www.MegaLab.it

[malfeitor]

Ciao a tutti,
prima volta che scrivo quì per cui spero di non fare errori.
Oggi il mio pc ha deciso di rallentare il passo, ma forse ha un po esagerato....non riesco a vedere neanche un film perché va a scatti.
Essendo completamente ignorante vi chiedo consigli sul da farsi.

Qui sotto log di hijack

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 22.44.14, on 05/02/2014
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)

FIREFOX: 26.0 (it)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Sygate\SPF\smc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRAMMI\A-SQUARED FREE\a2service.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\Programmi\Java\jre7\bin\jqs.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\Programmi\iTunes\iTunesHelper.exe
C:\Programmi\File comuni\Java\Java Update\jusched.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programmi\AVAST Software\Avast\AvastUI.exe
C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\DOCUME~1\COMPAQ~1\IMPOST~1\Temp\HouseCall\housecall.bin
C:\Documents and Settings\Compaq_Proprietario\Documenti\Download\msert.exe
C:\Documents and Settings\Compaq_Proprietario\Documenti\Download\HijackThis(1).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://it.yahoo.com/?fr=fp-yie8
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fornito da Yahoo!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programmi\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programmi\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programmi\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programmi\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Programmi\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [UsbBoost] C:\Programmi\UsbBoost\TurboHddUsb.exe
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [LXCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [APSDaemon] "C:\Programmi\File comuni\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\File comuni\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Programmi\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\RunOnce: [20131224] C:\Programmi\AVAST Software\Avast\setup\emupdate\4c197d9b-75f2-49aa-8cdb-86468c3bbbdb.exe /check
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmi\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: SIDA.Connect.lnk = C:\AQ\supdate.exe
O8 - Extra context menu item: Converti destinazione link in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Converti i link selezionati in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Converti i link selezionati in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Converti nel file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Converti selezione in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Guida alla connessione - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\con=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Guida alla connessione - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\con=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra button: Guida alla connessione - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\con=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
O9 - Extra 'Tools' menuitem: Guida alla connessione - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\con=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
O9 - Extra button: Alice - {E34BCFB3-C976-42CC-97D5-9518B9C42B22} - http://gw.aliceadsl.it/alice (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://gw.aliceadsl.it/home
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partne ... nicode.cab
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (Bitdefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resourc ... oscan8.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{463BEDF3-9729-4019-A6EE-4D47609FBD65}: NameServer = 192.168.1.1
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Programmi\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\PROGRAMMI\A-SQUARED FREE\a2service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Programmi\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Servizio Bonjour (Bonjour Service) - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - C:\Programmi\File comuni\BOONTY Shared\Service\Boonty.exe
O23 - Service: BvrpKrnl - Unknown owner - (no file)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Programmi\Java\jre7\bin\jqs.exe
O23 - Service: lxcc_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcccoms.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Programmi\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Programmi\Sygate\SPF\smc.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Programmi\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 12233 bytes

[stevens]

scarica combofix sull desktop, non metterlo in cartelle come documenti ecc...ecc... ma deve essere sul desktop
non installare la recovery console se te lo chiede
Lascia lavorare il programma senza interferire
Allega il rapporto C:\ComboFix.txt nella tua risposta

[malfeitor]

ComboFix 14-02-05.02 - Compaq_Proprietario 06/02/2014 1.11.46.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.39.1040.18.1022.469 [GMT 1:00]
Eseguito da: c:\documents and settings\Compaq_Proprietario\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Sygate Personal Firewall *Enabled* {BE898FE3-CD0B-4014-85A9-03DB9923DDB6}
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Dati applicazioni\TEMP
c:\documents and settings\Compaq_Proprietario\WINDOWS
c:\documents and settings\Default User\WINDOWS
c:\programmi\WinRAR\Leggimi.Txt
c:\programmi\WinRAR\Leggimi_1a.Txt
c:\programmi\WinRAR\Licenza.Txt
c:\programmi\WinRAR\NoteTecniche.Txt
c:\programmi\WinRAR\Ordin.htm
c:\programmi\WinRAR\Ordina.htm
c:\programmi\WinRAR\SorgUnRAR.Txt
c:\windows\IsUn0410.exe
c:\windows\iun6002.exe
c:\windows\system32\config\systemprofile\WINDOWS
c:\windows\unin0410.exe
D:\Autorun.inf
.
c:\windows\system32\drivers\intelppm.sys . . . is missing!!
.
.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_BOONTY_GAMES
-------\Service_Boonty Games
.
.
((((((((((((((((((((((((( Files Creati Da 2014-01-06 al 2014-02-06 )))))))))))))))))))))))))))))))))))
.
.
2014-02-05 20:58 . 2011-06-21 04:09 200976 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2014-02-05 15:35 . 2014-02-05 15:35 -------- d-----w- c:\documents and settings\Compaq_Proprietario\Dati applicazioni\AVAST Software
2014-02-05 11:10 . 2014-02-05 13:06 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\SecTaskMan
2014-01-30 12:09 . 2014-01-30 12:09 -------- d-----w- c:\programmi\FLV Video Player
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-05 20:34 . 2013-04-03 12:57 67824 ----a-w- c:\windows\system32\drivers\aswmonflt.sys
2014-02-05 14:38 . 2010-03-17 18:13 57672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2014-02-05 14:38 . 2013-04-03 12:57 180248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-02-05 14:38 . 2011-04-01 13:58 775952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-02-05 14:38 . 2010-03-17 18:13 410784 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-02-05 14:38 . 2013-04-03 12:57 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-02-05 14:37 . 2010-03-17 18:13 54832 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2014-02-05 14:37 . 2011-04-01 13:57 43152 ----a-w- c:\windows\avastSS.scr
2014-02-05 14:37 . 2010-03-17 18:13 270240 ----a-w- c:\windows\system32\aswBoot.exe
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
.
[7] 2004-08-19 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\asyncmac.sys
[7] 2004-08-19 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\drivers\asyncmac.sys
.
[7] 2004-08-19 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys
[7] 2004-08-19 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys
.
[7] 2004-08-19 . E883AE6EA0B313E659225AA32E449CE9 . 25088 . . [5.1.2600.2180] . . c:\windows\system32\drivers\kbdclass.sys
[7] 2004-08-19 . E883AE6EA0B313E659225AA32E449CE9 . 25088 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\kbdclass.sys
[7] 2004-08-19 . E883AE6EA0B313E659225AA32E449CE9 . 25088 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\kbdclass.sys
.
[7] 2004-08-19 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ndis.sys
[7] 2004-08-19 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\system32\drivers\ndis.sys
.
[7] 2004-08-19 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ntfs.sys
[7] 2004-08-19 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\system32\drivers\ntfs.sys
[7] 2004-08-19 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\I386\NTFS.SYS
.
[7] 2004-08-19 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys
[7] 2004-08-19 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys
.
[-] 2010-03-17 . C81D6A930A7805F6DAA0C7902B99037E . 359040 . . [5.1.2600.2180] . . c:\windows\system32\drivers\TCPIP.SYS
[-] 2010-03-17 . C81D6A930A7805F6DAA0C7902B99037E . 359040 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\TCPIP.SYS
.
[7] 2004-08-19 . 72FBF0322BE8A0F25AE722FDE36AB1E6 . 77312 . . [5.1.2600.2180] . . c:\windows\system32\browser.dll
[7] 2004-08-19 . 72FBF0322BE8A0F25AE722FDE36AB1E6 . 77312 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\browser.dll
.
[7] 2004-08-19 . 0815E8DA286775FA432C7C9EE5E10BA1 . 13312 . . [5.1.2600.2180] . . c:\windows\system32\lsass.exe
[7] 2004-08-19 . 0815E8DA286775FA432C7C9EE5E10BA1 . 13312 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\lsass.exe
.
[7] 2004-08-19 . 4AD6F202266A25BC0CC1DCE2A3D91563 . 198144 . . [5.1.2600.2180] . . c:\windows\system32\netman.dll
[7] 2004-08-19 . 4AD6F202266A25BC0CC1DCE2A3D91563 . 198144 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\netman.dll
.
[7] 2004-08-19 12:00 . B979BBBA74F4F5DB69C3A5DFDC52828C . 845824 . . [2001.12.4414.258] . . c:\windows\system32\comres.dll
[7] 2004-08-19 12:00 . B979BBBA74F4F5DB69C3A5DFDC52828C . 845824 . . [2001.12.4414.258] . . c:\windows\system32\dllcache\comres.dll
.
[7] 2004-08-19 . 04E8321935AD5643FF59901F3EF5F4F3 . 382464 . . [6.6.2600.2180] . . c:\windows\system32\qmgr.dll
[7] 2004-08-19 . 04E8321935AD5643FF59901F3EF5F4F3 . 382464 . . [6.6.2600.2180] . . c:\windows\system32\dllcache\qmgr.dll
.
[7] 2004-08-19 . 0C015AB735A4624C44CB5696E9208C4C . 395776 . . [5.1.2600.2180] . . c:\windows\system32\rpcss.dll
[7] 2004-08-19 . 0C015AB735A4624C44CB5696E9208C4C . 395776 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\rpcss.dll
.
[7] 2004-08-19 . E77F6FA2A15390F1727F4C1C55B69DA6 . 108544 . . [5.1.2600.2180] . . c:\windows\system32\services.exe
[7] 2004-08-19 . E77F6FA2A15390F1727F4C1C55B69DA6 . 108544 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\services.exe
.
[7] 2004-08-19 . 216F8454A9415DD3E451B169DC3121C4 . 57856 . . [5.1.2600.2180] . . c:\windows\system32\spoolsv.exe
[7] 2004-08-19 . 216F8454A9415DD3E451B169DC3121C4 . 57856 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\spoolsv.exe
.
[7] 2004-08-19 . 4166454E2BCFCC20D1B8A5AC9FEAB243 . 504832 . . [5.1.2600.2180] . . c:\windows\system32\winlogon.exe
[7] 2004-08-19 . 4166454E2BCFCC20D1B8A5AC9FEAB243 . 504832 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\winlogon.exe
.
[7] 2009-08-06 . 62BB79160F86CD962F312C68C6239BFD . 53472 . . [7.4.7600.226] . . c:\windows\system32\wuauclt.exe
[7] 2009-08-06 . 62BB79160F86CD962F312C68C6239BFD . 53472 . . [7.4.7600.226] . . c:\windows\system32\dllcache\wuauclt.exe
.
[7] 2004-08-19 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ipsec.sys
[7] 2004-08-19 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\system32\drivers\ipsec.sys
.
[7] 2004-08-19 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
[7] 2004-08-19 . D81759006D620D41F7FD1D2A4A10C7F3 . 1050624 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
[7] 2004-08-19 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\I386\ASMS\6000\MSFT\WINDOWS\COMMON\CONTROLS\COMCTL32.DLL
[7] 2004-08-19 . 0FE5F5912C30795C455A9645970E6C7C . 611328 . . [5.82] . . c:\windows\system32\comctl32.dll
[7] 2004-08-19 . 0FE5F5912C30795C455A9645970E6C7C . 611328 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll
.
[7] 2004-08-19 . E0CC838265401128097D182FB583889A . 60416 . . [5.1.2600.2180] . . c:\windows\system32\cryptsvc.dll
[7] 2004-08-19 . E0CC838265401128097D182FB583889A . 60416 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\cryptsvc.dll
.
[7] 2004-08-19 12:00 . 16A4DE76313DD3ABF7635565BAAF1512 . 243200 . . [2001.12.4414.258] . . c:\windows\system32\es.dll
[7] 2004-08-19 12:00 . 16A4DE76313DD3ABF7635565BAAF1512 . 243200 . . [2001.12.4414.258] . . c:\windows\system32\dllcache\es.dll
.
[7] 2004-08-19 . CA38A6091ECAC2668EC99AFD4B6C0615 . 110080 . . [5.1.2600.2180] . . c:\windows\system32\imm32.dll
[7] 2004-08-19 . CA38A6091ECAC2668EC99AFD4B6C0615 . 110080 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\imm32.dll
.
[7] 2004-08-19 . FEB3CC200749FF119BB8B08224A1A594 . 1027584 . . [5.1.2600.2180] . . c:\windows\system32\kernel32.dll
[7] 2004-08-19 . FEB3CC200749FF119BB8B08224A1A594 . 1027584 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\kernel32.dll
.
[7] 2004-08-19 . AED27A44228C3B2D24406A2755133922 . 18944 . . [5.1.2600.2180] . . c:\windows\system32\linkinfo.dll
[7] 2004-08-19 . AED27A44228C3B2D24406A2755133922 . 18944 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\linkinfo.dll
.
[7] 2004-08-19 . 54260506F6A2589DCF5722E32BDC7CB6 . 22016 . . [5.1.2600.2180] . . c:\windows\system32\lpk.dll
[7] 2004-08-19 . 54260506F6A2589DCF5722E32BDC7CB6 . 22016 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\lpk.dll
.
[7] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\system32\mshtml.dll
[7] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\system32\dllcache\mshtml.dll
.
[7] 2004-08-19 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll
[7] 2004-08-19 . F1B3C3DE9374C4A7B29A92BD749404B5 . 343040 . . [7.0.2600.2180] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll
[7] 2004-08-19 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\I386\ASMS\7000\MSFT\WINDOWS\MSWINCRT\MSVCRT.DLL
[7] 2004-08-19 . 9E6CB81BE111B9935F6A97C367CABD4E . 343040 . . [7.0.2600.2180] . . c:\windows\system32\msvcrt.dll
[7] 2004-08-19 . 9E6CB81BE111B9935F6A97C367CABD4E . 343040 . . [7.0.2600.2180] . . c:\windows\system32\dllcache\msvcrt.dll
.
[7] 2004-08-19 . 337CB52AF1F7CF6C0F57EC8BD14DC6D1 . 247296 . . [5.1.2600.2180] . . c:\windows\system32\mswsock.dll
[7] 2004-08-19 . 337CB52AF1F7CF6C0F57EC8BD14DC6D1 . 247296 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\mswsock.dll
.
[7] 2004-08-19 . 926BB51BB6DE79DEDB93E9C2B0811CCF . 407040 . . [5.1.2600.2180] . . c:\windows\system32\netlogon.dll
[7] 2004-08-19 . 926BB51BB6DE79DEDB93E9C2B0811CCF . 407040 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\netlogon.dll
.
[7] 2004-08-19 . 41FF9D663219A1DD0397FE2C5B09436C . 17408 . . [6.00.2900.2180] . . c:\windows\system32\powrprof.dll
[7] 2004-08-19 . 41FF9D663219A1DD0397FE2C5B09436C . 17408 . . [6.00.2900.2180] . . c:\windows\system32\dllcache\powrprof.dll
.
[7] 2004-08-19 . 1446EB71ADF0F54980CDD7E5A812E102 . 186880 . . [5.1.2600.2180] . . c:\windows\system32\scecli.dll
[7] 2004-08-19 . 1446EB71ADF0F54980CDD7E5A812E102 . 186880 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\scecli.dll
.
[7] 2004-08-19 . E6F026DBC75B6EED7331EBF581AFD4D8 . 5120 . . [5.1.2600.2180] . . c:\windows\system32\sfc.dll
[7] 2004-08-19 . E6F026DBC75B6EED7331EBF581AFD4D8 . 5120 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\sfc.dll
.
[7] 2004-08-19 . 73955B04F209D8A1C633867841267A96 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\svchost.exe
[7] 2004-08-19 . 73955B04F209D8A1C633867841267A96 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\svchost.exe
.
[7] 2004-08-19 . 2F8CBA2D2A332EB5D2A7DC084E3B30B3 . 246272 . . [5.1.2600.2180] . . c:\windows\system32\tapisrv.dll
[7] 2004-08-19 . 2F8CBA2D2A332EB5D2A7DC084E3B30B3 . 246272 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\tapisrv.dll
.
[7] 2004-08-19 . 08447BDFCE5D1B1956F962602381F5C1 . 578048 . . [5.1.2600.2180] . . c:\windows\system32\user32.dll
[7] 2004-08-19 . 08447BDFCE5D1B1956F962602381F5C1 . 578048 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\user32.dll
.
[7] 2004-08-19 . C1E7FE19F98A877BF8F941BF48148695 . 25088 . . [5.1.2600.2180] . . c:\windows\system32\userinit.exe
[7] 2004-08-19 . C1E7FE19F98A877BF8F941BF48148695 . 25088 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\userinit.exe
.
[7] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\system32\wininet.dll
[7] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\system32\dllcache\wininet.dll
[7] 2005-01-28 . 3FB5565B436507C981A70D822CB8680D . 659456 . . [6.00.2900.2577] . . c:\windows\ie8\wininet.dll
[7] 2005-01-28 . 934B43C987C2D3BA72CA0A2CE3E83064 . 660480 . . [6.00.2900.2598] . . c:\windows\$hf_mig$\KB867282\SP2QFE\wininet.dll
.
[7] 2004-08-19 . 12EAD983C875ED9BCC8B90E3F77F2E4A . 82944 . . [5.1.2600.2180] . . c:\windows\system32\ws2_32.dll
[7] 2004-08-19 . 12EAD983C875ED9BCC8B90E3F77F2E4A . 82944 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ws2_32.dll
.
[7] 2004-08-19 . 0C1F495C1761C126BC820F4DE4C8B967 . 19968 . . [5.1.2600.2180] . . c:\windows\system32\ws2help.dll
[7] 2004-08-19 . 0C1F495C1761C126BC820F4DE4C8B967 . 19968 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ws2help.dll
.
[7] 2004-08-19 . 178D42BD8FC34A9837417A6CE1D6BB7B . 1034752 . . [6.00.2900.2180] . . c:\windows\explorer.exe
[7] 2004-08-19 . 178D42BD8FC34A9837417A6CE1D6BB7B . 1034752 . . [6.00.2900.2180] . . c:\windows\system32\dllcache\explorer.exe
.
[7] 2004-08-19 . 2452458A26C4DD00E68F060870317675 . 151552 . . [5.1.2600.2180] . . c:\windows\regedit.exe
[7] 2004-08-19 . 2452458A26C4DD00E68F060870317675 . 151552 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\regedit.exe
[7] 2004-08-19 . 2452458A26C4DD00E68F060870317675 . 151552 . . [5.1.2600.2180] . . c:\windows\I386\REGEDIT.EXE
.
[7] 2004-08-19 . 66364440C71911D07468F3791206FB87 . 1281024 . . [5.1.2600.2180] . . c:\windows\system32\ole32.dll
[7] 2004-08-19 . 66364440C71911D07468F3791206FB87 . 1281024 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ole32.dll
.
[7] 2004-08-19 . D80FEA125DC5860E4BC786AE07DE6DB8 . 406528 . . [1.0420.2600.2180] . . c:\windows\system32\usp10.dll
[7] 2004-08-19 . D80FEA125DC5860E4BC786AE07DE6DB8 . 406528 . . [1.0420.2600.2180] . . c:\windows\system32\dllcache\usp10.dll
.
[7] 2004-08-19 . FBBB356A996903FFB831BF72FD2A3E85 . 4096 . . [5.3.2600.2180] . . c:\windows\system32\ksuser.dll
[7] 2004-08-19 . FBBB356A996903FFB831BF72FD2A3E85 . 4096 . . [5.3.2600.2180] . . c:\windows\system32\dllcache\ksuser.dll
[7] 2004-08-19 . FBBB356A996903FFB831BF72FD2A3E85 . 4096 . . [5.3.2600.2180] . . c:\windows\system32\ReinstallBackups\0001\DriverFiles\i386\ksuser.dll
.
[7] 2004-08-19 . 5B33B4265966EE063C7FBEA28958D9C2 . 15360 . . [5.1.2600.2180] . . c:\windows\system32\ctfmon.exe
[7] 2004-08-19 . 5B33B4265966EE063C7FBEA28958D9C2 . 15360 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ctfmon.exe
.
[7] 2004-08-19 . 500E8EF27757B1C463A4A263ED2C95D2 . 134656 . . [6.00.2900.2180] . . c:\windows\system32\shsvcs.dll
[7] 2004-08-19 . 500E8EF27757B1C463A4A263ED2C95D2 . 134656 . . [6.00.2900.2180] . . c:\windows\system32\dllcache\shsvcs.dll
.
[7] 2004-08-19 . 51F309AA675B5B77D19C573B7E0BB253 . 4608 . . [5.1.2600.2180] . . c:\windows\system32\msimg32.dll
[7] 2004-08-19 . 51F309AA675B5B77D19C573B7E0BB253 . 4608 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\msimg32.dll
.
[7] 2004-08-19 . BA4E8AC9A60C4527C969D08F3ABE9D36 . 171008 . . [5.1.2600.2180] . . c:\windows\system32\srsvc.dll
[7] 2004-08-19 . BA4E8AC9A60C4527C969D08F3ABE9D36 . 171008 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\srsvc.dll
.
[7] 2004-08-19 . A49C11376727F7ADC7E206E4C89B24E1 . 13824 . . [5.1.2600.2180] . . c:\windows\system32\wscntfy.exe
[7] 2004-08-19 . A49C11376727F7ADC7E206E4C89B24E1 . 13824 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\wscntfy.exe
.
[7] 2004-08-19 . 3208BAD59EFA3F4FCCCFBF1317F2A1C1 . 129536 . . [5.1.2600.2180] . . c:\windows\system32\xmlprov.dll
[7] 2004-08-19 . 3208BAD59EFA3F4FCCCFBF1317F2A1C1 . 129536 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\xmlprov.dll
.
[7] 2004-08-19 . 75A0AECC55A3F0B9E2D54119FA4AAB6D . 729600 . . [5.1.2600.2180] . . c:\windows\system32\ntdll.dll
[7] 2004-08-19 . 75A0AECC55A3F0B9E2D54119FA4AAB6D . 729600 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ntdll.dll
[7] 2004-08-19 . 75A0AECC55A3F0B9E2D54119FA4AAB6D . 729600 . . [5.1.2600.2180] . . c:\windows\I386\NTDLL.DLL
[7] 2004-08-19 . 75A0AECC55A3F0B9E2D54119FA4AAB6D . 729600 . . [5.1.2600.2180] . . c:\windows\I386\SYSTEM32\NTDLL.DLL
.
[7] 2004-08-19 . 29DE0B3FB6DEC623E2DC5E9C7C89CAB8 . 177152 . . [5.1.2600.2180] . . c:\windows\system32\MSCTFIME.IME
[7] 2004-08-19 . 29DE0B3FB6DEC623E2DC5E9C7C89CAB8 . 177152 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\msctfime.ime
.
[7] 2004-08-19 . D1CAA255F33C06C8302769A86FFB905E . 55808 . . [5.1.2600.2180] . . c:\windows\system32\eventlog.dll
[7] 2004-08-19 . D1CAA255F33C06C8302769A86FFB905E . 55808 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\eventlog.dll
.
[7] 2004-08-19 . 0F9AAB130D89786A59F8F93A9E23C658 . 1548288 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll
[7] 2004-08-19 . 0F9AAB130D89786A59F8F93A9E23C658 . 1548288 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\sfcfiles.dll
.
[7] 2004-08-19 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ipsec.sys
[7] 2004-08-19 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\system32\drivers\ipsec.sys
.
[7] 2004-08-19 . 78FBE7DA29307EDE7ED0E33F1C4969BC . 59904 . . [5.1.2600.2180] . . c:\windows\system32\regsvc.dll
[7] 2004-08-19 . 78FBE7DA29307EDE7ED0E33F1C4969BC . 59904 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\regsvc.dll
.
[7] 2004-08-19 . 546254D4769E165CDC3388D74B201FCB . 193024 . . [5.1.2600.2180] . . c:\windows\system32\schedsvc.dll
[7] 2004-08-19 . 546254D4769E165CDC3388D74B201FCB . 193024 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\schedsvc.dll
.
[7] 2004-08-19 . 1FBF38A525EEDD7402BFA7E27236A64F . 71680 . . [5.1.2600.2180] . . c:\windows\system32\ssdpsrv.dll
[7] 2004-08-19 . 1FBF38A525EEDD7402BFA7E27236A64F . 71680 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ssdpsrv.dll
.
[7] 2004-08-19 . C06CD1890279603E15020757E02DE56B . 296960 . . [5.1.2600.2180] . . c:\windows\system32\termsrv.dll
[7] 2004-08-19 . C06CD1890279603E15020757E02DE56B . 296960 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\termsrv.dll
.
[7] 2004-08-19 . 250D4F4E1E27543C121378268FE07208 . 346624 . . [5.1.2600.2180] . . c:\windows\system32\hnetcfg.dll
[7] 2004-08-19 . 250D4F4E1E27543C121378268FE07208 . 346624 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\hnetcfg.dll
.
[7] 2004-08-19 . 49AC5CD87FBDDA62F3E25190019E7627 . 12160 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys
.
[7] 2004-08-04 04:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\system32\dllcache\aec.sys
[7] 2004-08-04 04:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\system32\drivers\aec.sys
.
[7] 2004-08-19 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ip6fw.sys
[7] 2004-08-19 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\system32\drivers\ip6fw.sys
.
[7] 2004-08-19 . A95D0546FEA43AB8B1E87676799E432E . 36352 . . [5.1.2600.2180] . . c:\windows\system32\iprip.dll
[7] 2004-08-19 . A95D0546FEA43AB8B1E87676799E432E . 36352 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\iprip.dll
.
[7] 2004-08-19 12:00 . 907601D4078A5526CDA46536A4288E44 . 924432 . . [4.1.6140] . . c:\windows\system32\mfc40u.dll
[7] 2004-08-19 12:00 . 907601D4078A5526CDA46536A4288E44 . 924432 . . [4.1.6140] . . c:\windows\system32\dllcache\mfc40u.dll
.
[7] 2004-08-19 . 3777AB9537D05BFD404B0FBC13A140A6 . 33792 . . [5.1.2600.2180] . . c:\windows\system32\msgsvc.dll
[7] 2004-08-19 . 3777AB9537D05BFD404B0FBC13A140A6 . 33792 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\msgsvc.dll
.
[7] 2006-10-18 19:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll
[7] 2006-10-18 19:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\dllcache\mspmsnsv.dll
[7] 2004-08-19 12:00 . 68B975F737FA8F063F4036F9F8432F0A . 52736 . . [9.0.1.56] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll
[7] 2004-08-11 06:45 . A477391B7A8B0A0DAABADB17CF533A4B . 25088 . . [10.0.3790.3646] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
[7] 2004-08-11 06:45 . A477391B7A8B0A0DAABADB17CF533A4B . 25088 . . [10.0.3790.3646] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll
.
[7] 2004-08-19 . 4DC3A3626B02C39AA69AAE6F64BFBC2D . 2060544 . . [5.1.2600.2180] . . c:\windows\system32\ntkrnlpa.exe
.
[7] 2004-08-19 12:00 . 6D96A941EED90224486F9AF30B9666E1 . 437248 . . [5.1.2400.2180] . . c:\windows\system32\ntmssvc.dll
[7] 2004-08-19 12:00 . 6D96A941EED90224486F9AF30B9666E1 . 437248 . . [5.1.2400.2180] . . c:\windows\system32\dllcache\ntmssvc.dll
.
[7] 2004-08-19 . 55D9782BFE8C70B70E892E51566BF7D4 . 185344 . . [5.1.2600.2180] . . c:\windows\system32\upnphost.dll
[7] 2004-08-19 . 55D9782BFE8C70B70E892E51566BF7D4 . 185344 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\upnphost.dll
.
[7] 2004-08-19 . E99A5DF2A937580361D6C698E4620DBA . 367616 . . [5.3.2600.2180] . . c:\windows\system32\dsound.dll
[7] 2004-08-19 . E99A5DF2A937580361D6C698E4620DBA . 367616 . . [5.3.2600.2180] . . c:\windows\system32\dllcache\dsound.dll
.
[7] 2004-08-19 . CC954D05B696D408EA1A962651FC6F83 . 1689088 . . [5.03.2600.2180] . . c:\windows\system32\d3d9.dll
[7] 2004-08-19 . CC954D05B696D408EA1A962651FC6F83 . 1689088 . . [5.03.2600.2180] . . c:\windows\system32\dllcache\d3d9.dll
.
[7] 2004-08-19 . 613E66ACE3FAE6523E6F1A0183AF7F2D . 266240 . . [5.03.2600.2180] . . c:\windows\system32\ddraw.dll
[7] 2004-08-19 . 613E66ACE3FAE6523E6F1A0183AF7F2D . 266240 . . [5.03.2600.2180] . . c:\windows\system32\dllcache\ddraw.dll
.
[7] 2004-08-19 12:00 . CB6B225CC6C85CDA0430EF12441EA5B6 . 83456 . . [5.1.2600.2180] . . c:\windows\system32\olepro32.dll
[7] 2004-08-19 12:00 . CB6B225CC6C85CDA0430EF12441EA5B6 . 83456 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\olepro32.dll
.
[7] 2004-08-19 . 8058A9383E61C45D25B93B26605F2A80 . 40960 . . [5.1.2600.2180] . . c:\windows\system32\perfctrs.dll
[7] 2004-08-19 . 8058A9383E61C45D25B93B26605F2A80 . 40960 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\perfctrs.dll
.
[7] 2004-08-19 . 9B5A59851D9A237C86210E07E2195A12 . 18944 . . [5.1.2600.2180] . . c:\windows\system32\version.dll
[7] 2004-08-19 . 9B5A59851D9A237C86210E07E2195A12 . 18944 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\version.dll
.
[7] 2009-03-08 . B60DDDD2D63CE41CB8C487FCFBB6419E . 638816 . . [8.00.6001.18702] . . c:\windows\system32\dllcache\iexplore.exe
[7] 2004-08-19 . C49ED6E4358FFAECFE70FC8F3C67D224 . 93184 . . [6.00.2900.2180] . . c:\windows\ie8\iexplore.exe
.
.
.
[7] 2004-08-19 . 4591CF1F202181113DE2996E79A2905A . 2184704 . . [5.1.2600.2180] . . c:\windows\system32\ntoskrnl.exe
.
[7] 2004-08-19 . BA4E8AC9A60C4527C969D08F3ABE9D36 . 171008 . . [5.1.2600.2180] . . c:\windows\system32\srsvc.dll
[7] 2004-08-19 . BA4E8AC9A60C4527C969D08F3ABE9D36 . 171008 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\srsvc.dll
.
[7] 2004-08-19 . 8B97D00E5C6A593EBB605CE4B8A5CAA5 . 176640 . . [5.1.2600.2180] . . c:\windows\system32\w32time.dll
[7] 2004-08-19 . 8B97D00E5C6A593EBB605CE4B8A5CAA5 . 176640 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\w32time.dll
.
[7] 2004-08-19 . 2BB718BB4252909C389B3966492B0F30 . 333824 . . [5.1.2600.2180] . . c:\windows\system32\wiaservc.dll
[7] 2004-08-19 . 2BB718BB4252909C389B3966492B0F30 . 333824 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\wiaservc.dll
.
[7] 2004-08-19 . EAAA11BE5C162266E698F7658BD8A1DA . 18944 . . [5.1.2600.2180] . . c:\windows\system32\midimap.dll
[7] 2004-08-19 . EAAA11BE5C162266E698F7658BD8A1DA . 18944 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\midimap.dll
.
[7] 2004-08-19 . 057393DFF71E294EDF6DB3AD2A0CD0DE . 8192 . . [5.1.2600.2180] . . c:\windows\system32\rasadhlp.dll
[7] 2004-08-19 . 057393DFF71E294EDF6DB3AD2A0CD0DE . 8192 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\rasadhlp.dll
.
[7] 2004-08-19 . 08B3A60A4DD7FAE800B552F8F8D5DEB0 . 19968 . . [5.1.2600.2180] . . c:\windows\system32\wshtcpip.dll
[7] 2004-08-19 . 08B3A60A4DD7FAE800B552F8F8D5DEB0 . 19968 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\wshtcpip.dll
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-02-05 14:37 259464 ----a-w- c:\programmi\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\programmi\File comuni\Ahead\lib\NMBgMonitor.exe" [2005-09-03 94208]
"SUPERAntiSpyware"="c:\programmi\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-02-27 1310720]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-19 15360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-02-24 5537792]
"nwiz"="nwiz.exe" [2005-02-24 1495040]
"KBD"="c:\hp\KBD\KBD.EXE" [2005-02-02 61440]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2004-04-14 233472]
"PS2"="c:\windows\system32\ps2.exe" [2003-09-12 98304]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-14 253952]
"UsbBoost"="c:\programmi\UsbBoost\TurboHddUsb.exe" [2009-12-16 3788800]
"SmcService"="c:\progra~1\Sygate\SPF\smc.exe" [2004-10-15 2577632]
"LXCCCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll" [2005-01-10 69632]
"QuickTime Task"="c:\programmi\QuickTime\qttask.exe" [2005-01-02 98304]
"APSDaemon"="c:\programmi\File comuni\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"iTunesHelper"="c:\programmi\iTunes\iTunesHelper.exe" [2012-12-12 152544]
"SunJavaUpdateSched"="c:\programmi\File comuni\Java\Java Update\jusched.exe" [2013-03-12 253816]
"AvastUI.exe"="c:\programmi\AVAST Software\Avast\AvastUI.exe" [2014-02-05 3767096]
.
c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Avvio veloce di Adobe Reader.lnk - c:\programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]
SIDA.Connect.lnk - c:\aq\supdate.exe [2009-10-27 2146816]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2007-02-27 10:39 282624 ----a-w- c:\programmi\SUPERAntiSpyware\SASWINLO.dll
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\iTunes\\iTunes.exe"=
"c:\\Programmi\\eMule\\emule.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"135:TCP"= 135:TCP:Port DCOM (135)
"3587:TCP"= 3587:TCP:Gruppi peer-to-peer Windows
"3540:UDP"= 3540:UDP:Peer Name Resolution Protocol (PNRP)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
.
R0 ggjtmtdt;ggjtmtdt;c:\windows\system32\drivers\foyoiwjs.sys [x]
R2 BvrpKrnl;BvrpKrnl; [x]
R2 viritsvclite;VirIT eXplorer Lite; [x]
R3 FNETTBOH;FNETTBOH;c:\windows\system32\drivers\FNETTBOH.SYS [2009-12-16 23680]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]
R3 MEMSWEEP2;MEMSWEEP2;c:\windows\system32\14.tmp [x]
R3 TrojanKillerDriver;GridinSoft Trojan Killer Driver;c:\windows\system32\DRIVERS\gtkdrv.sys [2012-10-03 16128]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-08-03 697328]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2014-02-05 775952]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2014-02-05 410784]
S1 FNETURPX;FNETURPX;c:\windows\system32\drivers\FNETURPX.SYS [2009-12-16 7936]
S1 SASDIFSV;SASDIFSV;c:\programmi\SUPERAntiSpyware\SASDIFSV.SYS [2006-10-10 5632]
S1 SASKUTIL;SASKUTIL;c:\programmi\SUPERAntiSpyware\SASKUTIL.sys [2007-02-27 32256]
S2 a2free;a-squared Free Service;c:\programmi\A-SQUARED FREE\a2service.exe [2010-07-02 1872320]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-02-05 67824]
S2 Iprip;Listener RIP;c:\windows\System32\svchost.exe [2004-08-19 14336]
S3 SASENUM;SASENUM;c:\programmi\SUPERAntiSpyware\SASENUM.SYS [2006-02-16 4096]
.
.
--- Altri Servizi/Drivers In Memoria ---
.
*NewlyCreated* - IP6FW
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc
getPlusHelper REG_MULTI_SZ getPlusHelper
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]
2009-03-08 03:32 128512 ----a-w- c:\windows\system32\advpack.dll
.
Contenuto della cartella 'Scheduled Tasks'
.
2014-02-06 c:\windows\Tasks\avast! Emergency Update.job
- c:\programmi\AVAST Software\Avast\AvastEmUpdate.exe [2012-09-10 14:36]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.yahoo.it/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = 127.0.0.1;*.local
uSearchAssistant =
IE: Converti destinazione link in file PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Converti i link selezionati in Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Converti i link selezionati in file PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Converti nel file PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Converti selezione in file PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: Interfaces\{463BEDF3-9729-4019-A6EE-4D47609FBD65}: NameServer = 192.168.1.1
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Compaq_Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\gfpya9qt.default-1365060123687\
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
ShellExecuteHooks-{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - (no file)
AddRemove-Microsoft Interactive Training - c:\windows\IsUn0410.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-02-06 02:14
Windows 5.1.2600 Service Pack 2 NTFS
.
scansione processi nascosti ...
.
scansione entrate autostart nascoste ...
.
Scansione files nascosti ...
.
Scansione completata con successo
Files nascosti: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\14.tmp"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\vsdatant]
"ImagePath"=""
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\HP\EN]
@DACL=(02 0000)
"OnLineServicesDirName"="Online Services"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\HP\FR]
@DACL=(02 0000)
"OnLineServicesDirName"="Services en ligne"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\HP\MX]
@DACL=(02 0000)
"OnLineServicesDirName"="Servicios en línea"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\HP\NL]
@DACL=(02 0000)
"OnLineServicesDirName"="Online Services"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\HP\NW]
@DACL=(02 0000)
"OnLineServicesDirName"="Online tjenster"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\HP\SP]
@DACL=(02 0000)
"OnLineServicesDirName"="Servicios en línea"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\HP\SW]
@DACL=(02 0000)
"OnLineServicesDirName"="Online tjänster"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\HP\UK]
@DACL=(02 0000)
"OnLineServicesDirName"="Online services"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\HP\US]
@DACL=(02 0000)
"OnLineServicesDirName"="Online Services"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Advanced INF Setup\IEHomePageInfo\RegBackup]
@DACL=(02 0000)
@SACL=
.
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\10.0]
@DACL=(02 0000)
@SACL=
.
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\services]
@DACL=(02 0000)
@SACL=
"NoServices"=dword:00000000
.
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Settings]
@DACL=(02 0000)
@SACL=
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Updates\Windows XP\SP3\KB867282\Filelist]
@DACL=(02 0000)
@SACL=
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Updates\Windows XP\SP3\KB873339\Filelist]
@DACL=(02 0000)
@SACL=
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Updates\Windows XP\SP3\KB883667\Filelist]
@DACL=(02 0000)
@SACL=
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Updates\Windows XP\SP3\KB885250\Filelist]
@DACL=(02 0000)
@SACL=
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Updates\Windows XP\SP3\KB885835\Filelist]
@DACL=(02 0000)
@SACL=
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Updates\Windows XP\SP3\KB885836\Filelist]
@DACL=(02 0000)
@SACL=
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Updates\Windows XP\SP3\KB887472\Filelist]
@DACL=(02 0000)
@SACL=
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Updates\Windows XP\SP3\KB887742\Filelist]
@DACL=(02 0000)
@SACL=
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Updates\Windows XP\SP3\KB888113\Filelist]
@DACL=(02 0000)
@SACL=
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Updates\Windows XP\SP3\KB888239\Filelist]
@DACL=(02 0000)
@SACL=
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Updates\Windows XP\SP3\KB890175\Filelist]
@DACL=(02 0000)
@SACL=
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Updates\Windows XP\SP3\KB891781\Filelist]
@DACL=(02 0000)
@SACL=
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{077ACEC7-979C-40AB-9835-435BA1511E0D}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Files"
"ComponentGUID"="{077ACEC7-979C-40AB-9835-435BA1511E0D}"
"Version"=dword:000a0000
"Sub-Version"=dword:00000e3e
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{077ACEC7-979C-40AB-9835-435BA1511E0D}\\MPPRE10.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{077ACEC7-979C-40AB-9835-435BA1511E0D}\\mppre10.cat"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{30C7234B-6482-4A55-A11D-ECD9030313F2}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Files"
"ComponentGUID"="{30C7234B-6482-4A55-A11D-ECD9030313F2}"
"Version"=dword:000a0000
"Sub-Version"=dword:00000e3e
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{30C7234B-6482-4A55-A11D-ECD9030313F2}\\WMDM10.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{30C7234B-6482-4A55-A11D-ECD9030313F2}\\wmdm10.cat"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{3FDF25EE-E592-4495-8391-6E9C504DAC2B}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Files"
"ComponentGUID"="{3FDF25EE-E592-4495-8391-6E9C504DAC2B}"
"Version"=dword:000a0000
"Sub-Version"=dword:00000e3e
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{3FDF25EE-E592-4495-8391-6E9C504DAC2B}\\WMSET10.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{3FDF25EE-E592-4495-8391-6E9C504DAC2B}\\wmset10.cat"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{60204BB3-7078-4F70-8F69-68297621941C}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Files"
"ComponentGUID"="{60204BB3-7078-4F70-8F69-68297621941C}"
"Version"=dword:000a0000
"Sub-Version"=dword:00000e3e
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{60204BB3-7078-4F70-8F69-68297621941C}\\MPSTUB10.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{60204BB3-7078-4F70-8F69-68297621941C}\\mpstub10.cat"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{981FB688-E76B-4246-987B-92083185B90A}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Files"
"ComponentGUID"="{981FB688-E76B-4246-987B-92083185B90A}"
"Version"=dword:000a0000
"Sub-Version"=dword:00000e3e
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{981FB688-E76B-4246-987B-92083185B90A}\\WPD10.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{981FB688-E76B-4246-987B-92083185B90A}\\wpd10.cat"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{A47B3654-48EE-48A5-B629-97D70175E58F}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Files"
"ComponentGUID"="{A47B3654-48EE-48A5-B629-97D70175E58F}"
"Version"=dword:000a0000
"Sub-Version"=dword:00000e3e
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{A47B3654-48EE-48A5-B629-97D70175E58F}\\codecs10.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{A47B3654-48EE-48A5-B629-97D70175E58F}\\codecs10.cat"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Files"
"ComponentGUID"="{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}"
"Version"=dword:000a0000
"Sub-Version"=dword:00000e3e
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\\WMFSDK10.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\\wmfsdk10.cat"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Files"
"ComponentGUID"="{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}"
"Version"=dword:000a0000
"Sub-Version"=dword:00000e3e
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}\\DRM10.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}\\drm10.cat"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{CFB4B314-0328-45E1-94AF-45A3F5F48E0B}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Files"
"ComponentGUID"="{CFB4B314-0328-45E1-94AF-45A3F5F48E0B}"
"Version"=dword:000a0000
"Sub-Version"=dword:00000e3e
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{CFB4B314-0328-45E1-94AF-45A3F5F48E0B}\\MPCD10.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{CFB4B314-0328-45E1-94AF-45A3F5F48E0B}\\mpcd10.cat"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{DD90D410-1823-43EB-9A16-A2331BF08799}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Files"
"ComponentGUID"="{DD90D410-1823-43EB-9A16-A2331BF08799}"
"Version"=dword:000a0000
"Sub-Version"=dword:00000e3e
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{DD90D410-1823-43EB-9A16-A2331BF08799}\\WMP10.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{DD90D410-1823-43EB-9A16-A2331BF08799}\\wmp10.cat"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\OptionalComponents\SwFlash]
@DACL=(02 0000)
@SACL=
"Installed"="1"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows Media Device Manager\KnownDeviceClasses]
@DACL=(02 0000)
@SACL=
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows Media Device Manager\KnownDevices]
@DACL=(02 0000)
@SACL=
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows Media Device Manager\Plugins\SCP\SCPTRANS]
@DACL=(02 0000)
@SACL=
"ProgID"="MsScp.SCPTRANS.1"
.
[HKEY_LOCAL_MACHINE\software\Realtek\AlcMonitor]
@DACL=(02 0000)
@SACL=
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
.
- - - - - - - > 'winlogon.exe'(780)
c:\programmi\SUPERAntiSpyware\SASWINLO.dll
.
- - - - - - - > 'explorer.exe'(3272)
c:\windows\system32\nview.dll
c:\windows\system32\NVWRSIT.DLL
c:\windows\system32\msi.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\nvwddi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\programmi\Sygate\SPF\smc.exe
c:\programmi\AVAST Software\Avast\AvastSvc.exe
c:\programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\programmi\Bonjour\mDNSResponder.exe
c:\programmi\Java\jre7\bin\jqs.exe
c:\programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\nvsvc32.exe
c:\windows\system32\tcpsvcs.exe
c:\windows\System32\snmp.exe
c:\programmi\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\rundll32.exe
c:\programmi\iPod\bin\iPodService.exe
.
**************************************************************************
.
Ora fine scansione: 2014-02-06 02:36:49 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2014-02-06 01:36
.
Pre-Run: 1.205.972.992 byte disponibili
Post-Run: 1.151.488.000 byte disponibili
.
- - End Of File - - 5747C6AD66BB7DBA63A0B8E9F01AC9FA
0AC6D996BCE152AED9600E6D6B797E2E

[stevens]

mi servono delle informazioni

hai installato l'antirootkit della Sophos per caso? TrojanKiller e a-squared li usi? sono necessari?

hai problemi di connessione?

Scarica Farbar Service

aprilo e nello spazio bianco fai copia incolla di => Iprip e clicca su export service


allega il log

[malfeitor]

L'antirootkit della Sophos direi proprio di no, Trojankiller e a-squared li ho usati molto tempo fa. Li ho cancellati adesso.
La mia connessione non è un fulmine, ma credo sia dovuto più al pc vecchio che ad altro.(1 GB ram , amd sempron processor 3000+, NVIDIA Geforce 6200 turbocache).
Magari dico una fesseria.

Note: The export is in "Windows Registry Editor Version 5.00" format.

================== Result for "Iprip" ==================

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\Iprip]
"Type"=dword:00000020
"Start"=dword:00000002
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\
00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\
6b,00,20,00,6e,00,65,00,74,00,73,00,76,00,63,00,73,00,00,00
"DisplayName"="Listener RIP"
"DependOnService"=hex(7):52,00,70,00,63,00,53,00,53,00,00,00,00,00
"DependOnGroup"=hex(7):00,00
"ObjectName"="LocalSystem"
"Description"="Ascolta aggiornamenti di route inviati da router che utilizzano Routing Information Protocol versione 1 (RIPv1)."

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\Iprip\Parameters]
"ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
69,00,70,00,72,00,69,00,70,00,2e,00,64,00,6c,00,6c,00,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\Iprip\Security]
"Security"=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,\
00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\
00,00,02,00,60,00,04,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,\
05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,\
20,02,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,0b,00,00,00,00,\
00,18,00,fd,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,23,02,00,00,01,01,\
00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\Iprip\Enum]
"0"="Root\\LEGACY_IPRIP\\0000"
"Count"=dword:00000001
"NextInstance"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_Iprip]
"NextInstance"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_Iprip\0000]
"Service"="Iprip"
"Legacy"=dword:00000001
"ConfigFlags"=dword:00000000
"Class"="LegacyDriver"
"ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}"
"DeviceDesc"="Listener RIP"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_Iprip\0000\Control]
"ActiveService"="Iprip"



================== End Of Export =============

[stevens]

c'e' un servizio sospetto, per questo ti ho chiesto di allegarmelo

ora apri blocco note e copiaci dentro questo testo

Codice: Seleziona tutto

file::
c:\windows\system32\drivers\foyoiwjs.sys
c:\windows\system32\DRIVERS\gtkdrv.sys
c:\windows\system32\14.tmp
c:\programmi\A-SQUARED FREE\a2service.exe

folder::
c:\programmi\A-SQUARED FREE

driver::
ggjtmtdt
MEMSWEEP2
TrojanKillerDriver
a2free

Registry::
[-HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MEMSWEEP2]


salva il file nella stessa cartella dove hai messo combofix chiamandolo obbligatoriamente CFScript.txt

Fatto ciò, con il puntatore del mouse, trascina il file CFScript.txt sull'icona di combofix. Il programma avvierà una nuova scansione, come la precedente. Non fare e non muovere nulla. Al termine di essa, se non si riavvierà automaticamente il computer, fallo tu. Allega il nuovo file c:\combofix.txt prodotto dalla scansione.

[malfeitor]

Ciao,
ho fatto ciò che mi hai detto, non so se dovevo notare qualche miglioramento.....per adesso proprio no..... :(
Quì sotto il log di Combofix

ComboFix 14-02-05.02 - Compaq_Proprietario 06/02/2014 20.21.45.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.39.1040.18.1022.693 [GMT 1:00]
Eseguito da: c:\documents and settings\Compaq_Proprietario\Desktop\ComboFix.exe
Opzioni usate :: c:\documents and settings\Compaq_Proprietario\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Sygate Personal Firewall *Enabled* {BE898FE3-CD0B-4014-85A9-03DB9923DDB6}
.
FILE ::
"c:\programmi\A-SQUARED FREE\a2service.exe"
"c:\windows\system32\14.tmp"
"c:\windows\system32\drivers\foyoiwjs.sys"
"c:\windows\system32\DRIVERS\gtkdrv.sys"
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programmi\A-SQUARED FREE
c:\programmi\A-SQUARED FREE\a2framework.dll
c:\programmi\A-SQUARED FREE\a2freecontmenu64.dll
c:\programmi\A-SQUARED FREE\a2heur.dat
c:\programmi\A-SQUARED FREE\a2mor.dll
c:\programmi\A-SQUARED FREE\a2service.exe
c:\programmi\A-SQUARED FREE\a2trust.dat
c:\programmi\A-SQUARED FREE\a2wl.dat
c:\programmi\A-SQUARED FREE\BlitzBlank.exe
c:\programmi\A-SQUARED FREE\license_de.rtf
c:\programmi\A-SQUARED FREE\license_en.rtf
c:\programmi\A-SQUARED FREE\Logs\a-squared.db3
c:\programmi\A-SQUARED FREE\Signatures\T3sigs.vdb
c:\programmi\A-SQUARED FREE\T3.dll
c:\programmi\A-SQUARED FREE\vdbupdate.dll
.
c:\windows\system32\drivers\intelppm.sys . . . is missing!!
.
.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_A2FREE
-------\Legacy_GGJTMTDT
-------\Legacy_MEMSWEEP2
-------\Service_a2free
-------\Service_ggjtmtdt
-------\Service_MEMSWEEP2
.
.
((((((((((((((((((((((((( Files Creati Da 2014-01-06 al 2014-02-06 )))))))))))))))))))))))))))))))))))
.
.
2014-02-05 20:58 . 2011-06-21 04:09 200976 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2014-02-05 15:35 . 2014-02-05 15:35 -------- d-----w- c:\documents and settings\Compaq_Proprietario\Dati applicazioni\AVAST Software
2014-02-05 11:10 . 2014-02-05 13:06 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\SecTaskMan
2014-01-30 12:09 . 2014-01-30 12:09 -------- d-----w- c:\programmi\FLV Video Player
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-05 20:34 . 2013-04-03 12:57 67824 ----a-w- c:\windows\system32\drivers\aswmonflt.sys
2014-02-05 14:38 . 2010-03-17 18:13 57672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2014-02-05 14:38 . 2013-04-03 12:57 180248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-02-05 14:38 . 2011-04-01 13:58 775952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-02-05 14:38 . 2010-03-17 18:13 410784 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-02-05 14:38 . 2013-04-03 12:57 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-02-05 14:37 . 2010-03-17 18:13 54832 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2014-02-05 14:37 . 2011-04-01 13:57 43152 ----a-w- c:\windows\avastSS.scr
2014-02-05 14:37 . 2010-03-17 18:13 270240 ----a-w- c:\windows\system32\aswBoot.exe
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-02-05 14:37 259464 ----a-w- c:\programmi\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\programmi\File comuni\Ahead\lib\NMBgMonitor.exe" [2005-09-03 94208]
"SUPERAntiSpyware"="c:\programmi\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-02-27 1310720]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-19 15360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-02-24 5537792]
"nwiz"="nwiz.exe" [2005-02-24 1495040]
"KBD"="c:\hp\KBD\KBD.EXE" [2005-02-02 61440]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2004-04-14 233472]
"PS2"="c:\windows\system32\ps2.exe" [2003-09-12 98304]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-14 253952]
"UsbBoost"="c:\programmi\UsbBoost\TurboHddUsb.exe" [2009-12-16 3788800]
"SmcService"="c:\progra~1\Sygate\SPF\smc.exe" [2004-10-15 2577632]
"APSDaemon"="c:\programmi\File comuni\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"iTunesHelper"="c:\programmi\iTunes\iTunesHelper.exe" [2012-12-12 152544]
"SunJavaUpdateSched"="c:\programmi\File comuni\Java\Java Update\jusched.exe" [2013-03-12 253816]
"AvastUI.exe"="c:\programmi\AVAST Software\Avast\AvastUI.exe" [2014-02-05 3767096]
.
c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Avvio veloce di Adobe Reader.lnk - c:\programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2007-02-27 10:39 282624 ----a-w- c:\programmi\SUPERAntiSpyware\SASWINLO.dll
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\iTunes\\iTunes.exe"=
"c:\\Programmi\\eMule\\emule.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"135:TCP"= 135:TCP:Port DCOM (135)
"3587:TCP"= 3587:TCP:Gruppi peer-to-peer Windows
"3540:UDP"= 3540:UDP:Peer Name Resolution Protocol (PNRP)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [03/04/2013 13.57.41 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [03/04/2013 13.57.42 180248]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [03/06/2007 19.15.24 697328]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [01/04/2011 14.58.36 775952]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [17/03/2010 19.13.46 410784]
R1 FNETURPX;FNETURPX;c:\windows\system32\drivers\FNETURPX.SYS [16/12/2009 21.59.06 7936]
R1 SASDIFSV;SASDIFSV;c:\programmi\SUPERAntiSpyware\sasdifsv.sys [10/10/2006 12.53.48 5632]
R1 SASKUTIL;SASKUTIL;c:\programmi\SUPERAntiSpyware\SASKUTIL.SYS [27/02/2007 11.39.26 32256]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswmonflt.sys [03/04/2013 13.57.40 67824]
R2 Iprip;Listener RIP;c:\windows\System32\svchost.exe -k netsvcs [19/08/2004 13.00.00 14336]
R3 SASENUM;SASENUM;c:\programmi\SUPERAntiSpyware\SASENUM.SYS [16/02/2006 16.51.08 4096]
S2 BvrpKrnl;BvrpKrnl; [x]
S2 viritsvclite;VirIT eXplorer Lite; [x]
S3 FNETTBOH;FNETTBOH;c:\windows\system32\drivers\FNETTBOH.SYS [16/12/2009 21.59.06 23680]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [14/12/2010 0.34.31 36608]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc
getPlusHelper REG_MULTI_SZ getPlusHelper
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]
2009-03-08 03:32 128512 ----a-w- c:\windows\system32\advpack.dll
.
Contenuto della cartella 'Scheduled Tasks'
.
2014-02-06 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2011-06-01 16:57]
.
2014-02-06 c:\windows\Tasks\avast! Emergency Update.job
- c:\programmi\AVAST Software\Avast\AvastEmUpdate.exe [2012-09-10 14:36]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.yahoo.it/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = 127.0.0.1
uSearchAssistant =
IE: Converti destinazione link in file PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Converti i link selezionati in Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Converti i link selezionati in file PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Converti nel file PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Converti selezione in file PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: Interfaces\{463BEDF3-9729-4019-A6EE-4D47609FBD65}: NameServer = 192.168.1.1
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Compaq_Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\gfpya9qt.default-1365060123687\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-02-06 21:21
Windows 5.1.2600 Service Pack 2 NTFS
.
scansione processi nascosti ...
.
scansione entrate autostart nascoste ...
.
Scansione files nascosti ...
.
Scansione completata con successo
Files nascosti: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\vsdatant]
"ImagePath"=""
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\HP\EN]
@DACL=(02 0000)
"OnLineServicesDirName"="Online Services"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\HP\FR]
@DACL=(02 0000)
"OnLineServicesDirName"="Services en ligne"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\HP\MX]
@DACL=(02 0000)
"OnLineServicesDirName"="Servicios en línea"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\HP\NL]
@DACL=(02 0000)
"OnLineServicesDirName"="Online Services"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\HP\NW]
@DACL=(02 0000)
"OnLineServicesDirName"="Online tjenster"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\HP\SP]
@DACL=(02 0000)
"OnLineServicesDirName"="Servicios en línea"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\HP\SW]
@DACL=(02 0000)
"OnLineServicesDirName"="Online tjänster"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\HP\UK]
@DACL=(02 0000)
"OnLineServicesDirName"="Online services"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\HP\US]
@DACL=(02 0000)
"OnLineServicesDirName"="Online Services"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Advanced INF Setup\IEHomePageInfo\RegBackup]
@DACL=(02 0000)
@SACL=
.
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\10.0]
@DACL=(02 0000)
@SACL=
.
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\services]
@DACL=(02 0000)
@SACL=
"NoServices"=dword:00000000
.
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Settings]
@DACL=(02 0000)
@SACL=
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Updates\Windows XP\SP3\KB867282\Filelist]
@DACL=(02 0000)
@SACL=
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Updates\Windows XP\SP3\KB873339\Filelist]
@DACL=(02 0000)
@SACL=
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Updates\Windows XP\SP3\KB883667\Filelist]
@DACL=(02 0000)
@SACL=
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Updates\Windows XP\SP3\KB885250\Filelist]
@DACL=(02 0000)
@SACL=
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Updates\Windows XP\SP3\KB885835\Filelist]
@DACL=(02 0000)
@SACL=
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Updates\Windows XP\SP3\KB885836\Filelist]
@DACL=(02 0000)
@SACL=
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Updates\Windows XP\SP3\KB887472\Filelist]
@DACL=(02 0000)
@SACL=
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Updates\Windows XP\SP3\KB887742\Filelist]
@DACL=(02 0000)
@SACL=
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Updates\Windows XP\SP3\KB888113\Filelist]
@DACL=(02 0000)
@SACL=
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Updates\Windows XP\SP3\KB888239\Filelist]
@DACL=(02 0000)
@SACL=
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Updates\Windows XP\SP3\KB890175\Filelist]
@DACL=(02 0000)
@SACL=
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Updates\Windows XP\SP3\KB891781\Filelist]
@DACL=(02 0000)
@SACL=
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{077ACEC7-979C-40AB-9835-435BA1511E0D}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Files"
"ComponentGUID"="{077ACEC7-979C-40AB-9835-435BA1511E0D}"
"Version"=dword:000a0000
"Sub-Version"=dword:00000e3e
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{077ACEC7-979C-40AB-9835-435BA1511E0D}\\MPPRE10.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{077ACEC7-979C-40AB-9835-435BA1511E0D}\\mppre10.cat"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{30C7234B-6482-4A55-A11D-ECD9030313F2}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Files"
"ComponentGUID"="{30C7234B-6482-4A55-A11D-ECD9030313F2}"
"Version"=dword:000a0000
"Sub-Version"=dword:00000e3e
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{30C7234B-6482-4A55-A11D-ECD9030313F2}\\WMDM10.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{30C7234B-6482-4A55-A11D-ECD9030313F2}\\wmdm10.cat"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{3FDF25EE-E592-4495-8391-6E9C504DAC2B}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Files"
"ComponentGUID"="{3FDF25EE-E592-4495-8391-6E9C504DAC2B}"
"Version"=dword:000a0000
"Sub-Version"=dword:00000e3e
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{3FDF25EE-E592-4495-8391-6E9C504DAC2B}\\WMSET10.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{3FDF25EE-E592-4495-8391-6E9C504DAC2B}\\wmset10.cat"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{60204BB3-7078-4F70-8F69-68297621941C}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Files"
"ComponentGUID"="{60204BB3-7078-4F70-8F69-68297621941C}"
"Version"=dword:000a0000
"Sub-Version"=dword:00000e3e
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{60204BB3-7078-4F70-8F69-68297621941C}\\MPSTUB10.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{60204BB3-7078-4F70-8F69-68297621941C}\\mpstub10.cat"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{981FB688-E76B-4246-987B-92083185B90A}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Files"
"ComponentGUID"="{981FB688-E76B-4246-987B-92083185B90A}"
"Version"=dword:000a0000
"Sub-Version"=dword:00000e3e
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{981FB688-E76B-4246-987B-92083185B90A}\\WPD10.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{981FB688-E76B-4246-987B-92083185B90A}\\wpd10.cat"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{A47B3654-48EE-48A5-B629-97D70175E58F}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Files"
"ComponentGUID"="{A47B3654-48EE-48A5-B629-97D70175E58F}"
"Version"=dword:000a0000
"Sub-Version"=dword:00000e3e
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{A47B3654-48EE-48A5-B629-97D70175E58F}\\codecs10.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{A47B3654-48EE-48A5-B629-97D70175E58F}\\codecs10.cat"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Files"
"ComponentGUID"="{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}"
"Version"=dword:000a0000
"Sub-Version"=dword:00000e3e
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\\WMFSDK10.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\\wmfsdk10.cat"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Files"
"ComponentGUID"="{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}"
"Version"=dword:000a0000
"Sub-Version"=dword:00000e3e
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}\\DRM10.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}\\drm10.cat"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{CFB4B314-0328-45E1-94AF-45A3F5F48E0B}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Files"
"ComponentGUID"="{CFB4B314-0328-45E1-94AF-45A3F5F48E0B}"
"Version"=dword:000a0000
"Sub-Version"=dword:00000e3e
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{CFB4B314-0328-45E1-94AF-45A3F5F48E0B}\\MPCD10.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{CFB4B314-0328-45E1-94AF-45A3F5F48E0B}\\mpcd10.cat"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{DD90D410-1823-43EB-9A16-A2331BF08799}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Files"
"ComponentGUID"="{DD90D410-1823-43EB-9A16-A2331BF08799}"
"Version"=dword:000a0000
"Sub-Version"=dword:00000e3e
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{DD90D410-1823-43EB-9A16-A2331BF08799}\\WMP10.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{DD90D410-1823-43EB-9A16-A2331BF08799}\\wmp10.cat"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\OptionalComponents\SwFlash]
@DACL=(02 0000)
@SACL=
"Installed"="1"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows Media Device Manager\KnownDeviceClasses]
@DACL=(02 0000)
@SACL=
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows Media Device Manager\KnownDevices]
@DACL=(02 0000)
@SACL=
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows Media Device Manager\Plugins\SCP\SCPTRANS]
@DACL=(02 0000)
@SACL=
"ProgID"="MsScp.SCPTRANS.1"
.
[HKEY_LOCAL_MACHINE\software\Realtek\AlcMonitor]
@DACL=(02 0000)
@SACL=
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
.
- - - - - - - > 'winlogon.exe'(804)
c:\programmi\SUPERAntiSpyware\SASWINLO.dll
.
- - - - - - - > 'explorer.exe'(1492)
c:\windows\system32\nview.dll
c:\windows\system32\NVWRSIT.DLL
c:\windows\system32\msi.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\SSSensor.dll
c:\windows\system32\nvwddi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\programmi\Sygate\SPF\smc.exe
c:\programmi\AVAST Software\Avast\AvastSvc.exe
c:\programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\programmi\Java\jre7\bin\jqs.exe
c:\programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\nvsvc32.exe
c:\windows\system32\tcpsvcs.exe
c:\windows\System32\snmp.exe
c:\programmi\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\rundll32.exe
c:\programmi\iPod\bin\iPodService.exe
.
**************************************************************************
.
Ora fine scansione: 2014-02-06 21:59:18 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2014-02-06 20:58
ComboFix2.txt 2014-02-06 01:37
.
Pre-Run: 3.308.732.416 byte disponibili
Post-Run: 3.216.035.840 byte disponibili
.
- - End Of File - - B0E8BEBEF120D61BCFD1E3799FC4FE3A
0AC6D996BCE152AED9600E6D6B797E2E

[stevens]

scarica tds killer >>> http://support.kaspersky.com/downloads/ ... killer.exe

Estrai i dati in una cartella e fai doppio clik su TDSSKiller.exe
Clicca su:
Change parameters.
Metti la spunta su "detect tdlfs file system" e "verify file digital signature"
Clicca OK.
Poi clicca su "Start Scan"
Se trova qualche infezione di default avrai l'opzione "Cure" per cui, clicca su "Continue".
Se un file sospetto viene trovato,l'azione di default sarà "skip",clicca su "Continue".
Se è richiesto il riavvio,(Reboot) acconsenti. (per eliminare l'infezione è necessario riavviare il pc)
Se nessun riavvio è richiesto clicca su report e salva il contenuto in un file di testo.
Il log lo trovi in C:\
Postalo qui.

[malfeitor]

Ecco quì:

22:38:24.0859 0x0d44 TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
22:38:34.0656 0x0d44 ============================================================
22:38:34.0671 0x0d44 Current date / time: 2014/02/06 22:38:34.0656
22:38:34.0671 0x0d44 SystemInfo:
22:38:34.0671 0x0d44
22:38:34.0671 0x0d44 OS Version: 5.1.2600 ServicePack: 2.0
22:38:34.0671 0x0d44 Product type: Workstation
22:38:34.0671 0x0d44 ComputerName: NOME-80B5784770
22:38:34.0671 0x0d44 UserName: Compaq_Proprietario
22:38:34.0671 0x0d44 Windows directory: C:\WINDOWS
22:38:34.0671 0x0d44 System windows directory: C:\WINDOWS
22:38:34.0671 0x0d44 Processor architecture: Intel x86
22:38:34.0671 0x0d44 Number of processors: 1
22:38:34.0671 0x0d44 Page size: 0x1000
22:38:34.0671 0x0d44 Boot type: Normal boot
22:38:34.0671 0x0d44 ============================================================
22:38:38.0953 0x0d44 KLMD registered as C:\WINDOWS\system32\drivers\30614937.sys
22:38:41.0296 0x0d44 System UUID: {D7790CA3-AA01-A6EE-0AEC-E8038DEAFFB3}
22:38:46.0734 0x0d44 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x50C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
22:38:46.0921 0x0d44 ============================================================
22:38:46.0921 0x0d44 \Device\Harddisk0\DR0:
22:38:46.0921 0x0d44 MBR partitions:
22:38:46.0921 0x0d44 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0xBFF3C1
22:38:46.0921 0x0d44 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xBFF400, BlocksNum 0x11E15800
22:38:46.0921 0x0d44 ============================================================
22:38:46.0984 0x0d44 C: <-> \Device\Harddisk0\DR0\Partition2
22:38:47.0000 0x0d44 D: <-> \Device\Harddisk0\DR0\Partition1
22:38:47.0000 0x0d44 ============================================================
22:38:47.0000 0x0d44 Initialize success
22:38:47.0000 0x0d44 ============================================================
22:39:10.0718 0x0aa0 ============================================================
22:39:10.0718 0x0aa0 Scan started
22:39:10.0718 0x0aa0 Mode: Manual; SigCheck; TDLFS;
22:39:10.0718 0x0aa0 ============================================================
22:39:10.0718 0x0aa0 KSN ping started
22:39:54.0625 0x0aa0 KSN ping finished: false
22:39:54.0906 0x0aa0 ================ Scan system memory ========================
22:39:56.0656 0x0aa0 System memory - ok
22:39:56.0671 0x0aa0 ================ Scan services =============================
22:39:57.0484 0x0aa0 [ 9929740EE0988B8E00A17347972B337F, 261F5F73EFC8649C27CF8C8C27A9CD72DEA00C32DCDC505798F23FE196AD0F8B ] 6to4 C:\WINDOWS\System32\6to4svc.dll
22:39:58.0046 0x0aa0 6to4 - ok
22:39:58.0234 0x0aa0 Abiosdsk - ok
22:39:58.0234 0x0aa0 abp480n5 - ok
22:39:58.0359 0x0aa0 [ 0A1E97197609F92D2425B67DA0BB0A7F, 818FD957C6EA1869ED13EA8C0681D2850141E22A68A2D982E4AEEA2736F50555 ] ACEDRV05 C:\WINDOWS\system32\drivers\ACEDRV05.sys
22:39:58.0375 0x0aa0 ACEDRV05 - detected UnsignedFile.Multi.Generic ( 1 )
22:40:08.0765 0x0aa0 ACEDRV05 ( UnsignedFile.Multi.Generic ) - warning
22:40:08.0765 0x0aa0 Force sending object to P2P due to detect: C:\WINDOWS\system32\drivers\ACEDRV05.sys
22:40:08.0765 0x0aa0 Object send P2P result: false
22:40:08.0890 0x0aa0 [ 4E5451DD0AEC8504D7F8030DD2D4C416, D1BF62B1D3D3D347DA46C0FE002C117FABC0ABCCABD1C56D5A6D9F1682C61233 ] ACEDRV07 C:\WINDOWS\system32\drivers\ACEDRV07.sys
22:40:08.0921 0x0aa0 ACEDRV07 - detected UnsignedFile.Multi.Generic ( 1 )
22:40:08.0921 0x0aa0 ACEDRV07 ( UnsignedFile.Multi.Generic ) - warning
22:40:09.0125 0x0aa0 [ AD825CB3397C837D1FB91D566D78DE04, 45AD835A58885C08674F1F061FD13A320C054C991934F08A47CEED96F2074968 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:40:09.0265 0x0aa0 ACPI - ok
22:40:09.0296 0x0aa0 [ 49AC5CD87FBDDA62F3E25190019E7627, E2AF6436C460CB7FC8E5458383395C94E155120730887E611841D39C33A6B0FA ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
22:40:09.0437 0x0aa0 ACPIEC - ok
22:40:09.0453 0x0aa0 adpu160m - ok
22:40:09.0687 0x0aa0 [ 841F385C6CFAF66B58FBD898722BB4F0, 0DA17CCA27DF5C7245959249162A5393B2E36B7C9A3A3525AE1371DE6AE698A3 ] aec C:\WINDOWS\system32\drivers\aec.sys
22:40:09.0828 0x0aa0 aec - ok
22:40:09.0968 0x0aa0 [ 5AC495F4CB807B2B98AD2AD591E6D92E, F645FAD628EC81C3D2555862BEE8DF3975FD9EAE326885528E773B2F148D70FB ] AFD C:\WINDOWS\System32\drivers\afd.sys
22:40:10.0109 0x0aa0 AFD - ok
22:40:11.0343 0x0aa0 [ 593AEFC67283D409F34CC1245D00A509, 0845C09D8B76C20C2C43CC9FC42A07C23F006A0A4619D68445316BBC0CC28344 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys
22:40:12.0328 0x0aa0 AgereSoftModem - ok
22:40:12.0343 0x0aa0 Aha154x - ok
22:40:12.0359 0x0aa0 aic78u2 - ok
22:40:12.0359 0x0aa0 aic78xx - ok
22:40:14.0468 0x0aa0 [ 781C5EC517C53F5214B61253B20C13C4, 1B87F20A518E8A62691A61794D11C1D1264F8669C5B796BC102B45B2E8A05E1D ] ALCXWDM C:\WINDOWS\system32\drivers\ALCXWDM.SYS
22:40:16.0328 0x0aa0 ALCXWDM - ok
22:40:16.0375 0x0aa0 [ AD78B916B3CB2B7BCA9503B929E534B9, 983C23480C1F4FA959F357C1CF777BA3868EC461295DD60BAFF7E9E8A09CF334 ] Alerter C:\WINDOWS\system32\alrsvc.dll
22:40:16.0515 0x0aa0 Alerter - ok
22:40:16.0578 0x0aa0 [ D4A42BF3C11302AA3CCD857034EF1E54, ADDB75549F844386D5C567CAC94B8DB1685B9DDF14ADF08DB36A73310D13C8F7 ] ALG C:\WINDOWS\System32\alg.exe
22:40:16.0625 0x0aa0 ALG - ok
22:40:16.0640 0x0aa0 AliIde - ok
22:40:16.0687 0x0aa0 [ 899F7C468B2BFD1561765C413D40A8BD, D66FE76D01921928E0B97DF48316824D7CA0F4C827EE3BA6F53434CC8F98D900 ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
22:40:16.0718 0x0aa0 AmdK8 - ok
22:40:16.0718 0x0aa0 amsint - ok
22:40:16.0953 0x0aa0 [ A5299D04ED225D64CF07A568A3E1BF8C, 6F7E73893127BADC8C9815E9BCC0EB5F6584E254D0D09A0B6A680704C71E0A90 ] Apple Mobile Device C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:40:16.0968 0x0aa0 Apple Mobile Device - ok
22:40:16.0984 0x0aa0 AppMgmt - ok
22:40:17.0062 0x0aa0 [ F0D692B0BFFB46E30EB3CEA168BBC49F, 745BE951F18C90FCD30C9A59BB861375C29FA49AF38D27EBFE4158FB7CAC86ED ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
22:40:17.0218 0x0aa0 Arp1394 - ok
22:40:17.0218 0x0aa0 asc - ok
22:40:17.0234 0x0aa0 asc3350p - ok
22:40:17.0234 0x0aa0 asc3550 - ok
22:40:17.0406 0x0aa0 [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
22:40:17.0421 0x0aa0 aspnet_state - ok
22:40:17.0515 0x0aa0 [ 7021F01CCAC1538CCF9AE004723AF033, 698B199D378426D9A07B01600BA265B8E8EDBEB29BEE223FB22592E59FB5B92E ] aswMonFlt C:\WINDOWS\system32\drivers\aswMonFlt.sys
22:40:32.0609 0x0aa0 aswMonFlt - ok
22:40:32.0734 0x0aa0 [ 98C18C78B0C3E7EFBDDA7BD0C35F5903, 92128EA70472EBA8804C2972DAA8557F460C2E082084E29B40CE93A05447592F ] aswRdr C:\WINDOWS\system32\drivers\aswRdr.sys
22:40:32.0765 0x0aa0 aswRdr - ok
22:40:32.0828 0x0aa0 [ F385467DF95D0A73775CB3B076B8B969, D427A5F4FB4D1DAB04AFC29E7EC510844F907ABBA053538995E65747BAD37422 ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys
22:40:33.0000 0x0aa0 aswRvrt - ok
22:40:33.0703 0x0aa0 [ 8CD8710457FCC1CDE88CBFA3AA119B92, B750481B2D44E2D01DEF500276A7253731EDD2BCB117B083EE10FAA7A8FFF729 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
22:40:34.0234 0x0aa0 aswSnx - ok
22:40:34.0609 0x0aa0 [ C1F95C9481F46B96E23A276639C55AC9, 75F7BCF74E46E3A8EC9AF0DB5D7FCA280DCAF97BD932767DCBDE66E26BF0E7CE ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
22:40:34.0890 0x0aa0 aswSP - ok
22:40:34.0984 0x0aa0 [ E6390554DCB2A730702188547267093C, 1F97F23A2C1767ABD52041DFA0EF9065567CDB02B12F674CF4EE4E8FBA69773B ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
22:40:35.0015 0x0aa0 aswTdi - ok
22:40:35.0218 0x0aa0 [ 1B0662514A68C3A42E60D240C5ABEF28, 71301759C135895C72CAED297A669BA58B3F73E0B7E46DB981F6559D5D5E2B89 ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys
22:40:35.0265 0x0aa0 aswVmm - ok
22:40:35.0328 0x0aa0 [ 02000ABF34AF4C218C35D257024807D6, FDE21F7FCB198A44A6F2BCAF5EB11C9D90A094B4A2F8C307244A7655848954DA ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:40:35.0484 0x0aa0 AsyncMac - ok
22:40:35.0703 0x0aa0 [ CDFE4411A69C224BD1D11B2DA92DAC51, 0E6B23A80F171550575BEBC56F7500CD87A5CF03B2B9FDC49BC3DE96282CD69D ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
22:40:35.0843 0x0aa0 atapi - ok
22:40:35.0859 0x0aa0 Atdisk - ok
22:40:35.0921 0x0aa0 [ EC88DA854AB7D7752EC8BE11A741BB7F, 91FAF224CB4B44608C85CC25C3A82A3EC83F379D14A119A60A75505A30043255 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:40:36.0140 0x0aa0 Atmarpc - ok
22:40:36.0218 0x0aa0 [ 15EE9EFF206DAA73B9642FCD51A69BB1, 29A95016A800608488EDC577B4A7712C57C64C14D20FDD3F6DF15F068D98767F ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
22:40:36.0375 0x0aa0 AudioSrv - ok
22:40:36.0390 0x0aa0 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
22:40:36.0546 0x0aa0 audstub - ok
22:40:36.0734 0x0aa0 [ CC42F104172B4A62793083D380867317, 0B09823419B328E29EB9FFBD033B3295590E414F31E7B37F11F62BD4B7EBAF06 ] avast! Antivirus C:\Programmi\AVAST Software\Avast\AvastSvc.exe
22:40:36.0781 0x0aa0 avast! Antivirus - ok
22:40:36.0812 0x0aa0 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
22:40:37.0000 0x0aa0 Beep - ok
22:40:37.0390 0x0aa0 [ 04E8321935AD5643FF59901F3EF5F4F3, B7A1E3D77E4BFD0D9D91CA650103D407C1FE7D7B423E83E733113611646FDA31 ] BITS C:\WINDOWS\system32\qmgr.dll
22:40:37.0781 0x0aa0 BITS - ok
22:40:37.0875 0x0aa0 [ 72FBF0322BE8A0F25AE722FDE36AB1E6, 67768CC372994C387E3FF7D7097A2DE2847BACF6F5976AFBE030E865F59704B9 ] Browser C:\WINDOWS\System32\browser.dll
22:40:38.0093 0x0aa0 Browser - ok
22:40:38.0109 0x0aa0 btaudio - ok
22:40:38.0109 0x0aa0 BTDriver - ok
22:40:38.0125 0x0aa0 BTWDNDIS - ok
22:40:38.0140 0x0aa0 btwhid - ok
22:40:38.0140 0x0aa0 btwmodem - ok
22:40:38.0156 0x0aa0 BTWUSB - ok
22:40:38.0171 0x0aa0 catchme - ok
22:40:38.0218 0x0aa0 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
22:40:38.0390 0x0aa0 cbidf2k - ok
22:40:38.0453 0x0aa0 [ 6163ED60B684BAB19D3352AB22FC48B2, 5A7ED636D8B2178EA21FA986CC9168DEF258AA4FFB9DCD792A81A1D615AC5D5E ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
22:40:38.0578 0x0aa0 CCDECODE - ok
22:40:38.0593 0x0aa0 cd20xrnt - ok
22:40:38.0625 0x0aa0 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
22:40:38.0765 0x0aa0 Cdaudio - ok
22:40:38.0828 0x0aa0 [ CD7D5152DF32B47F4E36F710B35AAE02, 7382890CC1B27FC66C3E94E064562BBD87B3C75577CB0FD10860B8E2CE07D12E ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
22:40:39.0062 0x0aa0 Cdfs - ok
22:40:39.0125 0x0aa0 [ AF9C19B3100FE010496B1A27181FBF72, 64E9E4461F631EED2B2A1FC80DCC9C31DCECB5738289D322E6A6428C840DC621 ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:40:39.0265 0x0aa0 Cdrom - ok
22:40:39.0281 0x0aa0 Changer - ok
22:40:39.0328 0x0aa0 [ C4E84243292E37CA3B6FAF4A1855B8A7, D8F629B019A569423B064728A959153E4A769C0257EEF3D10CDC4C8786B8FDE4 ] CiSvc C:\WINDOWS\system32\cisvc.exe
22:40:39.0468 0x0aa0 CiSvc - ok
22:40:39.0531 0x0aa0 [ 0A215E4BAC9A1A9381D88C67517C850B, A9AA2EA6C01681CF692341CDB64B58C7E6C93DA0ABD6424A5686CA5C3ADC469F ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
22:40:39.0687 0x0aa0 ClipSrv - ok
22:40:39.0765 0x0aa0 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:40:39.0781 0x0aa0 clr_optimization_v2.0.50727_32 - ok
22:40:39.0781 0x0aa0 CmdIde - ok
22:40:39.0796 0x0aa0 COMSysApp - ok
22:40:39.0812 0x0aa0 Cpqarray - ok
22:40:39.0890 0x0aa0 [ E0CC838265401128097D182FB583889A, 2D336C6060039657859BFB3094BBDEB4FC18A94028921D143EAC81EDAC9DB8A7 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
22:40:40.0156 0x0aa0 CryptSvc - ok
22:40:40.0156 0x0aa0 dac2w2k - ok
22:40:40.0171 0x0aa0 dac960nt - ok
22:40:40.0546 0x0aa0 [ 0C015AB735A4624C44CB5696E9208C4C, BDC99547181917C121F609542E1BB59F89784FD3743077EFCA29FEEEF057E2A3 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
22:40:41.0031 0x0aa0 DcomLaunch - ok
22:40:41.0156 0x0aa0 [ 3D6F9B5C5C396BFBC14DC565CE624CEF, 74305DBC95A0E7939EAA384FDBE7A891E7B304B64BDFCC160F4EB1C3078EE31C ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
22:40:41.0296 0x0aa0 Dhcp - ok
22:40:41.0359 0x0aa0 [ 00CA44E4534865F8A3B64F7C0984BFF0, 3FD73CCD9892F6CFEE776CB384C2E35FA15F4101D308A67E1358F85299501E3D ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
22:40:41.0546 0x0aa0 Disk - ok
22:40:41.0562 0x0aa0 dmadmin - ok
22:40:42.0265 0x0aa0 [ 6570B4C952F0D8FEE4C6EF2FF5E10C08, 6C3FE0C6901C227C9E9DC09BC1F2E237E1BEA3503C8A3AED826470E16A9D1257 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
22:40:42.0875 0x0aa0 dmboot - ok
22:40:43.0031 0x0aa0 [ C57D35621782C7F40770F3E5CA20A182, 3A0AC62E7B677FFECB70DAF0012ABEDAED636EAEE021D6E268EDF8564B903218 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
22:40:43.0187 0x0aa0 dmio - ok
22:40:43.0234 0x0aa0 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
22:40:43.0390 0x0aa0 dmload - ok
22:40:43.0421 0x0aa0 [ 499FFF7BCA07009A23447776286F0510, 1FC59A06B557FB30239799C00B8F1D807374E83F30EC2CBB1C5A022FA9DBD4C2 ] dmserver C:\WINDOWS\System32\dmserver.dll
22:40:43.0562 0x0aa0 dmserver - ok
22:40:43.0640 0x0aa0 [ A6F881284AC1150E37D9AE47FF601267, 6C07654CF21637E527FC727EB50F4138BF0EFF0680000AC94001063B436389DB ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
22:40:43.0796 0x0aa0 DMusic - ok
22:40:43.0890 0x0aa0 [ 1A4CCB390093D1A6F0EEC063F44AFF31, D88B32D8400BAABFD3903F7DB845335DCE0A38440C06DBB3D8C3E26FFFC17655 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
22:40:44.0031 0x0aa0 Dnscache - ok
22:40:44.0031 0x0aa0 dpti2o - ok
22:40:44.0093 0x0aa0 [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E, B941AB5D9D504486083E0D1539B1A96E27721C9EFD7A67CA1DB7258B0D33AB78 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
22:40:44.0234 0x0aa0 drmkaud - ok
22:40:44.0296 0x0aa0 [ FF547B3876B6E652431412345FB8EE11, 709F098124A432FAC1783AA4724E9DA05E89CFB78A4BB2D59683F4EDD8BEB942 ] ERSvc C:\WINDOWS\System32\ersvc.dll
22:40:44.0437 0x0aa0 ERSvc - ok
22:40:44.0562 0x0aa0 [ E77F6FA2A15390F1727F4C1C55B69DA6, 04BEBE1F63AD420A4F9392519222C598A482F09BF12A318DCCE8DCD8E0206009 ] Eventlog C:\WINDOWS\system32\services.exe
22:40:44.0734 0x0aa0 Eventlog - ok
22:40:44.0984 0x0aa0 [ 16A4DE76313DD3ABF7635565BAAF1512, B373AD4644601E52B019427A09E3557CC4F5FC9C34240A5AB81B4DF9018E659F ] EventSystem C:\WINDOWS\system32\es.dll
22:40:45.0312 0x0aa0 EventSystem - ok
22:40:45.0468 0x0aa0 [ 3117F595E9615E04F05A54FC15A03B20, 4708E8F1CDE6E9663B5DBEBAB8C684B16E45D41AEF20E4071D0A2931B305BD76 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
22:40:45.0625 0x0aa0 Fastfat - ok
22:40:45.0828 0x0aa0 [ 500E8EF27757B1C463A4A263ED2C95D2, C21A2DCA44CE04CCD90AD012E83D6FF879CF94E9C1C1B153A91BEA5ACF8D6EF1 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
22:40:45.0984 0x0aa0 FastUserSwitchingCompatibility - ok
22:40:46.0250 0x0aa0 [ 3CEBA41F3E0EF013E4F7AE05A227FD8C, BA03DCFE5D20386920F3D2C574E753E4192B7776E7554EAA5B8A93221DB14856 ] Fax C:\WINDOWS\system32\fxssvc.exe
22:40:46.0406 0x0aa0 Fax - ok
22:40:46.0437 0x0aa0 [ CED2E8396A8838E59D8FD529C680E02C, 8542AE6A2D65D3F843EA70F5FFBC150B773C5CFA3FE6388FA68A95416FAD0F6E ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
22:40:46.0593 0x0aa0 Fdc - ok
22:40:46.0640 0x0aa0 [ 333FBBC71BDCBB46C58A3B51B3D51184, E73D8321AC5219066EB8F2740A4D0ABDECBF22B26B681C517A0FFC7E9BAA19A7 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
22:40:46.0765 0x0aa0 Fips - ok
22:40:47.0375 0x0aa0 [ 1F63900E2EB00101B9ACA2B7A870704E, 5AFE1FC852937FECE6B33147BD0110436FE97F33BFDA3F69B1F5EDAD6FFC09C6 ] FLEXnet Licensing Service C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
22:40:47.0859 0x0aa0 FLEXnet Licensing Service - ok
22:40:47.0921 0x0aa0 [ 0DD1DE43115B93F4D85E889D7A86F548, D50F7AAE5416C6D41845960BDDA24E97226F609AA726E4F88601ADC9ED50E872 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
22:40:48.0062 0x0aa0 Flpydisk - ok
22:40:48.0187 0x0aa0 [ 157754F0DF355A9E0A6F54721914F9C6, 1EB1424D98000FE80901287F9D51DDD18132B7C2CFEC4C7767F32F71DC2F64F9 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
22:40:48.0343 0x0aa0 FltMgr - ok
22:40:48.0421 0x0aa0 [ A9E2DF40ED6EC9E8885DA72B6E1818F3, 8DC0717FC7A987F65DB85CF64B38AA4551A2199460D48B72FBB2566CBEB6CC48 ] FNETTBOH C:\WINDOWS\system32\drivers\FNETTBOH.SYS
22:40:48.0421 0x0aa0 FNETTBOH - detected UnsignedFile.Multi.Generic ( 1 )
22:40:48.0421 0x0aa0 FNETTBOH ( UnsignedFile.Multi.Generic ) - warning
22:40:48.0437 0x0aa0 [ 784FFBA7EE5C5F3A396407E4712F72F0, E471837231B185AB37C271D42CE8C83C86E908EDED7DD192BA3AF30359593140 ] FNETURPX C:\WINDOWS\system32\drivers\FNETURPX.SYS
22:40:48.0453 0x0aa0 FNETURPX - detected UnsignedFile.Multi.Generic ( 1 )
22:40:48.0453 0x0aa0 FNETURPX ( UnsignedFile.Multi.Generic ) - warning
22:40:48.0546 0x0aa0 [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
22:40:48.0562 0x0aa0 FontCache3.0.0.0 - ok
22:40:48.0640 0x0aa0 [ CBE5F69A5E5B918225F420BA748F3742, 930C81195346239A7843CAE140896698675E8025BF32C3E71D2BDDA53FAB0264 ] FsUsbExDisk C:\WINDOWS\system32\FsUsbExDisk.SYS
22:40:48.0656 0x0aa0 FsUsbExDisk - detected UnsignedFile.Multi.Generic ( 1 )
22:40:48.0656 0x0aa0 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
22:40:48.0671 0x0aa0 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:40:48.0828 0x0aa0 Fs_Rec - ok
22:40:48.0953 0x0aa0 [ F3269A6EE547EA87B949A1CEA4816B38, FD0D11864A1C89F2E6E765BFE7D395F65019C20A9AECDA0ED31AB17296F26A44 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:40:49.0093 0x0aa0 Ftdisk - ok
22:40:49.0156 0x0aa0 [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
22:40:49.0156 0x0aa0 GEARAspiWDM - ok
22:40:49.0296 0x0aa0 [ 360FC9E29EBCD7CB75320E2663EBA0F2, 00A9D79ABBC2D6D414EF9C55B1C18346A94CC81822B05F61EBE32FAC901922EF ] getPlusHelper C:\Programmi\NOS\bin\getPlus_Helper.dll
22:40:49.0296 0x0aa0 getPlusHelper - ok
22:40:49.0375 0x0aa0 [ C0F1D4A21DE5A415DF8170616703DEBF, 3E21AAD06CF6EB95662B568671B1DBD129CED481761BCDB67088E965E5C0BC5B ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:40:49.0531 0x0aa0 Gpc - ok
22:40:49.0640 0x0aa0 [ 03A7A19834E2A63C445B3AC5E73AAB50, 1E4011030B334C4EBD83CF2C99E856D1784B56F158A3A788EF586AB144414A0D ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
22:40:49.0781 0x0aa0 helpsvc - ok
22:40:49.0843 0x0aa0 [ 3C924C33DE25E8F01EEB3C6B8030E7BD, D262F862E364CA6253DFE92F5C2C009247B5CA039AF1BCFD18FE260501335E39 ] HidServ C:\WINDOWS\System32\hidserv.dll
22:40:50.0000 0x0aa0 HidServ - ok
22:40:50.0031 0x0aa0 [ 1DE6783B918F540149AA69943BDFEBA8, 6ED28109CA0A7738857D840E369EAB91C1605F2643950762D327CCE241C135A1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:40:50.0156 0x0aa0 HidUsb - ok
22:40:50.0171 0x0aa0 hpn - ok
22:40:50.0406 0x0aa0 [ BFB7B73C942E816C4FB4A5A7BAE87136, 091785EB6F27BFBD88A9D1818DFACFF390A5F5A416A4B2D87F517878FCF2B255 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
22:40:50.0468 0x0aa0 HTTP - ok
22:40:50.0531 0x0aa0 [ 730374DCF08DF00178D190F9EBD0058A, 7DF09D7FF2D95715732F405572C26161A5776718A94CA33BCE9BB12EC1811534 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
22:40:50.0656 0x0aa0 HTTPFilter - ok
22:40:50.0656 0x0aa0 i2omgmt - ok
22:40:50.0671 0x0aa0 i2omp - ok
22:40:50.0750 0x0aa0 [ 30E64DFA4EFAACC8142EA07766181FB4, 5A773088F33B4AEDDE4EAB6170B7F7E10D4BEE7583B663568C51C1C5AADE8A14 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:40:51.0046 0x0aa0 i8042prt - ok
22:40:51.0171 0x0aa0 [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe
22:40:51.0203 0x0aa0 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
22:40:51.0203 0x0aa0 IDriverT ( UnsignedFile.Multi.Generic ) - warning
22:40:51.0203 0x0aa0 Force sending object to P2P due to detect: C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe
22:40:51.0203 0x0aa0 Object send P2P result: false
22:40:52.0015 0x0aa0 [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:40:52.0687 0x0aa0 idsvc - ok
22:40:52.0750 0x0aa0 [ 25EDD75E23C5EF6B33D0FBCCE125A601, 9F8C22912AF5D36AFAD74CE3BF842BACFCE863CE9EEB6A1842BF37CA7C6FF629 ] imagedrv C:\WINDOWS\system32\Drivers\imagedrv.sys
22:40:52.0765 0x0aa0 imagedrv - detected UnsignedFile.Multi.Generic ( 1 )
22:40:52.0765 0x0aa0 imagedrv ( UnsignedFile.Multi.Generic ) - warning
22:40:52.0890 0x0aa0 [ 9C4BBACF4E9B9543C3CE23F1FE556941, 7385FDF60688760B1A8DB23A0697D15ACD28C6DD35F2B660DA949226409B6E4C ] imagesrv C:\WINDOWS\system32\DRIVERS\imagesrv.sys
22:40:52.0921 0x0aa0 imagesrv - detected UnsignedFile.Multi.Generic ( 1 )
22:40:52.0921 0x0aa0 imagesrv ( UnsignedFile.Multi.Generic ) - warning
22:40:53.0000 0x0aa0 [ F8AA320C6A0409C0380E5D8A99D76EC6, A848B9C489DDFBD48BDA140CB9DD43097686115042745F6444F803739168D391 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
22:40:53.0125 0x0aa0 Imapi - ok
22:40:53.0296 0x0aa0 [ ED7ABB35C81709FB41972D30FE15311E, D94982662214AB36CFF29B5287B3540F4E4218CCB17B5454BD3120B615E0E64A ] ImapiService C:\WINDOWS\system32\imapi.exe
22:40:53.0437 0x0aa0 ImapiService - ok
22:40:53.0453 0x0aa0 InCDFs - ok
22:40:53.0468 0x0aa0 InCDPass - ok
22:40:53.0468 0x0aa0 InCDRm - ok
22:40:53.0484 0x0aa0 ini910u - ok
22:40:53.0515 0x0aa0 [ 7C15B34147134381421D7044479A1D73, 8CD19E6E625622B31E26F321931E624877482ECA8896159E69969A220DDDB9E8 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
22:40:53.0640 0x0aa0 IntelIde - ok
22:40:53.0640 0x0aa0 intelppm - ok
22:40:53.0687 0x0aa0 [ 4448006B6BC60E6C027932CFC38D6855, C377235EBE475C281ACB6A3267F12D8FE623433F05134A6CE50562414F94D7B1 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
22:40:53.0843 0x0aa0 Ip6Fw - ok
22:40:53.0906 0x0aa0 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:40:54.0046 0x0aa0 IpFilterDriver - ok
22:40:54.0093 0x0aa0 [ E1EC7F5DA720B640CD8FB8424F1B14BB, E5CF9F43D8C8028E8F29CAF8AD1E2179E5B02DCAA430900672FCB4C4EE288EF0 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:40:54.0218 0x0aa0 IpInIp - ok
22:40:54.0359 0x0aa0 [ B5A8E215AC29D24D60B4D1250EF05ACE, D1D47DCF9F35325549833710BD9B1C431698819914212FF6A328DD338FBA0E1D ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:40:54.0500 0x0aa0 IpNat - ok
22:40:55.0031 0x0aa0 [ E8A39D41474BE42FD8830CED32932D6C, 66D59E61E46253D06A4811CE2101C0AD4EEFE25C676548BBB1B0D056A20B5DC6 ] iPod Service C:\Programmi\iPod\bin\iPodService.exe
22:40:55.0265 0x0aa0 iPod Service - ok
22:40:55.0328 0x0aa0 [ A95D0546FEA43AB8B1E87676799E432E, D7558635CBA95448FD9B61738760BDC23C2B1368E7B1B83537A31A42358FC30C ] Iprip C:\WINDOWS\System32\iprip.dll
22:40:55.0765 0x0aa0 Iprip - ok
22:40:55.0859 0x0aa0 [ 64537AA5C003A6AFEEE1DF819062D0D1, 5A6C11317DEF14B8C34A8C669EB75F7A8D46F05090C43D3DFF602CFA13CC504E ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:40:56.0015 0x0aa0 IPSec - ok
22:40:56.0062 0x0aa0 [ 50708DAA1B1CBB7D6AC1CF8F56A24410, A5657038A66B83472B456246E58884D5DF2E5B63BD176AE3DFFB6D5B6998E8B7 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
22:40:56.0140 0x0aa0 IRENUM - ok
22:40:56.0187 0x0aa0 [ EA3245A8E8758D6B84DE189A5CAAA75E, D97AB5B96F3F2845876ED2CE97114A8A0A22AA9D7314E3F82E8393A37FB323A1 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:40:56.0406 0x0aa0 isapnp - ok
22:40:56.0656 0x0aa0 [ 5739F2821D49975CEDE6BF0153D0CF01, DF45BD1A9F6DDB893C99F28C3730C50C61A612C4297A4B00D857533FC0973CD9 ] JavaQuickStarterService C:\Programmi\Java\jre7\bin\jqs.exe
22:40:56.0671 0x0aa0 JavaQuickStarterService - ok
22:40:56.0718 0x0aa0 [ E883AE6EA0B313E659225AA32E449CE9, 392B8C498F995AAC61F0109A4ABB970B1B11C135FC5A50F6E3E1AC73E7066246 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:40:56.0843 0x0aa0 Kbdclass - ok
22:40:57.0031 0x0aa0 [ D93CAD07C5683DB066B0B2D2D3790EAD, 4C96F68F9914DCCDAFB5D6FC1A765ADFF37C6E4675AF0EF20AA1EDFF04CE27AD ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
22:40:57.0171 0x0aa0 kmixer - ok
22:40:57.0265 0x0aa0 [ EB7FFE87FD367EA8FCA0506F74A87FBB, 5D318CD7DB88473A6FFB74939FF62EB8DD0E6C79847844212D7168095F635531 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
22:40:57.0453 0x0aa0 KSecDD - ok
22:40:57.0578 0x0aa0 [ 82A782A17AAF3AD92811F5023A94181F, A88F3F149728487166BE1BC259F8FE8FD01B9329B18D580BD6A0EB8311F4CCFA ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
22:40:57.0703 0x0aa0 lanmanserver - ok
22:40:57.0859 0x0aa0 [ B96429B547C29CFE65E0A31C53F4BB06, D2E6D076DAF23A746212CBD8DBA4897BDECC199D1F7ED766B14B4849B31F820E ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
22:40:58.0031 0x0aa0 lanmanworkstation - ok
22:40:58.0031 0x0aa0 lbrtfdc - ok
22:40:58.0109 0x0aa0 [ 6E008B7EB9B67D555B5EE1C1091F3A7E, 69F43F166B890E24F8E304AAAD6F339439EDDB9387ED17AB57FCE992A2946B2E ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
22:40:58.0218 0x0aa0 LmHosts - ok
22:40:58.0781 0x0aa0 [ E767A3A04088C9172B6355B14496DCD0, 50C9605E6302C8D55F8A8BA029154019648E23398A1675C485DEBE889358706A ] ltmodem5 C:\WINDOWS\system32\DRIVERS\ltmdmnt.sys
22:40:59.0359 0x0aa0 ltmodem5 - ok
22:40:59.0718 0x0aa0 [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
22:40:59.0750 0x0aa0 MDM - ok
22:40:59.0828 0x0aa0 [ 3777AB9537D05BFD404B0FBC13A140A6, B3225199D75F20B8F5725C2654C67B0817E6C685E3F9DC155F0868A4DF5A02A4 ] Messenger C:\WINDOWS\System32\msgsvc.dll
22:40:59.0937 0x0aa0 Messenger - ok
22:40:59.0968 0x0aa0 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys

[malfeitor]

22:41:00.0078 0x0aa0 mnmdd - ok
22:41:00.0156 0x0aa0 [ 940A4E02B7F03C2592A52E16DDDB3E46, 1B2D1698F00F04179F24FC5A5FBE49A5427CA2471C4ECC27559BAFF2FBF8B0B1 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
22:41:00.0281 0x0aa0 mnmsrvc - ok
22:41:00.0343 0x0aa0 [ B30D2DB351E3191BD71232036CFE711A, 95AD36A77052F494801DC9FB80EB1EB5B68D7A3B63FC618EE2F57A546A4A6C47 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
22:41:00.0531 0x0aa0 Modem - ok
22:41:00.0578 0x0aa0 [ C458E314B8722253897C94A714C2E0C0, 2A5238B1096DC900B4B5E2499E5F17D8D388CBA9661C73885E76C4E273FC938D ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:41:00.0718 0x0aa0 Mouclass - ok
22:41:00.0765 0x0aa0 [ D7662F0CF5B77BBBE3202716F5BD5318, F5B352F6A618CA125C587342296AB257115CE7ABC8B7098CDF83A73BDFC221C8 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:41:00.0890 0x0aa0 mouhid - ok
22:41:00.0953 0x0aa0 [ 65653F3B4477F3C63E68A9659F85EE2E, 32A34B22A4C1F50A966F321FD228C6B85F0F0315ABF3D40FC416618E786A4024 ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
22:41:01.0140 0x0aa0 MountMgr - ok
22:41:01.0312 0x0aa0 [ 3B9398E0146855B1DC0E3D9769C80F01, DF69DB5CA30A5577648635C27DD468AF98515D07DF379B3FFDCC6B40744EDE66 ] MozillaMaintenance C:\Programmi\Mozilla Maintenance Service\maintenanceservice.exe
22:41:01.0328 0x0aa0 MozillaMaintenance - ok
22:41:01.0343 0x0aa0 mraid35x - ok
22:41:01.0390 0x0aa0 MRENDIS5 - ok
22:41:01.0578 0x0aa0 [ 46EDCC8F2DB2F322C24F48785CB46366, 0300EC19CAAEEC52001EBB7F3BE6DE314B42FE7F8BA072905070FEA75CC06E3B ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:41:01.0718 0x0aa0 MRxDAV - ok
22:41:02.0125 0x0aa0 [ 5DDC9A1B2EB5A4BF010CE8C019A18C1F, 92810F234682985047A20EE4F4A78B435789350DD45903E1B4F88128F3198D5D ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:41:02.0406 0x0aa0 MRxSmb - ok
22:41:02.0453 0x0aa0 [ 3124662B40761A3EF8F4254D2F32E3F4, 2CE2CCBC589BEAABA68473710F928BD55DBCC55AF307C9D8B3F955616BCF6E57 ] MSDTC C:\WINDOWS\system32\msdtc.exe
22:41:02.0593 0x0aa0 MSDTC - ok
22:41:02.0640 0x0aa0 [ 561B3A4333CA2DBDBA28B5B956822519, 5B53906A29B9AA55A399F880CA989F9878BD943D3E97FB10A25BFD723654AF49 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
22:41:02.0750 0x0aa0 Msfs - ok
22:41:02.0750 0x0aa0 MSIServer - ok
22:41:02.0796 0x0aa0 [ AE431A8DD3C1D0D0610CDBAC16057AD0, 8B3BCAC3DA71778DC8B863E6DEF10F02F65D1BDD3381802DDC0B2980F4F1FBB9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:41:02.0921 0x0aa0 MSKSSRV - ok
22:41:02.0937 0x0aa0 [ 13E75FEF9DFEB08EEDED9D0246E1F448, 69D4CF483753FF253431656E1CB680F6702375696F94E259729BD11C25004031 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:41:03.0078 0x0aa0 MSPCLOCK - ok
22:41:03.0093 0x0aa0 [ 1988A33FF19242576C3D0EF9CE785DA7, 9E1C07F364DA7EF0D859BB7A3A06F849A153722E27E872640120CC6855D9FC51 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
22:41:03.0218 0x0aa0 MSPQM - ok
22:41:03.0281 0x0aa0 [ 469541F8BFD2B32659D5D463A6714BCE, 46AA7D2442DCC4C51C08BA0C00136F058F9160E6D6EDE78B2FD82545AE4FD10B ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:41:03.0390 0x0aa0 mssmbios - ok
22:41:03.0437 0x0aa0 [ BF13612142995096AB084F2DB7F40F77, E23FA89B54772A33A0A92A0701F02CB9683823FCA5CC192235378E1433FB21CF ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
22:41:03.0593 0x0aa0 MSTEE - ok
22:41:03.0703 0x0aa0 [ 82035E0F41C2DD05AE41D27FE6CF7DE1, 6111D330E7ACB77E23EA6A9E001FC651DE1DC49D772DC6FDD3C4B8EDA57E1C7A ] Mup C:\WINDOWS\system32\drivers\Mup.sys
22:41:03.0843 0x0aa0 Mup - ok
22:41:03.0968 0x0aa0 [ 5C8DC6429C43DC6177C1FA5B76290D1A, BBD145E87D4CF25A873CAE89DF29DF297187B604D42CD36AD8D3F62A033D906E ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
22:41:04.0093 0x0aa0 NABTSFEC - ok
22:41:04.0250 0x0aa0 [ 558635D3AF1C7546D26067D5D9B6959E, 8C1802908DF35E442575969D29F4B22019A2B3E4C309B8E193F98F75AE81F013 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
22:41:04.0390 0x0aa0 NDIS - ok
22:41:04.0437 0x0aa0 [ 520CE427A8B298F54112857BCF6BDE15, 521BFFC460D64CD69D12F8C9D61CEBE409A63F1F1FB928450E4564DA29C0FFEA ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
22:41:04.0578 0x0aa0 NdisIP - ok
22:41:04.0609 0x0aa0 [ 08D43BBDACDF23F34D79E44ED35C1B4C, F72CB8FA67C361C40B4C83F08302D7B2FD9178C1C60A7C236AF08B9CB5162591 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:41:04.0718 0x0aa0 NdisTapi - ok
22:41:04.0750 0x0aa0 [ 34D6CD56409DA9A7ED573E1C90A308BF, DE2060F57C913272524AFB0D472714ABF6F7E49A01534F23D95EE67F207CC6CF ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:41:04.0859 0x0aa0 Ndisuio - ok
22:41:04.0984 0x0aa0 [ 0B90E255A9490166AB368CD55A529893, 90EB17422BF52FE6D0CC6ADA4262D605806C5B583DE04EDEC95FD47EE9697865 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:41:05.0109 0x0aa0 NdisWan - ok
22:41:05.0156 0x0aa0 [ 59FC3FB44D2669BC144FD87826BB571F, B3C8CEFB09D5C85CBF12AED8CDB1FE455679D3436337263EFDABDC5116D92453 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
22:41:05.0265 0x0aa0 NDProxy - ok
22:41:05.0312 0x0aa0 [ 3A2ACA8FC1D7786902CA434998D7CEB4, ECE218DCDCB4D0A5CA8CBD14E931BAA3B5F381B70BBACB65B0EBBB46D2D31683 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
22:41:05.0437 0x0aa0 NetBIOS - ok
22:41:05.0593 0x0aa0 [ 0C80E410CD2F47134407EE7DD19CC86B, 2A1D0CE9797F4AB7A24873947A26DD6413B8DBB5A82C24CF28D1FC243AEFC5C8 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
22:41:05.0718 0x0aa0 NetBT - ok
22:41:05.0859 0x0aa0 [ DE62EE316FAB09DE3D7A5180F0775ABF, 468C14DCD1DCAD60A3348CCE6B016D733E624E8959B2F34B0F0C6EDABF0B8875 ] NetDDE C:\WINDOWS\system32\netdde.exe
22:41:05.0984 0x0aa0 NetDDE - ok
22:41:06.0171 0x0aa0 [ DE62EE316FAB09DE3D7A5180F0775ABF, 468C14DCD1DCAD60A3348CCE6B016D733E624E8959B2F34B0F0C6EDABF0B8875 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
22:41:06.0312 0x0aa0 NetDDEdsdm - ok
22:41:06.0375 0x0aa0 [ 0815E8DA286775FA432C7C9EE5E10BA1, DB76AD07C8DAF8665AAFA3D644A93091FA4729B82871325284097BAC751EA585 ] Netlogon C:\WINDOWS\system32\lsass.exe
22:41:06.0515 0x0aa0 Netlogon - ok
22:41:06.0750 0x0aa0 [ 4AD6F202266A25BC0CC1DCE2A3D91563, CB30F9CA8EC1DE1766DA0EC6BB796FF839EB2F9993FEA016FCE5C27DA28FCBC4 ] Netman C:\WINDOWS\System32\netman.dll
22:41:06.0890 0x0aa0 Netman - ok
22:41:07.0031 0x0aa0 [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:41:07.0046 0x0aa0 NetTcpPortSharing - ok
22:41:07.0109 0x0aa0 [ 5C5C53DB4FEF16CF87B9911C7E8C6FBC, AD1FD07DD9E745C29986C2A25E9EF80B93CBF0F47FCF76741DD6E9CC81C7D241 ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
22:41:07.0218 0x0aa0 NIC1394 - ok
22:41:07.0468 0x0aa0 [ 337CB52AF1F7CF6C0F57EC8BD14DC6D1, 17FD60041BBE73B3043B12840251006B6EF9D089DC26E4D727E4D05CCDC389C2 ] Nla C:\WINDOWS\System32\mswsock.dll
22:41:07.0703 0x0aa0 Nla - ok
22:41:07.0734 0x0aa0 [ 03BBA4DEDEFB48C510061529651B453A, 7B9DBA42DE0D6408121FB308848232C061EB4C62510C0C38761A493FA676842E ] nocashio C:\WINDOWS\system32\drivers\nocashio.sys
22:41:07.0750 0x0aa0 nocashio - detected UnsignedFile.Multi.Generic ( 1 )
22:41:07.0750 0x0aa0 nocashio ( UnsignedFile.Multi.Generic ) - warning
22:41:07.0750 0x0aa0 Force sending object to P2P due to detect: C:\WINDOWS\system32\drivers\nocashio.sys
22:41:07.0765 0x0aa0 Object send P2P result: false
22:41:07.0828 0x0aa0 [ 4F601BCB8F64EA3AC0994F98FED03F8E, D9D6783B970CB871DE0C6EDD8BE42F30CD1DCD55D4DF006922D9CFC0CF020D27 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
22:41:07.0921 0x0aa0 Npfs - ok
22:41:08.0453 0x0aa0 [ B78BE402C3F63DD55521F73876951CDD, 020D75527B4814C544820D29CA064E94F2FCB7B1BA011D63E9D2BFD4CF91BA61 ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
22:41:08.0796 0x0aa0 Ntfs - ok
22:41:08.0828 0x0aa0 [ 0815E8DA286775FA432C7C9EE5E10BA1, DB76AD07C8DAF8665AAFA3D644A93091FA4729B82871325284097BAC751EA585 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
22:41:08.0953 0x0aa0 NtLmSsp - ok
22:41:09.0375 0x0aa0 [ 6D96A941EED90224486F9AF30B9666E1, 9F86DAB19F8512CBA0323C6550A90CD9294139E0EF6D163C606CADA852E0EE99 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
22:41:09.0734 0x0aa0 NtmsSvc - ok
22:41:09.0750 0x0aa0 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
22:41:09.0859 0x0aa0 Null - ok
22:41:12.0937 0x0aa0 [ A28AB3B7E33467C65EE5858DA5CB166D, BA42751975099671274EBF8B822D477EBF0D3BB4C7C24FECF531581891DB78E4 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
22:41:18.0843 0x0aa0 nv - ok
22:41:19.0015 0x0aa0 [ 43B0A0774EA90BF699D267C45D2702F9, BF55AFAF092EDB42C5D7897769BEF0BB665E740D600536315BDEE4F212F5083F ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
22:41:19.0156 0x0aa0 NVSvc - ok
22:41:19.0203 0x0aa0 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:41:19.0359 0x0aa0 NwlnkFlt - ok
22:41:19.0421 0x0aa0 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:41:19.0578 0x0aa0 NwlnkFwd - ok
22:41:19.0640 0x0aa0 [ 0951DB8E5823EA366B0E408D71E1BA2A, EAF0E680BC476D8CEBAD0C21F2EDB958F333B731E8B131DA450D716FEC2C87B0 ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
22:41:19.0890 0x0aa0 ohci1394 - ok
22:41:20.0000 0x0aa0 [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE
22:41:20.0109 0x0aa0 ose - ok
22:41:20.0218 0x0aa0 [ 8A2D1321CFBBA984BE9B9EF453215FCC, A7A58EB526382A9C9260909729795E8CE04DCD6EF2FD7391E3F3634A30963E14 ] p2pgasvc C:\WINDOWS\system32\p2pgasvc.dll
22:41:20.0421 0x0aa0 p2pgasvc - ok
22:41:21.0015 0x0aa0 [ E830F78B5E753C08CC6EE29CD8C08E9C, 085E38D7CBA694CC584F1EE481D3C6C4ADAC75319F55E54D0034B1C696DE096B ] p2pimsvc C:\WINDOWS\system32\p2psvc.dll
22:41:21.0937 0x0aa0 p2pimsvc - ok
22:41:22.0406 0x0aa0 [ E830F78B5E753C08CC6EE29CD8C08E9C, 085E38D7CBA694CC584F1EE481D3C6C4ADAC75319F55E54D0034B1C696DE096B ] p2psvc C:\WINDOWS\system32\p2psvc.dll
22:41:22.0765 0x0aa0 p2psvc - ok
22:41:22.0859 0x0aa0 [ 3490EAD0612BFD0E7C1B864EE24E6A4A, F32117033E1DCB1296688BA45C1B4928C16183F12A943CE332BC6FF0879C6F90 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
22:41:23.0046 0x0aa0 Parport - ok
22:41:23.0093 0x0aa0 [ 3334430C29DC338092F79C38EF7B4CD0, B54989B46D77F124D66741A939FF2033F73854FC39AF13C8165D01203A94A94E ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
22:41:23.0203 0x0aa0 PartMgr - ok
22:41:23.0234 0x0aa0 [ 0DABEF655A444CB1E193626FB1D24B9F, 3B9923363E3B7A01FEA882E1BD2148F70ECD5106FC2F174548269F50E2E5F7D1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
22:41:23.0359 0x0aa0 ParVdm - ok
22:41:23.0406 0x0aa0 [ 505CBA425DF3BB230F244E1C23221058, EF46E06FA198EDCDAE1AADD6657045F9EA5597B7B0B0C078F119D10FD9F78022 ] PcdrNdisuio C:\WINDOWS\system32\DRIVERS\pcdrndisuio.sys
22:41:23.0453 0x0aa0 PcdrNdisuio - detected UnsignedFile.Multi.Generic ( 1 )
22:41:23.0453 0x0aa0 PcdrNdisuio ( UnsignedFile.Multi.Generic ) - warning
22:41:23.0546 0x0aa0 [ 91FC1D483D900B1C0600A08B871C39D5, 1C955713B0E68021EA6ADD28CB64025C4436D93B6D38AE53E9207FCC58988820 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
22:41:23.0734 0x0aa0 PCI - ok
22:41:23.0734 0x0aa0 PCIDump - ok
22:41:23.0765 0x0aa0 [ B2DF00D650FD6C4EE781740ED3C8E67F, 204D3825143EDBF56BB819E7AA1CDD06AF2180F3E7A43B01065D7698919AE065 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
22:41:23.0968 0x0aa0 PCIIde - ok
22:41:24.0093 0x0aa0 [ 28F3538A2091993A03506311A05053E8, 9BE1163706E60B38394533F7AC00AA99F220084F608ECB4BB1AA34860061523E ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
22:41:24.0312 0x0aa0 Pcmcia - ok
22:41:24.0312 0x0aa0 PDCOMP - ok
22:41:24.0328 0x0aa0 PDFRAME - ok
22:41:24.0343 0x0aa0 PDRELI - ok
22:41:24.0343 0x0aa0 PDRFRAME - ok
22:41:24.0359 0x0aa0 perc2 - ok
22:41:24.0359 0x0aa0 perc2hib - ok
22:41:24.0484 0x0aa0 [ E77F6FA2A15390F1727F4C1C55B69DA6, 04BEBE1F63AD420A4F9392519222C598A482F09BF12A318DCCE8DCD8E0206009 ] PlugPlay C:\WINDOWS\system32\services.exe
22:41:24.0593 0x0aa0 PlugPlay - ok
22:41:25.0062 0x0aa0 [ E830F78B5E753C08CC6EE29CD8C08E9C, 085E38D7CBA694CC584F1EE481D3C6C4ADAC75319F55E54D0034B1C696DE096B ] PNRPSvc C:\WINDOWS\system32\p2psvc.dll
22:41:25.0406 0x0aa0 PNRPSvc - ok
22:41:25.0437 0x0aa0 [ 0815E8DA286775FA432C7C9EE5E10BA1, DB76AD07C8DAF8665AAFA3D644A93091FA4729B82871325284097BAC751EA585 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
22:41:25.0562 0x0aa0 PolicyAgent - ok
22:41:25.0656 0x0aa0 [ 1C5CC65AAC0783C344F16353E60B72AC, 7786CFE970A79B327DB57AEBADA8B0B94B4DE07CE8AF285E9835B2AADD597296 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:41:25.0828 0x0aa0 PptpMiniport - ok
22:41:25.0906 0x0aa0 [ 2BE7F01E46970E946AA18CBA3DE019EB, 4689D0681B3D90BF3BCC1FB7EDD28B327E91741F301A037B330A12D4CAD03D90 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
22:41:26.0046 0x0aa0 Processor - ok
22:41:26.0078 0x0aa0 [ 0815E8DA286775FA432C7C9EE5E10BA1, DB76AD07C8DAF8665AAFA3D644A93091FA4729B82871325284097BAC751EA585 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
22:41:26.0187 0x0aa0 ProtectedStorage - ok
22:41:26.0250 0x0aa0 [ 9B793A1FFD480155FE9EE5261153F21B, AD269258F417A1B098D40862B12BD343E0B048759744A2A2130C0F8208D81228 ] Ps2 C:\WINDOWS\system32\DRIVERS\PS2.sys
22:41:26.0312 0x0aa0 Ps2 - ok
22:41:26.0421 0x0aa0 [ 48671F327553DCF1D27F6197F622A668, CB34A17BC36E8F8BB5F87F9EE21311C50DE9AE156513D682581DE47C93EC155D ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
22:41:26.0687 0x0aa0 PSched - ok
22:41:26.0734 0x0aa0 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:41:26.0859 0x0aa0 Ptilink - ok
22:41:26.0906 0x0aa0 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E, 20ABD8372B242FD356AC143E7EB56F93CFEA4988ED1B0C4434CB64C387D7F66C ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
22:41:42.0031 0x0aa0 PxHelp20 - ok
22:41:42.0031 0x0aa0 ql1080 - ok
22:41:42.0046 0x0aa0 Ql10wnt - ok
22:41:42.0062 0x0aa0 ql12160 - ok
22:41:42.0062 0x0aa0 ql1240 - ok
22:41:42.0078 0x0aa0 ql1280 - ok
22:41:42.0109 0x0aa0 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:41:42.0250 0x0aa0 RasAcd - ok
22:41:42.0375 0x0aa0 [ 84D4005E21A887F87D943D9526020531, DB05AE57921CA98EB0AF82EB189C7ED6D2871151F2885EC4A4B1CB2D07F8B77C ] RasAuto C:\WINDOWS\System32\rasauto.dll
22:41:42.0562 0x0aa0 RasAuto - ok
22:41:42.0625 0x0aa0 [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C, F59974A2A3C21071BC72CA4DAF5D2DDF93471EC16FD1A34DE9DC1A50027F6835 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:41:42.0781 0x0aa0 Rasl2tp - ok
22:41:43.0000 0x0aa0 [ EDE7D761426CC2AFFF20A3A460F9C85E, F98043911CFA36744DD741437878CB394F78C458974A748EFF2F8FF6E31B52EC ] RasMan C:\WINDOWS\System32\rasmans.dll
22:41:43.0265 0x0aa0 RasMan - ok
22:41:43.0328 0x0aa0 [ 7306EEED8895454CBED4669BE9F79FAA, DC6874ECAD9105BC9EAB007291958911D7D4D3649124472070B3496B36C45200 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:41:43.0468 0x0aa0 RasPppoe - ok
22:41:43.0500 0x0aa0 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
22:41:43.0625 0x0aa0 Raspti - ok
22:41:43.0781 0x0aa0 [ 809CA45CAA9072B3176AD44579D7F688, 95ECD22D042CB2394C869AD42E8F6DAAEE29BA9BBE9C164092A554B505F1EDA2 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:41:43.0968 0x0aa0 Rdbss - ok
22:41:44.0031 0x0aa0 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:41:44.0156 0x0aa0 RDPCDD - ok
22:41:44.0312 0x0aa0 [ D4F5643D7714EF499AE9527FDCD50894, 6D9EDD9DE3B21324FBDEF074F815A4925F656E06BD15B73B53CD255FD8F0D63F ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
22:41:44.0546 0x0aa0 RDPWD - ok
22:41:44.0718 0x0aa0 [ CC0693C481502844A24EF71B90A7195E, CD6F6A28A757FB0B6AE2D807985A654C99724B2871FACE647F2C14A07461BCEA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
22:41:44.0953 0x0aa0 RDSessMgr - ok
22:41:45.0046 0x0aa0 [ A8EEE004A16AF1D583D9DE9F6DE250E0, DC5E47D822277605A3066A845D3185548261AEED5BE144C3B66D9A620E9A382C ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
22:41:45.0265 0x0aa0 redbook - ok
22:41:45.0359 0x0aa0 [ D9FF0C4EB3A3AEDBA4E7D75A74097F3C, 4503289D04C8AA59480863E5065A5E5FDB3ECA18BEF4EB9BFD8DDA7A60A2F6B1 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
22:41:45.0515 0x0aa0 RemoteAccess - ok
22:41:45.0625 0x0aa0 [ 33A8F0FE0005B2D79DF53441679F5149, 88B778645BEB159EB18A5098C82A76C243A69C39E1CD58CBC97D19561349B400 ] RpcLocator C:\WINDOWS\system32\locator.exe
22:41:45.0812 0x0aa0 RpcLocator - ok
22:41:46.0171 0x0aa0 [ 0C015AB735A4624C44CB5696E9208C4C, BDC99547181917C121F609542E1BB59F89784FD3743077EFCA29FEEEF057E2A3 ] RpcSs C:\WINDOWS\System32\rpcss.dll
22:41:46.0500 0x0aa0 RpcSs - ok
22:41:46.0781 0x0aa0 [ DCE0D20F8FB66DF41D53734BFF9D66F0, 78B858710DAD33A2BDEFE538299339D94CC932648F329D974B0A2A3BFB75CA27 ] RSVP C:\WINDOWS\system32\rsvp.exe
22:41:47.0046 0x0aa0 RSVP - ok
22:41:47.0125 0x0aa0 [ 2EF9C0DC26B30B2318B1FC3FAA1F0AE7, 34BBA614CEA83A99D92A16591D04CFBA3AE309652CC1B505A036E34E3F8F037A ] rtl8139 C:\WINDOWS\system32\DRIVERS\R8139n51.SYS
22:41:47.0218 0x0aa0 rtl8139 - ok
22:41:47.0250 0x0aa0 [ 0815E8DA286775FA432C7C9EE5E10BA1, DB76AD07C8DAF8665AAFA3D644A93091FA4729B82871325284097BAC751EA585 ] SamSs C:\WINDOWS\system32\lsass.exe
22:41:47.0343 0x0aa0 SamSs - ok
22:41:47.0421 0x0aa0 [ D96686FCA1F9F6B06F7490553CBDA6DE, DD8544BC897EE9FFAF67E57BA39A8BA0A56350BC510003174F1995803A236D80 ] SASDIFSV C:\Programmi\SUPERAntiSpyware\SASDIFSV.SYS
22:41:47.0437 0x0aa0 SASDIFSV - detected UnsignedFile.Multi.Generic ( 1 )
22:41:47.0437 0x0aa0 SASDIFSV ( UnsignedFile.Multi.Generic ) - warning
22:41:47.0468 0x0aa0 [ 7F1085895E499907F68DF7731924122B, B9C1AF269A41ADD20781DEE0641A6C64BCD22180EB80AB1845AE067F979637F0 ] SASENUM C:\Programmi\SUPERAntiSpyware\SASENUM.SYS
22:41:47.0484 0x0aa0 SASENUM - detected UnsignedFile.Multi.Generic ( 1 )
22:41:47.0484 0x0aa0 SASENUM ( UnsignedFile.Multi.Generic ) - warning
22:41:47.0531 0x0aa0 [ 2E0E10B8B547A39CDCC1B105239A43A4, D5E2CAB9B611812589F916D232147A8D744FF5922C3E62C8C881CDA5347652BF ] SASKUTIL C:\Programmi\SUPERAntiSpyware\SASKUTIL.sys
22:41:47.0578 0x0aa0 SASKUTIL - detected UnsignedFile.Multi.Generic ( 1 )
22:41:47.0578 0x0aa0 SASKUTIL ( UnsignedFile.Multi.Generic ) - warning
22:41:47.0703 0x0aa0 [ 74B1E7FCFCA9A3A23871AA014144013E, 14030A0905E6430C69A4442741841804633610F4FD542A9768DAEE57B92183B9 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
22:41:47.0906 0x0aa0 SCardSvr - ok
22:41:48.0093 0x0aa0 [ 546254D4769E165CDC3388D74B201FCB, 9F5020C191711ECA958996A8294E9A10F934A9FD3047C3D1D4136878E30F916B ] Schedule C:\WINDOWS\system32\schedsvc.dll
22:41:48.0406 0x0aa0 Schedule - ok
22:41:48.0468 0x0aa0 [ D26E26EA516450AF9D072635C60387F4, C78D26B2E6343176EA9E09DD96CDAE108F832B7973FABF756D05E24392FEF388 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:41:48.0546 0x0aa0 Secdrv - ok
22:41:48.0609 0x0aa0 [ 241D074DAB2A67D2D7616CE7C8B05650, F919AC72359AB7A88018B9597CBD11CB6299A2195AE03C450045ACE6F62D26DF ] seclogon C:\WINDOWS\System32\seclogon.dll
22:41:48.0734 0x0aa0 seclogon - ok
22:41:48.0796 0x0aa0 [ 688BE760C858E347A4E23186B725C86B, BD77B0464519A3F19C505D3DA4B6B46352C6E61612B5388C6E5F8B79092D890E ] SENS C:\WINDOWS\system32\sens.dll
22:41:48.0953 0x0aa0 SENS - ok
22:41:49.0062 0x0aa0 [ DBAB3260E7EB3398CB87267D1410FAD4, EE105DEA2B956C6974FE4122161A5C5D9891EE5AAFF9B97B428F524E938B3665 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
22:41:49.0343 0x0aa0 Serial - ok
22:41:49.0390 0x0aa0 [ 0D13B6DF6E9E101013A7AFB0CE629FE0, 2214EA0F16BB33970E299CE457EB50AEE0BEF7959BC1EBD3C06C78A46B42B808 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
22:41:49.0500 0x0aa0 Sfloppy - ok
22:41:49.0828 0x0aa0 [ 1DA364FA673E18BC1DE8F5CDF3657DBD, 87B6C79025968902BCE0AB87AA6B89FA13B459FA03FDB6FC4827B9F951CDB96F ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
22:41:50.0484 0x0aa0 SharedAccess - ok
22:41:50.0609 0x0aa0 [ 500E8EF27757B1C463A4A263ED2C95D2, C21A2DCA44CE04CCD90AD012E83D6FF879CF94E9C1C1B153A91BEA5ACF8D6EF1 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
22:41:50.0734 0x0aa0 ShellHWDetection - ok
22:41:50.0750 0x0aa0 Simbad - ok
22:41:50.0796 0x0aa0 [ 47197F67367B8BE7A9231F57E7BC22C7, F54862FAB03C1F1FE08A95123721224157987BA839F304F755B709F537996F54 ] SimpTcp C:\WINDOWS\system32\tcpsvcs.exe
22:41:50.0921 0x0aa0 SimpTcp - ok
22:41:50.0968 0x0aa0 [ 5CAEED86821FA2C6139E32E9E05CCDC9, 63F91C95FD2914DAEC648A6EAF75EE5E18EAA7754F5A03A57D693AC49C66479E ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
22:41:51.0093 0x0aa0 SLIP - ok
22:41:53.0484 0x0aa0 [ 8ECA9578BFC7DA42D6D24C862224C5DB, B7456984738E00729DAE0804033CDC99C387D138CD2D23D934193AC4B195ACCC ] SmcService C:\Programmi\Sygate\SPF\smc.exe
22:41:57.0734 0x0aa0 SmcService - ok
22:41:57.0796 0x0aa0 [ 6A67341770D909A168DC27A7166EB299, 7F9584BF97C4EB74F4B4CA6AD00FEA4727AA345940E74F3267E3B72C87B61680 ] SNMP C:\WINDOWS\System32\snmp.exe
22:41:57.0953 0x0aa0 SNMP - ok
22:41:57.0984 0x0aa0 [ E2852355505B10118A2316EA0580B8A4, F46BFB2FFD82713A5F61605BF847BC862ECCADB9398A46D9B3FD112E8D79E104 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
22:41:58.0109 0x0aa0 SNMPTRAP - ok
22:41:58.0109 0x0aa0 Sparrow - ok
22:41:58.0156 0x0aa0 [ 8E186B8F23295D1E42C573B82B80D548, C418568C2071E2761CD26F736443BD7BF9C6914D47D171A5AC990278E855A74F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
22:41:58.0281 0x0aa0 splitter - ok
22:41:58.0375 0x0aa0 [ 216F8454A9415DD3E451B169DC3121C4, ADE62086085ECA7EA6D15993B0691FF6E416D7168CFC41C933E24A172C6EF823 ] Spooler C:\WINDOWS\system32\spoolsv.exe
22:41:58.0625 0x0aa0 Spooler - ok
22:41:59.0250 0x0aa0 [ C4BB8A12843D9CBB65F5FF617F389BBD, 4BE4347E8BFC18E97B7910BF26F8845CCC917E4727EBD6617466615F2E0192B8 ] sptd C:\WINDOWS\system32\Drivers\sptd.sys
22:41:59.0250 0x0aa0 Suspicious file ( NoAccess ): C:\WINDOWS\system32\Drivers\sptd.sys. md5: C4BB8A12843D9CBB65F5FF617F389BBD, sha256: 4BE4347E8BFC18E97B7910BF26F8845CCC917E4727EBD6617466615F2E0192B8
22:41:59.0250 0x0aa0 sptd - detected LockedFile.Multi.Generic ( 1 )
22:41:59.0250 0x0aa0 sptd ( LockedFile.Multi.Generic ) - warning
22:41:59.0250 0x0aa0 Force sending object to P2P due to detect: C:\WINDOWS\system32\Drivers\sptd.sys
22:41:59.0687 0x0aa0 Object send P2P result: false
22:41:59.0796 0x0aa0 [ 896F566AFC498077172EAE8A50E8BAF8, 6B89541747F356044D77581B7DA52BF35D7DE5E45A0CB96C239262C81C7A876D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
22:41:59.0906 0x0aa0 sr - ok
22:42:00.0078 0x0aa0 [ BA4E8AC9A60C4527C969D08F3ABE9D36, 28CD0235CB37A810482E7B02CAE202267C3FB4B14CD018E2D7E8CD2BF9D474A6 ] srservice C:\WINDOWS\system32\srsvc.dll
22:42:00.0312 0x0aa0 srservice - ok
22:42:00.0703 0x0aa0 [ 20B7E396720353E4117D64D9DCB926CA, 55E35EBA5792DC42BE2F10A4FAD4BE5721C05C134C153E37AC4D5E68982DED6C ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
22:42:01.0359 0x0aa0 Srv - ok
22:42:01.0468 0x0aa0 [ 1FBF38A525EEDD7402BFA7E27236A64F, 8415DB54DDA5E511DB7C19AB4620CB0D112999B5E3027125D2DD6049F537285D ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
22:42:01.0734 0x0aa0 SSDPSRV - ok
22:42:02.0093 0x0aa0 [ 2BB718BB4252909C389B3966492B0F30, 53BF5EB41444BD885C7ACBC5A239969C42C9593A91F64093F80A0156CA29C9D4 ] stisvc C:\WINDOWS\system32\wiaservc.dll
22:42:02.0796 0x0aa0 stisvc - ok
22:42:02.0843 0x0aa0 [ 284C57DF5DC7ABCA656BC2B96A667AFB, 7E3CAE1911E710B1CC37571AE1B92DC981FCD46E67A3AD3C258672D17781C709 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
22:42:02.0984 0x0aa0 streamip - ok
22:42:03.0000 0x0aa0 [ 03C1BAE4766E2450219D20B993D6E046, 0D8E5B141EAA9E2C8D1F8BFD522F57EE8074216A336CBE37FE77B8ADDB791DBE ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
22:42:03.0109 0x0aa0 swenum - ok
22:42:03.0203 0x0aa0 [ 94ABC808FC4B6D7D2BBF42B85E25BB4D, EEF6DB9EDD8C273A6595675A7A12B9D440FA4E178BA7C69FB1942D97E291F989 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
22:42:03.0359 0x0aa0 swmidi - ok
22:42:03.0359 0x0aa0 SwPrv - ok
22:42:03.0375 0x0aa0 symc810 - ok
22:42:03.0375 0x0aa0 symc8xx - ok
22:42:03.0390 0x0aa0 sym_hi - ok
22:42:03.0406 0x0aa0 sym_u3 - ok
22:42:03.0484 0x0aa0 [ 650AD082D46BAC0E64C9C0E0928492FD, 6A587A55418A3A7867602D92B99FE393152DED191F27992C4BA909BD268AC43C ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
22:42:03.0718 0x0aa0 sysaudio - ok
22:42:03.0843 0x0aa0 [ BC8B8694DEF74B4E6C626322D4321A54, 82CC25804B0A41FA85D900D8E0813FAFF4AB3BFF8D67F5D24B258A8287DB7DFB ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
22:42:04.0046 0x0aa0 SysmonLog - ok
22:42:04.0281 0x0aa0 [ 2F8CBA2D2A332EB5D2A7DC084E3B30B3, FC77BB15EBBB5F4BA52B4F4358B8CAA96A5F4D3B6C45C3F53A5011AE093FD378 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
22:42:04.0718 0x0aa0 TapiSrv - ok
22:42:05.0078 0x0aa0 [ C81D6A930A7805F6DAA0C7902B99037E, A724C55DB1EA00226616F97F108AF0B10F16323A1F2D8E9FB281F9105FE8A1DB ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:42:05.0656 0x0aa0 Tcpip - detected UnsignedFile.Multi.Generic ( 1 )
22:42:05.0656 0x0aa0 Object is SCO, delete is not allowed
22:42:05.0656 0x0aa0 Tcpip ( UnsignedFile.Multi.Generic ) - warning
22:42:05.0906 0x0aa0 [ 4D58BB1AE8841AAFD8790AD7E1E3B8EA, 1B5AA1BFE3943FBC871D1C9B7C85556944433C6387A399B8AAB0395E5F8B9EA7 ] Tcpip6 C:\WINDOWS\system32\DRIVERS\tcpip6.sys
22:42:06.0234 0x0aa0 Tcpip6 - ok
22:42:06.0265 0x0aa0 [ 38D437CF2D98965F239B0ABCD66DCB0F, CC497A25C7AC1FF1E07CEE25FB0C5A5E6C4005C1CB244601FE620884A5C26506 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
22:42:06.0406 0x0aa0 TDPIPE - ok
22:42:06.0484 0x0aa0 [ ED0580AF02502D00AD8C4C066B156BE9, 41AA6C88CF48CAF0DA8E374F37E74206E4F558332075304A28983D04E08B3154 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
22:42:06.0671 0x0aa0 TDTCP - ok
22:42:06.0750 0x0aa0 [ 99336D4DA97B4EEAAFAB46A4F8E512E6, 062878072CC6AFFAA995DD19B246795D5957A1344CB7E9B5A71A13C93F87B624 ] Teefer C:\WINDOWS\SYSTEM32\Drivers\Teefer.sys
22:42:06.0828 0x0aa0 Teefer - detected UnsignedFile.Multi.Generic ( 1 )
22:42:06.0828 0x0aa0 Teefer ( UnsignedFile.Multi.Generic ) - warning
22:42:06.0890 0x0aa0 [ A540A99C281D933F3D69D55E48727F47, CC430FA0E0F1745E167877003FDCC35FE940AF8CAD05387ECBA880CC3A3F6709 ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
22:42:07.0078 0x0aa0 TermDD - ok
22:42:07.0406 0x0aa0 [ C06CD1890279603E15020757E02DE56B, 771049674E916823279475C9B10194D0C32D2B2FE6AFAA77A4B4C879AA99361D ] TermService C:\WINDOWS\System32\termsrv.dll
22:42:07.0796 0x0aa0 TermService - ok
22:42:07.0921 0x0aa0 [ 500E8EF27757B1C463A4A263ED2C95D2, C21A2DCA44CE04CCD90AD012E83D6FF879CF94E9C1C1B153A91BEA5ACF8D6EF1 ] Themes C:\WINDOWS\System32\shsvcs.dll
22:42:08.0046 0x0aa0 Themes - ok
22:42:08.0062 0x0aa0 TosIde - ok
22:42:08.0171 0x0aa0 [ 6C7F265BD43A1D85103EC5CB1251D2B6, F751400BB30CC20725E81BA7498A2EE168AE0FAEF7339A82781967F505CB5909 ] TrkWks C:\WINDOWS\system32\trkwks.dll
22:42:08.0375 0x0aa0 TrkWks - ok
22:42:08.0406 0x0aa0 [ 87A0E9E18C10A9E454238E3330E2A26D, D595633568C5E1EC4353FB12341EECC7E141E96A5ABD9064AD63C07C46F95706 ] tunmp C:\WINDOWS\system32\DRIVERS\tunmp.sys
22:42:08.0531 0x0aa0 tunmp - ok
22:42:08.0593 0x0aa0 [ 12F70256F140CD7D52C58C7048FDE657, F2E3E645AA713A520452F5E17513D258D3900E93F65013551FC2B542BFA15BB3 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
22:42:08.0781 0x0aa0 Udfs - ok
22:42:08.0796 0x0aa0 ultra - ok
22:42:08.0984 0x0aa0 [ AFF2E5045961BBC0A602BB6F95EB1345, FEEF47B9683B0F26355AC0947019DE9AE27002A7019C1C4A2D22FA0046E9F07B ] Update C:\WINDOWS\system32\DRIVERS\update.sys
22:42:09.0281 0x0aa0 Update - ok
22:42:09.0484 0x0aa0 [ 55D9782BFE8C70B70E892E51566BF7D4, D6E833C55F5D0E8F772383C6D9DE7EE39F0E7F2E71057EA6AC62020B4408B716 ] upnphost C:\WINDOWS\System32\upnphost.dll
22:42:09.0734 0x0aa0 upnphost - ok
22:42:09.0781 0x0aa0 [ E4896F38A3F8DACEA6EA8D7EC9889D91, FFCEE5239FA20C179C52482BAE16DF7EC73987A719595D3A159C44ED8380C118 ] UPS C:\WINDOWS\System32\ups.exe
22:42:09.0890 0x0aa0 UPS - ok
22:42:09.0984 0x0aa0 [ 8BF5D980CDCE35FB26F05047144BB57E, 8A770DD649FA0D6F574651E5525B983261B823C5778764598D89C453E68ED3F1 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
22:42:10.0109 0x0aa0 USBAAPL - ok
22:42:10.0187 0x0aa0 [ 45A0D14B26C35497AD93BCE7E15C9941, F88F51D03BE33D19E98EA0B45273E84AB77C9927669ADBE7D175354034D9610F ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
22:42:10.0359 0x0aa0 usbaudio - ok
22:42:10.0421 0x0aa0 [ BFFD9F120CC63BCBAA3D840F3EEF9F79, 0183D82E341473200FB1A05F6ABBBA3F2BD635654F49599E4CEB3E6394A33D36 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:42:10.0593 0x0aa0 usbccgp - ok
22:42:10.0671 0x0aa0 [ 15E993BA2F6946B2BFBBFCD30398621E, 10AD5B133C9C68B8E11DF702C50BDE5162693C5A9F132DFE1823D03D70D4EB89 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:42:10.0796 0x0aa0 usbehci - ok
22:42:10.0859 0x0aa0 [ C72F40947F92CEA56A8FB532EDF025F1, EBB9E235C973574B835B1FD22D813E9215029B3FC5030591D6F7971C9A23AEF7 ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:42:11.0015 0x0aa0 usbhub - ok
22:42:11.0046 0x0aa0 [ BDFE799A8531BAD8A5A985821FE78760, CDF194BA160146C329D4911A6573FE47E93BC1F5594C7D3B6C9F44105B90BD26 ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
22:42:11.0171 0x0aa0 usbohci - ok
22:42:11.0203 0x0aa0 [ A42369B7CD8886CD7C70F33DA6FCBCF5, EEDAA16F906A2F8FF40009ED10243F66A5CCE878111F1001DA6060A42DD79047 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
22:42:11.0343 0x0aa0 usbprint - ok
22:42:11.0375 0x0aa0 [ A6BC71402F4F7DD5B77FD7F4A8DDBA85, E40B73D4E2417F4874D155885C86E4FB44557324616AABD84EFE6C4751DCC46B ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:42:11.0515 0x0aa0 usbscan - ok
22:42:11.0562 0x0aa0 [ 6CD7B22193718F1D17A47A1CD6D37E75, CFD74FE06819DA488654F88BFCCBF29994FE7F04EC6CD5CD41552B0C95A8130F ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:42:11.0828 0x0aa0 USBSTOR - ok
22:42:11.0875 0x0aa0 [ F8FD1400092E23C8F2F31406EF06167B, AE93C83BA1966535AFA3E72D6F69156B7E56F021A6808EC8DA44C7E7D506D7E5 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
22:42:12.0000 0x0aa0 usbuhci - ok
22:42:12.0140 0x0aa0 [ 8968FF3973A883C49E8B564200F565B9, 64811243DA03B8B538E6B10954655C2A87D8CF8090F4BF4537A97947D4E6C3DC ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
22:42:12.0328 0x0aa0 usbvideo - ok
22:42:12.0390 0x0aa0 [ 94D73B62E458FB56C9CE60AA96D914F9, EF0FAC91A1207DA28600000141C26686A7BD6B70EE05F5B78459D3D615454151 ] VClone C:\WINDOWS\system32\DRIVERS\VClone.sys
22:42:12.0421 0x0aa0 VClone - detected UnsignedFile.Multi.Generic ( 1 )
22:42:12.0421 0x0aa0 VClone ( UnsignedFile.Multi.Generic ) - warning
22:42:12.0468 0x0aa0 [ 8A60EDD72B4EA5AEA8202DAF0E427925, ED0624B285E4F64E07E30C12490873A2090F9DFD6A91A2EDA7A1082B88A8199E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
22:42:12.0593 0x0aa0 VgaSave - ok
22:42:12.0625 0x0aa0 [ 59CB1338AD3654417BEA49636457F65D, 1B03B894BEA354C190782C6570498B5126F3B884E9DBFE6E9B176D7C47AD79D4 ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
22:42:12.0750 0x0aa0 ViaIde - ok
22:42:12.0859 0x0aa0 [ 698869E82C57169F2140C04A272BF12B, F75B883EFA3B1CC2164BB25471FCC0E4DCB970DE82FA940906C5C49D9BF82CD7 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
22:42:12.0984 0x0aa0 VolSnap - ok
22:42:13.0000 0x0aa0 vsdatant - ok
22:42:13.0281 0x0aa0 [ 147C653AD61BD01556723B3C8C4FAFC8, 53D526529637D73549C92FA734B6BF4A3E8F6763CEDFBA39D3EEB1D15CE5DDC8 ] VSS C:\WINDOWS\System32\vssvc.exe
22:42:13.0781 0x0aa0 VSS - ok
22:42:13.0953 0x0aa0 [ 8B97D00E5C6A593EBB605CE4B8A5CAA5, B51705948ADFE25881810279411CB8DA37D22C8671DBD4E9C327615CB614EB63 ] W32Time C:\WINDOWS\system32\w32time.dll
22:42:14.0234 0x0aa0 W32Time - ok
22:42:14.0281 0x0aa0 [ 984EF0B9788ABF89974CFED4BFBAACBC, 8178888E3A1AA3BD3BE34456118BB76AF2DD04EC575E4880F97A8EFB182C9E92 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:42:14.0421 0x0aa0 Wanarp - ok
22:42:14.0421 0x0aa0 WDICA - ok
22:42:14.0531 0x0aa0 [ 2797F33EBF50466020C430EE4F037933, F134F8C091D944880714E4D193D2753BE4F1C18757D5274A892195C4EC9C4D08 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
22:42:14.0734 0x0aa0 wdmaud - ok
22:42:14.0828 0x0aa0 [ EBA8DEA9E279A9A50B608BFF3CBC2CDE, A442A2EDFEC541E2C253069414370AEBA76B146B86F754414EEFFF65DD05FA66 ] WebClient C:\WINDOWS\System32\webclnt.dll
22:42:15.0000 0x0aa0 WebClient - ok
22:42:15.0062 0x0aa0 [ A67340B874DF9EAF5B226E5F3473B9DA, 9097E8635F8CC6F1641D86C86A14C27BFCCAF85D23900A1C3268D348B2AF3CCF ] wg3n C:\WINDOWS\SYSTEM32\Drivers\wg3n.sys
22:42:15.0078 0x0aa0 wg3n - ok
22:42:15.0125 0x0aa0 [ 851216E2816B7B7E74B5F7EF1D4ACFB7, 246A13F4BFDD918B8C7452701190853D8138FAEDB675898E4CDC9F55B33284E5 ] wg4n C:\WINDOWS\SYSTEM32\Drivers\wg4n.sys
22:42:15.0140 0x0aa0 wg4n - ok
22:42:15.0171 0x0aa0 [ AEDD1FE0DF660411D15DA3C57CFC2402, 0E581A4C1926D6F4E2F62C0F8EE09F2BD8790ED2A4590513B59D93FA97FE1964 ] wg5n C:\WINDOWS\SYSTEM32\Drivers\wg5n.sys
22:42:15.0218 0x0aa0 wg5n - ok
22:42:15.0250 0x0aa0 [ DD0D719A58DF79086462BD5FC972A908, 039FB2B9EFC8E330EE236A7BDF2CAC8DF39516B80AC50DA8A24A0A3480CC71EF ] wg6n C:\WINDOWS\SYSTEM32\Drivers\wg6n.sys
22:42:15.0281 0x0aa0 wg6n - ok
22:42:15.0484 0x0aa0 [ A91ACDD987DC3E0E1FCEDDA6F1FFEF2A, 44A0F501D1458450FC15B07883A25970906DEFFDEBC89E81D2518AD201AC3E87 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
22:42:15.0734 0x0aa0 winmgmt - ok
22:42:15.0812 0x0aa0 [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
22:42:15.0984 0x0aa0 WmdmPmSN - ok
22:42:16.0140 0x0aa0 [ 0EE2A2754039B13A632489726689DAD0, 838C3A46F72F9F828760E264950169B64FBEB0892E52EF18DE34FF62B3333C34 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
22:42:16.0359 0x0aa0 WmiApSrv - ok
22:42:17.0328 0x0aa0 [ F30DC8F80CF65A323E8B6A2DB81561E3, C249E3B13456D5EB5CA7F64FE8C7B1CC01D383129C7A2AF06360CF67C4445E5E ] WMPNetworkSvc C:\Programmi\Windows Media Player\WMPNetwk.exe
22:42:18.0906 0x0aa0 WMPNetworkSvc - ok
22:42:19.0000 0x0aa0 [ CF4DEF1BF66F06964DC0D91844239104, CC1D9CECE2056D29A9651D51BB57C3F4F9BF9E90A4808CF7496C683C874FBD51 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
22:42:19.0062 0x0aa0 WpdUsb - ok
22:42:19.0109 0x0aa0 [ 93C145DCEB13156322423EFD62D4549A, 465954E837CFF0E663C57E7293586A18D9A6F4C10E68E30B406331ACAAE2312F ] wpsdrvnt C:\WINDOWS\system32\drivers\wpsdrvnt.sys
22:42:19.0156 0x0aa0 wpsdrvnt - detected UnsignedFile.Multi.Generic ( 1 )
22:42:19.0156 0x0aa0 wpsdrvnt ( UnsignedFile.Multi.Generic ) - warning
22:42:19.0203 0x0aa0 [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
22:42:19.0328 0x0aa0 WS2IFSL - ok
22:42:19.0437 0x0aa0 [ 17F70F4E37452A30C35565052AB68BE9, 5651D910236D84EAFD7924EB28604DA19E7A8EA5BE1CF75BA0C833D03DDCCFE4 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
22:42:19.0656 0x0aa0 wscsvc - ok
22:42:19.0781 0x0aa0 [ D5842484F05E12121C511AA93F6439EC, 531888E914578172534BBC3220A86C99D1FCE423E89834B533E0A79F583436F3 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
22:42:19.0937 0x0aa0 WSTCODEC - ok
22:42:19.0984 0x0aa0 [ 4CBB7CC975E5B67022A7F95DFC6EF9EC, 750B650B4E58959A097A587D914FE736B9E4B9F10B40DECE53AF445CC482E86B ] wuauserv C:\WINDOWS\system32\wuauserv.dll
22:42:20.0093 0x0aa0 wuauserv - ok
22:42:20.0203 0x0aa0 [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
22:42:20.0312 0x0aa0 WudfPf - ok
22:42:20.0406 0x0aa0 [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
22:42:20.0500 0x0aa0 WudfRd - ok
22:42:20.0562 0x0aa0 [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
22:42:20.0656 0x0aa0 WudfSvc - ok
22:42:21.0093 0x0aa0 [ 312913174D070ED81E9D78DA7B648774, 40340E1AA2606AB0A81D9647B81FE6AD03DA2DD9B2A4D6D742E46398FD93CD68 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
22:42:21.0953 0x0aa0 WZCSVC - ok
22:42:22.0109 0x0aa0 [ 3208BAD59EFA3F4FCCCFBF1317F2A1C1, 1621291DC4994CA6F831A66957126D78D79AD7872264C566A2AAFBC736AC490F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
22:42:22.0390 0x0aa0 xmlprov - ok
22:42:23.0031 0x0aa0 [ DD0042F0C3B606A6A8B92D49AFB18AD6, 8D3BE4C93D02AF5F42EC46AF598D6DA40C61D467CB2FEE5E222F9C1E7A84B852 ] YahooAUService C:\Programmi\Yahoo!\SoftwareUpdate\YahooAUService.exe
22:42:24.0000 0x0aa0 YahooAUService - ok
22:42:24.0015 0x0aa0 ================ Scan global ===============================
22:42:24.0093 0x0aa0 [ 7B37B598B55BF80415C15BFFE7A992A2, 8FBE419C70698E81B0C09C9EE20DA2B2AD5FF5A8122F4A918F7B79336014B8C4 ] C:\WINDOWS\system32\basesrv.dll
22:42:24.0421 0x0aa0 [ 09A89DEE6E15E360B52E556E2A46D97C, AC648D9DEBB4F494E9681E4604FF98119CFF64A90DF4F470822E80FB58A6B7AE ] C:\WINDOWS\system32\winsrv.dll
22:42:24.0968 0x0aa0 [ 09A89DEE6E15E360B52E556E2A46D97C, AC648D9DEBB4F494E9681E4604FF98119CFF64A90DF4F470822E80FB58A6B7AE ] C:\WINDOWS\system32\winsrv.dll
22:42:25.0109 0x0aa0 [ E77F6FA2A15390F1727F4C1C55B69DA6, 04BEBE1F63AD420A4F9392519222C598A482F09BF12A318DCCE8DCD8E0206009 ] C:\WINDOWS\system32\services.exe
22:42:25.0109 0x0aa0 [ Global ] - ok
22:42:25.0125 0x0aa0 ================ Scan MBR ==================================
22:42:25.0156 0x0aa0 [ 0AC6D996BCE152AED9600E6D6B797E2E ] \Device\Harddisk0\DR0
22:42:25.0968 0x0aa0 \Device\Harddisk0\DR0 - ok
22:42:25.0968 0x0aa0 ================ Scan VBR ==================================
22:42:25.0968 0x0aa0 [ CBD97F7C5C78306CB2B60725392013BE ] \Device\Harddisk0\DR0\Partition1
22:42:25.0968 0x0aa0 \Device\Harddisk0\DR0\Partition1 - ok
22:42:26.0015 0x0aa0 [ 69CD5197A775698E1C603085C601881E ] \Device\Harddisk0\DR0\Partition2
22:42:26.0015 0x0aa0 \Device\Harddisk0\DR0\Partition2 - ok
22:42:26.0687 0x0aa0 AV detected via SS1: avast! Antivirus, 5.0.150996957, disabled, updated
22:42:26.0687 0x0aa0 FW detected via SS1: Sygate Personal Firewall, 4.6, enabled
22:42:26.0687 0x0aa0 ============================================================
22:42:26.0703 0x0aa0 Scan finished
22:42:26.0703 0x0aa0 ============================================================
22:42:26.0718 0x0dd0 Detected object count: 18
22:42:26.0718 0x0dd0 Actual detected object count: 18
22:42:44.0015 0x0dd0 ACEDRV05 ( UnsignedFile.Multi.Generic ) - skipped by user
22:42:44.0015 0x0dd0 ACEDRV05 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:42:44.0015 0x0dd0 ACEDRV07 ( UnsignedFile.Multi.Generic ) - skipped by user
22:42:44.0015 0x0dd0 ACEDRV07 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:42:44.0031 0x0dd0 FNETTBOH ( UnsignedFile.Multi.Generic ) - skipped by user
22:42:44.0031 0x0dd0 FNETTBOH ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:42:44.0031 0x0dd0 FNETURPX ( UnsignedFile.Multi.Generic ) - skipped by user
22:42:44.0031 0x0dd0 FNETURPX ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:42:44.0031 0x0dd0 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user
22:42:44.0031 0x0dd0 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:42:44.0031 0x0dd0 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
22:42:44.0031 0x0dd0 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:42:44.0031 0x0dd0 imagedrv ( UnsignedFile.Multi.Generic ) - skipped by user
22:42:44.0031 0x0dd0 imagedrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:42:44.0031 0x0dd0 imagesrv ( UnsignedFile.Multi.Generic ) - skipped by user
22:42:44.0031 0x0dd0 imagesrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:42:44.0031 0x0dd0 nocashio ( UnsignedFile.Multi.Generic ) - skipped by user
22:42:44.0031 0x0dd0 nocashio ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:42:44.0031 0x0dd0 PcdrNdisuio ( UnsignedFile.Multi.Generic ) - skipped by user
22:42:44.0031 0x0dd0 PcdrNdisuio ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:42:44.0046 0x0dd0 SASDIFSV ( UnsignedFile.Multi.Generic ) - skipped by user
22:42:44.0046 0x0dd0 SASDIFSV ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:42:44.0046 0x0dd0 SASENUM ( UnsignedFile.Multi.Generic ) - skipped by user
22:42:44.0046 0x0dd0 SASENUM ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:42:44.0046 0x0dd0 SASKUTIL ( UnsignedFile.Multi.Generic ) - skipped by user
22:42:44.0046 0x0dd0 SASKUTIL ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:42:44.0046 0x0dd0 sptd ( LockedFile.Multi.Generic ) - skipped by user
22:42:44.0046 0x0dd0 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
22:42:44.0046 0x0dd0 Tcpip ( UnsignedFile.Multi.Generic ) - skipped by user
22:42:44.0046 0x0dd0 Tcpip ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:42:44.0046 0x0dd0 Teefer ( UnsignedFile.Multi.Generic ) - skipped by user
22:42:44.0046 0x0dd0 Teefer ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:42:44.0046 0x0dd0 VClone ( UnsignedFile.Multi.Generic ) - skipped by user
22:42:44.0046 0x0dd0 VClone ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:42:44.0046 0x0dd0 wpsdrvnt ( UnsignedFile.Multi.Generic ) - skipped by user
22:42:44.0046 0x0dd0 wpsdrvnt ( UnsignedFile.Multi.Generic ) - User select action: Skip

[malfeitor]

Ciao, ad oggi non ho ricevuto più alcuna risposta,
qualcuno può aiutarmi? Il pc così lento è inutilizzabile
Grazie.