pc lento, forse è infetto?

alexfreemont

Utente Attivo
12
0
OS
window vista
ho il pc che non va bene, è lento ed inoltre ho pagine web che si aprono da sole. ho seguito le vostre indicazioni ed ho fatto una scansione con hijackthis. potete dirmi se c'è qualcosa che non va??? ho window vista. grazie!
Codice:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20.03.42, on 18/03/2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\explorer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServer.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\system32\Macromed\Flash\FlashUtil11e_ActiveX.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [url=http://go.microsoft.com/fwlink/?LinkId=54896]Bing[/url]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url=http://www.google.it/]Google[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url=http://go.microsoft.com/fwlink/?LinkId=69157]MSN Hotmail.fr, Messenger, Actualité, Sport, People, Femmes - MSN France[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [url=http://go.microsoft.com/fwlink/?LinkId=54896]Bing[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [url=http://go.microsoft.com/fwlink/?LinkId=54896]Bing[/url]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url=http://search.findeer.com]Search[/url]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O1 - Hosts: ::1 localhost
O2 - BHO: G Data WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G Data\InternetSecurity\Webfilter\AVKWebIE.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: G Data WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G Data\InternetSecurity\Webfilter\AVKWebIE.dll
O3 - Toolbar: aTube Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [GDFirewallTray] C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
O4 - HKLM\..\Run: [G DATA AntiVirus Trayapplication] C:\Program Files\G Data\InternetSecurity\AVKTray\AVKTray.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [PosService] C:\Users\Public\Documents\AppData\PoApp\PLauncher.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Benedetta\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIZIO DI RETE')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Benedetta\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: Inizia a fare affari su eBay.it! - {76577871-04EC-495E-A12B-91F7C3600AFA} - [url=http://rover.ebay.com/rover/1/724-44559-9400-3/4]eBay.it[/url] (file missing)
O9 - Extra button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - [url=http://www.amazon.co.uk/exec/obidos/redirect-home?tag=Toshibaukbholink-21&site=home]Amazon.co.uk: Low Prices in Electronics, Books, Sports Equipment & more[/url] (file missing)
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - [url=http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?IT]eBay.it[/url] (file missing)
O9 - Extra button: Selezione intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - [URL]http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab[/URL]
O17 - HKLM\System\CCS\Services\Tcpip\..\{33EB069A-DB40-48D9-A8B4-84B24F343C11}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{629A1E97-EDD9-47BD-B2B3-061BE82AA455}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{65742EF2-46CE-4798-AA20-9BA6B9FAA4C4}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{762E3DBD-3F5E-4E5B-87C9-20C30F1FCA0D}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{A8109E5F-E601-42A4-82A8-E21997036F90}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{B9E7A83B-9EE9-4759-8B5C-BC764F77231A}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{D5732258-56F7-4EAB-9CA1-F9C59F7A8B3F}: NameServer = 176.31.229.24,176.31.229.25
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G Data Software AG - C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe
O23 - Service: G Data Scheduler (AVKService) - G Data Software AG - C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe
O23 - Service: G Data Guardiano del file system (AVKWCtl) - G Data Software AG - C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe
O23 - Service:  Servizio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: G Data Personal Firewall (GDFwSvc) - G Data Software AG - C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe
O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Program Files\Common Files\G DATA\GDScan\GDScan.exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pos Service (PowerOffer Service) - PowerOfferService - C:\Users\Benedetta\AppData\Local\PosService\Pos.exe
O23 - Service: Serv Updater (ServUpdater) - ServiceUpd - C:\Users\Benedetta\AppData\Local\ServUpdater\ServiceUpd.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 11511 bytes
 

tecnico24

Utente Èlite
10,705
1,071
Non necessità di installazione.
Scarica il tool sul desktop e come da guida esegui le istruzioni.
Ti da qualche errore per caso?
 

alexfreemont

Utente Attivo
12
0
OS
window vista
non riesco a fare questa procedura... ho vista, ma seguendo le istruzioni non trovo la casella da spuntare!
Innanzitutto , prima di operare , è necessario disattivare il ripristino configurazione di sistema:
Per Windows vista / 7:
● Pannello di controllo
Sistema e sicurezza
Sistema
Protezione sistema a sinistra
Cliccate su configura e spuntate su Disattiva protezione , Applica e ok.
Per Windows XP:
Tasto destro su Risorse del computer
scheda ripristino configurazione di sistema
Spuntate il flag su disattiva , Applica e ok.
 

alexfreemont

Utente Attivo
12
0
OS
window vista
log di combofix:
Codice:
ComboFix 12-03-18.04 - Benedetta 19/03/2012  20.08.50.1.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.39.1040.18.3070.1668 [GMT 1:00]
Eseguito da: c:\users\Benedetta\Desktop\ComboFix.exe
AV: G Data InternetSecurity 2010 *Disabled/Updated* {54ACC2FC-837E-E665-7A92-5352D560D5EF}
FW: G Data Personal Firewall *Disabled* {6C9743D9-C911-E73D-51CD-FA672BB39294}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((   Altre eliminazioni   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\xp
c:\programdata\xp\EBLib.dll
c:\programdata\xp\TPwSav.sys
c:\windows\system32\w32apiw.dll
D:\install.exe
.
.
(((((((((((((((((((((((((   Files Creati Da 2012-02-19 al 2012-03-19  )))))))))))))))))))))))))))))))))))
.
.
2012-03-19 19:17 . 2012-03-19 19:19 -------- d-----w- c:\users\Benedetta\AppData\Local\temp
2012-03-19 19:17 . 2012-03-19 19:17 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-19 18:02 . 2012-03-19 18:02 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{733E6172-FAB5-4EAA-8410-B6C68F859EA3}\offreg.dll
2012-03-18 18:31 . 2012-03-18 18:31 388096 ----a-r- c:\users\Benedetta\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-03-18 18:31 . 2012-03-18 18:31 -------- dc----w- c:\program files\Trend Micro
2012-03-16 06:37 . 2012-02-08 06:03 6552120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{733E6172-FAB5-4EAA-8410-B6C68F859EA3}\mpengine.dll
2012-03-15 21:54 . 2012-03-15 21:54 -------- d-----w- c:\users\Benedetta\AppData\Local\G DATA
2012-03-14 10:47 . 2012-02-02 15:16 2044416 ----a-w- c:\windows\system32\win32k.sys
2012-03-14 10:47 . 2012-02-14 15:45 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-03-14 10:47 . 2012-02-14 15:45 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2012-03-14 10:47 . 2012-02-13 14:12 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2012-03-14 10:47 . 2012-02-13 13:47 683008 ----a-w- c:\windows\system32\d2d1.dll
2012-03-14 10:47 . 2012-02-13 13:44 1068544 ----a-w- c:\windows\system32\DWrite.dll
2012-03-14 10:47 . 2012-01-31 10:59 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2012-03-14 10:46 . 2012-01-09 15:54 613376 ----a-w- c:\windows\system32\rdpencom.dll
2012-03-14 10:46 . 2012-01-09 13:58 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-02-24 21:15 . 2012-02-24 21:15 -------- d-----w- c:\users\Benedetta\AppData\Roaming\nCleaner
2012-02-24 21:14 . 2012-02-24 21:14 -------- dc----w- c:\program files\NKProds
2012-02-24 20:56 . 2012-02-24 20:56 -------- dc----w- c:\program files\CCleaner
2012-02-24 20:11 . 2012-03-19 19:05 -------- dc----w- c:\program files\Onda Connection Manager
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-23 08:18 . 2010-05-18 17:10 237072 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((((((((((((   Punti Reg Caricati   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati. 
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-02-01 1487240]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-02-01 17:17 1487240 -c--a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-02-01 1487240]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"Facebook Update"="c:\users\Benedetta\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2011-11-13 137536]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-05-19 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KeNotify"="c:\program files\TOSHIBA\Utilities\KeNotify.exe" [2006-11-06 34352]
"SVPWUTIL"="c:\program files\TOSHIBA\Utilities\SVPWUTIL.exe" [2006-03-22 438272]
"RtHDVCpl"="RtHDVCpl.exe" [2007-09-03 4702208]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2007-03-29 411192]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2006-12-07 55416]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2007-04-03 509496]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2007-05-22 538744]
"topi"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2007-07-10 581632]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-07-27 204800]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaRegistration.exe" [2007-02-19 571024]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-02-12 174872]
"GDFirewallTray"="c:\program files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe" [2009-10-21 1124424]
"G DATA AntiVirus Trayapplication"="c:\program files\G Data\InternetSecurity\AVKTray\AVKTray.exe" [2010-01-06 951880]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-03-20 1451304]
"Skytel"="Skytel.exe" [2007-08-03 1826816]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-12-08 421736]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
"PosService"="c:\users\Public\Documents\AppData\PoApp\PLauncher.exe" [2011-12-16 218624]
"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2007-04-10 413696]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ    FontCache
HPZ12 REG_MULTI_SZ    Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ    hpqcxs08 hpqddsvc
.
Contenuto della cartella 'Scheduled Tasks'
.
2012-03-17 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3594136936-3297696694-3561513701-1000Core.job
- c:\users\Benedetta\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-17 20:25]
.
2012-03-19 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3594136936-3297696694-3561513701-1000UA.job
- c:\users\Benedetta\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-17 20:25]
.
2012-03-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-19 07:38]
.
2012-03-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-19 07:38]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
mStart Page = hxxp://search.findeer.com
IE: Free YouTube to MP3 Converter - c:\users\Benedetta\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: Interfaces\{33EB069A-DB40-48D9-A8B4-84B24F343C11}: NameServer = 176.31.229.24,176.31.229.25
TCP: Interfaces\{629A1E97-EDD9-47BD-B2B3-061BE82AA455}: NameServer = 176.31.229.24,176.31.229.25
TCP: Interfaces\{65742EF2-46CE-4798-AA20-9BA6B9FAA4C4}: NameServer = 176.31.229.24,176.31.229.25
TCP: Interfaces\{762E3DBD-3F5E-4E5B-87C9-20C30F1FCA0D}: NameServer = 176.31.229.24,176.31.229.25
TCP: Interfaces\{A8109E5F-E601-42A4-82A8-E21997036F90}: NameServer = 176.31.229.24,176.31.229.25
TCP: Interfaces\{B9E7A83B-9EE9-4759-8B5C-BC764F77231A}: NameServer = 176.31.229.24,176.31.229.25
TCP: Interfaces\{D5732258-56F7-4EAB-9CA1-F9C59F7A8B3F}: NameServer = 176.31.229.24,176.31.229.25
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [url=http://www.gmer.net]GMER - Rootkit Detector and Remover[/url]
Rootkit scan 2012-03-19 20:19
Windows 6.0.6002 Service Pack 2 NTFS
.
scansione processi nascosti ... 
.
scansione entrate autostart nascoste ... 
.
Scansione files nascosti ... 
.
.
c:\users\BENEDE~1\AppData\Local\Temp\catchme.dll 53248 bytes executable
.
Scansione completata con successo
Files nascosti: 1
.
**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Ora fine scansione: 2012-03-19  20:28:38
ComboFix-quarantined-files.txt  2012-03-19 19:28
.
Pre-Run: 21.433.192.448 byte disponibili
Post-Run: 21.386.457.088 byte disponibili
.
- - End Of File - - C26D6F310325F33C9B30EED62DDF86A6


---------- Post added at 22:35 ---------- Previous post was at 20:37 ----------

log malwarebyte:
Codice:
Malwarebytes Anti-Malware 1.60.1.1000
[URL="http://www.malwarebytes.org"]www.malwarebytes.org[/URL]
Versione database: v2012.03.15.05
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Benedetta :: PC-BENEDETTA [amministratore]
19/03/2012 20.37.45
mbam-log-2012-03-19 (20-37-45).txt
Tipo di scansione: Scansione completa
Opzioni di scansione attive: Memoria | Esecuzione automatica | Registro | File system | Euristica/Extra | Euristica/Shuriken | PUP | PUM
Opzioni di scansione disattivate: P2P
Elementi esaminati: 319500
Tempo impiegato: 1 ore, 52 minuti, 3 secondi
Processi rilevati in memoria: 0
(non sono stati rilevati elementi nocivi)
Moduli di memoria rilevati: 0
(non sono stati rilevati elementi nocivi)
Chiavi di registro rilevate: 0
(non sono stati rilevati elementi nocivi)
Valori di registro rilevati: 0
(non sono stati rilevati elementi nocivi)
Voci rilevate nei dati di registro: 0
(non sono stati rilevati elementi nocivi)
Cartelle rilevate: 0
(non sono stati rilevati elementi nocivi)
File rilevati: 0
(non sono stati rilevati elementi nocivi)
(fine)


---------- Post added at 22:43 ---------- Previous post was at 22:35 ----------

log kaspersky:
Codice:
22:37:20.0731 1780 TDSS rootkit removing tool 2.7.20.0 Mar  9 2012 17:10:43
22:37:21.0963 1780 ============================================================
22:37:21.0963 1780 Current date / time: 2012/03/19 22:37:21.0963
22:37:21.0963 1780 SystemInfo:
22:37:21.0963 1780 
22:37:21.0963 1780 OS Version: 6.0.6002 ServicePack: 2.0
22:37:21.0963 1780 Product type: Workstation
22:37:21.0963 1780 ComputerName: PC-BENEDETTA
22:37:21.0963 1780 UserName: Benedetta
22:37:21.0963 1780 Windows directory: C:\Windows
22:37:21.0963 1780 System windows directory: C:\Windows
22:37:21.0963 1780 Processor architecture: Intel x86
22:37:21.0963 1780 Number of processors: 2
22:37:21.0963 1780 Page size: 0x1000
22:37:21.0963 1780 Boot type: Normal boot
22:37:21.0963 1780 ============================================================
22:37:22.0415 1780 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:37:22.0431 1780 \Device\Harddisk0\DR0:
22:37:22.0431 1780 MBR used
22:37:22.0431 1780 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x9470000
22:37:22.0431 1780 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x975E800, BlocksNum 0x92BA800
22:37:22.0556 1780 Initialize success
22:37:22.0556 1780 ============================================================
22:37:43.0101 1412 ============================================================
22:37:43.0101 1412 Scan started
22:37:43.0101 1412 Mode: Manual; 
22:37:43.0101 1412 ============================================================
22:37:43.0553 1412 ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
22:37:43.0569 1412 ACPI - ok
22:37:43.0756 1412 adp94xx         (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
22:37:43.0772 1412 adp94xx - ok
22:37:43.0959 1412 adpahci         (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
22:37:43.0959 1412 adpahci - ok
22:37:44.0177 1412 adpu160m        (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
22:37:44.0193 1412 adpu160m - ok
22:37:44.0365 1412 adpu320         (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
22:37:44.0365 1412 adpu320 - ok
22:37:44.0536 1412 AFD             (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
22:37:44.0552 1412 AFD - ok
22:37:44.0801 1412 AgereSoftModem  (ce91b158fa490cf4c4d487a4130f4660) C:\Windows\system32\DRIVERS\AGRSM.sys
22:37:44.0817 1412 AgereSoftModem - ok
22:37:44.0957 1412 agp440          (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
22:37:44.0973 1412 agp440 - ok
22:37:45.0004 1412 aic78xx         (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
22:37:45.0004 1412 aic78xx - ok
22:37:45.0051 1412 aliide          (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
22:37:45.0051 1412 aliide - ok
22:37:45.0238 1412 amdagp          (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
22:37:45.0254 1412 amdagp - ok
22:37:45.0394 1412 amdide          (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
22:37:45.0410 1412 amdide - ok
22:37:45.0675 1412 AmdK7           (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
22:37:45.0691 1412 AmdK7 - ok
22:37:45.0909 1412 AmdK8           (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
22:37:45.0909 1412 AmdK8 - ok
22:37:46.0065 1412 arc             (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
22:37:46.0081 1412 arc - ok
22:37:46.0143 1412 arcsas          (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
22:37:46.0159 1412 arcsas - ok
22:37:46.0268 1412 AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
22:37:46.0283 1412 AsyncMac - ok
22:37:46.0330 1412 atapi           (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
22:37:46.0330 1412 atapi - ok
22:37:46.0502 1412 athr            (8be56f8300e1c37b578da23c71816b7a) C:\Windows\system32\DRIVERS\athr.sys
22:37:46.0517 1412 athr - ok
22:37:46.0861 1412 atikmdag        (8ce91545423a431353869ed5ade90ece) C:\Windows\system32\DRIVERS\atikmdag.sys
22:37:46.0954 1412 atikmdag - ok
22:37:47.0219 1412 Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
22:37:47.0219 1412 Beep - ok
22:37:47.0391 1412 blbdrive - ok
22:37:47.0469 1412 bowser          (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
22:37:47.0469 1412 bowser - ok
22:37:47.0641 1412 BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
22:37:47.0656 1412 BrFiltLo - ok
22:37:47.0797 1412 BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
22:37:47.0797 1412 BrFiltUp - ok
22:37:47.0875 1412 Brserid         (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
22:37:47.0890 1412 Brserid - ok
22:37:47.0968 1412 BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
22:37:47.0984 1412 BrSerWdm - ok
22:37:48.0046 1412 BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
22:37:48.0046 1412 BrUsbMdm - ok
22:37:48.0093 1412 BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
22:37:48.0093 1412 BrUsbSer - ok
22:37:48.0187 1412 BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
22:37:48.0202 1412 BTHMODEM - ok
22:37:48.0389 1412 catchme - ok
22:37:48.0514 1412 cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
22:37:48.0514 1412 cdfs - ok
22:37:48.0577 1412 cdrom           (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
22:37:48.0577 1412 cdrom - ok
22:37:48.0748 1412 circlass        (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys
22:37:48.0764 1412 circlass - ok
22:37:48.0935 1412 CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
22:37:48.0951 1412 CLFS - ok
22:37:49.0185 1412 CmBatt          (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
22:37:49.0201 1412 CmBatt - ok
22:37:49.0341 1412 cmdide          (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
22:37:49.0341 1412 cmdide - ok
22:37:49.0372 1412 Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
22:37:49.0372 1412 Compbatt - ok
22:37:49.0497 1412 CplIR           (c3156b712e3873aad354f1696b2b2925) C:\Windows\system32\DRIVERS\CplIR.SYS
22:37:49.0497 1412 CplIR - ok
22:37:49.0544 1412 crcdisk         (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
22:37:49.0544 1412 crcdisk - ok
22:37:49.0575 1412 Crusoe          (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
22:37:49.0591 1412 Crusoe - ok
22:37:49.0809 1412 DfsC            (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
22:37:49.0809 1412 DfsC - ok
22:37:50.0059 1412 disk            (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
22:37:50.0059 1412 disk - ok
22:37:50.0277 1412 Dot4            (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
22:37:50.0277 1412 Dot4 - ok
22:37:50.0386 1412 Dot4Print       (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
22:37:50.0386 1412 Dot4Print - ok
22:37:50.0464 1412 dot4usb         (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
22:37:50.0464 1412 dot4usb - ok
22:37:50.0620 1412 drmkaud         (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
22:37:50.0620 1412 drmkaud - ok
22:37:50.0823 1412 DXGKrnl         (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
22:37:50.0839 1412 DXGKrnl - ok
22:37:50.0979 1412 E1G60           (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
22:37:50.0995 1412 E1G60 - ok
22:37:51.0057 1412 Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
22:37:51.0057 1412 Ecache - ok
22:37:51.0275 1412 elxstor         (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
22:37:51.0275 1412 elxstor - ok
22:37:51.0431 1412 exfat           (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
22:37:51.0431 1412 exfat - ok
22:37:51.0478 1412 fastfat         (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
22:37:51.0478 1412 fastfat - ok
22:37:51.0603 1412 fdc             (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
22:37:51.0603 1412 fdc - ok
22:37:51.0697 1412 FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
22:37:51.0697 1412 FileInfo - ok
22:37:51.0806 1412 Filetrace       (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
22:37:51.0806 1412 Filetrace - ok
22:37:51.0899 1412 flpydisk        (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
22:37:51.0899 1412 flpydisk - ok
22:37:51.0977 1412 FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
22:37:51.0977 1412 FltMgr - ok
22:37:52.0165 1412 Fs_Rec          (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
22:37:52.0165 1412 Fs_Rec - ok
22:37:52.0305 1412 gagp30kx        (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
22:37:52.0305 1412 gagp30kx - ok
22:37:52.0383 1412 GDBehave        (d54a94bb49ec52a930eb39a3eb4f43c6) C:\Windows\system32\drivers\GDBehave.sys
22:37:52.0383 1412 GDBehave - ok
22:37:52.0508 1412 GDMnIcpt        (76e409e9264e6732359f89fbcac098a7) C:\Windows\system32\drivers\MiniIcpt.sys
22:37:52.0508 1412 GDMnIcpt - ok
22:37:52.0555 1412 GDPkIcpt        (9c6e7f164cb5a8b968258eef110dbb1e) C:\Windows\system32\drivers\PktIcpt.sys
22:37:52.0555 1412 GDPkIcpt - ok
22:37:52.0679 1412 gdwfpcd         (df12e76844f20e6537991e127f1202f4) C:\Windows\system32\DRIVERS\gdwfpcd32.sys
22:37:52.0679 1412 gdwfpcd - ok
22:37:52.0757 1412 GearAspiWDM     (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\drivers\GEARAspiWDM.sys
22:37:52.0757 1412 GearAspiWDM - ok
22:37:52.0867 1412 GRD             (0ac851cdcba2d19ac13c3975edfca777) C:\Windows\system32\drivers\GRD.sys
22:37:52.0867 1412 GRD - ok
22:37:53.0038 1412 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
22:37:53.0038 1412 HdAudAddService - ok
22:37:53.0288 1412 HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
22:37:53.0319 1412 HDAudBus - ok
22:37:53.0522 1412 HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
22:37:53.0522 1412 HidBth - ok
22:37:53.0678 1412 HidIr           (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\DRIVERS\hidir.sys
22:37:53.0678 1412 HidIr - ok
22:37:53.0818 1412 HidUsb          (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
22:37:53.0818 1412 HidUsb - ok
22:37:53.0865 1412 HookCentre      (17bf8a644d80daf08e28556dcb80bea2) C:\Windows\system32\drivers\HookCentre.sys
22:37:53.0865 1412 HookCentre - ok
22:37:54.0115 1412 HpCISSs         (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
22:37:54.0130 1412 HpCISSs - ok
22:37:54.0317 1412 HTTP            (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
22:37:54.0317 1412 HTTP - ok
22:37:54.0442 1412 i2omp           (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
22:37:54.0442 1412 i2omp - ok
22:37:54.0520 1412 i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
22:37:54.0520 1412 i8042prt - ok
22:37:54.0754 1412 iaStor          (fd7f9d74c2b35dbda400804a3f5ed5d8) C:\Windows\system32\DRIVERS\iaStor.sys
22:37:54.0754 1412 iaStor - ok
22:37:54.0910 1412 iaStorV         (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
22:37:54.0910 1412 iaStorV - ok
22:37:55.0113 1412 igfx - ok
22:37:55.0316 1412 iirsp           (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
22:37:55.0347 1412 iirsp - ok
22:37:55.0597 1412 IntcAzAudAddService (0f16d98c3af2138fabfa20adde4e01fe) C:\Windows\system32\drivers\RTKVHDA.sys
22:37:55.0643 1412 IntcAzAudAddService - ok
22:37:55.0799 1412 intelide        (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
22:37:55.0815 1412 intelide - ok
22:37:55.0940 1412 intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
22:37:55.0955 1412 intelppm - ok
22:37:56.0002 1412 IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:37:56.0018 1412 IpFilterDriver - ok
22:37:56.0096 1412 IpInIp - ok
22:37:56.0143 1412 IPMIDRV         (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
22:37:56.0158 1412 IPMIDRV - ok
22:37:56.0236 1412 IPNAT           (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
22:37:56.0252 1412 IPNAT - ok
22:37:56.0361 1412 IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
22:37:56.0361 1412 IRENUM - ok
22:37:56.0423 1412 isapnp          (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
22:37:56.0423 1412 isapnp - ok
22:37:56.0470 1412 iScsiPrt        (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
22:37:56.0470 1412 iScsiPrt - ok
22:37:56.0548 1412 iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
22:37:56.0548 1412 iteatapi - ok
22:37:56.0595 1412 iteraid         (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
22:37:56.0611 1412 iteraid - ok
22:37:56.0657 1412 kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
22:37:56.0657 1412 kbdclass - ok
22:37:56.0704 1412 kbdhid          (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\DRIVERS\kbdhid.sys
22:37:56.0704 1412 kbdhid - ok
22:37:56.0782 1412 KR10I           (a383f2cea0a8f4e76e71abc869bd5748) C:\Windows\system32\drivers\kr10i.sys
22:37:56.0782 1412 KR10I - ok
22:37:56.0891 1412 KR10N           (6e9922332386c2a49936b30b2b6fd298) C:\Windows\system32\drivers\kr10n.sys
22:37:56.0891 1412 KR10N - ok
22:37:56.0985 1412 KSecDD          (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
22:37:57.0001 1412 KSecDD - ok
22:37:57.0141 1412 lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
22:37:57.0157 1412 lltdio - ok
22:37:57.0250 1412 LPCFilter       (515fc18cabee0158a324b08b1c2667cf) C:\Windows\system32\DRIVERS\LPCFilter.sys
22:37:57.0250 1412 LPCFilter - ok
22:37:57.0375 1412 LSI_FC          (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
22:37:57.0391 1412 LSI_FC - ok
22:37:57.0484 1412 LSI_SAS         (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
22:37:57.0484 1412 LSI_SAS - ok
22:37:57.0531 1412 LSI_SCSI        (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
22:37:57.0547 1412 LSI_SCSI - ok
22:37:57.0578 1412 luafv           (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
22:37:57.0593 1412 luafv - ok
22:37:57.0687 1412 megasas         (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
22:37:57.0687 1412 megasas - ok
22:37:57.0734 1412 Modem           (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
22:37:57.0734 1412 Modem - ok
22:37:57.0796 1412 monitor         (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
22:37:57.0796 1412 monitor - ok
22:37:58.0155 1412 mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
22:37:58.0186 1412 mouclass - ok
22:37:58.0592 1412 mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
22:37:58.0607 1412 mouhid - ok
22:37:58.0732 1412 MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
22:37:58.0732 1412 MountMgr - ok
22:37:58.0795 1412 mpio            (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
22:37:58.0795 1412 mpio - ok
22:37:58.0951 1412 mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
22:37:58.0982 1412 mpsdrv - ok
22:37:59.0091 1412 Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
22:37:59.0107 1412 Mraid35x - ok
22:37:59.0153 1412 MRxDAV          (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
22:37:59.0153 1412 MRxDAV - ok
22:37:59.0200 1412 mrxsmb          (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:37:59.0231 1412 mrxsmb - ok
22:37:59.0575 1412 mrxsmb10        (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:37:59.0606 1412 mrxsmb10 - ok
22:37:59.0731 1412 mrxsmb20        (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:37:59.0746 1412 mrxsmb20 - ok
22:37:59.0855 1412 msahci          (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
22:37:59.0871 1412 msahci - ok
22:37:59.0933 1412 msdsm           (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
22:37:59.0933 1412 msdsm - ok
22:37:59.0996 1412 Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
22:38:00.0027 1412 Msfs - ok
22:38:00.0121 1412 msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
22:38:00.0121 1412 msisadrv - ok
22:38:00.0199 1412 MSKSSRV         (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
22:38:00.0214 1412 MSKSSRV - ok
22:38:00.0230 1412 MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
22:38:00.0230 1412 MSPCLOCK - ok
22:38:00.0323 1412 MSPQM           (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
22:38:00.0323 1412 MSPQM - ok
22:38:00.0448 1412 MsRPC           (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
22:38:00.0448 1412 MsRPC - ok
22:38:00.0495 1412 mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
22:38:00.0495 1412 mssmbios - ok
22:38:00.0589 1412 MSTEE           (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
22:38:00.0604 1412 MSTEE - ok
22:38:00.0651 1412 Mup             (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
22:38:00.0651 1412 Mup - ok
22:38:00.0854 1412 NativeWifiP     (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
22:38:00.0854 1412 NativeWifiP - ok
22:38:01.0010 1412 NDIS            (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
22:38:01.0041 1412 NDIS - ok
22:38:01.0228 1412 NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
22:38:01.0244 1412 NdisTapi - ok
22:38:01.0431 1412 Ndisuio         (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
22:38:01.0447 1412 Ndisuio - ok
22:38:01.0493 1412 NdisWan         (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
22:38:01.0509 1412 NdisWan - ok
22:38:01.0665 1412 NDProxy         (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
22:38:01.0665 1412 NDProxy - ok
22:38:01.0837 1412 NetBIOS         (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
22:38:01.0837 1412 NetBIOS - ok
22:38:01.0883 1412 netbt           (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
22:38:01.0883 1412 netbt - ok
22:38:02.0024 1412 nfrd960         (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
22:38:02.0039 1412 nfrd960 - ok
22:38:02.0102 1412 Npfs            (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
22:38:02.0102 1412 Npfs - ok
22:38:02.0227 1412 nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
22:38:02.0227 1412 nsiproxy - ok
22:38:02.0305 1412 Ntfs            (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
22:38:02.0320 1412 Ntfs - ok
22:38:02.0414 1412 ntrigdigi       (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
22:38:02.0414 1412 ntrigdigi - ok
22:38:02.0461 1412 Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
22:38:02.0461 1412 Null - ok
22:38:02.0492 1412 nvraid          (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
22:38:02.0492 1412 nvraid - ok
22:38:02.0617 1412 nvstor          (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
22:38:02.0617 1412 nvstor - ok
22:38:02.0648 1412 nv_agp          (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
22:38:02.0663 1412 nv_agp - ok
22:38:02.0757 1412 NwlnkFlt - ok
22:38:02.0788 1412 NwlnkFwd - ok
22:38:02.0835 1412 ohci1394        (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
22:38:02.0851 1412 ohci1394 - ok
22:38:02.0944 1412 ONDA_MW823UP_cdc_acm (9144d56218dabd1fed42d2e1804a99f0) C:\Windows\system32\DRIVERS\ONDA_MW823UP_cdc_acm.sys
22:38:02.0944 1412 ONDA_MW823UP_cdc_acm - ok
22:38:03.0007 1412 ONDA_MW823UP_cdc_ecm (8fec988f3e2ab0168e843f21a49bfd2b) C:\Windows\system32\DRIVERS\ONDA_MW823UP_cdc_ecm.sys
22:38:03.0007 1412 ONDA_MW823UP_cdc_ecm - ok
22:38:03.0131 1412 ONDA_MW823UP_cpo (e8631963b0857deede6fb48798ada5dc) C:\Windows\system32\DRIVERS\ONDA_MW823UP_cpo.sys
22:38:03.0131 1412 ONDA_MW823UP_cpo - ok
22:38:03.0178 1412 ONDA_MW823UP_dc_enum (c34a5c57af3fabe6dfb0e0d9f6c58c3f) C:\Windows\system32\DRIVERS\ONDA_MW823UP_dc_enum.sys
22:38:03.0178 1412 ONDA_MW823UP_dc_enum - ok
22:38:03.0303 1412 Parport         (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
22:38:03.0303 1412 Parport - ok
22:38:03.0365 1412 partmgr         (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
22:38:03.0365 1412 partmgr - ok
22:38:03.0459 1412 Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
22:38:03.0459 1412 Parvdm - ok
22:38:03.0521 1412 pci             (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
22:38:03.0521 1412 pci - ok
22:38:03.0709 1412 pciide          (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
22:38:03.0709 1412 pciide - ok
22:38:03.0911 1412 pcmcia          (3bb2244f343b610c29c98035504c9b75) C:\Windows\system32\DRIVERS\pcmcia.sys
22:38:03.0927 1412 pcmcia - ok
22:38:04.0223 1412 PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
22:38:04.0270 1412 PEAUTH - ok
22:38:04.0473 1412 PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
22:38:04.0489 1412 PptpMiniport - ok
22:38:04.0613 1412 Processor       (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
22:38:04.0613 1412 Processor - ok
22:38:04.0676 1412 PSched          (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
22:38:04.0676 1412 PSched - ok
22:38:04.0847 1412 ql2300          (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
22:38:04.0863 1412 ql2300 - ok
22:38:04.0972 1412 ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
22:38:04.0988 1412 ql40xx - ok
22:38:05.0035 1412 QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
22:38:05.0035 1412 QWAVEdrv - ok
22:38:05.0066 1412 RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
22:38:05.0081 1412 RasAcd - ok
22:38:05.0175 1412 Rasl2tp         (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:38:05.0191 1412 Rasl2tp - ok
22:38:05.0237 1412 RasPppoe        (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
22:38:05.0237 1412 RasPppoe - ok
22:38:05.0347 1412 RasSstp         (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
22:38:05.0347 1412 RasSstp - ok
22:38:05.0409 1412 rdbss           (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
22:38:05.0409 1412 rdbss - ok
22:38:05.0503 1412 RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:38:05.0503 1412 RDPCDD - ok
22:38:05.0549 1412 rdpdr           (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
22:38:05.0565 1412 rdpdr - ok
22:38:05.0643 1412 RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
22:38:05.0643 1412 RDPENCDD - ok
22:38:05.0721 1412 RDPWD           (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
22:38:05.0737 1412 RDPWD - ok
22:38:05.0861 1412 rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
22:38:05.0877 1412 rspndr - ok
22:38:05.0924 1412 RTL8169         (b8b159fa669c6386a458fcd468ebb1e6) C:\Windows\system32\DRIVERS\Rtlh86.sys
22:38:05.0924 1412 RTL8169 - ok
22:38:06.0111 1412 sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
22:38:06.0127 1412 sbp2port - ok
22:38:06.0345 1412 sdbus           (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
22:38:06.0361 1412 sdbus - ok
22:38:06.0563 1412 secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
22:38:06.0579 1412 secdrv - ok
22:38:06.0782 1412 Serenum         (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
22:38:06.0797 1412 Serenum - ok
22:38:06.0907 1412 Serial          (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
22:38:06.0922 1412 Serial - ok
22:38:06.0969 1412 sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
22:38:06.0969 1412 sermouse - ok
22:38:07.0312 1412 sffdisk         (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
22:38:07.0359 1412 sffdisk - ok
22:38:07.0546 1412 sffp_mmc        (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
22:38:07.0562 1412 sffp_mmc - ok
22:38:07.0765 1412 sffp_sd         (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
22:38:07.0765 1412 sffp_sd - ok
22:38:07.0858 1412 sfloppy         (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
22:38:07.0858 1412 sfloppy - ok
22:38:08.0233 1412 sisagp          (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
22:38:08.0248 1412 sisagp - ok
22:38:08.0591 1412 SiSRaid2        (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
22:38:08.0607 1412 SiSRaid2 - ok
22:38:08.0825 1412 SiSRaid4        (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
22:38:08.0825 1412 SiSRaid4 - ok
22:38:09.0153 1412 Smb             (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
22:38:09.0169 1412 Smb - ok
22:38:09.0512 1412 spldr           (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
22:38:09.0543 1412 spldr - ok
22:38:09.0793 1412 srv             (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
22:38:09.0808 1412 srv - ok
22:38:10.0089 1412 srv2            (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
22:38:10.0105 1412 srv2 - ok
22:38:10.0354 1412 srvnet          (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
22:38:10.0370 1412 srvnet - ok
22:38:10.0682 1412 swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
22:38:10.0713 1412 swenum - ok
22:38:10.0900 1412 Symc8xx         (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
22:38:10.0916 1412 Symc8xx - ok
22:38:11.0243 1412 Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
22:38:11.0243 1412 Sym_hi - ok
22:38:11.0540 1412 Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
22:38:11.0540 1412 Sym_u3 - ok
22:38:11.0743 1412 SynTP           (5efcedcf3daf5c8d9e8b77a34a4eec99) C:\Windows\system32\DRIVERS\SynTP.sys
22:38:11.0758 1412 SynTP - ok
22:38:12.0008 1412 Tcpip           (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
22:38:12.0023 1412 Tcpip - ok
22:38:12.0164 1412 Tcpip6          (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
22:38:12.0164 1412 Tcpip6 - ok
22:38:12.0242 1412 tcpipreg        (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
22:38:12.0242 1412 tcpipreg - ok
22:38:12.0289 1412 tdcmdpst        (1825bceb47bf41c5a9f0e44de82fc27a) C:\Windows\system32\DRIVERS\tdcmdpst.sys
22:38:12.0289 1412 tdcmdpst - ok
22:38:12.0335 1412 TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
22:38:12.0335 1412 TDPIPE - ok
22:38:12.0445 1412 TDTCP           (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
22:38:12.0460 1412 TDTCP - ok
22:38:12.0507 1412 tdx             (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
22:38:12.0507 1412 tdx - ok
22:38:12.0554 1412 TermDD          (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
22:38:12.0554 1412 TermDD - ok
22:38:12.0741 1412 tifm21          (e4c85c291ddb3dc5e4a2f227ca465ba6) C:\Windows\system32\drivers\tifm21.sys
22:38:12.0757 1412 tifm21 - ok
22:38:12.0897 1412 tosporte        (8d624d3bd1f2d78bd1c01a2d4e954b4e) C:\Windows\system32\DRIVERS\tosporte.sys
22:38:12.0897 1412 tosporte - ok
22:38:12.0944 1412 tosrfbd         (266df087a8c24da34ff40cf3df86ccfb) C:\Windows\system32\DRIVERS\tosrfbd.sys
22:38:12.0944 1412 tosrfbd - ok
22:38:13.0084 1412 tosrfbnp        (90c8525bc578aaffe87c2d0ed4379e9e) C:\Windows\system32\Drivers\tosrfbnp.sys
22:38:13.0084 1412 tosrfbnp - ok
22:38:13.0100 1412 Tosrfcom        (5ba1ca3b3cddb1ddc67df473f05d1ec2) C:\Windows\system32\Drivers\tosrfcom.sys
22:38:13.0115 1412 Tosrfcom - ok
22:38:13.0162 1412 tosrfec         (5c4103544612e5011ef46301b93d1aa6) C:\Windows\system32\DRIVERS\tosrfec.sys
22:38:13.0162 1412 tosrfec - ok
22:38:13.0303 1412 Tosrfhid        (7c807ba9660e2995cc0217a14a24094c) C:\Windows\system32\DRIVERS\Tosrfhid.sys
22:38:13.0318 1412 Tosrfhid - ok
22:38:13.0396 1412 tosrfnds        (c52fd27b9adf3a1f22cb90e6bcf9b0cb) C:\Windows\system32\DRIVERS\tosrfnds.sys
22:38:13.0396 1412 tosrfnds - ok
22:38:13.0552 1412 TosRfSnd        (a4ce9572bc4ac8d329455059b43c5bea) C:\Windows\system32\drivers\tosrfsnd.sys
22:38:13.0568 1412 TosRfSnd - ok
22:38:13.0755 1412 Tosrfusb        (cdda265c7617a2745b48e0de572012a6) C:\Windows\system32\DRIVERS\tosrfusb.sys
22:38:13.0771 1412 Tosrfusb - ok
22:38:13.0973 1412 tos_sps32       (1ea5f27c29405bf49799feca77186da9) C:\Windows\system32\DRIVERS\tos_sps32.sys
22:38:13.0989 1412 tos_sps32 - ok
22:38:14.0129 1412 TpChoice - ok
22:38:14.0488 1412 tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:38:14.0488 1412 tssecsrv - ok
22:38:14.0691 1412 tunmp           (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
22:38:14.0691 1412 tunmp - ok
22:38:14.0894 1412 tunnel          (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
22:38:14.0894 1412 tunnel - ok
22:38:15.0143 1412 TVALZ           (792a8b80f8188aba4b2be271583f3e46) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
22:38:15.0159 1412 TVALZ - ok
22:38:15.0377 1412 uagp35          (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
22:38:15.0393 1412 uagp35 - ok
22:38:15.0627 1412 udfs            (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
22:38:15.0643 1412 udfs - ok
22:38:15.0877 1412 uliagpkx        (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
22:38:15.0892 1412 uliagpkx - ok
22:38:16.0142 1412 uliahci         (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
22:38:16.0173 1412 uliahci - ok
22:38:16.0391 1412 UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
22:38:16.0407 1412 UlSata - ok
22:38:16.0641 1412 ulsata2         (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
22:38:16.0657 1412 ulsata2 - ok
22:38:16.0875 1412 umbus           (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
22:38:16.0875 1412 umbus - ok
22:38:17.0125 1412 USBAAPL         (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
22:38:17.0125 1412 USBAAPL - ok
22:38:17.0343 1412 usbccgp         (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
22:38:17.0359 1412 usbccgp - ok
22:38:17.0608 1412 usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
22:38:17.0608 1412 usbcir - ok
22:38:17.0842 1412 usbehci         (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
22:38:17.0842 1412 usbehci - ok
22:38:18.0045 1412 usbhub          (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
22:38:18.0061 1412 usbhub - ok
22:38:18.0279 1412 usbohci         (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
22:38:18.0279 1412 usbohci - ok
22:38:18.0497 1412 usbprint        (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
22:38:18.0513 1412 usbprint - ok
22:38:18.0747 1412 usbscan         (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
22:38:18.0763 1412 usbscan - ok
22:38:18.0934 1412 USBSTOR         (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:38:18.0934 1412 USBSTOR - ok
22:38:19.0153 1412 usbuhci         (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
22:38:19.0168 1412 usbuhci - ok
22:38:19.0418 1412 usbvideo        (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
22:38:19.0433 1412 usbvideo - ok
22:38:19.0558 1412 UVCFTR          (3b929a72aaea96dc0150d3a6da268c89) C:\Windows\system32\Drivers\UVCFTR_S.SYS
22:38:19.0574 1412 UVCFTR - ok
22:38:19.0621 1412 vga             (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
22:38:19.0621 1412 vga - ok
22:38:19.0761 1412 VgaSave         (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
22:38:19.0777 1412 VgaSave - ok
22:38:19.0823 1412 viaagp          (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
22:38:19.0823 1412 viaagp - ok
22:38:19.0917 1412 ViaC7           (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
22:38:19.0917 1412 ViaC7 - ok
22:38:19.0995 1412 viaide          (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
22:38:19.0995 1412 viaide - ok
22:38:20.0135 1412 volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
22:38:20.0151 1412 volmgr - ok
22:38:20.0245 1412 volmgrx         (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
22:38:20.0260 1412 volmgrx - ok
22:38:20.0354 1412 volsnap         (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
22:38:20.0369 1412 volsnap - ok
22:38:20.0557 1412 vsmraid         (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
22:38:20.0572 1412 vsmraid - ok
22:38:20.0869 1412 WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
22:38:20.0884 1412 WacomPen - ok
22:38:21.0009 1412 Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
22:38:21.0025 1412 Wanarp - ok
22:38:21.0025 1412 Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
22:38:21.0025 1412 Wanarpv6 - ok
22:38:21.0243 1412 Wd              (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
22:38:21.0259 1412 Wd - ok
22:38:21.0586 1412 Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
22:38:21.0586 1412 Wdf01000 - ok
22:38:21.0898 1412 WmiAcpi         (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
22:38:21.0914 1412 WmiAcpi - ok
22:38:22.0039 1412 WpdUsb          (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
22:38:22.0039 1412 WpdUsb - ok
22:38:22.0085 1412 ws2ifsl         (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
22:38:22.0085 1412 ws2ifsl - ok
22:38:22.0163 1412 WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:38:22.0179 1412 WUDFRd - ok
22:38:22.0257 1412 MBR (0x1B8)     (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
22:38:22.0319 1412 \Device\Harddisk0\DR0 - ok
22:38:22.0319 1412 Boot (0x1200)   (87e62ef01ad2d06590873035787de9b8) \Device\Harddisk0\DR0\Partition0
22:38:22.0351 1412 \Device\Harddisk0\DR0\Partition0 - ok
22:38:22.0382 1412 Boot (0x1200)   (2c31276d950f214a5e1ab41e8e724383) \Device\Harddisk0\DR0\Partition1
22:38:22.0413 1412 \Device\Harddisk0\DR0\Partition1 - ok
22:38:22.0413 1412 ============================================================
22:38:22.0413 1412 Scan finished
22:38:22.0413 1412 ============================================================
22:38:22.0429 5132 Detected object count: 0
22:38:22.0429 5132 Actual detected object count: 0
 

tecnico24

Utente Èlite
10,705
1,071
Ciao , scusa il ritardo.
scarica il file CFScript.txt che ti ho allegato qui in basso.
Trascina il file sull'icona di combofix e attendi il lavoro e il riavvio del pc.

Riposta un nuovo log , dalla modalità normale.
 

Allegati

  • CFScript.txt
    929 bytes · Visualizzazioni: 100
Ultima modifica:

alexfreemont

Utente Attivo
12
0
OS
window vista
grazie tecnico, ho fatto come hai detto tu, poi ho rifatto la scansione con combofix e questo è il log. devo fare altro?
ComboFix 12-03-18.04 - Benedetta 26/03/2012 21.31.13.3.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.39.1040.18.3070.1465 [GMT 2:00]
Eseguito da: c:\users\Benedetta\Desktop\ComboFix.exe
AV: G Data InternetSecurity 2010 *Disabled/Updated* {54ACC2FC-837E-E665-7A92-5352D560D5EF}
FW: G Data Personal Firewall *Disabled* {6C9743D9-C911-E73D-51CD-FA672BB39294}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
- MODALITÀ CON FUNZIONALITÀ RIDOTTE -
.
.
((((((((((((((((((((((((( Files Creati Da 2012-02-26 al 2012-03-26 )))))))))))))))))))))))))))))))))))
.
.
2012-03-26 19:34 . 2012-03-26 19:34 -------- d-----w- c:\users\Benedetta\AppData\Local\temp
2012-03-26 19:34 . 2012-03-26 19:34 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-23 20:06 . 2012-03-14 02:15 6582328 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8B353D68-2CCB-4CC9-B687-12EABFB11678}\mpengine.dll
2012-03-22 18:15 . 2012-03-22 18:15 -------- d-----w- c:\users\Benedetta\AppData\Roaming\Canneverbe Limited
2012-03-22 18:15 . 2012-03-22 18:15 -------- d-----w- c:\programdata\Canneverbe Limited
2012-03-22 18:15 . 2012-03-22 18:15 -------- dc----w- c:\program files\CDBurnerXP
2012-03-18 18:31 . 2012-03-18 18:31 388096 ----a-r- c:\users\Benedetta\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-03-18 18:31 . 2012-03-18 18:31 -------- dc----w- c:\program files\Trend Micro
2012-03-15 21:54 . 2012-03-15 21:54 -------- d-----w- c:\users\Benedetta\AppData\Local\G DATA
2012-03-14 10:47 . 2012-02-02 15:16 2044416 ----a-w- c:\windows\system32\win32k.sys
2012-03-14 10:47 . 2012-02-14 15:45 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-03-14 10:47 . 2012-02-14 15:45 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2012-03-14 10:47 . 2012-02-13 14:12 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2012-03-14 10:47 . 2012-02-13 13:47 683008 ----a-w- c:\windows\system32\d2d1.dll
2012-03-14 10:47 . 2012-02-13 13:44 1068544 ----a-w- c:\windows\system32\DWrite.dll
2012-03-14 10:47 . 2012-01-31 10:59 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2012-03-14 10:46 . 2012-01-09 15:54 613376 ----a-w- c:\windows\system32\rdpencom.dll
2012-03-14 10:46 . 2012-01-09 13:58 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-23 08:18 . 2010-05-18 17:10 237072 ------w- c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2012-03-19_19.19.39 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-04-16 08:37 . 2012-03-26 09:50 60862 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 13:05 . 2012-03-26 09:51 98810 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2007-10-13 14:32 . 2012-03-19 11:06 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2007-10-13 14:32 . 2012-03-25 22:08 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2007-10-13 14:32 . 2012-03-25 22:08 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2007-10-13 14:32 . 2012-03-19 11:06 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2007-10-13 14:32 . 2012-03-19 11:06 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2007-10-13 14:32 . 2012-03-25 22:08 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-03-25 22:07 . 2012-03-25 22:07 22016 c:\windows\Installer\257aa4.msi
- 2010-05-17 16:59 . 2012-03-19 16:38 9890 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3594136936-3297696694-3561513701-1000_UserData.bin
+ 2010-05-17 16:59 . 2012-03-26 09:51 9890 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3594136936-3297696694-3561513701-1000_UserData.bin
- 2012-03-19 16:35 . 2012-03-19 16:35 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-03-26 09:47 . 2012-03-26 09:47 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-03-19 16:35 . 2012-03-19 16:35 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-03-26 09:47 . 2012-03-26 09:47 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2007-04-16 08:14 . 2012-03-21 18:24 363874 c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin
- 2006-11-06 01:52 . 2012-03-18 15:20 671944 c:\windows\System32\perfh010.dat
+ 2006-11-06 01:52 . 2012-03-26 09:53 671944 c:\windows\System32\perfh010.dat
+ 2006-11-02 10:33 . 2012-03-26 09:53 595996 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2012-03-18 15:20 595996 c:\windows\System32\perfh009.dat
+ 2006-11-06 01:52 . 2012-03-26 09:53 123464 c:\windows\System32\perfc010.dat
- 2006-11-06 01:52 . 2012-03-18 15:20 123464 c:\windows\System32\perfc010.dat
+ 2006-11-02 10:33 . 2012-03-26 09:53 104070 c:\windows\System32\perfc009.dat
- 2006-11-02 10:33 . 2012-03-18 15:20 104070 c:\windows\System32\perfc009.dat
- 2010-05-19 07:31 . 2012-03-15 10:17 262144 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2010-05-19 07:31 . 2012-03-25 22:08 262144 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2010-10-24 16:14 . 2012-03-19 16:34 223000 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2010-10-24 16:14 . 2012-03-25 23:50 223000 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-03-22 11:43 . 2012-03-22 11:43 112640 c:\windows\Installer\694ddf.msi
+ 2007-04-16 07:05 . 2012-03-25 23:50 1227696 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2007-04-16 07:05 . 2012-03-19 16:34 1227696 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2010-10-24 16:14 . 2012-03-24 11:21 2304360 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3594136936-3297696694-3561513701-1000-8192.dat
- 2010-10-24 16:14 . 2012-03-19 16:34 2304360 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3594136936-3297696694-3561513701-1000-8192.dat
+ 2011-04-20 21:46 . 2012-03-23 00:38 1240320 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3594136936-3297696694-3561513701-1000-12288.dat
+ 2011-04-05 23:34 . 2012-03-25 23:50 45834352 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3594136936-3297696694-3561513701-1000-4096.dat
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-02-01 1487240]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-02-01 17:17 1487240 -c--a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-02-01 1487240]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"Facebook Update"="c:\users\Benedetta\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2011-11-13 137536]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-05-19 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KeNotify"="c:\program files\TOSHIBA\Utilities\KeNotify.exe" [2006-11-06 34352]
"SVPWUTIL"="c:\program files\TOSHIBA\Utilities\SVPWUTIL.exe" [2006-03-22 438272]
"RtHDVCpl"="RtHDVCpl.exe" [2007-09-03 4702208]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2007-03-29 411192]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2006-12-07 55416]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2007-04-03 509496]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2007-05-22 538744]
"topi"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2007-07-10 581632]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-07-27 204800]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaRegistration.exe" [2007-02-19 571024]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-02-12 174872]
"GDFirewallTray"="c:\program files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe" [2009-10-21 1124424]
"G DATA AntiVirus Trayapplication"="c:\program files\G Data\InternetSecurity\AVKTray\AVKTray.exe" [2010-01-06 951880]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-03-20 1451304]
"Skytel"="Skytel.exe" [2007-08-03 1826816]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-12-08 421736]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2007-04-10 413696]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contenuto della cartella 'Scheduled Tasks'
.
2012-03-26 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3594136936-3297696694-3561513701-1000Core.job
- c:\users\Benedetta\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-17 20:25]
.
2012-03-26 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3594136936-3297696694-3561513701-1000UA.job
- c:\users\Benedetta\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-17 20:25]
.
2012-03-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-19 07:38]
.
2012-03-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-19 07:38]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
IE: Free YouTube to MP3 Converter - c:\users\Benedetta\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: Interfaces\{33EB069A-DB40-48D9-A8B4-84B24F343C11}: NameServer = 176.31.229.24,176.31.229.25
TCP: Interfaces\{629A1E97-EDD9-47BD-B2B3-061BE82AA455}: NameServer = 176.31.229.24,176.31.229.25
TCP: Interfaces\{65742EF2-46CE-4798-AA20-9BA6B9FAA4C4}: NameServer = 176.31.229.24,176.31.229.25
TCP: Interfaces\{762E3DBD-3F5E-4E5B-87C9-20C30F1FCA0D}: NameServer = 176.31.229.24,176.31.229.25
TCP: Interfaces\{A8109E5F-E601-42A4-82A8-E21997036F90}: NameServer = 176.31.229.24,176.31.229.25
TCP: Interfaces\{B9E7A83B-9EE9-4759-8B5C-BC764F77231A}: NameServer = 176.31.229.24,176.31.229.25
TCP: Interfaces\{D5732258-56F7-4EAB-9CA1-F9C59F7A8B3F}: NameServer = 176.31.229.24,176.31.229.25
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2012-03-26 21:34
Windows 6.0.6002 Service Pack 2 NTFS
.
scansione processi nascosti ...
.
scansione entrate autostart nascoste ...
.
Scansione files nascosti ...
.
Scansione completata con successo
Files nascosti: 0
.
**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Ora fine scansione: 2012-03-26 21:43:15
ComboFix-quarantined-files.txt 2012-03-26 19:43
ComboFix2.txt 2012-03-26 19:22
.
Pre-Run: 21.554.724.864 byte disponibili
Post-Run: 21.543.272.448 byte disponibili
.
- - End Of File - - D70E313D895A832B3BC6E01062D9316A
 

alexfreemont

Utente Attivo
12
0
OS
window vista
Devi eseguire combofix non in provvisoria , ma in modalità normale.
io faccio così: accendo il pc, disattivo l'antivirus ed il firewall e faccio partire combofix (tasto dx, esegui come amministratore).il log mi esce in C. non sò la differenza tra modalità normale e provvisoria...
 

Entra

oppure Accedi utilizzando

Hot: E3 2021, chi ti è piaciuto di più?

  • Ubisoft

    Voti: 17 18.1%
  • Gearbox

    Voti: 1 1.1%
  • Xbox & Bethesda

    Voti: 67 71.3%
  • Square Enix

    Voti: 3 3.2%
  • Capcom

    Voti: 5 5.3%
  • Nintendo

    Voti: 14 14.9%
  • Altro (Specificare)

    Voti: 9 9.6%

Discussioni Simili