Problema con Windows Vista

Alessio Vito Vitali

Nuovo Utente
56
2
Ho un problema riguardante Windows Vista, Vi spiego tutto:
Praticamente il computer va normalmente appena acceso, ma dopo un po' alcune finestre cominciano a perdere lo stile Aero tipico di Vista (per fare un esempio, in questo momento le barre dello scrolling di Chrome e la finestra del Task Manager in questo momento hanno lo stile tipico di un windows 98, oserei dire 95 addirittura) e in contemporanea non riesco più ad avviare Internet Explorer (che uso in contemporanea a Chrome perchè mi ci trovo meglio per l navigazione su determinati siti; comunque non hanno mai dato problemi insieme), né ad avviare tutti quei programmi che richiedono l'autorizzazione per essere avviati, per esempio CCleaner, oppure l'editor del registro, nemmeno Fraps, dandomi come errore il percorso nel quale si trovano questi programmi (premetto che sia avviandoli da collegamento che direttamente tramite l'exe non funzionano), seguito dalla scritta "Questo servizio non può accettare messaggi di controllo in questo momento".
Ho fatto la scansione dei virus, persino usando BootKit, eliminando quindi i file che ha ritenuto pericolosi, ma non è cambiato nulla.
A questo punto vi imploro di aiutarmi perchè non so più cosa fare!
Grazie
 

Alessio Vito Vitali

Nuovo Utente
56
2
Leggi qui:
http://www.tomshw.it/forum/sicurezz...omputer-infetto-leggere-prima-di-postare.html

Inviaci i log di TDSS Killer e Combofix.

N.B:se TDSS rileva file infetti , come descritto dalla guida l'azione sara Cure , però bisognerà riavviare il pc per rimuovere eventuali infezioni.
ComboFix:
ComboFix 12-02-29.01 - Alessio 29/02/2012 22.42.43.1.2 - x86Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.39.1040.18.2047.1195 [GMT 1:00]
Eseguito da: c:\users\Alessio\Desktop\abc.exe
Opzioni usate :: /killall
AV: Kaspersky Internet Security *Enabled/Updated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
FW: Kaspersky Internet Security *Enabled* {1691B380-548E-1A7A-BE85-9A42CE15AEFF}
SP: Kaspersky Internet Security *Enabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\9C4
c:\programdata\9C4\{804BFF0E-3A0F-48AF-A25C-3AC999DE4A5F}.swf
c:\programdata\Microsoft\Windows\Start Menu\Programs\Spyware-Secure
c:\programdata\Microsoft\Windows\Start Menu\Programs\Spyware-Secure\Website.lnk
c:\programdata\Tarma Installer
c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setup.dll
c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll
c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\20100212181132.log
c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.dat
c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.exe
c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.ico
c:\users\Alessio\AppData\Local\venvdf.dat
c:\users\Alessio\AppData\Local\venvdf_nav.dat
c:\users\Alessio\AppData\Local\venvdf_navps.dat
c:\users\Alessio\AppData\Local\vznagrtkgo.dat
c:\users\Alessio\AppData\Local\vznagrtkgo_nav.dat
c:\users\Alessio\AppData\Local\vznagrtkgo_navps.dat
c:\users\Alessio\AppData\Roaming\cacaoweb
c:\users\Alessio\AppData\Roaming\cacaoweb\adstorage.db
c:\users\Alessio\AppData\Roaming\cacaoweb\cacaoweb.exe
c:\users\Alessio\AppData\Roaming\cacaoweb\npdfile.dat
c:\users\Alessio\AppData\Roaming\cacaoweb\storage.db
c:\users\Alessio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MessengerSkinner
c:\users\Public\AutoCAD_2011_Italian_Win_32bit.exe.part
c:\windows\IsUn0410.exe
c:\windows\ST6UNST.000
c:\windows\system32\~GLH00c0.TMP
c:\windows\system32\AutoRun.inf
c:\windows\system32\CddbCdda.dll
c:\windows\unin0410.exe
.
.
((((((((((((((((((((((((( Files Creati Da 2012-01-28 al 2012-02-29 )))))))))))))))))))))))))))))))))))
.
.
2012-02-29 21:57 . 2012-02-29 22:04 -------- d-----w- c:\users\Alessio\AppData\Local\temp
2012-02-29 21:57 . 2012-02-29 21:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-02-29 21:57 . 2012-02-29 21:57 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2012-02-29 13:16 . 2012-02-29 13:16 -------- d-----w- c:\program files\LogMeIn Hamachi
2012-02-28 21:55 . 2012-02-28 21:55 159744 ----a-w- c:\program files\Internet Explorer\Plugin\npqtplugin7.dll
2012-02-28 21:55 . 2012-02-28 21:55 159744 ----a-w- c:\program files\Internet Explorer\Plugin\npqtplugin6.dll
2012-02-28 21:55 . 2012-02-28 21:55 159744 ----a-w- c:\program files\Internet Explorer\Plugin\npqtplugin5.dll
2012-02-28 21:55 . 2012-02-28 21:55 159744 ----a-w- c:\program files\Internet Explorer\Plugin\npqtplugin4.dll
2012-02-28 21:55 . 2012-02-28 21:55 159744 ----a-w- c:\program files\Internet Explorer\Plugin\npqtplugin3.dll
2012-02-28 21:55 . 2012-02-28 21:55 159744 ----a-w- c:\program files\Internet Explorer\Plugin\npqtplugin2.dll
2012-02-28 21:55 . 2012-02-28 21:55 159744 ----a-w- c:\program files\Internet Explorer\Plugin\npqtplugin.dll
2012-02-28 12:09 . 2012-02-08 06:03 6552120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{14C13D41-C53F-466F-BF40-8257A7ADF0CB}\mpengine.dll
2012-02-27 11:16 . 2012-02-27 11:16 -------- d-----w- c:\users\Alessio\AppData\Local\ADDP
2012-02-27 11:16 . 2012-02-27 11:17 -------- d-----w- c:\users\Alessio\AppData\Local\Acer
2012-02-27 11:14 . 2012-02-28 16:14 -------- d-----w- c:\programdata\Acer
2012-02-27 11:11 . 2012-02-27 11:11 -------- d-----w- c:\program files\Acer
2012-02-27 11:02 . 2009-08-14 16:08 105984 ----a-w- c:\windows\system32\drivers\qcusbser.sys
2012-02-27 11:02 . 2009-08-21 16:41 25728 ----a-w- c:\windows\system32\drivers\androidusb.sys
2012-02-24 23:08 . 2012-02-26 20:30 -------- d-----w- c:\users\Alessio\AppData\Roaming\gtk-2.0
2012-02-24 23:08 . 2012-02-24 23:08 -------- d-----w- c:\users\Alessio\.thumbnails
2012-02-07 23:15 . 2012-02-08 21:40 -------- d-----w- c:\programdata\AVAST Software
2012-02-07 23:15 . 2012-02-07 23:15 -------- d-----w- c:\program files\AVAST Software
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-22 13:26 . 2011-05-15 10:29 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-01-29 04:10 . 2010-02-05 16:19 237072 ------w- c:\windows\system32\MpSigStub.exe
2011-12-07 17:22 . 2011-12-22 20:18 83360 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2011-12-07 17:22 . 2011-12-22 20:18 52096 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\LMIproc.dll
2011-12-07 17:22 . 2011-12-22 20:18 30592 ----a-w- c:\windows\system32\LMIport.dll
2011-12-07 17:21 . 2011-12-22 20:18 87424 ----a-w- c:\windows\system32\LMIinit.dll
.
.
TDSS:
22:26:19.0179 5820 TDSS rootkit removing tool 2.7.17.0 Feb 29 2012 14:02:2422:26:20.0329 5820 ============================================================
22:26:20.0329 5820 Current date / time: 2012/02/29 22:26:20.0329
22:26:20.0329 5820 SystemInfo:
22:26:20.0329 5820
22:26:20.0329 5820 OS Version: 6.0.6002 ServicePack: 2.0
22:26:20.0329 5820 Product type: Workstation
22:26:20.0329 5820 ComputerName: PC-ALESSIO
22:26:20.0330 5820 UserName: Alessio
22:26:20.0330 5820 Windows directory: C:\Windows
22:26:20.0330 5820 System windows directory: C:\Windows
22:26:20.0330 5820 Processor architecture: Intel x86
22:26:20.0330 5820 Number of processors: 2
22:26:20.0330 5820 Page size: 0x1000
22:26:20.0330 5820 Boot type: Normal boot
22:26:20.0330 5820 ============================================================
22:26:25.0180 5820 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:26:25.0270 5820 \Device\Harddisk0\DR0:
22:26:25.0273 5820 MBR used
22:26:25.0273 5820 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x6, StartLBA 0x1384C7A, BlocksNum 0xDF646B5
22:26:25.0273 5820 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xF2E932F, BlocksNum 0xDEDB252
22:26:25.0478 5820 Initialize success
22:26:25.0478 5820 ============================================================
22:26:27.0652 8084 ============================================================
22:26:27.0652 8084 Scan started
22:26:27.0652 8084 Mode: Manual;
22:26:27.0652 8084 ============================================================
22:26:34.0624 8084 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
22:26:34.0650 8084 ACPI - ok
22:26:35.0237 8084 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
22:26:35.0304 8084 adp94xx - ok
22:26:35.0701 8084 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
22:26:35.0749 8084 adpahci - ok
22:26:35.0938 8084 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
22:26:35.0941 8084 adpu160m - ok
22:26:35.0980 8084 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
22:26:35.0986 8084 adpu320 - ok
22:26:36.0238 8084 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
22:26:36.0320 8084 AFD - ok
22:26:36.0897 8084 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
22:26:36.0909 8084 aic78xx - ok
22:26:37.0359 8084 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
22:26:37.0362 8084 aliide - ok
22:26:37.0509 8084 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
22:26:37.0526 8084 amdagp - ok
22:26:38.0002 8084 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
22:26:38.0004 8084 amdide - ok
22:26:38.0329 8084 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
22:26:38.0332 8084 AmdK7 - ok
22:26:38.0460 8084 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
22:26:38.0483 8084 AmdK8 - ok
22:26:38.0584 8084 androidusb (f71671248134ea39bfd10401ee5fd825) C:\Windows\system32\Drivers\androidusb.sys
22:26:38.0608 8084 androidusb - ok
22:26:39.0059 8084 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
22:26:39.0069 8084 arc - ok
22:26:39.0391 8084 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
22:26:39.0408 8084 arcsas - ok
22:26:39.0989 8084 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
22:26:40.0037 8084 AsyncMac - ok
22:26:40.0553 8084 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
22:26:40.0553 8084 atapi - ok
22:26:41.0061 8084 athsgt (187c905e157d791a3a404eadf8fae754) C:\Windows\system32\DRIVERS\athsgt.sys
22:26:41.0145 8084 athsgt - ok
22:26:41.0846 8084 AX88772 (58d4ab812bca657a59a7945add1bb2b6) C:\Windows\system32\DRIVERS\ax88772.sys
22:26:41.0865 8084 AX88772 - ok
22:26:42.0299 8084 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
22:26:42.0344 8084 Beep - ok
22:26:42.0521 8084 blbdrive - ok
22:26:42.0705 8084 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
22:26:42.0752 8084 bowser - ok
22:26:42.0922 8084 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
22:26:42.0942 8084 BrFiltLo - ok
22:26:43.0175 8084 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
22:26:43.0188 8084 BrFiltUp - ok
22:26:43.0310 8084 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
22:26:43.0314 8084 Brserid - ok
22:26:43.0335 8084 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
22:26:43.0338 8084 BrSerWdm - ok
22:26:43.0368 8084 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
22:26:43.0383 8084 BrUsbMdm - ok
22:26:43.0492 8084 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
22:26:43.0536 8084 BrUsbSer - ok
22:26:43.0935 8084 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
22:26:43.0938 8084 BTHMODEM - ok
22:26:44.0108 8084 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
22:26:44.0246 8084 cdfs - ok
22:26:44.0742 8084 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
22:26:44.0748 8084 cdrom - ok
22:26:45.0001 8084 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
22:26:45.0031 8084 circlass - ok
22:26:45.0678 8084 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
22:26:45.0753 8084 CLFS - ok
22:26:45.0988 8084 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
22:26:46.0004 8084 cmdide - ok
22:26:46.0032 8084 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
22:26:46.0043 8084 Compbatt - ok
22:26:46.0358 8084 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
22:26:46.0370 8084 crcdisk - ok
22:26:46.0644 8084 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
22:26:46.0677 8084 Crusoe - ok
22:26:47.0015 8084 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
22:26:47.0045 8084 DfsC - ok
22:26:47.0319 8084 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
22:26:47.0322 8084 disk - ok
22:26:47.0486 8084 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
22:26:47.0545 8084 Dot4 - ok
22:26:47.0925 8084 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
22:26:47.0940 8084 Dot4Print - ok
22:26:48.0337 8084 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
22:26:48.0340 8084 dot4usb - ok
22:26:48.0917 8084 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
22:26:49.0176 8084 drmkaud - ok
22:26:49.0518 8084 dtsoftbus01 (c0c7ceccb6c85994c2bc92d58e52d3f2) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
22:26:49.0543 8084 dtsoftbus01 - ok
22:26:49.0988 8084 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
22:26:50.0014 8084 DXGKrnl - ok
22:26:50.0394 8084 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
22:26:50.0419 8084 E1G60 - ok
22:26:50.0918 8084 EagleXNt - ok
22:26:51.0324 8084 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
22:26:51.0332 8084 Ecache - ok
22:26:51.0931 8084 EL90Xbc (fd3821285b943648a32adc39dacc4e11) C:\Windows\system32\DRIVERS\el90Xbc5.SYS
22:26:51.0936 8084 EL90Xbc - ok
22:26:52.0351 8084 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
22:26:52.0357 8084 elxstor - ok
22:26:52.0629 8084 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
22:26:52.0657 8084 exfat - ok
22:26:53.0134 8084 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
22:26:53.0232 8084 fastfat - ok
22:26:53.0486 8084 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
22:26:53.0491 8084 fdc - ok
22:26:53.0748 8084 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
22:26:53.0753 8084 FileInfo - ok
22:26:53.0854 8084 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
22:26:53.0883 8084 Filetrace - ok
22:26:53.0971 8084 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
22:26:53.0988 8084 flpydisk - ok
22:26:54.0166 8084 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
22:26:54.0217 8084 FltMgr - ok
22:26:54.0526 8084 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
22:26:54.0724 8084 Fs_Rec - ok
22:26:55.0008 8084 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
22:26:55.0043 8084 gagp30kx - ok
22:26:55.0199 8084 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys
22:26:55.0247 8084 GEARAspiWDM - ok
22:26:55.0924 8084 hamachi (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys
22:26:55.0927 8084 hamachi - ok
22:26:56.0352 8084 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
22:26:56.0404 8084 HdAudAddService - ok
22:26:57.0017 8084 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
22:26:57.0120 8084 HDAudBus - ok
22:26:57.0387 8084 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
22:26:57.0416 8084 HidBth - ok
22:26:57.0795 8084 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
22:26:57.0839 8084 HidIr - ok
22:26:58.0004 8084 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
22:26:58.0064 8084 HidUsb - ok
22:26:58.0420 8084 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
22:26:58.0440 8084 HpCISSs - ok
22:26:59.0081 8084 HTTP (0eeeca26c8d4bde2a4664db058a81937) C:\Windows\system32\drivers\HTTP.sys
22:26:59.0213 8084 HTTP - ok
22:26:59.0546 8084 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
22:26:59.0560 8084 i2omp - ok
22:26:59.0770 8084 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
22:26:59.0801 8084 i8042prt - ok
22:27:00.0030 8084 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
22:27:00.0087 8084 iaStorV - ok
22:27:00.0876 8084 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
22:27:00.0879 8084 iirsp - ok
22:27:01.0264 8084 int15 (9d64201c9e5ac8d1f088762ba00ff3ab) C:\Acer\Empowering Technology\eRecovery\int15.sys
22:27:01.0330 8084 int15 - ok
22:27:02.0352 8084 IntcAzAudAddService (aef2fa29204056b81bc4cbf30260dee1) C:\Windows\system32\drivers\RTKVHDA.sys
22:27:02.0443 8084 IntcAzAudAddService - ok
22:27:02.0762 8084 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
22:27:02.0779 8084 intelide - ok
22:27:02.0945 8084 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
22:27:02.0948 8084 intelppm - ok
22:27:03.0391 8084 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:27:03.0424 8084 IpFilterDriver - ok
22:27:03.0843 8084 IpInIp - ok
22:27:04.0013 8084 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
22:27:04.0026 8084 IPMIDRV - ok
22:27:04.0627 8084 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
22:27:04.0785 8084 IPNAT - ok
22:27:04.0992 8084 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
22:27:05.0086 8084 IRENUM - ok
22:27:05.0779 8084 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
22:27:05.0817 8084 isapnp - ok
22:27:05.0913 8084 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
22:27:05.0919 8084 iScsiPrt - ok
22:27:06.0064 8084 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
22:27:06.0103 8084 iteatapi - ok
22:27:06.0338 8084 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
22:27:06.0341 8084 iteraid - ok
22:27:06.0911 8084 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
22:27:06.0916 8084 kbdclass - ok
22:27:07.0463 8084 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\drivers\kbdhid.sys
22:27:07.0480 8084 kbdhid - ok
22:27:07.0929 8084 KL1 (186b54479d98e48aee0e9ada4b3c4d31) C:\Windows\system32\DRIVERS\kl1.sys
22:27:08.0038 8084 KL1 - ok
22:27:08.0496 8084 kl2 (bf485bfba13c0ab116701fd9c55324d0) C:\Windows\system32\DRIVERS\kl2.sys
22:27:08.0526 8084 kl2 - ok
22:27:08.0994 8084 KLIF (af04d0ce7939324e9a605b159295706c) C:\Windows\system32\DRIVERS\klif.sys
22:27:09.0078 8084 KLIF - ok
22:27:09.0420 8084 KLIM6 (6295a19003f935ecc6ccbe9e2376427b) C:\Windows\system32\DRIVERS\klim6.sys
22:27:09.0432 8084 KLIM6 - ok
22:27:09.0889 8084 klmouflt (3de1771c135328420315e21dde229bba) C:\Windows\system32\DRIVERS\klmouflt.sys
22:27:09.0913 8084 klmouflt - ok
22:27:10.0270 8084 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
22:27:10.0330 8084 KSecDD - ok
22:27:10.0601 8084 limsgt (6ac289ab3de19bee4868666ea3eef34b) C:\Windows\system32\DRIVERS\limsgt.sys
22:27:10.0629 8084 limsgt - ok
22:27:11.0186 8084 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
22:27:11.0299 8084 lltdio - ok
22:27:11.0700 8084 LMIInfo (4f69faaabb7db0d43e327c0b6aab40fc) C:\Program Files\LogMeIn\x86\RaInfo.sys
22:27:11.0703 8084 LMIInfo - ok
22:27:11.0972 8084 lmimirr (4477689e2d8ae6b78ba34c9af4cc1ed1) C:\Windows\system32\DRIVERS\lmimirr.sys
22:27:12.0005 8084 lmimirr - ok
22:27:12.0265 8084 LMIRfsClientNP - ok
22:27:12.0461 8084 LMIRfsDriver (3faa563ddf853320f90259d455a01d79) C:\Windows\system32\drivers\LMIRfsDriver.sys
22:27:12.0480 8084 LMIRfsDriver - ok
22:27:12.0662 8084 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
22:27:12.0689 8084 LSI_FC - ok
22:27:12.0797 8084 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
22:27:12.0829 8084 LSI_SAS - ok
22:27:12.0925 8084 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
22:27:12.0929 8084 LSI_SCSI - ok
22:27:12.0966 8084 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
22:27:13.0062 8084 luafv - ok
22:27:13.0482 8084 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
22:27:13.0499 8084 megasas - ok
22:27:13.0949 8084 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
22:27:14.0035 8084 Modem - ok
22:27:14.0426 8084 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
22:27:14.0430 8084 monitor - ok
22:27:14.0849 8084 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
22:27:14.0896 8084 mouclass - ok
22:27:15.0392 8084 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
22:27:15.0395 8084 mouhid - ok
22:27:15.0809 8084 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
22:27:15.0824 8084 MountMgr - ok
22:27:16.0065 8084 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
22:27:16.0102 8084 mpio - ok
22:27:16.0483 8084 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
22:27:16.0500 8084 mpsdrv - ok
22:27:16.0664 8084 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
22:27:16.0679 8084 Mraid35x - ok
22:27:16.0742 8084 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
22:27:16.0813 8084 MRxDAV - ok
22:27:16.0992 8084 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:27:17.0061 8084 mrxsmb - ok
22:27:17.0420 8084 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:27:17.0528 8084 mrxsmb10 - ok
22:27:17.0808 8084 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:27:17.0835 8084 mrxsmb20 - ok
22:27:17.0957 8084 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
22:27:17.0989 8084 msahci - ok
22:27:18.0201 8084 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
22:27:18.0266 8084 msdsm - ok
22:27:19.0099 8084 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
22:27:19.0159 8084 Msfs - ok
22:27:19.0740 8084 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
22:27:19.0758 8084 msisadrv - ok
22:27:20.0726 8084 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
22:27:20.0753 8084 MSKSSRV - ok
22:27:21.0315 8084 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
22:27:21.0386 8084 MSPCLOCK - ok
22:27:21.0747 8084 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
22:27:21.0798 8084 MSPQM - ok
22:27:22.0020 8084 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
22:27:22.0096 8084 MsRPC - ok
22:27:22.0754 8084 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
22:27:22.0788 8084 mssmbios - ok
22:27:23.0111 8084 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
22:27:23.0157 8084 MSTEE - ok
22:27:23.0333 8084 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
22:27:23.0368 8084 Mup - ok
22:27:23.0806 8084 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
22:27:23.0812 8084 NativeWifiP - ok
22:27:24.0229 8084 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
22:27:24.0260 8084 NDIS - ok
22:27:24.0602 8084 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
22:27:24.0650 8084 NdisTapi - ok
22:27:25.0325 8084 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
22:27:25.0380 8084 Ndisuio - ok
22:27:25.0772 8084 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
22:27:25.0828 8084 NdisWan - ok
22:27:26.0404 8084 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
22:27:26.0453 8084 NDProxy - ok
22:27:26.0755 8084 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
22:27:26.0759 8084 NetBIOS - ok
22:27:26.0890 8084 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
22:27:26.0906 8084 netbt - ok
22:27:27.0360 8084 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
22:27:27.0380 8084 nfrd960 - ok
22:27:27.0611 8084 nmwcd (b4e87d4f40c57d036e821bd06db1d1b7) C:\Windows\system32\drivers\ccdcmb.sys
22:27:27.0642 8084 nmwcd - ok
22:27:27.0694 8084 nmwcdc (bee0addf01d62725ddc2cc113d6b374c) C:\Windows\system32\drivers\ccdcmbo.sys
22:27:27.0715 8084 nmwcdc - ok
22:27:27.0782 8084 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
22:27:27.0786 8084 Npfs - ok
22:27:27.0819 8084 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
22:27:27.0851 8084 nsiproxy - ok
22:27:27.0940 8084 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
22:27:28.0068 8084 Ntfs - ok
22:27:28.0347 8084 NTIDrvr (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\Windows\system32\DRIVERS\NTIDrvr.sys
22:27:28.0350 8084 NTIDrvr - ok
22:27:28.0836 8084 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
22:27:28.0848 8084 ntrigdigi - ok
22:27:28.0948 8084 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
22:27:28.0965 8084 Null - ok
22:27:30.0633 8084 nvlddmkm (f3f2b0fd5fcda396f2f317a90a195e06) C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:27:30.0896 8084 nvlddmkm - ok
22:27:31.0287 8084 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
22:27:31.0327 8084 nvraid - ok
22:27:31.0599 8084 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
22:27:31.0615 8084 nvstor - ok
22:27:31.0867 8084 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
22:27:31.0878 8084 nv_agp - ok
22:27:32.0220 8084 NwlnkFlt - ok
22:27:32.0345 8084 NwlnkFwd - ok
22:27:32.0478 8084 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
22:27:32.0505 8084 ohci1394 - ok
22:27:32.0623 8084 Parport (8a79fdf04a73428597e2caf9d0d67850) C:\Windows\system32\DRIVERS\parport.sys
22:27:32.0642 8084 Parport - ok
22:27:32.0911 8084 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
22:27:33.0007 8084 partmgr - ok
22:27:33.0389 8084 Parvdm (6c580025c81caf3ae9e3617c22cad00e) C:\Windows\system32\DRIVERS\parvdm.sys
22:27:33.0407 8084 Parvdm - ok
22:27:34.0101 8084 pccsmcfd (175cc28dcf819f78caa3fbd44ad9e52a) C:\Windows\system32\DRIVERS\pccsmcfd.sys
22:27:34.0115 8084 pccsmcfd - ok
22:27:34.0799 8084 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
22:27:34.0855 8084 pci - ok
22:27:35.0438 8084 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
22:27:35.0496 8084 pciide - ok
22:27:36.0114 8084 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
22:27:36.0313 8084 pcmcia - ok
22:27:36.0807 8084 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
22:27:36.0937 8084 PEAUTH - ok
22:27:37.0256 8084 portio (d92d82552127c7b04262e09a6dacf2e9) C:\Windows\system32\DRIVERS\WP800IO.sys
22:27:37.0286 8084 portio - ok
22:27:37.0940 8084 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
22:27:37.0945 8084 PptpMiniport - ok
22:27:38.0291 8084 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
22:27:38.0295 8084 Processor - ok
22:27:38.0872 8084 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
22:27:38.0915 8084 PSched - ok
22:27:39.0443 8084 PSDFilter (c2821f33b846a52fdc25ff554acf11f2) C:\Windows\system32\DRIVERS\psdfilter.sys
22:27:39.0488 8084 PSDFilter - ok
22:27:39.0927 8084 PSDNServ (28d3a91fe7791b970e6b15c88f98dfbd) C:\Windows\system32\drivers\PSDNServ.sys
22:27:39.0930 8084 PSDNServ - ok
22:27:40.0169 8084 psdvdisk (3a66f69459052de13ef8a0f77d728a73) C:\Windows\system32\drivers\psdvdisk.sys
22:27:40.0173 8084 psdvdisk - ok
22:27:40.0255 8084 pwdrvio (31c396331f61990ce235b046a03be0a1) C:\Windows\system32\pwdrvio.sys
22:27:40.0299 8084 pwdrvio - ok
22:27:40.0819 8084 pwdspio (cee974ef297015b9600dcd16a82821b4) C:\Windows\system32\pwdspio.sys
22:27:40.0879 8084 pwdspio - ok
22:27:41.0693 8084 qcusbser (59b96dbe2acb872cc1c9f4c14dbb7690) C:\Windows\system32\DRIVERS\qcusbser.sys
22:27:41.0745 8084 qcusbser - ok
22:27:42.0425 8084 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
22:27:42.0592 8084 ql2300 - ok
22:27:42.0959 8084 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
22:27:42.0976 8084 ql40xx - ok
22:27:43.0376 8084 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
22:27:43.0403 8084 QWAVEdrv - ok
22:27:43.0696 8084 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
22:27:43.0733 8084 RasAcd - ok
22:27:43.0958 8084 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:27:43.0978 8084 Rasl2tp - ok
22:27:44.0421 8084 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
22:27:44.0467 8084 RasPppoe - ok
22:27:44.0939 8084 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
22:27:44.0963 8084 RasSstp - ok
22:27:45.0725 8084 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
22:27:45.0736 8084 rdbss - ok
22:27:46.0125 8084 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:27:46.0154 8084 RDPCDD - ok
22:27:46.0642 8084 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
22:27:46.0691 8084 rdpdr - ok
22:27:46.0939 8084 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
22:27:46.0956 8084 RDPENCDD - ok
22:27:47.0637 8084 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
22:27:47.0799 8084 RDPWD - ok
22:27:48.0078 8084 ROOTMODEM (75e8a6bfa7374aba833ae92bf41ae4e6) C:\Windows\system32\Drivers\RootMdm.sys
22:27:48.0100 8084 ROOTMODEM - ok
22:27:48.0461 8084 RsFx0102 (fedd2710b75be3ecf078adace790c423) C:\Windows\system32\DRIVERS\RsFx0102.sys
22:27:48.0502 8084 RsFx0102 - ok
22:27:49.0232 8084 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
22:27:49.0285 8084 rspndr - ok
22:27:50.0249 8084 RT25USBAP (3ae0728e82edeae0d9c37651c0451535) C:\Windows\system32\DRIVERS\rt25usbap.sys
22:27:50.0527 8084 RT25USBAP - ok
22:27:51.0610 8084 RT73 (5eff124bfabac3e7fc2908be28906b1b) C:\Windows\system32\DRIVERS\rt73.sys
22:27:51.0876 8084 RT73 - ok
22:27:52.0635 8084 RTL8023xp (959ef612d2ccfdb6d9e443f8e3655013) C:\Windows\system32\DRIVERS\Rtnicxp.sys
22:27:52.0936 8084 RTL8023xp - ok
22:27:53.0850 8084 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
22:27:53.0881 8084 sbp2port - ok
22:27:54.0590 8084 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
22:27:54.0712 8084 secdrv - ok
22:27:55.0186 8084 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
22:27:55.0251 8084 Serenum - ok
22:27:56.0054 8084 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
22:27:56.0111 8084 Serial - ok
22:27:56.0514 8084 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
22:27:56.0546 8084 sermouse - ok
22:27:57.0863 8084 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
22:27:57.0884 8084 sffdisk - ok
22:27:58.0149 8084 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
22:27:58.0164 8084 sffp_mmc - ok
22:27:58.0513 8084 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
22:27:58.0552 8084 sffp_sd - ok
22:27:59.0160 8084 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
22:27:59.0175 8084 sfloppy - ok
22:28:00.0243 8084 SiS6350 (5fbf39e781059105c1a3d6c28805e432) C:\Windows\system32\DRIVERS\SISGRKMD.sys
22:28:00.0653 8084 SiS6350 - ok
22:28:01.0663 8084 SISAGP (df1af7f5f1ec7800b3ac398acc06c754) C:\Windows\system32\DRIVERS\SISAGPX.sys
22:28:01.0696 8084 SISAGP - ok
22:28:02.0212 8084 SiSGbeLH (f3c4c6c4daf2212ac905475ed0f0fb1b) C:\Windows\system32\DRIVERS\SiSGB6.sys
22:28:02.0229 8084 SiSGbeLH - ok
22:28:02.0838 8084 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
22:28:02.0854 8084 SiSRaid2 - ok
22:28:03.0280 8084 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
22:28:03.0285 8084 SiSRaid4 - ok
22:28:04.0110 8084 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
22:28:04.0200 8084 Smb - ok
22:28:05.0096 8084 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
22:28:05.0171 8084 spldr - ok
22:28:05.0777 8084 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
22:28:05.0801 8084 srv - ok
22:28:06.0154 8084 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
22:28:06.0251 8084 srv2 - ok
22:28:06.0807 8084 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
22:28:06.0993 8084 srvnet - ok
22:28:07.0353 8084 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
22:28:07.0373 8084 swenum - ok
22:28:07.0880 8084 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
22:28:07.0889 8084 Symc8xx - ok
22:28:08.0500 8084 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
22:28:08.0532 8084 Sym_hi - ok
22:28:08.0978 8084 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
22:28:09.0001 8084 Sym_u3 - ok
22:28:09.0598 8084 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
22:28:09.0655 8084 Tcpip - ok
22:28:10.0081 8084 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
22:28:10.0090 8084 Tcpip6 - ok
22:28:10.0250 8084 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
22:28:10.0272 8084 tcpipreg - ok
22:28:10.0803 8084 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
22:28:10.0875 8084 TDPIPE - ok
22:28:11.0152 8084 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
22:28:11.0223 8084 TDTCP - ok
22:28:12.0154 8084 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
22:28:12.0226 8084 tdx - ok
22:28:12.0610 8084 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
22:28:12.0626 8084 TermDD - ok
22:28:13.0061 8084 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:28:13.0064 8084 tssecsrv - ok
22:28:13.0250 8084 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
22:28:13.0269 8084 tunmp - ok
22:28:13.0516 8084 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
22:28:13.0551 8084 tunnel - ok
22:28:13.0991 8084 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\DRIVERS\uagp35.sys
22:28:13.0995 8084 uagp35 - ok
22:28:14.0496 8084 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
22:28:14.0573 8084 udfs - ok
22:28:15.0155 8084 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
22:28:15.0233 8084 uliagpkx - ok
22:28:15.0784 8084 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
22:28:15.0961 8084 uliahci - ok
22:28:16.0577 8084 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
22:28:16.0594 8084 UlSata - ok
22:28:16.0947 8084 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
22:28:16.0967 8084 ulsata2 - ok
22:28:17.0253 8084 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
22:28:17.0276 8084 umbus - ok
22:28:17.0568 8084 upperdev (f5d2aa9d56a3a01a190d01cd961ba0e7) C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
22:28:17.0598 8084 upperdev - ok
22:28:17.0925 8084 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
22:28:17.0966 8084 usbaudio - ok
22:28:18.0170 8084 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
22:28:18.0179 8084 usbccgp - ok
22:28:18.0269 8084 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
22:28:18.0285 8084 usbcir - ok
22:28:18.0372 8084 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
22:28:18.0384 8084 usbehci - ok
22:28:18.0427 8084 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
22:28:18.0432 8084 usbhub - ok
22:28:18.0625 8084 USBIO (f90d8f845095fcd6924e3d751c04e442) C:\Windows\system32\Drivers\usbio.sys
22:28:18.0629 8084 USBIO - ok
22:28:18.0682 8084 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
22:28:18.0689 8084 usbohci - ok
22:28:18.0759 8084 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
22:28:18.0779 8084 usbprint - ok
22:28:18.0923 8084 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
22:28:18.0927 8084 usbscan - ok
22:28:19.0029 8084 usbser (d575246188f63de0accf6eac5fb59e6a) C:\Windows\system32\drivers\usbser.sys
22:28:19.0044 8084 usbser - ok
22:28:19.0410 8084 UsbserFilt (eb2d3830646e393776e1ef98ac76a43d) C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
22:28:19.0428 8084 UsbserFilt - ok
22:28:19.0772 8084 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:28:19.0776 8084 USBSTOR - ok
22:28:19.0919 8084 usbuhci (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys
22:28:19.0923 8084 usbuhci - ok
22:28:19.0954 8084 MBR (0x1B8) (a863475757cc50891aa8458c415e4b25) \Device\Harddisk0\DR0
22:28:23.0297 8084 \Device\Harddisk0\DR0 - ok
22:28:23.0333 8084 Boot (0x1200) (15a5aa849f3943655e35cfd41cd48f52) \Device\Harddisk0\DR0\Partition0
22:28:23.0355 8084 \Device\Harddisk0\DR0\Partition0 - ok
22:28:23.0428 8084 Boot (0x1200) (877a93761815b5ecf4a1084d68db917f) \Device\Harddisk0\DR0\Partition1
22:28:23.0502 8084 \Device\Harddisk0\DR0\Partition1 - ok
22:28:23.0502 8084 ============================================================
22:28:23.0503 8084 Scan finished
22:28:23.0503 8084 ============================================================
22:28:23.0507 7320 Detected object count: 0
22:28:23.0507 7320 Actual detected object count: 0
22:29:33.0575 6376 Deinitialize success
Ecco qui
 

Federico83

UTENTE LEGGENDARIO
Utente Èlite
35,407
6,323
CPU
Ryzen 7 3700X
Dissipatore
NDH15
Scheda Madre
Gigabyte auros X570 elite
HDD
4.5TB + 15 di NAS lol
RAM
16 GB G.Skill 3200
GPU
RTX2070
Monitor
IIyama 28" 4K
PSU
Cooler Master GX 650
Case
REV200
OS
Windows11x64pro
sposto in sicurezza visti i log
 

Alessio Vito Vitali

Nuovo Utente
56
2
Il log di Combofix è incompleto.

Torna in C:\Combofix.txt e invia il log.

Codice:
ComboFix 12-02-29.01 - Alessio 29/02/2012  22.42.43.1.2 - x86Microsoft® Windows Vista™ Home Basic   6.0.6002.2.1252.39.1040.18.2047.1195 [GMT 1:00]
Eseguito da: c:\users\Alessio\Desktop\abc.exe
Opzioni usate :: /killall
AV: Kaspersky Internet Security *Enabled/Updated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
FW: Kaspersky Internet Security *Enabled* {1691B380-548E-1A7A-BE85-9A42CE15AEFF}
SP: Kaspersky Internet Security *Enabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((   Altre eliminazioni   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\9C4
c:\programdata\9C4\{804BFF0E-3A0F-48AF-A25C-3AC999DE4A5F}.swf
c:\programdata\Microsoft\Windows\Start Menu\Programs\Spyware-Secure
c:\programdata\Microsoft\Windows\Start Menu\Programs\Spyware-Secure\Website.lnk
c:\programdata\Tarma Installer
c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setup.dll
c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll
c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\20100212181132.log
c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.dat
c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.exe
c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.ico
c:\users\Alessio\AppData\Local\venvdf.dat
c:\users\Alessio\AppData\Local\venvdf_nav.dat
c:\users\Alessio\AppData\Local\venvdf_navps.dat
c:\users\Alessio\AppData\Local\vznagrtkgo.dat
c:\users\Alessio\AppData\Local\vznagrtkgo_nav.dat
c:\users\Alessio\AppData\Local\vznagrtkgo_navps.dat
c:\users\Alessio\AppData\Roaming\cacaoweb
c:\users\Alessio\AppData\Roaming\cacaoweb\adstorage.db
c:\users\Alessio\AppData\Roaming\cacaoweb\cacaoweb.exe
c:\users\Alessio\AppData\Roaming\cacaoweb\npdfile.dat
c:\users\Alessio\AppData\Roaming\cacaoweb\storage.db
c:\users\Alessio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MessengerSkinner
c:\users\Public\AutoCAD_2011_Italian_Win_32bit.exe.part
c:\windows\IsUn0410.exe
c:\windows\ST6UNST.000
c:\windows\system32\~GLH00c0.TMP
c:\windows\system32\AutoRun.inf
c:\windows\system32\CddbCdda.dll
c:\windows\unin0410.exe
.
.
(((((((((((((((((((((((((   Files Creati Da 2012-01-28 al 2012-02-29  )))))))))))))))))))))))))))))))))))
.
.
2012-02-29 21:57 . 2012-02-29 22:04	--------	d-----w-	c:\users\Alessio\AppData\Local\temp
2012-02-29 21:57 . 2012-02-29 21:57	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-02-29 21:57 . 2012-02-29 21:57	--------	d-----w-	c:\users\Administrator\AppData\Local\temp
2012-02-29 13:16 . 2012-02-29 13:16	--------	d-----w-	c:\program files\LogMeIn Hamachi
2012-02-28 21:55 . 2012-02-28 21:55	159744	----a-w-	c:\program files\Internet Explorer\Plugin\npqtplugin7.dll
2012-02-28 21:55 . 2012-02-28 21:55	159744	----a-w-	c:\program files\Internet Explorer\Plugin\npqtplugin6.dll
2012-02-28 21:55 . 2012-02-28 21:55	159744	----a-w-	c:\program files\Internet Explorer\Plugin\npqtplugin5.dll
2012-02-28 21:55 . 2012-02-28 21:55	159744	----a-w-	c:\program files\Internet Explorer\Plugin\npqtplugin4.dll
2012-02-28 21:55 . 2012-02-28 21:55	159744	----a-w-	c:\program files\Internet Explorer\Plugin\npqtplugin3.dll
2012-02-28 21:55 . 2012-02-28 21:55	159744	----a-w-	c:\program files\Internet Explorer\Plugin\npqtplugin2.dll
2012-02-28 21:55 . 2012-02-28 21:55	159744	----a-w-	c:\program files\Internet Explorer\Plugin\npqtplugin.dll
2012-02-28 12:09 . 2012-02-08 06:03	6552120	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{14C13D41-C53F-466F-BF40-8257A7ADF0CB}\mpengine.dll
2012-02-27 11:16 . 2012-02-27 11:16	--------	d-----w-	c:\users\Alessio\AppData\Local\ADDP
2012-02-27 11:16 . 2012-02-27 11:17	--------	d-----w-	c:\users\Alessio\AppData\Local\Acer
2012-02-27 11:14 . 2012-02-28 16:14	--------	d-----w-	c:\programdata\Acer
2012-02-27 11:11 . 2012-02-27 11:11	--------	d-----w-	c:\program files\Acer
2012-02-27 11:02 . 2009-08-14 16:08	105984	----a-w-	c:\windows\system32\drivers\qcusbser.sys
2012-02-27 11:02 . 2009-08-21 16:41	25728	----a-w-	c:\windows\system32\drivers\androidusb.sys
2012-02-24 23:08 . 2012-02-26 20:30	--------	d-----w-	c:\users\Alessio\AppData\Roaming\gtk-2.0
2012-02-24 23:08 . 2012-02-24 23:08	--------	d-----w-	c:\users\Alessio\.thumbnails
2012-02-07 23:15 . 2012-02-08 21:40	--------	d-----w-	c:\programdata\AVAST Software
2012-02-07 23:15 . 2012-02-07 23:15	--------	d-----w-	c:\program files\AVAST Software
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-22 13:26 . 2011-05-15 10:29	414368	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-01-29 04:10 . 2010-02-05 16:19	237072	------w-	c:\windows\system32\MpSigStub.exe
2011-12-07 17:22 . 2011-12-22 20:18	83360	----a-w-	c:\windows\system32\LMIRfsClientNP.dll
2011-12-07 17:22 . 2011-12-22 20:18	52096	----a-w-	c:\windows\system32\Spool\prtprocs\w32x86\LMIproc.dll
2011-12-07 17:22 . 2011-12-22 20:18	30592	----a-w-	c:\windows\system32\LMIport.dll
2011-12-07 17:21 . 2011-12-22 20:18	87424	----a-w-	c:\windows\system32\LMIinit.dll
.
.
(((((((((((((((((((((((((((((((((((((   Punti Reg Caricati   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati. 
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{648ae81b-1966-43cf-bcb4-ff85276e4f6d}"= "c:\program files\Video_Converter\tbVide.dll" [2009-05-18 2094616]
"{9565115d-c7d6-46d3-bd63-b67b481a4368}"= "c:\program files\PageRage\tbPage.dll" [2009-12-31 2349080]
"{08d495ab-a86c-47b0-82ef-da87bf92f730}"= "c:\program files\Messenger_Plus_Live_Italy\tbMess.dll" [2010-04-15 2515552]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\tbVuze.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{648ae81b-1966-43cf-bcb4-ff85276e4f6d}]
.
[HKEY_CLASSES_ROOT\clsid\{9565115d-c7d6-46d3-bd63-b67b481a4368}]
.
[HKEY_CLASSES_ROOT\clsid\{08d495ab-a86c-47b0-82ef-da87bf92f730}]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{08d495ab-a86c-47b0-82ef-da87bf92f730}]
2010-04-15 10:33	2515552	----a-w-	c:\program files\Messenger_Plus_Live_Italy\tbMess.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-08-26 09:32	279944	----a-w-	c:\program files\AskBarDis\bar\bin\askBar.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-12-09 11:51	3911776	----a-w-	c:\program files\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{648ae81b-1966-43cf-bcb4-ff85276e4f6d}]
2009-05-18 10:54	2094616	----a-w-	c:\program files\Video_Converter\tbVide.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9565115d-c7d6-46d3-bd63-b67b481a4368}]
2009-12-31 10:53	2349080	----a-w-	c:\program files\PageRage\tbPage.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
2010-12-09 11:51	3911776	----a-w-	c:\program files\Vuze_Remote\tbVuze.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
2010-02-05 00:42	194912	------w-	c:\program files\Yontoo Layers Client\YontooIEClient.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-08-26 279944]
"{648ae81b-1966-43cf-bcb4-ff85276e4f6d}"= "c:\program files\Video_Converter\tbVide.dll" [2009-05-18 2094616]
"{9565115d-c7d6-46d3-bd63-b67b481a4368}"= "c:\program files\PageRage\tbPage.dll" [2009-12-31 2349080]
"{08d495ab-a86c-47b0-82ef-da87bf92f730}"= "c:\program files\Messenger_Plus_Live_Italy\tbMess.dll" [2010-04-15 2515552]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\tbVuze.dll" [2010-12-09 3911776]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
.
[HKEY_CLASSES_ROOT\clsid\{648ae81b-1966-43cf-bcb4-ff85276e4f6d}]
.
[HKEY_CLASSES_ROOT\clsid\{9565115d-c7d6-46d3-bd63-b67b481a4368}]
.
[HKEY_CLASSES_ROOT\clsid\{08d495ab-a86c-47b0-82ef-da87bf92f730}]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-08-26 279944]
"{648AE81B-1966-43CF-BCB4-FF85276E4F6D}"= "c:\program files\Video_Converter\tbVide.dll" [2009-05-18 2094616]
"{9565115D-C7D6-46D3-BD63-B67B481A4368}"= "c:\program files\PageRage\tbPage.dll" [2009-12-31 2349080]
"{08D495AB-A86C-47B0-82EF-DA87BF92F730}"= "c:\program files\Messenger_Plus_Live_Italy\tbMess.dll" [2010-04-15 2515552]
"{BA14329E-9550-4989-B3F2-9732E92D17CC}"= "c:\program files\Vuze_Remote\tbVuze.dll" [2010-12-09 3911776]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
.
[HKEY_CLASSES_ROOT\clsid\{648ae81b-1966-43cf-bcb4-ff85276e4f6d}]
.
[HKEY_CLASSES_ROOT\clsid\{9565115d-c7d6-46d3-bd63-b67b481a4368}]
.
[HKEY_CLASSES_ROOT\clsid\{08d495ab-a86c-47b0-82ef-da87bf92f730}]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-10 1233920]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-08-11 249856]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-12-03 68856]
"Akamai NetSession Interface"="c:\users\Alessio\AppData\Local\Akamai\netsession_win.exe" [2012-02-02 3329824]
"Acer AnySync"="c:\program files\Acer\AcerSync\AcerSync.exe" [2011-06-16 3044456]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-02-15 4390912]
"Acer Empowering Technology Monitor"="c:\acer\Empowering Technology\SysMonitor.exe" [2007-01-24 319488]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-02-06 464168]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-04-12 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-04-12 8429568]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-04-12 81920]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-05-04 252136]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-01-16 421736]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-11-30 198160]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe" [2011-04-24 202296]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-02-28 1987976]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-02-15 151552]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696]
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2006-1-12 528384]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0aswBoot.exe /M:5704dae8b
.
[HKLM\~\startupfolder\C:^Users^Alessio^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Ritaglio schermata e avvio di OneNote 2007.lnk]
path=c:\users\Alessio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Ritaglio schermata e avvio di OneNote 2007.lnk
backup=c:\windows\pss\Ritaglio schermata e avvio di OneNote 2007.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Heck Aim]
c:\programdata\five byte byte.r11hu [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LESS CITY AMEN SETUP]
c:\programdata\Mags Bags Owns.j5mov [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Tour Reminder]
2007-02-15 17:39	151552	----a-w-	c:\acer\AcerTour\Reminder.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2010-04-13 00:29	47392	----a-w-	c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2011-11-01 22:25	59240	----a-w-	c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-08-02 07:33	4910912	----a-w-	c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GM4IE]
2006-07-23 08:32	61440	----a-w-	c:\program files\SocialPlus\gm4ie.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2012-01-16 16:22	421736	----a-w-	c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI]
2011-09-16 13:10	63048	----a-w-	c:\program files\LogMeIn\x86\LogMeInSystray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
2012-02-28 16:38	1987976	----a-w-	c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2010-04-16 21:11	3872080	----a-w-	c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia.PCSync]
2008-06-17 14:00	1249280	----a-w-	c:\program files\Nokia\Nokia PC Suite 7\PcSync2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2008-06-18 12:31	1122816	----a-w-	c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]
2007-01-12 20:24	151552	------w-	c:\acer\Empowering Technology\eMode\PCM\PCMService.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PSPAP]
2007-02-02 10:30	2990080	----a-w-	c:\program files\Thrustmaster\FunAccess\PSPAP.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2009-11-30 10:01	198160	----a-w-	c:\program files\Common Files\Real\Update_OB\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp]
2006-11-05 19:48	57344	----a-w-	c:\acer\WR_PopUp\WarReg_PopUp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-19 07:38	1008184	----a-w-	c:\program files\Windows Defender\MSASCui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WPCUMI]
2006-11-02 12:34	176128	----a-w-	c:\windows\System32\wpcumi.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
S2 AcerSyncSystemService;AcerSyncSystemService;c:\program files\Acer\AcerSync\AcerSyncSystemService.exe [2011-06-16 60312]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork	REG_MULTI_SZ   	PLA DPS BFE mpssvc
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
Akamai	REG_MULTI_SZ   	Akamai
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
.
Contenuto della cartella 'Scheduled Tasks'
.
2012-02-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-11 20:39]
.
2012-02-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-11 20:39]
.
2012-02-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2786955474-3549510060-3803283922-1000Core.job
- c:\users\Alessio\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-25 21:28]
.
2012-02-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2786955474-3549510060-3803283922-1000UA.job
- c:\users\Alessio\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-25 21:28]
.
2010-12-15 c:\windows\Tasks\User_Feed_Synchronization-{35774BE7-2DE0-4C32-A470-2606B1CBB571}.job
- c:\windows\system32\msfeedssync.exe [2012-02-19 04:44]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://home.sweetim.com
uInternet Settings,ProxyServer = http=;ftp=;https=;
uInternet Settings,ProxyOverride = 127.0.0.1:9421
IE: &SHOUTcast Search - c:\programdata\SHOUTcast Radio Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: Aggiungi ad Anti-Banner - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: c:\windows\system32\wpclsp.dll
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
URLSearchHooks-{37483b40-c254-4a72-bda4-22ee90182c1e} - (no file)
URLSearchHooks-{c2db4fe6-8409-45ce-8010-189a7b5cce86} - (no file)
BHO-{37483b40-c254-4a72-bda4-22ee90182c1e} - (no file)
BHO-{c2db4fe6-8409-45ce-8010-189a7b5cce86} - (no file)
Toolbar-{37483b40-c254-4a72-bda4-22ee90182c1e} - (no file)
Toolbar-{c2db4fe6-8409-45ce-8010-189a7b5cce86} - (no file)
WebBrowser-{37483B40-C254-4A72-BDA4-22EE90182C1E} - (no file)
WebBrowser-{C2DB4FE6-8409-45CE-8010-189A7B5CCE86} - (no file)
HKCU-Run-Acer Tour Reminder - (no file)
HKCU-Run-cacaoweb - c:\users\Alessio\AppData\Roaming\cacaoweb\cacaoweb.exe
HKLM-Run-Acer Tour - (no file)
HKLM-Run-eRecoveryService - (no file)
HKLM-Run-SymLnch - c:\program files\Common Files\Symantec Shared\SymSetup\{C1C185CA-C531-49F5-A6FA-B838405A049D}_15_5_0_23\Support\SymLnch\SymLnch.exe
MSConfigStartUp-DAEMON Tools Net Agent - c:\program files\DAEMON Tools Net\DTAgent.exe
MSConfigStartUp-EA Core - c:\program files\Electronic Arts\EADM\Core.exe
MSConfigStartUp-Faim - c:\program files\faim\Faim.exe
MSConfigStartUp-Malwarebytes Anti-Malware (reboot) - c:\program files\Malwarebytes' Anti-Malware\mbam.exe
MSConfigStartUp-WinampAgent - c:\program files\Winamp\winampa.exe
AddRemove-Convert Image To PDF_is1 - c:\program files\Softinterface
AddRemove-{889DF117-14D1-44EE-9F31-C5FB5D47F68B} - c:\progra~2\TARMAI~1\{889DF~1\Setup.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-02-29 23:04
Windows 6.0.6002 Service Pack 2 NTFS
.
scansione processi nascosti ... 
.
scansione entrate autostart nascoste ... 
.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
  cacaoweb = "c:\users\Alessio\AppData\Roaming\cacaoweb\cacaoweb.exe" -noplayer?abled:cacaoweb?ng??R???????????Q???????R???????????R???R???H???????H?????????????r???????Service Pack 2??????????????????????????????????????????????????????????????????????????????????S???????:b8H 
.
Scansione files nascosti ... 
.
.
c:\users\Alessio\AppData\Local\Temp\catchme.dll 53248 bytes executable
.
Scansione completata con successo
Files nascosti: 1
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Akamai]
"ServiceDll"="c:\program files\common files\akamai/netsession_win_7de0ed9.dll"
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_USERS\S-1-5-21-2786955474-3549510060-3803283922-1000\Software\SecuROM\License information*]
"datasecu"=hex:2a,88,49,ff,dc,bf,c3,16,3f,1f,30,a5,f3,38,51,51,53,cc,57,ca,b4,
   b0,c7,e9,a8,dd,bf,a2,8f,45,b8,43,34,22,7b,07,98,5e,01,47,54,0e,56,23,48,20,\
"rkeysecu"=hex:17,98,39,da,9d,d0,6e,e0,da,6e,d8,17,0e,7f,dc,a5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
.
- - - - - - - > 'Explorer.exe'(5960)
c:\windows\system32\MsnChatHook.dll
c:\windows\system32\ShowErrMsg.dll
c:\windows\system32\sysenv.dll
c:\windows\system32\BatchCrypto.dll
c:\windows\system32\CryptoAPI.dll
c:\windows\system32\keyManager.dll
c:\program files\Nokia\Nokia PC Suite 7\phonebrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_ita.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\acer\Empowering Technology\ePerformance\MemCheck.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\acer\Empowering Technology\eMode\PCM\Kernel\TV\CLCapSvc.exe
c:\acer\Empowering Technology\eDataSecurity\eDSService.exe
c:\program files\LogMeIn Hamachi\hamachi-2.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\LogMeIn\x86\LMIGuardianSvc.exe
c:\program files\LogMeIn\x86\RaMaint.exe
c:\program files\LogMeIn\x86\LogMeIn.exe
c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
c:\program files\Nero\Update\NASvc.exe
c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\Cyberlink\Shared files\RichVideo.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\acer\Empowering Technology\eMode\PCM\Kernel\TV\CLSched.exe
c:\acer\Empowering Technology\eRecovery\eRecoveryService.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\conime.exe
c:\windows\RtHDVCpl.exe
c:\windows\System32\rundll32.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Acer\AcerSync\adb.exe
c:\program files\Acer\AcerSync\AcerSyncLiveUpdate.exe
c:\program files\Acer\AcerSync\FOTA.exe
.
**************************************************************************
.
Ora fine scansione: 2012-02-29  23:14:37 - Il pc è stato riavviato
ComboFix-quarantined-files.txt  2012-02-29 22:14
.
Pre-Run: 8.469.913.600 byte disponibili
Post-Run: 13.214.744.576 byte disponibili
.
- - End Of File - - BB9B95B8F2571B603169DF499D75A176
 

tecnico24

Utente Èlite
10,706
1,072
Ciao ,
salva il file CFScript.txt che ti ho allegato in basso e salvalo sul desktop.
Adesso trascina con il tasto sinistro del mouse il file CFScript.txt sull'icona di combofix a forma di leone posizionata sul desktop.

Poi:
Scarica Malwarebytes : Free anti-malware, anti-virus and spyware removal download
● Installalo e aggiornalo alle ultime definizioni
Scansione completa del sistema
● Al termine , se individuerà le minaccie , selezionale e clicca su Rimuovi elementi selezionati.

Inviaci
​il log di combofix dopo le operazioni e quello di malwarebytes.
 

Allegati

  • CFScript.txt
    1.2 KB · Visualizzazioni: 182

Alessio Vito Vitali

Nuovo Utente
56
2
Ciao ,
salva il file CFScript.txt che ti ho allegato in basso e salvalo sul desktop.
Adesso trascina con il tasto sinistro del mouse il file CFScript.txt sull'icona di combofix a forma di leone posizionata sul desktop.

Poi:
Scarica Malwarebytes : Free anti-malware, anti-virus and spyware removal download
● Installalo e aggiornalo alle ultime definizioni
Scansione completa del sistema
● Al termine , se individuerà le minaccie , selezionale e clicca su Rimuovi elementi selezionati.

Inviaci
​il log di combofix dopo le operazioni e quello di malwarebytes.
ComboFix:
ComboFix 12-02-29.01 - Alessio 02/03/2012 21.39.51.2.2 - x86Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.39.1040.18.2047.984 [GMT 1:00]
Eseguito da: C:\Users\Alessio\Desktop\abc.exe
Opzioni usate :: C:\Users\Alessio\Downloads\CFScript (1).txt
AV: Kaspersky Internet Security *Disabled/Updated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
FW: Kaspersky Internet Security *Disabled* {1691B380-548E-1A7A-BE85-9A42CE15AEFF}
SP: Kaspersky Internet Security *Disabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}




((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))




C:\Users\Alessio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Videos.url
C:\Users\Alessio\Favorites\Videos.url
C:\Users\Alessio\java.exe
C:\Windows\system32\drivers\etc\hosts.ics




((((((((((((((((((((((((( Files Creati Da 2012-02-02 al 2012-03-02 )))))))))))))))))))))))))))))))))))




2012-03-02 20:56:05 . 2012-03-02 21:12:13 -------- d-----w- C:\Users\Alessio\AppData\Local\temp
2012-03-02 20:56:05 . 2012-03-02 20:56:05 -------- d-----w- C:\Users\Default\AppData\Local\temp
2012-03-02 20:56:05 . 2012-03-02 20:56:05 -------- d-----w- C:\Users\Administrator\AppData\Local\temp
2012-03-02 09:26:59 . 2012-02-08 06:03:00 6552120 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DF780576-F82E-4AE3-88F3-8F706F211C75}\mpengine.dll
2012-02-29 21:38:02 . 2012-02-29 22:14:47 -------- d-----w- C:\abc
2012-02-29 13:16:29 . 2012-02-29 13:16:29 -------- d-----w- C:\Program Files\LogMeIn Hamachi
2012-02-28 21:55:37 . 2012-02-28 21:55:37 159744 ----a-w- C:\Program Files\Internet Explorer\Plugin\npqtplugin7.dll
2012-02-28 21:55:37 . 2012-02-28 21:55:37 159744 ----a-w- C:\Program Files\Internet Explorer\Plugin\npqtplugin6.dll
2012-02-28 21:55:37 . 2012-02-28 21:55:37 159744 ----a-w- C:\Program Files\Internet Explorer\Plugin\npqtplugin5.dll
2012-02-28 21:55:37 . 2012-02-28 21:55:36 159744 ----a-w- C:\Program Files\Internet Explorer\Plugin\npqtplugin4.dll
2012-02-28 21:55:37 . 2012-02-28 21:55:36 159744 ----a-w- C:\Program Files\Internet Explorer\Plugin\npqtplugin3.dll
2012-02-28 21:55:37 . 2012-02-28 21:55:36 159744 ----a-w- C:\Program Files\Internet Explorer\Plugin\npqtplugin2.dll
2012-02-28 21:55:37 . 2012-02-28 21:55:35 159744 ----a-w- C:\Program Files\Internet Explorer\Plugin\npqtplugin.dll
2012-02-27 11:16:27 . 2012-02-27 11:16:27 -------- d-----w- C:\Users\Alessio\AppData\Local\ADDP
2012-02-27 11:16:21 . 2012-02-27 11:17:06 -------- d-----w- C:\Users\Alessio\AppData\Local\Acer
2012-02-27 11:14:31 . 2012-02-28 16:14:33 -------- d-----w- C:\ProgramData\Acer
2012-02-27 11:11:47 . 2012-02-27 11:11:47 -------- d-----w- C:\Program Files\Acer
2012-02-27 11:02:04 . 2009-08-14 16:08:50 105984 ----a-w- C:\Windows\system32\drivers\qcusbser.sys
2012-02-27 11:02:03 . 2009-08-21 16:41:02 25728 ----a-w- C:\Windows\system32\drivers\androidusb.sys
2012-02-24 23:08:28 . 2012-02-26 20:30:10 -------- d-----w- C:\Users\Alessio\AppData\Roaming\gtk-2.0
2012-02-24 23:08:16 . 2012-02-24 23:08:16 -------- d-----w- C:\Users\Alessio\.thumbnails
2012-02-07 23:15:38 . 2012-02-08 21:40:21 -------- d-----w- C:\ProgramData\AVAST Software
2012-02-07 23:15:38 . 2012-02-07 23:15:38 -------- d-----w- C:\Program Files\AVAST Software
.




(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))


2012-02-22 13:26:07 . 2011-05-15 10:29:00 414368 ----a-w- C:\Windows\system32\FlashPlayerCPLApp.cpl
2012-01-29 04:10:42 . 2010-02-05 16:19:59 237072 ------w- C:\Windows\system32\MpSigStub.exe
2011-12-07 17:22:16 . 2011-12-22 20:18:17 83360 ----a-w- C:\Windows\system32\LMIRfsClientNP.dll
2011-12-07 17:22:08 . 2011-12-22 20:18:27 52096 ----a-w- C:\Windows\system32\Spool\prtprocs\w32x86\LMIproc.dll
2011-12-07 17:22:00 . 2011-12-22 20:18:26 30592 ----a-w- C:\Windows\system32\LMIport.dll
2011-12-07 17:21:58 . 2011-12-22 20:18:04 87424 ----a-w- C:\Windows\system32\LMIinit.dll




((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))




*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2009-04-10 21:28:04 1233920]
"ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-08-11 13:30:30 249856]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-12-03 21:04:25 68856]
"Akamai NetSession Interface"="C:\Users\Alessio\AppData\Local\Akamai\netsession_win.exe" [2012-02-02 01:44:30 3329824]
"Acer AnySync"="C:\Program Files\Acer\AcerSync\AcerSync.exe" [2011-06-16 16:03:34 3044456]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-02-15 09:07:16 4390912]
"Acer Empowering Technology Monitor"="C:\Acer\Empowering Technology\SysMonitor.exe" [2007-01-24 09:27:50 319488]
"eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-02-06 23:04:16 464168]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 13:30:30 81920]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 20:34:40 49152]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-04-12 15:07:00 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-04-12 15:07:00 8429568]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-04-12 15:07:00 81920]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2012-01-16 16:22:12 421736]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2009-11-30 10:01:45 198160]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe" [2011-04-24 22:15:02 202296]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2011-07-05 16:36:48 421888]
"LogMeIn Hamachi Ui"="C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-02-28 16:38:56 1987976]


[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Acer Tour Reminder"="C:\Acer\AcerTour\Reminder.exe" [2007-02-15 17:39:08 151552]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 21:11:46 3872080]


C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696]
Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe [2006-1-12 528384]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv


[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0aswBoot.exe /M:5704dae8b


[HKLM\~\startupfolder\C:^Users^Alessio^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Ritaglio schermata e avvio di OneNote 2007.lnk]
path=C:\Users\Alessio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Ritaglio schermata e avvio di OneNote 2007.lnk
backup=C:\Windows\pss\Ritaglio schermata e avvio di OneNote 2007.lnk.Startup
backupExtension=.Startup


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Heck Aim]
C:\ProgramData\five byte byte.r11hu [X]


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LESS CITY AMEN SETUP]
C:\ProgramData\Mags Bags Owns.j5mov [X]


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Tour Reminder]
2007-02-15 17:39:08 151552 ----a-w- C:\Acer\AcerTour\Reminder.exe


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2010-04-13 00:29:02 47392 ----a-w- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2011-11-01 22:25:58 59240 ----a-w- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-08-02 07:33:30 4910912 ----a-w- C:\Program Files\DAEMON Tools Lite\DTLite.exe


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GM4IE]
2006-07-23 08:32:16 61440 ----a-w- C:\Program Files\SocialPlus\gm4ie.exe


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2012-01-16 16:22:12 421736 ----a-w- C:\Program Files\iTunes\iTunesHelper.exe


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI]
2011-09-16 13:10:50 63048 ----a-w- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
2012-02-28 16:38:56 1987976 ----a-w- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2010-04-16 21:11:46 3872080 ----a-w- C:\Program Files\Windows Live\Messenger\msnmsgr.exe


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia.PCSync]
2008-06-17 14:00:34 1249280 ----a-w- C:\Program Files\Nokia\Nokia PC Suite 7\PcSync2.exe


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2008-06-18 12:31:00 1122816 ----a-w- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]
2007-01-12 20:24:58 151552 ------w- C:\Acer\Empowering Technology\eMode\PCM\PCMService.exe


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PSPAP]
2007-02-02 10:30:34 2990080 ----a-w- C:\Program Files\Thrustmaster\FunAccess\PSPAP.exe


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2009-11-30 10:01:45 198160 ----a-w- C:\Program Files\Common Files\Real\Update_OB\realsched.exe


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp]
2006-11-05 19:48:22 57344 ----a-w- C:\Acer\WR_PopUp\WarReg_PopUp.exe


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-19 07:38:38 1008184 ----a-w- C:\Program Files\Windows Defender\MSASCui.exe


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WPCUMI]
2006-11-02 12:34:44 176128 ----a-w- C:\Windows\System32\wpcumi.exe


[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001


[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001


[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001


S2 AcerSyncSystemService;AcerSyncSystemService;C:\Program Files\Acer\AcerSync\AcerSyncSystemService.exe [2011-06-16 16:59:14 60312]




[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
Akamai REG_MULTI_SZ Akamai
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache


Contenuto della cartella 'Scheduled Tasks'


2012-03-02 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2009-05-11 20:40:09 . 2009-05-11 20:39:50]


2012-03-02 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2009-05-11 20:40:09 . 2009-05-11 20:39:50]


2012-03-02 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2786955474-3549510060-3803283922-1000Core.job
- C:\Users\Alessio\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-25 22:37:11 . 2011-10-18 21:28:57]


2012-03-02 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2786955474-3549510060-3803283922-1000UA.job
- C:\Users\Alessio\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-25 22:37:11 . 2011-10-18 21:28:57]


2010-12-15 C:\Windows\Tasks\User_Feed_Synchronization-{35774BE7-2DE0-4C32-A470-2606B1CBB571}.job
- C:\Windows\system32\msfeedssync.exe [2012-02-19 15:21:04 . 2011-12-15 04:44:22]




------- Scansione supplementare -------


uStart Page = hxxp://www.google.it/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://home.sweetim.com
uInternet Settings,ProxyServer = http=;ftp=;https=;
IE: &SHOUTcast Search - C:\ProgramData\SHOUTcast Radio Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: Aggiungi ad Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm
IE: E&sporta in Microsoft Excel - C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: C:\Windows\system32\wpclsp.dll


- - - - CHIAVI ORFANE RIMOSSE - - - -


BHO-{08d495ab-a86c-47b0-82ef-da87bf92f730} - (no file)
BHO-{9565115d-c7d6-46d3-bd63-b67b481a4368} - (no file)
Toolbar-{3041d03e-fd4b-44e0-b742-2d9b88305f98} - (no file)
Toolbar-{9565115d-c7d6-46d3-bd63-b67b481a4368} - (no file)
Toolbar-{08d495ab-a86c-47b0-82ef-da87bf92f730} - (no file)
WebBrowser-{3041D03E-FD4B-44E0-B742-2D9B88305F98} - (no file)
WebBrowser-{9565115D-C7D6-46D3-BD63-B67B481A4368} - (no file)
WebBrowser-{08D495AB-A86C-47B0-82EF-DA87BF92F730} - (no file)
Sembra che continui, ma in realtà finisce così il log

MalwareBytes:
Malwarebytes Anti-Malware 1.60.1.1000www.malwarebytes.org


Versione database: v2012.03.02.05


Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.19190
Alessio :: PC-ALESSIO [amministratore]


03/03/2012 10.43.34
mbam-log-2012-03-03 (10-43-34).txt


Tipo di scansione: Scansione completa
Opzioni di scansione attive: Memoria | Esecuzione automatica | Registro | File system | Euristica/Extra | Euristica/Shuriken | PUP | PUM
Opzioni di scansione disattivate: P2P
Elementi esaminati: 429296
Tempo impiegato: 3 ore, 46 minuti, 21 secondi


Processi rilevati in memoria: 0
(non sono stati rilevati elementi nocivi)


Moduli di memoria rilevati: 0
(non sono stati rilevati elementi nocivi)


Chiavi di registro rilevate: 1
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> Spostato in quarantena ed eliminato con successo.


Valori di registro rilevati: 0
(non sono stati rilevati elementi nocivi)


Voci rilevate nei dati di registro: 0
(non sono stati rilevati elementi nocivi)


Cartelle rilevate: 0
(non sono stati rilevati elementi nocivi)


File rilevati: 1
C:\Qoobox\Quarantine\C\Users\Alessio\AppData\Roaming\cacaoweb\cacaoweb.exe.vir (Trojan.Agent) -> Spostato in quarantena ed eliminato con successo.


(fine)
Il pc per ora si comporta come prima
p.s. inoltre appare il messaggio "Servizio profili utente ha smesso di funzionare", con la classica richiesta di riavvio con ricerca di soluzione o no. Poi se cerco di collegarmi un server, sia esso per scaricare aggiornamenti Windows, o per giocare a Minecraft online, non comunica
 
Ultima modifica:

tecnico24

Utente Èlite
10,706
1,072
Utilizza il fix di microsoft per ripristinare la connessione:
Reimpostazione del protocollo Internet (TCP/IP)

Poi :
Start
Nella casella di ricerca digita cmd
Nei risultati che ti appaiono , tasto destro su cmd e clicca su Esegui come Amministratore.
A questo punto digita sfc /scannow che provvederà a ripristinare eventuali file danneggiati da malware.

Accedi alla modalità provvisoria con l'utente administrators e vedi che succede.
Se il problema non si ripresenta , riavvia il pc in modalità normale e riprova.
 

Alessio Vito Vitali

Nuovo Utente
56
2
Utilizza il fix di microsoft per ripristinare la connessione:
Reimpostazione del protocollo Internet (TCP/IP)

Poi :
Start
Nella casella di ricerca digita cmd
Nei risultati che ti appaiono , tasto destro su cmd e clicca su Esegui come Amministratore.
A questo punto digita sfc /scannow che provvederà a ripristinare eventuali file danneggiati da malware.

Accedi alla modalità provvisoria con l'utente administrators e vedi che succede.
Se il problema non si ripresenta , riavvia il pc in modalità normale e riprova.
Intanto ti ringrazio per avermi seguito fin'ora, poi:
non riesco ancora a collegarmi ai server, mi dice che ci metto troppo a collegarmi, suppongo quindi che internet sia troppo lento, e il problema riguardante il servizio profili utente persiste, insomma, è tutto uguale a prima
 
Ultima modifica:

tecnico24

Utente Èlite
10,706
1,072
Intanto ti ringrazio per avermi seguito fin'ora, poi:
non riesco ancora a collegarmi ai server, mi dice che ci metto troppo a collegarmi, suppongo quindi che internet sia troppo lento, e il problema riguardante il servizio profili utente persiste, insomma, è tutto uguale a prima

Hai provato le soluzioni elencate sopra ?
Sfc /scannow ripristina o installa eventuali file danneggiati.
 

Entra

oppure Accedi utilizzando
Discord Ufficiale Entra ora!

Discussioni Simili