Registrazione
Moderatori: m.paolo, kadosh, Luke57
di franco75 » 19/08/12 10:51
di franco75 » 19/08/12 12:35
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19.36.27, on 05/07/2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16446)
Boot mode: Normal
Running processes:
C:\Program Files\Norton Internet Security\Engine\19.1.1.3\ccSvcHst.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Alice Mobile Olicard 100\ConnMonitor.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\ooVoo\ooVoo.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.virgilio.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=it_it&c=83&bd=Pavilion&pf=cnnb
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ooVoo Video Chat Toolbar - {e5a1e26f-0d1d-4307-868f-fbd9a374ab54} - C:\Program Files\ooVoo_Video_Chat\tbooVo.dll
R3 - URLSearchHook: Softonic Italia Toolbar - {4edd5c14-2d22-4d7a-9748-c975a7fd933b} - C:\Program Files\Softonic_Italia\tbSoft.dll
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll
O2 - BHO: Softonic Italia Toolbar - {4edd5c14-2d22-4d7a-9748-c975a7fd933b} - C:\Program Files\Softonic_Italia\tbSoft.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\19.1.1.3\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\19.1.1.3\IPS\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O2 - BHO: ooVoo Video Chat Toolbar - {e5a1e26f-0d1d-4307-868f-fbd9a374ab54} - C:\Program Files\ooVoo_Video_Chat\tbooVo.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: ooVoo Video Chat Toolbar - {e5a1e26f-0d1d-4307-868f-fbd9a374ab54} - C:\Program Files\ooVoo_Video_Chat\tbooVo.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll
O3 - Toolbar: Softonic Italia Toolbar - {4edd5c14-2d22-4d7a-9748-c975a7fd933b} - C:\Program Files\Softonic_Italia\tbSoft.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\19.1.1.3\coIEPlg.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [ConnMonitor] C:\Program Files\Alice Mobile Olicard 100\ConnMonitor.exe start
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [BabylonToolbar] "C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe" /md I
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ooVoo.exe] C:\program files\oovoo\oovoo.exe /minimized
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: Ritaglio schermata e avvio di OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: &AOL Toolbar Cerca - C:\ProgramData\AOL\ieToolbar\resources\it-IT\local\search.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{4B2C4A68-18F1-4C12-B736-B7E12A60EA31}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\aestsrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\19.1.1.3\ccSvcHst.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe
--
End of file - 12974 bytes
di FrancescoFDAC » 19/08/12 13:37
di franco75 » 19/08/12 14:44
di FrancescoFDAC » 19/08/12 15:33
di franco75 » 19/08/12 16:08
di franco75 » 19/08/12 16:10
di franco75 » 19/08/12 16:29
di franco75 » 19/08/12 16:31
17:27:48.0007 1428 [ 2027293619dd0f047c584cf2e7df4ffd ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:27:48.0007 1428 Processor - ok
17:27:48.0070 1428 [ 0508faa222d28835310b7bfca7a77346 ] ProfSvc C:\Windows\system32\profsvc.dll
17:27:48.0070 1428 ProfSvc - ok
17:27:48.0085 1428 [ a3e186b4b935905b829219502557314e ] ProtectedStorage C:\Windows\system32\lsass.exe
17:27:48.0101 1428 ProtectedStorage - ok
17:27:48.0132 1428 [ 99514faa8df93d34b5589187db3aa0ba ] PSched C:\Windows\system32\DRIVERS\pacer.sys
17:27:48.0132 1428 PSched - ok
17:27:48.0210 1428 [ 0a6db55afb7820c99aa1f3a1d270f4f6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:27:48.0226 1428 ql2300 - ok
17:27:48.0226 1428 [ 81a7e5c076e59995d54bc1ed3a16e60b ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:27:48.0241 1428 ql40xx - ok
17:27:48.0304 1428 [ 026d1fa4033b82f18b99e44351d7e82e ] QPCapSvc C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
17:27:48.0319 1428 QPCapSvc - ok
17:27:48.0335 1428 [ 7697bca450eae30a6cdb98898239e8b7 ] QPSched C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
17:27:48.0335 1428 QPSched - ok
17:27:48.0366 1428 [ e9ecae663f47e6cb43962d18ab18890f ] QWAVE C:\Windows\system32\qwave.dll
17:27:48.0382 1428 QWAVE - ok
17:27:48.0397 1428 [ 9f5e0e1926014d17486901c88eca2db7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:27:48.0397 1428 QWAVEdrv - ok
17:27:48.0429 1428 [ 147d7f9c556d259924351feb0de606c3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:27:48.0429 1428 RasAcd - ok
17:27:48.0444 1428 [ f6a452eb4ceadbb51c9e0ee6b3ecef0f ] RasAuto C:\Windows\System32\rasauto.dll
17:27:48.0444 1428 RasAuto - ok
17:27:48.0475 1428 [ a214adbaf4cb47dd2728859ef31f26b0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:27:48.0475 1428 Rasl2tp - ok
17:27:48.0522 1428 [ 75d47445d70ca6f9f894b032fbc64fcf ] RasMan C:\Windows\System32\rasmans.dll
17:27:48.0538 1428 RasMan - ok
17:27:48.0569 1428 [ 509a98dd18af4375e1fc40bc175f1def ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:27:48.0569 1428 RasPppoe - ok
17:27:48.0616 1428 [ 2005f4a1e05fa09389ac85840f0a9e4d ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:27:48.0616 1428 RasSstp - ok
17:27:48.0663 1428 [ b14c9d5b9add2f84f70570bbbfaa7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:27:48.0663 1428 rdbss - ok
17:27:48.0678 1428 [ 89e59be9a564262a3fb6c4f4f1cd9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:27:48.0678 1428 RDPCDD - ok
17:27:48.0709 1428 [ fbc0bacd9c3d7f6956853f64a66e252d ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
17:27:48.0709 1428 rdpdr - ok
17:27:48.0725 1428 [ 9d91fe5286f748862ecffa05f8a0710c ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:27:48.0725 1428 RDPENCDD - ok
17:27:48.0756 1428 [ c127ebd5afab31524662c48dfceb773a ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:27:48.0772 1428 RDPWD - ok
17:27:48.0819 1428 [ 431723f23d0e065bef502389e8ffdc10 ] Recovery Service for Windows C:\Windows\SMINST\BLService.exe
17:27:48.0819 1428 Recovery Service for Windows - ok
17:27:48.0881 1428 [ bcdd6b4804d06b1f7ebf29e53a57ece9 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:27:48.0881 1428 RemoteAccess - ok
17:27:48.0928 1428 [ 9e6894ea18daff37b63e1005f83ae4ab ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:27:48.0928 1428 RemoteRegistry - ok
17:27:48.0975 1428 [ b9bb8e2093c1615ad6ea55ad96214354 ] Revoflt C:\Windows\system32\DRIVERS\revoflt.sys
17:27:48.0975 1428 Revoflt - ok
17:27:49.0037 1428 [ 17e0bef5ca5c9ce52cc8082ac6ebc449 ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe
17:27:49.0037 1428 RichVideo - ok
17:27:49.0053 1428 [ 5123f83cbc4349d065534eeb6bbdc42b ] RpcLocator C:\Windows\system32\locator.exe
17:27:49.0068 1428 RpcLocator - ok
17:27:49.0099 1428 [ 3b5b4d53fec14f7476ca29a20cc31ac9 ] RpcSs C:\Windows\system32\rpcss.dll
17:27:49.0099 1428 RpcSs - ok
17:27:49.0131 1428 [ 9c508f4074a39e8b4b31d27198146fad ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:27:49.0131 1428 rspndr - ok
17:27:49.0193 1428 [ 7157e70a90cce49deb8885d23a073a39 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
17:27:49.0193 1428 RTL8169 - ok
17:27:49.0224 1428 [ a3e186b4b935905b829219502557314e ] SamSs C:\Windows\system32\lsass.exe
17:27:49.0224 1428 SamSs - ok
17:27:49.0255 1428 [ 3ce8f073a557e172b330109436984e30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:27:49.0255 1428 sbp2port - ok
17:27:49.0287 1428 [ 77b7a11a0c3d78d3386398fbbea1b632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:27:49.0287 1428 SCardSvr - ok
17:27:49.0333 1428 [ 1a58069db21d05eb2ab58ee5753ebe8d ] Schedule C:\Windows\system32\schedsvc.dll
17:27:49.0349 1428 Schedule - ok
17:27:49.0365 1428 [ 312ec3e37a0a1f2006534913e37b4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
17:27:49.0380 1428 SCPolicySvc - ok
17:27:49.0427 1428 [ 126ea89bcc413ee45e3004fb0764888f ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
17:27:49.0443 1428 sdbus - ok
17:27:49.0474 1428 [ 716313d9f6b0529d03f726d5aaf6f191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:27:49.0474 1428 SDRSVC - ok
17:27:49.0552 1428 [ cc781378e7eda615d2cdca3b17829fa4 ] SeaPort C:\Program Files\Microsoft\BingBar\SeaPort.EXE
17:27:49.0567 1428 SeaPort - ok
17:27:49.0583 1428 [ 90a3935d05b494a5a39d37e71f09a677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:27:49.0583 1428 secdrv - ok
17:27:49.0599 1428 [ fd5199d4d8a521005e4b5ee7fe00fa9b ] seclogon C:\Windows\system32\seclogon.dll
17:27:49.0614 1428 seclogon - ok
17:27:49.0614 1428 [ a9bbab5759771e523f55563d6cbe140f ] SENS C:\Windows\system32\sens.dll
17:27:49.0630 1428 SENS - ok
17:27:49.0645 1428 [ 68e44e331d46f0fb38f0863a84cd1a31 ] Serenum C:\Windows\system32\drivers\serenum.sys
17:27:49.0645 1428 Serenum - ok
17:27:49.0677 1428 [ c70d69a918b178d3c3b06339b40c2e1b ] Serial C:\Windows\system32\drivers\serial.sys
17:27:49.0677 1428 Serial - ok
17:27:49.0708 1428 [ 8af3d28a879bf75db53a0ee7a4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:27:49.0708 1428 sermouse - ok
17:27:49.0739 1428 [ d2193326f729b163125610dbf3e17d57 ] SessionEnv C:\Windows\system32\sessenv.dll
17:27:49.0755 1428 SessionEnv - ok
17:27:49.0770 1428 [ 3efa810bdca87f6ecc24f9832243fe86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:27:49.0770 1428 sffdisk - ok
17:27:49.0801 1428 [ e95d451f7ea3e583aec75f3b3ee42dc5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:27:49.0801 1428 sffp_mmc - ok
17:27:49.0817 1428 [ 3d0ea348784b7ac9ea9bd9f317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:27:49.0817 1428 sffp_sd - ok
17:27:49.0848 1428 [ 46ed8e91793b2e6f848015445a0ac188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:27:49.0848 1428 sfloppy - ok
17:27:49.0879 1428 [ e1499bd0ff76b1b2fbbf1af339d91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:27:49.0879 1428 SharedAccess - ok
17:27:49.0942 1428 [ c7230fbee14437716701c15be02c27b8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:27:49.0942 1428 ShellHWDetection - ok
17:27:49.0973 1428 [ 1d76624a09a054f682d746b924e2dbc3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
17:27:49.0973 1428 sisagp - ok
17:27:50.0020 1428 [ 43cb7aa756c7db280d01da9b676cfde2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
17:27:50.0020 1428 SiSRaid2 - ok
17:27:50.0035 1428 [ a99c6c8b0baa970d8aa59ddc50b57f94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:27:50.0035 1428 SiSRaid4 - ok
17:27:50.0176 1428 [ 862bb4cbc05d80c5b45be430e5ef872f ] slsvc C:\Windows\system32\SLsvc.exe
17:27:50.0223 1428 slsvc - ok
17:27:50.0285 1428 [ 6edc422215cd78aa8a9cde6b30abbd35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
17:27:50.0285 1428 SLUINotify - ok
17:27:50.0347 1428 [ 7b75299a4d201d6a6533603d6914ab04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:27:50.0347 1428 Smb - ok
17:27:50.0394 1428 [ 2a146a055b4401c16ee62d18b8e2a032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:27:50.0394 1428 SNMPTRAP - ok
17:27:50.0425 1428 [ 7aebdeef071fe28b0eef2cdd69102bff ] spldr C:\Windows\system32\drivers\spldr.sys
17:27:50.0425 1428 spldr - ok
17:27:50.0457 1428 [ 8554097e5136c3bf9f69fe578a1b35f4 ] Spooler C:\Windows\System32\spoolsv.exe
17:27:50.0457 1428 Spooler - ok
17:27:50.0566 1428 [ 2c5fbf6a00a4a3dcf643e46e8acb20c2 ] SRTSP C:\Windows\system32\drivers\NIS\1301010.003\SRTSP.SYS
17:27:50.0581 1428 SRTSP - ok
17:27:50.0597 1428 [ 9034ea58552b55f370e5293a7175c5ac ] SRTSPX C:\Windows\system32\drivers\NIS\1301010.003\SRTSPX.SYS
17:27:50.0597 1428 SRTSPX - ok
17:27:50.0644 1428 [ 41987f9fc0e61adf54f581e15029ad91 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:27:50.0659 1428 srv - ok
17:27:50.0691 1428 [ ff33aff99564b1aa534f58868cbe41ef ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:27:50.0691 1428 srv2 - ok
17:27:50.0706 1428 [ 7605c0e1d01a08f3ecd743f38b834a44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:27:50.0706 1428 srvnet - ok
17:27:50.0769 1428 [ d5dffeaa1e15d4effabb9d9a3068ac5b ] sscdbus C:\Windows\system32\DRIVERS\sscdbus.sys
17:27:50.0769 1428 sscdbus - ok
17:27:50.0800 1428 [ 8a1be0c347814f482f493aea619d57f6 ] sscdmdfl C:\Windows\system32\DRIVERS\sscdmdfl.sys
17:27:50.0800 1428 sscdmdfl - ok
17:27:50.0831 1428 [ 5ab0b1987f682a59b15b78f84c6ad7d0 ] sscdmdm C:\Windows\system32\DRIVERS\sscdmdm.sys
17:27:50.0831 1428 sscdmdm - ok
17:27:50.0878 1428 [ 03d50b37234967433a5ea5ba72bc0b62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:27:50.0878 1428 SSDPSRV - ok
17:27:50.0925 1428 [ 6f1a32e7b7b30f004d9a20afadb14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:27:50.0925 1428 SstpSvc - ok
17:27:51.0018 1428 [ ec9c5f6c0f58446545d839bc11a3692b ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe
17:27:51.0018 1428 STacSV - ok
17:27:51.0096 1428 [ 21cc262ab5f42f7a6b91dc7304c2f267 ] STHDA C:\Windows\system32\DRIVERS\stwrt.sys
17:27:51.0112 1428 STHDA - ok
17:27:51.0159 1428 [ 5de7d67e49b88f5f07f3e53c4b92a352 ] stisvc C:\Windows\System32\wiaservc.dll
17:27:51.0190 1428 stisvc - ok
17:27:51.0221 1428 [ 7ba58ecf0c0a9a69d44b3dca62becf56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:27:51.0221 1428 swenum - ok
17:27:51.0237 1428 [ f21fd248040681cca1fb6c9a03aaa93d ] swprv C:\Windows\System32\swprv.dll
17:27:51.0252 1428 swprv - ok
17:27:51.0283 1428 [ 192aa3ac01df071b541094f251deed10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
17:27:51.0283 1428 Symc8xx - ok
17:27:51.0346 1428 [ 690fa0e61b90084c4d9a721bd4f3d779 ] SymDS C:\Windows\system32\drivers\NIS\1301010.003\SYMDS.SYS
17:27:51.0346 1428 SymDS - ok
17:27:51.0408 1428 [ a0c7005387bb6f055bb50bd8e779368b ] SymEFA C:\Windows\system32\drivers\NIS\1301010.003\SYMEFA.SYS
17:27:51.0424 1428 SymEFA - ok
17:27:51.0455 1428 [ 555fb450fe6908600310e990738b41d6 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT.SYS
17:27:51.0455 1428 SymEvent - ok
17:27:51.0471 1428 [ 39c35ddbb570e9f334f239248e4de34d ] SymIRON C:\Windows\system32\drivers\NIS\1301010.003\Ironx86.SYS
17:27:51.0486 1428 SymIRON - ok
17:27:51.0502 1428 [ 671753e39b8f12cf9b6bcefcb19f89b0 ] SYMTDIv C:\Windows\system32\drivers\NIS\1301010.003\SYMTDIV.SYS
17:27:51.0517 1428 SYMTDIv - ok
17:27:51.0533 1428 [ 8c8eb8c76736ebaf3b13b633b2e64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
17:27:51.0549 1428 Sym_hi - ok
17:27:51.0549 1428 [ 8072af52b5fd103bbba387a1e49f62cb ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
17:27:51.0549 1428 Sym_u3 - ok
17:27:51.0580 1428 [ f5d926807bd9bc0af68f9376144de425 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
17:27:51.0580 1428 SynTP - ok
17:27:51.0627 1428 [ 9a51b04e9886aa4ee90093586b0ba88d ] SysMain C:\Windows\system32\sysmain.dll
17:27:51.0658 1428 SysMain - ok
17:27:51.0673 1428 [ 2dca225eae15f42c0933e998ee0231c3 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:27:51.0689 1428 TabletInputService - ok
17:27:51.0705 1428 [ d7673e4b38ce21ee54c59eeeb65e2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:27:51.0720 1428 TapiSrv - ok
17:27:51.0736 1428 [ cb05822cd9cc6c688168e113c603dbe7 ] TBS C:\Windows\System32\tbssvc.dll
17:27:51.0736 1428 TBS - ok
17:27:51.0798 1428 [ 27d470dabc77bc60d0a3b0e4deb6cb91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:27:51.0814 1428 Tcpip - ok
17:27:51.0861 1428 [ 27d470dabc77bc60d0a3b0e4deb6cb91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
17:27:51.0876 1428 Tcpip6 - ok
17:27:51.0907 1428 [ 608c345a255d82a6289c2d468eb41fd7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:27:51.0907 1428 tcpipreg - ok
17:27:51.0939 1428 [ 5dcf5e267be67a1ae926f2df77fbcc56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:27:51.0939 1428 TDPIPE - ok
17:27:51.0985 1428 [ 389c63e32b3cefed425b61ed92d3f021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:27:51.0985 1428 TDTCP - ok
17:27:52.0017 1428 [ 76b06eb8a01fc8624d699e7045303e54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:27:52.0017 1428 tdx - ok
17:27:52.0032 1428 [ 3cad38910468eab9a6479e2f01db43c7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:27:52.0032 1428 TermDD - ok
17:27:52.0079 1428 [ bb95da09bef6e7a131bff3ba5032090d ] TermService C:\Windows\System32\termsrv.dll
17:27:52.0095 1428 TermService - ok
17:27:52.0126 1428 [ c7230fbee14437716701c15be02c27b8 ] Themes C:\Windows\system32\shsvcs.dll
17:27:52.0126 1428 Themes - ok
17:27:52.0141 1428 [ 1076ffcffaae8385fd62dfcb25ac4708 ] THREADORDER C:\Windows\system32\mmcss.dll
17:27:52.0141 1428 THREADORDER - ok
17:27:52.0173 1428 [ ec74e77d0eb004bd3a809b5f8fb8c2ce ] TrkWks C:\Windows\System32\trkwks.dll
17:27:52.0173 1428 TrkWks - ok
17:27:52.0219 1428 [ 97d9d6a04e3ad9b6c626b9931db78dba ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:27:52.0219 1428 TrustedInstaller - ok
17:27:52.0251 1428 [ dcf0f056a2e4f52287264f5ab29cf206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:27:52.0251 1428 tssecsrv - ok
17:27:52.0297 1428 [ caecc0120ac49e3d2f758b9169872d38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
17:27:52.0297 1428 tunmp - ok
17:27:52.0344 1428 [ 300db877ac094feab0be7688c3454a9c ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:27:52.0344 1428 tunnel - ok
17:27:52.0360 1428 [ 7d33c4db2ce363c8518d2dfcf533941f ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:27:52.0360 1428 uagp35 - ok
17:27:52.0391 1428 [ d9728af68c4c7693cb100b8441cbdec6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:27:52.0391 1428 udfs - ok
17:27:52.0422 1428 [ ecef404f62863755951e09c802c94ad5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:27:52.0422 1428 UI0Detect - ok
17:27:52.0438 1428 [ b0acfdc9e4af279e9116c03e014b2b27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:27:52.0453 1428 uliagpkx - ok
17:27:52.0485 1428 [ 9224bb254f591de4ca8d572a5f0d635c ] uliahci C:\Windows\system32\drivers\uliahci.sys
17:27:52.0485 1428 uliahci - ok
17:27:52.0500 1428 [ 8514d0e5cd0534467c5fc61be94a569f ] UlSata C:\Windows\system32\drivers\ulsata.sys
17:27:52.0500 1428 UlSata - ok
17:27:52.0500 1428 [ 38c3c6e62b157a6bc46594fada45c62b ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
17:27:52.0516 1428 ulsata2 - ok
17:27:52.0531 1428 [ 32cff9f809ae9aed85464492bf3e32d2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:27:52.0531 1428 umbus - ok
17:27:52.0578 1428 [ 68308183f4ae0be7bf8ecd07cb297999 ] upnphost C:\Windows\System32\upnphost.dll
17:27:52.0578 1428 upnphost - ok
17:27:52.0609 1428 [ caf811ae4c147ffcd5b51750c7f09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:27:52.0609 1428 usbccgp - ok
17:27:52.0656 1428 [ e9476e6c486e76bc4898074768fb7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:27:52.0656 1428 usbcir - ok
17:27:52.0703 1428 [ 79e96c23a97ce7b8f14d310da2db0c9b ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:27:52.0703 1428 usbehci - ok
17:27:52.0734 1428 [ 4673bbcb006af60e7abddbe7a130ba42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:27:52.0734 1428 usbhub - ok
17:27:52.0765 1428 [ ce697fee0d479290d89bec80dfe793b7 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
17:27:52.0765 1428 usbohci - ok
17:27:52.0797 1428 [ e75c4b5269091d15a2e7dc0b6d35f2f5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:27:52.0797 1428 usbprint - ok
17:27:52.0843 1428 [ a508c9bd8724980512136b039bba65e9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
17:27:52.0843 1428 usbscan - ok
17:27:52.0875 1428 [ be3da31c191bc222d9ad503c5224f2ad ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:27:52.0875 1428 USBSTOR - ok
17:27:52.0890 1428 [ 814d653efc4d48be3b04a307eceff56f ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
17:27:52.0890 1428 usbuhci - ok
17:27:52.0953 1428 [ e67998e8f14cb0627a769f6530bcb352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
17:27:52.0953 1428 usbvideo - ok
17:27:52.0984 1428 [ 1509e705f3ac1d474c92454a5c2dd81f ] UxSms C:\Windows\System32\uxsms.dll
17:27:52.0984 1428 UxSms - ok
17:27:53.0031 1428 [ cd88d1b7776dc17a119049742ec07eb4 ] vds C:\Windows\System32\vds.exe
17:27:53.0031 1428 vds - ok
17:27:53.0062 1428 [ 87b06e1f30b749a114f74622d013f8d4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:27:53.0062 1428 vga - ok
17:27:53.0093 1428 [ 2e93ac0a1d8c79d019db6c51f036636c ] VgaSave C:\Windows\System32\drivers\vga.sys
17:27:53.0093 1428 VgaSave - ok
17:27:53.0124 1428 [ 5d7159def58a800d5781ba3a879627bc ] viaagp C:\Windows\system32\drivers\viaagp.sys
17:27:53.0124 1428 viaagp - ok
17:27:53.0171 1428 [ c4f3a691b5bad343e6249bd8c2d45dee ] ViaC7 C:\Windows\system32\drivers\viac7.sys
17:27:53.0171 1428 ViaC7 - ok
17:27:53.0187 1428 [ aadf5587a4063f52c2c3fed7887426fc ] viaide C:\Windows\system32\drivers\viaide.sys
17:27:53.0187 1428 viaide - ok
17:27:53.0187 1428 [ 69503668ac66c77c6cd7af86fbdf8c43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:27:53.0202 1428 volmgr - ok
17:27:53.0249 1428 [ 23e41b834759917bfd6b9a0d625d0c28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:27:53.0249 1428 volmgrx - ok
17:27:53.0280 1428 [ 147281c01fcb1df9252de2a10d5e7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:27:53.0296 1428 volsnap - ok
17:27:53.0311 1428 [ 587253e09325e6bf226b299774b728a9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:27:53.0311 1428 vsmraid - ok
17:27:53.0358 1428 [ db3d19f850c6eb32bdcb9bc0836acddb ] VSS C:\Windows\system32\vssvc.exe
17:27:53.0374 1428 VSS - ok
17:27:53.0436 1428 [ 96ea68b9eb310a69c25ebb0282b2b9de ] W32Time C:\Windows\system32\w32time.dll
17:27:53.0467 1428 W32Time - ok
17:27:53.0499 1428 [ 48dfee8f1af7c8235d4e626f0c4fe031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:27:53.0499 1428 WacomPen - ok
17:27:53.0514 1428 [ 55201897378cca7af8b5efd874374a26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
17:27:53.0530 1428 Wanarp - ok
17:27:53.0530 1428 [ 55201897378cca7af8b5efd874374a26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:27:53.0530 1428 Wanarpv6 - ok
17:27:53.0561 1428 [ a3cd60fd826381b49f03832590e069af ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:27:53.0577 1428 wcncsvc - ok
17:27:53.0592 1428 [ 11bcb7afcdd7aadacb5746f544d3a9c7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:27:53.0608 1428 WcsPlugInService - ok
17:27:53.0623 1428 [ 78fe9542363f297b18c027b2d7e7c07f ] Wd C:\Windows\system32\drivers\wd.sys
17:27:53.0623 1428 Wd - ok
17:27:53.0639 1428 [ b6f0a7ad6d4bd325fbcd8bac96cd8d96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:27:53.0670 1428 Wdf01000 - ok
17:27:53.0686 1428 [ abfc76b48bb6c96e3338d8943c5d93b5 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:27:53.0686 1428 WdiServiceHost - ok
17:27:53.0701 1428 [ abfc76b48bb6c96e3338d8943c5d93b5 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:27:53.0701 1428 WdiSystemHost - ok
17:27:53.0748 1428 [ 04c37d8107320312fbae09926103d5e2 ] WebClient C:\Windows\System32\webclnt.dll
17:27:53.0748 1428 WebClient - ok
17:27:53.0811 1428 [ ae3736e7e8892241c23e4ebbb7453b60 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:27:53.0811 1428 Wecsvc - ok
17:27:53.0826 1428 [ 670ff720071ed741206d69bd995ea453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:27:53.0826 1428 wercplsupport - ok
17:27:53.0873 1428 [ 32b88481d3b326da6deb07b1d03481e7 ] WerSvc C:\Windows\System32\WerSvc.dll
17:27:53.0889 1428 WerSvc - ok
17:27:53.0951 1428 [ 5c7bdcf5864db00323fe2d90fa26a8a2 ] winachsf C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
17:27:53.0951 1428 winachsf - ok
17:27:53.0998 1428 [ 4575aa12561c5648483403541d0d7f2b ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
17:27:54.0013 1428 WinDefend - ok
17:27:54.0029 1428 WinHttpAutoProxySvc - ok
17:27:54.0076 1428 [ 6b2a1d0e80110e3d04e6863c6e62fd8a ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:27:54.0076 1428 Winmgmt - ok
17:27:54.0154 1428 [ 7cfe68bdc065e55aa5e8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
17:27:54.0201 1428 WinRM - ok
17:27:54.0263 1428 [ c008405e4feeb069e30da1d823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:27:54.0279 1428 Wlansvc - ok
17:27:54.0419 1428 [ fb01d4ae207b9efdbabfc55dc95c7e31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:27:54.0435 1428 wlidsvc - ok
17:27:54.0466 1428 [ 2e7255d172df0b8283cdfb7b433b864e ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
17:27:54.0466 1428 WmiAcpi - ok
17:27:54.0497 1428 [ 43be3875207dcb62a85c8c49970b66cc ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:27:54.0497 1428 wmiApSrv - ok
17:27:54.0575 1428 [ 3978704576a121a9204f8cc49a301a9b ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
17:27:54.0606 1428 WMPNetworkSvc - ok
17:27:54.0622 1428 [ cfc5a04558f5070cee3e3a7809f3ff52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:27:54.0637 1428 WPCSvc - ok
17:27:54.0669 1428 [ 801fbdb89d472b3c467eb112a0fc9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:27:54.0669 1428 WPDBusEnum - ok
17:27:54.0731 1428 [ de9d36f91a4df3d911626643debf11ea ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
17:27:54.0731 1428 WpdUsb - ok
17:27:54.0871 1428 [ dcf3e3edf5109ee8bc02fe6e1f045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
17:27:54.0887 1428 WPFFontCache_v0400 - ok
17:27:54.0903 1428 [ e3a3cb253c0ec2494d4a61f5e43a389c ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:27:54.0903 1428 ws2ifsl - ok
17:27:54.0949 1428 [ 1ca6c40261ddc0425987980d0cd2aaab ] wscsvc C:\Windows\system32\wscsvc.dll
17:27:54.0949 1428 wscsvc - ok
17:27:54.0949 1428 WSearch - ok
17:27:55.0059 1428 [ fc3ec24fce372c89423e015a2ac1a31e ] wuauserv C:\Windows\system32\wuaueng.dll
17:27:55.0137 1428 wuauserv - ok
17:27:55.0168 1428 [ ac13cb789d93412106b0fb6c7eb2bcb6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:27:55.0168 1428 WUDFRd - ok
17:27:55.0199 1428 [ 575a4190d989f64732119e4114045a4f ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:27:55.0199 1428 wudfsvc - ok
17:27:55.0230 1428 ================ Scan global ===============================
17:27:55.0277 1428 (f31eebc1a1c81fd04005489cc3dcdfe7) C:\Windows\system32\basesrv.dll
17:27:55.0324 1428 (d2293b069e4b63dc17b2f08d45e71124) C:\Windows\system32\winsrv.dll
17:27:55.0371 1428 (d2293b069e4b63dc17b2f08d45e71124) C:\Windows\system32\winsrv.dll
17:27:55.0417 1428 (d4e6d91c1349b7bfb3599a6ada56851b) C:\Windows\system32\services.exe
17:27:55.0417 1428 [Global] - ok
17:27:55.0417 1428 ================ Scan MBR ==================================
17:27:55.0433 1428 MBR (0x1B8) (85d751f0e41b8e520aee8c07a8da777b) \Device\Harddisk0\DR0
17:27:55.0698 1428 \Device\Harddisk0\DR0 - ok
17:27:55.0698 1428 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR6
17:27:55.0792 1428 \Device\Harddisk1\DR6 - ok
17:27:55.0792 1428 ================ Scan VBR ==================================
17:27:55.0792 1428 Boot (0x1200) (2b98de290104a260d0f26a979d49e18f) \Device\Harddisk0\DR0\Partition1
17:27:55.0792 1428 \Device\Harddisk0\DR0\Partition1 - ok
17:27:55.0807 1428 Boot (0x1200) (8383483fb2bdad163a2c3448d8f62bc9) \Device\Harddisk0\DR0\Partition2
17:27:55.0807 1428 \Device\Harddisk0\DR0\Partition2 - ok
17:27:55.0807 1428 Boot (0x1200) (95e6c803234ae6aa6294bb3e617cb69e) \Device\Harddisk1\DR6\Partition1
17:27:55.0823 1428 \Device\Harddisk1\DR6\Partition1 - ok
17:27:55.0823 1428 ============================================================
17:27:55.0823 1428 Scan finished
17:27:55.0823 1428 ============================================================
17:27:55.0839 0392 Detected object count: 0
17:27:55.0839 0392 Actual detected object count: 0
17:28:31.0453 1964 Deinitialize success
di franco75 » 19/08/12 16:31
HitmanPro 3.6.1.164
www.hitmanpro.com
Computer name . . . . : PC-DOMENICO
Windows . . . . . . . : 6.0.2.6002.X86/2
Safe Mode Boot . . . : NETWORK
User name . . . . . . : PC-domenico\domenico
UAC . . . . . . . . . : Disabled
License . . . . . . . : Trial (30 days left)
Scan date . . . . . . : 2012-08-19 17:22:20
Scan mode . . . . . . : Normal
Scan duration . . . . : 3m 41s
Disk access mode . . : Direct disk access (SRB)
Cloud . . . . . . . . : Internet
Reboot . . . . . . . : No
Threats . . . . . . . : 0
Traces . . . . . . . : 0
Objects scanned . . . : 1.613.282
Files scanned . . . . : 27.116
Remnants scanned . . : 335.717 files / 1.250.449 keys
di franco75 » 19/08/12 16:57
di franco75 » 19/08/12 17:52
MBRCheck, version 1.2.3
(c) 2010, AD
Command-line:
Windows Version: Windows Vista Home Premium Edition
Windows Information: Service Pack 2 (build 6002), 32-bit
Base Board Manufacturer: HP
BIOS Manufacturer: Hewlett-Packard
System Manufacturer: Hewlett-Packard
System Product Name: HP Pavilion dv5 Notebook PC
Logical Drives Mask: 0x0000001c
Kernel Drivers (total 164):
0x82234000 \SystemRoot\system32\ntkrnlpa.exe
0x82201000 \SystemRoot\system32\hal.dll
0x8040F000 \SystemRoot\system32\kdcom.dll
0x80416000 \SystemRoot\system32\PSHED.dll
0x80427000 \SystemRoot\system32\BOOTVID.dll
0x8042F000 \SystemRoot\system32\CLFS.SYS
0x80470000 \SystemRoot\system32\CI.dll
0x80550000 \SystemRoot\system32\drivers\Wdf01000.sys
0x805CC000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x80608000 \SystemRoot\system32\drivers\acpi.sys
0x8064E000 \SystemRoot\system32\drivers\WMILIB.SYS
0x80657000 \SystemRoot\system32\drivers\msisadrv.sys
0x8065F000 \SystemRoot\system32\drivers\pci.sys
0x80686000 \SystemRoot\system32\drivers\isapnp.sys
0x80695000 \SystemRoot\system32\drivers\mpio.sys
0x806B1000 \SystemRoot\System32\drivers\partmgr.sys
0x806C1000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x806C4000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x806CE000 \SystemRoot\system32\drivers\volmgr.sys
0x806DD000 \SystemRoot\System32\drivers\volmgrx.sys
0x80727000 \SystemRoot\system32\drivers\intelide.sys
0x8072E000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x8073C000 \SystemRoot\system32\drivers\pciide.sys
0x80743000 \SystemRoot\system32\drivers\aliide.sys
0x8074A000 \SystemRoot\system32\drivers\amdide.sys
0x80751000 \SystemRoot\system32\drivers\cmdide.sys
0x80759000 \SystemRoot\System32\drivers\mountmgr.sys
0x80769000 \SystemRoot\system32\drivers\msdsm.sys
0x80783000 \SystemRoot\system32\drivers\nvraid.sys
0x8079E000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x807BF000 \SystemRoot\system32\drivers\viaide.sys
0x83806000 \SystemRoot\system32\drivers\iastorv.sys
0x838A7000 \SystemRoot\system32\drivers\atapi.sys
0x838AF000 \SystemRoot\system32\drivers\ataport.SYS
0x838CD000 \SystemRoot\system32\drivers\lsi_scsi.sys
0x838E7000 \SystemRoot\system32\drivers\storport.sys
0x83928000 \SystemRoot\system32\drivers\nvstor.sys
0x83935000 \SystemRoot\system32\drivers\msahci.sys
0x8393F000 \SystemRoot\system32\drivers\hpcisss.sys
0x8394A000 \SystemRoot\system32\drivers\adp94xx.sys
0x839B4000 \SystemRoot\system32\drivers\adpahci.sys
0x807C7000 \SystemRoot\system32\drivers\adpu160m.sys
0x805D9000 \SystemRoot\system32\drivers\SCSIPORT.SYS
0x83A06000 \SystemRoot\system32\drivers\adpu320.sys
0x83A2C000 \SystemRoot\system32\drivers\djsvs.sys
0x83A40000 \SystemRoot\system32\drivers\arc.sys
0x83A56000 \SystemRoot\system32\drivers\arcsas.sys
0x83A6C000 \SystemRoot\system32\drivers\elxstor.sys
0x83B00000 \SystemRoot\system32\drivers\i2omp.sys
0x83B0A000 \SystemRoot\system32\drivers\iirsp.sys
0x83B1A000 \SystemRoot\system32\drivers\iteatapi.sys
0x83B26000 \SystemRoot\system32\drivers\iteraid.sys
0x83B32000 \SystemRoot\system32\drivers\lsi_fc.sys
0x83B4C000 \SystemRoot\system32\drivers\lsi_sas.sys
0x83B64000 \SystemRoot\system32\drivers\megasas.sys
0x8AE05000 \SystemRoot\system32\drivers\megasr.sys
0x8AEBC000 \SystemRoot\system32\drivers\mraid35x.sys
0x8AEC7000 \SystemRoot\system32\drivers\nfrd960.sys
0x8B00D000 \SystemRoot\system32\drivers\ql2300.sys
0x8B145000 \SystemRoot\system32\drivers\ql40xx.sys
0x8B19A000 \SystemRoot\system32\drivers\sisraid2.sys
0x8B1A7000 \SystemRoot\system32\drivers\sisraid4.sys
0x8B1BC000 \SystemRoot\system32\drivers\symc8xx.sys
0x8B1C8000 \SystemRoot\system32\drivers\sym_hi.sys
0x8B1D3000 \SystemRoot\system32\drivers\sym_u3.sys
0x8AED5000 \SystemRoot\system32\drivers\uliahci.sys
0x8B1DE000 \SystemRoot\system32\drivers\ulsata.sys
0x8AF11000 \SystemRoot\system32\drivers\ulsata2.sys
0x8AF3D000 \SystemRoot\system32\drivers\vsmraid.sys
0x8AF5E000 \SystemRoot\system32\drivers\fltmgr.sys
0x8AF90000 \SystemRoot\system32\drivers\NIS\1301010.003\SYMDS.SYS
0x8AFE7000 \SystemRoot\system32\drivers\fileinfo.sys
0x8B20B000 \SystemRoot\system32\drivers\NIS\1301010.003\SYMEFA.SYS
0x8B2EC000 \SystemRoot\System32\Drivers\ksecdd.sys
0x8B407000 \SystemRoot\system32\drivers\ndis.sys
0x8B512000 \SystemRoot\system32\drivers\msrpc.sys
0x8B53D000 \SystemRoot\system32\drivers\NETIO.SYS
0x8B601000 \SystemRoot\System32\drivers\tcpip.sys
0x8B6EB000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x8B809000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8B919000 \SystemRoot\system32\drivers\wd.sys
0x8B921000 \SystemRoot\system32\drivers\volsnap.sys
0x8B962000 \SystemRoot\system32\drivers\sbp2port.sys
0x8B977000 \SystemRoot\System32\Drivers\mup.sys
0x8B986000 \SystemRoot\System32\drivers\ecache.sys
0x8B9AD000 \SystemRoot\system32\DRIVERS\hpdskflt.sys
0x8B9B6000 \SystemRoot\system32\drivers\disk.sys
0x8B9C7000 \SystemRoot\system32\DRIVERS\AtiPcie.sys
0x8B9CF000 \SystemRoot\system32\DRIVERS\Amddfltr.sys
0x8B9D7000 \SystemRoot\system32\drivers\crcdisk.sys
0x8B706000 \SystemRoot\system32\DRIVERS\ahcix86s.sys
0x8B786000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x8B9F7000 \SystemRoot\system32\DRIVERS\tunmp.sys
0x8B35E000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x9F809000 \SystemRoot\system32\DRIVERS\athr.sys
0x9F8ED000 \SystemRoot\system32\DRIVERS\Rtlh86.sys
0x9F90E000 \SystemRoot\system32\DRIVERS\ohci1394.sys
0x9F91E000 \SystemRoot\system32\DRIVERS\1394BUS.SYS
0x9F92C000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x9F944000 \SystemRoot\system32\DRIVERS\usbohci.sys
0x9F94E000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x9F98C000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x9F99B000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x9F9AE000 \SystemRoot\system32\DRIVERS\HpqKbFiltr.sys
0x9F9B3000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x9F9BE000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x9F9EE000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x9F9F0000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x8B791000 \SystemRoot\system32\DRIVERS\enecir.sys
0x8B7A9000 \SystemRoot\system32\DRIVERS\Accelerometer.sys
0x9F800000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x8B7B4000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x8B7E3000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x8B578000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x8B7EE000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x8B58F000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x8B5B2000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x8B5C1000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x8B5D5000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x8B5EA000 \SystemRoot\system32\DRIVERS\termdd.sys
0x9F9FB000 \SystemRoot\system32\DRIVERS\swenum.sys
0x83B6E000 \SystemRoot\system32\DRIVERS\ks.sys
0x8B200000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x8B3EB000 \SystemRoot\system32\DRIVERS\umbus.sys
0x83B98000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x83BCD000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x8B800000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x8B95A000 \SystemRoot\System32\Drivers\Null.SYS
0x8B7F9000 \SystemRoot\System32\Drivers\Beep.SYS
0x8B000000 \SystemRoot\System32\drivers\vga.sys
0x83BDE000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x807E2000 \SystemRoot\System32\drivers\watchdog.sys
0x8B3F8000 \SystemRoot\system32\drivers\rdpencdd.sys
0x9FC06000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x9FC1D000 \SystemRoot\System32\Drivers\Msfs.SYS
0x9FC28000 \SystemRoot\System32\Drivers\Npfs.SYS
0x9FC36000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x9FC3F000 \SystemRoot\system32\DRIVERS\tdx.sys
0x9FCB0000 \SystemRoot\system32\DRIVERS\smb.sys
0x9FCC4000 \SystemRoot\system32\drivers\afd.sys
0x9FD0C000 \SystemRoot\System32\DRIVERS\netbt.sys
0x9FD3E000 \SystemRoot\system32\drivers\ws2ifsl.sys
0x9FD47000 \SystemRoot\system32\DRIVERS\pacer.sys
0x9FD5D000 \SystemRoot\system32\DRIVERS\netbios.sys
0x9FD6B000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x9FDA7000 \SystemRoot\system32\drivers\nsiproxy.sys
0x9FDB1000 \SystemRoot\System32\Drivers\dfsc.sys
0x9FDC8000 \SystemRoot\System32\Drivers\crashdmp.sys
0x9FDD5000 \SystemRoot\System32\Drivers\dump_diskdump.sys
0x9FC55000 \SystemRoot\System32\Drivers\dump_ahcix86s.sys
0xA8EA0000 \SystemRoot\System32\win32k.sys
0x9FC95000 \SystemRoot\System32\drivers\Dxapi.sys
0xA90B0000 \SystemRoot\System32\drivers\dxg.sys
0xA90E0000 \SystemRoot\System32\TSDDD.dll
0xA9160000 \SystemRoot\System32\framebuf.dll
0x8B746000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x9FC9F000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x9FDDF000 \SystemRoot\system32\DRIVERS\bowser.sys
0x8B9E0000 \SystemRoot\System32\drivers\mpsdrv.sys
0xAB206000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xAB225000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0xAB25E000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0xAB276000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x77510000 \Windows\System32\ntdll.dll
Processes (total 23):
0 System Idle Process
4 System
356 C:\Windows\System32\smss.exe
480 csrss.exe
516 csrss.exe
524 C:\Windows\System32\wininit.exe
568 C:\Windows\System32\winlogon.exe
600 C:\Windows\System32\services.exe
612 C:\Windows\System32\lsass.exe
620 C:\Windows\System32\lsm.exe
764 C:\Windows\System32\svchost.exe
820 C:\Windows\System32\svchost.exe
904 C:\Windows\System32\svchost.exe
948 C:\Windows\System32\svchost.exe
1000 C:\Windows\System32\svchost.exe
1080 C:\Windows\System32\svchost.exe
1220 C:\Windows\System32\svchost.exe
1328 C:\Windows\System32\svchost.exe
1512 C:\Windows\System32\svchost.exe
1988 C:\Windows\System32\rundll32.exe
1180 C:\Windows\explorer.exe
1620 C:\Program Files\Mozilla Firefox\firefox.exe
988 C:\Users\domenico\Downloads\Download\MBRCheck.exe
\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000037`fe600000 (NTFS)
PhysicalDrive0 Model Number: FUJITSUMHZ2250BH G2, Rev: 1.89
Size Device Name MBR Status
--------------------------------------------
232 GB \\.\PhysicalDrive0 RE: Unknown MBR code
SHA1: 08F21ADD893776C287CC68A3558F8D095B50ED3C
Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Done!di FrancescoFDAC » 20/08/12 09:24
di franco75 » 20/08/12 11:34
di franco75 » 20/08/12 11:57
di franco75 » 20/08/12 12:36
di franco75 » 20/08/12 13:32
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.0.6002 Disk: FUJITSU_ rev.1.89 -> Harddisk0\DR0 -> \Device\000000a8
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK
error: Read Risorse di sistema insufficienti per completare il servizio richiesto.
di franco75 » 20/08/12 18:04
ComboFix 12-08-20.01 - domenico 20/08/2012 17.36.04.1.2 - x86 NETWORK
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.39.1040.18.3069.2593 [GMT 2:00]
Eseguito da: c:\users\domenico\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Creato nuovo punto di ripristino
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-- Esecuzione precedente --
.
c:\windows\system32\Services.exe . . . è infetto!!
.
--------
.
c:\windows\system32\Services.exe . . . è infetto!!
.
.
((((((((((((((((((((((((( Files Creati Da 2012-07-20 al 2012-08-20 )))))))))))))))))))))))))))))))))))
.
.
2012-08-20 16:18 . 2012-08-20 16:18 -------- d-----w- c:\users\domenico\AppData\Local\temp
2012-08-20 16:18 . 2012-08-20 16:18 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-08-20 16:18 . 2012-08-20 16:18 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-20 15:31 . 2012-08-20 15:31 -------- d-----w- C:\706d11b08165782314
2012-08-20 13:31 . 2012-08-20 13:32 -------- d-----w- C:\Nuova cartella
2012-08-20 13:29 . 2012-08-20 13:28 89088 ----a-w- c:\program files\mbr.exe
2012-08-20 13:15 . 2012-08-20 13:16 309320 ----a-w- c:\windows\system32\drivers\TrufosAlt.sys
2012-08-19 15:20 . 2012-08-19 15:22 -------- d-----w- c:\program files\HitmanPro
2012-08-19 15:20 . 2012-08-19 15:22 -------- d-----w- c:\programdata\HitmanPro
2012-07-28 15:20 . 2012-06-05 16:47 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2012-07-28 15:20 . 2012-06-05 16:47 1401856 ----a-w- c:\windows\system32\msxml6.dll
2012-07-28 15:20 . 2012-06-05 16:47 1248768 ----a-w- c:\windows\system32\msxml3.dll
2012-07-28 15:20 . 2012-06-04 15:26 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-07-28 15:20 . 2012-06-02 00:04 278528 ----a-w- c:\windows\system32\schannel.dll
2012-07-28 15:20 . 2012-06-02 00:03 204288 ----a-w- c:\windows\system32\ncrypt.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-20 15:16 . 2012-06-15 11:56 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-20 15:16 . 2011-06-07 12:29 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-05 17:23 . 2012-07-05 17:23 161792 ----a-w- c:\windows\system32\msls31.dll
2012-07-05 17:23 . 2012-07-05 17:23 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-07-05 17:23 . 2012-07-05 17:23 86528 ----a-w- c:\windows\system32\iesysprep.dll
2012-07-05 17:23 . 2012-07-05 17:23 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-07-05 17:23 . 2012-07-05 17:23 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-07-05 17:23 . 2012-07-05 17:23 63488 ----a-w- c:\windows\system32\tdc.ocx
2012-07-05 17:23 . 2012-07-05 17:23 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-07-05 17:23 . 2012-07-05 17:23 367104 ----a-w- c:\windows\system32\html.iec
2012-07-05 17:23 . 2012-07-05 17:23 74752 ----a-w- c:\windows\system32\iesetup.dll
2012-07-05 17:23 . 2012-07-05 17:23 23552 ----a-w- c:\windows\system32\licmgr10.dll
2012-07-05 17:23 . 2012-07-05 17:23 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-07-05 17:23 . 2012-07-05 17:23 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-07-05 17:23 . 2012-07-05 17:23 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-07-05 17:23 . 2012-07-05 17:23 1800192 ----a-w- c:\windows\system32\jscript9.dll
2012-07-05 17:23 . 2012-07-05 17:23 152064 ----a-w- c:\windows\system32\wextract.exe
2012-07-05 17:23 . 2012-07-05 17:23 150528 ----a-w- c:\windows\system32\iexpress.exe
2012-07-05 17:23 . 2012-07-05 17:23 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-07-05 17:23 . 2012-07-05 17:23 11776 ----a-w- c:\windows\system32\mshta.exe
2012-07-05 17:23 . 2012-07-05 17:23 101888 ----a-w- c:\windows\system32\admparse.dll
2012-07-05 17:23 . 2012-07-05 17:23 35840 ----a-w- c:\windows\system32\imgutil.dll
2012-07-05 17:23 . 2012-07-05 17:23 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-06-06 18:59 . 2012-06-06 18:59 1070152 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2012-06-02 22:19 . 2012-06-23 18:54 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-23 18:54 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-23 18:53 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-23 18:53 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:19 . 2012-06-23 18:54 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:12 . 2012-06-23 18:54 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:12 . 2012-06-23 18:53 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-23 18:53 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:12 . 2012-06-23 18:53 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-07-28 18:31 . 2011-05-12 13:26 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
.
[-] 2008-01-21 . 67E506B75BD5326A3EC7B70BD014DFB6 . 6144 . . [6.0.6001.18000] . . c:\windows\erdnt\cache\beep.sys
[-] 2008-01-21 . 67E506B75BD5326A3EC7B70BD014DFB6 . 6144 . . [6.0.6001.18000] . . c:\windows\System32\drivers\beep.sys
[-] 2008-01-21 . 67E506B75BD5326A3EC7B70BD014DFB6 . 6144 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6001.18000_none_c420a153079d485b\beep.sys
.
.
.
.
[-] 2008-01-21 . C8052711DAECC48B982434C5116CA401 . 274432 . . [6.0.6001.18000] . . c:\windows\erdnt\cache\netman.dll
[-] 2008-01-21 . C8052711DAECC48B982434C5116CA401 . 274432 . . [6.0.6000.16386] . . c:\windows\System32\netman.dll
[-] 2008-01-21 . C8052711DAECC48B982434C5116CA401 . 274432 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-netman_31bf3856ad364e35_6.0.6001.18000_none_0fbd1b9651cfd333\netman.dll
.
.
[-] 2009-04-11 . 93952506C6D67330367F7E7934B6A02F . 758784 . . [7.0.6002.18005] . . c:\windows\erdnt\cache\qmgr.dll
[-] 2009-04-11 . 93952506C6D67330367F7E7934B6A02F . 758784 . . [7.0.6001.18000] . . c:\windows\System32\qmgr.dll
[-] 2009-04-11 . 93952506C6D67330367F7E7934B6A02F . 758784 . . [7.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6002.18005_none_257c3df8f693d6d8\qmgr.dll
[-] 2008-01-21 . 02ED7B4DBC2A3232A389106DA7515C3D . 758272 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6001.18000_none_2390c4ecf9720b8c\qmgr.dll
.
.
.
[-] 2010-08-17 . AAE98B295E88D439A6E0F6E8929424FB . 128000 . . [6.0.6002.22468] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.22468_none_d882e000d7f61b4c\spoolsv.exe
[-] 2010-08-17 . 8554097E5136C3BF9F69FE578A1B35F4 . 128000 . . [6.0.6002.18294] . . c:\windows\erdnt\cache\spoolsv.exe
[-] 2010-08-17 . 8554097E5136C3BF9F69FE578A1B35F4 . 128000 . . [6.0.6000.16386] . . c:\windows\System32\spoolsv.exe
[-] 2010-08-17 . 8554097E5136C3BF9F69FE578A1B35F4 . 128000 . . [6.0.6002.18294] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18294_none_d7d4d063bef46cd2\spoolsv.exe
[-] 2010-08-17 . 3665F79026A3F91FBCA63F2C65A09B19 . 126464 . . [6.0.6001.18511] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18511_none_d641dcfdc18fec21\spoolsv.exe
[-] 2010-08-17 . E807FC542C295BA256CE3567829E02A6 . 128000 . . [6.0.6001.22743] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.22743_none_d6ad0c7edac40f93\spoolsv.exe
[-] 2009-04-11 . 524BFBEA40E6E404737CCBC754647A2E . 127488 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18005_none_d8371c2dbeaa9062\spoolsv.exe
[-] 2008-01-21 . 846CDF9A3CF4DA9B306ADFB7D55EE4C2 . 125952 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18000_none_d64ba321c188c516\spoolsv.exe
.
.
[-] 2009-04-11 . 76B06EB8A01FC8624D699E7045303E54 . 72192 . . [6.0.6002.18005] . . c:\windows\erdnt\cache\tdx.sys
[-] 2009-04-11 . 76B06EB8A01FC8624D699E7045303E54 . 72192 . . [6.0.6002.18005] . . c:\windows\System32\drivers\tdx.sys
[-] 2009-04-11 . 76B06EB8A01FC8624D699E7045303E54 . 72192 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6002.18005_none_ec294157d9377403\tdx.sys
[-] 2008-01-21 . D09276B1FAB033CE1D40DCBDF303D10F . 71680 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6001.18000_none_ea3dc84bdc15a8b7\tdx.sys
.
.
.
.
.
[-] 2011-04-12 . 574B473FACAA0E91702B86578440B525 . 892416 . . [6.0.6002.18449] . . c:\windows\erdnt\cache\kernel32.dll
[-] 2011-04-12 . 574B473FACAA0E91702B86578440B525 . 892416 . . [6.0.6001.18000] . . c:\windows\System32\kernel32.dll
[-] 2011-04-12 . 574B473FACAA0E91702B86578440B525 . 892416 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18449_none_9582275d538a1db6\kernel32.dll
[-] 2011-04-12 . 7062DEB220FA1CCB1B65FC40D6E7D807 . 893440 . . [6.0.6002.22625] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.22625_none_961d64be6c9b1d69\kernel32.dll
[-] 2011-04-12 . 306835D4E74E49A5D10F0FCA0B422EB1 . 890368 . . [6.0.6001.18631] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18631_none_939e812b5662e4c2\kernel32.dll
[-] 2011-04-12 . 497A2DA8181560B3E2F8FFE0092FD1E6 . 892928 . . [6.0.6001.22898] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22898_none_93ee425a6faadaba\kernel32.dll
[-] 2009-04-11 . BB8509089E7DF514310814E1B2593FFC . 891392 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18005_none_95a95e4d536d53fa\kernel32.dll
[-] 2009-02-13 . DB6E3731E6F5C8AE2843F80B5787F7C6 . 888832 . . [6.0.6001.18215] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18215_none_93b81a93564f1da0\kernel32.dll
[-] 2009-02-13 . 1987D817D08F5EAF0B7F334026FDDB79 . 890880 . . [6.0.6001.22376] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22376_none_9401d8206f9c7e67\kernel32.dll
[-] 2009-02-13 . B82C7AC1D559F0FD088792171D64C7F3 . 875520 . . [6.0.6000.16820] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.16820_none_91c20a8f593529ed\kernel32.dll
[-] 2009-02-13 . BB792054BD990EC05D9E260D50FEAD39 . 875520 . . [6.0.6000.21010] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.21010_none_92564f68724ae108\kernel32.dll
[-] 2008-01-21 . DC2338093F91BA4E0512208E60206DDD . 888320 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18000_none_93bde541564b88ae\kernel32.dll
.
[-] 2006-11-02 . 24F90AEFEBE601D427CB4511E74CDCB6 . 22016 . . [6.0.6000.16386] . . c:\windows\erdnt\cache\linkinfo.dll
[-] 2006-11-02 . 24F90AEFEBE601D427CB4511E74CDCB6 . 22016 . . [6.0.6000.16386] . . c:\windows\System32\linkinfo.dll
[-] 2006-11-02 . 24F90AEFEBE601D427CB4511E74CDCB6 . 22016 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-linkinfo_31bf3856ad364e35_6.0.6000.16386_none_362e7020a86900de\linkinfo.dll
.
.
.
[-] 2011-12-14 . 17AF64D727545F2804F6E6D998327E3F . 680448 . . [7.0.6002.18551] . . c:\windows\erdnt\cache\msvcrt.dll
[-] 2011-12-14 . 17AF64D727545F2804F6E6D998327E3F . 680448 . . [7.0.6002.18551] . . c:\windows\System32\msvcrt.dll
[-] 2011-12-14 . 17AF64D727545F2804F6E6D998327E3F . 680448 . . [7.0.6002.18551] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18551_none_d306a7e69c340115\msvcrt.dll
[-] 2011-12-14 . A807F65718C263442F0C3613F9BFD267 . 680448 . . [7.0.6002.22755] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.22755_none_d39447bfb54e0362\msvcrt.dll
[-] 2009-04-11 . F5E991236960137B1F5449C5E5DF4656 . 679936 . . [7.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18005_none_d340af2c9c07e8f9\msvcrt.dll
[-] 2008-01-21 . 04CBEAA089B6A752B3EB660BEE8C4964 . 680448 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6001.18000_none_d15536209ee61dad\msvcrt.dll
[-] 2004-08-05 . 351B1AD22FD0EC70D889766E0B4F72ED . 343040 . . [7.0.2600.2180] . . c:\windows\SMINST\msvcrt.dll
.
.
[-] 2009-04-11 . 95DAECF0FB120A7B5DA679CC54E37DDE . 592896 . . [6.0.6002.18005] . . c:\windows\erdnt\cache\netlogon.dll
[-] 2009-04-11 . 95DAECF0FB120A7B5DA679CC54E37DDE . 592896 . . [6.0.6001.18000] . . c:\windows\System32\netlogon.dll
[-] 2009-04-11 . 95DAECF0FB120A7B5DA679CC54E37DDE . 592896 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[-] 2008-01-21 . A8EFC0B6E75B789F7FD3BA5025D4E37F . 592384 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
.
[-] 2009-04-11 . 9A7F4B2EDACD11444D048AA19CBB26AF . 98816 . . [6.0.6002.18005] . . c:\windows\erdnt\cache\powrprof.dll
[-] 2009-04-11 . 9A7F4B2EDACD11444D048AA19CBB26AF . 98816 . . [6.0.6001.18000] . . c:\windows\System32\powrprof.dll
[-] 2009-04-11 . 9A7F4B2EDACD11444D048AA19CBB26AF . 98816 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6002.18005_none_a505176cf9fa2abd\powrprof.dll
[-] 2008-01-21 . 51832219A52C3535BF4771C375E63F9B . 97280 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6001.18000_none_a3199e60fcd85f71\powrprof.dll
.
.
[-] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] . . c:\windows\erdnt\cache\sfc.dll
[-] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\sfc.dll
[-] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-sfc_31bf3856ad364e35_6.0.6001.18000_none_a735c34c5c31a578\sfc.dll
.
.
.
.
[-] 2008-01-21 . 0E135526E9785D085BCD9AEDE6FBCBF9 . 25088 . . [6.0.6001.18000] . . c:\windows\erdnt\cache\userinit.exe
[-] 2008-01-21 . 0E135526E9785D085BCD9AEDE6FBCBF9 . 25088 . . [6.0.6000.16386] . . c:\windows\System32\userinit.exe
[-] 2008-01-21 . 0E135526E9785D085BCD9AEDE6FBCBF9 . 25088 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
.
.
[-] 2008-01-21 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6001.18000] . . c:\windows\erdnt\cache\ws2_32.dll
[-] 2008-01-21 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6000.16386] . . c:\windows\System32\ws2_32.dll
[-] 2008-01-21 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll
.
[-] 2006-11-02 . 17C0671BF57057108A6D949510EE42C8 . 4608 . . [6.0.6000.16386] . . c:\windows\erdnt\cache\ws2help.dll
[-] 2006-11-02 . 17C0671BF57057108A6D949510EE42C8 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\ws2help.dll
[-] 2006-11-02 . 17C0671BF57057108A6D949510EE42C8 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6000.16386_none_024e4071fa6fea95\ws2help.dll
.
[-] 2009-04-11 . D07D4C3038F3578FFCE1C0237F2A1253 . 2926592 . . [6.0.6000.16386] . . c:\windows\explorer.exe
[-] 2009-04-11 . D07D4C3038F3578FFCE1C0237F2A1253 . 2926592 . . [6.0.6002.18005] . . c:\windows\erdnt\cache\explorer.exe
[-] 2009-04-11 . D07D4C3038F3578FFCE1C0237F2A1253 . 2926592 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[-] 2008-10-30 . 50BA5850147410CDE89C523AD3BC606E . 2927616 . . [6.0.6001.22298] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[-] 2008-10-29 . 4F554999D7D5F05DAAEBBA7B5BA1089D . 2927104 . . [6.0.6001.18164] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[-] 2008-10-29 . 37440D09DEAE0B672A04DCCF7ABF06BE . 2923520 . . [6.0.6000.16771] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[-] 2008-10-28 . E7156B0B74762D9DE0E66BDCDE06E5FB . 2923520 . . [6.0.6000.20947] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[-] 2008-01-21 . FFA764631CB70A30065C12EF8E174F9F . 2927104 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
.
.
.
[-] 2010-04-16 . E609A492AD596187CEA24E8418FF082F . 502784 . . [1.0626.6002.22384] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.22384_none_af1813076efd8bc3\usp10.dll
[-] 2010-04-16 . 80FFF14F1757B9AF8BE9D314FC1AE88B . 502272 . . [1.0626.6002.18244] . . c:\windows\erdnt\cache\usp10.dll
[-] 2010-04-16 . 80FFF14F1757B9AF8BE9D314FC1AE88B . 502272 . . [1.0626.6002.18244] . . c:\windows\System32\usp10.dll
[-] 2010-04-16 . 80FFF14F1757B9AF8BE9D314FC1AE88B . 502272 . . [1.0626.6002.18244] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18244_none_aeb9b5ec55bf7c35\usp10.dll
[-] 2010-04-16 . 8CB1162DD3586683D71BCB303C1FF54F . 502272 . . [1.0626.6001.22672] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.22672_none_ad3a707771d0e800\usp10.dll
[-] 2010-04-16 . A23E4692716C25E5AEA300ED74E73A1C . 501760 . . [1.0626.6001.18461] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.18461_none_acbaa16858ac15c7\usp10.dll
[-] 2009-04-11 . 5A8E28037289FCCBF7AD3FC57DF7048F . 502272 . . [1.0626.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18005_none_aee5f21a559e2b7a\usp10.dll
[-] 2008-01-21 . 3122DAF86B33ED8AC4662D07593025D7 . 501760 . . [1.0626.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.18000_none_acfa790e587c602e\usp10.dll
.
[-] 2006-11-02 . 919CC2A0476D5A6A4C935D4B88E29912 . 4608 . . [6.0.6000.16386] . . c:\windows\erdnt\cache\ksuser.dll
[-] 2006-11-02 . 919CC2A0476D5A6A4C935D4B88E29912 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\ksuser.dll
[-] 2006-11-02 . 919CC2A0476D5A6A4C935D4B88E29912 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.0.6001.18000_none_e8019c5c974c4491\ksuser.dll
.
[-] 2006-11-02 . 22BFD03DF51065A9ED8D17F8FB72296B . 8704 . . [6.0.6000.16386] . . c:\windows\erdnt\cache\ctfmon.exe
[-] 2006-11-02 . 22BFD03DF51065A9ED8D17F8FB72296B . 8704 . . [6.0.6000.16386] . . c:\windows\System32\ctfmon.exe
[-] 2006-11-02 . 22BFD03DF51065A9ED8D17F8FB72296B . 8704 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.0.6000.16386_none_9af9cad793a67953\ctfmon.exe
.
[-] 2009-07-10 . 1E3FDB80E40A3CE645F229DFBDFB7694 . 247808 . . [6.0.6001.18287] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18287_none_cce0e39c1d282219\shsvcs.dll
[-] 2009-07-10 . 94285A002D2826D2FD1C0806455136E9 . 245760 . . [6.0.6000.16883] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.16883_none_caf6a3ce20052bcc\shsvcs.dll
[-] 2009-07-10 . 6898575E052CE7CB1CB87622EF187CDA . 245760 . . [6.0.6000.21081] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.21081_none_cb7e18273924cc2a\shsvcs.dll
[-] 2009-07-10 . 6669714ACE90E9BB4E8C1D550C67B160 . 247808 . . [6.0.6001.22467] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.22467_none_cd80222536358728\shsvcs.dll
[-] 2009-07-10 . F0942394F642F5CE3D9A86474FA293FA . 247808 . . [6.0.6002.22169] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.22169_none_cf6894a1335a0efa\shsvcs.dll
[-] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6002.18063] . . c:\windows\erdnt\cache\shsvcs.dll
[-] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6000.16386] . . c:\windows\System32\shsvcs.dll
[-] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6002.18063] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18063_none_ced8f61a1a41d726\shsvcs.dll
[-] 2009-04-11 . C818C44C201898399BF999BB6B35D4E3 . 247296 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18005_none_cf1bd6361a0f622e\shsvcs.dll
[-] 2008-01-21 . 27F10F348E508243F6254846F8370D0D . 247296 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18000_none_cd305d2a1ced96e2\shsvcs.dll
.
[-] 2006-11-02 . 7F15B4953378C8B5161D65C26D5FED4D . 11776 . . [6.0.6000.16386] . . c:\windows\erdnt\cache\cngaudit.dll
[-] 2006-11-02 . 7F15B4953378C8B5161D65C26D5FED4D . 11776 . . [6.0.6000.16386] . . c:\windows\System32\cngaudit.dll
[-] 2006-11-02 . 7F15B4953378C8B5161D65C26D5FED4D . 11776 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
.
[-] 2008-01-21 . 101BA3EA053480BB5D957EF37C06B5ED . 96768 . . [6.0.6001.18000] . . c:\windows\erdnt\cache\wininit.exe
[-] 2008-01-21 . 101BA3EA053480BB5D957EF37C06B5ED . 96768 . . [6.0.6000.16386] . . c:\windows\System32\wininit.exe
[-] 2008-01-21 . 101BA3EA053480BB5D957EF37C06B5ED . 96768 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
.
[-] 2009-04-11 . 9E6894EA18DAFF37B63E1005F83AE4AB . 107008 . . [6.0.6002.18005] . . c:\windows\erdnt\cache\regsvc.dll
[-] 2009-04-11 . 9E6894EA18DAFF37B63E1005F83AE4AB . 107008 . . [6.0.6000.16386] . . c:\windows\System32\regsvc.dll
[-] 2009-04-11 . 9E6894EA18DAFF37B63E1005F83AE4AB . 107008 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.0.6002.18005_none_8b517ec580991c4d\regsvc.dll
[-] 2008-01-21 . CC4E32400F3C7253400CF8F3F3A0B676 . 106496 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.0.6001.18000_none_896605b983775101\regsvc.dll
.
[-] 2010-11-06 . 7B587B8A6D4A99F79D2902D0385F29BD . 603648 . . [6.0.6001.18551] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.18551_none_2ecc18bd972a0f87\schedsvc.dll
[-] 2010-11-05 . 4B71C228530440F853F9C30E308F00E9 . 604672 . . [6.0.6001.22791] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.22791_none_2f2a77beb0681c3c\schedsvc.dll
[-] 2010-11-05 . 38AE0400578FD396628F21A571473A3B . 602112 . . [6.0.6002.22519] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.22519_none_316f6d3cad4659b7\schedsvc.dll
[-] 2010-11-04 . 1A58069DB21D05EB2AB58EE5753EBE8D . 601600 . . [6.0.6002.18342] . . c:\windows\erdnt\cache\schedsvc.dll
[-] 2010-11-04 . 1A58069DB21D05EB2AB58EE5753EBE8D . 601600 . . [6.0.6001.18000] . . c:\windows\System32\schedsvc.dll
[-] 2010-11-04 . 1A58069DB21D05EB2AB58EE5753EBE8D . 601600 . . [6.0.6002.18342] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.18342_none_30be5cc194475f38\schedsvc.dll
[-] 2009-04-11 . 323AE0BDFD2EB15B668DDA50CC597329 . 595456 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.18005_none_30ec979d94244404\schedsvc.dll
[-] 2008-01-21 . 1D5E99DB3C10F4FA034010DC49043CA4 . 596992 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.18000_none_2f011e91970278b8\schedsvc.dll
[-] 2008-01-21 . 886CEC884B5BE29AB9828B8AB46B11F7 . 595456 . . [6.0.6000.16609] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6000.16609_none_2d23e28599d3cbd6\schedsvc.dll
[-] 2008-01-21 . BF17DA9F25A4F84C2577AC13EE126CB7 . 595968 . . [6.0.6000.20734] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6000.20734_none_2d880e1ab30e40c0\schedsvc.dll
.
[-] 2008-01-21 . 03D50B37234967433A5EA5BA72BC0B62 . 155648 . . [6.0.6001.18000] . . c:\windows\erdnt\cache\ssdpsrv.dll
[-] 2008-01-21 . 03D50B37234967433A5EA5BA72BC0B62 . 155648 . . [6.0.6000.16386] . . c:\windows\System32\ssdpsrv.dll
[-] 2008-01-21 . 03D50B37234967433A5EA5BA72BC0B62 . 155648 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-upnpssdp_31bf3856ad364e35_6.0.6001.18000_none_7fc972ebd13849b5\ssdpsrv.dll
.
[-] 2009-04-11 . BB95DA09BEF6E7A131BFF3BA5032090D . 449024 . . [6.0.6002.18005] . . c:\windows\erdnt\cache\termsrv.dll
[-] 2009-04-11 . BB95DA09BEF6E7A131BFF3BA5032090D . 449024 . . [6.0.6001.18000] . . c:\windows\System32\termsrv.dll
[-] 2009-04-11 . BB95DA09BEF6E7A131BFF3BA5032090D . 449024 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6002.18005_none_908abad45165e2ae\termsrv.dll
[-] 2008-01-21 . D605031E225AACCBCEB5B76A4F1603A6 . 448512 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6001.18000_none_8e9f41c854441762\termsrv.dll
.
[-] 2008-01-21 . A952D0DED445F26AEFCF593A935AB300 . 289792 . . [6.0.6001.18000] . . c:\windows\erdnt\cache\hnetcfg.dll
[-] 2008-01-21 . A952D0DED445F26AEFCF593A935AB300 . 289792 . . [6.0.6000.16386] . . c:\windows\System32\hnetcfg.dll
[-] 2008-01-21 . A952D0DED445F26AEFCF593A935AB300 . 289792 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-i..ectionsharingconfig_31bf3856ad364e35_6.0.6001.18000_none_b03645b494998691\hnetcfg.dll
.
[-] 2008-01-21 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] . . c:\windows\erdnt\cache\ias.dll
[-] 2008-01-21 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] . . c:\windows\System32\ias.dll
[-] 2008-01-21 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.0.6001.18000_none_f900daa442864318\ias.dll
[-] 2008-01-21 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.0.6002.18005_none_faec53b03fa80e64\ias.dll
.
.
[-] 2008-01-21 . 68308183F4AE0BE7BF8ECD07CB297999 . 259072 . . [6.0.6001.18000] . . c:\windows\erdnt\cache\upnphost.dll
[-] 2008-01-21 . 68308183F4AE0BE7BF8ECD07CB297999 . 259072 . . [6.0.6000.16386] . . c:\windows\System32\upnphost.dll
[-] 2008-01-21 . 68308183F4AE0BE7BF8ECD07CB297999 . 259072 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-upnpdevicehost_31bf3856ad364e35_6.0.6001.18000_none_c1e834753483fdcf\upnphost.dll
.
[-] 2009-04-11 . 84B8827562B005C118CADBA0F25DB2C6 . 444416 . . [6.0.6002.18005] . . c:\windows\erdnt\cache\dsound.dll
[-] 2009-04-11 . 84B8827562B005C118CADBA0F25DB2C6 . 444416 . . [6.0.6000.16386] . . c:\windows\System32\dsound.dll
[-] 2009-04-11 . 84B8827562B005C118CADBA0F25DB2C6 . 444416 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.0.6002.18005_none_5a8737643f04aa4c\dsound.dll
[-] 2008-01-21 . 8A7B8DA5CA558D2DE47086BB23556543 . 444416 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.0.6001.18000_none_589bbe5841e2df00\dsound.dll
.
[-] 2009-04-11 . 8AAEEE8E59A70F37579993D118A34EE0 . 1788416 . . [6.0.6002.18005] . . c:\windows\erdnt\cache\d3d9.dll
[-] 2009-04-11 . 8AAEEE8E59A70F37579993D118A34EE0 . 1788416 . . [6.0.6002.18005] . . c:\windows\System32\d3d9.dll
[-] 2009-04-11 . 8AAEEE8E59A70F37579993D118A34EE0 . 1788416 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.0.6002.18005_none_c438e5b15de80145\d3d9.dll
[-] 2008-01-21 . FAB8F08EC64A54917C07BDB6DC811C95 . 1788928 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.0.6001.18000_none_c24d6ca560c635f9\d3d9.dll
.
[-] 2008-01-21 . FA2A3AFADC4FB47DBC234A4E57F92CDB . 522752 . . [6.0.6001.18000] . . c:\windows\erdnt\cache\ddraw.dll
[-] 2008-01-21 . FA2A3AFADC4FB47DBC234A4E57F92CDB . 522752 . . [6.0.6000.16386] . . c:\windows\System32\ddraw.dll
[-] 2008-01-21 . FA2A3AFADC4FB47DBC234A4E57F92CDB . 522752 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-directx-directdraw_31bf3856ad364e35_6.0.6001.18000_none_0505a2ecc0013ebd\ddraw.dll
.
.
[-] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] . . c:\windows\erdnt\cache\perfctrs.dll
[-] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] . . c:\windows\System32\perfctrs.dll
[-] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.0.6001.18000_none_31733dc35d19d298\perfctrs.dll
[-] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.0.6002.18005_none_335eb6cf5a3b9de4\perfctrs.dll
.
.
.
.
.
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\aestsrv.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
.
.
--- Altri Servizi/Drivers In Memoria ---
.
*NewlyCreated* - ECACHE
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-02-26 12:06 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contenuto della cartella 'Scheduled Tasks'
.
2012-08-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-15 15:16]
.
2012-08-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-20 19:47]
.
2012-08-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-20 19:47]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.virgilio.it/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=it_it&c=83&bd=Pavilion&pf=cnnb
IE: &AOL Toolbar Cerca - c:\programdata\AOL\ieToolbar\resources\it-IT\local\search.html
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
TCP: DhcpNameServer = 8.8.8.8 8.8.4.4
TCP: Interfaces\{4B2C4A68-18F1-4C12-B736-B7E12A60EA31}: NameServer = 8.8.8.8,8.8.4.4
FF - ProfilePath - c:\users\domenico\AppData\Roaming\Mozilla\Firefox\Profiles\ignyx96j.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1701838&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.virgilio.it/
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=58dfa40e00000000000000234e378ae9&tlver=1.4.19.19&instlRef=sst&ss=1&affID=17982&q=
FF - prefs.js: network.proxy.type - 0
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
WebBrowser-{E5A1E26F-0D1D-4307-868F-FBD9A374AB54} - (no file)
WebBrowser-{4EDD5C14-2D22-4D7A-9748-C975A7FD933B} - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-08-20 18:18
Windows 6.0.6002 Service Pack 2 NTFS
.
scansione processi nascosti ...
.
scansione entrate autostart nascoste ...
.
Scansione files nascosti ...
.
Scansione completata con successo
Files nascosti: 0
.
**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Ora fine scansione: 2012-08-20 18:58:02
ComboFix-quarantined-files.txt 2012-08-20 16:58
.
Pre-Run: 167.115.939.840 byte disponibili
Post-Run: 167.747.670.016 byte disponibili
.
- - End Of File - - F89F0D070ADDDA233D40E19601A6B88C
di FrancescoFDAC » 20/08/12 18:46
| Duck duck go è un motore di ricerca ma anche un browser? Autore: franco11 |
Forum: Software Windows Risposte: 2 |
| Importare anche gli url con selenium Autore: aggittoriu |
Forum: Applicazioni Office Windows Risposte: 3 |
| Mouse sempre alimentato, anche con notebook spento Autore: franco11 |
Forum: Assistenza Hardware Risposte: 6 |
Visitano il forum: Nessuno e 54 ospiti