Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
TR/Sirefef.A.78 & TR/Crypt.XPACK.Gen

TR/Sirefef.A.78 & TR/Crypt.XPACK.Gen


Plagegeister aller Art und deren Bekämpfung: TR/Sirefef.A.78 & TR/Crypt.XPACK.Gen

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 1 von 2 1 2
Alt 23.05.2013, 07:54   #1
funkfux
 
TR/Sirefef.A.78 & TR/Crypt.XPACK.Gen - Standard

TR/Sirefef.A.78 & TR/Crypt.XPACK.Gen


Hallo Forum,

bekomme seit geraumer Zeit von Avira Antivir im Echtzeitscanner die Fehlermeldung, dass sich "TR/Sirefef.A.78" sowie "TR/Crypt.XPACK.Gen" auf meinem System befänden.
Wenn ich nun das System scanne bzw. die Viren/Trojaner löschen will, findet Antivir diese plötzlich nicht mehr.
Es wäre sehr nett, wenn mir jemand mit diesem Problem helfen könnte. Ich habe bereits das Forum durchsucht und einen Eintrag dazu gefunden, in diesem wurde der Virus jedoch nicht entfernt.

Ich benutze den Laptop sowohl beruflich als auch für Online-Banking und bin deshalb etwas besorgt!

Eine Neuaufsetzung des Systems wäre nur im äußersten Notfall für mich geeignet, da das OS beim Kauf bereits vorinstalliert war und mein Laptop kein CD ROM Laufwerk besitzt, eine Neuinstallation für mich deshalb etwas komplizierter/teurer werden würde. Aber klar, Sicherheit geht vor!

Vielen Dank schon einmal für den Support.

Hier der Log von Malwarebytes Anti-Malware.

Zitat:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.05.23.04

Windows 7 x86 NTFS
Internet Explorer 9.0.8112.16421
Domi :: DOMI-PC [Administrator]

23.05.2013 08:38:00
mbam-log-2013-05-23 (08-38-00).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 217147
Laufzeit: 14 Minute(n), 14 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 4
HKCR\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32| (Trojan.0Access) -> Bösartig: (C:\$Recycle.Bin\S-1-5-18\$cbf461249d50c4b27aabc3400446a028\n.) Gut: (fastprox.dll) -> Erfolgreich ersetzt und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bösartig: (1) Gut: (0) -> Erfolgreich ersetzt und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bösartig: (1) Gut: (0) -> Erfolgreich ersetzt und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bösartig: (1) Gut: (0) -> Erfolgreich ersetzt und in Quarantäne gestellt.

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 2
C:\Users\Domi\AppData\Local\Temp\1q9TuIRx.zip.part (Trojan.Zbot.ED) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\$Recycle.Bin\S-1-5-18\$cbf461249d50c4b27aabc3400446a028\n (Trojan.0Access) -> Löschen bei Neustart.

(Ende)

Alt 23.05.2013, 08:17   #2
smeenk
/// Malwareteam / Visitor
 
TR/Sirefef.A.78 & TR/Crypt.XPACK.Gen - Standard

TR/Sirefef.A.78 & TR/Crypt.XPACK.Gen


Hi funkfux

Ich bin Smeenk und ich werde versuchen Dir zu helfen


Systemscan mit ZOEK

Bitte lade die zoek.exe von hier: http://hijackthis.nl/smeenk/
  • Bitte deaktiviere während des Scans alle Virenscanner, da sie das Ergebnis beeinflussen.
  • Starte die Zoek.exe mit einem Doppelklick (nur Windows XP-Benutzer).
  • Windows Vista/7 Benutzer starten das Tool bitte per Rechtsklick auf das Icon und wählen "Als Administrator starten".
  • Kopiere untenstehende Code in das Textfeld:
    Code:
    ATTFilter
    emptyclsid;
chromelook;
autoclean;
startupall;
filesrcm;
firefoxlook;
  • Nun klicke auf "Run script" und warte geduldig, bis der Scan durchgelaufen ist.
  • Wenn das Tool fertig ist, wird sich Notepad mit dem Logfile öffnen (ggfs. erst nach einem Neustart).
    Nachträglich kannst Du den Bericht unter c:\zoek-results.log einsehen.
  • Poste mir das Log File zoek-results.log


Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.


Bitte alles nach Möglichkeit hier in CODE-Tags posten: [code] Dein Log hier [/code]
__________________
Alt 23.05.2013, 19:46   #3
funkfux
 
TR/Sirefef.A.78 & TR/Crypt.XPACK.Gen - Standard

TR/Sirefef.A.78 & TR/Crypt.XPACK.Gen


Hallo Smeenk,

vielen Dank schon einmal für deine Mühen

Hier die jeweiligen Logs:

Code:
ATTFilter
Zoek.exe Version 4.0.0.2 Updated 22-May-2013
Tool run by Domi on 23.05.2013 at 19:08:46,83.
Microsoft Windows 7 Home Premium  6.1.7600  x86
Running in: Normal Mode Internet Access Detected

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3162087011-3064661499-2517015769-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3162087011-3064661499-2517015769-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully
HKEY_USERS\S-1-5-21-3162087011-3064661499-2517015769-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully

==== Deleting Files \ Folders ======================

"C:\$Recycle.Bin\S-1-5-18\$cbf461249d50c4b27aabc3400446a028" not found 
"C:\$Recycle.Bin\S-1-5-21-3162087011-3064661499-2517015769-1003\$cbf461249d50c4b27aabc3400446a028\@" deleted
"C:\ProgramData\036DFF8500083109027730C94F147CE7\036DFF8500083109027730C94F147CE7" deleted
"C:\ProgramData\036DFF8500083109027730C94F147CE7\036DFF8500083109027730C94F147CE7.ico" deleted
"C:\ProgramData\036DFF8500083109027730C9E56C34C7\036DFF8500083109027730C9E56C34C7" deleted
"C:\ProgramData\036DFF8500083109027730C9E56C34C7\036DFF8500083109027730C9E56C34C7.ico" deleted
"C:\Users\Domi\AppData\Roaming\Quud\hium.irb" deleted
"C:\$Recycle.Bin\S-1-5-21-3162087011-3064661499-2517015769-1003\$cbf461249d50c4b27aabc3400446a028\U\00000001.@" deleted
"C:\$Recycle.Bin\S-1-5-21-3162087011-3064661499-2517015769-1003\$cbf461249d50c4b27aabc3400446a028" deleted
"C:\ProgramData\036DFF8500083109027730C94F147CE7" deleted
"C:\ProgramData\036DFF8500083109027730C9E56C34C7" deleted
"C:\Users\Domi\AppData\Roaming\Quud" deleted
"C:\Users\Domi\AppData\Roaming\Wiuv" deleted
"C:\Users\Domi\AppData\Roaming\Uvxee" deleted
"C:\Users\Domi\AppData\Roaming\Wyxow" deleted
"C:\$Recycle.Bin\S-1-5-21-3162087011-3064661499-2517015769-1003\$cbf461249d50c4b27aabc3400446a028\L" deleted
"C:\$Recycle.Bin\S-1-5-21-3162087011-3064661499-2517015769-1003\$cbf461249d50c4b27aabc3400446a028\U" deleted
"C:\windows\system32\appdata" deleted

==== Registry Search Results for "$cbf461249d50c4b27aabc3400446a028" ======================


[HKEY_USERS\S-1-5-21-3162087011-3064661499-2517015769-1003\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InprocServer32]
@="C:\\$Recycle.Bin\\S-1-5-21-3162087011-3064661499-2517015769-1003\\$cbf461249d50c4b27aabc3400446a028\\n."

[HKEY_USERS\S-1-5-21-3162087011-3064661499-2517015769-1003_Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InprocServer32]
@="C:\\$Recycle.Bin\\S-1-5-21-3162087011-3064661499-2517015769-1003\\$cbf461249d50c4b27aabc3400446a028\\n."

==== Files Recently Created / Modified ======================

====== C:\windows ====
====== C:\Users\Domi\AppData\Local\Temp ====
====== C:\windows\system32 =====
====== C:\windows\system32\drivers =====
2013-05-23 06:36:03	4470E3C1E0C3378E4CAB137893C12C3A	22856	----a-w-	C:\windows\System32\drivers\mbam.sys
2013-05-08 16:36:06	751EFA9A72105EC4F980CB1923C7BCCF	66656	----a-w-	C:\windows\System32\drivers\avnetflt.sys
====== C:\windows\Tasks ======
====== C:\windows\Temp ======
======= C:\Program Files =====
2013-05-23 06:34:44	--------	d-----w-	C:\Program Files\Antimalware
======= C: =====
====== C:\Users\Domi\AppData\Roaming ======
2013-05-23 06:35:52	--------	d-----w-	C:\users\Domi\AppData\Local\Programs
====== C:\Users\Domi ======

====== C: exe-files ==
2013-05-23 17:03:04	825BF0E46B4470A463AEB641480C5FCA	117144	----a-w-	C:\Program Files\Mozilla Maintenance Service\maintenanceservice_tmp.exe
2013-05-23 06:34:54	683FDD3D773C58B262DC07CD0C6CE938	10285040	----a-w-	C:\Program Files\Antimalware\mbam-setup-1.75.0.1300.exe
=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3162087011-3064661499-2517015769-1003\Software\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="C:\Users\Domi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WLStart"="C:\Program Files\Windows Live\Installer\wlstart.exe /nosearch /nohomepage"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WLStart"="C:\Program Files\Windows Live\Installer\wlstart.exe /nosearch /nohomepage"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe"
"IgfxTray"="C:\windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\windows\system32\hkcmd.exe"
"Persistence"="C:\windows\system32\igfxpers.exe"
"cAudioFilterAgent"="C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent.exe"
"TpShocks"="C:\Windows\system32\TpShocks.exe"
"EnergyUtility"="C:\Program Files\Lenovo\Energy Management\utility.exe"
"Energy Management"="C:\Program Files\Lenovo\Energy Management\Energy Management.exe"
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"avgnt"="C:\Program Files\Avira\AntiVir Desktop\avgnt.exe /min"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="C:\Users\Domi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe Reader Speed Launcher"
"hkey"="HKLM"
"command"="\"c:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Cisco AnyConnect Secure Mobility Agent for Windows]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Cisco AnyConnect Secure Mobility Agent for Windows"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Cisco\\Cisco AnyConnect Secure Mobility Client\\vpnui.exe\" -minimized"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="QuickTime Task"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SmartAudio]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SmartAudio"
"hkey"="HKLM"
"command"="C:\\Program Files\\CONEXANT\\SAII\\SAIICpl.exe /t"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\VeriFaceManager]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="VeriFaceManager"
"hkey"="HKLM"
"command"="C:\\Program Files\\Lenovo\\VeriFace\\PManage.exe"


==== Startup Folders ======================

2011-07-25 08:34:57	1047	----a-w-	C:\users\Domi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
2012-06-21 10:54:43	1326	----a-w-	C:\users\Domi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
2010-06-18 12:13:47	876	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk

==== Task Scheduler Jobs ======================

C:\windows\tasks\Adobe Flash Player Updater.job --a------ C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [15.05.2013 08:06]
C:\windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [13.03.2012 23:22]
C:\windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [13.03.2012 23:22]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Domi\AppData\Roaming\Mozilla\Firefox\Profiles\c3c4147w.default
- Firebug - %ProfilePath%\extensions\firebug@software.joehewitt.com.xpi
- Stealthy - %ProfilePath%\extensions\stealthyextension@gmail.com.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files\Mozilla Firefox
- Undetermined - %AppDir%\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}

==== Firefox Plugins ======================

Profilepath: C:\Users\Domi\AppData\Roaming\Mozilla\Firefox\Profiles\c3c4147w.default
3D928B3FE97C403A33F803B3D1A260C9	- C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll -	Google Update
7ABE33792F2787D599B6963E71B9E8CD	- C:\windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll -	Shockwave Flash
3A523765D795DB006C010B915C3A840A	- C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll -	Adobe Acrobat
42A9B216A7A288512CE2F9A6BCCE96BC	- C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll -	Adobe Acrobat
E971E06DDE68684CB3957C5D0E133CB0	- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll -	Google Earth Plugin
9013599B12923A45C029C34E8D2211AC	- c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll -	Silverlight Plug-In
576C325A4EDCF05787AB692A2BE1BA68	- C:\Program Files\veetle\plugins\npVeetle.dll -	Veetle TV Core
E30EF114D06628371C9C1A701BA024C6	- C:\Program Files\QuickTime\Plugins\npqtplugin7.dll -	QuickTime Plug-in 7.6.8
625CF17AADF06CF71DFD71B2BAF8E22F	- C:\Program Files\QuickTime\Plugins\npqtplugin6.dll -	QuickTime Plug-in 7.6.8
BCC8DB6CA588BEA08974A56DAFE590DD	- C:\Program Files\QuickTime\Plugins\npqtplugin5.dll -	QuickTime Plug-in 7.6.8
38638513FB8C7B5362B194D4D938E71F	- C:\Program Files\QuickTime\Plugins\npqtplugin4.dll -	QuickTime Plug-in 7.6.8
D3D3975308EC3D7B11B64EA2C99C533A	- C:\Program Files\QuickTime\Plugins\npqtplugin3.dll -	QuickTime Plug-in 7.6.8
094347D58BC4A051A7A1644CDE779A1F	- C:\Program Files\QuickTime\Plugins\npqtplugin2.dll -	QuickTime Plug-in 7.6.8
5C9B20AE4368FA66AFF0291A64C1E6CA	- C:\Program Files\QuickTime\Plugins\npqtplugin.dll -	QuickTime Plug-in 7.6.8
7559E4FDA009669309E599474D852527	- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll -	iTunes Application Detector
866B027053F3A40BC36126D265C78E96	- C:\Program Files\veetle\Player\npvlc.dll -	Veetle TV Player
3509063A268A4197CF8E713BD22B0978	- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll -	Windows Live® Photo Gallery
BF2AD333C79072EEBE5AE0D72670E64E	- c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrlui.dll -	Microsoft® Silverlight


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://lenovo.msn.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://lenovo.msn.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox"
{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} Unknown  Url="Not_Found"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3162087011-3064661499-2517015769-1003\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Domi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Domi\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Domi\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Domi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\users\Domi\AppData\Local\Mozilla\Firefox\Profiles\c3c4147w.default\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache is not empty, a reboot is needed

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\Domi\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Domi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\users\Domi\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\LNTS8CUW\www.tvinfo.de"  not found

==== EOF on 23.05.2013 at 20:15:02,53 ======================

Code:
ATTFilter
20:41:07.0374 0844  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:41:07.0561 0844  ============================================================
20:41:07.0561 0844  Current date / time: 2013/05/23 20:41:07.0561
20:41:07.0561 0844  SystemInfo:
20:41:07.0561 0844  
20:41:07.0561 0844  OS Version: 6.1.7600 ServicePack: 0.0
20:41:07.0561 0844  Product type: Workstation
20:41:07.0561 0844  ComputerName: DOMI-PC
20:41:07.0561 0844  UserName: Domi
20:41:07.0561 0844  Windows directory: C:\windows
20:41:07.0561 0844  System windows directory: C:\windows
20:41:07.0561 0844  Processor architecture: Intel x86
20:41:07.0561 0844  Number of processors: 2
20:41:07.0561 0844  Page size: 0x1000
20:41:07.0561 0844  Boot type: Normal boot
20:41:07.0561 0844  ============================================================
20:41:08.0435 0844  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:41:08.0450 0844  ============================================================
20:41:08.0450 0844  \Device\Harddisk0\DR0:
20:41:08.0450 0844  MBR partitions:
20:41:08.0450 0844  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
20:41:08.0450 0844  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x1F9A0000
20:41:08.0481 0844  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1FA05000, BlocksNum 0x3CA7000
20:41:08.0481 0844  ============================================================
20:41:08.0528 0844  C: <-> \Device\Harddisk0\DR0\Partition2
20:41:08.0575 0844  D: <-> \Device\Harddisk0\DR0\Partition3
20:41:08.0575 0844  ============================================================
20:41:08.0575 0844  Initialize success
20:41:08.0575 0844  ============================================================
20:41:43.0379 3088  ============================================================
20:41:43.0379 3088  Scan started
20:41:43.0379 3088  Mode: Manual; 
20:41:43.0379 3088  ============================================================
20:41:43.0784 3088  ================ Scan system memory ========================
20:41:43.0784 3088  System memory - ok
20:41:43.0784 3088  ================ Scan services =============================
20:41:43.0987 3088  [ 6D2ACA41739BFE8CB86EE8E85F29697D ] 1394ohci        C:\windows\system32\DRIVERS\1394ohci.sys
20:41:44.0003 3088  1394ohci - ok
20:41:44.0034 3088  [ F0E07D144C8685B8774BC32FC8DA4DF0 ] ACPI            C:\windows\system32\DRIVERS\ACPI.sys
20:41:44.0034 3088  ACPI - ok
20:41:44.0081 3088  [ 79D6B28027C398B728CE7CD0570248B0 ] acpials         C:\windows\system32\DRIVERS\acpials.sys
20:41:44.0081 3088  acpials - ok
20:41:44.0112 3088  [ 98D81CA942D19F7D9153B095162AC013 ] AcpiPmi         C:\windows\system32\DRIVERS\acpipmi.sys
20:41:44.0112 3088  AcpiPmi - ok
20:41:44.0159 3088  [ 87114EFEDEB94AF49323CA61F344716D ] ACPIVPC         C:\windows\system32\DRIVERS\AcpiVpc.sys
20:41:44.0159 3088  ACPIVPC - ok
20:41:44.0237 3088  [ 45D8E2A2D8B9F33C32A7ADB6900C6E04 ] acsock          C:\windows\system32\DRIVERS\acsock.sys
20:41:44.0252 3088  acsock - ok
20:41:44.0424 3088  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
20:41:44.0424 3088  AdobeARMservice - ok
20:41:44.0502 3088  [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:41:44.0517 3088  AdobeFlashPlayerUpdateSvc - ok
20:41:44.0580 3088  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\windows\system32\DRIVERS\adp94xx.sys
20:41:44.0595 3088  adp94xx - ok
20:41:44.0627 3088  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\windows\system32\DRIVERS\adpahci.sys
20:41:44.0642 3088  adpahci - ok
20:41:44.0642 3088  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\windows\system32\DRIVERS\adpu320.sys
20:41:44.0658 3088  adpu320 - ok
20:41:44.0705 3088  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
20:41:44.0705 3088  AeLookupSvc - ok
20:41:44.0751 3088  [ 0DB7A48388D54D154EBEC120461A0FCD ] AFD             C:\windows\system32\drivers\afd.sys
20:41:44.0783 3088  AFD - ok
20:41:44.0814 3088  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\windows\system32\DRIVERS\agp440.sys
20:41:44.0814 3088  agp440 - ok
20:41:44.0861 3088  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\windows\system32\DRIVERS\djsvs.sys
20:41:44.0876 3088  aic78xx - ok
20:41:44.0907 3088  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\windows\System32\alg.exe
20:41:44.0923 3088  ALG - ok
20:41:44.0939 3088  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\windows\system32\DRIVERS\aliide.sys
20:41:44.0954 3088  aliide - ok
20:41:44.0954 3088  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\windows\system32\DRIVERS\amdagp.sys
20:41:44.0970 3088  amdagp - ok
20:41:44.0985 3088  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\windows\system32\DRIVERS\amdide.sys
20:41:44.0985 3088  amdide - ok
20:41:45.0001 3088  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\windows\system32\DRIVERS\amdk8.sys
20:41:45.0017 3088  AmdK8 - ok
20:41:45.0032 3088  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\windows\system32\DRIVERS\amdppm.sys
20:41:45.0048 3088  AmdPPM - ok
20:41:45.0079 3088  [ 19CE906B4CDC11FC4FEF5745F33A63B6 ] amdsata         C:\windows\system32\drivers\amdsata.sys
20:41:45.0095 3088  amdsata - ok
20:41:45.0126 3088  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\windows\system32\DRIVERS\amdsbs.sys
20:41:45.0141 3088  amdsbs - ok
20:41:45.0173 3088  [ 869E67D66BE326A5A9159FBA8746FA70 ] amdxata         C:\windows\system32\drivers\amdxata.sys
20:41:45.0173 3088  amdxata - ok
20:41:45.0375 3088  [ D9A92E6DD41C5ADC045AE485026AA40C ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
20:41:45.0375 3088  AntiVirSchedulerService - ok
20:41:45.0438 3088  [ 66A7A38F7C439153B758548375EB9E5E ] AntiVirService  C:\Program Files\Avira\AntiVir Desktop\avguard.exe
20:41:45.0453 3088  AntiVirService - ok
20:41:45.0485 3088  [ FEB834C02CE1E84B6A38F953CA067706 ] AppID           C:\windows\system32\drivers\appid.sys
20:41:45.0500 3088  AppID - ok
20:41:45.0531 3088  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\windows\System32\appidsvc.dll
20:41:45.0547 3088  AppIDSvc - ok
20:41:45.0563 3088  [ 7DEAD9E3F65DCB2794F2711003BBF650 ] Appinfo         C:\windows\System32\appinfo.dll
20:41:45.0563 3088  Appinfo - ok
20:41:45.0625 3088  [ 70D7BE78061126DD0C3ACCDB7E129017 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:41:45.0625 3088  Apple Mobile Device - ok
20:41:45.0672 3088  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\windows\system32\DRIVERS\arc.sys
20:41:45.0687 3088  arc - ok
20:41:45.0687 3088  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\windows\system32\DRIVERS\arcsas.sys
20:41:45.0703 3088  arcsas - ok
20:41:45.0797 3088  [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state    C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
20:41:45.0812 3088  aspnet_state - ok
20:41:45.0828 3088  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
20:41:45.0828 3088  AsyncMac - ok
20:41:45.0859 3088  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\windows\system32\DRIVERS\atapi.sys
20:41:45.0875 3088  atapi - ok
20:41:45.0921 3088  [ 510C873BFA135AA829F4180352772734 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
20:41:45.0953 3088  AudioEndpointBuilder - ok
20:41:45.0968 3088  [ 510C873BFA135AA829F4180352772734 ] Audiosrv        C:\windows\System32\Audiosrv.dll
20:41:45.0968 3088  Audiosrv - ok
20:41:46.0046 3088  [ 87425709A251386064C99B684BF96F72 ] avgntflt        C:\windows\system32\DRIVERS\avgntflt.sys
20:41:46.0062 3088  avgntflt - ok
20:41:46.0109 3088  [ D50FBA68163BC498F2C136E0E5BA8E2F ] avipbb          C:\windows\system32\DRIVERS\avipbb.sys
20:41:46.0124 3088  avipbb - ok
20:41:46.0202 3088  [ CB8741CD7B126499FED40C9B197F6AC5 ] avkmgr          C:\windows\system32\DRIVERS\avkmgr.sys
20:41:46.0202 3088  avkmgr - ok
20:41:46.0249 3088  [ DD6A431B43E34B91A767D1CE33728175 ] AxInstSV        C:\windows\System32\AxInstSV.dll
20:41:46.0265 3088  AxInstSV - ok
20:41:46.0296 3088  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\windows\system32\DRIVERS\bxvbdx.sys
20:41:46.0327 3088  b06bdrv - ok
20:41:46.0358 3088  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\windows\system32\DRIVERS\b57nd60x.sys
20:41:46.0374 3088  b57nd60x - ok
20:41:46.0483 3088  [ F9CE9B5E049EFC66B8E6C73C18EE8438 ] BCM43XX         C:\windows\system32\DRIVERS\bcmwl6.sys
20:41:46.0514 3088  BCM43XX - ok
20:41:46.0561 3088  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\windows\System32\bdesvc.dll
20:41:46.0577 3088  BDESVC - ok
20:41:46.0608 3088  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\windows\system32\drivers\Beep.sys
20:41:46.0608 3088  Beep - ok
20:41:46.0623 3088  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\windows\system32\DRIVERS\blbdrive.sys
20:41:46.0623 3088  blbdrive - ok
20:41:46.0686 3088  [ 673CF4F6BB1FBE09331B526802FBB892 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:41:46.0701 3088  Bonjour Service - ok
20:41:46.0733 3088  [ 9A5C671B7FBAE4865149BB11F59B91B2 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
20:41:46.0733 3088  bowser - ok
20:41:46.0748 3088  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\windows\system32\DRIVERS\BrFiltLo.sys
20:41:46.0764 3088  BrFiltLo - ok
20:41:46.0795 3088  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\windows\system32\DRIVERS\BrFiltUp.sys
20:41:46.0795 3088  BrFiltUp - ok
20:41:46.0842 3088  [ B35BB97B6DD9913093579F5C83962636 ] Bridge0         C:\windows\system32\drivers\WDBridge.sys
20:41:46.0857 3088  Bridge0 - ok
20:41:46.0904 3088  [ A0E691DC6589D4D2CBE373171D1A49E5 ] Browser         C:\windows\System32\browser.dll
20:41:46.0920 3088  Browser - ok
20:41:46.0951 3088  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\windows\System32\Drivers\Brserid.sys
20:41:46.0967 3088  Brserid - ok
20:41:46.0982 3088  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys
20:41:46.0982 3088  BrSerWdm - ok
20:41:46.0998 3088  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys
20:41:47.0013 3088  BrUsbMdm - ok
20:41:47.0029 3088  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys
20:41:47.0029 3088  BrUsbSer - ok
20:41:47.0091 3088  [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum         C:\windows\system32\drivers\BthEnum.sys
20:41:47.0107 3088  BthEnum - ok
20:41:47.0123 3088  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\windows\system32\DRIVERS\bthmodem.sys
20:41:47.0138 3088  BTHMODEM - ok
20:41:47.0138 3088  [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan          C:\windows\system32\DRIVERS\bthpan.sys
20:41:47.0154 3088  BthPan - ok
20:41:47.0232 3088  [ 04CEDA17A195924070B01174CB1F9AF8 ] BTHPORT         C:\windows\System32\Drivers\BTHport.sys
20:41:47.0247 3088  BTHPORT - ok
20:41:47.0294 3088  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\windows\system32\bthserv.dll
20:41:47.0310 3088  bthserv - ok
20:41:47.0341 3088  [ 80E6384BEEC03B8BD45EDEA29802D657 ] BTHUSB          C:\windows\System32\Drivers\BTHUSB.sys
20:41:47.0357 3088  BTHUSB - ok
20:41:47.0403 3088  [ D57D29132EFE13A83133D9BD449E0CF1 ] btwaudio        C:\windows\system32\drivers\btwaudio.sys
20:41:47.0419 3088  btwaudio - ok
20:41:47.0435 3088  [ D282C14A69357D0E1BAFAECC2CA98C3A ] btwavdt         C:\windows\system32\DRIVERS\btwavdt.sys
20:41:47.0450 3088  btwavdt - ok
20:41:47.0497 3088  [ F7434401AE320BB97903A3C1865242FB ] btwdins         C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
20:41:47.0513 3088  btwdins - ok
20:41:47.0544 3088  [ AAFD7CB76BA61FBB08E302DA208C974A ] btwl2cap        C:\windows\system32\DRIVERS\btwl2cap.sys
20:41:47.0559 3088  btwl2cap - ok
20:41:47.0575 3088  [ 02EB4D2B05967DF2D32F29C84AB1FB17 ] btwrchid        C:\windows\system32\DRIVERS\btwrchid.sys
20:41:47.0575 3088  btwrchid - ok
20:41:47.0669 3088  [ 2306FF4221D45DFB59EE55425A10D157 ] Cam5607         C:\windows\system32\Drivers\BisonC07.sys
20:41:47.0700 3088  Cam5607 - ok
20:41:47.0731 3088  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
20:41:47.0747 3088  cdfs - ok
20:41:47.0762 3088  [ BA6E70AA0E6091BC39DE29477D866A77 ] cdrom           C:\windows\system32\DRIVERS\cdrom.sys
20:41:47.0778 3088  cdrom - ok
20:41:47.0809 3088  [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] CertPropSvc     C:\windows\System32\certprop.dll
20:41:47.0809 3088  CertPropSvc - ok
20:41:47.0825 3088  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\windows\system32\DRIVERS\circlass.sys
20:41:47.0825 3088  circlass - ok
20:41:47.0856 3088  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\windows\system32\CLFS.sys
20:41:47.0871 3088  CLFS - ok
20:41:47.0934 3088  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:41:47.0949 3088  clr_optimization_v2.0.50727_32 - ok
20:41:48.0012 3088  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:41:48.0012 3088  clr_optimization_v4.0.30319_32 - ok
20:41:48.0043 3088  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\windows\system32\DRIVERS\CmBatt.sys
20:41:48.0043 3088  CmBatt - ok
20:41:48.0059 3088  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\windows\system32\DRIVERS\cmdide.sys
20:41:48.0074 3088  cmdide - ok
20:41:48.0121 3088  [ DB5E008B3744DD60C8498CBBF2A1CFA6 ] CNG             C:\windows\system32\Drivers\cng.sys
20:41:48.0137 3088  CNG - ok
20:41:48.0183 3088  [ 57A9D210B834990E09188DBD1DE7F8C6 ] CnxtHdAudService C:\windows\system32\drivers\CHDRT32.sys
20:41:48.0215 3088  CnxtHdAudService - ok
20:41:48.0246 3088  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\windows\system32\DRIVERS\compbatt.sys
20:41:48.0246 3088  Compbatt - ok
20:41:48.0277 3088  [ F1724BA27E97D627F808FB0BA77A28A6 ] CompositeBus    C:\windows\system32\DRIVERS\CompositeBus.sys
20:41:48.0277 3088  CompositeBus - ok
20:41:48.0293 3088  COMSysApp - ok
20:41:48.0355 3088  [ D01F685F8B4598D144B0CCE9FF95D8D5 ] cpudrv          C:\Program Files\SystemRequirementsLab\cpudrv.sys
20:41:48.0355 3088  cpudrv - ok
20:41:48.0386 3088  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\windows\system32\DRIVERS\crcdisk.sys
20:41:48.0386 3088  crcdisk - ok
20:41:48.0449 3088  [ 520A108A2657F4BCA7FCED9CA7D885DE ] CryptSvc        C:\windows\system32\cryptsvc.dll
20:41:48.0449 3088  CryptSvc - ok
20:41:48.0495 3088  [ B82CD39E336973359D7C9BF911E8E84F ] DcomLaunch      C:\windows\system32\rpcss.dll
20:41:48.0511 3088  DcomLaunch - ok
20:41:48.0542 3088  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\windows\System32\defragsvc.dll
20:41:48.0558 3088  defragsvc - ok
20:41:48.0605 3088  [ 83D1ECEA8FAAE75604C0FA49AC7AD996 ] DfsC            C:\windows\system32\Drivers\dfsc.sys
20:41:48.0620 3088  DfsC - ok
20:41:48.0651 3088  [ C56495FBD770712367CAD35E5DE72DA6 ] Dhcp            C:\windows\system32\dhcpcore.dll
20:41:48.0651 3088  Dhcp - ok
20:41:48.0698 3088  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\windows\system32\drivers\discache.sys
20:41:48.0698 3088  discache - ok
20:41:48.0729 3088  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\windows\system32\DRIVERS\disk.sys
20:41:48.0745 3088  Disk - ok
20:41:48.0776 3088  [ B15BE77A2BACF9C3177D27518AFE26A9 ] Dnscache        C:\windows\System32\dnsrslvr.dll
20:41:48.0776 3088  Dnscache - ok
20:41:48.0807 3088  [ 4408C85C21EEA48EB0CE486BAEEF0502 ] dot3svc         C:\windows\System32\dot3svc.dll
20:41:48.0823 3088  dot3svc - ok
20:41:48.0870 3088  [ B5E479EB83707DD698F66953E922042C ] Dot4            C:\windows\system32\DRIVERS\Dot4.sys
20:41:48.0885 3088  Dot4 - ok
20:41:48.0917 3088  [ C25FEA07A8E7767E8B89AB96A3B96519 ] Dot4Print       C:\windows\system32\DRIVERS\Dot4Prt.sys
20:41:48.0917 3088  Dot4Print - ok
20:41:48.0932 3088  [ CF491FF38D62143203C065260567E2F7 ] dot4usb         C:\windows\system32\DRIVERS\dot4usb.sys
20:41:48.0948 3088  dot4usb - ok
20:41:48.0979 3088  [ 7FA81C6E11CAA594ADB52084DA73A1E5 ] DPS             C:\windows\system32\dps.dll
20:41:48.0979 3088  DPS - ok
20:41:49.0010 3088  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
20:41:49.0010 3088  drmkaud - ok
20:41:49.0073 3088  [ 1679A4669326CB1A67CC95658D273234 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
20:41:49.0104 3088  DXGKrnl - ok
20:41:49.0151 3088  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\windows\System32\eapsvc.dll
20:41:49.0151 3088  EapHost - ok
20:41:49.0260 3088  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\windows\system32\DRIVERS\evbdx.sys
20:41:49.0353 3088  ebdrv - ok
20:41:49.0385 3088  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] EFS             C:\windows\System32\lsass.exe
20:41:49.0385 3088  EFS - ok
20:41:49.0463 3088  [ 1697C39978CD69F6FBC15302EDCECE1F ] ehRecvr         C:\windows\ehome\ehRecvr.exe
20:41:49.0494 3088  ehRecvr - ok
20:41:49.0509 3088  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\windows\ehome\ehsched.exe
20:41:49.0525 3088  ehSched - ok
20:41:49.0572 3088  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\windows\system32\DRIVERS\elxstor.sys
20:41:49.0603 3088  elxstor - ok
20:41:49.0619 3088  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\windows\system32\DRIVERS\errdev.sys
20:41:49.0619 3088  ErrDev - ok
20:41:49.0665 3088  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\windows\system32\es.dll
20:41:49.0665 3088  EventSystem - ok
20:41:49.0681 3088  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\windows\system32\drivers\exfat.sys
20:41:49.0697 3088  exfat - ok
20:41:49.0712 3088  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\windows\system32\drivers\fastfat.sys
20:41:49.0728 3088  fastfat - ok
20:41:49.0759 3088  [ F7EA23CC5E6BF2181F3F399D54F6EFC1 ] Fax             C:\windows\system32\fxssvc.exe
20:41:49.0775 3088  Fax - ok
20:41:49.0806 3088  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\windows\system32\DRIVERS\fdc.sys
20:41:49.0806 3088  fdc - ok
20:41:49.0837 3088  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\windows\system32\fdPHost.dll
20:41:49.0853 3088  fdPHost - ok
20:41:49.0853 3088  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\windows\system32\fdrespub.dll
20:41:49.0868 3088  FDResPub - ok
20:41:49.0884 3088  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
20:41:49.0899 3088  FileInfo - ok
20:41:49.0931 3088  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
20:41:49.0931 3088  Filetrace - ok
20:41:50.0055 3088  [ 993F917889C18E8AE005E8528D8B0068 ] FlexNet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
20:41:50.0087 3088  FlexNet Licensing Service - ok
20:41:50.0118 3088  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\windows\system32\DRIVERS\flpydisk.sys
20:41:50.0133 3088  flpydisk - ok
20:41:50.0149 3088  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
20:41:50.0165 3088  FltMgr - ok
20:41:50.0211 3088  [ 7FE4995528A7529A761875151EE3D512 ] FontCache       C:\windows\system32\FntCache.dll
20:41:50.0243 3088  FontCache - ok
20:41:50.0289 3088  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:41:50.0305 3088  FontCache3.0.0.0 - ok
20:41:50.0336 3088  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
20:41:50.0336 3088  FsDepends - ok
20:41:50.0367 3088  [ 500A9814FD9446A8126858A5A7F7D273 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
20:41:50.0383 3088  Fs_Rec - ok
20:41:50.0445 3088  [ F626F291E3F56E8969E35945552FECA3 ] funfrm          C:\windows\system32\drivers\funfrm.sys
20:41:50.0445 3088  funfrm - ok
20:41:50.0492 3088  [ DAFBD9FE39197495AED6D51F3B85B5D2 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
20:41:50.0523 3088  fvevol - ok
20:41:50.0539 3088  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\windows\system32\DRIVERS\gagp30kx.sys
20:41:50.0555 3088  gagp30kx - ok
20:41:50.0601 3088  [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM     C:\windows\system32\DRIVERS\GEARAspiWDM.sys
20:41:50.0601 3088  GEARAspiWDM - ok
20:41:50.0648 3088  [ 8BA3C04702BF8F927AB36AE8313CA4EE ] gpsvc           C:\windows\System32\gpsvc.dll
20:41:50.0648 3088  gpsvc - ok
20:41:50.0742 3088  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
20:41:50.0742 3088  gupdate - ok
20:41:50.0742 3088  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
20:41:50.0757 3088  gupdatem - ok
20:41:50.0773 3088  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys
20:41:50.0789 3088  hcw85cir - ok
20:41:50.0835 3088  [ 3530CAD25DEBA7DC7DE8BB51632CBC5F ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
20:41:50.0851 3088  HdAudAddService - ok
20:41:50.0867 3088  [ 717A2207FD6F13AD3E664C7D5A43C7BF ] HDAudBus        C:\windows\system32\DRIVERS\HDAudBus.sys
20:41:50.0867 3088  HDAudBus - ok
20:41:50.0882 3088  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\windows\system32\DRIVERS\HidBatt.sys
20:41:50.0882 3088  HidBatt - ok
20:41:50.0898 3088  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\windows\system32\DRIVERS\hidbth.sys
20:41:50.0913 3088  HidBth - ok
20:41:50.0945 3088  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\windows\system32\DRIVERS\hidir.sys
20:41:50.0945 3088  HidIr - ok
20:41:50.0976 3088  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\windows\system32\hidserv.dll
20:41:50.0991 3088  hidserv - ok
20:41:51.0038 3088  [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb          C:\windows\system32\DRIVERS\hidusb.sys
20:41:51.0038 3088  HidUsb - ok
20:41:51.0069 3088  [ 741C2A45CA8407E374AABA3E330B7872 ] hkmsvc          C:\windows\system32\kmsvc.dll
20:41:51.0085 3088  hkmsvc - ok
20:41:51.0101 3088  [ A768CA158BB06782A2835B907F4873C3 ] HomeGroupListener C:\windows\system32\ListSvc.dll
20:41:51.0132 3088  HomeGroupListener - ok
20:41:51.0163 3088  [ FB08DEC5EF43D0C66D83B8E9694E7549 ] HomeGroupProvider C:\windows\system32\provsvc.dll
20:41:51.0163 3088  HomeGroupProvider - ok
20:41:51.0194 3088  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\windows\system32\DRIVERS\HpSAMD.sys
20:41:51.0210 3088  HpSAMD - ok
20:41:51.0241 3088  [ C531C7FD9E8B62021112787C4E2C5A5A ] HTTP            C:\windows\system32\drivers\HTTP.sys
20:41:51.0272 3088  HTTP - ok
20:41:51.0288 3088  [ 8305F33CDE89AD6C7A0763ED0B5A8D42 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
20:41:51.0288 3088  hwpolicy - ok
20:41:51.0319 3088  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\windows\system32\DRIVERS\i8042prt.sys
20:41:51.0335 3088  i8042prt - ok
20:41:51.0381 3088  [ 0E899D0DB39617AA0B2F992E7E95B5EB ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
20:41:51.0381 3088  IAANTMON - ok
20:41:51.0428 3088  [ 01446278D4563B3013C92830AE6CBB26 ] iaStor          C:\windows\system32\DRIVERS\iaStor.sys
20:41:51.0428 3088  iaStor - ok
20:41:51.0475 3088  [ 71F1A494FEDF4B33C02C4A6A28D6D9E9 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
20:41:51.0491 3088  iaStorV - ok
20:41:51.0584 3088  [ 6F95324909B502E2651442C1548AB12F ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
20:41:51.0600 3088  IDriverT - ok
20:41:51.0662 3088  [ 5AF815EB5BC9802E5A064E2BA62BFC0C ] idsvc           C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:41:51.0709 3088  idsvc - ok
20:41:51.0896 3088  [ 878E2BC48D3EA7140B75FBAB65CA1E01 ] igfx            C:\windows\system32\DRIVERS\igdkmd32.sys
20:41:52.0115 3088  igfx - ok
20:41:52.0177 3088  [ D951D20153E51928F9DB2227D6FF5C7A ] IGRS            C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
20:41:52.0177 3088  IGRS - ok
20:41:52.0224 3088  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\windows\system32\DRIVERS\iirsp.sys
20:41:52.0224 3088  iirsp - ok
20:41:52.0286 3088  [ FAC0EE6562B121B1399D6E855583F7A5 ] IKEEXT          C:\windows\System32\ikeext.dll
20:41:52.0317 3088  IKEEXT - ok
20:41:52.0349 3088  [ 264632ADE8127B7BAA2190CF6FAD435B ] IntcHdmiAddService C:\windows\system32\drivers\IntcHdmi.sys
20:41:52.0364 3088  IntcHdmiAddService - ok
20:41:52.0380 3088  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\windows\system32\DRIVERS\intelide.sys
20:41:52.0395 3088  intelide - ok
20:41:52.0427 3088  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys
20:41:52.0427 3088  intelppm - ok
20:41:52.0458 3088  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\windows\system32\ipbusenum.dll
20:41:52.0473 3088  IPBusEnum - ok
20:41:52.0489 3088  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
20:41:52.0505 3088  IpFilterDriver - ok
20:41:52.0520 3088  [ E4454B6C37D7FFD5649611F6496308A7 ] IPMIDRV         C:\windows\system32\DRIVERS\IPMIDrv.sys
20:41:52.0520 3088  IPMIDRV - ok
20:41:52.0536 3088  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\windows\system32\drivers\ipnat.sys
20:41:52.0536 3088  IPNAT - ok
20:41:52.0598 3088  [ 32CDEDD15E2D1A557CD54552AE78FF86 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
20:41:52.0614 3088  iPod Service - ok
20:41:52.0629 3088  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\windows\system32\drivers\irenum.sys
20:41:52.0645 3088  IRENUM - ok
20:41:52.0676 3088  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\windows\system32\DRIVERS\isapnp.sys
20:41:52.0676 3088  isapnp - ok
20:41:52.0707 3088  [ ED46C223AE46C6866AB77CDC41C404B7 ] iScsiPrt        C:\windows\system32\DRIVERS\msiscsi.sys
20:41:52.0723 3088  iScsiPrt - ok
20:41:52.0754 3088  [ 62632763D9B2B7F92D2968D40406E7AA ] k57nd60x        C:\windows\system32\DRIVERS\k57nd60x.sys
20:41:52.0770 3088  k57nd60x - ok
20:41:52.0801 3088  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\windows\system32\DRIVERS\kbdclass.sys
20:41:52.0817 3088  kbdclass - ok
20:41:52.0848 3088  [ 3D9F0EBF350EDCFD6498057301455964 ] kbdhid          C:\windows\system32\DRIVERS\kbdhid.sys
20:41:52.0848 3088  kbdhid - ok
20:41:52.0879 3088  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] KeyIso          C:\windows\system32\lsass.exe
20:41:52.0879 3088  KeyIso - ok
20:41:52.0910 3088  [ 52FC17C8589F11747D01D3CF592673D0 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
20:41:52.0926 3088  KSecDD - ok
20:41:52.0973 3088  [ 3E5474B03568CFAB834DA3C38E8C9EFA ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
20:41:52.0988 3088  KSecPkg - ok
20:41:53.0035 3088  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\windows\system32\msdtckrm.dll
20:41:53.0051 3088  KtmRm - ok
20:41:53.0113 3088  [ 8F6BF790D3168224C16F2AF68A84438C ] LanmanServer    C:\windows\system32\srvsvc.dll
20:41:53.0113 3088  LanmanServer - ok
20:41:53.0144 3088  [ B9891F885DCF1F0513A51CB58493CB1F ] LanmanWorkstation C:\windows\System32\wkssvc.dll
20:41:53.0144 3088  LanmanWorkstation - ok
20:41:53.0191 3088  [ 4F83C51720243D6016E6ECD0F2E1B274 ] Lenovo ReadyComm AppSvc C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
20:41:53.0222 3088  Lenovo ReadyComm AppSvc - ok
20:41:53.0238 3088  [ 56688EE2C359BB14479B89A50358FAA2 ] Lenovo ReadyComm ConnSvc C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
20:41:53.0269 3088  Lenovo ReadyComm ConnSvc - ok
20:41:53.0316 3088  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
20:41:53.0331 3088  lltdio - ok
20:41:53.0378 3088  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\windows\System32\lltdsvc.dll
20:41:53.0394 3088  lltdsvc - ok
20:41:53.0409 3088  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\windows\System32\lmhsvc.dll
20:41:53.0409 3088  lmhosts - ok
20:41:53.0441 3088  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\windows\system32\DRIVERS\lsi_fc.sys
20:41:53.0456 3088  LSI_FC - ok
20:41:53.0456 3088  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\windows\system32\DRIVERS\lsi_sas.sys
20:41:53.0472 3088  LSI_SAS - ok
20:41:53.0487 3088  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\windows\system32\DRIVERS\lsi_sas2.sys
20:41:53.0503 3088  LSI_SAS2 - ok
20:41:53.0519 3088  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\windows\system32\DRIVERS\lsi_scsi.sys
20:41:53.0519 3088  LSI_SCSI - ok
20:41:53.0565 3088  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\windows\system32\drivers\luafv.sys
20:41:53.0565 3088  luafv - ok
20:41:53.0597 3088  [ E2B0887816ED336685954E3D8FDAA51D ] Mcx2Svc         C:\windows\system32\Mcx2Svc.dll
20:41:53.0612 3088  Mcx2Svc - ok
20:41:53.0628 3088  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\windows\system32\DRIVERS\megasas.sys
20:41:53.0643 3088  megasas - ok
20:41:53.0659 3088  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\windows\system32\DRIVERS\MegaSR.sys
20:41:53.0675 3088  MegaSR - ok
20:41:53.0706 3088  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\windows\system32\mmcss.dll
20:41:53.0706 3088  MMCSS - ok
20:41:53.0737 3088  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\windows\system32\drivers\modem.sys
20:41:53.0737 3088  Modem - ok
20:41:53.0784 3088  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\windows\system32\DRIVERS\monitor.sys
20:41:53.0784 3088  monitor - ok
20:41:53.0815 3088  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys
20:41:53.0815 3088  mouclass - ok
20:41:53.0831 3088  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys
20:41:53.0846 3088  mouhid - ok
20:41:53.0846 3088  [ 921C18727C5920D6C0300736646931C2 ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
20:41:53.0862 3088  mountmgr - ok
20:41:53.0940 3088  [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:41:53.0955 3088  MozillaMaintenance - ok
20:41:53.0987 3088  [ 2AF5997438C55FB79D33D015C30E1974 ] mpio            C:\windows\system32\DRIVERS\mpio.sys
20:41:54.0002 3088  mpio - ok
20:41:54.0018 3088  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
20:41:54.0033 3088  mpsdrv - ok
20:41:54.0033 3088  [ B1BE47008D20E43DA3ADC37C24CDB89D ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
20:41:54.0049 3088  MRxDAV - ok
20:41:54.0080 3088  [ CA7570E42522E24324A12161DB14EC02 ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
20:41:54.0096 3088  mrxsmb - ok
20:41:54.0127 3088  [ F965C3AB2B2AE5C378F4562486E35051 ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
20:41:54.0143 3088  mrxsmb10 - ok
20:41:54.0143 3088  [ 25C38264A3C72594DD21D355D70D7A5D ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
20:41:54.0158 3088  mrxsmb20 - ok
20:41:54.0174 3088  [ 4326D168944123F38DD3B2D9C37A0B12 ] msahci          C:\windows\system32\DRIVERS\msahci.sys
20:41:54.0174 3088  msahci - ok
20:41:54.0205 3088  [ 455029C7174A2DBB03DBA8A0D8BDDD9A ] msdsm           C:\windows\system32\DRIVERS\msdsm.sys
20:41:54.0221 3088  msdsm - ok
20:41:54.0236 3088  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\windows\System32\msdtc.exe
20:41:54.0252 3088  MSDTC - ok
20:41:54.0267 3088  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\windows\system32\drivers\Msfs.sys
20:41:54.0283 3088  Msfs - ok
20:41:54.0314 3088  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
20:41:54.0314 3088  mshidkmdf - ok
20:41:54.0330 3088  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\windows\system32\DRIVERS\msisadrv.sys
20:41:54.0330 3088  msisadrv - ok
20:41:54.0377 3088  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\windows\system32\iscsiexe.dll
20:41:54.0392 3088  MSiSCSI - ok
20:41:54.0392 3088  msiserver - ok
20:41:54.0423 3088  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
20:41:54.0439 3088  MSKSSRV - ok
20:41:54.0470 3088  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
20:41:54.0470 3088  MSPCLOCK - ok
20:41:54.0486 3088  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
20:41:54.0486 3088  MSPQM - ok
20:41:54.0517 3088  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
20:41:54.0533 3088  MsRPC - ok
20:41:54.0548 3088  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\windows\system32\DRIVERS\mssmbios.sys
20:41:54.0548 3088  mssmbios - ok
20:41:54.0564 3088  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
20:41:54.0564 3088  MSTEE - ok
20:41:54.0579 3088  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\windows\system32\DRIVERS\MTConfig.sys
20:41:54.0579 3088  MTConfig - ok
20:41:54.0595 3088  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\windows\system32\Drivers\mup.sys
20:41:54.0595 3088  Mup - ok
20:41:54.0642 3088  [ 80284F1985C70C86F0B5F86DA2DFE1DF ] napagent        C:\windows\system32\qagentRT.dll
20:41:54.0673 3088  napagent - ok
20:41:54.0704 3088  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
20:41:54.0720 3088  NativeWifiP - ok
20:41:54.0751 3088  [ 23759D175A0A9BAAF04D05047BC135A8 ] NDIS            C:\windows\system32\drivers\ndis.sys
20:41:54.0782 3088  NDIS - ok
20:41:54.0798 3088  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
20:41:54.0813 3088  NdisCap - ok
20:41:54.0845 3088  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
20:41:54.0845 3088  NdisTapi - ok
20:41:54.0860 3088  [ B30AE7F2B6D7E343B0DF32E6C08FCE75 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
20:41:54.0876 3088  Ndisuio - ok
20:41:54.0891 3088  [ 267C415EADCBE53C9CA873DEE39CF3A4 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
20:41:54.0907 3088  NdisWan - ok
20:41:54.0923 3088  [ AF7E7C63DCEF3F8772726F86039D6EB4 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
20:41:54.0923 3088  NDProxy - ok
20:41:54.0938 3088  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
20:41:54.0938 3088  NetBIOS - ok
20:41:54.0954 3088  [ DD52A733BF4CA5AF84562A5E2F963B91 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
20:41:54.0969 3088  NetBT - ok
20:41:55.0001 3088  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] Netlogon        C:\windows\system32\lsass.exe
20:41:55.0001 3088  Netlogon - ok
20:41:55.0047 3088  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\windows\System32\netman.dll
20:41:55.0047 3088  Netman - ok
20:41:55.0079 3088  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:41:55.0094 3088  NetMsmqActivator - ok
20:41:55.0125 3088  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:41:55.0125 3088  NetPipeActivator - ok
20:41:55.0157 3088  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\windows\System32\netprofm.dll
20:41:55.0157 3088  netprofm - ok
20:41:55.0172 3088  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:41:55.0172 3088  NetTcpActivator - ok
20:41:55.0172 3088  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:41:55.0172 3088  NetTcpPortSharing - ok
20:41:55.0313 3088  [ 58218EC6B61B1169CF54AAB0D00F5FE2 ] netw5v32        C:\windows\system32\DRIVERS\netw5v32.sys
20:41:55.0453 3088  netw5v32 - ok
20:41:55.0500 3088  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\windows\system32\DRIVERS\nfrd960.sys
20:41:55.0515 3088  nfrd960 - ok
20:41:55.0547 3088  [ 2226496E34BD40734946A054B1CD657F ] NlaSvc          C:\windows\System32\nlasvc.dll
20:41:55.0547 3088  NlaSvc - ok
20:41:55.0578 3088  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\windows\system32\drivers\Npfs.sys
20:41:55.0578 3088  Npfs - ok
20:41:55.0593 3088  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\windows\system32\nsisvc.dll
20:41:55.0609 3088  nsi - ok
20:41:55.0625 3088  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
20:41:55.0625 3088  nsiproxy - ok
20:41:55.0687 3088  [ 187002CE05693C306F43C873F821381F ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
20:41:55.0718 3088  Ntfs - ok
20:41:55.0749 3088  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\windows\system32\drivers\Null.sys
20:41:55.0749 3088  Null - ok
20:41:55.0796 3088  [ F1B0BED906F97E16F6D0C3629D2F21C6 ] nvraid          C:\windows\system32\drivers\nvraid.sys
20:41:55.0796 3088  nvraid - ok
20:41:55.0827 3088  [ 4520B63899E867F354EE012D34E11536 ] nvstor          C:\windows\system32\drivers\nvstor.sys
20:41:55.0827 3088  nvstor - ok
20:41:55.0859 3088  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\windows\system32\DRIVERS\nv_agp.sys
20:41:55.0874 3088  nv_agp - ok
20:41:55.0968 3088  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:41:55.0999 3088  odserv - ok
20:41:56.0015 3088  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\windows\system32\DRIVERS\ohci1394.sys
20:41:56.0030 3088  ohci1394 - ok
20:41:56.0139 3088  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:41:56.0155 3088  ose - ok
20:41:56.0186 3088  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
20:41:56.0217 3088  p2pimsvc - ok
20:41:56.0249 3088  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\windows\system32\p2psvc.dll
20:41:56.0264 3088  p2psvc - ok
20:41:56.0311 3088  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\windows\system32\DRIVERS\parport.sys
20:41:56.0311 3088  Parport - ok
20:41:56.0373 3088  [ 66D3415C159741ADE7038A277EFFF99F ] partmgr         C:\windows\system32\drivers\partmgr.sys
20:41:56.0373 3088  partmgr - ok
20:41:56.0405 3088  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\windows\system32\DRIVERS\parvdm.sys
20:41:56.0405 3088  Parvdm - ok
20:41:56.0436 3088  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\windows\System32\pcasvc.dll
20:41:56.0436 3088  PcaSvc - ok
20:41:56.0451 3088  [ C858CB77C577780ECC456A892E7E7D0F ] pci             C:\windows\system32\DRIVERS\pci.sys
20:41:56.0467 3088  pci - ok
20:41:56.0498 3088  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\windows\system32\DRIVERS\pciide.sys
20:41:56.0498 3088  pciide - ok
20:41:56.0514 3088  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\windows\system32\DRIVERS\pcmcia.sys
20:41:56.0529 3088  pcmcia - ok
20:41:56.0545 3088  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\windows\system32\drivers\pcw.sys
20:41:56.0561 3088  pcw - ok
20:41:56.0592 3088  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\windows\system32\drivers\peauth.sys
20:41:56.0623 3088  PEAUTH - ok
20:41:56.0748 3088  [ 9C1BFF7910C89A1D12E57343475840CB ] pla             C:\windows\system32\pla.dll
20:41:56.0795 3088  pla - ok
20:41:56.0841 3088  [ 71DEF5EC79774C798342D0EA16E41780 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
20:41:56.0857 3088  PlugPlay - ok
20:41:56.0873 3088  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
20:41:56.0888 3088  PNRPAutoReg - ok
20:41:56.0904 3088  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
20:41:56.0904 3088  PNRPsvc - ok
20:41:56.0951 3088  [ 48E1B75C6DC0232FD92BAAE4BD344721 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
20:41:56.0982 3088  PolicyAgent - ok
20:41:57.0029 3088  [ DBFF83F709A91049621C1D35DD45C92C ] Power           C:\windows\system32\umpo.dll
20:41:57.0029 3088  Power - ok
20:41:57.0060 3088  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
20:41:57.0075 3088  PptpMiniport - ok
20:41:57.0091 3088  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\windows\system32\DRIVERS\processr.sys
20:41:57.0107 3088  Processor - ok
20:41:57.0153 3088  [ AEA3BDBDBA667AA6F678CB38907E4F5E ] ProfSvc         C:\windows\system32\profsvc.dll
20:41:57.0185 3088  ProfSvc - ok
20:41:57.0200 3088  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] ProtectedStorage C:\windows\system32\lsass.exe
20:41:57.0200 3088  ProtectedStorage - ok
20:41:57.0231 3088  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\windows\system32\DRIVERS\pacer.sys
20:41:57.0247 3088  Psched - ok
20:41:57.0247 3088  PS_MDP - ok
20:41:57.0325 3088  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\windows\system32\DRIVERS\ql2300.sys
20:41:57.0372 3088  ql2300 - ok
20:41:57.0403 3088  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\windows\system32\DRIVERS\ql40xx.sys
20:41:57.0403 3088  ql40xx - ok
20:41:57.0434 3088  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\windows\system32\qwave.dll
20:41:57.0465 3088  QWAVE - ok
20:41:57.0481 3088  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
20:41:57.0481 3088  QWAVEdrv - ok
20:41:57.0512 3088  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
20:41:57.0528 3088  RasAcd - ok
20:41:57.0575 3088  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
20:41:57.0590 3088  RasAgileVpn - ok
20:41:57.0621 3088  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\windows\System32\rasauto.dll
20:41:57.0637 3088  RasAuto - ok
20:41:57.0653 3088  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
20:41:57.0668 3088  Rasl2tp - ok
20:41:57.0699 3088  [ 0CE66EC736B7FC526D78F7624C7D2A94 ] RasMan          C:\windows\System32\rasmans.dll
20:41:57.0731 3088  RasMan - ok
20:41:57.0746 3088  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
20:41:57.0762 3088  RasPppoe - ok
20:41:57.0762 3088  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
20:41:57.0777 3088  RasSstp - ok
20:41:57.0793 3088  [ 835D7E81BF517A3B72384BDCC85E1CE6 ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
20:41:57.0824 3088  rdbss - ok
20:41:57.0840 3088  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\windows\system32\DRIVERS\rdpbus.sys
20:41:57.0855 3088  rdpbus - ok
20:41:57.0887 3088  [ 1E016846895B15A99F9A176A05029075 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
20:41:57.0887 3088  RDPCDD - ok
20:41:57.0902 3088  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys
20:41:57.0918 3088  RDPENCDD - ok
20:41:57.0933 3088  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys
20:41:57.0949 3088  RDPREFMP - ok
20:41:57.0996 3088  [ C5B8D47A4688DE9D335204EA757C2240 ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
20:41:58.0011 3088  RDPWD - ok
20:41:58.0074 3088  [ 4EA225BF1CF05E158853F30A99CA29A7 ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
20:41:58.0089 3088  rdyboost - ok
20:41:58.0105 3088  ReadyComm.DirectRouter - ok
20:41:58.0136 3088  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\windows\System32\mprdim.dll
20:41:58.0152 3088  RemoteAccess - ok
20:41:58.0183 3088  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\windows\system32\regsvc.dll
20:41:58.0199 3088  RemoteRegistry - ok
20:41:58.0230 3088  [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM          C:\windows\system32\DRIVERS\rfcomm.sys
20:41:58.0245 3088  RFCOMM - ok
20:41:58.0277 3088  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
20:41:58.0277 3088  RpcEptMapper - ok
20:41:58.0292 3088  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\windows\system32\locator.exe
20:41:58.0308 3088  RpcLocator - ok
20:41:58.0323 3088  [ B82CD39E336973359D7C9BF911E8E84F ] RpcSs           C:\windows\system32\rpcss.dll
20:41:58.0339 3088  RpcSs - ok
20:41:58.0370 3088  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
20:41:58.0370 3088  rspndr - ok
20:41:58.0433 3088  [ 434DCF7AE4300C876AA40873E3113983 ] RSUSBSTOR       C:\windows\system32\Drivers\RtsUStor.sys
20:41:58.0448 3088  RSUSBSTOR - ok
20:41:58.0464 3088  RtsUIR - ok
20:41:58.0479 3088  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] SamSs           C:\windows\system32\lsass.exe
20:41:58.0479 3088  SamSs - ok
20:41:58.0511 3088  [ 34EE0C44B724E3E4CE2EFF29126DE5B5 ] sbp2port        C:\windows\system32\DRIVERS\sbp2port.sys
20:41:58.0526 3088  sbp2port - ok
20:41:58.0557 3088  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\windows\System32\SCardSvr.dll
20:41:58.0573 3088  SCardSvr - ok
20:41:58.0589 3088  [ A95C54B2AC3CC9C73FCDF9E51A1D6B51 ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
20:41:58.0604 3088  scfilter - ok
20:41:58.0635 3088  [ DF1E5C82E4D09CF8105CC644980C4803 ] Schedule        C:\windows\system32\schedsvc.dll
20:41:58.0667 3088  Schedule - ok
20:41:58.0682 3088  [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] SCPolicySvc     C:\windows\System32\certprop.dll
20:41:58.0682 3088  SCPolicySvc - ok
20:41:58.0713 3088  [ 5FD90ABDBFAEE85986802622CBB03446 ] SDRSVC          C:\windows\System32\SDRSVC.dll
20:41:58.0729 3088  SDRSVC - ok
20:41:58.0760 3088  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\windows\system32\drivers\secdrv.sys
20:41:58.0760 3088  secdrv - ok
20:41:58.0776 3088  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\windows\system32\seclogon.dll
20:41:58.0791 3088  seclogon - ok
20:41:58.0823 3088  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\windows\System32\sens.dll
20:41:58.0823 3088  SENS - ok
20:41:58.0854 3088  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\windows\system32\sensrsvc.dll
20:41:58.0854 3088  SensrSvc - ok
20:41:58.0869 3088  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\windows\system32\DRIVERS\serenum.sys
20:41:58.0869 3088  Serenum - ok
20:41:58.0901 3088  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\windows\system32\DRIVERS\serial.sys
20:41:58.0901 3088  Serial - ok
20:41:58.0932 3088  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\windows\system32\DRIVERS\sermouse.sys
20:41:58.0947 3088  sermouse - ok
20:41:58.0994 3088  [ 8F55CE568C543D5ADF45C409D16718FC ] SessionEnv      C:\windows\system32\sessenv.dll
20:41:59.0010 3088  SessionEnv - ok
20:41:59.0025 3088  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\windows\system32\DRIVERS\sffdisk.sys
20:41:59.0041 3088  sffdisk - ok
20:41:59.0041 3088  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\windows\system32\DRIVERS\sffp_mmc.sys
20:41:59.0057 3088  sffp_mmc - ok
20:41:59.0072 3088  [ 4F1E5B0FE7C8050668DBFADE8999AEFB ] sffp_sd         C:\windows\system32\DRIVERS\sffp_sd.sys
20:41:59.0072 3088  sffp_sd - ok
20:41:59.0088 3088  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\windows\system32\DRIVERS\sfloppy.sys
20:41:59.0088 3088  sfloppy - ok
20:41:59.0119 3088  [ CD2E48FA5B29EE2B3B5858056D246EF2 ] ShellHWDetection C:\windows\System32\shsvcs.dll
20:41:59.0119 3088  ShellHWDetection - ok
20:41:59.0150 3088  [ 69AEA608B76CA73F212E8E17D021A7E9 ] Shockprf        C:\windows\system32\DRIVERS\Apsx86.sys
20:41:59.0166 3088  Shockprf - ok
20:41:59.0181 3088  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\windows\system32\DRIVERS\sisagp.sys
20:41:59.0197 3088  sisagp - ok
20:41:59.0228 3088  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\windows\system32\DRIVERS\SiSRaid2.sys
20:41:59.0244 3088  SiSRaid2 - ok
20:41:59.0275 3088  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\windows\system32\DRIVERS\sisraid4.sys
20:41:59.0275 3088  SiSRaid4 - ok
20:41:59.0337 3088  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
20:41:59.0415 3088  SkypeUpdate - ok
20:41:59.0447 3088  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\windows\system32\DRIVERS\smb.sys
20:41:59.0447 3088  Smb - ok
20:41:59.0493 3088  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
20:41:59.0509 3088  SNMPTRAP - ok
20:41:59.0540 3088  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\windows\system32\drivers\spldr.sys
20:41:59.0540 3088  spldr - ok
20:41:59.0603 3088  [ E17323B0AA9FB3FF9945731D736EDA2F ] Spooler         C:\windows\System32\spoolsv.exe
20:41:59.0603 3088  Spooler - ok
20:41:59.0696 3088  [ 4C287F9069FEDBD791178876EE9DE536 ] sppsvc          C:\windows\system32\sppsvc.exe
20:41:59.0774 3088  sppsvc - ok
20:41:59.0790 3088  [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7 ] sppuinotify     C:\windows\system32\sppuinotify.dll
20:41:59.0805 3088  sppuinotify - ok
20:41:59.0837 3088  [ C4A027B8C0BD3FC0699F41FA5E9E0C87 ] srv             C:\windows\system32\DRIVERS\srv.sys
20:41:59.0852 3088  srv - ok
20:41:59.0868 3088  [ 414BB592CAD8A79649D01F9D94318FB3 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
20:41:59.0883 3088  srv2 - ok
20:41:59.0899 3088  [ FF207D67700AA18242AAF985D3E7D8F4 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
20:41:59.0915 3088  srvnet - ok
20:41:59.0946 3088  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
20:41:59.0946 3088  SSDPSRV - ok
20:42:00.0039 3088  [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv          C:\windows\system32\DRIVERS\ssmdrv.sys
20:42:00.0055 3088  ssmdrv - ok
20:42:00.0133 3088  [ EF3458337D7341A05169CEFC73709264 ] SSPORT          C:\windows\system32\Drivers\SSPORT.sys
20:42:00.0133 3088  SSPORT - ok
20:42:00.0164 3088  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\windows\system32\sstpsvc.dll
20:42:00.0180 3088  SstpSvc - ok
20:42:00.0211 3088  Steam Client Service - ok
20:42:00.0258 3088  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\windows\system32\DRIVERS\stexstor.sys
20:42:00.0273 3088  stexstor - ok
20:42:00.0305 3088  [ A22825E7BB7018E8AF3E229A5AF17221 ] StiSvc          C:\windows\System32\wiaservc.dll
20:42:00.0320 3088  StiSvc - ok
20:42:00.0336 3088  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\windows\system32\DRIVERS\swenum.sys
20:42:00.0336 3088  swenum - ok
20:42:00.0383 3088  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\windows\System32\swprv.dll
20:42:00.0398 3088  swprv - ok
20:42:00.0445 3088  [ C93AA00FB1386CC00D0A66BA41847421 ] SynTP           C:\windows\system32\DRIVERS\SynTP.sys
20:42:00.0461 3088  SynTP - ok
20:42:00.0492 3088  [ 04105C8DA62353589C29BDAEB8D88BD8 ] SysMain         C:\windows\system32\sysmain.dll
20:42:00.0507 3088  SysMain - ok
20:42:00.0539 3088  [ FCFB6C552FBC0DA299799CBD50AD9FD4 ] TabletInputService C:\windows\System32\TabSvc.dll
20:42:00.0554 3088  TabletInputService - ok
20:42:00.0570 3088  [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF ] TapiSrv         C:\windows\System32\tapisrv.dll
20:42:00.0601 3088  TapiSrv - ok
20:42:00.0617 3088  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\windows\System32\tbssvc.dll
20:42:00.0632 3088  TBS - ok
20:42:00.0710 3088  [ 55E9965552741F3850CB22CBBA9671ED ] Tcpip           C:\windows\system32\drivers\tcpip.sys
20:42:00.0757 3088  Tcpip - ok
20:42:00.0804 3088  [ 55E9965552741F3850CB22CBBA9671ED ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
20:42:00.0804 3088  TCPIP6 - ok
20:42:00.0835 3088  [ E64444523ADD154F86567C469BC0B17F ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
20:42:00.0851 3088  tcpipreg - ok
20:42:00.0882 3088  [ 1875C1490D99E70E449E3AFAE9FCBADF ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys
20:42:00.0897 3088  TDPIPE - ok
20:42:00.0929 3088  [ 7156308896D34EA75A582F9A09E50C17 ] TDTCP           C:\windows\system32\drivers\tdtcp.sys
20:42:00.0929 3088  TDTCP - ok
20:42:00.0944 3088  [ CB39E896A2A83702D1737BFD402B3542 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
20:42:00.0944 3088  tdx - ok
20:42:00.0960 3088  [ C36F41EE20E6999DBF4B0425963268A5 ] TermDD          C:\windows\system32\DRIVERS\termdd.sys
20:42:00.0975 3088  TermDD - ok
20:42:01.0007 3088  [ A01E50A04D7B1960B33E92B9080E6A94 ] TermService     C:\windows\System32\termsrv.dll
20:42:01.0038 3088  TermService - ok
20:42:01.0053 3088  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\windows\system32\themeservice.dll
20:42:01.0053 3088  Themes - ok
20:42:01.0085 3088  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\windows\system32\mmcss.dll
20:42:01.0085 3088  THREADORDER - ok
20:42:01.0100 3088  [ 5ABC361EE13977D13948602AB17B8C0C ] TPDIGIMN        C:\windows\system32\DRIVERS\ApsHM86.sys
20:42:01.0100 3088  TPDIGIMN - ok
20:42:01.0131 3088  [ C4D817A26D5BCCDA3AC0D18E44A8FF56 ] TPHDEXLGSVC     C:\windows\system32\TPHDEXLG.exe
20:42:01.0131 3088  TPHDEXLGSVC - ok
20:42:01.0163 3088  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\windows\System32\trkwks.dll
20:42:01.0163 3088  TrkWks - ok
20:42:01.0225 3088  [ 41A4C781D2286208D397D72099304133 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
20:42:01.0225 3088  TrustedInstaller - ok
20:42:01.0241 3088  [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242 ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys
20:42:01.0256 3088  tssecsrv - ok
20:42:01.0287 3088  [ 3E461D890A97F9D4C168F5FDA36E1D00 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
20:42:01.0303 3088  tunnel - ok
20:42:01.0334 3088  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\windows\system32\DRIVERS\uagp35.sys
20:42:01.0334 3088  uagp35 - ok
20:42:01.0365 3088  [ 09CC3E16F8E5EE7168E01CF8FCBE061A ] udfs            C:\windows\system32\DRIVERS\udfs.sys
20:42:01.0381 3088  udfs - ok
20:42:01.0412 3088  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\windows\system32\UI0Detect.exe
20:42:01.0428 3088  UI0Detect - ok
20:42:01.0459 3088  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\windows\system32\DRIVERS\uliagpkx.sys
20:42:01.0475 3088  uliagpkx - ok
20:42:01.0475 3088  [ 049B3A50B3D646BAEEEE9EEC9B0668DC ] umbus           C:\windows\system32\DRIVERS\umbus.sys
20:42:01.0490 3088  umbus - ok
20:42:01.0506 3088  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\windows\system32\DRIVERS\umpass.sys
20:42:01.0506 3088  UmPass - ok
20:42:01.0537 3088  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\windows\System32\upnphost.dll
20:42:01.0537 3088  upnphost - ok
20:42:01.0584 3088  [ 4B8A9C16B6D9258ED99C512AECB8C555 ] USBAAPL         C:\windows\system32\Drivers\usbaapl.sys
20:42:01.0584 3088  USBAAPL - ok
20:42:01.0631 3088  [ 2436A42AAB4AD48A9B714E5B0F344627 ] usbaudio        C:\windows\system32\drivers\usbaudio.sys
20:42:01.0646 3088  usbaudio - ok
20:42:01.0677 3088  [ C31AE588E403042632DC796CF09E30B0 ] usbccgp         C:\windows\system32\DRIVERS\usbccgp.sys
20:42:01.0693 3088  usbccgp - ok
20:42:01.0693 3088  USBCCID - ok
20:42:01.0771 3088  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\windows\system32\DRIVERS\usbcir.sys
20:42:01.0787 3088  usbcir - ok
20:42:01.0818 3088  [ E4C436D914768CE965D5E659BA7EEBD8 ] usbehci         C:\windows\system32\DRIVERS\usbehci.sys
20:42:01.0818 3088  usbehci - ok
20:42:01.0849 3088  [ BDCD7156EC37448F08633FD899823620 ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys
20:42:01.0880 3088  usbhub - ok
20:42:01.0896 3088  [ EB2D819A639015253C871CDA09D91D58 ] usbohci         C:\windows\system32\drivers\usbohci.sys
20:42:01.0896 3088  usbohci - ok
20:42:01.0974 3088  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\windows\system32\DRIVERS\usbprint.sys
20:42:01.0974 3088  usbprint - ok
20:42:02.0036 3088  [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan         C:\windows\system32\DRIVERS\usbscan.sys
20:42:02.0052 3088  usbscan - ok
20:42:02.0083 3088  [ 1C4287739A93594E57E2A9E6A3ED7353 ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS
20:42:02.0099 3088  USBSTOR - ok
20:42:02.0114 3088  [ 22480BF4E5A09192E5E30BA4DDE79FA4 ] usbuhci         C:\windows\system32\DRIVERS\usbuhci.sys
20:42:02.0114 3088  usbuhci - ok
20:42:02.0161 3088  [ B5F6A992D996282B7FAE7048E50AF83A ] usbvideo        C:\windows\System32\Drivers\usbvideo.sys
20:42:02.0177 3088  usbvideo - ok
20:42:02.0208 3088  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\windows\System32\uxsms.dll
20:42:02.0223 3088  UxSms - ok
20:42:02.0223 3088  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] VaultSvc        C:\windows\system32\lsass.exe
20:42:02.0223 3088  VaultSvc - ok
20:42:02.0270 3088  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\windows\system32\DRIVERS\vdrvroot.sys
20:42:02.0270 3088  vdrvroot - ok
20:42:02.0301 3088  [ 8C4E7C49D3641BC9E299E466A7F8867D ] vds             C:\windows\System32\vds.exe
20:42:02.0333 3088  vds - ok
20:42:02.0364 3088  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\windows\system32\DRIVERS\vgapnp.sys
20:42:02.0364 3088  vga - ok
20:42:02.0379 3088  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\windows\System32\drivers\vga.sys
20:42:02.0379 3088  VgaSave - ok
20:42:02.0411 3088  [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583 ] vhdmp           C:\windows\system32\DRIVERS\vhdmp.sys
20:42:02.0426 3088  vhdmp - ok
20:42:02.0457 3088  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\windows\system32\DRIVERS\viaagp.sys
20:42:02.0473 3088  viaagp - ok
20:42:02.0504 3088  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\windows\system32\DRIVERS\viac7.sys
20:42:02.0504 3088  ViaC7 - ok
20:42:02.0520 3088  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\windows\system32\DRIVERS\viaide.sys
20:42:02.0520 3088  viaide - ok
20:42:02.0551 3088  [ 384E5A2AA49934295171E499F86BA6F3 ] volmgr          C:\windows\system32\DRIVERS\volmgr.sys
20:42:02.0551 3088  volmgr - ok
20:42:02.0567 3088  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
20:42:02.0582 3088  volmgrx - ok
20:42:02.0598 3088  [ 58DF9D2481A56EDDE167E51B334D44FD ] volsnap         C:\windows\system32\DRIVERS\volsnap.sys
20:42:02.0613 3088  volsnap - ok
20:42:02.0629 3088  vpnva - ok
20:42:02.0660 3088  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\windows\system32\DRIVERS\vsmraid.sys
20:42:02.0676 3088  vsmraid - ok
20:42:02.0723 3088  [ 7EA2BCD94D9CFAF4C556F5CC94532A6C ] VSS             C:\windows\system32\vssvc.exe
20:42:02.0738 3088  VSS - ok
20:42:02.0754 3088  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\windows\system32\DRIVERS\vwifibus.sys
20:42:02.0769 3088  vwifibus - ok
20:42:02.0769 3088  [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
20:42:02.0785 3088  vwififlt - ok
20:42:02.0816 3088  [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys
20:42:02.0816 3088  vwifimp - ok
20:42:02.0847 3088  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\windows\system32\w32time.dll
20:42:02.0863 3088  W32Time - ok
20:42:02.0894 3088  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\windows\system32\DRIVERS\wacompen.sys
20:42:02.0910 3088  WacomPen - ok
20:42:02.0941 3088  [ 692A712062146E96D28BA0B7D75DE31B ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys
20:42:02.0941 3088  WANARP - ok
20:42:02.0957 3088  [ 692A712062146E96D28BA0B7D75DE31B ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
20:42:02.0957 3088  Wanarpv6 - ok
20:42:03.0050 3088  [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc     C:\windows\system32\Wat\WatAdminSvc.exe
20:42:03.0113 3088  WatAdminSvc - ok
20:42:03.0175 3088  [ 7790B77FE1E5EE47DCC66247095BB4C9 ] wbengine        C:\windows\system32\wbengine.exe
20:42:03.0206 3088  wbengine - ok
20:42:03.0237 3088  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
20:42:03.0253 3088  WbioSrvc - ok
20:42:03.0284 3088  [ 6D9B75275C3E3A5F51AEF81AFFADB2B6 ] wcncsvc         C:\windows\System32\wcncsvc.dll
20:42:03.0300 3088  wcncsvc - ok
20:42:03.0347 3088  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
20:42:03.0347 3088  WcsPlugInService - ok
20:42:03.0378 3088  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\windows\system32\DRIVERS\wd.sys
20:42:03.0378 3088  Wd - ok
20:42:03.0409 3088  [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
20:42:03.0440 3088  Wdf01000 - ok
20:42:03.0456 3088  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\windows\system32\wdi.dll
20:42:03.0456 3088  WdiServiceHost - ok
20:42:03.0456 3088  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\windows\system32\wdi.dll
20:42:03.0471 3088  WdiSystemHost - ok
20:42:03.0503 3088  [ EA4E9DD00E69B35F9BD3D39ACB113E3F ] wdmirror        C:\windows\system32\DRIVERS\WDMirror.sys
20:42:03.0503 3088  wdmirror - ok
20:42:03.0549 3088  [ BB5EC38F8D4600119B4720BC5D4211F1 ] WebClient       C:\windows\System32\webclnt.dll
20:42:03.0565 3088  WebClient - ok
20:42:03.0596 3088  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\windows\system32\wecsvc.dll
20:42:03.0612 3088  Wecsvc - ok
20:42:03.0627 3088  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\windows\System32\wercplsupport.dll
20:42:03.0643 3088  wercplsupport - ok
20:42:03.0659 3088  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\windows\System32\WerSvc.dll
20:42:03.0674 3088  WerSvc - ok
20:42:03.0690 3088  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys
20:42:03.0690 3088  WfpLwf - ok
20:42:03.0737 3088  [ F9AD3A5E3FD7E0BDB18B8202B0FDD4E4 ] WimFltr         C:\windows\system32\DRIVERS\wimfltr.sys
20:42:03.0737 3088  WimFltr - ok
20:42:03.0768 3088  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\windows\system32\drivers\wimmount.sys
20:42:03.0768 3088  WIMMount - ok
20:42:03.0783 3088  WinHttpAutoProxySvc - ok
20:42:03.0846 3088  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
20:42:03.0846 3088  Winmgmt - ok
20:42:03.0908 3088  [ C4F5D3901D1B41D602DDC196E0B95B51 ] WinRM           C:\windows\system32\WsmSvc.dll
20:42:03.0939 3088  WinRM - ok
20:42:04.0049 3088  [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys
20:42:04.0049 3088  WinUsb - ok
20:42:04.0095 3088  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\windows\System32\wlansvc.dll
20:42:04.0111 3088  Wlansvc - ok
20:42:04.0142 3088  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\windows\system32\DRIVERS\wmiacpi.sys
20:42:04.0142 3088  WmiAcpi - ok
20:42:04.0173 3088  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
20:42:04.0189 3088  wmiApSrv - ok
20:42:04.0267 3088  [ 77FBD400984CF72BA0FC4B3489D65F74 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
20:42:04.0283 3088  WMPNetworkSvc - ok
20:42:04.0314 3088  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\windows\System32\wpcsvc.dll
20:42:04.0314 3088  WPCSvc - ok
20:42:04.0345 3088  [ B7F658A2EBC07129538AD9AB35212637 ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
20:42:04.0345 3088  WPDBusEnum - ok
20:42:04.0376 3088  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
20:42:04.0392 3088  ws2ifsl - ok
20:42:04.0407 3088  WSearch - ok
20:42:04.0439 3088  [ BAEDC491374DEFD5E76336901D6D397D ] wsvd            C:\windows\system32\DRIVERS\wsvd.sys
20:42:04.0454 3088  wsvd - ok
20:42:04.0470 3088  [ 6F9B6C0C93232CFF47D0F72D6DB1D21E ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
20:42:04.0485 3088  WudfPf - ok
20:42:04.0501 3088  [ F91FF1E51FCA30B3C3981DB7D5924252 ] WUDFRd          C:\windows\system32\DRIVERS\WUDFRd.sys
20:42:04.0517 3088  WUDFRd - ok
20:42:04.0532 3088  [ DDEE3682FE97037C45F4D7AB467CB8B6 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
20:42:04.0548 3088  wudfsvc - ok
20:42:04.0579 3088  [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc         C:\windows\System32\wwansvc.dll
20:42:04.0595 3088  WwanSvc - ok
20:42:04.0626 3088  ================ Scan global ===============================
20:42:04.0657 3088  [ 9A595DF601070DA78C40481120DD2C06 ] C:\windows\system32\basesrv.dll
20:42:04.0673 3088  [ 008F51AE989C3DF1CBAF8B39DC423CCC ] C:\windows\system32\winsrv.dll
20:42:04.0688 3088  [ 008F51AE989C3DF1CBAF8B39DC423CCC ] C:\windows\system32\winsrv.dll
20:42:04.0719 3088  [ 364455805E64882844EE9ACB72522830 ] C:\windows\system32\sxssrv.dll
20:42:04.0751 3088  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\windows\system32\services.exe
20:42:04.0766 3088  [Global] - ok
20:42:04.0766 3088  ================ Scan MBR ==================================
20:42:04.0782 3088  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
20:42:05.0250 3088  \Device\Harddisk0\DR0 - ok
20:42:05.0250 3088  ================ Scan VBR ==================================
20:42:05.0265 3088  [ 02F27349D4D61D1AF9A579C4D16D3DFD ] \Device\Harddisk0\DR0\Partition1
20:42:05.0265 3088  \Device\Harddisk0\DR0\Partition1 - ok
20:42:05.0281 3088  [ D0ED392B79BDC05E10C2D1B06853A732 ] \Device\Harddisk0\DR0\Partition2
20:42:05.0297 3088  \Device\Harddisk0\DR0\Partition2 - ok
20:42:05.0328 3088  [ F880F62F446D4BB545E67E0A4E5BC882 ] \Device\Harddisk0\DR0\Partition3
20:42:05.0328 3088  \Device\Harddisk0\DR0\Partition3 - ok
20:42:05.0328 3088  ============================================================
20:42:05.0328 3088  Scan finished
20:42:05.0328 3088  ============================================================
20:42:05.0359 4024  Detected object count: 0
20:42:05.0359 4024  Actual detected object count: 0
20:42:55.0841 2764  Deinitialize success
__________________
Alt 23.05.2013, 19:50   #4
smeenk
/// Malwareteam / Visitor
 
TR/Sirefef.A.78 & TR/Crypt.XPACK.Gen - Standard

TR/Sirefef.A.78 & TR/Crypt.XPACK.Gen


Sieht schon wieder ziemlich sauber aus

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Alt 23.05.2013, 20:27   #5
funkfux
 
TR/Sirefef.A.78 & TR/Crypt.XPACK.Gen - Standard

TR/Sirefef.A.78 & TR/Crypt.XPACK.Gen


Freut mich zu hören smeenk!

Code:
ATTFilter
# AdwCleaner v2.301 - Datei am 23/05/2013 um 21:21:23 erstellt
# Aktualisiert am 16/05/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium  (32 bits)
# Benutzer : Domi - DOMI-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Program Files\Antimalware\2\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16448

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v21.0 (de)

Datei : C:\Users\Domi\AppData\Roaming\Mozilla\Firefox\Profiles\c3c4147w.default\prefs.js

C:\Users\Domi\AppData\Roaming\Mozilla\Firefox\Profiles\c3c4147w.default\user.js ... Gelöscht !

Gelöscht : user_pref("vshare.install.date", "1315661691");
Gelöscht : user_pref("vshare.install.finished", "1.0.0");
Gelöscht : user_pref("vshare.install.fresh", "false");
Gelöscht : user_pref("vshare.install.guid", "{c9071a97-9401-4f45-a222-2b71f838c968}");
Gelöscht : user_pref("vshare.install.newtab", false);

*************************

AdwCleaner[R1].txt - [1272 octets] - [23/05/2013 21:20:16]
AdwCleaner[S1].txt - [1303 octets] - [23/05/2013 21:21:23]

########## EOF - C:\AdwCleaner[S1].txt - [1363 octets] ##########
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.05.0.1001
www.malwarebytes.org

Database version: v2013.05.23.11

Windows 7 x86 NTFS
Internet Explorer 9.0.8112.16421
Domi :: DOMI-PC [administrator]

23.05.2013 21:17:28
mbar-log-2013-05-23 (21-17-28).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 28865
Time elapsed: 10 minute(s), 5 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 2
HKCU\SOFTWARE\CLASSES\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9} (Hijack.Trojan.Siredef.C) -> Delete on reboot.
HKCU\SOFTWARE\CLASSES\CLSID\{FBEB8A05-BEEE-4442-804E-409D6C4515E9}\INPROCSERVER32 (Trojan.Zaccess) -> Delete on reboot.

Registry Values Detected: 1
HKCU\SOFTWARE\CLASSES\CLSID\{FBEB8A05-BEEE-4442-804E-409D6C4515E9}\INPROCSERVER32| (Trojan.Zaccess) -> Data: C:\$Recycle.Bin\S-1-5-21-3162087011-3064661499-2517015769-1003\$cbf461249d50c4b27aabc3400446a028\n. -> Delete on reboot.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


Alt 23.05.2013, 21:36   #6
smeenk
/// Malwareteam / Visitor
 
TR/Sirefef.A.78 & TR/Crypt.XPACK.Gen - Standard

TR/Sirefef.A.78 & TR/Crypt.XPACK.Gen


Mach auch diese Check:

Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.
Alt 23.05.2013, 21:51   #7
funkfux
 
TR/Sirefef.A.78 & TR/Crypt.XPACK.Gen - Standard

TR/Sirefef.A.78 & TR/Crypt.XPACK.Gen


wurde gemacht!

Code:
ATTFilter
 Results of screen317's Security Check version 0.99.63  
 Windows 7  x86 (UAC is enabled)  
 Out of date service pack!! 
 Internet Explorer 9  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Security Center service is not running! This report may not be accurate! 
AntiVir Desktop   
 Antivirus out of date!  
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 Java(TM) 6 Update 20  
 Java version out of Date! 
 Adobe Flash Player 	11.7.700.202  
 Adobe Reader 9  
 Adobe Reader XI  
 Mozilla Firefox (21.0) 
````````Process Check: objlist.exe by Laurent````````  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

Alt 23.05.2013, 22:03   #8
smeenk
/// Malwareteam / Visitor
 
TR/Sirefef.A.78 & TR/Crypt.XPACK.Gen - Standard

TR/Sirefef.A.78 & TR/Crypt.XPACK.Gen


Du hasst nicht den letzten servicePack fur Windows 7 installiert
http://www.microsoft.com/de-de/downl...s.aspx?id=5842

Der Infektion auf dein Rechner(ZeroAccess) hat viele Dienste ausgeschaltet.
Vielleicht wird das repariert wenn man SP1 installiert.

Gebe es ein Versuch und poste mir nachher bitte eine neue Log von SecurityCheck?

Alt 23.05.2013, 22:12   #9
funkfux
 
TR/Sirefef.A.78 & TR/Crypt.XPACK.Gen - Standard

TR/Sirefef.A.78 & TR/Crypt.XPACK.Gen


Alles klar, mache ich (morgen jedoch erst).

Danke dir noch mal!

Alt 23.05.2013, 22:24   #10
smeenk
/// Malwareteam / Visitor
 
TR/Sirefef.A.78 & TR/Crypt.XPACK.Gen - Standard

TR/Sirefef.A.78 & TR/Crypt.XPACK.Gen


OK bis dann

Alt 24.05.2013, 08:47   #11
funkfux
 
TR/Sirefef.A.78 & TR/Crypt.XPACK.Gen - Standard

TR/Sirefef.A.78 & TR/Crypt.XPACK.Gen


Guten Morgen,

anbei der neue Check nach dem ich SP1 installiert hab.

Code:
ATTFilter
 Results of screen317's Security Check version 0.99.63  
 Windows 7 Service Pack 1 x86 (UAC is enabled)  
 Internet Explorer 9  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Security Center service is not running! This report may not be accurate! 
AntiVir Desktop   
 Antivirus out of date!  
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 Java(TM) 6 Update 20  
 Java version out of Date! 
 Adobe Flash Player 	11.7.700.202  
 Adobe Reader 9  
 Adobe Reader XI  
 Mozilla Firefox (21.0) 
````````Process Check: objlist.exe by Laurent````````  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

Alt 24.05.2013, 09:37   #12
smeenk
/// Malwareteam / Visitor
 
TR/Sirefef.A.78 & TR/Crypt.XPACK.Gen - Standard

TR/Sirefef.A.78 & TR/Crypt.XPACK.Gen


Leider ist anscheinend nicht alles repariert worden.

Downloade dir bitte Farbar's Service Scanner
  • Starte das Tool mit Doppelklick auf die FSS.exe
  • Gehe sicher, dass folgende Optionen angehakt sind.
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Klicke auf Scan.
  • Wenn das Tool fertig ist, wird es eine FSS.txt in dem Verzeichnis erstellen, wo das Tool gelaufen ist.
Poste bitte den Inhalt hier.

Alt 24.05.2013, 09:48   #13
funkfux
 
TR/Sirefef.A.78 & TR/Crypt.XPACK.Gen - Standard

TR/Sirefef.A.78 & TR/Crypt.XPACK.Gen


neuer code

Code:
ATTFilter
Farbar Service Scanner Version: 14-04-2013
Ran by Domi (administrator) on 24-05-2013 at 10:40:54
Running from "C:\Users\Domi\Downloads"
Windows 7 Home Premium Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Attempt to access Yahoo IP returned error. Yahoo IP is offline
Yahoo.com is accessible.


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of bfe. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of bfe. The value does not exist.
Unable to retrieve ServiceDll of bfe. The value does not exist.


Firewall Disabled Policy: 
==================


System Restore:
============

System Restore Disabled Policy: 
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of wscsvc. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of wscsvc. The value does not exist.
Unable to retrieve ServiceDll of wscsvc. The value does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of BITS. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of BITS. The value does not exist.
Unable to retrieve ServiceDll of BITS. The value does not exist.


Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Other Services:
==============
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.
Checking Start type of iphlpsvc: ATTENTION!=====> Unable to retrieve start type of iphlpsvc. The value does not exist.
Checking ImagePath of iphlpsvc: ATTENTION!=====> Unable to retrieve ImagePath of iphlpsvc. The value does not exist.
Checking ServiceDll of iphlpsvc: ATTENTION!=====> Unable to retrieve ServiceDll of iphlpsvc. The value does not exist.


File Check:
========
C:\windows\system32\nsisvc.dll => MD5 is legit
C:\windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\windows\system32\dhcpcore.dll => MD5 is legit
C:\windows\system32\Drivers\afd.sys => MD5 is legit
C:\windows\system32\Drivers\tdx.sys => MD5 is legit
C:\windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\windows\system32\dnsrslvr.dll => MD5 is legit
C:\windows\system32\mpssvc.dll => MD5 is legit
C:\windows\system32\bfe.dll => MD5 is legit
C:\windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\windows\system32\SDRSVC.dll => MD5 is legit
C:\windows\system32\vssvc.exe => MD5 is legit
C:\windows\system32\wscsvc.dll => MD5 is legit
C:\windows\system32\wbem\WMIsvc.dll => MD5 is legit

ATTENTION!=====> C:\windows\system32\wuaueng.dll FILE IS MISSING AND SHOULD BE RESTORED.

C:\windows\system32\qmgr.dll => MD5 is legit
C:\windows\system32\es.dll => MD5 is legit
C:\windows\system32\cryptsvc.dll => MD5 is legit

ATTENTION!=====> C:\Program Files\Windows Defender\MpSvc.dll FILE IS MISSING AND SHOULD BE RESTORED.


ATTENTION!=====> C:\windows\system32\ipnathlp.dll FILE IS MISSING.

C:\windows\system32\iphlpsvc.dll => MD5 is legit
C:\windows\system32\svchost.exe => MD5 is legit
C:\windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

Alt 24.05.2013, 10:24   #14
smeenk
/// Malwareteam / Visitor
 
TR/Sirefef.A.78 & TR/Crypt.XPACK.Gen - Standard

TR/Sirefef.A.78 & TR/Crypt.XPACK.Gen


Downloade dir bitte RestoreBFE.exe.

Starte das Tool mit Doppelklick.
Nach ein paar Sekunden sollte eine Nachricht mit "Done" aufpoppen.


Downloade Dir untenstehende Reg-Dateien:

http://download.bleepingcomputer.com...7/wuauserv.reg
http://download.bleepingcomputer.com...s/7/wscsvc.reg
http://download.bleepingcomputer.com...ces/7/BITS.reg
http://download.bleepingcomputer.com...aredAccess.reg
http://download.bleepingcomputer.com...7/iphlpsvc.reg

DoppelKlicken und Änderungen ermöglichen.


Rechner nachher neustarten.

Erneut eine Farbar Service Scanner Log-Datei erstellen und posten

Alt 24.05.2013, 10:33   #15
funkfux
 
TR/Sirefef.A.78 & TR/Crypt.XPACK.Gen - Standard

TR/Sirefef.A.78 & TR/Crypt.XPACK.Gen


Code:
ATTFilter
12Farbar Service Scanner Version: 14-04-2013
Ran by Domi (administrator) on 24-05-2013 at 11:32:45
Running from "C:\Users\Domi\Downloads"
Windows 7 Home Premium Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Attempt to access Yahoo IP returned error. Yahoo IP is offline
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy: 
==================


System Restore:
============

System Restore Disabled Policy: 
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.


Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Other Services:
==============


File Check:
========
C:\windows\system32\nsisvc.dll => MD5 is legit
C:\windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\windows\system32\dhcpcore.dll => MD5 is legit
C:\windows\system32\Drivers\afd.sys => MD5 is legit
C:\windows\system32\Drivers\tdx.sys => MD5 is legit
C:\windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\windows\system32\dnsrslvr.dll => MD5 is legit
C:\windows\system32\mpssvc.dll => MD5 is legit
C:\windows\system32\bfe.dll => MD5 is legit
C:\windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\windows\system32\SDRSVC.dll => MD5 is legit
C:\windows\system32\vssvc.exe => MD5 is legit
C:\windows\system32\wscsvc.dll => MD5 is legit
C:\windows\system32\wbem\WMIsvc.dll => MD5 is legit

ATTENTION!=====> C:\windows\system32\wuaueng.dll FILE IS MISSING AND SHOULD BE RESTORED.

C:\windows\system32\qmgr.dll => MD5 is legit
C:\windows\system32\es.dll => MD5 is legit
C:\windows\system32\cryptsvc.dll => MD5 is legit

ATTENTION!=====> C:\Program Files\Windows Defender\MpSvc.dll FILE IS MISSING AND SHOULD BE RESTORED.


ATTENTION!=====> C:\windows\system32\ipnathlp.dll FILE IS MISSING.

C:\windows\system32\iphlpsvc.dll => MD5 is legit
C:\windows\system32\svchost.exe => MD5 is legit
C:\windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

Antwort
Seite 1 von 2 1 2

Themen zu TR/Sirefef.A.78 & TR/Crypt.XPACK.Gen
administrator, autostart, e-banking, explorer, fehlermeldung, gelöscht, hijack.trojan.siredef.c, log, malwarebytes, microsoft, neuaufsetzung, pum.disabled.securitycenter, recycle.bin, sicherheit, software, temp, tr/crypt.xpack.ge, tr/crypt.xpack.gen, tr/sirefef.a., tr/sirefef.a.7, trojan.0access, trojan.zaccess, trojan.zbot.ed


« SearchPlusNetwork.com Entfernen? | Win32:Malware-Gen - False Positive? »


Ähnliche Themen: TR/Sirefef.A.78 & TR/Crypt.XPACK.Gen


  1. avira findet : tr/crypt.zpack.36522 ,tr/crypt.xpack.gen ,adware/installcore.gen
    Plagegeister aller Art und deren Bekämpfung - 06.01.2014 (4)
  2. Trojan.0Access / Trojan.Sirefef / TR/Crypt.XPACK.Gen
    Log-Analyse und Auswertung - 19.09.2012 (9)
  3. TR/Crypt.EPACK.Gen8, TR/Crypt.XPACK.Gen, TR/Vcaredrix.A.3 und einige EXP/CVE-xx, EXP/2010-xx Viren.
    Plagegeister aller Art und deren Bekämpfung - 26.07.2012 (7)
  4. TR/Sirefef.BP.1, TR/Crypt.XPACK.Gen, TR/Rootkit.Gen2 und Avira bekommt es nicht weg
    Plagegeister aller Art und deren Bekämpfung - 19.03.2012 (16)
  5. TR/Crypt.XPACK.Gen, TR/Sirefef.BV.2, TR/Crypt.XPACK.Gen3, TR/PSW.Karagany.A.73
    Plagegeister aller Art und deren Bekämpfung - 15.02.2012 (2)
  6. TR/Crypt.XPACK.Gen5, TR/Crypt.ZPACK.Gen2, TR/Fake.Rean.3394, TR/PSW.Fareit.A.64
    Plagegeister aller Art und deren Bekämpfung - 19.12.2011 (30)
  7. TR/Crypt.XPACK.Gen und TR/Crypt.ZPACK.Gen2 gefunden PC extrem langsam
    Log-Analyse und Auswertung - 19.10.2011 (8)
  8. Kurze Fragen zu TR/Crypt.XPACK.Gen + TR/Crypt.ZPACK.Gen + Avira Scan
    Plagegeister aller Art und deren Bekämpfung - 02.12.2010 (3)
  9. W32/Induc.A, TR/Dropper.Gen, TR/Crypt.ZPACK.Gen, TR/Crypt.XPACK.Gen3 gefunden - wie entfernen
    Plagegeister aller Art und deren Bekämpfung - 01.12.2010 (5)
  10. TR/Crypt.XPACK.Gen3 - nach formatierung von C: TR/Crypt.XPACK.Gen2 gefunden
    Plagegeister aller Art und deren Bekämpfung - 17.10.2010 (9)
  11. TR/Crypt.XPACK.Gen3, TR/Crypt.XPACK.Gen2
    Plagegeister aller Art und deren Bekämpfung - 10.10.2010 (4)
  12. Befall mit TR/Crypt.XPACK.Gen und TR/Crypt.XPACK.Gen3
    Plagegeister aller Art und deren Bekämpfung - 21.09.2010 (23)
  13. TR/Dropper.gen und TR/Crypt.XPACK.Gen und TR/Crypt.XPACK.Gen2 und TR/Dldr.Agent.cxyf.3
    Plagegeister aller Art und deren Bekämpfung - 29.07.2010 (32)
  14. tr\crypt.xpack.gen2 und tr\crypt.xpack.gen
    Plagegeister aller Art und deren Bekämpfung - 29.07.2010 (4)
  15. TR/dldr.swizzor.gen2, TR/crypt.xpack.gen, TR/crypt.zpack.gen unter Windows XP
    Plagegeister aller Art und deren Bekämpfung - 16.06.2010 (15)
  16. Massives Trojaner Problem TR/Crypt.XPACK.Gen TR/dropper.Gen TR/Crypt.ASPM.Gen
    Plagegeister aller Art und deren Bekämpfung - 21.03.2010 (1)
  17. Heftiger Trojaner Befall Crypt.XPACK.Gen/Click.YABECTOR.B.1/ Crypt.PEPM.Gen
    Log-Analyse und Auswertung - 28.12.2009 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema TR/Sirefef.A.78 & TR/Crypt.XPACK.Gen - Hallo Forum, bekomme seit geraumer Zeit von Avira Antivir im Echtzeitscanner die Fehlermeldung, dass sich "TR/Sirefef.A.78" sowie "TR/Crypt.XPACK.Gen" auf meinem System befänden. Wenn ich nun das System scanne bzw. die - TR/Sirefef.A.78 & TR/Crypt.XPACK.Gen...
Archiv
Du betrachtest: TR/Sirefef.A.78 & TR/Crypt.XPACK.Gen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129