Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

infected


  • Please log in to reply
14 replies to this topic

#1 kazaca78

kazaca78

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:11:24 PM

Posted 06 August 2013 - 09:01 PM

hello         i discovered that the the windows updates got off.Also Windows Update Service is missing from the services list, on running command services.msc.The firewall is not responding .(got w7 ultimate)Googled for a solution no success ,then i read that this can happen with malvare&virus.So i ran avira free antivirus; got into 14 virus, most of them (10 or 11 maybe)are inside tdss killer  quarantine folder(didnt know to have tdss,bought this pc 2 days ago from my brother,but why avira founded viruses if they are already quarantined?)..i've done also a scan with spybot s&destroy but all the problems remain.
I am looking forward to your reply!
thank you

 



BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:08:24 AM

Posted 06 August 2013 - 09:16 PM

Hello kazaca -

Do you still have the TDSS Logs and can you Copy / Paste them here ?

Also do you have any record of the Avira logs that you can post (or a list that you can type out) with the infections ?

 

Thank You -



#3 kazaca78

kazaca78
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:11:24 PM

Posted 10 August 2013 - 08:00 PM

hello Noknoion thank u for uor help, here are my logs  

 I ve discovered that there are tds may(05|2013) log but not avira  i mean avira was installed later in july .Anyway  i ve copied the 2 log from tds and 3 from avira the last one is without virus.Also  I cannot get Windows Firewall to turn on, when I go to the action center attempting to turn it on ,it tells me: Error 0x80070424 impossible  modify some account  settings .went to the Administration servises the firewall defender and bsm are missing..the are a lot of software i don even know what it is looking for it in google now 

 

 



#4 kazaca78

kazaca78
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:11:24 PM

Posted 10 August 2013 - 08:09 PM

dont remember how  attach a log. i m with chrome .is with mymedia isn it ?



#5 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:08:24 AM

Posted 10 August 2013 - 08:45 PM

Hi kazaca -

Just Copy / Paste the logs, as you can not Attach here, and if they are too long, break them in half

 

Highlight the text and press Control + C to copy, then click in the open Reply box, and press Control + V to paste

 

Any problem, please ask for more information -

 

While you are posting - Download Security Check by Screen317

  • Save it to your Desktop.

  • Double-click SecurityCheck.exe

  • Follow the onscreen instructions inside the black box.

  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Note: If any security program requests permission to access the Internet, allow it to do so.

 

 

Thanks -


Edited by noknojon, 10 August 2013 - 08:47 PM.


#6 kazaca78

kazaca78
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:11:24 PM

Posted 11 August 2013 - 04:19 PM

so i cant attach the file but just the text



#7 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:08:24 AM

Posted 11 August 2013 - 04:49 PM

In this area of the forum, the Attach option is not offered.

 

This is why I said "if they are too long, break them in half" -

This is Normal procedure. Check all the other posts in Am I Infected.

 

Thank You -



#8 kazaca78

kazaca78
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:11:24 PM

Posted 23 August 2013 - 08:03 PM

hi thank u for uor help returned to my pc so here the log 

 
 
Avira Free Antivirus
Data del file di report: martedì 6 agosto 2013  01:46
 
 
Il programma funziona come versione completa e illimitata.
I servizi online sono disponibili.
 
Concesso in licenza a : Avira Free Antivirus
Numero di serie       : 0000149996-ADJIE-0000001
Piattaforma           : Windows 7 Ultimate
Versione di Windows   : (plain)  [6.1.7600]
Modalità di avvio     : Booting eseguito regolarmente
Nome utente           : Er Tajateste
Nome computer         : ERTAJATESTE-PC
 
Informazioni sulla versione:
BUILD.DAT             : 13.0.0.3884    54852 Bytes  18/07/2013 22:30:00
AVSCAN.EXE            : 13.6.0.1722   634936 Bytes  01/07/2013 10:48:48
AVSCANRC.DLL          : 13.6.0.1550    60984 Bytes  01/07/2013 10:48:48
LUKE.DLL              : 13.6.0.1550    65080 Bytes  01/07/2013 10:49:37
AVSCPLR.DLL           : 13.6.0.1712    92216 Bytes  01/07/2013 10:48:48
AVREG.DLL             : 13.6.0.1550   247864 Bytes  01/07/2013 10:48:45
avlode.dll            : 13.6.2.1704   449592 Bytes  01/07/2013 10:48:43
avlode.rdf            : 13.0.1.22      26240 Bytes  11/07/2013 10:48:06
VBASE000.VDF          : 7.11.70.0   66736640 Bytes  04/04/2013 10:43:54
VBASE001.VDF          : 7.11.74.226  2201600 Bytes  30/04/2013 10:43:58
VBASE002.VDF          : 7.11.80.60   2751488 Bytes  28/05/2013 12:37:06
VBASE003.VDF          : 7.11.85.214  2162688 Bytes  21/06/2013 16:32:42
VBASE004.VDF          : 7.11.91.176  3903488 Bytes  23/07/2013 10:49:06
VBASE005.VDF          : 7.11.91.177     2048 Bytes  23/07/2013 10:49:06
VBASE006.VDF          : 7.11.91.178     2048 Bytes  23/07/2013 10:49:06
VBASE007.VDF          : 7.11.91.179     2048 Bytes  23/07/2013 10:49:06
VBASE008.VDF          : 7.11.91.180     2048 Bytes  23/07/2013 10:49:06
VBASE009.VDF          : 7.11.91.181     2048 Bytes  23/07/2013 10:49:06
VBASE010.VDF          : 7.11.91.182     2048 Bytes  23/07/2013 10:49:07
VBASE011.VDF          : 7.11.91.183     2048 Bytes  23/07/2013 10:49:07
VBASE012.VDF          : 7.11.91.184     2048 Bytes  23/07/2013 10:49:07
VBASE013.VDF          : 7.11.92.32    156160 Bytes  24/07/2013 10:49:24
VBASE014.VDF          : 7.11.92.147   168960 Bytes  25/07/2013 16:49:06
VBASE015.VDF          : 7.11.93.93    419328 Bytes  28/07/2013 09:01:06
VBASE016.VDF          : 7.11.93.170  1403392 Bytes  29/07/2013 09:01:20
VBASE017.VDF          : 7.11.94.31    222208 Bytes  31/07/2013 15:00:58
VBASE018.VDF          : 7.11.94.141   273408 Bytes  03/08/2013 09:01:04
VBASE019.VDF          : 7.11.94.203   200192 Bytes  04/08/2013 22:36:47
VBASE020.VDF          : 7.11.95.8    1925632 Bytes  05/08/2013 18:18:54
VBASE021.VDF          : 7.11.95.9       2048 Bytes  05/08/2013 18:18:54
VBASE022.VDF          : 7.11.95.10      2048 Bytes  05/08/2013 18:18:54
VBASE023.VDF          : 7.11.95.11      2048 Bytes  05/08/2013 18:18:54
VBASE024.VDF          : 7.11.95.12      2048 Bytes  05/08/2013 18:18:54
VBASE025.VDF          : 7.11.95.13      2048 Bytes  05/08/2013 18:18:54
VBASE026.VDF          : 7.11.95.14      2048 Bytes  05/08/2013 18:18:55
VBASE027.VDF          : 7.11.95.15      2048 Bytes  05/08/2013 18:18:55
VBASE028.VDF          : 7.11.95.16      2048 Bytes  05/08/2013 18:18:55
VBASE029.VDF          : 7.11.95.17      2048 Bytes  05/08/2013 18:18:55
VBASE030.VDF          : 7.11.95.18      2048 Bytes  05/08/2013 18:18:55
VBASE031.VDF          : 7.11.95.62    117760 Bytes  05/08/2013 18:18:55
Motore                : 8.2.12.94 
AEVDF.DLL             : 8.1.3.4       102774 Bytes  13/06/2013 16:32:25
AESCRIPT.DLL          : 8.1.4.136     504190 Bytes  26/07/2013 10:49:17
AESCN.DLL             : 8.1.10.4      131446 Bytes  02/05/2013 10:44:10
AESBX.DLL             : 8.2.5.12      606578 Bytes  02/05/2013 10:44:11
AERDL.DLL             : 8.2.0.128     688504 Bytes  13/06/2013 16:32:24
AEPACK.DLL            : 8.3.2.24      749945 Bytes  20/06/2013 10:33:09
AEOFFICE.DLL          : 8.1.2.74      205181 Bytes  26/07/2013 10:49:16
AEHEUR.DLL            : 8.1.4.504    6046074 Bytes  26/07/2013 10:49:16
AEHELP.DLL            : 8.1.27.4      266617 Bytes  27/06/2013 16:47:32
AEGEN.DLL             : 8.1.7.10      442743 Bytes  26/07/2013 10:49:09
AEEXP.DLL             : 8.4.1.36      278903 Bytes  26/07/2013 10:49:17
AEEMU.DLL             : 8.1.3.2       393587 Bytes  02/05/2013 10:44:02
AECORE.DLL            : 8.1.31.6      201081 Bytes  27/06/2013 16:47:30
AEBB.DLL              : 8.1.1.4        53619 Bytes  02/05/2013 10:44:01
AVWINLL.DLL           : 13.6.0.1550    23608 Bytes  01/07/2013 10:48:33
AVPREF.DLL            : 13.6.0.1550    48184 Bytes  01/07/2013 10:48:44
AVREP.DLL             : 13.6.0.1550   175672 Bytes  01/07/2013 10:48:46
AVARKT.DLL            : 13.6.0.1626   258104 Bytes  01/07/2013 10:48:35
AVEVTLOG.DLL          : 13.6.0.1550   164920 Bytes  01/07/2013 10:48:39
SQLITE3.DLL           : 3.7.0.1       397704 Bytes  02/05/2013 10:45:22
AVSMTP.DLL            : 13.6.0.1550    60472 Bytes  01/07/2013 10:48:52
NETNT.DLL             : 13.6.0.1550    13368 Bytes  01/07/2013 10:49:37
RCIMAGE.DLL           : 13.4.0.360   4782880 Bytes  02/05/2013 10:41:49
RCTEXT.DLL            : 13.6.0.1624    67640 Bytes  01/07/2013 10:48:33
 
Impostazioni di configurazione per la scansione attuale:
Nome del job................................: Scansione alla ricerca di rootkit e malware attivi
File di configurazione......................: C:\ProgramData\Avira\AntiVir Desktop\PROFILES\rootkit.avp
Report......................................: standard
Azione primaria.............................: interattivo
Azione secondaria...........................: ignora
Scansione dei record master di avvio........: Attivo
Scansiona record di avvio...................: Attivo
Scansione dei programmi attivi..............: Attivo
Processo esteso di scansione................: Attivo
Scansiona la registrazione..................: Attivo
Cerca Rootkits..............................: Attivo
Controllo di integrità dei file di sistema..: Non attivo
Modalità di scansione file..................: Tutti i file
Scansione degli archivi.....................: Attivo
Limita la profondità di ricorsione..........: 20
Archivio estensioni Smart...................: Attivo
Macro euristico.............................: Attivo
File euristico..............................: completo
 
Avvio della scansione: martedì 6 agosto 2013  01:46
 
È stata avviata la scansione per accertare la presenza di oggetti nascosti.
 
La scansione dei processi in esecuzione verrà avviata:
Scansione processo 'svchost.exe' - '52' modulo(i) scansionato(i)
Scansione processo 'nvvsvc.exe' - '35' modulo(i) scansionato(i)
Scansione processo 'svchost.exe' - '35' modulo(i) scansionato(i)
Scansione processo 'svchost.exe' - '69' modulo(i) scansionato(i)
Scansione processo 'svchost.exe' - '107' modulo(i) scansionato(i)
Scansione processo 'svchost.exe' - '121' modulo(i) scansionato(i)
Scansione processo 'CTAudSvc.exe' - '34' modulo(i) scansionato(i)
Scansione processo 'svchost.exe' - '70' modulo(i) scansionato(i)
Scansione processo 'svchost.exe' - '75' modulo(i) scansionato(i)
Scansione processo 'nvxdsync.exe' - '51' modulo(i) scansionato(i)
Scansione processo 'nvvsvc.exe' - '47' modulo(i) scansionato(i)
Scansione processo 'Dwm.exe' - '31' modulo(i) scansionato(i)
Scansione processo 'Explorer.EXE' - '214' modulo(i) scansionato(i)
Scansione processo 'spoolsv.exe' - '80' modulo(i) scansionato(i)
Scansione processo 'sched.exe' - '43' modulo(i) scansionato(i)
Scansione processo 'avguard.exe' - '77' modulo(i) scansionato(i)
Scansione processo 'taskhost.exe' - '53' modulo(i) scansionato(i)
Scansione processo 'AppleMobileDeviceService.exe' - '66' modulo(i) scansionato(i)
Scansione processo 'rundll32.exe' - '30' modulo(i) scansionato(i)
Scansione processo 'rundll32.exe' - '30' modulo(i) scansionato(i)
Scansione processo 'RtkNGUI64.exe' - '48' modulo(i) scansionato(i)
Scansione processo 'TBPanel.exe' - '39' modulo(i) scansionato(i)
Scansione processo 'netsession_win.exe' - '45' modulo(i) scansionato(i)
Scansione processo 'Skype.exe' - '135' modulo(i) scansionato(i)
Scansione processo 'taskeng.exe' - '30' modulo(i) scansionato(i)
Scansione processo 'AsRoutineController.exe' - '39' modulo(i) scansionato(i)
Scansione processo 'netsession_win.exe' - '68' modulo(i) scansionato(i)
Scansione processo 'iTunesHelper.exe' - '72' modulo(i) scansionato(i)
Scansione processo 'IAStorIcon.exe' - '65' modulo(i) scansionato(i)
Scansione processo 'hpwuschd2.exe' - '24' modulo(i) scansionato(i)
Scansione processo 'AiChargerPlus.exe' - '31' modulo(i) scansionato(i)
Scansione processo 'atkexComSvc.exe' - '38' modulo(i) scansionato(i)
Scansione processo 'aaHMSvc.exe' - '36' modulo(i) scansionato(i)
Scansione processo 'AsSysCtrlService.exe' - '34' modulo(i) scansionato(i)
Scansione processo 'svchost.exe' - '32' modulo(i) scansionato(i)
Scansione processo 'SDFSSvc.exe' - '83' modulo(i) scansionato(i)
Scansione processo 'SDTray.exe' - '102' modulo(i) scansionato(i)
Scansione processo 'avgnt.exe' - '87' modulo(i) scansionato(i)
Scansione processo 'AdobeARM.exe' - '81' modulo(i) scansionato(i)
Scansione processo 'jusched.exe' - '31' modulo(i) scansionato(i)
Scansione processo 'c2c_service.exe' - '38' modulo(i) scansionato(i)
Scansione processo 'AI Suite II.exe' - '83' modulo(i) scansionato(i)
Scansione processo 'AlertHelper.exe' - '31' modulo(i) scansionato(i)
Scansione processo 'SDUpdSvc.exe' - '78' modulo(i) scansionato(i)
Scansione processo 'avshadow.exe' - '29' modulo(i) scansionato(i)
Scansione processo 'iPodService.exe' - '33' modulo(i) scansionato(i)
Scansione processo 'SearchIndexer.exe' - '55' modulo(i) scansionato(i)
Scansione processo 'wmpnetwk.exe' - '72' modulo(i) scansionato(i)
Scansione processo 'svchost.exe' - '60' modulo(i) scansionato(i)
Scansione processo 'IAStorDataMgrSvc.exe' - '95' modulo(i) scansionato(i)
Scansione processo 'mmc.exe' - '71' modulo(i) scansionato(i)
Scansione processo 'dllhost.exe' - '52' modulo(i) scansionato(i)
Scansione processo 'msdtc.exe' - '44' modulo(i) scansionato(i)
Scansione processo 'taskeng.exe' - '28' modulo(i) scansionato(i)
Scansione processo 'SDUpdate.exe' - '104' modulo(i) scansionato(i)
Scansione processo 'prevhost.exe' - '26' modulo(i) scansionato(i)
Scansione processo 'wmprph.exe' - '65' modulo(i) scansionato(i)
Scansione processo 'avcenter.exe' - '121' modulo(i) scansionato(i)
Scansione processo 'avscan.exe' - '116' modulo(i) scansionato(i)
Scansione processo 'vssvc.exe' - '47' modulo(i) scansionato(i)
Scansione processo 'svchost.exe' - '28' modulo(i) scansionato(i)
Scansione processo 'SearchProtocolHost.exe' - '29' modulo(i) scansionato(i)
Scansione processo 'SearchFilterHost.exe' - '26' modulo(i) scansionato(i)
Scansione processo 'smss.exe' - '2' modulo(i) scansionato(i)
Scansione processo 'csrss.exe' - '16' modulo(i) scansionato(i)
Scansione processo 'wininit.exe' - '26' modulo(i) scansionato(i)
Scansione processo 'csrss.exe' - '16' modulo(i) scansionato(i)
Scansione processo 'services.exe' - '33' modulo(i) scansionato(i)
Scansione processo 'lsass.exe' - '65' modulo(i) scansionato(i)
Scansione processo 'lsm.exe' - '16' modulo(i) scansionato(i)
Scansione processo 'winlogon.exe' - '31' modulo(i) scansionato(i)
 
Avvio della scansione dei file eseguibili (registro):
Il registro è stato scansionato ( 41770 file ).
 
 
Avvio della scansione del file selezionati:
 
Inizia con la scansione di 'C:'
C:\TDSSKiller_Quarantine\02.05.2013_11.40.44\zasubsys0000\file0000\tsk0000.dta
  [RILEVAMENTO] Contiene il codice del virus Windows W32/Patched.UC
C:\TDSSKiller_Quarantine\02.05.2013_11.40.44\zasubsys0000\zafs0000\tsk0001.dta
  [RILEVAMENTO] Si tratta del cavallo di Troia TR/ZAccess.H
C:\TDSSKiller_Quarantine\02.05.2013_11.40.44\zasubsys0000\zafs0000\tsk0005.dta
  [RILEVAMENTO] Si tratta del cavallo di Troia TR/ZAccess.H
C:\TDSSKiller_Quarantine\02.05.2013_11.40.44\zasubsys0000\zafs0000\tsk0006.dta
  [RILEVAMENTO] Si tratta del cavallo di Troia TR/Sirefef.A.25
C:\TDSSKiller_Quarantine\02.05.2013_11.40.44\zasubsys0000\zafs0000\tsk0007.dta
  [RILEVAMENTO] Si tratta del cavallo di Troia TR/Sirefef.abx
C:\TDSSKiller_Quarantine\02.05.2013_11.40.44\zasubsys0000\zafs0000\tsk0008.dta
  [RILEVAMENTO] Si tratta del cavallo di Troia TR/Gendal.15360
C:\TDSSKiller_Quarantine\02.05.2013_11.40.44\zasubsys0000\zafs0000\tsk0009.dta
  [RILEVAMENTO] Si tratta del cavallo di Troia TR/ATRAPS.Gen2
C:\TDSSKiller_Quarantine\02.05.2013_11.40.44\zasubsys0000\zafs0000\tsk0010.dta
  [RILEVAMENTO] Si tratta del cavallo di Troia TR/Sirefef.77312
C:\Users\Er Tajateste\AppData\Local\Temp\hKn4mt1H.exe.part
  [RILEVAMENTO] Contiene modelli di riconoscimento dell'adware ADWARE/DomaiQ.454000
    [0] Tipo di archivio: Runtime Packed
    --> C:\Users\Er Tajateste\Desktop\Giochi\Only games\Sleeping.Dogs.v1.5.Update-SKIDROW\sr-sd15u.rar
        [1] Tipo di archivio: RAR
      --> SKIDROW\buddha.dll
          [RILEVAMENTO] Si tratta del cavallo di Troia TR/Black.Gen2
          [AVVISO]    I file infetti negli archivi non possono essere riparati!
C:\Users\Er Tajateste\Desktop\Giochi\Only games\Sleeping.Dogs.v1.5.Update-SKIDROW\sr-sd15u.rar
  [RILEVAMENTO] Si tratta del cavallo di Troia TR/Black.Gen2
    --> \\?\C:\Users\Er Tajateste\Downloads\314.22-desktop-win8-win7-winvista-64bit-international-whql(1).exe.part
        [AVVISO]    Impossibile leggere il file!
C:\Users\Er Tajateste\Downloads\314.22-desktop-win8-win7-winvista-64bit-international-whql(1).exe.part
  [AVVISO]    Impossibile leggere il file!
C:\Windows\assembly\GAC_32\Desktop.ini
  [RILEVAMENTO] Si tratta del cavallo di Troia TR/ATRAPS.Gen2
C:\Windows\assembly\GAC_64\Desktop.ini
  [RILEVAMENTO] Si tratta del cavallo di Troia TR/ATRAPS.Gen2
C:\Windows\Installer\{00202b5c-a61d-08a5-8df3-3c032d010268}\L\00000004.@
  [RILEVAMENTO] Si tratta del cavallo di Troia TR/ZAccess.H
 
Avvio della disinfezione:
C:\Windows\Installer\{00202b5c-a61d-08a5-8df3-3c032d010268}\L\00000004.@
  [RILEVAMENTO] Si tratta del cavallo di Troia TR/ZAccess.H
  [NOTA]      Il file è stato spostato in quarantena con il nome '576fe4c9.qua'!
C:\Windows\assembly\GAC_64\Desktop.ini
  [RILEVAMENTO] Si tratta del cavallo di Troia TR/ATRAPS.Gen2
  [NOTA]      Il file è stato spostato in quarantena con il nome '4fbbcde3.qua'!
C:\Windows\assembly\GAC_32\Desktop.ini
  [RILEVAMENTO] Si tratta del cavallo di Troia TR/ATRAPS.Gen2
  [NOTA]      Il file è stato spostato in quarantena con il nome '1de490f3.qua'!
C:\Users\Er Tajateste\Desktop\Giochi\Only games\Sleeping.Dogs.v1.5.Update-SKIDROW\sr-sd15u.rar
  [RILEVAMENTO] Si tratta del cavallo di Troia TR/Black.Gen2
  [NOTA]      Il file è stato spostato in quarantena con il nome '7b8dd998.qua'!
C:\Users\Er Tajateste\AppData\Local\Temp\hKn4mt1H.exe.part
  [RILEVAMENTO] Contiene modelli di riconoscimento dell'adware ADWARE/DomaiQ.454000
  [NOTA]      Il file è stato spostato in quarantena con il nome '3e4af349.qua'!
C:\TDSSKiller_Quarantine\02.05.2013_11.40.44\zasubsys0000\zafs0000\tsk0010.dta
  [RILEVAMENTO] Si tratta del cavallo di Troia TR/Sirefef.77312
  [NOTA]      Impossibile spostare il file in quarantena!
  [NOTA]      Il file non esiste!
C:\TDSSKiller_Quarantine\02.05.2013_11.40.44\zasubsys0000\zafs0000\tsk0009.dta
  [RILEVAMENTO] Si tratta del cavallo di Troia TR/ATRAPS.Gen2
  [NOTA]      Impossibile spostare il file in quarantena!
  [NOTA]      Il file non esiste!
C:\TDSSKiller_Quarantine\02.05.2013_11.40.44\zasubsys0000\zafs0000\tsk0008.dta
  [RILEVAMENTO] Si tratta del cavallo di Troia TR/Gendal.15360
  [NOTA]      Il file è stato spostato in quarantena con il nome '71f4aaf0.qua'!
C:\TDSSKiller_Quarantine\02.05.2013_11.40.44\zasubsys0000\zafs0000\tsk0007.dta
  [RILEVAMENTO] Si tratta del cavallo di Troia TR/Sirefef.abx
  [NOTA]      Il file è stato spostato in quarantena con il nome '5cae85bd.qua'!
C:\TDSSKiller_Quarantine\02.05.2013_11.40.44\zasubsys0000\zafs0000\tsk0006.dta
  [RILEVAMENTO] Si tratta del cavallo di Troia TR/Sirefef.A.25
  [NOTA]      Il file è stato spostato in quarantena con il nome '45c6be27.qua'!
C:\TDSSKiller_Quarantine\02.05.2013_11.40.44\zasubsys0000\zafs0000\tsk0005.dta
  [RILEVAMENTO] Si tratta del cavallo di Troia TR/ZAccess.H
  [NOTA]      Il file è stato spostato in quarantena con il nome '299a9217.qua'!
C:\TDSSKiller_Quarantine\02.05.2013_11.40.44\zasubsys0000\zafs0000\tsk0001.dta
  [RILEVAMENTO] Si tratta del cavallo di Troia TR/ZAccess.H
  [NOTA]      Il file è stato spostato in quarantena con il nome '5823ab82.qua'!
C:\TDSSKiller_Quarantine\02.05.2013_11.40.44\zasubsys0000\file0000\tsk0000.dta
  [RILEVAMENTO] Contiene il codice del virus Windows W32/Patched.UC
  [NOTA]      Il file è stato riparato.
 
 
Fine della scansione: martedì 6 agosto 2013  03:05
Tempo impiegato: 59:04 Minuto(i)
 
La scansione è stata completamente eseguita.
 
  24890 Directory scansionate
 899497 I file sono stati scansionati
     14 Rilevati virus e/o programmi indesiderati
      0 I file sono stati classificati come sospetti
      0 I file sono stati eliminati
      1 I virus o i programmi indesiderati sono stati riparati
     10 File spostati in quarantena
      0 File rinominati
      0 Impossibile scansionare i file
 899483 File non infetti
   9957 Archivi scansionati
      2 Avvisi
     13 Note
 647891 Oggetti scansionati durante la scansione dei rootkit
      0 Sono stati rilevati oggetti nascosti
 
11:40:44.0139 2668  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
11:40:44.0361 2668  ============================================================
11:40:44.0361 2668  Current date / time: 2013/05/02 11:40:44.0361
11:40:44.0361 2668  SystemInfo:
11:40:44.0361 2668  
11:40:44.0361 2668  OS Version: 6.1.7600 ServicePack: 0.0
11:40:44.0361 2668  Product type: Workstation
11:40:44.0361 2668  ComputerName: ERTAJATESTE-PC
11:40:44.0361 2668  UserName: Er Tajateste
11:40:44.0361 2668  Windows directory: C:\Windows
11:40:44.0361 2668  System windows directory: C:\Windows
11:40:44.0361 2668  Running under WOW64
11:40:44.0361 2668  Processor architecture: Intel x64
11:40:44.0361 2668  Number of processors: 8
11:40:44.0361 2668  Page size: 0x1000
11:40:44.0361 2668  Boot type: Normal boot
11:40:44.0361 2668  ============================================================
11:40:46.0362 2668  Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:40:46.0377 2668  ============================================================
11:40:46.0377 2668  \Device\Harddisk0\DR0:
11:40:46.0377 2668  MBR partitions:
11:40:46.0377 2668  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
11:40:46.0377 2668  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xE8DD5800
11:40:46.0377 2668  ============================================================
11:40:46.0391 2668  C: <-> \Device\Harddisk0\DR0\Partition2
11:40:46.0391 2668  ============================================================
11:40:46.0391 2668  Initialize success
11:40:46.0391 2668  ============================================================
11:40:47.0880 5268  ============================================================
11:40:47.0880 5268  Scan started
11:40:47.0880 5268  Mode: Manual; 
11:40:47.0880 5268  ============================================================
11:40:50.0119 5268  ================ Scan system memory ========================
11:40:50.0119 5268  System memory - ok
11:40:50.0119 5268  ================ Scan services =============================
11:40:50.0251 5268  [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
11:40:50.0255 5268  1394ohci - ok
11:40:50.0287 5268  [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys
11:40:50.0291 5268  ACPI - ok
11:40:50.0309 5268  [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys
11:40:50.0310 5268  AcpiPmi - ok
11:40:50.0394 5268  [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:40:50.0398 5268  AdobeFlashPlayerUpdateSvc - ok
11:40:50.0426 5268  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
11:40:50.0433 5268  adp94xx - ok
11:40:50.0450 5268  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
11:40:50.0455 5268  adpahci - ok
11:40:50.0468 5268  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
11:40:50.0471 5268  adpu320 - ok
11:40:50.0488 5268  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
11:40:50.0489 5268  AeLookupSvc - ok
11:40:50.0538 5268  [ B9384E03479D2506BC924C16A3DB87BC ] AFD             C:\Windows\system32\drivers\afd.sys
11:40:50.0544 5268  AFD - ok
11:40:50.0553 5268  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\DRIVERS\agp440.sys
11:40:50.0555 5268  agp440 - ok
11:40:50.0583 5268  [ 8B6625D53C18774F0102F690E285B5E8 ] AiChargerPlus   C:\Windows\system32\DRIVERS\AiChargerPlus.sys
11:40:50.0584 5268  AiChargerPlus - ok
11:40:50.0604 5268  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
11:40:50.0607 5268  ALG - ok
11:40:50.0621 5268  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys
11:40:50.0623 5268  aliide - ok
11:40:50.0640 5268  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
11:40:50.0642 5268  amdide - ok
11:40:50.0653 5268  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
11:40:50.0656 5268  AmdK8 - ok
11:40:50.0666 5268  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
11:40:50.0668 5268  AmdPPM - ok
11:40:50.0682 5268  [ 7A4B413614C055935567CF88A9734D38 ] amdsata         C:\Windows\system32\DRIVERS\amdsata.sys
11:40:50.0685 5268  amdsata - ok
11:40:50.0698 5268  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
11:40:50.0701 5268  amdsbs - ok
11:40:50.0714 5268  [ B4AD0CACBAB298671DD6F6EF7E20679D ] amdxata         C:\Windows\system32\DRIVERS\amdxata.sys
11:40:50.0715 5268  amdxata - ok
11:40:50.0766 5268  [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID           C:\Windows\system32\drivers\appid.sys
11:40:50.0768 5268  AppID - ok
11:40:50.0777 5268  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:40:50.0779 5268  AppIDSvc - ok
11:40:50.0797 5268  [ D065BE66822847B7F127D1F90158376E ] Appinfo         C:\Windows\System32\appinfo.dll
11:40:50.0798 5268  Appinfo - ok
11:40:50.0857 5268  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:40:50.0859 5268  Apple Mobile Device - ok
11:40:50.0960 5268  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
11:40:50.0965 5268  AppMgmt - ok
11:40:50.0981 5268  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
11:40:50.0984 5268  arc - ok
11:40:50.0994 5268  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
11:40:50.0996 5268  arcsas - ok
11:40:51.0032 5268  [ D7989234601A2DE9A1801F4ED9533B6E ] asahci64        C:\Windows\system32\DRIVERS\asahci64.sys
11:40:51.0032 5268  asahci64 - ok
11:40:51.0078 5268  [ FBDDF3593B218D4FB73564B74817EEAA ] asComSvc        C:\Program Files (x86)\ASUS\AXSP\1.00.16\atkexComSvc.exe
11:40:51.0086 5268  asComSvc - ok
11:40:51.0120 5268  [ 3B52CA3643113058ED95097CBA4AE469 ] asHmComSvc      C:\Program Files (x86)\ASUS\AAHM\1.00.15\aaHMSvc.exe
11:40:51.0128 5268  asHmComSvc - ok
11:40:51.0155 5268  [ FEF9DD9EA587F8886ADE43C1BEFBDAFE ] AsIO            C:\Windows\syswow64\drivers\AsIO.sys
11:40:51.0156 5268  AsIO - ok
11:40:51.0171 5268  [ 6D9C024AA8F24065A6DBEAB1F431D854 ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
11:40:51.0173 5268  asmthub3 - ok
11:40:51.0190 5268  [ ECAD22F15D8F17CC04F24E9A6FB00F2F ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
11:40:51.0194 5268  asmtxhci - ok
11:40:51.0227 5268  [ 5C31DFB196CB3A488A041881634D86D2 ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
11:40:51.0232 5268  AsSysCtrlService - ok
11:40:51.0265 5268  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:40:51.0268 5268  AsyncMac - ok
11:40:51.0289 5268  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\DRIVERS\atapi.sys
11:40:51.0290 5268  atapi - ok
11:40:51.0335 5268  [ 36322190763845975E0D001E90687BF2 ] athur           C:\Windows\system32\DRIVERS\athurx.sys
11:40:51.0370 5268  athur - ok
11:40:51.0436 5268  [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:40:51.0442 5268  AudioEndpointBuilder - ok
11:40:51.0451 5268  [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv        C:\Windows\System32\Audiosrv.dll
11:40:51.0457 5268  AudioSrv - ok
11:40:51.0569 5268  [ 0D8244A9DB70BC6C36E2FB56F6039AB6 ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
11:40:51.0586 5268  AVGIDSAgent - ok
11:40:51.0610 5268  [ AC6CB348F67B6B1B75C0EFB8927A8B03 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
11:40:51.0611 5268  AVGIDSDriver - ok
11:40:51.0639 5268  [ 2940FACB6EF92BD1936E4A1E2502468E ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
11:40:51.0641 5268  AVGIDSHA - ok
11:40:51.0659 5268  [ 54B66C4AEEC6C4F742F3569EBA03EBB8 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
11:40:51.0661 5268  Avgldx64 - ok
11:40:51.0700 5268  [ 13667B5D6310228A9FEF2BA5FCD9081F ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys
11:40:51.0705 5268  Avgloga - ok
11:40:51.0733 5268  [ BE82F9A1F2CCF4CE746D0C645D94079E ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
11:40:51.0735 5268  Avgmfx64 - ok
11:40:51.0766 5268  [ 5D11620DEF66F9DC9468FEE385A8429B ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
11:40:51.0767 5268  Avgrkx64 - ok
11:40:51.0777 5268  [ 71309F30D4F4565EC611FE3FC33A3A0F ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys
11:40:51.0780 5268  Avgtdia - ok
11:40:51.0790 5268  [ DC98337F0D2A9F6C0B6FB682297ECE3B ] avgwd           C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
11:40:51.0794 5268  avgwd - ok
11:40:51.0898 5268  [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:40:51.0901 5268  AxInstSV - ok
11:40:51.0918 5268  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
11:40:51.0924 5268  b06bdrv - ok
11:40:51.0960 5268  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
11:40:51.0964 5268  b57nd60a - ok
11:40:52.0028 5268  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
11:40:52.0031 5268  BDESVC - ok
11:40:52.0073 5268  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
11:40:52.0075 5268  Beep - ok
11:40:52.0084 5268  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
11:40:52.0086 5268  blbdrive - ok
11:40:52.0154 5268  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:40:52.0160 5268  Bonjour Service - ok
11:40:52.0243 5268  [ 91CE0D3DC57DD377E690A2D324022B08 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:40:52.0245 5268  bowser - ok
11:40:52.0257 5268  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:40:52.0258 5268  BrFiltLo - ok
11:40:52.0270 5268  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:40:52.0272 5268  BrFiltUp - ok
11:40:52.0282 5268  [ 94FBC06F294D58D02361918418F996E3 ] Browser         C:\Windows\System32\browser.dll
11:40:52.0284 5268  Browser - ok
11:40:52.0296 5268  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
11:40:52.0301 5268  Brserid - ok
11:40:52.0315 5268  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
11:40:52.0318 5268  BrSerWdm - ok
11:40:52.0326 5268  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
11:40:52.0327 5268  BrUsbMdm - ok
11:40:52.0336 5268  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
11:40:52.0338 5268  BrUsbSer - ok
11:40:52.0374 5268  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
11:40:52.0377 5268  BTHMODEM - ok
11:40:52.0399 5268  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
11:40:52.0402 5268  bthserv - ok
11:40:52.0423 5268  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:40:52.0426 5268  cdfs - ok
11:40:52.0453 5268  [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
11:40:52.0455 5268  cdrom - ok
11:40:52.0510 5268  [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc     C:\Windows\System32\certprop.dll
11:40:52.0512 5268  CertPropSvc - ok
11:40:52.0552 5268  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
11:40:52.0554 5268  circlass - ok
11:40:52.0571 5268  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
11:40:52.0576 5268  CLFS - ok
11:40:52.0618 5268  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:40:52.0621 5268  clr_optimization_v2.0.50727_32 - ok
11:40:52.0633 5268  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:40:52.0636 5268  clr_optimization_v2.0.50727_64 - ok
11:40:52.0654 5268  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
11:40:52.0655 5268  CmBatt - ok
11:40:52.0667 5268  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys
11:40:52.0668 5268  cmdide - ok
11:40:52.0685 5268  [ F95FD4CB7DA00BA2A63CE9F6B5C053E1 ] CNG             C:\Windows\system32\Drivers\cng.sys
11:40:52.0691 5268  CNG - ok
11:40:52.0703 5268  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
11:40:52.0705 5268  Compbatt - ok
11:40:52.0715 5268  [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
11:40:52.0716 5268  CompositeBus - ok
11:40:52.0728 5268  COMSysApp - ok
11:40:52.0742 5268  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
11:40:52.0744 5268  crcdisk - ok
11:40:52.0765 5268  [ C8BD651E13895B93ED9EC5B4F1DF42BC ] Creative ALchemy AL6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
11:40:52.0789 5268  Creative ALchemy AL6 Licensing Service - ok
11:40:52.0800 5268  [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
11:40:52.0817 5268  Creative Audio Engine Licensing Service - ok
11:40:52.0831 5268  [ 8C57411B66282C01533CB776F98AD384 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:40:52.0834 5268  CryptSvc - ok
11:40:52.0861 5268  [ 4A6173C2279B498CD8F57CAE504564CB ] CSC             C:\Windows\system32\drivers\csc.sys
11:40:52.0868 5268  CSC - ok
11:40:52.0935 5268  [ 873FBF927C06E5CEE04DEC617502F8FD ] CscService      C:\Windows\System32\cscsvc.dll
11:40:52.0937 5268  CscService - ok
11:40:52.0979 5268  [ 7DAA33AAEE034AE62EF631A3F13A027B ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
11:40:52.0980 5268  CTAudSvcService - ok
11:40:53.0018 5268  [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:40:53.0020 5268  DcomLaunch - ok
11:40:53.0044 5268  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
11:40:53.0047 5268  defragsvc - ok
11:40:53.0055 5268  [ 3F1DC527070ACB87E40AFE46EF6DA749 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
11:40:53.0057 5268  DfsC - ok
11:40:53.0124 5268  [ CE3B9562D997F69B330D181A8875960F ] Dhcp            C:\Windows\system32\dhcpcore.dll
11:40:53.0126 5268  Dhcp - ok
11:40:53.0147 5268  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
11:40:53.0148 5268  discache - ok
11:40:53.0163 5268  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
11:40:53.0165 5268  Disk - ok
11:40:53.0190 5268  [ 676108C4E3AA6F6B34633748BD0BEBD9 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:40:53.0191 5268  Dnscache - ok
11:40:53.0244 5268  [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc         C:\Windows\System32\dot3svc.dll
11:40:53.0247 5268  dot3svc - ok
11:40:53.0255 5268  [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS             C:\Windows\system32\dps.dll
11:40:53.0257 5268  DPS - ok
11:40:53.0269 5268  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
11:40:53.0269 5268  drmkaud - ok
11:40:53.0295 5268  [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
11:40:53.0298 5268  dtsoftbus01 - ok
11:40:53.0335 5268  [ 7CB7D2B73813CE05C7BC0F5F95D27CEC ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
11:40:53.0343 5268  DXGKrnl - ok
11:40:53.0373 5268  [ EAFCB4551836FF44EE775CEDDFA7A77E ] e1cexpress      C:\Windows\system32\DRIVERS\e1c62x64.sys
11:40:53.0377 5268  e1cexpress - ok
11:40:53.0387 5268  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
11:40:53.0388 5268  EapHost - ok
11:40:53.0442 5268  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
11:40:53.0484 5268  ebdrv - ok
11:40:53.0505 5268  [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS             C:\Windows\System32\lsass.exe
11:40:53.0506 5268  EFS - ok
11:40:53.0533 5268  [ B91D81B3B54A54CCAFC03733DBC2E29E ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
11:40:53.0541 5268  ehRecvr - ok
11:40:53.0551 5268  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
11:40:53.0553 5268  ehSched - ok
11:40:53.0573 5268  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
11:40:53.0578 5268  elxstor - ok
11:40:53.0588 5268  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys
11:40:53.0589 5268  ErrDev - ok
11:40:53.0614 5268  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
11:40:53.0618 5268  EventSystem - ok
11:40:53.0628 5268  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
11:40:53.0631 5268  exfat - ok
11:40:53.0635 5268  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
11:40:53.0637 5268  fastfat - ok
11:40:53.0660 5268  [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax             C:\Windows\system32\fxssvc.exe
11:40:53.0666 5268  Fax - ok
11:40:53.0680 5268  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
11:40:53.0682 5268  fdc - ok
11:40:53.0695 5268  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
11:40:53.0697 5268  fdPHost - ok
11:40:53.0708 5268  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
11:40:53.0710 5268  FDResPub - ok
11:40:53.0719 5268  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:40:53.0720 5268  FileInfo - ok
11:40:53.0726 5268  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
11:40:53.0727 5268  Filetrace - ok
11:40:53.0788 5268  [ 8669BE94F63944E4F899C3950B520241 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
11:40:53.0798 5268  FLEXnet Licensing Service - ok
11:40:53.0802 5268  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
11:40:53.0803 5268  flpydisk - ok
11:40:53.0817 5268  [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:40:53.0819 5268  FltMgr - ok
11:40:53.0842 5268  [ 8AC4CB4EA61E41009FAE9AE7B2B5DA3A ] FontCache       C:\Windows\system32\FntCache.dll
11:40:53.0859 5268  FontCache - ok
11:40:53.0882 5268  [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:40:53.0884 5268  FontCache3.0.0.0 - ok
11:40:53.0891 5268  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
11:40:53.0893 5268  FsDepends - ok
11:40:53.0900 5268  [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:40:53.0901 5268  Fs_Rec - ok
11:40:53.0922 5268  [ B8B2A6E1558F8F5DE5CE431C5B2C7B09 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
11:40:53.0925 5268  fvevol - ok
11:40:53.0937 5268  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
11:40:53.0939 5268  gagp30kx - ok
11:40:53.0973 5268  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:40:53.0974 5268  GEARAspiWDM - ok
11:40:53.0993 5268  [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc           C:\Windows\System32\gpsvc.dll
11:40:54.0000 5268  gpsvc - ok
11:40:54.0042 5268  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:40:54.0044 5268  gupdate - ok
11:40:54.0048 5268  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:40:54.0050 5268  gupdatem - ok
11:40:54.0065 5268  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
11:40:54.0068 5268  hcw85cir - ok
11:40:54.0086 5268  [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:40:54.0091 5268  HdAudAddService - ok
11:40:54.0106 5268  [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
11:40:54.0108 5268  HDAudBus - ok
11:40:54.0118 5268  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
11:40:54.0121 5268  HidBatt - ok
11:40:54.0131 5268  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
11:40:54.0133 5268  HidBth - ok
11:40:54.0141 5268  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
11:40:54.0146 5268  HidIr - ok
11:40:54.0167 5268  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
11:40:54.0175 5268  hidserv - ok
11:40:54.0232 5268  [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
11:40:54.0238 5268  HidUsb - ok
11:40:54.0276 5268  [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:40:54.0281 5268  hkmsvc - ok
11:40:54.0297 5268  [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:40:54.0302 5268  HomeGroupListener - ok
11:40:54.0314 5268  [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:40:54.0319 5268  HomeGroupProvider - ok
11:40:54.0338 5268  [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys
11:40:54.0343 5268  HpSAMD - ok
11:40:54.0375 5268  [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:40:54.0380 5268  HTTP - ok
11:40:54.0389 5268  [ F17766A19145F111856378DF337A5D79 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
11:40:54.0390 5268  hwpolicy - ok
11:40:54.0429 5268  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
11:40:54.0432 5268  i8042prt - ok
11:40:54.0456 5268  [ DB81EDC524A0F07FC2BD0B7415676528 ] iaStorA         C:\Windows\system32\DRIVERS\iaStorA.sys
11:40:54.0461 5268  iaStorA - ok
11:40:54.0480 5268  [ 0FA3D592E9D4E342CEF7ADEA98251832 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe
11:40:54.0481 5268  IAStorDataMgrSvc - ok
11:40:54.0504 5268  [ 4621FAE7D3C969A1E84A2790D88FCCDE ] iaStorF         C:\Windows\system32\DRIVERS\iaStorF.sys
11:40:54.0504 5268  iaStorF - ok
11:40:54.0526 5268  [ D83EFB6FD45DF9D55E9A1AFC63640D50 ] iaStorV         C:\Windows\system32\DRIVERS\iaStorV.sys
11:40:54.0531 5268  iaStorV - ok
11:40:54.0560 5268  [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:40:54.0568 5268  idsvc - ok
11:40:54.0588 5268  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
11:40:54.0591 5268  iirsp - ok
11:40:54.0619 5268  [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT          C:\Windows\System32\ikeext.dll
11:40:54.0629 5268  IKEEXT - ok
11:40:54.0726 5268  [ 344E223113E0B9785D642280FDE77996 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:40:54.0750 5268  IntcAzAudAddService - ok
11:40:54.0768 5268  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
11:40:54.0770 5268  intelide - ok
11:40:54.0786 5268  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
11:40:54.0786 5268  intelppm - ok
11:40:54.0797 5268  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
11:40:54.0799 5268  IPBusEnum - ok
11:40:54.0804 5268  [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:40:54.0805 5268  IpFilterDriver - ok
11:40:54.0812 5268  [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys
11:40:54.0813 5268  IPMIDRV - ok
11:40:54.0844 5268  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
11:40:54.0847 5268  IPNAT - ok
11:40:54.0884 5268  [ 0F261EC4F514926177C70C1832374231 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
11:40:54.0891 5268  iPod Service - ok
11:40:54.0900 5268  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:40:54.0901 5268  IRENUM - ok
11:40:54.0911 5268  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys
11:40:54.0913 5268  isapnp - ok
11:40:54.0923 5268  [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
11:40:54.0926 5268  iScsiPrt - ok
11:40:54.0944 5268  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
11:40:54.0945 5268  kbdclass - ok
11:40:54.0976 5268  [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
11:40:54.0977 5268  kbdhid - ok
11:40:54.0988 5268  [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso          C:\Windows\system32\lsass.exe
11:40:54.0990 5268  KeyIso - ok
11:40:55.0003 5268  [ E8B6FCC9C83535C67F835D407620BD27 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:40:55.0005 5268  KSecDD - ok
11:40:55.0017 5268  [ BBE1BF6D9B661C354D4857D5FADB943B ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
11:40:55.0020 5268  KSecPkg - ok
11:40:55.0031 5268  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
11:40:55.0032 5268  ksthunk - ok
11:40:55.0070 5268  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
11:40:55.0076 5268  KtmRm - ok
11:40:55.0101 5268  [ C926920B8978DE6ACFE9E15C709E9B57 ] LanmanServer    C:\Windows\system32\srvsvc.dll
11:40:55.0105 5268  LanmanServer - ok
11:40:55.0123 5268  [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:40:55.0127 5268  LanmanWorkstation - ok
11:40:55.0157 5268  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:40:55.0158 5268  lltdio - ok
11:40:55.0189 5268  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
11:40:55.0192 5268  lltdsvc - ok
11:40:55.0195 5268  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
11:40:55.0195 5268  lmhosts - ok
11:40:55.0212 5268  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
11:40:55.0215 5268  LSI_FC - ok
11:40:55.0237 5268  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
11:40:55.0240 5268  LSI_SAS - ok
11:40:55.0264 5268  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:40:55.0266 5268  LSI_SAS2 - ok
11:40:55.0294 5268  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:40:55.0297 5268  LSI_SCSI - ok
11:40:55.0322 5268  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
11:40:55.0323 5268  luafv - ok
11:40:55.0344 5268  [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
11:40:55.0347 5268  Mcx2Svc - ok
11:40:55.0362 5268  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
11:40:55.0364 5268  megasas - ok
11:40:55.0376 5268  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
11:40:55.0381 5268  MegaSR - ok
11:40:55.0403 5268  [ E4DD818EF22BBBF4274AF767A96D34C8 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
11:40:55.0405 5268  MEIx64 - ok
11:40:55.0417 5268  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
11:40:55.0419 5268  MMCSS - ok
11:40:55.0426 5268  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
11:40:55.0428 5268  Modem - ok
11:40:55.0439 5268  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
11:40:55.0440 5268  monitor - ok
11:40:55.0459 5268  [ C030F9E822A057C1A7A9BB4EA3E8877E ] MotioninJoyXFilter C:\Windows\system32\DRIVERS\MijXfilt.sys
11:40:55.0461 5268  MotioninJoyXFilter - ok
11:40:55.0475 5268  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
11:40:55.0476 5268  mouclass - ok
11:40:55.0507 5268  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
11:40:55.0509 5268  mouhid - ok
11:40:55.0518 5268  [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
11:40:55.0520 5268  mountmgr - ok
11:40:55.0593 5268  [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:40:55.0596 5268  MozillaMaintenance - ok
11:40:55.0612 5268  [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio            C:\Windows\system32\DRIVERS\mpio.sys
11:40:55.0616 5268  mpio - ok
11:40:55.0620 5268  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:40:55.0622 5268  mpsdrv - ok
11:40:55.0636 5268  [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:40:55.0640 5268  MRxDAV - ok
11:40:55.0653 5268  [ CFDCD8CA87C2A657DEBC150AC35B5E08 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:40:55.0654 5268  mrxsmb - ok
11:40:55.0664 5268  [ 1BEE517B220B7F024F411AEC1571DD5A ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:40:55.0666 5268  mrxsmb10 - ok
11:40:55.0675 5268  [ 6B2D5FEF385828B6E485C1C90AFB8195 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:40:55.0677 5268  mrxsmb20 - ok
11:40:55.0684 5268  [ 5C37497276E3B3A5488B23A326A754B7 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys
11:40:55.0685 5268  msahci - ok
11:40:55.0690 5268  [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys
11:40:55.0692 5268  msdsm - ok
11:40:55.0707 5268  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
11:40:55.0711 5268  MSDTC - ok
11:40:55.0728 5268  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:40:55.0729 5268  Msfs - ok
11:40:55.0736 5268  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
11:40:55.0738 5268  mshidkmdf - ok
11:40:55.0741 5268  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys
11:40:55.0742 5268  msisadrv - ok
11:40:55.0766 5268  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
11:40:55.0771 5268  MSiSCSI - ok
11:40:55.0774 5268  msiserver - ok
11:40:55.0797 5268  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
11:40:55.0799 5268  MSKSSRV - ok
11:40:55.0818 5268  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:40:55.0819 5268  MSPCLOCK - ok
11:40:55.0833 5268  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
11:40:55.0835 5268  MSPQM - ok
11:40:55.0855 5268  [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
11:40:55.0860 5268  MsRPC - ok
11:40:55.0866 5268  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
11:40:55.0867 5268  mssmbios - ok
11:40:55.0884 5268  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
11:40:55.0886 5268  MSTEE - ok
11:40:55.0889 5268  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
11:40:55.0890 5268  MTConfig - ok
11:40:55.0909 5268  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
11:40:55.0911 5268  Mup - ok
11:40:55.0926 5268  [ 4987E079A4530FA737A128BE54B63B12 ] napagent        C:\Windows\system32\qagentRT.dll
11:40:55.0934 5268  napagent - ok
11:40:55.0955 5268  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
11:40:55.0958 5268  NativeWifiP - ok
11:40:55.0986 5268  [ CAD515DBD07D082BB317D9928CE8962C ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:40:55.0996 5268  NDIS - ok
11:40:56.0017 5268  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
11:40:56.0019 5268  NdisCap - ok
11:40:56.0033 5268  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:40:56.0035 5268  NdisTapi - ok
11:40:56.0048 5268  [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
11:40:56.0049 5268  Ndisuio - ok
11:40:56.0065 5268  [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
11:40:56.0068 5268  NdisWan - ok
11:40:56.0080 5268  [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
11:40:56.0082 5268  NDProxy - ok
11:40:56.0097 5268  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
11:40:56.0099 5268  NetBIOS - ok
11:40:56.0113 5268  [ 9162B273A44AB9DCE5B44362731D062A ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
11:40:56.0116 5268  NetBT - ok
11:40:56.0121 5268  [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon        C:\Windows\system32\lsass.exe
11:40:56.0122 5268  Netlogon - ok
11:40:56.0169 5268  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
11:40:56.0174 5268  Netman - ok
11:40:56.0201 5268  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
11:40:56.0205 5268  netprofm - ok
11:40:56.0226 5268  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:40:56.0229 5268  NetTcpPortSharing - ok
11:40:56.0249 5268  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
11:40:56.0252 5268  nfrd960 - ok
11:40:56.0287 5268  [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:40:56.0292 5268  NlaSvc - ok
11:40:56.0311 5268  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:40:56.0319 5268  Npfs - ok
11:40:56.0352 5268  npggsvc - ok
11:40:56.0361 5268  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
11:40:56.0363 5268  nsi - ok
11:40:56.0370 5268  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:40:56.0372 5268  nsiproxy - ok
11:40:56.0408 5268  [ 356698A13C4630D5B31C37378D469196 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:40:56.0434 5268  Ntfs - ok
11:40:56.0445 5268  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
11:40:56.0446 5268  Null - ok
11:40:56.0476 5268  [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
11:40:56.0478 5268  NVHDA - ok
11:40:56.0629 5268  [ FE2909F7DFB12B9A20AD207FE23B7E96 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:40:56.0664 5268  nvlddmkm - ok
11:40:56.0689 5268  [ 3E38712941E9BB4DDBEE00AFFE3FED3D ] nvraid          C:\Windows\system32\DRIVERS\nvraid.sys
11:40:56.0690 5268  nvraid - ok
11:40:56.0701 5268  [ 477DC4D6DEB99BE37084C9AC6D013DA1 ] nvstor          C:\Windows\system32\DRIVERS\nvstor.sys
11:40:56.0705 5268  nvstor - ok
11:40:56.0726 5268  [ 3341D2C91989BC87C3C0BAA97C27253B ] nvsvc           C:\Windows\system32\nvvsvc.exe
11:40:56.0735 5268  nvsvc - ok
11:40:56.0771 5268  [ 551CE34DAD2DFF0A480781E68B286E4D ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
11:40:56.0797 5268  nvUpdatusService - ok
11:40:56.0802 5268  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys
11:40:56.0805 5268  nv_agp - ok
11:40:56.0809 5268  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
11:40:56.0811 5268  ohci1394 - ok
11:40:56.0883 5268  [ B9C125314A025127FE562C116D614AA3 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:40:56.0886 5268  ose64 - ok
11:40:56.0981 5268  [ FE9C0029E1AF26350D9985D00520E5C8 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:40:57.0033 5268  osppsvc - ok
11:40:57.0044 5268  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
11:40:57.0047 5268  p2pimsvc - ok
11:40:57.0056 5268  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
11:40:57.0059 5268  p2psvc - ok
11:40:57.0061 5268  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
11:40:57.0062 5268  Parport - ok
11:40:57.0067 5268  [ 7DAA117143316C4A1537E074A5A9EAF0 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
11:40:57.0068 5268  partmgr - ok
11:40:57.0162 5268  [ CA2E0AAA6943618108D786FF31848989 ] PC Performer Manager C:\ProgramData\PC Performer Manager\2.6.1125.80\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.exe
11:40:57.0182 5268  PC Performer Manager - ok
11:40:57.0186 5268  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:40:57.0188 5268  PcaSvc - ok
11:40:57.0195 5268  [ F36F6504009F2FB0DFD1B17A116AD74B ] pci             C:\Windows\system32\DRIVERS\pci.sys
11:40:57.0197 5268  pci - ok
11:40:57.0209 5268  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
11:40:57.0210 5268  pciide - ok
11:40:57.0220 5268  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
11:40:57.0223 5268  pcmcia - ok
11:40:57.0236 5268  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
11:40:57.0236 5268  pcw - ok
11:40:57.0249 5268  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:40:57.0254 5268  PEAUTH - ok
11:40:57.0283 5268  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
11:40:57.0300 5268  PeerDistSvc - ok
11:40:57.0333 5268  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
11:40:57.0336 5268  PerfHost - ok
11:40:57.0373 5268  [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla             C:\Windows\system32\pla.dll
11:40:57.0390 5268  pla - ok
11:40:57.0403 5268  [ 23157D583244400E1D7FBAEE2E4B31B7 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:40:57.0406 5268  PlugPlay - ok
11:40:57.0417 5268  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
11:40:57.0419 5268  PNRPAutoReg - ok
11:40:57.0431 5268  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
11:40:57.0433 5268  PNRPsvc - ok
11:40:57.0448 5268  [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
11:40:57.0452 5268  PolicyAgent - ok
11:40:57.0465 5268  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
11:40:57.0466 5268  Power - ok
11:40:57.0487 5268  [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:40:57.0488 5268  PptpMiniport - ok
11:40:57.0496 5268  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
11:40:57.0497 5268  Processor - ok
11:40:57.0505 5268  [ F381975E1F4346DE875CB07339CE8D3A ] ProfSvc         C:\Windows\system32\profsvc.dll
11:40:57.0506 5268  ProfSvc - ok
11:40:57.0512 5268  [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\Windows\system32\lsass.exe
11:40:57.0513 5268  ProtectedStorage - ok
11:40:57.0540 5268  [ EE992183BD8EAEFD9973F352E587A299 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
11:40:57.0542 5268  Psched - ok
11:40:57.0576 5268  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
11:40:57.0603 5268  ql2300 - ok
11:40:57.0613 5268  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
11:40:57.0616 5268  ql40xx - ok
11:40:57.0626 5268  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
11:40:57.0631 5268  QWAVE - ok
11:40:57.0646 5268  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:40:57.0648 5268  QWAVEdrv - ok
11:40:57.0661 5268  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:40:57.0663 5268  RasAcd - ok
11:40:57.0680 5268  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
11:40:57.0682 5268  RasAgileVpn - ok
11:40:57.0689 5268  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
11:40:57.0693 5268  RasAuto - ok
11:40:57.0714 5268  [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
11:40:57.0717 5268  Rasl2tp - ok
11:40:57.0729 5268  [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan          C:\Windows\System32\rasmans.dll
11:40:57.0736 5268  RasMan - ok
11:40:57.0759 5268  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:40:57.0761 5268  RasPppoe - ok
11:40:57.0775 5268  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
11:40:57.0777 5268  RasSstp - ok
11:40:57.0792 5268  [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
11:40:57.0797 5268  rdbss - ok
11:40:57.0810 5268  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
11:40:57.0812 5268  rdpbus - ok
11:40:57.0825 5268  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
11:40:57.0827 5268  RDPCDD - ok
11:40:57.0843 5268  [ 9706B84DBABFC4B4CA46C5A82B14DFA3 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
11:40:57.0847 5268  RDPDR - ok
11:40:57.0892 5268  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
11:40:57.0893 5268  RDPENCDD - ok
11:40:57.0899 5268  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
11:40:57.0900 5268  RDPREFMP - ok
11:40:57.0905 5268  [ 8A3E6BEA1C53EA6177FE2B6EBA2C80D7 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
11:40:57.0908 5268  RDPWD - ok
11:40:57.0925 5268  [ 634B9A2181D98F15941236886164EC8B ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
11:40:57.0928 5268  rdyboost - ok
11:40:57.0946 5268  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:40:57.0949 5268  RemoteAccess - ok
11:40:57.0964 5268  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:40:57.0968 5268  RemoteRegistry - ok
11:40:57.0982 5268  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:40:57.0984 5268  RpcEptMapper - ok
11:40:57.0996 5268  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
11:40:57.0998 5268  RpcLocator - ok
11:40:58.0011 5268  [ 7266972E86890E2B30C0C322E906B027 ] RpcSs           C:\Windows\system32\rpcss.dll
11:40:58.0017 5268  RpcSs - ok
11:40:58.0027 5268  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:40:58.0028 5268  rspndr - ok
11:40:58.0032 5268  [ 88AF6E02AB19DF7FD07ECDF9C91E9AF6 ] s3cap           C:\Windows\system32\DRIVERS\vms3cap.sys
11:40:58.0033 5268  s3cap - ok
11:40:58.0037 5268  [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs           C:\Windows\system32\lsass.exe
11:40:58.0038 5268  SamSs - ok
11:40:58.0049 5268  [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
11:40:58.0052 5268  sbp2port - ok
11:40:58.0063 5268  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:40:58.0067 5268  SCardSvr - ok
11:40:58.0072 5268  [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:40:58.0073 5268  scfilter - ok
11:40:58.0095 5268  [ EC56B171F85C7E855E7B0588AC503EEA ] Schedule        C:\Windows\system32\schedsvc.dll
11:40:58.0100 5268  Schedule - ok
11:40:58.0118 5268  [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc     C:\Windows\System32\certprop.dll
11:40:58.0119 5268  SCPolicySvc - ok
11:40:58.0125 5268  [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
11:40:58.0128 5268  SDRSVC - ok
11:40:58.0285 5268  [ 206387AB881E93A1A6EB89966C8651F1 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
11:40:58.0293 5268  SDScannerService - ok
11:40:58.0347 5268  [ A529CFE32565C0B145578FFB2B32C9A5 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
11:40:58.0357 5268  SDUpdateService - ok
11:40:58.0372 5268  [ CB63BDB77BB86549FC3303C2F11EDC18 ] SDWSCService    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
11:40:58.0375 5268  SDWSCService - ok
11:40:58.0390 5268  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:40:58.0390 5268  secdrv - ok
11:40:58.0392 5268  [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon        C:\Windows\system32\seclogon.dll
11:40:58.0394 5268  seclogon - ok
11:40:58.0401 5268  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
11:40:58.0403 5268  SENS - ok
11:40:58.0412 5268  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:40:58.0414 5268  SensrSvc - ok
11:40:58.0431 5268  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
11:40:58.0432 5268  Serenum - ok
11:40:58.0438 5268  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
11:40:58.0439 5268  Serial - ok
11:40:58.0448 5268  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
11:40:58.0449 5268  sermouse - ok
11:40:58.0546 5268  [ CBC75F00C322FD53D096A104619DEDBA ] ServUpdater     C:\Users\Er Tajateste\AppData\Local\ServUpdater\ServiceUpd.exe
11:40:58.0549 5268  ServUpdater - ok
11:40:58.0558 5268  [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv      C:\Windows\system32\sessenv.dll
11:40:58.0562 5268  SessionEnv - ok
11:40:58.0565 5268  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
11:40:58.0566 5268  sffdisk - ok
11:40:58.0579 5268  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys
11:40:58.0581 5268  sffp_mmc - ok
11:40:58.0583 5268  [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
11:40:58.0584 5268  sffp_sd - ok
11:40:58.0596 5268  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
11:40:58.0598 5268  sfloppy - ok
11:40:58.0609 5268  [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:40:58.0613 5268  ShellHWDetection - ok
11:40:58.0622 5268  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:40:58.0623 5268  SiSRaid2 - ok
11:40:58.0627 5268  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
11:40:58.0628 5268  SiSRaid4 - ok
11:40:58.0712 5268  [ 0C1B2E3A897397738D9F81CD3D152AF0 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
11:40:58.0760 5268  Skype C2C Service - ok
11:40:58.0809 5268  [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
11:40:58.0812 5268  SkypeUpdate - ok
11:40:58.0831 5268  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
11:40:58.0833 5268  Smb - ok
11:40:58.0852 5268  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:40:58.0856 5268  SNMPTRAP - ok
11:40:58.0905 5268  [ A9C682318E7C2E8DB5BCF8057FA1E468 ] SoftwareUpd     C:\Users\Er Tajateste\AppData\Local\SoftwareUpdater\SoftwareUpdService.exe
11:40:58.0908 5268  SoftwareUpd - ok
11:40:58.0912 5268  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
11:40:58.0913 5268  spldr - ok
11:40:58.0931 5268  [ 89E8550C5862999FCF482EA562B0E98E ] Spooler         C:\Windows\System32\spoolsv.exe
11:40:58.0937 5268  Spooler - ok
11:40:58.0993 5268  [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc          C:\Windows\system32\sppsvc.exe
11:40:59.0043 5268  sppsvc - ok
11:40:59.0054 5268  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
11:40:59.0057 5268  sppuinotify - ok
11:40:59.0071 5268  [ EC8F67289105BF270498095F14963464 ] srv             C:\Windows\system32\DRIVERS\srv.sys
11:40:59.0074 5268  srv - ok
11:40:59.0088 5268  [ F773D2ED090B7BAA1C1A034F3CA476C8 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:40:59.0090 5268  srv2 - ok
11:40:59.0103 5268  [ 26E84D3649019C3244622E654DFCD75B ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:40:59.0105 5268  srvnet - ok
11:40:59.0118 5268  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
11:40:59.0121 5268  SSDPSRV - ok
11:40:59.0125 5268  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
11:40:59.0127 5268  SstpSvc - ok
11:40:59.0172 5268  [ 0632004181860960CF6E10DE8DDEF78B ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
11:40:59.0174 5268  Stereo Service - ok
11:40:59.0180 5268  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
11:40:59.0181 5268  stexstor - ok
11:40:59.0196 5268  [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc          C:\Windows\System32\wiaservc.dll
11:40:59.0200 5268  stisvc - ok
11:40:59.0220 5268  [ FFD7A6F15B14234B5B0E5D49E7961895 ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
11:40:59.0221 5268  storflt - ok
11:40:59.0230 5268  [ 8FCCBEFC5C440B3C23454656E551B09A ] storvsc         C:\Windows\system32\DRIVERS\storvsc.sys
11:40:59.0231 5268  storvsc - ok
11:40:59.0238 5268  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
11:40:59.0239 5268  swenum - ok
11:40:59.0248 5268  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
11:40:59.0252 5268  swprv - ok
11:40:59.0277 5268  [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain         C:\Windows\system32\sysmain.dll
11:40:59.0294 5268  SysMain - ok
11:40:59.0307 5268  [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:40:59.0308 5268  TabletInputService - ok
11:40:59.0323 5268  [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv         C:\Windows\System32\tapisrv.dll
11:40:59.0325 5268  TapiSrv - ok
11:40:59.0335 5268  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
11:40:59.0336 5268  TBS - ok
11:40:59.0356 5268  [ 912107716BAB424C7870E8E6AF5E07E1 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
11:40:59.0373 5268  Tcpip - ok
11:40:59.0398 5268  [ 912107716BAB424C7870E8E6AF5E07E1 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:40:59.0403 5268  TCPIP6 - ok
11:40:59.0411 5268  [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:40:59.0412 5268  tcpipreg - ok
11:40:59.0423 5268  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
11:40:59.0424 5268  TDPIPE - ok
11:40:59.0433 5268  [ E4245BDA3190A582D55ED09E137401A9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
11:40:59.0434 5268  TDTCP - ok
11:40:59.0447 5268  [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
11:40:59.0448 5268  tdx - ok
11:40:59.0457 5268  [ C448651339196C0E869A355171875522 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
11:40:59.0458 5268  TermDD - ok
11:40:59.0470 5268  [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService     C:\Windows\System32\termsrv.dll
11:40:59.0478 5268  TermService - ok
11:40:59.0488 5268  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
11:40:59.0490 5268  Themes - ok
11:40:59.0500 5268  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
11:40:59.0501 5268  THREADORDER - ok
11:40:59.0511 5268  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
11:40:59.0513 5268  TrkWks - ok
11:40:59.0559 5268  [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:40:59.0563 5268  TrustedInstaller - ok
11:40:59.0579 5268  [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
11:40:59.0581 5268  tssecsrv - ok
11:40:59.0611 5268  [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:40:59.0613 5268  tunnel - ok
11:40:59.0629 5268  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
11:40:59.0631 5268  uagp35 - ok
11:40:59.0646 5268  [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:40:59.0650 5268  udfs - ok
11:40:59.0656 5268  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
11:40:59.0658 5268  UI0Detect - ok
11:40:59.0670 5268  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys
11:40:59.0672 5268  uliagpkx - ok
11:40:59.0694 5268  [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
11:40:59.0695 5268  umbus - ok
11:40:59.0705 5268  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
11:40:59.0707 5268  UmPass - ok
11:40:59.0722 5268  [ AF0AC98EE5077EB844413EB54287FDE3 ] UmRdpService    C:\Windows\System32\umrdp.dll
11:40:59.0726 5268  UmRdpService - ok
11:40:59.0743 5268  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
11:40:59.0748 5268  upnphost - ok
11:40:59.0786 5268  [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
11:40:59.0787 5268  USBAAPL64 - ok
11:40:59.0796 5268  [ B26AFB54A534D634523C4FB66765B026 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
11:40:59.0797 5268  usbccgp - ok
11:40:59.0818 5268  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
11:40:59.0821 5268  usbcir - ok
11:40:59.0833 5268  [ 2EA4AFF7BE7EB4632E3AA8595B0803B5 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
11:40:59.0834 5268  usbehci - ok
11:40:59.0862 5268  [ 4C9042B8DF86C1E8E6240C218B99B39B ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
11:40:59.0866 5268  usbhub - ok
11:40:59.0873 5268  [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
11:40:59.0875 5268  usbohci - ok
11:40:59.0882 5268  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
11:40:59.0883 5268  usbprint - ok
11:40:59.0911 5268  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
11:40:59.0913 5268  usbscan - ok
11:40:59.0917 5268  [ 080D3820DA6C046BE82FC8B45A893E83 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:40:59.0919 5268  USBSTOR - ok
11:40:59.0926 5268  [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
11:40:59.0928 5268  usbuhci - ok
11:40:59.0941 5268  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
11:40:59.0943 5268  UxSms - ok
11:40:59.0955 5268  [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc        C:\Windows\system32\lsass.exe
11:40:59.0956 5268  VaultSvc - ok
11:40:59.0969 5268  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys
11:40:59.0970 5268  vdrvroot - ok
11:40:59.0988 5268  [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds             C:\Windows\System32\vds.exe
11:40:59.0994 5268  vds - ok
11:41:00.0008 5268  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
11:41:00.0009 5268  vga - ok
11:41:00.0015 5268  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
11:41:00.0017 5268  VgaSave - ok
11:41:00.0025 5268  [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys
11:41:00.0028 5268  vhdmp - ok
11:41:00.0039 5268  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\DRIVERS\viaide.sys
11:41:00.0041 5268  viaide - ok
11:41:00.0056 5268  [ 1501699D7EDA984ABC4155A7DA5738D1 ] vmbus           C:\Windows\system32\DRIVERS\vmbus.sys
11:41:00.0059 5268  vmbus - ok
11:41:00.0070 5268  [ AE10C35761889E65A6F7176937C5592C ] VMBusHID        C:\Windows\system32\DRIVERS\VMBusHID.sys
11:41:00.0072 5268  VMBusHID - ok
11:41:00.0083 5268  [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys
11:41:00.0084 5268  volmgr - ok
11:41:00.0098 5268  [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
11:41:00.0101 5268  volmgrx - ok
11:41:00.0124 5268  [ C9D0EAF58D6BA71E128E715EA43AD87D ] volsnap         C:\Windows\system32\DRIVERS\volsnap.sys
11:41:00.0128 5268  volsnap - ok
11:41:00.0134 5268  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
11:41:00.0136 5268  vsmraid - ok
11:41:00.0243 5268  [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS             C:\Windows\system32\vssvc.exe
11:41:00.0266 5268  VSS - ok
11:41:00.0287 5268  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
11:41:00.0288 5268  vwifibus - ok
11:41:00.0304 5268  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
11:41:00.0306 5268  vwififlt - ok
11:41:00.0319 5268  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
11:41:00.0326 5268  W32Time - ok
11:41:00.0338 5268  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
11:41:00.0339 5268  WacomPen - ok
11:41:00.0356 5268  [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
11:41:00.0359 5268  WANARP - ok
11:41:00.0369 5268  [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:41:00.0370 5268  Wanarpv6 - ok
11:41:00.0392 5268  [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine        C:\Windows\system32\wbengine.exe
11:41:00.0418 5268  wbengine - ok
11:41:00.0432 5268  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:41:00.0436 5268  WbioSrvc - ok
11:41:00.0450 5268  [ 8321C2CA3B62B61B293CDA3451984468 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
11:41:00.0455 5268  wcncsvc - ok
11:41:00.0461 5268  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:41:00.0464 5268  WcsPlugInService - ok
11:41:00.0476 5268  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
11:41:00.0477 5268  Wd - ok
11:41:00.0490 5268  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:41:00.0495 5268  Wdf01000 - ok
11:41:00.0509 5268  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:41:00.0512 5268  WdiServiceHost - ok
11:41:00.0515 5268  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
11:41:00.0517 5268  WdiSystemHost - ok
11:41:00.0530 5268  [ 8A438CBB8C032A0C798B0C642FFBE572 ] WebClient       C:\Windows\System32\webclnt.dll
11:41:00.0534 5268  WebClient - ok
11:41:00.0543 5268  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:41:00.0547 5268  Wecsvc - ok
11:41:00.0560 5268  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
11:41:00.0564 5268  wercplsupport - ok
11:41:00.0579 5268  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
11:41:00.0582 5268  WerSvc - ok
11:41:00.0605 5268  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
11:41:00.0606 5268  WfpLwf - ok
11:41:00.0618 5268  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
11:41:00.0619 5268  WIMMount - ok
11:41:00.0624 5268  WinHttpAutoProxySvc - ok
11:41:00.0663 5268  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
11:41:00.0667 5268  Winmgmt - ok
11:41:00.0708 5268  [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM           C:\Windows\system32\WsmSvc.dll
11:41:00.0742 5268  WinRM - ok
11:41:00.0784 5268  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
11:41:00.0792 5268  Wlansvc - ok
11:41:00.0812 5268  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
11:41:00.0813 5268  WmiAcpi - ok
11:41:00.0828 5268  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:41:00.0832 5268  wmiApSrv - ok
11:41:00.0846 5268  WMPNetworkSvc - ok
11:41:00.0878 5268  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:41:00.0882 5268  WPCSvc - ok
11:41:00.0892 5268  [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:41:00.0896 5268  WPDBusEnum - ok
11:41:00.0909 5268  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
11:41:00.0911 5268  ws2ifsl - ok
11:41:00.0914 5268  WSearch - ok
11:41:00.0930 5268  [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:41:00.0931 5268  WudfPf - ok
11:41:00.0953 5268  [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
11:41:00.0956 5268  WUDFRd - ok
11:41:00.0959 5268  [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
11:41:00.0961 5268  wudfsvc - ok
11:41:00.0971 5268  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
11:41:00.0975 5268  WwanSvc - ok
11:41:01.0007 5268  xsherlock - ok
11:41:01.0017 5268  [ 9176C0822FAA649E45121875BE32F5D2 ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
11:41:01.0019 5268  xusb21 - ok
11:41:01.0027 5268  {09BB444F-B2E2-4009-BAF2-7B727681223E} - ok
11:41:01.0035 5268  ================ Scan global ===============================
11:41:01.0047 5268  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
11:41:01.0053 5268  [ 457B44AB6D502E55F64A867D4F35C76C ] C:\Windows\system32\winsrv.dll
11:41:01.0058 5268  [ 457B44AB6D502E55F64A867D4F35C76C ] C:\Windows\system32\winsrv.dll
11:41:01.0065 5268  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
11:41:01.0082 5268  [ 50BEA589F7D7958BDD2528A8F69D05CC ] C:\Windows\system32\services.exe
11:41:01.0088 5268  C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - infected
11:41:01.0088 5268  C:\Windows\system32\services.exe - detected Virus.Win64.ZAccess.a (0)
11:41:01.0088 5268  ================ Scan MBR ==================================
11:41:01.0094 5268  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:41:01.0312 5268  \Device\Harddisk0\DR0 - ok
11:41:01.0312 5268  ================ Scan VBR ==================================
11:41:01.0313 5268  [ 667EE61C9A558B39989AD6C265AC82CD ] \Device\Harddisk0\DR0\Partition1
11:41:01.0314 5268  \Device\Harddisk0\DR0\Partition1 - ok
11:41:01.0362 5268  [ 9E23F3B014BBD39015212BFFB6654DF1 ] \Device\Harddisk0\DR0\Partition2
11:41:01.0364 5268  \Device\Harddisk0\DR0\Partition2 - ok
11:41:01.0365 5268  ============================================================
11:41:01.0365 5268  Scan finished
11:41:01.0365 5268  ============================================================
11:41:01.0374 3420  Detected object count: 1
11:41:01.0374 3420  Actual detected object count: 1
11:41:14.0375 3420  C:\Windows\system32\services.exe - copied to quarantine
11:41:15.0550 3420  C:\Windows\installer\{00202b5c-a61d-08a5-8df3-3c032d010268}\@ - copied to quarantine
11:41:15.0556 3420  C:\Windows\installer\{00202b5c-a61d-08a5-8df3-3c032d010268}\L\00000004.@ - copied to quarantine
11:41:15.0559 3420  C:\Windows\installer\{00202b5c-a61d-08a5-8df3-3c032d010268}\L\201d3dde - copied to quarantine
11:41:15.0572 3420  C:\Windows\installer\{00202b5c-a61d-08a5-8df3-3c032d010268}\L\6715e287 - copied to quarantine
11:41:15.0584 3420  C:\Windows\installer\{00202b5c-a61d-08a5-8df3-3c032d010268}\L\76603ac3 - copied to quarantine
11:41:15.0585 3420  C:\Windows\installer\{00202b5c-a61d-08a5-8df3-3c032d010268}\U\00000004.@ - copied to quarantine
11:41:15.0587 3420  C:\Windows\installer\{00202b5c-a61d-08a5-8df3-3c032d010268}\U\00000008.@ - copied to quarantine
11:41:15.0588 3420  C:\Windows\installer\{00202b5c-a61d-08a5-8df3-3c032d010268}\U\000000cb.@ - copied to quarantine
11:41:15.0589 3420  C:\Windows\installer\{00202b5c-a61d-08a5-8df3-3c032d010268}\U\80000000.@ - copied to quarantine
11:41:15.0591 3420  C:\Windows\installer\{00202b5c-a61d-08a5-8df3-3c032d010268}\U\80000032.@ - copied to quarantine
11:41:15.0593 3420  C:\Windows\installer\{00202b5c-a61d-08a5-8df3-3c032d010268}\U\80000064.@ - copied to quarantine
11:41:28.0683 3420  Backup copy not found, trying to cure infected file..
11:41:28.0683 3420  Cure success, using it..
11:41:29.0061 3420  C:\Windows\installer\{00202b5c-a61d-08a5-8df3-3c032d010268}\@ - will be deleted on reboot
11:41:29.0064 3420  C:\Windows\installer\{00202b5c-a61d-08a5-8df3-3c032d010268}\U\00000004.@ - will be deleted on reboot
11:41:29.0064 3420  C:\Windows\installer\{00202b5c-a61d-08a5-8df3-3c032d010268}\U\00000008.@ - will be deleted on reboot
11:41:29.0064 3420  C:\Windows\installer\{00202b5c-a61d-08a5-8df3-3c032d010268}\U\000000cb.@ - will be deleted on reboot
11:41:29.0064 3420  C:\Windows\installer\{00202b5c-a61d-08a5-8df3-3c032d010268}\U\80000000.@ - will be deleted on reboot
11:41:29.0065 3420  C:\Windows\installer\{00202b5c-a61d-08a5-8df3-3c032d010268}\U\80000032.@ - will be deleted on reboot
11:41:29.0065 3420  C:\Windows\installer\{00202b5c-a61d-08a5-8df3-3c032d010268}\U\80000064.@ - will be deleted on reboot
11:41:29.0071 3420  C:\Windows\system32\services.exe - will be cured on reboot
11:41:29.0071 3420  C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - User select action: Cure 
11:41:33.0713 4572  Deinitialize success
But if i want  to disinstall tdss  i erase the file but then how can i eliminate the quarantine files?cause this program  have not a proper installation in control panel.Anyway there are a lot of services missin bfe windows defender firewall ics and other i dont remember now(w7 ult x64)


#9 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:08:24 AM

Posted 24 August 2013 - 01:37 AM

how can i eliminate the quarantine files? << Infected files will go with program -

 

The first 2 programs are to check your system, and the others are basic Malware checks -

 

Download Security Check by Screen317
* Save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Note: If any security program requests permission to access the Internet, allow it to do so.

 

 

Download MiniToolBox, Save it to your desktop to run it.
Now close any Firefox browsers you may have open
Checkmark the following boxes:
•Flush DNS
•Report IE Proxy Settings
•Reset IE Proxy Settings
•Report FF Proxy Settings
•Reset FF Proxy Settings
•List content of Hosts
•List IP configuration
•List last 10 Event Viewer log
•List Installed Programs
•List Users, Partitions and Memory size.
•List Minidump Files
 Click Go and copy / paste the result (Result.txt).

 

 

Please download Malwarebytes Anti-Malware Free (aka MBAM)

Do not accept the Free Trial Version at this time ............
* Double-click MBAM -setup.exe and follow the prompts to install the program.
* At the end, be sure to Check for Updates to be so it is current
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Scan, then click Quick Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.
If you are not sure of any items, post the log and ask if it should be removed.

Be sure to reboot the computer after you post the log.

 

 

Download SUPERAntiSpyware Free (aka SAS)

Do not accept the 14 day Free Trial Version at this time ..........
* Double-click SAS -setup.exe and follow the prompts to install the program.
* At the end, be sure to Check for Updates to be so it is current
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to reboot the computer after you post the log.

 

 

Please download AdwCleaner by Xplode onto your desktop.

This program will also remove extra Toolbars, but you can replace them later if required -
* Close all open programs and internet browsers.
* Double click on adwcleaner.exe to run the tool.
* Click on Delete.
* Confirm each time with Ok.
* NOTE : Your computer will be rebooted automatically, and a log file will open after the restart.
* Please post the contents of that logfile with your next reply.
* You can find the logfile at C:\AdwCleaner[S1].txt as well.

 

 

Thank You -


Edited by noknojon, 24 August 2013 - 01:41 AM.


#10 kazaca78

kazaca78
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:11:24 PM

Posted 25 August 2013 - 07:51 PM

hi thank u for uor help looking now at  tdsskiller; the program is without a disinstall utility i mean is not in the control panel so if  i erase the file, that praticly is the all program, i dont erase the tdsskiller quarantine folder...(i ve done this now).could erase this folder but there are virus quarantined from tdsskiller and i d like no more problems How is the proper and secure way to erase  the tdsskiller quarantine folder?  I m going to install all the programs u wrote here and let u know everything.      ps dont feel secure to use internet with that pc ,already told u is without 4-5 windows services the firewall defender bfe ics,is without any firewall installed just the free avira antivirus.Anyway is ok if i download all the programs u wrote with another pc and than copy on the desktop of the pc with all the problems?Thank u


Edited by kazaca78, 25 August 2013 - 07:56 PM.


#11 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:08:24 AM

Posted 26 August 2013 - 01:27 AM

if  i erase the file, that praticly is the all program, i dont erase the tdsskiller quarantine folder < All infections will be removed -

 

The first 2 programs tell me your problems, and the others try to clean them up -

 

Thank You -



#12 kazaca78

kazaca78
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:11:24 PM

Posted 23 September 2013 - 05:42 PM

ciao  thank u for uor help. was out 2 weeks but i've reinstalled w7 ult x64.(because the person u sold me told me his w7 installation was bad). i m looking now at the security program i have to install...thinking about avira free antivirus, Malwarebytes Anti-Malware Free ,and SUPERAntiSpyware Free (alternatively ad aware) using the w7 firewall; is it ok?i mean will my pc be secure?what do u think and advise?


Edited by kazaca78, 23 September 2013 - 05:45 PM.


#13 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:08:24 AM

Posted 23 September 2013 - 07:30 PM

Hi -

You have the right ideas on Antivirus and Antimalware programs -

 

Just be sure to Update any Free Antimalware programs prior to any scan, and do the scans at least once a week.

Your Antivirus should be set to scan and update every day, just to be safe.

 

ad aware is no longer rated as an up to date program, and may conflict with your Antivirus.

 

Thank You -



#14 kazaca78

kazaca78
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:11:24 PM

Posted 24 September 2013 - 02:00 AM

Ciao thank u for the  help do u think the windows 7 firewall secure enough?



#15 67Nero

67Nero

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:01:24 AM

Posted 24 September 2013 - 04:25 PM

It's good enough. I have not had any trouble with it whatsoever.

trace.

Signature500x83_zps94555895.png





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users