Valutazione 4.87/ 5 (100.00%) 5838 voti

Condividi:        

vi chiedo il vostro aiuto

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: kadosh, Luke57

vi chiedo il vostro aiuto

Postdi ilcaso77 » 20/02/12 15:48

il mio pc e' lento ho usato norman malware cleaner,malwarebites,ccleaner.drweb,ho eliminato un virus e un trojan poi ho usato combofix ComboFix 12-02-19.02 - utente 20/02/2012 12.08.57.8.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.39.1040.18.1023.616 [GMT 1:00]
Eseguito da: c:\documents and settings\utente\Documenti\ComboFix.exe
.
.
((((((((((((((((((((((((( Files Creati Da 2012-01-20 al 2012-02-20 )))))))))))))))))))))))))))))))))))
.
.
2012-02-19 18:46 . 2012-02-19 18:46 -------- d-----w- c:\documents and settings\utente\DoctorWeb
2012-02-18 11:17 . 2012-02-18 11:17 -------- d-----w- c:\windows\system32\wbem\Repository
2012-02-15 11:27 . 2012-01-11 19:06 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2012-02-15 11:27 . 2012-01-11 19:06 3072 ------w- c:\windows\system32\iacenc.dll
2012-02-03 21:28 . 2012-02-03 21:28 -------- d-----w- c:\documents and settings\utente\Dati applicazioni\TuneUp Software
2012-02-03 21:27 . 2012-02-03 21:40 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\TuneUp Software
2012-02-03 21:26 . 2012-02-03 21:26 -------- d-sh--w- c:\documents and settings\All Users\Dati applicazioni\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2012-02-01 09:53 . 2012-02-01 09:53 -------- d-----w- c:\documents and settings\utente\Dati applicazioni\ProgSense
2012-02-01 09:53 . 2012-02-09 21:10 -------- d-----w- c:\documents and settings\utente\Dati applicazioni\Orbit
2012-01-30 05:48 . 2012-01-31 12:44 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-01-25 19:34 . 2012-01-25 19:34 -------- d-----w- c:\programmi\MALWAREBYTES ANTI-MALWARE
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-31 17:03 . 2009-08-09 15:42 348160 ----a-w- c:\windows\system32\msvcr71.dll
2012-01-31 17:03 . 2009-07-21 06:52 499712 ----a-w- c:\windows\system32\msvcp71.dll
2012-01-12 17:20 . 2008-04-14 12:00 1859968 ----a-w- c:\windows\system32\win32k.sys
2011-12-20 11:03 . 2011-12-20 11:03 388096 ----a-r- c:\documents and settings\utente\Dati applicazioni\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-12-18 13:43 . 2007-08-13 16:54 11082240 ----a-w- c:\windows\system32\ieframe(2).dll
2011-12-17 19:43 . 2008-04-14 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2011-12-17 19:43 . 2008-04-14 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2011-12-17 19:43 . 2008-04-14 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-12-16 12:22 . 2008-04-14 12:00 385024 ------w- c:\windows\system32\html.iec
2011-12-10 14:24 . 2009-04-23 09:43 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-12-04 10:57 . 2011-06-27 11:51 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-25 21:57 . 2008-04-14 12:00 293888 ----a-w- c:\windows\system32\winsrv.dll
2012-01-08 10:40 . 2011-03-22 21:35 121816 ----a-w- c:\programmi\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2010-05-30 20:29 . FC9E0012557DD863EFA4C4B13B16D030 . 96512 . . [------] . . c:\windows\system32\drivers\atapi.sys
[7] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\atapi.sys
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-02-23 5537792]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^HP Digital Imaging Monitor.lnk]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^NCProTray.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\NCProTray.lnk
backup=c:\windows\pss\NCProTray.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-03 07:37 843712 ----a-w- c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 12:00 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-10-14 19:17 49152 ----a-w- c:\programmi\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
2007-08-22 14:31 80896 ----a-w- c:\programmi\HP\Digital Imaging\bin\HpqSRmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KB2492386]
2008-04-14 12:00 125952 ----a-w- c:\windows\system32\apphelp.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2012-01-13 13:53 460872 ----a-w- c:\programmi\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2005-02-23 20:26 5537792 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedLord]
2011-06-02 07:05 2693120 ----a-w- c:\programmi\SpeedLord\SpeedLord.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-04-08 10:59 254696 ----a-w- c:\programmi\File comuni\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USBestCR]
2011-06-15 11:29 4218880 ----a-w- c:\programmi\USBESTDI\iconcs4635875.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Mozilla Firefox\\firefox.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Programmi\\ProgDVB\\ProgDvbNet.exe"=
"c:\\Programmi\\uTorrent\\uTorrent.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"19665:TCP"= 19665:TCP:BitComet 19665 TCP
"19665:UDP"= 19665:UDP:BitComet 19665 UDP
"16851:TCP"= 16851:TCP:BitComet 16851 TCP
"16851:UDP"= 16851:UDP:BitComet 16851 UDP
"5985:TCP"= 5985:TCP:*:Disabled:Gestione remota Windows
.
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [10/06/2009 12.34.50 47360]
S2 AfaService;Afa Card Reader Service;c:\windows\system32\afasrv32.exe [11/06/2011 17.22.50 65536]
S3 MHIKEY10;MHIKEY10;c:\windows\system32\drivers\MHIKEY10.sys [15/06/2011 12.29.35 51072]
S3 pctNDIS;PC Tools Driver;c:\windows\system32\drivers\pctNdis.sys [22/10/2009 15.15.00 55208]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [14/04/2008 13.00.00 14336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
WINRM REG_MULTI_SZ WINRM
.
.
------- Scansione supplementare -------
.
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{D4559FAC-0CDD-4EF3-8E73-A1AF3D0DCF54}: DhcpNameServer = 192.168.1.1
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
FF - ProfilePath - c:\documents and settings\utente\Dati applicazioni\Mozilla\Firefox\Profiles\c50i6igm.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.libero.it/
FF - prefs.js: keyword.URL - hxxp://search.bearshare.com/webResults.html?src=ffb&q=
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
MSConfigStartUp-nwiz - nwiz.exe
MSConfigStartUp-SUPERAntiSpyware - c:\programmi\SUPERAntiSpyware\SUPERAntiSpyware.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-02-20 12:17
Windows 5.1.2600 Service Pack 3 NTFS
.
scansione processi nascosti ...
.
scansione entrate autostart nascoste ...
.
Scansione files nascosti ...
.
Scansione completata con successo
Files nascosti: 0
.
**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|ÿÿÿÿÀ•€|ù•9~*]
"0140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
.
- - - - - - - > 'explorer.exe'(3448)
c:\windows\system32\WININET.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Ora fine scansione: 2012-02-20 12:21:11
ComboFix-quarantined-files.txt 2012-02-20 11:21
.
Pre-Run: 43.589.083.136 byte disponibili
Post-Run: 43.833.458.688 byte disponibili
.
- - End Of File - - E7C6A49913BEFD8D43165F801AEF5F1D
il pc e' a posto o sono ancora infetto?????grazie a chi mi aiutera'
ilcaso77
Utente Junior
 
Post: 19
Iscritto il: 07/02/12 18:55

Sponsor
 

Re: vi chiedo il vostro aiuto

Postdi ilcaso77 » 22/02/12 21:30

163 visite 0 risposte pero'... :roll: :roll:
ilcaso77
Utente Junior
 
Post: 19
Iscritto il: 07/02/12 18:55

Re: vi chiedo il vostro aiuto

Postdi FrancescoFDAC » 24/02/12 16:41

Scarica Kaspersky TDSS Killer: http://support.kaspersky.com/downloads/ ... killer.exe
● posiziona il file scaricato sul Desktop
● clicca due volte sul file TDSSKiller.exe per avviare l'applicazione
● successivamente premi il pulsante Start scan

Nota - riguardo al programma:
● non cliccare sul pulsante Stop scan per nessun motivo, la scansione si interromperebbe

Giunti a questo punto, inizia la scansione del sistema alla ricerca di software malevolo:
● se viene trovato un file infetto, l'azione di default sarà Cure: clicca quindi su Continua
● se viene trovato un file sospetto, l'azione di default sarà Skip: clicca quindi su Continua
● se non viene rilevato nulla, chiudi semplicemente il programma al termine della scansione

Una volta terminata la scansione, si presenterà una di queste due opzioni:
non è necessario il riavvio del sistema: allega il Report situato nel Disco Locale C:\, di nome TDSSKiller.[Version]_[Date]_[Time]_log.txt
● è necessario riavviare il sistema: clicca su Riavvia ora, infine allega il risultato della scansione (si trova nello stesso percorso menzionato poco fa')
FrancescoFDAC
Utente Senior
 
Post: 1048
Iscritto il: 13/08/11 09:53

Re: vi chiedo il vostro aiuto

Postdi ilcaso77 » 24/02/12 20:37

grazie fdac per avermi risposto ma non mi sono apparse le due opzioni riavvia il sistema o non e' necessario riavviare il sistema come mai?ti allego il log20:36:06.0765 2336 TDSS rootkit removing tool 2.7.14.0 Feb 22 2012 16:54:49
20:36:06.0890 2336 ============================================================
20:36:06.0890 2336 Current date / time: 2012/02/24 20:36:06.0890
20:36:06.0890 2336 SystemInfo:
20:36:06.0890 2336
20:36:06.0890 2336 OS Version: 5.1.2600 ServicePack: 3.0
20:36:06.0890 2336 Product type: Workstation
20:36:06.0890 2336 ComputerName: UTENTE-6AD5AAF2
20:36:06.0890 2336 UserName: utente
20:36:06.0890 2336 Windows directory: C:\WINDOWS
20:36:06.0890 2336 System windows directory: C:\WINDOWS
20:36:06.0890 2336 Processor architecture: Intel x86
20:36:06.0890 2336 Number of processors: 1
20:36:06.0890 2336 Page size: 0x1000
20:36:06.0890 2336 Boot type: Normal boot
20:36:06.0890 2336 ============================================================
20:36:10.0156 2336 Drive \Device\Harddisk0\DR0 - Size: 0xDF8F90000 (55.89 Gb), SectorSize: 0x200, Cylinders: 0x1C80, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:36:10.0218 2336 \Device\Harddisk0\DR0:
20:36:10.0218 2336 MBR used
20:36:10.0218 2336 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x6FC3D80
20:36:10.0562 2336 Initialize success
20:36:10.0562 2336 ============================================================
20:36:21.0406 2312 ============================================================
20:36:21.0406 2312 Scan started
20:36:21.0406 2312 Mode: Manual;
20:36:21.0406 2312 ============================================================
20:36:21.0875 2312 Abiosdsk - ok
20:36:21.0906 2312 abp480n5 - ok
20:36:22.0000 2312 ACPI (d766e636187b8f240bbfbabcd51eb2c6) C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:36:22.0000 2312 ACPI - ok
20:36:22.0046 2312 ACPIEC (49ac5cd87fbdda62f3e25190019e7627) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
20:36:22.0046 2312 ACPIEC - ok
20:36:22.0062 2312 adpu160m - ok
20:36:22.0125 2312 aeaudio (3cb6ae5435987b1f8c83fd2730479878) C:\WINDOWS\system32\drivers\aeaudio.sys
20:36:22.0125 2312 aeaudio - ok
20:36:22.0187 2312 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
20:36:22.0187 2312 aec - ok
20:36:22.0281 2312 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
20:36:22.0281 2312 AFD - ok
20:36:22.0375 2312 AgereSoftModem (a7d5c71ff4a5b8fee626fe65b39d71d0) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
20:36:22.0406 2312 AgereSoftModem - ok
20:36:22.0578 2312 Aha154x - ok
20:36:22.0593 2312 aic78u2 - ok
20:36:22.0625 2312 aic78xx - ok
20:36:22.0656 2312 AliIde - ok
20:36:22.0687 2312 amsint - ok
20:36:22.0703 2312 asc - ok
20:36:22.0734 2312 asc3350p - ok
20:36:22.0750 2312 asc3550 - ok
20:36:22.0828 2312 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:36:22.0828 2312 AsyncMac - ok
20:36:22.0890 2312 atapi (fc9e0012557dd863efa4c4b13b16d030) C:\WINDOWS\system32\DRIVERS\atapi.sys
20:36:22.0906 2312 atapi - ok
20:36:22.0921 2312 Atdisk - ok
20:36:22.0968 2312 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:36:22.0984 2312 Atmarpc - ok
20:36:23.0046 2312 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
20:36:23.0046 2312 audstub - ok
20:36:23.0156 2312 BCM43XX (185a6dc6d655dc31c0b228cc94fb99ac) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
20:36:23.0156 2312 BCM43XX - ok
20:36:23.0281 2312 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
20:36:23.0281 2312 Beep - ok
20:36:23.0531 2312 catchme - ok
20:36:23.0609 2312 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
20:36:23.0609 2312 cbidf2k - ok
20:36:23.0625 2312 cd20xrnt - ok
20:36:23.0656 2312 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
20:36:23.0656 2312 Cdaudio - ok
20:36:23.0718 2312 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
20:36:23.0718 2312 Cdfs - ok
20:36:23.0828 2312 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:36:23.0828 2312 Cdrom - ok
20:36:23.0859 2312 Changer - ok
20:36:23.0953 2312 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
20:36:23.0953 2312 CmBatt - ok
20:36:23.0984 2312 CmdIde - ok
20:36:24.0000 2312 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
20:36:24.0000 2312 Compbatt - ok
20:36:24.0062 2312 Cpqarray - ok
20:36:24.0078 2312 dac2w2k - ok
20:36:24.0109 2312 dac960nt - ok
20:36:24.0171 2312 DevUpper (5dc28c3458fcc7258edd9f817bad8cc7) C:\WINDOWS\system32\DRIVERS\tiumflt.sys
20:36:24.0171 2312 DevUpper - ok
20:36:24.0203 2312 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
20:36:24.0203 2312 Disk - ok
20:36:24.0359 2312 dmboot (82bc125a8ed33f5f0e75f2aac1065323) C:\WINDOWS\system32\drivers\dmboot.sys
20:36:24.0375 2312 dmboot - ok
20:36:24.0468 2312 dmio (e959ddc0ea7ac11ee5e5602e2a364310) C:\WINDOWS\system32\drivers\dmio.sys
20:36:24.0468 2312 dmio - ok
20:36:24.0546 2312 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
20:36:24.0546 2312 dmload - ok
20:36:24.0609 2312 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
20:36:24.0609 2312 DMusic - ok
20:36:24.0687 2312 dpti2o - ok
20:36:24.0718 2312 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
20:36:24.0718 2312 drmkaud - ok
20:36:24.0734 2312 dwshd - ok
20:36:24.0812 2312 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
20:36:24.0812 2312 Fastfat - ok
20:36:24.0890 2312 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
20:36:24.0890 2312 Fdc - ok
20:36:24.0953 2312 FilterService (0c5a1ef7163955199562d2b76cced85c) C:\WINDOWS\system32\Drivers\filter.sys
20:36:25.0000 2312 FilterService - ok
20:36:25.0093 2312 Fips (2cfea3326981a18c6baf2bd9be76225b) C:\WINDOWS\system32\drivers\Fips.sys
20:36:25.0093 2312 Fips - ok
20:36:25.0171 2312 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
20:36:25.0187 2312 Flpydisk - ok
20:36:25.0281 2312 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
20:36:25.0281 2312 FltMgr - ok
20:36:25.0343 2312 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:36:25.0343 2312 Fs_Rec - ok
20:36:25.0375 2312 Ftdisk (f3269a6ee547ea87b949a1cea4816b38) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:36:25.0375 2312 Ftdisk - ok
20:36:25.0421 2312 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:36:25.0421 2312 Gpc - ok
20:36:25.0500 2312 hpn - ok
20:36:25.0562 2312 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
20:36:25.0562 2312 HPZid412 - ok
20:36:25.0640 2312 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
20:36:25.0640 2312 HPZipr12 - ok
20:36:25.0687 2312 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
20:36:25.0687 2312 HPZius12 - ok
20:36:25.0828 2312 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
20:36:25.0828 2312 HTTP - ok
20:36:25.0859 2312 i2omgmt - ok
20:36:25.0875 2312 i2omp - ok
20:36:25.0953 2312 i8042prt (610726e28af55b95043c5c35a727e320) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:36:25.0953 2312 i8042prt - ok
20:36:26.0046 2312 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
20:36:26.0046 2312 Imapi - ok
20:36:26.0093 2312 ini910u - ok
20:36:26.0109 2312 IntelIde - ok
20:36:26.0171 2312 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
20:36:26.0187 2312 Ip6Fw - ok
20:36:26.0234 2312 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:36:26.0234 2312 IpFilterDriver - ok
20:36:26.0343 2312 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:36:26.0343 2312 IpInIp - ok
20:36:26.0390 2312 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:36:26.0390 2312 IpNat - ok
20:36:26.0468 2312 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:36:26.0468 2312 IPSec - ok
20:36:26.0546 2312 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
20:36:26.0562 2312 IRENUM - ok
20:36:26.0625 2312 isapnp (0953594beb81cc72fcc62d37921b25a6) C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:36:26.0625 2312 isapnp - ok
20:36:26.0703 2312 Kbdclass (28b6eace513ca7eaba3b809ad4bc274d) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:36:26.0703 2312 Kbdclass - ok
20:36:26.0828 2312 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
20:36:26.0843 2312 kmixer - ok
20:36:26.0906 2312 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
20:36:26.0906 2312 KSecDD - ok
20:36:26.0953 2312 lbrtfdc - ok
20:36:27.0046 2312 MHIKEY10 (8143e6203e5765ed9f7e6dae57cec8d3) C:\WINDOWS\system32\Drivers\MHIKEY10.sys
20:36:27.0046 2312 MHIKEY10 - ok
20:36:27.0156 2312 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
20:36:27.0156 2312 mnmdd - ok
20:36:27.0218 2312 Modem (8cb6636806d76b85fafaee94d75f5129) C:\WINDOWS\system32\drivers\Modem.sys
20:36:27.0218 2312 Modem - ok
20:36:27.0328 2312 Mouclass (e904ebed608055a2bfb824c07f59766c) C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:36:27.0328 2312 Mouclass - ok
20:36:27.0390 2312 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
20:36:27.0390 2312 MountMgr - ok
20:36:27.0437 2312 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
20:36:27.0453 2312 MpFilter - ok
20:36:27.0484 2312 mraid35x - ok
20:36:27.0578 2312 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
20:36:27.0578 2312 MREMP50 - ok
20:36:27.0625 2312 MREMPR5 (2bc9e43f55de8c30fc817ed56d0ee907) C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS
20:36:27.0625 2312 MREMPR5 - ok
20:36:27.0640 2312 MRENDIS5 (594b9d8194e3f4ecbf0325bd10bbeb05) C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS
20:36:27.0703 2312 MRENDIS5 - ok
20:36:27.0750 2312 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
20:36:27.0750 2312 MRESP50 - ok
20:36:28.0000 2312 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:36:28.0000 2312 MRxDAV - ok
20:36:28.0109 2312 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:36:28.0125 2312 MRxSmb - ok
20:36:28.0171 2312 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
20:36:28.0171 2312 Msfs - ok
20:36:28.0234 2312 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:36:28.0250 2312 MSKSSRV - ok
20:36:28.0281 2312 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:36:28.0281 2312 MSPCLOCK - ok
20:36:28.0312 2312 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
20:36:28.0312 2312 MSPQM - ok
20:36:28.0500 2312 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:36:28.0500 2312 mssmbios - ok
20:36:28.0578 2312 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
20:36:28.0578 2312 Mup - ok
20:36:28.0640 2312 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
20:36:28.0656 2312 NDIS - ok
20:36:28.0718 2312 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:36:28.0718 2312 NdisTapi - ok
20:36:28.0781 2312 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:36:28.0781 2312 Ndisuio - ok
20:36:28.0812 2312 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:36:28.0812 2312 NdisWan - ok
20:36:28.0875 2312 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
20:36:28.0875 2312 NDProxy - ok
20:36:29.0000 2312 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
20:36:29.0000 2312 NetBIOS - ok
20:36:29.0109 2312 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
20:36:29.0109 2312 NetBT - ok
20:36:29.0203 2312 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
20:36:29.0203 2312 Npfs - ok
20:36:29.0296 2312 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
20:36:29.0312 2312 Ntfs - ok
20:36:29.0375 2312 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
20:36:29.0375 2312 Null - ok
20:36:29.0640 2312 nv (aedc7425893e71b31dc65c253defc88f) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
20:36:29.0734 2312 nv - ok
20:36:29.0968 2312 nv_agp (01621905ae34bc24aaa2fddb93977299) C:\WINDOWS\system32\DRIVERS\nv_agp.sys
20:36:29.0968 2312 nv_agp - ok
20:36:30.0031 2312 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:36:30.0031 2312 NwlnkFlt - ok
20:36:30.0062 2312 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:36:30.0062 2312 NwlnkFwd - ok
20:36:30.0140 2312 Parport (4e9408a178b2d955871c2cdd278de3c3) C:\WINDOWS\system32\DRIVERS\parport.sys
20:36:30.0140 2312 Parport - ok
20:36:30.0156 2312 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
20:36:30.0156 2312 PartMgr - ok
20:36:30.0234 2312 ParVdm (0dabef655a444cb1e193626fb1d24b9f) C:\WINDOWS\system32\drivers\ParVdm.sys
20:36:30.0234 2312 ParVdm - ok
20:36:30.0296 2312 PCI (f40a46892afebb0314536b849d57c11e) C:\WINDOWS\system32\DRIVERS\pci.sys
20:36:30.0296 2312 PCI - ok
20:36:30.0312 2312 PCIDump - ok
20:36:30.0343 2312 PCIIde (b2df00d650fd6c4ee781740ed3c8e67f) C:\WINDOWS\system32\DRIVERS\pciide.sys
20:36:30.0343 2312 PCIIde - ok
20:36:30.0375 2312 Pcmcia (815c50f2b1d1562800bdce8be895000e) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
20:36:30.0375 2312 Pcmcia - ok
20:36:30.0562 2312 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys
20:36:30.0562 2312 pcouffin - ok
20:36:30.0625 2312 pctNDIS (be268d7bfa4481ddf72015da2642a7b7) C:\WINDOWS\system32\DRIVERS\pctNdis.sys
20:36:30.0625 2312 pctNDIS - ok
20:36:30.0640 2312 PDCOMP - ok
20:36:30.0656 2312 PDFRAME - ok
20:36:30.0687 2312 PDRELI - ok
20:36:30.0718 2312 PDRFRAME - ok
20:36:30.0734 2312 perc2 - ok
20:36:30.0750 2312 perc2hib - ok
20:36:30.0843 2312 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:36:30.0859 2312 PptpMiniport - ok
20:36:30.0921 2312 Processor (b479f50e883b2297a5f7f212aaee6f6c) C:\WINDOWS\system32\DRIVERS\processr.sys
20:36:30.0937 2312 Processor - ok
20:36:30.0984 2312 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
20:36:31.0000 2312 PSched - ok
20:36:31.0031 2312 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:36:31.0031 2312 Ptilink - ok
20:36:31.0046 2312 ql1080 - ok
20:36:31.0078 2312 Ql10wnt - ok
20:36:31.0093 2312 ql12160 - ok
20:36:31.0109 2312 ql1240 - ok
20:36:31.0140 2312 ql1280 - ok
20:36:31.0187 2312 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:36:31.0187 2312 RasAcd - ok
20:36:31.0281 2312 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:36:31.0281 2312 Rasl2tp - ok
20:36:31.0312 2312 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:36:31.0312 2312 RasPppoe - ok
20:36:31.0343 2312 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
20:36:31.0343 2312 Raspti - ok
20:36:31.0531 2312 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:36:31.0531 2312 Rdbss - ok
20:36:31.0546 2312 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:36:31.0546 2312 RDPCDD - ok
20:36:31.0640 2312 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
20:36:31.0656 2312 RDPWD - ok
20:36:31.0718 2312 redbook (393fc252593323b624b230eca6b85e63) C:\WINDOWS\system32\DRIVERS\redbook.sys
20:36:31.0718 2312 redbook - ok
20:36:31.0765 2312 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
20:36:31.0781 2312 rtl8139 - ok
20:36:31.0859 2312 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:36:31.0859 2312 Secdrv - ok
20:36:31.0921 2312 Serial (fdbd9d64e2e03270021d424f0dccf79d) C:\WINDOWS\system32\drivers\Serial.sys
20:36:31.0921 2312 Serial - ok
20:36:32.0062 2312 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
20:36:32.0062 2312 Sfloppy - ok
20:36:32.0234 2312 Simbad - ok
20:36:32.0343 2312 smwdm (f41896d591106713649b7eba668324e6) C:\WINDOWS\system32\drivers\smwdm.sys
20:36:32.0375 2312 smwdm - ok
20:36:32.0390 2312 Sparrow - ok
20:36:32.0421 2312 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
20:36:32.0437 2312 splitter - ok
20:36:32.0515 2312 sr (618718cae288bf7cbd8fcbab2577d932) C:\WINDOWS\system32\DRIVERS\sr.sys
20:36:32.0515 2312 sr - ok
20:36:32.0609 2312 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
20:36:32.0625 2312 Srv - ok
20:36:32.0718 2312 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
20:36:32.0718 2312 swenum - ok
20:36:32.0984 2312 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
20:36:32.0984 2312 swmidi - ok
20:36:33.0015 2312 symc810 - ok
20:36:33.0046 2312 symc8xx - ok
20:36:33.0062 2312 sym_hi - ok
20:36:33.0078 2312 sym_u3 - ok
20:36:33.0109 2312 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
20:36:33.0109 2312 sysaudio - ok
20:36:33.0218 2312 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:36:33.0234 2312 Tcpip - ok
20:36:33.0296 2312 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
20:36:33.0296 2312 TDPIPE - ok
20:36:33.0328 2312 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
20:36:33.0328 2312 TDTCP - ok
20:36:33.0390 2312 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
20:36:33.0390 2312 TermDD - ok
20:36:33.0593 2312 tiumfwl (65e8e81c2f40abce9db98fd232f86bf8) C:\WINDOWS\system32\drivers\tiumfwl.sys
20:36:33.0593 2312 tiumfwl - ok
20:36:33.0625 2312 TosIde - ok
20:36:33.0703 2312 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
20:36:33.0718 2312 Udfs - ok
20:36:33.0734 2312 ultra - ok
20:36:33.0812 2312 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
20:36:33.0812 2312 Update - ok
20:36:33.0906 2312 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:36:33.0906 2312 usbccgp - ok
20:36:33.0968 2312 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:36:33.0984 2312 usbehci - ok
20:36:34.0000 2312 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:36:34.0000 2312 usbhub - ok
20:36:34.0031 2312 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
20:36:34.0031 2312 usbohci - ok
20:36:34.0109 2312 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
20:36:34.0125 2312 usbprint - ok
20:36:34.0312 2312 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:36:34.0312 2312 usbscan - ok
20:36:34.0375 2312 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:36:34.0390 2312 USBSTOR - ok
20:36:34.0453 2312 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
20:36:34.0453 2312 VgaSave - ok
20:36:34.0484 2312 ViaIde - ok
20:36:34.0515 2312 VolSnap (e46c1b5a56da7da603d09dfcc79ec59e) C:\WINDOWS\system32\drivers\VolSnap.sys
20:36:34.0515 2312 VolSnap - ok
20:36:34.0562 2312 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:36:34.0578 2312 Wanarp - ok
20:36:34.0593 2312 WDICA - ok
20:36:34.0671 2312 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
20:36:34.0687 2312 wdmaud - ok
20:36:34.0828 2312 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
20:36:34.0828 2312 WmiAcpi - ok
20:36:35.0093 2312 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
20:36:35.0093 2312 WS2IFSL - ok
20:36:35.0171 2312 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:36:35.0171 2312 WudfPf - ok
20:36:35.0234 2312 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
20:36:35.0234 2312 WudfRd - ok
20:36:35.0328 2312 MBR (0x1B8) (828e02d5c4a4fbe53441ee9dbee51f43) \Device\Harddisk0\DR0
20:36:35.0484 2312 \Device\Harddisk0\DR0 - ok
20:36:35.0500 2312 Boot (0x1200) (02e49d0c9c0f6fc01955e2bd249bde3f) \Device\Harddisk0\DR0\Partition0
20:36:35.0500 2312 \Device\Harddisk0\DR0\Partition0 - ok
20:36:35.0500 2312 ============================================================
20:36:35.0500 2312 Scan finished
20:36:35.0500 2312 ============================================================
20:36:35.0531 2404 Detected object count: 0
20:36:35.0531 2404 Actual detected object count: 0
20:37:22.0500 3364 ============================================================
20:37:22.0500 3364 Scan started
20:37:22.0500 3364 Mode: Manual;
20:37:22.0500 3364 ============================================================
20:37:22.0968 3364 Abiosdsk - ok
20:37:22.0984 3364 abp480n5 - ok
20:37:23.0078 3364 ACPI (d766e636187b8f240bbfbabcd51eb2c6) C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:37:23.0078 3364 ACPI - ok
20:37:23.0125 3364 ACPIEC (49ac5cd87fbdda62f3e25190019e7627) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
20:37:23.0125 3364 ACPIEC - ok
20:37:23.0156 3364 adpu160m - ok
20:37:23.0218 3364 aeaudio (3cb6ae5435987b1f8c83fd2730479878) C:\WINDOWS\system32\drivers\aeaudio.sys
20:37:23.0218 3364 aeaudio - ok
20:37:23.0265 3364 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
20:37:23.0265 3364 aec - ok
20:37:23.0359 3364 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
20:37:23.0359 3364 AFD - ok
20:37:23.0609 3364 AgereSoftModem (a7d5c71ff4a5b8fee626fe65b39d71d0) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
20:37:23.0625 3364 AgereSoftModem - ok
20:37:23.0640 3364 Aha154x - ok
20:37:23.0671 3364 aic78u2 - ok
20:37:23.0687 3364 aic78xx - ok
20:37:23.0718 3364 AliIde - ok
20:37:23.0750 3364 amsint - ok
20:37:23.0781 3364 asc - ok
20:37:23.0796 3364 asc3350p - ok
20:37:23.0828 3364 asc3550 - ok
20:37:23.0890 3364 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:37:23.0890 3364 AsyncMac - ok
20:37:23.0953 3364 atapi (fc9e0012557dd863efa4c4b13b16d030) C:\WINDOWS\system32\DRIVERS\atapi.sys
20:37:23.0953 3364 atapi - ok
20:37:23.0968 3364 Atdisk - ok
20:37:24.0031 3364 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:37:24.0031 3364 Atmarpc - ok
20:37:24.0109 3364 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
20:37:24.0109 3364 audstub - ok
20:37:24.0312 3364 BCM43XX (185a6dc6d655dc31c0b228cc94fb99ac) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
20:37:24.0312 3364 BCM43XX - ok
20:37:24.0343 3364 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
20:37:24.0343 3364 Beep - ok
20:37:24.0578 3364 catchme - ok
20:37:24.0656 3364 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
20:37:24.0656 3364 cbidf2k - ok
20:37:24.0687 3364 cd20xrnt - ok
20:37:24.0812 3364 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
20:37:24.0812 3364 Cdaudio - ok
20:37:24.0906 3364 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
20:37:24.0906 3364 Cdfs - ok
20:37:25.0000 3364 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:37:25.0000 3364 Cdrom - ok
20:37:25.0015 3364 Changer - ok
20:37:25.0125 3364 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
20:37:25.0125 3364 CmBatt - ok
20:37:25.0140 3364 CmdIde - ok
20:37:25.0171 3364 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
20:37:25.0171 3364 Compbatt - ok
20:37:25.0203 3364 Cpqarray - ok
20:37:25.0234 3364 dac2w2k - ok
20:37:25.0250 3364 dac960nt - ok
20:37:25.0328 3364 DevUpper (5dc28c3458fcc7258edd9f817bad8cc7) C:\WINDOWS\system32\DRIVERS\tiumflt.sys
20:37:25.0328 3364 DevUpper - ok
20:37:25.0359 3364 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
20:37:25.0359 3364 Disk - ok
20:37:25.0453 3364 dmboot (82bc125a8ed33f5f0e75f2aac1065323) C:\WINDOWS\system32\drivers\dmboot.sys
20:37:25.0468 3364 dmboot - ok
20:37:25.0578 3364 dmio (e959ddc0ea7ac11ee5e5602e2a364310) C:\WINDOWS\system32\drivers\dmio.sys
20:37:25.0578 3364 dmio - ok
20:37:25.0625 3364 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
20:37:25.0625 3364 dmload - ok
20:37:25.0703 3364 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
20:37:25.0703 3364 DMusic - ok
20:37:25.0734 3364 dpti2o - ok
20:37:25.0765 3364 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
20:37:25.0765 3364 drmkaud - ok
20:37:25.0843 3364 dwshd - ok
20:37:25.0906 3364 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
20:37:25.0921 3364 Fastfat - ok
20:37:25.0968 3364 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
20:37:25.0968 3364 Fdc - ok
20:37:26.0031 3364 FilterService (0c5a1ef7163955199562d2b76cced85c) C:\WINDOWS\system32\Drivers\filter.sys
20:37:26.0031 3364 FilterService - ok
20:37:26.0109 3364 Fips (2cfea3326981a18c6baf2bd9be76225b) C:\WINDOWS\system32\drivers\Fips.sys
20:37:26.0109 3364 Fips - ok
20:37:26.0156 3364 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
20:37:26.0156 3364 Flpydisk - ok
20:37:26.0234 3364 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
20:37:26.0234 3364 FltMgr - ok
20:37:26.0281 3364 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:37:26.0281 3364 Fs_Rec - ok
20:37:26.0312 3364 Ftdisk (f3269a6ee547ea87b949a1cea4816b38) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:37:26.0312 3364 Ftdisk - ok
20:37:26.0406 3364 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:37:26.0406 3364 Gpc - ok
20:37:26.0453 3364 hpn - ok
20:37:26.0531 3364 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
20:37:26.0531 3364 HPZid412 - ok
20:37:26.0562 3364 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
20:37:26.0562 3364 HPZipr12 - ok
20:37:26.0671 3364 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
20:37:26.0671 3364 HPZius12 - ok
20:37:26.0750 3364 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
20:37:26.0765 3364 HTTP - ok
20:37:26.0781 3364 i2omgmt - ok
20:37:26.0812 3364 i2omp - ok
20:37:26.0875 3364 i8042prt (610726e28af55b95043c5c35a727e320) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:37:26.0875 3364 i8042prt - ok
20:37:26.0984 3364 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
20:37:26.0984 3364 Imapi - ok
20:37:27.0015 3364 ini910u - ok
20:37:27.0046 3364 IntelIde - ok
20:37:27.0125 3364 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
20:37:27.0125 3364 Ip6Fw - ok
20:37:27.0171 3364 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:37:27.0171 3364 IpFilterDriver - ok
20:37:27.0265 3364 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:37:27.0265 3364 IpInIp - ok
20:37:27.0312 3364 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:37:27.0328 3364 IpNat - ok
20:37:27.0359 3364 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:37:27.0359 3364 IPSec - ok
20:37:27.0453 3364 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
20:37:27.0453 3364 IRENUM - ok
20:37:27.0531 3364 isapnp (0953594beb81cc72fcc62d37921b25a6) C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:37:27.0531 3364 isapnp - ok
20:37:27.0609 3364 Kbdclass (28b6eace513ca7eaba3b809ad4bc274d) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:37:27.0609 3364 Kbdclass - ok
20:37:27.0703 3364 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
20:37:27.0703 3364 kmixer - ok
20:37:27.0828 3364 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
20:37:27.0828 3364 KSecDD - ok
20:37:27.0875 3364 lbrtfdc - ok
20:37:27.0984 3364 MHIKEY10 (8143e6203e5765ed9f7e6dae57cec8d3) C:\WINDOWS\system32\Drivers\MHIKEY10.sys
20:37:27.0984 3364 MHIKEY10 - ok
20:37:28.0046 3364 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
20:37:28.0046 3364 mnmdd - ok
20:37:28.0140 3364 Modem (8cb6636806d76b85fafaee94d75f5129) C:\WINDOWS\system32\drivers\Modem.sys
20:37:28.0140 3364 Modem - ok
20:37:28.0218 3364 Mouclass (e904ebed608055a2bfb824c07f59766c) C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:37:28.0218 3364 Mouclass - ok
20:37:28.0234 3364 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
20:37:28.0234 3364 MountMgr - ok
20:37:28.0328 3364 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
20:37:28.0328 3364 MpFilter - ok
20:37:28.0390 3364 mraid35x - ok
20:37:28.0500 3364 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
20:37:28.0500 3364 MREMP50 - ok
20:37:28.0546 3364 MREMPR5 (2bc9e43f55de8c30fc817ed56d0ee907) C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS
20:37:28.0562 3364 MREMPR5 - ok
20:37:28.0578 3364 MRENDIS5 (594b9d8194e3f4ecbf0325bd10bbeb05) C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS
20:37:28.0578 3364 MRENDIS5 - ok
20:37:28.0625 3364 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
20:37:28.0625 3364 MRESP50 - ok
20:37:28.0718 3364 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:37:28.0718 3364 MRxDAV - ok
20:37:28.0937 3364 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:37:28.0953 3364 MRxSmb - ok
20:37:29.0000 3364 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
20:37:29.0000 3364 Msfs - ok
20:37:29.0078 3364 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:37:29.0078 3364 MSKSSRV - ok
20:37:29.0125 3364 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:37:29.0125 3364 MSPCLOCK - ok
20:37:29.0187 3364 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
20:37:29.0187 3364 MSPQM - ok
20:37:29.0265 3364 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:37:29.0265 3364 mssmbios - ok
20:37:29.0343 3364 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
20:37:29.0343 3364 Mup - ok
20:37:29.0421 3364 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
20:37:29.0421 3364 NDIS - ok
20:37:29.0484 3364 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:37:29.0484 3364 NdisTapi - ok
20:37:29.0562 3364 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:37:29.0562 3364 Ndisuio - ok
20:37:29.0593 3364 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:37:29.0593 3364 NdisWan - ok
20:37:29.0625 3364 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
20:37:29.0640 3364 NDProxy - ok
20:37:29.0687 3364 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
20:37:29.0687 3364 NetBIOS - ok
20:37:29.0750 3364 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
20:37:29.0750 3364 NetBT - ok
20:37:29.0828 3364 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
20:37:29.0828 3364 Npfs - ok
20:37:29.0953 3364 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
20:37:29.0953 3364 Ntfs - ok
20:37:30.0078 3364 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
20:37:30.0078 3364 Null - ok
20:37:30.0359 3364 nv (aedc7425893e71b31dc65c253defc88f) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
20:37:30.0421 3364 nv - ok
20:37:30.0640 3364 nv_agp (01621905ae34bc24aaa2fddb93977299) C:\WINDOWS\system32\DRIVERS\nv_agp.sys
20:37:30.0640 3364 nv_agp - ok
20:37:30.0703 3364 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:37:30.0703 3364 NwlnkFlt - ok
20:37:30.0734 3364 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:37:30.0734 3364 NwlnkFwd - ok
20:37:30.0812 3364 Parport (4e9408a178b2d955871c2cdd278de3c3) C:\WINDOWS\system32\DRIVERS\parport.sys
20:37:30.0812 3364 Parport - ok
20:37:30.0843 3364 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
20:37:30.0843 3364 PartMgr - ok
20:37:30.0906 3364 ParVdm (0dabef655a444cb1e193626fb1d24b9f) C:\WINDOWS\system32\drivers\ParVdm.sys
20:37:30.0906 3364 ParVdm - ok
20:37:30.0968 3364 PCI (f40a46892afebb0314536b849d57c11e) C:\WINDOWS\system32\DRIVERS\pci.sys
20:37:30.0968 3364 PCI - ok
20:37:30.0984 3364 PCIDump - ok
20:37:31.0015 3364 PCIIde (b2df00d650fd6c4ee781740ed3c8e67f) C:\WINDOWS\system32\DRIVERS\pciide.sys
20:37:31.0015 3364 PCIIde - ok
20:37:31.0046 3364 Pcmcia (815c50f2b1d1562800bdce8be895000e) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
20:37:31.0046 3364 Pcmcia - ok
20:37:31.0250 3364 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys
20:37:31.0250 3364 pcouffin - ok
20:37:31.0296 3364 pctNDIS (be268d7bfa4481ddf72015da2642a7b7) C:\WINDOWS\system32\DRIVERS\pctNdis.sys
20:37:31.0312 3364 pctNDIS - ok
20:37:31.0328 3364 PDCOMP - ok
20:37:31.0359 3364 PDFRAME - ok
20:37:31.0375 3364 PDRELI - ok
20:37:31.0390 3364 PDRFRAME - ok
20:37:31.0421 3364 perc2 - ok
20:37:31.0437 3364 perc2hib - ok
20:37:31.0531 3364 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:37:31.0531 3364 PptpMiniport - ok
20:37:31.0609 3364 Processor (b479f50e883b2297a5f7f212aaee6f6c) C:\WINDOWS\system32\DRIVERS\processr.sys
20:37:31.0609 3364 Processor - ok
20:37:31.0671 3364 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
20:37:31.0671 3364 PSched - ok
20:37:31.0718 3364 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:37:31.0718 3364 Ptilink - ok
20:37:31.0734 3364 ql1080 - ok
20:37:31.0765 3364 Ql10wnt - ok
20:37:31.0781 3364 ql12160 - ok
20:37:31.0812 3364 ql1240 - ok
20:37:31.0828 3364 ql1280 - ok
20:37:31.0875 3364 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:37:31.0890 3364 RasAcd - ok
20:37:31.0921 3364 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:37:31.0921 3364 Rasl2tp - ok
20:37:32.0078 3364 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:37:32.0078 3364 RasPppoe - ok
20:37:32.0109 3364 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
20:37:32.0109 3364 Raspti - ok
20:37:32.0156 3364 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:37:32.0156 3364 Rdbss - ok
20:37:32.0187 3364 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:37:32.0187 3364 RDPCDD - ok
20:37:32.0281 3364 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
20:37:32.0281 3364 RDPWD - ok
20:37:32.0359 3364 redbook (393fc252593323b624b230eca6b85e63) C:\WINDOWS\system32\DRIVERS\redbook.sys
20:37:32.0359 3364 redbook - ok
20:37:32.0421 3364 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
20:37:32.0421 3364 rtl8139 - ok
20:37:32.0515 3364 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:37:32.0515 3364 Secdrv - ok
20:37:32.0578 3364 Serial (fdbd9d64e2e03270021d424f0dccf79d) C:\WINDOWS\system32\drivers\Serial.sys
20:37:32.0578 3364 Serial - ok
20:37:32.0640 3364 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
20:37:32.0640 3364 Sfloppy - ok
20:37:32.0828 3364 Simbad - ok
20:37:32.0953 3364 smwdm (f41896d591106713649b7eba668324e6) C:\WINDOWS\system32\drivers\smwdm.sys
20:37:32.0968 3364 smwdm - ok
20:37:32.0984 3364 Sparrow - ok
20:37:33.0031 3364 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
20:37:33.0031 3364 splitter - ok
20:37:33.0109 3364 sr (618718cae288bf7cbd8fcbab2577d932) C:\WINDOWS\system32\DRIVERS\sr.sys
20:37:33.0109 3364 sr - ok
20:37:33.0203 3364 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
20:37:33.0218 3364 Srv - ok
20:37:33.0296 3364 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
20:37:33.0296 3364 swenum - ok
20:37:33.0515 3364 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
20:37:33.0515 3364 swmidi - ok
20:37:33.0546 3364 symc810 - ok
20:37:33.0578 3364 symc8xx - ok
20:37:33.0593 3364 sym_hi - ok
20:37:33.0625 3364 sym_u3 - ok
20:37:33.0640 3364 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
20:37:33.0656 3364 sysaudio - ok
20:37:33.0765 3364 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:37:33.0765 3364 Tcpip - ok
20:37:33.0828 3364 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
20:37:33.0828 3364 TDPIPE - ok
20:37:33.0890 3364 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
20:37:33.0890 3364 TDTCP - ok
20:37:33.0921 3364 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
20:37:33.0921 3364 TermDD - ok
20:37:34.0000 3364 tiumfwl (65e8e81c2f40abce9db98fd232f86bf8) C:\WINDOWS\system32\drivers\tiumfwl.sys
20:37:34.0000 3364 tiumfwl - ok
20:37:34.0031 3364 TosIde - ok
20:37:34.0093 3364 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
20:37:34.0093 3364 Udfs - ok
20:37:34.0250 3364 ultra - ok
20:37:34.0312 3364 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
20:37:34.0328 3364 Update - ok
20:37:34.0406 3364 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:37:34.0406 3364 usbccgp - ok
20:37:34.0484 3364 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:37:34.0484 3364 usbehci - ok
20:37:34.0500 3364 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:37:34.0500 3364 usbhub - ok
20:37:34.0531 3364 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
20:37:34.0546 3364 usbohci - ok
20:37:34.0609 3364 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
20:37:34.0625 3364 usbprint - ok
20:37:34.0687 3364 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:37:34.0687 3364 usbscan - ok
20:37:34.0921 3364 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:37:34.0921 3364 USBSTOR - ok
20:37:35.0000 3364 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
20:37:35.0000 3364 VgaSave - ok
20:37:35.0015 3364 ViaIde - ok
20:37:35.0046 3364 VolSnap (e46c1b5a56da7da603d09dfcc79ec59e) C:\WINDOWS\system32\drivers\VolSnap.sys
20:37:35.0046 3364 VolSnap - ok
20:37:35.0109 3364 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:37:35.0109 3364 Wanarp - ok
20:37:35.0140 3364 WDICA - ok
20:37:35.0218 3364 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
20:37:35.0218 3364 wdmaud - ok
20:37:35.0359 3364 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
20:37:35.0359 3364 WmiAcpi - ok
20:37:35.0593 3364 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
20:37:35.0593 3364 WS2IFSL - ok
20:37:35.0671 3364 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:37:35.0671 3364 WudfPf - ok
20:37:35.0718 3364 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
20:37:35.0718 3364 WudfRd - ok
20:37:35.0812 3364 MBR (0x1B8) (828e02d5c4a4fbe53441ee9dbee51f43) \Device\Harddisk0\DR0
20:37:35.0953 3364 \Device\Harddisk0\DR0 - ok
20:37:35.0968 3364 Boot (0x1200) (02e49d0c9c0f6fc01955e2bd249bde3f) \Device\Harddisk0\DR0\Partition0
20:37:35.0968 3364 \Device\Harddisk0\DR0\Partition0 - ok
20:37:35.0984 3364 ============================================================
20:37:35.0984 3364 Scan finished
20:37:35.0984 3364 ============================================================
20:37:36.0000 0224 Detected object count: 0
20:37:36.0000 0224 Actual detected object count: 0
grazie
ilcaso77
Utente Junior
 
Post: 19
Iscritto il: 07/02/12 18:55

Re: vi chiedo il vostro aiuto

Postdi FrancescoFDAC » 25/02/12 13:26

Ciao. Non sembrerebbe esserci alcun Rootkit (meno male).

Fai cosi:
Scarica ed installa Hijackthis: http://www.trendmicro.com/ftp/products/ ... ckThis.msi
● lancia Hijackthis
● clicca sul pulsante Do a system scan and save a logfile
● verrà rilasciato automaticamente un file di testo: allegalo
FrancescoFDAC
Utente Senior
 
Post: 1048
Iscritto il: 13/08/11 09:53

Re: vi chiedo il vostro aiuto

Postdi ilcaso77 » 25/02/12 14:27

eccomi qui grazie per la risposta ti allego il logLogfile of Trend Micro HijackThis v2.0.4
Scan saved at 14.30.33, on 25/02/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Programmi\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\afasrv32.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\Common Files\Motive\McciCMService.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Programmi\Mozilla Firefox\plugin-container.exe
C:\Programmi\Trend Micro\HijackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MSC] "c:\Programmi\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Afa Card Reader Service (AfaService) - Unknown owner - C:\WINDOWS\system32\afasrv32.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: McciCMService - Alcatel-Lucent - C:\Programmi\Common Files\Motive\McciCMService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe

--
End of file - 3046 bytes
ilcaso77
Utente Junior
 
Post: 19
Iscritto il: 07/02/12 18:55

Re: vi chiedo il vostro aiuto

Postdi FrancescoFDAC » 25/02/12 14:58

Il PC sembra pulito.
Scarica ed installa HitmanPro: http://www.surfright.nl/en/downloads
● scegli la versione adatta al tuo Sistema Operativo (32Bit o 64Bit)
● una volta lanciato, nella finestra principale clicca su Impostazioni
● clicca su Licenza ed attiva la licenza
● clicca su scansione di default (consigliato)
● al termine della scansione ti verrà mostrato un riepilogo: nella finestra di riepilogo, in basso a sinistra, avrai modo di salvare il Report generato che dovrai allegare
FrancescoFDAC
Utente Senior
 
Post: 1048
Iscritto il: 13/08/11 09:53

Re: vi chiedo il vostro aiuto

Postdi ilcaso77 » 25/02/12 18:01

chiedo scusa fdac ma che versione ho di xp 32 o 64 bit da dove lo vedo????
ilcaso77
Utente Junior
 
Post: 19
Iscritto il: 07/02/12 18:55

Re: vi chiedo il vostro aiuto

Postdi FrancescoFDAC » 26/02/12 10:52

Hai la 32 Bit.
FrancescoFDAC
Utente Senior
 
Post: 1048
Iscritto il: 13/08/11 09:53

Re: vi chiedo il vostro aiuto

Postdi ilcaso77 » 26/02/12 11:51

scusami fdac ma ho dovuto fare la scansione 2 volte e non sono riuscito a salvare il log ma non mi ha trovato nulla
ilcaso77
Utente Junior
 
Post: 19
Iscritto il: 07/02/12 18:55

Re: vi chiedo il vostro aiuto

Postdi ilcaso77 » 26/02/12 20:36

spero di aver fatto bene...<Log computer="UTENTE-6AD5AAF2" scan="Normal" version="3.6.0.138" date="2012-02-26T20:33:53" timeSpentInSecs="277" filesProcessed="18433"><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Documents and Settings\utente\Dati applicazioni\Mozilla\Firefox\Profiles\c50i6igm.default\cookies.sqlite:ad.adc-serv.net" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Documents and Settings\utente\Dati applicazioni\Mozilla\Firefox\Profiles\c50i6igm.default\cookies.sqlite:ad.spreamedia.it" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Documents and Settings\utente\Dati applicazioni\Mozilla\Firefox\Profiles\c50i6igm.default\cookies.sqlite:ad.zanox.com" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Documents and Settings\utente\Dati applicazioni\Mozilla\Firefox\Profiles\c50i6igm.default\cookies.sqlite:adinterax.com" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Documents and Settings\utente\Dati applicazioni\Mozilla\Firefox\Profiles\c50i6igm.default\cookies.sqlite:ads.trafficjunky.net" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Documents and Settings\utente\Dati applicazioni\Mozilla\Firefox\Profiles\c50i6igm.default\cookies.sqlite:pornmd.com" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Documents and Settings\utente\Dati applicazioni\Mozilla\Firefox\Profiles\c50i6igm.default\cookies.sqlite:pornografish.com" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Documents and Settings\utente\Dati applicazioni\Mozilla\Firefox\Profiles\c50i6igm.default\cookies.sqlite:rts.phn.doublepimp.com" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Documents and Settings\utente\Dati applicazioni\Mozilla\Firefox\Profiles\c50i6igm.default\cookies.sqlite:serving-sys.com" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Documents and Settings\utente\Dati applicazioni\Mozilla\Firefox\Profiles\c50i6igm.default\cookies.sqlite:sexad.net" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Documents and Settings\utente\Dati applicazioni\Mozilla\Firefox\Profiles\c50i6igm.default\cookies.sqlite:stats.betradar.com" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Documents and Settings\utente\Dati applicazioni\Mozilla\Firefox\Profiles\c50i6igm.default\cookies.sqlite:track.adform.net" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Documents and Settings\utente\Dati applicazioni\Mozilla\Firefox\Profiles\c50i6igm.default\cookies.sqlite:xiti.com" /></Item></Log>
ilcaso77
Utente Junior
 
Post: 19
Iscritto il: 07/02/12 18:55

Re: vi chiedo il vostro aiuto

Postdi FrancescoFDAC » 27/02/12 13:34

A me non sembra che ci siano Virus..

Esegui la procedura descritta, rigorosamente nel suo ordine, al fine di:
guadagnare spazio su disco
ottimizzare le prestazioni del sistema
mantenere il corretto funzionamento di Windows

Ottimizzazione - post rimozione malware

Il mio consiglio è quello di stampare questa procedura, perché tornerà senz'altro utile in futuro, a te ed ai tuoi conoscenti: condividila pure con loro, non ha controindicazioni di alcun genere ed andrebbe eseguita dopo aver rimosso tutte le infezione presenti nel sistema.
Queste operazioni infatti, andrebbero eseguite almeno una volta al mese (per utilizzatori di Computer assidui il tempo è ridotto a due settimane, eccetto per lo Scandisk, punto 13. della procedura).

Tieni presente che la maggior parte delle chiavi di registro corrotte e danneggiate non si possono ripristinare e riparare correttamente, e l'installazione e la disinstallazione continua dei programmi può causare crash di sistema e fastidiose schermate blu.

Una formattazione consente di ottenere dei massimi benefici, in termini di velocità, stabilità e prestazioni: questa procedura si avvicina maggiormente ai risultati ottenuti tramite una formattazione del disco fisso.


2. Disinstalla i programmi inutilizzati, e tutte le Toolbar

Procedura per Windows XP:
● clicca sul pulsante Start
● apri il Pannello di controllo
● clicca su Installazione applicazioni
● seleziona il programma da disinstallare, e clicca sul tasto Cambia/Rimuovi: partirà la procedura di disinstallazione

Procedura per Windows Vista e Windows Seven:
● clicca sul pulsante Start
● apri il Pannello di controllo
● clicca su Programmi, e su Programmi e funzionalità
● seleziona il programma da disinstallare, e clicca sul tasto Cambia/Disinstalla: partirà la procedura di disinstallazione

******************************

3. Disinstalla dal Pannello di controllo, in particolare, le seguenti applicazioni:
Adobe Flash Player
Adobe Reader
Java (tutte le versioni installate)

Scarica ed installa, dai siti proposti, le versioni aggiornate dei programmi appena disinstallati:
Adobe Flash Player: http://get.adobe.com/it/flashplayer
Adobe Reader : http://get.adobe.com/it/reader
Java: http://java.com/it/download/index.jsp

Note - riguardo alla procedura:
non consentire l'installazione di componenti aggiuntivi (Toolbar in particolare): non installarne alcuno, quindi togli la spunta alla relativa voce
● alternativamente ad Abobe Reader, software pesante e soprattutto soggetto a vulnerabilità sfruttabili dai malware presenti nella rete per infettare il sistema, puoi scaricare il veloce e leggerissimo Sumatra PDF Reader, che nulla ha da invidiare al prodotto di casa Adobe: http://blog.kowalczyk.info/software/sum ... eader.html

******************************

4. Disattiva il Ripristino Configurazione di Sistema

Procedura per Windows XP:
● clicca sul pulsante Start
● tasto destro del mouse sull'icona Risorse del computer
● seleziona, dal menù a tendina, la voce Proprietà
● apri la scheda Ripristino configurazione di sistema
● metti la spunta alla voce Disattiva Ripristino configurazione di sistema su tutte le unità
● conferma la modifica, con Applica e OK

Procedura per Windows Vista e Windows Seven:
● clicca sul pulsante Start
● tasto destro del mouse sull'icona Computer
● seleziona, dal menù a tendina, la voce Proprietà
● clicca, nel menù a sinistra, su Protezione sistema; compare un avviso relativo al Controllo Account Utente: clicca su Continua
● deseleziona la casella di controllo visualizzata accanto al Disco Locale C:
● clicca sul pulsante OK
● conferma la modifica apportata, cliccando sul pulsante Applica e OK

******************************

5. Svuota del suo contenuto la cartella Prefetch

Procedura per Windows XP:
● clicca sul pulsante Start
● clicca su Risorse del computer
● apri il Disco locale C:
● individua ed apri la cartella Windows
● individua ed apri la cartella Prefetch
elimina tutte le voci conservate al suo interno: fai attenzione però, a non eliminare la cartella

Procedura per Windows Vista e Windows Seven:
● clicca sul pulsante Start
● clicca su Computer
● apri il Disco locale C:
● individua ed apri la cartella Windows
● individua ed apri la cartella Prefetch
elimina tutte le voci conservate al suo interno, tranne il file Layout.ini: fai attenzione però, a non eliminare la cartella

Nota - riguardo alla procedura:
● la cartella Prefetch contiene i file che il sistema operativo esegue; un'operazione di prefetch consiste nel rendere immediatamente disponibili, nella memoria cache, i file utilizzati più spesso e quelli necessari per il processo di avvio del personal computer.
Il riavvio successivo sarà un po' lento, ma quelli seguenti saranno senza dubbio più veloci

******************************

6. Svuota del suo contenuto la cartella Download

Procedura per Windows XP:
● clicca sul pulsante Start
● clicca su Risorse del computer
● apri il Disco locale C:
● individua ed apri la cartella Windows
● individua ed apri la cartella SoftwareDistribution
● individua ed apri la cartella Download
elimina tutte le voci conservate al suo interno: fai attenzione però, a non eliminare la cartella

Procedura per Windows Vista e Windows Seven:
● clicca sul pulsante Start
● clicca su Computer
● apri il Disco locale C:
● individua ed apri la cartella Windows
● individua ed apri la cartella SoftwareDistribution
● individua ed apri la cartella Download
elimina tutte le voci conservate al suo interno: fai attenzione però, a non eliminare la cartella

Nota - riguardo alla procedura:
● la cartella Download contiene i file di installazione degli aggiornamenti di Windows, che possono essere eliminati senza problemi per recuperare spazio su disco e risolvere fastidiosi problemi di aggiornamenti

******************************

7. Scarica TFC by OldTimer: http://oldtimer.geekstogo.com/TFC.exe
● posiziona il tool sul Desktop
termina tutti i programmi attivi, comprese le pagine Internet
● avvia il tool con un doppio click
● clicca, in basso a sinistra, sul pulsante Start
scomparirà, per qualche istante, il Desktop: nulla di cui preoccuparsi
● attendi pazientemente il termine delle operazioni
● clicca, in basso a destra, sul pulsante Exit
● una volta terminate le operazioni, chiudi il programma

Nota: per eseguire correttamente TFC by OldTimer su Windows Vista e Windows Seven, clicca con il tasto destro del mouse sull'icona del programma e, dal menù contestuale, scegli la voce Esegui come Amministratore: conferma la richiesta proposta

******************************

8. Scarica ed installa CCleaner: http://www.piriform.com/ccleaner/download
Nota - durante l'installazione: non consentire l'installazione di componenti aggiuntivi (Toolbar in particolare): non installarne alcuno, quindi togli la spunta alla relativa voce

Una volta installato ed avviato, esegui queste operazioni:
● nel menù di sinistra, clicca su Opzioni
● nella finestra successiva, clicca su Impostazioni
● spunta la voce Tipo cancellazione: Sicura (lenta) e nel menù a tendina seleziona la voce DOD 5220.22-M (3 passaggi)
● clicca su Avanzate
● togli la spunta alla voce Cancella file in Windows Temp solo se più vecchi di 24 ore e alla voce Chiedi se salvare un backup dei problemi del registro
● clicca, nel menù a sinistra, su Pulizia: nella sezione Avanzate, metti la spunta alle voci Vecchi dati Prefetch, Disinstallatori Aggiornamenti di Windows e File Log IIS
● apri, in alto, il tab Applicazioni: spunta tutte le voci presenti
termina tutti i programmi attivi, comprese le pagine Internet
● clicca, in basso a sinistra, sul bottone Analizza, per cercare i file temporanei
● clicca, in basso a destra, sul bottone Avvia Pulizia, per avviare la pulizia dei file temporanei
● nella finestra che compare, metti la spunta alla voce Non mostrare più questo messaggio, e conferma cliccando sul pulsante OK
● terminata la pulizia, nel menù a sinistra, clicca sulla voce Registro
● clicca sul bottone Trova Problemi, per avviare la ricerca delle voci di registro corrotte e danneggiate
● clicca sul bottone Ripara selezionati... e prosegui con la riparazione: la pulizia del registro ripetila più volte, fino a quando non verranno più rilevati problemi da correggere
● una volta terminate le operazioni, chiudi il programma

******************************

9. Lancia Hijackthis e pulisci gli ADS (esclusivamente su partizioni formattate in NTFS):
● clicca sulla voce Open the Misc Tools section
● clicca su Open ADS Spy..., nel tab System tools
● in alto, togli la spunta alla voce Quick scan (Windows base folder only)
● clicca, in basso, sul pulsante Scan
● attendi pazientemente il termine della scansione
● se venissero rilevati molti ADS, clicca con il tasto destro sulla prima casellina, e scegli la voce Select all
● clicca, in basso, sul pulsante Remove selected: conferma con
● una volta terminate le operazioni, chiudi il programma

Nota - riguardo al programma:
● in caso avessi un sistema operativo a 64 Bit, tralascia la procedura. Fai click qui per scoprire se il tuo sistema operativo è a 32 o 64 Bit: http://support.microsoft.com/kb/827218/it

******************************

10. Scarica OTC by OldTimer: http://oldtimer.geekstogo.com/OTC.exe
● posiziona il tool sul Desktop
● chiudi tutti i programmi attivi
● avvia il tool con un doppio click
● clicca sul pulsante CleanUp!
● il programma chiede di riavviare il sistema: consenti, cliccando su Yes per due volte

Note - riguardo al programma:
OTC by OldTimer va eseguito solamente nel caso tu abbia utilizzato in precedenza particolari programmi che richiedono una particolare procedura di disinstallazione, come ComboFix, FindAWF, GMER, RSIT e TDSS Killer.
● per eseguire correttamente OTC by OldTimer su Windows Vista e Windows Seven, clicca con il tasto destro del mouse sull'icona del programma e, dal menù contestuale, scegli la voce Esegui come Amministratore: conferma la richiesta proposta

******************************

11. Riabilita il Ripristino Configurazione di Sistema, seguendo la procedura inversa al punto 4

******************************

12. Scarica ed installa Defraggler: http://www.piriform.com/defraggler/download

Nota - durante l'installazione:
non consentire l'installazione di componenti aggiuntivi (Toolbar in particolare): non installarne alcuno, quindi togli la spunta alla relativa voce

Una volta installato, esegui queste operazioni:
● avvia il programma con un doppio click
● seleziona con il tasto sinistro del mouse l'unità Disco Locale C:
● clicca, in basso a sinistra, sul bottone Deframmenta
● attendi pazientemente il termine delle operazioni

******************************

13. Controlla l'Hard Disk per eventuali errori

Procedura per Windows XP:
● clicca sul pulsante Start
● clicca su Esegui
● nello spazio bianco, copia ed incolla questa riga:
cmd /c chkdsk c: |find /v "percent" >> "%userprofile%\desktop\checkhd.txt"
● clicca sul pulsante OK
● attendi pazientemente il termine delle operazioni
● una finestra DOS vuota si aprirà sul Desktop, per poi chiudersi automaticamente: nulla di cui preoccuparsi
● allega il file checkhd.txt presente sul Desktop per un controllo

Procedura per Windows Vista e Windows Seven:
● clicca sul pulsante Start
● scegli la voce Tutti i programmi
● clicca su Accessori
● clicca su Esegui
● nello spazio bianco, copia ed incolla questa riga:
cmd /c chkdsk c: |find /v "percent" >> "%userprofile%\desktop\checkhd.txt"
● clicca sul pulsante OK
● attendi pazientemente il termine delle operazioni
● una finestra DOS vuota si aprirà sul Desktop, per poi chiudersi automaticamente: nulla di cui preoccuparsi
● allega il file checkhd.txt presente sul Desktop per un controllo

******************************

Note - al termine della procedura:
riavvia il sistema
allega un nuovo log di HijackThis
● comunica come funziona il sistema, e quali problemi riscontri attualmente
FrancescoFDAC
Utente Senior
 
Post: 1048
Iscritto il: 13/08/11 09:53

Re: vi chiedo il vostro aiuto

Postdi ilcaso77 » 28/02/12 19:17

grazie fdac per la tua risposta,se dici che non ci sono virus mi fido ciecamente,per fare la tua lista di istruzioni dovro' attendere che la mia stampante sia di nuova attiva,ho finito le cartucce appena le cambiero' faro' il tutto,grazie ancora sempre gentile
ilcaso77
Utente Junior
 
Post: 19
Iscritto il: 07/02/12 18:55

Re: vi chiedo il vostro aiuto

Postdi FrancescoFDAC » 02/03/12 14:10

Ciao, puoi anche leggerle e farle senza stampare nulla. Certo, averle scritte è molto comodo.

Hai risolto poi?

Francesco
FrancescoFDAC
Utente Senior
 
Post: 1048
Iscritto il: 13/08/11 09:53

Re: vi chiedo il vostro aiuto

Postdi ilcaso77 » 20/03/12 22:43

eccomi spero di aver fatto bene...Il file system Š di tipo NTFS.

Avvertenza! Parametro F non specificato
CHKDSK eseguito in modalit… sola lettura.

Verifica dei file in corso (fase 1 di 3)...
Verifica degli indici in corso (fase 2 di 3)...
Eliminazione della voce di indice LOCALS~1 nell'indice $I30 del file 24693.

Trovati errori. Impossibile proseguire CHKDSK in modalit… sola lettura.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22.52.12, on 20/03/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Programmi\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\afasrv32.exe
C:\Programmi\Freemake\CaptureLib\CaptureLibService.exe
C:\Programmi\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\Common Files\Motive\McciCMService.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\utente\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\utente\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\utente\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\utente\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\utente\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Programmi\Trend Micro\HijackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MSC] "c:\Programmi\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Afa Card Reader Service (AfaService) - Unknown owner - C:\WINDOWS\system32\afasrv32.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: McciCMService - Alcatel-Lucent - C:\Programmi\Common Files\Motive\McciCMService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe

--
End of file - 3554 bytes
ilcaso77
Utente Junior
 
Post: 19
Iscritto il: 07/02/12 18:55

Re: vi chiedo il vostro aiuto

Postdi ilcaso77 » 20/03/12 22:46

non riscontro problemi anche se all'accensione non e' velocissimo ma per il resto sono soddisfatto.spero sia tutto ok....aspetto il tuo verdetto gentile fdac
ilcaso77
Utente Junior
 
Post: 19
Iscritto il: 07/02/12 18:55

Re: vi chiedo il vostro aiuto

Postdi FrancescoFDAC » 21/03/12 08:52

Ciao, non possiamo "spremere il PC" più di cosi.
A mio avviso è pulito.
Se non riscontri problemi, abbiamo concluso (hai un messaggio privato).

Ciao!
FrancescoFDAC
Utente Senior
 
Post: 1048
Iscritto il: 13/08/11 09:53

Re: vi chiedo il vostro aiuto

Postdi ilcaso77 » 21/03/12 12:00

ok grazie
ilcaso77
Utente Junior
 
Post: 19
Iscritto il: 07/02/12 18:55


Torna a Sicurezza e Privacy


Topic correlati a "vi chiedo il vostro aiuto":

Aiuto urgente!!!
Autore: templare77
Forum: Software Windows
Risposte: 1

Chi c’è in linea

Visitano il forum: Nessuno e 7 ospiti