Error Repair Professional (Rogue.ErrorRepairProfessional) -> Keine Aktion durchgeführt.
C:\Program Files\Error Repair Professional\Backups (Rogue.ErrorRepairProfessional) -> Keine Aktion durchgeführt.
C:\Program Files\Error Repair Professional\startbug (Rogue.ErrorRepairProfessional) -> Keine Aktion durchgeführt.

Infizierte Dateien: 2
C:\Users\Denis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\scandisk.lnk (Trojan.Downloader) -> Keine Aktion durchgeführt.
C:\Program Files\Error Repair Professional\ErrorRepairProfessional.exe (Rogue.ErrorRepairProfessional) -> Keine Aktion durchgeführt.

(Ende)

Bitte um Eure Hilfe und bedanke mich im Vrraus!

Alt 04.03.2012, 21:04   #2
Chris4You
 
RunDll fehler /AppData/Roaming.... - Standard

RunDll fehler /AppData/Roaming....



Hi,

MAM alles bereinigen lassen...

OTL
Lade Dir OTL von Oldtimer herunter (http://filepony.de/download-otl/) und speichere es auf Deinem Desktop
  • Vista/Win7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt (OTL.TXT und EXTRAS.TXT)
  • Poste die Logfiles hier in den Thread

chris
__________________

__________________

Alt 04.03.2012, 22:59   #3
Denni
 
RunDll fehler /AppData/Roaming.... - Standard

RunDll fehler /AppData/Roaming....



Danke für die Antwort,
here we go :OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 04.03.2012 23:51:09 - Run 1
OTL by OldTimer - Version 3.2.35.1     Folder = C:\Users\Denis\Downloads
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,81 Gb Available Physical Memory | 60,23% Memory free
6,00 Gb Paging File | 4,73 Gb Available in Paging File | 78,82% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 453,36 Gb Total Space | 205,73 Gb Free Space | 45,38% Space Free | Partition Type: NTFS
Drive D: | 12,39 Gb Total Space | 1,71 Gb Free Space | 13,76% Space Free | Partition Type: NTFS
 
Computer Name: DENIS-PC | User Name: Denis | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02602409-9189-4567-BC07-562605243B69}" = Windows Live Remote Client Resources
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM)
"{0496D9E9-224B-4AFA-8F37-23B98D52F1EB}" = Logitech QuickCam
"{076A6FD8-EE45-4A83-B3C9-C7C34E7CAFDD}" = Lineage II
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{17B2670B-DB33-4F5E-9273-0E5CDF39DA5F}" = Windows Phone Intro Video (DEU)
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{236BB7C4-4419-42FD-0407-1E257A25E34D}" = Adobe Photoshop CS2
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3A65A74A-5B6E-451A-92D8-50F1182BBE9A}" = Windows Live Remote Service Resources
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{4412F224-3849-4461-A3E9-DEEF8D252790}" = Visual Studio C++ 10.0 Runtime
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5482DCBE-D2D1-47B0-A621-DF8E2B0D174C}" = Windows Live Family Safety
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5A7A2AED-781B-45DC-AAF6-EAA3A9370C83}}_is1" = PhotoInstrument 3.9
"{5D4B3647-9842-4875-B081-EF8D98C02865}" = WMPKeys
"{65D70656-D248-4C83-B594-E3029C43B37A}" = phase6_19
"{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1" = iExplorer 2.2.1.2
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile-Gerätecenter
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9580813D-94B1-4C28-9426-A441E2BB29A5}" = Counter-Strike: Source
"{99011A6E-5200-11DE-BDB8-7ACD56D89593}" = Rosetta Stone Version 3
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.0 - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AD483998-2E9A-4405-83FF-6E503AF49CBB}" = Microsoft Virtual PC 2007 SP1
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B7DBF6E8-0D17-4BE4-853B-ACD6EFBD4A1F}" = iTunes
"{BCF16F16-AC0E-4ABE-A9EF-412CF484BA51}" = Windows Live Family Safety
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DFB9FD6D-08A7-4B26-AAC8-3163D6EEF739}" = CUE Splitter
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E7044E25-3038-4A76-9064-344AC038043E}" = Windows Mobile-Gerätecenter: Treiberupdate
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F2CB8C3C-9C9E-4FAB-9067-655601C5F748}" = Windows Mobile Device Updater Component
"{F916C6DF-2601-4385-9500-C45FF398D4CB}" = Install(GE)
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"5513-1208-7298-9440" = JDownloader 0.9
"abgx360" = abgx360 v1.0.4
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}" = Adobe Photoshop CS2
"Ashampoo Burning Studio 6" = Ashampoo Burning Studio 6
"CCleaner" = CCleaner (remove only)
"CloneCD" = CloneCD
"DivX Setup" = DivX-Setup
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.02
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2
"funmoods" = Funmoods on IE and Chrome
"iBackupBot for iTunes" = iBackupBot for iTunes 3.5.1
"InstallWIX_{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"iPhoneBackupExtractor" = iPhone Backup Extractor
"Logitech Print Service" = Logitech Print Service
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"ManyCam" = ManyCam 2.4 (remove only)
"Medion GoPal Assistant" = Medion GoPal Assistant 4.03.006
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox (3.6.27)" = Mozilla Firefox (3.6.27)
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"TeamViewer 6" = TeamViewer 6
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.0.5
"WBFS Manager 3.0" = WBFS Manager 3.0
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinLiveSuite" = Windows Live Essentials
"winscp3_is1" = WinSCP 4.3.2
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"360WAVESPATCHERCLT" = 360WavesPatcher (Client setup)
"Google Chrome" = Google Chrome
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >
         
--- --- ---




OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 04.03.2012 23:51:09 - Run 1
OTL by OldTimer - Version 3.2.35.1     Folder = C:\Users\Denis\Downloads
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,81 Gb Available Physical Memory | 60,23% Memory free
6,00 Gb Paging File | 4,73 Gb Available in Paging File | 78,82% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 453,36 Gb Total Space | 205,73 Gb Free Space | 45,38% Space Free | Partition Type: NTFS
Drive D: | 12,39 Gb Total Space | 1,71 Gb Free Space | 13,76% Space Free | Partition Type: NTFS
 
Computer Name: DENIS-PC | User Name: Denis | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Denis\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\IpsosLSPService\IpsosLspService.exe (Ipsos)
PRC - C:\Program Files\IpsosLSPService\Ipsos-WatchDog.exe ()
PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
PRC - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtblfs.exe (Kaspersky Lab ZAO)
PRC - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe (Logitech)
PRC - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\nvraidservice.exe (NVIDIA Corporation)
PRC - C:\Program Files\Logitech\Video\LogiTray.exe (Logitech Inc.)
PRC - C:\Program Files\Logitech\Video\FxSvr2.exe (Logitech Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files\Mozilla Firefox\js3250.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files\IpsosLSPService\Ipsos-WatchDog.exe ()
MOD - C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Windows\System32\Macromed\Flash\NPSWF32.dll ()
MOD - C:\Program Files\Logitech\Desktop Messenger\8876480\6.1.4.68-8876480L\Program\bwfiles.dll ()
MOD - C:\Program Files\Logitech\Desktop Messenger\8876480\6.1.4.68-8876480L\Program\BWScriptExt.dll ()
MOD - C:\Program Files\Logitech\Desktop Messenger\8876480\6.1.4.68-8876480L\Program\clntutil.dll ()
MOD - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\bwscriptext-8876480.dll ()
MOD - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWfiles-8876480.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (IpsosLSPService) -- C:\Program Files\IpsosLSPService\IpsosLspService.exe (Ipsos)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (TeamViewer6) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (AVP) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
SRV - (npggsvc) -- C:\Windows\System32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Stereo Service) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (RimUsb) --  File not found
DRV - (PORTIO) --  File not found
DRV - (motmodem) --  File not found
DRV - (MotDev) --  File not found
DRV - (motccgpfl) --  File not found
DRV - (motccgp) --  File not found
DRV - (agwi08xk) --  File not found
DRV - (KLIF) -- C:\Windows\System32\drivers\klif.sys (Kaspersky Lab)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (vmm) -- C:\Windows\System32\drivers\VMM.sys (Microsoft Corporation)
DRV - (kl2) -- C:\Windows\System32\drivers\kl2.sys (Kaspersky Lab ZAO)
DRV - (KL1) -- C:\Windows\system32\DRIVERS\kl1.sys (Kaspersky Lab ZAO)
DRV - (androidusb) -- C:\Windows\System32\drivers\androidusb.sys (Google Inc)
DRV - (KLIM6) -- C:\Windows\System32\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (klmouflt) -- C:\Windows\System32\drivers\klmouflt.sys (Kaspersky Lab)
DRV - (nvstor32) -- C:\Windows\system32\DRIVERS\nvstor32.sys (NVIDIA Corporation)
DRV - (nvrd32) -- C:\Windows\system32\DRIVERS\nvrd32.sys (NVIDIA Corporation)
DRV - (NVNET) -- C:\Windows\System32\drivers\nvmf6232.sys (NVIDIA Corporation)
DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (adicvls) -- C:\Windows\System32\drivers\adicvls.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvm62x32.sys (NVIDIA Corporation)
DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation)
DRV - (EverestDriver) -- C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt ()
DRV - (FTDIBUS) -- C:\Windows\System32\drivers\ftdibus.sys (FTDI Ltd.)
DRV - (FTSER2K) -- C:\Windows\System32\drivers\ftser2k.sys (FTDI Ltd.)
DRV - (PORTIO64) -- C:\Users\Denis\Desktop\162201798 Bluescreen^\JungleFlasher v0.1.76 Beta (166)\portio32.sys ()
DRV - (VPCNetS2) -- C:\Windows\System32\drivers\VMNetSrv.sys (Microsoft Corporation)
DRV - (ManyCam) -- C:\Windows\System32\drivers\ManyCam.sys (ManyCam LLC.)
DRV - (LVUSBSta) -- C:\Windows\System32\drivers\LVUSBSta.sys (Logitech Inc.)
DRV - (PID_PEPI) Logitech QuickCam IM(PID_PEPI) -- C:\Windows\System32\drivers\LV302V32.SYS (Logitech Inc.)
DRV - (pepifilter) -- C:\Windows\System32\drivers\lv302af.sys (Logitech Inc.)
DRV - (ElbyCDFL) -- C:\Windows\System32\drivers\ElbyCDFL.sys (SlySoft, Inc.)
DRV - (NPPTNT2) -- C:\Windows\System32\npptNT2.sys (INCA Internet Co., Ltd.)
DRV - (mamotou) -- C:\Windows\System32\drivers\mamotou.sys (Mobile Action Technology Inc.)
DRV - (MaVctrl) -- C:\Windows\System32\drivers\MaVc2K.sys (Mobile Action Technology Inc.)
DRV - (sscdmdm) -- C:\Windows\System32\drivers\sscdmdm.sys (MCCI)
DRV - (sscdmdfl) -- C:\Windows\System32\drivers\sscdmdfl.sys (MCCI)
DRV - (sscdbus) SAMSUNG USB Composite Device driver (WDM) -- C:\Windows\System32\drivers\sscdbus.sys (MCCI)
DRV - (portio32) -- C:\Windows\System32\drivers\portio32.sys ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.funmoods.com/?f=1&a=ddrnw
IE - HKCU\..\SearchScopes,DefaultScope = {D7C9BE5D-96D6-4931-A98D-6535741D2073}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{D7C9BE5D-96D6-4931-A98D-6535741D2073}: "URL" = hxxp://start.funmoods.com/results.php?f=4&a=ddrnw&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost;*.local
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://start.funmoods.com/?f=1&a=ddrnw"
FF - prefs.js..extension.gacela.network.proxy.autoconfig_url: ""
FF - prefs.js..extension.gacela.network.proxy.type: 5
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2
FF - prefs.js..extensions.enabledItems: DeviceDetection@logitech.com:1.0.176.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: virtualKeyboard@kaspersky.ru:11.0.2.579
FF - prefs.js..extensions.enabledItems: KavAntiBanner@Kaspersky.ru:11.0.2.579
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:11.0.2.579
FF - prefs.js..extensions.enabledItems: {bb6bc1bb-f824-4702-90cd-35e2fb24f25d}:1.5.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}:6.0.30
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru [2011.06.01 15:12:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru [2011.06.01 15:12:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru [2011.06.01 15:12:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 2.0.0.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.02.19 00:40:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 2.0.0.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.02.19 00:40:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.27\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.02.19 00:40:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.27\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.02.19 00:40:50 | 000,000,000 | ---D | M]
 
[2010.12.27 22:11:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Denis\AppData\Roaming\mozilla\Extensions
[2010.12.27 22:11:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Denis\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2012.03.03 20:20:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Denis\AppData\Roaming\mozilla\Firefox\Profiles\ig79n0ej.default\extensions
[2012.01.25 20:27:37 | 000,000,000 | ---D | M] (Cookies Manager+) -- C:\Users\Denis\AppData\Roaming\mozilla\Firefox\Profiles\ig79n0ej.default\extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d}
[2010.06.29 13:14:16 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Denis\AppData\Roaming\mozilla\Firefox\Profiles\ig79n0ej.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.03.23 20:42:03 | 000,000,000 | ---D | M] ("Logitechs enhetsidentifiering") -- C:\Users\Denis\AppData\Roaming\mozilla\Firefox\Profiles\ig79n0ej.default\extensions\DeviceDetection@logitech.com
[2012.02.04 23:27:58 | 000,001,799 | ---- | M] () -- C:\Users\Denis\AppData\Roaming\Mozilla\Firefox\Profiles\ig79n0ej.default\searchplugins\funmoods.xml
[2012.02.12 20:18:08 | 000,000,944 | ---- | M] () -- C:\Users\Denis\AppData\Roaming\Mozilla\Firefox\Profiles\ig79n0ej.default\searchplugins\icqplugin.xml
[2012.03.03 20:20:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010.09.08 12:35:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.09.09 14:27:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2012.02.05 15:06:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
[2011.04.09 11:57:05 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Program Files\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak
[2011.04.09 11:57:04 | 000,000,000 | ---D | M] (Modul zur Link-Untersuchung) -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak
[2011.06.01 15:12:25 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\PROGRAM FILES\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 2011\FFEXT\KAVANTIBANNER@KASPERSKY.RU
[2011.06.01 15:12:25 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\PROGRAM FILES\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 2011\FFEXT\LINKFILTER@KASPERSKY.RU
[2011.06.01 15:12:25 | 000,000,000 | ---D | M] (Kaspersky Virtual Keyboard) -- C:\PROGRAM FILES\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 2011\FFEXT\VIRTUALKEYBOARD@KASPERSKY.RU
[2012.02.05 15:05:52 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.11.16 19:08:37 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.11.16 19:08:37 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.11.16 19:08:37 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.11.16 19:08:37 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.11.16 19:08:37 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Search ()
CHR - default_search_provider: search_url = hxxp://start.funmoods.com/results.php?f=4&a=ddrnw&q={searchTerms}
CHR - default_search_provider: suggest_url = 
 
O1 HOSTS File: ([2012.02.26 13:30:16 | 000,000,908 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Funmoods Helper Object) - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\Program Files\Funmoods\funmoods\1.5.11.16\bh\funmoods.dll (Funmoods BHO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKLM\..\Toolbar: (Funmoods Toolbar) - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\Program Files\Funmoods\funmoods\1.5.11.16\funmoodsTlbr.dll (Funmoods)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [CloneCDTray] C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Ipsos-WatchDog] C:\Program Files\IpsosLSPService\Ipsos-WatchDog.exe ()
O4 - HKLM..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe (Logitech Inc.)
O4 - HKLM..\Run: [NVRaidService] C:\Windows\System32\nvraidservice.exe (NVIDIA Corporation)
O4 - HKCU..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe (Logitech)
O4 - HKCU..\Run: [LogitechSoftwareUpdate] C:\Program Files\Logitech\Video\ManifestEngine.exe (Logitech Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm ()
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\IpsosLSPService.DLL (Ipsos)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\IpsosLSPService.DLL (Ipsos)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\IpsosLSPService.DLL (Ipsos)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\IpsosLSPService.DLL (Ipsos)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\IpsosLSPService.DLL (Ipsos)
O13 - gopher Prefix: missing
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C7F6E9DD-45E0-45DC-92D8-E69FD6ADBC9C}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\kloehk.dll (Kaspersky Lab ZAO)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - Winlogon\Notify\klogon: DllName - (C:\Windows\system32\klogon.dll) - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.03.04 23:46:28 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{3DC97ED5-ECB5-46E9-9C13-B890996B8166}
[2012.03.04 23:46:03 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{671F8047-B183-4DFC-ADD4-3A6D7BB047BB}
[2012.03.03 20:08:37 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{A20BA561-70E5-4E75-8AFB-44789A568A30}
[2012.03.03 20:08:26 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{AABD194A-6441-4D35-B0D9-0400F2E0BB38}
[2012.03.02 15:39:58 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{B5B6F9CB-2DBE-43D5-BD09-897566FA8F8F}
[2012.03.02 15:39:34 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{F0083F0D-D257-40C0-A404-10E66230585A}
[2012.02.28 15:01:19 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{D6C83A43-F4E0-4230-B8D8-7CFD34035A05}
[2012.02.28 15:01:08 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{21C38D8B-BF82-4FD3-9F44-040A336C9C67}
[2012.02.26 13:32:15 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\Macroplant
[2012.02.26 13:22:45 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{0ED54341-D35F-4487-990F-67F3DB311C8A}
[2012.02.26 13:22:33 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{D5CB14F0-D523-47E6-8B03-A86AA9FEC4C8}
[2012.02.25 17:25:01 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{D48427B3-E34A-4B1A-95EB-6ED1D988170E}
[2012.02.25 17:24:48 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{337BB84C-0A63-4814-B5BE-DCF1F3161452}
[2012.02.24 16:39:51 | 000,000,000 | ---D | C] -- C:\Users\Denis\Desktop\Созвездие Dfm Super Сборник Хитов 5050 (2012)
[2012.02.24 16:36:49 | 000,000,000 | ---D | C] -- C:\Users\Denis\Desktop\VIVA Club Rotation Vol. 51
[2012.02.24 15:27:00 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{0389096A-EA52-4EF1-88EB-C5CEEBC9DB29}
[2012.02.24 15:26:46 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{C8FA226C-11A3-4347-A4CF-80A8F03EA00F}
[2012.02.21 23:25:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iExplorer
[2012.02.21 23:24:59 | 000,000,000 | ---D | C] -- C:\Program Files\iExplorer
[2012.02.21 22:58:22 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{C6AB5B45-323F-4960-9004-A016D6842CFC}
[2012.02.21 22:57:24 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{EC5A865F-9FE8-4DB2-9C0A-E921FA5A0105}
[2012.02.18 21:25:53 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{7B3D98FC-0B96-4C6B-A50B-922022BFD49D}
[2012.02.18 21:25:29 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{729B7C3F-2774-4116-BE99-92E0395B8AB6}
[2012.02.16 15:06:55 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2012.02.16 15:06:55 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.02.16 15:06:55 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012.02.16 15:06:55 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.02.16 15:06:54 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.02.16 15:06:54 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012.02.16 15:06:54 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012.02.16 15:06:54 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.02.16 15:06:54 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012.02.16 15:06:54 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.02.16 15:06:54 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012.02.16 15:06:54 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012.02.16 15:06:53 | 002,340,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.02.16 15:01:08 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{9EE83D64-77A1-4392-B4A3-3816E1004552}
[2012.02.16 15:00:33 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{A0332D8F-ECD4-4346-A0BB-8E8F5CCB774A}
[2012.02.14 16:48:55 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{E1FF2427-0B53-4879-B7A8-5AED3C45D9E7}
[2012.02.14 16:48:40 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{2390D103-7CCF-44F5-B940-D2962CCC3D78}
[2012.02.13 11:25:16 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{432927DA-8700-4FBD-9E8E-9BCC0BF5F47A}
[2012.02.13 11:24:53 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{9DED5E7A-8FE2-44F2-8D9D-405AFD0C98F6}
[2012.02.12 20:04:02 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{A2F97A69-CAE6-4058-8F89-F2B10C1C9589}
[2012.02.12 20:03:46 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{264348A2-C27B-4562-B3D9-B6C43ADBBC36}
[2012.02.10 17:18:40 | 000,000,000 | ---D | C] -- C:\Users\Denis\Desktop\Танцевальная Империя 2 5050 (2012)
[2012.02.10 16:24:39 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{530470EE-808F-45C0-AB2D-DA50BDA44507}
[2012.02.10 16:24:25 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{8180693E-FD51-43EE-A179-B6494D3EB893}
[2012.02.05 15:08:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012.02.05 15:06:11 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012.02.05 15:06:11 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012.02.05 15:06:10 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2012.02.05 14:58:59 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Roaming\VitySoft
[2012.02.05 14:49:49 | 000,000,000 | ---D | C] -- C:\Program Files\JDownloader
[2012.02.05 14:46:15 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{4F5D9109-3B46-4016-B526-53EE0A64AA40}
[2012.02.05 14:45:53 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{B278C5E0-0069-4D32-9CE6-9641D5FD5723}
[2012.02.04 23:28:05 | 000,000,000 | ---D | C] -- C:\Program Files\Funmoods
[2012.02.04 22:09:06 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll
[2012.02.04 22:09:06 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2012.02.04 22:04:30 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{D89D68A0-3A43-4A5E-9318-FD03D1590C64}
[2012.02.04 22:04:13 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{FF4870AC-06E6-481F-BE7E-7599C467EBBA}
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.03.04 23:53:08 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.03.04 23:53:08 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.03.04 23:45:12 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.03.04 23:44:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.03.04 23:44:42 | 2415,304,704 | -HS- | M] () -- C:\hiberfil.sys
[2012.03.03 21:16:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.03.02 15:43:13 | 000,001,033 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.02.28 18:24:50 | 000,000,600 | ---- | M] () -- C:\Users\Denis\AppData\Roaming\winscp.rnd
[2012.02.26 13:30:16 | 000,000,908 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012.02.26 13:30:16 | 000,000,907 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.umbrella
[2012.02.24 17:53:31 | 000,690,026 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.02.24 17:53:31 | 000,655,028 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.02.24 17:53:31 | 000,148,654 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.02.24 17:53:31 | 000,121,900 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.02.24 17:04:12 | 004,799,375 | ---- | M] () -- C:\Users\Denis\Desktop
[2012.02.21 23:25:00 | 000,000,943 | ---- | M] () -- C:\Users\Public\Desktop\iExplorer.lnk
[2012.02.18 21:23:34 | 000,419,824 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.02.05 15:05:51 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2012.02.05 15:05:51 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012.02.05 15:05:51 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012.02.05 15:05:51 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2012.02.05 14:50:36 | 000,001,949 | ---- | M] () -- C:\Users\Denis\Desktop\JDownloader.lnk
[2012.02.04 23:28:10 | 000,000,050 | ---- | M] () -- C:\user.js
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.03.03 21:44:43 | 737,396,736 | ---- | C] () -- C:\Users\Denis\Desktop\Elki.2.2011.O.DVDRip.700MB.avi
[2012.03.03 21:23:43 | 000,433,311 | ---- | C] () -- C:\Users\Denis\Desktop\gjn_ktr2012.zip
[2012.03.02 15:43:13 | 000,001,033 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.02.24 17:03:58 | 004,799,375 | ---- | C] () -- C:\Users\Denis\Desktop
[2012.02.21 23:25:00 | 000,000,943 | ---- | C] () -- C:\Users\Public\Desktop\iExplorer.lnk
[2012.02.05 14:50:36 | 000,001,949 | ---- | C] () -- C:\Users\Denis\Desktop\JDownloader.lnk
[2012.02.05 14:50:24 | 000,001,913 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2012.02.05 14:50:24 | 000,001,857 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
[2012.02.05 14:50:24 | 000,001,836 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2012.02.04 23:28:10 | 000,000,050 | ---- | C] () -- C:\user.js
[2012.01.22 00:13:00 | 000,003,128 | ---- | C] () -- C:\Windows\System32\IpsosLSPService.ini
[2012.01.22 00:13:00 | 000,001,824 | ---- | C] () -- C:\Windows\System32\GacelaLSPServiceOff.ini
[2011.04.26 02:15:05 | 000,000,600 | ---- | C] () -- C:\Users\Denis\AppData\Roaming\winscp.rnd
[2011.04.09 11:56:52 | 000,115,369 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2011.04.09 11:56:52 | 000,097,961 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2010.11.24 01:13:28 | 002,493,643 | ---- | C] () -- C:\Windows\System32\abgx360.exe
[2010.05.25 22:34:43 | 000,139,432 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2010.03.21 18:01:29 | 000,000,536 | ---- | C] () -- C:\Windows\_delis32.ini
[2010.03.21 18:01:08 | 000,081,920 | R--- | C] () -- C:\Windows\bwUnin-6.1.4.68-8876480L.exe

< End of report >
         
--- --- ---
__________________

Alt 05.03.2012, 06:54   #4
Chris4You
 
RunDll fehler /AppData/Roaming.... - Standard

RunDll fehler /AppData/Roaming....



Hi,

hmm, ich weis noch nicht was ich davon halten soll...
winscp.rnd ist von WinSCP Portable (hast Du das im Einsatz)? und gjn_ktr2012.zip ist wohl
zum zurücksetzen des Trialmodes von Kasperksy...?

Weiterhin viele unbekannte ClassIds...
[2012.03.04 23:46:28 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{3DC97ED5-ECB5-46E9-9C13-B890996B8166}
[2012.03.04 23:46:03 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{671F8047-B183-4DFC-ADD4-3A6D7BB047BB}
[2012.03.03 20:08:37 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{A20BA561-70E5-4E75-8AFB-44789A568A30}
[2012.03.03 20:08:26 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{AABD194A-6441-4D35-B0D9-0400F2E0BB38}
[2012.03.02 15:39:58 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{B5B6F9CB-2DBE-43D5-BD09-897566FA8F8F}
[2012.03.02 15:39:34 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{F0083F0D-D257-40C0-A404-10E66230585A}
[2012.02.28 15:01:19 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{D6C83A43-F4E0-4230-B8D8-7CFD34035A05}
[2012.02.28 15:01:08 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{21C38D8B-BF82-4FD3-9F44-040A336C9C67}
...

Fix für OTL:
  • Doppelklick auf die OTL.exe, um das Programm auszuführen.
  • Vista/Win7-User bitte per Rechtsklick und "Ausführen als Administrator" starten.
  • Kopiere den Inhalt der folgenden Codebox komplett in die OTL-Box unter "Custom Scan/Fixes"

Code:
ATTFilter
:OTL
DRV - (RimUsb) --  File not found
DRV - (PORTIO) --  File not found
DRV - (motmodem) --  File not found
DRV - (MotDev) --  File not found
DRV - (motccgpfl) --  File not found
DRV - (motccgp) --  File not found
DRV - (agwi08xk) --  File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

:Commands
[emptytemp]
[Reboot]
         
  • Den roten Run Fixes! Button anklicken.
  • Bitte alles aus dem Ergebnisfenster (Results) herauskopieren.
  • Eine Kopie eines OTL-Fix-Logs wird in einer Textdatei in folgendem Ordner gespeichert:
  • %systemroot%\_OTL

chris
__________________
Don't bring me down
Vor dem posten beachten!
Spenden
(Wer spenden will, kann sich gerne melden )

Alt 05.03.2012, 07:50   #5
Denni
 
RunDll fehler /AppData/Roaming.... - Standard

RunDll fehler /AppData/Roaming....



Danke !
also winscp ist fürs iphone , zum Herstellen einer SCP VErbindung !
Das von Kaspersky... ich nutz nicht mal 2012
weiss auch nicht so recht kann ja die Datei löschen!
Werde die Schritte ausführen wenn ich zu Hause bin und dann berichten.


Alt 05.03.2012, 15:39   #6
Denni
 
RunDll fehler /AppData/Roaming.... - Standard

RunDll fehler /AppData/Roaming....



So:
All processes killed
========== OTL ==========
Service RimUsb stopped successfully!
Service RimUsb deleted successfully!
File File not found not found.
Service PORTIO stopped successfully!
Service PORTIO deleted successfully!
File File not found not found.
Service motmodem stopped successfully!
Service motmodem deleted successfully!
File File not found not found.
Service MotDev stopped successfully!
Service MotDev deleted successfully!
File File not found not found.
Service motccgpfl stopped successfully!
Service motccgpfl deleted successfully!
File File not found not found.
Service motccgp stopped successfully!
Service motccgp deleted successfully!
File File not found not found.
Error: No service named agwi08xk was found to stop!
Service\Driver key agwi08xk not found.
File File not found not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Denis
->Temp folder emptied: 1654201376 bytes
->Temporary Internet Files folder emptied: 5343184 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 95225125 bytes
->Google Chrome cache emptied: 32309864 bytes
->Flash cache emptied: 23934 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 367616 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 81324164 bytes
RecycleBin emptied: 4020158 bytes

Total Files Cleaned = 1.786,00 mb


OTL by OldTimer - Version 3.2.35.1 log created on 03052012_162513

Files\Folders moved on Reboot...
C:\Users\Denis\AppData\Local\Temp\IadHide4.dll moved successfully.
File move failed. C:\Windows\S14E1BD0A.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\temp\GacelaLSPService.log scheduled to be moved on reboot.
File\Folder C:\Windows\temp\TMP000000019847D9EBD216F3DE not found!

Registry entries deleted on Reboot...

Alt 05.03.2012, 15:51   #7
Chris4You
 
RunDll fehler /AppData/Roaming.... - Standard

RunDll fehler /AppData/Roaming....



Hi,

ich traue dem Frieden noch nicht...

Prevx:
Das Tool neigt zu Fehlalarmen und kann in der freien Version auch nichts löschen, ist aber sonst recht gut... (und läuft auch auf 64Bit-Plattformen)
Prevx 3.0 for Home and Family
Falls das Tool was findet, nicht das Log posten sondern einen Screenshot des dann angezeigten Fensters...

TDSS-Killer
Download und Anweisung unter: Wie werden Schadprogramme der Familie Rootkit.Win32.TDSS bekämpft?
Entpacke alle Dateien in einem eigenen Verzeichnis (z. B: C:\TDSS)!
Aufruf über den Explorer duch Doppelklick auf die TDSSKiller.exe.
Stelle den Killer wir folgt ein:

Dann den Scan starten durch (Start Scan).
Wenn der Scan fertig ist bitte "Report" anwählen (eventuelle Funde erstmal mit Skip übergehen). Es öffnet sich ein Fenster, den Text abkopieren und hier posten...

MBR-Check
Lade Dir http://ad13.geekstogo.com/MBRCheck.exe und speichere die Datei auf dem Desktop.
  • Doppelklick auf die MBRCheck.exe.
  • Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Das Tool braucht nur eine Sekunde.
  • Danach solltest du eine MBRCheck_<Datum>_<Uhrzeit>.txt auf dem Desktop finden.
Poste bitte den Inhalt des .txt Dokumentes

chris
__________________
Don't bring me down
Vor dem posten beachten!
Spenden
(Wer spenden will, kann sich gerne melden )

Alt 05.03.2012, 16:14   #8
Denni
 
RunDll fehler /AppData/Roaming.... - Standard

RunDll fehler /AppData/Roaming....



hallo, also prevx findet schonmal nichts.
TDSS hat einiges gefunden wie es aussah es gab einige Punkten zum skippen
17:06:07.0887 5780 TDSS rootkit removing tool 2.7.19.0 Mar 5 2012 11:23:39
17:06:08.0103 5780 ============================================================
17:06:08.0103 5780 Current date / time: 2012/03/05 17:06:08.0103
17:06:08.0103 5780 SystemInfo:
17:06:08.0103 5780
17:06:08.0103 5780 OS Version: 6.1.7600 ServicePack: 0.0
17:06:08.0103 5780 Product type: Workstation
17:06:08.0103 5780 ComputerName: DENIS-PC
17:06:08.0103 5780 UserName: Denis
17:06:08.0103 5780 Windows directory: C:\Windows
17:06:08.0103 5780 System windows directory: C:\Windows
17:06:08.0103 5780 Processor architecture: Intel x86
17:06:08.0103 5780 Number of processors: 3
17:06:08.0103 5780 Page size: 0x1000
17:06:08.0103 5780 Boot type: Normal boot
17:06:08.0103 5780 ============================================================
17:06:09.0506 5780 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:06:09.0519 5780 \Device\Harddisk0\DR0:
17:06:09.0520 5780 MBR used
17:06:09.0520 5780 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x38ABAC30
17:06:09.0520 5780 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x38ABAC6F, BlocksNum 0x18C9FD2
17:06:09.0578 5780 Initialize success
17:06:09.0578 5780 ============================================================
17:06:12.0456 5684 ============================================================
17:06:12.0456 5684 Scan started
17:06:12.0456 5684 Mode: Manual;
17:06:12.0456 5684 ============================================================
17:06:13.0445 5684 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
17:06:13.0449 5684 1394ohci - ok
17:06:13.0497 5684 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
17:06:13.0503 5684 ACPI - ok
17:06:13.0541 5684 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
17:06:13.0543 5684 AcpiPmi - ok
17:06:13.0592 5684 adicvls (1a0b4fbbe344c681bc3302c8d6520fb7) C:\Windows\system32\DRIVERS\adicvls.sys
17:06:13.0595 5684 adicvls - ok
17:06:13.0663 5684 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
17:06:13.0672 5684 adp94xx - ok
17:06:13.0703 5684 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
17:06:13.0710 5684 adpahci - ok
17:06:13.0748 5684 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
17:06:13.0753 5684 adpu320 - ok
17:06:13.0816 5684 AFD (0db7a48388d54d154ebec120461a0fcd) C:\Windows\system32\drivers\afd.sys
17:06:13.0820 5684 AFD - ok
17:06:13.0843 5684 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
17:06:13.0845 5684 agp440 - ok
17:06:13.0889 5684 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
17:06:13.0932 5684 aic78xx - ok
17:06:13.0972 5684 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
17:06:13.0975 5684 aliide - ok
17:06:14.0001 5684 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
17:06:14.0004 5684 amdagp - ok
17:06:14.0029 5684 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
17:06:14.0032 5684 amdide - ok
17:06:14.0056 5684 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
17:06:14.0059 5684 AmdK8 - ok
17:06:14.0081 5684 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
17:06:14.0083 5684 AmdPPM - ok
17:06:14.0108 5684 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\Windows\system32\DRIVERS\amdsata.sys
17:06:14.0111 5684 amdsata - ok
17:06:14.0135 5684 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
17:06:14.0167 5684 amdsbs - ok
17:06:14.0193 5684 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\Windows\system32\DRIVERS\amdxata.sys
17:06:14.0196 5684 amdxata - ok
17:06:14.0251 5684 androidusb (db0feb51dfa00543bf381d2014550fa3) C:\Windows\system32\Drivers\androidusb.sys
17:06:14.0254 5684 androidusb - ok
17:06:14.0290 5684 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
17:06:14.0291 5684 AppID - ok
17:06:14.0478 5684 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
17:06:14.0481 5684 arc - ok
17:06:14.0505 5684 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
17:06:14.0508 5684 arcsas - ok
17:06:14.0582 5684 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
17:06:14.0583 5684 AsyncMac - ok
17:06:14.0603 5684 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
17:06:14.0604 5684 atapi - ok
17:06:14.0751 5684 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
17:06:14.0761 5684 b06bdrv - ok
17:06:14.0792 5684 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
17:06:14.0799 5684 b57nd60x - ok
17:06:14.0828 5684 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
17:06:14.0830 5684 Beep - ok
17:06:14.0876 5684 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
17:06:14.0878 5684 blbdrive - ok
17:06:14.0929 5684 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys
17:06:14.0932 5684 bowser - ok
17:06:14.0956 5684 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:06:14.0958 5684 BrFiltLo - ok
17:06:14.0981 5684 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:06:14.0983 5684 BrFiltUp - ok
17:06:15.0010 5684 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
17:06:15.0015 5684 Brserid - ok
17:06:15.0040 5684 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
17:06:15.0043 5684 BrSerWdm - ok
17:06:15.0070 5684 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:06:15.0072 5684 BrUsbMdm - ok
17:06:15.0091 5684 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
17:06:15.0092 5684 BrUsbSer - ok
17:06:15.0116 5684 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
17:06:15.0119 5684 BTHMODEM - ok
17:06:15.0169 5684 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
17:06:15.0170 5684 cdfs - ok
17:06:15.0211 5684 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
17:06:15.0213 5684 cdrom - ok
17:06:15.0266 5684 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
17:06:15.0269 5684 circlass - ok
17:06:15.0303 5684 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
17:06:15.0307 5684 CLFS - ok
17:06:15.0433 5684 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
17:06:15.0477 5684 CmBatt - ok
17:06:15.0620 5684 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
17:06:15.0623 5684 cmdide - ok
17:06:15.0670 5684 CNG (36c252e474b2ffa0f0fbbff20d92a640) C:\Windows\system32\Drivers\cng.sys
17:06:15.0678 5684 CNG - ok
17:06:15.0706 5684 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
17:06:15.0709 5684 Compbatt - ok
17:06:15.0741 5684 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
17:06:15.0743 5684 CompositeBus - ok
17:06:15.0787 5684 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
17:06:15.0789 5684 crcdisk - ok
17:06:15.0829 5684 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys
17:06:15.0834 5684 CSC - ok
17:06:15.0918 5684 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\Windows\system32\Drivers\dfsc.sys
17:06:15.0919 5684 DfsC - ok
17:06:15.0941 5684 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
17:06:15.0942 5684 discache - ok
17:06:16.0005 5684 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
17:06:16.0008 5684 Disk - ok
17:06:16.0078 5684 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
17:06:16.0080 5684 drmkaud - ok
17:06:16.0130 5684 DXGKrnl (8b6c3464d7fac176500061dbfff42ad4) C:\Windows\System32\drivers\dxgkrnl.sys
17:06:16.0135 5684 DXGKrnl - ok
17:06:16.0212 5684 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
17:06:16.0302 5684 ebdrv - ok
17:06:16.0378 5684 ElbyCDFL (ce37e3d51912e59c80c6d84337c0b4cd) C:\Windows\system32\Drivers\ElbyCDFL.sys
17:06:16.0381 5684 ElbyCDFL - ok
17:06:16.0486 5684 ElbyCDIO (aaa8999a169e39fb8b48ae49cd6ac30a) C:\Windows\system32\Drivers\ElbyCDIO.sys
17:06:16.0488 5684 ElbyCDIO - ok
17:06:16.0517 5684 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
17:06:16.0527 5684 elxstor - ok
17:06:16.0550 5684 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
17:06:16.0552 5684 ErrDev - ok
17:06:16.0689 5684 EverestDriver (eacd4cdffe66f4923ebb9685c21b55e5) C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt
17:06:16.0692 5684 EverestDriver - ok
17:06:16.0715 5684 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
17:06:16.0720 5684 exfat - ok
17:06:16.0744 5684 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
17:06:16.0749 5684 fastfat - ok
17:06:16.0787 5684 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
17:06:16.0790 5684 fdc - ok
17:06:16.0828 5684 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
17:06:16.0829 5684 FileInfo - ok
17:06:16.0854 5684 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
17:06:16.0858 5684 Filetrace - ok
17:06:16.0917 5684 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
17:06:16.0920 5684 flpydisk - ok
17:06:16.0952 5684 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
17:06:16.0955 5684 FltMgr - ok
17:06:16.0989 5684 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
17:06:16.0991 5684 FsDepends - ok
17:06:17.0075 5684 fssfltr (bfaaa92861526bb0adcd01e964ab6609) C:\Windows\system32\DRIVERS\fssfltr.sys
17:06:17.0078 5684 fssfltr - ok
17:06:17.0115 5684 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
17:06:17.0118 5684 Fs_Rec - ok
17:06:17.0155 5684 FTDIBUS (7c17235845d5ae3fb33ead47b5881521) C:\Windows\system32\drivers\ftdibus.sys
17:06:17.0158 5684 FTDIBUS - ok
17:06:17.0198 5684 FTSER2K (23220a4709cc5785f9633ba71416145c) C:\Windows\system32\drivers\ftser2k.sys
17:06:17.0202 5684 FTSER2K - ok
17:06:17.0251 5684 fvevol (5592f5dba26282d24d2b080eb438a4d7) C:\Windows\system32\DRIVERS\fvevol.sys
17:06:17.0257 5684 fvevol - ok
17:06:17.0296 5684 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
17:06:17.0299 5684 gagp30kx - ok
17:06:17.0368 5684 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:06:17.0371 5684 GEARAspiWDM - ok
17:06:17.0448 5684 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
17:06:17.0451 5684 hcw85cir - ok
17:06:17.0521 5684 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
17:06:17.0528 5684 HdAudAddService - ok
17:06:17.0573 5684 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
17:06:17.0576 5684 HDAudBus - ok
17:06:17.0598 5684 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
17:06:17.0601 5684 HidBatt - ok
17:06:17.0621 5684 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
17:06:17.0625 5684 HidBth - ok
17:06:17.0683 5684 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
17:06:17.0686 5684 HidIr - ok
17:06:17.0733 5684 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
17:06:17.0735 5684 HidUsb - ok
17:06:17.0768 5684 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
17:06:17.0772 5684 HpSAMD - ok
17:06:17.0818 5684 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
17:06:17.0840 5684 HTTP - ok
17:06:17.0860 5684 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
17:06:17.0861 5684 hwpolicy - ok
17:06:17.0946 5684 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
17:06:17.0950 5684 i8042prt - ok
17:06:17.0987 5684 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\DRIVERS\iaStorV.sys
17:06:17.0995 5684 iaStorV - ok
17:06:18.0027 5684 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
17:06:18.0030 5684 iirsp - ok
17:06:18.0064 5684 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
17:06:18.0067 5684 intelide - ok
17:06:18.0105 5684 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
17:06:18.0109 5684 intelppm - ok
17:06:18.0137 5684 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:06:18.0139 5684 IpFilterDriver - ok
17:06:18.0171 5684 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
17:06:18.0175 5684 IPMIDRV - ok
17:06:18.0207 5684 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
17:06:18.0209 5684 IPNAT - ok
17:06:18.0320 5684 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
17:06:18.0321 5684 IRENUM - ok
17:06:18.0348 5684 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
17:06:18.0351 5684 isapnp - ok
17:06:18.0399 5684 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
17:06:18.0405 5684 iScsiPrt - ok
17:06:18.0445 5684 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
17:06:18.0448 5684 kbdclass - ok
17:06:18.0470 5684 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
17:06:18.0473 5684 kbdhid - ok
17:06:18.0578 5684 KL1 (94d67d49bd9503bb1d838405d80f2058) C:\Windows\system32\DRIVERS\kl1.sys
17:06:18.0583 5684 KL1 - ok
17:06:18.0620 5684 kl2 (713576569667ac9e0f8556076004a96b) C:\Windows\system32\DRIVERS\kl2.sys
17:06:18.0623 5684 kl2 - ok
17:06:18.0732 5684 KLIF (39920d69eaedb51757527aa54fe25216) C:\Windows\system32\DRIVERS\klif.sys
17:06:18.0750 5684 KLIF - ok
17:06:18.0774 5684 KLIM6 (cf88b4985d957eee45c9939092e87c92) C:\Windows\system32\DRIVERS\klim6.sys
17:06:18.0776 5684 KLIM6 - ok
17:06:18.0846 5684 klmouflt (3de1771c135328420315e21dde229bba) C:\Windows\system32\DRIVERS\klmouflt.sys
17:06:18.0849 5684 klmouflt - ok
17:06:18.0886 5684 KSecDD (0263364acb9c834ace52fb85c2c064ec) C:\Windows\system32\Drivers\ksecdd.sys
17:06:18.0889 5684 KSecDD - ok
17:06:18.0936 5684 KSecPkg (27391db553be2a4e2b0adeea2873b2af) C:\Windows\system32\Drivers\ksecpkg.sys
17:06:18.0977 5684 KSecPkg - ok
17:06:19.0048 5684 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
17:06:19.0051 5684 lltdio - ok
17:06:19.0106 5684 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
17:06:19.0110 5684 LSI_FC - ok
17:06:19.0136 5684 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
17:06:19.0146 5684 LSI_SAS - ok
17:06:19.0168 5684 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:06:19.0172 5684 LSI_SAS2 - ok
17:06:19.0200 5684 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:06:19.0203 5684 LSI_SCSI - ok
17:06:19.0234 5684 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
17:06:19.0236 5684 luafv - ok
17:06:19.0315 5684 LVUSBSta (9e9306063ecd8aa91b3fb76678d3cee2) C:\Windows\system32\drivers\LVUSBSta.sys
17:06:19.0318 5684 LVUSBSta - ok
17:06:19.0388 5684 mamotou (406ea3b1bd43a2c14eeee06c49df0d5d) C:\Windows\system32\DRIVERS\mamotou.sys
17:06:19.0391 5684 mamotou - ok
17:06:19.0446 5684 ManyCam (c6d085c7045200143528136a43a65fde) C:\Windows\system32\DRIVERS\ManyCam.sys
17:06:19.0448 5684 ManyCam - ok
17:06:19.0517 5684 MaVctrl (1b467fb39d6ee0e7f1970eee5fc07121) C:\Windows\system32\DRIVERS\MaVc2K.sys
17:06:19.0519 5684 MaVctrl - ok
17:06:19.0553 5684 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
17:06:19.0556 5684 megasas - ok
17:06:19.0592 5684 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
17:06:19.0599 5684 MegaSR - ok
17:06:19.0641 5684 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
17:06:19.0642 5684 Modem - ok
17:06:19.0675 5684 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
17:06:19.0676 5684 monitor - ok
17:06:19.0702 5684 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
17:06:19.0705 5684 mouclass - ok
17:06:19.0743 5684 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
17:06:19.0745 5684 mouhid - ok
17:06:19.0772 5684 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
17:06:19.0782 5684 mountmgr - ok
17:06:19.0808 5684 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
17:06:19.0813 5684 mpio - ok
17:06:19.0833 5684 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
17:06:19.0835 5684 mpsdrv - ok
17:06:19.0862 5684 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
17:06:19.0864 5684 MRxDAV - ok
17:06:19.0917 5684 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:06:19.0921 5684 mrxsmb - ok
17:06:19.0961 5684 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:06:19.0965 5684 mrxsmb10 - ok
17:06:19.0991 5684 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:06:19.0993 5684 mrxsmb20 - ok
17:06:20.0018 5684 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
17:06:20.0021 5684 msahci - ok
17:06:20.0042 5684 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
17:06:20.0046 5684 msdsm - ok
17:06:20.0093 5684 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
17:06:20.0094 5684 Msfs - ok
17:06:20.0128 5684 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
17:06:20.0163 5684 mshidkmdf - ok
17:06:20.0189 5684 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
17:06:20.0193 5684 msisadrv - ok
17:06:20.0252 5684 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
17:06:20.0254 5684 MSKSSRV - ok
17:06:20.0293 5684 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
17:06:20.0295 5684 MSPCLOCK - ok
17:06:20.0327 5684 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
17:06:20.0328 5684 MSPQM - ok
17:06:20.0357 5684 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
17:06:20.0363 5684 MsRPC - ok
17:06:20.0387 5684 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
17:06:20.0389 5684 mssmbios - ok
17:06:20.0440 5684 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
17:06:20.0442 5684 MSTEE - ok
17:06:20.0465 5684 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
17:06:20.0468 5684 MTConfig - ok
17:06:20.0494 5684 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
17:06:20.0496 5684 Mup - ok
17:06:20.0549 5684 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
17:06:20.0557 5684 NativeWifiP - ok
17:06:20.0649 5684 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
17:06:20.0733 5684 NDIS - ok
17:06:20.0764 5684 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
17:06:20.0768 5684 NdisCap - ok
17:06:20.0807 5684 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
17:06:20.0810 5684 NdisTapi - ok
17:06:20.0843 5684 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
17:06:20.0846 5684 Ndisuio - ok
17:06:20.0871 5684 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
17:06:20.0873 5684 NdisWan - ok
17:06:20.0908 5684 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
17:06:20.0911 5684 NDProxy - ok
17:06:20.0953 5684 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
17:06:20.0956 5684 NetBIOS - ok
17:06:20.0980 5684 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
17:06:20.0987 5684 NetBT - ok
17:06:21.0090 5684 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
17:06:21.0094 5684 nfrd960 - ok
17:06:21.0119 5684 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
17:06:21.0120 5684 Npfs - ok
17:06:21.0254 5684 NPPTNT2 (9131fe60adfab595c8da53ad6a06aa31) C:\Windows\system32\npptNT2.sys
17:06:21.0260 5684 NPPTNT2 - ok
17:06:21.0284 5684 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
17:06:21.0287 5684 nsiproxy - ok
17:06:21.0344 5684 Ntfs (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers\Ntfs.sys
17:06:21.0377 5684 Ntfs - ok
17:06:21.0403 5684 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
17:06:21.0405 5684 Null - ok
17:06:21.0460 5684 NVENETFD (b5e37e31c053bc9950455a257526514b) C:\Windows\system32\DRIVERS\nvm62x32.sys
17:06:21.0468 5684 NVENETFD - ok
17:06:21.0732 5684 nvlddmkm (712d98d35e68d0006b121f4a3b8ee814) C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:06:21.0950 5684 nvlddmkm - ok
17:06:22.0012 5684 NVNET (5bf9c11586f4764446407f509f1beca8) C:\Windows\system32\DRIVERS\nvmf6232.sys
17:06:22.0019 5684 NVNET - ok
17:06:22.0058 5684 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\DRIVERS\nvraid.sys
17:06:22.0063 5684 nvraid - ok
17:06:22.0107 5684 nvrd32 (6f922993c8aa8bf555b0a8428aab5731) C:\Windows\system32\DRIVERS\nvrd32.sys
17:06:22.0112 5684 nvrd32 - ok
17:06:22.0211 5684 nvsmu (f13618f0cb1e95232f4c2401592a59e9) C:\Windows\system32\DRIVERS\nvsmu.sys
17:06:22.0213 5684 nvsmu - ok
17:06:22.0404 5684 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\DRIVERS\nvstor.sys
17:06:22.0410 5684 nvstor - ok
17:06:22.0462 5684 nvstor32 (269de658deaf032564e8b6430b5bd170) C:\Windows\system32\DRIVERS\nvstor32.sys
17:06:22.0465 5684 nvstor32 - ok
17:06:22.0559 5684 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
17:06:22.0563 5684 nv_agp - ok
17:06:22.0675 5684 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
17:06:22.0680 5684 ohci1394 - ok
17:06:22.0756 5684 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
17:06:22.0758 5684 Parport - ok
17:06:22.0776 5684 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
17:06:22.0778 5684 partmgr - ok
17:06:22.0797 5684 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
17:06:22.0800 5684 Parvdm - ok
17:06:22.0832 5684 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
17:06:22.0836 5684 pci - ok
17:06:22.0862 5684 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
17:06:22.0865 5684 pciide - ok
17:06:22.0894 5684 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
17:06:22.0900 5684 pcmcia - ok
17:06:22.0923 5684 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
17:06:22.0925 5684 pcw - ok
17:06:22.0956 5684 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
17:06:22.0977 5684 PEAUTH - ok
17:06:23.0020 5684 pepifilter (d30eda6e1ab3c8c82f2ca085ab79040a) C:\Windows\system32\DRIVERS\lv302af.sys
17:06:23.0023 5684 pepifilter - ok
17:06:23.0137 5684 PID_PEPI (0da6c5e0c8da6cebe52daacfe7ae9de6) C:\Windows\system32\DRIVERS\LV302V32.SYS
17:06:23.0172 5684 PID_PEPI - ok
17:06:23.0252 5684 portio32 (09687a361c9f1418973a4ae17d2f52cc) C:\Windows\system32\drivers\portio32.sys
17:06:23.0254 5684 portio32 - ok
17:06:23.0426 5684 PORTIO64 (5f86f324faa18c31a3ef3805169e508a) C:\Users\Denis\Desktop\162201798 Bluescreen^\JungleFlasher v0.1.76 Beta (166)\portio32.sys
17:06:23.0428 5684 PORTIO64 - ok
17:06:23.0462 5684 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
17:06:23.0465 5684 PptpMiniport - ok
17:06:23.0488 5684 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
17:06:23.0492 5684 Processor - ok
17:06:23.0524 5684 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
17:06:23.0527 5684 Psched - ok
17:06:23.0608 5684 pxkbf (0c738845c7c12c45f05b127edff2cc87) C:\Windows\system32\drivers\pxkbf.sys
17:06:23.0609 5684 pxkbf - ok
17:06:23.0640 5684 pxrts (04d1c97a0818f9378eeaa793a09f8202) C:\Windows\system32\drivers\pxrts.sys
17:06:23.0642 5684 pxrts - ok
17:06:23.0690 5684 pxscan (e6e1f9f717feab3e16c3b160b17e6855) C:\Windows\system32\drivers\pxscan.sys
17:06:23.0691 5684 pxscan - ok
17:06:23.0750 5684 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
17:06:23.0786 5684 ql2300 - ok
17:06:23.0816 5684 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
17:06:23.0819 5684 ql40xx - ok
17:06:23.0845 5684 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
17:06:23.0846 5684 QWAVEdrv - ok
17:06:23.0875 5684 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
17:06:23.0876 5684 RasAcd - ok
17:06:23.0930 5684 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:06:23.0932 5684 RasAgileVpn - ok
17:06:23.0962 5684 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:06:23.0964 5684 Rasl2tp - ok
17:06:24.0001 5684 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
17:06:24.0002 5684 RasPppoe - ok
17:06:24.0033 5684 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
17:06:24.0034 5684 RasSstp - ok
17:06:24.0058 5684 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
17:06:24.0062 5684 rdbss - ok
17:06:24.0084 5684 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
17:06:24.0087 5684 rdpbus - ok
17:06:24.0106 5684 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:06:24.0108 5684 RDPCDD - ok
17:06:24.0164 5684 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys
17:06:24.0166 5684 RDPDR - ok
17:06:24.0316 5684 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
17:06:24.0318 5684 RDPENCDD - ok
17:06:24.0359 5684 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
17:06:24.0361 5684 RDPREFMP - ok
17:06:24.0391 5684 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
17:06:24.0397 5684 RDPWD - ok
17:06:24.0431 5684 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
17:06:24.0437 5684 rdyboost - ok
17:06:24.0496 5684 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\Windows\system32\DRIVERS\RimSerial.sys
17:06:24.0500 5684 RimVSerPort - ok
17:06:24.0538 5684 ROOTMODEM (564297827d213f52c7a3a2ff749568ca) C:\Windows\system32\Drivers\RootMdm.sys
17:06:24.0541 5684 ROOTMODEM - ok
17:06:24.0579 5684 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
17:06:24.0583 5684 rspndr - ok
17:06:24.0618 5684 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys
17:06:24.0622 5684 s3cap - ok
17:06:24.0674 5684 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
17:06:24.0678 5684 sbp2port - ok
17:06:24.0706 5684 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
17:06:24.0709 5684 scfilter - ok
17:06:24.0747 5684 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
17:06:24.0750 5684 secdrv - ok
17:06:24.0788 5684 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
17:06:24.0792 5684 Serenum - ok
17:06:24.0820 5684 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
17:06:24.0824 5684 Serial - ok
17:06:24.0849 5684 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
17:06:24.0852 5684 sermouse - ok
17:06:24.0886 5684 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
17:06:24.0889 5684 sffdisk - ok
17:06:24.0911 5684 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
17:06:24.0914 5684 sffp_mmc - ok
17:06:24.0931 5684 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys
17:06:24.0933 5684 sffp_sd - ok
17:06:24.0955 5684 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
17:06:24.0958 5684 sfloppy - ok
17:06:24.0993 5684 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
17:06:24.0995 5684 sisagp - ok
17:06:25.0021 5684 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:06:25.0024 5684 SiSRaid2 - ok
17:06:25.0046 5684 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
17:06:25.0049 5684 SiSRaid4 - ok
17:06:25.0076 5684 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
17:06:25.0079 5684 Smb - ok
17:06:25.0131 5684 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
17:06:25.0133 5684 spldr - ok
17:06:25.0260 5684 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys
17:06:25.0260 5684 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
17:06:25.0263 5684 sptd ( LockedFile.Multi.Generic ) - warning
17:06:25.0263 5684 sptd - detected LockedFile.Multi.Generic (1)
17:06:25.0311 5684 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\Windows\system32\DRIVERS\srv.sys
17:06:25.0319 5684 srv - ok
17:06:25.0350 5684 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\Windows\system32\DRIVERS\srv2.sys
17:06:25.0366 5684 srv2 - ok
17:06:25.0392 5684 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\Windows\system32\DRIVERS\srvnet.sys
17:06:25.0397 5684 srvnet - ok
17:06:25.0456 5684 sscdbus (d5dffeaa1e15d4effabb9d9a3068ac5b) C:\Windows\system32\DRIVERS\sscdbus.sys
17:06:25.0459 5684 sscdbus - ok
17:06:25.0507 5684 sscdmdfl (8a1be0c347814f482f493aea619d57f6) C:\Windows\system32\DRIVERS\sscdmdfl.sys
17:06:25.0510 5684 sscdmdfl - ok
17:06:25.0549 5684 sscdmdm (5ab0b1987f682a59b15b78f84c6ad7d0) C:\Windows\system32\DRIVERS\sscdmdm.sys
17:06:25.0553 5684 sscdmdm - ok
17:06:25.0672 5684 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
17:06:25.0675 5684 stexstor - ok
17:06:25.0820 5684 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys
17:06:25.0847 5684 storflt - ok
17:06:26.0103 5684 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys
17:06:26.0154 5684 storvsc - ok
17:06:26.0238 5684 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
17:06:26.0250 5684 swenum - ok
17:06:26.0420 5684 Tcpip (56c198ac82efa622dd93e9e43575f79c) C:\Windows\system32\drivers\tcpip.sys
17:06:26.0435 5684 Tcpip - ok
17:06:26.0527 5684 TCPIP6 (56c198ac82efa622dd93e9e43575f79c) C:\Windows\system32\DRIVERS\tcpip.sys
17:06:26.0543 5684 TCPIP6 - ok
17:06:26.0580 5684 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
17:06:26.0581 5684 tcpipreg - ok
17:06:26.0605 5684 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
17:06:26.0606 5684 TDPIPE - ok
17:06:26.0630 5684 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
17:06:26.0631 5684 TDTCP - ok
17:06:26.0656 5684 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
17:06:26.0657 5684 tdx - ok
17:06:26.0719 5684 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
17:06:26.0723 5684 TermDD - ok
17:06:26.0784 5684 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:06:26.0786 5684 tssecsrv - ok
17:06:26.0818 5684 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
17:06:26.0820 5684 tunnel - ok
17:06:26.0844 5684 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
17:06:26.0847 5684 uagp35 - ok
17:06:26.0875 5684 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
17:06:26.0877 5684 udfs - ok
17:06:26.0911 5684 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
17:06:26.0915 5684 uliagpkx - ok
17:06:26.0939 5684 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
17:06:26.0943 5684 umbus - ok
17:06:26.0963 5684 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
17:06:26.0965 5684 UmPass - ok
17:06:27.0023 5684 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
17:06:27.0026 5684 USBAAPL - ok
17:06:27.0069 5684 usbaudio (2436a42aab4ad48a9b714e5b0f344627) C:\Windows\system32\drivers\usbaudio.sys
17:06:27.0073 5684 usbaudio - ok
17:06:27.0101 5684 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys
17:06:27.0105 5684 usbccgp - ok
17:06:27.0153 5684 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
17:06:27.0157 5684 usbcir - ok
17:06:27.0189 5684 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys
17:06:27.0193 5684 usbehci - ok
17:06:27.0225 5684 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\Windows\system32\DRIVERS\usbhub.sys
17:06:27.0242 5684 usbhub - ok
17:06:27.0267 5684 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
17:06:27.0270 5684 usbohci - ok
17:06:27.0298 5684 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
17:06:27.0301 5684 usbprint - ok
17:06:27.0325 5684 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:06:27.0329 5684 USBSTOR - ok
17:06:27.0353 5684 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
17:06:27.0357 5684 usbuhci - ok
17:06:27.0443 5684 usb_rndisx (d82f43d15fdaa666856c0190cb73e7c9) C:\Windows\system32\DRIVERS\usb8023x.sys
17:06:27.0446 5684 usb_rndisx - ok
17:06:27.0478 5684 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
17:06:27.0483 5684 vdrvroot - ok
17:06:27.0513 5684 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
17:06:27.0517 5684 vga - ok
17:06:27.0540 5684 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
17:06:27.0543 5684 VgaSave - ok
17:06:27.0577 5684 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
17:06:27.0583 5684 vhdmp - ok
17:06:27.0611 5684 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
17:06:27.0615 5684 viaagp - ok
17:06:27.0647 5684 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
17:06:27.0651 5684 ViaC7 - ok
17:06:27.0676 5684 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
17:06:27.0679 5684 viaide - ok
17:06:27.0709 5684 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys
17:06:27.0715 5684 vmbus - ok
17:06:27.0736 5684 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys
17:06:27.0740 5684 VMBusHID - ok
17:06:27.0793 5684 vmm (817da66b1b889fad1dbf669e0e2f3228) C:\Windows\system32\Drivers\vmm.sys
17:06:27.0799 5684 vmm - ok
17:06:27.0826 5684 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
17:06:27.0831 5684 volmgr - ok
17:06:27.0861 5684 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
17:06:27.0866 5684 volmgrx - ok
17:06:27.0897 5684 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
17:06:27.0905 5684 volsnap - ok
17:06:27.0955 5684 VPCNetS2 (2abe8281db609d8bb1bd1b2f93800d5f) C:\Windows\system32\DRIVERS\VMNetSrv.sys
17:06:27.0958 5684 VPCNetS2 - ok
17:06:27.0999 5684 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
17:06:28.0004 5684 vsmraid - ok
17:06:28.0026 5684 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
17:06:28.0028 5684 vwifibus - ok
17:06:28.0062 5684 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
17:06:28.0065 5684 WacomPen - ok
17:06:28.0099 5684 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
17:06:28.0103 5684 WANARP - ok
17:06:28.0109 5684 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
17:06:28.0112 5684 Wanarpv6 - ok
17:06:28.0168 5684 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
17:06:28.0174 5684 Wd - ok
17:06:28.0210 5684 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
17:06:28.0217 5684 Wdf01000 - ok
17:06:28.0289 5684 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
17:06:28.0290 5684 WfpLwf - ok
17:06:28.0315 5684 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
17:06:28.0316 5684 WIMMount - ok
17:06:28.0449 5684 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys
17:06:28.0452 5684 WinUsb - ok
17:06:28.0539 5684 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
17:06:28.0541 5684 WmiAcpi - ok
17:06:28.0585 5684 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
17:06:28.0586 5684 ws2ifsl - ok
17:06:28.0619 5684 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
17:06:28.0620 5684 WudfPf - ok
17:06:28.0649 5684 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:06:28.0651 5684 WUDFRd - ok
17:06:28.0690 5684 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
17:06:28.0722 5684 \Device\Harddisk0\DR0 - ok
17:06:28.0728 5684 Boot (0x1200) (11bafbd9fa5b59752e28b509f61bbfb8) \Device\Harddisk0\DR0\Partition0
17:06:28.0730 5684 \Device\Harddisk0\DR0\Partition0 - ok
17:06:28.0749 5684 Boot (0x1200) (3a037c91f84e78366d5ebd7722f89ad7) \Device\Harddisk0\DR0\Partition1
17:06:28.0753 5684 \Device\Harddisk0\DR0\Partition1 - ok
17:06:28.0754 5684 ============================================================
17:06:28.0754 5684 Scan finished
17:06:28.0754 5684 ============================================================
17:06:28.0775 5396 Detected object count: 1
17:06:28.0775 5396 Actual detected object count: 1
17:06:37.0095 5396 sptd ( LockedFile.Multi.Generic ) - skipped by user
17:06:37.0095 5396 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
17:06:45.0336 6128 ============================================================
17:06:45.0336 6128 Scan started
17:06:45.0336 6128 Mode: Manual; SigCheck; TDLFS;
17:06:45.0336 6128 ============================================================
17:06:45.0679 6128 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
17:06:45.0788 6128 1394ohci - ok
17:06:45.0813 6128 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
17:06:45.0831 6128 ACPI - ok
17:06:45.0858 6128 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
17:06:45.0886 6128 AcpiPmi - ok
17:06:45.0918 6128 adicvls (1a0b4fbbe344c681bc3302c8d6520fb7) C:\Windows\system32\DRIVERS\adicvls.sys
17:06:45.0957 6128 adicvls - ok
17:06:45.0990 6128 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
17:06:46.0025 6128 adp94xx - ok
17:06:46.0054 6128 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
17:06:46.0071 6128 adpahci - ok
17:06:46.0092 6128 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
17:06:46.0106 6128 adpu320 - ok
17:06:46.0203 6128 AFD (0db7a48388d54d154ebec120461a0fcd) C:\Windows\system32\drivers\afd.sys
17:06:46.0263 6128 AFD - ok
17:06:46.0288 6128 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
17:06:46.0301 6128 agp440 - ok
17:06:46.0342 6128 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
17:06:46.0355 6128 aic78xx - ok
17:06:46.0392 6128 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
17:06:46.0415 6128 aliide - ok
17:06:46.0437 6128 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
17:06:46.0450 6128 amdagp - ok
17:06:46.0474 6128 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
17:06:46.0486 6128 amdide - ok
17:06:46.0508 6128 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
17:06:46.0531 6128 AmdK8 - ok
17:06:46.0550 6128 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
17:06:46.0572 6128 AmdPPM - ok
17:06:46.0602 6128 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\Windows\system32\DRIVERS\amdsata.sys
17:06:46.0627 6128 amdsata - ok
17:06:46.0662 6128 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
17:06:46.0688 6128 amdsbs - ok
17:06:46.0804 6128 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\Windows\system32\DRIVERS\amdxata.sys
17:06:46.0829 6128 amdxata - ok
17:06:46.0920 6128 androidusb (db0feb51dfa00543bf381d2014550fa3) C:\Windows\system32\Drivers\androidusb.sys
17:06:46.0982 6128 androidusb - ok
17:06:47.0009 6128 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
17:06:47.0074 6128 AppID - ok
17:06:47.0113 6128 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
17:06:47.0126 6128 arc - ok
17:06:47.0149 6128 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
17:06:47.0162 6128 arcsas - ok
17:06:47.0193 6128 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
17:06:47.0231 6128 AsyncMac - ok
17:06:47.0255 6128 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
17:06:47.0268 6128 atapi - ok
17:06:47.0330 6128 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
17:06:47.0393 6128 b06bdrv - ok
17:06:47.0436 6128 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
17:06:47.0469 6128 b57nd60x - ok
17:06:47.0498 6128 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
17:06:47.0552 6128 Beep - ok
17:06:47.0587 6128 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
17:06:47.0620 6128 blbdrive - ok
17:06:47.0665 6128 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys
17:06:47.0704 6128 bowser - ok
17:06:47.0725 6128 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:06:47.0763 6128 BrFiltLo - ok
17:06:47.0784 6128 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:06:47.0817 6128 BrFiltUp - ok
17:06:47.0847 6128 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
17:06:47.0893 6128 Brserid - ok
17:06:47.0918 6128 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
17:06:47.0984 6128 BrSerWdm - ok
17:06:48.0006 6128 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:06:48.0055 6128 BrUsbMdm - ok
17:06:48.0077 6128 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
17:06:48.0114 6128 BrUsbSer - ok
17:06:48.0135 6128 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
17:06:48.0175 6128 BTHMODEM - ok
17:06:48.0205 6128 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
17:06:48.0249 6128 cdfs - ok
17:06:48.0272 6128 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
17:06:48.0300 6128 cdrom - ok
17:06:48.0343 6128 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
17:06:48.0386 6128 circlass - ok
17:06:48.0422 6128 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
17:06:48.0452 6128 CLFS - ok
17:06:48.0477 6128 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
17:06:48.0492 6128 CmBatt - ok
17:06:48.0514 6128 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
17:06:48.0526 6128 cmdide - ok
17:06:48.0563 6128 CNG (36c252e474b2ffa0f0fbbff20d92a640) C:\Windows\system32\Drivers\cng.sys
17:06:48.0585 6128 CNG - ok
17:06:48.0609 6128 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
17:06:48.0621 6128 Compbatt - ok
17:06:48.0643 6128 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
17:06:48.0671 6128 CompositeBus - ok
17:06:48.0697 6128 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
17:06:48.0709 6128 crcdisk - ok
17:06:48.0747 6128 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys
17:06:48.0767 6128 CSC - ok
17:06:48.0828 6128 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\Windows\system32\Drivers\dfsc.sys
17:06:48.0870 6128 DfsC - ok
17:06:48.0893 6128 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
17:06:48.0948 6128 discache - ok
17:06:48.0966 6128 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
17:06:48.0979 6128 Disk - ok
17:06:49.0023 6128 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
17:06:49.0061 6128 drmkaud - ok
17:06:49.0111 6128 DXGKrnl (8b6c3464d7fac176500061dbfff42ad4) C:\Windows\System32\drivers\dxgkrnl.sys
17:06:49.0152 6128 DXGKrnl - ok
17:06:49.0252 6128 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
17:06:49.0328 6128 ebdrv - ok
17:06:49.0372 6128 ElbyCDFL (ce37e3d51912e59c80c6d84337c0b4cd) C:\Windows\system32\Drivers\ElbyCDFL.sys
17:06:49.0399 6128 ElbyCDFL - ok
17:06:49.0438 6128 ElbyCDIO (aaa8999a169e39fb8b48ae49cd6ac30a) C:\Windows\system32\Drivers\ElbyCDIO.sys
17:06:49.0450 6128 ElbyCDIO - ok
17:06:49.0476 6128 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
17:06:49.0495 6128 elxstor - ok
17:06:49.0527 6128 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
17:06:49.0567 6128 ErrDev - ok
17:06:49.0626 6128 EverestDriver (eacd4cdffe66f4923ebb9685c21b55e5) C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt
17:06:49.0648 6128 EverestDriver - ok
17:06:49.0669 6128 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
17:06:49.0725 6128 exfat - ok
17:06:49.0815 6128 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
17:06:49.0875 6128 fastfat - ok
17:06:49.0900 6128 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
17:06:49.0938 6128 fdc - ok
17:06:49.0973 6128 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
17:06:49.0998 6128 FileInfo - ok
17:06:50.0017 6128 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
17:06:50.0092 6128 Filetrace - ok
17:06:50.0130 6128 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
17:06:50.0168 6128 flpydisk - ok
17:06:50.0264 6128 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
17:06:50.0290 6128 FltMgr - ok
17:06:50.0319 6128 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
17:06:50.0331 6128 FsDepends - ok
17:06:50.0371 6128 fssfltr (bfaaa92861526bb0adcd01e964ab6609) C:\Windows\system32\DRIVERS\fssfltr.sys
17:06:50.0382 6128 fssfltr - ok
17:06:50.0410 6128 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
17:06:50.0422 6128 Fs_Rec - ok
17:06:50.0450 6128 FTDIBUS (7c17235845d5ae3fb33ead47b5881521) C:\Windows\system32\drivers\ftdibus.sys
17:06:50.0461 6128 FTDIBUS - ok
17:06:50.0493 6128 FTSER2K (23220a4709cc5785f9633ba71416145c) C:\Windows\system32\drivers\ftser2k.sys
17:06:50.0504 6128 FTSER2K - ok
17:06:50.0521 6128 fvevol (5592f5dba26282d24d2b080eb438a4d7) C:\Windows\system32\DRIVERS\fvevol.sys
17:06:50.0538 6128 fvevol - ok
17:06:50.0558 6128 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
17:06:50.0570 6128 gagp30kx - ok
17:06:50.0596 6128 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:06:50.0606 6128 GEARAspiWDM - ok
17:06:50.0636 6128 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
17:06:50.0673 6128 hcw85cir - ok
17:06:50.0716 6128 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
17:06:50.0761 6128 HdAudAddService - ok
17:06:50.0785 6128 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
17:06:50.0816 6128 HDAudBus - ok
17:06:50.0835 6128 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
17:06:50.0863 6128 HidBatt - ok
17:06:50.0883 6128 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
17:06:50.0915 6128 HidBth - ok
17:06:50.0937 6128 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
17:06:50.0954 6128 HidIr - ok
17:06:50.0979 6128 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
17:06:50.0995 6128 HidUsb - ok
17:06:51.0048 6128 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
17:06:51.0070 6128 HpSAMD - ok
17:06:51.0103 6128 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
17:06:51.0174 6128 HTTP - ok
17:06:51.0197 6128 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
17:06:51.0219 6128 hwpolicy - ok
17:06:51.0242 6128 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
17:06:51.0274 6128 i8042prt - ok
17:06:51.0325 6128 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\DRIVERS\iaStorV.sys
17:06:51.0357 6128 iaStorV - ok
17:06:51.0381 6128 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
17:06:51.0394 6128 iirsp - ok
17:06:51.0426 6128 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
17:06:51.0449 6128 intelide - ok
17:06:51.0476 6128 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
17:06:51.0508 6128 intelppm - ok
17:06:51.0526 6128 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:06:51.0584 6128 IpFilterDriver - ok
17:06:51.0617 6128 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
17:06:51.0647 6128 IPMIDRV - ok
17:06:51.0668 6128 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
17:06:51.0728 6128 IPNAT - ok
17:06:51.0765 6128 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
17:06:51.0816 6128 IRENUM - ok
17:06:51.0835 6128 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
17:06:51.0852 6128 isapnp - ok
17:06:51.0894 6128 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
17:06:51.0909 6128 iScsiPrt - ok
17:06:52.0000 6128 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
17:06:52.0024 6128 kbdclass - ok
17:06:52.0049 6128 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
17:06:52.0077 6128 kbdhid - ok
17:06:52.0148 6128 KL1 (94d67d49bd9503bb1d838405d80f2058) C:\Windows\system32\DRIVERS\kl1.sys
17:06:52.0171 6128 KL1 - ok
17:06:52.0210 6128 kl2 (713576569667ac9e0f8556076004a96b) C:\Windows\system32\DRIVERS\kl2.sys
17:06:52.0228 6128 kl2 - ok
17:06:52.0278 6128 KLIF (39920d69eaedb51757527aa54fe25216) C:\Windows\system32\DRIVERS\klif.sys
17:06:52.0295 6128 KLIF - ok
17:06:52.0315 6128 KLIM6 (cf88b4985d957eee45c9939092e87c92) C:\Windows\system32\DRIVERS\klim6.sys
17:06:52.0325 6128 KLIM6 - ok
17:06:52.0369 6128 klmouflt (3de1771c135328420315e21dde229bba) C:\Windows\system32\DRIVERS\klmouflt.sys
17:06:52.0380 6128 klmouflt - ok
17:06:52.0425 6128 KSecDD (0263364acb9c834ace52fb85c2c064ec) C:\Windows\system32\Drivers\ksecdd.sys
17:06:52.0450 6128 KSecDD - ok
17:06:52.0491 6128 KSecPkg (27391db553be2a4e2b0adeea2873b2af) C:\Windows\system32\Drivers\ksecpkg.sys
17:06:52.0505 6128 KSecPkg - ok
17:06:52.0544 6128 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
17:06:52.0590 6128 lltdio - ok
17:06:52.0635 6128 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
17:06:52.0659 6128 LSI_FC - ok
17:06:52.0682 6128 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
17:06:52.0696 6128 LSI_SAS - ok
17:06:52.0714 6128 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:06:52.0727 6128 LSI_SAS2 - ok
17:06:52.0754 6128 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:06:52.0768 6128 LSI_SCSI - ok
17:06:52.0788 6128 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
17:06:52.0835 6128 luafv - ok
17:06:52.0869 6128 LVUSBSta (9e9306063ecd8aa91b3fb76678d3cee2) C:\Windows\system32\drivers\LVUSBSta.sys
17:06:52.0891 6128 LVUSBSta - ok
17:06:52.0925 6128 mamotou (406ea3b1bd43a2c14eeee06c49df0d5d) C:\Windows\system32\DRIVERS\mamotou.sys
17:06:52.0953 6128 mamotou ( UnsignedFile.Multi.Generic ) - warning
17:06:52.0953 6128 mamotou - detected UnsignedFile.Multi.Generic (1)
17:06:53.0000 6128 ManyCam (c6d085c7045200143528136a43a65fde) C:\Windows\system32\DRIVERS\ManyCam.sys
17:06:53.0039 6128 ManyCam - ok
17:06:53.0063 6128 MaVctrl (1b467fb39d6ee0e7f1970eee5fc07121) C:\Windows\system32\DRIVERS\MaVc2K.sys
17:06:53.0085 6128 MaVctrl ( UnsignedFile.Multi.Generic ) - warning
17:06:53.0085 6128 MaVctrl - detected UnsignedFile.Multi.Generic (1)
17:06:53.0116 6128 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
17:06:53.0139 6128 megasas - ok
17:06:53.0171 6128 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
17:06:53.0200 6128 MegaSR - ok
17:06:53.0236 6128 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
17:06:53.0272 6128 Modem - ok
17:06:53.0296 6128 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
17:06:53.0323 6128 monitor - ok
17:06:53.0347 6128 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
17:06:53.0362 6128 mouclass - ok
17:06:53.0378 6128 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
17:06:53.0413 6128 mouhid - ok
17:06:53.0443 6128 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
17:06:53.0456 6128 mountmgr - ok
17:06:53.0478 6128 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
17:06:53.0491 6128 mpio - ok
17:06:53.0512 6128 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
17:06:53.0549 6128 mpsdrv - ok
17:06:53.0575 6128 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
17:06:53.0607 6128 MRxDAV - ok
17:06:53.0645 6128 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:06:53.0686 6128 mrxsmb - ok
17:06:53.0724 6128 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:06:53.0766 6128 mrxsmb10 - ok
17:06:53.0786 6128 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:06:53.0809 6128 mrxsmb20 - ok
17:06:53.0830 6128 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
17:06:53.0843 6128 msahci - ok
17:06:53.0862 6128 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
17:06:53.0876 6128 msdsm - ok
17:06:53.0905 6128 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
17:06:53.0936 6128 Msfs - ok
17:06:53.0957 6128 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
17:06:54.0005 6128 mshidkmdf - ok
17:06:54.0027 6128 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
17:06:54.0039 6128 msisadrv - ok
17:06:54.0065 6128 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
17:06:54.0101 6128 MSKSSRV - ok
17:06:54.0122 6128 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
17:06:54.0163 6128 MSPCLOCK - ok
17:06:54.0180 6128 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
17:06:54.0231 6128 MSPQM - ok
17:06:54.0260 6128 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
17:06:54.0274 6128 MsRPC - ok
17:06:54.0300 6128 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
17:06:54.0312 6128 mssmbios - ok
17:06:54.0335 6128 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
17:06:54.0373 6128 MSTEE - ok
17:06:54.0394 6128 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
17:06:54.0410 6128 MTConfig - ok
17:06:54.0431 6128 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
17:06:54.0444 6128 Mup - ok
17:06:54.0469 6128 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
17:06:54.0504 6128 NativeWifiP - ok
17:06:54.0534 6128 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
17:06:54.0557 6128 NDIS - ok
17:06:54.0579 6128 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
17:06:54.0633 6128 NdisCap - ok
17:06:54.0663 6128 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
17:06:54.0693 6128 NdisTapi - ok
17:06:54.0716 6128 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
17:06:54.0748 6128 Ndisuio - ok
17:06:54.0768 6128 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
17:06:54.0829 6128 NdisWan - ok
17:06:54.0855 6128 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
17:06:54.0921 6128 NDProxy - ok
17:06:54.0958 6128 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
17:06:55.0033 6128 NetBIOS - ok
17:06:55.0061 6128 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
17:06:55.0094 6128 NetBT - ok
17:06:55.0146 6128 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
17:06:55.0170 6128 nfrd960 - ok
17:06:55.0199 6128 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
17:06:55.0246 6128 Npfs - ok
17:06:55.0285 6128 NPPTNT2 (9131fe60adfab595c8da53ad6a06aa31) C:\Windows\system32\npptNT2.sys
17:06:55.0292 6128 NPPTNT2 ( UnsignedFile.Multi.Generic ) - warning
17:06:55.0292 6128 NPPTNT2 - detected UnsignedFile.Multi.Generic (1)
17:06:55.0324 6128 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
17:06:55.0365 6128 nsiproxy - ok
17:06:55.0411 6128 Ntfs (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers\Ntfs.sys
17:06:55.0442 6128 Ntfs - ok
17:06:55.0467 6128 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
17:06:55.0514 6128 Null - ok
17:06:55.0556 6128 NVENETFD (b5e37e31c053bc9950455a257526514b) C:\Windows\system32\DRIVERS\nvm62x32.sys
17:06:55.0595 6128 NVENETFD - ok
17:06:55.0822 6128 nvlddmkm (712d98d35e68d0006b121f4a3b8ee814) C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:06:56.0066 6128 nvlddmkm - ok
17:06:56.0112 6128 NVNET (5bf9c11586f4764446407f509f1beca8) C:\Windows\system32\DRIVERS\nvmf6232.sys
17:06:56.0135 6128 NVNET - ok
17:06:56.0157 6128 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\DRIVERS\nvraid.sys
17:06:56.0171 6128 nvraid - ok
17:06:56.0206 6128 nvrd32 (6f922993c8aa8bf555b0a8428aab5731) C:\Windows\system32\DRIVERS\nvrd32.sys
17:06:56.0218 6128 nvrd32 - ok
17:06:56.0236 6128 nvsmu (f13618f0cb1e95232f4c2401592a59e9) C:\Windows\system32\DRIVERS\nvsmu.sys
17:06:56.0282 6128 nvsmu - ok
17:06:56.0319 6128 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\DRIVERS\nvstor.sys
17:06:56.0347 6128 nvstor - ok
17:06:56.0393 6128 nvstor32 (269de658deaf032564e8b6430b5bd170) C:\Windows\system32\DRIVERS\nvstor32.sys
17:06:56.0417 6128 nvstor32 - ok
17:06:56.0442 6128 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
17:06:56.0455 6128 nv_agp - ok
17:06:56.0477 6128 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
17:06:56.0499 6128 ohci1394 - ok
17:06:56.0524 6128 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
17:06:56.0556 6128 Parport - ok
17:06:56.0577 6128 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
17:06:56.0590 6128 partmgr - ok
17:06:56.0607 6128 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
17:06:56.0631 6128 Parvdm - ok
17:06:56.0658 6128 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
17:06:56.0672 6128 pci - ok
17:06:56.0697 6128 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
17:06:56.0709 6128 pciide - ok
17:06:56.0737 6128 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
17:06:56.0766 6128 pcmcia - ok
17:06:56.0791 6128 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
17:06:56.0804 6128 pcw - ok
17:06:56.0836 6128 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
17:06:56.0887 6128 PEAUTH - ok
17:06:56.0930 6128 pepifilter (d30eda6e1ab3c8c82f2ca085ab79040a) C:\Windows\system32\DRIVERS\lv302af.sys
17:06:56.0949 6128 pepifilter - ok
17:06:57.0217 6128 PID_PEPI (0da6c5e0c8da6cebe52daacfe7ae9de6) C:\Windows\system32\DRIVERS\LV302V32.SYS
17:06:57.0266 6128 PID_PEPI - ok
17:06:57.0320 6128 portio32 (09687a361c9f1418973a4ae17d2f52cc) C:\Windows\system32\drivers\portio32.sys
17:06:57.0331 6128 portio32 ( UnsignedFile.Multi.Generic ) - warning
17:06:57.0331 6128 portio32 - detected UnsignedFile.Multi.Generic (1)
17:06:57.0503 6128 PORTIO64 (5f86f324faa18c31a3ef3805169e508a) C:\Users\Denis\Desktop\162201798 Bluescreen^\JungleFlasher v0.1.76 Beta (166)\portio32.sys
17:06:57.0510 6128 PORTIO64 ( UnsignedFile.Multi.Generic ) - warning
17:06:57.0510 6128 PORTIO64 - detected UnsignedFile.Multi.Generic (1)
17:06:57.0542 6128 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
17:06:57.0609 6128 PptpMiniport - ok
17:06:57.0638 6128 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
17:06:57.0668 6128 Processor - ok
17:06:57.0698 6128 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
17:06:57.0743 6128 Psched - ok
17:06:57.0776 6128 pxkbf (0c738845c7c12c45f05b127edff2cc87) C:\Windows\system32\drivers\pxkbf.sys
17:06:57.0788 6128 pxkbf - ok
17:06:57.0808 6128 pxrts (04d1c97a0818f9378eeaa793a09f8202) C:\Windows\system32\drivers\pxrts.sys
17:06:57.0823 6128 pxrts - ok
17:06:57.0849 6128 pxscan (e6e1f9f717feab3e16c3b160b17e6855) C:\Windows\system32\drivers\pxscan.sys
17:06:57.0860 6128 pxscan - ok
17:06:57.0904 6128 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
17:06:57.0938 6128 ql2300 - ok
17:06:57.0968 6128 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
17:06:57.0982 6128 ql40xx - ok
17:06:58.0005 6128 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
17:06:58.0024 6128 QWAVEdrv - ok
17:06:58.0051 6128 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
17:06:58.0131 6128 RasAcd - ok
17:06:58.0206 6128 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:06:58.0280 6128 RasAgileVpn - ok
17:06:58.0314 6128 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:06:58.0375 6128 Rasl2tp - ok
17:06:58.0411 6128 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
17:06:58.0452 6128 RasPppoe - ok
17:06:58.0476 6128 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
17:06:58.0505 6128 RasSstp - ok
17:06:58.0526 6128 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
17:06:58.0559 6128 rdbss - ok
17:06:58.0577 6128 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
17:06:58.0599 6128 rdpbus - ok
17:06:58.0616 6128 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:06:58.0647 6128 RDPCDD - ok
17:06:58.0676 6128 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys
17:06:58.0718 6128 RDPDR - ok
17:06:58.0743 6128 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
17:06:58.0773 6128 RDPENCDD - ok
17:06:58.0810 6128 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
17:06:58.0875 6128 RDPREFMP - ok
17:06:58.0909 6128 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
17:06:58.0964 6128 RDPWD - ok
17:06:58.0998 6128 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
17:06:59.0013 6128 rdyboost - ok
17:06:59.0056 6128 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\Windows\system32\DRIVERS\RimSerial.sys
17:06:59.0082 6128 RimVSerPort - ok
17:06:59.0106 6128 ROOTMODEM (564297827d213f52c7a3a2ff749568ca) C:\Windows\system32\Drivers\RootMdm.sys
17:06:59.0154 6128 ROOTMODEM - ok
17:06:59.0189 6128 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
17:06:59.0234 6128 rspndr - ok
17:06:59.0255 6128 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys
17:06:59.0281 6128 s3cap - ok
17:06:59.0310 6128 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
17:06:59.0324 6128 sbp2port - ok
17:06:59.0351 6128 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
17:06:59.0401 6128 scfilter - ok
17:06:59.0434 6128 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
17:06:59.0470 6128 secdrv - ok
17:06:59.0500 6128 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
17:06:59.0515 6128 Serenum - ok
17:06:59.0539 6128 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
17:06:59.0556 6128 Serial - ok
17:06:59.0577 6128 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
17:06:59.0617 6128 sermouse - ok
17:06:59.0665 6128 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
17:06:59.0711 6128 sffdisk - ok
17:06:59.0740 6128 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
17:06:59.0777 6128 sffp_mmc - ok
17:06:59.0809 6128 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys
17:06:59.0840 6128 sffp_sd - ok
17:06:59.0858 6128 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
17:06:59.0875 6128 sfloppy - ok
17:06:59.0905 6128 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
17:06:59.0917 6128 sisagp - ok
17:06:59.0966 6128 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:06:59.0991 6128 SiSRaid2 - ok
17:07:00.0024 6128 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
17:07:00.0047 6128 SiSRaid4 - ok
17:07:00.0071 6128 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
17:07:00.0136 6128 Smb - ok
17:07:00.0167 6128 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
17:07:00.0180 6128 spldr - ok
17:07:00.0243 6128 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys
17:07:00.0244 6128 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
17:07:00.0245 6128 sptd ( LockedFile.Multi.Generic ) - warning
17:07:00.0245 6128 sptd - detected LockedFile.Multi.Generic (1)
17:07:00.0297 6128 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\Windows\system32\DRIVERS\srv.sys
17:07:00.0356 6128 srv - ok
17:07:00.0396 6128 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\Windows\system32\DRIVERS\srv2.sys
17:07:00.0434 6128 srv2 - ok
17:07:00.0469 6128 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\Windows\system32\DRIVERS\srvnet.sys
17:07:00.0492 6128 srvnet - ok
17:07:00.0534 6128 sscdbus (d5dffeaa1e15d4effabb9d9a3068ac5b) C:\Windows\system32\DRIVERS\sscdbus.sys
17:07:00.0559 6128 sscdbus - ok
17:07:00.0593 6128 sscdmdfl (8a1be0c347814f482f493aea619d57f6) C:\Windows\system32\DRIVERS\sscdmdfl.sys
17:07:00.0632 6128 sscdmdfl - ok
17:07:00.0669 6128 sscdmdm (5ab0b1987f682a59b15b78f84c6ad7d0) C:\Windows\system32\DRIVERS\sscdmdm.sys
17:07:00.0710 6128 sscdmdm - ok
17:07:00.0769 6128 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
17:07:00.0790 6128 stexstor - ok
17:07:00.0833 6128 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys
17:07:00.0846 6128 storflt - ok
17:07:00.0883 6128 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys
17:07:00.0907 6128 storvsc - ok
17:07:00.0927 6128 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
17:07:00.0939 6128 swenum - ok
17:07:01.0025 6128 Tcpip (56c198ac82efa622dd93e9e43575f79c) C:\Windows\system32\drivers\tcpip.sys
17:07:01.0082 6128 Tcpip - ok
17:07:01.0119 6128 TCPIP6 (56c198ac82efa622dd93e9e43575f79c) C:\Windows\system32\DRIVERS\tcpip.sys
17:07:01.0152 6128 TCPIP6 - ok
17:07:01.0177 6128 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
17:07:01.0231 6128 tcpipreg - ok
17:07:01.0261 6128 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
17:07:01.0301 6128 TDPIPE - ok
17:07:01.0319 6128 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
17:07:01.0357 6128 TDTCP - ok
17:07:01.0379 6128 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
17:07:01.0423 6128 tdx - ok
17:07:01.0451 6128 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
17:07:01.0464 6128 TermDD - ok
17:07:01.0507 6128 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:07:01.0541 6128 tssecsrv - ok
17:07:01.0567 6128 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
17:07:01.0609 6128 tunnel - ok
17:07:01.0634 6128 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
17:07:01.0647 6128 uagp35 - ok
17:07:01.0672 6128 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
17:07:01.0755 6128 udfs - ok
17:07:01.0801 6128 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
17:07:01.0814 6128 uliagpkx - ok
17:07:01.0837 6128 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
17:07:01.0864 6128 umbus - ok
17:07:01.0886 6128 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
17:07:01.0915 6128 UmPass - ok
17:07:01.0970 6128 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
17:07:01.0998 6128 USBAAPL - ok
17:07:02.0051 6128 usbaudio (2436a42aab4ad48a9b714e5b0f344627) C:\Windows\system32\drivers\usbaudio.sys
17:07:02.0081 6128 usbaudio - ok
17:07:02.0107 6128 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys
17:07:02.0132 6128 usbccgp - ok
17:07:02.0158 6128 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
17:07:02.0187 6128 usbcir - ok
17:07:02.0212 6128 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys
17:07:02.0230 6128 usbehci - ok
17:07:02.0265 6128 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\Windows\system32\DRIVERS\usbhub.sys
17:07:02.0318 6128 usbhub - ok
17:07:02.0348 6128 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
17:07:02.0381 6128 usbohci - ok
17:07:02.0404 6128 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
17:07:02.0423 6128 usbprint - ok
17:07:02.0439 6128 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:07:02.0456 6128 USBSTOR - ok
17:07:02.0476 6128 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
17:07:02.0491 6128 usbuhci - ok
17:07:02.0523 6128 usb_rndisx (d82f43d15fdaa666856c0190cb73e7c9) C:\Windows\system32\DRIVERS\usb8023x.sys
17:07:02.0559 6128 usb_rndisx - ok
17:07:02.0593 6128 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
17:07:02.0605 6128 vdrvroot - ok
17:07:02.0644 6128 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
17:07:02.0666 6128 vga - ok
17:07:02.0705 6128 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
17:07:02.0749 6128 VgaSave - ok
17:07:02.0775 6128 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
17:07:02.0789 6128 vhdmp - ok
17:07:02.0810 6128 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
17:07:02.0822 6128 viaagp - ok
17:07:02.0845 6128 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
17:07:02.0872 6128 ViaC7 - ok
17:07:02.0899 6128 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
17:07:02.0912 6128 viaide - ok
17:07:02.0940 6128 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys
17:07:02.0954 6128 vmbus - ok
17:07:02.0976 6128 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys
17:07:02.0991 6128 VMBusHID - ok
17:07:03.0033 6128 vmm (817da66b1b889fad1dbf669e0e2f3228) C:\Windows\system32\Drivers\vmm.sys
17:07:03.0059 6128 vmm - ok
17:07:03.0083 6128 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
17:07:03.0108 6128 volmgr - ok
17:07:03.0135 6128 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
17:07:03.0167 6128 volmgrx - ok
17:07:03.0212 6128 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
17:07:03.0227 6128 volsnap - ok
17:07:03.0266 6128 VPCNetS2 (2abe8281db609d8bb1bd1b2f93800d5f) C:\Windows\system32\DRIVERS\VMNetSrv.sys
17:07:03.0278 6128 VPCNetS2 - ok
17:07:03.0305 6128 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
17:07:03.0319 6128 vsmraid - ok
17:07:03.0337 6128 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
17:07:03.0364 6128 vwifibus - ok
17:07:03.0394 6128 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
17:07:03.0410 6128 WacomPen - ok
17:07:03.0431 6128 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
17:07:03.0480 6128 WANARP - ok
17:07:03.0485 6128 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
17:07:03.0529 6128 Wanarpv6 - ok
17:07:03.0567 6128 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
17:07:03.0579 6128 Wd - ok
17:07:03.0607 6128 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
17:07:03.0626 6128 Wdf01000 - ok
17:07:03.0671 6128 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
17:07:03.0711 6128 WfpLwf - ok
17:07:03.0730 6128 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
17:07:03.0742 6128 WIMMount - ok
17:07:03.0806 6128 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys
17:07:03.0824 6128 WinUsb - ok
17:07:03.0859 6128 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
17:07:03.0892 6128 WmiAcpi - ok
17:07:03.0933 6128 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
17:07:03.0972 6128 ws2ifsl - ok
17:07:04.0009 6128 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
17:07:04.0057 6128 WudfPf - ok
17:07:04.0081 6128 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:07:04.0114 6128 WUDFRd - ok
17:07:04.0147 6128 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
17:07:04.0263 6128 \Device\Harddisk0\DR0 - ok
17:07:04.0269 6128 Boot (0x1200) (11bafbd9fa5b59752e28b509f61bbfb8) \Device\Harddisk0\DR0\Partition0
17:07:04.0271 6128 \Device\Harddisk0\DR0\Partition0 - ok
17:07:04.0289 6128 Boot (0x1200) (3a037c91f84e78366d5ebd7722f89ad7) \Device\Harddisk0\DR0\Partition1
17:07:04.0292 6128 \Device\Harddisk0\DR0\Partition1 - ok
17:07:04.0293 6128 ============================================================
17:07:04.0293 6128 Scan finished
17:07:04.0293 6128 ============================================================
17:07:04.0305 2292 Detected object count: 6
17:07:04.0305 2292 Actual detected object count: 6
17:07:09.0562 2292 mamotou ( UnsignedFile.Multi.Generic ) - skipped by user
17:07:09.0562 2292 mamotou ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:07:09.0564 2292 MaVctrl ( UnsignedFile.Multi.Generic ) - skipped by user
17:07:09.0565 2292 MaVctrl ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:07:09.0567 2292 NPPTNT2 ( UnsignedFile.Multi.Generic ) - skipped by user
17:07:09.0567 2292 NPPTNT2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:07:09.0570 2292 portio32 ( UnsignedFile.Multi.Generic ) - skipped by user
17:07:09.0570 2292 portio32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:07:09.0573 2292 PORTIO64 ( UnsignedFile.Multi.Generic ) - skipped by user
17:07:09.0573 2292 PORTIO64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:07:09.0575 2292 sptd ( LockedFile.Multi.Generic ) - skipped by user
17:07:09.0575 2292 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
17:07:20.0206 4124 ============================================================
17:07:20.0206 4124 Scan started
17:07:20.0206 4124 Mode: Manual; SigCheck; TDLFS;
17:07:20.0206 4124 ============================================================
17:07:20.0996 4124 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
17:07:21.0047 4124 1394ohci - ok
17:07:21.0072 4124 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
17:07:21.0088 4124 ACPI - ok
17:07:21.0109 4124 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
17:07:21.0126 4124 AcpiPmi - ok
17:07:21.0160 4124 adicvls (1a0b4fbbe344c681bc3302c8d6520fb7) C:\Windows\system32\DRIVERS\adicvls.sys
17:07:21.0188 4124 adicvls - ok
17:07:21.0223 4124 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
17:07:21.0240 4124 adp94xx - ok
17:07:21.0272 4124 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
17:07:21.0290 4124 adpahci - ok
17:07:21.0309 4124 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
17:07:21.0323 4124 adpu320 - ok
17:07:21.0378 4124 AFD (0db7a48388d54d154ebec120461a0fcd) C:\Windows\system32\drivers\afd.sys
17:07:21.0405 4124 AFD - ok
17:07:21.0430 4124 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
17:07:21.0447 4124 agp440 - ok
17:07:21.0484 4124 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
17:07:21.0497 4124 aic78xx - ok
17:07:21.0534 4124 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
17:07:21.0546 4124 aliide - ok
17:07:21.0562 4124 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
17:07:21.0577 4124 amdagp - ok
17:07:21.0599 4124 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
17:07:21.0622 4124 amdide - ok
17:07:21.0642 4124 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
17:07:21.0670 4124 AmdK8 - ok
17:07:21.0692 4124 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
17:07:21.0708 4124 AmdPPM - ok
17:07:21.0727 4124 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\Windows\system32\DRIVERS\amdsata.sys
17:07:21.0740 4124 amdsata - ok
17:07:21.0761 4124 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
17:07:21.0775 4124 amdsbs - ok
17:07:21.0797 4124 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\Windows\system32\DRIVERS\amdxata.sys
17:07:21.0809 4124 amdxata - ok
17:07:21.0846 4124 androidusb (db0feb51dfa00543bf381d2014550fa3) C:\Windows\system32\Drivers\androidusb.sys
17:07:21.0872 4124 androidusb - ok
17:07:21.0893 4124 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
17:07:21.0911 4124 AppID - ok
17:07:21.0947 4124 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
17:07:21.0960 4124 arc - ok
17:07:21.0983 4124 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
17:07:21.0996 4124 arcsas - ok
17:07:22.0035 4124 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
17:07:22.0076 4124 AsyncMac - ok
17:07:22.0098 4124 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
17:07:22.0110 4124 atapi - ok
17:07:22.0172 4124 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
17:07:22.0207 4124 b06bdrv - ok
17:07:22.0246 4124 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
17:07:22.0277 4124 b57nd60x - ok
17:07:22.0307 4124 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
17:07:22.0346 4124 Beep - ok
17:07:22.0371 4124 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
17:07:22.0396 4124 blbdrive - ok
17:07:22.0441 4124 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys
17:07:22.0471 4124 bowser - ok
17:07:22.0492 4124 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:07:22.0509 4124 BrFiltLo - ok
17:07:22.0526 4124 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:07:22.0543 4124 BrFiltUp - ok
17:07:22.0571 4124 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
17:07:22.0589 4124 Brserid - ok
17:07:22.0610 4124 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
17:07:22.0627 4124 BrSerWdm - ok
17:07:22.0648 4124 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:07:22.0665 4124 BrUsbMdm - ok
17:07:22.0760 4124 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
17:07:22.0788 4124 BrUsbSer - ok
17:07:22.0811 4124 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
17:07:22.0840 4124 BTHMODEM - ok
17:07:22.0872 4124 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
17:07:22.0915 4124 cdfs - ok
17:07:22.0939 4124 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
17:07:22.0964 4124 cdrom - ok
17:07:22.0986 4124 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
17:07:23.0003 4124 circlass - ok
17:07:23.0038 4124 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
17:07:23.0054 4124 CLFS - ok
17:07:23.0086 4124 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
17:07:23.0101 4124 CmBatt - ok
17:07:23.0123 4124 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
17:07:23.0137 4124 cmdide - ok
17:07:23.0173 4124 CNG (36c252e474b2ffa0f0fbbff20d92a640) C:\Windows\system32\Drivers\cng.sys
17:07:23.0215 4124 CNG - ok
17:07:23.0243 4124 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
17:07:23.0257 4124 Compbatt - ok
17:07:23.0286 4124 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
17:07:23.0318 4124 CompositeBus - ok
17:07:23.0348 4124 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
17:07:23.0360 4124 crcdisk - ok
17:07:23.0397 4124 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys
17:07:23.0416 4124 CSC - ok
17:07:23.0462 4124 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\Windows\system32\Drivers\dfsc.sys
17:07:23.0476 4124 DfsC - ok
17:07:23.0502 4124 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
17:07:23.0532 4124 discache - ok
17:07:23.0575 4124 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
17:07:23.0587 4124 Disk - ok
17:07:23.0632 4124 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
17:07:23.0663 4124 drmkaud - ok
17:07:23.0709 4124 DXGKrnl (8b6c3464d7fac176500061dbfff42ad4) C:\Windows\System32\drivers\dxgkrnl.sys
17:07:23.0745 4124 DXGKrnl - ok
17:07:23.0832 4124 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
17:07:23.0902 4124 ebdrv - ok
17:07:23.0940 4124 ElbyCDFL (ce37e3d51912e59c80c6d84337c0b4cd) C:\Windows\system32\Drivers\ElbyCDFL.sys
17:07:23.0952 4124 ElbyCDFL - ok
17:07:23.0982 4124 ElbyCDIO (aaa8999a169e39fb8b48ae49cd6ac30a) C:\Windows\system32\Drivers\ElbyCDIO.sys
17:07:23.0993 4124 ElbyCDIO - ok
17:07:24.0027 4124 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
17:07:24.0045 4124 elxstor - ok
17:07:24.0078 4124 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
17:07:24.0093 4124 ErrDev - ok
17:07:24.0160 4124 EverestDriver (eacd4cdffe66f4923ebb9685c21b55e5) C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt
17:07:24.0182 4124 EverestDriver - ok
17:07:24.0203 4124 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
17:07:24.0235 4124 exfat - ok
17:07:24.0257 4124 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
17:07:24.0290 4124 fastfat - ok
17:07:24.0317 4124 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
17:07:24.0333 4124 fdc - ok
17:07:24.0366 4124 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
17:07:24.0378 4124 FileInfo - ok
17:07:24.0401 4124 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
17:07:24.0432 4124 Filetrace - ok
17:07:24.0456 4124 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
17:07:24.0471 4124 flpydisk - ok
17:07:24.0498 4124 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
17:07:24.0512 4124 FltMgr - ok
17:07:24.0544 4124 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
17:07:24.0557 4124 FsDepends - ok
17:07:24.0597 4124 fssfltr (bfaaa92861526bb0adcd01e964ab6609) C:\Windows\system32\DRIVERS\fssfltr.sys
17:07:24.0608 4124 fssfltr - ok
17:07:24.0636 4124 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
17:07:24.0659 4124 Fs_Rec - ok
17:07:24.0693 4124 FTDIBUS (7c17235845d5ae3fb33ead47b5881521) C:\Windows\system32\drivers\ftdibus.sys
17:07:24.0703 4124 FTDIBUS - ok
17:07:24.0736 4124 FTSER2K (23220a4709cc5785f9633ba71416145c) C:\Windows\system32\drivers\ftser2k.sys
17:07:24.0746 4124 FTSER2K - ok
17:07:24.0773 4124 fvevol (5592f5dba26282d24d2b080eb438a4d7) C:\Windows\system32\DRIVERS\fvevol.sys
17:07:24.0789 4124 fvevol - ok
17:07:24.0809 4124 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
17:07:24.0821 4124 gagp30kx - ok
17:07:24.0847 4124 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:07:24.0857 4124 GEARAspiWDM - ok
17:07:24.0895 4124 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
17:07:24.0922 4124 hcw85cir - ok
17:07:24.0959 4124 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f)

Alt 05.03.2012, 16:15   #9
Denni
 
RunDll fehler /AppData/Roaming.... - Standard

RunDll fehler /AppData/Roaming....



C:\Windows\system32\drivers\HdAudio.sys
17:07:24.0996 4124 HdAudAddService - ok
17:07:25.0019 4124 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
17:07:25.0037 4124 HDAudBus - ok
17:07:25.0070 4124 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
17:07:25.0086 4124 HidBatt - ok
17:07:25.0109 4124 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
17:07:25.0127 4124 HidBth - ok
17:07:25.0154 4124 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
17:07:25.0172 4124 HidIr - ok
17:07:25.0196 4124 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
17:07:25.0212 4124 HidUsb - ok
17:07:25.0248 4124 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
17:07:25.0261 4124 HpSAMD - ok
17:07:25.0296 4124 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
17:07:25.0336 4124 HTTP - ok
17:07:25.0350 4124 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
17:07:25.0362 4124 hwpolicy - ok
17:07:25.0384 4124 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
17:07:25.0400 4124 i8042prt - ok
17:07:25.0424 4124 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\DRIVERS\iaStorV.sys
17:07:25.0441 4124 iaStorV - ok
17:07:25.0466 4124 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
17:07:25.0478 4124 iirsp - ok
17:07:25.0502 4124 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
17:07:25.0514 4124 intelide - ok
17:07:25.0536 4124 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
17:07:25.0552 4124 intelppm - ok
17:07:25.0569 4124 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:07:25.0600 4124 IpFilterDriver - ok
17:07:25.0625 4124 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
17:07:25.0643 4124 IPMIDRV - ok
17:07:25.0760 4124 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
17:07:25.0813 4124 IPNAT - ok
17:07:25.0840 4124 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
17:07:25.0859 4124 IRENUM - ok
17:07:25.0877 4124 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
17:07:25.0890 4124 isapnp - ok
17:07:25.0937 4124 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
17:07:25.0961 4124 iScsiPrt - ok
17:07:26.0083 4124 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
17:07:26.0107 4124 kbdclass - ok
17:07:26.0132 4124 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
17:07:26.0148 4124 kbdhid - ok
17:07:26.0198 4124 KL1 (94d67d49bd9503bb1d838405d80f2058) C:\Windows\system32\DRIVERS\kl1.sys
17:07:26.0214 4124 KL1 - ok
17:07:26.0252 4124 kl2 (713576569667ac9e0f8556076004a96b) C:\Windows\system32\DRIVERS\kl2.sys
17:07:26.0266 4124 kl2 - ok
17:07:26.0322 4124 KLIF (39920d69eaedb51757527aa54fe25216) C:\Windows\system32\DRIVERS\klif.sys
17:07:26.0353 4124 KLIF - ok
17:07:26.0381 4124 KLIM6 (cf88b4985d957eee45c9939092e87c92) C:\Windows\system32\DRIVERS\klim6.sys
17:07:26.0391 4124 KLIM6 - ok
17:07:26.0427 4124 klmouflt (3de1771c135328420315e21dde229bba) C:\Windows\system32\DRIVERS\klmouflt.sys
17:07:26.0438 4124 klmouflt - ok
17:07:26.0467 4124 KSecDD (0263364acb9c834ace52fb85c2c064ec) C:\Windows\system32\Drivers\ksecdd.sys
17:07:26.0480 4124 KSecDD - ok
17:07:26.0516 4124 KSecPkg (27391db553be2a4e2b0adeea2873b2af) C:\Windows\system32\Drivers\ksecpkg.sys
17:07:26.0529 4124 KSecPkg - ok
17:07:26.0561 4124 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
17:07:26.0590 4124 lltdio - ok
17:07:26.0620 4124 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
17:07:26.0632 4124 LSI_FC - ok
17:07:26.0651 4124 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
17:07:26.0663 4124 LSI_SAS - ok
17:07:26.0683 4124 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:07:26.0695 4124 LSI_SAS2 - ok
17:07:26.0723 4124 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:07:26.0736 4124 LSI_SCSI - ok
17:07:26.0757 4124 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
17:07:26.0791 4124 luafv - ok
17:07:26.0830 4124 LVUSBSta (9e9306063ecd8aa91b3fb76678d3cee2) C:\Windows\system32\drivers\LVUSBSta.sys
17:07:26.0851 4124 LVUSBSta - ok
17:07:26.0886 4124 mamotou (406ea3b1bd43a2c14eeee06c49df0d5d) C:\Windows\system32\DRIVERS\mamotou.sys
17:07:26.0893 4124 mamotou ( UnsignedFile.Multi.Generic ) - warning
17:07:26.0893 4124 mamotou - detected UnsignedFile.Multi.Generic (1)
17:07:26.0935 4124 ManyCam (c6d085c7045200143528136a43a65fde) C:\Windows\system32\DRIVERS\ManyCam.sys
17:07:26.0961 4124 ManyCam - ok
17:07:26.0990 4124 MaVctrl (1b467fb39d6ee0e7f1970eee5fc07121) C:\Windows\system32\DRIVERS\MaVc2K.sys
17:07:26.0994 4124 MaVctrl ( UnsignedFile.Multi.Generic ) - warning
17:07:26.0994 4124 MaVctrl - detected UnsignedFile.Multi.Generic (1)
17:07:27.0026 4124 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
17:07:27.0038 4124 megasas - ok
17:07:27.0064 4124 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
17:07:27.0080 4124 MegaSR - ok
17:07:27.0114 4124 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
17:07:27.0164 4124 Modem - ok
17:07:27.0181 4124 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
17:07:27.0199 4124 monitor - ok
17:07:27.0216 4124 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
17:07:27.0229 4124 mouclass - ok
17:07:27.0247 4124 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
17:07:27.0263 4124 mouhid - ok
17:07:27.0287 4124 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
17:07:27.0300 4124 mountmgr - ok
17:07:27.0322 4124 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
17:07:27.0344 4124 mpio - ok
17:07:27.0364 4124 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
17:07:27.0406 4124 mpsdrv - ok
17:07:27.0435 4124 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
17:07:27.0462 4124 MRxDAV - ok
17:07:27.0498 4124 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:07:27.0523 4124 mrxsmb - ok
17:07:27.0567 4124 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:07:27.0598 4124 mrxsmb10 - ok
17:07:27.0620 4124 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:07:27.0636 4124 mrxsmb20 - ok
17:07:27.0657 4124 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
17:07:27.0669 4124 msahci - ok
17:07:27.0688 4124 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
17:07:27.0701 4124 msdsm - ok
17:07:27.0725 4124 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
17:07:27.0756 4124 Msfs - ok
17:07:27.0775 4124 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
17:07:27.0806 4124 mshidkmdf - ok
17:07:27.0828 4124 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
17:07:27.0840 4124 msisadrv - ok
17:07:27.0866 4124 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
17:07:27.0898 4124 MSKSSRV - ok
17:07:27.0924 4124 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
17:07:27.0967 4124 MSPCLOCK - ok
17:07:27.0990 4124 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
17:07:28.0021 4124 MSPQM - ok
17:07:28.0045 4124 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
17:07:28.0059 4124 MsRPC - ok
17:07:28.0084 4124 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
17:07:28.0096 4124 mssmbios - ok
17:07:28.0120 4124 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
17:07:28.0151 4124 MSTEE - ok
17:07:28.0186 4124 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
17:07:28.0205 4124 MTConfig - ok
17:07:28.0232 4124 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
17:07:28.0245 4124 Mup - ok
17:07:28.0265 4124 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
17:07:28.0286 4124 NativeWifiP - ok
17:07:28.0327 4124 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
17:07:28.0350 4124 NDIS - ok
17:07:28.0371 4124 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
17:07:28.0402 4124 NdisCap - ok
17:07:28.0423 4124 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
17:07:28.0451 4124 NdisTapi - ok
17:07:28.0475 4124 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
17:07:28.0507 4124 Ndisuio - ok
17:07:28.0534 4124 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
17:07:28.0566 4124 NdisWan - ok
17:07:28.0589 4124 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
17:07:28.0621 4124 NDProxy - ok
17:07:28.0642 4124 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
17:07:28.0673 4124 NetBIOS - ok
17:07:28.0694 4124 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
17:07:28.0727 4124 NetBT - ok
17:07:28.0780 4124 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
17:07:28.0804 4124 nfrd960 - ok
17:07:28.0833 4124 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
17:07:28.0863 4124 Npfs - ok
17:07:28.0902 4124 NPPTNT2 (9131fe60adfab595c8da53ad6a06aa31) C:\Windows\system32\npptNT2.sys
17:07:28.0913 4124 NPPTNT2 ( UnsignedFile.Multi.Generic ) - warning
17:07:28.0913 4124 NPPTNT2 - detected UnsignedFile.Multi.Generic (1)
17:07:28.0940 4124 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
17:07:28.0978 4124 nsiproxy - ok
17:07:29.0033 4124 Ntfs (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers\Ntfs.sys
17:07:29.0078 4124 Ntfs - ok
17:07:29.0159 4124 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
17:07:29.0216 4124 Null - ok
17:07:29.0266 4124 NVENETFD (b5e37e31c053bc9950455a257526514b) C:\Windows\system32\DRIVERS\nvm62x32.sys
17:07:29.0294 4124 NVENETFD - ok
17:07:29.0521 4124 nvlddmkm (712d98d35e68d0006b121f4a3b8ee814) C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:07:29.0724 4124 nvlddmkm - ok
17:07:29.0759 4124 NVNET (5bf9c11586f4764446407f509f1beca8) C:\Windows\system32\DRIVERS\nvmf6232.sys
17:07:29.0773 4124 NVNET - ok
17:07:29.0798 4124 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\DRIVERS\nvraid.sys
17:07:29.0812 4124 nvraid - ok
17:07:29.0848 4124 nvrd32 (6f922993c8aa8bf555b0a8428aab5731) C:\Windows\system32\DRIVERS\nvrd32.sys
17:07:29.0860 4124 nvrd32 - ok
17:07:29.0878 4124 nvsmu (f13618f0cb1e95232f4c2401592a59e9) C:\Windows\system32\DRIVERS\nvsmu.sys
17:07:29.0892 4124 nvsmu - ok
17:07:29.0919 4124 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\DRIVERS\nvstor.sys
17:07:29.0934 4124 nvstor - ok
17:07:29.0975 4124 nvstor32 (269de658deaf032564e8b6430b5bd170) C:\Windows\system32\DRIVERS\nvstor32.sys
17:07:29.0999 4124 nvstor32 - ok
17:07:30.0025 4124 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
17:07:30.0039 4124 nv_agp - ok
17:07:30.0069 4124 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
17:07:30.0085 4124 ohci1394 - ok
17:07:30.0124 4124 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
17:07:30.0143 4124 Parport - ok
17:07:30.0161 4124 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
17:07:30.0174 4124 partmgr - ok
17:07:30.0199 4124 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
17:07:30.0217 4124 Parvdm - ok
17:07:30.0251 4124 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
17:07:30.0278 4124 pci - ok
17:07:30.0306 4124 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
17:07:30.0318 4124 pciide - ok
17:07:30.0345 4124 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
17:07:30.0360 4124 pcmcia - ok
17:07:30.0391 4124 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
17:07:30.0413 4124 pcw - ok
17:07:30.0506 4124 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
17:07:30.0562 4124 PEAUTH - ok
17:07:30.0764 4124 pepifilter (d30eda6e1ab3c8c82f2ca085ab79040a) C:\Windows\system32\DRIVERS\lv302af.sys
17:07:30.0782 4124 pepifilter - ok
17:07:30.0931 4124 PID_PEPI (0da6c5e0c8da6cebe52daacfe7ae9de6) C:\Windows\system32\DRIVERS\LV302V32.SYS
17:07:30.0983 4124 PID_PEPI - ok
17:07:31.0036 4124 portio32 (09687a361c9f1418973a4ae17d2f52cc) C:\Windows\system32\drivers\portio32.sys
17:07:31.0042 4124 portio32 ( UnsignedFile.Multi.Generic ) - warning
17:07:31.0042 4124 portio32 - detected UnsignedFile.Multi.Generic (1)
17:07:31.0211 4124 PORTIO64 (5f86f324faa18c31a3ef3805169e508a) C:\Users\Denis\Desktop\162201798 Bluescreen^\JungleFlasher v0.1.76 Beta (166)\portio32.sys
17:07:31.0218 4124 PORTIO64 ( UnsignedFile.Multi.Generic ) - warning
17:07:31.0218 4124 PORTIO64 - detected UnsignedFile.Multi.Generic (1)
17:07:31.0251 4124 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
17:07:31.0303 4124 PptpMiniport - ok
17:07:31.0331 4124 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
17:07:31.0347 4124 Processor - ok
17:07:31.0376 4124 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
17:07:31.0429 4124 Psched - ok
17:07:31.0478 4124 pxkbf (0c738845c7c12c45f05b127edff2cc87) C:\Windows\system32\drivers\pxkbf.sys
17:07:31.0501 4124 pxkbf - ok
17:07:31.0527 4124 pxrts (04d1c97a0818f9378eeaa793a09f8202) C:\Windows\system32\drivers\pxrts.sys
17:07:31.0539 4124 pxrts - ok
17:07:31.0560 4124 pxscan (e6e1f9f717feab3e16c3b160b17e6855) C:\Windows\system32\drivers\pxscan.sys
17:07:31.0571 4124 pxscan - ok
17:07:31.0614 4124 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
17:07:31.0656 4124 ql2300 - ok
17:07:31.0687 4124 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
17:07:31.0700 4124 ql40xx - ok
17:07:31.0732 4124 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
17:07:31.0751 4124 QWAVEdrv - ok
17:07:31.0778 4124 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
17:07:31.0819 4124 RasAcd - ok
17:07:31.0858 4124 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:07:31.0887 4124 RasAgileVpn - ok
17:07:31.0916 4124 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:07:31.0947 4124 Rasl2tp - ok
17:07:31.0971 4124 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
17:07:32.0002 4124 RasPppoe - ok
17:07:32.0019 4124 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
17:07:32.0049 4124 RasSstp - ok
17:07:32.0070 4124 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
17:07:32.0104 4124 rdbss - ok
17:07:32.0121 4124 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
17:07:32.0139 4124 rdpbus - ok
17:07:32.0160 4124 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:07:32.0191 4124 RDPCDD - ok
17:07:32.0220 4124 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys
17:07:32.0236 4124 RDPDR - ok
17:07:32.0262 4124 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
17:07:32.0292 4124 RDPENCDD - ok
17:07:32.0320 4124 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
17:07:32.0349 4124 RDPREFMP - ok
17:07:32.0378 4124 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
17:07:32.0414 4124 RDPWD - ok
17:07:32.0442 4124 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
17:07:32.0456 4124 rdyboost - ok
17:07:32.0491 4124 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\Windows\system32\DRIVERS\RimSerial.sys
17:07:32.0504 4124 RimVSerPort - ok
17:07:32.0525 4124 ROOTMODEM (564297827d213f52c7a3a2ff749568ca) C:\Windows\system32\Drivers\RootMdm.sys
17:07:32.0554 4124 ROOTMODEM - ok
17:07:32.0583 4124 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
17:07:32.0613 4124 rspndr - ok
17:07:32.0649 4124 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys
17:07:32.0677 4124 s3cap - ok
17:07:32.0713 4124 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
17:07:32.0738 4124 sbp2port - ok
17:07:32.0770 4124 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
17:07:32.0801 4124 scfilter - ok
17:07:32.0836 4124 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
17:07:32.0867 4124 secdrv - ok
17:07:32.0902 4124 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
17:07:32.0920 4124 Serenum - ok
17:07:32.0942 4124 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
17:07:32.0958 4124 Serial - ok
17:07:32.0979 4124 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
17:07:32.0995 4124 sermouse - ok
17:07:33.0034 4124 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
17:07:33.0051 4124 sffdisk - ok
17:07:33.0075 4124 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
17:07:33.0093 4124 sffp_mmc - ok
17:07:33.0111 4124 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys
17:07:33.0132 4124 sffp_sd - ok
17:07:33.0152 4124 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
17:07:33.0168 4124 sfloppy - ok
17:07:33.0199 4124 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
17:07:33.0211 4124 sisagp - ok
17:07:33.0235 4124 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:07:33.0248 4124 SiSRaid2 - ok
17:07:33.0268 4124 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
17:07:33.0281 4124 SiSRaid4 - ok
17:07:33.0306 4124 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
17:07:33.0344 4124 Smb - ok
17:07:33.0378 4124 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
17:07:33.0390 4124 spldr - ok
17:07:33.0457 4124 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys
17:07:33.0457 4124 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
17:07:33.0460 4124 sptd ( LockedFile.Multi.Generic ) - warning
17:07:33.0460 4124 sptd - detected LockedFile.Multi.Generic (1)
17:07:33.0508 4124 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\Windows\system32\DRIVERS\srv.sys
17:07:33.0542 4124 srv - ok
17:07:33.0572 4124 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\Windows\system32\DRIVERS\srv2.sys
17:07:33.0598 4124 srv2 - ok
17:07:33.0639 4124 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\Windows\system32\DRIVERS\srvnet.sys
17:07:33.0668 4124 srvnet - ok
17:07:33.0711 4124 sscdbus (d5dffeaa1e15d4effabb9d9a3068ac5b) C:\Windows\system32\DRIVERS\sscdbus.sys
17:07:33.0737 4124 sscdbus - ok
17:07:33.0779 4124 sscdmdfl (8a1be0c347814f482f493aea619d57f6) C:\Windows\system32\DRIVERS\sscdmdfl.sys
17:07:33.0802 4124 sscdmdfl - ok
17:07:33.0846 4124 sscdmdm (5ab0b1987f682a59b15b78f84c6ad7d0) C:\Windows\system32\DRIVERS\sscdmdm.sys
17:07:33.0870 4124 sscdmdm - ok
17:07:34.0063 4124 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
17:07:34.0087 4124 stexstor - ok
17:07:34.0219 4124 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys
17:07:34.0240 4124 storflt - ok
17:07:34.0352 4124 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys
17:07:34.0375 4124 storvsc - ok
17:07:34.0504 4124 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
17:07:34.0528 4124 swenum - ok
17:07:34.0611 4124 Tcpip (56c198ac82efa622dd93e9e43575f79c) C:\Windows\system32\drivers\tcpip.sys
17:07:34.0658 4124 Tcpip - ok
17:07:34.0698 4124 TCPIP6 (56c198ac82efa622dd93e9e43575f79c) C:\Windows\system32\DRIVERS\tcpip.sys
17:07:34.0730 4124 TCPIP6 - ok
17:07:34.0754 4124 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
17:07:34.0785 4124 tcpipreg - ok
17:07:34.0813 4124 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
17:07:34.0845 4124 TDPIPE - ok
17:07:34.0863 4124 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
17:07:34.0894 4124 TDTCP - ok
17:07:34.0915 4124 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
17:07:34.0955 4124 tdx - ok
17:07:34.0978 4124 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
17:07:34.0990 4124 TermDD - ok
17:07:35.0026 4124 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:07:35.0057 4124 tssecsrv - ok
17:07:35.0077 4124 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
17:07:35.0116 4124 tunnel - ok
17:07:35.0136 4124 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
17:07:35.0149 4124 uagp35 - ok
17:07:35.0175 4124 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
17:07:35.0208 4124 udfs - ok
17:07:35.0245 4124 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
17:07:35.0258 4124 uliagpkx - ok
17:07:35.0281 4124 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
17:07:35.0297 4124 umbus - ok
17:07:35.0321 4124 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
17:07:35.0337 4124 UmPass - ok
17:07:35.0381 4124 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
17:07:35.0407 4124 USBAAPL - ok
17:07:35.0444 4124 usbaudio (2436a42aab4ad48a9b714e5b0f344627) C:\Windows\system32\drivers\usbaudio.sys
17:07:35.0461 4124 usbaudio - ok
17:07:35.0484 4124 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys
17:07:35.0500 4124 usbccgp - ok
17:07:35.0519 4124 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
17:07:35.0536 4124 usbcir - ok
17:07:35.0556 4124 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys
17:07:35.0571 4124 usbehci - ok
17:07:35.0601 4124 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\Windows\system32\DRIVERS\usbhub.sys
17:07:35.0619 4124 usbhub - ok
17:07:35.0642 4124 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
17:07:35.0658 4124 usbohci - ok
17:07:35.0681 4124 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
17:07:35.0699 4124 usbprint - ok
17:07:35.0725 4124 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:07:35.0742 4124 USBSTOR - ok
17:07:35.0761 4124 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
17:07:35.0782 4124 usbuhci - ok
17:07:35.0817 4124 usb_rndisx (d82f43d15fdaa666856c0190cb73e7c9) C:\Windows\system32\DRIVERS\usb8023x.sys
17:07:35.0835 4124 usb_rndisx - ok
17:07:35.0862 4124 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
17:07:35.0874 4124 vdrvroot - ok
17:07:35.0972 4124 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
17:07:36.0004 4124 vga - ok
17:07:36.0024 4124 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
17:07:36.0080 4124 VgaSave - ok
17:07:36.0111 4124 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
17:07:36.0134 4124 vhdmp - ok
17:07:36.0162 4124 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
17:07:36.0176 4124 viaagp - ok
17:07:36.0198 4124 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
17:07:36.0214 4124 ViaC7 - ok
17:07:36.0235 4124 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
17:07:36.0247 4124 viaide - ok
17:07:36.0275 4124 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys
17:07:36.0290 4124 vmbus - ok
17:07:36.0312 4124 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys
17:07:36.0327 4124 VMBusHID - ok
17:07:36.0369 4124 vmm (817da66b1b889fad1dbf669e0e2f3228) C:\Windows\system32\Drivers\vmm.sys
17:07:36.0395 4124 vmm - ok
17:07:36.0418 4124 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
17:07:36.0431 4124 volmgr - ok
17:07:36.0453 4124 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
17:07:36.0469 4124 volmgrx - ok
17:07:36.0497 4124 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
17:07:36.0513 4124 volsnap - ok
17:07:36.0550 4124 VPCNetS2 (2abe8281db609d8bb1bd1b2f93800d5f) C:\Windows\system32\DRIVERS\VMNetSrv.sys
17:07:36.0572 4124 VPCNetS2 - ok
17:07:36.0597 4124 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
17:07:36.0611 4124 vsmraid - ok
17:07:36.0629 4124 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
17:07:36.0647 4124 vwifibus - ok
17:07:36.0678 4124 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
17:07:36.0693 4124 WacomPen - ok
17:07:36.0715 4124 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
17:07:36.0746 4124 WANARP - ok
17:07:36.0765 4124 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
17:07:36.0796 4124 Wanarpv6 - ok
17:07:36.0842 4124 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
17:07:36.0854 4124 Wd - ok
17:07:36.0883 4124 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
17:07:36.0901 4124 Wdf01000 - ok
17:07:36.0946 4124 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
17:07:36.0977 4124 WfpLwf - ok
17:07:36.0997 4124 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
17:07:37.0011 4124 WIMMount - ok
17:07:37.0081 4124 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys
17:07:37.0098 4124 WinUsb - ok
17:07:37.0135 4124 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
17:07:37.0151 4124 WmiAcpi - ok
17:07:37.0192 4124 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
17:07:37.0225 4124 ws2ifsl - ok
17:07:37.0259 4124 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
17:07:37.0292 4124 WudfPf - ok
17:07:37.0315 4124 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:07:37.0347 4124 WUDFRd - ok
17:07:37.0380 4124 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
17:07:37.0488 4124 \Device\Harddisk0\DR0 - ok
17:07:37.0494 4124 Boot (0x1200) (11bafbd9fa5b59752e28b509f61bbfb8) \Device\Harddisk0\DR0\Partition0
17:07:37.0496 4124 \Device\Harddisk0\DR0\Partition0 - ok
17:07:37.0515 4124 Boot (0x1200) (3a037c91f84e78366d5ebd7722f89ad7) \Device\Harddisk0\DR0\Partition1
17:07:37.0518 4124 \Device\Harddisk0\DR0\Partition1 - ok
17:07:37.0518 4124 ============================================================
17:07:37.0518 4124 Scan finished
17:07:37.0518 4124 ============================================================
17:07:37.0526 3844 Detected object count: 6
17:07:37.0526 3844 Actual detected object count: 6
17:07:42.0803 3844 mamotou ( UnsignedFile.Multi.Generic ) - skipped by user
17:07:42.0803 3844 mamotou ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:07:42.0806 3844 MaVctrl ( UnsignedFile.Multi.Generic ) - skipped by user
17:07:42.0806 3844 MaVctrl ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:07:42.0808 3844 NPPTNT2 ( UnsignedFile.Multi.Generic ) - skipped by user
17:07:42.0808 3844 NPPTNT2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:07:42.0811 3844 portio32 ( UnsignedFile.Multi.Generic ) - skipped by user
17:07:42.0811 3844 portio32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:07:42.0814 3844 PORTIO64 ( UnsignedFile.Multi.Generic ) - skipped by user
17:07:42.0814 3844 PORTIO64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:07:42.0816 3844 sptd ( LockedFile.Multi.Generic ) - skipped by user
17:07:42.0817 3844 sptd ( LockedFile.Multi.Generic ) - User select action: Skip



MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Ultimate Edition
Windows Information: (build 7600), 32-bit
Base Board Manufacturer: PEGATRON CORPORATION
BIOS Manufacturer: American Megatrends Inc.
System Manufacturer: Compaq-Presario
System Product Name: NF596AA-ABD SR5724DE
Logical Drives Mask: 0x00000f9c

Kernel Drivers (total 206):
0x83014000 \SystemRoot\system32\ntkrnlpa.exe
0x83424000 \SystemRoot\system32\halmacpi.dll
0x80BC1000 \SystemRoot\system32\kdcom.dll
0x8360F000 \SystemRoot\system32\mcupdate_AuthenticAMD.dll
0x8361A000 \SystemRoot\system32\PSHED.dll
0x8362B000 \SystemRoot\system32\BOOTVID.dll
0x83633000 \SystemRoot\system32\CLFS.SYS
0x83675000 \SystemRoot\system32\CI.dll
0x83720000 \SystemRoot\system32\drivers\Wdf01000.sys
0x83791000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x8B81B000 \SystemRoot\System32\Drivers\spxv.sys
0x8B90E000 \SystemRoot\System32\Drivers\WMILIB.SYS
0x8B917000 \SystemRoot\System32\Drivers\SCSIPORT.SYS
0x8B93D000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x8B985000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x8B98D000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x8B998000 \SystemRoot\system32\DRIVERS\pci.sys
0x8B9C2000 \SystemRoot\System32\drivers\partmgr.sys
0x8B9D3000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x8379F000 \SystemRoot\System32\drivers\volmgrx.sys
0x8BA0B000 \SystemRoot\system32\DRIVERS\nvraid.sys
0x8BA2A000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x8BA4F000 \SystemRoot\system32\DRIVERS\nvrd32.sys
0x8BABA000 \SystemRoot\System32\drivers\mountmgr.sys
0x8BAD0000 \SystemRoot\system32\DRIVERS\nvstor.sys
0x8BAF5000 \SystemRoot\system32\DRIVERS\storport.sys
0x8BB3C000 \SystemRoot\system32\DRIVERS\nvstor32.sys
0x8BB73000 \SystemRoot\system32\DRIVERS\amdxata.sys
0x8BB7C000 \SystemRoot\system32\drivers\fltmgr.sys
0x8BBB0000 \SystemRoot\system32\drivers\fileinfo.sys
0x8BC39000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8BD68000 \SystemRoot\System32\Drivers\msrpc.sys
0x8BD93000 \SystemRoot\System32\Drivers\ksecdd.sys
0x8BE13000 \SystemRoot\System32\Drivers\cng.sys
0x8BE70000 \SystemRoot\System32\drivers\pcw.sys
0x8BE7E000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x8BE87000 \SystemRoot\system32\drivers\ndis.sys
0x8BF3E000 \SystemRoot\system32\drivers\NETIO.SYS
0x8BF7C000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x8C019000 \SystemRoot\System32\drivers\tcpip.sys
0x8C162000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x8C193000 \SystemRoot\system32\DRIVERS\vmstorfl.sys
0x8C19C000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x8C1DB000 \SystemRoot\System32\Drivers\spldr.sys
0x8BFA1000 \SystemRoot\System32\drivers\rdyboost.sys
0x8C1E3000 \SystemRoot\System32\Drivers\mup.sys
0x8C238000 \SystemRoot\system32\DRIVERS\kl1.sys
0x8C75A000 \SystemRoot\System32\drivers\hwpolicy.sys
0x8C762000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x8C794000 \SystemRoot\system32\DRIVERS\disk.sys
0x8C211000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x97E24000 \SystemRoot\system32\DRIVERS\klif.sys
0x97EA7000 \SystemRoot\System32\Drivers\Null.SYS
0x97EAE000 \SystemRoot\System32\Drivers\Beep.SYS
0x97EB5000 \SystemRoot\System32\drivers\vga.sys
0x97EC1000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x97EE2000 \SystemRoot\System32\drivers\watchdog.sys
0x97EEF000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x97EF7000 \SystemRoot\system32\drivers\rdpencdd.sys
0x97EFF000 \SystemRoot\system32\drivers\rdprefmp.sys
0x97F07000 \SystemRoot\System32\Drivers\Msfs.SYS
0x97F12000 \SystemRoot\System32\Drivers\Npfs.SYS
0x97F20000 \SystemRoot\system32\DRIVERS\tdx.sys
0x97F37000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x97F42000 \SystemRoot\system32\DRIVERS\kl2.sys
0x97F48000 \SystemRoot\system32\drivers\afd.sys
0x97FA2000 \SystemRoot\System32\DRIVERS\netbt.sys
0x97FD4000 \SystemRoot\system32\drivers\ws2ifsl.sys
0x97FDD000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x97E00000 \SystemRoot\system32\DRIVERS\pacer.sys
0x97FE4000 \SystemRoot\system32\DRIVERS\klim6.sys
0x97FEC000 \SystemRoot\system32\DRIVERS\netbios.sys
0x8C000000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x8BDA6000 \??\C:\Windows\system32\Drivers\vmm.sys
0x8BFCE000 \SystemRoot\system32\DRIVERS\termdd.sys
0x97C2A000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x97C6B000 \SystemRoot\system32\drivers\nsiproxy.sys
0x97C75000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x97C7F000 \SystemRoot\System32\Drivers\ElbyCDIO.sys
0x97C84000 \SystemRoot\System32\drivers\discache.sys
0x97C90000 \SystemRoot\system32\drivers\csc.sys
0x97CF4000 \SystemRoot\System32\Drivers\dfsc.sys
0x97D0C000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x97D1A000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x97D3B000 \SystemRoot\system32\DRIVERS\amdppm.sys
0x97D4C000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x97D64000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x97D71000 \SystemRoot\system32\DRIVERS\nvsmu.sys
0x97D7A000 \SystemRoot\system32\DRIVERS\usbohci.sys
0x97D84000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x97DCF000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x97DDE000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x8BC00000 \SystemRoot\system32\DRIVERS\1394ohci.sys
0x97C00000 \SystemRoot\System32\Drivers\ElbyCDFL.sys
0x97C07000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x9823D000 \SystemRoot\system32\DRIVERS\nvmf6232.sys
0x99606000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x9A112000 \SystemRoot\system32\DRIVERS\nvBridge.kmd
0x9A114000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x98282000 \SystemRoot\System32\drivers\dxgmms1.sys
0x982BB000 \SystemRoot\System32\Drivers\a0qfqjy2.SYS
0x9A1CB000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x9A1D4000 \SystemRoot\system32\DRIVERS\VMNetSrv.sys
0x9A1E5000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x99600000 \SystemRoot\system32\DRIVERS\ManyCam.sys
0x982F4000 \SystemRoot\system32\DRIVERS\STREAM.SYS
0x98302000 \SystemRoot\system32\DRIVERS\ks.sys
0x98336000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x98348000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x9A1F2000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x98360000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x98382000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x9839A000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x983B1000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x983C8000 \SystemRoot\system32\DRIVERS\rdpbus.sys
0x983D2000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x9A1FD000 \SystemRoot\system32\DRIVERS\swenum.sys
0x983DF000 \SystemRoot\system32\DRIVERS\circlass.sys

Alt 05.03.2012, 18:53   #10
Chris4You
 
RunDll fehler /AppData/Roaming.... - Standard

RunDll fehler /AppData/Roaming....



Hi,

MBRCheck-Log nochmal posten... (das Ende mit MBR fehlt)

Die von TDSS gefundenen Files haben nur keine Signatur, das hat erst mal nicht viel zu sagen.. daher prüfen wir mal Stichprobenhaft...

Dateien Online überprüfen lassen
  • Suche die Seite Virustotal auf, klicke auf den Button „Durchsuchen“ und suche folgende Datei/Dateien:
Code:
ATTFilter
C:\Windows\system32\DRIVERS\mamotou.sys
C:\Windows\system32\npptNT2.sys
         
  • Lade nun nacheinander jede/alle Datei/Dateien hoch, und warte bis der Scan vorbei ist. (kann bis zu 2 Minuten dauern.)
  • Poste im Anschluss das Ergebnis der Auswertung, alles abkopieren und in einen Beitrag einfügen.
  • Wichtig: Auch die Größenangabe sowie den HASH mit kopieren!

chris
__________________
Don't bring me down
Vor dem posten beachten!
Spenden
(Wer spenden will, kann sich gerne melden )

Alt 05.03.2012, 22:49   #11
Denni
 
RunDll fehler /AppData/Roaming.... - Standard

RunDll fehler /AppData/Roaming....



hier nochmal MBR
MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Ultimate Edition
Windows Information: (build 7600), 32-bit
Base Board Manufacturer: PEGATRON CORPORATION
BIOS Manufacturer: American Megatrends Inc.
System Manufacturer: Compaq-Presario
System Product Name: NF596AA-ABD SR5724DE
Logical Drives Mask: 0x00000f9c

Kernel Drivers (total 207):
0x83012000 \SystemRoot\system32\ntkrnlpa.exe
0x83422000 \SystemRoot\system32\halmacpi.dll
0x80BB3000 \SystemRoot\system32\kdcom.dll
0x83638000 \SystemRoot\system32\mcupdate_AuthenticAMD.dll
0x83643000 \SystemRoot\system32\PSHED.dll
0x83654000 \SystemRoot\system32\BOOTVID.dll
0x8365C000 \SystemRoot\system32\CLFS.SYS
0x8369E000 \SystemRoot\system32\CI.dll
0x83749000 \SystemRoot\system32\drivers\Wdf01000.sys
0x837BA000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x8B80E000 \SystemRoot\System32\Drivers\spkr.sys
0x8B901000 \SystemRoot\System32\Drivers\WMILIB.SYS
0x8B90A000 \SystemRoot\System32\Drivers\SCSIPORT.SYS
0x8B930000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x8B978000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x8B980000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x8B98B000 \SystemRoot\system32\DRIVERS\pci.sys
0x8B9B5000 \SystemRoot\System32\drivers\partmgr.sys
0x8B9C6000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x8BA0C000 \SystemRoot\System32\drivers\volmgrx.sys
0x8BA57000 \SystemRoot\system32\DRIVERS\nvraid.sys
0x8BA76000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x8BA9B000 \SystemRoot\system32\DRIVERS\nvrd32.sys
0x8BB06000 \SystemRoot\System32\drivers\mountmgr.sys
0x8BB1C000 \SystemRoot\System32\drivers\pxscan.sys
0x8BB22000 \SystemRoot\system32\DRIVERS\nvstor.sys
0x8BB47000 \SystemRoot\system32\DRIVERS\storport.sys
0x8BB8E000 \SystemRoot\system32\DRIVERS\nvstor32.sys
0x8BBC5000 \SystemRoot\system32\DRIVERS\amdxata.sys
0x837C8000 \SystemRoot\system32\drivers\fltmgr.sys
0x8BBCE000 \SystemRoot\system32\drivers\fileinfo.sys
0x8BC1E000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8BD4D000 \SystemRoot\System32\Drivers\msrpc.sys
0x8BD78000 \SystemRoot\System32\Drivers\ksecdd.sys
0x8BD8B000 \SystemRoot\System32\Drivers\cng.sys
0x8BDE8000 \SystemRoot\System32\drivers\pcw.sys
0x8BDF6000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x8BE29000 \SystemRoot\system32\drivers\ndis.sys
0x8BEE0000 \SystemRoot\system32\drivers\NETIO.SYS
0x8BF1E000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x8C015000 \SystemRoot\System32\drivers\tcpip.sys
0x8C15E000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x8C18F000 \SystemRoot\system32\DRIVERS\vmstorfl.sys
0x8C198000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x8C1D7000 \SystemRoot\System32\Drivers\spldr.sys
0x8BF43000 \SystemRoot\System32\drivers\rdyboost.sys
0x8C1DF000 \SystemRoot\System32\Drivers\mup.sys
0x8C237000 \SystemRoot\system32\DRIVERS\kl1.sys
0x8C759000 \SystemRoot\System32\drivers\hwpolicy.sys
0x8C761000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x8C793000 \SystemRoot\system32\DRIVERS\disk.sys
0x8C211000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x8C1EF000 \SystemRoot\System32\drivers\pxrts.sys
0x8C7F2000 \SystemRoot\System32\drivers\TDI.SYS
0x8BF70000 \SystemRoot\system32\DRIVERS\klif.sys
0x8C230000 \SystemRoot\System32\Drivers\Null.SYS
0x8C000000 \SystemRoot\System32\Drivers\Beep.SYS
0x8C007000 \SystemRoot\System32\drivers\vga.sys
0x8BE00000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x8BFF3000 \SystemRoot\System32\drivers\watchdog.sys
0x8BE21000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x8BC00000 \SystemRoot\system32\drivers\rdpencdd.sys
0x8BC08000 \SystemRoot\system32\drivers\rdprefmp.sys
0x8BC10000 \SystemRoot\System32\Drivers\Msfs.SYS
0x8BBDF000 \SystemRoot\System32\Drivers\Npfs.SYS
0x8B9D6000 \SystemRoot\system32\DRIVERS\tdx.sys
0x8BBED000 \SystemRoot\system32\DRIVERS\kl2.sys
0x97C24000 \SystemRoot\system32\drivers\afd.sys
0x97C7E000 \SystemRoot\System32\DRIVERS\netbt.sys
0x97CB0000 \SystemRoot\system32\drivers\ws2ifsl.sys
0x97CB9000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x97CC0000 \SystemRoot\system32\DRIVERS\pacer.sys
0x97CDF000 \SystemRoot\system32\DRIVERS\klim6.sys
0x97CE7000 \SystemRoot\system32\DRIVERS\netbios.sys
0x97CF5000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x97D08000 \??\C:\Windows\system32\Drivers\vmm.sys
0x97D43000 \SystemRoot\system32\DRIVERS\termdd.sys
0x97D53000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x97D94000 \SystemRoot\system32\drivers\nsiproxy.sys
0x97D9E000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x97DA8000 \SystemRoot\System32\Drivers\ElbyCDIO.sys
0x97DAD000 \SystemRoot\System32\drivers\discache.sys
0x97A20000 \SystemRoot\system32\drivers\csc.sys
0x97A84000 \SystemRoot\System32\Drivers\dfsc.sys
0x97A9C000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x97AAA000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x97ACB000 \SystemRoot\system32\DRIVERS\amdppm.sys
0x97ADC000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x97AF4000 \SystemRoot\System32\drivers\pxkbf.sys
0x97AF9000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x97B06000 \SystemRoot\system32\DRIVERS\nvsmu.sys
0x97B0F000 \SystemRoot\system32\DRIVERS\usbohci.sys
0x97B19000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x97B64000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x97B73000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x97B92000 \SystemRoot\system32\DRIVERS\1394ohci.sys
0x97BBE000 \SystemRoot\System32\Drivers\ElbyCDFL.sys
0x97BC5000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x97DB9000 \SystemRoot\system32\DRIVERS\nvmf6232.sys
0x99628000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x9A134000 \SystemRoot\system32\DRIVERS\nvBridge.kmd
0x9A136000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x98A3B000 \SystemRoot\System32\drivers\dxgmms1.sys
0x98A74000 \SystemRoot\System32\Drivers\asld33z0.SYS
0x98AAD000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x98AB6000 \SystemRoot\system32\DRIVERS\VMNetSrv.sys
0x98AC7000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x98ADF000 \SystemRoot\system32\DRIVERS\ManyCam.sys
0x98AE5000 \SystemRoot\system32\DRIVERS\STREAM.SYS
0x98AF3000 \SystemRoot\system32\DRIVERS\ks.sys
0x98B27000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x98B39000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x98B51000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x98B5C000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x98B7E000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x98B96000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x98BAD000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x98BC4000 \SystemRoot\system32\DRIVERS\rdpbus.sys
0x98BCE000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x98BDB000 \SystemRoot\system32\DRIVERS\swenum.sys
0x98BDD000 \SystemRoot\system32\DRIVERS\circlass.sys
0x98BEB000 \SystemRoot\system32\DRIVERS\umbus.sys
0x98BF9000 \SystemRoot\system32\drivers\portio32.sys
0x9A613000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x9A657000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x9A673000 \SystemRoot\system32\drivers\HdAudio.sys
0x9A6C3000 \SystemRoot\system32\drivers\portcls.sys
0x9A6F2000 \SystemRoot\system32\drivers\drmk.sys
0x82580000 \SystemRoot\System32\win32k.sys
0x9A70B000 \SystemRoot\System32\drivers\Dxapi.sys
0x9A715000 \SystemRoot\System32\Drivers\crashdmp.sys
0x9A722000 \SystemRoot\System32\Drivers\dump_diskdump.sys
0x9A72C000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x9A743000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x9A745000 \SystemRoot\System32\Drivers\dump_nvstor32.sys
0x9A77C000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x9A78D000 \SystemRoot\system32\drivers\LVUSBSta.sys
0x82A22000 \SystemRoot\system32\DRIVERS\LV302V32.SYS
0x82B59000 \SystemRoot\system32\drivers\usbaudio.sys
0x82B6D000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x82B78000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x82B8B000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x82B92000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0x82BA9000 \SystemRoot\system32\DRIVERS\monitor.sys
0x82BB4000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x82BBF000 \SystemRoot\system32\DRIVERS\klmouflt.sys
0x827E0000 \SystemRoot\System32\TSDDD.dll
0x82420000 \SystemRoot\System32\cdd.dll
0x82BC8000 \SystemRoot\system32\drivers\luafv.sys
0x82BE3000 \SystemRoot\system32\drivers\WudfPf.sys
0x82A00000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x9A796000 \SystemRoot\system32\DRIVERS\rspndr.sys
0xA3227000 \SystemRoot\system32\drivers\HTTP.sys
0xA32AC000 \SystemRoot\system32\DRIVERS\bowser.sys
0xA32C5000 \SystemRoot\System32\drivers\mpsdrv.sys
0xA32D7000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xA32FA000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0xA3335000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0xA3368000 \SystemRoot\system32\DRIVERS\MaVc2K.sys
0xA9610000 \SystemRoot\system32\drivers\peauth.sys
0xA96A7000 \SystemRoot\System32\Drivers\secdrv.SYS
0xA96B1000 \SystemRoot\System32\DRIVERS\srvnet.sys
0xA96D2000 \SystemRoot\System32\drivers\tcpipreg.sys
0xA96DF000 \SystemRoot\System32\DRIVERS\srv2.sys
0xA972E000 \SystemRoot\System32\DRIVERS\srv.sys
0xA9780000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
0xA336B000 \SystemRoot\system32\drivers\spsys.sys
0x77530000 \Windows\System32\ntdll.dll
0x47890000 \Windows\System32\smss.exe
0x77770000 \Windows\System32\apisetschema.dll
0x007A0000 \Windows\System32\autochk.exe
0x10000000 \Program Files\DAEMON Tools Lite\Engine.dll
0x776B0000 \Windows\System32\msvcrt.dll
0x77460000 \Windows\System32\msctf.dll
0x77320000 \Windows\System32\urlmon.dll
0x772C0000 \Windows\System32\difxapi.dll
0x77220000 \Windows\System32\usp10.dll
0x77690000 \Windows\System32\imm32.dll
0x77120000 \Windows\System32\wininet.dll
0x77080000 \Windows\System32\advapi32.dll
0x77040000 \Windows\System32\ws2_32.dll
0x763F0000 \Windows\System32\shell32.dll
0x76340000 \Windows\System32\rpcrt4.dll
0x77680000 \Windows\System32\normaliz.dll
0x762B0000 \Windows\System32\clbcatq.dll
0x76250000 \Windows\System32\shlwapi.dll
0x77670000 \Windows\System32\lpk.dll
0x76180000 \Windows\System32\user32.dll
0x76160000 \Windows\System32\sechost.dll
0x75FC0000 \Windows\System32\setupapi.dll
0x75EE0000 \Windows\System32\kernel32.dll
0x75ED0000 \Windows\System32\psapi.dll
0x75EC0000 \Windows\System32\nsi.dll
0x75E70000 \Windows\System32\Wldap32.dll
0x75C70000 \Windows\System32\iertutil.dll
0x75BF0000 \Windows\System32\comdlg32.dll
0x75B60000 \Windows\System32\oleaut32.dll
0x75A00000 \Windows\System32\ole32.dll
0x759D0000 \Windows\System32\imagehlp.dll
0x75980000 \Windows\System32\gdi32.dll
0x75930000 \Windows\System32\KernelBase.dll
0x758A0000 \Windows\System32\comctl32.dll
0x75870000 \Windows\System32\cfgmgr32.dll
0x75850000 \Windows\System32\devobj.dll
0x75820000 \Windows\System32\wintrust.dll
0x75700000 \Windows\System32\crypt32.dll
0x756F0000 \Windows\System32\msasn1.dll

Processes (total 75):
0 System Idle Process
4 System
400 C:\Windows\System32\smss.exe
488 csrss.exe
560 C:\Windows\System32\wininit.exe
568 csrss.exe
608 C:\Windows\System32\services.exe
636 C:\Windows\System32\lsass.exe
644 C:\Windows\System32\lsm.exe
700 C:\Windows\System32\winlogon.exe
800 C:\Windows\System32\svchost.exe
860 C:\Windows\System32\nvvsvc.exe
900 C:\Windows\System32\svchost.exe
1008 C:\Windows\System32\svchost.exe
1052 C:\Windows\System32\svchost.exe
1100 C:\Windows\System32\svchost.exe
1192 C:\Windows\System32\audiodg.exe
1268 C:\Windows\System32\svchost.exe
1364 C:\Windows\System32\nvvsvc.exe
1412 C:\Windows\System32\svchost.exe
1592 C:\Windows\System32\spoolsv.exe
1620 C:\Windows\System32\svchost.exe
1728 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1776 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
1892 C:\Windows\System32\taskhost.exe
1952 C:\Program Files\Bonjour\mDNSResponder.exe
2020 C:\Windows\System32\dwm.exe
280 C:\Program Files\Prevx\prevx.exe
300 C:\Windows\System32\taskeng.exe
476 C:\Windows\System32\svchost.exe
728 C:\Program Files\IpsosLSPService\IpsosLspService.exe
996 C:\Windows\explorer.exe
2368 C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
2472 C:\Windows\System32\svchost.exe
2580 C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
2612 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
2800 C:\Windows\System32\nvraidservice.exe
2864 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
2916 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
2968 C:\Program Files\Logitech\Video\LogiTray.exe
3080 C:\Program Files\Logitech\Video\FxSvr2.exe
3088 C:\Windows\WindowsMobile\wmdc.exe
3120 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
3200 C:\Program Files\DivX\DivX Update\DivXUpdate.exe
3208 C:\Program Files\Prevx\prevx.exe
3516 C:\Program Files\iTunes\iTunesHelper.exe
3716 C:\Program Files\IpsosLSPService\Ipsos-WatchDog.exe
3736 C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
3804 C:\Program Files\Common Files\Java\Java Update\jusched.exe
3904 C:\Program Files\Windows Live\Messenger\msnmsgr.exe
3972 C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe
4052 C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
1528 WmiPrvSE.exe
4164 C:\Windows\System32\wbem\unsecapp.exe
4320 C:\Windows\System32\SearchIndexer.exe
4456 C:\Program Files\iPod\bin\iPodService.exe
4484 C:\Windows\System32\svchost.exe
4584 C:\Windows\System32\svchost.exe
4844 WUDFHost.exe
4940 C:\Program Files\Windows Media Player\wmpnetwk.exe
5892 C:\Windows\System32\SearchProtocolHost.exe
6016 C:\Windows\System32\svchost.exe
4288 C:\Program Files\Mozilla Firefox\firefox.exe
5080 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtblfs.exe
5296 dllhost.exe
5804 C:\Windows\System32\sppsvc.exe
228 C:\Windows\System32\svchost.exe
2576 WmiPrvSE.exe
3184 C:\Windows\System32\wuauclt.exe
756 C:\Windows\servicing\TrustedInstaller.exe
6060 C:\Windows\System32\SearchFilterHost.exe
1504 C:\Windows\System32\SearchProtocolHost.exe
5480 C:\Users\Denis\Downloads\MBRCheck.exe
1324 C:\Windows\System32\conhost.exe
764 C:\Windows\System32\dllhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000071`5758de00 (NTFS)

PhysicalDrive0 Model Number: ST3500620AS, Rev: HP24

Size Device Name MBR Status
--------------------------------------------
465 GB \\.\PhysicalDrive0 RE: Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79


Done!

Alt 05.03.2012, 23:02   #12
Denni
 
RunDll fehler /AppData/Roaming.... - Standard

RunDll fehler /AppData/Roaming....



so von der nppt datei:
SHA256: 25284cae27071fa4391765862a81f9bdfc5398abf4ccf4e2df5b0972cfe66e72
SHA1: 2011c23d7927e42647c17f4c0f77dc308d447e6d
MD5: 9131fe60adfab595c8da53ad6a06aa31
File size: 4.6 KB ( 4682 bytes )
File name: npptNT2.sys
File type: Win32 EXE
Detection ratio: 1 / 43
Analysis date: 2012-03-05 22:59:42 UTC ( 0 Minuten ago )
0
0
Antivirus Result Update
AhnLab-V3 - 20120305
AntiVir - 20120305
Antiy-AVL - 20120305
Avast - 20120305
AVG - 20120305
BitDefender - 20120305
ByteHero - 20120305
CAT-QuickHeal - 20120305
ClamAV - 20120305
Commtouch - 20120305
Comodo - 20120305
DrWeb - 20120305
Emsisoft - 20120305
eSafe Win32.TrojanHorse 20120305
eTrust-Vet - 20120305
F-Prot - 20120305
F-Secure - 20120305
Fortinet - 20120305
GData - 20120305
Ikarus - 20120305
Jiangmin - 20120301
K7AntiVirus - 20120305
Kaspersky - 20120305
McAfee - 20120303
McAfee-GW-Edition - 20120304
Microsoft - 20120305
NOD32 - 20120305
Norman - 20120304
nProtect - 20120305
Panda - 20120305
PCTools - 20120228
Prevx - 20120306
Rising - 20120305
Sophos - 20120305
SUPERAntiSpyware - 20120305
Symantec - 20120305
TheHacker - 20120305
TrendMicro - 20120305
TrendMicro-HouseCall - 20120305
VBA32 - 20120305
VIPRE - 20120305
ViRobot - 20120305
VirusBuster - 20120304


mam. datei:
SHA256: fb7ed8553fd71a1d3ac7a9ed55af88c5675b826178a122e07f4fa20736ad4a41
SHA1: e1e541c5333eb495b463287ca7be864870f1b6b8
MD5: 406ea3b1bd43a2c14eeee06c49df0d5d
File size: 48.2 KB ( 49399 bytes )
File name: 406ea3b1bd43a2c14eeee06c49df0d5d
File type: Win32 EXE
Detection ratio: 0 / 43
Analysis date: 2011-03-17 00:01:27 UTC ( 11 Monate, 3 Wochen ago )
0
0
Antivirus Result Update
AhnLab-V3 - 20110316
AntiVir - 20110316
Antiy-AVL - 20110316
Avast - 20110316
Avast5 - 20110316
AVG - 20110316
BitDefender - 20110316
CAT-QuickHeal - 20110316
ClamAV - 20110316
Commtouch - 20110316
Comodo - 20110316
DrWeb - 20110317
Emsisoft - 20110316
eSafe - 20110316
eTrust-Vet - 20110316
F-Prot - 20110316
F-Secure - 20110316
Fortinet - 20110316
GData - 20110316
Ikarus - 20110316
Jiangmin - 20110316
K7AntiVirus - 20110316
Kaspersky - 20110317
McAfee - 20110317
McAfee-GW-Edition - 20110316
Microsoft - 20110316
NOD32 - 20110316
Norman - 20110316
nProtect - 20110215
Panda - 20110316
PCTools - 20110311
Prevx - 20110317
Rising - 20110316
Sophos - 20110316
SUPERAntiSpyware - 20110316
Symantec - 20110317
TheHacker - 20110316
TrendMicro - 20110316
TrendMicro-HouseCall - 20110317
VBA32 - 20110316
VIPRE - 20110316
ViRobot - 20110316
VirusBuster - 20110316

Alt 06.03.2012, 06:42   #13
Chris4You
 
RunDll fehler /AppData/Roaming.... - Standard

RunDll fehler /AppData/Roaming....



Hi,

das halte ich für einen Fehlalarm:eSafe Win32.TrojanHorse 20120305
Die Files sind nicht signiert...

Was treibt der Rechner, noch Auffälligkeiten zu bemerken?

chris
__________________
Don't bring me down
Vor dem posten beachten!
Spenden
(Wer spenden will, kann sich gerne melden )

Alt 06.03.2012, 14:14   #14
Denni
 
RunDll fehler /AppData/Roaming.... - Standard

RunDll fehler /AppData/Roaming....



Hallo,
ja seitdem wir uns herangemacht haben ist der Rechner deutlich schneller geworden!
Anfangs erscheint die Message appdata... auch nicht mehr !
Scheint eigentlich alles wieder im grünen Bereich
Bin zwar nicht sicher aber wenn du schon nichts infiziertes mehr den Logs entnehmen kannst...
Vielen Dank für deine Hilfe!
Sollte mir noch etwas negatives am System auffallen werd ich es posten.

Geändert von Denni (06.03.2012 um 14:14 Uhr) Grund: fehler

Alt 06.03.2012, 14:29   #15
Chris4You
 
RunDll fehler /AppData/Roaming.... - Standard

RunDll fehler /AppData/Roaming....



Hi,

ok...

chris
__________________
Don't bring me down
Vor dem posten beachten!
Spenden
(Wer spenden will, kann sich gerne melden )

Antwort

Themen zu RunDll fehler /AppData/Roaming....
administrator, anti-malware, appdata, autostart, booten, computer, dateien, dateisystem, dll, explorer, fehler, heuristiks/extra, heuristiks/shuriken, kaspersky, langsam, log, malwarebytes, microsoft, neu, problem, roaming, rundll, software, speicher, trojan.agent, win7, windows



Ähnliche Themen: RunDll fehler /AppData/Roaming....


  1. Fehlermeldung RunDLL C:\.....\User\Appdata\Roaming\HomeTab\TBUpdater.DLL
    Plagegeister aller Art und deren Bekämpfung - 03.01.2015 (20)
  2. RunDll Fehler C:\Users\Jacky\AppData\Roaming\newnext.me\nengine.dll
    Log-Analyse und Auswertung - 27.03.2014 (11)
  3. RunDLL C:\Users\Jacky\AppData\Roaming\newnext.me\nenginde .dll Fehler?
    Plagegeister aller Art und deren Bekämpfung - 27.03.2014 (7)
  4. svhost.exe im AppData/Roaming/Microsoft
    Plagegeister aller Art und deren Bekämpfung - 10.12.2013 (12)
  5. AppData // Roaming Virus.exe?
    Plagegeister aller Art und deren Bekämpfung - 22.04.2013 (11)
  6. Online- Banking gesperrt! Trojan.FakeAlert.Gen & Trojan.ZbotR.Gen in (C:\Users\\AppData\Temp & C:\Users\\AppData\Roaming\Osje\rutaap.exe)
    Log-Analyse und Auswertung - 06.02.2013 (1)
  7. Virus? AppData Roaming
    Plagegeister aller Art und deren Bekämpfung - 21.01.2013 (4)
  8. RunDll Probleme beim Starten von C:\Users\xxxx\AppData\Roaming\Microsoft\Windows\unicode2.nls
    Log-Analyse und Auswertung - 10.12.2012 (1)
  9. RunDLL Probleme beim Starten von C:\users\***\AppData\Roaming\pndeb.dll & AppData\Local\powstak.dll
    Plagegeister aller Art und deren Bekämpfung - 22.10.2012 (5)
  10. RunDLL Fehler / Problem beim starten von C:/Users/.../AppData..
    Plagegeister aller Art und deren Bekämpfung - 04.07.2012 (7)
  11. acroff.dl im appdata/roaming verzeichnis
    Log-Analyse und Auswertung - 01.12.2011 (3)
  12. RunDll fehler /AppData/Roaming....
    Plagegeister aller Art und deren Bekämpfung - 14.07.2011 (25)
  13. RunDLL - Fehler beim Laden von C:\Users\...\AppData\Local\owuyunol.dll
    Plagegeister aller Art und deren Bekämpfung - 21.06.2011 (12)
  14. Fehler in C:\Dokumente und Einstellungen\Benutzer\AppData\Roaming
    Plagegeister aller Art und deren Bekämpfung - 27.11.2010 (17)
  15. C:\User\msi\AppData\Roaming\UUSoQLdiE9hE.exe
    Plagegeister aller Art und deren Bekämpfung - 20.11.2010 (1)
  16. TR/Spy.Zb.aaw.14997 in C:\Users\ICH\appdata\Roaming\...
    Plagegeister aller Art und deren Bekämpfung - 11.07.2010 (17)
  17. Trojaner in AppData\Roaming
    Plagegeister aller Art und deren Bekämpfung - 01.07.2010 (7)

Zum Thema RunDll fehler /AppData/Roaming.... - Hallo, ich bin neu hier Habe seit längerem ein Problem mit meinem PC (Win7 ul. ) Nach dem booten kommt im Windows die Meldung C:\Users\Denis\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SCANHD~1.DLL Der Computer ist extrem langsam - RunDll fehler /AppData/Roaming.......
Archiv
Du betrachtest: RunDll fehler /AppData/Roaming.... auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.