Valutazione 4.87/ 5 (100.00%) 5838 voti

Condividi:        

Pc bloccato anche modalità provvisoria

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: kadosh, Luke57

Pc bloccato anche modalità provvisoria

Postdi franco75 » 19/08/12 10:51

Salve a tutti,il pc si è bloccato all'inprovviso non mi fa fare nessuna operazione quando provo ad andare in modalità provvisoria me lo fa avviare poi si blocca totalmente cosa posso fare :(
franco75
Utente Senior
 
Post: 182
Iscritto il: 28/04/12 12:35

Sponsor
 

Re: Pc bloccato anche modalità provvisoria

Postdi franco75 » 19/08/12 12:35

Allego log Hijackthis.
Codice: Seleziona tutto
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19.36.27, on 05/07/2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16446)
Boot mode: Normal

Running processes:
C:\Program Files\Norton Internet Security\Engine\19.1.1.3\ccSvcHst.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Alice Mobile Olicard 100\ConnMonitor.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\ooVoo\ooVoo.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.virgilio.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=it_it&c=83&bd=Pavilion&pf=cnnb
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ooVoo Video Chat Toolbar - {e5a1e26f-0d1d-4307-868f-fbd9a374ab54} - C:\Program Files\ooVoo_Video_Chat\tbooVo.dll
R3 - URLSearchHook: Softonic Italia Toolbar - {4edd5c14-2d22-4d7a-9748-c975a7fd933b} - C:\Program Files\Softonic_Italia\tbSoft.dll
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll
O2 - BHO: Softonic Italia Toolbar - {4edd5c14-2d22-4d7a-9748-c975a7fd933b} - C:\Program Files\Softonic_Italia\tbSoft.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\19.1.1.3\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\19.1.1.3\IPS\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O2 - BHO: ooVoo Video Chat Toolbar - {e5a1e26f-0d1d-4307-868f-fbd9a374ab54} - C:\Program Files\ooVoo_Video_Chat\tbooVo.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: ooVoo Video Chat Toolbar - {e5a1e26f-0d1d-4307-868f-fbd9a374ab54} - C:\Program Files\ooVoo_Video_Chat\tbooVo.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll
O3 - Toolbar: Softonic Italia Toolbar - {4edd5c14-2d22-4d7a-9748-c975a7fd933b} - C:\Program Files\Softonic_Italia\tbSoft.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\19.1.1.3\coIEPlg.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [ConnMonitor] C:\Program Files\Alice Mobile Olicard 100\ConnMonitor.exe start
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [BabylonToolbar] "C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe" /md I
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ooVoo.exe] C:\program files\oovoo\oovoo.exe /minimized
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: Ritaglio schermata e avvio di OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: &AOL Toolbar Cerca - C:\ProgramData\AOL\ieToolbar\resources\it-IT\local\search.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{4B2C4A68-18F1-4C12-B736-B7E12A60EA31}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\aestsrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\19.1.1.3\ccSvcHst.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe

--
End of file - 12974 bytes
franco75
Utente Senior
 
Post: 182
Iscritto il: 28/04/12 12:35

Re: Pc bloccato anche modalità provvisoria

Postdi FrancescoFDAC » 19/08/12 13:37

Ti credo che è bloccato, è pieno di programmi e schifezze.

Avvia HiJackThis e:
● clicca sul pulsante Do a system scan only/Scan
● a sinistra, metti la spunta accanto ad ogni singola voce che ti indicherò sotto (non spuntare tutte le voce , solo quelle riportate sotto, mi raccomando)
● spuntate le voci, termina tutti i programmi attivi, comprese le pagine Internet
● clicca, in basso a sinistra, sul pulsante Fix checked; potrebbe comparire un'ulteriore finestra durante il fix delle voci: clicca su
Queste sono le voci da fixare:

R3 - URLSearchHook: ooVoo Video Chat Toolbar - {e5a1e26f-0d1d-4307-868f-fbd9a374ab54} - C:\Program Files\ooVoo_Video_Chat\tbooVo.dll
R3 - URLSearchHook: Softonic Italia Toolbar - {4edd5c14-2d22-4d7a-9748-c975a7fd933b} - C:\Program Files\Softonic_Italia\tbSoft.dll
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll
O2 - BHO: Softonic Italia Toolbar - {4edd5c14-2d22-4d7a-9748-c975a7fd933b} - C:\Program Files\Softonic_Italia\tbSoft.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: ooVoo Video Chat Toolbar - {e5a1e26f-0d1d-4307-868f-fbd9a374ab54} - C:\Program Files\ooVoo_Video_Chat\tbooVo.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: ooVoo Video Chat Toolbar - {e5a1e26f-0d1d-4307-868f-fbd9a374ab54} - C:\Program Files\ooVoo_Video_Chat\tbooVo.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll
O3 - Toolbar: Softonic Italia Toolbar - {4edd5c14-2d22-4d7a-9748-c975a7fd933b} - C:\Program Files\Softonic_Italia\tbSoft.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [ConnMonitor] C:\Program Files\Alice Mobile Olicard 100\ConnMonitor.exe start
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [BabylonToolbar] "C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe" /md I
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ooVoo.exe] C:\program files\oovoo\oovoo.exe /minimized
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: Ritaglio schermata e avvio di OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

Quindi:

Scarica ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
● posiziona il file scaricato sul Desktop
disattiva l'Antivirus in uso, dall'icona presente sulla Traybar (accanto all'orologio di Windows)
disattiva il Firewall eventualmente installato, dall'icona presente sulla Traybar (accanto all'orologio di Windows)

Eseguiti i passaggi indicati sopra:
● lancia ComboFix con un doppio click
● una volta avviato clicca il pulsante Accetto: conferma cliccando Ok due volte
● segui le istruzioni che verranno rilasciate per eseguire la scansione:
"Tipicamente non impiega più di 10 minuti
Su pc molto infetti il tempo di scansione può raddoppiare facilmente"
● nel caso tu abbia Windows XP, verrà richiesta l'installazione della Console di ripristino di emergenza: non la installare (clicca il pulsante No)
senza eseguire nessuna altra operazione, lascia che il tool completi il suo lavoro

Note - durante la scansione:
● potrebbero comparire alcuni file sul Desktop, e poi eliminati
● spariranno, per un attimo, tutte le icone presenti sul Desktop: nulla di cui preoccuparsi
● potrebbe venire rilasciato un messaggio in relazione all'Antivirus in uso: prosegui ignorando il messaggio
● il firewall potrebbe rilasciare un avviso circa la rimozione di alcuni driver: consenti
● potrebbe apparire sul Desktop l'icona di Internet Explorer

Quando ComboFix avrà concluso l'operazione di scansione:
● il sistema verrà riavviato automaticamente: in caso contrario, riavvialo te
● vai in Disco Locale C:, cerca il file di testo dal nome ComboFix.txt ed allegalo

Nota - riguardo al programma:
● per eseguire correttamente ComboFix su Windows Vista e Windows Seven, clicca con il tasto destro del mouse sull'icona del programma e, dal menù contestuale, scegli la voce Esegui come Amministratore
sUBs, la software house che distribuisce ComboFix, non è responsabile di qualsiasi danno causato dopo l'utilizzo del programma stesso.
Esso non dovrebbe essere utilizzato a meno che non venga espressamente richiesto da un esperto
ComboFix disabilita l'esecuzione automatica delle unità USB (Chiavette, Hard Disk Esterni, Lettori MP3...) per prevenire future minacce: quando inserisci una Pendrive, dovrai avviarla manualmente dalle Risorse del computer.
FrancescoFDAC
Utente Senior
 
Post: 1048
Iscritto il: 13/08/11 09:53

Re: Pc bloccato anche modalità provvisoria

Postdi franco75 » 19/08/12 14:44

Ciao.FDAC. è il pc di mio fratello e un caos,non riesco ad installare Hijackthis esegue tutta la procidura in fase d'installazione si blocca.
franco75
Utente Senior
 
Post: 182
Iscritto il: 28/04/12 12:35

Re: Pc bloccato anche modalità provvisoria

Postdi FrancescoFDAC » 19/08/12 15:33

Forse ti riferisci a ComboFix.

Prova allora queste due scansioni, prima di tentare ancora di eseguire ComboFix;

Scarica ed installa HitmanPro: http://www.surfright.nl/en/downloads
● scegli la versione adatta al tuo Sistema Operativo (32Bit o 64Bit)
● una volta lanciato, nella finestra principale clicca su Impostazioni
● clicca su Licenza ed attiva la licenza
● clicca su scansione di default (consigliato)
● al termine della scansione ti verrà mostrato un riepilogo: nella finestra di riepilogo, in basso a sinistra, avrai modo di salvare il Report generato che dovrai allegare

Scarica Kaspersky TDSS Killer: http://support.kaspersky.com/downloads/ ... killer.exe
● posiziona il file scaricato sul Desktop
● clicca due volte sul file TDSSKiller.exe per avviare l'applicazione
● successivamente premi il pulsante Start scan

Nota - riguardo al programma:
● non cliccare sul pulsante Stop scan per nessun motivo, la scansione si interromperebbe

Giunti a questo punto, inizia la scansione del sistema alla ricerca di software malevolo:
● se viene trovato un file infetto, l'azione di default sarà Cure: clicca quindi su Continua
● se viene trovato un file sospetto, l'azione di default sarà Skip: clicca quindi su Continua
● se non viene rilevato nulla, chiudi semplicemente il programma al termine della scansione

Una volta terminata la scansione, si presenterà una di queste due opzioni:
non è necessario il riavvio del sistema: allega il Report situato nel Disco Locale C:\, di nome TDSSKiller.[Version]_[Date]_[Time]_log.txt
● è necessario riavviare il sistema: clicca su Riavvia ora, infine allega il risultato della scansione (si trova nello stesso percorso menzionato poco fa')
FrancescoFDAC
Utente Senior
 
Post: 1048
Iscritto il: 13/08/11 09:53

Re: Pc bloccato anche modalità provvisoria

Postdi franco75 » 19/08/12 16:08

si hai ragione,alla fine sono riuscito a lanciare combofix però arriva al stage_50 si blocca permanente.
franco75
Utente Senior
 
Post: 182
Iscritto il: 28/04/12 12:35

Re: Pc bloccato anche modalità provvisoria

Postdi franco75 » 19/08/12 16:10

Dimenticavo va solo con modalita provvisoria con rete,normale non c'è collegamento
franco75
Utente Senior
 
Post: 182
Iscritto il: 28/04/12 12:35

Re: Pc bloccato anche modalità provvisoria

Postdi franco75 » 19/08/12 16:29

Ecco il log.
[code][17:27:23.0952 1588 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05
17:27:24.0171 1588 ============================================================
17:27:24.0171 1588 Current date / time: 2012/08/19 17:27:24.0171
17:27:24.0171 1588 SystemInfo:
17:27:24.0171 1588
17:27:24.0171 1588 OS Version: 6.0.6002 ServicePack: 2.0
17:27:24.0171 1588 Product type: Workstation
17:27:24.0171 1588 ComputerName: PC-DOMENICO
17:27:24.0171 1588 UserName: domenico
17:27:24.0171 1588 Windows directory: C:\Windows
17:27:24.0171 1588 System windows directory: C:\Windows
17:27:24.0171 1588 Processor architecture: Intel x86
17:27:24.0171 1588 Number of processors: 2
17:27:24.0171 1588 Page size: 0x1000
17:27:24.0171 1588 Boot type: Safe boot with network
17:27:24.0171 1588 ============================================================
17:27:25.0372 1588 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:27:25.0372 1588 Drive \Device\Harddisk1\DR6 - Size: 0xF5D00000 (3.84 Gb), SectorSize: 0x200, Cylinders: 0x1F5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:27:25.0387 1588 ============================================================
17:27:25.0387 1588 \Device\Harddisk0\DR0:
17:27:25.0387 1588 MBR partitions:
17:27:25.0387 1588 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1BFF2FC1
17:27:25.0387 1588 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1BFF3000, BlocksNum 0x11D1000
17:27:25.0387 1588 \Device\Harddisk1\DR6:
17:27:25.0387 1588 MBR partitions:
17:27:25.0387 1588 \Device\Harddisk1\DR6\Partition1: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0x7AC800
17:27:25.0387 1588 ============================================================
17:27:25.0403 1588 C: <-> \Device\Harddisk0\DR0\Partition1
17:27:25.0450 1588 D: <-> \Device\Harddisk0\DR0\Partition2
17:27:25.0450 1588 ============================================================
17:27:25.0450 1588 Initialize success
17:27:25.0450 1588 ============================================================
17:27:35.0668 1428 ============================================================
17:27:35.0668 1428 Scan started
17:27:35.0668 1428 Mode: Manual;
17:27:35.0668 1428 ============================================================
17:27:36.0229 1428 ================ Scan services =============================
17:27:36.0385 1428 [ aef9ee4451d5c46370142cb06d0f3591 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
17:27:36.0385 1428 Accelerometer - ok
17:27:36.0448 1428 [ 82b296ae1892fe3dbee00c9cf92f8ac7 ] ACPI C:\Windows\system32\drivers\acpi.sys
17:27:36.0463 1428 ACPI - ok
17:27:36.0573 1428 [ 5e1a953c6472e7bb644892a4d0df5e72 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:27:36.0588 1428 AdobeFlashPlayerUpdateSvc - ok
17:27:36.0635 1428 [ 04f0fcac69c7c71a3ac4eb97fafc8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:27:36.0651 1428 adp94xx - ok
17:27:36.0682 1428 [ 60505e0041f7751bdbb80f88bf45c2ce ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:27:36.0682 1428 adpahci - ok
17:27:36.0713 1428 [ 8a42779b02aec986eab64ecfc98f8bd7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
17:27:36.0713 1428 adpu160m - ok
17:27:36.0713 1428 [ 241c9e37f8ce45ef51c3de27515ca4e5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:27:36.0729 1428 adpu320 - ok
17:27:36.0791 1428 [ 9d1fda9e086ba64e3c93c9de32461bcf ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:27:36.0791 1428 AeLookupSvc - ok
17:27:36.0900 1428 [ 3b1b2ee9df189f6bbb080bf393d1b2ee ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\aestsrv.exe
17:27:36.0900 1428 AESTFilters - ok
17:27:36.0963 1428 [ 3911b972b55fea0478476b2e777b29fa ] AFD C:\Windows\system32\drivers\afd.sys
17:27:36.0963 1428 AFD - ok
17:27:37.0025 1428 [ 13f9e33747e6b41a3ff305c37db0d360 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:27:37.0025 1428 agp440 - ok
17:27:37.0072 1428 [ e331924fdf522cd7cea1b647503784e8 ] ahcix86s C:\Windows\system32\DRIVERS\ahcix86s.sys
17:27:37.0072 1428 ahcix86s - ok
17:27:37.0087 1428 [ ae1fdf7bf7bb6c6a70f67699d880592a ] aic78xx C:\Windows\system32\drivers\djsvs.sys
17:27:37.0087 1428 aic78xx - ok
17:27:37.0103 1428 [ a1545b731579895d8cc44fc0481c1192 ] ALG C:\Windows\System32\alg.exe
17:27:37.0103 1428 ALG - ok
17:27:37.0119 1428 [ 9eaef5fc9b8e351afa7e78a6fae91f91 ] aliide C:\Windows\system32\drivers\aliide.sys
17:27:37.0119 1428 aliide - ok
17:27:37.0150 1428 [ c47344bc706e5f0b9dce369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
17:27:37.0150 1428 amdagp - ok
17:27:37.0165 1428 [ bafec23fc76ab781dfe9169f9b8dbebb ] Amddfltr C:\Windows\system32\DRIVERS\Amddfltr.sys
17:27:37.0181 1428 Amddfltr - ok
17:27:37.0197 1428 [ 9b78a39a4c173fdbc1321e0dd659b34c ] amdide C:\Windows\system32\drivers\amdide.sys
17:27:37.0197 1428 amdide - ok
17:27:37.0228 1428 [ 18f29b49ad23ecee3d2a826c725c8d48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
17:27:37.0228 1428 AmdK7 - ok
17:27:37.0243 1428 [ 93ae7f7dd54ab986a6f1a1b37be7442d ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:27:37.0243 1428 AmdK8 - ok
17:27:37.0306 1428 [ c6d704c7f0434dc791aac37cac4b6e14 ] Appinfo C:\Windows\System32\appinfo.dll
17:27:37.0321 1428 Appinfo - ok
17:27:37.0337 1428 [ 5d2888182fb46632511acee92fdad522 ] arc C:\Windows\system32\drivers\arc.sys
17:27:37.0337 1428 arc - ok
17:27:37.0384 1428 [ 5e2a321bd7c8b3624e41fdec3e244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:27:37.0384 1428 arcsas - ok
17:27:37.0415 1428 [ 53b202abee6455406254444303e87be1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:27:37.0415 1428 AsyncMac - ok
17:27:37.0446 1428 [ 1f05b78ab91c9075565a9d8a4b880bc4 ] atapi C:\Windows\system32\drivers\atapi.sys
17:27:37.0446 1428 atapi - ok
17:27:37.0509 1428 [ 600efe56f37adbd65a0fb076b50d1b8d ] athr C:\Windows\system32\DRIVERS\athr.sys
17:27:37.0509 1428 athr - ok
17:27:37.0571 1428 [ a8f308d79950de33b478a3e5e026add9 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
17:27:37.0587 1428 Ati External Event Utility - ok
17:27:37.0743 1428 [ 5000e60040e45b3e72791b19e1ced1e9 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
17:27:37.0789 1428 atikmdag - ok
17:27:37.0821 1428 [ 4aa1eb65481c392955939e735d27118b ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
17:27:37.0821 1428 AtiPcie - ok
17:27:37.0883 1428 [ 68e2a1a0407a66cf50da0300852424ab ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:27:37.0883 1428 AudioEndpointBuilder - ok
17:27:37.0914 1428 [ 68e2a1a0407a66cf50da0300852424ab ] Audiosrv C:\Windows\System32\Audiosrv.dll
17:27:37.0914 1428 Audiosrv - ok
17:27:38.0039 1428 [ 825f81a6f7dd073509db101f0ba6dc59 ] BBSvc C:\Program Files\Microsoft\BingBar\BBSvc.EXE
17:27:38.0039 1428 BBSvc - ok
17:27:38.0101 1428 [ cf6a67c90951e3e763d2135dede44b85 ] BCM43XV C:\Windows\system32\DRIVERS\bcmwl6.sys
17:27:38.0117 1428 BCM43XV - ok
17:27:38.0164 1428 [ 67e506b75bd5326a3ec7b70bd014dfb6 ] Beep C:\Windows\system32\drivers\Beep.sys
17:27:38.0164 1428 Beep - ok
17:27:38.0226 1428 [ c789af0f724fda5852fb9a7d3a432381 ] BFE C:\Windows\System32\bfe.dll
17:27:38.0242 1428 BFE - ok
17:27:38.0569 1428 [ a9e111a358ac5f7eba7ac61e43fc6725 ] BHDrvx86 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\BASHDefs\20120619.001\BHDrvx86.sys
17:27:38.0569 1428 BHDrvx86 - ok
17:27:38.0647 1428 [ 93952506c6d67330367f7e7934b6a02f ] BITS C:\Windows\system32\qmgr.dll
17:27:38.0679 1428 BITS - ok
17:27:38.0710 1428 [ d4df28447741fd3d953526e33a617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
17:27:38.0710 1428 blbdrive - ok
17:27:38.0741 1428 [ 35f376253f687bde63976ccb3f2108ca ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:27:38.0741 1428 bowser - ok
17:27:38.0788 1428 [ 9f9acc7f7ccde8a15c282d3f88b43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
17:27:38.0788 1428 BrFiltLo - ok
17:27:38.0803 1428 [ 56801ad62213a41f6497f96dee83755a ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
17:27:38.0803 1428 BrFiltUp - ok
17:27:38.0835 1428 [ a3629a0c4226f9e9c72faaeebc3ad33c ] Browser C:\Windows\System32\browser.dll
17:27:38.0835 1428 Browser - ok
17:27:38.0881 1428 [ b304e75cff293029eddf094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
17:27:38.0897 1428 Brserid - ok
17:27:38.0913 1428 [ 203f0b1e73adadbbb7b7b1fabd901f6b ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
17:27:38.0913 1428 BrSerWdm - ok
17:27:38.0928 1428 [ bd456606156ba17e60a04e18016ae54b ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
17:27:38.0928 1428 BrUsbMdm - ok
17:27:38.0944 1428 [ af72ed54503f717a43268b3cc5faec2e ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
17:27:38.0944 1428 BrUsbSer - ok
17:27:38.0959 1428 [ ad07c1ec6665b8b35741ab91200c6b68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
17:27:38.0959 1428 BTHMODEM - ok
17:27:39.0100 1428 catchme - ok
17:27:39.0178 1428 [ 2b2f9b4a08190334a9c36446b208bae9 ] ccSet_NIS C:\Windows\system32\drivers\NIS\1301010.003\ccSetx86.sys
17:27:39.0178 1428 ccSet_NIS - ok
17:27:39.0209 1428 [ 7add03e75beb9e6dd102c3081d29840a ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:27:39.0209 1428 cdfs - ok
17:27:39.0256 1428 [ 6b4bffb9becd728097024276430db314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:27:39.0256 1428 cdrom - ok
17:27:39.0318 1428 [ 312ec3e37a0a1f2006534913e37b4423 ] CertPropSvc C:\Windows\System32\certprop.dll
17:27:39.0318 1428 CertPropSvc - ok
17:27:39.0334 1428 [ e5d4133f37219dbcfe102bc61072589d ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:27:39.0349 1428 circlass - ok
17:27:39.0396 1428 [ d7659d3b5b92c31e84e53c1431f35132 ] CLFS C:\Windows\system32\CLFS.sys
17:27:39.0412 1428 CLFS - ok
17:27:39.0459 1428 [ 8ee772032e2fe80a924f3b8dd5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:27:39.0474 1428 clr_optimization_v2.0.50727_32 - ok
17:27:39.0568 1428 [ c5a75eb48e2344abdc162bda79e16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:27:39.0568 1428 clr_optimization_v4.0.30319_32 - ok
17:27:39.0630 1428 [ 99afc3795b58cc478fbbbcdc658fcb56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:27:39.0630 1428 CmBatt - ok
17:27:39.0646 1428 [ 0ca25e686a4928484e9fdabd168ab629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:27:39.0646 1428 cmdide - ok
17:27:39.0677 1428 [ 7795f8cebc284a426b53f541e538695f ] Com4QLBEx C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
17:27:39.0693 1428 Com4QLBEx - ok
17:27:39.0708 1428 [ 6afef0b60fa25de07c0968983ee4f60a ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:27:39.0708 1428 Compbatt - ok
17:27:39.0724 1428 COMSysApp - ok
17:27:39.0739 1428 [ 741e9dff4f42d2d8477d0fc1dc0df871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:27:39.0739 1428 crcdisk - ok
17:27:39.0755 1428 [ 1f07becdca750766a96cda811ba86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
17:27:39.0771 1428 Crusoe - ok
17:27:39.0817 1428 [ 75c6a297e364014840b48eccd7525e30 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:27:39.0817 1428 CryptSvc - ok
17:27:39.0911 1428 [ 3b5b4d53fec14f7476ca29a20cc31ac9 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:27:39.0911 1428 DcomLaunch - ok
17:27:39.0942 1428 [ 622c41a07ca7e6dd91770f50d532cb6c ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:27:39.0942 1428 DfsC - ok
17:27:40.0051 1428 [ 2cc3dcfb533a1035b13dcab6160ab38b ] DFSR C:\Windows\system32\DFSR.exe
17:27:40.0067 1428 DFSR - ok
17:27:40.0129 1428 [ 9028559c132146fb75eb7acf384b086a ] Dhcp C:\Windows\System32\dhcpcsvc.dll
17:27:40.0129 1428 Dhcp - ok
17:27:40.0176 1428 [ 5d4aefc3386920236a548271f8f1af6a ] disk C:\Windows\system32\drivers\disk.sys
17:27:40.0176 1428 disk - ok
17:27:40.0223 1428 [ 57d762f6f5974af0da2be88a3349baaa ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:27:40.0239 1428 Dnscache - ok
17:27:40.0270 1428 [ 324fd74686b1ef5e7c19a8af49e748f6 ] dot3svc C:\Windows\System32\dot3svc.dll
17:27:40.0270 1428 dot3svc - ok
17:27:40.0317 1428 [ a622e888f8aa2f6b49e9bc466f0e5def ] DPS C:\Windows\system32\dps.dll
17:27:40.0332 1428 DPS - ok
17:27:40.0395 1428 [ 97fef831ab90bee128c9af390e243f80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:27:40.0395 1428 drmkaud - ok
17:27:40.0441 1428 [ c68ac676b0ef30cfbb1080adce49eb1f ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:27:40.0473 1428 DXGKrnl - ok
17:27:40.0519 1428 [ 5425f74ac0c1dbd96a1e04f17d63f94c ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
17:27:40.0519 1428 E1G60 - ok
17:27:40.0566 1428 [ c0b95e40d85cd807d614e264248a45b9 ] EapHost C:\Windows\System32\eapsvc.dll
17:27:40.0582 1428 EapHost - ok
17:27:40.0644 1428 [ 7f64ea048dcfac7acf8b4d7b4e6fe371 ] Ecache C:\Windows\system32\drivers\ecache.sys
17:27:40.0644 1428 Ecache - ok
17:27:40.0785 1428 [ 8f7dbc4be48f5388a6fe1f285e7948ef ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
17:27:40.0785 1428 eeCtrl - ok
17:27:40.0847 1428 [ 9be3744d295a7701eb425332014f0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:27:40.0847 1428 ehRecvr - ok
17:27:40.0863 1428 [ ad1870c8e5d6dd340c829e6074bf3c3f ] ehSched C:\Windows\ehome\ehsched.exe
17:27:40.0878 1428 ehSched - ok
17:27:40.0894 1428 [ c27c4ee8926e74aa72efcab24c5242c3 ] ehstart C:\Windows\ehome\ehstart.dll
17:27:40.0894 1428 ehstart - ok
17:27:40.0956 1428 [ 23b62471681a124889978f6295b3f4c6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:27:40.0956 1428 elxstor - ok
17:27:41.0019 1428 [ 4e6b23dfc917ea39306b529b773950f4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
17:27:41.0034 1428 EMDMgmt - ok
17:27:41.0065 1428 [ 4cd6b056c5fd9e97c06fe74c81479517 ] enecir C:\Windows\system32\DRIVERS\enecir.sys
17:27:41.0065 1428 enecir - ok
17:27:41.0128 1428 [ 115dc729465a8c386615207f28875255 ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
17:27:41.0143 1428 EraserUtilRebootDrv - ok
17:27:41.0190 1428 [ 3db974f3935483555d7148663f726c61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:27:41.0190 1428 ErrDev - ok
17:27:41.0221 1428 [ 67058c46504bc12d821f38cf99b7b28f ] EventSystem C:\Windows\system32\es.dll
17:27:41.0221 1428 EventSystem - ok
17:27:41.0299 1428 [ 22b408651f9123527bcee54b4f6c5cae ] exfat C:\Windows\system32\drivers\exfat.sys
17:27:41.0299 1428 exfat - ok
17:27:41.0331 1428 [ 42f721c52eef2d6df9372a53813a83ef ] ezSharedSvc C:\Windows\System32\ezsvc7.dll
17:27:41.0346 1428 ezSharedSvc - ok
17:27:41.0393 1428 [ 1e9b9a70d332103c52995e957dc09ef8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:27:41.0393 1428 fastfat - ok
17:27:41.0424 1428 [ afe1e8b9782a0dd7fb46bbd88e43f89a ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:27:41.0424 1428 fdc - ok
17:27:41.0440 1428 [ 6629b5f0e98151f4afdd87567ea32ba3 ] fdPHost C:\Windows\system32\fdPHost.dll
17:27:41.0440 1428 fdPHost - ok
17:27:41.0455 1428 [ 89ed56dce8e47af40892778a5bd31fd2 ] FDResPub C:\Windows\system32\fdrespub.dll
17:27:41.0455 1428 FDResPub - ok
17:27:41.0487 1428 [ a8c0139a884861e3aae9cfe73b208a9f ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:27:41.0487 1428 FileInfo - ok
17:27:41.0518 1428 [ 0ae429a696aecbc5970e3cf2c62635ae ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:27:41.0518 1428 Filetrace - ok
17:27:41.0533 1428 [ 85b7cf99d532820495d68d747fda9ebd ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:27:41.0533 1428 flpydisk - ok
17:27:41.0580 1428 [ 01334f9ea68e6877c4ef05d3ea8abb05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:27:41.0580 1428 FltMgr - ok
17:27:41.0658 1428 [ 8ce364388c8eca59b14b539179276d44 ] FontCache C:\Windows\system32\FntCache.dll
17:27:41.0705 1428 FontCache - ok
17:27:41.0752 1428 [ c7fbdd1ed42f82bfa35167a5c9803ea3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:27:41.0752 1428 FontCache3.0.0.0 - ok
17:27:41.0814 1428 [ d909075fa72c090f27aa926c32cb4612 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
17:27:41.0814 1428 fssfltr - ok
17:27:41.0955 1428 [ 40cdfad174b3d5e80f95dda003c0b97f ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
17:27:41.0986 1428 fsssvc - ok
17:27:42.0017 1428 [ b972a66758577e0bfd1de0f91aaa27b5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:27:42.0017 1428 Fs_Rec - ok
17:27:42.0048 1428 [ 34582a6e6573d54a07ece5fe24a126b5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:27:42.0048 1428 gagp30kx - ok
17:27:42.0095 1428 [ 44d07e5a444692e9b6a5cdd7401b4402 ] GameConsoleService C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
17:27:42.0095 1428 GameConsoleService - ok
17:27:42.0142 1428 [ cd5d0aeee35dfd4e986a5aa1500a6e66 ] gpsvc C:\Windows\System32\gpsvc.dll
17:27:42.0157 1428 gpsvc - ok
17:27:42.0282 1428 [ f02a533f517eb38333cb12a9e8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
17:27:42.0282 1428 gupdate - ok
17:27:42.0298 1428 [ f02a533f517eb38333cb12a9e8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
17:27:42.0298 1428 gupdatem - ok
17:27:42.0360 1428 [ cc839e8d766cc31a7710c9f38cf3e375 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
17:27:42.0376 1428 gusvc - ok
17:27:42.0391 1428 [ 3f90e001369a07243763bd5a523d8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:27:42.0407 1428 HdAudAddService - ok
17:27:42.0454 1428 [ 062452b7ffd68c8c042a6261fe8dff4a ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:27:42.0469 1428 HDAudBus - ok
17:27:42.0501 1428 [ 1338520e78d90154ed6be8f84de5fceb ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:27:42.0501 1428 HidBth - ok
17:27:42.0532 1428 [ d8df3722d5e961baa1292aa2f12827e2 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:27:42.0532 1428 HidIr - ok
17:27:42.0579 1428 [ 84067081f3318162797385e11a8f0582 ] hidserv C:\Windows\System32\hidserv.dll
17:27:42.0579 1428 hidserv - ok
17:27:42.0625 1428 [ cca4b519b17e23a00b826c55716809cc ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:27:42.0625 1428 HidUsb - ok
17:27:42.0657 1428 [ 54d9e71dd3f6df476b99543f88650edf ] HitmanProScheduler C:\Program Files\HitmanPro\hmpsched.exe
17:27:42.0657 1428 HitmanProScheduler - ok
17:27:42.0688 1428 [ d8ad255b37da92434c26e4876db7d418 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:27:42.0688 1428 hkmsvc - ok
17:27:42.0719 1428 [ d13e6bfd7e9189d26a42e94cb2447044 ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
17:27:42.0719 1428 HP Health Check Service - ok
17:27:42.0750 1428 [ 16ee7b23a009e00d835cdb79574a91a6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
17:27:42.0750 1428 HpCISSs - ok
17:27:42.0766 1428 [ 64637b65c90df48c94bb9346afb3ac61 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
17:27:42.0766 1428 hpdskflt - ok
17:27:42.0797 1428 [ 35956140e686d53bf676cf0c778880fc ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
17:27:42.0797 1428 HpqKbFiltr - ok
17:27:42.0813 1428 [ d50fdad1e57aa60f1973cfc77d905f0e ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
17:27:42.0813 1428 hpqwmiex - ok
17:27:42.0828 1428 [ db8cf923dfd8dd336bea7f439a627858 ] hpsrv C:\Windows\system32\Hpservice.exe
17:27:42.0828 1428 hpsrv - ok
17:27:42.0891 1428 [ 46d67209550973257601a533e2ac5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS
17:27:42.0891 1428 HSFHWAZL - ok
17:27:42.0937 1428 [ ec36f1d542ed4252390d446bf6d4dfd0 ] HSF_DPV C:\Windows\system32\DRIVERS\VSTDPV3.SYS
17:27:42.0953 1428 HSF_DPV - ok
17:27:43.0000 1428 [ f870aa3e254628ebeafe754108d664de ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:27:43.0015 1428 HTTP - ok
17:27:43.0031 1428 [ c6b032d69650985468160fc9937cf5b4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
17:27:43.0031 1428 i2omp - ok
17:27:43.0093 1428 [ 22d56c8184586b7a1f6fa60be5f5a2bd ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:27:43.0093 1428 i8042prt - ok
17:27:43.0125 1428 [ 54155ea1b0df185878e0fc9ec3ac3a14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
17:27:43.0125 1428 iaStorV - ok
17:27:43.0187 1428 [ 6f95324909b502e2651442c1548ab12f ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
17:27:43.0187 1428 IDriverT - ok
17:27:43.0265 1428 [ 98477b08e61945f974ed9fdc4cb6bdab ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:27:43.0281 1428 idsvc - ok
17:27:43.0421 1428 [ 6262c22a913bd255a0795d070b82aa47 ] IDSVix86 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\IPSDefs\20120704.001\IDSvix86.sys
17:27:43.0437 1428 IDSVix86 - ok
17:27:43.0452 1428 [ 2d077bf86e843f901d8db709c95b49a5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:27:43.0468 1428 iirsp - ok
17:27:43.0530 1428 [ 9908d8a397b76cd8d31d0d383c5773c9 ] IKEEXT C:\Windows\System32\ikeext.dll
17:27:43.0546 1428 IKEEXT - ok
17:27:43.0561 1428 [ 83aa759f3189e6370c30de5dc5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
17:27:43.0561 1428 intelide - ok
17:27:43.0593 1428 [ 224191001e78c89dfa78924c3ea595ff ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:27:43.0593 1428 intelppm - ok
17:27:43.0624 1428 [ 9ac218c6e6105477484c6fdbe7d409a4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:27:43.0624 1428 IPBusEnum - ok
17:27:43.0655 1428 [ 62c265c38769b864cb25b4bcf62df6c3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:27:43.0655 1428 IpFilterDriver - ok
17:27:43.0686 1428 [ 1998bd97f950680bb55f55a7244679c2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:27:43.0702 1428 iphlpsvc - ok
17:27:43.0702 1428 IpInIp - ok
17:27:43.0733 1428 [ b25aaf203552b7b3491139d582b39ad1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
17:27:43.0733 1428 IPMIDRV - ok
17:27:43.0749 1428 [ 8793643a67b42cec66490b2a0cf92d68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
17:27:43.0749 1428 IPNAT - ok
17:27:43.0780 1428 [ 109c0dfb82c3632fbd11949b73aeeac9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:27:43.0780 1428 IRENUM - ok
17:27:43.0811 1428 [ 6c70698a3e5c4376c6ab5c7c17fb0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:27:43.0811 1428 isapnp - ok
17:27:43.0842 1428 [ 232fa340531d940aac623b121a595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
17:27:43.0842 1428 iScsiPrt - ok
17:27:43.0873 1428 [ bced60d16156e428f8df8cf27b0df150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
17:27:43.0873 1428 iteatapi - ok
17:27:43.0889 1428 [ 06fa654504a498c30adca8bec4e87e7e ] iteraid C:\Windows\system32\drivers\iteraid.sys
17:27:43.0889 1428 iteraid - ok
17:27:43.0936 1428 [ 858c550ebbd243826a2193262c1b54a3 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
17:27:43.0936 1428 JMCR - ok
17:27:43.0951 1428 [ 37605e0a8cf00cbba538e753e4344c6e ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:27:43.0951 1428 kbdclass - ok
17:27:43.0998 1428 [ ede59ec70e25c24581add1fbec7325f7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:27:43.0998 1428 kbdhid - ok
17:27:44.0029 1428 [ a3e186b4b935905b829219502557314e ] KeyIso C:\Windows\system32\lsass.exe
17:27:44.0045 1428 KeyIso - ok
17:27:44.0092 1428 [ 4a1445efa932a3baf5bdb02d7131ee20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:27:44.0092 1428 KSecDD - ok
17:27:44.0170 1428 [ 8078f8f8f7a79e2e6b494523a828c585 ] KtmRm C:\Windows\system32\msdtckrm.dll
17:27:44.0185 1428 KtmRm - ok
17:27:44.0232 1428 [ 1bf5eebfd518dd7298434d8c862f825d ] LanmanServer C:\Windows\System32\srvsvc.dll
17:27:44.0232 1428 LanmanServer - ok
17:27:44.0279 1428 [ 1db69705b695b987082c8baec0c6b34f ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:27:44.0279 1428 LanmanWorkstation - ok
17:27:44.0357 1428 [ 984ecb68ed2a2b2e6a544e87e24fba2d ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
17:27:44.0357 1428 LightScribeService - ok
17:27:44.0388 1428 [ d1c5883087a0c3f1344d9d55a44901f6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:27:44.0388 1428 lltdio - ok
17:27:44.0404 1428 [ 2d5a428872f1442631d0959a34abff63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:27:44.0419 1428 lltdsvc - ok
17:27:44.0435 1428 [ 35d40113e4a5b961b6ce5c5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:27:44.0435 1428 lmhosts - ok
17:27:44.0466 1428 [ c7e15e82879bf3235b559563d4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:27:44.0466 1428 LSI_FC - ok
17:27:44.0482 1428 [ ee01ebae8c9bf0fa072e0ff68718920a ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:27:44.0482 1428 LSI_SAS - ok
17:27:44.0497 1428 [ 912a04696e9ca30146a62afa1463dd5c ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:27:44.0497 1428 LSI_SCSI - ok
17:27:44.0513 1428 [ 8f5c7426567798e62a3b3614965d62cc ] luafv C:\Windows\system32\drivers\luafv.sys
17:27:44.0513 1428 luafv - ok
17:27:44.0529 1428 [ aef9babb8a506bc4ce0451a64aaded46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:27:44.0529 1428 Mcx2Svc - ok
17:27:44.0560 1428 [ 0001ce609d66632fa17b84705f658879 ] megasas C:\Windows\system32\drivers\megasas.sys
17:27:44.0560 1428 megasas - ok
17:27:44.0607 1428 [ c252f32cd9a49dbfc25ecf26ebd51a99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
17:27:44.0607 1428 MegaSR - ok
17:27:44.0622 1428 [ 1076ffcffaae8385fd62dfcb25ac4708 ] MMCSS C:\Windows\system32\mmcss.dll
17:27:44.0622 1428 MMCSS - ok
17:27:44.0653 1428 [ e13b5ea0f51ba5b1512ec671393d09ba ] Modem C:\Windows\system32\drivers\modem.sys
17:27:44.0653 1428 Modem - ok
17:27:44.0669 1428 [ 0a9bb33b56e294f686abb7c1e4e2d8a8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:27:44.0669 1428 monitor - ok
17:27:44.0700 1428 [ 5bf6a1326a335c5298477754a506d263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:27:44.0700 1428 mouclass - ok
17:27:44.0716 1428 [ 93b8d4869e12cfbe663915502900876f ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:27:44.0716 1428 mouhid - ok
17:27:44.0731 1428 [ bdafc88aa6b92f7842416ea6a48e1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
17:27:44.0731 1428 MountMgr - ok
17:27:44.0794 1428 [ 46297fa8e30a6007f14118fc2b942fbc ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
17:27:44.0794 1428 MozillaMaintenance - ok
17:27:44.0841 1428 [ 511d011289755dd9f9a7579fb0b064e6 ] mpio C:\Windows\system32\drivers\mpio.sys
17:27:44.0841 1428 mpio - ok
17:27:44.0872 1428 [ 22241feba9b2defa669c8cb0a8dd7d2e ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:27:44.0872 1428 mpsdrv - ok
17:27:44.0919 1428 [ 5de62c6e9108f14f6794060a9bdecaec ] MpsSvc C:\Windows\system32\mpssvc.dll
17:27:44.0934 1428 MpsSvc - ok
17:27:44.0997 1428 [ 4fbbb70d30fd20ec51f80061703b001e ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
17:27:44.0997 1428 Mraid35x - ok
17:27:45.0012 1428 [ 82cea0395524aacfeb58ba1448e8325c ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:27:45.0028 1428 MRxDAV - ok
17:27:45.0059 1428 [ 1e94971c4b446ab2290deb71d01cf0c2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:27:45.0059 1428 mrxsmb - ok
17:27:45.0090 1428 [ 4fccb34d793b116423209c0f8b7a3b03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:27:45.0106 1428 mrxsmb10 - ok
17:27:45.0106 1428 [ c3cb1b40ad4a0124d617a1199b0b9d7c ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:27:45.0121 1428 mrxsmb20 - ok
17:27:45.0168 1428 [ 28023e86f17001f7cd9b15a5bc9ae07d ] msahci C:\Windows\system32\drivers\msahci.sys
17:27:45.0168 1428 msahci - ok
17:27:45.0184 1428 [ 4468b0f385a86ecddaf8d3ca662ec0e7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:27:45.0184 1428 msdsm - ok
17:27:45.0199 1428 [ fd7520cc3a80c5fc8c48852bb24c6ded ] MSDTC C:\Windows\System32\msdtc.exe
17:27:45.0199 1428 MSDTC - ok
17:27:45.0246 1428 [ a9927f4a46b816c92f461acb90cf8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:27:45.0246 1428 Msfs - ok
17:27:45.0246 1428 [ 0f400e306f385c56317357d6dea56f62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:27:45.0262 1428 msisadrv - ok
17:27:45.0293 1428 [ 85466c0757a23d9a9aecdc0755203cb2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:27:45.0293 1428 MSiSCSI - ok
17:27:45.0309 1428 msiserver - ok
17:27:45.0340 1428 [ d8c63d34d9c9e56c059e24ec7185cc07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:27:45.0340 1428 MSKSSRV - ok
17:27:45.0387 1428 [ 1d373c90d62ddb641d50e55b9e78d65e ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:27:45.0387 1428 MSPCLOCK - ok
17:27:45.0402 1428 [ b572da05bf4e098d4bba3a4734fb505b ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:27:45.0402 1428 MSPQM - ok
17:27:45.0449 1428 [ b49456d70555de905c311bcda6ec6adb ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:27:45.0449 1428 MsRPC - ok
17:27:45.0480 1428 [ e384487cb84be41d09711c30ca79646c ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:27:45.0480 1428 mssmbios - ok
17:27:45.0496 1428 [ 7199c1eec1e4993caf96b8c0a26bd58a ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:27:45.0496 1428 MSTEE - ok
17:27:45.0527 1428 [ 6a57b5733d4cb702c8ea4542e836b96c ] Mup C:\Windows\system32\Drivers\mup.sys
17:27:45.0527 1428 Mup - ok
17:27:45.0574 1428 [ e4eaf0c5c1b41b5c83386cf212ca9584 ] napagent C:\Windows\system32\qagentRT.dll
17:27:45.0605 1428 napagent - ok
17:27:45.0667 1428 [ 85c44fdff9cf7e72a40dcb7ec06a4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:27:45.0667 1428 NativeWifiP - ok
17:27:45.0792 1428 [ f11033730b38260b6892e837c457fb4b ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20120704.017\NAVENG.SYS
17:27:45.0808 1428 NAVENG - ok
17:27:45.0870 1428 [ 4e4e7c0259d3bb97de24a636c0e06aba ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20120704.017\NAVEX15.SYS
17:27:45.0886 1428 NAVEX15 - ok
17:27:45.0964 1428 [ 1357274d1883f68300aeadd15d7bbb42 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:27:45.0964 1428 NDIS - ok
17:27:45.0995 1428 [ 0e186e90404980569fb449ba7519ae61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:27:45.0995 1428 NdisTapi - ok
17:27:46.0026 1428 [ d6973aa34c4d5d76c0430b181c3cd389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:27:46.0026 1428 Ndisuio - ok
17:27:46.0073 1428 [ 818f648618ae34f729fdb47ec68345c3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:27:46.0073 1428 NdisWan - ok
17:27:46.0089 1428 [ 71dab552b41936358f3b541ae5997fb3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:27:46.0089 1428 NDProxy - ok
17:27:46.0104 1428 [ bcd093a5a6777cf626434568dc7dba78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:27:46.0104 1428 NetBIOS - ok
17:27:46.0151 1428 [ ecd64230a59cbd93c85f1cd1cab9f3f6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
17:27:46.0151 1428 netbt - ok
17:27:46.0167 1428 [ a3e186b4b935905b829219502557314e ] Netlogon C:\Windows\system32\lsass.exe
17:27:46.0167 1428 Netlogon - ok
17:27:46.0198 1428 [ c8052711daecc48b982434c5116ca401 ] Netman C:\Windows\System32\netman.dll
17:27:46.0198 1428 Netman - ok
17:27:46.0213 1428 [ 2ef3bbe22e5a5acd1428ee387a0d0172 ] netprofm C:\Windows\System32\netprofm.dll
17:27:46.0229 1428 netprofm - ok
17:27:46.0260 1428 [ d6c4e4a39a36029ac0813d476fbd0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:27:46.0260 1428 NetTcpPortSharing - ok
17:27:46.0307 1428 [ 2e7fb731d4790a1bc6270accefacb36e ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:27:46.0307 1428 nfrd960 - ok
17:27:46.0432 1428 [ e127420b7feb65c7f279eaac183bbc0e ] NIS C:\Program Files\Norton Internet Security\Engine\19.1.1.3\ccSvcHst.exe
17:27:46.0432 1428 NIS - ok
17:27:46.0463 1428 [ 2997b15415f9bbe05b5a4c1c85e0c6a2 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:27:46.0463 1428 NlaSvc - ok
17:27:46.0494 1428 [ d36f239d7cce1931598e8fb90a0dbc26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:27:46.0494 1428 Npfs - ok
17:27:46.0510 1428 [ 8bb86f0c7eea2bded6fe095d0b4ca9bd ] nsi C:\Windows\system32\nsisvc.dll
17:27:46.0525 1428 nsi - ok
17:27:46.0541 1428 [ 609773e344a97410ce4ebf74a8914fcf ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:27:46.0541 1428 nsiproxy - ok
17:27:46.0603 1428 [ 6a4a98cee84cf9e99564510dda4baa47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:27:46.0635 1428 Ntfs - ok
17:27:46.0666 1428 [ e875c093aec0c978a90f30c9e0dfbb72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
17:27:46.0666 1428 ntrigdigi - ok
17:27:46.0697 1428 [ c5dbbcda07d780bda9b685df333bb41e ] Null C:\Windows\system32\drivers\Null.sys
17:27:46.0697 1428 Null - ok
17:27:46.0759 1428 [ 1657f3fbd9061526c14ff37e79306f98 ] NVENETFD C:\Windows\system32\DRIVERS\nvm60x32.sys
17:27:46.0759 1428 NVENETFD - ok
17:27:46.0775 1428 [ 2edf9e7751554b42cbb60116de727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:27:46.0791 1428 nvraid - ok
17:27:46.0806 1428 [ abed0c09758d1d97db0042dbb2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:27:46.0806 1428 nvstor - ok
17:27:46.0837 1428 [ 18bbdf913916b71bd54575bdb6eeac0b ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:27:46.0837 1428 nv_agp - ok
17:27:46.0837 1428 NwlnkFlt - ok
17:27:46.0853 1428 NwlnkFwd - ok
17:27:46.0947 1428 [ 785f487a64950f3cb8e9f16253ba3b7b ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:27:46.0947 1428 odserv - ok
17:27:47.0009 1428 [ 6f310e890d46e246e0e261a63d9b36b4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
17:27:47.0009 1428 ohci1394 - ok
17:27:47.0009 1428 ONDAUsbDiag - ok
17:27:47.0040 1428 ONDAUsbModem - ok
17:27:47.0056 1428 ONDAUsbNmea - ok
17:27:47.0087 1428 [ 5a432a042dae460abe7199b758e8606c ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:27:47.0087 1428 ose - ok
17:27:47.0149 1428 [ 0c8e8e61ad1eb0b250b846712c917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
17:27:47.0181 1428 p2pimsvc - ok
17:27:47.0212 1428 [ 0c8e8e61ad1eb0b250b846712c917506 ] p2psvc C:\Windows\system32\p2psvc.dll
17:27:47.0227 1428 p2psvc - ok
17:27:47.0243 1428 [ 0fa9b5055484649d63c303fe404e5f4d ] Parport C:\Windows\system32\drivers\parport.sys
17:27:47.0243 1428 Parport - ok
17:27:47.0274 1428 [ b9c2b89f08670e159f7181891e449cd9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:27:47.0274 1428 partmgr - ok
17:27:47.0305 1428 [ 4f9a6a8a31413180d0fcb279ad5d8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
17:27:47.0305 1428 Parvdm - ok
17:27:47.0337 1428 [ c6276ad11f4bb49b58aa1ed88537f14a ] PcaSvc C:\Windows\System32\pcasvc.dll
17:27:47.0337 1428 PcaSvc - ok
17:27:47.0383 1428 [ 941dc1d19e7e8620f40bbc206981efdb ] pci C:\Windows\system32\drivers\pci.sys
17:27:47.0383 1428 pci - ok
17:27:47.0399 1428 [ 1636d43f10416aeb483bc6001097b26c ] pciide C:\Windows\system32\drivers\pciide.sys
17:27:47.0399 1428 pciide - ok
17:27:47.0430 1428 [ e6f3fb1b86aa519e7698ad05e58b04e5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:27:47.0430 1428 pcmcia - ok
17:27:47.0493 1428 [ 6349f6ed9c623b44b52ea3c63c831a92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:27:47.0524 1428 PEAUTH - ok
17:27:47.0602 1428 [ b1689df169143f57053f795390c99db3 ] pla C:\Windows\system32\pla.dll
17:27:47.0649 1428 pla - ok
17:27:47.0680 1428 [ c5e7f8a996ec0a82d508fd9064a5569e ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:27:47.0695 1428 PlugPlay - ok
17:27:47.0727 1428 [ af4182b0afc6b5cb242caa8a4c2776a4 ] pmx3gmdm C:\Windows\system32\DRIVERS\pmx3gmdm.sys
17:27:47.0727 1428 pmx3gmdm - ok
17:27:47.0789 1428 [ a867673bb007d24d2d1b66012607c69f ] pmx3gnet C:\Windows\system32\DRIVERS\pmx3gnet.sys
17:27:47.0805 1428 pmx3gnet - ok
17:27:47.0851 1428 [ 0c8e8e61ad1eb0b250b846712c917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
17:27:47.0851 1428 PNRPAutoReg - ok
17:27:47.0883 1428 [ 0c8e8e61ad1eb0b250b846712c917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
17:27:47.0898 1428 PNRPsvc - ok
17:27:47.0929 1428 [ d0494460421a03cd5225cca0059aa146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:27:47.0945 1428 PolicyAgent - ok
17:27:47.0992 1428 [ ecfffaec0c1ecd8dbc77f39070ea1db1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:27:47.0992 1428 PptpMiniport - ok/code]
franco75
Utente Senior
 
Post: 182
Iscritto il: 28/04/12 12:35

Re: Pc bloccato anche modalità provvisoria

Postdi franco75 » 19/08/12 16:31

Continuo log.
Codice: Seleziona tutto
17:27:48.0007 1428  [ 2027293619dd0f047c584cf2e7df4ffd ] Processor       C:\Windows\system32\DRIVERS\processr.sys
17:27:48.0007 1428  Processor - ok
17:27:48.0070 1428  [ 0508faa222d28835310b7bfca7a77346 ] ProfSvc         C:\Windows\system32\profsvc.dll
17:27:48.0070 1428  ProfSvc - ok
17:27:48.0085 1428  [ a3e186b4b935905b829219502557314e ] ProtectedStorage C:\Windows\system32\lsass.exe
17:27:48.0101 1428  ProtectedStorage - ok
17:27:48.0132 1428  [ 99514faa8df93d34b5589187db3aa0ba ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
17:27:48.0132 1428  PSched - ok
17:27:48.0210 1428  [ 0a6db55afb7820c99aa1f3a1d270f4f6 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
17:27:48.0226 1428  ql2300 - ok
17:27:48.0226 1428  [ 81a7e5c076e59995d54bc1ed3a16e60b ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
17:27:48.0241 1428  ql40xx - ok
17:27:48.0304 1428  [ 026d1fa4033b82f18b99e44351d7e82e ] QPCapSvc        C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
17:27:48.0319 1428  QPCapSvc - ok
17:27:48.0335 1428  [ 7697bca450eae30a6cdb98898239e8b7 ] QPSched         C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
17:27:48.0335 1428  QPSched - ok
17:27:48.0366 1428  [ e9ecae663f47e6cb43962d18ab18890f ] QWAVE           C:\Windows\system32\qwave.dll
17:27:48.0382 1428  QWAVE - ok
17:27:48.0397 1428  [ 9f5e0e1926014d17486901c88eca2db7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:27:48.0397 1428  QWAVEdrv - ok
17:27:48.0429 1428  [ 147d7f9c556d259924351feb0de606c3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:27:48.0429 1428  RasAcd - ok
17:27:48.0444 1428  [ f6a452eb4ceadbb51c9e0ee6b3ecef0f ] RasAuto         C:\Windows\System32\rasauto.dll
17:27:48.0444 1428  RasAuto - ok
17:27:48.0475 1428  [ a214adbaf4cb47dd2728859ef31f26b0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
17:27:48.0475 1428  Rasl2tp - ok
17:27:48.0522 1428  [ 75d47445d70ca6f9f894b032fbc64fcf ] RasMan          C:\Windows\System32\rasmans.dll
17:27:48.0538 1428  RasMan - ok
17:27:48.0569 1428  [ 509a98dd18af4375e1fc40bc175f1def ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:27:48.0569 1428  RasPppoe - ok
17:27:48.0616 1428  [ 2005f4a1e05fa09389ac85840f0a9e4d ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
17:27:48.0616 1428  RasSstp - ok
17:27:48.0663 1428  [ b14c9d5b9add2f84f70570bbbfaa7935 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
17:27:48.0663 1428  rdbss - ok
17:27:48.0678 1428  [ 89e59be9a564262a3fb6c4f4f1cd9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
17:27:48.0678 1428  RDPCDD - ok
17:27:48.0709 1428  [ fbc0bacd9c3d7f6956853f64a66e252d ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
17:27:48.0709 1428  rdpdr - ok
17:27:48.0725 1428  [ 9d91fe5286f748862ecffa05f8a0710c ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
17:27:48.0725 1428  RDPENCDD - ok
17:27:48.0756 1428  [ c127ebd5afab31524662c48dfceb773a ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
17:27:48.0772 1428  RDPWD - ok
17:27:48.0819 1428  [ 431723f23d0e065bef502389e8ffdc10 ] Recovery Service for Windows C:\Windows\SMINST\BLService.exe
17:27:48.0819 1428  Recovery Service for Windows - ok
17:27:48.0881 1428  [ bcdd6b4804d06b1f7ebf29e53a57ece9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:27:48.0881 1428  RemoteAccess - ok
17:27:48.0928 1428  [ 9e6894ea18daff37b63e1005f83ae4ab ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:27:48.0928 1428  RemoteRegistry - ok
17:27:48.0975 1428  [ b9bb8e2093c1615ad6ea55ad96214354 ] Revoflt         C:\Windows\system32\DRIVERS\revoflt.sys
17:27:48.0975 1428  Revoflt - ok
17:27:49.0037 1428  [ 17e0bef5ca5c9ce52cc8082ac6ebc449 ] RichVideo       C:\Program Files\CyberLink\Shared Files\RichVideo.exe
17:27:49.0037 1428  RichVideo - ok
17:27:49.0053 1428  [ 5123f83cbc4349d065534eeb6bbdc42b ] RpcLocator      C:\Windows\system32\locator.exe
17:27:49.0068 1428  RpcLocator - ok
17:27:49.0099 1428  [ 3b5b4d53fec14f7476ca29a20cc31ac9 ] RpcSs           C:\Windows\system32\rpcss.dll
17:27:49.0099 1428  RpcSs - ok
17:27:49.0131 1428  [ 9c508f4074a39e8b4b31d27198146fad ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:27:49.0131 1428  rspndr - ok
17:27:49.0193 1428  [ 7157e70a90cce49deb8885d23a073a39 ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh86.sys
17:27:49.0193 1428  RTL8169 - ok
17:27:49.0224 1428  [ a3e186b4b935905b829219502557314e ] SamSs           C:\Windows\system32\lsass.exe
17:27:49.0224 1428  SamSs - ok
17:27:49.0255 1428  [ 3ce8f073a557e172b330109436984e30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
17:27:49.0255 1428  sbp2port - ok
17:27:49.0287 1428  [ 77b7a11a0c3d78d3386398fbbea1b632 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:27:49.0287 1428  SCardSvr - ok
17:27:49.0333 1428  [ 1a58069db21d05eb2ab58ee5753ebe8d ] Schedule        C:\Windows\system32\schedsvc.dll
17:27:49.0349 1428  Schedule - ok
17:27:49.0365 1428  [ 312ec3e37a0a1f2006534913e37b4423 ] SCPolicySvc     C:\Windows\System32\certprop.dll
17:27:49.0380 1428  SCPolicySvc - ok
17:27:49.0427 1428  [ 126ea89bcc413ee45e3004fb0764888f ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
17:27:49.0443 1428  sdbus - ok
17:27:49.0474 1428  [ 716313d9f6b0529d03f726d5aaf6f191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
17:27:49.0474 1428  SDRSVC - ok
17:27:49.0552 1428  [ cc781378e7eda615d2cdca3b17829fa4 ] SeaPort         C:\Program Files\Microsoft\BingBar\SeaPort.EXE
17:27:49.0567 1428  SeaPort - ok
17:27:49.0583 1428  [ 90a3935d05b494a5a39d37e71f09a677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:27:49.0583 1428  secdrv - ok
17:27:49.0599 1428  [ fd5199d4d8a521005e4b5ee7fe00fa9b ] seclogon        C:\Windows\system32\seclogon.dll
17:27:49.0614 1428  seclogon - ok
17:27:49.0614 1428  [ a9bbab5759771e523f55563d6cbe140f ] SENS            C:\Windows\system32\sens.dll
17:27:49.0630 1428  SENS - ok
17:27:49.0645 1428  [ 68e44e331d46f0fb38f0863a84cd1a31 ] Serenum         C:\Windows\system32\drivers\serenum.sys
17:27:49.0645 1428  Serenum - ok
17:27:49.0677 1428  [ c70d69a918b178d3c3b06339b40c2e1b ] Serial          C:\Windows\system32\drivers\serial.sys
17:27:49.0677 1428  Serial - ok
17:27:49.0708 1428  [ 8af3d28a879bf75db53a0ee7a4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
17:27:49.0708 1428  sermouse - ok
17:27:49.0739 1428  [ d2193326f729b163125610dbf3e17d57 ] SessionEnv      C:\Windows\system32\sessenv.dll
17:27:49.0755 1428  SessionEnv - ok
17:27:49.0770 1428  [ 3efa810bdca87f6ecc24f9832243fe86 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
17:27:49.0770 1428  sffdisk - ok
17:27:49.0801 1428  [ e95d451f7ea3e583aec75f3b3ee42dc5 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
17:27:49.0801 1428  sffp_mmc - ok
17:27:49.0817 1428  [ 3d0ea348784b7ac9ea9bd9f317980979 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
17:27:49.0817 1428  sffp_sd - ok
17:27:49.0848 1428  [ 46ed8e91793b2e6f848015445a0ac188 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
17:27:49.0848 1428  sfloppy - ok
17:27:49.0879 1428  [ e1499bd0ff76b1b2fbbf1af339d91165 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:27:49.0879 1428  SharedAccess - ok
17:27:49.0942 1428  [ c7230fbee14437716701c15be02c27b8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:27:49.0942 1428  ShellHWDetection - ok
17:27:49.0973 1428  [ 1d76624a09a054f682d746b924e2dbc3 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
17:27:49.0973 1428  sisagp - ok
17:27:50.0020 1428  [ 43cb7aa756c7db280d01da9b676cfde2 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
17:27:50.0020 1428  SiSRaid2 - ok
17:27:50.0035 1428  [ a99c6c8b0baa970d8aa59ddc50b57f94 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
17:27:50.0035 1428  SiSRaid4 - ok
17:27:50.0176 1428  [ 862bb4cbc05d80c5b45be430e5ef872f ] slsvc           C:\Windows\system32\SLsvc.exe
17:27:50.0223 1428  slsvc - ok
17:27:50.0285 1428  [ 6edc422215cd78aa8a9cde6b30abbd35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
17:27:50.0285 1428  SLUINotify - ok
17:27:50.0347 1428  [ 7b75299a4d201d6a6533603d6914ab04 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
17:27:50.0347 1428  Smb - ok
17:27:50.0394 1428  [ 2a146a055b4401c16ee62d18b8e2a032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:27:50.0394 1428  SNMPTRAP - ok
17:27:50.0425 1428  [ 7aebdeef071fe28b0eef2cdd69102bff ] spldr           C:\Windows\system32\drivers\spldr.sys
17:27:50.0425 1428  spldr - ok
17:27:50.0457 1428  [ 8554097e5136c3bf9f69fe578a1b35f4 ] Spooler         C:\Windows\System32\spoolsv.exe
17:27:50.0457 1428  Spooler - ok
17:27:50.0566 1428  [ 2c5fbf6a00a4a3dcf643e46e8acb20c2 ] SRTSP           C:\Windows\system32\drivers\NIS\1301010.003\SRTSP.SYS
17:27:50.0581 1428  SRTSP - ok
17:27:50.0597 1428  [ 9034ea58552b55f370e5293a7175c5ac ] SRTSPX          C:\Windows\system32\drivers\NIS\1301010.003\SRTSPX.SYS
17:27:50.0597 1428  SRTSPX - ok
17:27:50.0644 1428  [ 41987f9fc0e61adf54f581e15029ad91 ] srv             C:\Windows\system32\DRIVERS\srv.sys
17:27:50.0659 1428  srv - ok
17:27:50.0691 1428  [ ff33aff99564b1aa534f58868cbe41ef ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:27:50.0691 1428  srv2 - ok
17:27:50.0706 1428  [ 7605c0e1d01a08f3ecd743f38b834a44 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:27:50.0706 1428  srvnet - ok
17:27:50.0769 1428  [ d5dffeaa1e15d4effabb9d9a3068ac5b ] sscdbus         C:\Windows\system32\DRIVERS\sscdbus.sys
17:27:50.0769 1428  sscdbus - ok
17:27:50.0800 1428  [ 8a1be0c347814f482f493aea619d57f6 ] sscdmdfl        C:\Windows\system32\DRIVERS\sscdmdfl.sys
17:27:50.0800 1428  sscdmdfl - ok
17:27:50.0831 1428  [ 5ab0b1987f682a59b15b78f84c6ad7d0 ] sscdmdm         C:\Windows\system32\DRIVERS\sscdmdm.sys
17:27:50.0831 1428  sscdmdm - ok
17:27:50.0878 1428  [ 03d50b37234967433a5ea5ba72bc0b62 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
17:27:50.0878 1428  SSDPSRV - ok
17:27:50.0925 1428  [ 6f1a32e7b7b30f004d9a20afadb14944 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
17:27:50.0925 1428  SstpSvc - ok
17:27:51.0018 1428  [ ec9c5f6c0f58446545d839bc11a3692b ] STacSV          C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe
17:27:51.0018 1428  STacSV - ok
17:27:51.0096 1428  [ 21cc262ab5f42f7a6b91dc7304c2f267 ] STHDA           C:\Windows\system32\DRIVERS\stwrt.sys
17:27:51.0112 1428  STHDA - ok
17:27:51.0159 1428  [ 5de7d67e49b88f5f07f3e53c4b92a352 ] stisvc          C:\Windows\System32\wiaservc.dll
17:27:51.0190 1428  stisvc - ok
17:27:51.0221 1428  [ 7ba58ecf0c0a9a69d44b3dca62becf56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
17:27:51.0221 1428  swenum - ok
17:27:51.0237 1428  [ f21fd248040681cca1fb6c9a03aaa93d ] swprv           C:\Windows\System32\swprv.dll
17:27:51.0252 1428  swprv - ok
17:27:51.0283 1428  [ 192aa3ac01df071b541094f251deed10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
17:27:51.0283 1428  Symc8xx - ok
17:27:51.0346 1428  [ 690fa0e61b90084c4d9a721bd4f3d779 ] SymDS           C:\Windows\system32\drivers\NIS\1301010.003\SYMDS.SYS
17:27:51.0346 1428  SymDS - ok
17:27:51.0408 1428  [ a0c7005387bb6f055bb50bd8e779368b ] SymEFA          C:\Windows\system32\drivers\NIS\1301010.003\SYMEFA.SYS
17:27:51.0424 1428  SymEFA - ok
17:27:51.0455 1428  [ 555fb450fe6908600310e990738b41d6 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT.SYS
17:27:51.0455 1428  SymEvent - ok
17:27:51.0471 1428  [ 39c35ddbb570e9f334f239248e4de34d ] SymIRON         C:\Windows\system32\drivers\NIS\1301010.003\Ironx86.SYS
17:27:51.0486 1428  SymIRON - ok
17:27:51.0502 1428  [ 671753e39b8f12cf9b6bcefcb19f89b0 ] SYMTDIv         C:\Windows\system32\drivers\NIS\1301010.003\SYMTDIV.SYS
17:27:51.0517 1428  SYMTDIv - ok
17:27:51.0533 1428  [ 8c8eb8c76736ebaf3b13b633b2e64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
17:27:51.0549 1428  Sym_hi - ok
17:27:51.0549 1428  [ 8072af52b5fd103bbba387a1e49f62cb ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
17:27:51.0549 1428  Sym_u3 - ok
17:27:51.0580 1428  [ f5d926807bd9bc0af68f9376144de425 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
17:27:51.0580 1428  SynTP - ok
17:27:51.0627 1428  [ 9a51b04e9886aa4ee90093586b0ba88d ] SysMain         C:\Windows\system32\sysmain.dll
17:27:51.0658 1428  SysMain - ok
17:27:51.0673 1428  [ 2dca225eae15f42c0933e998ee0231c3 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:27:51.0689 1428  TabletInputService - ok
17:27:51.0705 1428  [ d7673e4b38ce21ee54c59eeeb65e2483 ] TapiSrv         C:\Windows\System32\tapisrv.dll
17:27:51.0720 1428  TapiSrv - ok
17:27:51.0736 1428  [ cb05822cd9cc6c688168e113c603dbe7 ] TBS             C:\Windows\System32\tbssvc.dll
17:27:51.0736 1428  TBS - ok
17:27:51.0798 1428  [ 27d470dabc77bc60d0a3b0e4deb6cb91 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
17:27:51.0814 1428  Tcpip - ok
17:27:51.0861 1428  [ 27d470dabc77bc60d0a3b0e4deb6cb91 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
17:27:51.0876 1428  Tcpip6 - ok
17:27:51.0907 1428  [ 608c345a255d82a6289c2d468eb41fd7 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:27:51.0907 1428  tcpipreg - ok
17:27:51.0939 1428  [ 5dcf5e267be67a1ae926f2df77fbcc56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
17:27:51.0939 1428  TDPIPE - ok
17:27:51.0985 1428  [ 389c63e32b3cefed425b61ed92d3f021 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
17:27:51.0985 1428  TDTCP - ok
17:27:52.0017 1428  [ 76b06eb8a01fc8624d699e7045303e54 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
17:27:52.0017 1428  tdx - ok
17:27:52.0032 1428  [ 3cad38910468eab9a6479e2f01db43c7 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
17:27:52.0032 1428  TermDD - ok
17:27:52.0079 1428  [ bb95da09bef6e7a131bff3ba5032090d ] TermService     C:\Windows\System32\termsrv.dll
17:27:52.0095 1428  TermService - ok
17:27:52.0126 1428  [ c7230fbee14437716701c15be02c27b8 ] Themes          C:\Windows\system32\shsvcs.dll
17:27:52.0126 1428  Themes - ok
17:27:52.0141 1428  [ 1076ffcffaae8385fd62dfcb25ac4708 ] THREADORDER     C:\Windows\system32\mmcss.dll
17:27:52.0141 1428  THREADORDER - ok
17:27:52.0173 1428  [ ec74e77d0eb004bd3a809b5f8fb8c2ce ] TrkWks          C:\Windows\System32\trkwks.dll
17:27:52.0173 1428  TrkWks - ok
17:27:52.0219 1428  [ 97d9d6a04e3ad9b6c626b9931db78dba ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:27:52.0219 1428  TrustedInstaller - ok
17:27:52.0251 1428  [ dcf0f056a2e4f52287264f5ab29cf206 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
17:27:52.0251 1428  tssecsrv - ok
17:27:52.0297 1428  [ caecc0120ac49e3d2f758b9169872d38 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
17:27:52.0297 1428  tunmp - ok
17:27:52.0344 1428  [ 300db877ac094feab0be7688c3454a9c ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:27:52.0344 1428  tunnel - ok
17:27:52.0360 1428  [ 7d33c4db2ce363c8518d2dfcf533941f ] uagp35          C:\Windows\system32\drivers\uagp35.sys
17:27:52.0360 1428  uagp35 - ok
17:27:52.0391 1428  [ d9728af68c4c7693cb100b8441cbdec6 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:27:52.0391 1428  udfs - ok
17:27:52.0422 1428  [ ecef404f62863755951e09c802c94ad5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
17:27:52.0422 1428  UI0Detect - ok
17:27:52.0438 1428  [ b0acfdc9e4af279e9116c03e014b2b27 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
17:27:52.0453 1428  uliagpkx - ok
17:27:52.0485 1428  [ 9224bb254f591de4ca8d572a5f0d635c ] uliahci         C:\Windows\system32\drivers\uliahci.sys
17:27:52.0485 1428  uliahci - ok
17:27:52.0500 1428  [ 8514d0e5cd0534467c5fc61be94a569f ] UlSata          C:\Windows\system32\drivers\ulsata.sys
17:27:52.0500 1428  UlSata - ok
17:27:52.0500 1428  [ 38c3c6e62b157a6bc46594fada45c62b ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
17:27:52.0516 1428  ulsata2 - ok
17:27:52.0531 1428  [ 32cff9f809ae9aed85464492bf3e32d2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
17:27:52.0531 1428  umbus - ok
17:27:52.0578 1428  [ 68308183f4ae0be7bf8ecd07cb297999 ] upnphost        C:\Windows\System32\upnphost.dll
17:27:52.0578 1428  upnphost - ok
17:27:52.0609 1428  [ caf811ae4c147ffcd5b51750c7f09142 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
17:27:52.0609 1428  usbccgp - ok
17:27:52.0656 1428  [ e9476e6c486e76bc4898074768fb7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
17:27:52.0656 1428  usbcir - ok
17:27:52.0703 1428  [ 79e96c23a97ce7b8f14d310da2db0c9b ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
17:27:52.0703 1428  usbehci - ok
17:27:52.0734 1428  [ 4673bbcb006af60e7abddbe7a130ba42 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
17:27:52.0734 1428  usbhub - ok
17:27:52.0765 1428  [ ce697fee0d479290d89bec80dfe793b7 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
17:27:52.0765 1428  usbohci - ok
17:27:52.0797 1428  [ e75c4b5269091d15a2e7dc0b6d35f2f5 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
17:27:52.0797 1428  usbprint - ok
17:27:52.0843 1428  [ a508c9bd8724980512136b039bba65e9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
17:27:52.0843 1428  usbscan - ok
17:27:52.0875 1428  [ be3da31c191bc222d9ad503c5224f2ad ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:27:52.0875 1428  USBSTOR - ok
17:27:52.0890 1428  [ 814d653efc4d48be3b04a307eceff56f ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
17:27:52.0890 1428  usbuhci - ok
17:27:52.0953 1428  [ e67998e8f14cb0627a769f6530bcb352 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
17:27:52.0953 1428  usbvideo - ok
17:27:52.0984 1428  [ 1509e705f3ac1d474c92454a5c2dd81f ] UxSms           C:\Windows\System32\uxsms.dll
17:27:52.0984 1428  UxSms - ok
17:27:53.0031 1428  [ cd88d1b7776dc17a119049742ec07eb4 ] vds             C:\Windows\System32\vds.exe
17:27:53.0031 1428  vds - ok
17:27:53.0062 1428  [ 87b06e1f30b749a114f74622d013f8d4 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
17:27:53.0062 1428  vga - ok
17:27:53.0093 1428  [ 2e93ac0a1d8c79d019db6c51f036636c ] VgaSave         C:\Windows\System32\drivers\vga.sys
17:27:53.0093 1428  VgaSave - ok
17:27:53.0124 1428  [ 5d7159def58a800d5781ba3a879627bc ] viaagp          C:\Windows\system32\drivers\viaagp.sys
17:27:53.0124 1428  viaagp - ok
17:27:53.0171 1428  [ c4f3a691b5bad343e6249bd8c2d45dee ] ViaC7           C:\Windows\system32\drivers\viac7.sys
17:27:53.0171 1428  ViaC7 - ok
17:27:53.0187 1428  [ aadf5587a4063f52c2c3fed7887426fc ] viaide          C:\Windows\system32\drivers\viaide.sys
17:27:53.0187 1428  viaide - ok
17:27:53.0187 1428  [ 69503668ac66c77c6cd7af86fbdf8c43 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
17:27:53.0202 1428  volmgr - ok
17:27:53.0249 1428  [ 23e41b834759917bfd6b9a0d625d0c28 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
17:27:53.0249 1428  volmgrx - ok
17:27:53.0280 1428  [ 147281c01fcb1df9252de2a10d5e7093 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
17:27:53.0296 1428  volsnap - ok
17:27:53.0311 1428  [ 587253e09325e6bf226b299774b728a9 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
17:27:53.0311 1428  vsmraid - ok
17:27:53.0358 1428  [ db3d19f850c6eb32bdcb9bc0836acddb ] VSS             C:\Windows\system32\vssvc.exe
17:27:53.0374 1428  VSS - ok
17:27:53.0436 1428  [ 96ea68b9eb310a69c25ebb0282b2b9de ] W32Time         C:\Windows\system32\w32time.dll
17:27:53.0467 1428  W32Time - ok
17:27:53.0499 1428  [ 48dfee8f1af7c8235d4e626f0c4fe031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
17:27:53.0499 1428  WacomPen - ok
17:27:53.0514 1428  [ 55201897378cca7af8b5efd874374a26 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
17:27:53.0530 1428  Wanarp - ok
17:27:53.0530 1428  [ 55201897378cca7af8b5efd874374a26 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
17:27:53.0530 1428  Wanarpv6 - ok
17:27:53.0561 1428  [ a3cd60fd826381b49f03832590e069af ] wcncsvc         C:\Windows\System32\wcncsvc.dll
17:27:53.0577 1428  wcncsvc - ok
17:27:53.0592 1428  [ 11bcb7afcdd7aadacb5746f544d3a9c7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:27:53.0608 1428  WcsPlugInService - ok
17:27:53.0623 1428  [ 78fe9542363f297b18c027b2d7e7c07f ] Wd              C:\Windows\system32\drivers\wd.sys
17:27:53.0623 1428  Wd - ok
17:27:53.0639 1428  [ b6f0a7ad6d4bd325fbcd8bac96cd8d96 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:27:53.0670 1428  Wdf01000 - ok
17:27:53.0686 1428  [ abfc76b48bb6c96e3338d8943c5d93b5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:27:53.0686 1428  WdiServiceHost - ok
17:27:53.0701 1428  [ abfc76b48bb6c96e3338d8943c5d93b5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
17:27:53.0701 1428  WdiSystemHost - ok
17:27:53.0748 1428  [ 04c37d8107320312fbae09926103d5e2 ] WebClient       C:\Windows\System32\webclnt.dll
17:27:53.0748 1428  WebClient - ok
17:27:53.0811 1428  [ ae3736e7e8892241c23e4ebbb7453b60 ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:27:53.0811 1428  Wecsvc - ok
17:27:53.0826 1428  [ 670ff720071ed741206d69bd995ea453 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
17:27:53.0826 1428  wercplsupport - ok
17:27:53.0873 1428  [ 32b88481d3b326da6deb07b1d03481e7 ] WerSvc          C:\Windows\System32\WerSvc.dll
17:27:53.0889 1428  WerSvc - ok
17:27:53.0951 1428  [ 5c7bdcf5864db00323fe2d90fa26a8a2 ] winachsf        C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
17:27:53.0951 1428  winachsf - ok
17:27:53.0998 1428  [ 4575aa12561c5648483403541d0d7f2b ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
17:27:54.0013 1428  WinDefend - ok
17:27:54.0029 1428  WinHttpAutoProxySvc - ok
17:27:54.0076 1428  [ 6b2a1d0e80110e3d04e6863c6e62fd8a ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
17:27:54.0076 1428  Winmgmt - ok
17:27:54.0154 1428  [ 7cfe68bdc065e55aa5e8421607037511 ] WinRM           C:\Windows\system32\WsmSvc.dll
17:27:54.0201 1428  WinRM - ok
17:27:54.0263 1428  [ c008405e4feeb069e30da1d823910234 ] Wlansvc         C:\Windows\System32\wlansvc.dll
17:27:54.0279 1428  Wlansvc - ok
17:27:54.0419 1428  [ fb01d4ae207b9efdbabfc55dc95c7e31 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:27:54.0435 1428  wlidsvc - ok
17:27:54.0466 1428  [ 2e7255d172df0b8283cdfb7b433b864e ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
17:27:54.0466 1428  WmiAcpi - ok
17:27:54.0497 1428  [ 43be3875207dcb62a85c8c49970b66cc ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:27:54.0497 1428  wmiApSrv - ok
17:27:54.0575 1428  [ 3978704576a121a9204f8cc49a301a9b ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
17:27:54.0606 1428  WMPNetworkSvc - ok
17:27:54.0622 1428  [ cfc5a04558f5070cee3e3a7809f3ff52 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:27:54.0637 1428  WPCSvc - ok
17:27:54.0669 1428  [ 801fbdb89d472b3c467eb112a0fc9246 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:27:54.0669 1428  WPDBusEnum - ok
17:27:54.0731 1428  [ de9d36f91a4df3d911626643debf11ea ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
17:27:54.0731 1428  WpdUsb - ok
17:27:54.0871 1428  [ dcf3e3edf5109ee8bc02fe6e1f045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
17:27:54.0887 1428  WPFFontCache_v0400 - ok
17:27:54.0903 1428  [ e3a3cb253c0ec2494d4a61f5e43a389c ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
17:27:54.0903 1428  ws2ifsl - ok
17:27:54.0949 1428  [ 1ca6c40261ddc0425987980d0cd2aaab ] wscsvc          C:\Windows\system32\wscsvc.dll
17:27:54.0949 1428  wscsvc - ok
17:27:54.0949 1428  WSearch - ok
17:27:55.0059 1428  [ fc3ec24fce372c89423e015a2ac1a31e ] wuauserv        C:\Windows\system32\wuaueng.dll
17:27:55.0137 1428  wuauserv - ok
17:27:55.0168 1428  [ ac13cb789d93412106b0fb6c7eb2bcb6 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
17:27:55.0168 1428  WUDFRd - ok
17:27:55.0199 1428  [ 575a4190d989f64732119e4114045a4f ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
17:27:55.0199 1428  wudfsvc - ok
17:27:55.0230 1428  ================ Scan global ===============================
17:27:55.0277 1428  (f31eebc1a1c81fd04005489cc3dcdfe7) C:\Windows\system32\basesrv.dll
17:27:55.0324 1428  (d2293b069e4b63dc17b2f08d45e71124) C:\Windows\system32\winsrv.dll
17:27:55.0371 1428  (d2293b069e4b63dc17b2f08d45e71124) C:\Windows\system32\winsrv.dll
17:27:55.0417 1428  (d4e6d91c1349b7bfb3599a6ada56851b) C:\Windows\system32\services.exe
17:27:55.0417 1428  [Global] - ok
17:27:55.0417 1428  ================ Scan MBR ==================================
17:27:55.0433 1428  MBR (0x1B8)     (85d751f0e41b8e520aee8c07a8da777b) \Device\Harddisk0\DR0
17:27:55.0698 1428  \Device\Harddisk0\DR0 - ok
17:27:55.0698 1428  MBR (0x1B8)     (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR6
17:27:55.0792 1428  \Device\Harddisk1\DR6 - ok
17:27:55.0792 1428  ================ Scan VBR ==================================
17:27:55.0792 1428  Boot (0x1200)   (2b98de290104a260d0f26a979d49e18f) \Device\Harddisk0\DR0\Partition1
17:27:55.0792 1428  \Device\Harddisk0\DR0\Partition1 - ok
17:27:55.0807 1428  Boot (0x1200)   (8383483fb2bdad163a2c3448d8f62bc9) \Device\Harddisk0\DR0\Partition2
17:27:55.0807 1428  \Device\Harddisk0\DR0\Partition2 - ok
17:27:55.0807 1428  Boot (0x1200)   (95e6c803234ae6aa6294bb3e617cb69e) \Device\Harddisk1\DR6\Partition1
17:27:55.0823 1428  \Device\Harddisk1\DR6\Partition1 - ok
17:27:55.0823 1428  ============================================================
17:27:55.0823 1428  Scan finished
17:27:55.0823 1428  ============================================================
17:27:55.0839 0392  Detected object count: 0
17:27:55.0839 0392  Actual detected object count: 0
17:28:31.0453 1964  Deinitialize success
franco75
Utente Senior
 
Post: 182
Iscritto il: 28/04/12 12:35

Re: Pc bloccato anche modalità provvisoria

Postdi franco75 » 19/08/12 16:31

Secondo log.
Codice: Seleziona tutto
HitmanPro 3.6.1.164
www.hitmanpro.com

   Computer name . . . . : PC-DOMENICO
   Windows . . . . . . . : 6.0.2.6002.X86/2
   Safe Mode Boot  . . . : NETWORK
   User name . . . . . . : PC-domenico\domenico
   UAC . . . . . . . . . : Disabled
   License . . . . . . . : Trial (30 days left)

   Scan date . . . . . . : 2012-08-19 17:22:20
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 3m 41s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 0

   Objects scanned . . . : 1.613.282
   Files scanned . . . . : 27.116
   Remnants scanned  . . : 335.717 files / 1.250.449 keys
franco75
Utente Senior
 
Post: 182
Iscritto il: 28/04/12 12:35

Re: Pc bloccato anche modalità provvisoria

Postdi franco75 » 19/08/12 16:57

Al terzo tentativo di Combofix arrivando al stage_50 compare File system infetti si blocca tutto.
franco75
Utente Senior
 
Post: 182
Iscritto il: 28/04/12 12:35

Re: Pc bloccato anche modalità provvisoria

Postdi franco75 » 19/08/12 17:52

Ho provato ad avviare MBRChek,compare la scritta Found non-standard or infected MBR,allego il Log.
Codice: Seleziona tutto
MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:         
Windows Version:      Windows Vista Home Premium Edition
Windows Information:      Service Pack 2 (build 6002), 32-bit
Base Board Manufacturer:   HP
BIOS Manufacturer:      Hewlett-Packard
System Manufacturer:      Hewlett-Packard
System Product Name:      HP Pavilion dv5 Notebook PC
Logical Drives Mask:      0x0000001c

Kernel Drivers (total 164):
  0x82234000 \SystemRoot\system32\ntkrnlpa.exe
  0x82201000 \SystemRoot\system32\hal.dll
  0x8040F000 \SystemRoot\system32\kdcom.dll
  0x80416000 \SystemRoot\system32\PSHED.dll
  0x80427000 \SystemRoot\system32\BOOTVID.dll
  0x8042F000 \SystemRoot\system32\CLFS.SYS
  0x80470000 \SystemRoot\system32\CI.dll
  0x80550000 \SystemRoot\system32\drivers\Wdf01000.sys
  0x805CC000 \SystemRoot\system32\drivers\WDFLDR.SYS
  0x80608000 \SystemRoot\system32\drivers\acpi.sys
  0x8064E000 \SystemRoot\system32\drivers\WMILIB.SYS
  0x80657000 \SystemRoot\system32\drivers\msisadrv.sys
  0x8065F000 \SystemRoot\system32\drivers\pci.sys
  0x80686000 \SystemRoot\system32\drivers\isapnp.sys
  0x80695000 \SystemRoot\system32\drivers\mpio.sys
  0x806B1000 \SystemRoot\System32\drivers\partmgr.sys
  0x806C1000 \SystemRoot\system32\DRIVERS\compbatt.sys
  0x806C4000 \SystemRoot\system32\DRIVERS\BATTC.SYS
  0x806CE000 \SystemRoot\system32\drivers\volmgr.sys
  0x806DD000 \SystemRoot\System32\drivers\volmgrx.sys
  0x80727000 \SystemRoot\system32\drivers\intelide.sys
  0x8072E000 \SystemRoot\system32\drivers\PCIIDEX.SYS
  0x8073C000 \SystemRoot\system32\drivers\pciide.sys
  0x80743000 \SystemRoot\system32\drivers\aliide.sys
  0x8074A000 \SystemRoot\system32\drivers\amdide.sys
  0x80751000 \SystemRoot\system32\drivers\cmdide.sys
  0x80759000 \SystemRoot\System32\drivers\mountmgr.sys
  0x80769000 \SystemRoot\system32\drivers\msdsm.sys
  0x80783000 \SystemRoot\system32\drivers\nvraid.sys
  0x8079E000 \SystemRoot\system32\drivers\CLASSPNP.SYS
  0x807BF000 \SystemRoot\system32\drivers\viaide.sys
  0x83806000 \SystemRoot\system32\drivers\iastorv.sys
  0x838A7000 \SystemRoot\system32\drivers\atapi.sys
  0x838AF000 \SystemRoot\system32\drivers\ataport.SYS
  0x838CD000 \SystemRoot\system32\drivers\lsi_scsi.sys
  0x838E7000 \SystemRoot\system32\drivers\storport.sys
  0x83928000 \SystemRoot\system32\drivers\nvstor.sys
  0x83935000 \SystemRoot\system32\drivers\msahci.sys
  0x8393F000 \SystemRoot\system32\drivers\hpcisss.sys
  0x8394A000 \SystemRoot\system32\drivers\adp94xx.sys
  0x839B4000 \SystemRoot\system32\drivers\adpahci.sys
  0x807C7000 \SystemRoot\system32\drivers\adpu160m.sys
  0x805D9000 \SystemRoot\system32\drivers\SCSIPORT.SYS
  0x83A06000 \SystemRoot\system32\drivers\adpu320.sys
  0x83A2C000 \SystemRoot\system32\drivers\djsvs.sys
  0x83A40000 \SystemRoot\system32\drivers\arc.sys
  0x83A56000 \SystemRoot\system32\drivers\arcsas.sys
  0x83A6C000 \SystemRoot\system32\drivers\elxstor.sys
  0x83B00000 \SystemRoot\system32\drivers\i2omp.sys
  0x83B0A000 \SystemRoot\system32\drivers\iirsp.sys
  0x83B1A000 \SystemRoot\system32\drivers\iteatapi.sys
  0x83B26000 \SystemRoot\system32\drivers\iteraid.sys
  0x83B32000 \SystemRoot\system32\drivers\lsi_fc.sys
  0x83B4C000 \SystemRoot\system32\drivers\lsi_sas.sys
  0x83B64000 \SystemRoot\system32\drivers\megasas.sys
  0x8AE05000 \SystemRoot\system32\drivers\megasr.sys
  0x8AEBC000 \SystemRoot\system32\drivers\mraid35x.sys
  0x8AEC7000 \SystemRoot\system32\drivers\nfrd960.sys
  0x8B00D000 \SystemRoot\system32\drivers\ql2300.sys
  0x8B145000 \SystemRoot\system32\drivers\ql40xx.sys
  0x8B19A000 \SystemRoot\system32\drivers\sisraid2.sys
  0x8B1A7000 \SystemRoot\system32\drivers\sisraid4.sys
  0x8B1BC000 \SystemRoot\system32\drivers\symc8xx.sys
  0x8B1C8000 \SystemRoot\system32\drivers\sym_hi.sys
  0x8B1D3000 \SystemRoot\system32\drivers\sym_u3.sys
  0x8AED5000 \SystemRoot\system32\drivers\uliahci.sys
  0x8B1DE000 \SystemRoot\system32\drivers\ulsata.sys
  0x8AF11000 \SystemRoot\system32\drivers\ulsata2.sys
  0x8AF3D000 \SystemRoot\system32\drivers\vsmraid.sys
  0x8AF5E000 \SystemRoot\system32\drivers\fltmgr.sys
  0x8AF90000 \SystemRoot\system32\drivers\NIS\1301010.003\SYMDS.SYS
  0x8AFE7000 \SystemRoot\system32\drivers\fileinfo.sys
  0x8B20B000 \SystemRoot\system32\drivers\NIS\1301010.003\SYMEFA.SYS
  0x8B2EC000 \SystemRoot\System32\Drivers\ksecdd.sys
  0x8B407000 \SystemRoot\system32\drivers\ndis.sys
  0x8B512000 \SystemRoot\system32\drivers\msrpc.sys
  0x8B53D000 \SystemRoot\system32\drivers\NETIO.SYS
  0x8B601000 \SystemRoot\System32\drivers\tcpip.sys
  0x8B6EB000 \SystemRoot\System32\drivers\fwpkclnt.sys
  0x8B809000 \SystemRoot\System32\Drivers\Ntfs.sys
  0x8B919000 \SystemRoot\system32\drivers\wd.sys
  0x8B921000 \SystemRoot\system32\drivers\volsnap.sys
  0x8B962000 \SystemRoot\system32\drivers\sbp2port.sys
  0x8B977000 \SystemRoot\System32\Drivers\mup.sys
  0x8B986000 \SystemRoot\System32\drivers\ecache.sys
  0x8B9AD000 \SystemRoot\system32\DRIVERS\hpdskflt.sys
  0x8B9B6000 \SystemRoot\system32\drivers\disk.sys
  0x8B9C7000 \SystemRoot\system32\DRIVERS\AtiPcie.sys
  0x8B9CF000 \SystemRoot\system32\DRIVERS\Amddfltr.sys
  0x8B9D7000 \SystemRoot\system32\drivers\crcdisk.sys
  0x8B706000 \SystemRoot\system32\DRIVERS\ahcix86s.sys
  0x8B786000 \SystemRoot\system32\DRIVERS\tunnel.sys
  0x8B9F7000 \SystemRoot\system32\DRIVERS\tunmp.sys
  0x8B35E000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
  0x9F809000 \SystemRoot\system32\DRIVERS\athr.sys
  0x9F8ED000 \SystemRoot\system32\DRIVERS\Rtlh86.sys
  0x9F90E000 \SystemRoot\system32\DRIVERS\ohci1394.sys
  0x9F91E000 \SystemRoot\system32\DRIVERS\1394BUS.SYS
  0x9F92C000 \SystemRoot\system32\DRIVERS\cdrom.sys
  0x9F944000 \SystemRoot\system32\DRIVERS\usbohci.sys
  0x9F94E000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
  0x9F98C000 \SystemRoot\system32\DRIVERS\usbehci.sys
  0x9F99B000 \SystemRoot\system32\DRIVERS\i8042prt.sys
  0x9F9AE000 \SystemRoot\system32\DRIVERS\HpqKbFiltr.sys
  0x9F9B3000 \SystemRoot\system32\DRIVERS\kbdclass.sys
  0x9F9BE000 \SystemRoot\system32\DRIVERS\SynTP.sys
  0x9F9EE000 \SystemRoot\system32\DRIVERS\USBD.SYS
  0x9F9F0000 \SystemRoot\system32\DRIVERS\mouclass.sys
  0x8B791000 \SystemRoot\system32\DRIVERS\enecir.sys
  0x8B7A9000 \SystemRoot\system32\DRIVERS\Accelerometer.sys
  0x9F800000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
  0x8B7B4000 \SystemRoot\system32\DRIVERS\msiscsi.sys
  0x8B7E3000 \SystemRoot\system32\DRIVERS\TDI.SYS
  0x8B578000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
  0x8B7EE000 \SystemRoot\system32\DRIVERS\ndistapi.sys
  0x8B58F000 \SystemRoot\system32\DRIVERS\ndiswan.sys
  0x8B5B2000 \SystemRoot\system32\DRIVERS\raspppoe.sys
  0x8B5C1000 \SystemRoot\system32\DRIVERS\raspptp.sys
  0x8B5D5000 \SystemRoot\system32\DRIVERS\rassstp.sys
  0x8B5EA000 \SystemRoot\system32\DRIVERS\termdd.sys
  0x9F9FB000 \SystemRoot\system32\DRIVERS\swenum.sys
  0x83B6E000 \SystemRoot\system32\DRIVERS\ks.sys
  0x8B200000 \SystemRoot\system32\DRIVERS\mssmbios.sys
  0x8B3EB000 \SystemRoot\system32\DRIVERS\umbus.sys
  0x83B98000 \SystemRoot\system32\DRIVERS\usbhub.sys
  0x83BCD000 \SystemRoot\System32\Drivers\NDProxy.SYS
  0x8B800000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
  0x8B95A000 \SystemRoot\System32\Drivers\Null.SYS
  0x8B7F9000 \SystemRoot\System32\Drivers\Beep.SYS
  0x8B000000 \SystemRoot\System32\drivers\vga.sys
  0x83BDE000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
  0x807E2000 \SystemRoot\System32\drivers\watchdog.sys
  0x8B3F8000 \SystemRoot\system32\drivers\rdpencdd.sys
  0x9FC06000 \SystemRoot\system32\DRIVERS\usbccgp.sys
  0x9FC1D000 \SystemRoot\System32\Drivers\Msfs.SYS
  0x9FC28000 \SystemRoot\System32\Drivers\Npfs.SYS
  0x9FC36000 \SystemRoot\System32\DRIVERS\rasacd.sys
  0x9FC3F000 \SystemRoot\system32\DRIVERS\tdx.sys
  0x9FCB0000 \SystemRoot\system32\DRIVERS\smb.sys
  0x9FCC4000 \SystemRoot\system32\drivers\afd.sys
  0x9FD0C000 \SystemRoot\System32\DRIVERS\netbt.sys
  0x9FD3E000 \SystemRoot\system32\drivers\ws2ifsl.sys
  0x9FD47000 \SystemRoot\system32\DRIVERS\pacer.sys
  0x9FD5D000 \SystemRoot\system32\DRIVERS\netbios.sys
  0x9FD6B000 \SystemRoot\system32\DRIVERS\rdbss.sys
  0x9FDA7000 \SystemRoot\system32\drivers\nsiproxy.sys
  0x9FDB1000 \SystemRoot\System32\Drivers\dfsc.sys
  0x9FDC8000 \SystemRoot\System32\Drivers\crashdmp.sys
  0x9FDD5000 \SystemRoot\System32\Drivers\dump_diskdump.sys
  0x9FC55000 \SystemRoot\System32\Drivers\dump_ahcix86s.sys
  0xA8EA0000 \SystemRoot\System32\win32k.sys
  0x9FC95000 \SystemRoot\System32\drivers\Dxapi.sys
  0xA90B0000 \SystemRoot\System32\drivers\dxg.sys
  0xA90E0000 \SystemRoot\System32\TSDDD.dll
  0xA9160000 \SystemRoot\System32\framebuf.dll
  0x8B746000 \SystemRoot\system32\DRIVERS\nwifi.sys
  0x9FC9F000 \SystemRoot\system32\DRIVERS\ndisuio.sys
  0x9FDDF000 \SystemRoot\system32\DRIVERS\bowser.sys
  0x8B9E0000 \SystemRoot\System32\drivers\mpsdrv.sys
  0xAB206000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
  0xAB225000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
  0xAB25E000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
  0xAB276000 \SystemRoot\system32\DRIVERS\cdfs.sys
  0x77510000 \Windows\System32\ntdll.dll

Processes (total 23):
       0 System Idle Process
       4 System
     356 C:\Windows\System32\smss.exe
     480 csrss.exe
     516 csrss.exe
     524 C:\Windows\System32\wininit.exe
     568 C:\Windows\System32\winlogon.exe
     600 C:\Windows\System32\services.exe
     612 C:\Windows\System32\lsass.exe
     620 C:\Windows\System32\lsm.exe
     764 C:\Windows\System32\svchost.exe
     820 C:\Windows\System32\svchost.exe
     904 C:\Windows\System32\svchost.exe
     948 C:\Windows\System32\svchost.exe
    1000 C:\Windows\System32\svchost.exe
    1080 C:\Windows\System32\svchost.exe
    1220 C:\Windows\System32\svchost.exe
    1328 C:\Windows\System32\svchost.exe
    1512 C:\Windows\System32\svchost.exe
    1988 C:\Windows\System32\rundll32.exe
    1180 C:\Windows\explorer.exe
    1620 C:\Program Files\Mozilla Firefox\firefox.exe
     988 C:\Users\domenico\Downloads\Download\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00  (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000037`fe600000  (NTFS)

PhysicalDrive0 Model Number: FUJITSUMHZ2250BH G2, Rev: 1.89

      Size  Device Name          MBR Status
  --------------------------------------------
    232 GB  \\.\PhysicalDrive0   RE: Unknown MBR code
            SHA1: 08F21ADD893776C287CC68A3558F8D095B50ED3C


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Done!
franco75
Utente Senior
 
Post: 182
Iscritto il: 28/04/12 12:35

Re: Pc bloccato anche modalità provvisoria

Postdi FrancescoFDAC » 20/08/12 09:24

Scarica Stealth MBR rootkit detector: http://www2.gmer.net/mbr/mbr.exe
● mettilo direttamente nella Directory C:\
riavvia il sistema in Modalità Provvisoria: http://windows.microsoft.com/it-IT/wind ... -safe-mode
● Start - Esegui - digita C:\mbr.exe e clicca su OK
● la scansione dura 1 secondo
● recati in C:/ e allega il file mbr.txt per un controllo

Hai fixato le voci in hijackthis?
FrancescoFDAC
Utente Senior
 
Post: 1048
Iscritto il: 13/08/11 09:53

Re: Pc bloccato anche modalità provvisoria

Postdi franco75 » 20/08/12 11:34

Ciao,lo fixate adesso eseguo la tua procidura
franco75
Utente Senior
 
Post: 182
Iscritto il: 28/04/12 12:35

Re: Pc bloccato anche modalità provvisoria

Postdi franco75 » 20/08/12 11:57

Mi spieghi come metterlo nella directory C:\
franco75
Utente Senior
 
Post: 182
Iscritto il: 28/04/12 12:35

Re: Pc bloccato anche modalità provvisoria

Postdi FrancescoFDAC » 20/08/12 12:30

Copia/Incolla
FrancescoFDAC
Utente Senior
 
Post: 1048
Iscritto il: 13/08/11 09:53

Re: Pc bloccato anche modalità provvisoria

Postdi franco75 » 20/08/12 12:36

Volevo dire come si arriva nella directory c:\
franco75
Utente Senior
 
Post: 182
Iscritto il: 28/04/12 12:35

Re: Pc bloccato anche modalità provvisoria

Postdi franco75 » 20/08/12 13:32

Allego mbr.
Codice: Seleziona tutto
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.0.6002 Disk: FUJITSU_ rev.1.89 -> Harddisk0\DR0 -> \Device\000000a8

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK
error: Read  Risorse di sistema insufficienti per completare il servizio richiesto.
franco75
Utente Senior
 
Post: 182
Iscritto il: 28/04/12 12:35

Re: Pc bloccato anche modalità provvisoria

Postdi franco75 » 20/08/12 18:04

Sono riuscito ad avviare Combofix dopo ore di scansione ti allego il Log.
Codice: Seleziona tutto
ComboFix 12-08-20.01 - domenico 20/08/2012  17.36.04.1.2 - x86 NETWORK
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.39.1040.18.3069.2593 [GMT 2:00]
Eseguito da: c:\users\domenico\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Creato nuovo punto di ripristino
.
.
(((((((((((((((((((((((((((((((((((((   Altre eliminazioni   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-- Esecuzione precedente --
.
c:\windows\system32\Services.exe . . . è infetto!!
.
--------
.
c:\windows\system32\Services.exe . . . è infetto!!
.
.
(((((((((((((((((((((((((   Files Creati Da 2012-07-20 al 2012-08-20  )))))))))))))))))))))))))))))))))))
.
.
2012-08-20 16:18 . 2012-08-20 16:18   --------   d-----w-   c:\users\domenico\AppData\Local\temp
2012-08-20 16:18 . 2012-08-20 16:18   --------   d-----w-   c:\users\Public\AppData\Local\temp
2012-08-20 16:18 . 2012-08-20 16:18   --------   d-----w-   c:\users\Default\AppData\Local\temp
2012-08-20 15:31 . 2012-08-20 15:31   --------   d-----w-   C:\706d11b08165782314
2012-08-20 13:31 . 2012-08-20 13:32   --------   d-----w-   C:\Nuova cartella
2012-08-20 13:29 . 2012-08-20 13:28   89088   ----a-w-   c:\program files\mbr.exe
2012-08-20 13:15 . 2012-08-20 13:16   309320   ----a-w-   c:\windows\system32\drivers\TrufosAlt.sys
2012-08-19 15:20 . 2012-08-19 15:22   --------   d-----w-   c:\program files\HitmanPro
2012-08-19 15:20 . 2012-08-19 15:22   --------   d-----w-   c:\programdata\HitmanPro
2012-07-28 15:20 . 2012-06-05 16:47   708608   ----a-w-   c:\program files\Common Files\System\ado\msado15.dll
2012-07-28 15:20 . 2012-06-05 16:47   1401856   ----a-w-   c:\windows\system32\msxml6.dll
2012-07-28 15:20 . 2012-06-05 16:47   1248768   ----a-w-   c:\windows\system32\msxml3.dll
2012-07-28 15:20 . 2012-06-04 15:26   440704   ----a-w-   c:\windows\system32\drivers\ksecdd.sys
2012-07-28 15:20 . 2012-06-02 00:04   278528   ----a-w-   c:\windows\system32\schannel.dll
2012-07-28 15:20 . 2012-06-02 00:03   204288   ----a-w-   c:\windows\system32\ncrypt.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-20 15:16 . 2012-06-15 11:56   426184   ----a-w-   c:\windows\system32\FlashPlayerApp.exe
2012-08-20 15:16 . 2011-06-07 12:29   70344   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-05 17:23 . 2012-07-05 17:23   161792   ----a-w-   c:\windows\system32\msls31.dll
2012-07-05 17:23 . 2012-07-05 17:23   1129472   ----a-w-   c:\windows\system32\wininet.dll
2012-07-05 17:23 . 2012-07-05 17:23   86528   ----a-w-   c:\windows\system32\iesysprep.dll
2012-07-05 17:23 . 2012-07-05 17:23   76800   ----a-w-   c:\windows\system32\SetIEInstalledDate.exe
2012-07-05 17:23 . 2012-07-05 17:23   74752   ----a-w-   c:\windows\system32\RegisterIEPKEYs.exe
2012-07-05 17:23 . 2012-07-05 17:23   63488   ----a-w-   c:\windows\system32\tdc.ocx
2012-07-05 17:23 . 2012-07-05 17:23   48640   ----a-w-   c:\windows\system32\mshtmler.dll
2012-07-05 17:23 . 2012-07-05 17:23   367104   ----a-w-   c:\windows\system32\html.iec
2012-07-05 17:23 . 2012-07-05 17:23   74752   ----a-w-   c:\windows\system32\iesetup.dll
2012-07-05 17:23 . 2012-07-05 17:23   23552   ----a-w-   c:\windows\system32\licmgr10.dll
2012-07-05 17:23 . 2012-07-05 17:23   1427968   ----a-w-   c:\windows\system32\inetcpl.cpl
2012-07-05 17:23 . 2012-07-05 17:23   420864   ----a-w-   c:\windows\system32\vbscript.dll
2012-07-05 17:23 . 2012-07-05 17:23   2382848   ----a-w-   c:\windows\system32\mshtml.tlb
2012-07-05 17:23 . 2012-07-05 17:23   1800192   ----a-w-   c:\windows\system32\jscript9.dll
2012-07-05 17:23 . 2012-07-05 17:23   152064   ----a-w-   c:\windows\system32\wextract.exe
2012-07-05 17:23 . 2012-07-05 17:23   150528   ----a-w-   c:\windows\system32\iexpress.exe
2012-07-05 17:23 . 2012-07-05 17:23   142848   ----a-w-   c:\windows\system32\ieUnatt.exe
2012-07-05 17:23 . 2012-07-05 17:23   11776   ----a-w-   c:\windows\system32\mshta.exe
2012-07-05 17:23 . 2012-07-05 17:23   101888   ----a-w-   c:\windows\system32\admparse.dll
2012-07-05 17:23 . 2012-07-05 17:23   35840   ----a-w-   c:\windows\system32\imgutil.dll
2012-07-05 17:23 . 2012-07-05 17:23   110592   ----a-w-   c:\windows\system32\IEAdvpack.dll
2012-06-06 18:59 . 2012-06-06 18:59   1070152   ----a-w-   c:\windows\system32\MSCOMCTL.OCX
2012-06-02 22:19 . 2012-06-23 18:54   53784   ----a-w-   c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-23 18:54   45080   ----a-w-   c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-23 18:53   35864   ----a-w-   c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-23 18:53   577048   ----a-w-   c:\windows\system32\wuapi.dll
2012-06-02 22:19 . 2012-06-23 18:54   1933848   ----a-w-   c:\windows\system32\wuaueng.dll
2012-06-02 22:12 . 2012-06-23 18:54   2422272   ----a-w-   c:\windows\system32\wucltux.dll
2012-06-02 22:12 . 2012-06-23 18:53   88576   ----a-w-   c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-23 18:53   171904   ----a-w-   c:\windows\system32\wuwebv.dll
2012-06-02 13:12 . 2012-06-23 18:53   33792   ----a-w-   c:\windows\system32\wuapp.exe
2012-07-28 18:31 . 2011-05-12 13:26   136672   ----a-w-   c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
.
[-] 2008-01-21 . 67E506B75BD5326A3EC7B70BD014DFB6 . 6144 . . [6.0.6001.18000] . . c:\windows\erdnt\cache\beep.sys
[-] 2008-01-21 . 67E506B75BD5326A3EC7B70BD014DFB6 . 6144 . . [6.0.6001.18000] . . c:\windows\System32\drivers\beep.sys
[-] 2008-01-21 . 67E506B75BD5326A3EC7B70BD014DFB6 . 6144 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6001.18000_none_c420a153079d485b\beep.sys
.
.
.
.
[-] 2008-01-21 . C8052711DAECC48B982434C5116CA401 . 274432 . . [6.0.6001.18000] . . c:\windows\erdnt\cache\netman.dll
[-] 2008-01-21 . C8052711DAECC48B982434C5116CA401 . 274432 . . [6.0.6000.16386] . . c:\windows\System32\netman.dll
[-] 2008-01-21 . C8052711DAECC48B982434C5116CA401 . 274432 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-netman_31bf3856ad364e35_6.0.6001.18000_none_0fbd1b9651cfd333\netman.dll
.
.
[-] 2009-04-11 . 93952506C6D67330367F7E7934B6A02F . 758784 . . [7.0.6002.18005] . . c:\windows\erdnt\cache\qmgr.dll
[-] 2009-04-11 . 93952506C6D67330367F7E7934B6A02F . 758784 . . [7.0.6001.18000] . . c:\windows\System32\qmgr.dll
[-] 2009-04-11 . 93952506C6D67330367F7E7934B6A02F . 758784 . . [7.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6002.18005_none_257c3df8f693d6d8\qmgr.dll
[-] 2008-01-21 . 02ED7B4DBC2A3232A389106DA7515C3D . 758272 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6001.18000_none_2390c4ecf9720b8c\qmgr.dll
.
.
.
[-] 2010-08-17 . AAE98B295E88D439A6E0F6E8929424FB . 128000 . . [6.0.6002.22468] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.22468_none_d882e000d7f61b4c\spoolsv.exe
[-] 2010-08-17 . 8554097E5136C3BF9F69FE578A1B35F4 . 128000 . . [6.0.6002.18294] . . c:\windows\erdnt\cache\spoolsv.exe
[-] 2010-08-17 . 8554097E5136C3BF9F69FE578A1B35F4 . 128000 . . [6.0.6000.16386] . . c:\windows\System32\spoolsv.exe
[-] 2010-08-17 . 8554097E5136C3BF9F69FE578A1B35F4 . 128000 . . [6.0.6002.18294] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18294_none_d7d4d063bef46cd2\spoolsv.exe
[-] 2010-08-17 . 3665F79026A3F91FBCA63F2C65A09B19 . 126464 . . [6.0.6001.18511] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18511_none_d641dcfdc18fec21\spoolsv.exe
[-] 2010-08-17 . E807FC542C295BA256CE3567829E02A6 . 128000 . . [6.0.6001.22743] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.22743_none_d6ad0c7edac40f93\spoolsv.exe
[-] 2009-04-11 . 524BFBEA40E6E404737CCBC754647A2E . 127488 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18005_none_d8371c2dbeaa9062\spoolsv.exe
[-] 2008-01-21 . 846CDF9A3CF4DA9B306ADFB7D55EE4C2 . 125952 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18000_none_d64ba321c188c516\spoolsv.exe
.
.
[-] 2009-04-11 . 76B06EB8A01FC8624D699E7045303E54 . 72192 . . [6.0.6002.18005] . . c:\windows\erdnt\cache\tdx.sys
[-] 2009-04-11 . 76B06EB8A01FC8624D699E7045303E54 . 72192 . . [6.0.6002.18005] . . c:\windows\System32\drivers\tdx.sys
[-] 2009-04-11 . 76B06EB8A01FC8624D699E7045303E54 . 72192 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6002.18005_none_ec294157d9377403\tdx.sys
[-] 2008-01-21 . D09276B1FAB033CE1D40DCBDF303D10F . 71680 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6001.18000_none_ea3dc84bdc15a8b7\tdx.sys
.
.
.
.
.
[-] 2011-04-12 . 574B473FACAA0E91702B86578440B525 . 892416 . . [6.0.6002.18449] . . c:\windows\erdnt\cache\kernel32.dll
[-] 2011-04-12 . 574B473FACAA0E91702B86578440B525 . 892416 . . [6.0.6001.18000] . . c:\windows\System32\kernel32.dll
[-] 2011-04-12 . 574B473FACAA0E91702B86578440B525 . 892416 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18449_none_9582275d538a1db6\kernel32.dll
[-] 2011-04-12 . 7062DEB220FA1CCB1B65FC40D6E7D807 . 893440 . . [6.0.6002.22625] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.22625_none_961d64be6c9b1d69\kernel32.dll
[-] 2011-04-12 . 306835D4E74E49A5D10F0FCA0B422EB1 . 890368 . . [6.0.6001.18631] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18631_none_939e812b5662e4c2\kernel32.dll
[-] 2011-04-12 . 497A2DA8181560B3E2F8FFE0092FD1E6 . 892928 . . [6.0.6001.22898] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22898_none_93ee425a6faadaba\kernel32.dll
[-] 2009-04-11 . BB8509089E7DF514310814E1B2593FFC . 891392 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18005_none_95a95e4d536d53fa\kernel32.dll
[-] 2009-02-13 . DB6E3731E6F5C8AE2843F80B5787F7C6 . 888832 . . [6.0.6001.18215] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18215_none_93b81a93564f1da0\kernel32.dll
[-] 2009-02-13 . 1987D817D08F5EAF0B7F334026FDDB79 . 890880 . . [6.0.6001.22376] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22376_none_9401d8206f9c7e67\kernel32.dll
[-] 2009-02-13 . B82C7AC1D559F0FD088792171D64C7F3 . 875520 . . [6.0.6000.16820] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.16820_none_91c20a8f593529ed\kernel32.dll
[-] 2009-02-13 . BB792054BD990EC05D9E260D50FEAD39 . 875520 . . [6.0.6000.21010] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.21010_none_92564f68724ae108\kernel32.dll
[-] 2008-01-21 . DC2338093F91BA4E0512208E60206DDD . 888320 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18000_none_93bde541564b88ae\kernel32.dll
.
[-] 2006-11-02 . 24F90AEFEBE601D427CB4511E74CDCB6 . 22016 . . [6.0.6000.16386] . . c:\windows\erdnt\cache\linkinfo.dll
[-] 2006-11-02 . 24F90AEFEBE601D427CB4511E74CDCB6 . 22016 . . [6.0.6000.16386] . . c:\windows\System32\linkinfo.dll
[-] 2006-11-02 . 24F90AEFEBE601D427CB4511E74CDCB6 . 22016 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-linkinfo_31bf3856ad364e35_6.0.6000.16386_none_362e7020a86900de\linkinfo.dll
.
.
.
[-] 2011-12-14 . 17AF64D727545F2804F6E6D998327E3F . 680448 . . [7.0.6002.18551] . . c:\windows\erdnt\cache\msvcrt.dll
[-] 2011-12-14 . 17AF64D727545F2804F6E6D998327E3F . 680448 . . [7.0.6002.18551] . . c:\windows\System32\msvcrt.dll
[-] 2011-12-14 . 17AF64D727545F2804F6E6D998327E3F . 680448 . . [7.0.6002.18551] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18551_none_d306a7e69c340115\msvcrt.dll
[-] 2011-12-14 . A807F65718C263442F0C3613F9BFD267 . 680448 . . [7.0.6002.22755] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.22755_none_d39447bfb54e0362\msvcrt.dll
[-] 2009-04-11 . F5E991236960137B1F5449C5E5DF4656 . 679936 . . [7.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18005_none_d340af2c9c07e8f9\msvcrt.dll
[-] 2008-01-21 . 04CBEAA089B6A752B3EB660BEE8C4964 . 680448 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6001.18000_none_d15536209ee61dad\msvcrt.dll
[-] 2004-08-05 . 351B1AD22FD0EC70D889766E0B4F72ED . 343040 . . [7.0.2600.2180] . . c:\windows\SMINST\msvcrt.dll
.
.
[-] 2009-04-11 . 95DAECF0FB120A7B5DA679CC54E37DDE . 592896 . . [6.0.6002.18005] . . c:\windows\erdnt\cache\netlogon.dll
[-] 2009-04-11 . 95DAECF0FB120A7B5DA679CC54E37DDE . 592896 . . [6.0.6001.18000] . . c:\windows\System32\netlogon.dll
[-] 2009-04-11 . 95DAECF0FB120A7B5DA679CC54E37DDE . 592896 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[-] 2008-01-21 . A8EFC0B6E75B789F7FD3BA5025D4E37F . 592384 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
.
[-] 2009-04-11 . 9A7F4B2EDACD11444D048AA19CBB26AF . 98816 . . [6.0.6002.18005] . . c:\windows\erdnt\cache\powrprof.dll
[-] 2009-04-11 . 9A7F4B2EDACD11444D048AA19CBB26AF . 98816 . . [6.0.6001.18000] . . c:\windows\System32\powrprof.dll
[-] 2009-04-11 . 9A7F4B2EDACD11444D048AA19CBB26AF . 98816 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6002.18005_none_a505176cf9fa2abd\powrprof.dll
[-] 2008-01-21 . 51832219A52C3535BF4771C375E63F9B . 97280 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6001.18000_none_a3199e60fcd85f71\powrprof.dll
.
.
[-] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] . . c:\windows\erdnt\cache\sfc.dll
[-] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\sfc.dll
[-] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-sfc_31bf3856ad364e35_6.0.6001.18000_none_a735c34c5c31a578\sfc.dll
.
.
.
.
[-] 2008-01-21 . 0E135526E9785D085BCD9AEDE6FBCBF9 . 25088 . . [6.0.6001.18000] . . c:\windows\erdnt\cache\userinit.exe
[-] 2008-01-21 . 0E135526E9785D085BCD9AEDE6FBCBF9 . 25088 . . [6.0.6000.16386] . . c:\windows\System32\userinit.exe
[-] 2008-01-21 . 0E135526E9785D085BCD9AEDE6FBCBF9 . 25088 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
.
.
[-] 2008-01-21 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6001.18000] . . c:\windows\erdnt\cache\ws2_32.dll
[-] 2008-01-21 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6000.16386] . . c:\windows\System32\ws2_32.dll
[-] 2008-01-21 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll
.
[-] 2006-11-02 . 17C0671BF57057108A6D949510EE42C8 . 4608 . . [6.0.6000.16386] . . c:\windows\erdnt\cache\ws2help.dll
[-] 2006-11-02 . 17C0671BF57057108A6D949510EE42C8 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\ws2help.dll
[-] 2006-11-02 . 17C0671BF57057108A6D949510EE42C8 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6000.16386_none_024e4071fa6fea95\ws2help.dll
.
[-] 2009-04-11 . D07D4C3038F3578FFCE1C0237F2A1253 . 2926592 . . [6.0.6000.16386] . . c:\windows\explorer.exe
[-] 2009-04-11 . D07D4C3038F3578FFCE1C0237F2A1253 . 2926592 . . [6.0.6002.18005] . . c:\windows\erdnt\cache\explorer.exe
[-] 2009-04-11 . D07D4C3038F3578FFCE1C0237F2A1253 . 2926592 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[-] 2008-10-30 . 50BA5850147410CDE89C523AD3BC606E . 2927616 . . [6.0.6001.22298] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[-] 2008-10-29 . 4F554999D7D5F05DAAEBBA7B5BA1089D . 2927104 . . [6.0.6001.18164] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[-] 2008-10-29 . 37440D09DEAE0B672A04DCCF7ABF06BE . 2923520 . . [6.0.6000.16771] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[-] 2008-10-28 . E7156B0B74762D9DE0E66BDCDE06E5FB . 2923520 . . [6.0.6000.20947] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[-] 2008-01-21 . FFA764631CB70A30065C12EF8E174F9F . 2927104 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
.
.
.
[-] 2010-04-16 . E609A492AD596187CEA24E8418FF082F . 502784 . . [1.0626.6002.22384] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.22384_none_af1813076efd8bc3\usp10.dll
[-] 2010-04-16 . 80FFF14F1757B9AF8BE9D314FC1AE88B . 502272 . . [1.0626.6002.18244] . . c:\windows\erdnt\cache\usp10.dll
[-] 2010-04-16 . 80FFF14F1757B9AF8BE9D314FC1AE88B . 502272 . . [1.0626.6002.18244] . . c:\windows\System32\usp10.dll
[-] 2010-04-16 . 80FFF14F1757B9AF8BE9D314FC1AE88B . 502272 . . [1.0626.6002.18244] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18244_none_aeb9b5ec55bf7c35\usp10.dll
[-] 2010-04-16 . 8CB1162DD3586683D71BCB303C1FF54F . 502272 . . [1.0626.6001.22672] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.22672_none_ad3a707771d0e800\usp10.dll
[-] 2010-04-16 . A23E4692716C25E5AEA300ED74E73A1C . 501760 . . [1.0626.6001.18461] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.18461_none_acbaa16858ac15c7\usp10.dll
[-] 2009-04-11 . 5A8E28037289FCCBF7AD3FC57DF7048F . 502272 . . [1.0626.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18005_none_aee5f21a559e2b7a\usp10.dll
[-] 2008-01-21 . 3122DAF86B33ED8AC4662D07593025D7 . 501760 . . [1.0626.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.18000_none_acfa790e587c602e\usp10.dll
.
[-] 2006-11-02 . 919CC2A0476D5A6A4C935D4B88E29912 . 4608 . . [6.0.6000.16386] . . c:\windows\erdnt\cache\ksuser.dll
[-] 2006-11-02 . 919CC2A0476D5A6A4C935D4B88E29912 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\ksuser.dll
[-] 2006-11-02 . 919CC2A0476D5A6A4C935D4B88E29912 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.0.6001.18000_none_e8019c5c974c4491\ksuser.dll
.
[-] 2006-11-02 . 22BFD03DF51065A9ED8D17F8FB72296B . 8704 . . [6.0.6000.16386] . . c:\windows\erdnt\cache\ctfmon.exe
[-] 2006-11-02 . 22BFD03DF51065A9ED8D17F8FB72296B . 8704 . . [6.0.6000.16386] . . c:\windows\System32\ctfmon.exe
[-] 2006-11-02 . 22BFD03DF51065A9ED8D17F8FB72296B . 8704 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.0.6000.16386_none_9af9cad793a67953\ctfmon.exe
.
[-] 2009-07-10 . 1E3FDB80E40A3CE645F229DFBDFB7694 . 247808 . . [6.0.6001.18287] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18287_none_cce0e39c1d282219\shsvcs.dll
[-] 2009-07-10 . 94285A002D2826D2FD1C0806455136E9 . 245760 . . [6.0.6000.16883] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.16883_none_caf6a3ce20052bcc\shsvcs.dll
[-] 2009-07-10 . 6898575E052CE7CB1CB87622EF187CDA . 245760 . . [6.0.6000.21081] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.21081_none_cb7e18273924cc2a\shsvcs.dll
[-] 2009-07-10 . 6669714ACE90E9BB4E8C1D550C67B160 . 247808 . . [6.0.6001.22467] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.22467_none_cd80222536358728\shsvcs.dll
[-] 2009-07-10 . F0942394F642F5CE3D9A86474FA293FA . 247808 . . [6.0.6002.22169] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.22169_none_cf6894a1335a0efa\shsvcs.dll
[-] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6002.18063] . . c:\windows\erdnt\cache\shsvcs.dll
[-] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6000.16386] . . c:\windows\System32\shsvcs.dll
[-] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6002.18063] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18063_none_ced8f61a1a41d726\shsvcs.dll
[-] 2009-04-11 . C818C44C201898399BF999BB6B35D4E3 . 247296 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18005_none_cf1bd6361a0f622e\shsvcs.dll
[-] 2008-01-21 . 27F10F348E508243F6254846F8370D0D . 247296 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18000_none_cd305d2a1ced96e2\shsvcs.dll
.
[-] 2006-11-02 . 7F15B4953378C8B5161D65C26D5FED4D . 11776 . . [6.0.6000.16386] . . c:\windows\erdnt\cache\cngaudit.dll
[-] 2006-11-02 . 7F15B4953378C8B5161D65C26D5FED4D . 11776 . . [6.0.6000.16386] . . c:\windows\System32\cngaudit.dll
[-] 2006-11-02 . 7F15B4953378C8B5161D65C26D5FED4D . 11776 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
.
[-] 2008-01-21 . 101BA3EA053480BB5D957EF37C06B5ED . 96768 . . [6.0.6001.18000] . . c:\windows\erdnt\cache\wininit.exe
[-] 2008-01-21 . 101BA3EA053480BB5D957EF37C06B5ED . 96768 . . [6.0.6000.16386] . . c:\windows\System32\wininit.exe
[-] 2008-01-21 . 101BA3EA053480BB5D957EF37C06B5ED . 96768 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
.
[-] 2009-04-11 . 9E6894EA18DAFF37B63E1005F83AE4AB . 107008 . . [6.0.6002.18005] . . c:\windows\erdnt\cache\regsvc.dll
[-] 2009-04-11 . 9E6894EA18DAFF37B63E1005F83AE4AB . 107008 . . [6.0.6000.16386] . . c:\windows\System32\regsvc.dll
[-] 2009-04-11 . 9E6894EA18DAFF37B63E1005F83AE4AB . 107008 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.0.6002.18005_none_8b517ec580991c4d\regsvc.dll
[-] 2008-01-21 . CC4E32400F3C7253400CF8F3F3A0B676 . 106496 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.0.6001.18000_none_896605b983775101\regsvc.dll
.
[-] 2010-11-06 . 7B587B8A6D4A99F79D2902D0385F29BD . 603648 . . [6.0.6001.18551] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.18551_none_2ecc18bd972a0f87\schedsvc.dll
[-] 2010-11-05 . 4B71C228530440F853F9C30E308F00E9 . 604672 . . [6.0.6001.22791] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.22791_none_2f2a77beb0681c3c\schedsvc.dll
[-] 2010-11-05 . 38AE0400578FD396628F21A571473A3B . 602112 . . [6.0.6002.22519] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.22519_none_316f6d3cad4659b7\schedsvc.dll
[-] 2010-11-04 . 1A58069DB21D05EB2AB58EE5753EBE8D . 601600 . . [6.0.6002.18342] . . c:\windows\erdnt\cache\schedsvc.dll
[-] 2010-11-04 . 1A58069DB21D05EB2AB58EE5753EBE8D . 601600 . . [6.0.6001.18000] . . c:\windows\System32\schedsvc.dll
[-] 2010-11-04 . 1A58069DB21D05EB2AB58EE5753EBE8D . 601600 . . [6.0.6002.18342] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.18342_none_30be5cc194475f38\schedsvc.dll
[-] 2009-04-11 . 323AE0BDFD2EB15B668DDA50CC597329 . 595456 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.18005_none_30ec979d94244404\schedsvc.dll
[-] 2008-01-21 . 1D5E99DB3C10F4FA034010DC49043CA4 . 596992 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.18000_none_2f011e91970278b8\schedsvc.dll
[-] 2008-01-21 . 886CEC884B5BE29AB9828B8AB46B11F7 . 595456 . . [6.0.6000.16609] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6000.16609_none_2d23e28599d3cbd6\schedsvc.dll
[-] 2008-01-21 . BF17DA9F25A4F84C2577AC13EE126CB7 . 595968 . . [6.0.6000.20734] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6000.20734_none_2d880e1ab30e40c0\schedsvc.dll
.
[-] 2008-01-21 . 03D50B37234967433A5EA5BA72BC0B62 . 155648 . . [6.0.6001.18000] . . c:\windows\erdnt\cache\ssdpsrv.dll
[-] 2008-01-21 . 03D50B37234967433A5EA5BA72BC0B62 . 155648 . . [6.0.6000.16386] . . c:\windows\System32\ssdpsrv.dll
[-] 2008-01-21 . 03D50B37234967433A5EA5BA72BC0B62 . 155648 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-upnpssdp_31bf3856ad364e35_6.0.6001.18000_none_7fc972ebd13849b5\ssdpsrv.dll
.
[-] 2009-04-11 . BB95DA09BEF6E7A131BFF3BA5032090D . 449024 . . [6.0.6002.18005] . . c:\windows\erdnt\cache\termsrv.dll
[-] 2009-04-11 . BB95DA09BEF6E7A131BFF3BA5032090D . 449024 . . [6.0.6001.18000] . . c:\windows\System32\termsrv.dll
[-] 2009-04-11 . BB95DA09BEF6E7A131BFF3BA5032090D . 449024 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6002.18005_none_908abad45165e2ae\termsrv.dll
[-] 2008-01-21 . D605031E225AACCBCEB5B76A4F1603A6 . 448512 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6001.18000_none_8e9f41c854441762\termsrv.dll
.
[-] 2008-01-21 . A952D0DED445F26AEFCF593A935AB300 . 289792 . . [6.0.6001.18000] . . c:\windows\erdnt\cache\hnetcfg.dll
[-] 2008-01-21 . A952D0DED445F26AEFCF593A935AB300 . 289792 . . [6.0.6000.16386] . . c:\windows\System32\hnetcfg.dll
[-] 2008-01-21 . A952D0DED445F26AEFCF593A935AB300 . 289792 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-i..ectionsharingconfig_31bf3856ad364e35_6.0.6001.18000_none_b03645b494998691\hnetcfg.dll
.
[-] 2008-01-21 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] . . c:\windows\erdnt\cache\ias.dll
[-] 2008-01-21 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] . . c:\windows\System32\ias.dll
[-] 2008-01-21 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.0.6001.18000_none_f900daa442864318\ias.dll
[-] 2008-01-21 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.0.6002.18005_none_faec53b03fa80e64\ias.dll
.
.
[-] 2008-01-21 . 68308183F4AE0BE7BF8ECD07CB297999 . 259072 . . [6.0.6001.18000] . . c:\windows\erdnt\cache\upnphost.dll
[-] 2008-01-21 . 68308183F4AE0BE7BF8ECD07CB297999 . 259072 . . [6.0.6000.16386] . . c:\windows\System32\upnphost.dll
[-] 2008-01-21 . 68308183F4AE0BE7BF8ECD07CB297999 . 259072 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-upnpdevicehost_31bf3856ad364e35_6.0.6001.18000_none_c1e834753483fdcf\upnphost.dll
.
[-] 2009-04-11 . 84B8827562B005C118CADBA0F25DB2C6 . 444416 . . [6.0.6002.18005] . . c:\windows\erdnt\cache\dsound.dll
[-] 2009-04-11 . 84B8827562B005C118CADBA0F25DB2C6 . 444416 . . [6.0.6000.16386] . . c:\windows\System32\dsound.dll
[-] 2009-04-11 . 84B8827562B005C118CADBA0F25DB2C6 . 444416 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.0.6002.18005_none_5a8737643f04aa4c\dsound.dll
[-] 2008-01-21 . 8A7B8DA5CA558D2DE47086BB23556543 . 444416 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.0.6001.18000_none_589bbe5841e2df00\dsound.dll
.
[-] 2009-04-11 . 8AAEEE8E59A70F37579993D118A34EE0 . 1788416 . . [6.0.6002.18005] . . c:\windows\erdnt\cache\d3d9.dll
[-] 2009-04-11 . 8AAEEE8E59A70F37579993D118A34EE0 . 1788416 . . [6.0.6002.18005] . . c:\windows\System32\d3d9.dll
[-] 2009-04-11 . 8AAEEE8E59A70F37579993D118A34EE0 . 1788416 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.0.6002.18005_none_c438e5b15de80145\d3d9.dll
[-] 2008-01-21 . FAB8F08EC64A54917C07BDB6DC811C95 . 1788928 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.0.6001.18000_none_c24d6ca560c635f9\d3d9.dll
.
[-] 2008-01-21 . FA2A3AFADC4FB47DBC234A4E57F92CDB . 522752 . . [6.0.6001.18000] . . c:\windows\erdnt\cache\ddraw.dll
[-] 2008-01-21 . FA2A3AFADC4FB47DBC234A4E57F92CDB . 522752 . . [6.0.6000.16386] . . c:\windows\System32\ddraw.dll
[-] 2008-01-21 . FA2A3AFADC4FB47DBC234A4E57F92CDB . 522752 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-directx-directdraw_31bf3856ad364e35_6.0.6001.18000_none_0505a2ecc0013ebd\ddraw.dll
.
.
[-] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] . . c:\windows\erdnt\cache\perfctrs.dll
[-] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] . . c:\windows\System32\perfctrs.dll
[-] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.0.6001.18000_none_31733dc35d19d298\perfctrs.dll
[-] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.0.6002.18005_none_335eb6cf5a3b9de4\perfctrs.dll
.
.
.
.
.
.
.
(((((((((((((((((((((((((((((((((((((   Punti Reg Caricati   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\aestsrv.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
.
.
--- Altri Servizi/Drivers In Memoria ---
.
*NewlyCreated* - ECACHE
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation   REG_MULTI_SZ      FontCache
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
ezSharedSvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-02-26 12:06   451872   ----a-w-   c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contenuto della cartella 'Scheduled Tasks'
.
2012-08-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-15 15:16]
.
2012-08-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-20 19:47]
.
2012-08-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-20 19:47]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.virgilio.it/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=it_it&c=83&bd=Pavilion&pf=cnnb
IE: &AOL Toolbar Cerca - c:\programdata\AOL\ieToolbar\resources\it-IT\local\search.html
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
TCP: DhcpNameServer = 8.8.8.8 8.8.4.4
TCP: Interfaces\{4B2C4A68-18F1-4C12-B736-B7E12A60EA31}: NameServer = 8.8.8.8,8.8.4.4
FF - ProfilePath - c:\users\domenico\AppData\Roaming\Mozilla\Firefox\Profiles\ignyx96j.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1701838&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.virgilio.it/
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=58dfa40e00000000000000234e378ae9&tlver=1.4.19.19&instlRef=sst&ss=1&affID=17982&q=
FF - prefs.js: network.proxy.type - 0
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
WebBrowser-{E5A1E26F-0D1D-4307-868F-FBD9A374AB54} - (no file)
WebBrowser-{4EDD5C14-2D22-4D7A-9748-C975A7FD933B} - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-08-20 18:18
Windows 6.0.6002 Service Pack 2 NTFS
.
scansione processi nascosti ...
.
scansione entrate autostart nascoste ...
.
Scansione files nascosti ...
.
Scansione completata con successo
Files nascosti: 0
.
**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Ora fine scansione: 2012-08-20  18:58:02
ComboFix-quarantined-files.txt  2012-08-20 16:58
.
Pre-Run: 167.115.939.840 byte disponibili
Post-Run: 167.747.670.016 byte disponibili
.
- - End Of File - - F89F0D070ADDDA233D40E19601A6B88C
franco75
Utente Senior
 
Post: 182
Iscritto il: 28/04/12 12:35

Re: Pc bloccato anche modalità provvisoria

Postdi FrancescoFDAC » 20/08/12 18:46

Scarica Everything Search Engine: http://www.voidtools.com
● in fase di installazione togli la spunta a Run at startup, nel tab Select components to install
● il programma si avvierà automaticamente, una volta finita l'installazione

A questo punto digita services.exe e allega qui il risultato di cosa trova il programma
FrancescoFDAC
Utente Senior
 
Post: 1048
Iscritto il: 13/08/11 09:53

Prossimo

Torna a Sicurezza e Privacy


Topic correlati a "Pc bloccato anche modalità provvisoria":

...e anche Ransomware...
Autore: k9vrrm
Forum: Software Windows
Risposte: 7

Chi c’è in linea

Visitano il forum: Nessuno e 4 ospiti