www.MegaLab.it

da **ivan92** » lun mag 21, 2012 8:52 pm

oggi per ben 2 volte il computer si è bloccato ed è uscita una schermata bianca a righe verticali con i bordi più scuri.
visto così potrebbe sembrare un problema di scheda video,ma non escudo che possa essere un virus dato che la settimana scorsa mi è uscita una blu screen e problemi di questo tipo non me ne ha mai dati prima.
confido nel vostro aiuto...

da **crazy.cat** » mar mag 22, 2012 4:06 am

Aggiorna i driver video per iniziare.
Poi ne riparleremo.

da **ivan92** » mar mag 22, 2012 7:31 pm

i driver sono aggiornati

da **VincenzoGTA** » mar mag 22, 2012 9:38 pm

Stressa la scheda video e vedi se il problema si presenta durante i test...

da **ivan92** » mer mag 23, 2012 8:11 pm

fatto ma non si presentano problemi...nell'utilizzo normale però è uscita la blu screen

da GERONIMO* » mer mag 23, 2012 8:20 pm

puoi postare il codice errore del blu screen,in modo da controllare da cosa e causato

da **ivan92** » mer mag 23, 2012 8:32 pm

questo è quello che mi da per l'ultimo crash...

Codice: Seleziona tutto: On Wed 23/05/2012 18:59:05 GMT your computer crashed crash dump file: C:\Windows\Minidump\052312-63866-01.dmp This was probably caused by the following module: ntoskrnl.exe (nt+0x7F1C0) Bugcheck code: 0x19 (0x20, 0xFFFFFA8006B860D0, 0xFFFFFA8006B86190, 0x40C0001) Error: BAD_POOL_HEADER file path: C:\Windows\system32\ntoskrnl.exe product: Microsoft® Windows® Operating System company: Microsoft Corporation description: NT Kernel & System Bug check description: This indicates that a pool header is corrupt. This appears to be a typical software driver bug and is not likely to be caused by a hardware problem. This might be a case of memory corruption. More often memory corruption happens because of software errors in buggy drivers, not because of faulty RAM modules. The crash took place in the Windows kernel. Possibly this problem is caused by another driver which cannot be identified at this time. On Wed 23/05/2012 18:59:05 GMT your computer crashed crash dump file: C:\Windows\memory.dmp This was probably caused by the following module: ntkrnlmp.exe (nt!KeBugCheckEx+0x0) Bugcheck code: 0x19 (0x20, 0xFFFFFA8006B860D0, 0xFFFFFA8006B86190, 0x40C0001) Error: BAD_POOL_HEADER Bug check description: This indicates that a pool header is corrupt. This appears to be a typical software driver bug and is not likely to be caused by a hardware problem. This might be a case of memory corruption. More often memory corruption happens because of software errors in buggy drivers, not because of faulty RAM modules. The crash took place in the Windows kernel. Possibly this problem is caused by another driver which cannot be identified at this time.

da GERONIMO* » mer mag 23, 2012 8:48 pm

potrebbe essere un virus,più precisamente un rootkit kernel mode
fai una scansione con questo dura 2 minuti

Scarica TDSSKiller e salvalo sul desktop.
http://support.kaspersky.com/downloads/ ... killer.exe
fai doppio clik su TDSSKiller.exe
nota se hai vista o w7 tasto destro su tdsskiller.exe e scegli Esegui come Amministratore per lanciarlo
Assicurati che le 2 caselle Abbiano la spunta
Immagine

fare clic su Start Scan
e attendi la scansione

Se trova il file infetto viene rilevato, l'azione predefinita sarà Cure, fare clic su Continua.
Immagine

Se un file sospetto è rilevato, l'azione predefinita sarà Skip , fare clic su Continua.

Se chiede di riavviare il pc (Reboot) acconsenti. (per eliminare l'infezione è necessario riavviare il pc)
Se non chiede di riavviare il pc clicca su report e salvalo sul desktop

Postalo qui.
Il report lo trovi in Disco locale C
TDSSKiller.[Version]_[Date]_[Time]_log.txt

da **ivan92** » mer mag 23, 2012 9:22 pm

ha trovato un file sospetto..
qui il report:

Codice: Seleziona tutto: 22:17:50.0023 5796 TDSS rootkit removing tool 2.7.37.0 May 23 2012 08:15:30 22:17:52.0039 5796 ============================================================ 22:17:52.0039 5796 Current date / time: 2012/05/23 22:17:52.0039 22:17:52.0039 5796 SystemInfo: 22:17:52.0039 5796 22:17:52.0039 5796 OS Version: 6.1.7601 ServicePack: 1.0 22:17:52.0039 5796 Product type: Workstation 22:17:52.0040 5796 ComputerName: IVAN-PC 22:17:52.0040 5796 UserName: Ivan 22:17:52.0040 5796 Windows directory: C:\Windows 22:17:52.0040 5796 System windows directory: C:\Windows 22:17:52.0040 5796 Running under WOW64 22:17:52.0040 5796 Processor architecture: Intel x64 22:17:52.0040 5796 Number of processors: 4 22:17:52.0040 5796 Page size: 0x1000 22:17:52.0040 5796 Boot type: Normal boot 22:17:52.0040 5796 ============================================================ 22:17:53.0265 5796 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 22:17:53.0271 5796 ============================================================ 22:17:53.0271 5796 \Device\Harddisk0\DR0: 22:17:53.0271 5796 MBR partitions: 22:17:53.0271 5796 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1770800, BlocksNum 0x32000 22:17:53.0271 5796 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x17A2800, BlocksNum 0x38BE3030 22:17:53.0271 5796 ============================================================ 22:17:53.0426 5796 C: <-> \Device\Harddisk0\DR0\Partition1 22:17:53.0426 5796 ============================================================ 22:17:53.0426 5796 Initialize success 22:17:53.0426 5796 ============================================================ 22:18:18.0697 6680 ============================================================ 22:18:18.0697 6680 Scan started 22:18:18.0697 6680 Mode: Manual; 22:18:18.0697 6680 ============================================================ 22:18:20.0425 6680 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 22:18:20.0440 6680 1394ohci - ok 22:18:20.0763 6680 ABBYY.Licensing.FineReader.Sprint.9.0 (b33cf4de909a5b30f526d82053a63c8e) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe 22:18:20.0771 6680 ABBYY.Licensing.FineReader.Sprint.9.0 - ok 22:18:20.0864 6680 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 22:18:20.0881 6680 ACPI - ok 22:18:20.0954 6680 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 22:18:20.0998 6680 AcpiPmi - ok 22:18:21.0089 6680 AdobeActiveFileMonitor7.0 (6d9fc1e7ea3c548f4d3455f0c3feef8c) c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe 22:18:21.0121 6680 AdobeActiveFileMonitor7.0 - ok 22:18:21.0312 6680 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 22:18:21.0317 6680 AdobeARMservice - ok 22:18:21.0458 6680 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 22:18:21.0463 6680 AdobeFlashPlayerUpdateSvc - ok 22:18:21.0939 6680 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 22:18:21.0993 6680 adp94xx - ok 22:18:22.0689 6680 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 22:18:22.0730 6680 adpahci - ok 22:18:22.0840 6680 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 22:18:22.0887 6680 adpu320 - ok 22:18:22.0930 6680 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 22:18:22.0958 6680 AeLookupSvc - ok 22:18:23.0046 6680 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 22:18:23.0076 6680 AFD - ok 22:18:23.0121 6680 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 22:18:23.0140 6680 agp440 - ok 22:18:23.0175 6680 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 22:18:23.0214 6680 ALG - ok 22:18:23.0283 6680 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 22:18:23.0304 6680 aliide - ok 22:18:23.0344 6680 AMD External Events Utility (41a0813f22d3330c0ca71ce5bbd42b12) C:\Windows\system32\atiesrxx.exe 22:18:23.0420 6680 AMD External Events Utility - ok 22:18:23.0474 6680 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 22:18:23.0518 6680 amdide - ok 22:18:23.0628 6680 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 22:18:23.0679 6680 AmdK8 - ok 22:18:23.0715 6680 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 22:18:23.0744 6680 AmdPPM - ok 22:18:23.0811 6680 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 22:18:23.0827 6680 amdsata - ok 22:18:23.0855 6680 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 22:18:23.0878 6680 amdsbs - ok 22:18:23.0897 6680 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 22:18:23.0900 6680 amdxata - ok 22:18:23.0940 6680 AmUStor (391887990cdaa83de5c56c3fde966da1) C:\Windows\system32\drivers\AmUStor.SYS 22:18:23.0982 6680 AmUStor - ok 22:18:24.0041 6680 androidusb (363571bc0c79e394e69300d1f2e3ddae) C:\Windows\system32\Drivers\androidusb.sys 22:18:24.0083 6680 androidusb - ok 22:18:24.0139 6680 ApfiltrService (9815014f3e30357168da272088c6f12f) C:\Windows\system32\DRIVERS\Apfiltr.sys 22:18:24.0148 6680 ApfiltrService - ok 22:18:24.0222 6680 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 22:18:24.0262 6680 AppID - ok 22:18:24.0298 6680 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 22:18:24.0330 6680 AppIDSvc - ok 22:18:24.0419 6680 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 22:18:24.0431 6680 Appinfo - ok 22:18:24.0838 6680 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 22:18:24.0846 6680 Apple Mobile Device - ok 22:18:24.0923 6680 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 22:18:24.0959 6680 arc - ok 22:18:25.0046 6680 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 22:18:25.0071 6680 arcsas - ok 22:18:25.0262 6680 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 22:18:25.0321 6680 aspnet_state - ok 22:18:25.0358 6680 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 22:18:25.0373 6680 AsyncMac - ok 22:18:25.0456 6680 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 22:18:25.0460 6680 atapi - ok 22:18:25.0919 6680 athr (d6cad7e5b05055bb8226bdcb1644da27) C:\Windows\system32\DRIVERS\athrx.sys 22:18:26.0000 6680 athr - ok 22:18:26.0814 6680 atikmdag (37456be85384e4cc38dc899f07f88c45) C:\Windows\system32\DRIVERS\atikmdag.sys 22:18:26.0957 6680 atikmdag - ok 22:18:27.0172 6680 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 22:18:27.0201 6680 AudioEndpointBuilder - ok 22:18:27.0211 6680 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 22:18:27.0220 6680 AudioSrv - ok 22:18:27.0359 6680 Autodesk Content Service (1992c2a1867d95aa3a0802539358d162) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe 22:18:27.0363 6680 Autodesk Content Service - ok 22:18:27.0483 6680 AVP (946d70667b0119f2beeae0849e1d46a2) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe 22:18:27.0489 6680 AVP - ok 22:18:27.0583 6680 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 22:18:27.0598 6680 AxInstSV - ok 22:18:27.0710 6680 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 22:18:27.0750 6680 b06bdrv - ok 22:18:27.0795 6680 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 22:18:27.0825 6680 b57nd60a - ok 22:18:27.0973 6680 BCM43XX (9e84a931dbee0292e38ed672f6293a99) C:\Windows\system32\DRIVERS\bcmwl664.sys 22:18:28.0276 6680 BCM43XX - ok 22:18:28.0318 6680 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 22:18:28.0325 6680 BDESVC - ok 22:18:28.0407 6680 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 22:18:28.0452 6680 Beep - ok 22:18:28.0565 6680 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll 22:18:28.0592 6680 BFE - ok 22:18:28.0710 6680 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll 22:18:28.0763 6680 BITS - ok 22:18:28.0840 6680 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 22:18:28.0870 6680 blbdrive - ok 22:18:28.0992 6680 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe 22:18:29.0018 6680 Bonjour Service - ok 22:18:29.0096 6680 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 22:18:29.0103 6680 bowser - ok 22:18:29.0135 6680 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 22:18:29.0167 6680 BrFiltLo - ok 22:18:29.0185 6680 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 22:18:29.0207 6680 BrFiltUp - ok 22:18:29.0253 6680 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 22:18:29.0256 6680 Browser - ok 22:18:29.0289 6680 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 22:18:29.0315 6680 Brserid - ok 22:18:29.0336 6680 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 22:18:29.0388 6680 BrSerWdm - ok 22:18:29.0422 6680 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 22:18:29.0477 6680 BrUsbMdm - ok 22:18:29.0491 6680 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 22:18:29.0535 6680 BrUsbSer - ok 22:18:29.0586 6680 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys 22:18:29.0618 6680 BthEnum - ok 22:18:29.0664 6680 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 22:18:29.0727 6680 BTHMODEM - ok 22:18:29.0799 6680 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys 22:18:29.0816 6680 BthPan - ok 22:18:30.0450 6680 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys 22:18:30.0482 6680 BTHPORT - ok 22:18:30.0648 6680 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 22:18:30.0678 6680 bthserv - ok 22:18:30.0766 6680 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys 22:18:30.0781 6680 BTHUSB - ok 22:18:30.0848 6680 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 22:18:30.0877 6680 cdfs - ok 22:18:31.0046 6680 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys 22:18:31.0058 6680 cdrom - ok 22:18:31.0153 6680 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 22:18:31.0162 6680 CertPropSvc - ok 22:18:31.0504 6680 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 22:18:31.0526 6680 circlass - ok 22:18:32.0008 6680 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 22:18:32.0074 6680 CLFS - ok 22:18:32.0295 6680 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 22:18:32.0305 6680 clr_optimization_v2.0.50727_32 - ok 22:18:32.0544 6680 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 22:18:32.0554 6680 clr_optimization_v2.0.50727_64 - ok 22:18:32.0674 6680 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 22:18:32.0708 6680 clr_optimization_v4.0.30319_32 - ok 22:18:32.0997 6680 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 22:18:33.0012 6680 clr_optimization_v4.0.30319_64 - ok 22:18:33.0042 6680 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 22:18:33.0064 6680 CmBatt - ok 22:18:33.0135 6680 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 22:18:33.0147 6680 cmdide - ok 22:18:33.0319 6680 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 22:18:33.0356 6680 CNG - ok 22:18:33.0477 6680 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 22:18:33.0493 6680 Compbatt - ok 22:18:33.0585 6680 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 22:18:33.0638 6680 CompositeBus - ok 22:18:33.0653 6680 COMSysApp - ok 22:18:33.0711 6680 cpuz134 (17719a7f571d4cd08223f0b30f71b8b8) C:\Windows\system32\drivers\cpuz134_x64.sys 22:18:33.0788 6680 cpuz134 - ok 22:18:33.0843 6680 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 22:18:33.0877 6680 crcdisk - ok 22:18:34.0067 6680 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll 22:18:34.0100 6680 CryptSvc - ok 22:18:34.0210 6680 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 22:18:34.0220 6680 DcomLaunch - ok 22:18:34.0546 6680 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 22:18:34.0654 6680 defragsvc - ok 22:18:34.0737 6680 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 22:18:34.0825 6680 DfsC - ok 22:18:34.0898 6680 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 22:18:34.0939 6680 Dhcp - ok 22:18:34.0968 6680 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 22:18:35.0010 6680 discache - ok 22:18:35.0074 6680 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 22:18:35.0149 6680 Disk - ok 22:18:35.0295 6680 DKbFltr (d5bcb77be83cf99f508943945d46343d) C:\Windows\syswow64\Drivers\DKbFltr.sys 22:18:35.0318 6680 DKbFltr - ok 22:18:35.0385 6680 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 22:18:35.0454 6680 Dnscache - ok 22:18:35.0514 6680 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 22:18:35.0579 6680 dot3svc - ok 22:18:35.0629 6680 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 22:18:35.0668 6680 DPS - ok 22:18:35.0749 6680 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 22:18:35.0834 6680 drmkaud - ok 22:18:35.0966 6680 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 22:18:36.0232 6680 DXGKrnl - ok 22:18:36.0289 6680 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 22:18:36.0347 6680 EapHost - ok 22:18:36.0624 6680 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 22:18:36.0790 6680 ebdrv - ok 22:18:36.0962 6680 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 22:18:37.0012 6680 EFS - ok 22:18:37.0150 6680 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 22:18:37.0298 6680 ehRecvr - ok 22:18:37.0333 6680 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 22:18:37.0417 6680 ehSched - ok 22:18:37.0513 6680 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 22:18:37.0584 6680 elxstor - ok 22:18:37.0734 6680 ePowerSvc (fb67aa8ac61b9365add546139a21bed6) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe 22:18:37.0775 6680 ePowerSvc - ok 22:18:37.0900 6680 EpsonBidirectionalService (abdd5ad016affd34ad40e944ce94bf59) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe 22:18:37.0930 6680 EpsonBidirectionalService - ok 22:18:38.0086 6680 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 22:18:38.0131 6680 ErrDev - ok 22:18:38.0203 6680 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 22:18:38.0332 6680 EventSystem - ok 22:18:38.0386 6680 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 22:18:38.0498 6680 exfat - ok 22:18:38.0539 6680 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 22:18:38.0638 6680 fastfat - ok 22:18:38.0739 6680 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 22:18:38.0783 6680 Fax - ok 22:18:38.0818 6680 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 22:18:38.0869 6680 fdc - ok 22:18:38.0904 6680 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 22:18:38.0904 6680 fdPHost - ok 22:18:38.0924 6680 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 22:18:38.0929 6680 FDResPub - ok 22:18:38.0949 6680 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 22:18:38.0999 6680 FileInfo - ok 22:18:39.0029 6680 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 22:18:39.0069 6680 Filetrace - ok 22:18:39.0199 6680 FLEXnet Licensing Service (73081cf28f0ae20a52ca4f67cee6e6b0) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 22:18:39.0222 6680 FLEXnet Licensing Service - ok 22:18:39.0396 6680 FLEXnet Licensing Service 64 (5cee6cd43ae5844c49300ea0b1e557ee) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe 22:18:39.0432 6680 FLEXnet Licensing Service 64 - ok 22:18:39.0570 6680 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 22:18:39.0625 6680 flpydisk - ok 22:18:39.0701 6680 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 22:18:39.0715 6680 FltMgr - ok 22:18:39.0836 6680 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 22:18:39.0868 6680 FontCache - ok 22:18:40.0035 6680 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 22:18:40.0126 6680 FontCache3.0.0.0 - ok 22:18:40.0188 6680 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 22:18:40.0276 6680 FsDepends - ok 22:18:40.0325 6680 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys 22:18:40.0395 6680 Fs_Rec - ok 22:18:40.0443 6680 FTDIBUS (ed07200cff78facfb66ebb0b89f503a4) C:\Windows\system32\drivers\ftdibus.sys 22:18:40.0539 6680 FTDIBUS - ok 22:18:40.0573 6680 FTSER2K (9980e7584484a009e77e9bfa14c0c18a) C:\Windows\system32\drivers\ftser2k.sys 22:18:40.0680 6680 FTSER2K - ok 22:18:40.0749 6680 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 22:18:40.0821 6680 fvevol - ok 22:18:40.0867 6680 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 22:18:40.0932 6680 gagp30kx - ok 22:18:40.0969 6680 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 22:18:41.0023 6680 GEARAspiWDM - ok 22:18:41.0111 6680 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 22:18:41.0138 6680 gpsvc - ok 22:18:41.0310 6680 Greg_Service (816fd5a6f3c2f3d600900096632fc60e) C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe 22:18:41.0412 6680 Greg_Service - ok 22:18:41.0502 6680 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 22:18:41.0527 6680 gupdate - ok 22:18:41.0582 6680 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 22:18:41.0622 6680 gupdatem - ok 22:18:41.0667 6680 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 22:18:41.0692 6680 gusvc - ok 22:18:41.0885 6680 HauppaugeTVServer (1dbbf9be473f6ca2f2f4182fccf563dc) C:\PROGRA~2\WinTV\TVServer\HAUPPA~1.EXE 22:18:41.0937 6680 HauppaugeTVServer - ok 22:18:42.0080 6680 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 22:18:42.0151 6680 hcw85cir - ok 22:18:42.0258 6680 hcw95bda (2249b35899312a3ae137b23636b31763) C:\Windows\system32\Drivers\hcw95bda.sys 22:18:42.0315 6680 hcw95bda - ok 22:18:42.0365 6680 hcw95rc (3688d4b84e9f98f70a71d5b4b720940e) C:\Windows\system32\DRIVERS\hcw95rc.sys 22:18:42.0377 6680 hcw95rc - ok 22:18:42.0459 6680 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 22:18:42.0541 6680 HdAudAddService - ok 22:18:42.0580 6680 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 22:18:42.0600 6680 HDAudBus - ok 22:18:42.0674 6680 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys 22:18:42.0738 6680 HECIx64 - ok 22:18:42.0775 6680 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 22:18:42.0829 6680 HidBatt - ok 22:18:42.0849 6680 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 22:18:42.0874 6680 HidBth - ok 22:18:42.0948 6680 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 22:18:43.0023 6680 HidIr - ok 22:18:43.0045 6680 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll 22:18:43.0132 6680 hidserv - ok 22:18:43.0190 6680 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys 22:18:43.0244 6680 HidUsb - ok 22:18:43.0288 6680 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 22:18:43.0306 6680 hkmsvc - ok 22:18:43.0366 6680 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 22:18:43.0437 6680 HomeGroupListener - ok 22:18:43.0483 6680 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 22:18:43.0529 6680 HomeGroupProvider - ok 22:18:43.0584 6680 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 22:18:43.0646 6680 HpSAMD - ok 22:18:43.0734 6680 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 22:18:43.0820 6680 HTTP - ok 22:18:43.0859 6680 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 22:18:43.0901 6680 hwpolicy - ok 22:18:44.0011 6680 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 22:18:44.0036 6680 i8042prt - ok 22:18:44.0146 6680 IAANTMON (7548066df68a8a1a56b043359f915f37) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe 22:18:44.0156 6680 IAANTMON - ok 22:18:44.0191 6680 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys 22:18:44.0231 6680 iaStor - ok 22:18:44.0326 6680 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 22:18:44.0418 6680 iaStorV - ok 22:18:44.0557 6680 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe 22:18:44.0643 6680 IDriverT - ok 22:18:44.0753 6680 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 22:18:44.0850 6680 idsvc - ok 22:18:45.0291 6680 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys 22:18:45.0440 6680 igfx - ok 22:18:45.0626 6680 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 22:18:45.0668 6680 iirsp - ok 22:18:45.0766 6680 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 22:18:45.0794 6680 IKEEXT - ok 22:18:45.0842 6680 Impcd (36fdf367a1dabff903e2214023d71368) C:\Windows\system32\DRIVERS\Impcd.sys 22:18:45.0878 6680 Impcd - ok 22:18:46.0070 6680 IntcAzAudAddService (42943bb3ab7a405b30eff7c8283cc129) C:\Windows\system32\drivers\RTKVHD64.sys 22:18:46.0169 6680 IntcAzAudAddService - ok 22:18:46.0316 6680 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 22:18:46.0348 6680 intelide - ok 22:18:46.0378 6680 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 22:18:46.0389 6680 intelppm - ok 22:18:46.0430 6680 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 22:18:46.0435 6680 IPBusEnum - ok 22:18:46.0480 6680 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 22:18:46.0500 6680 IpFilterDriver - ok 22:18:46.0575 6680 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll 22:18:46.0610 6680 iphlpsvc - ok 22:18:46.0665 6680 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 22:18:46.0685 6680 IPMIDRV - ok 22:18:46.0715 6680 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 22:18:46.0755 6680 IPNAT - ok 22:18:46.0890 6680 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe 22:18:46.0905 6680 iPod Service - ok 22:18:46.0935 6680 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 22:18:46.0945 6680 IRENUM - ok 22:18:46.0986 6680 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 22:18:46.0998 6680 isapnp - ok 22:18:47.0077 6680 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 22:18:47.0095 6680 iScsiPrt - ok 22:18:47.0156 6680 k57nd60a (d85f3f18e44f7447b5f1ba5c85baeb7c) C:\Windows\system32\DRIVERS\k57nd60a.sys 22:18:47.0185 6680 k57nd60a - ok 22:18:47.0226 6680 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 22:18:47.0246 6680 kbdclass - ok 22:18:47.0306 6680 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 22:18:47.0326 6680 kbdhid - ok 22:18:47.0361 6680 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 22:18:47.0418 6680 KeyIso - ok 22:18:47.0519 6680 KL1 (8d7120743a0973ceab548b475c9d4289) C:\Windows\system32\DRIVERS\kl1.sys 22:18:47.0580 6680 KL1 - ok 22:18:47.0627 6680 kl2 (cd146d8e525d6eebdcaf24120a8ab9ce) C:\Windows\system32\DRIVERS\kl2.sys 22:18:47.0649 6680 kl2 - ok 22:18:47.0723 6680 KLIF (177505577604c94c4be7b9316a90ada1) C:\Windows\system32\DRIVERS\klif.sys 22:18:47.0743 6680 KLIF - ok 22:18:47.0808 6680 KLIM6 (2a64b3a9eed93a2e96537b67c079fc96) C:\Windows\system32\DRIVERS\klim6.sys 22:18:47.0840 6680 KLIM6 - ok 22:18:47.0912 6680 klmouflt (9468d07e91ba136d82415f5dfc1fe168) C:\Windows\system32\DRIVERS\klmouflt.sys 22:18:47.0933 6680 klmouflt - ok 22:18:47.0986 6680 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 22:18:48.0008 6680 KSecDD - ok 22:18:48.0064 6680 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 22:18:48.0102 6680 KSecPkg - ok 22:18:48.0142 6680 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 22:18:48.0162 6680 ksthunk - ok 22:18:48.0208 6680 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 22:18:48.0245 6680 KtmRm - ok 22:18:48.0285 6680 L1E (2ac603c3188c704cfce353659aa7ad71) C:\Windows\system32\DRIVERS\L1E62x64.sys 22:18:48.0305 6680 L1E - ok 22:18:48.0394 6680 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll 22:18:48.0476 6680 LanmanServer - ok 22:18:48.0558 6680 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 22:18:48.0813 6680 LanmanWorkstation - ok 22:18:48.0975 6680 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 22:18:48.0992 6680 lltdio - ok 22:18:49.0038 6680 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 22:18:49.0199 6680 lltdsvc - ok 22:18:49.0213 6680 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 22:18:49.0217 6680 lmhosts - ok 22:18:49.0343 6680 LMS (7485fbcef9136f530953575e2977859d) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 22:18:49.0358 6680 LMS - ok 22:18:49.0403 6680 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 22:18:49.0418 6680 LSI_FC - ok 22:18:49.0433 6680 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 22:18:49.0453 6680 LSI_SAS - ok 22:18:49.0487 6680 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 22:18:49.0496 6680 LSI_SAS2 - ok 22:18:49.0523 6680 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 22:18:49.0538 6680 LSI_SCSI - ok 22:18:49.0589 6680 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 22:18:49.0608 6680 luafv - ok 22:18:49.0653 6680 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 22:18:49.0658 6680 Mcx2Svc - ok 22:18:49.0677 6680 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 22:18:49.0696 6680 megasas - ok 22:18:49.0750 6680 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 22:18:49.0799 6680 MegaSR - ok 22:18:49.0852 6680 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 22:18:49.0869 6680 MMCSS - ok 22:18:49.0935 6680 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 22:18:49.0947 6680 Modem - ok 22:18:49.0992 6680 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 22:18:50.0003 6680 monitor - ok 22:18:50.0046 6680 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys 22:18:50.0065 6680 mouclass - ok 22:18:50.0102 6680 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 22:18:50.0113 6680 mouhid - ok 22:18:50.0171 6680 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 22:18:50.0180 6680 mountmgr - ok 22:18:50.0235 6680 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 22:18:50.0281 6680 mpio - ok 22:18:50.0324 6680 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 22:18:50.0386 6680 mpsdrv - ok 22:18:50.0469 6680 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll 22:18:50.0505 6680 MpsSvc - ok 22:18:50.0577 6680 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 22:18:50.0626 6680 MRxDAV - ok 22:18:50.0678 6680 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 22:18:50.0686 6680 mrxsmb - ok 22:18:50.0760 6680 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 22:18:50.0781 6680 mrxsmb10 - ok 22:18:50.0822 6680 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 22:18:50.0832 6680 mrxsmb20 - ok 22:18:50.0885 6680 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 22:18:50.0887 6680 msahci - ok 22:18:50.0941 6680 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 22:18:50.0955 6680 msdsm - ok 22:18:50.0994 6680 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 22:18:51.0041 6680 MSDTC - ok 22:18:51.0098 6680 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 22:18:51.0120 6680 Msfs - ok 22:18:51.0184 6680 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 22:18:51.0198 6680 mshidkmdf - ok 22:18:51.0237 6680 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 22:18:51.0241 6680 msisadrv - ok 22:18:51.0287 6680 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 22:18:51.0332 6680 MSiSCSI - ok 22:18:51.0336 6680 msiserver - ok 22:18:51.0387 6680 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 22:18:51.0442 6680 MSKSSRV - ok 22:18:51.0463 6680 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 22:18:51.0517 6680 MSPCLOCK - ok 22:18:51.0527 6680 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 22:18:51.0552 6680 MSPQM - ok 22:18:51.0622 6680 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 22:18:51.0637 6680 MsRPC - ok 22:18:51.0682 6680 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 22:18:51.0682 6680 mssmbios - ok 22:18:51.0827 6680 MSSQL$SQLEXPRESS - ok 22:18:51.0902 6680 MSSQLServerADHelper (1d89eb4e2a99cabd4e81225f4f4c4b25) c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe 22:18:51.0907 6680 MSSQLServerADHelper - ok 22:18:51.0937 6680 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 22:18:51.0973 6680 MSTEE - ok 22:18:52.0432 6680 msvsmon90 (0f4dd44765a7d23e0cd9965ee900558f) C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe 22:18:52.0542 6680 msvsmon90 - ok 22:18:52.0714 6680 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 22:18:52.0780 6680 MTConfig - ok 22:18:52.0795 6680 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 22:18:52.0809 6680 Mup - ok 22:18:52.0899 6680 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 22:18:52.0959 6680 napagent - ok 22:18:53.0038 6680 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 22:18:53.0094 6680 NativeWifiP - ok 22:18:53.0204 6680 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 22:18:53.0222 6680 NDIS - ok 22:18:53.0257 6680 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 22:18:53.0288 6680 NdisCap - ok 22:18:53.0313 6680 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 22:18:53.0334 6680 NdisTapi - ok 22:18:53.0386 6680 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 22:18:53.0428 6680 Ndisuio - ok 22:18:53.0489 6680 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 22:18:53.0503 6680 NdisWan - ok 22:18:53.0550 6680 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 22:18:53.0558 6680 NDProxy - ok 22:18:53.0721 6680 Nero BackItUp Scheduler 4.0 (b90e093e7a7250906f1054418b5339c0) c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe 22:18:53.0780 6680 Nero BackItUp Scheduler 4.0 - ok 22:18:53.0830 6680 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 22:18:53.0856 6680 NetBIOS - ok 22:18:53.0918 6680 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 22:18:53.0956 6680 NetBT - ok 22:18:54.0006 6680 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 22:18:54.0031 6680 Netlogon - ok 22:18:54.0101 6680 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 22:18:54.0156 6680 Netman - ok 22:18:54.0251 6680 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 22:18:54.0291 6680 NetMsmqActivator - ok 22:18:54.0306 6680 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 22:18:54.0321 6680 NetPipeActivator - ok 22:18:54.0381 6680 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 22:18:54.0391 6680 netprofm - ok 22:18:54.0396 6680 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 22:18:54.0416 6680 NetTcpActivator - ok 22:18:54.0421 6680 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 22:18:54.0431 6680 NetTcpPortSharing - ok 22:18:54.0528 6680 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 22:18:54.0579 6680 nfrd960 - ok 22:18:54.0651 6680 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 22:18:54.0685 6680 NlaSvc - ok 22:18:54.0726 6680 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 22:18:54.0746 6680 Npfs - ok 22:18:54.0794 6680 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 22:18:54.0797 6680 nsi - ok 22:18:54.0805 6680 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 22:18:54.0826 6680 nsiproxy - ok 22:18:55.0009 6680 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 22:18:55.0041 6680 Ntfs - ok 22:18:55.0127 6680 NTI IScheduleSvc (14e66f603fb187713aeb02ad3b0390cf) C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe 22:18:55.0135 6680 NTI IScheduleSvc - ok 22:18:55.0262 6680 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys 22:18:55.0283 6680 NTIDrvr - ok 22:18:55.0309 6680 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 22:18:55.0342 6680 Null - ok 22:18:55.0407 6680 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 22:18:55.0423 6680 nvraid - ok 22:18:55.0470 6680 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 22:18:55.0485 6680 nvstor - ok 22:18:55.0503 6680 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 22:18:55.0508 6680 nv_agp - ok 22:18:55.0608 6680 OberonGameConsoleService (3cdd83c8d838c04009b3871274b97d36) C:\Program Files (x86)\Packard Bell GameZone\GameConsole\OberonGameConsoleService.exe 22:18:55.0639 6680 OberonGameConsoleService - ok 22:18:55.0680 6680 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 22:18:55.0684 6680 ohci1394 - ok 22:18:55.0768 6680 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 22:18:55.0860 6680 ose - ok 22:18:56.0323 6680 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 22:18:56.0489 6680 osppsvc - ok 22:18:56.0645 6680 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 22:18:56.0705 6680 p2pimsvc - ok 22:18:56.0760 6680 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 22:18:56.0825 6680 p2psvc - ok 22:18:56.0875 6680 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 22:18:56.0900 6680 Parport - ok 22:18:56.0945 6680 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys 22:18:56.0960 6680 partmgr - ok 22:18:56.0990 6680 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 22:18:57.0020 6680 PcaSvc - ok 22:18:57.0078 6680 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 22:18:57.0082 6680 pci - ok 22:18:57.0123 6680 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 22:18:57.0127 6680 pciide - ok 22:18:57.0169 6680 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 22:18:57.0188 6680 pcmcia - ok 22:18:57.0213 6680 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 22:18:57.0228 6680 pcw - ok 22:18:57.0287 6680 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 22:18:57.0324 6680 PEAUTH - ok 22:18:57.0411 6680 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 22:18:57.0443 6680 PerfHost - ok 22:18:57.0668 6680 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 22:18:57.0713 6680 pla - ok 22:18:57.0799 6680 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 22:18:57.0818 6680 PlugPlay - ok 22:18:57.0847 6680 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 22:18:57.0890 6680 PNRPAutoReg - ok 22:18:57.0931 6680 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 22:18:57.0961 6680 PNRPsvc - ok 22:18:58.0054 6680 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 22:18:58.0086 6680 PolicyAgent - ok 22:18:58.0138 6680 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 22:18:58.0183 6680 Power - ok 22:18:58.0285 6680 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 22:18:58.0311 6680 PptpMiniport - ok 22:18:58.0336 6680 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 22:18:58.0376 6680 Processor - ok 22:18:58.0440 6680 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll 22:18:58.0471 6680 ProfSvc - ok 22:18:58.0516 6680 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 22:18:58.0546 6680 ProtectedStorage - ok 22:18:58.0645 6680 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 22:18:58.0659 6680 Psched - ok 22:18:58.0690 6680 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys 22:18:58.0693 6680 PxHlpa64 - ok 22:18:58.0817 6680 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 22:18:58.0848 6680 ql2300 - ok 22:18:58.0976 6680 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 22:18:59.0012 6680 ql40xx - ok 22:18:59.0056 6680 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 22:18:59.0086 6680 QWAVE - ok 22:18:59.0106 6680 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 22:18:59.0121 6680 QWAVEdrv - ok 22:18:59.0136 6680 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 22:18:59.0156 6680 RasAcd - ok 22:18:59.0201 6680 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 22:18:59.0221 6680 RasAgileVpn - ok 22:18:59.0246 6680 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 22:18:59.0276 6680 RasAuto - ok 22:18:59.0331 6680 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 22:18:59.0356 6680 Rasl2tp - ok 22:18:59.0426 6680 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 22:18:59.0446 6680 RasMan - ok 22:18:59.0481 6680 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 22:18:59.0511 6680 RasPppoe - ok 22:18:59.0536 6680 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 22:18:59.0551 6680 RasSstp - ok 22:18:59.0622 6680 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 22:18:59.0640 6680 rdbss - ok 22:18:59.0657 6680 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 22:18:59.0677 6680 rdpbus - ok 22:18:59.0690 6680 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 22:18:59.0706 6680 RDPCDD - ok 22:18:59.0738 6680 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 22:18:59.0753 6680 RDPENCDD - ok 22:18:59.0771 6680 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 22:18:59.0786 6680 RDPREFMP - ok 22:18:59.0841 6680 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys 22:18:59.0872 6680 RDPWD - ok 22:18:59.0943 6680 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 22:18:59.0959 6680 rdyboost - ok 22:18:59.0991 6680 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 22:19:00.0009 6680 RemoteAccess - ok 22:19:00.0053 6680 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 22:19:00.0100 6680 RemoteRegistry - ok 22:19:00.0171 6680 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys 22:19:00.0183 6680 RFCOMM - ok 22:19:00.0214 6680 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 22:19:00.0254 6680 RpcEptMapper - ok 22:19:00.0279 6680 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 22:19:00.0287 6680 RpcLocator - ok 22:19:00.0368 6680 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 22:19:00.0375 6680 RpcSs - ok 22:19:00.0424 6680 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 22:19:00.0452 6680 rspndr - ok 22:19:00.0512 6680 RTHDMIAzAudService (7421a35c45484b95e83b5e9e107cefc2) C:\Windows\system32\drivers\RtHDMIVX.sys 22:19:00.0521 6680 RTHDMIAzAudService - ok 22:19:00.0558 6680 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 22:19:00.0585 6680 SamSs - ok 22:19:00.0635 6680 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 22:19:00.0650 6680 sbp2port - ok 22:19:00.0697 6680 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 22:19:00.0728 6680 SCardSvr - ok 22:19:00.0782 6680 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 22:19:00.0802 6680 scfilter - ok 22:19:00.0938 6680 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 22:19:00.0970 6680 Schedule - ok 22:19:01.0026 6680 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 22:19:01.0040 6680 SCPolicySvc - ok 22:19:01.0103 6680 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 22:19:01.0126 6680 SDRSVC - ok 22:19:01.0192 6680 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 22:19:01.0224 6680 secdrv - ok 22:19:01.0270 6680 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 22:19:01.0290 6680 seclogon - ok 22:19:01.0322 6680 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll 22:19:01.0363 6680 SENS - ok 22:19:01.0376 6680 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 22:19:01.0407 6680 SensrSvc - ok 22:19:01.0447 6680 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 22:19:01.0479 6680 Serenum - ok 22:19:01.0513 6680 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 22:19:01.0540 6680 Serial - ok 22:19:01.0581 6680 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 22:19:01.0585 6680 sermouse - ok 22:19:01.0651 6680 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 22:19:01.0666 6680 SessionEnv - ok 22:19:01.0711 6680 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 22:19:01.0716 6680 sffdisk - ok 22:19:01.0731 6680 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 22:19:01.0751 6680 sffp_mmc - ok 22:19:01.0766 6680 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 22:19:01.0771 6680 sffp_sd - ok 22:19:01.0796 6680 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 22:19:01.0841 6680 sfloppy - ok 22:19:01.0911 6680 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 22:19:01.0956 6680 SharedAccess - ok 22:19:02.0041 6680 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 22:19:02.0071 6680 ShellHWDetection - ok 22:19:02.0100 6680 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 22:19:02.0124 6680 SiSRaid2 - ok 22:19:02.0150 6680 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 22:19:02.0178 6680 SiSRaid4 - ok 22:19:02.0282 6680 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files (x86)\Skype\Updater\Updater.exe 22:19:02.0301 6680 SkypeUpdate - ok 22:19:02.0355 6680 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 22:19:02.0394 6680 Smb - ok 22:19:02.0440 6680 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 22:19:02.0466 6680 SNMPTRAP - ok 22:19:02.0570 6680 SolidWorks Licensing Service (4945020bc094c322571184a6e8056b3a) C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe 22:19:02.0573 6680 SolidWorks Licensing Service - ok 22:19:02.0603 6680 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 22:19:02.0626 6680 spldr - ok 22:19:02.0717 6680 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 22:19:02.0738 6680 Spooler - ok 22:19:03.0063 6680 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 22:19:03.0140 6680 sppsvc - ok 22:19:03.0272 6680 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 22:19:03.0280 6680 sppuinotify - ok 22:19:03.0420 6680 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys 22:19:03.0420 6680 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb 22:19:03.0422 6680 sptd ( LockedFile.Multi.Generic ) - warning 22:19:03.0422 6680 sptd - detected LockedFile.Multi.Generic (1) 22:19:03.0556 6680 SQLBrowser (86ebd8b1f23e743aad21f4d5b4d40985) c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe 22:19:03.0573 6680 SQLBrowser - ok 22:19:03.0652 6680 SQLWriter (3c432a96363097870995e2a3c8b66abd) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe 22:19:03.0658 6680 SQLWriter - ok 22:19:03.0848 6680 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 22:19:03.0856 6680 srv - ok 22:19:03.0900 6680 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 22:19:03.0908 6680 srv2 - ok 22:19:03.0972 6680 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS 22:19:04.0007 6680 SrvHsfHDA - ok 22:19:04.0155 6680 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS 22:19:04.0200 6680 SrvHsfV92 - ok 22:19:04.0400 6680 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS 22:19:04.0430 6680 SrvHsfWinac - ok 22:19:04.0495 6680 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 22:19:04.0500 6680 srvnet - ok 22:19:04.0555 6680 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 22:19:04.0600 6680 SSDPSRV - ok 22:19:04.0623 6680 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 22:19:04.0662 6680 SstpSvc - ok 22:19:04.0792 6680 StatusAgent4 (773940b8d50439391ffa619b3eef01a3) C:\Windows\SysWOW64\SAgent4.exe 22:19:04.0801 6680 StatusAgent4 - ok 22:19:04.0839 6680 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 22:19:04.0860 6680 stexstor - ok 22:19:04.0958 6680 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 22:19:04.0996 6680 stisvc - ok 22:19:05.0071 6680 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 22:19:05.0103 6680 swenum - ok 22:19:05.0164 6680 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 22:19:05.0210 6680 swprv - ok 22:19:05.0396 6680 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 22:19:05.0446 6680 SysMain - ok 22:19:05.0575 6680 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 22:19:05.0582 6680 TabletInputService - ok 22:19:05.0646 6680 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 22:19:05.0658 6680 TapiSrv - ok 22:19:05.0689 6680 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 22:19:05.0718 6680 TBS - ok 22:19:05.0936 6680 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys 22:19:05.0981 6680 Tcpip - ok 22:19:06.0300 6680 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys 22:19:06.0334 6680 TCPIP6 - ok 22:19:06.0520 6680 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 22:19:06.0536 6680 tcpipreg - ok 22:19:06.0574 6680 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 22:19:06.0606 6680 TDPIPE - ok 22:19:06.0654 6680 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 22:19:06.0674 6680 TDTCP - ok 22:19:06.0729 6680 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 22:19:06.0739 6680 tdx - ok 22:19:06.0794 6680 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 22:19:06.0799 6680 TermDD - ok 22:19:06.0894 6680 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 22:19:06.0919 6680 TermService - ok 22:19:06.0954 6680 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 22:19:06.0974 6680 Themes - ok 22:19:06.0994 6680 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 22:19:06.0999 6680 THREADORDER - ok 22:19:07.0019 6680 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 22:19:07.0039 6680 TrkWks - ok 22:19:07.0109 6680 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 22:19:07.0129 6680 TrustedInstaller - ok 22:19:07.0181 6680 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 22:19:07.0200 6680 tssecsrv - ok 22:19:07.0248 6680 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 22:19:07.0267 6680 TsUsbFlt - ok 22:19:07.0345 6680 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 22:19:07.0359 6680 tunnel - ok 22:19:07.0398 6680 TurboB (825e7a1f48fb8bcfba27c178aab4e275) C:\Windows\system32\DRIVERS\TurboB.sys 22:19:07.0420 6680 TurboB - ok 22:19:07.0477 6680 TurboBoost (b206be1174d5964d49a56bb6c4e0524a) C:\Program Files\Intel\TurboBoost\TurboBoost.exe 22:19:07.0491 6680 TurboBoost - ok 22:19:07.0522 6680 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 22:19:07.0551 6680 uagp35 - ok 22:19:07.0589 6680 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys 22:19:07.0601 6680 UBHelper - ok 22:19:07.0672 6680 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 22:19:07.0692 6680 udfs - ok 22:19:07.0736 6680 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 22:19:07.0741 6680 UI0Detect - ok 22:19:07.0788 6680 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 22:19:07.0791 6680 uliagpkx - ok 22:19:07.0843 6680 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys 22:19:07.0862 6680 umbus - ok 22:19:07.0893 6680 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 22:19:07.0915 6680 UmPass - ok 22:19:08.0188 6680 UNS (765f2dd351ba064f657751d8d75e58c0) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe 22:19:08.0221 6680 UNS - ok 22:19:08.0322 6680 Updater Service (70dde3a86dbeb1d6c3c30ad687b1877a) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe 22:19:08.0335 6680 Updater Service - ok 22:19:08.0482 6680 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 22:19:08.0503 6680 upnphost - ok 22:19:08.0569 6680 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 22:19:08.0575 6680 usbccgp - ok 22:19:08.0639 6680 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 22:19:08.0644 6680 usbcir - ok 22:19:08.0669 6680 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys 22:19:08.0675 6680 usbehci - ok 22:19:08.0740 6680 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

da GERONIMO* » mer mag 23, 2012 9:32 pm

quel file e leggittimo appartiene a demon tools

dimmi una cosa in modalità provvisoria pure ti va in blu screen?

da **ivan92** » gio mag 24, 2012 4:34 pm

non ho ancora provato ...anche perché va in crash a random

da GERONIMO* » gio mag 24, 2012 7:45 pm

appunto chiedevo,in modo da poter svolgere operazioni

da **ivan92** » ven mag 25, 2012 3:54 pm

ho provato, ma non ha dato problemi

da GERONIMO* » ven mag 25, 2012 6:12 pm

ok
vediamo se ci sono virus

entra in modalità provvisoria con rete
Scarica ComboFix:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
assicurati che venga salvato sul Desktop

Molto Importante
disattiva l'Antivirus in uso
disattiva il Firewall
chiudi tutti i programmi aperti

lancia ComboFix con tasto destro del mouse su Comfofix e scegli Esegui come amministratore
segui le istruzioni di combofix,se vengono rilasciati dei messaggi durante la scansione Riguardo all' Antivirus
ignorali prosegui
se viene richiesta l'installazione della Console di ripristino :clicca su NO
senza eseguire nessuna altra operazione sul pc, lascia che ComboFix completi la scansione non usare ne anche il mouse
altrimenti potrebbe Bloccarsi il Pc
Quando ComboFix avrà concluso la scansione:
probabilmente il sistema verrà riavviato automaticamente:
vai in Disco Locale C:, cerca il file di testo dal nome ComboFix.txt e postalo sul forum

da **ivan92** » lun mag 28, 2012 4:15 pm

scusa se ho risposto adesso ma nel weekend non ho proprio acceso il computer...comunque in modalità provvisoria non so perché ma nonostante avessi chiuso tutti i processi riguardanti l'antivirus, combofix mi diceva che stava ancora andando...così ho fatto la scansione in modalità normale..
qui il report:

Codice: Seleziona tutto: ComboFix 12-05-28.01 - Ivan 28/05/2012 16:54:45.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.39.1040.18.3956.2672 [GMT 2:00] Eseguito da: c:\users\Ivan\Desktop\ComboFix.exe AV: Kaspersky Internet Security *Disabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06} FW: Kaspersky Internet Security *Disabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D} SP: Kaspersky Internet Security *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Creato nuovo punto di ripristino . . ((((((((((((((((((((((((((((((((((((( Altre eliminazioni ))))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\Common Files\packardbell.ico c:\programdata\FullRemove.exe c:\users\Ivan\AppData\Roaming\.# c:\windows\SysWow64\html c:\windows\SysWow64\html\calendar.html c:\windows\SysWow64\html\calendarbottom.html c:\windows\SysWow64\html\calendartop.html c:\windows\SysWow64\html\crystalexportdialog.htm c:\windows\SysWow64\html\crystalprinthost.html c:\windows\SysWow64\images c:\windows\SysWow64\images\toolbar\calendar.gif c:\windows\SysWow64\images\toolbar\crlogo.gif c:\windows\SysWow64\images\toolbar\export.gif c:\windows\SysWow64\images\toolbar\export_over.gif c:\windows\SysWow64\images\toolbar\exportd.gif c:\windows\SysWow64\images\toolbar\First.gif c:\windows\SysWow64\images\toolbar\first_over.gif c:\windows\SysWow64\images\toolbar\Firstd.gif c:\windows\SysWow64\images\toolbar\gotopage.gif c:\windows\SysWow64\images\toolbar\gotopage_over.gif c:\windows\SysWow64\images\toolbar\gotopaged.gif c:\windows\SysWow64\images\toolbar\grouptree.gif c:\windows\SysWow64\images\toolbar\grouptree_over.gif c:\windows\SysWow64\images\toolbar\grouptreed.gif c:\windows\SysWow64\images\toolbar\grouptreepressed.gif c:\windows\SysWow64\images\toolbar\Last.gif c:\windows\SysWow64\images\toolbar\last_over.gif c:\windows\SysWow64\images\toolbar\Lastd.gif c:\windows\SysWow64\images\toolbar\Next.gif c:\windows\SysWow64\images\toolbar\next_over.gif c:\windows\SysWow64\images\toolbar\Nextd.gif c:\windows\SysWow64\images\toolbar\Prev.gif c:\windows\SysWow64\images\toolbar\prev_over.gif c:\windows\SysWow64\images\toolbar\Prevd.gif c:\windows\SysWow64\images\toolbar\print.gif c:\windows\SysWow64\images\toolbar\print_over.gif c:\windows\SysWow64\images\toolbar\printd.gif c:\windows\SysWow64\images\toolbar\Refresh.gif c:\windows\SysWow64\images\toolbar\refresh_over.gif c:\windows\SysWow64\images\toolbar\refreshd.gif c:\windows\SysWow64\images\toolbar\Search.gif c:\windows\SysWow64\images\toolbar\search_over.gif c:\windows\SysWow64\images\toolbar\searchd.gif c:\windows\SysWow64\images\toolbar\up.gif c:\windows\SysWow64\images\toolbar\up_over.gif c:\windows\SysWow64\images\toolbar\upd.gif c:\windows\SysWow64\images\tree\begindots.gif c:\windows\SysWow64\images\tree\beginminus.gif c:\windows\SysWow64\images\tree\beginplus.gif c:\windows\SysWow64\images\tree\blank.gif c:\windows\SysWow64\images\tree\blankdots.gif c:\windows\SysWow64\images\tree\dots.gif c:\windows\SysWow64\images\tree\lastdots.gif c:\windows\SysWow64\images\tree\lastminus.gif c:\windows\SysWow64\images\tree\lastplus.gif c:\windows\SysWow64\images\tree\Magnify.gif c:\windows\SysWow64\images\tree\minus.gif c:\windows\SysWow64\images\tree\minusbox.gif c:\windows\SysWow64\images\tree\plus.gif c:\windows\SysWow64\images\tree\plusbox.gif c:\windows\SysWow64\images\tree\singleminus.gif c:\windows\SysWow64\images\tree\singleplus.gif . . ((((((((((((((((((((((((( Files Creati Da 2012-04-28 al 2012-05-28 ))))))))))))))))))))))))))))))))))) . . 2012-05-28 15:05 . 2012-05-28 15:05 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-05-28 14:22 . 2012-05-28 14:22 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C37E8889-3D9F-409B-BDD6-83724D9940CD}\offreg.dll 2012-05-25 15:58 . 2012-05-08 17:02 8955792 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C37E8889-3D9F-409B-BDD6-83724D9940CD}\mpengine.dll 2012-05-23 19:30 . 2012-05-23 19:30 -------- d-----w- c:\program files\WhoCrashed 2012-05-21 20:08 . 2012-05-21 20:08 -------- d-----w- C:\found.000 2012-05-19 12:33 . 2012-05-19 12:33 -------- d-----w- C:\Microgaming 2012-05-19 12:33 . 2012-05-19 17:21 -------- d-----w- c:\programdata\MGS 2012-05-12 19:24 . 2012-05-12 19:24 -------- d-----w- c:\program files\Microsoft Silverlight 2012-05-12 19:24 . 2012-05-12 19:24 -------- d-----w- c:\program files (x86)\Microsoft Silverlight 2012-05-11 17:32 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll 2012-05-11 17:32 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll 2012-05-11 17:32 . 2012-03-31 06:05 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-11 17:32 . 2012-03-31 03:10 3146240 ----a-w- c:\windows\system32\win32k.sys 2012-05-11 17:32 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-05-11 17:32 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-05-11 17:29 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys 2012-05-11 17:28 . 2012-03-30 11:35 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-05-11 17:28 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL 2012-05-11 17:28 . 2012-03-31 05:40 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll 2012-05-11 17:28 . 2012-03-31 05:40 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll 2012-05-11 17:28 . 2012-03-31 05:40 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll 2012-05-11 17:28 . 2012-03-31 04:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll 2012-05-09 17:11 . 2012-05-09 17:11 -------- d-----w- c:\users\Ivan\AppData\Local\DDMSettings 2012-05-06 14:33 . 2012-05-06 14:33 -------- d-----w- c:\windows\system32\Macromed 2012-05-06 14:33 . 2012-05-06 14:33 8769696 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe 2012-05-05 13:02 . 2012-05-06 14:34 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-05-06 14:34 . 2011-05-19 18:09 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-03-22 19:12 . 2012-03-22 19:12 4435968 ----a-w- c:\windows\SysWow64\GPhotos.scr 2012-03-01 06:46 . 2012-04-13 20:07 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys 2012-03-01 06:38 . 2012-04-13 20:07 220672 ----a-w- c:\windows\system32\wintrust.dll 2012-03-01 06:33 . 2012-04-13 20:07 81408 ----a-w- c:\windows\system32\imagehlp.dll 2012-03-01 06:28 . 2012-04-13 20:07 5120 ----a-w- c:\windows\system32\wmi.dll 2012-03-01 05:37 . 2012-04-13 20:07 172544 ----a-w- c:\windows\SysWow64\wintrust.dll 2012-03-01 05:33 . 2012-04-13 20:07 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll 2012-03-01 05:29 . 2012-04-13 20:07 5120 ----a-w- c:\windows\SysWow64\wmi.dll . . ((((((((((((((((((((((((((((((((((((( Punti Reg Caricati )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* i valori vuoti & legittimi/default non sono visualizzati. REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\Ivan\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\Ivan\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\Ivan\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-11-05 39408] "ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 221184] "MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240] "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-02-29 17148552] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" [2009-09-24 262912] "AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" [2010-10-09 352976] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-01-04 336384] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] "SSBkgdUpdate"="c:\program files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472] "ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 81920] "DNS7reminder"="c:\program files (x86)\Nuance\NaturallySpeaking10\Ereg\Ereg.exe" [2007-04-16 259624] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ YouTube Uploader for CASIO.lnk - c:\program files (x86)\CASIO\YouTube Uploader for CASIO\YStart.exe [2009-7-16 80320] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~2\KASPER~1\KASPER~1\mzvkbd3.dll c:\progra~2\KASPER~1\KASPER~1\sbhook.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Servizio di Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-29 135664] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-06 257696] R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x] R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\androidusb.sys [x] R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-12-09 1431888] R3 gupdatem;Servizio Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-29 135664] R3 hcw95bda;Hauppauge MOD7700 Tuner Driver;c:\windows\system32\Drivers\hcw95bda.sys [x] R3 hcw95rc;Hauppauge MOD7700 IR Driver;c:\windows\system32\DRIVERS\hcw95rc.sys [x] R3 OberonGameConsoleService;Oberon Media Game Console service;c:\program files (x86)\Packard Bell GameZone\GameConsole\OberonGameConsoleService.exe [2009-08-29 44312] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x] R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x] R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe [2009-11-02 126352] R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x] R3 WSDPrintDevice;Supporto stampa WSD via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x] R3 WSDScan;Supporto digitalizzazione WSD tramite UMB;c:\windows\system32\DRIVERS\WSDScan.sys [x] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x] S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [x] S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [x] S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [x] S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048] S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-12-08 169312] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x] S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656] S2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x64.sys [x] S2 ePowerSvc;Acer ePower Service;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2009-09-30 844320] S2 Greg_Service;GRegService;c:\program files (x86)\Packard Bell\Registration\GregHSRW.exe [2009-08-28 1150496] S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [2009-09-24 62720] S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x] S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2320920] S2 Updater Service;Updater Service;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2009-07-04 240160] S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x] S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x] S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x] S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [x] S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [x] S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] . . --- Altri Servizi/Drivers In Memoria --- . *NewlyCreated* - WS2IFSL . Contenuto della cartella 'Scheduled Tasks' . 2012-05-28 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 14:34] . 2012-05-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-29 02:00] . 2012-05-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-29 02:00] . 2012-05-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2240124292-2993643574-302598427-1000Core.job - c:\users\Ivan\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-29 02:00] . 2012-05-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2240124292-2993643574-302598427-1000UA.job - c:\users\Ivan\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-29 02:00] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 97792 ----a-w- c:\users\Ivan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 97792 ----a-w- c:\users\Ivan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 97792 ----a-w- c:\users\Ivan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 97792 ----a-w- c:\users\Ivan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-10-29 8312352] "Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-05-22 295936] "AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-07-22 323072] "PLFSetI"="c:\windows\PLFSetI.exe" [2009-11-20 200704] "Acer ePower Management"="c:\program files\Packard Bell\Packard Bell Power Management\ePowerTray.exe" [2009-09-30 823840] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x1 "AppInit_DLLs"=c:\progra~2\KASPER~1\KASPER~1\x64\kloehk.dll c:\progra~2\KASPER~1\KASPER~1\x64\sbhook64.dll . ------- Scansione supplementare ------- . uStart Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0410&m=easynote_tj75&r=27360910h2b6l0410z125f4431y718 uLocal Page = c:\windows\system32\blank.htm mStart Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0410&m=easynote_tj75&r=27360910h2b6l0410z125f4431y718 mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&sporta in Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000 IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000 IE: I&nvia a OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105 TCP: DhcpNameServer = 192.168.33.254 192.168.33.254 FF - ProfilePath - c:\users\Ivan\AppData\Roaming\Mozilla\Firefox\Profiles\ulbcv0v6.default\ . - - - - CHIAVI ORFANE RIMOSSE - - - - . Toolbar-Locked - (no file) Toolbar-Locked - (no file) . . . --------------------- CHIAVI DI REGISTRO BLOCCATE --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Ora fine scansione: 2012-05-28 17:11:17 ComboFix-quarantined-files.txt 2012-05-28 15:11 . Pre-Run: 219.522.506.752 byte disponibili Post-Run: 219.870.294.016 byte disponibili . - - End Of File - - FB460268196AAA61DA21AD729F8C5052

da GERONIMO* » lun mag 28, 2012 6:13 pm

ciao
allora oltre quello gia rimosso da combofix,non vedo altro da rimuovere
ho visto che ci sono molti processi di programmi in esecuzione

fai queste operazioni
Clicca su Start > poi su tutti i programmi > poi su accessori> e quindi su Esegui
digita nell’apposita casella di testo il comando msconfig e dai OK

spostati sulla voce Avvio
deseleziona tutti i programmi che vedi nell'elenco che partino all’avvio.
tranne kaspersky
dai applica e ok
RIAVVIA IL PC

Poi
scarica HiJackThis
http://it.trendmicro.com/it/products/pe ... -services/
Installa HiJackThis
Lanciare Hijackthis in questo modo
tasto destro del mouse sull'icona di Hijackthis e scegliere
Esegui come amministratore per aprirlo
Immagine

cliccare sul pulsante Do a system scan and save a logfile
apparirà un log in formato documento di testo salva sul desktop
postalo sul forum

da **ivan92** » lun mag 28, 2012 8:27 pm

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:27:47, on 28/05/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\Ivan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ivan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ivan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ivan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Ivan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ivan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ivan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ivan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ivan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ivan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com/rdr.asp ... 5f4431y718
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com/rdr.asp ... 5f4431y718
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Guida per l'accesso a Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Aggiungi ad Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: I&nvia a OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Tastiera Virtuale - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: C&ontrollo URL - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Autodesk Content Service - Unknown owner - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Servizio Kaspersky Anti-Virus (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
O23 - Service: Servizio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HauppaugeTVServer - Hauppauge Computer Works - C:\PROGRA~2\WinTV\TVServer\HAUPPA~1.EXE
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files (x86)\Packard Bell GameZone\GameConsole\OberonGameConsoleService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Epson Printer Status Agent4 (StatusAgent4) - SEIKO EPSON CORPORATION - C:\Windows\SysWOW64\SAgent4.exe
O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service - Acer - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14917 bytes

da **The Doctor** » mar mag 29, 2012 7:38 am

Il LOG mi pare pulito [std]

da GERONIMO* » mar mag 29, 2012 11:13 am

si il log e ok [^]

dimmi una cosa possiedi il dvd di windows? in modo da poter riparare Ntoskrnl.exe

da **ivan92** » mar mag 29, 2012 1:01 pm

no ho la partizione di recovery, ma guarda, adesso appena ho un po di tempo,formatto tutto.
grazie infinite x l'aiuto

www.MegaLab.it

possibile problema virus o video

possibile problema virus o video

Re: possibile problema virus o video

Re: possibile problema virus o video

Re: possibile problema virus o video

Re: possibile problema virus o video

Re: possibile problema virus o video

Re: possibile problema virus o video

Re: possibile problema virus o video

Re: possibile problema virus o video

Re: possibile problema virus o video

Re: possibile problema virus o video

Re: possibile problema virus o video

Re: possibile problema virus o video

Re: possibile problema virus o video

Re: possibile problema virus o video

Re: possibile problema virus o video

Re: possibile problema virus o video

Re: possibile problema virus o video

Re: possibile problema virus o video

Re: possibile problema virus o video

Chi c’è in linea