www.MegaLab.it

[ernzac85]

Ho provato a spegnerlo col task manager ma niente...cioè, si avvia la procedura di spegnimento ma poi rimane tutto il tempo cosi..mi dice che si sta spegnendo ma non si spegne mai...

MBRCheck log

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows XP Professional
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000001d

Kernel Drivers (total 115):
0x804D7000 \WINDOWS\system32\ntoskrnl.exe
0x80700000 \WINDOWS\system32\hal.dll
0xF7D17000 \WINDOWS\system32\KDCOM.DLL
0xF7C27000 \WINDOWS\system32\BOOTVID.dll
0xF77C8000 ACPI.sys
0xF7D19000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xF77B7000 pci.sys
0xF7817000 isapnp.sys
0xF7DDF000 pciide.sys
0xF7A97000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xF7D1B000 viaide.sys
0xF7827000 MountMgr.sys
0xF7798000 ftdisk.sys
0xF7D1D000 dmload.sys
0xF7772000 dmio.sys
0xF7A9F000 PartMgr.sys
0xF7837000 VolSnap.sys
0xF775A000 atapi.sys
0xF7847000 disk.sys
0xF7857000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xF773A000 fltmgr.sys
0xF7728000 sr.sys
0xF7867000 PxHelp20.sys
0xF7711000 KSecDD.sys
0xF7684000 Ntfs.sys
0xF7657000 NDIS.sys
0xF7877000 uagp35.sys
0xF763D000 Mup.sys
0xF7967000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xF738D000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xF7374000 \SystemRoot\system32\DRIVERS\Rtenicxp.sys
0xF7B2F000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xF7350000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xF7B37000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xF7B3F000 \SystemRoot\system32\DRIVERS\fdc.sys
0xF733C000 \SystemRoot\system32\DRIVERS\parport.sys
0xF7977000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xF7B47000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xF7987000 \SystemRoot\system32\DRIVERS\serial.sys
0xF7CAF000 \SystemRoot\system32\DRIVERS\serenum.sys
0xF7997000 \SystemRoot\system32\DRIVERS\imapi.sys
0xF79A7000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xF79B7000 \SystemRoot\system32\DRIVERS\redbook.sys
0xF7319000 \SystemRoot\system32\DRIVERS\ks.sys
0xF7F2D000 \SystemRoot\system32\DRIVERS\audstub.sys
0xF79C7000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xF7CB7000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xF7302000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xF79D7000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xF79E7000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xF7B4F000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xF72F1000 \SystemRoot\system32\DRIVERS\psched.sys
0xF79F7000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xF7B57000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xF7B5F000 \SystemRoot\system32\DRIVERS\raspti.sys
0xF72C1000 \SystemRoot\system32\DRIVERS\rdpdr.sys
0xF7A07000 \SystemRoot\system32\DRIVERS\termdd.sys
0xF7B67000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xF7D27000 \SystemRoot\system32\DRIVERS\swenum.sys
0xF7263000 \SystemRoot\system32\DRIVERS\update.sys
0xF7CD3000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xF6D09000 \SystemRoot\system32\drivers\RtkHDAud.sys
0xF6CE5000 \SystemRoot\system32\drivers\portcls.sys
0xF7A37000 \SystemRoot\system32\drivers\drmk.sys
0xF7A47000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xF7A57000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xF7D2D000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xF7B77000 \SystemRoot\system32\DRIVERS\flpydisk.sys
0xF7D2F000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xF7E50000 \SystemRoot\System32\Drivers\Null.SYS
0xF7D31000 \SystemRoot\System32\Drivers\Beep.SYS
0xF7B8F000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xF7B97000 \SystemRoot\System32\drivers\vga.sys
0xF6C81000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0xF7D33000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xF7D35000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xF7B9F000 \SystemRoot\System32\Drivers\Msfs.SYS
0xF7BA7000 \SystemRoot\System32\Drivers\Npfs.SYS
0xF7C9F000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xF6C4E000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xF6BF5000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xF6BCD000 \SystemRoot\system32\DRIVERS\netbt.sys
0xF725B000 \SystemRoot\System32\drivers\ws2ifsl.sys
0xF6BA7000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xF7A77000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xF6B85000 \SystemRoot\System32\drivers\afd.sys
0xF7A87000 \SystemRoot\system32\DRIVERS\netbios.sys
0xF6B5A000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xF6AEA000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xF78A7000 \SystemRoot\System32\Drivers\Fips.SYS
0xF7BBF000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0xF6AA4000 \SystemRoot\System32\Drivers\usbvideo.sys
0xF6CDD000 \SystemRoot\system32\DRIVERS\hidusb.sys
0xF78C7000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0xF6CD5000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0xF78D7000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xF6A8C000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xF7D4B000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xF6CBD000 \SystemRoot\System32\drivers\Dxapi.sys
0xF7BE7000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xF7F19000 \SystemRoot\System32\drivers\dxgthk.sys
0xBFF50000 \SystemRoot\System32\framebuf.dll
0xBF012000 \SystemRoot\System32\ATMFD.DLL
0xF6CC1000 \??\C:\WINDOWS\system32\drivers\mbam.sys
0xF6267000 \SystemRoot\system32\drivers\wdmaud.sys
0xF6624000 \SystemRoot\system32\drivers\sysaudio.sys
0xF5DB2000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xF7D49000 \SystemRoot\System32\Drivers\ParVdm.SYS
0xF5E03000 \??\C:\WINDOWS\system32\drivers\EIO.sys
0xF5C1A000 \SystemRoot\system32\DRIVERS\srv.sys
0xF7D53000 \??\C:\Program Files\DU Meter\DUM_XP32.SYS
0xF574E000 \SystemRoot\System32\Drivers\HTTP.sys
0x7C900000 \WINDOWS\system32\ntdll.dll

Processes (total 40):
0 System Idle Process
4 System
576 C:\WINDOWS\system32\smss.exe
804 csrss.exe
844 C:\WINDOWS\system32\winlogon.exe
920 C:\WINDOWS\system32\services.exe
932 C:\WINDOWS\system32\lsass.exe
1136 C:\WINDOWS\system32\svchost.exe
1216 svchost.exe
1312 C:\WINDOWS\system32\svchost.exe
1360 svchost.exe
1472 svchost.exe
1620 C:\WINDOWS\system32\spoolsv.exe
2028 C:\WINDOWS\explorer.exe
744 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
752 C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe
764 C:\Program Files\CyberLink\Shared files\brs.exe
768 C:\WINDOWS\RTHDCPL.exe
888 C:\Program Files\Common Files\Java\Java Update\jusched.exe
1264 C:\WINDOWS\system32\ctfmon.exe
1408 C:\Program Files\Windows Desktop Search\WindowsSearch.exe
1800 C:\Program Files\DU Meter\DUMeter.exe
184 C:\Program Files\Mozilla Firefox\firefox.exe
964 svchost.exe
1276 C:\WINDOWS\system32\svchost.exe
1804 C:\Program Files\DU Meter\DUMeterSvc.exe
1948 C:\Program Files\Java\jre7\bin\jqs.exe
368 C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
1728 C:\Program Files\Skype\Updater\Updater.exe
2056 C:\WINDOWS\system32\svchost.exe
2208 C:\WINDOWS\system32\searchindexer.exe
2408 C:\Program Files\AVG\AVG PC Tuneup 2011\BoostSpeed.exe
2488 C:\WINDOWS\system32\wscntfy.exe
2492 C:\WINDOWS\system32\wuauclt.exe
3104 wmiprvse.exe
3216 C:\WINDOWS\system32\searchprotocolhost.exe
3400 alg.exe
3576 searchfilterhost.exe
2920 C:\Program Files\Mozilla Firefox\plugin-container.exe
2764 C:\Documents and Settings\Administrator\desktop\MBRCheck.exe

\\.\C: \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
\\.\D: \\.\PhysicalDrive0 at offset 0x00000009`c3dcd400 (NTFS)

PhysicalDrive0 Model Number: WDCWD800AAJS-00PSA0, Rev: 05.06H05

Size Device Name MBR Status
--------------------------------------------
74 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A


Done!

[GERONIMO*]

il log MBRCheck e pulito
credo che per il fatto che non si spenga sia un problema hardware,alimentatore o l hhd
hai eseguito il fix_

fai anche un controllo con questo tool
http://www.MegaLab.it/7137/crystaldiskinfo

[ernzac85]

Ora tdsskiller è partito: ho fatto lo scan e mi da tutt'ok!
I parametri dello scan però erano "system memory" "services and drivers" "boot sectors". Non c'era la spunta su "loaded modules" (per far questo mi chiede di riavviare).

Inoltre non c'era la spunta sulle additional options, ovvero "verify file digial signatures" e "detect TDLFS sile system". Va bene lo stesso così?

Detto questo, OTL e Avira continuano a non partire...fino ad ora sono quasi riuscito ad intallare solo ZoneAlarm. Dunque attualmente, per quanto posso capire, la mia protezione si riduce al firewall di windows (che me lo da tutt'ora attivo).

Per quanto riguarda lo spegnimento, ho provato questa procedura che però non ha dato risultati...

http://forum.webisland.net/f8/windows-x ... e-904.html

[GERONIMO*]

non ho capito bene qui
I parametri dello scan però erano "system memory" "services and drivers" "boot sectors". Non c'era la spunta su "loaded modules" (per far questo mi chiede di riavviare).

cosa ti esce in automatico cure o reboot

[GERONIMO*]

forse ci siamo tdsskiller ha trovato un probabile bootkit
mi puoi postare il log di tdsskiller?

[VincenzoGTA]

Poi occorrerebbe una bella pulizia al registro ed ai file inutili con ccleaner http://www.piriform.com/ccleaner/download/standard

In particolare in strumenti>avvio cancella tutte le voci tranne quela relativa all'antivirus

Durante l'installazione ci verrà chiesto di installare la Google toolbar (facoltativa, meglio non installarla)
Alla fine dell'installazione lasciamo la spunta su Esegui Ccleaner.

Clicchiamo su Avanzate
togliamo la spunta alla voce Cancella file in Windows Temp solo se più vecchi di 24 ore
togliamo la spunta alla voce Chiedi se salvare un backup dei problemi del registro
togliamo la spunta alla voce chiudi il programma dopo la pulizia

Clicchiamo nel menù a sinistra su Pulizia:
Windows
Internet explorer
spuntiamo tutte le voci e
confermiamo con OK se riceviamo avviso di conferma.
Esplora risorse
Spuntiamo tutte le voci
Sistema
Spuntiamo tutte le voci
Avanzate
Spuntiamo le voci
Vecchi dati Prefetch e
File Log IIS
Cronologia Assistenza utente
confermiamo con OK se riceviamo avviso di conferma.

Clicchiamo su Applicazioni di fianco a Windows
spuntiamo tutte le voci presenti e
confermiamo con OK se riceviamo avviso di conferma.

Clicchiamo il pulsante in basso a sinistra Analizza,
attendiamo la fine dell'Analisi e
clicchiamo in basso a destra sul pulsante Avvia Pulizia

Terminata la pulizia, nel menù a sinistra, clicchiamo sul pulsante Registro
spuntiamo tutte le voci sulla sinistra e clicchiamo Trova Problemi
Al termine della scansione clicchiamo su Ripara selezionati.
Questo passaggio va ripetuto più volte, fino a quando non verranno più rilevati problemi da correggere.
Quando non verranno trovati più problemi, chiudiamo CCleaner.

Disinstalla anche il programma relativo a questa voce:
2408 C:\Program Files\AVG\AVG PC Tuneup 2011\BoostSpeed.exe

[ernzac85]

Report Tdsskiller

21:53:11.0593 2708 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
21:53:11.0906 2708 ============================================================
21:53:11.0906 2708 Current date / time: 2012/09/16 21:53:11.0906
21:53:11.0906 2708 SystemInfo:
21:53:11.0906 2708
21:53:11.0906 2708 OS Version: 5.1.2600 ServicePack: 3.0
21:53:11.0906 2708 Product type: Workstation
21:53:11.0906 2708 ComputerName: DC5740DF1176419
21:53:11.0906 2708 UserName: Administrator
21:53:11.0906 2708 Windows directory: C:\WINDOWS
21:53:11.0906 2708 System windows directory: C:\WINDOWS
21:53:11.0906 2708 Processor architecture: Intel x86
21:53:11.0906 2708 Number of processors: 1
21:53:11.0906 2708 Page size: 0x1000
21:53:11.0906 2708 Boot type: Normal boot
21:53:11.0906 2708 ============================================================
21:53:13.0015 2708 Drive \Device\Harddisk0\DR0 - Size: 0x12A1E0DE00 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
21:53:13.0015 2708 ============================================================
21:53:13.0015 2708 \Device\Harddisk0\DR0:
21:53:13.0015 2708 MBR partitions:
21:53:13.0015 2708 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4E1EDEC
21:53:13.0031 2708 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x4E1EE6A, BlocksNum 0x46EF657
21:53:13.0031 2708 ============================================================
21:53:13.0046 2708 D: <-> \Device\Harddisk0\DR0\Partition2
21:53:13.0078 2708 C: <-> \Device\Harddisk0\DR0\Partition1
21:53:13.0078 2708 ============================================================
21:53:13.0078 2708 Initialize success
21:53:13.0078 2708 ============================================================
21:53:15.0546 1732 ============================================================
21:53:15.0546 1732 Scan started
21:53:15.0546 1732 Mode: Manual;
21:53:15.0546 1732 ============================================================
21:53:16.0203 1732 ================ Scan system memory ========================
21:53:16.0203 1732 System memory - ok
21:53:16.0203 1732 ================ Scan services =============================
21:53:16.0312 1732 Abiosdsk - ok
21:53:16.0343 1732 abp480n5 - ok
21:53:16.0406 1732 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:53:16.0406 1732 ACPI - ok
21:53:16.0437 1732 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
21:53:16.0437 1732 ACPIEC - ok
21:53:16.0468 1732 adpu160m - ok
21:53:16.0500 1732 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
21:53:16.0515 1732 aec - ok
21:53:16.0546 1732 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
21:53:16.0546 1732 AFD - ok
21:53:16.0562 1732 Aha154x - ok
21:53:16.0593 1732 aic78u2 - ok
21:53:16.0593 1732 aic78xx - ok
21:53:16.0609 1732 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
21:53:16.0625 1732 Alerter - ok
21:53:16.0640 1732 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
21:53:16.0640 1732 ALG - ok
21:53:16.0671 1732 AliIde - ok
21:53:16.0687 1732 amsint - ok
21:53:16.0734 1732 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
21:53:16.0734 1732 AppMgmt - ok
21:53:16.0750 1732 asc - ok
21:53:16.0781 1732 asc3350p - ok
21:53:16.0796 1732 asc3550 - ok
21:53:16.0906 1732 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
21:53:16.0921 1732 aspnet_state - ok
21:53:16.0953 1732 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:53:16.0953 1732 AsyncMac - ok
21:53:17.0000 1732 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
21:53:17.0000 1732 atapi - ok
21:53:17.0015 1732 Atdisk - ok
21:53:17.0046 1732 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:53:17.0046 1732 Atmarpc - ok
21:53:17.0078 1732 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
21:53:17.0078 1732 AudioSrv - ok
21:53:17.0109 1732 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
21:53:17.0109 1732 audstub - ok
21:53:17.0156 1732 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
21:53:17.0156 1732 Beep - ok
21:53:17.0187 1732 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
21:53:17.0203 1732 BITS - ok
21:53:17.0250 1732 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
21:53:17.0250 1732 Browser - ok
21:53:17.0281 1732 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
21:53:17.0296 1732 cbidf2k - ok
21:53:17.0328 1732 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
21:53:17.0328 1732 CCDECODE - ok
21:53:17.0343 1732 cd20xrnt - ok
21:53:17.0390 1732 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
21:53:17.0390 1732 Cdaudio - ok
21:53:17.0421 1732 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
21:53:17.0421 1732 Cdfs - ok
21:53:17.0453 1732 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:53:17.0453 1732 Cdrom - ok
21:53:17.0468 1732 Changer - ok
21:53:17.0500 1732 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
21:53:17.0500 1732 CiSvc - ok
21:53:17.0546 1732 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
21:53:17.0546 1732 ClipSrv - ok
21:53:17.0578 1732 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:53:17.0593 1732 clr_optimization_v2.0.50727_32 - ok
21:53:17.0687 1732 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:53:17.0687 1732 clr_optimization_v4.0.30319_32 - ok
21:53:17.0703 1732 CmdIde - ok
21:53:17.0750 1732 Cpqarray - ok
21:53:18.0000 1732 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
21:53:18.0015 1732 CryptSvc - ok
21:53:18.0015 1732 dac2w2k - ok
21:53:18.0046 1732 dac960nt - ok
21:53:18.0093 1732 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
21:53:18.0093 1732 DcomLaunch - ok
21:53:18.0140 1732 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
21:53:18.0140 1732 Dhcp - ok
21:53:18.0171 1732 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
21:53:18.0171 1732 Disk - ok
21:53:18.0187 1732 dmadmin - ok
21:53:18.0234 1732 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
21:53:18.0265 1732 dmboot - ok
21:53:18.0281 1732 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
21:53:18.0281 1732 dmio - ok
21:53:18.0312 1732 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
21:53:18.0312 1732 dmload - ok
21:53:18.0359 1732 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
21:53:18.0359 1732 dmserver - ok
21:53:18.0390 1732 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
21:53:18.0390 1732 DMusic - ok
21:53:18.0437 1732 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
21:53:18.0437 1732 Dnscache - ok
21:53:18.0484 1732 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
21:53:18.0484 1732 Dot3svc - ok
21:53:18.0500 1732 dpti2o - ok
21:53:18.0546 1732 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
21:53:18.0546 1732 drmkaud - ok
21:53:18.0625 1732 [ 43605AC698961377384B7C5D28E5B667 ] DUMeterDrv C:\Program Files\DU Meter\DUM_XP32.SYS
21:53:18.0625 1732 DUMeterDrv - ok
21:53:18.0640 1732 DUMeterSvc - ok
21:53:18.0687 1732 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
21:53:18.0687 1732 EapHost - ok
21:53:18.0750 1732 [ 0DAF3544804650526751C478AECCCE63 ] EIO C:\WINDOWS\system32\drivers\EIO.sys
21:53:18.0750 1732 EIO - ok
21:53:18.0796 1732 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
21:53:18.0796 1732 ERSvc - ok
21:53:18.0828 1732 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
21:53:18.0828 1732 Eventlog - ok
21:53:18.0875 1732 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
21:53:18.0875 1732 EventSystem - ok
21:53:18.0921 1732 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
21:53:18.0921 1732 Fastfat - ok
21:53:18.0968 1732 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
21:53:18.0984 1732 FastUserSwitchingCompatibility - ok
21:53:19.0000 1732 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
21:53:19.0000 1732 Fdc - ok
21:53:19.0031 1732 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
21:53:19.0031 1732 Fips - ok
21:53:19.0062 1732 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
21:53:19.0062 1732 Flpydisk - ok
21:53:19.0093 1732 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
21:53:19.0093 1732 FltMgr - ok
21:53:19.0156 1732 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
21:53:19.0156 1732 FontCache3.0.0.0 - ok
21:53:19.0187 1732 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:53:19.0187 1732 Fs_Rec - ok
21:53:19.0218 1732 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:53:19.0218 1732 Ftdisk - ok
21:53:19.0265 1732 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:53:19.0265 1732 Gpc - ok
21:53:19.0328 1732 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
21:53:19.0328 1732 gupdate - ok
21:53:19.0343 1732 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
21:53:19.0343 1732 gupdatem - ok
21:53:19.0390 1732 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
21:53:19.0390 1732 HDAudBus - ok
21:53:19.0453 1732 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
21:53:19.0453 1732 helpsvc - ok
21:53:19.0468 1732 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
21:53:19.0484 1732 HidServ - ok
21:53:19.0515 1732 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:53:19.0515 1732 HidUsb - ok
21:53:19.0562 1732 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
21:53:19.0562 1732 hkmsvc - ok
21:53:19.0578 1732 hpn - ok
21:53:19.0625 1732 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
21:53:19.0625 1732 HTTP - ok
21:53:19.0671 1732 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
21:53:19.0671 1732 HTTPFilter - ok
21:53:19.0703 1732 i2omgmt - ok
21:53:19.0718 1732 i2omp - ok
21:53:19.0765 1732 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
21:53:19.0765 1732 i8042prt - ok
21:53:19.0843 1732 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:53:19.0875 1732 idsvc - ok
21:53:19.0906 1732 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
21:53:19.0906 1732 Imapi - ok
21:53:19.0953 1732 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
21:53:19.0953 1732 ImapiService - ok
21:53:19.0984 1732 ini910u - ok
21:53:20.0125 1732 [ C464CF7A58C011A70188602B55C64E99 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
21:53:20.0171 1732 IntcAzAudAddService - ok
21:53:20.0187 1732 IntelIde - ok
21:53:20.0234 1732 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
21:53:20.0234 1732 intelppm - ok
21:53:20.0250 1732 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
21:53:20.0250 1732 Ip6Fw - ok
21:53:20.0281 1732 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:53:20.0281 1732 IpFilterDriver - ok
21:53:20.0328 1732 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:53:20.0328 1732 IpInIp - ok
21:53:20.0359 1732 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:53:20.0359 1732 IpNat - ok
21:53:20.0375 1732 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:53:20.0375 1732 IPSec - ok
21:53:20.0406 1732 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
21:53:20.0406 1732 IRENUM - ok
21:53:20.0453 1732 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:53:20.0453 1732 isapnp - ok
21:53:20.0531 1732 [ A12175F063302CD68F8FC6D572D7E5FD ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
21:53:20.0531 1732 JavaQuickStarterService - ok
21:53:20.0578 1732 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:53:20.0578 1732 Kbdclass - ok
21:53:20.0609 1732 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
21:53:20.0609 1732 kbdhid - ok
21:53:20.0640 1732 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
21:53:20.0640 1732 kmixer - ok
21:53:20.0687 1732 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
21:53:20.0687 1732 KSecDD - ok
21:53:20.0718 1732 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
21:53:20.0734 1732 lanmanserver - ok
21:53:20.0796 1732 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
21:53:20.0796 1732 lanmanworkstation - ok
21:53:20.0812 1732 lbrtfdc - ok
21:53:20.0875 1732 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
21:53:20.0875 1732 LmHosts - ok
21:53:20.0906 1732 [ 65E794E86468B61F2BC79ABC48BC4433 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
21:53:20.0906 1732 MBAMProtector - ok
21:53:20.0953 1732 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
21:53:20.0968 1732 MBAMScheduler - ok
21:53:21.0015 1732 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
21:53:21.0031 1732 MBAMService - ok
21:53:21.0062 1732 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
21:53:21.0062 1732 Messenger - ok
21:53:21.0125 1732 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
21:53:21.0140 1732 Microsoft Office Groove Audit Service - ok
21:53:21.0171 1732 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
21:53:21.0171 1732 mnmdd - ok
21:53:21.0203 1732 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
21:53:21.0203 1732 mnmsrvc - ok
21:53:21.0234 1732 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
21:53:21.0250 1732 Modem - ok
21:53:21.0281 1732 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:53:21.0281 1732 Mouclass - ok
21:53:21.0312 1732 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:53:21.0312 1732 mouhid - ok
21:53:21.0343 1732 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
21:53:21.0343 1732 MountMgr - ok
21:53:21.0390 1732 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
21:53:21.0406 1732 MozillaMaintenance - ok
21:53:21.0421 1732 mraid35x - ok
21:53:21.0453 1732 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:53:21.0453 1732 MRxDAV - ok
21:53:21.0500 1732 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:53:21.0515 1732 MRxSmb - ok
21:53:21.0546 1732 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
21:53:21.0562 1732 MSDTC - ok
21:53:21.0593 1732 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
21:53:21.0609 1732 Msfs - ok
21:53:21.0609 1732 MSIServer - ok
21:53:21.0640 1732 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:53:21.0640 1732 MSKSSRV - ok
21:53:21.0671 1732 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:53:21.0671 1732 MSPCLOCK - ok
21:53:21.0703 1732 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
21:53:21.0703 1732 MSPQM - ok
21:53:21.0781 1732 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:53:21.0781 1732 mssmbios - ok
21:53:21.0828 1732 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
21:53:21.0828 1732 MSTEE - ok
21:53:21.0859 1732 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
21:53:21.0875 1732 Mup - ok
21:53:21.0906 1732 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
21:53:21.0906 1732 NABTSFEC - ok
21:53:21.0953 1732 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
21:53:21.0953 1732 napagent - ok
21:53:22.0000 1732 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
21:53:22.0000 1732 NDIS - ok
21:53:22.0031 1732 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
21:53:22.0031 1732 NdisIP - ok
21:53:22.0078 1732 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:53:22.0078 1732 NdisTapi - ok
21:53:22.0109 1732 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:53:22.0109 1732 Ndisuio - ok
21:53:22.0140 1732 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:53:22.0156 1732 NdisWan - ok
21:53:22.0187 1732 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
21:53:22.0187 1732 NDProxy - ok
21:53:22.0218 1732 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
21:53:22.0218 1732 NetBIOS - ok
21:53:22.0250 1732 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
21:53:22.0265 1732 NetBT - ok
21:53:22.0296 1732 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
21:53:22.0296 1732 NetDDE - ok
21:53:22.0328 1732 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
21:53:22.0328 1732 NetDDEdsdm - ok
21:53:22.0375 1732 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
21:53:22.0375 1732 Netlogon - ok
21:53:22.0406 1732 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
21:53:22.0421 1732 Netman - ok
21:53:22.0453 1732 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:53:22.0453 1732 NetTcpPortSharing - ok
21:53:22.0500 1732 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
21:53:22.0500 1732 Nla - ok
21:53:22.0546 1732 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
21:53:22.0546 1732 Npfs - ok
21:53:22.0609 1732 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
21:53:22.0625 1732 Ntfs - ok
21:53:22.0656 1732 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
21:53:22.0656 1732 NtLmSsp - ok
21:53:22.0687 1732 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
21:53:22.0703 1732 NtmsSvc - ok
21:53:22.0750 1732 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
21:53:22.0750 1732 Null - ok
21:53:22.0921 1732 [ CE34061A298BFB4EBD1A0BB8592DC977 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
21:53:23.0046 1732 nv - ok
21:53:23.0078 1732 [ 77ECDF9E3D43D4E86E85B73886992625 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
21:53:23.0093 1732 NVSvc - ok
21:53:23.0109 1732 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:53:23.0109 1732 NwlnkFlt - ok
21:53:23.0125 1732 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:53:23.0125 1732 NwlnkFwd - ok
21:53:23.0234 1732 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:53:23.0250 1732 odserv - ok
21:53:23.0500 1732 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:53:23.0500 1732 ose - ok
21:53:23.0531 1732 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
21:53:23.0531 1732 Parport - ok
21:53:23.0546 1732 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
21:53:23.0546 1732 PartMgr - ok
21:53:23.0578 1732 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
21:53:23.0578 1732 ParVdm - ok
21:53:23.0593 1732 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
21:53:23.0609 1732 PCI - ok
21:53:23.0609 1732 PCIDump - ok
21:53:23.0625 1732 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
21:53:23.0625 1732 PCIIde - ok
21:53:23.0640 1732 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
21:53:23.0656 1732 Pcmcia - ok
21:53:23.0656 1732 PDCOMP - ok
21:53:23.0656 1732 PDFRAME - ok
21:53:23.0671 1732 PDRELI - ok
21:53:23.0671 1732 PDRFRAME - ok
21:53:23.0687 1732 perc2 - ok
21:53:23.0687 1732 perc2hib - ok
21:53:23.0734 1732 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
21:53:23.0734 1732 PlugPlay - ok
21:53:23.0750 1732 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
21:53:23.0750 1732 PolicyAgent - ok
21:53:23.0765 1732 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:53:23.0765 1732 PptpMiniport - ok
21:53:23.0765 1732 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
21:53:23.0781 1732 ProtectedStorage - ok
21:53:23.0796 1732 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
21:53:23.0796 1732 PSched - ok
21:53:23.0812 1732 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:53:23.0812 1732 Ptilink - ok
21:53:23.0843 1732 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
21:53:23.0843 1732 PxHelp20 - ok
21:53:23.0843 1732 ql1080 - ok
21:53:23.0843 1732 Ql10wnt - ok
21:53:23.0859 1732 ql12160 - ok
21:53:23.0859 1732 ql1240 - ok
21:53:23.0875 1732 ql1280 - ok
21:53:23.0890 1732 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:53:23.0890 1732 RasAcd - ok
21:53:23.0906 1732 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
21:53:23.0906 1732 RasAuto - ok
21:53:23.0921 1732 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:53:23.0921 1732 Rasl2tp - ok
21:53:23.0937 1732 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
21:53:23.0953 1732 RasMan - ok
21:53:23.0968 1732 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:53:23.0968 1732 RasPppoe - ok
21:53:23.0968 1732 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
21:53:23.0968 1732 Raspti - ok
21:53:23.0984 1732 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:53:24.0000 1732 Rdbss - ok
21:53:24.0000 1732 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:53:24.0000 1732 RDPCDD - ok
21:53:24.0015 1732 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
21:53:24.0015 1732 rdpdr - ok
21:53:24.0046 1732 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
21:53:24.0437 1732 RDPWD - ok
21:53:24.0468 1732 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
21:53:24.0484 1732 RDSessMgr - ok
21:53:24.0500 1732 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
21:53:24.0515 1732 redbook - ok
21:53:24.0531 1732 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
21:53:24.0546 1732 RemoteAccess - ok
21:53:24.0562 1732 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
21:53:24.0562 1732 RemoteRegistry - ok
21:53:24.0593 1732 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
21:53:24.0593 1732 RpcLocator - ok
21:53:24.0625 1732 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
21:53:24.0625 1732 RpcSs - ok
21:53:24.0656 1732 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
21:53:24.0656 1732 RSVP - ok
21:53:24.0687 1732 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
21:53:24.0687 1732 rtl8139 - ok
21:53:24.0703 1732 [ 36ADA62330C31AD314E4A26B815FC485 ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
21:53:24.0703 1732 RTLE8023xp - ok
21:53:24.0718 1732 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
21:53:24.0734 1732 SamSs - ok
21:53:24.0750 1732 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
21:53:24.0750 1732 SCardSvr - ok
21:53:24.0812 1732 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
21:53:25.0187 1732 Schedule - ok
21:53:25.0218 1732 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:53:25.0218 1732 Secdrv - ok
21:53:25.0250 1732 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
21:53:25.0250 1732 seclogon - ok
21:53:25.0250 1732 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
21:53:25.0265 1732 SENS - ok
21:53:25.0281 1732 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
21:53:25.0281 1732 serenum - ok
21:53:25.0296 1732 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
21:53:25.0296 1732 Serial - ok
21:53:25.0328 1732 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
21:53:25.0328 1732 Sfloppy - ok
21:53:25.0359 1732 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
21:53:25.0359 1732 SharedAccess - ok
21:53:25.0375 1732 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
21:53:25.0390 1732 ShellHWDetection - ok
21:53:25.0390 1732 Simbad - ok
21:53:25.0421 1732 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
21:53:25.0421 1732 SkypeUpdate - ok
21:53:25.0453 1732 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
21:53:25.0453 1732 SLIP - ok
21:53:25.0453 1732 Sparrow - ok
21:53:25.0484 1732 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
21:53:25.0484 1732 splitter - ok
21:53:25.0515 1732 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
21:53:25.0515 1732 Spooler - ok
21:53:25.0531 1732 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
21:53:25.0546 1732 sr - ok
21:53:25.0906 1732 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
21:53:25.0921 1732 srservice - ok
21:53:25.0937 1732 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
21:53:25.0953 1732 Srv - ok
21:53:25.0968 1732 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
21:53:25.0984 1732 SSDPSRV - ok
21:53:26.0015 1732 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
21:53:26.0015 1732 stisvc - ok
21:53:26.0031 1732 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
21:53:26.0031 1732 streamip - ok
21:53:26.0046 1732 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
21:53:26.0046 1732 swenum - ok
21:53:26.0078 1732 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
21:53:26.0093 1732 swmidi - ok
21:53:26.0421 1732 SwPrv - ok
21:53:26.0437 1732 symc810 - ok
21:53:26.0437 1732 symc8xx - ok
21:53:26.0453 1732 sym_hi - ok
21:53:26.0453 1732 sym_u3 - ok
21:53:26.0515 1732 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
21:53:26.0515 1732 sysaudio - ok
21:53:26.0546 1732 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
21:53:26.0562 1732 SysmonLog - ok
21:53:26.0937 1732 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
21:53:26.0937 1732 TapiSrv - ok
21:53:26.0968 1732 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:53:26.0968 1732 Tcpip - ok
21:53:27.0000 1732 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
21:53:27.0000 1732 TDPIPE - ok
21:53:27.0000 1732 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
21:53:27.0000 1732 TDTCP - ok
21:53:27.0015 1732 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
21:53:27.0015 1732 TermDD - ok
21:53:27.0046 1732 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
21:53:27.0046 1732 TermService - ok
21:53:27.0390 1732 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
21:53:27.0406 1732 Themes - ok
21:53:27.0421 1732 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
21:53:27.0437 1732 TlntSvr - ok
21:53:27.0437 1732 TosIde - ok
21:53:27.0453 1732 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
21:53:27.0468 1732 TrkWks - ok
21:53:27.0484 1732 [ D85938F272D1BCF3DB3A31FC0A048928 ] uagp35 C:\WINDOWS\system32\DRIVERS\uagp35.sys
21:53:27.0484 1732 uagp35 - ok
21:53:27.0500 1732 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
21:53:27.0500 1732 Udfs - ok
21:53:27.0515 1732 ultra - ok
21:53:27.0531 1732 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
21:53:27.0546 1732 Update - ok
21:53:27.0578 1732 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
21:53:27.0593 1732 upnphost - ok
21:53:27.0609 1732 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
21:53:27.0609 1732 UPS - ok
21:53:27.0640 1732 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:53:27.0640 1732 usbccgp - ok
21:53:27.0671 1732 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:53:27.0671 1732 usbehci - ok
21:53:27.0687 1732 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:53:27.0687 1732 usbhub - ok
21:53:27.0718 1732 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:53:27.0718 1732 usbscan - ok
21:53:27.0750 1732 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:53:27.0750 1732 usbstor - ok
21:53:27.0765 1732 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
21:53:27.0765 1732 usbuhci - ok
21:53:27.0796 1732 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
21:53:27.0796 1732 usbvideo - ok
21:53:27.0812 1732 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
21:53:27.0812 1732 VgaSave - ok
21:53:27.0828 1732 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
21:53:27.0828 1732 ViaIde - ok
21:53:27.0843 1732 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
21:53:27.0859 1732 VolSnap - ok
21:53:27.0875 1732 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
21:53:27.0890 1732 VSS - ok
21:53:27.0921 1732 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
21:53:27.0921 1732 W32Time - ok
21:53:27.0953 1732 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:53:27.0953 1732 Wanarp - ok
21:53:27.0968 1732 WDICA - ok
21:53:27.0984 1732 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
21:53:27.0984 1732 wdmaud - ok
21:53:28.0000 1732 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
21:53:28.0000 1732 WebClient - ok
21:53:28.0046 1732 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
21:53:28.0062 1732 winmgmt - ok
21:53:28.0109 1732 [ 18F347402DA544A780949B8FDF83351B ] WinRM C:\WINDOWS\system32\WsmSvc.dll
21:53:28.0125 1732 WinRM - ok
21:53:28.0171 1732 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
21:53:28.0171 1732 WmdmPmSN - ok
21:53:28.0203 1732 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
21:53:28.0218 1732 Wmi - ok
21:53:28.0234 1732 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
21:53:28.0250 1732 WmiApSrv - ok
21:53:28.0312 1732 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
21:53:28.0328 1732 WMPNetworkSvc - ok
21:53:28.0406 1732 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
21:53:28.0421 1732 WPFFontCache_v0400 - ok
21:53:28.0453 1732 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
21:53:28.0453 1732 WS2IFSL - ok
21:53:28.0468 1732 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
21:53:28.0484 1732 wscsvc - ok
21:53:28.0484 1732 WSearch - ok
21:53:28.0500 1732 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
21:53:28.0500 1732 WSTCODEC - ok
21:53:28.0531 1732 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
21:53:28.0531 1732 wuauserv - ok
21:53:28.0562 1732 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
21:53:28.0562 1732 WudfPf - ok
21:53:28.0578 1732 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
21:53:28.0593 1732 WudfRd - ok
21:53:28.0609 1732 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
21:53:28.0625 1732 WudfSvc - ok
21:53:28.0656 1732 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
21:53:28.0812 1732 WZCSVC - ok
21:53:28.0875 1732 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
21:53:29.0000 1732 xmlprov - ok
21:53:29.0000 1732 ================ Scan global ===============================
21:53:29.0031 1732 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
21:53:29.0046 1732 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
21:53:29.0078 1732 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
21:53:29.0093 1732 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
21:53:29.0093 1732 [Global] - ok
21:53:29.0093 1732 ================ Scan MBR ==================================
21:53:29.0109 1732 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
21:53:29.0562 1732 \Device\Harddisk0\DR0 - ok
21:53:29.0562 1732 ================ Scan VBR ==================================
21:53:29.0562 1732 [ 1964F40F5AC6A855C6010ECCF2FFBE01 ] \Device\Harddisk0\DR0\Partition1
21:53:29.0562 1732 \Device\Harddisk0\DR0\Partition1 - ok
21:53:29.0578 1732 [ 577922BB25A9C324AD4C5E7D9AF14728 ] \Device\Harddisk0\DR0\Partition2
21:53:29.0578 1732 \Device\Harddisk0\DR0\Partition2 - ok
21:53:29.0578 1732 ============================================================
21:53:29.0578 1732 Scan finished
21:53:29.0578 1732 ============================================================
21:53:29.0593 3652 Detected object count: 0
21:53:29.0593 3652 Actual detected object count: 0

Per vincenzo: non so perché tutti trovano problemi su AVGtuneup. E' un programma tipo CCcleaner che mi fa fare un mucchio di cose sul pc. QUesto BoostSpeed.exe in particolare non so a cosa serva ma tuneup ce l'avevo su altri pc e non mi ha mai dato problemi.
Comunque, quasi tutti i giorni faccio pulizia, defrag (disco e registro) con quello sul pc. Forse il problema, diciamo, è che "l'ho trovato tramite torrent, con relativa chiave....."

[VincenzoGTA]

Ho visto molti pc "inguaiati" da un errato uso di tuneup...

[ernzac85]

dunque, che faccio? disinstallo tuneup. Scarico cccleaner e faccio la pulizia seguendo il log che mi hai postato tu? Oppure aspetto geronimo?

[VincenzoGTA]

Si, disinstalla e procedi come scritto

[GERONIMO*]

ok
riapri Tdsskiller clicca su change parametres e metti la spunta sulle 2 voci
clicca su Start Scan
alla voce \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
cambia l'opzione da skip a cure. o se te lo chiede in copy to quarantene
Riavvia il pc quando te lo chiede

comunque ti ho fatto usare glary utilities per pulire il sistema va bene solo quello
non installarti più niente,disinstalla gli altri,lasciati solo glary utilities
probabile che tutti questi problemi sono sorti propio con TuneUp Utilities..craccato

[VincenzoGTA]

Si, va benissimo Glary utilities per pulire (puoi seguire manutenzione un click e fa tutto lui)

importante togliere tutti i programmi all'avvio tranne l'antivirus e importante è disinstallare Tune up boot speed


fatto questo vedi se riesci a postarci un log di hijackthis
http://sourceforge.net/projects/hjt/

[ernzac85]

Azz...ho appena finito la pulizia con cccleaner...allora che faccio? lo disinstallo e mi lascio solo glary?

PEr inciso, tuneup l'ho installato 2-3 giorni dopo aver usato questo pc, che già allora era semi morto.

Intanto faccio lo scan con Tdsskiller consigliato da geronimo.

[ernzac85]

Geronimo: mi ha trovato 1 threats, ma non quello che dici tu. Ha trovato un "unsigned file - service: EIO" (C:/..../system32/drivers/EIO.sys)
Mi chiede "skip"...che faccio?

[ernzac85]

Tra l'altro, l'opzione "cure" non c'è: c'è skip, quarantine o delete.

Per quel che riguarda quel fix che qualcuno mi aveva consigliato, AFreg, mi chiedeva di schiacciare un tasto a caso per avviare qualcosa e rischiacciare un altro tasto per chiudere e riavviare. Io mi sono attenuto ai suoi ordini ma non mi è uscito alcun report o altro. Che tipo di verifica posso fare per vedere se ha funzionato?

[VincenzoGTA]

Fai skip e poi controlla il file su Virustotal https://www.virustotal.com/

[ernzac85]

strano...il sito mi dice che il file era già stato controllato 3 settimane fa??? (io sono qui solo da 1 settimana). Comunque mi da un ratio di 0/42.

[VincenzoGTA]

è pulito, continua come detto in precedenza e posta un log di hijackthis

[GERONIMO*]

aspetta,mi sono sbagliato ho letto male il report,per la fretta..capita per questo non esce
pensavo ci fosse scritto
Device\Harddisk0\DR0 ( TDSS File System ) - warning
\Device\Harddisk0\DR0 - detected TDSS File System (1)

\Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
\Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

invece e scritto ok
fai skip...controlla quel file su virustotal,ma mi semra che appartiene ad un programma

[ernzac85]

Log hijackthis.
Non ti preoccupare geronimo, è corso in aiuto Vincenzo...

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22.55.29, on 16/09/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files\Cyberlink\Shared files\brs.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\DUMETE~1\DUMeter.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\DU Meter\DUMeterSvc.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Administrator\Desktop\Casino\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - (no file)
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared files\brs.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DU Meter] "C:\Program Files\DU Meter\DUMeter.exe" /autostart
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 7734969937
O17 - HKLM\System\CCS\Services\Tcpip\..\{E8388B20-0EF2-4053-9FDA-8E3ECB0BE5D9}: Domain = abissnet.al
O17 - HKLM\System\CCS\Services\Tcpip\..\{E8388B20-0EF2-4053-9FDA-8E3ECB0BE5D9}: NameServer = 80.91.126.31 77.242.31.30
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: DU Meter Service (DUMeterSvc) - Hagel Technologies Ltd. - C:\Program Files\DU Meter\DUMeterSvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 6474 bytes