Valutazione 4.87/ 5 (100.00%) 5838 voti

Condividi:        

ad.addoubleclick

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: kadosh, Luke57

ad.addoubleclick

Postdi sabino90 » 29/06/12 18:36

Ragazzi sto uscendo pazzo...non riesco a eliminare questo cavolo di virus! questo è ciò che mi dice HiJackThis:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:40:05, on 29/06/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16446)
Boot mode: Normal

Running processes:
C:\Program Files\Soluto\soluto.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\STOPzilla!\STOPzilla.exe
C:\Windows\explorer.exe
C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe
C:\Program Files\Yuna Software\Messenger Plus! for Skype\Messenger Plus! for Skype.exe
C:\Users\Sabino\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sabino\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sabino\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sabino\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sabino\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sabino\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sabino\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sabino\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\Sabino\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:20069
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO DI RETE')
O4 - Startup: My 190.lnk = C:\Program Files\My 190\My 190.exe
O4 - Startup: tcbhn.lnk = Sabino\AppData\Roaming\BrowserCompanion\tcbhn.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: I&nvia a OneNote - res://C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll (file missing)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} (DellSystemLite.Scanner) - http://support.dell.com/systemprofiler/ ... emLite.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll
O18 - Protocol: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll
O18 - Protocol: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9334b3396d450a95\aestsrv.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Avira Pianificatore (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Servizio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DeviceExpert - Unknown owner - C:\ManageEngine\DeviceExpert\bin\wrapper.exe (file missing)
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Messenger Plus! Service (MsgPlusService) - Yuna Software - C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: NitroPDFDriverCreatorReadSpool2 (NitroDriverReadSpool2) - Nitro PDF Software - C:\Program Files\Nitro PDF\Professional 7\NitroPDFDriverService2.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - Unknown owner - C:\Program Files\Dell Support Center\bin\sprtsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9334b3396d450a95\STacSV.exe
O23 - Service: STOPzilla Service (szserver) - iS3, Inc. - C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE (file missing)

--
End of file - 8740 bytes
sabino90
Newbie
 
Post: 4
Iscritto il: 29/06/12 17:53

Sponsor
 

Re: ad.addoubleclick

Postdi FrancescoFDAC » 29/06/12 18:47

Scarica ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
● posiziona il file scaricato sul Desktop
disattiva l'Antivirus in uso, dall'icona presente sulla Traybar (accanto all'orologio di Windows)
disattiva il Firewall eventualmente installato, dall'icona presente sulla Traybar (accanto all'orologio di Windows)

Eseguiti i passaggi indicati sopra:
● lancia ComboFix con un doppio click
● una volta avviato clicca il pulsante Accetto: conferma cliccando Ok due volte
● segui le istruzioni che verranno rilasciate per eseguire la scansione:
"Tipicamente non impiega più di 10 minuti
Su pc molto infetti il tempo di scansione può raddoppiare facilmente"
● nel caso tu abbia Windows XP, verrà richiesta l'installazione della Console di ripristino di emergenza: non la installare (clicca il pulsante No)
senza eseguire nessuna altra operazione, lascia che il tool completi il suo lavoro

Note - durante la scansione:
● potrebbero comparire alcuni file sul Desktop, e poi eliminati
● spariranno, per un attimo, tutte le icone presenti sul Desktop: nulla di cui preoccuparsi
● potrebbe venire rilasciato un messaggio in relazione all'Antivirus in uso: prosegui ignorando il messaggio
● il firewall potrebbe rilasciare un avviso circa la rimozione di alcuni driver: consenti
● potrebbe apparire sul Desktop l'icona di Internet Explorer

Quando ComboFix avrà concluso l'operazione di scansione:
● il sistema verrà riavviato automaticamente: in caso contrario, riavvialo te
● vai in Disco Locale C:, cerca il file di testo dal nome ComboFix.txt ed allegalo

Nota - riguardo al programma:
● per eseguire correttamente ComboFix su Windows Vista e Windows Seven, clicca con il tasto destro del mouse sull'icona del programma e, dal menù contestuale, scegli la voce Esegui come Amministratore
sUBs, la software house che distribuisce ComboFix, non è responsabile di qualsiasi danno causato dopo l'utilizzo del programma stesso.
Esso non dovrebbe essere utilizzato a meno che non venga espressamente richiesto da un esperto
ComboFix disabilita l'esecuzione automatica delle unità USB (Chiavette, Hard Disk Esterni, Lettori MP3...) per prevenire future minacce: quando inserisci una Pendrive, dovrai avviarla manualmente dalle Risorse del computer.
FrancescoFDAC
Utente Senior
 
Post: 1048
Iscritto il: 13/08/11 09:53

Re: ad.addoubleclick

Postdi sabino90 » 29/06/12 19:45

Penso di aver fatto tutto correttamente....


ComboFix 12-06-28.03 - Sabino 29/06/2012 20:17:44.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.39.1040.18.3037.1711 [GMT 2:00]
Eseguito da: c:\users\Sabino\Desktop\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: STOPzilla Anti-Spyware *Disabled/Updated* {B2E69928-50DC-94CA-6A80-AAB054008761}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\IMinent Toolbar\tbHElper.dll
c:\programdata\master
c:\programdata\PCDr\5907\Downloads\9a727e3b-3b75-44f1-aa0c-b5b6cd760030.dll
c:\programdata\PCDr\5907\Downloads\a31dcb19-c462-4b91-b5af-0c0196d8d501.dll
c:\users\Public\Documents\bootracer.tmp
c:\users\Sabino\AppData\Local\TempDIR
c:\users\Sabino\AppData\Roaming\cacaoweb
c:\users\Sabino\AppData\Roaming\cacaoweb\npdfile.dat
c:\users\Sabino\AppData\Roaming\cacaoweb\replicating1AFB0C60785431CB71CDF4BB69EB92AC.cacao
c:\users\Sabino\AppData\Roaming\cacaoweb\replicating30190FED0394B9C907494415EB5F6D6A.cacao
c:\users\Sabino\AppData\Roaming\cacaoweb\replicating5E00F858D61F480D9F19FFB56F7229E5.cacao
c:\users\Sabino\AppData\Roaming\cacaoweb\replicating6057725AA684A842BF4E7F266453A8C6.cacao
c:\users\Sabino\AppData\Roaming\cacaoweb\replicating8A8C6E7EBECC3C0368C261096A91D74E.cacao
c:\users\Sabino\AppData\Roaming\cacaoweb\replicating8B23EEBC4D036AF175776980EE0E6F17.cacao
c:\users\Sabino\AppData\Roaming\cacaoweb\replicating9B64844528E43E5D3967A7D95DEF290D.cacao
c:\users\Sabino\AppData\Roaming\cacaoweb\replicating9FFB6F30563C1B5CB526667651E9B229.cacao
c:\users\Sabino\AppData\Roaming\cacaoweb\replicatingB805892A30CA8DA5A88BC7FCD4D80C93.cacao
c:\users\Sabino\AppData\Roaming\cacaoweb\replicatingB80CDD3EB56741670F735AD2658E54B9.cacao
c:\users\Sabino\AppData\Roaming\cacaoweb\replicatingE4EBDCD799A8BF41631B0C2C5D9CE662.cacao
c:\users\Sabino\AppData\Roaming\cacaoweb\storage.db
c:\users\Sabino\AppData\Roaming\OfferBox
c:\users\Sabino\AppData\Roaming\OfferBox\config.dat
c:\users\Sabino\AppData\Roaming\OfferBox\config.xml
c:\windows\security\Database\tmp.edb
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\system32\drivers\etc\hosts.txt
c:\windows\system32\drivers\npf.sys
.
La copia infetta di c:\windows\system32\userinit.exe è stata trovata e disinfettata
ipristinata copia da - c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
.
.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_NPF
.
.
((((((((((((((((((((((((( Files Creati Da 2012-05-28 al 2012-06-29 )))))))))))))))))))))))))))))))))))
.
.
2012-06-29 18:33 . 2012-06-29 18:33 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-06-29 16:43 . 2012-06-29 16:43 388096 ----a-r- c:\users\Sabino\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-06-29 16:43 . 2012-06-29 16:43 -------- d-----w- c:\program files\Trend Micro
2012-06-29 16:33 . 2012-01-12 07:26 101112 ----a-r- c:\windows\system32\drivers\SBREDrv.sys
2012-06-29 16:32 . 2012-06-29 16:34 -------- d-----w- c:\program files\STOPzilla!
2012-06-29 16:32 . 2012-06-29 18:37 -------- d-----w- c:\programdata\STOPzilla!
2012-06-29 16:32 . 2012-06-29 16:32 -------- d-----w- c:\program files\Common Files\iS3
2012-06-26 08:12 . 2012-06-26 08:12 -------- d-----w- c:\users\Sabino\AppData\Roaming\CheckPoint
2012-06-26 08:01 . 2012-06-26 08:01 -------- d-----w- c:\programdata\CheckPoint
2012-06-25 23:51 . 2012-06-28 10:38 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-06-22 09:47 . 2012-06-29 10:18 -------- d-----w- c:\users\Sabino\AppData\Local\Spotify
2012-06-22 09:47 . 2012-06-29 16:28 -------- d-----w- c:\users\Sabino\AppData\Roaming\Spotify
2012-06-22 09:06 . 2012-06-22 09:06 -------- d-----w- c:\program files\Oracle
2012-06-22 08:50 . 2012-05-04 17:29 772504 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-06-21 15:40 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-21 15:40 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-21 15:40 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-21 15:40 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-21 15:40 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-21 15:40 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-21 15:40 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-21 15:39 . 2012-06-02 13:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-21 15:39 . 2012-06-02 13:12 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-06-14 09:28 . 2012-04-07 11:26 2342400 ----a-w- c:\windows\system32\msi.dll
2012-06-14 09:28 . 2012-04-28 03:17 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-06-14 09:28 . 2012-05-15 01:05 2343936 ----a-w- c:\windows\system32\win32k.sys
2012-06-14 09:28 . 2012-04-26 04:45 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-06-14 09:28 . 2012-05-01 04:44 164352 ----a-w- c:\windows\system32\profsvc.dll
2012-06-14 09:28 . 2012-04-26 04:45 58880 ----a-w- c:\windows\system32\rdpwsx.dll
2012-06-14 09:28 . 2012-04-26 04:41 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-06-14 09:28 . 2012-04-24 04:36 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2012-06-14 09:28 . 2012-04-24 04:36 1158656 ----a-w- c:\windows\system32\crypt32.dll
2012-06-14 09:28 . 2012-04-24 04:36 103936 ----a-w- c:\windows\system32\cryptnet.dll
2012-06-10 18:06 . 2012-06-10 18:06 -------- d-----w- c:\programdata\TomTom
2012-06-10 17:58 . 2012-06-10 17:58 -------- d-----w- c:\program files\TomTom International B.V
2012-06-10 17:57 . 2012-06-10 17:57 -------- d-----w- c:\program files\TomTom HOME 2
2012-05-31 08:46 . 2012-05-31 08:46 159744 ----a-w- c:\program files\Internet Explorer\Plugin\npqtplugin7.dll
2012-05-31 08:46 . 2012-05-31 08:46 159744 ----a-w- c:\program files\Internet Explorer\Plugin\npqtplugin6.dll
2012-05-31 08:46 . 2012-05-31 08:46 159744 ----a-w- c:\program files\Internet Explorer\Plugin\npqtplugin5.dll
2012-05-31 08:46 . 2012-05-31 08:46 159744 ----a-w- c:\program files\Internet Explorer\Plugin\npqtplugin4.dll
2012-05-31 08:46 . 2012-05-31 08:46 159744 ----a-w- c:\program files\Internet Explorer\Plugin\npqtplugin3.dll
2012-05-31 08:46 . 2012-05-31 08:46 159744 ----a-w- c:\program files\Internet Explorer\Plugin\npqtplugin2.dll
2012-05-31 08:46 . 2012-05-31 08:46 159744 ----a-w- c:\program files\Internet Explorer\Plugin\npqtplugin.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-29 18:20 . 2012-06-29 16:55 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B725F92D-E00B-433E-8D2C-56DE1F3ECCB6}\offreg.dll
2012-06-24 08:39 . 2012-04-07 08:42 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-06-24 08:39 . 2011-05-19 06:51 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-31 03:41 . 2012-06-29 09:23 6762896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B725F92D-E00B-433E-8D2C-56DE1F3ECCB6}\mpengine.dll
2012-05-04 17:29 . 2010-05-03 13:48 687504 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-25 09:35 . 2012-04-25 09:35 23376 ----a-r- c:\windows\system32\SZIO5.dll
2012-04-25 09:35 . 2012-04-25 09:35 546640 ----a-r- c:\windows\system32\SZComp5.dll
2012-04-25 09:35 . 2012-04-25 09:35 481104 ----a-r- c:\windows\system32\SZBase5.dll
2012-04-25 09:21 . 2012-04-25 09:21 73136 ----a-r- c:\windows\system32\drivers\SZKGFS.sys
2012-04-19 15:39 . 2012-04-19 15:39 29008 ----a-r- c:\windows\system32\IS3XDat5.dll
2012-04-19 15:39 . 2012-04-19 15:39 231248 ----a-r- c:\windows\system32\IS3Win325.dll
2012-04-19 15:39 . 2012-04-19 15:39 390992 ----a-r- c:\windows\system32\IS3UI5.dll
2012-04-19 15:39 . 2012-04-19 15:39 100176 ----a-r- c:\windows\system32\IS3Svc5.dll
2012-04-19 15:39 . 2012-04-19 15:39 104272 ----a-r- c:\windows\system32\IS3Inet5.dll
2012-04-19 15:39 . 2012-04-19 15:39 67408 ----a-r- c:\windows\system32\IS3Hks5.dll
2012-04-19 15:39 . 2012-04-19 15:39 132944 ----a-r- c:\windows\system32\IS3HTUI5.dll
2012-04-19 15:39 . 2012-04-19 15:39 456528 ----a-r- c:\windows\system32\IS3DBA5.dll
2012-04-19 15:39 . 2012-04-19 15:39 808784 ----a-r- c:\windows\system32\IS3Base5.dll
2012-04-18 18:56 . 2012-04-18 18:56 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2012-04-18 18:56 . 2012-04-18 18:56 69632 ----a-w- c:\windows\system32\QuickTime.qts
2012-04-12 04:52 . 2011-09-24 13:34 27144 ----a-w- c:\windows\system32\nitrolocalmon2.dll
2012-04-12 04:52 . 2011-09-24 13:34 18440 ----a-w- c:\windows\system32\nitrolocalui2.dll
2012-04-04 13:56 . 2012-02-08 10:29 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2008-10-28 11:41 . 2009-12-05 08:58 238896 ----a-w- c:\program files\mozilla firefox\plugins\CrazyTalk4Native.dll
2008-10-28 11:41 . 2009-12-05 08:58 210320 ----a-w- c:\program files\mozilla firefox\plugins\ctdomemhelper.dll
2008-10-28 11:41 . 2009-12-05 08:58 83248 ----a-w- c:\program files\mozilla firefox\plugins\ctframeplayerobject.dll
2008-10-28 11:41 . 2009-12-05 08:58 431512 ----a-w- c:\program files\mozilla firefox\plugins\ctplayerobject.dll
2008-10-28 11:41 . 2009-12-05 08:58 464176 ----a-w- c:\program files\mozilla firefox\plugins\imagickrt.dll
2008-10-28 11:41 . 2009-12-05 08:58 144688 ----a-w- c:\program files\mozilla firefox\plugins\rlcontentclass.dll
2008-10-28 11:41 . 2009-12-05 08:58 210224 ----a-w- c:\program files\mozilla firefox\plugins\RLMusicPacker.dll
2008-10-28 11:41 . 2009-12-05 08:58 111920 ----a-w- c:\program files\mozilla firefox\plugins\RLMusicUnpacker.dll
2008-10-28 11:41 . 2009-12-05 08:58 218416 ----a-w- c:\program files\mozilla firefox\plugins\RLVoicePacker.dll
2008-10-28 11:41 . 2009-12-05 08:58 173360 ----a-w- c:\program files\mozilla firefox\plugins\RLVoiceUnpacker.dll
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RESTART_STICKY_NOTES"="c:\windows\System32\StikyNot.exe" [2009-07-14 354304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-12-16 258512]
.
c:\users\Sabino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
My 190.lnk - c:\program files\My 190\My 190.exe [2012-3-15 142336]
tcbhn.lnk - c:\users\Sabino\AppData\Roaming\BrowserCompanion\tcbhn.exe [2012-3-27 692888]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]
@="Service"
.
R0 is3srv;is3srv;c:\windows\system32\drivers\is3srv.sys [x]
R2 DeviceExpert;DeviceExpert;c:\manageengine\DeviceExpert\bin\wrapper.exe [x]
R2 gupdate;Servizio di Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 gupdatem;Servizio Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 KMWDFILTERx86;HIDServiceDesc;c:\windows\system32\DRIVERS\KMWDFILTER.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [x]
R3 ONDA_MW823UP_cdc_acm;ONDA MW823UP CDC-ACM driver;c:\windows\system32\DRIVERS\ONDA_MW823UP_cdc_acm.sys [x]
R3 ONDA_MW823UP_cdc_ecm;ONDA_MW823UP_cdc_ecm;c:\windows\system32\DRIVERS\ONDA_MW823UP_cdc_ecm.sys [x]
R3 ONDA_MW823UP_cpo;ONDA MW823UP Install;c:\windows\system32\DRIVERS\ONDA_MW823UP_cpo.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [x]
R3 PCDSRVC{E9D79540-57D5953E-06020101}_0;PCDSRVC{E9D79540-57D5953E-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc.pkms [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys [x]
S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys [x]
S0 Soluto;Soluto;c:\windows\system32\DRIVERS\Soluto.sys [x]
S0 szkg5;szkg5;c:\windows\system32\DRIVERS\szkg.sys [x]
S0 szkgfs;szkgfs;c:\windows\system32\drivers\szkgfs.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9334b3396d450a95\aestsrv.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Pianificatore;c:\program files\Avira\AntiVir Desktop\sched.exe [x]
S2 E2ECAP;CamDirector - WDM Video Capture;c:\windows\system32\DRIVERS\e2ecap.sys [x]
S2 MsgPlusService;Messenger Plus! Service;c:\program files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe [x]
S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [x]
S2 NitroDriverReadSpool2;NitroPDFDriverCreatorReadSpool2;c:\program files\Nitro PDF\Professional 7\NitroPDFDriverService2.exe [x]
S2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [x]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]
S3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [x]
S3 ONDA_MW823UP_dc_enum;ONDA MW823UP DC Enumerator;c:\windows\system32\DRIVERS\ONDA_MW823UP_dc_enum.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
Contenuto della cartella 'Scheduled Tasks'
.
2012-06-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-07 08:39]
.
2012-06-29 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1452159324-766955113-3666706478-1001Core.job
- c:\users\Sabino\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-08-29 11:04]
.
2012-06-29 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1452159324-766955113-3666706478-1001UA.job
- c:\users\Sabino\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-08-29 11:04]
.
2012-06-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-03 14:23]
.
2012-06-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-03 14:23]
.
2012-06-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1452159324-766955113-3666706478-1001Core.job
- c:\users\Sabino\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-07 17:28]
.
2012-06-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1452159324-766955113-3666706478-1001UA.job
- c:\users\Sabino\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-07 17:28]
.
2012-06-27 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\Dell Support Center\uaclauncher.exe [2012-04-13 05:40]
.
2012-06-29 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\Dell Support Center\uaclauncher.exe [2012-04-13 05:40]
.
.
------- Scansione supplementare -------
.
uInternet Settings,ProxyServer = 127.0.0.1:20069
IE: E&sporta in Microsoft Excel - c:\progra~1\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: I&nvia a OneNote - c:\progra~1\MIF5BA~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 62.101.93.101 83.103.25.250
Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - c:\program files\BrowserCompanion\tdataprotocol.dll
Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - c:\program files\BrowserCompanion\tdataprotocol.dll
Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - c:\program files\BrowserCompanion\tdataprotocol.dll
DPF: Microsoft XML Parser for Java - file:///C:/Windows/Java/classes/xmldso.cab
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
Toolbar-10 - (no file)
WebBrowser-{08D495AB-A86C-47B0-82EF-DA87BF92F730} - (no file)
WebBrowser-{1D03A978-AC0C-4004-B9FD-9CF361C7BD3F} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
AddRemove-Revo Uninstaller - c:\program files\VS Revo Group\Revo Uninstaller\uninst.exe
AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}\bm_installer.exe
AddRemove-{7585478E9D9B42108671C12F8714CEFE} - c:\program files\DivX\DivXConverterUninstall.exe
AddRemove-FoxTab PDF Converter - c:\program files\FoxTabPDFConverter\Uninstall\Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PCDSRVC{E9D79540-57D5953E-06020101}_0]
"ImagePath"="\??\c:\program files\dell support center\pcdsrvc.pkms"
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{977AE9CC-AF83-45E8-9E03-E2798216E2D5}"=hex:51,66,7a,6c,4c,1d,38,12,a2,ea,69,
93,b1,e1,86,00,e1,15,a1,39,87,48,a6,c1
"{99079A25-328F-4BD4-BE04-00955ACAA0A7}"=hex:51,66,7a,6c,4c,1d,38,12,4b,99,14,
9d,bd,7c,ba,0e,c1,12,43,d5,5f,94,e4,b3
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{326E768D-4182-46FD-9C16-1449A49795F4}"=hex:51,66,7a,6c,4c,1d,38,12,e3,75,7d,
36,b0,0f,93,03,e3,00,57,09,a1,c9,d1,e0
"{58124A0B-DC32-4180-9BFF-E0E21AE34026}"=hex:51,66,7a,6c,4c,1d,38,12,65,49,01,
5c,00,92,ee,04,e4,e9,a3,a2,1f,bd,04,32
"{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,38,12,0f,32,96,
76,f7,7e,4c,08,c8,ef,48,fc,18,66,e7,6a
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{9D717F81-9148-4F12-8568-69135F087DB0}"=hex:51,66,7a,6c,4c,1d,38,12,ef,7c,62,
99,7a,df,7c,0a,fa,7e,2a,53,5a,56,39,a4
"{9FDDE16B-836F-4806-AB1F-1455CBEFF289}"=hex:51,66,7a,6c,4c,1d,38,12,05,e2,ce,
9b,5d,cd,68,0d,d4,09,57,15,ce,b1,b6,9d
"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,38,12,07,5b,93,
aa,6e,60,ba,0b,f0,6d,b2,b7,80,44,00,83
"{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,38,12,5b,ab,e0,
b0,13,40,37,0c,c5,34,01,f3,05,d0,46,eb
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,38,12,8f,19,47,
2e,c4,15,0b,03,d7,b5,8c,e9,62,70,06,85
"{FAE12866-E91C-43AC-AF75-8D7E316F15B8}"=hex:51,66,7a,6c,4c,1d,38,12,08,2b,f2,
fe,2e,a7,c2,06,d0,63,ce,3e,34,31,51,ac
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:1a,65,ca,76,b0,e4,cc,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,59,15,13,1b,ee,a7,e3,4e,a4,2a,84,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,59,15,13,1b,ee,a7,e3,4e,a4,2a,84,\
.
[HKEY_USERS\S-1-5-21-1452159324-766955113-3666706478-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.download\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariDownload"
.
[HKEY_USERS\S-1-5-21-1452159324-766955113-3666706478-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (S-1-5-21-1452159324-766955113-3666706478-1001)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-1452159324-766955113-3666706478-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (S-1-5-21-1452159324-766955113-3666706478-1001)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-1452159324-766955113-3666706478-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.safariextz\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariExtension"
.
[HKEY_USERS\S-1-5-21-1452159324-766955113-3666706478-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (S-1-5-21-1452159324-766955113-3666706478-1001)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-1452159324-766955113-3666706478-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-1452159324-766955113-3666706478-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.webarchive\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-1452159324-766955113-3666706478-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (S-1-5-21-1452159324-766955113-3666706478-1001)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-1452159324-766955113-3666706478-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (S-1-5-21-1452159324-766955113-3666706478-1001)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-1452159324-766955113-3666706478-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-1452159324-766955113-3666706478-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{085C8E5C-29C2-1D40-6C81-91F69A9F818C}*]
"danmlean"=hex:64,62,61,68,6d,69,66,6f,65,68,6c,62,69,6d,61,68,6a,68,6f,69,62,
69,70,64,68,6f,61,70,68,6b,6f,6e,69,66,65,63,64,6f,61,62,00,00
"iaehgpmbppdcjpekpd"=hex:6a,61,64,61,6f,65,6d,68,70,68,62,64,65,67,68,6b,70,67,
66,68,00,f8
"hakgahpcgjiieclf"=hex:6a,61,64,61,6f,65,6d,68,70,68,62,64,65,67,68,6b,70,67,
66,68,00,f2
.
[HKEY_USERS\S-1-5-21-1452159324-766955113-3666706478-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{4D52BFF7-A97A-3BF5-1107-844FE0A90DB4}*]
@Allowed: (Read) (RestrictedCode)
"bbmhioncpnnecmaddhomogjfmbedcbmoljfg"=hex:6a,61,61,6e,66,70,6b,66,6a,6f,61,66,
65,62,63,6a,6d,6e,6c,61,00,00
"abgileelihjkjeophgjgbamcoblokpglnl"=hex:6a,61,61,6e,66,70,6b,66,6a,6f,61,66,
65,62,63,6a,6d,6e,6c,61,00,00
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
.
- - - - - - - > 'Explorer.exe'(2956)
c:\windows\System32\bthprops.cpl
c:\windows\System32\hgcpl.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\program files\Common Files\iS3\Anti-Spyware\SZServer.exe
c:\windows\system32\taskhost.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\conhost.exe
c:\program files\STOPzilla!\STOPzilla.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\sppsvc.exe
c:\users\Sabino\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Sabino\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Sabino\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Sabino\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Sabino\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Sabino\AppData\Local\Google\Chrome\Application\chrome.exe
.
**************************************************************************
.
Ora fine scansione: 2012-06-29 20:46:43 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2012-06-29 18:46
.
Pre-Run: 144.869.335.040 byte disponibili
Post-Run: 144.201.990.144 byte disponibili
.
- - End Of File - - D69A28545076B8F1652982DBC58435CB
sabino90
Newbie
 
Post: 4
Iscritto il: 29/06/12 17:53

Re: ad.addoubleclick

Postdi FrancescoFDAC » 30/06/12 08:34

Hai omesso di fare la cosa più importante: eseguire ComboFix dal Desktop.

l'hai eseguito da qui: c:\users\Sabino\Desktop\Downloads\ComboFix.exe

Disinstalla STOPzilla Anti-Spyware, fai sapere se è installato prima..
Disinstalla anche Spybot - Search & Destroy e Soluto.

Quindi:
Scarica Malwarebytes' Anti-Malware - Free Edition: http://www.malwarebytes.org
● doppio click su mbam-setup.exe per avviare il setup
● in fase di installazione, lascia la spunta alle voci b]Aggiorna Malwarebytes' Anti-Malware[/b] e Avvia Malwarebytes' Anti-Malware

Una volta eseguiti i passaggi indicati sopra:
● collega tutte le periferiche esterne che possiedi ( Chiavette USB, HDD Esterni, Lettori MP3... )
● verrà mostrata la schermata principale del tool: al messaggio che appare, clicca sul pulsante No
● clicca sul pulsante Scansione completa, e conferma cliccando il pulsante Scansione
● verrà richiesto quali drive scansionare; selezionali tutti, e clicca nuovamente su Scansione
● attendi pazientemente il termine della scansione
● una volta terminata, clicca sul pulsante OK e Mostra Risultati per visionare il Report
● verrà rilasciato automaticamente un file di testo: salvalo sul Desktop ed allegalo
● assicurati che tutte le voci siano selezionate, e clicca sul pulsante Rimuovi selezionati, in basso a sinistra
● il log può essere visionati cliccando sul tab Log dall'interfaccia principale del programma

Nota - riguardo al programma:
● se MalwareBytes incontrasse delle difficoltà nel rimuovere alcuni file, verranno mostrate delle finestre aggiuntive: clicca sul pulsante OK, e lascia procedere il programma alla disinfezione. Se MalwareBytes chiedesse di riavviare il sistema, fallo immediatamente

Infine:
Scarica Kaspersky TDSS Killer: http://support.kaspersky.com/downloads/ ... killer.exe
● posiziona il file scaricato sul Desktop
● clicca due volte sul file TDSSKiller.exe per avviare l'applicazione
● successivamente premi il pulsante Start scan

Nota - riguardo al programma:
● non cliccare sul pulsante Stop scan per nessun motivo, la scansione si interromperebbe

Giunti a questo punto, inizia la scansione del sistema alla ricerca di software malevolo:
● se viene trovato un file infetto, l'azione di default sarà Cure: clicca quindi su Continua
● se viene trovato un file sospetto, l'azione di default sarà Skip: clicca quindi su Continua
● se non viene rilevato nulla, chiudi semplicemente il programma al termine della scansione

Una volta terminata la scansione, si presenterà una di queste due opzioni:
non è necessario il riavvio del sistema: allega il Report situato nel Disco Locale C:\, di nome TDSSKiller.[Version]_[Date]_[Time]_log.txt
● è necessario riavviare il sistema: clicca su Riavvia ora, infine allega il risultato della scansione (si trova nello stesso percorso menzionato poco fa')
FrancescoFDAC
Utente Senior
 
Post: 1048
Iscritto il: 13/08/11 09:53

Re: ad.addoubleclick

Postdi sabino90 » 30/06/12 09:46

10:33:57.0369 7412 TDSS rootkit removing tool 2.7.43.0 Jun 29 2012 17:54:22
10:33:57.0786 7412 ============================================================
10:33:57.0786 7412 Current date / time: 2012/06/30 10:33:57.0786
10:33:57.0786 7412 SystemInfo:
10:33:57.0786 7412
10:33:57.0786 7412 OS Version: 6.1.7601 ServicePack: 1.0
10:33:57.0786 7412 Product type: Workstation
10:33:57.0786 7412 ComputerName: SABINO-PC
10:33:57.0787 7412 UserName: Sabino
10:33:57.0787 7412 Windows directory: C:\Windows
10:33:57.0787 7412 System windows directory: C:\Windows
10:33:57.0787 7412 Processor architecture: Intel x86
10:33:57.0788 7412 Number of processors: 2
10:33:57.0788 7412 Page size: 0x1000
10:33:57.0788 7412 Boot type: Normal boot
10:33:57.0788 7412 ============================================================
10:33:58.0367 7412 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
10:33:58.0369 7412 ============================================================
10:33:58.0369 7412 \Device\Harddisk0\DR0:
10:33:58.0369 7412 MBR partitions:
10:33:58.0369 7412 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x1D4C000
10:33:58.0369 7412 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D5F9C5, BlocksNum 0x236CE8EB
10:33:58.0369 7412 ============================================================
10:33:58.0388 7412 C: <-> \Device\Harddisk0\DR0\Partition1
10:33:58.0433 7412 W: <-> \Device\Harddisk0\DR0\Partition0
10:33:58.0433 7412 ============================================================
10:33:58.0433 7412 Initialize success
10:33:58.0433 7412 ============================================================
10:34:05.0971 9516 ============================================================
10:34:05.0971 9516 Scan started
10:34:05.0971 9516 Mode: Manual; SigCheck; TDLFS;
10:34:05.0971 9516 ============================================================
10:34:06.0510 9516 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
10:34:06.0623 9516 1394ohci - ok
10:34:06.0683 9516 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
10:34:06.0709 9516 ACPI - ok
10:34:06.0756 9516 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
10:34:06.0833 9516 AcpiPmi - ok
10:34:06.0953 9516 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:34:06.0975 9516 AdobeFlashPlayerUpdateSvc - ok
10:34:07.0060 9516 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
10:34:07.0091 9516 adp94xx - ok
10:34:07.0129 9516 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
10:34:07.0153 9516 adpahci - ok
10:34:07.0185 9516 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
10:34:07.0202 9516 adpu320 - ok
10:34:07.0246 9516 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
10:34:07.0310 9516 AeLookupSvc - ok
10:34:07.0449 9516 AESTFilters (827dbc22c96eecf6d36a13162fabafd3) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9334b3396d450a95\aestsrv.exe
10:34:07.0516 9516 AESTFilters - ok
10:34:07.0584 9516 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
10:34:07.0653 9516 AFD - ok
10:34:07.0714 9516 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
10:34:07.0730 9516 agp440 - ok
10:34:07.0787 9516 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
10:34:07.0806 9516 aic78xx - ok
10:34:07.0859 9516 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
10:34:07.0915 9516 ALG - ok
10:34:07.0943 9516 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
10:34:07.0962 9516 aliide - ok
10:34:08.0035 9516 AMD External Events Utility (f970ea885aefeb1b9eb97ca7f1eb226d) C:\Windows\system32\atiesrxx.exe
10:34:08.0138 9516 AMD External Events Utility - ok
10:34:08.0159 9516 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
10:34:08.0176 9516 amdagp - ok
10:34:08.0199 9516 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
10:34:08.0215 9516 amdide - ok
10:34:08.0288 9516 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
10:34:08.0317 9516 AmdK8 - ok
10:34:08.0970 9516 amdkmdag (ab70f110143892eb41aa46500aa5cf00) C:\Windows\system32\DRIVERS\atikmdag.sys
10:34:09.0192 9516 amdkmdag - ok
10:34:09.0368 9516 amdkmdap (32d68d05b871eed5572d0c2c764ea4ec) C:\Windows\system32\DRIVERS\atikmpag.sys
10:34:09.0401 9516 amdkmdap - ok
10:34:09.0451 9516 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
10:34:09.0469 9516 AmdPPM - ok
10:34:09.0518 9516 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
10:34:09.0536 9516 amdsata - ok
10:34:09.0580 9516 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
10:34:09.0604 9516 amdsbs - ok
10:34:09.0623 9516 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
10:34:09.0639 9516 amdxata - ok
10:34:09.0879 9516 AntiVirSchedulerService (ffab08597accd27065f600d4ed747d83) C:\Program Files\Avira\AntiVir Desktop\sched.exe
10:34:09.0899 9516 AntiVirSchedulerService - ok
10:34:09.0998 9516 AntiVirService (a341d3b2442acbbcf9afbc801e2c8013) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
10:34:10.0015 9516 AntiVirService - ok
10:34:10.0064 9516 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
10:34:10.0185 9516 AppID - ok
10:34:10.0222 9516 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
10:34:10.0275 9516 AppIDSvc - ok
10:34:10.0323 9516 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
10:34:10.0372 9516 Appinfo - ok
10:34:10.0476 9516 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:34:10.0488 9516 Apple Mobile Device - ok
10:34:10.0559 9516 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
10:34:10.0584 9516 arc - ok
10:34:10.0609 9516 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
10:34:10.0634 9516 arcsas - ok
10:34:10.0673 9516 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
10:34:10.0800 9516 AsyncMac - ok
10:34:10.0842 9516 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
10:34:10.0859 9516 atapi - ok
10:34:10.0932 9516 AtiHdmiService (bb9e7c7f937714f05a4e05c287d6ddff) C:\Windows\system32\drivers\AtiHdmi.sys
10:34:10.0956 9516 AtiHdmiService - ok
10:34:11.0555 9516 atikmdag (ab70f110143892eb41aa46500aa5cf00) C:\Windows\system32\DRIVERS\atikmdag.sys
10:34:11.0700 9516 atikmdag - ok
10:34:11.0889 9516 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
10:34:11.0939 9516 AudioEndpointBuilder - ok
10:34:11.0948 9516 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
10:34:11.0986 9516 Audiosrv - ok
10:34:12.0075 9516 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\Windows\system32\DRIVERS\avgntflt.sys
10:34:12.0090 9516 avgntflt - ok
10:34:12.0160 9516 avipbb (13b02b9b969dde270cd7c351203dad3c) C:\Windows\system32\DRIVERS\avipbb.sys
10:34:12.0181 9516 avipbb - ok
10:34:12.0256 9516 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
10:34:12.0275 9516 avkmgr - ok
10:34:12.0321 9516 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
10:34:12.0384 9516 AxInstSV - ok
10:34:12.0452 9516 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
10:34:12.0507 9516 b06bdrv - ok
10:34:12.0560 9516 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
10:34:12.0582 9516 b57nd60x - ok
10:34:12.0639 9516 BCM42RLY (55070d71bbb424a56d5125c61fcc2897) C:\Windows\system32\drivers\BCM42RLY.sys
10:34:12.0654 9516 BCM42RLY - ok
10:34:12.0835 9516 BCM43XX (f9ce9b5e049efc66b8e6c73c18ee8438) C:\Windows\system32\DRIVERS\bcmwl6.sys
10:34:12.0912 9516 BCM43XX - ok
10:34:13.0078 9516 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
10:34:13.0137 9516 BDESVC - ok
10:34:13.0214 9516 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
10:34:13.0263 9516 Beep - ok
10:34:13.0339 9516 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
10:34:13.0384 9516 BFE - ok
10:34:13.0443 9516 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\system32\qmgr.dll
10:34:13.0500 9516 BITS - ok
10:34:13.0515 9516 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
10:34:13.0551 9516 blbdrive - ok
10:34:13.0705 9516 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
10:34:13.0728 9516 Bonjour Service - ok
10:34:13.0770 9516 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
10:34:13.0797 9516 bowser - ok
10:34:13.0815 9516 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:34:13.0893 9516 BrFiltLo - ok
10:34:13.0912 9516 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:34:13.0951 9516 BrFiltUp - ok
10:34:14.0022 9516 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys
10:34:14.0082 9516 BridgeMP - ok
10:34:14.0118 9516 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
10:34:14.0178 9516 Browser - ok
10:34:14.0223 9516 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
10:34:14.0277 9516 Brserid - ok
10:34:14.0298 9516 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
10:34:14.0317 9516 BrSerWdm - ok
10:34:14.0333 9516 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
10:34:14.0362 9516 BrUsbMdm - ok
10:34:14.0373 9516 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
10:34:14.0409 9516 BrUsbSer - ok
10:34:14.0428 9516 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
10:34:14.0466 9516 BTHMODEM - ok
10:34:14.0529 9516 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
10:34:14.0576 9516 bthserv - ok
10:34:14.0795 9516 catchme - ok
10:34:14.0841 9516 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
10:34:14.0891 9516 cdfs - ok
10:34:14.0943 9516 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
10:34:14.0980 9516 cdrom - ok
10:34:15.0020 9516 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
10:34:15.0063 9516 CertPropSvc - ok
10:34:15.0079 9516 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
10:34:15.0100 9516 circlass - ok
10:34:15.0141 9516 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
10:34:15.0165 9516 CLFS - ok
10:34:15.0274 9516 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:34:15.0289 9516 clr_optimization_v2.0.50727_32 - ok
10:34:15.0387 9516 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:34:15.0408 9516 clr_optimization_v4.0.30319_32 - ok
10:34:15.0442 9516 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
10:34:15.0463 9516 CmBatt - ok
10:34:15.0500 9516 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
10:34:15.0521 9516 cmdide - ok
10:34:15.0586 9516 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
10:34:15.0619 9516 CNG - ok
10:34:15.0670 9516 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
10:34:15.0688 9516 Compbatt - ok
10:34:15.0744 9516 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
10:34:15.0775 9516 CompositeBus - ok
10:34:15.0809 9516 COMSysApp - ok
10:34:15.0846 9516 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
10:34:15.0864 9516 crcdisk - ok
10:34:15.0948 9516 CryptSvc (06e771aa596b8761107ab57e99f128d7) C:\Windows\system32\cryptsvc.dll
10:34:16.0011 9516 CryptSvc - ok
10:34:16.0147 9516 CrystalSysInfo (f054744f67576a01139885173392502b) C:\Program Files\MediaCoder\SysInfo.sys
10:34:16.0168 9516 CrystalSysInfo - ok
10:34:16.0202 9516 CtClsFlt (ec232b13241caf587323b84981e0dda3) C:\Windows\system32\DRIVERS\CtClsFlt.sys
10:34:16.0246 9516 CtClsFlt - ok
10:34:16.0301 9516 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
10:34:16.0338 9516 DcomLaunch - ok
10:34:16.0379 9516 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
10:34:16.0435 9516 defragsvc - ok
10:34:16.0510 9516 DeviceExpert - ok
10:34:16.0564 9516 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
10:34:16.0625 9516 DfsC - ok
10:34:16.0700 9516 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
10:34:16.0739 9516 Dhcp - ok
10:34:16.0768 9516 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
10:34:16.0817 9516 discache - ok
10:34:16.0853 9516 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
10:34:16.0877 9516 Disk - ok
10:34:16.0909 9516 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
10:34:16.0953 9516 Dnscache - ok
10:34:16.0994 9516 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
10:34:17.0054 9516 dot3svc - ok
10:34:17.0094 9516 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
10:34:17.0146 9516 DPS - ok
10:34:17.0191 9516 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
10:34:17.0218 9516 drmkaud - ok
10:34:17.0292 9516 dtsoftbus01 (687af6bb383885ff6a64071b189a7f3e) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
10:34:17.0312 9516 dtsoftbus01 - ok
10:34:17.0394 9516 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
10:34:17.0424 9516 DXGKrnl - ok
10:34:17.0481 9516 E2ECAP (ae0e991d0a350ccb6411c724f0efdeb7) C:\Windows\system32\DRIVERS\e2ecap.sys
10:34:17.0502 9516 E2ECAP ( UnsignedFile.Multi.Generic ) - warning
10:34:17.0502 9516 E2ECAP - detected UnsignedFile.Multi.Generic (1)
10:34:17.0540 9516 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
10:34:17.0600 9516 EapHost - ok
10:34:17.0845 9516 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
10:34:17.0922 9516 ebdrv - ok
10:34:18.0050 9516 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
10:34:18.0104 9516 EFS - ok
10:34:18.0192 9516 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
10:34:18.0257 9516 ehRecvr - ok
10:34:18.0291 9516 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
10:34:18.0343 9516 ehSched - ok
10:34:18.0464 9516 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
10:34:18.0489 9516 elxstor - ok
10:34:18.0523 9516 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
10:34:18.0560 9516 ErrDev - ok
10:34:18.0629 9516 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
10:34:18.0677 9516 EventSystem - ok
10:34:18.0700 9516 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
10:34:18.0737 9516 exfat - ok
10:34:18.0763 9516 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
10:34:18.0820 9516 fastfat - ok
10:34:18.0891 9516 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
10:34:18.0935 9516 Fax - ok
10:34:18.0951 9516 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
10:34:18.0971 9516 fdc - ok
10:34:18.0996 9516 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
10:34:19.0040 9516 fdPHost - ok
10:34:19.0065 9516 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
10:34:19.0120 9516 FDResPub - ok
10:34:19.0152 9516 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
10:34:19.0170 9516 FileInfo - ok
10:34:19.0199 9516 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
10:34:19.0254 9516 Filetrace - ok
10:34:19.0267 9516 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
10:34:19.0302 9516 flpydisk - ok
10:34:19.0338 9516 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
10:34:19.0364 9516 FltMgr - ok
10:34:19.0454 9516 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
10:34:19.0512 9516 FontCache - ok
10:34:19.0592 9516 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
10:34:19.0609 9516 FontCache3.0.0.0 - ok
10:34:19.0635 9516 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
10:34:19.0652 9516 FsDepends - ok
10:34:19.0706 9516 fssfltr (b0082808a6856a252f7cdd939892ce50) C:\Windows\system32\DRIVERS\fssfltr.sys
10:34:19.0722 9516 fssfltr - ok
10:34:19.0935 9516 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
10:34:19.0978 9516 fsssvc - ok
10:34:20.0125 9516 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
10:34:20.0140 9516 Fs_Rec - ok
10:34:20.0203 9516 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
10:34:20.0226 9516 fvevol - ok
10:34:20.0274 9516 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
10:34:20.0291 9516 gagp30kx - ok
10:34:20.0309 9516 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:34:20.0320 9516 GEARAspiWDM - ok
10:34:20.0381 9516 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
10:34:20.0436 9516 gpsvc - ok
10:34:20.0570 9516 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
10:34:20.0591 9516 gupdate - ok
10:34:20.0619 9516 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
10:34:20.0636 9516 gupdatem - ok
10:34:20.0717 9516 hamachi (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys
10:34:20.0739 9516 hamachi - ok
10:34:20.0790 9516 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
10:34:20.0949 9516 hcw85cir - ok
10:34:21.0012 9516 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
10:34:21.0052 9516 HdAudAddService - ok
10:34:21.0093 9516 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
10:34:21.0135 9516 HDAudBus - ok
10:34:21.0156 9516 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
10:34:21.0193 9516 HidBatt - ok
10:34:21.0214 9516 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
10:34:21.0250 9516 HidBth - ok
10:34:21.0298 9516 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
10:34:21.0319 9516 HidIr - ok
10:34:21.0347 9516 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\System32\hidserv.dll
10:34:21.0400 9516 hidserv - ok
10:34:21.0444 9516 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
10:34:21.0484 9516 HidUsb - ok
10:34:21.0517 9516 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
10:34:21.0565 9516 hkmsvc - ok
10:34:21.0599 9516 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
10:34:21.0654 9516 HomeGroupListener - ok
10:34:21.0720 9516 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
10:34:21.0769 9516 HomeGroupProvider - ok
10:34:21.0825 9516 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
10:34:21.0842 9516 HpSAMD - ok
10:34:21.0898 9516 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
10:34:21.0942 9516 HTTP - ok
10:34:21.0974 9516 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
10:34:21.0990 9516 hwpolicy - ok
10:34:22.0032 9516 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
10:34:22.0060 9516 i8042prt - ok
10:34:22.0105 9516 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
10:34:22.0127 9516 iaStorV - ok
10:34:22.0260 9516 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
10:34:22.0269 9516 IDriverT ( UnsignedFile.Multi.Generic ) - warning
10:34:22.0269 9516 IDriverT - detected UnsignedFile.Multi.Generic (1)
10:34:22.0372 9516 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:34:22.0404 9516 idsvc - ok
10:34:22.0564 9516 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
10:34:22.0581 9516 iirsp - ok
10:34:22.0681 9516 IJPLMSVC (2f95bef56aeeeb45de55ec44668e2695) C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
10:34:22.0721 9516 IJPLMSVC ( UnsignedFile.Multi.Generic ) - warning
10:34:22.0721 9516 IJPLMSVC - detected UnsignedFile.Multi.Generic (1)
10:34:22.0796 9516 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
10:34:22.0854 9516 IKEEXT - ok
10:34:22.0898 9516 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
10:34:22.0918 9516 intelide - ok
10:34:22.0978 9516 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
10:34:23.0018 9516 intelppm - ok
10:34:23.0045 9516 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
10:34:23.0101 9516 IPBusEnum - ok
10:34:23.0130 9516 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:34:23.0179 9516 IpFilterDriver - ok
10:34:23.0246 9516 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
10:34:23.0574 9516 iphlpsvc - ok
10:34:23.0610 9516 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
10:34:23.0874 9516 IPMIDRV - ok
10:34:23.0903 9516 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
10:34:23.0960 9516 IPNAT - ok
10:34:24.0109 9516 iPod Service (178fe38b7740f598391eb2f51ae4ccac) C:\Program Files\iPod\bin\iPodService.exe
10:34:24.0136 9516 iPod Service - ok
10:34:24.0183 9516 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
10:34:24.0242 9516 IRENUM - ok
10:34:24.0300 9516 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
10:34:24.0316 9516 isapnp - ok
10:34:24.0369 9516 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
10:34:24.0390 9516 iScsiPrt - ok
10:34:24.0441 9516 k57nd60x (e1d7dcbb8811f8be7784046d4dd3a837) C:\Windows\system32\DRIVERS\k57nd60x.sys
10:34:24.0495 9516 k57nd60x - ok
10:34:24.0537 9516 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
10:34:24.0560 9516 kbdclass - ok
10:34:24.0599 9516 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
10:34:24.0627 9516 kbdhid - ok
10:34:24.0667 9516 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
10:34:24.0687 9516 KeyIso - ok
10:34:24.0738 9516 KMWDFILTERx86 (4476fe98aaf505acdcd3ee6360aabec1) C:\Windows\system32\DRIVERS\KMWDFILTER.sys
10:34:24.0759 9516 KMWDFILTERx86 - ok
10:34:24.0791 9516 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
10:34:24.0812 9516 KSecDD - ok
10:34:24.0847 9516 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
10:34:24.0864 9516 KSecPkg - ok
10:34:24.0899 9516 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
10:34:24.0950 9516 KtmRm - ok
10:34:25.0018 9516 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\System32\srvsvc.dll
10:34:25.0082 9516 LanmanServer - ok
10:34:25.0122 9516 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
10:34:25.0179 9516 LanmanWorkstation - ok
10:34:25.0231 9516 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
10:34:25.0279 9516 lltdio - ok
10:34:25.0316 9516 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
10:34:25.0373 9516 lltdsvc - ok
10:34:25.0384 9516 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
10:34:25.0436 9516 lmhosts - ok
10:34:25.0474 9516 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
10:34:25.0493 9516 LSI_FC - ok
10:34:25.0511 9516 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
10:34:25.0531 9516 LSI_SAS - ok
10:34:25.0552 9516 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:34:25.0570 9516 LSI_SAS2 - ok
10:34:25.0591 9516 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:34:25.0609 9516 LSI_SCSI - ok
10:34:25.0661 9516 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
10:34:25.0725 9516 luafv - ok
10:34:25.0764 9516 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
10:34:25.0783 9516 Mcx2Svc - ok
10:34:25.0790 9516 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
10:34:25.0808 9516 megasas - ok
10:34:25.0851 9516 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
10:34:25.0870 9516 MegaSR - ok
10:34:26.0013 9516 Microsoft SharePoint Workspace Audit Service - ok
10:34:26.0044 9516 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
10:34:26.0093 9516 MMCSS - ok
10:34:26.0114 9516 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
10:34:26.0170 9516 Modem - ok
10:34:26.0205 9516 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
10:34:26.0224 9516 monitor - ok
10:34:26.0272 9516 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
10:34:26.0295 9516 mouclass - ok
10:34:26.0345 9516 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
10:34:26.0362 9516 mouhid - ok
10:34:26.0411 9516 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
10:34:26.0432 9516 mountmgr - ok
10:34:26.0470 9516 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
10:34:26.0494 9516 mpio - ok
10:34:26.0510 9516 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
10:34:26.0556 9516 mpsdrv - ok
10:34:26.0608 9516 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
10:34:26.0673 9516 MpsSvc - ok
10:34:26.0713 9516 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
10:34:26.0738 9516 MRxDAV - ok
10:34:26.0776 9516 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:34:26.0820 9516 mrxsmb - ok
10:34:26.0869 9516 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:34:26.0893 9516 mrxsmb10 - ok
10:34:26.0925 9516 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:34:26.0959 9516 mrxsmb20 - ok
10:34:26.0995 9516 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
10:34:27.0017 9516 msahci - ok
10:34:27.0066 9516 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
10:34:27.0086 9516 msdsm - ok
10:34:27.0129 9516 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
10:34:27.0162 9516 MSDTC - ok
10:34:27.0227 9516 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
10:34:27.0261 9516 Msfs - ok
10:34:27.0399 9516 MsgPlusService (88ac2954177e673bbcf688d1ec64b40b) C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
10:34:27.0408 9516 MsgPlusService ( UnsignedFile.Multi.Generic ) - warning
10:34:27.0408 9516 MsgPlusService - detected UnsignedFile.Multi.Generic (1)
10:34:27.0422 9516 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
10:34:27.0470 9516 mshidkmdf - ok
10:34:27.0500 9516 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
10:34:27.0521 9516 msisadrv - ok
10:34:27.0570 9516 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
10:34:27.0618 9516 MSiSCSI - ok
10:34:27.0624 9516 msiserver - ok
10:34:27.0657 9516 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
10:34:27.0706 9516 MSKSSRV - ok
10:34:27.0741 9516 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
10:34:27.0795 9516 MSPCLOCK - ok
10:34:27.0809 9516 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
10:34:27.0849 9516 MSPQM - ok
10:34:27.0883 9516 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
10:34:27.0902 9516 MsRPC - ok
10:34:27.0939 9516 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
10:34:27.0962 9516 mssmbios - ok
10:34:27.0988 9516 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
10:34:28.0025 9516 MSTEE - ok
10:34:28.0044 9516 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
10:34:28.0063 9516 MTConfig - ok
10:34:28.0090 9516 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
10:34:28.0107 9516 Mup - ok
10:34:28.0150 9516 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
10:34:28.0190 9516 napagent - ok
10:34:28.0251 9516 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
10:34:28.0291 9516 NativeWifiP - ok
10:34:28.0470 9516 NAUpdate (1bbbf640bc0e0b750537baece8d66c18) C:\Program Files\Nero\Update\NASvc.exe
10:34:28.0492 9516 NAUpdate - ok
10:34:28.0551 9516 NBVol (e240f3204e86b7b6ccf266b2a2ad32b4) C:\Windows\system32\DRIVERS\NBVol.sys
10:34:28.0566 9516 NBVol - ok
10:34:28.0607 9516 NBVolUp (c0cf3cccce3c75f7280c89029ab47866) C:\Windows\system32\DRIVERS\NBVolUp.sys
10:34:28.0630 9516 NBVolUp - ok
10:34:28.0733 9516 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
10:34:28.0765 9516 NDIS - ok
10:34:28.0819 9516 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
10:34:28.0872 9516 NdisCap - ok
10:34:28.0907 9516 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
10:34:28.0960 9516 NdisTapi - ok
10:34:29.0010 9516 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
10:34:29.0056 9516 Ndisuio - ok
10:34:29.0094 9516 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
10:34:29.0140 9516 NdisWan - ok
10:34:29.0177 9516 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
10:34:29.0220 9516 NDProxy - ok
10:34:29.0270 9516 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
10:34:29.0328 9516 NetBIOS - ok
10:34:29.0374 9516 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
10:34:29.0426 9516 NetBT - ok
10:34:29.0458 9516 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
10:34:29.0479 9516 Netlogon - ok
10:34:29.0535 9516 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
10:34:29.0592 9516 Netman - ok
10:34:29.0630 9516 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
10:34:29.0684 9516 netprofm - ok
10:34:29.0755 9516 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:34:29.0770 9516 NetTcpPortSharing - ok
10:34:29.0815 9516 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
10:34:29.0837 9516 nfrd960 - ok
10:34:30.0046 9516 NitroDriverReadSpool2 (db4edde8c45ce769952df9a9a0497306) C:\Program Files\Nitro PDF\Professional 7\NitroPDFDriverService2.exe
10:34:30.0062 9516 NitroDriverReadSpool2 - ok
10:34:30.0118 9516 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
10:34:30.0177 9516 NlaSvc - ok
10:34:30.0212 9516 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
10:34:30.0262 9516 Npfs - ok
10:34:30.0301 9516 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
10:34:30.0351 9516 nsi - ok
10:34:30.0393 9516 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
10:34:30.0457 9516 nsiproxy - ok
10:34:30.0570 9516 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
10:34:30.0619 9516 Ntfs - ok
10:34:30.0768 9516 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
10:34:30.0817 9516 Null - ok
10:34:30.0867 9516 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
10:34:30.0893 9516 nvraid - ok
10:34:30.0916 9516 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
10:34:30.0936 9516 nvstor - ok
10:34:30.0982 9516 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
10:34:30.0999 9516 nv_agp - ok
10:34:31.0041 9516 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
10:34:31.0068 9516 ohci1394 - ok
10:34:31.0120 9516 ONDA_MW823UP_cdc_acm (0dc0cd53e4164cda1057ba58527a6bd6) C:\Windows\system32\DRIVERS\ONDA_MW823UP_cdc_acm.sys
10:34:31.0176 9516 ONDA_MW823UP_cdc_acm - ok
10:34:31.0218 9516 ONDA_MW823UP_cdc_ecm (d511be4d916361d6894bb07b83e5560d) C:\Windows\system32\DRIVERS\ONDA_MW823UP_cdc_ecm.sys
10:34:31.0250 9516 ONDA_MW823UP_cdc_ecm - ok
10:34:31.0289 9516 ONDA_MW823UP_cpo (e8631963b0857deede6fb48798ada5dc) C:\Windows\system32\DRIVERS\ONDA_MW823UP_cpo.sys
10:34:31.0316 9516 ONDA_MW823UP_cpo - ok
10:34:31.0347 9516 ONDA_MW823UP_dc_enum (4f43061a726ff45ff8aea2659d8811b8) C:\Windows\system32\DRIVERS\ONDA_MW823UP_dc_enum.sys
10:34:31.0377 9516 ONDA_MW823UP_dc_enum - ok
10:34:31.0499 9516 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:34:31.0515 9516 ose - ok
10:34:31.0874 9516 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:34:31.0976 9516 osppsvc - ok
10:34:32.0127 9516 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
10:34:32.0182 9516 p2pimsvc - ok
10:34:32.0218 9516 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
10:34:32.0251 9516 p2psvc - ok
10:34:32.0308 9516 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
10:34:32.0334 9516 Parport - ok
10:34:32.0375 9516 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
10:34:32.0391 9516 partmgr - ok
10:34:32.0413 9516 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
10:34:32.0439 9516 Parvdm - ok
10:34:32.0470 9516 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
10:34:32.0509 9516 PcaSvc - ok
10:34:32.0582 9516 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
10:34:32.0631 9516 pccsmcfd - ok
10:34:32.0658 9516 PcdrNdisuio - ok
10:34:32.0797 9516 PCDSRVC{E9D79540-57D5953E-06020101}_0 (92fddbed716bf5c3cb766101563cfce5) c:\program files\dell support center\pcdsrvc.pkms
10:34:32.0813 9516 PCDSRVC{E9D79540-57D5953E-06020101}_0 - ok
10:34:32.0866 9516 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
10:34:32.0887 9516 pci - ok
10:34:32.0914 9516 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
10:34:32.0935 9516 pciide - ok
10:34:32.0976 9516 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
10:34:32.0995 9516 pcmcia - ok
10:34:33.0018 9516 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
10:34:33.0035 9516 pcw - ok
10:34:33.0090 9516 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
10:34:33.0150 9516 PEAUTH - ok
10:34:33.0281 9516 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
10:34:33.0336 9516 pla - ok
10:34:33.0498 9516 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
10:34:33.0561 9516 PlugPlay - ok
10:34:33.0587 9516 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
10:34:33.0621 9516 PNRPAutoReg - ok
10:34:33.0651 9516 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
10:34:33.0673 9516 PNRPsvc - ok
10:34:33.0720 9516 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
10:34:33.0777 9516 PolicyAgent - ok
10:34:33.0821 9516 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
10:34:34.0154 9516 Power - ok
10:34:34.0254 9516 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
10:34:34.0298 9516 PptpMiniport - ok
10:34:34.0341 9516 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
10:34:34.0375 9516 Processor - ok
10:34:34.0427 9516 ProfSvc (cadefac453040e370a1bdff3973be00d) C:\Windows\system32\profsvc.dll
10:34:34.0486 9516 ProfSvc - ok
10:34:34.0527 9516 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
10:34:34.0548 9516 ProtectedStorage - ok
10:34:34.0599 9516 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
10:34:34.0641 9516 Psched - ok
10:34:34.0754 9516 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
10:34:34.0822 9516 ql2300 - ok
10:34:34.0988 9516 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
10:34:35.0007 9516 ql40xx - ok
10:34:35.0050 9516 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
10:34:35.0088 9516 QWAVE - ok
10:34:35.0111 9516 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
10:34:35.0133 9516 QWAVEdrv - ok
10:34:35.0235 9516 RapiMgr (8f97d374ad1857e1eed85a79f29a1d3d) C:\Windows\WindowsMobile\rapimgr.dll
10:34:35.0254 9516 RapiMgr - ok
10:34:35.0267 9516 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
10:34:35.0313 9516 RasAcd - ok
10:34:35.0350 9516 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
10:34:35.0385 9516 RasAgileVpn - ok
10:34:35.0409 9516 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
10:34:35.0459 9516 RasAuto - ok
10:34:35.0498 9516 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:34:35.0532 9516 Rasl2tp - ok
10:34:35.0604 9516 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
10:34:35.0657 9516 RasMan - ok
10:34:35.0679 9516 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
10:34:35.0718 9516 RasPppoe - ok
10:34:35.0757 9516 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
10:34:35.0802 9516 RasSstp - ok
10:34:35.0840 9516 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
10:34:35.0884 9516 rdbss - ok
10:34:35.0908 9516 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
10:34:35.0945 9516 rdpbus - ok
10:34:35.0971 9516 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:34:36.0014 9516 RDPCDD - ok
10:34:36.0033 9516 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
10:34:36.0081 9516 RDPENCDD - ok
10:34:36.0122 9516 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
10:34:36.0163 9516 RDPREFMP - ok
10:34:36.0200 9516 RDPWD (f031683e6d1fea157abb2ff260b51e61) C:\Windows\system32\drivers\RDPWD.sys
10:34:36.0252 9516 RDPWD - ok
10:34:36.0317 9516 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
10:34:36.0339 9516 rdyboost - ok
10:34:36.0406 9516 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
10:34:36.0447 9516 RemoteAccess - ok
10:34:36.0486 9516 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
10:34:36.0527 9516 RemoteRegistry - ok
10:34:36.0600 9516 rimmptsk (df672613fbbcd58c38bb0bc2694bcfb0) C:\Windows\system32\DRIVERS\rimmptsk.sys
10:34:36.0656 9516 rimmptsk - ok
10:34:36.0705 9516 rimsptsk (9bfb54d3559f2ff7301271d29d383564) C:\Windows\system32\DRIVERS\rimsptsk.sys
10:34:36.0742 9516 rimsptsk - ok
10:34:36.0799 9516 rismxdp (dcb87da83cc1010cbc9fc4dc9e395bbc) C:\Windows\system32\DRIVERS\rixdptsk.sys
10:34:36.0850 9516 rismxdp - ok
10:34:36.0940 9516 RoxLiveShare9 - ok
10:34:36.0989 9516 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
10:34:37.0026 9516 RpcEptMapper - ok
10:34:37.0049 9516 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
10:34:37.0081 9516 RpcLocator - ok
10:34:37.0137 9516 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
10:34:37.0178 9516 RpcSs - ok
10:34:37.0238 9516 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
10:34:37.0288 9516 rspndr - ok
10:34:37.0319 9516 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
10:34:37.0338 9516 SamSs - ok
10:34:37.0386 9516 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
10:34:37.0402 9516 sbp2port - ok
10:34:37.0476 9516 SBRE (1fd538c4feb36b793d2121f20bbdc16f) C:\Windows\system32\drivers\SBREdrv.sys
10:34:37.0491 9516 SBRE - ok
10:34:37.0522 9516 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
10:34:37.0556 9516 SCardSvr - ok
10:34:37.0601 9516 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
10:34:37.0640 9516 scfilter - ok
10:34:37.0725 9516 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
10:34:37.0791 9516 Schedule - ok
10:34:37.0825 9516 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
10:34:37.0858 9516 SCPolicySvc - ok
10:34:37.0912 9516 sdbus (0328be1c7f1cba23848179f8762e391c) C:\Windows\system32\drivers\sdbus.sys
10:34:37.0950 9516 sdbus - ok
10:34:37.0984 9516 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
10:34:38.0025 9516 SDRSVC - ok
10:34:38.0079 9516 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
10:34:38.0113 9516 secdrv - ok
10:34:38.0155 9516 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
10:34:38.0198 9516 seclogon - ok
10:34:38.0230 9516 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\system32\sens.dll
10:34:38.0271 9516 SENS - ok
10:34:38.0328 9516 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
10:34:38.0379 9516 SensrSvc - ok
10:34:38.0416 9516 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
10:34:38.0434 9516 Serenum - ok
10:34:38.0470 9516 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
10:34:38.0489 9516 Serial - ok
10:34:38.0518 9516 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
10:34:38.0554 9516 sermouse - ok
10:34:38.0700 9516 ServiceLayer (12b41d84a4d058adc60853c365dbfcca) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
10:34:38.0742 9516 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
10:34:38.0743 9516 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
10:34:38.0789 9516 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
10:34:38.0843 9516 SessionEnv - ok
10:34:38.0866 9516 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
10:34:38.0919 9516 sffdisk - ok
10:34:38.0933 9516 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
10:34:38.0970 9516 sffp_mmc - ok
10:34:38.0989 9516 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\DRIVERS\sffp_sd.sys
10:34:39.0009 9516 sffp_sd - ok
10:34:39.0038 9516 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
10:34:39.0079 9516 sfloppy - ok
10:34:39.0156 9516 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
10:34:39.0212 9516 SharedAccess - ok
10:34:39.0256 9516 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
10:34:39.0295 9516 ShellHWDetection - ok
10:34:39.0328 9516 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
10:34:39.0346 9516 sisagp - ok
10:34:39.0377 9516 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:34:39.0400 9516 SiSRaid2 - ok
10:34:39.0431 9516 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
10:34:39.0454 9516 SiSRaid4 - ok
10:34:39.0563 9516 SkypeUpdate (ddaa5f4a6b958fc313ebd02dd925752f) C:\Program Files\Skype\Updater\Updater.exe
10:34:39.0579 9516 SkypeUpdate - ok
10:34:39.0612 9516 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
10:34:39.0649 9516 Smb - ok
10:34:39.0723 9516 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
10:34:39.0743 9516 SNMPTRAP - ok
10:34:39.0782 9516 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
10:34:39.0800 9516 spldr - ok
10:34:39.0858 9516 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
10:34:39.0909 9516 Spooler - ok
10:34:40.0128 9516 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
10:34:40.0233 9516 sppsvc - ok
10:34:40.0435 9516 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
10:34:40.0479 9516 sppuinotify - ok
10:34:40.0570 9516 sprtsvc_dellsupportcenter - ok
10:34:40.0659 9516 SQLWriter (d2f4f32b59440011174b4f8137af4e0c) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
10:34:40.0674 9516 SQLWriter - ok
10:34:40.0748 9516 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
10:34:40.0798 9516 srv - ok
10:34:40.0852 9516 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
10:34:40.0873 9516 srv2 - ok
10:34:40.0912 9516 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
10:34:40.0951 9516 srvnet - ok
10:34:40.0991 9516 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
10:34:41.0054 9516 SSDPSRV - ok
10:34:41.0119 9516 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
10:34:41.0135 9516 ssmdrv - ok
10:34:41.0165 9516 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
10:34:41.0206 9516 SstpSvc - ok
10:34:41.0352 9516 STacSV (2c5c9e47a132143594d2f278f3dbd8f6) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9334b3396d450a95\STacSV.exe
10:34:41.0368 9516 STacSV - ok
10:34:41.0400 9516 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
10:34:41.0418 9516 stexstor - ok
10:34:41.0483 9516 STHDA (1a55b390a3bfdd17c98695ab2f91a7f8) C:\Windows\system32\DRIVERS\stwrt.sys
10:34:41.0508 9516 STHDA - ok
10:34:41.0561 9516 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
10:34:41.0607 9516 StiSvc - ok
10:34:41.0637 9516 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
10:34:41.0657 9516 swenum - ok
10:34:41.0707 9516 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
10:34:41.0794 9516 swprv - ok
10:34:41.0847 9516 SynTP (fb86fdd993a6a0122a2f526221e5161f) C:\Windows\system32\DRIVERS\SynTP.sys
10:34:41.0865 9516 SynTP - ok
10:34:41.0968 9516 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
10:34:42.0010 9516 SysMain - ok
10:34:42.0052 9516 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
10:34:42.0093 9516 TabletInputService - ok
10:34:42.0161 9516 tap0901 (98a1e6bc9f766b0b0a5bf00af847ef20) C:\Windows\system32\DRIVERS\tap0901.sys
10:34:42.0193 9516 tap0901 - ok
10:34:42.0225 9516 taphss (0c3b2a9c4bd2dd9a6c2e4084314dd719) C:\Windows\system32\DRIVERS\taphss.sys
10:34:42.0239 9516 taphss - ok
10:34:42.0288 9516 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
10:34:42.0328 9516 TapiSrv - ok
10:34:42.0358 9516 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
10:34:42.0419 9516 TBS - ok
10:34:42.0531 9516 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
10:34:42.0580 9516 Tcpip - ok
10:34:42.0829 9516 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
10:34:42.0874 9516 TCPIP6 - ok
10:34:43.0010 9516 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
10:34:43.0042 9516 tcpipreg - ok
10:34:43.0090 9516 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
10:34:43.0116 9516 TDPIPE - ok
10:34:43.0157 9516 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
10:34:43.0174 9516 TDTCP - ok
10:34:43.0202 9516 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
10:34:43.0235 9516 tdx - ok
10:34:43.0280 9516 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
10:34:43.0301 9516 TermDD - ok
10:34:43.0370 9516 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
10:34:43.0420 9516 TermService - ok
10:34:43.0458 9516 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
10:34:43.0484 9516 Themes - ok
10:34:43.0533 9516 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
10:34:43.0570 9516 THREADORDER - ok
10:34:43.0705 9516 TomTomHOMEService (83682f469a3d65e8b6f06c28212318bd) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
10:34:43.0718 9516 TomTomHOMEService - ok
10:34:43.0767 9516 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
10:34:43.0816 9516 TrkWks - ok
10:34:43.0885 9516 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
10:34:43.0938 9516 TrustedInstaller - ok
10:34:43.0972 9516 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:34:44.0008 9516 tssecsrv - ok
10:34:44.0069 9516 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
10:34:44.0099 9516 TsUsbFlt - ok
10:34:44.0148 9516 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
10:34:44.0200 9516 tunnel - ok
10:34:44.0248 9516 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
10:34:44.0265 9516 uagp35 - ok
10:34:44.0319 9516 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
10:34:44.0374 9516 udfs - ok
10:34:44.0420 9516 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
10:34:44.0451 9516 UI0Detect - ok
10:34:44.0485 9516 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
10:34:44.0506 9516 uliagpkx - ok
10:34:44.0556 9516 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
10:34:44.0574 9516 umbus - ok
10:34:44.0600 9516 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
10:34:44.0628 9516 UmPass - ok
10:34:44.0664 9516 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
10:34:44.0712 9516 upnphost - ok
10:34:44.0774 9516 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
10:34:44.0801 9516 USBAAPL - ok
10:34:44.0829 9516 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
10:34:44.0879 9516 usbccgp - ok
10:34:44.0909 9516 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
10:34:44.0942 9516 usbcir - ok
10:34:44.0968 9516 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\drivers\usbehci.sys
10:34:44.0985 9516 usbehci - ok
10:34:45.0041 9516 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
10:34:45.0081 9516 usbhub - ok
10:34:45.0104 9516 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys
10:34:45.0134 9516 usbohci - ok
10:34:45.0176 9516 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
10:34:45.0197 9516 usbprint - ok
10:34:45.0228 9516 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
10:34:45.0265 9516 usbscan - ok
10:34:45.0313 9516 usbser (88701eca76145e2c011c0eeff0f7b70e) C:\Windows\system32\drivers\usbser.sys
10:34:45.0350 9516 usbser - ok
10:34:45.0370 9516 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:34:45.0414 9516 USBSTOR - ok
10:34:45.0453 9516 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys
10:34:45.0490 9516 usbuhci - ok
10:34:45.0545 9516 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\System32\Drivers\usbvideo.sys
10:34:45.0566 9516 usbvideo - ok
10:34:45.0600 9516 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
10:34:45.0652 9516 UxSms - ok
10:34:45.0690 9516 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
10:34:45.0709 9516 VaultSvc - ok
10:34:45.0758 9516 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
10:34:45.0774 9516 vdrvroot - ok
10:34:45.0870 9516 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
10:34:45.0919 9516 vds - ok
10:34:45.0956 9516 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
10:34:45.0985 9516 vga - ok
10:34:46.0032 9516 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
10:34:46.0067 9516 VgaSave - ok
10:34:46.0108 9516 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
10:34:46.0131 9516 vhdmp - ok
10:34:46.0180 9516 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
10:34:46.0200 9516 viaagp - ok
10:34:46.0217 9516 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
10:34:46.0236 9516 ViaC7 - ok
10:34:46.0257 9516 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
10:34:46.0274 9516 viaide - ok
10:34:46.0300 9516 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
10:34:46.0318 9516 volmgr - ok
10:34:46.0350 9516 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
10:34:46.0380 9516 volmgrx - ok
10:34:46.0424 9516 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
10:34:46.0445 9516 volsnap - ok
10:34:46.0490 9516 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
10:34:46.0509 9516 vsmraid - ok
10:34:46.0611 9516 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
10:34:46.0671 9516 VSS - ok
10:34:46.0697 9516 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
10:34:46.0736 9516 vwifibus - ok
10:34:46.0777 9516 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
10:34:46.0803 9516 vwififlt - ok
10:34:46.0876 9516 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
10:34:46.0916 9516 W32Time - ok
10:34:46.0948 9516 WacomPen (de3721e89c653aa281428c8a69745d90)
sabino90
Newbie
 
Post: 4
Iscritto il: 29/06/12 17:53

Re: ad.addoubleclick

Postdi sabino90 » 30/06/12 09:47

C:\Windows\system32\DRIVERS\wacompen.sys
10:34:46.0976 9516 WacomPen - ok
10:34:47.0027 9516 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
10:34:47.0061 9516 WANARP - ok
10:34:47.0071 9516 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
10:34:47.0106 9516 Wanarpv6 - ok
10:34:47.0250 9516 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
10:34:47.0293 9516 WatAdminSvc - ok
10:34:47.0500 9516 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
10:34:47.0577 9516 wbengine - ok
10:34:47.0614 9516 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
10:34:47.0649 9516 WbioSrvc - ok
10:34:47.0752 9516 WcesComm (59e19bd13c3bdb857646b9e436ba27f7) C:\Windows\WindowsMobile\wcescomm.dll
10:34:47.0773 9516 WcesComm - ok
10:34:47.0825 9516 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
10:34:47.0853 9516 wcncsvc - ok
10:34:47.0874 9516 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
10:34:47.0906 9516 WcsPlugInService - ok
10:34:47.0951 9516 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
10:34:47.0968 9516 Wd - ok
10:34:48.0009 9516 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
10:34:48.0034 9516 Wdf01000 - ok
10:34:48.0053 9516 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
10:34:48.0123 9516 WdiServiceHost - ok
10:34:48.0144 9516 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
10:34:48.0169 9516 WdiSystemHost - ok
10:34:48.0226 9516 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
10:34:48.0252 9516 WebClient - ok
10:34:48.0293 9516 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
10:34:48.0332 9516 Wecsvc - ok
10:34:48.0360 9516 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
10:34:48.0401 9516 wercplsupport - ok
10:34:48.0444 9516 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
10:34:48.0482 9516 WerSvc - ok
10:34:48.0519 9516 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
10:34:48.0557 9516 WfpLwf - ok
10:34:48.0579 9516 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
10:34:48.0596 9516 WIMMount - ok
10:34:48.0723 9516 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
10:34:48.0772 9516 WinDefend - ok
10:34:48.0781 9516 WinHttpAutoProxySvc - ok
10:34:48.0856 9516 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
10:34:48.0902 9516 Winmgmt - ok
10:34:49.0017 9516 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
10:34:49.0072 9516 WinRM - ok
10:34:49.0165 9516 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
10:34:49.0199 9516 WinUsb - ok
10:34:49.0285 9516 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
10:34:49.0344 9516 Wlansvc - ok
10:34:49.0465 9516 wlcrasvc (6067acef367e79914af628fa1e9b5330) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
10:34:49.0480 9516 wlcrasvc - ok
10:34:49.0728 9516 wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:34:49.0774 9516 wlidsvc - ok
10:34:49.0884 9516 wltrysvc - ok
10:34:49.0963 9516 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
10:34:49.0993 9516 WmiAcpi - ok
10:34:50.0059 9516 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
10:34:50.0086 9516 wmiApSrv - ok
10:34:50.0272 9516 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
10:34:50.0337 9516 WMPNetworkSvc - ok
10:34:50.0447 9516 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
10:34:50.0502 9516 WPCSvc - ok
10:34:50.0549 9516 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
10:34:50.0599 9516 WPDBusEnum - ok
10:34:50.0636 9516 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
10:34:50.0686 9516 ws2ifsl - ok
10:34:50.0732 9516 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\system32\wscsvc.dll
10:34:50.0775 9516 wscsvc - ok
10:34:50.0783 9516 WSearch - ok
10:34:50.0934 9516 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
10:34:51.0000 9516 wuauserv - ok
10:34:51.0188 9516 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
10:34:51.0224 9516 WudfPf - ok
10:34:51.0284 9516 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
10:34:51.0321 9516 WUDFRd - ok
10:34:51.0372 9516 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
10:34:51.0432 9516 wudfsvc - ok
10:34:51.0473 9516 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
10:34:51.0518 9516 WwanSvc - ok
10:34:51.0568 9516 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
10:34:52.0155 9516 \Device\Harddisk0\DR0 - ok
10:34:52.0192 9516 Boot (0x1200) (d004d350772f37dc3c63c1c36c161027) \Device\Harddisk0\DR0\Partition0
10:34:52.0194 9516 \Device\Harddisk0\DR0\Partition0 - ok
10:34:52.0202 9516 Boot (0x1200) (79687c0cd1181966e4253449d4c068f5) \Device\Harddisk0\DR0\Partition1
10:34:52.0203 9516 \Device\Harddisk0\DR0\Partition1 - ok
10:34:52.0206 9516 ============================================================
10:34:52.0206 9516 Scan finished
10:34:52.0206 9516 ============================================================
10:34:52.0229 8840 Detected object count: 5
10:34:52.0229 8840 Actual detected object count: 5
10:35:11.0089 8840 C:\Windows\system32\DRIVERS\e2ecap.sys - copied to quarantine
10:35:11.0101 8840 HKLM\SYSTEM\ControlSet001\services\E2ECAP - will be deleted on reboot
10:35:11.0140 8840 HKLM\SYSTEM\ControlSet002\services\E2ECAP - will be deleted on reboot
10:35:11.0336 8840 C:\Windows\system32\DRIVERS\e2ecap.sys - will be deleted on reboot
10:35:11.0336 8840 E2ECAP ( UnsignedFile.Multi.Generic ) - User select action: Delete
10:35:11.0469 8840 C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe - copied to quarantine
10:35:11.0471 8840 HKLM\SYSTEM\ControlSet001\services\IDriverT - will be deleted on reboot
10:35:11.0482 8840 HKLM\SYSTEM\ControlSet002\services\IDriverT - will be deleted on reboot
10:35:11.0495 8840 C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe - will be deleted on reboot
10:35:11.0495 8840 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Delete
10:35:11.0561 8840 C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE - copied to quarantine
10:35:11.0564 8840 HKLM\SYSTEM\ControlSet001\services\IJPLMSVC - will be deleted on reboot
10:35:11.0565 8840 HKLM\SYSTEM\ControlSet002\services\IJPLMSVC - will be deleted on reboot
10:35:11.0570 8840 C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE - will be deleted on reboot
10:35:11.0570 8840 IJPLMSVC ( UnsignedFile.Multi.Generic ) - User select action: Delete
10:35:11.0632 8840 C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe - copied to quarantine
10:35:11.0635 8840 MsgPlusService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
10:35:11.0739 8840 C:\Program Files\PC Connectivity Solution\ServiceLayer.exe - copied to quarantine
10:35:11.0741 8840 HKLM\SYSTEM\ControlSet001\services\ServiceLayer - will be deleted on reboot
10:35:11.0760 8840 HKLM\SYSTEM\ControlSet002\services\ServiceLayer - will be deleted on reboot
10:35:11.0765 8840 C:\Program Files\PC Connectivity Solution\ServiceLayer.exe - will be deleted on reboot
10:35:11.0765 8840 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Delete
10:35:15.0948 6452 Deinitialize success
sabino90
Newbie
 
Post: 4
Iscritto il: 29/06/12 17:53


Torna a Sicurezza e Privacy

Chi c’è in linea

Visitano il forum: Nessuno e 4 ospiti