ad.addoubleclick

[sabino90]

Ragazzi sto uscendo pazzo...non riesco a eliminare questo cavolo di virus! questo è ciò che mi dice HiJackThis:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:40:05, on 29/06/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16446)
Boot mode: Normal

Running processes:
C:\Program Files\Soluto\soluto.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\STOPzilla!\STOPzilla.exe
C:\Windows\explorer.exe
C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe
C:\Program Files\Yuna Software\Messenger Plus! for Skype\Messenger Plus! for Skype.exe
C:\Users\Sabino\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sabino\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sabino\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sabino\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sabino\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sabino\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sabino\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sabino\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\Sabino\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:20069
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO DI RETE')
O4 - Startup: My 190.lnk = C:\Program Files\My 190\My 190.exe
O4 - Startup: tcbhn.lnk = Sabino\AppData\Roaming\BrowserCompanion\tcbhn.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: I&nvia a OneNote - res://C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll (file missing)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} (DellSystemLite.Scanner) - http://support.dell.com/systemprofiler/ ... emLite.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll
O18 - Protocol: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll
O18 - Protocol: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9334b3396d450a95\aestsrv.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Avira Pianificatore (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Servizio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DeviceExpert - Unknown owner - C:\ManageEngine\DeviceExpert\bin\wrapper.exe (file missing)
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Messenger Plus! Service (MsgPlusService) - Yuna Software - C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: NitroPDFDriverCreatorReadSpool2 (NitroDriverReadSpool2) - Nitro PDF Software - C:\Program Files\Nitro PDF\Professional 7\NitroPDFDriverService2.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - Unknown owner - C:\Program Files\Dell Support Center\bin\sprtsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9334b3396d450a95\STacSV.exe
O23 - Service: STOPzilla Service (szserver) - iS3, Inc. - C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE (file missing)

--
End of file - 8740 bytes

[FrancescoFDAC]

Scarica ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
● posiziona il file scaricato sul Desktop
● disattiva l'Antivirus in uso, dall'icona presente sulla Traybar (accanto all'orologio di Windows)
● disattiva il Firewall eventualmente installato, dall'icona presente sulla Traybar (accanto all'orologio di Windows)

Eseguiti i passaggi indicati sopra:
● lancia ComboFix con un doppio click
● una volta avviato clicca il pulsante Accetto: conferma cliccando Ok due volte
● segui le istruzioni che verranno rilasciate per eseguire la scansione:
"Tipicamente non impiega più di 10 minuti
Su pc molto infetti il tempo di scansione può raddoppiare facilmente"
● nel caso tu abbia Windows XP, verrà richiesta l'installazione della Console di ripristino di emergenza: non la installare (clicca il pulsante No)
● senza eseguire nessuna altra operazione, lascia che il tool completi il suo lavoro

Note - durante la scansione:
● potrebbero comparire alcuni file sul Desktop, e poi eliminati
● spariranno, per un attimo, tutte le icone presenti sul Desktop: nulla di cui preoccuparsi
● potrebbe venire rilasciato un messaggio in relazione all'Antivirus in uso: prosegui ignorando il messaggio
● il firewall potrebbe rilasciare un avviso circa la rimozione di alcuni driver: consenti
● potrebbe apparire sul Desktop l'icona di Internet Explorer

Quando ComboFix avrà concluso l'operazione di scansione:
● il sistema verrà riavviato automaticamente: in caso contrario, riavvialo te
● vai in Disco Locale C:, cerca il file di testo dal nome ComboFix.txt ed allegalo

Nota - riguardo al programma:
● per eseguire correttamente ComboFix su Windows Vista e Windows Seven, clicca con il tasto destro del mouse sull'icona del programma e, dal menù contestuale, scegli la voce Esegui come Amministratore
● sUBs, la software house che distribuisce ComboFix, non è responsabile di qualsiasi danno causato dopo l'utilizzo del programma stesso.
Esso non dovrebbe essere utilizzato a meno che non venga espressamente richiesto da un esperto
● ComboFix disabilita l'esecuzione automatica delle unità USB (Chiavette, Hard Disk Esterni, Lettori MP3...) per prevenire future minacce: quando inserisci una Pendrive, dovrai avviarla manualmente dalle Risorse del computer.

[sabino90]

Penso di aver fatto tutto correttamente....


ComboFix 12-06-28.03 - Sabino 29/06/2012 20:17:44.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.39.1040.18.3037.1711 [GMT 2:00]
Eseguito da: c:\users\Sabino\Desktop\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: STOPzilla Anti-Spyware *Disabled/Updated* {B2E69928-50DC-94CA-6A80-AAB054008761}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\IMinent Toolbar\tbHElper.dll
c:\programdata\master
c:\programdata\PCDr\5907\Downloads\9a727e3b-3b75-44f1-aa0c-b5b6cd760030.dll
c:\programdata\PCDr\5907\Downloads\a31dcb19-c462-4b91-b5af-0c0196d8d501.dll
c:\users\Public\Documents\bootracer.tmp
c:\users\Sabino\AppData\Local\TempDIR
c:\users\Sabino\AppData\Roaming\cacaoweb
c:\users\Sabino\AppData\Roaming\cacaoweb\npdfile.dat
c:\users\Sabino\AppData\Roaming\cacaoweb\replicating1AFB0C60785431CB71CDF4BB69EB92AC.cacao
c:\users\Sabino\AppData\Roaming\cacaoweb\replicating30190FED0394B9C907494415EB5F6D6A.cacao
c:\users\Sabino\AppData\Roaming\cacaoweb\replicating5E00F858D61F480D9F19FFB56F7229E5.cacao
c:\users\Sabino\AppData\Roaming\cacaoweb\replicating6057725AA684A842BF4E7F266453A8C6.cacao
c:\users\Sabino\AppData\Roaming\cacaoweb\replicating8A8C6E7EBECC3C0368C261096A91D74E.cacao
c:\users\Sabino\AppData\Roaming\cacaoweb\replicating8B23EEBC4D036AF175776980EE0E6F17.cacao
c:\users\Sabino\AppData\Roaming\cacaoweb\replicating9B64844528E43E5D3967A7D95DEF290D.cacao
c:\users\Sabino\AppData\Roaming\cacaoweb\replicating9FFB6F30563C1B5CB526667651E9B229.cacao
c:\users\Sabino\AppData\Roaming\cacaoweb\replicatingB805892A30CA8DA5A88BC7FCD4D80C93.cacao
c:\users\Sabino\AppData\Roaming\cacaoweb\replicatingB80CDD3EB56741670F735AD2658E54B9.cacao
c:\users\Sabino\AppData\Roaming\cacaoweb\replicatingE4EBDCD799A8BF41631B0C2C5D9CE662.cacao
c:\users\Sabino\AppData\Roaming\cacaoweb\storage.db
c:\users\Sabino\AppData\Roaming\OfferBox
c:\users\Sabino\AppData\Roaming\OfferBox\config.dat
c:\users\Sabino\AppData\Roaming\OfferBox\config.xml
c:\windows\security\Database\tmp.edb
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\system32\drivers\etc\hosts.txt
c:\windows\system32\drivers\npf.sys
.
La copia infetta di c:\windows\system32\userinit.exe è stata trovata e disinfettata
ipristinata copia da - c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
.
.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_NPF
.
.
((((((((((((((((((((((((( Files Creati Da 2012-05-28 al 2012-06-29 )))))))))))))))))))))))))))))))))))
.
.
2012-06-29 18:33 . 2012-06-29 18:33 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-06-29 16:43 . 2012-06-29 16:43 388096 ----a-r- c:\users\Sabino\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-06-29 16:43 . 2012-06-29 16:43 -------- d-----w- c:\program files\Trend Micro
2012-06-29 16:33 . 2012-01-12 07:26 101112 ----a-r- c:\windows\system32\drivers\SBREDrv.sys
2012-06-29 16:32 . 2012-06-29 16:34 -------- d-----w- c:\program files\STOPzilla!
2012-06-29 16:32 . 2012-06-29 18:37 -------- d-----w- c:\programdata\STOPzilla!
2012-06-29 16:32 . 2012-06-29 16:32 -------- d-----w- c:\program files\Common Files\iS3
2012-06-26 08:12 . 2012-06-26 08:12 -------- d-----w- c:\users\Sabino\AppData\Roaming\CheckPoint
2012-06-26 08:01 . 2012-06-26 08:01 -------- d-----w- c:\programdata\CheckPoint
2012-06-25 23:51 . 2012-06-28 10:38 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-06-22 09:47 . 2012-06-29 10:18 -------- d-----w- c:\users\Sabino\AppData\Local\Spotify
2012-06-22 09:47 . 2012-06-29 16:28 -------- d-----w- c:\users\Sabino\AppData\Roaming\Spotify
2012-06-22 09:06 . 2012-06-22 09:06 -------- d-----w- c:\program files\Oracle
2012-06-22 08:50 . 2012-05-04 17:29 772504 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-06-21 15:40 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-21 15:40 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-21 15:40 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-21 15:40 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-21 15:40 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-21 15:40 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-21 15:40 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-21 15:39 . 2012-06-02 13:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-21 15:39 . 2012-06-02 13:12 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-06-14 09:28 . 2012-04-07 11:26 2342400 ----a-w- c:\windows\system32\msi.dll
2012-06-14 09:28 . 2012-04-28 03:17 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-06-14 09:28 . 2012-05-15 01:05 2343936 ----a-w- c:\windows\system32\win32k.sys
2012-06-14 09:28 . 2012-04-26 04:45 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-06-14 09:28 . 2012-05-01 04:44 164352 ----a-w- c:\windows\system32\profsvc.dll
2012-06-14 09:28 . 2012-04-26 04:45 58880 ----a-w- c:\windows\system32\rdpwsx.dll
2012-06-14 09:28 . 2012-04-26 04:41 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-06-14 09:28 . 2012-04-24 04:36 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2012-06-14 09:28 . 2012-04-24 04:36 1158656 ----a-w- c:\windows\system32\crypt32.dll
2012-06-14 09:28 . 2012-04-24 04:36 103936 ----a-w- c:\windows\system32\cryptnet.dll
2012-06-10 18:06 . 2012-06-10 18:06 -------- d-----w- c:\programdata\TomTom
2012-06-10 17:58 . 2012-06-10 17:58 -------- d-----w- c:\program files\TomTom International B.V
2012-06-10 17:57 . 2012-06-10 17:57 -------- d-----w- c:\program files\TomTom HOME 2
2012-05-31 08:46 . 2012-05-31 08:46 159744 ----a-w- c:\program files\Internet Explorer\Plugin\npqtplugin7.dll
2012-05-31 08:46 . 2012-05-31 08:46 159744 ----a-w- c:\program files\Internet Explorer\Plugin\npqtplugin6.dll
2012-05-31 08:46 . 2012-05-31 08:46 159744 ----a-w- c:\program files\Internet Explorer\Plugin\npqtplugin5.dll
2012-05-31 08:46 . 2012-05-31 08:46 159744 ----a-w- c:\program files\Internet Explorer\Plugin\npqtplugin4.dll
2012-05-31 08:46 . 2012-05-31 08:46 159744 ----a-w- c:\program files\Internet Explorer\Plugin\npqtplugin3.dll
2012-05-31 08:46 . 2012-05-31 08:46 159744 ----a-w- c:\program files\Internet Explorer\Plugin\npqtplugin2.dll
2012-05-31 08:46 . 2012-05-31 08:46 159744 ----a-w- c:\program files\Internet Explorer\Plugin\npqtplugin.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-29 18:20 . 2012-06-29 16:55 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B725F92D-E00B-433E-8D2C-56DE1F3ECCB6}\offreg.dll
2012-06-24 08:39 . 2012-04-07 08:42 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-06-24 08:39 . 2011-05-19 06:51 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-31 03:41 . 2012-06-29 09:23 6762896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B725F92D-E00B-433E-8D2C-56DE1F3ECCB6}\mpengine.dll
2012-05-04 17:29 . 2010-05-03 13:48 687504 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-25 09:35 . 2012-04-25 09:35 23376 ----a-r- c:\windows\system32\SZIO5.dll
2012-04-25 09:35 . 2012-04-25 09:35 546640 ----a-r- c:\windows\system32\SZComp5.dll
2012-04-25 09:35 . 2012-04-25 09:35 481104 ----a-r- c:\windows\system32\SZBase5.dll
2012-04-25 09:21 . 2012-04-25 09:21 73136 ----a-r- c:\windows\system32\drivers\SZKGFS.sys
2012-04-19 15:39 . 2012-04-19 15:39 29008 ----a-r- c:\windows\system32\IS3XDat5.dll
2012-04-19 15:39 . 2012-04-19 15:39 231248 ----a-r- c:\windows\system32\IS3Win325.dll
2012-04-19 15:39 . 2012-04-19 15:39 390992 ----a-r- c:\windows\system32\IS3UI5.dll
2012-04-19 15:39 . 2012-04-19 15:39 100176 ----a-r- c:\windows\system32\IS3Svc5.dll
2012-04-19 15:39 . 2012-04-19 15:39 104272 ----a-r- c:\windows\system32\IS3Inet5.dll
2012-04-19 15:39 . 2012-04-19 15:39 67408 ----a-r- c:\windows\system32\IS3Hks5.dll
2012-04-19 15:39 . 2012-04-19 15:39 132944 ----a-r- c:\windows\system32\IS3HTUI5.dll
2012-04-19 15:39 . 2012-04-19 15:39 456528 ----a-r- c:\windows\system32\IS3DBA5.dll
2012-04-19 15:39 . 2012-04-19 15:39 808784 ----a-r- c:\windows\system32\IS3Base5.dll
2012-04-18 18:56 . 2012-04-18 18:56 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2012-04-18 18:56 . 2012-04-18 18:56 69632 ----a-w- c:\windows\system32\QuickTime.qts
2012-04-12 04:52 . 2011-09-24 13:34 27144 ----a-w- c:\windows\system32\nitrolocalmon2.dll
2012-04-12 04:52 . 2011-09-24 13:34 18440 ----a-w- c:\windows\system32\nitrolocalui2.dll
2012-04-04 13:56 . 2012-02-08 10:29 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2008-10-28 11:41 . 2009-12-05 08:58 238896 ----a-w- c:\program files\mozilla firefox\plugins\CrazyTalk4Native.dll
2008-10-28 11:41 . 2009-12-05 08:58 210320 ----a-w- c:\program files\mozilla firefox\plugins\ctdomemhelper.dll
2008-10-28 11:41 . 2009-12-05 08:58 83248 ----a-w- c:\program files\mozilla firefox\plugins\ctframeplayerobject.dll
2008-10-28 11:41 . 2009-12-05 08:58 431512 ----a-w- c:\program files\mozilla firefox\plugins\ctplayerobject.dll
2008-10-28 11:41 . 2009-12-05 08:58 464176 ----a-w- c:\program files\mozilla firefox\plugins\imagickrt.dll
2008-10-28 11:41 . 2009-12-05 08:58 144688 ----a-w- c:\program files\mozilla firefox\plugins\rlcontentclass.dll
2008-10-28 11:41 . 2009-12-05 08:58 210224 ----a-w- c:\program files\mozilla firefox\plugins\RLMusicPacker.dll
2008-10-28 11:41 . 2009-12-05 08:58 111920 ----a-w- c:\program files\mozilla firefox\plugins\RLMusicUnpacker.dll
2008-10-28 11:41 . 2009-12-05 08:58 218416 ----a-w- c:\program files\mozilla firefox\plugins\RLVoicePacker.dll
2008-10-28 11:41 . 2009-12-05 08:58 173360 ----a-w- c:\program files\mozilla firefox\plugins\RLVoiceUnpacker.dll
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RESTART_STICKY_NOTES"="c:\windows\System32\StikyNot.exe" [2009-07-14 354304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-12-16 258512]
.
c:\users\Sabino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
My 190.lnk - c:\program files\My 190\My 190.exe [2012-3-15 142336]
tcbhn.lnk - c:\users\Sabino\AppData\Roaming\BrowserCompanion\tcbhn.exe [2012-3-27 692888]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]
@="Service"
.
R0 is3srv;is3srv;c:\windows\system32\drivers\is3srv.sys [x]
R2 DeviceExpert;DeviceExpert;c:\manageengine\DeviceExpert\bin\wrapper.exe [x]
R2 gupdate;Servizio di Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 gupdatem;Servizio Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 KMWDFILTERx86;HIDServiceDesc;c:\windows\system32\DRIVERS\KMWDFILTER.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [x]
R3 ONDA_MW823UP_cdc_acm;ONDA MW823UP CDC-ACM driver;c:\windows\system32\DRIVERS\ONDA_MW823UP_cdc_acm.sys [x]
R3 ONDA_MW823UP_cdc_ecm;ONDA_MW823UP_cdc_ecm;c:\windows\system32\DRIVERS\ONDA_MW823UP_cdc_ecm.sys [x]
R3 ONDA_MW823UP_cpo;ONDA MW823UP Install;c:\windows\system32\DRIVERS\ONDA_MW823UP_cpo.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [x]
R3 PCDSRVC{E9D79540-57D5953E-06020101}_0;PCDSRVC{E9D79540-57D5953E-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc.pkms [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys [x]
S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys [x]
S0 Soluto;Soluto;c:\windows\system32\DRIVERS\Soluto.sys [x]
S0 szkg5;szkg5;c:\windows\system32\DRIVERS\szkg.sys [x]
S0 szkgfs;szkgfs;c:\windows\system32\drivers\szkgfs.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9334b3396d450a95\aestsrv.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Pianificatore;c:\program files\Avira\AntiVir Desktop\sched.exe [x]
S2 E2ECAP;CamDirector - WDM Video Capture;c:\windows\system32\DRIVERS\e2ecap.sys [x]
S2 MsgPlusService;Messenger Plus! Service;c:\program files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe [x]
S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [x]
S2 NitroDriverReadSpool2;NitroPDFDriverCreatorReadSpool2;c:\program files\Nitro PDF\Professional 7\NitroPDFDriverService2.exe [x]
S2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [x]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]
S3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [x]
S3 ONDA_MW823UP_dc_enum;ONDA MW823UP DC Enumerator;c:\windows\system32\DRIVERS\ONDA_MW823UP_dc_enum.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
Contenuto della cartella 'Scheduled Tasks'
.
2012-06-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-07 08:39]
.
2012-06-29 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1452159324-766955113-3666706478-1001Core.job
- c:\users\Sabino\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-08-29 11:04]
.
2012-06-29 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1452159324-766955113-3666706478-1001UA.job
- c:\users\Sabino\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-08-29 11:04]
.
2012-06-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-03 14:23]
.
2012-06-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-03 14:23]
.
2012-06-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1452159324-766955113-3666706478-1001Core.job
- c:\users\Sabino\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-07 17:28]
.
2012-06-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1452159324-766955113-3666706478-1001UA.job
- c:\users\Sabino\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-07 17:28]
.
2012-06-27 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\Dell Support Center\uaclauncher.exe [2012-04-13 05:40]
.
2012-06-29 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\Dell Support Center\uaclauncher.exe [2012-04-13 05:40]
.
.
------- Scansione supplementare -------
.
uInternet Settings,ProxyServer = 127.0.0.1:20069
IE: E&sporta in Microsoft Excel - c:\progra~1\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: I&nvia a OneNote - c:\progra~1\MIF5BA~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 62.101.93.101 83.103.25.250
Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - c:\program files\BrowserCompanion\tdataprotocol.dll
Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - c:\program files\BrowserCompanion\tdataprotocol.dll
Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - c:\program files\BrowserCompanion\tdataprotocol.dll
DPF: Microsoft XML Parser for Java - file:///C:/Windows/Java/classes/xmldso.cab
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
Toolbar-10 - (no file)
WebBrowser-{08D495AB-A86C-47B0-82EF-DA87BF92F730} - (no file)
WebBrowser-{1D03A978-AC0C-4004-B9FD-9CF361C7BD3F} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
AddRemove-Revo Uninstaller - c:\program files\VS Revo Group\Revo Uninstaller\uninst.exe
AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}\bm_installer.exe
AddRemove-{7585478E9D9B42108671C12F8714CEFE} - c:\program files\DivX\DivXConverterUninstall.exe
AddRemove-FoxTab PDF Converter - c:\program files\FoxTabPDFConverter\Uninstall\Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PCDSRVC{E9D79540-57D5953E-06020101}_0]
"ImagePath"="\??\c:\program files\dell support center\pcdsrvc.pkms"
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{977AE9CC-AF83-45E8-9E03-E2798216E2D5}"=hex:51,66,7a,6c,4c,1d,38,12,a2,ea,69,
93,b1,e1,86,00,e1,15,a1,39,87,48,a6,c1
"{99079A25-328F-4BD4-BE04-00955ACAA0A7}"=hex:51,66,7a,6c,4c,1d,38,12,4b,99,14,
9d,bd,7c,ba,0e,c1,12,43,d5,5f,94,e4,b3
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{326E768D-4182-46FD-9C16-1449A49795F4}"=hex:51,66,7a,6c,4c,1d,38,12,e3,75,7d,
36,b0,0f,93,03,e3,00,57,09,a1,c9,d1,e0
"{58124A0B-DC32-4180-9BFF-E0E21AE34026}"=hex:51,66,7a,6c,4c,1d,38,12,65,49,01,
5c,00,92,ee,04,e4,e9,a3,a2,1f,bd,04,32
"{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,38,12,0f,32,96,
76,f7,7e,4c,08,c8,ef,48,fc,18,66,e7,6a
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{9D717F81-9148-4F12-8568-69135F087DB0}"=hex:51,66,7a,6c,4c,1d,38,12,ef,7c,62,
99,7a,df,7c,0a,fa,7e,2a,53,5a,56,39,a4
"{9FDDE16B-836F-4806-AB1F-1455CBEFF289}"=hex:51,66,7a,6c,4c,1d,38,12,05,e2,ce,
9b,5d,cd,68,0d,d4,09,57,15,ce,b1,b6,9d
"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,38,12,07,5b,93,
aa,6e,60,ba,0b,f0,6d,b2,b7,80,44,00,83
"{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,38,12,5b,ab,e0,
b0,13,40,37,0c,c5,34,01,f3,05,d0,46,eb
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,38,12,8f,19,47,
2e,c4,15,0b,03,d7,b5,8c,e9,62,70,06,85
"{FAE12866-E91C-43AC-AF75-8D7E316F15B8}"=hex:51,66,7a,6c,4c,1d,38,12,08,2b,f2,
fe,2e,a7,c2,06,d0,63,ce,3e,34,31,51,ac
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:1a,65,ca,76,b0,e4,cc,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,59,15,13,1b,ee,a7,e3,4e,a4,2a,84,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,59,15,13,1b,ee,a7,e3,4e,a4,2a,84,\
.
[HKEY_USERS\S-1-5-21-1452159324-766955113-3666706478-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.download\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariDownload"
.
[HKEY_USERS\S-1-5-21-1452159324-766955113-3666706478-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (S-1-5-21-1452159324-766955113-3666706478-1001)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-1452159324-766955113-3666706478-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (S-1-5-21-1452159324-766955113-3666706478-1001)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-1452159324-766955113-3666706478-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.safariextz\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariExtension"
.
[HKEY_USERS\S-1-5-21-1452159324-766955113-3666706478-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (S-1-5-21-1452159324-766955113-3666706478-1001)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-1452159324-766955113-3666706478-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-1452159324-766955113-3666706478-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.webarchive\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-1452159324-766955113-3666706478-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (S-1-5-21-1452159324-766955113-3666706478-1001)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-1452159324-766955113-3666706478-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (S-1-5-21-1452159324-766955113-3666706478-1001)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-1452159324-766955113-3666706478-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-1452159324-766955113-3666706478-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{085C8E5C-29C2-1D40-6C81-91F69A9F818C}*]
"danmlean"=hex:64,62,61,68,6d,69,66,6f,65,68,6c,62,69,6d,61,68,6a,68,6f,69,62,
69,70,64,68,6f,61,70,68,6b,6f,6e,69,66,65,63,64,6f,61,62,00,00
"iaehgpmbppdcjpekpd"=hex:6a,61,64,61,6f,65,6d,68,70,68,62,64,65,67,68,6b,70,67,
66,68,00,f8
"hakgahpcgjiieclf"=hex:6a,61,64,61,6f,65,6d,68,70,68,62,64,65,67,68,6b,70,67,
66,68,00,f2
.
[HKEY_USERS\S-1-5-21-1452159324-766955113-3666706478-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{4D52BFF7-A97A-3BF5-1107-844FE0A90DB4}*]
@Allowed: (Read) (RestrictedCode)
"bbmhioncpnnecmaddhomogjfmbedcbmoljfg"=hex:6a,61,61,6e,66,70,6b,66,6a,6f,61,66,
65,62,63,6a,6d,6e,6c,61,00,00
"abgileelihjkjeophgjgbamcoblokpglnl"=hex:6a,61,61,6e,66,70,6b,66,6a,6f,61,66,
65,62,63,6a,6d,6e,6c,61,00,00
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
.
- - - - - - - > 'Explorer.exe'(2956)
c:\windows\System32\bthprops.cpl
c:\windows\System32\hgcpl.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\program files\Common Files\iS3\Anti-Spyware\SZServer.exe
c:\windows\system32\taskhost.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\conhost.exe
c:\program files\STOPzilla!\STOPzilla.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\sppsvc.exe
c:\users\Sabino\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Sabino\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Sabino\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Sabino\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Sabino\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Sabino\AppData\Local\Google\Chrome\Application\chrome.exe
.
**************************************************************************
.
Ora fine scansione: 2012-06-29 20:46:43 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2012-06-29 18:46
.
Pre-Run: 144.869.335.040 byte disponibili
Post-Run: 144.201.990.144 byte disponibili
.
- - End Of File - - D69A28545076B8F1652982DBC58435CB

[FrancescoFDAC]

Hai omesso di fare la cosa più importante: eseguire ComboFix dal Desktop.

l'hai eseguito da qui: c:\users\Sabino\Desktop\Downloads\ComboFix.exe

Disinstalla STOPzilla Anti-Spyware, fai sapere se è installato prima..
Disinstalla anche Spybot - Search & Destroy e Soluto.

Quindi:
Scarica Malwarebytes' Anti-Malware - Free Edition: http://www.malwarebytes.org
● doppio click su mbam-setup.exe per avviare il setup
● in fase di installazione, lascia la spunta alle voci b]Aggiorna Malwarebytes' Anti-Malware[/b] e Avvia Malwarebytes' Anti-Malware

Una volta eseguiti i passaggi indicati sopra:
● collega tutte le periferiche esterne che possiedi ( Chiavette USB, HDD Esterni, Lettori MP3... )
● verrà mostrata la schermata principale del tool: al messaggio che appare, clicca sul pulsante No
● clicca sul pulsante Scansione completa, e conferma cliccando il pulsante Scansione
● verrà richiesto quali drive scansionare; selezionali tutti, e clicca nuovamente su Scansione
● attendi pazientemente il termine della scansione
● una volta terminata, clicca sul pulsante OK e Mostra Risultati per visionare il Report
● verrà rilasciato automaticamente un file di testo: salvalo sul Desktop ed allegalo
● assicurati che tutte le voci siano selezionate, e clicca sul pulsante Rimuovi selezionati, in basso a sinistra
● il log può essere visionati cliccando sul tab Log dall'interfaccia principale del programma

Nota - riguardo al programma:
● se MalwareBytes incontrasse delle difficoltà nel rimuovere alcuni file, verranno mostrate delle finestre aggiuntive: clicca sul pulsante OK, e lascia procedere il programma alla disinfezione. Se MalwareBytes chiedesse di riavviare il sistema, fallo immediatamente

Infine:
Scarica Kaspersky TDSS Killer: http://support.kaspersky.com/downloads/ ... killer.exe
● posiziona il file scaricato sul Desktop
● clicca due volte sul file TDSSKiller.exe per avviare l'applicazione
● successivamente premi il pulsante Start scan

Nota - riguardo al programma:
● non cliccare sul pulsante Stop scan per nessun motivo, la scansione si interromperebbe

Giunti a questo punto, inizia la scansione del sistema alla ricerca di software malevolo:
● se viene trovato un file infetto, l'azione di default sarà Cure: clicca quindi su Continua
● se viene trovato un file sospetto, l'azione di default sarà Skip: clicca quindi su Continua
● se non viene rilevato nulla, chiudi semplicemente il programma al termine della scansione

Una volta terminata la scansione, si presenterà una di queste due opzioni:
● non è necessario il riavvio del sistema: allega il Report situato nel Disco Locale C:\, di nome TDSSKiller.[Version]_[Date]_[Time]_log.txt
● è necessario riavviare il sistema: clicca su Riavvia ora, infine allega il risultato della scansione (si trova nello stesso percorso menzionato poco fa')

[sabino90]

10:33:57.0369 7412 TDSS rootkit removing tool 2.7.43.0 Jun 29 2012 17:54:22
10:33:57.0786 7412 ============================================================
10:33:57.0786 7412 Current date / time: 2012/06/30 10:33:57.0786
10:33:57.0786 7412 SystemInfo:
10:33:57.0786 7412
10:33:57.0786 7412 OS Version: 6.1.7601 ServicePack: 1.0
10:33:57.0786 7412 Product type: Workstation
10:33:57.0786 7412 ComputerName: SABINO-PC
10:33:57.0787 7412 UserName: Sabino
10:33:57.0787 7412 Windows directory: C:\Windows
10:33:57.0787 7412 System windows directory: C:\Windows
10:33:57.0787 7412 Processor architecture: Intel x86
10:33:57.0788 7412 Number of processors: 2
10:33:57.0788 7412 Page size: 0x1000
10:33:57.0788 7412 Boot type: Normal boot
10:33:57.0788 7412 ============================================================
10:33:58.0367 7412 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
10:33:58.0369 7412 ============================================================
10:33:58.0369 7412 \Device\Harddisk0\DR0:
10:33:58.0369 7412 MBR partitions:
10:33:58.0369 7412 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x1D4C000
10:33:58.0369 7412 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D5F9C5, BlocksNum 0x236CE8EB
10:33:58.0369 7412 ============================================================
10:33:58.0388 7412 C: <-> \Device\Harddisk0\DR0\Partition1
10:33:58.0433 7412 W: <-> \Device\Harddisk0\DR0\Partition0
10:33:58.0433 7412 ============================================================
10:33:58.0433 7412 Initialize success
10:33:58.0433 7412 ============================================================
10:34:05.0971 9516 ============================================================
10:34:05.0971 9516 Scan started
10:34:05.0971 9516 Mode: Manual; SigCheck; TDLFS;
10:34:05.0971 9516 ============================================================
10:34:06.0510 9516 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
10:34:06.0623 9516 1394ohci - ok
10:34:06.0683 9516 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
10:34:06.0709 9516 ACPI - ok
10:34:06.0756 9516 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
10:34:06.0833 9516 AcpiPmi - ok
10:34:06.0953 9516 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:34:06.0975 9516 AdobeFlashPlayerUpdateSvc - ok
10:34:07.0060 9516 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
10:34:07.0091 9516 adp94xx - ok
10:34:07.0129 9516 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
10:34:07.0153 9516 adpahci - ok
10:34:07.0185 9516 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
10:34:07.0202 9516 adpu320 - ok
10:34:07.0246 9516 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
10:34:07.0310 9516 AeLookupSvc - ok
10:34:07.0449 9516 AESTFilters (827dbc22c96eecf6d36a13162fabafd3) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9334b3396d450a95\aestsrv.exe
10:34:07.0516 9516 AESTFilters - ok
10:34:07.0584 9516 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
10:34:07.0653 9516 AFD - ok
10:34:07.0714 9516 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
10:34:07.0730 9516 agp440 - ok
10:34:07.0787 9516 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
10:34:07.0806 9516 aic78xx - ok
10:34:07.0859 9516 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
10:34:07.0915 9516 ALG - ok
10:34:07.0943 9516 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
10:34:07.0962 9516 aliide - ok
10:34:08.0035 9516 AMD External Events Utility (f970ea885aefeb1b9eb97ca7f1eb226d) C:\Windows\system32\atiesrxx.exe
10:34:08.0138 9516 AMD External Events Utility - ok
10:34:08.0159 9516 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
10:34:08.0176 9516 amdagp - ok
10:34:08.0199 9516 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
10:34:08.0215 9516 amdide - ok
10:34:08.0288 9516 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
10:34:08.0317 9516 AmdK8 - ok
10:34:08.0970 9516 amdkmdag (ab70f110143892eb41aa46500aa5cf00) C:\Windows\system32\DRIVERS\atikmdag.sys
10:34:09.0192 9516 amdkmdag - ok
10:34:09.0368 9516 amdkmdap (32d68d05b871eed5572d0c2c764ea4ec) C:\Windows\system32\DRIVERS\atikmpag.sys
10:34:09.0401 9516 amdkmdap - ok
10:34:09.0451 9516 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
10:34:09.0469 9516 AmdPPM - ok
10:34:09.0518 9516 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
10:34:09.0536 9516 amdsata - ok
10:34:09.0580 9516 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
10:34:09.0604 9516 amdsbs - ok
10:34:09.0623 9516 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
10:34:09.0639 9516 amdxata - ok
10:34:09.0879 9516 AntiVirSchedulerService (ffab08597accd27065f600d4ed747d83) C:\Program Files\Avira\AntiVir Desktop\sched.exe
10:34:09.0899 9516 AntiVirSchedulerService - ok
10:34:09.0998 9516 AntiVirService (a341d3b2442acbbcf9afbc801e2c8013) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
10:34:10.0015 9516 AntiVirService - ok
10:34:10.0064 9516 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
10:34:10.0185 9516 AppID - ok
10:34:10.0222 9516 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
10:34:10.0275 9516 AppIDSvc - ok
10:34:10.0323 9516 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
10:34:10.0372 9516 Appinfo - ok
10:34:10.0476 9516 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:34:10.0488 9516 Apple Mobile Device - ok
10:34:10.0559 9516 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
10:34:10.0584 9516 arc - ok
10:34:10.0609 9516 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
10:34:10.0634 9516 arcsas - ok
10:34:10.0673 9516 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
10:34:10.0800 9516 AsyncMac - ok
10:34:10.0842 9516 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
10:34:10.0859 9516 atapi - ok
10:34:10.0932 9516 AtiHdmiService (bb9e7c7f937714f05a4e05c287d6ddff) C:\Windows\system32\drivers\AtiHdmi.sys
10:34:10.0956 9516 AtiHdmiService - ok
10:34:11.0555 9516 atikmdag (ab70f110143892eb41aa46500aa5cf00) C:\Windows\system32\DRIVERS\atikmdag.sys
10:34:11.0700 9516 atikmdag - ok
10:34:11.0889 9516 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
10:34:11.0939 9516 AudioEndpointBuilder - ok
10:34:11.0948 9516 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
10:34:11.0986 9516 Audiosrv - ok
10:34:12.0075 9516 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\Windows\system32\DRIVERS\avgntflt.sys
10:34:12.0090 9516 avgntflt - ok
10:34:12.0160 9516 avipbb (13b02b9b969dde270cd7c351203dad3c) C:\Windows\system32\DRIVERS\avipbb.sys
10:34:12.0181 9516 avipbb - ok
10:34:12.0256 9516 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
10:34:12.0275 9516 avkmgr - ok
10:34:12.0321 9516 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
10:34:12.0384 9516 AxInstSV - ok
10:34:12.0452 9516 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
10:34:12.0507 9516 b06bdrv - ok
10:34:12.0560 9516 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
10:34:12.0582 9516 b57nd60x - ok
10:34:12.0639 9516 BCM42RLY (55070d71bbb424a56d5125c61fcc2897) C:\Windows\system32\drivers\BCM42RLY.sys
10:34:12.0654 9516 BCM42RLY - ok
10:34:12.0835 9516 BCM43XX (f9ce9b5e049efc66b8e6c73c18ee8438) C:\Windows\system32\DRIVERS\bcmwl6.sys
10:34:12.0912 9516 BCM43XX - ok
10:34:13.0078 9516 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
10:34:13.0137 9516 BDESVC - ok
10:34:13.0214 9516 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
10:34:13.0263 9516 Beep - ok
10:34:13.0339 9516 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
10:34:13.0384 9516 BFE - ok
10:34:13.0443 9516 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\system32\qmgr.dll
10:34:13.0500 9516 BITS - ok
10:34:13.0515 9516 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
10:34:13.0551 9516 blbdrive - ok
10:34:13.0705 9516 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
10:34:13.0728 9516 Bonjour Service - ok
10:34:13.0770 9516 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
10:34:13.0797 9516 bowser - ok
10:34:13.0815 9516 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:34:13.0893 9516 BrFiltLo - ok
10:34:13.0912 9516 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:34:13.0951 9516 BrFiltUp - ok
10:34:14.0022 9516 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys
10:34:14.0082 9516 BridgeMP - ok
10:34:14.0118 9516 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
10:34:14.0178 9516 Browser - ok
10:34:14.0223 9516 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
10:34:14.0277 9516 Brserid - ok
10:34:14.0298 9516 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
10:34:14.0317 9516 BrSerWdm - ok
10:34:14.0333 9516 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
10:34:14.0362 9516 BrUsbMdm - ok
10:34:14.0373 9516 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
10:34:14.0409 9516 BrUsbSer - ok
10:34:14.0428 9516 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
10:34:14.0466 9516 BTHMODEM - ok
10:34:14.0529 9516 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
10:34:14.0576 9516 bthserv - ok
10:34:14.0795 9516 catchme - ok
10:34:14.0841 9516 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
10:34:14.0891 9516 cdfs - ok
10:34:14.0943 9516 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
10:34:14.0980 9516 cdrom - ok
10:34:15.0020 9516 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
10:34:15.0063 9516 CertPropSvc - ok
10:34:15.0079 9516 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
10:34:15.0100 9516 circlass - ok
10:34:15.0141 9516 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
10:34:15.0165 9516 CLFS - ok
10:34:15.0274 9516 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:34:15.0289 9516 clr_optimization_v2.0.50727_32 - ok
10:34:15.0387 9516 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:34:15.0408 9516 clr_optimization_v4.0.30319_32 - ok
10:34:15.0442 9516 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
10:34:15.0463 9516 CmBatt - ok
10:34:15.0500 9516 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
10:34:15.0521 9516 cmdide - ok
10:34:15.0586 9516 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
10:34:15.0619 9516 CNG - ok
10:34:15.0670 9516 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
10:34:15.0688 9516 Compbatt - ok
10:34:15.0744 9516 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
10:34:15.0775 9516 CompositeBus - ok
10:34:15.0809 9516 COMSysApp - ok
10:34:15.0846 9516 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
10:34:15.0864 9516 crcdisk - ok
10:34:15.0948 9516 CryptSvc (06e771aa596b8761107ab57e99f128d7) C:\Windows\system32\cryptsvc.dll
10:34:16.0011 9516 CryptSvc - ok
10:34:16.0147 9516 CrystalSysInfo (f054744f67576a01139885173392502b) C:\Program Files\MediaCoder\SysInfo.sys
10:34:16.0168 9516 CrystalSysInfo - ok
10:34:16.0202 9516 CtClsFlt (ec232b13241caf587323b84981e0dda3) C:\Windows\system32\DRIVERS\CtClsFlt.sys
10:34:16.0246 9516 CtClsFlt - ok
10:34:16.0301 9516 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
10:34:16.0338 9516 DcomLaunch - ok
10:34:16.0379 9516 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
10:34:16.0435 9516 defragsvc - ok
10:34:16.0510 9516 DeviceExpert - ok
10:34:16.0564 9516 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
10:34:16.0625 9516 DfsC - ok
10:34:16.0700 9516 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
10:34:16.0739 9516 Dhcp - ok
10:34:16.0768 9516 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
10:34:16.0817 9516 discache - ok
10:34:16.0853 9516 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
10:34:16.0877 9516 Disk - ok
10:34:16.0909 9516 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
10:34:16.0953 9516 Dnscache - ok
10:34:16.0994 9516 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
10:34:17.0054 9516 dot3svc - ok
10:34:17.0094 9516 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
10:34:17.0146 9516 DPS - ok
10:34:17.0191 9516 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
10:34:17.0218 9516 drmkaud - ok
10:34:17.0292 9516 dtsoftbus01 (687af6bb383885ff6a64071b189a7f3e) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
10:34:17.0312 9516 dtsoftbus01 - ok
10:34:17.0394 9516 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
10:34:17.0424 9516 DXGKrnl - ok
10:34:17.0481 9516 E2ECAP (ae0e991d0a350ccb6411c724f0efdeb7) C:\Windows\system32\DRIVERS\e2ecap.sys
10:34:17.0502 9516 E2ECAP ( UnsignedFile.Multi.Generic ) - warning
10:34:17.0502 9516 E2ECAP - detected UnsignedFile.Multi.Generic (1)
10:34:17.0540 9516 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
10:34:17.0600 9516 EapHost - ok
10:34:17.0845 9516 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
10:34:17.0922 9516 ebdrv - ok
10:34:18.0050 9516 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
10:34:18.0104 9516 EFS - ok
10:34:18.0192 9516 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
10:34:18.0257 9516 ehRecvr - ok
10:34:18.0291 9516 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
10:34:18.0343 9516 ehSched - ok
10:34:18.0464 9516 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
10:34:18.0489 9516 elxstor - ok
10:34:18.0523 9516 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
10:34:18.0560 9516 ErrDev - ok
10:34:18.0629 9516 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
10:34:18.0677 9516 EventSystem - ok
10:34:18.0700 9516 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
10:34:18.0737 9516 exfat - ok
10:34:18.0763 9516 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
10:34:18.0820 9516 fastfat - ok
10:34:18.0891 9516 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
10:34:18.0935 9516 Fax - ok
10:34:18.0951 9516 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
10:34:18.0971 9516 fdc - ok
10:34:18.0996 9516 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
10:34:19.0040 9516 fdPHost - ok
10:34:19.0065 9516 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
10:34:19.0120 9516 FDResPub - ok
10:34:19.0152 9516 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
10:34:19.0170 9516 FileInfo - ok
10:34:19.0199 9516 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
10:34:19.0254 9516 Filetrace - ok
10:34:19.0267 9516 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
10:34:19.0302 9516 flpydisk - ok
10:34:19.0338 9516 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
10:34:19.0364 9516 FltMgr - ok
10:34:19.0454 9516 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
10:34:19.0512 9516 FontCache - ok
10:34:19.0592 9516 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
10:34:19.0609 9516 FontCache3.0.0.0 - ok
10:34:19.0635 9516 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
10:34:19.0652 9516 FsDepends - ok
10:34:19.0706 9516 fssfltr (b0082808a6856a252f7cdd939892ce50) C:\Windows\system32\DRIVERS\fssfltr.sys
10:34:19.0722 9516 fssfltr - ok
10:34:19.0935 9516 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
10:34:19.0978 9516 fsssvc - ok
10:34:20.0125 9516 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
10:34:20.0140 9516 Fs_Rec - ok
10:34:20.0203 9516 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
10:34:20.0226 9516 fvevol - ok
10:34:20.0274 9516 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
10:34:20.0291 9516 gagp30kx - ok
10:34:20.0309 9516 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:34:20.0320 9516 GEARAspiWDM - ok
10:34:20.0381 9516 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
10:34:20.0436 9516 gpsvc - ok
10:34:20.0570 9516 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
10:34:20.0591 9516 gupdate - ok
10:34:20.0619 9516 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
10:34:20.0636 9516 gupdatem - ok
10:34:20.0717 9516 hamachi (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys
10:34:20.0739 9516 hamachi - ok
10:34:20.0790 9516 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
10:34:20.0949 9516 hcw85cir - ok
10:34:21.0012 9516 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
10:34:21.0052 9516 HdAudAddService - ok
10:34:21.0093 9516 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
10:34:21.0135 9516 HDAudBus - ok
10:34:21.0156 9516 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
10:34:21.0193 9516 HidBatt - ok
10:34:21.0214 9516 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
10:34:21.0250 9516 HidBth - ok
10:34:21.0298 9516 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
10:34:21.0319 9516 HidIr - ok
10:34:21.0347 9516 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\System32\hidserv.dll
10:34:21.0400 9516 hidserv - ok
10:34:21.0444 9516 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
10:34:21.0484 9516 HidUsb - ok
10:34:21.0517 9516 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
10:34:21.0565 9516 hkmsvc - ok
10:34:21.0599 9516 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
10:34:21.0654 9516 HomeGroupListener - ok
10:34:21.0720 9516 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
10:34:21.0769 9516 HomeGroupProvider - ok
10:34:21.0825 9516 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
10:34:21.0842 9516 HpSAMD - ok
10:34:21.0898 9516 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
10:34:21.0942 9516 HTTP - ok
10:34:21.0974 9516 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
10:34:21.0990 9516 hwpolicy - ok
10:34:22.0032 9516 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
10:34:22.0060 9516 i8042prt - ok
10:34:22.0105 9516 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
10:34:22.0127 9516 iaStorV - ok
10:34:22.0260 9516 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
10:34:22.0269 9516 IDriverT ( UnsignedFile.Multi.Generic ) - warning
10:34:22.0269 9516 IDriverT - detected UnsignedFile.Multi.Generic (1)
10:34:22.0372 9516 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:34:22.0404 9516 idsvc - ok
10:34:22.0564 9516 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
10:34:22.0581 9516 iirsp - ok
10:34:22.0681 9516 IJPLMSVC (2f95bef56aeeeb45de55ec44668e2695) C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
10:34:22.0721 9516 IJPLMSVC ( UnsignedFile.Multi.Generic ) - warning
10:34:22.0721 9516 IJPLMSVC - detected UnsignedFile.Multi.Generic (1)
10:34:22.0796 9516 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
10:34:22.0854 9516 IKEEXT - ok
10:34:22.0898 9516 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
10:34:22.0918 9516 intelide - ok
10:34:22.0978 9516 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
10:34:23.0018 9516 intelppm - ok
10:34:23.0045 9516 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
10:34:23.0101 9516 IPBusEnum - ok
10:34:23.0130 9516 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:34:23.0179 9516 IpFilterDriver - ok
10:34:23.0246 9516 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
10:34:23.0574 9516 iphlpsvc - ok
10:34:23.0610 9516 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
10:34:23.0874 9516 IPMIDRV - ok
10:34:23.0903 9516 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
10:34:23.0960 9516 IPNAT - ok
10:34:24.0109 9516 iPod Service (178fe38b7740f598391eb2f51ae4ccac) C:\Program Files\iPod\bin\iPodService.exe
10:34:24.0136 9516 iPod Service - ok
10:34:24.0183 9516 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
10:34:24.0242 9516 IRENUM - ok
10:34:24.0300 9516 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
10:34:24.0316 9516 isapnp - ok
10:34:24.0369 9516 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
10:34:24.0390 9516 iScsiPrt - ok
10:34:24.0441 9516 k57nd60x (e1d7dcbb8811f8be7784046d4dd3a837) C:\Windows\system32\DRIVERS\k57nd60x.sys
10:34:24.0495 9516 k57nd60x - ok
10:34:24.0537 9516 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
10:34:24.0560 9516 kbdclass - ok
10:34:24.0599 9516 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
10:34:24.0627 9516 kbdhid - ok
10:34:24.0667 9516 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
10:34:24.0687 9516 KeyIso - ok
10:34:24.0738 9516 KMWDFILTERx86 (4476fe98aaf505acdcd3ee6360aabec1) C:\Windows\system32\DRIVERS\KMWDFILTER.sys
10:34:24.0759 9516 KMWDFILTERx86 - ok
10:34:24.0791 9516 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
10:34:24.0812 9516 KSecDD - ok
10:34:24.0847 9516 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
10:34:24.0864 9516 KSecPkg - ok
10:34:24.0899 9516 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
10:34:24.0950 9516 KtmRm - ok
10:34:25.0018 9516 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\System32\srvsvc.dll
10:34:25.0082 9516 LanmanServer - ok
10:34:25.0122 9516 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
10:34:25.0179 9516 LanmanWorkstation - ok
10:34:25.0231 9516 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
10:34:25.0279 9516 lltdio - ok
10:34:25.0316 9516 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
10:34:25.0373 9516 lltdsvc - ok
10:34:25.0384 9516 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
10:34:25.0436 9516 lmhosts - ok
10:34:25.0474 9516 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
10:34:25.0493 9516 LSI_FC - ok
10:34:25.0511 9516 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
10:34:25.0531 9516 LSI_SAS - ok
10:34:25.0552 9516 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:34:25.0570 9516 LSI_SAS2 - ok
10:34:25.0591 9516 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:34:25.0609 9516 LSI_SCSI - ok
10:34:25.0661 9516 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
10:34:25.0725 9516 luafv - ok
10:34:25.0764 9516 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
10:34:25.0783 9516 Mcx2Svc - ok
10:34:25.0790 9516 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
10:34:25.0808 9516 megasas - ok
10:34:25.0851 9516 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
10:34:25.0870 9516 MegaSR - ok
10:34:26.0013 9516 Microsoft SharePoint Workspace Audit Service - ok
10:34:26.0044 9516 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
10:34:26.0093 9516 MMCSS - ok
10:34:26.0114 9516 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
10:34:26.0170 9516 Modem - ok
10:34:26.0205 9516 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
10:34:26.0224 9516 monitor - ok
10:34:26.0272 9516 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
10:34:26.0295 9516 mouclass - ok
10:34:26.0345 9516 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
10:34:26.0362 9516 mouhid - ok
10:34:26.0411 9516 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
10:34:26.0432 9516 mountmgr - ok
10:34:26.0470 9516 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
10:34:26.0494 9516 mpio - ok
10:34:26.0510 9516 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
10:34:26.0556 9516 mpsdrv - ok
10:34:26.0608 9516 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
10:34:26.0673 9516 MpsSvc - ok
10:34:26.0713 9516 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
10:34:26.0738 9516 MRxDAV - ok
10:34:26.0776 9516 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:34:26.0820 9516 mrxsmb - ok
10:34:26.0869 9516 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:34:26.0893 9516 mrxsmb10 - ok
10:34:26.0925 9516 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:34:26.0959 9516 mrxsmb20 - ok
10:34:26.0995 9516 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
10:34:27.0017 9516 msahci - ok
10:34:27.0066 9516 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
10:34:27.0086 9516 msdsm - ok
10:34:27.0129 9516 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
10:34:27.0162 9516 MSDTC - ok
10:34:27.0227 9516 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
10:34:27.0261 9516 Msfs - ok
10:34:27.0399 9516 MsgPlusService (88ac2954177e673bbcf688d1ec64b40b) C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
10:34:27.0408 9516 MsgPlusService ( UnsignedFile.Multi.Generic ) - warning
10:34:27.0408 9516 MsgPlusService - detected UnsignedFile.Multi.Generic (1)
10:34:27.0422 9516 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
10:34:27.0470 9516 mshidkmdf - ok
10:34:27.0500 9516 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
10:34:27.0521 9516 msisadrv - ok
10:34:27.0570 9516 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
10:34:27.0618 9516 MSiSCSI - ok
10:34:27.0624 9516 msiserver - ok
10:34:27.0657 9516 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
10:34:27.0706 9516 MSKSSRV - ok
10:34:27.0741 9516 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
10:34:27.0795 9516 MSPCLOCK - ok
10:34:27.0809 9516 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
10:34:27.0849 9516 MSPQM - ok
10:34:27.0883 9516 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
10:34:27.0902 9516 MsRPC - ok
10:34:27.0939 9516 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
10:34:27.0962 9516 mssmbios - ok
10:34:27.0988 9516 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
10:34:28.0025 9516 MSTEE - ok
10:34:28.0044 9516 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
10:34:28.0063 9516 MTConfig - ok
10:34:28.0090 9516 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
10:34:28.0107 9516 Mup - ok
10:34:28.0150 9516 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
10:34:28.0190 9516 napagent - ok
10:34:28.0251 9516 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
10:34:28.0291 9516 NativeWifiP - ok
10:34:28.0470 9516 NAUpdate (1bbbf640bc0e0b750537baece8d66c18) C:\Program Files\Nero\Update\NASvc.exe
10:34:28.0492 9516 NAUpdate - ok
10:34:28.0551 9516 NBVol (e240f3204e86b7b6ccf266b2a2ad32b4) C:\Windows\system32\DRIVERS\NBVol.sys
10:34:28.0566 9516 NBVol - ok
10:34:28.0607 9516 NBVolUp (c0cf3cccce3c75f7280c89029ab47866) C:\Windows\system32\DRIVERS\NBVolUp.sys
10:34:28.0630 9516 NBVolUp - ok
10:34:28.0733 9516 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
10:34:28.0765 9516 NDIS - ok
10:34:28.0819 9516 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
10:34:28.0872 9516 NdisCap - ok
10:34:28.0907 9516 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
10:34:28.0960 9516 NdisTapi - ok
10:34:29.0010 9516 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
10:34:29.0056 9516 Ndisuio - ok
10:34:29.0094 9516 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
10:34:29.0140 9516 NdisWan - ok
10:34:29.0177 9516 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
10:34:29.0220 9516 NDProxy - ok
10:34:29.0270 9516 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
10:34:29.0328 9516 NetBIOS - ok
10:34:29.0374 9516 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
10:34:29.0426 9516 NetBT - ok
10:34:29.0458 9516 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
10:34:29.0479 9516 Netlogon - ok
10:34:29.0535 9516 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
10:34:29.0592 9516 Netman - ok
10:34:29.0630 9516 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
10:34:29.0684 9516 netprofm - ok
10:34:29.0755 9516 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:34:29.0770 9516 NetTcpPortSharing - ok
10:34:29.0815 9516 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
10:34:29.0837 9516 nfrd960 - ok
10:34:30.0046 9516 NitroDriverReadSpool2 (db4edde8c45ce769952df9a9a0497306) C:\Program Files\Nitro PDF\Professional 7\NitroPDFDriverService2.exe
10:34:30.0062 9516 NitroDriverReadSpool2 - ok
10:34:30.0118 9516 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
10:34:30.0177 9516 NlaSvc - ok
10:34:30.0212 9516 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
10:34:30.0262 9516 Npfs - ok
10:34:30.0301 9516 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
10:34:30.0351 9516 nsi - ok
10:34:30.0393 9516 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
10:34:30.0457 9516 nsiproxy - ok
10:34:30.0570 9516 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
10:34:30.0619 9516 Ntfs - ok
10:34:30.0768 9516 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
10:34:30.0817 9516 Null - ok
10:34:30.0867 9516 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
10:34:30.0893 9516 nvraid - ok
10:34:30.0916 9516 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
10:34:30.0936 9516 nvstor - ok
10:34:30.0982 9516 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
10:34:30.0999 9516 nv_agp - ok
10:34:31.0041 9516 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
10:34:31.0068 9516 ohci1394 - ok
10:34:31.0120 9516 ONDA_MW823UP_cdc_acm (0dc0cd53e4164cda1057ba58527a6bd6) C:\Windows\system32\DRIVERS\ONDA_MW823UP_cdc_acm.sys
10:34:31.0176 9516 ONDA_MW823UP_cdc_acm - ok
10:34:31.0218 9516 ONDA_MW823UP_cdc_ecm (d511be4d916361d6894bb07b83e5560d) C:\Windows\system32\DRIVERS\ONDA_MW823UP_cdc_ecm.sys
10:34:31.0250 9516 ONDA_MW823UP_cdc_ecm - ok
10:34:31.0289 9516 ONDA_MW823UP_cpo (e8631963b0857deede6fb48798ada5dc) C:\Windows\system32\DRIVERS\ONDA_MW823UP_cpo.sys
10:34:31.0316 9516 ONDA_MW823UP_cpo - ok
10:34:31.0347 9516 ONDA_MW823UP_dc_enum (4f43061a726ff45ff8aea2659d8811b8) C:\Windows\system32\DRIVERS\ONDA_MW823UP_dc_enum.sys
10:34:31.0377 9516 ONDA_MW823UP_dc_enum - ok
10:34:31.0499 9516 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:34:31.0515 9516 ose - ok
10:34:31.0874 9516 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:34:31.0976 9516 osppsvc - ok
10:34:32.0127 9516 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
10:34:32.0182 9516 p2pimsvc - ok
10:34:32.0218 9516 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
10:34:32.0251 9516 p2psvc - ok
10:34:32.0308 9516 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
10:34:32.0334 9516 Parport - ok
10:34:32.0375 9516 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
10:34:32.0391 9516 partmgr - ok
10:34:32.0413 9516 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
10:34:32.0439 9516 Parvdm - ok
10:34:32.0470 9516 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
10:34:32.0509 9516 PcaSvc - ok
10:34:32.0582 9516 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
10:34:32.0631 9516 pccsmcfd - ok
10:34:32.0658 9516 PcdrNdisuio - ok
10:34:32.0797 9516 PCDSRVC{E9D79540-57D5953E-06020101}_0 (92fddbed716bf5c3cb766101563cfce5) c:\program files\dell support center\pcdsrvc.pkms
10:34:32.0813 9516 PCDSRVC{E9D79540-57D5953E-06020101}_0 - ok
10:34:32.0866 9516 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
10:34:32.0887 9516 pci - ok
10:34:32.0914 9516 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
10:34:32.0935 9516 pciide - ok
10:34:32.0976 9516 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
10:34:32.0995 9516 pcmcia - ok
10:34:33.0018 9516 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
10:34:33.0035 9516 pcw - ok
10:34:33.0090 9516 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
10:34:33.0150 9516 PEAUTH - ok
10:34:33.0281 9516 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
10:34:33.0336 9516 pla - ok
10:34:33.0498 9516 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
10:34:33.0561 9516 PlugPlay - ok
10:34:33.0587 9516 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
10:34:33.0621 9516 PNRPAutoReg - ok
10:34:33.0651 9516 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
10:34:33.0673 9516 PNRPsvc - ok
10:34:33.0720 9516 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
10:34:33.0777 9516 PolicyAgent - ok
10:34:33.0821 9516 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
10:34:34.0154 9516 Power - ok
10:34:34.0254 9516 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
10:34:34.0298 9516 PptpMiniport - ok
10:34:34.0341 9516 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
10:34:34.0375 9516 Processor - ok
10:34:34.0427 9516 ProfSvc (cadefac453040e370a1bdff3973be00d) C:\Windows\system32\profsvc.dll
10:34:34.0486 9516 ProfSvc - ok
10:34:34.0527 9516 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
10:34:34.0548 9516 ProtectedStorage - ok
10:34:34.0599 9516 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
10:34:34.0641 9516 Psched - ok
10:34:34.0754 9516 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
10:34:34.0822 9516 ql2300 - ok
10:34:34.0988 9516 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
10:34:35.0007 9516 ql40xx - ok
10:34:35.0050 9516 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
10:34:35.0088 9516 QWAVE - ok
10:34:35.0111 9516 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
10:34:35.0133 9516 QWAVEdrv - ok
10:34:35.0235 9516 RapiMgr (8f97d374ad1857e1eed85a79f29a1d3d) C:\Windows\WindowsMobile\rapimgr.dll
10:34:35.0254 9516 RapiMgr - ok
10:34:35.0267 9516 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
10:34:35.0313 9516 RasAcd - ok
10:34:35.0350 9516 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
10:34:35.0385 9516 RasAgileVpn - ok
10:34:35.0409 9516 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
10:34:35.0459 9516 RasAuto - ok
10:34:35.0498 9516 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:34:35.0532 9516 Rasl2tp - ok
10:34:35.0604 9516 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
10:34:35.0657 9516 RasMan - ok
10:34:35.0679 9516 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
10:34:35.0718 9516 RasPppoe - ok
10:34:35.0757 9516 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
10:34:35.0802 9516 RasSstp - ok
10:34:35.0840 9516 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
10:34:35.0884 9516 rdbss - ok
10:34:35.0908 9516 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
10:34:35.0945 9516 rdpbus - ok
10:34:35.0971 9516 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:34:36.0014 9516 RDPCDD - ok
10:34:36.0033 9516 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
10:34:36.0081 9516 RDPENCDD - ok
10:34:36.0122 9516 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
10:34:36.0163 9516 RDPREFMP - ok
10:34:36.0200 9516 RDPWD (f031683e6d1fea157abb2ff260b51e61) C:\Windows\system32\drivers\RDPWD.sys
10:34:36.0252 9516 RDPWD - ok
10:34:36.0317 9516 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
10:34:36.0339 9516 rdyboost - ok
10:34:36.0406 9516 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
10:34:36.0447 9516 RemoteAccess - ok
10:34:36.0486 9516 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
10:34:36.0527 9516 RemoteRegistry - ok
10:34:36.0600 9516 rimmptsk (df672613fbbcd58c38bb0bc2694bcfb0) C:\Windows\system32\DRIVERS\rimmptsk.sys
10:34:36.0656 9516 rimmptsk - ok
10:34:36.0705 9516 rimsptsk (9bfb54d3559f2ff7301271d29d383564) C:\Windows\system32\DRIVERS\rimsptsk.sys
10:34:36.0742 9516 rimsptsk - ok
10:34:36.0799 9516 rismxdp (dcb87da83cc1010cbc9fc4dc9e395bbc) C:\Windows\system32\DRIVERS\rixdptsk.sys
10:34:36.0850 9516 rismxdp - ok
10:34:36.0940 9516 RoxLiveShare9 - ok
10:34:36.0989 9516 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
10:34:37.0026 9516 RpcEptMapper - ok
10:34:37.0049 9516 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
10:34:37.0081 9516 RpcLocator - ok
10:34:37.0137 9516 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
10:34:37.0178 9516 RpcSs - ok
10:34:37.0238 9516 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
10:34:37.0288 9516 rspndr - ok
10:34:37.0319 9516 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
10:34:37.0338 9516 SamSs - ok
10:34:37.0386 9516 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
10:34:37.0402 9516 sbp2port - ok
10:34:37.0476 9516 SBRE (1fd538c4feb36b793d2121f20bbdc16f) C:\Windows\system32\drivers\SBREdrv.sys
10:34:37.0491 9516 SBRE - ok
10:34:37.0522 9516 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
10:34:37.0556 9516 SCardSvr - ok
10:34:37.0601 9516 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
10:34:37.0640 9516 scfilter - ok
10:34:37.0725 9516 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
10:34:37.0791 9516 Schedule - ok
10:34:37.0825 9516 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
10:34:37.0858 9516 SCPolicySvc - ok
10:34:37.0912 9516 sdbus (0328be1c7f1cba23848179f8762e391c) C:\Windows\system32\drivers\sdbus.sys
10:34:37.0950 9516 sdbus - ok
10:34:37.0984 9516 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
10:34:38.0025 9516 SDRSVC - ok
10:34:38.0079 9516 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
10:34:38.0113 9516 secdrv - ok
10:34:38.0155 9516 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
10:34:38.0198 9516 seclogon - ok
10:34:38.0230 9516 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\system32\sens.dll
10:34:38.0271 9516 SENS - ok
10:34:38.0328 9516 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
10:34:38.0379 9516 SensrSvc - ok
10:34:38.0416 9516 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
10:34:38.0434 9516 Serenum - ok
10:34:38.0470 9516 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
10:34:38.0489 9516 Serial - ok
10:34:38.0518 9516 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
10:34:38.0554 9516 sermouse - ok
10:34:38.0700 9516 ServiceLayer (12b41d84a4d058adc60853c365dbfcca) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
10:34:38.0742 9516 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
10:34:38.0743 9516 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
10:34:38.0789 9516 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
10:34:38.0843 9516 SessionEnv - ok
10:34:38.0866 9516 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
10:34:38.0919 9516 sffdisk - ok
10:34:38.0933 9516 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
10:34:38.0970 9516 sffp_mmc - ok
10:34:38.0989 9516 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\DRIVERS\sffp_sd.sys
10:34:39.0009 9516 sffp_sd - ok
10:34:39.0038 9516 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
10:34:39.0079 9516 sfloppy - ok
10:34:39.0156 9516 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
10:34:39.0212 9516 SharedAccess - ok
10:34:39.0256 9516 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
10:34:39.0295 9516 ShellHWDetection - ok
10:34:39.0328 9516 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
10:34:39.0346 9516 sisagp - ok
10:34:39.0377 9516 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:34:39.0400 9516 SiSRaid2 - ok
10:34:39.0431 9516 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
10:34:39.0454 9516 SiSRaid4 - ok
10:34:39.0563 9516 SkypeUpdate (ddaa5f4a6b958fc313ebd02dd925752f) C:\Program Files\Skype\Updater\Updater.exe
10:34:39.0579 9516 SkypeUpdate - ok
10:34:39.0612 9516 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
10:34:39.0649 9516 Smb - ok
10:34:39.0723 9516 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
10:34:39.0743 9516 SNMPTRAP - ok
10:34:39.0782 9516 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
10:34:39.0800 9516 spldr - ok
10:34:39.0858 9516 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
10:34:39.0909 9516 Spooler - ok
10:34:40.0128 9516 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
10:34:40.0233 9516 sppsvc - ok
10:34:40.0435 9516 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
10:34:40.0479 9516 sppuinotify - ok
10:34:40.0570 9516 sprtsvc_dellsupportcenter - ok
10:34:40.0659 9516 SQLWriter (d2f4f32b59440011174b4f8137af4e0c) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
10:34:40.0674 9516 SQLWriter - ok
10:34:40.0748 9516 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
10:34:40.0798 9516 srv - ok
10:34:40.0852 9516 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
10:34:40.0873 9516 srv2 - ok
10:34:40.0912 9516 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
10:34:40.0951 9516 srvnet - ok
10:34:40.0991 9516 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
10:34:41.0054 9516 SSDPSRV - ok
10:34:41.0119 9516 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
10:34:41.0135 9516 ssmdrv - ok
10:34:41.0165 9516 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
10:34:41.0206 9516 SstpSvc - ok
10:34:41.0352 9516 STacSV (2c5c9e47a132143594d2f278f3dbd8f6) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9334b3396d450a95\STacSV.exe
10:34:41.0368 9516 STacSV - ok
10:34:41.0400 9516 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
10:34:41.0418 9516 stexstor - ok
10:34:41.0483 9516 STHDA (1a55b390a3bfdd17c98695ab2f91a7f8) C:\Windows\system32\DRIVERS\stwrt.sys
10:34:41.0508 9516 STHDA - ok
10:34:41.0561 9516 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
10:34:41.0607 9516 StiSvc - ok
10:34:41.0637 9516 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
10:34:41.0657 9516 swenum - ok
10:34:41.0707 9516 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
10:34:41.0794 9516 swprv - ok
10:34:41.0847 9516 SynTP (fb86fdd993a6a0122a2f526221e5161f) C:\Windows\system32\DRIVERS\SynTP.sys
10:34:41.0865 9516 SynTP - ok
10:34:41.0968 9516 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
10:34:42.0010 9516 SysMain - ok
10:34:42.0052 9516 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
10:34:42.0093 9516 TabletInputService - ok
10:34:42.0161 9516 tap0901 (98a1e6bc9f766b0b0a5bf00af847ef20) C:\Windows\system32\DRIVERS\tap0901.sys
10:34:42.0193 9516 tap0901 - ok
10:34:42.0225 9516 taphss (0c3b2a9c4bd2dd9a6c2e4084314dd719) C:\Windows\system32\DRIVERS\taphss.sys
10:34:42.0239 9516 taphss - ok
10:34:42.0288 9516 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
10:34:42.0328 9516 TapiSrv - ok
10:34:42.0358 9516 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
10:34:42.0419 9516 TBS - ok
10:34:42.0531 9516 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
10:34:42.0580 9516 Tcpip - ok
10:34:42.0829 9516 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
10:34:42.0874 9516 TCPIP6 - ok
10:34:43.0010 9516 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
10:34:43.0042 9516 tcpipreg - ok
10:34:43.0090 9516 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
10:34:43.0116 9516 TDPIPE - ok
10:34:43.0157 9516 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
10:34:43.0174 9516 TDTCP - ok
10:34:43.0202 9516 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
10:34:43.0235 9516 tdx - ok
10:34:43.0280 9516 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
10:34:43.0301 9516 TermDD - ok
10:34:43.0370 9516 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
10:34:43.0420 9516 TermService - ok
10:34:43.0458 9516 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
10:34:43.0484 9516 Themes - ok
10:34:43.0533 9516 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
10:34:43.0570 9516 THREADORDER - ok
10:34:43.0705 9516 TomTomHOMEService (83682f469a3d65e8b6f06c28212318bd) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
10:34:43.0718 9516 TomTomHOMEService - ok
10:34:43.0767 9516 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
10:34:43.0816 9516 TrkWks - ok
10:34:43.0885 9516 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
10:34:43.0938 9516 TrustedInstaller - ok
10:34:43.0972 9516 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:34:44.0008 9516 tssecsrv - ok
10:34:44.0069 9516 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
10:34:44.0099 9516 TsUsbFlt - ok
10:34:44.0148 9516 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
10:34:44.0200 9516 tunnel - ok
10:34:44.0248 9516 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
10:34:44.0265 9516 uagp35 - ok
10:34:44.0319 9516 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
10:34:44.0374 9516 udfs - ok
10:34:44.0420 9516 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
10:34:44.0451 9516 UI0Detect - ok
10:34:44.0485 9516 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
10:34:44.0506 9516 uliagpkx - ok
10:34:44.0556 9516 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
10:34:44.0574 9516 umbus - ok
10:34:44.0600 9516 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
10:34:44.0628 9516 UmPass - ok
10:34:44.0664 9516 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
10:34:44.0712 9516 upnphost - ok
10:34:44.0774 9516 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
10:34:44.0801 9516 USBAAPL - ok
10:34:44.0829 9516 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
10:34:44.0879 9516 usbccgp - ok
10:34:44.0909 9516 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
10:34:44.0942 9516 usbcir - ok
10:34:44.0968 9516 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\drivers\usbehci.sys
10:34:44.0985 9516 usbehci - ok
10:34:45.0041 9516 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
10:34:45.0081 9516 usbhub - ok
10:34:45.0104 9516 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys
10:34:45.0134 9516 usbohci - ok
10:34:45.0176 9516 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
10:34:45.0197 9516 usbprint - ok
10:34:45.0228 9516 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
10:34:45.0265 9516 usbscan - ok
10:34:45.0313 9516 usbser (88701eca76145e2c011c0eeff0f7b70e) C:\Windows\system32\drivers\usbser.sys
10:34:45.0350 9516 usbser - ok
10:34:45.0370 9516 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:34:45.0414 9516 USBSTOR - ok
10:34:45.0453 9516 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys
10:34:45.0490 9516 usbuhci - ok
10:34:45.0545 9516 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\System32\Drivers\usbvideo.sys
10:34:45.0566 9516 usbvideo - ok
10:34:45.0600 9516 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
10:34:45.0652 9516 UxSms - ok
10:34:45.0690 9516 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
10:34:45.0709 9516 VaultSvc - ok
10:34:45.0758 9516 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
10:34:45.0774 9516 vdrvroot - ok
10:34:45.0870 9516 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
10:34:45.0919 9516 vds - ok
10:34:45.0956 9516 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
10:34:45.0985 9516 vga - ok
10:34:46.0032 9516 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
10:34:46.0067 9516 VgaSave - ok
10:34:46.0108 9516 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
10:34:46.0131 9516 vhdmp - ok
10:34:46.0180 9516 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
10:34:46.0200 9516 viaagp - ok
10:34:46.0217 9516 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
10:34:46.0236 9516 ViaC7 - ok
10:34:46.0257 9516 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
10:34:46.0274 9516 viaide - ok
10:34:46.0300 9516 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
10:34:46.0318 9516 volmgr - ok
10:34:46.0350 9516 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
10:34:46.0380 9516 volmgrx - ok
10:34:46.0424 9516 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
10:34:46.0445 9516 volsnap - ok
10:34:46.0490 9516 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
10:34:46.0509 9516 vsmraid - ok
10:34:46.0611 9516 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
10:34:46.0671 9516 VSS - ok
10:34:46.0697 9516 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
10:34:46.0736 9516 vwifibus - ok
10:34:46.0777 9516 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
10:34:46.0803 9516 vwififlt - ok
10:34:46.0876 9516 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
10:34:46.0916 9516 W32Time - ok
10:34:46.0948 9516 WacomPen (de3721e89c653aa281428c8a69745d90)

[sabino90]

C:\Windows\system32\DRIVERS\wacompen.sys
10:34:46.0976 9516 WacomPen - ok
10:34:47.0027 9516 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
10:34:47.0061 9516 WANARP - ok
10:34:47.0071 9516 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
10:34:47.0106 9516 Wanarpv6 - ok
10:34:47.0250 9516 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
10:34:47.0293 9516 WatAdminSvc - ok
10:34:47.0500 9516 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
10:34:47.0577 9516 wbengine - ok
10:34:47.0614 9516 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
10:34:47.0649 9516 WbioSrvc - ok
10:34:47.0752 9516 WcesComm (59e19bd13c3bdb857646b9e436ba27f7) C:\Windows\WindowsMobile\wcescomm.dll
10:34:47.0773 9516 WcesComm - ok
10:34:47.0825 9516 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
10:34:47.0853 9516 wcncsvc - ok
10:34:47.0874 9516 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
10:34:47.0906 9516 WcsPlugInService - ok
10:34:47.0951 9516 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
10:34:47.0968 9516 Wd - ok
10:34:48.0009 9516 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
10:34:48.0034 9516 Wdf01000 - ok
10:34:48.0053 9516 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
10:34:48.0123 9516 WdiServiceHost - ok
10:34:48.0144 9516 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
10:34:48.0169 9516 WdiSystemHost - ok
10:34:48.0226 9516 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
10:34:48.0252 9516 WebClient - ok
10:34:48.0293 9516 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
10:34:48.0332 9516 Wecsvc - ok
10:34:48.0360 9516 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
10:34:48.0401 9516 wercplsupport - ok
10:34:48.0444 9516 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
10:34:48.0482 9516 WerSvc - ok
10:34:48.0519 9516 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
10:34:48.0557 9516 WfpLwf - ok
10:34:48.0579 9516 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
10:34:48.0596 9516 WIMMount - ok
10:34:48.0723 9516 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
10:34:48.0772 9516 WinDefend - ok
10:34:48.0781 9516 WinHttpAutoProxySvc - ok
10:34:48.0856 9516 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
10:34:48.0902 9516 Winmgmt - ok
10:34:49.0017 9516 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
10:34:49.0072 9516 WinRM - ok
10:34:49.0165 9516 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
10:34:49.0199 9516 WinUsb - ok
10:34:49.0285 9516 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
10:34:49.0344 9516 Wlansvc - ok
10:34:49.0465 9516 wlcrasvc (6067acef367e79914af628fa1e9b5330) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
10:34:49.0480 9516 wlcrasvc - ok
10:34:49.0728 9516 wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:34:49.0774 9516 wlidsvc - ok
10:34:49.0884 9516 wltrysvc - ok
10:34:49.0963 9516 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
10:34:49.0993 9516 WmiAcpi - ok
10:34:50.0059 9516 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
10:34:50.0086 9516 wmiApSrv - ok
10:34:50.0272 9516 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
10:34:50.0337 9516 WMPNetworkSvc - ok
10:34:50.0447 9516 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
10:34:50.0502 9516 WPCSvc - ok
10:34:50.0549 9516 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
10:34:50.0599 9516 WPDBusEnum - ok
10:34:50.0636 9516 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
10:34:50.0686 9516 ws2ifsl - ok
10:34:50.0732 9516 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\system32\wscsvc.dll
10:34:50.0775 9516 wscsvc - ok
10:34:50.0783 9516 WSearch - ok
10:34:50.0934 9516 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
10:34:51.0000 9516 wuauserv - ok
10:34:51.0188 9516 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
10:34:51.0224 9516 WudfPf - ok
10:34:51.0284 9516 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
10:34:51.0321 9516 WUDFRd - ok
10:34:51.0372 9516 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
10:34:51.0432 9516 wudfsvc - ok
10:34:51.0473 9516 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
10:34:51.0518 9516 WwanSvc - ok
10:34:51.0568 9516 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
10:34:52.0155 9516 \Device\Harddisk0\DR0 - ok
10:34:52.0192 9516 Boot (0x1200) (d004d350772f37dc3c63c1c36c161027) \Device\Harddisk0\DR0\Partition0
10:34:52.0194 9516 \Device\Harddisk0\DR0\Partition0 - ok
10:34:52.0202 9516 Boot (0x1200) (79687c0cd1181966e4253449d4c068f5) \Device\Harddisk0\DR0\Partition1
10:34:52.0203 9516 \Device\Harddisk0\DR0\Partition1 - ok
10:34:52.0206 9516 ============================================================
10:34:52.0206 9516 Scan finished
10:34:52.0206 9516 ============================================================
10:34:52.0229 8840 Detected object count: 5
10:34:52.0229 8840 Actual detected object count: 5
10:35:11.0089 8840 C:\Windows\system32\DRIVERS\e2ecap.sys - copied to quarantine
10:35:11.0101 8840 HKLM\SYSTEM\ControlSet001\services\E2ECAP - will be deleted on reboot
10:35:11.0140 8840 HKLM\SYSTEM\ControlSet002\services\E2ECAP - will be deleted on reboot
10:35:11.0336 8840 C:\Windows\system32\DRIVERS\e2ecap.sys - will be deleted on reboot
10:35:11.0336 8840 E2ECAP ( UnsignedFile.Multi.Generic ) - User select action: Delete
10:35:11.0469 8840 C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe - copied to quarantine
10:35:11.0471 8840 HKLM\SYSTEM\ControlSet001\services\IDriverT - will be deleted on reboot
10:35:11.0482 8840 HKLM\SYSTEM\ControlSet002\services\IDriverT - will be deleted on reboot
10:35:11.0495 8840 C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe - will be deleted on reboot
10:35:11.0495 8840 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Delete
10:35:11.0561 8840 C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE - copied to quarantine
10:35:11.0564 8840 HKLM\SYSTEM\ControlSet001\services\IJPLMSVC - will be deleted on reboot
10:35:11.0565 8840 HKLM\SYSTEM\ControlSet002\services\IJPLMSVC - will be deleted on reboot
10:35:11.0570 8840 C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE - will be deleted on reboot
10:35:11.0570 8840 IJPLMSVC ( UnsignedFile.Multi.Generic ) - User select action: Delete
10:35:11.0632 8840 C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe - copied to quarantine
10:35:11.0635 8840 MsgPlusService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
10:35:11.0739 8840 C:\Program Files\PC Connectivity Solution\ServiceLayer.exe - copied to quarantine
10:35:11.0741 8840 HKLM\SYSTEM\ControlSet001\services\ServiceLayer - will be deleted on reboot
10:35:11.0760 8840 HKLM\SYSTEM\ControlSet002\services\ServiceLayer - will be deleted on reboot
10:35:11.0765 8840 C:\Program Files\PC Connectivity Solution\ServiceLayer.exe - will be deleted on reboot
10:35:11.0765 8840 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Delete
10:35:15.0948 6452 Deinitialize success