Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: GVU Trojaner - Rechner gesperrt -

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 06.09.2012, 15:22   #16
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
GVU Trojaner - Rechner gesperrt - - Standard

GVU Trojaner - Rechner gesperrt -



Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 06.09.2012, 16:18   #17
Zosch
 
GVU Trojaner - Rechner gesperrt - - Standard

GVU Trojaner - Rechner gesperrt -



Code:
ATTFilter
 

17:15:24.0947 2912  TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
17:15:25.0136 2912  ============================================================
17:15:25.0136 2912  Current date / time: 2012/09/06 17:15:25.0136
17:15:25.0136 2912  SystemInfo:
17:15:25.0136 2912  
17:15:25.0136 2912  OS Version: 6.1.7601 ServicePack: 1.0
17:15:25.0136 2912  Product type: Workstation
17:15:25.0136 2912  ComputerName: *****
17:15:25.0137 2912  UserName: *****
17:15:25.0137 2912  Windows directory: C:\Windows
17:15:25.0137 2912  System windows directory: C:\Windows
17:15:25.0137 2912  Running under WOW64
17:15:25.0137 2912  Processor architecture: Intel x64
17:15:25.0137 2912  Number of processors: 2
17:15:25.0137 2912  Page size: 0x1000
17:15:25.0137 2912  Boot type: Normal boot
17:15:25.0137 2912  ============================================================
17:15:26.0437 2912  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x7E2D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
17:15:26.0441 2912  ============================================================
17:15:26.0441 2912  \Device\Harddisk0\DR0:
17:15:26.0441 2912  MBR partitions:
17:15:26.0441 2912  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:15:26.0441 2912  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x30A1000
17:15:26.0456 2912  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x30D3CF2, BlocksNum 0x1A0EC9CE
17:15:26.0456 2912  ============================================================
17:15:26.0607 2912  C: <-> \Device\Harddisk0\DR0\Partition2
17:15:26.0977 2912  D: <-> \Device\Harddisk0\DR0\Partition3
17:15:26.0999 2912  ============================================================
17:15:27.0000 2912  Initialize success
17:15:27.0000 2912  ============================================================
17:16:50.0322 3204  ============================================================
17:16:50.0323 3204  Scan started
17:16:50.0323 3204  Mode: Manual; SigCheck; TDLFS; 
17:16:50.0323 3204  ============================================================
17:16:50.0623 3204  ================ Scan system memory ========================
17:16:50.0624 3204  System memory - ok
17:16:50.0624 3204  ================ Scan services =============================
17:16:50.0765 3204  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
17:16:50.0856 3204  1394ohci - ok
17:16:50.0898 3204  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
17:16:50.0916 3204  ACPI - ok
17:16:50.0938 3204  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
17:16:50.0973 3204  AcpiPmi - ok
17:16:51.0079 3204  [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:16:51.0091 3204  AdobeFlashPlayerUpdateSvc - ok
17:16:51.0146 3204  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
17:16:51.0168 3204  adp94xx - ok
17:16:51.0204 3204  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
17:16:51.0223 3204  adpahci - ok
17:16:51.0245 3204  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
17:16:51.0259 3204  adpu320 - ok
17:16:51.0286 3204  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
17:16:51.0327 3204  AeLookupSvc - ok
17:16:51.0370 3204  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
17:16:51.0408 3204  AFD - ok
17:16:51.0439 3204  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
17:16:51.0452 3204  agp440 - ok
17:16:51.0470 3204  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
17:16:51.0560 3204  ALG - ok
17:16:51.0589 3204  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
17:16:51.0601 3204  aliide - ok
17:16:51.0611 3204  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
17:16:51.0622 3204  amdide - ok
17:16:51.0659 3204  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
17:16:51.0695 3204  AmdK8 - ok
17:16:51.0708 3204  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
17:16:51.0744 3204  AmdPPM - ok
17:16:51.0753 3204  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
17:16:51.0768 3204  amdsata - ok
17:16:51.0787 3204  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
17:16:51.0801 3204  amdsbs - ok
17:16:51.0818 3204  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
17:16:51.0830 3204  amdxata - ok
17:16:51.0867 3204  [ 4CCF421E6C4B2A4CBCE000715911F7CC ] anodlwf         C:\Windows\system32\DRIVERS\anodlwfx.sys
17:16:51.0888 3204  anodlwf - ok
17:16:51.0958 3204  [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
17:16:51.0970 3204  AntiVirSchedulerService - ok
17:16:52.0000 3204  [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
17:16:52.0009 3204  AntiVirService - ok
17:16:52.0031 3204  [ 676894FA57B671FEC5C3F05F8929E03B ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
17:16:52.0048 3204  AntiVirWebService - ok
17:16:52.0097 3204  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
17:16:52.0146 3204  AppID - ok
17:16:52.0164 3204  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
17:16:52.0215 3204  AppIDSvc - ok
17:16:52.0250 3204  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
17:16:52.0327 3204  Appinfo - ok
17:16:52.0360 3204  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
17:16:52.0373 3204  arc - ok
17:16:52.0387 3204  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
17:16:52.0400 3204  arcsas - ok
17:16:52.0453 3204  [ 68726474C69B738EAC3A62E06B33ADDC ] AsIO            C:\Windows\syswow64\drivers\AsIO.sys
17:16:53.0005 3204  AsIO - ok
17:16:53.0035 3204  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
17:16:53.0094 3204  AsyncMac - ok
17:16:53.0129 3204  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
17:16:53.0141 3204  atapi - ok
17:16:53.0182 3204  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:16:53.0249 3204  AudioEndpointBuilder - ok
17:16:53.0263 3204  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
17:16:53.0303 3204  AudioSrv - ok
17:16:53.0347 3204  [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
17:16:53.0360 3204  avgntflt - ok
17:16:53.0399 3204  [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
17:16:53.0412 3204  avipbb - ok
17:16:53.0421 3204  [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
17:16:53.0432 3204  avkmgr - ok
17:16:53.0473 3204  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
17:16:53.0537 3204  AxInstSV - ok
17:16:53.0581 3204  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
17:16:53.0617 3204  b06bdrv - ok
17:16:53.0649 3204  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
17:16:53.0686 3204  b57nd60a - ok
17:16:53.0745 3204  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
17:16:53.0785 3204  BDESVC - ok
17:16:53.0799 3204  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
17:16:53.0855 3204  Beep - ok
17:16:53.0908 3204  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
17:16:53.0956 3204  BFE - ok
17:16:54.0006 3204  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
17:16:54.0077 3204  BITS - ok
17:16:54.0102 3204  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
17:16:54.0118 3204  blbdrive - ok
17:16:54.0136 3204  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:16:54.0157 3204  bowser - ok
17:16:54.0185 3204  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:16:54.0214 3204  BrFiltLo - ok
17:16:54.0220 3204  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:16:54.0234 3204  BrFiltUp - ok
17:16:54.0259 3204  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
17:16:54.0277 3204  Browser - ok
17:16:54.0300 3204  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
17:16:54.0351 3204  Brserid - ok
17:16:54.0367 3204  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
17:16:54.0386 3204  BrSerWdm - ok
17:16:54.0397 3204  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
17:16:54.0411 3204  BrUsbMdm - ok
17:16:54.0417 3204  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
17:16:54.0446 3204  BrUsbSer - ok
17:16:54.0461 3204  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
17:16:54.0485 3204  BTHMODEM - ok
17:16:54.0519 3204  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
17:16:54.0593 3204  bthserv - ok
17:16:54.0611 3204  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:16:54.0656 3204  cdfs - ok
17:16:54.0693 3204  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
17:16:54.0732 3204  cdrom - ok
17:16:54.0769 3204  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
17:16:54.0804 3204  CertPropSvc - ok
17:16:54.0835 3204  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
17:16:54.0867 3204  circlass - ok
17:16:54.0894 3204  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
17:16:54.0913 3204  CLFS - ok
17:16:54.0947 3204  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:16:54.0960 3204  clr_optimization_v2.0.50727_32 - ok
17:16:55.0003 3204  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:16:55.0017 3204  clr_optimization_v2.0.50727_64 - ok
17:16:55.0087 3204  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:16:55.0124 3204  clr_optimization_v4.0.30319_32 - ok
17:16:55.0146 3204  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:16:55.0159 3204  clr_optimization_v4.0.30319_64 - ok
17:16:55.0188 3204  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
17:16:55.0208 3204  CmBatt - ok
17:16:55.0237 3204  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
17:16:55.0249 3204  cmdide - ok
17:16:55.0284 3204  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
17:16:55.0349 3204  CNG - ok
17:16:55.0372 3204  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
17:16:55.0383 3204  Compbatt - ok
17:16:55.0411 3204  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
17:16:55.0434 3204  CompositeBus - ok
17:16:55.0444 3204  COMSysApp - ok
17:16:55.0461 3204  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
17:16:55.0473 3204  crcdisk - ok
17:16:55.0519 3204  [ 4F5414602E2544A4554D95517948B705 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:16:55.0543 3204  CryptSvc - ok
17:16:55.0584 3204  [ 44BDDEB03C84A1C993C992FFB5700357 ] CVirtA          C:\Windows\system32\DRIVERS\CVirtA64.sys
17:16:55.0594 3204  CVirtA - ok
17:16:55.0662 3204  [ 98C413E1A2FB6E5A4C101C25B3D0B275 ] CVPND           C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
17:16:55.0706 3204  CVPND - ok
17:16:55.0733 3204  [ 79AF0E203D089AF442A3F70ED00A37FB ] CVPNDRVA        C:\Windows\system32\Drivers\CVPNDRVA.sys
17:16:55.0750 3204  CVPNDRVA - ok
17:16:55.0795 3204  [ C062A2B158ED9C643D24F8E33A607C9F ] D-Link Wireless N DWA-140_WPS C:\Program Files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe
17:16:55.0811 3204  D-Link Wireless N DWA-140_WPS ( UnsignedFile.Multi.Generic ) - warning
17:16:55.0811 3204  D-Link Wireless N DWA-140_WPS - detected UnsignedFile.Multi.Generic (1)
17:16:55.0866 3204  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:16:55.0917 3204  DcomLaunch - ok
17:16:55.0943 3204  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
17:16:55.0999 3204  defragsvc - ok
17:16:56.0037 3204  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
17:16:56.0079 3204  DfsC - ok
17:16:56.0098 3204  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
17:16:56.0149 3204  Dhcp - ok
17:16:56.0171 3204  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
17:16:56.0211 3204  discache - ok
17:16:56.0242 3204  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
17:16:56.0253 3204  Disk - ok
17:16:56.0301 3204  [ 05CB5910B3CA6019FC3CCA815EE06FFB ] DNE             C:\Windows\system32\DRIVERS\dne64x.sys
17:16:56.0311 3204  DNE - ok
17:16:56.0337 3204  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:16:56.0378 3204  Dnscache - ok
17:16:56.0406 3204  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
17:16:56.0455 3204  dot3svc - ok
17:16:56.0500 3204  [ B42ED0320C6E41102FDE0005154849BB ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
17:16:56.0533 3204  Dot4 - ok
17:16:56.0583 3204  [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print       C:\Windows\system32\drivers\Dot4Prt.sys
17:16:56.0619 3204  Dot4Print - ok
17:16:56.0641 3204  [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
17:16:56.0661 3204  dot4usb - ok
17:16:56.0693 3204  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
17:16:56.0737 3204  DPS - ok
17:16:56.0772 3204  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
17:16:56.0803 3204  drmkaud - ok
17:16:56.0864 3204  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
17:16:56.0897 3204  DXGKrnl - ok
17:16:56.0928 3204  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
17:16:56.0981 3204  EapHost - ok
17:16:57.0092 3204  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
17:16:57.0178 3204  ebdrv - ok
17:16:57.0200 3204  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
17:16:57.0243 3204  EFS - ok
17:16:57.0298 3204  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
17:16:57.0336 3204  ehRecvr - ok
17:16:57.0363 3204  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
17:16:57.0400 3204  ehSched - ok
17:16:57.0436 3204  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
17:16:57.0459 3204  elxstor - ok
17:16:57.0487 3204  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
17:16:57.0510 3204  ErrDev - ok
17:16:57.0559 3204  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
17:16:57.0624 3204  EventSystem - ok
17:16:57.0642 3204  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
17:16:57.0691 3204  exfat - ok
17:16:57.0715 3204  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
17:16:57.0764 3204  fastfat - ok
17:16:57.0816 3204  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
17:16:57.0875 3204  Fax - ok
17:16:57.0901 3204  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
17:16:57.0913 3204  fdc - ok
17:16:57.0940 3204  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
17:16:57.0987 3204  fdPHost - ok
17:16:58.0002 3204  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
17:16:58.0086 3204  FDResPub - ok
17:16:58.0109 3204  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:16:58.0126 3204  FileInfo - ok
17:16:58.0159 3204  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
17:16:58.0249 3204  Filetrace - ok
17:16:58.0271 3204  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
17:16:58.0283 3204  flpydisk - ok
17:16:58.0329 3204  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:16:58.0347 3204  FltMgr - ok
17:16:58.0398 3204  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
17:16:58.0444 3204  FontCache - ok
17:16:58.0492 3204  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:16:58.0502 3204  FontCache3.0.0.0 - ok
17:16:58.0521 3204  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
17:16:58.0533 3204  FsDepends - ok
17:16:58.0550 3204  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:16:58.0561 3204  Fs_Rec - ok
17:16:58.0598 3204  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
17:16:58.0617 3204  fvevol - ok
17:16:58.0640 3204  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
17:16:58.0652 3204  gagp30kx - ok
17:16:58.0692 3204  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
17:16:58.0746 3204  gpsvc - ok
17:16:58.0791 3204  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
17:16:58.0834 3204  hcw85cir - ok
17:16:58.0880 3204  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:16:58.0915 3204  HdAudAddService - ok
17:16:58.0931 3204  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
17:16:58.0964 3204  HDAudBus - ok
17:16:58.0988 3204  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
17:16:59.0014 3204  HidBatt - ok
17:16:59.0036 3204  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
17:16:59.0052 3204  HidBth - ok
17:16:59.0066 3204  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
17:16:59.0090 3204  HidIr - ok
17:16:59.0115 3204  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
17:16:59.0165 3204  hidserv - ok
17:16:59.0194 3204  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
17:16:59.0206 3204  HidUsb - ok
17:16:59.0242 3204  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:16:59.0277 3204  hkmsvc - ok
17:16:59.0308 3204  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:16:59.0335 3204  HomeGroupListener - ok
17:16:59.0372 3204  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:16:59.0395 3204  HomeGroupProvider - ok
17:16:59.0426 3204  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
17:16:59.0440 3204  HpSAMD - ok
17:16:59.0556 3204  [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
17:16:59.0602 3204  HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
17:16:59.0602 3204  HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
17:16:59.0660 3204  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:16:59.0711 3204  HTTP - ok
17:16:59.0738 3204  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
17:16:59.0749 3204  hwpolicy - ok
17:16:59.0785 3204  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
17:16:59.0798 3204  i8042prt - ok
17:16:59.0830 3204  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
17:16:59.0851 3204  iaStorV - ok
17:16:59.0906 3204  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:16:59.0935 3204  idsvc - ok
17:16:59.0960 3204  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
17:16:59.0973 3204  iirsp - ok
17:17:00.0017 3204  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
17:17:00.0078 3204  IKEEXT - ok
17:17:00.0097 3204  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
17:17:00.0109 3204  intelide - ok
17:17:00.0135 3204  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
17:17:00.0153 3204  intelppm - ok
17:17:00.0185 3204  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
17:17:00.0234 3204  IPBusEnum - ok
17:17:00.0270 3204  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:17:00.0303 3204  IpFilterDriver - ok
17:17:00.0334 3204  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
17:17:00.0385 3204  iphlpsvc - ok
17:17:00.0412 3204  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
17:17:00.0425 3204  IPMIDRV - ok
17:17:00.0442 3204  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
17:17:00.0490 3204  IPNAT - ok
17:17:00.0521 3204  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:17:00.0557 3204  IRENUM - ok
17:17:00.0600 3204  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
17:17:00.0612 3204  isapnp - ok
17:17:00.0637 3204  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
17:17:00.0655 3204  iScsiPrt - ok
17:17:00.0682 3204  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
17:17:00.0695 3204  kbdclass - ok
17:17:00.0720 3204  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
17:17:00.0749 3204  kbdhid - ok
17:17:00.0766 3204  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
17:17:00.0778 3204  KeyIso - ok
17:17:00.0807 3204  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:17:00.0820 3204  KSecDD - ok
17:17:00.0838 3204  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
17:17:00.0854 3204  KSecPkg - ok
17:17:00.0871 3204  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
17:17:00.0919 3204  ksthunk - ok
17:17:00.0946 3204  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
17:17:00.0998 3204  KtmRm - ok
17:17:01.0031 3204  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
17:17:01.0085 3204  LanmanServer - ok
17:17:01.0116 3204  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:17:01.0162 3204  LanmanWorkstation - ok
17:17:01.0198 3204  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:17:01.0252 3204  lltdio - ok
17:17:01.0284 3204  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
17:17:01.0332 3204  lltdsvc - ok
17:17:01.0346 3204  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
17:17:01.0383 3204  lmhosts - ok
17:17:01.0408 3204  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
17:17:01.0421 3204  LSI_FC - ok
17:17:01.0438 3204  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
17:17:01.0452 3204  LSI_SAS - ok
17:17:01.0465 3204  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:17:01.0478 3204  LSI_SAS2 - ok
17:17:01.0495 3204  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:17:01.0509 3204  LSI_SCSI - ok
17:17:01.0530 3204  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
17:17:01.0566 3204  luafv - ok
17:17:01.0603 3204  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
17:17:01.0625 3204  Mcx2Svc - ok
17:17:01.0644 3204  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
17:17:01.0656 3204  megasas - ok
17:17:01.0672 3204  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
17:17:01.0691 3204  MegaSR - ok
17:17:01.0721 3204  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
17:17:01.0769 3204  MMCSS - ok
17:17:01.0787 3204  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
17:17:01.0827 3204  Modem - ok
17:17:01.0843 3204  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
17:17:01.0865 3204  monitor - ok
17:17:01.0895 3204  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
17:17:01.0907 3204  mouclass - ok
17:17:01.0933 3204  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
17:17:01.0958 3204  mouhid - ok
17:17:01.0992 3204  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
17:17:02.0003 3204  mountmgr - ok
17:17:02.0036 3204  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
17:17:02.0050 3204  mpio - ok
17:17:02.0061 3204  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:17:02.0108 3204  mpsdrv - ok
17:17:02.0152 3204  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
17:17:02.0208 3204  MpsSvc - ok
17:17:02.0233 3204  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:17:02.0263 3204  MRxDAV - ok
17:17:02.0289 3204  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:17:02.0313 3204  mrxsmb - ok
17:17:02.0334 3204  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:17:02.0361 3204  mrxsmb10 - ok
17:17:02.0383 3204  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:17:02.0397 3204  mrxsmb20 - ok
17:17:02.0428 3204  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
17:17:02.0440 3204  msahci - ok
17:17:02.0469 3204  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
17:17:02.0483 3204  msdsm - ok
17:17:02.0499 3204  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
17:17:02.0522 3204  MSDTC - ok
17:17:02.0559 3204  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:17:02.0593 3204  Msfs - ok
17:17:02.0621 3204  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
17:17:02.0661 3204  mshidkmdf - ok
17:17:02.0679 3204  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
17:17:02.0690 3204  msisadrv - ok
17:17:02.0714 3204  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
17:17:02.0766 3204  MSiSCSI - ok
17:17:02.0772 3204  msiserver - ok
17:17:02.0788 3204  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
17:17:02.0834 3204  MSKSSRV - ok
17:17:02.0846 3204  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:17:02.0890 3204  MSPCLOCK - ok
17:17:02.0897 3204  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
17:17:02.0937 3204  MSPQM - ok
17:17:02.0974 3204  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
17:17:02.0994 3204  MsRPC - ok
17:17:03.0012 3204  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
17:17:03.0023 3204  mssmbios - ok
17:17:03.0040 3204  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
17:17:03.0082 3204  MSTEE - ok
17:17:03.0088 3204  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
17:17:03.0100 3204  MTConfig - ok
17:17:03.0130 3204  [ 2219A3D695405E7BA2186BA6B9EDE14A ] MTsensor        C:\Windows\system32\DRIVERS\ASACPI.sys
17:17:03.0139 3204  MTsensor - ok
17:17:03.0166 3204  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
17:17:03.0179 3204  Mup - ok
17:17:03.0217 3204  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
17:17:03.0278 3204  napagent - ok
17:17:03.0396 3204  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
17:17:03.0430 3204  NativeWifiP - ok
17:17:03.0460 3204  [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:17:03.0493 3204  NDIS - ok
17:17:03.0517 3204  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
17:17:03.0562 3204  NdisCap - ok
17:17:03.0578 3204  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:17:03.0618 3204  NdisTapi - ok
17:17:03.0652 3204  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
17:17:03.0697 3204  Ndisuio - ok
17:17:03.0721 3204  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
17:17:03.0767 3204  NdisWan - ok
17:17:03.0793 3204  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
17:17:03.0835 3204  NDProxy - ok
17:17:03.0877 3204  [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
17:17:03.0899 3204  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
17:17:03.0899 3204  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
17:17:03.0925 3204  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
17:17:03.0969 3204  NetBIOS - ok
17:17:04.0009 3204  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
17:17:04.0058 3204  NetBT - ok
17:17:04.0076 3204  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
17:17:04.0086 3204  Netlogon - ok
17:17:04.0136 3204  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
17:17:04.0195 3204  Netman - ok
17:17:04.0216 3204  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
17:17:04.0272 3204  netprofm - ok
17:17:04.0316 3204  [ FAD5127B44A089BB420BD0DB48F2075F ] netr28ux        C:\Windows\system32\DRIVERS\Dnetr28ux.sys
17:17:04.0349 3204  netr28ux - ok
17:17:04.0378 3204  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:17:04.0390 3204  NetTcpPortSharing - ok
17:17:04.0423 3204  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
17:17:04.0435 3204  nfrd960 - ok
17:17:04.0473 3204  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:17:04.0534 3204  NlaSvc - ok
17:17:04.0550 3204  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:17:04.0585 3204  Npfs - ok
17:17:04.0605 3204  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
17:17:04.0641 3204  nsi - ok
17:17:04.0653 3204  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:17:04.0694 3204  nsiproxy - ok
17:17:04.0774 3204  [ A2F74975097F52A00745F9637451FDD8 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:17:04.0824 3204  Ntfs - ok
17:17:04.0831 3204  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
17:17:04.0865 3204  Null - ok
17:17:04.0910 3204  [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x64.sys
17:17:04.0941 3204  NVENETFD - ok
17:17:05.0232 3204  [ DD81FBC57AB9134CDDC5CE90880BFD80 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:17:05.0593 3204  nvlddmkm - ok
17:17:05.0621 3204  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:17:05.0636 3204  nvraid - ok
17:17:05.0670 3204  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:17:05.0683 3204  nvstor - ok
17:17:05.0708 3204  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
17:17:05.0721 3204  nv_agp - ok
17:17:05.0733 3204  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
17:17:05.0759 3204  ohci1394 - ok
17:17:05.0800 3204  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:17:05.0813 3204  ose - ok
17:17:05.0974 3204  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:17:06.0100 3204  osppsvc - ok
17:17:06.0143 3204  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
17:17:06.0175 3204  p2pimsvc - ok
17:17:06.0203 3204  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
17:17:06.0224 3204  p2psvc - ok
17:17:06.0271 3204  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
17:17:06.0285 3204  Parport - ok
17:17:06.0307 3204  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
17:17:06.0320 3204  partmgr - ok
17:17:06.0341 3204  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:17:06.0375 3204  PcaSvc - ok
17:17:06.0391 3204  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
17:17:06.0407 3204  pci - ok
17:17:06.0438 3204  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
17:17:06.0449 3204  pciide - ok
17:17:06.0470 3204  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
17:17:06.0486 3204  pcmcia - ok
17:17:06.0502 3204  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
17:17:06.0515 3204  pcw - ok
17:17:06.0542 3204  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:17:06.0599 3204  PEAUTH - ok
17:17:06.0678 3204  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
17:17:06.0697 3204  PerfHost - ok
17:17:06.0769 3204  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
17:17:06.0841 3204  pla - ok
17:17:06.0874 3204  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:17:06.0904 3204  PlugPlay - ok
17:17:06.0945 3204  [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
17:17:06.0958 3204  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
17:17:06.0958 3204  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
17:17:06.0983 3204  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
17:17:07.0007 3204  PNRPAutoReg - ok
17:17:07.0031 3204  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
17:17:07.0045 3204  PNRPsvc - ok
17:17:07.0083 3204  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
17:17:07.0133 3204  PolicyAgent - ok
17:17:07.0163 3204  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
17:17:07.0208 3204  Power - ok
17:17:07.0235 3204  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
17:17:07.0270 3204  PptpMiniport - ok
17:17:07.0288 3204  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
17:17:07.0309 3204  Processor - ok
17:17:07.0364 3204  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
17:17:07.0397 3204  ProfSvc - ok
17:17:07.0410 3204  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:17:07.0421 3204  ProtectedStorage - ok
17:17:07.0456 3204  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
17:17:07.0500 3204  Psched - ok
17:17:07.0541 3204  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
17:17:07.0588 3204  ql2300 - ok
17:17:07.0608 3204  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
17:17:07.0626 3204  ql40xx - ok
17:17:07.0652 3204  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
17:17:07.0689 3204  QWAVE - ok
17:17:07.0706 3204  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:17:07.0731 3204  QWAVEdrv - ok
17:17:07.0745 3204  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:17:07.0787 3204  RasAcd - ok
17:17:07.0820 3204  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
17:17:07.0855 3204  RasAgileVpn - ok
17:17:07.0867 3204  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
17:17:07.0916 3204  RasAuto - ok
17:17:07.0947 3204  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
17:17:07.0998 3204  Rasl2tp - ok
17:17:08.0084 3204  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
17:17:08.0133 3204  RasMan - ok
17:17:08.0153 3204  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:17:08.0201 3204  RasPppoe - ok
17:17:08.0216 3204  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
17:17:08.0258 3204  RasSstp - ok
17:17:08.0292 3204  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
17:17:08.0337 3204  rdbss - ok
17:17:08.0354 3204  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
17:17:08.0384 3204  rdpbus - ok
17:17:08.0395 3204  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
17:17:08.0430 3204  RDPCDD - ok
17:17:08.0457 3204  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
17:17:08.0501 3204  RDPENCDD - ok
17:17:08.0511 3204  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
17:17:08.0546 3204  RDPREFMP - ok
17:17:08.0573 3204  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
17:17:08.0612 3204  RDPWD - ok
17:17:08.0651 3204  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
17:17:08.0666 3204  rdyboost - ok
17:17:08.0683 3204  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:17:08.0726 3204  RemoteAccess - ok
17:17:08.0743 3204  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:17:08.0787 3204  RemoteRegistry - ok
17:17:08.0811 3204  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
17:17:08.0858 3204  RpcEptMapper - ok
17:17:08.0888 3204  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
17:17:08.0910 3204  RpcLocator - ok
17:17:08.0954 3204  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
17:17:08.0993 3204  RpcSs - ok
17:17:09.0023 3204  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:17:09.0095 3204  rspndr - ok
17:17:09.0126 3204  [ 4F55BC63DCA859A6DEDC1106E0062135 ] S3XXx64         C:\Windows\system32\DRIVERS\S3XXx64.sys
17:17:09.0148 3204  S3XXx64 - ok
17:17:09.0160 3204  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
17:17:09.0171 3204  SamSs - ok
17:17:09.0206 3204  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
17:17:09.0219 3204  sbp2port - ok
17:17:09.0245 3204  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:17:09.0305 3204  SCardSvr - ok
17:17:09.0331 3204  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
17:17:09.0370 3204  scfilter - ok
17:17:09.0418 3204  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
17:17:09.0490 3204  Schedule - ok
17:17:09.0524 3204  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
17:17:09.0557 3204  SCPolicySvc - ok
17:17:09.0591 3204  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
17:17:09.0636 3204  SDRSVC - ok
17:17:09.0672 3204  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:17:09.0723 3204  secdrv - ok
17:17:09.0758 3204  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
17:17:09.0807 3204  seclogon - ok
17:17:09.0829 3204  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
17:17:09.0865 3204  SENS - ok
17:17:09.0878 3204  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
17:17:09.0906 3204  SensrSvc - ok
17:17:09.0932 3204  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
17:17:09.0954 3204  Serenum - ok
17:17:09.0975 3204  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
17:17:09.0989 3204  Serial - ok
17:17:10.0004 3204  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
17:17:10.0032 3204  sermouse - ok
17:17:10.0066 3204  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
17:17:10.0114 3204  SessionEnv - ok
17:17:10.0139 3204  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
17:17:10.0173 3204  sffdisk - ok
17:17:10.0190 3204  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
17:17:10.0208 3204  sffp_mmc - ok
17:17:10.0230 3204  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
17:17:10.0250 3204  sffp_sd - ok
17:17:10.0266 3204  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
17:17:10.0288 3204  sfloppy - ok
17:17:10.0315 3204  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:17:10.0366 3204  SharedAccess - ok
17:17:10.0408 3204  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:17:10.0458 3204  ShellHWDetection - ok
17:17:10.0479 3204  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:17:10.0491 3204  SiSRaid2 - ok
17:17:10.0503 3204  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
17:17:10.0516 3204  SiSRaid4 - ok
17:17:10.0537 3204  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
17:17:10.0575 3204  Smb - ok
17:17:10.0613 3204  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:17:10.0627 3204  SNMPTRAP - ok
17:17:10.0641 3204  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
17:17:10.0653 3204  spldr - ok
17:17:10.0692 3204  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
17:17:10.0740 3204  Spooler - ok
17:17:10.0840 3204  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
17:17:10.0955 3204  sppsvc - ok
17:17:10.0975 3204  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
17:17:11.0028 3204  sppuinotify - ok
17:17:11.0061 3204  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
17:17:11.0093 3204  srv - ok
17:17:11.0117 3204  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:17:11.0149 3204  srv2 - ok
17:17:11.0170 3204  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:17:11.0190 3204  srvnet - ok
17:17:11.0219 3204  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
17:17:11.0282 3204  SSDPSRV - ok
17:17:11.0297 3204  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
17:17:11.0333 3204  SstpSvc - ok
17:17:11.0357 3204  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
17:17:11.0369 3204  stexstor - ok
17:17:11.0423 3204  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
17:17:11.0467 3204  stisvc - ok
17:17:11.0491 3204  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
17:17:11.0501 3204  swenum - ok
17:17:11.0536 3204  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
17:17:11.0592 3204  swprv - ok
17:17:11.0656 3204  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
17:17:11.0717 3204  SysMain - ok
17:17:11.0750 3204  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:17:11.0783 3204  TabletInputService - ok
17:17:11.0794 3204  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
17:17:11.0843 3204  TapiSrv - ok
17:17:11.0864 3204  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
17:17:11.0900 3204  TBS - ok
17:17:11.0976 3204  [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
17:17:12.0032 3204  Tcpip - ok
17:17:12.0075 3204  [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
17:17:12.0115 3204  TCPIP6 - ok
17:17:12.0150 3204  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:17:12.0197 3204  tcpipreg - ok
17:17:12.0228 3204  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
17:17:12.0251 3204  TDPIPE - ok
17:17:12.0277 3204  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
17:17:12.0292 3204  TDTCP - ok
17:17:12.0328 3204  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
17:17:12.0363 3204  tdx - ok
17:17:12.0391 3204  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
17:17:12.0404 3204  TermDD - ok
17:17:12.0439 3204  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
17:17:12.0494 3204  TermService - ok
17:17:12.0514 3204  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
17:17:12.0542 3204  Themes - ok
17:17:12.0562 3204  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
17:17:12.0597 3204  THREADORDER - ok
17:17:12.0612 3204  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
17:17:12.0658 3204  TrkWks - ok
17:17:12.0704 3204  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:17:12.0745 3204  TrustedInstaller - ok
17:17:12.0784 3204  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
17:17:12.0817 3204  tssecsrv - ok
17:17:12.0853 3204  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
17:17:12.0876 3204  TsUsbFlt - ok
17:17:12.0919 3204  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:17:12.0964 3204  tunnel - ok
17:17:12.0987 3204  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
17:17:13.0000 3204  uagp35 - ok
17:17:13.0030 3204  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:17:13.0079 3204  udfs - ok
17:17:13.0114 3204  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
17:17:13.0127 3204  UI0Detect - ok
17:17:13.0156 3204  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
17:17:13.0168 3204  uliagpkx - ok
17:17:13.0193 3204  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
17:17:13.0212 3204  umbus - ok
17:17:13.0231 3204  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
17:17:13.0243 3204  UmPass - ok
17:17:13.0264 3204  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
17:17:13.0306 3204  upnphost - ok
17:17:13.0339 3204  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
17:17:13.0371 3204  usbccgp - ok
17:17:13.0392 3204  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
17:17:13.0409 3204  usbcir - ok
17:17:13.0435 3204  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
17:17:13.0456 3204  usbehci - ok
17:17:13.0478 3204  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
17:17:13.0513 3204  usbhub - ok
17:17:13.0532 3204  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
17:17:13.0554 3204  usbohci - ok
17:17:13.0607 3204  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
17:17:13.0644 3204  usbprint - ok
17:17:13.0666 3204  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
17:17:13.0680 3204  usbscan - ok
17:17:13.0697 3204  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:17:13.0717 3204  USBSTOR - ok
17:17:13.0733 3204  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
17:17:13.0751 3204  usbuhci - ok
17:17:13.0777 3204  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
17:17:13.0822 3204  UxSms - ok
17:17:13.0837 3204  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
17:17:13.0849 3204  VaultSvc - ok
17:17:13.0881 3204  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
17:17:13.0893 3204  vdrvroot - ok
17:17:13.0938 3204  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
17:17:13.0983 3204  vds - ok
17:17:13.0994 3204  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
17:17:14.0009 3204  vga - ok
17:17:14.0023 3204  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
17:17:14.0065 3204  VgaSave - ok
17:17:14.0093 3204  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
17:17:14.0110 3204  vhdmp - ok
17:17:14.0138 3204  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
17:17:14.0150 3204  viaide - ok
17:17:14.0169 3204  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
17:17:14.0182 3204  volmgr - ok
17:17:14.0244 3204  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
17:17:14.0267 3204  volmgrx - ok
17:17:14.0288 3204  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
17:17:14.0306 3204  volsnap - ok
17:17:14.0334 3204  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
17:17:14.0349 3204  vsmraid - ok
17:17:14.0413 3204  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
17:17:14.0504 3204  VSS - ok
17:17:14.0520 3204  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
17:17:14.0547 3204  vwifibus - ok
17:17:14.0566 3204  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
17:17:14.0593 3204  vwififlt - ok
17:17:14.0625 3204  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
17:17:14.0667 3204  W32Time - ok
17:17:14.0693 3204  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
17:17:14.0711 3204  WacomPen - ok
17:17:14.0749 3204  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
17:17:14.0795 3204  WANARP - ok
17:17:14.0801 3204  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
17:17:14.0834 3204  Wanarpv6 - ok
17:17:14.0889 3204  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
17:17:14.0938 3204  wbengine - ok
17:17:14.0958 3204  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
17:17:14.0978 3204  WbioSrvc - ok
17:17:15.0008 3204  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
17:17:15.0034 3204  wcncsvc - ok
17:17:15.0051 3204  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:17:15.0074 3204  WcsPlugInService - ok
17:17:15.0097 3204  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
17:17:15.0108 3204  Wd - ok
17:17:15.0138 3204  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:17:15.0166 3204  Wdf01000 - ok
17:17:15.0174 3204  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:17:15.0248 3204  WdiServiceHost - ok
17:17:15.0252 3204  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
17:17:15.0270 3204  WdiSystemHost - ok
17:17:15.0304 3204  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
17:17:15.0336 3204  WebClient - ok
17:17:15.0364 3204  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:17:15.0405 3204  Wecsvc - ok
17:17:15.0423 3204  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
17:17:15.0471 3204  wercplsupport - ok
17:17:15.0492 3204  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
17:17:15.0529 3204  WerSvc - ok
17:17:15.0550 3204  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
17:17:15.0585 3204  WfpLwf - ok
17:17:15.0599 3204  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
17:17:15.0610 3204  WIMMount - ok
17:17:15.0624 3204  WinDefend - ok
17:17:15.0630 3204  WinHttpAutoProxySvc - ok
17:17:15.0677 3204  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
17:17:15.0723 3204  Winmgmt - ok
17:17:15.0791 3204  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
17:17:15.0864 3204  WinRM - ok
17:17:15.0920 3204  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
17:17:15.0935 3204  WinUsb - ok
17:17:15.0980 3204  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
17:17:16.0022 3204  Wlansvc - ok
17:17:16.0053 3204  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
17:17:16.0076 3204  WmiAcpi - ok
17:17:16.0106 3204  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:17:16.0123 3204  wmiApSrv - ok
17:17:16.0141 3204  WMPNetworkSvc - ok
17:17:16.0158 3204  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:17:16.0178 3204  WPCSvc - ok
17:17:16.0205 3204  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:17:16.0221 3204  WPDBusEnum - ok
17:17:16.0239 3204  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
17:17:16.0279 3204  ws2ifsl - ok
17:17:16.0299 3204  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
17:17:16.0325 3204  wscsvc - ok
17:17:16.0331 3204  WSearch - ok
17:17:16.0424 3204  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
17:17:16.0493 3204  wuauserv - ok
17:17:16.0523 3204  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
17:17:16.0565 3204  WudfPf - ok
17:17:16.0598 3204  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
17:17:16.0640 3204  WUDFRd - ok
17:17:16.0678 3204  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
17:17:16.0714 3204  wudfsvc - ok
17:17:16.0744 3204  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
17:17:16.0765 3204  WwanSvc - ok
17:17:16.0795 3204  ================ Scan global ===============================
17:17:16.0820 3204  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:17:16.0845 3204  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
17:17:16.0856 3204  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
17:17:16.0887 3204  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:17:16.0911 3204  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:17:16.0916 3204  [Global] - ok
17:17:16.0916 3204  ================ Scan MBR ==================================
17:17:16.0929 3204  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:17:17.0248 3204  \Device\Harddisk0\DR0 - ok
17:17:17.0248 3204  ================ Scan VBR ==================================
17:17:17.0275 3204  [ 160F1BAEA8DBD6D497C81A857B23FEF8 ] \Device\Harddisk0\DR0\Partition1
17:17:17.0276 3204  \Device\Harddisk0\DR0\Partition1 - ok
17:17:17.0285 3204  [ D0EF332F36449710C86DDD311559437C ] \Device\Harddisk0\DR0\Partition2
17:17:17.0287 3204  \Device\Harddisk0\DR0\Partition2 - ok
17:17:17.0291 3204  [ 0CB2327DEA60F72AE3484B60D10242ED ] \Device\Harddisk0\DR0\Partition3
17:17:17.0291 3204  \Device\Harddisk0\DR0\Partition3 - ok
17:17:17.0293 3204  ============================================================
17:17:17.0293 3204  Scan finished
17:17:17.0293 3204  ============================================================
17:17:17.0308 3692  Detected object count: 4
17:17:17.0308 3692  Actual detected object count: 4
17:17:41.0693 3692  D-Link Wireless N DWA-140_WPS ( UnsignedFile.Multi.Generic ) - skipped by user
17:17:41.0693 3692  D-Link Wireless N DWA-140_WPS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:17:41.0696 3692  HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
17:17:41.0696 3692  HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:17:41.0698 3692  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
17:17:41.0698 3692  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:17:41.0701 3692  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
17:17:41.0701 3692  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
         
__________________


Alt 06.09.2012, 19:43   #18
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
GVU Trojaner - Rechner gesperrt - - Standard

GVU Trojaner - Rechner gesperrt -



Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.
__________________
__________________

Alt 08.09.2012, 07:51   #19
Zosch
 
GVU Trojaner - Rechner gesperrt - - Standard

GVU Trojaner - Rechner gesperrt -



Combofix Logfile:
Code:
ATTFilter
ComboFix 12-09-07.03 - ***** 08.09.2012   8:34.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3070.2051 [GMT 2:00]
ausgeführt von:: c:\users\*****\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
c:\programdata\nud0repor.pad
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-08-08 bis 2012-09-08  ))))))))))))))))))))))))))))))
.
.
2012-09-08 06:37 . 2012-09-08 06:37	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-09-08 06:37 . 2012-09-08 06:37	69000	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{4E721FDE-F930-4E05-A100-C669B72AEE45}\offreg.dll
2012-09-08 06:19 . 2012-08-23 08:26	9310152	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{4E721FDE-F930-4E05-A100-C669B72AEE45}\mpengine.dll
2012-09-06 10:47 . 2012-09-06 10:47	--------	d-----w-	C:\_OTL
2012-09-03 20:59 . 2012-09-03 20:59	--------	d-----w-	c:\program files (x86)\ESET
2012-09-03 20:06 . 2012-09-03 20:06	--------	d-----w-	c:\users\*****\AppData\Roaming\Malwarebytes
2012-09-03 20:06 . 2012-09-03 20:06	--------	d-----w-	c:\programdata\Malwarebytes
2012-09-03 20:06 . 2012-07-03 11:46	24904	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-09-02 09:52 . 2012-09-02 09:52	--------	d-----w-	c:\users\*****\AppData\Local\ElevatedDiagnostics
2012-08-23 12:50 . 2012-08-23 12:52	--------	d-----w-	c:\programdata\Solidshield
2012-08-23 12:25 . 2012-08-23 12:25	--------	d-----w-	c:\programdata\Electronic Arts
2012-08-23 12:25 . 2012-08-23 12:25	--------	d-----w-	c:\programdata\EA Core
2012-08-23 12:21 . 2008-07-12 06:18	3851784	----a-w-	c:\windows\SysWow64\D3DX9_39.dll
2012-08-23 06:39 . 2012-08-23 06:39	--------	d-----w-	c:\programdata\McAfee
2012-08-15 09:15 . 2012-08-23 06:39	73416	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-15 09:15 . 2012-08-23 06:39	696520	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-15 09:15 . 2012-08-15 09:15	--------	d-----w-	c:\windows\SysWow64\Macromed
2012-08-15 09:15 . 2012-08-15 09:15	--------	d-----w-	c:\windows\system32\Macromed
2012-08-15 06:59 . 2012-05-05 08:36	503808	----a-w-	c:\windows\system32\srcore.dll
2012-08-15 06:59 . 2012-05-05 07:46	43008	----a-w-	c:\windows\SysWow64\srclient.dll
2012-08-15 06:58 . 2012-02-11 06:43	751104	----a-w-	c:\windows\system32\win32spl.dll
2012-08-15 06:58 . 2012-02-11 06:36	559104	----a-w-	c:\windows\system32\spoolsv.exe
2012-08-15 06:58 . 2012-02-11 06:36	67072	----a-w-	c:\windows\splwow64.exe
2012-08-15 06:58 . 2012-02-11 05:43	492032	----a-w-	c:\windows\SysWow64\win32spl.dll
2012-08-15 06:58 . 2012-07-04 22:16	73216	----a-w-	c:\windows\system32\netapi32.dll
2012-08-15 06:58 . 2012-07-04 22:13	59392	----a-w-	c:\windows\system32\browcli.dll
2012-08-15 06:58 . 2012-07-04 22:13	136704	----a-w-	c:\windows\system32\browser.dll
2012-08-15 06:58 . 2012-07-04 21:14	41984	----a-w-	c:\windows\SysWow64\browcli.dll
2012-08-15 06:58 . 2012-07-18 18:15	3148800	----a-w-	c:\windows\system32\win32k.sys
2012-08-15 06:58 . 2012-05-14 05:26	956928	----a-w-	c:\windows\system32\localspl.dll
2012-08-14 22:03 . 2007-06-01 08:39	765952	----a-w-	c:\windows\SysWow64\xvidcore.dll
2012-08-14 22:03 . 2007-06-01 08:39	77824	----a-w-	c:\windows\SysWow64\xvid.ax
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-15 14:14 . 2012-04-02 13:43	62134624	----a-w-	c:\windows\system32\MRT.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"D-Link D-Link Wireless N DWA-140"="c:\program files (x86)\D-Link\DWA-140 revB\AirNCFG.exe" [2010-06-30 1024000]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-08-10 348664]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-23 250568]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 S3XXx64;SCR3xx USB SmartCardReader64;c:\windows\system32\DRIVERS\S3XXx64.sys [2011-09-07 70016]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S1 anodlwf;ANOD Network Security Filter driver;c:\windows\system32\DRIVERS\anodlwfx.sys [2009-03-06 15872]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-09-16 27760]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-08 86224]
S2 AntiVirWebService;Avira Browser Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2012-05-08 465360]
S2 D-Link Wireless N DWA-140_WPS;D-Link Wireless N DWA-140_WPS Service;c:\program files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe [2010-06-03 53248]
S3 netr28ux;D-Link dnetr28u USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\Dnetr28ux.sys [2010-05-05 1119072]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-09-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 06:39]
.
2012-09-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3778003709-349896348-923393211-1000Core.job
- c:\users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-29 10:55]
.
2012-09-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3778003709-349896348-923393211-1000UA.job
- c:\users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-29 10:55]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.2.1
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-09-08  08:40:09
ComboFix-quarantined-files.txt  2012-09-08 06:40
.
Vor Suchlauf: 874.217.472 Bytes frei
Nach Suchlauf: 739.119.104 Bytes frei
.
- - End Of File - - 3DEDB1A39341DAF220EB80B114C18841
         
--- --- ---

Alt 10.09.2012, 14:48   #20
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
GVU Trojaner - Rechner gesperrt - - Standard

GVU Trojaner - Rechner gesperrt -



Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).



Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.

__________________
Logfiles bitte immer in CODE-Tags posten

Antwort

Themen zu GVU Trojaner - Rechner gesperrt -
bereits, bitte um hilfe, gesperrt, guten, gvu trojaner, inter, interne, internet, morgen, paysafecard, rechner, rechner gesperrt, scans, seite, surfe, surfen, troja, trojaner, ukash, vorgehen, weiße, weiße seite, zahlung



Ähnliche Themen: GVU Trojaner - Rechner gesperrt -


  1. Windows 7: Interpol Virus/Trojaner, Rechner gesperrt
    Log-Analyse und Auswertung - 29.12.2013 (3)
  2. Interpol-Trojaner hat meinen Rechner gesperrt
    Log-Analyse und Auswertung - 07.12.2013 (21)
  3. Windows Vista: MSI Nettop: Interpol Trojaner Rechner gesperrt
    Log-Analyse und Auswertung - 01.11.2013 (14)
  4. GVU-Trojaner, Rechner gesperrt
    Log-Analyse und Auswertung - 28.09.2013 (17)
  5. Interpol Trojaner - Rechner gesperrt - wie bekomme ich den weg ?
    Log-Analyse und Auswertung - 15.08.2013 (5)
  6. rechner gesperrt ,bundesamt-trojaner
    Log-Analyse und Auswertung - 29.05.2013 (15)
  7. Trojaner auf dem Rechner und Onlinebanking gesperrt
    Plagegeister aller Art und deren Bekämpfung - 16.05.2013 (3)
  8. Rechner gesperrt durch BKA Trojaner
    Log-Analyse und Auswertung - 12.02.2013 (5)
  9. GVU-Trojaner - Rechner nicht gesperrt
    Log-Analyse und Auswertung - 28.01.2013 (21)
  10. ukash-trojaner-Rechner gesperrt
    Plagegeister aller Art und deren Bekämpfung - 12.01.2013 (2)
  11. BKA Trojaner - Rechner gesperrt
    Plagegeister aller Art und deren Bekämpfung - 22.11.2012 (35)
  12. Rechner gesperrt durch GVU Trojaner (beim update von youtube to mp3 converter)
    Plagegeister aller Art und deren Bekämpfung - 22.11.2012 (3)
  13. GVU-Trojaner, Rechner gesperrt, mit OTL schon Logfiles erstellt
    Plagegeister aller Art und deren Bekämpfung - 27.09.2012 (8)
  14. GVU Trojaner, Rechner komplett gesperrt und Frau hat keine Ahnung was zu tun ist! :o)
    Plagegeister aller Art und deren Bekämpfung - 24.08.2012 (50)
  15. Bundespolizeit Trojaner Rechner gesperrt
    Plagegeister aller Art und deren Bekämpfung - 13.08.2012 (19)
  16. 50 € Trojaner - Rechner gesperrt
    Log-Analyse und Auswertung - 19.02.2012 (1)
  17. BKA Trojaner Zahlungsaufforderung 100 Euro, Rechner wurde gesperrt
    Plagegeister aller Art und deren Bekämpfung - 20.12.2011 (8)

Zum Thema GVU Trojaner - Rechner gesperrt - - Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis : Bitte den Virenscanner abstellen bevor du den - GVU Trojaner - Rechner gesperrt -...
Archiv
Du betrachtest: GVU Trojaner - Rechner gesperrt - auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.