finestre indesiderate che si aprono

In questa sezione del forum si parla di sicurezza, soluzioni antivirus, firewall, problematiche relative a malware in generale

Moderatore: Staff forum IlSoftware.it

finestre indesiderate che si aprono

Messaggiodi lillosa » 17 feb 2013 15:49

ciao ragazzi, sono nuova qui. mi sono appena iscritta.
ho un problema che mi assilla da un pò di tempo e spero che possiate aiutarmi a risolvere.
mi si aprono finestre indesiderate senza che io faccia niente. tipo ad.zanoz ecc....
come posso risolvere questo problema?
grazie davvero tante :)
lillosa
Beginner Software
Beginner Software
 
Messaggi: 22
Iscritto il: 17 feb 2013 15:42

Re: finestre indesiderate che si aprono

Messaggiodi julweb » 17 feb 2013 16:18

lillosa ha scritto:ciao ragazzi, sono nuova qui. mi sono appena iscritta.
ho un problema che mi assilla da un pò di tempo e spero che possiate aiutarmi a risolvere.
mi si aprono finestre indesiderate senza che io faccia niente. tipo ad.zanoz ecc....
come posso risolvere questo problema?
grazie davvero tante :)

ho appena risolto il problema grazie a wio
leggi il post <"problema con il caricamento delle pagine web " dovrebbe essere lo stesso argomento
ciao
julweb
Active Software
Active Software
 
Messaggi: 298
Iscritto il: 10 dic 2006 17:22

Re: finestre indesiderate che si aprono

Messaggiodi Luke57 » 17 feb 2013 16:24

Ciao, Cio, Scarica OTL
http://oldtimer.geekstogo.com/OTL.exe
salvalo sul desktop,doppio click sulla sua icona.
Metti la spunta su SCAN ALL USERS.

Clicca su RUN SCAN
A fine scansione OTL produrrà due file di log (OTL.txt ed Extras.txt),
Inserisci solo OTL.txt allegandolo a un prossimo post (utilizza la funzione invia allegao)
Luke57
Active member
Active member
 
Messaggi: 917
Iscritto il: 04 feb 2005 14:17

Re: finestre indesiderate che si aprono

Messaggiodi lillosa » 17 feb 2013 17:35

grazie mille julweb e anche a te Luke57.

non riuscivo ad allegare il file OTL.txt perchè il limite massimo è 50 Kib (comunque mentre facevo la scansione che mi diceva di inserire una unità in OTL.exe, non so se possa essere rilevante..io ho cliccato riprova per varie volte poi annulla e dopo tante volte è continuata la scansione) quindi lo metto qui secondo le indicazioni del forum

Codice: Seleziona tutto

OTL logfile created on: 17/02/2013 15:37:51 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Liliana Andriano\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy
 
1.99 Gb Total Physical Memory | 0.18 Gb Available Physical Memory | 9.12% Memory free
3.98 Gb Paging File | 0.90 Gb Available in Paging File | 22.68% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 100.00 Gb Total Space | 27.66 Gb Free Space | 27.66% Space Free | Partition Type: NTFS
Drive D: | 117.86 Gb Total Space | 21.59 Gb Free Space | 18.32% Space Free | Partition Type: NTFS
 
Computer Name: LILIANAANDRIANO | User Name: Liliana Andriano | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2013/02/17 15:37:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Liliana Andriano\Desktop\OTL.exe
PRC - [2013/01/26 03:35:08 | 001,248,208 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013/01/20 20:29:18 | 028,539,272 | ---- | M] (Dropbox, Inc.) -- C:\Users\Liliana Andriano\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013/01/08 12:08:06 | 000,375,296 | ---- | M] (MS) -- C:\Program Files\lsm\lsm.exe
PRC - [2012/12/18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/12/06 23:31:33 | 002,443,800 | ---- | M] () -- C:\ProgramData\BrowserProtect\2.5.986.67\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
PRC - [2012/11/30 03:55:25 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2012/11/23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/10/30 08:48:28 | 007,880,664 | ---- | M] (Spotify Ltd) -- C:\Users\Liliana Andriano\AppData\Roaming\Spotify\spotify.exe
PRC - [2012/10/30 08:48:27 | 001,199,576 | ---- | M] (Spotify Ltd) -- C:\Users\Liliana Andriano\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2012/10/16 22:14:40 | 000,864,616 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2012/10/16 22:14:22 | 001,820,520 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2012/10/15 22:21:56 | 006,020,096 | ---- | M] (SpeedVID Accelerator) -- C:\Program Files\SpeedVID\SpeedVID Accelerator\SpeedVidA.exe
PRC - [2012/10/14 20:01:14 | 000,374,784 | ---- | M] (Babylon Ltd.) -- C:\Program Files\BabylonToolbar\BabylonToolbar\1.8.3.8\BabylonToolbarsrv.exe
PRC - [2012/10/09 09:53:36 | 004,441,920 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Liliana Andriano\AppData\Local\Akamai\netsession_win.exe
PRC - [2012/10/08 20:33:32 | 000,225,280 | ---- | M] (MS) -- C:\Program Files\lsm\aus.exe
PRC - [2012/05/14 12:39:49 | 001,816,976 | ---- | M] (Bandoo Media, inc) -- C:\Program Files\Searchqu Toolbar\Datamngr\datamngrUI.exe
PRC - [2011/10/01 08:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 08:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/07/29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/05/10 14:10:58 | 003,459,712 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/05/10 14:10:57 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 13:17:36 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
PRC - [2010/11/07 10:22:00 | 000,286,720 | ---- | M] (Babylon Ltd.) -- C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe
PRC - [2010/09/16 01:18:38 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2010/06/10 21:12:06 | 000,414,384 | ---- | M] () -- C:\Program Files\ASUS\Eee Docking\Eee Docking.exe
PRC - [2010/05/21 21:42:48 | 000,828,704 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2010/05/21 21:42:48 | 000,652,576 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
PRC - [2009/11/19 14:44:14 | 000,083,240 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
PRC - [2009/08/19 01:35:56 | 000,219,136 | ---- | M] () -- C:\Windows\System32\AsusService.exe
PRC - [2009/08/12 11:32:56 | 000,365,936 | ---- | M] (Boingo Wireless, Inc.) -- C:\Program Files\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
PRC - [2009/06/05 03:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/05 03:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2007/06/25 17:19:10 | 000,229,592 | ---- | M] (Data Perceptions / PowerProgrammer) -- C:\Windows\System32\WebUpdateSvc4.exe
PRC - [2005/07/15 22:48:33 | 000,479,232 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Gmail Notifier\gnotify.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2013/02/14 08:09:02 | 012,638,576 | ---- | M] () -- C:\Users\Liliana Andriano\AppData\Local\Google\Chrome\User Data\PepperFlash\11.6.602.167\pepflashplayer.dll
MOD - [2013/01/26 03:35:06 | 000,460,240 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
MOD - [2013/01/26 03:35:04 | 004,012,496 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\24.0.1312.57\pdf.dll
MOD - [2013/01/26 03:34:19 | 000,597,968 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\24.0.1312.57\libglesv2.dll
MOD - [2013/01/26 03:34:18 | 000,124,368 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\24.0.1312.57\libegl.dll
MOD - [2013/01/26 03:34:16 | 001,552,848 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\24.0.1312.57\ffmpegsumo.dll
MOD - [2012/12/12 06:32:26 | 005,025,792 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2012/12/06 23:31:33 | 002,443,800 | ---- | M] () -- C:\ProgramData\BrowserProtect\2.5.986.67\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
MOD - [2012/12/06 23:30:35 | 002,158,104 | ---- | M] () -- c:\ProgramData\BrowserProtect\2.5.986.67\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll
MOD - [2012/11/28 14:13:52 | 000,087,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/11/28 14:13:30 | 001,242,512 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/11/23 01:27:09 | 000,070,144 | ---- | M] () -- C:\Users\Liliana Andriano\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\spext.dll
MOD - [2012/10/30 08:48:28 | 020,220,376 | ---- | M] () -- C:\Users\Liliana Andriano\AppData\Roaming\Spotify\Data\libcef.dll
MOD - [2012/10/05 11:53:24 | 003,198,976 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2012/10/05 11:53:24 | 000,630,784 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2012/08/31 11:59:19 | 004,550,656 | ---- | M] () -- C:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
MOD - [2011/07/29 00:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2010/11/13 01:21:49 | 000,425,984 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_it_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2010/11/13 01:21:48 | 000,307,200 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_it_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010/11/05 02:58:14 | 002,048,000 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2010/11/05 02:58:10 | 000,303,104 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2010/11/05 02:58:04 | 000,425,984 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2010/11/05 02:57:46 | 000,610,304 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
MOD - [2010/09/02 12:08:00 | 000,118,784 | ---- | M] () -- C:\PROGRA~1\ASUS\ASUSWE~1\30108~1.222\ASUSWS~1.DLL
MOD - [2010/06/10 21:12:06 | 000,414,384 | ---- | M] () -- C:\Program Files\ASUS\Eee Docking\Eee Docking.exe
MOD - [2010/05/21 21:42:58 | 000,132,384 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
MOD - [2009/06/10 22:22:40 | 000,010,752 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - [2013/02/08 08:09:31 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/02/01 19:21:08 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/01/08 12:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/01/08 12:08:06 | 000,375,296 | ---- | M] (MS) [Auto | Running] -- C:\Program Files\lsm\lsm.exe -- (LSM)
SRV - [2012/12/18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/12/06 23:31:33 | 002,443,800 | ---- | M] () [Auto | Running] -- C:\ProgramData\BrowserProtect\2.5.986.67\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe -- (BrowserProtect)
SRV - [2012/10/24 00:12:32 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/10/08 20:33:32 | 000,225,280 | ---- | M] (MS) [Auto | Running] -- C:\Program Files\lsm\aus.exe -- (AUS)
SRV - [2012/04/24 18:39:58 | 000,109,064 | ---- | M] (Wajam) [On_Demand | Stopped] -- C:\Program Files\Wajam\Updater\WajamUpdater.exe -- (WajamUpdater)
SRV - [2011/10/01 08:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 08:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/05/10 14:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/04/24 21:40:41 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/05/21 21:42:48 | 000,652,576 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2009/08/19 01:35:56 | 000,219,136 | ---- | M] () [Auto | Running] -- C:\Windows\System32\AsusService.exe -- (AsusService)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2009/06/05 03:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON)
SRV - [2007/06/25 17:19:10 | 000,229,592 | ---- | M] (Data Perceptions / PowerProgrammer) [Auto | Running] -- C:\Windows\System32\WebUpdateSvc4.exe -- (WebUpdate4)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2012/10/24 00:12:30 | 000,024,936 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvpciflt.sys -- (nvpciflt)
DRV - [2012/10/24 00:12:18 | 010,838,376 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012/08/23 15:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012/08/23 15:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2011/12/15 18:29:42 | 000,026,624 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tap0901.sys -- (tap0901)
DRV - [2011/10/01 08:30:42 | 000,019,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol)
DRV - [2011/10/01 08:30:40 | 000,021,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir)
DRV - [2011/10/01 08:30:38 | 000,194,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay)
DRV - [2011/10/01 08:30:36 | 000,579,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs)
DRV - [2011/05/10 14:03:54 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/05/10 14:03:44 | 000,307,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/05/10 14:02:37 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/05/10 13:59:56 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/05/10 13:59:44 | 000,053,592 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011/05/10 13:59:35 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/11/20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/07/29 06:25:03 | 000,068,208 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)
DRV - [2010/03/31 02:40:20 | 000,011,520 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsUpIO.sys -- (AsUpIO)
DRV - [2009/07/20 10:29:40 | 000,013,880 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2009/07/14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/13 23:02:46 | 001,096,704 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008/03/17 10:05:30 | 000,101,632 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKLM\..\URLSearchHook: {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Program Files\uTorrentBar_IT\prxtbuTor.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snap.do/?publisher=SnapdoEMon&dpid=SnapdoEMon&co=DK&userid=58cc2210-535a-4350-a784-e8256fa864c7&searchtype=ds&q={searchTerms}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{154d339e-ccaa-49a5-9b38-6878ad4220bc}: "URL" = http://www.searchamong.com/searchview.php?source=6987e315b363f4b09672a1cda71caea8&query={searchTerms}&cat=webs&bar=true
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=101&systemid=406&sr=0&q={searchTerms}
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-975541926-2846433145-1531993579-1001\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.claro-search.com/?affID=117424&tt=4712_7&babsrc=HP_ss&mntrId=8e6ee50f000000000000485d60d1d90e
IE - HKU\S-1-5-21-975541926-2846433145-1531993579-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKU\S-1-5-21-975541926-2846433145-1531993579-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://eeepc.asus.com [binary data]
IE - HKU\S-1-5-21-975541926-2846433145-1531993579-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snap.do/?publisher=SnapdoEMon&dpid=SnapdoEMon&co=DK&userid=58cc2210-535a-4350-a784-e8256fa864c7&searchtype=ds&q={searchTerms}
IE - HKU\S-1-5-21-975541926-2846433145-1531993579-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snap.do/?publisher=SnapdoEMon&dpid=SnapdoEMon&co=DK&userid=58cc2210-535a-4350-a784-e8256fa864c7&searchtype=ds&q={searchTerms}
IE - HKU\S-1-5-21-975541926-2846433145-1531993579-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://eeepc.asus.com [binary data]
IE - HKU\S-1-5-21-975541926-2846433145-1531993579-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://feed.snap.do/?publisher=SnapdoEMon&dpid=SnapdoEMon&co=DK&userid=58cc2210-535a-4350-a784-e8256fa864c7&searchtype=hp
IE - HKU\S-1-5-21-975541926-2846433145-1531993579-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snap.do/?publisher=SnapdoEMon&dpid=SnapdoEMon&co=DK&userid=58cc2210-535a-4350-a784-e8256fa864c7&searchtype=ds&q={searchTerms}
IE - HKU\S-1-5-21-975541926-2846433145-1531993579-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snap.do/?publisher=SnapdoEMon&dpid=SnapdoEMon&co=DK&userid=58cc2210-535a-4350-a784-e8256fa864c7&searchtype=ds&q={searchTerms}
IE - HKU\S-1-5-21-975541926-2846433145-1531993579-1001\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-975541926-2846433145-1531993579-1001\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKU\S-1-5-21-975541926-2846433145-1531993579-1001\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snap.do/?publisher=SnapdoEMon&dpid=SnapdoEMon&co=DK&userid=58cc2210-535a-4350-a784-e8256fa864c7&searchtype=ds&q={searchTerms}
IE - HKU\S-1-5-21-975541926-2846433145-1531993579-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
IE - HKU\S-1-5-21-975541926-2846433145-1531993579-1001\..\SearchScopes\{0667EB6E-2728-449D-B66A-8DCB8A486D71}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2851640
IE - HKU\S-1-5-21-975541926-2846433145-1531993579-1001\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKU\S-1-5-21-975541926-2846433145-1531993579-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.claro-search.com/?q={searchTerms}&affID=117424&tt=4712_7&babsrc=SP_ss&mntrId=8e6ee50f000000000000485d60d1d90e
IE - HKU\S-1-5-21-975541926-2846433145-1531993579-1001\..\SearchScopes\{154d339e-ccaa-49a5-9b38-6878ad4220bc}: "URL" = http://www.searchamong.com/searchview.php?source=6987e315b363f4b09672a1cda71caea8&query={searchTerms}&cat=webs&bar=true
IE - HKU\S-1-5-21-975541926-2846433145-1531993579-1001\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=101&systemid=406&sr=0&q={searchTerms}
IE - HKU\S-1-5-21-975541926-2846433145-1531993579-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-975541926-2846433145-1531993579-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.2
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\windows\system32\TVUAx\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Liliana Andriano\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Liliana Andriano\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Liliana Andriano\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Liliana Andriano\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Liliana Andriano\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011/12/15 19:42:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/02/02 19:06:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/02/09 19:41:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{58bd07eb-0ee0-4df0-8121-dc9b693373df}: C:\ProgramData\BrowserProtect\2.5.986.67\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension [2012/12/13 23:58:15 | 000,000,000 | ---D | M]
 
[2012/05/18 16:53:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Liliana Andriano\AppData\Roaming\mozilla\Extensions
[2013/02/10 09:59:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Liliana Andriano\AppData\Roaming\mozilla\Firefox\Profiles\q4x0vrb7.default\Extensions
[2013/02/10 09:59:22 | 000,000,000 | ---D | M] (cacaoweb) -- C:\Users\Liliana Andriano\AppData\Roaming\mozilla\Firefox\Profiles\q4x0vrb7.default\Extensions\cacaoweb@cacaoweb.org
[2013/02/09 19:41:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2013/02/01 19:21:57 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013/02/01 22:59:36 | 000,001,606 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-it.xml
[2012/11/22 19:13:19 | 000,006,520 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2013/02/01 22:59:36 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2013/02/01 22:59:36 | 000,000,957 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-it.xml
[2011/04/30 17:08:31 | 000,002,048 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml
[2013/02/01 22:59:36 | 000,001,030 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\hoepli.xml
[2012/05/18 16:53:16 | 000,002,519 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
[2013/02/01 22:59:36 | 000,001,395 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-it.xml
[2013/02/01 22:59:36 | 000,001,166 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-it.xml
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - homepage: http://www.claro-search.com/?affID=117424&tt=4712_7&babsrc=HP_ss&mntrId=8e6ee50f000000000000485d60d1d90e
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.claro-search.com/?affID=117424&tt=4712_7&babsrc=HP_ss&mntrId=8e6ee50f000000000000485d60d1d90e
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Liliana Andriano\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Wajam (Enabled) = C:\Users\Liliana Andriano\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\plugins/PriamNPAPI.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Liliana Andriano\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Liliana Andriano\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Liliana Andriano\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: TVU Web Player for FireFox (Enabled) = C:\windows\system32\TVUAx\npTVUAx.dll
CHR - Extension: Angry Birds = C:\Users\Liliana Andriano\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Gmail Offline = C:\Users\Liliana Andriano\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.19_0\
CHR - Extension: Rumore Bianco = C:\Users\Liliana Andriano\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejkjpdnomgodmagfmhojepjlajpoicip\1.6_0\
CHR - Extension: MonsterDivx = C:\Users\Liliana Andriano\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggfiibgejdijhgfkllemfbhblpdianij\1.3_1\
CHR - Extension: Dictionary Instant = C:\Users\Liliana Andriano\AppData\Local\Google\Chrome\User Data\Default\Extensions\hngaklbjlbjhmoilkegninbmpfigheol\1.0.22_0\
CHR - Extension: Social TV = C:\Users\Liliana Andriano\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgngdongggnefkmefanocbikldkboaaj\1.2.3_0\
CHR - Extension: Google Maps = C:\Users\Liliana Andriano\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0\
CHR - Extension: Google Dictionary (by Google) = C:\Users\Liliana Andriano\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja\3.0.15_0\
CHR - Extension: Google Avvisi email = C:\Users\Liliana Andriano\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Liliana Andriano\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: imo messenger = C:\Users\Liliana Andriano\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocaebkdojpikfmhmnekiflipcicedobi\1.4_0\
CHR - Extension: Cuevana Stream = C:\Users\Liliana Andriano\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooagbcohbmlpkfkdnodbomgphbcecalj\4.2_0\
CHR - Extension: Cuevana Stream = C:\Users\Liliana Andriano\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooagbcohbmlpkfkdnodbomgphbcecalj\4.2_0\.svn\props\.svn-work
CHR - Extension: Indice di massa corporea calcolatrice = C:\Users\Liliana Andriano\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbapipcgadndjlpokbcmgohpjpgkbodo\1.2_0\
CHR - Extension: Settings Protector = C:\Users\Liliana Andriano\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\
 
O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (SearchAmong Toolbar) - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - C:\Program Files\SearchAmong Toolbar\SearchAmongToolbar.dll ()
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.8.3.8\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (uTorrentBar_IT Toolbar) - {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Program Files\uTorrentBar_IT\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~1\SEARCH~1\Datamngr\BROWSE~1.DLL (Bandoo Media, inc)
O2 - BHO: (Wajam) - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files\Wajam\IE\priam_bho.dll (Wajam)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (SearchAmong Toolbar) - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - C:\Program Files\SearchAmong Toolbar\SearchAmongToolbar.dll ()
O3 - HKLM\..\Toolbar: (uTorrentBar_IT Toolbar) - {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Program Files\uTorrentBar_IT\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-975541926-2846433145-1531993579-1001\..\Toolbar\WebBrowser: (SearchAmong Toolbar) - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - C:\Program Files\SearchAmong Toolbar\SearchAmongToolbar.dll ()
O3 - HKU\S-1-5-21-975541926-2846433145-1531993579-1001\..\Toolbar\WebBrowser: (uTorrentBar_IT Toolbar) - {4AE0C3D6-F713-4EED-BC65-25DC3FFDAAC1} - C:\Program Files\uTorrentBar_IT\prxtbuTor.dll (Conduit Ltd.)
O4 - HKLM..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe (Google Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe (ecareme)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BabylonToolbar] C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (Babylon Ltd.)
O4 - HKLM..\Run: [Boingo Wi-Fi] C:\Program Files\Boingo\Boingo Wi-Fi\Boingo.lnk ()
O4 - HKLM..\Run: [CapsHook] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [DATAMNGR] C:\PROGRA~1\SEARCH~1\Datamngr\DATAMN~1.EXE (Bandoo Media, inc)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Eee Docking] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe ()
O4 - HKLM..\Run: [GraphicsSwitch] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [HotkeyMon] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [HotkeyService] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LiveUpdate] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [OOBESetup] C:\Program Files\asus\OOBERegBackup\OOBERegBackup.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [speedvid] C:\Program Files\SpeedVID\SpeedVID Accelerator\SpeedVidA.exe (SpeedVID Accelerator)
O4 - HKLM..\Run: [SuperHybridEngine] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated)
O4 - HKU\S-1-5-21-975541926-2846433145-1531993579-1001..\Run: [Akamai NetSession Interface] C:\Users\Liliana Andriano\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-21-975541926-2846433145-1531993579-1001..\Run: [cacaoweb] "C:\Users\Liliana Andriano\AppData\Roaming\cacaoweb\cacaoweb.exe" -noplayer File not found
O4 - HKU\S-1-5-21-975541926-2846433145-1531993579-1001..\Run: [Facebook Update] C:\Users\Liliana Andriano\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-975541926-2846433145-1531993579-1001..\Run: [GoogleChromeAutoLaunch_ECF9462C4A04AC86F922CEAF95B8EB07] C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKU\S-1-5-21-975541926-2846433145-1531993579-1001..\Run: [Spotify] C:\Users\Liliana Andriano\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-975541926-2846433145-1531993579-1001..\Run: [Spotify Web Helper] C:\Users\Liliana Andriano\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Liliana Andriano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Liliana Andriano\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Autorun.cmd ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-975541926-2846433145-1531993579-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &SearchAmong - C:\Program Files\SearchAmong Toolbar\SearchAmongToolbar.dll ()
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B2F9B78D-D726-4C89-8302-65DD1CA28BB1}: DhcpNameServer = 77.75.166.195 77.75.166.130
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BFC1EA9A-B6F5-4DB5-BB07-954E18743BE7}: DhcpNameServer = 10.0.0.138 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E54240C5-C6FC-495C-AF3A-DC62971D3DF0}: DhcpNameServer = 8.8.8.8
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~2\browse~2\25986~1.67\{c16c1~1\browse~1.dll) - c:\ProgramData\BrowserProtect\2.5.986.67\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{24ec387c-d9ed-11e0-8529-74f06dc81ace}\Shell - "" = AutoRun
O33 - MountPoints2\{24ec387c-d9ed-11e0-8529-74f06dc81ace}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{24ec3883-d9ed-11e0-8529-74f06dc81ace}\Shell - "" = AutoRun
O33 - MountPoints2\{24ec3883-d9ed-11e0-8529-74f06dc81ace}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{24ec3897-d9ed-11e0-8529-74f06dc81ace}\Shell - "" = AutoRun
O33 - MountPoints2\{24ec3897-d9ed-11e0-8529-74f06dc81ace}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{24ec3899-d9ed-11e0-8529-74f06dc81ace}\Shell - "" = AutoRun
O33 - MountPoints2\{24ec3899-d9ed-11e0-8529-74f06dc81ace}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2013/02/17 15:36:42 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Liliana Andriano\Desktop\OTL.exe
[2013/02/14 01:27:52 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb
[2013/02/14 01:27:50 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll
[2013/02/14 01:27:50 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll
[2013/02/14 01:27:49 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll
[2013/02/14 01:27:49 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieUnatt.exe
[2013/02/14 01:27:46 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript9.dll
[2013/02/14 01:27:46 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\url.dll
[2013/02/14 01:27:43 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\inetcpl.cpl
[2013/02/13 18:46:40 | 002,347,008 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys
[2013/02/13 18:46:08 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntkrnlpa.exe
[2013/02/13 18:46:05 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntoskrnl.exe
[2013/02/13 18:46:00 | 000,187,752 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\FWPKCLNT.SYS
[2013/02/13 18:45:54 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winsrv.dll
[2013/02/11 15:23:28 | 000,000,000 | ---D | C] -- C:\Users\Liliana Andriano\Desktop\DATASET
[2013/02/09 19:41:23 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013/02/06 20:11:06 | 000,000,000 | ---D | C] -- C:\Users\Liliana Andriano\Desktop\revouninstaller-portable
[2013/02/06 18:27:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013/02/06 18:27:51 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/02/06 18:08:22 | 000,000,000 | ---D | C] -- C:\windows\pss
[2013/02/06 18:07:40 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\windows\System32\javaws.exe
[2013/02/06 18:07:01 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\windows\System32\javaw.exe
[2013/02/06 18:07:01 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\windows\System32\java.exe
[2013/02/06 18:07:01 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\windows\System32\WindowsAccessBridge.dll
[2013/02/06 07:18:41 | 000,000,000 | ---D | C] -- C:\Users\Liliana Andriano\AppData\Local\{12F1B333-A31B-4BBC-A352-716A9C2B312D}
[2013/02/05 12:44:30 | 000,000,000 | ---D | C] -- C:\Users\Liliana Andriano\AppData\Local\WinZip
[2013/02/05 12:42:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
[2013/02/05 07:16:45 | 000,000,000 | ---D | C] -- C:\Users\Liliana Andriano\AppData\Local\{31B569EE-1FD5-402C-B459-F98B4D33B51E}
[2013/02/04 18:26:36 | 000,000,000 | ---D | C] -- C:\Users\Liliana Andriano\AppData\Local\{5F9F665C-FEC4-405B-B946-CA56544BD631}
[2013/02/03 09:45:23 | 000,000,000 | ---D | C] -- C:\Users\Liliana Andriano\AppData\Local\{293B8C8B-0006-4BD8-8EDB-CF6ECEDA2C3E}
[2013/02/02 19:06:39 | 000,307,928 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswSP.sys
[2013/02/02 19:06:39 | 000,019,544 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswFsBlk.sys
[2013/02/02 19:06:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013/02/02 19:06:36 | 000,025,432 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswRdr.sys
[2013/02/02 19:06:35 | 000,049,240 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswTdi.sys
[2013/02/02 19:06:34 | 000,441,176 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswSnx.sys
[2013/02/02 19:06:34 | 000,053,592 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswMonFlt.sys
[2013/02/02 19:06:03 | 000,199,304 | ---- | C] (AVAST Software) -- C:\windows\System32\aswBoot.exe
[2013/02/02 19:06:03 | 000,040,112 | ---- | C] (AVAST Software) -- C:\windows\avastSS.scr
[2013/02/02 19:03:13 | 000,000,000 | ---D | C] -- C:\Users\Liliana Andriano\AppData\Local\{C909367B-28BF-4383-A1FA-8890ECDDC8CA}
[2013/02/02 02:11:40 | 000,000,000 | ---D | C] -- C:\Users\Liliana Andriano\AppData\Local\{A0A9A8DB-C564-4E8E-9753-7875601165A3}
[2013/02/01 20:34:50 | 000,000,000 | ---D | C] -- C:\Users\Liliana Andriano\AppData\Local\{FB236649-B1E9-42AD-8FA2-DC220040AFE8}
[2013/01/28 10:43:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/01/28 10:43:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2013/01/28 10:36:18 | 000,000,000 | ---D | C] -- C:\Users\Liliana Andriano\AppData\Local\{B6D3D6C4-85FB-4299-9E2A-38AE4EB79224}
[2013/01/24 22:56:19 | 000,000,000 | ---D | C] -- C:\Users\Liliana Andriano\AppData\Local\{E5682995-2033-494D-9546-E4BCDEA49EB2}
[2013/01/22 10:05:59 | 000,000,000 | ---D | C] -- C:\Users\Liliana Andriano\AppData\Local\{49F7273B-F5AE-4862-981C-0F394E5F0B2A}
[2013/01/21 12:24:56 | 000,000,000 | ---D | C] -- C:\Users\Liliana Andriano\Documents\Nuova cartella
[2013/01/21 10:27:27 | 000,000,000 | ---D | C] -- C:\Users\Liliana Andriano\AppData\Local\{4AD71672-B6F4-413A-8FF1-4A23354DBFBB}
[2013/01/20 10:48:44 | 000,000,000 | ---D | C] -- C:\Users\Liliana Andriano\AppData\Local\{9831BA06-4CEC-445B-8EA0-046F18CEBDE6}
[2013/01/19 23:03:34 | 000,000,000 | ---D | C] -- C:\windows\System32\Extensions
[2013/01/19 23:03:18 | 000,000,000 | ---D | C] -- C:\windows\System32\searchplugins
[2013/01/19 09:55:12 | 000,000,000 | ---D | C] -- C:\Users\Liliana Andriano\AppData\Local\{4E2BCD0F-A176-41B5-9C04-010ED4FBAFAB}
[6 C:\Users\Liliana Andriano\Desktop\*.tmp files -> C:\Users\Liliana Andriano\Desktop\*.tmp -> ]
[12 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2013/02/17 16:09:04 | 000,000,978 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013/02/17 15:59:03 | 000,001,158 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/02/17 15:52:10 | 000,001,222 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-975541926-2846433145-1531993579-1001UA.job
[2013/02/17 15:37:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Liliana Andriano\Desktop\OTL.exe
[2013/02/17 15:21:08 | 000,001,204 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-975541926-2846433145-1531993579-1001UA.job
[2013/02/17 12:52:04 | 000,001,200 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-975541926-2846433145-1531993579-1001Core.job
[2013/02/17 10:06:55 | 000,009,920 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/02/17 10:06:55 | 000,009,920 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/02/17 09:58:58 | 000,001,154 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/02/17 09:58:07 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/02/17 09:57:58 | 1602,740,224 | -HS- | M] () -- C:\hiberfil.sys
[2013/02/16 23:21:04 | 000,001,152 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-975541926-2846433145-1531993579-1001Core.job
[2013/02/15 20:31:33 | 000,699,248 | ---- | M] () -- C:\windows\System32\perfh010.dat
[2013/02/15 20:31:33 | 000,616,686 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2013/02/15 20:31:33 | 000,128,184 | ---- | M] () -- C:\windows\System32\perfc010.dat
[2013/02/15 20:31:33 | 000,106,808 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2013/02/14 08:00:29 | 000,411,584 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2013/02/10 10:10:10 | 000,001,934 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk
[2013/02/10 10:10:10 | 000,001,902 | ---- | M] () -- C:\Users\Public\Desktop\ASUS  Vibe Fun Center.lnk
[2013/02/09 19:41:30 | 000,001,105 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/02/08 08:09:28 | 000,697,712 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe
[2013/02/08 08:09:28 | 000,074,096 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl
[2013/02/06 18:49:30 | 000,224,926 | ---- | M] () -- C:\Users\Liliana Andriano\Documents\cc_20130206_184827.reg
[2013/02/06 18:06:42 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\windows\System32\WindowsAccessBridge.dll
[2013/02/06 18:06:38 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\windows\System32\javaws.exe
[2013/02/06 18:06:38 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\windows\System32\javaw.exe
[2013/02/06 18:06:37 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\windows\System32\java.exe
[2013/02/06 18:06:36 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\windows\System32\npDeployJava1.dll
[2013/02/06 18:06:36 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\windows\System32\deployJava1.dll
[2013/02/02 19:06:34 | 000,002,577 | ---- | M] () -- C:\windows\System32\config.nt
[2013/02/01 14:57:32 | 000,002,129 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/01/30 15:12:46 | 000,001,067 | ---- | M] () -- C:\Users\Liliana Andriano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013/01/21 00:09:59 | 000,000,017 | ---- | M] () -- C:\windows\System32\shortcut_ex.dat
[6 C:\Users\Liliana Andriano\Desktop\*.tmp files -> C:\Users\Liliana Andriano\Desktop\*.tmp -> ]
[12 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013/02/10 10:10:10 | 000,001,934 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk
[2013/02/10 10:10:10 | 000,001,902 | ---- | C] () -- C:\Users\Public\Desktop\ASUS  Vibe Fun Center.lnk
[2013/02/09 19:41:30 | 000,001,105 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/02/09 19:41:29 | 000,001,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/02/06 18:48:37 | 000,224,926 | ---- | C] () -- C:\Users\Liliana Andriano\Documents\cc_20130206_184827.reg
[2013/01/21 00:09:58 | 000,000,017 | ---- | C] () -- C:\windows\System32\shortcut_ex.dat
[2012/12/12 01:29:12 | 000,000,000 | ---- | C] () -- C:\windows\System32\db.dat
[2012/11/22 14:23:25 | 000,000,000 | ---- | C] () -- C:\Users\Liliana Andriano\telnet
[2012/10/14 20:20:48 | 000,088,688 | ---- | C] () -- C:\windows\System32\cpwmon2k.dll
[2012/04/19 12:49:43 | 000,001,769 | ---- | C] () -- C:\windows\Language_trs.ini
[2011/05/22 04:53:43 | 000,000,162 | ---- | C] () -- C:\windows\ODBC.INI
[2011/05/10 23:59:45 | 000,047,616 | ---- | C] () -- C:\windows\System32\wuwuninst.exe
[2011/04/24 10:11:22 | 000,006,144 | ---- | C] () -- C:\windows\System32\drivers\ASUSHWIO.SYS
[2011/04/23 16:22:36 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/04/23 14:24:40 | 000,000,117 | ---- | C] () -- C:\windows\TmPfw.ini
[2011/04/23 14:15:32 | 000,000,852 | ---- | C] () -- C:\windows\System32\drivers\RTKHDRC.dat
[2011/04/23 14:15:32 | 000,000,520 | ---- | C] () -- C:\windows\System32\drivers\RTEQEX0.dat
[2011/04/23 14:14:51 | 000,004,692 | ---- | C] () -- C:\windows\System32\drivers\SamSfPa.dat
[2011/04/23 14:14:51 | 000,000,008 | ---- | C] () -- C:\windows\System32\drivers\rtkhdaud.dat
[2010/09/16 01:18:52 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 145 bytes -> C:\Users\Liliana Andriano\Desktop\~WRL0001.tmp:com.dropbox.attributes

< End of report >

lillosa
Beginner Software
Beginner Software
 
Messaggi: 22
Iscritto il: 17 feb 2013 15:42

Re: finestre indesiderate che si aprono

Messaggiodi Luke57 » 17 feb 2013 17:52

Ciao, esegui queste scansioni
-Scarica Adwcleaner sul desktop:
http://general-changelog-team.fr/fr/dow ... adwcleaner
Avvialo e clicca sul pulsante "Delete"
Conferma con OK le varie finestre che ti compariranno.
Il pc si riavvierà, e uscirà il log con le eliminazioni.
Allega il log.
Inoltre scarica• Malwarebytes Anti-Malware
http://download.cnet.com/Malwarebytes-A ... tag=button
dopo averlo installato è necessario aggiornarlo e solo dopo eseguire la scansione completa del sistema, è altresì richiesto eliminare tutti gli oggetti identificati e salvare il log della scansione (il file di log da allegare per il controllo si trova nel Tab "File di log").Il file di log va preso solamente dopo aver eliminato gli oggetti.
Riassumendo, esegui le scansioni e allega i due log nella solita maniera.
Luke57
Active member
Active member
 
Messaggi: 917
Iscritto il: 04 feb 2005 14:17

Re: finestre indesiderate che si aprono

Messaggiodi lillosa » 17 feb 2013 21:43

:)

questo è il primo log

Codice: Seleziona tutto

# AdwCleaner v2.112 - Logfile creato il 17/02/2013 alle 16:57:36
# Aggiornamento 10/02/2013 by Xplode
# Sistema Operativo : Windows 7 Home Premium Service Pack 1 (32 bits)
# Utente : Liliana Andriano - LILIANAANDRIANO
# Modalità Avvio : Modalità Normale
# Eseguito da : C:\Users\Liliana Andriano\Desktop\adwcleaner0.exe
# Opzioni [Elimina]


***** [Servizi] *****

Fermato & Eliminato : BrowserProtect
Fermato & Eliminato : WajamUpdater

***** [File / Cartelle] *****

Cartella Eliminato : C:\Program Files\BabylonToolbar
Cartella Eliminato : C:\Program Files\Conduit
Cartella Eliminato : C:\Program Files\SearchAmong Toolbar
Cartella Eliminato : C:\Program Files\Searchqu Toolbar
Cartella Eliminato : C:\Program Files\uTorrentBar_IT
Cartella Eliminato : C:\Program Files\Wajam
Cartella Eliminato : C:\ProgramData\Ask
Cartella Eliminato : C:\ProgramData\Babylon
Cartella Eliminato : C:\ProgramData\boost_interprocess
Cartella Eliminato : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SearchAmong Toolbar
Cartella Eliminato : C:\Users\Liliana Andriano\AppData\Local\APN
Cartella Eliminato : C:\Users\Liliana Andriano\AppData\Local\Conduit
Cartella Eliminato : C:\Users\Liliana Andriano\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Cartella Eliminato : C:\Users\Liliana Andriano\AppData\Local\Ilivid Player
Cartella Eliminato : C:\Users\Liliana Andriano\AppData\Local\Wajam
Cartella Eliminato : C:\Users\Liliana Andriano\AppData\LocalLow\BabylonToolbar
Cartella Eliminato : C:\Users\Liliana Andriano\AppData\LocalLow\boost_interprocess
Cartella Eliminato : C:\Users\Liliana Andriano\AppData\LocalLow\Conduit
Cartella Eliminato : C:\Users\Liliana Andriano\AppData\LocalLow\facemoods.com
Cartella Eliminato : C:\Users\Liliana Andriano\AppData\LocalLow\searchquband
Cartella Eliminato : C:\Users\Liliana Andriano\AppData\LocalLow\Searchqutoolbar
Cartella Eliminato : C:\Users\Liliana Andriano\AppData\LocalLow\uTorrentBar_IT
Cartella Eliminato : C:\Users\Liliana Andriano\AppData\Roaming\Babylon
Cartella Eliminato : C:\Users\Liliana Andriano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect
Cartella Eliminato : C:\Users\Liliana Andriano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
Cartella Eliminato : C:\Users\Liliana Andriano\AppData\Roaming\Mozilla\Firefox\Profiles\q4x0vrb7.default\extensions\cacaoweb@cacaoweb.org
Cartella Eliminato : C:\Users\Liliana Andriano\AppData\Roaming\pdfforge
Eliminato al riavvio : C:\ProgramData\BrowserProtect
File Eliminato : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
File Eliminato : C:\Program Files\Mozilla Firefox\searchplugins\fcmdSrch.xml
File Eliminato : C:\Program Files\Mozilla FireFox\searchplugins\Search_Results.xml
File Eliminato : C:\Users\Liliana Andriano\AppData\Roaming\Mozilla\Firefox\Profiles\q4x0vrb7.default\bprotector_extensions.sqlite

***** [Registro] *****

Chiave Eliminata : HKCU\Software\5353d88ce139ec17
Chiave Eliminata : HKCU\Software\APN PIP
Chiave Eliminata : HKCU\Software\AppDataLow\Software\Conduit
Chiave Eliminata : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Chiave Eliminata : HKCU\Software\AppDataLow\Software\searchqutoolbar
Chiave Eliminata : HKCU\Software\AppDataLow\Software\SmartBar
Chiave Eliminata : HKCU\Software\AppDataLow\Software\uTorrentBar_IT
Chiave Eliminata : HKCU\Software\AppDataLow\Toolbar
Chiave Eliminata : HKCU\Software\BabylonToolbar
Chiave Eliminata : HKCU\Software\cacaoweb
Chiave Eliminata : HKCU\Software\Conduit
Chiave Eliminata : HKCU\Software\DataMngr
Chiave Eliminata : HKCU\Software\DataMngr_Toolbar
Chiave Eliminata : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&SearchAmong
Chiave Eliminata : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Chiave Eliminata : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Chiave Eliminata : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Chiave Eliminata : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{154D339E-CCAA-49A5-9B38-6878AD4220BC}
Chiave Eliminata : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0E1230F8-EA50-42A9-983C-D22ABC2EED3B}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4AE0C3D6-F713-4EED-BC65-25DC3FFDAAC1}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9E131A93-EED7-4BEB-B015-A0ADB30B5646}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D0F4A166-B8D4-48B8-9D63-80849FE137CB}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0E1230F8-EA50-42A9-983C-D22ABC2EED3B}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4AE0C3D6-F713-4EED-BC65-25DC3FFDAAC1}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Chiave Eliminata : HKCU\Software\PIP
Chiave Eliminata : HKCU\Software\Softonic
Chiave Eliminata : HKCU\Software\Wajam
Chiave Eliminata : HKLM\SOFTWARE\5353d88ce139ec17
Chiave Eliminata : HKLM\Software\Babylon
Chiave Eliminata : HKLM\Software\BabylonToolbar
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{AD25754E-D76C-42B3-A335-2F81478B722F}
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\DNSBHO.dll
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
Chiave Eliminata : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Chiave Eliminata : HKLM\SOFTWARE\Classes\b
Chiave Eliminata : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Chiave Eliminata : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Chiave Eliminata : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\BrowserConnection.Loader
Chiave Eliminata : HKLM\SOFTWARE\Classes\BrowserConnection.Loader.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{0E1230F8-EA50-42A9-983C-D22ABC2EED3B}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{4AE0C3D6-F713-4EED-BC65-25DC3FFDAAC1}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{854145C6-B95A-408D-BE86-367DC393A219}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Chiave Eliminata : HKLM\SOFTWARE\Classes\DnsBHO.BHO
Chiave Eliminata : HKLM\SOFTWARE\Classes\DnsBHO.BHO.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\escort.escortIEPane
Chiave Eliminata : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Chiave Eliminata : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr
Chiave Eliminata : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{95B92D92-8B7D-4A19-A3F1-43113B4DBCAF}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Prod.cap
Chiave Eliminata : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard
Chiave Eliminata : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\ToolBand.ToolBandObj
Chiave Eliminata : HKLM\SOFTWARE\Classes\ToolBand.ToolBandObj.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\Toolbar.CT2851640
Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{5297E905-1DFB-4A9C-9871-A4F95FD58945}
Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15}
Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705}
Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{AD25754E-D76C-42B3-A335-2F81478B722F}
Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chiave Eliminata : HKLM\SOFTWARE\Classes\wajam.WajamBHO
Chiave Eliminata : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Chiave Eliminata : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Chiave Eliminata : HKLM\Software\Conduit
Chiave Eliminata : HKLM\Software\DataMngr
Chiave Eliminata : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Chiave Eliminata : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Chiave Eliminata : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{421BA21A-A49E-4A20-A05C-11C033EA937B}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BA830864-D01F-431C-B827-3505B794D051}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{154D339E-CCAA-49A5-9B38-6878AD4220BC}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Tracing\BabylonToolbarsrv_RASAPI32
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Tracing\BabylonToolbarsrv_RASMANCS
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Tracing\facemoods_RASAPI32
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Tracing\facemoods_RASMANCS
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASAPI32
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASMANCS
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E1230F8-EA50-42A9-983C-D22ABC2EED3B}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4AE0C3D6-F713-4EED-BC65-25DC3FFDAAC1}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{854145C6-B95A-408D-BE86-367DC393A219}
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C7456F74-B576-4A8E-BAB2-538C99EE38F0}_is1
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu Toolbar
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar_IT Toolbar
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Chiave Eliminata : HKLM\Software\PIP
Chiave Eliminata : HKLM\Software\SearchquMediabarTb
Chiave Eliminata : HKLM\Software\uTorrentBar_IT
Chiave Eliminata : HKLM\Software\Wajam
Chiave Eliminata : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Dato Eliminata : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\browse~2\25986~1.67\{c16c1~1\browse~1.dll
Valore Eliminata : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Valore Eliminata : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Valore Eliminata : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{0E1230F8-EA50-42A9-983C-D22ABC2EED3B}]
Valore Eliminata : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4AE0C3D6-F713-4EED-BC65-25DC3FFDAAC1}]
Valore Eliminata : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Valore Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [cacaoweb]
Valore Eliminata : HKCU\Software\Mozilla\Firefox\extensions [{58BD07EB-0EE0-4DF0-8121-DC9B693373DF}]
Valore Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{0E1230F8-EA50-42A9-983C-D22ABC2EED3B}]
Valore Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{4AE0C3D6-F713-4EED-BC65-25DC3FFDAAC1}]
Valore Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Valore Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{99079A25-328F-4BD4-BE04-00955ACAA0A7}]
Valore Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Valore Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]
Valore Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{4AE0C3D6-F713-4EED-BC65-25DC3FFDAAC1}]
Valore Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [BabylonToolbar]
Valore Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [DataMngr]

***** [Browser Internet] *****

-\\ Internet Explorer v9.0.8112.16464

Sostituito : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://feed.snap.do/?publisher=SnapdoEMon&dpid=SnapdoEMon&co=DK&userid=58cc2210-535a-4350-a784-e8256fa864c7&searchtype=ds&q={searchTerms} --> hxxp://www.google.com
Sostituito : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://feed.snap.do/?publisher=SnapdoEMon&dpid=SnapdoEMon&co=DK&userid=58cc2210-535a-4350-a784-e8256fa864c7&searchtype=hp --> hxxp://www.google.com
Sostituito : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://feed.snap.do/?publisher=SnapdoEMon&dpid=SnapdoEMon&co=DK&userid=58cc2210-535a-4350-a784-e8256fa864c7&searchtype=ds&q={searchTerms} --> hxxp://www.google.com
Sostituito : [HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://feed.snap.do/?publisher=SnapdoEMon&dpid=SnapdoEMon&co=DK&userid=58cc2210-535a-4350-a784-e8256fa864c7&searchtype=ds&q={searchTerms} --> hxxp://www.google.com
Sostituito : [HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://feed.snap.do/?publisher=SnapdoEMon&dpid=SnapdoEMon&co=DK&userid=58cc2210-535a-4350-a784-e8256fa864c7&searchtype=ds&q={searchTerms} --> hxxp://www.google.com
Sostituito : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4 --> hxxp://www.google.com

-\\ Mozilla Firefox v18.0.2 (it)

File : C:\Users\Liliana Andriano\AppData\Roaming\Mozilla\Firefox\Profiles\q4x0vrb7.default\prefs.js

[OK] File Pulito.

-\\ Google Chrome v24.0.1312.57

File : C:\Users\Liliana Andriano\AppData\Local\Google\Chrome\User Data\Default\Preferences

Eliminata [l.21] : homepage = "hxxp://www.claro-search.com/?affID=117424&tt=4712_7&babsrc=HP_ss&mntrId=8e6ee50f0[...]
Eliminata [l.2355] : homepage = "hxxp://www.claro-search.com/?affID=117424&tt=4712_7&babsrc=HP_ss&mntrId=8e6ee50f0000[...]

*************************

AdwCleaner[S1].txt - [23522 octets] - [17/02/2013 16:57:36]

########## EOF - C:\AdwCleaner[S1].txt - [23583 octets] ##########




questo è il secondo log

Codice: Seleziona tutto

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Versione database: v2013.02.17.05

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Liliana Andriano :: LILIANAANDRIANO [amministratore]

17/02/2013 17:16:56
mbam-log-2013-02-17 (17-16-56).txt

Tipo di scansione: Scansione completa (C:\|D:\|E:\|Q:\|)
Opzioni di scansione attive: Memoria | Esecuzione automatica | Registro | File di sistema | Euristica/Extra | Euristica/Shuriken | PUP | PUM
Opzioni di scansione disattivate: P2P
Elementi esaminati: 383910
Tempo impiegato: 3 ore, 21 minuti, 14 secondi

Processi rilevati in memoria: 0
(non sono stati rilevati elementi nocivi)

Moduli di memoria rilevati: 0
(non sono stati rilevati elementi nocivi)

Chiavi di registro rilevate: 0
(non sono stati rilevati elementi nocivi)

Valori di registro rilevati: 0
(non sono stati rilevati elementi nocivi)

Voci rilevate nei dati di registro: 0
(non sono stati rilevati elementi nocivi)

Cartelle rilevate: 0
(non sono stati rilevati elementi nocivi)

File rilevati: 0
(non sono stati rilevati elementi nocivi)

(fine)



purtroppo però continuano ad apparire le finestre
lillosa
Beginner Software
Beginner Software
 
Messaggi: 22
Iscritto il: 17 feb 2013 15:42

Re: finestre indesiderate che si aprono

Messaggiodi Luke57 » 18 feb 2013 01:21

Ciao, scarica combofix
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
posizionalo sul desktop , disconnettiti dalla rete e disattiva il tuo antivirus
Doppio click su combofix, partirà la scansione.
Non toccare il mouse mentre combofix è in esecuzione, potrebbe provocare un blocco
Apparirà una schermata di esonero garanzie sul software-clicca su si,
Apparirà una schermata (solo per chi usa windows xp) per installare la console di ripristino,clicca su no.
Al termine apparirà a schermo il log di combofix che potrai anche trovare in C:\combofix.txt .Allegalo nel prossimo post.
Luke57
Active member
Active member
 
Messaggi: 917
Iscritto il: 04 feb 2005 14:17

Re: finestre indesiderate che si aprono

Messaggiodi lillosa » 18 feb 2013 11:16

ecco il log di Combofix

Codice: Seleziona tutto

ComboFix 13-02-18.01 - Liliana Andriano 18/02/2013   9:43.1.4 - x86
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.39.1040.18.2038.839 [GMT 1:00]
Eseguito da: c:\users\Liliana Andriano\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Creato nuovo punto di ripristino
.
.
(((((((((((((((((((((((((((((((((((((   Altre eliminazioni   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
c:\windows\security\Database\tmp.edb
c:\windows\system32\service
c:\windows\system32\service\01052011_TIS17_SfFniAU.log
c:\windows\system32\service\02052011_TIS17_SfFniAU.log
c:\windows\system32\service\05052011_TIS17_SfFniAU.log
c:\windows\system32\service\13052011_TIS17_PccScan.log
c:\windows\system32\service\13052011_TIS17_SfFniAU.log
c:\windows\system32\service\24042011_TIS17_PccScan.log
c:\windows\system32\service\24042011_TIS17_SfFniAU.log
.
.
(((((((((((((((((((((((((   Files Creati Da 2013-01-18 al 2013-02-18  )))))))))))))))))))))))))))))))))))
.
.
2013-02-18 09:02 . 2013-02-18 09:02   --------   d-----w-   c:\users\UpdatusUser\AppData\Local\temp
2013-02-18 09:02 . 2013-02-18 09:02   --------   d-----w-   c:\users\Default\AppData\Local\temp
2013-02-17 16:13 . 2013-02-17 16:13   --------   d-----w-   c:\users\Liliana Andriano\AppData\Roaming\Malwarebytes
2013-02-17 16:12 . 2013-02-17 16:12   --------   d-----w-   c:\programdata\Malwarebytes
2013-02-17 16:12 . 2013-02-17 16:12   --------   d-----w-   c:\program files\Malwarebytes' Anti-Malware
2013-02-17 16:12 . 2012-12-14 15:49   21104   ----a-w-   c:\windows\system32\drivers\mbam.sys
2013-02-17 15:58 . 2013-02-17 15:59   97   ----a-w-   c:\windows\DeleteOnReboot.bat
2013-02-17 14:37 . 2013-02-17 14:37   60872   ----a-w-   c:\programdata\Microsoft\Windows Defender\Definition Updates\{56192F65-A2EB-4DC2-9C74-03C161CA136C}\offreg.dll
2013-02-15 07:14 . 2013-01-08 04:57   6991832   ----a-w-   c:\programdata\Microsoft\Windows Defender\Definition Updates\{56192F65-A2EB-4DC2-9C74-03C161CA136C}\mpengine.dll
2013-02-13 17:46 . 2013-01-04 03:00   2347008   ----a-w-   c:\windows\system32\win32k.sys
2013-02-13 17:46 . 2013-01-05 05:00   3967848   ----a-w-   c:\windows\system32\ntkrnlpa.exe
2013-02-13 17:46 . 2013-01-05 05:00   3913064   ----a-w-   c:\windows\system32\ntoskrnl.exe
2013-02-13 17:46 . 2013-01-03 05:05   1293672   ----a-w-   c:\windows\system32\drivers\tcpip.sys
2013-02-13 17:46 . 2013-01-03 05:04   187752   ----a-w-   c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-13 17:45 . 2013-01-04 04:50   169984   ----a-w-   c:\windows\system32\winsrv.dll
2013-02-09 23:16 . 2013-02-09 23:16   0   ----a-w-   c:\windows\system32\sho618D.tmp
2013-02-06 17:27 . 2013-02-06 17:27   --------   d-----w-   c:\program files\CCleaner
2013-02-06 17:07 . 2013-02-06 17:06   94112   ----a-w-   c:\windows\system32\WindowsAccessBridge.dll
2013-02-05 11:44 . 2013-02-05 11:44   --------   d-----w-   c:\users\Liliana Andriano\AppData\Local\WinZip
2013-02-02 18:06 . 2011-05-10 13:03   307928   ----a-w-   c:\windows\system32\drivers\aswSP.sys
2013-02-02 18:06 . 2011-05-10 12:59   19544   ----a-w-   c:\windows\system32\drivers\aswFsBlk.sys
2013-02-02 18:06 . 2011-05-10 12:59   25432   ----a-w-   c:\windows\system32\drivers\aswRdr.sys
2013-02-02 18:06 . 2011-05-10 13:02   49240   ----a-w-   c:\windows\system32\drivers\aswTdi.sys
2013-02-02 18:06 . 2011-05-10 13:03   441176   ----a-w-   c:\windows\system32\drivers\aswSnx.sys
2013-02-02 18:06 . 2011-05-10 12:59   53592   ----a-w-   c:\windows\system32\drivers\aswMonFlt.sys
2013-02-02 18:06 . 2011-05-10 13:10   40112   ----a-w-   c:\windows\avastSS.scr
2013-02-02 18:06 . 2011-05-10 13:10   199304   ----a-w-   c:\windows\system32\aswBoot.exe
2013-01-28 09:43 . 2013-01-28 09:43   --------   d-----w-   c:\program files\Common Files\Skype
2013-01-20 14:09 . 2009-06-22 17:58   89600   ----a-w-   c:\windows\system32\Spool\prtprocs\w32x86\HPZPPLHN.DLL
2013-01-19 22:03 . 2013-01-19 22:03   --------   d-----w-   c:\windows\system32\Extensions
2013-01-19 22:03 . 2013-01-19 22:03   --------   d-----w-   c:\windows\system32\searchplugins
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-08 07:09 . 2012-05-18 02:19   74096   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-08 07:09 . 2012-05-18 02:19   697712   ----a-w-   c:\windows\system32\FlashPlayerApp.exe
2013-02-06 17:06 . 2012-12-09 17:51   861088   ----a-w-   c:\windows\system32\npDeployJava1.dll
2013-02-06 17:06 . 2011-04-30 16:11   782240   ----a-w-   c:\windows\system32\deployJava1.dll
2013-01-18 20:45 . 2013-01-18 20:45   0   ----a-w-   c:\windows\system32\shoD82E.tmp
2013-01-17 00:28 . 2011-05-07 10:37   232336   ------w-   c:\windows\system32\MpSigStub.exe
2013-01-04 01:14 . 2013-01-04 01:14   0   ----a-w-   c:\windows\system32\sho8444.tmp
2012-12-29 00:57 . 2012-12-29 00:57   0   ----a-w-   c:\windows\system32\sho8B3F.tmp
2012-12-16 14:13 . 2012-12-20 23:51   295424   ----a-w-   c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-20 23:51   34304   ----a-w-   c:\windows\system32\atmlib.dll
2012-12-07 12:26 . 2013-01-09 09:16   308736   ----a-w-   c:\windows\system32\Wpc.dll
2012-12-07 12:20 . 2013-01-09 09:16   2576384   ----a-w-   c:\windows\system32\gameux.dll
2012-12-07 10:46 . 2013-01-09 09:16   43520   ----a-w-   c:\windows\system32\csrr.rs
2012-12-07 10:46 . 2013-01-09 09:16   30720   ----a-w-   c:\windows\system32\usk.rs
2012-12-07 10:46 . 2013-01-09 09:16   45568   ----a-w-   c:\windows\system32\oflc-nz.rs
2012-12-07 10:46 . 2013-01-09 09:16   44544   ----a-w-   c:\windows\system32\pegibbfc.rs
2012-12-07 10:46 . 2013-01-09 09:16   20480   ----a-w-   c:\windows\system32\pegi-pt.rs
2012-12-07 10:46 . 2013-01-09 09:16   23552   ----a-w-   c:\windows\system32\oflc.rs
2012-12-07 10:46 . 2013-01-09 09:16   20480   ----a-w-   c:\windows\system32\pegi-fi.rs
2012-12-07 10:46 . 2013-01-09 09:16   46592   ----a-w-   c:\windows\system32\fpb.rs
2012-12-07 10:46 . 2013-01-09 09:16   20480   ----a-w-   c:\windows\system32\pegi.rs
2012-12-07 10:46 . 2013-01-09 09:16   21504   ----a-w-   c:\windows\system32\grb.rs
2012-12-07 10:46 . 2013-01-09 09:16   40960   ----a-w-   c:\windows\system32\cob-au.rs
2012-12-07 10:46 . 2013-01-09 09:16   15360   ----a-w-   c:\windows\system32\djctq.rs
2012-12-07 10:46 . 2013-01-09 09:16   55296   ----a-w-   c:\windows\system32\cero.rs
2012-12-07 10:46 . 2013-01-09 09:16   51712   ----a-w-   c:\windows\system32\esrb.rs
2012-12-07 00:32 . 2012-12-07 00:32   0   ----a-w-   c:\windows\system32\sho6D74.tmp
2012-12-03 11:45 . 2012-12-03 11:45   0   ----a-w-   c:\windows\system32\sho56B9.tmp
2012-12-02 05:19 . 2012-12-02 05:19   0   ----a-w-   c:\windows\system32\sho4CA9.tmp
2012-11-30 04:47 . 2013-01-09 09:18   293376   ----a-w-   c:\windows\system32\KernelBase.dll
2012-11-30 04:45 . 2013-01-09 09:18   4096   ---ha-w-   c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 09:18   4096   ---ha-w-   c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 09:18   3072   ---ha-w-   c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 09:18   4608   ---ha-w-   c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 09:18   3584   ---ha-w-   c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 09:18   3584   ---ha-w-   c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 09:18   3072   ---ha-w-   c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 09:18   4096   ---ha-w-   c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 09:18   4096   ---ha-w-   c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 09:18   3584   ---ha-w-   c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 09:18   3584   ---ha-w-   c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 09:18   3584   ---ha-w-   c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 09:18   3584   ---ha-w-   c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 09:18   3072   ---ha-w-   c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 09:18   3072   ---ha-w-   c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 09:18   4096   ---ha-w-   c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 09:18   5120   ---ha-w-   c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 09:18   3072   ---ha-w-   c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 09:18   3072   ---ha-w-   c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 09:18   3072   ---ha-w-   c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 09:18   3072   ---ha-w-   c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 09:18   3072   ---ha-w-   c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 09:18   3072   ---ha-w-   c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 09:18   3072   ---ha-w-   c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-11-30 02:55 . 2013-01-09 09:18   271360   ----a-w-   c:\windows\system32\conhost.exe
2012-11-30 02:38 . 2013-01-09 09:18   6144   ---ha-w-   c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38 . 2013-01-09 09:18   4608   ---ha-w-   c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38 . 2013-01-09 09:18   3584   ---ha-w-   c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38 . 2013-01-09 09:18   3072   ---ha-w-   c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-28 01:22 . 2012-11-28 01:22   0   ----a-w-   c:\windows\system32\sho2AA8.tmp
2012-11-23 02:48 . 2013-01-09 09:15   49152   ----a-w-   c:\windows\system32\taskhost.exe
2012-11-23 01:47 . 2012-11-23 01:47   0   ----a-w-   c:\windows\system32\shoBC64.tmp
2012-11-22 04:45 . 2013-01-09 09:19   626688   ----a-w-   c:\windows\system32\usp10.dll
2013-02-01 18:21 . 2013-02-09 18:41   262552   ----a-w-   c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((((((   Punti Reg Caricati   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-05-10 13:10   122512   ----a-w-   c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{CC5FC992-B0AA-47CD-9DC2-83445083CBB8}"
[HKEY_CLASSES_ROOT\CLSID\{CC5FC992-B0AA-47CD-9DC2-83445083CBB8}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{618A47A2-528B-4D9A-AFC8-97D3233511E2}"
[HKEY_CLASSES_ROOT\CLSID\{618A47A2-528B-4D9A-AFC8-97D3233511E2}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32   129272   ----a-w-   c:\users\Liliana Andriano\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32   129272   ----a-w-   c:\users\Liliana Andriano\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32   129272   ----a-w-   c:\users\Liliana Andriano\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"="c:\users\Liliana Andriano\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-12 138096]
"Akamai NetSession Interface"="c:\users\Liliana Andriano\AppData\Local\Akamai\netsession_win.exe" [2012-10-09 4441920]
"GoogleChromeAutoLaunch_ECF9462C4A04AC86F922CEAF95B8EB07"="c:\program files\Google\Chrome\Application\chrome.exe" [2013-01-26 1248208]
"Spotify Web Helper"="c:\users\Liliana Andriano\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-10-30 1199576]
"Spotify"="c:\users\Liliana Andriano\AppData\Roaming\Spotify\spotify.exe" [2012-10-30 7880664]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-01-08 18708224]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-11-19 1594664]
"SynAsusAcpi"="c:\program files\Synaptics\SynTP\SynAsusAcpi.exe" [2009-11-19 83240]
"ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2010-09-16 3058304]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"HotkeyMon"="AsusSender.exe" [2010-03-03 29184]
"HotkeyService"="AsusSender.exe" [2010-03-03 29184]
"SuperHybridEngine"="AsusSender.exe" [2010-03-03 29184]
"LiveUpdate"="AsusSender.exe" [2010-03-03 29184]
"CapsHook"="AsusSender.exe" [2010-03-03 29184]
"Eee Docking"="c:\program files\ASUS\Eee Docking\Eee Docking.exe" [2010-06-10 414384]
"GraphicsSwitch"="AsusSender.exe" [2010-03-03 29184]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-08-24 9722472]
"OOBESetup"="c:\program files\asus\OOBERegBackup\OOBERegBackup.exe" [2009-12-11 334848]
"Boingo Wi-Fi"="c:\program files\Boingo\Boingo Wi-Fi\Boingo.lnk" [2011-04-23 2429]
"ASUSPRP"="c:\program files\ASUS\APRP\APRP.EXE" [2010-09-16 2018032]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
"ASUSWebStorage"="c:\program files\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe" [2011-07-29 737104]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-10-25 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-10-25 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-10-25 150552]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="c:\program files\Google\Gmail Notifier\gnotify.exe" [2005-07-15 479232]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]
"speedvid"="c:\program files\SpeedVID\SpeedVID Accelerator\SpeedVidA.exe" [2012-10-15 6020096]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-12-12 152544]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-05-10 3459712]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
c:\users\Liliana Andriano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Liliana Andriano\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-1-20 28539272]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files\ASUS\AsusVibe\AsusVibeLauncher.exe [2013-2-10 549040]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-5-21 828704]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKLM\~\startupfolder\C:^Users^Liliana Andriano^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^My 190.lnk]
path=c:\users\Liliana Andriano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\My 190.lnk
backup=c:\windows\pss\My 190.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Liliana Andriano^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Ritaglio schermata e avvio di OneNote 2007.lnk]
path=c:\users\Liliana Andriano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Ritaglio schermata e avvio di OneNote 2007.lnk
backup=c:\windows\pss\Ritaglio schermata e avvio di OneNote 2007.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Liliana Andriano^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Widget vodafone.lnk]
path=c:\users\Liliana Andriano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Widget vodafone.lnk
backup=c:\windows\pss\Widget vodafone.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GameXN GO]
2011-08-29 20:35   347008   ----a-w-   c:\programdata\GameXN\GameXNGO.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2011-05-13 14:03   4283256   ----a-w-   c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\musiXmatch lyrics]
2012-12-12 09:13   990208   ------w-   c:\users\Liliana Andriano\AppData\Local\Apps\2.0\4ZZ22VQ1.LJP\NTYA06HL.H0G\lyri..tion_7f4fb2453a94cfd0_0001.0001_af964fa744078543\lyriXmatchDesktop.exe
.
R2 AsusService;Asus Launcher Service;c:\windows\System32\AsusService.exe [x]
R2 LSM;Login Session Manager;c:\program files\lsm\lsm.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
S1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 AUS;Auto Update Service;c:\program files\lsm\aus.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 WebUpdate4;Web Update Wizard Service V4;c:\windows\system32\WebUpdateSvc4.exe [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12   REG_MULTI_SZ      Pml Driver HPZ12 Net Driver HPZ12
GPSvcGroup   REG_MULTI_SZ      GPSvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-02-01 13:52   1607120   ----a-w-   c:\program files\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe
.
Contenuto della cartella 'Scheduled Tasks'
.
2013-02-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-18 07:09]
.
2013-02-17 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-975541926-2846433145-1531993579-1001Core.job
- c:\users\Liliana Andriano\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-07-08 10:47]
.
2013-02-18 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-975541926-2846433145-1531993579-1001UA.job
- c:\users\Liliana Andriano\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-07-08 10:47]
.
2013-02-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-04-23 14:10]
.
2013-02-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-04-23 14:10]
.
2013-02-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-975541926-2846433145-1531993579-1001Core.job
- c:\users\Liliana Andriano\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-23 09:20]
.
2013-02-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-975541926-2846433145-1531993579-1001UA.job
- c:\users\Liliana Andriano\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-23 09:20]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = <local>;*.local
uSearchAssistant = hxxp://www.google.com
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 10.0.0.138 10.0.0.138
FF - ProfilePath - c:\users\Liliana Andriano\AppData\Roaming\Mozilla\Firefox\Profiles\q4x0vrb7.default\
FF - ExtSQL: 2013-01-09 10:55; {58bd07eb-0ee0-4df0-8121-dc9b693373df}; c:\programdata\BrowserProtect\2.5.986.67\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension
FF - ExtSQL: 2013-02-02 19:06; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
Toolbar-Locked - (no file)
MSConfigStartUp-Lyrify - c:\program files\Lyrify\lyrify.exe
.
.
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_USERS\S-1-5-21-975541926-2846433145-1531993579-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-975541926-2846433145-1531993579-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Ora fine scansione: 2013-02-18  10:06:41
ComboFix-quarantined-files.txt  2013-02-18 09:06
.
Pre-Run: 29,919,408,128 byte disponibili
Post-Run: 29,836,890,112 byte disponibili
.
- - End Of File - - C431CB659C805733AAAEC71744CDF4DE

lillosa
Beginner Software
Beginner Software
 
Messaggi: 22
Iscritto il: 17 feb 2013 15:42

Re: finestre indesiderate che si aprono

Messaggiodi Luke57 » 18 feb 2013 14:40

Ciao, è sempre presente il problema? Se sì:
-Scarica TDSS killer e salvalo sul desktop
http://support.kaspersky.com/downloads/ ... killer.exe
Doppio click su TDSSKILLER.exe per avviare l'applicazione.In change parameters metti la spunta su "detect tdlfs file system" e "verify file digital signature"
Clicca su start scan.

Se un file infetto viene trovato,l'azione di default sarà cure,clicca su continua.
Se un file sospetto viene trovato,l'azione di default sarà skip,clicca su continua.
Se ti viene chiesto di riavviare il pc completa il processo.Clicca su riavvia ora.
Se nessun riavvio è richiesto clicca su report e salva il contenuto in un file di testo.
Allega il report che si trova in C in questa forma "TDSSKiller.[Date]_[Time]_log.txt"
Luke57
Active member
Active member
 
Messaggi: 917
Iscritto il: 04 feb 2005 14:17

Re: finestre indesiderate che si aprono

Messaggiodi lillosa » 18 feb 2013 15:15

Ciao, per ora non si sono aperte finestre!! Nel caso in cui si dovessero aprire, faccio quello che mi hai detto nell'ultimo post. Grazie mille..
Era tanto infetto?! Comunque posso eliminare tutti i programmi scaricati e i log?
Grazie ancora
lillosa
Beginner Software
Beginner Software
 
Messaggi: 22
Iscritto il: 17 feb 2013 15:42

Re: finestre indesiderate che si aprono

Messaggiodi Luke57 » 18 feb 2013 18:30

Ciao, apri OTL e clicca su cleanup per rimuovere sia il tool stesso che combofix. I log puoi eliminarli tranquillamente
come per tutti i file. Fai anche una pulizia con ccleaner
http://www.ilsoftware.it/articoli.asp?t ... 4346&pag=1
Luke57
Active member
Active member
 
Messaggi: 917
Iscritto il: 04 feb 2005 14:17

Re: finestre indesiderate che si aprono

Messaggiodi lillosa » 18 feb 2013 22:06

Ancora il problema, ho aperto OTL e ho cliccato su CleanUp. Mi ha chiesto di riavviare il pc, l'ho fatto però appena ho aperto chrome è uscita una pagina indesiderata. E ora?
Che ho fatto? Forse ho fatto qualche errore anche se io ho seguito tutti i varia passaggi. Scusami.
A questo punto non faccio nulla con CCleaner?
Scusami davvero tanto, ma sono mesi che queste pagine mi tormentano!
lillosa
Beginner Software
Beginner Software
 
Messaggi: 22
Iscritto il: 17 feb 2013 15:42

Re: finestre indesiderate che si aprono

Messaggiodi Luke57 » 18 feb 2013 23:49

Ciao, allora esegui tdsskiller come spiegato sopra e posta il report.
Luke57
Active member
Active member
 
Messaggi: 917
Iscritto il: 04 feb 2005 14:17

Re: finestre indesiderate che si aprono

Messaggiodi lillosa » 19 feb 2013 20:10

Ecco il log..è diviso perchè superava il numero massimo di caratteri

Codice: Seleziona tutto

19:01:13.0930 7088  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:01:14.0588 7088  ============================================================
19:01:14.0588 7088  Current date / time: 2013/02/19 19:01:14.0580
19:01:14.0588 7088  SystemInfo:
19:01:14.0588 7088 
19:01:14.0589 7088  OS Version: 6.1.7601 ServicePack: 1.0
19:01:14.0589 7088  Product type: Workstation
19:01:14.0592 7088  ComputerName: LILIANAANDRIANO
19:01:14.0594 7088  UserName: Liliana Andriano
19:01:14.0595 7088  Windows directory: C:\windows
19:01:14.0595 7088  System windows directory: C:\windows
19:01:14.0595 7088  Processor architecture: Intel x86
19:01:14.0595 7088  Number of processors: 4
19:01:14.0595 7088  Page size: 0x1000
19:01:14.0595 7088  Boot type: Normal boot
19:01:14.0595 7088  ============================================================
19:01:16.0432 7088  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:01:16.0487 7088  ============================================================
19:01:16.0487 7088  \Device\Harddisk0\DR0:
19:01:16.0488 7088  MBR partitions:
19:01:16.0488 7088  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xC800000
19:01:16.0488 7088  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xE600800, BlocksNum 0xEBBA800
19:01:16.0488 7088  ============================================================
19:01:16.0537 7088  C: <-> \Device\Harddisk0\DR0\Partition1
19:01:16.0560 7088  D: <-> \Device\Harddisk0\DR0\Partition2
19:01:16.0561 7088  ============================================================
19:01:16.0562 7088  Initialize success
19:01:16.0562 7088  ============================================================
19:01:43.0465 2580  ============================================================
19:01:43.0465 2580  Scan started
19:01:43.0465 2580  Mode: Manual; SigCheck; TDLFS;
19:01:43.0465 2580  ============================================================
19:01:46.0084 2580  ================ Scan system memory ========================
19:01:46.0084 2580  System memory - ok
19:01:46.0092 2580  ================ Scan services =============================
19:01:46.0376 2580  [ D01E0B1CEF9EE82100C2BB07294880EF ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys
19:01:46.0895 2580  1394ohci - ok
19:01:46.0979 2580  [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI            C:\windows\system32\drivers\ACPI.sys
19:01:47.0077 2580  ACPI - ok
19:01:47.0158 2580  [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys
19:01:47.0316 2580  AcpiPmi - ok
19:01:47.0465 2580  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
19:01:47.0540 2580  AdobeARMservice - ok
19:01:47.0649 2580  [ EC807244904FA170C299AB06D87FBDBE ] AdobeFlashPlayerUpdateSvc C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:01:47.0735 2580  AdobeFlashPlayerUpdateSvc - ok
19:01:47.0856 2580  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\windows\system32\DRIVERS\adp94xx.sys
19:01:47.0957 2580  adp94xx - ok
19:01:48.0046 2580  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\windows\system32\DRIVERS\adpahci.sys
19:01:48.0140 2580  adpahci - ok
19:01:48.0192 2580  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\windows\system32\DRIVERS\adpu320.sys
19:01:48.0265 2580  adpu320 - ok
19:01:48.0333 2580  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
19:01:48.0554 2580  AeLookupSvc - ok
19:01:48.0638 2580  [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD             C:\windows\system32\drivers\afd.sys
19:01:48.0822 2580  AFD - ok
19:01:48.0894 2580  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\windows\system32\drivers\agp440.sys
19:01:48.0961 2580  agp440 - ok
19:01:49.0063 2580  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\windows\system32\DRIVERS\djsvs.sys
19:01:49.0131 2580  aic78xx - ok
19:01:49.0194 2580  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\windows\System32\alg.exe
19:01:49.0337 2580  ALG - ok
19:01:49.0394 2580  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\windows\system32\drivers\aliide.sys
19:01:49.0462 2580  aliide - ok
19:01:49.0513 2580  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\windows\system32\drivers\amdagp.sys
19:01:49.0575 2580  amdagp - ok
19:01:49.0627 2580  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\windows\system32\drivers\amdide.sys
19:01:49.0716 2580  amdide - ok
19:01:49.0784 2580  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\windows\system32\DRIVERS\amdk8.sys
19:01:49.0921 2580  AmdK8 - ok
19:01:49.0949 2580  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\windows\system32\DRIVERS\amdppm.sys
19:01:50.0034 2580  AmdPPM - ok
19:01:50.0099 2580  [ D320BF87125326F996D4904FE24300FC ] amdsata         C:\windows\system32\drivers\amdsata.sys
19:01:50.0146 2580  amdsata - ok
19:01:50.0198 2580  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\windows\system32\DRIVERS\amdsbs.sys
19:01:50.0251 2580  amdsbs - ok
19:01:50.0291 2580  [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata         C:\windows\system32\drivers\amdxata.sys
19:01:50.0341 2580  amdxata - ok
19:01:50.0404 2580  [ AEA177F783E20150ACE5383EE368DA19 ] AppID           C:\windows\system32\drivers\appid.sys
19:01:50.0591 2580  AppID - ok
19:01:50.0647 2580  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\windows\System32\appidsvc.dll
19:01:50.0785 2580  AppIDSvc - ok
19:01:50.0842 2580  [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo         C:\windows\System32\appinfo.dll
19:01:50.0946 2580  Appinfo - ok
19:01:51.0048 2580  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:01:51.0124 2580  Apple Mobile Device - ok
19:01:51.0212 2580  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\windows\system32\DRIVERS\arc.sys
19:01:51.0270 2580  arc - ok
19:01:51.0308 2580  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\windows\system32\DRIVERS\arcsas.sys
19:01:51.0396 2580  arcsas - ok
19:01:51.0458 2580  [ 561D6B76C045311691B870F6B3F19EAB ] AsUpIO          C:\windows\system32\drivers\AsUpIO.sys
19:01:51.0553 2580  AsUpIO - ok
19:01:51.0621 2580  [ B6B5566B24329432E0FD1E4ED15A683B ] asushwio        C:\windows\system32\drivers\asushwio.sys
19:01:51.0686 2580  asushwio ( UnsignedFile.Multi.Generic ) - warning
19:01:51.0686 2580  asushwio - detected UnsignedFile.Multi.Generic (1)
19:01:51.0772 2580  [ C4FB2613D3C75364BB159B9C23A00E7A ] AsusService     C:\Windows\System32\AsusService.exe
19:01:51.0837 2580  AsusService ( UnsignedFile.Multi.Generic ) - warning
19:01:51.0837 2580  AsusService - detected UnsignedFile.Multi.Generic (1)
19:01:51.0928 2580  [ 7F08D9C504B015D81A8ABD75C80028C5 ] aswFsBlk        C:\windows\system32\drivers\aswFsBlk.sys
19:01:51.0979 2580  aswFsBlk - ok
19:01:52.0049 2580  [ 9BDC8E9CE17B773F69D2C6696C768C4F ] aswMonFlt       C:\windows\system32\drivers\aswMonFlt.sys
19:01:52.0121 2580  aswMonFlt - ok
19:01:52.0203 2580  [ AC48BDD4CD5D44AF33087C06D6E9511C ] aswRdr          C:\windows\system32\drivers\aswRdr.sys
19:01:52.0254 2580  aswRdr - ok
19:01:52.0357 2580  [ B64134316FCD1F20E0F10EF3E65BD522 ] aswSnx          C:\windows\system32\drivers\aswSnx.sys
19:01:52.0469 2580  aswSnx - ok
19:01:52.0546 2580  [ D6788E3211AFA9951ED7A4D617F68A4F ] aswSP           C:\windows\system32\drivers\aswSP.sys
19:01:52.0646 2580  aswSP - ok
19:01:52.0736 2580  [ 4D100C45517809439C7B6DD98997FA00 ] aswTdi          C:\windows\system32\drivers\aswTdi.sys
19:01:52.0791 2580  aswTdi - ok
19:01:52.0834 2580  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
19:01:53.0015 2580  AsyncMac - ok
19:01:53.0058 2580  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\windows\system32\drivers\atapi.sys
19:01:53.0117 2580  atapi - ok
19:01:53.0207 2580  [ 76BAB0C824E2D05B940C4DD40A9B08BF ] athr            C:\windows\system32\DRIVERS\athr.sys
19:01:53.0390 2580  athr - ok
19:01:53.0462 2580  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
19:01:53.0614 2580  AudioEndpointBuilder - ok
19:01:53.0694 2580  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv        C:\windows\System32\Audiosrv.dll
19:01:53.0835 2580  Audiosrv - ok
19:01:53.0906 2580  [ 45471AB6FB013CB456B5A75FD773D59C ] AUS             C:\Program Files\lsm\aus.exe
19:01:53.0949 2580  AUS ( UnsignedFile.Multi.Generic ) - warning
19:01:53.0949 2580  AUS - detected UnsignedFile.Multi.Generic (1)
19:01:54.0036 2580  [ 7DE3EE7DBEE14C1F8375CB82466C9321 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:01:54.0073 2580  avast! Antivirus - ok
19:01:54.0153 2580  [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV        C:\windows\System32\AxInstSV.dll
19:01:54.0309 2580  AxInstSV - ok
19:01:54.0372 2580  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\windows\system32\DRIVERS\bxvbdx.sys
19:01:54.0544 2580  b06bdrv - ok
19:01:54.0596 2580  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\windows\system32\DRIVERS\b57nd60x.sys
19:01:54.0697 2580  b57nd60x - ok
19:01:54.0864 2580  [ 2BE0F23D494C301641C42EAD2FDCD4F2 ] BCM43XX         C:\windows\system32\DRIVERS\bcmwl6.sys
19:01:55.0132 2580  BCM43XX - ok
19:01:55.0187 2580  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\windows\System32\bdesvc.dll
19:01:55.0336 2580  BDESVC - ok
19:01:55.0392 2580  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\windows\system32\drivers\Beep.sys
19:01:55.0527 2580  Beep - ok
19:01:55.0599 2580  [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE             C:\windows\System32\bfe.dll
19:01:55.0748 2580  BFE - ok
19:01:55.0820 2580  [ E585445D5021971FAE10393F0F1C3961 ] BITS            C:\windows\system32\qmgr.dll
19:01:56.0122 2580  BITS - ok
19:01:56.0192 2580  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\windows\system32\DRIVERS\blbdrive.sys
19:01:56.0256 2580  blbdrive - ok
19:01:56.0359 2580  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:01:56.0412 2580  Bonjour Service - ok
19:01:56.0477 2580  [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
19:01:56.0578 2580  bowser - ok
19:01:56.0618 2580  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\windows\system32\DRIVERS\BrFiltLo.sys
19:01:56.0725 2580  BrFiltLo - ok
19:01:56.0775 2580  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\windows\system32\DRIVERS\BrFiltUp.sys
19:01:56.0857 2580  BrFiltUp - ok
19:01:56.0946 2580  [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP        C:\windows\system32\DRIVERS\bridge.sys
19:01:57.0175 2580  BridgeMP - ok
19:01:57.0251 2580  [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser         C:\windows\System32\browser.dll
19:01:57.0375 2580  Browser - ok
19:01:57.0431 2580  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\windows\System32\Drivers\Brserid.sys
19:01:57.0558 2580  Brserid - ok
19:01:57.0606 2580  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys
19:01:57.0701 2580  BrSerWdm - ok
19:01:57.0750 2580  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys
19:01:57.0858 2580  BrUsbMdm - ok
19:01:57.0890 2580  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys
19:01:57.0976 2580  BrUsbSer - ok
19:01:58.0068 2580  [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum         C:\windows\system32\drivers\BthEnum.sys
19:01:58.0344 2580  BthEnum - ok
19:01:58.0420 2580  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\windows\system32\DRIVERS\bthmodem.sys
19:01:58.0547 2580  BTHMODEM - ok
19:01:58.0605 2580  [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan          C:\windows\system32\DRIVERS\bthpan.sys
19:01:58.0752 2580  BthPan - ok
19:01:58.0855 2580  [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT         C:\windows\System32\Drivers\BTHport.sys
19:01:58.0987 2580  BTHPORT - ok
19:01:59.0047 2580  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\windows\system32\bthserv.dll
19:01:59.0203 2580  bthserv - ok
19:01:59.0328 2580  [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB          C:\windows\System32\Drivers\BTHUSB.sys
19:01:59.0456 2580  BTHUSB - ok
19:01:59.0534 2580  [ D57641BF7E6AF5C996EAB931AFADC271 ] btwampfl        C:\windows\system32\drivers\btwampfl.sys
19:01:59.0591 2580  btwampfl - ok
19:01:59.0647 2580  [ 81471A7D64D1FC014D47A4CF33CD701E ] btwaudio        C:\windows\system32\drivers\btwaudio.sys
19:01:59.0755 2580  btwaudio - ok
19:01:59.0822 2580  [ 098AF3559710FCEC05B7AA5159F435F9 ] btwavdt         C:\windows\system32\drivers\btwavdt.sys
19:01:59.0879 2580  btwavdt - ok
19:01:59.0977 2580  [ 8FCF8E276B5755DB87C8B015CAD1BC41 ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
19:02:00.0110 2580  btwdins - ok
19:02:00.0155 2580  [ DE53089F0678CB5F0AFEB867ACB0FB05 ] btwl2cap        C:\windows\system32\DRIVERS\btwl2cap.sys
19:02:00.0245 2580  btwl2cap - ok
19:02:00.0444 2580  [ E28EF3C4EF1849B876F850015066380B ] btwrchid        C:\windows\system32\DRIVERS\btwrchid.sys
19:02:00.0779 2580  btwrchid - ok
19:02:00.0954 2580  catchme - ok
19:02:01.0008 2580  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
19:02:01.0134 2580  cdfs - ok
19:02:01.0190 2580  [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom           C:\windows\system32\DRIVERS\cdrom.sys
19:02:01.0324 2580  cdrom - ok
19:02:01.0394 2580  [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc     C:\windows\System32\certprop.dll
19:02:01.0531 2580  CertPropSvc - ok
19:02:01.0570 2580  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\windows\system32\DRIVERS\circlass.sys
19:02:01.0664 2580  circlass - ok
19:02:01.0714 2580  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\windows\system32\CLFS.sys
19:02:01.0792 2580  CLFS - ok
19:02:01.0864 2580  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:02:01.0940 2580  clr_optimization_v2.0.50727_32 - ok
19:02:02.0063 2580  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:02:02.0157 2580  clr_optimization_v4.0.30319_32 - ok
19:02:02.0197 2580  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\windows\system32\DRIVERS\CmBatt.sys
19:02:02.0294 2580  CmBatt - ok
19:02:02.0343 2580  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\windows\system32\drivers\cmdide.sys
19:02:02.0389 2580  cmdide - ok
19:02:02.0492 2580  [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG             C:\windows\system32\Drivers\cng.sys
19:02:02.0619 2580  CNG - ok
19:02:02.0667 2580  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\windows\system32\DRIVERS\compbatt.sys
19:02:02.0745 2580  Compbatt - ok
19:02:02.0812 2580  [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus    C:\windows\system32\drivers\CompositeBus.sys
19:02:02.0901 2580  CompositeBus - ok
19:02:02.0950 2580  COMSysApp - ok
19:02:03.0034 2580  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\windows\system32\DRIVERS\crcdisk.sys
19:02:03.0097 2580  crcdisk - ok
19:02:03.0185 2580  [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc        C:\windows\system32\cryptsvc.dll
19:02:03.0343 2580  CryptSvc - ok
19:02:03.0505 2580  [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc          C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
19:02:03.0614 2580  cvhsvc - ok
19:02:03.0683 2580  [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch      C:\windows\system32\rpcss.dll
19:02:03.0893 2580  DcomLaunch - ok
19:02:03.0947 2580  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\windows\System32\defragsvc.dll
19:02:04.0120 2580  defragsvc - ok
19:02:04.0211 2580  [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC            C:\windows\system32\Drivers\dfsc.sys
19:02:04.0327 2580  DfsC - ok
19:02:04.0412 2580  [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp            C:\windows\system32\dhcpcore.dll
19:02:04.0559 2580  Dhcp - ok
19:02:04.0616 2580  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\windows\system32\drivers\discache.sys
19:02:04.0755 2580  discache - ok
19:02:04.0835 2580  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\windows\system32\DRIVERS\disk.sys
19:02:04.0885 2580  Disk - ok
19:02:04.0951 2580  [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache        C:\windows\System32\dnsrslvr.dll
19:02:05.0064 2580  Dnscache - ok
19:02:05.0147 2580  [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc         C:\windows\System32\dot3svc.dll
19:02:05.0281 2580  dot3svc - ok
19:02:05.0346 2580  [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS             C:\windows\system32\dps.dll
19:02:05.0479 2580  DPS - ok
19:02:05.0572 2580  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
19:02:05.0696 2580  drmkaud - ok
19:02:05.0786 2580  [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
19:02:05.0902 2580  DXGKrnl - ok
19:02:05.0953 2580  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\windows\System32\eapsvc.dll
19:02:06.0094 2580  EapHost - ok
19:02:06.0245 2580  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\windows\system32\DRIVERS\evbdx.sys
19:02:06.0513 2580  ebdrv - ok
19:02:06.0582 2580  [ 81951F51E318AECC2D68559E47485CC4 ] EFS             C:\windows\System32\lsass.exe
19:02:06.0725 2580  EFS - ok
19:02:06.0830 2580  [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr         C:\windows\ehome\ehRecvr.exe
19:02:07.0013 2580  ehRecvr - ok
19:02:07.0071 2580  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\windows\ehome\ehsched.exe
19:02:07.0159 2580  ehSched - ok
19:02:07.0250 2580  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\windows\system32\DRIVERS\elxstor.sys
19:02:07.0340 2580  elxstor - ok
19:02:07.0395 2580  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\windows\system32\drivers\errdev.sys
19:02:07.0502 2580  ErrDev - ok
19:02:07.0607 2580  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\windows\system32\es.dll
19:02:07.0790 2580  EventSystem - ok
19:02:07.0887 2580  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\windows\system32\drivers\exfat.sys
19:02:08.0042 2580  exfat - ok
19:02:08.0098 2580  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\windows\system32\drivers\fastfat.sys
19:02:08.0238 2580  fastfat - ok
19:02:08.0325 2580  [ 967EA5B213E9984CBE270205DF37755B ] Fax             C:\windows\system32\fxssvc.exe
19:02:08.0495 2580  Fax - ok
19:02:08.0573 2580  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\windows\system32\DRIVERS\fdc.sys
19:02:08.0641 2580  fdc - ok
19:02:08.0702 2580  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\windows\system32\fdPHost.dll
19:02:08.0900 2580  fdPHost - ok
19:02:08.0960 2580  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\windows\system32\fdrespub.dll
19:02:09.0145 2580  FDResPub - ok
19:02:09.0190 2580  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
19:02:09.0244 2580  FileInfo - ok
19:02:09.0288 2580  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
19:02:09.0380 2580  Filetrace - ok
19:02:09.0422 2580  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\windows\system32\DRIVERS\flpydisk.sys
19:02:09.0494 2580  flpydisk - ok
19:02:09.0546 2580  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
19:02:09.0605 2580  FltMgr - ok
19:02:09.0669 2580  [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache       C:\windows\system32\FntCache.dll
19:02:09.0817 2580  FontCache - ok
19:02:09.0892 2580  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:02:09.0936 2580  FontCache3.0.0.0 - ok
19:02:09.0983 2580  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
19:02:10.0038 2580  FsDepends - ok
19:02:10.0105 2580  [ D909075FA72C090F27AA926C32CB4612 ] fssfltr         C:\windows\system32\DRIVERS\fssfltr.sys
19:02:10.0163 2580  fssfltr - ok
19:02:10.0288 2580  [ 40CDFAD174B3D5E80F95DDA003C0B97F ] fsssvc          C:\Program Files\Windows Live\Family Safety\fsssvc.exe
19:02:10.0425 2580  fsssvc - ok
19:02:10.0472 2580  [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
19:02:10.0520 2580  Fs_Rec - ok
19:02:10.0615 2580  [ 8A73E79089B282100B9393B644CB853B ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
19:02:10.0676 2580  fvevol - ok
19:02:10.0726 2580  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\windows\system32\DRIVERS\gagp30kx.sys
19:02:10.0772 2580  gagp30kx - ok
19:02:10.0836 2580  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\windows\system32\DRIVERS\GEARAspiWDM.sys
19:02:10.0880 2580  GEARAspiWDM - ok
19:02:10.0965 2580  [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc           C:\windows\System32\gpsvc.dll
19:02:11.0131 2580  gpsvc - ok
19:02:11.0206 2580  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
19:02:11.0258 2580  gupdate - ok
19:02:11.0327 2580  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
19:02:11.0383 2580  gupdatem - ok
19:02:11.0437 2580  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys
19:02:11.0570 2580  hcw85cir - ok
19:02:11.0670 2580  [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
19:02:11.0787 2580  HdAudAddService - ok
19:02:11.0840 2580  [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus        C:\windows\system32\drivers\HDAudBus.sys
19:02:11.0926 2580  HDAudBus - ok
19:02:11.0972 2580  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\windows\system32\DRIVERS\HidBatt.sys
19:02:12.0065 2580  HidBatt - ok
19:02:12.0103 2580  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\windows\system32\DRIVERS\hidbth.sys
19:02:12.0206 2580  HidBth - ok
19:02:12.0251 2580  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\windows\system32\DRIVERS\hidir.sys
19:02:12.0342 2580  HidIr - ok
19:02:12.0396 2580  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\windows\System32\hidserv.dll
19:02:12.0547 2580  hidserv - ok
19:02:12.0612 2580  [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb          C:\windows\system32\DRIVERS\hidusb.sys
19:02:12.0702 2580  HidUsb - ok
19:02:12.0751 2580  [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc          C:\windows\system32\kmsvc.dll
19:02:12.0884 2580  hkmsvc - ok
19:02:12.0933 2580  [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\windows\system32\ListSvc.dll
19:02:13.0093 2580  HomeGroupListener - ok
19:02:13.0156 2580  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\windows\system32\provsvc.dll
19:02:13.0252 2580  HomeGroupProvider - ok
19:02:13.0331 2580  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
19:02:13.0384 2580  HpSAMD - ok
19:02:13.0467 2580  [ 871917B07A141BFF43D76D8844D48106 ] HTTP            C:\windows\system32\drivers\HTTP.sys
19:02:13.0649 2580  HTTP - ok
19:02:13.0734 2580  [ 19E6885A061011D8DABE8F64498423FA ] hwdatacard      C:\windows\system32\DRIVERS\ewusbmdm.sys
19:02:13.0892 2580  hwdatacard - ok
19:02:13.0963 2580  [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
19:02:14.0033 2580  hwpolicy - ok
19:02:14.0097 2580  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\windows\system32\DRIVERS\i8042prt.sys
19:02:14.0181 2580  i8042prt - ok
19:02:14.0276 2580  [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
19:02:14.0353 2580  IAANTMON - ok
19:02:14.0416 2580  [ D483687EACE0C065EE772481A96E05F5 ] iaStor          C:\windows\system32\DRIVERS\iaStor.sys
19:02:14.0462 2580  iaStor - ok
19:02:14.0540 2580  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
19:02:14.0631 2580  iaStorV - ok
19:02:14.0733 2580  [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc           C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:02:14.0854 2580  idsvc - ok
19:02:15.0078 2580  [ BA41E1BBA410212CE6D30E0DAC47972B ] igfx            C:\windows\system32\DRIVERS\igdkmd32.sys
19:02:15.0427 2580  igfx - ok
19:02:15.0491 2580  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\windows\system32\DRIVERS\iirsp.sys
19:02:15.0559 2580  iirsp - ok
19:02:15.0653 2580  [ F95622F161474511B8D80D6B093AA610 ] IKEEXT          C:\windows\System32\ikeext.dll
19:02:15.0905 2580  IKEEXT - ok
19:02:16.0118 2580  [ E8B6F7896DB2EE6A7AF7A177A9BBC526 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHDA.sys
19:02:16.0481 2580  IntcAzAudAddService - ok
19:02:16.0578 2580  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\windows\system32\drivers\intelide.sys
19:02:16.0642 2580  intelide - ok
19:02:16.0725 2580  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys
19:02:16.0931 2580  intelppm - ok
19:02:17.0034 2580  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\windows\system32\ipbusenum.dll
19:02:17.0204 2580  IPBusEnum - ok
19:02:17.0251 2580  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
19:02:17.0438 2580  IpFilterDriver - ok
19:02:17.0526 2580  [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
19:02:17.0707 2580  iphlpsvc - ok
19:02:17.0783 2580  [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys
19:02:17.0957 2580  IPMIDRV - ok
19:02:18.0024 2580  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\windows\system32\drivers\ipnat.sys
19:02:18.0158 2580  IPNAT - ok
19:02:18.0322 2580  [ E8A39D41474BE42FD8830CED32932D6C ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
19:02:18.0437 2580  iPod Service - ok
19:02:18.0555 2580  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\windows\system32\drivers\irenum.sys
19:02:18.0834 2580  IRENUM - ok
19:02:18.0936 2580  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\windows\system32\drivers\isapnp.sys
19:02:19.0341 2580  isapnp - ok
19:02:19.0425 2580  [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys
19:02:19.0508 2580  iScsiPrt - ok
19:02:19.0587 2580  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\windows\system32\DRIVERS\kbdclass.sys
19:02:19.0647 2580  kbdclass - ok
19:02:19.0708 2580  [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid          C:\windows\system32\drivers\kbdhid.sys
19:02:19.0817 2580  kbdhid - ok
19:02:19.0906 2580  [ 3EB803312987FF44265C87CB960DF6AB ] kbfiltr         C:\windows\system32\DRIVERS\kbfiltr.sys
19:02:19.0967 2580  kbfiltr - ok
19:02:20.0030 2580  [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso          C:\windows\system32\lsass.exe
19:02:20.0120 2580  KeyIso - ok
19:02:20.0181 2580  [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
19:02:20.0245 2580  KSecDD - ok
19:02:20.0314 2580  [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
19:02:20.0384 2580  KSecPkg - ok
19:02:20.0495 2580  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\windows\system32\msdtckrm.dll
19:02:20.0693 2580  KtmRm - ok
19:02:20.0797 2580  [ 01738F10CA813C5A4DBD4D7EC6FDC3FD ] L1C             C:\windows\system32\DRIVERS\L1C62x86.sys
19:02:20.0844 2580  L1C - ok
19:02:20.0933 2580  [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer    C:\windows\System32\srvsvc.dll
19:02:21.0164 2580  LanmanServer - ok
19:02:21.0268 2580  [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
19:02:21.0568 2580  LanmanWorkstation - ok
19:02:21.0670 2580  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
19:02:21.0820 2580  lltdio - ok
19:02:21.0947 2580  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\windows\System32\lltdsvc.dll
19:02:22.0223 2580  lltdsvc - ok
19:02:22.0280 2580  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\windows\System32\lmhsvc.dll
19:02:22.0478 2580  lmhosts - ok
19:02:22.0622 2580  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\windows\system32\DRIVERS\lsi_fc.sys
19:02:22.0722 2580  LSI_FC - ok
19:02:22.0779 2580  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\windows\system32\DRIVERS\lsi_sas.sys
19:02:22.0855 2580  LSI_SAS - ok
19:02:22.0941 2580  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\windows\system32\DRIVERS\lsi_sas2.sys
19:02:23.0012 2580  LSI_SAS2 - ok
19:02:23.0051 2580  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\windows\system32\DRIVERS\lsi_scsi.sys
19:02:23.0146 2580  LSI_SCSI - ok
19:02:23.0406 2580  [ A364F354899D8109FE290CD217359717 ] LSM             C:\Program Files\lsm\lsm.exe
19:02:23.0512 2580  LSM ( UnsignedFile.Multi.Generic ) - warning
19:02:23.0512 2580  LSM - detected UnsignedFile.Multi.Generic (1)
19:02:23.0563 2580  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\windows\system32\drivers\luafv.sys
19:02:23.0741 2580  luafv - ok
19:02:23.0869 2580  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc         C:\windows\system32\Mcx2Svc.dll
19:02:24.0002 2580  Mcx2Svc - ok
19:02:24.0084 2580  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\windows\system32\DRIVERS\megasas.sys
19:02:24.0142 2580  megasas - ok
19:02:24.0198 2580  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\windows\system32\DRIVERS\MegaSR.sys
19:02:24.0284 2580  MegaSR - ok
19:02:24.0392 2580  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
19:02:24.0756 2580  Microsoft Office Groove Audit Service - ok
19:02:24.0824 2580  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\windows\system32\mmcss.dll
19:02:25.0001 2580  MMCSS - ok
19:02:25.0064 2580  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\windows\system32\drivers\modem.sys
19:02:25.0285 2580  Modem - ok
19:02:25.0385 2580  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\windows\system32\DRIVERS\monitor.sys
19:02:25.0525 2580  monitor - ok
19:02:25.0615 2580  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys
19:02:25.0683 2580  mouclass - ok
19:02:25.0771 2580  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys
19:02:25.0888 2580  mouhid - ok
19:02:25.0975 2580  [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
19:02:26.0049 2580  mountmgr - ok
19:02:26.0143 2580  [ 51A84B690DF519DCF656F780243D953E ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:02:26.0234 2580  MozillaMaintenance - ok
19:02:26.0303 2580  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio            C:\windows\system32\drivers\mpio.sys
19:02:26.0379 2580  mpio - ok
19:02:26.0477 2580  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
19:02:26.0606 2580  mpsdrv - ok
19:02:26.0687 2580  [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc          C:\windows\system32\mpssvc.dll
19:02:26.0918 2580  MpsSvc - ok
19:02:26.0986 2580  [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
19:02:27.0101 2580  MRxDAV - ok
19:02:27.0173 2580  [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
19:02:27.0313 2580  mrxsmb - ok
19:02:27.0372 2580  [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
19:02:27.0469 2580  mrxsmb10 - ok
19:02:27.0536 2580  [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
19:02:27.0626 2580  mrxsmb20 - ok
19:02:27.0683 2580  [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci          C:\windows\system32\drivers\msahci.sys
19:02:27.0765 2580  msahci - ok
19:02:27.0820 2580  [ 55055F8AD8BE27A64C831322A780A228 ] msdsm           C:\windows\system32\drivers\msdsm.sys
19:02:27.0875 2580  msdsm - ok
19:02:27.0928 2580  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\windows\System32\msdtc.exe
19:02:28.0044 2580  MSDTC - ok
19:02:28.0149 2580  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\windows\system32\drivers\Msfs.sys

lillosa
Beginner Software
Beginner Software
 
Messaggi: 22
Iscritto il: 17 feb 2013 15:42

Re: finestre indesiderate che si aprono

Messaggiodi lillosa » 19 feb 2013 20:11

qui il secondo pezzo

Codice: Seleziona tutto

19:02:28.0321 2580  Msfs - ok
19:02:28.0394 2580  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
19:02:28.0590 2580  mshidkmdf - ok
19:02:28.0734 2580  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
19:02:28.0798 2580  msisadrv - ok
19:02:28.0884 2580  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\windows\system32\iscsiexe.dll
19:02:29.0057 2580  MSiSCSI - ok
19:02:29.0096 2580  msiserver - ok
19:02:29.0197 2580  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
19:02:29.0368 2580  MSKSSRV - ok
19:02:29.0412 2580  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
19:02:29.0567 2580  MSPCLOCK - ok
19:02:29.0623 2580  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
19:02:29.0767 2580  MSPQM - ok
19:02:29.0828 2580  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
19:02:29.0914 2580  MsRPC - ok
19:02:30.0010 2580  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\windows\system32\drivers\mssmbios.sys
19:02:30.0091 2580  mssmbios - ok
19:02:30.0159 2580  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
19:02:30.0277 2580  MSTEE - ok
19:02:30.0320 2580  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\windows\system32\DRIVERS\MTConfig.sys
19:02:30.0417 2580  MTConfig - ok
19:02:30.0481 2580  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\windows\system32\Drivers\mup.sys
19:02:30.0552 2580  Mup - ok
19:02:30.0640 2580  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent        C:\windows\system32\qagentRT.dll
19:02:30.0841 2580  napagent - ok
19:02:30.0963 2580  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
19:02:31.0153 2580  NativeWifiP - ok
19:02:31.0389 2580  [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS            C:\windows\system32\drivers\ndis.sys
19:02:31.0538 2580  NDIS - ok
19:02:31.0622 2580  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
19:02:31.0807 2580  NdisCap - ok
19:02:31.0852 2580  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
19:02:31.0977 2580  NdisTapi - ok
19:02:32.0080 2580  [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
19:02:32.0264 2580  Ndisuio - ok
19:02:32.0330 2580  [ 38FBE267E7E6983311179230FACB1017 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
19:02:32.0477 2580  NdisWan - ok
19:02:32.0521 2580  [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
19:02:32.0696 2580  NDProxy - ok
19:02:32.0779 2580  [ 69C503C004F49AEE8B8E3067CC047BA7 ] Net Driver HPZ12 C:\windows\system32\HPZinw12.dll
19:02:32.0822 2580  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
19:02:32.0822 2580  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
19:02:32.0893 2580  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
19:02:33.0090 2580  NetBIOS - ok
19:02:33.0167 2580  [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
19:02:33.0295 2580  NetBT - ok
19:02:33.0346 2580  [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon        C:\windows\system32\lsass.exe
19:02:33.0444 2580  Netlogon - ok
19:02:33.0536 2580  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\windows\System32\netman.dll
19:02:33.0769 2580  Netman - ok
19:02:33.0815 2580  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\windows\System32\netprofm.dll
19:02:34.0021 2580  netprofm - ok
19:02:34.0074 2580  [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:02:34.0144 2580  NetTcpPortSharing - ok
19:02:34.0210 2580  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\windows\system32\DRIVERS\nfrd960.sys
19:02:34.0285 2580  nfrd960 - ok
19:02:34.0358 2580  [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc          C:\windows\System32\nlasvc.dll
19:02:34.0501 2580  NlaSvc - ok
19:02:34.0569 2580  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\windows\system32\drivers\Npfs.sys
19:02:34.0755 2580  Npfs - ok
19:02:34.0815 2580  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\windows\system32\nsisvc.dll
19:02:34.0987 2580  nsi - ok
19:02:35.0057 2580  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
19:02:35.0202 2580  nsiproxy - ok
19:02:35.0326 2580  [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
19:02:35.0480 2580  Ntfs - ok
19:02:35.0529 2580  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\windows\system32\drivers\Null.sys
19:02:35.0664 2580  Null - ok
19:02:36.0108 2580  [ C0DF6633473D2E49305CCA7292041BC2 ] nvlddmkm        C:\windows\system32\DRIVERS\nvlddmkm.sys
19:02:37.0015 2580  nvlddmkm - ok
19:02:37.0085 2580  [ 0FD1C927117ABE84F310BB1C222E729E ] nvpciflt        C:\windows\system32\DRIVERS\nvpciflt.sys
19:02:37.0174 2580  nvpciflt - ok
19:02:37.0233 2580  [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid          C:\windows\system32\drivers\nvraid.sys
19:02:37.0310 2580  nvraid - ok
19:02:37.0364 2580  [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor          C:\windows\system32\drivers\nvstor.sys
19:02:37.0447 2580  nvstor - ok
19:02:37.0539 2580  [ 5F5BFC8C9948F4D727A673D30A534D12 ] nvsvc           C:\windows\system32\nvvsvc.exe
19:02:37.0687 2580  nvsvc - ok
19:02:37.0835 2580  [ 49D526E496B728A57F2DD099E7AFA6B3 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:02:37.0980 2580  nvUpdatusService - ok
19:02:38.0039 2580  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
19:02:38.0130 2580  nv_agp - ok
19:02:38.0268 2580  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:02:38.0386 2580  odserv - ok
19:02:38.0446 2580  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\windows\system32\drivers\ohci1394.sys
19:02:38.0562 2580  ohci1394 - ok
19:02:38.0634 2580  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:02:38.0706 2580  ose - ok
19:02:38.0903 2580  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:02:39.0319 2580  osppsvc - ok
19:02:39.0392 2580  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
19:02:39.0538 2580  p2pimsvc - ok
19:02:39.0590 2580  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\windows\system32\p2psvc.dll
19:02:39.0697 2580  p2psvc - ok
19:02:39.0751 2580  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\windows\system32\DRIVERS\parport.sys
19:02:39.0850 2580  Parport - ok
19:02:39.0904 2580  [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr         C:\windows\system32\drivers\partmgr.sys
19:02:39.0950 2580  partmgr - ok
19:02:39.0981 2580  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\windows\system32\DRIVERS\parvdm.sys
19:02:40.0059 2580  Parvdm - ok
19:02:40.0112 2580  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\windows\System32\pcasvc.dll
19:02:40.0204 2580  PcaSvc - ok
19:02:40.0256 2580  [ 673E55C3498EB970088E812EA820AA8F ] pci             C:\windows\system32\drivers\pci.sys
19:02:40.0323 2580  pci - ok
19:02:40.0400 2580  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\windows\system32\drivers\pciide.sys
19:02:40.0463 2580  pciide - ok
19:02:40.0523 2580  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\windows\system32\DRIVERS\pcmcia.sys
19:02:40.0583 2580  pcmcia - ok
19:02:40.0625 2580  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\windows\system32\drivers\pcw.sys
19:02:40.0684 2580  pcw - ok
19:02:40.0778 2580  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\windows\system32\drivers\peauth.sys
19:02:40.0934 2580  PEAUTH - ok
19:02:41.0132 2580  [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla             C:\windows\system32\pla.dll
19:02:41.0400 2580  pla - ok
19:02:41.0485 2580  [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay        C:\windows\system32\umpnpmgr.dll
19:02:41.0667 2580  PlugPlay - ok
19:02:41.0733 2580  [ 12B4549D515CB26BB8D375038017CA65 ] Pml Driver HPZ12 C:\windows\system32\HPZipm12.dll
19:02:41.0777 2580  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
19:02:41.0778 2580  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
19:02:41.0842 2580  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
19:02:41.0931 2580  PNRPAutoReg - ok
19:02:41.0977 2580  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
19:02:42.0063 2580  PNRPsvc - ok
19:02:42.0136 2580  [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
19:02:42.0263 2580  PolicyAgent - ok
19:02:42.0312 2580  [ F87D30E72E03D579A5199CCB3831D6EA ] Power           C:\windows\system32\umpo.dll
19:02:42.0450 2580  Power - ok
19:02:42.0513 2580  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
19:02:42.0624 2580  PptpMiniport - ok
19:02:42.0676 2580  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\windows\system32\DRIVERS\processr.sys
19:02:42.0754 2580  Processor - ok
19:02:42.0836 2580  [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc         C:\windows\system32\profsvc.dll
19:02:42.0945 2580  ProfSvc - ok
19:02:42.0975 2580  [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\windows\system32\lsass.exe
19:02:43.0029 2580  ProtectedStorage - ok
19:02:43.0070 2580  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\windows\system32\DRIVERS\pacer.sys
19:02:43.0171 2580  Psched - ok
19:02:43.0259 2580  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\windows\system32\DRIVERS\ql2300.sys
19:02:43.0408 2580  ql2300 - ok
19:02:43.0458 2580  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\windows\system32\DRIVERS\ql40xx.sys
19:02:43.0515 2580  ql40xx - ok
19:02:43.0561 2580  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\windows\system32\qwave.dll
19:02:43.0684 2580  QWAVE - ok
19:02:43.0725 2580  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
19:02:43.0824 2580  QWAVEdrv - ok
19:02:43.0870 2580  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
19:02:44.0040 2580  RasAcd - ok
19:02:44.0100 2580  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
19:02:44.0225 2580  RasAgileVpn - ok
19:02:44.0290 2580  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\windows\System32\rasauto.dll
19:02:44.0425 2580  RasAuto - ok
19:02:44.0490 2580  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
19:02:44.0612 2580  Rasl2tp - ok
19:02:44.0708 2580  [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan          C:\windows\System32\rasmans.dll
19:02:44.0886 2580  RasMan - ok
19:02:44.0948 2580  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
19:02:45.0118 2580  RasPppoe - ok
19:02:45.0170 2580  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
19:02:45.0326 2580  RasSstp - ok
19:02:45.0429 2580  [ D528BC58A489409BA40334EBF96A311B ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
19:02:45.0609 2580  rdbss - ok
19:02:45.0684 2580  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\windows\system32\DRIVERS\rdpbus.sys
19:02:45.0797 2580  rdpbus - ok
19:02:45.0860 2580  [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
19:02:46.0005 2580  RDPCDD - ok
19:02:46.0100 2580  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys
19:02:46.0290 2580  RDPENCDD - ok
19:02:46.0356 2580  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys
19:02:46.0504 2580  RDPREFMP - ok
19:02:46.0610 2580  [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
19:02:46.0749 2580  RdpVideoMiniport - ok
19:02:46.0815 2580  [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
19:02:46.0928 2580  RDPWD - ok
19:02:47.0000 2580  [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
19:02:47.0070 2580  rdyboost - ok
19:02:47.0146 2580  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\windows\System32\mprdim.dll
19:02:47.0259 2580  RemoteAccess - ok
19:02:47.0299 2580  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\windows\system32\regsvc.dll
19:02:47.0411 2580  RemoteRegistry - ok
19:02:47.0457 2580  [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM          C:\windows\system32\DRIVERS\rfcomm.sys
19:02:47.0544 2580  RFCOMM - ok
19:02:47.0628 2580  [ 0F6756EF8BDA6DFA7BE50465C83132BB ] RimUsb          C:\windows\system32\Drivers\RimUsb.sys
19:02:47.0751 2580  RimUsb - ok
19:02:47.0815 2580  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
19:02:47.0961 2580  RpcEptMapper - ok
19:02:48.0023 2580  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\windows\system32\locator.exe
19:02:48.0145 2580  RpcLocator - ok
19:02:48.0199 2580  [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs           C:\windows\System32\rpcss.dll
19:02:48.0367 2580  RpcSs - ok
19:02:48.0424 2580  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
19:02:48.0566 2580  rspndr - ok
19:02:48.0599 2580  [ 81951F51E318AECC2D68559E47485CC4 ] SamSs           C:\windows\system32\lsass.exe
19:02:48.0687 2580  SamSs - ok
19:02:48.0757 2580  [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
19:02:48.0823 2580  sbp2port - ok
19:02:48.0874 2580  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\windows\System32\SCardSvr.dll
19:02:49.0006 2580  SCardSvr - ok
19:02:49.0059 2580  [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
19:02:49.0193 2580  scfilter - ok
19:02:49.0275 2580  [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule        C:\windows\system32\schedsvc.dll
19:02:49.0414 2580  Schedule - ok
19:02:49.0485 2580  [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc     C:\windows\System32\certprop.dll
19:02:49.0578 2580  SCPolicySvc - ok
19:02:49.0609 2580  [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC          C:\windows\System32\SDRSVC.dll
19:02:49.0747 2580  SDRSVC - ok
19:02:49.0799 2580  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\windows\system32\drivers\secdrv.sys
19:02:49.0923 2580  secdrv - ok
19:02:49.0962 2580  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\windows\system32\seclogon.dll
19:02:50.0116 2580  seclogon - ok
19:02:50.0164 2580  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\windows\system32\sens.dll
19:02:50.0295 2580  SENS - ok
19:02:50.0329 2580  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\windows\system32\sensrsvc.dll
19:02:50.0473 2580  SensrSvc - ok
19:02:50.0531 2580  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\windows\system32\DRIVERS\serenum.sys
19:02:50.0586 2580  Serenum - ok
19:02:50.0614 2580  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\windows\system32\DRIVERS\serial.sys
19:02:50.0702 2580  Serial - ok
19:02:50.0746 2580  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\windows\system32\DRIVERS\sermouse.sys
19:02:50.0814 2580  sermouse - ok
19:02:50.0905 2580  [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv      C:\windows\system32\sessenv.dll
19:02:51.0032 2580  SessionEnv - ok
19:02:51.0091 2580  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\windows\system32\drivers\sffdisk.sys
19:02:51.0185 2580  sffdisk - ok
19:02:51.0213 2580  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys
19:02:51.0285 2580  sffp_mmc - ok
19:02:51.0326 2580  [ A0708BBD07D245C06FF9DE549CA47185 ] sffp_sd         C:\windows\system32\drivers\sffp_sd.sys
19:02:51.0381 2580  sffp_sd - ok
19:02:51.0419 2580  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\windows\system32\DRIVERS\sfloppy.sys
19:02:51.0509 2580  sfloppy - ok
19:02:51.0601 2580  [ D9B734638DD8DBA9D59AAD3189CD0FAD ] Sftfs           C:\windows\system32\DRIVERS\Sftfslh.sys
19:02:51.0709 2580  Sftfs - ok
19:02:51.0803 2580  [ CB73BC422C07FB611F194DA18D1E7F36 ] sftlist         C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
19:02:51.0894 2580  sftlist - ok
19:02:51.0956 2580  [ 2F61BD46C0BFF4EB36E1E359CA17BFC5 ] Sftplay         C:\windows\system32\DRIVERS\Sftplaylh.sys
19:02:52.0018 2580  Sftplay - ok
19:02:52.0068 2580  [ 518BAC0179F94304F422696B47C0EC12 ] Sftredir        C:\windows\system32\DRIVERS\Sftredirlh.sys
19:02:52.0129 2580  Sftredir - ok
19:02:52.0182 2580  [ 747325236D88B3F05FFD27FF9EC711C5 ] Sftvol          C:\windows\system32\DRIVERS\Sftvollh.sys
19:02:52.0225 2580  Sftvol - ok
19:02:52.0283 2580  [ A5812F0281CA5081BF696626F9BF324D ] sftvsa          C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
19:02:52.0335 2580  sftvsa - ok
19:02:52.0404 2580  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\windows\System32\ipnathlp.dll
19:02:52.0534 2580  SharedAccess - ok
19:02:52.0610 2580  [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\windows\System32\shsvcs.dll
19:02:52.0786 2580  ShellHWDetection - ok
19:02:52.0829 2580  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\windows\system32\drivers\sisagp.sys
19:02:52.0886 2580  sisagp - ok
19:02:52.0974 2580  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\windows\system32\DRIVERS\SiSRaid2.sys
19:02:53.0022 2580  SiSRaid2 - ok
19:02:53.0080 2580  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\windows\system32\DRIVERS\sisraid4.sys
19:02:53.0138 2580  SiSRaid4 - ok
19:02:53.0260 2580  [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
19:02:53.0328 2580  SkypeUpdate - ok
19:02:53.0378 2580  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\windows\system32\DRIVERS\smb.sys
19:02:53.0549 2580  Smb - ok
19:02:53.0653 2580  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
19:02:53.0773 2580  SNMPTRAP - ok
19:02:53.0827 2580  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\windows\system32\drivers\spldr.sys
19:02:53.0907 2580  spldr - ok
19:02:53.0981 2580  [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler         C:\windows\System32\spoolsv.exe
19:02:54.0254 2580  Spooler - ok
19:02:54.0418 2580  [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc          C:\windows\system32\sppsvc.exe
19:02:54.0761 2580  sppsvc - ok
19:02:54.0855 2580  [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify     C:\windows\system32\sppuinotify.dll
19:02:55.0021 2580  sppuinotify - ok
19:02:55.0064 2580  [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv             C:\windows\system32\DRIVERS\srv.sys
19:02:55.0184 2580  srv - ok
19:02:55.0234 2580  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2            C:\windows\system32\DRIVERS\srv2.sys
19:02:55.0309 2580  srv2 - ok
19:02:55.0355 2580  [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
19:02:55.0444 2580  srvnet - ok
19:02:55.0503 2580  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
19:02:55.0635 2580  SSDPSRV - ok
19:02:55.0673 2580  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\windows\system32\sstpsvc.dll
19:02:55.0825 2580  SstpSvc - ok
19:02:55.0871 2580  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\windows\system32\DRIVERS\stexstor.sys
19:02:55.0915 2580  stexstor - ok
19:02:55.0981 2580  [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc          C:\windows\System32\wiaservc.dll
19:02:56.0116 2580  StiSvc - ok
19:02:56.0157 2580  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\windows\system32\drivers\swenum.sys
19:02:56.0221 2580  swenum - ok
19:02:56.0280 2580  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\windows\System32\swprv.dll
19:02:56.0430 2580  swprv - ok
19:02:56.0498 2580  [ BD8E7F87DE409A745A132A8812DE5A96 ] SynTP           C:\windows\system32\DRIVERS\SynTP.sys
19:02:56.0556 2580  SynTP - ok
19:02:56.0638 2580  [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain         C:\windows\system32\sysmain.dll
19:02:56.0798 2580  SysMain - ok
19:02:56.0870 2580  [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\windows\System32\TabSvc.dll
19:02:56.0967 2580  TabletInputService - ok
19:02:57.0037 2580  [ 8CF6E2AE1707D82E904ECCA68CEF8B87 ] tap0901         C:\windows\system32\DRIVERS\tap0901.sys
19:02:57.0117 2580  tap0901 - ok
19:02:57.0191 2580  [ 613BF4820361543956909043A265C6AC ] TapiSrv         C:\windows\System32\tapisrv.dll
19:02:57.0395 2580  TapiSrv - ok
19:02:57.0467 2580  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\windows\System32\tbssvc.dll
19:02:57.0637 2580  TBS - ok
19:02:57.0737 2580  [ 7C0507D2391AF5933600CBCED799F277 ] Tcpip           C:\windows\system32\drivers\tcpip.sys
19:02:57.0895 2580  Tcpip - ok
19:02:57.0981 2580  [ 7C0507D2391AF5933600CBCED799F277 ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
19:02:58.0114 2580  TCPIP6 - ok
19:02:58.0217 2580  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
19:02:58.0325 2580  tcpipreg - ok
19:02:58.0434 2580  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys
19:02:58.0558 2580  TDPIPE - ok
19:02:58.0617 2580  [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP           C:\windows\system32\drivers\tdtcp.sys
19:02:58.0689 2580  TDTCP - ok
19:02:58.0770 2580  [ B459575348C20E8121D6039DA063C704 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
19:02:58.0891 2580  tdx - ok
19:02:58.0947 2580  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD          C:\windows\system32\drivers\termdd.sys
19:02:58.0998 2580  TermDD - ok
19:02:59.0090 2580  [ 382C804C92811BE57829D8E550A900E2 ] TermService     C:\windows\System32\termsrv.dll
19:02:59.0236 2580  TermService - ok
19:02:59.0276 2580  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\windows\system32\themeservice.dll
19:02:59.0381 2580  Themes - ok
19:02:59.0412 2580  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\windows\system32\mmcss.dll
19:02:59.0510 2580  THREADORDER - ok
19:02:59.0570 2580  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\windows\System32\trkwks.dll
19:02:59.0758 2580  TrkWks - ok
19:02:59.0847 2580  [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
19:02:59.0967 2580  TrustedInstaller - ok
19:03:00.0027 2580  [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys
19:03:00.0141 2580  tssecsrv - ok
19:03:00.0199 2580  [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
19:03:00.0289 2580  TsUsbFlt - ok
19:03:00.0371 2580  [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
19:03:00.0510 2580  tunnel - ok
19:03:00.0562 2580  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\windows\system32\DRIVERS\uagp35.sys
19:03:00.0633 2580  uagp35 - ok
19:03:00.0718 2580  [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs            C:\windows\system32\DRIVERS\udfs.sys
19:03:00.0889 2580  udfs - ok
19:03:00.0973 2580  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\windows\system32\UI0Detect.exe
19:03:01.0080 2580  UI0Detect - ok
19:03:01.0128 2580  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
19:03:01.0193 2580  uliagpkx - ok
19:03:01.0272 2580  [ D295BED4B898F0FD999FCFA9B32B071B ] umbus           C:\windows\system32\drivers\umbus.sys
19:03:01.0359 2580  umbus - ok
19:03:01.0444 2580  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\windows\system32\DRIVERS\umpass.sys
19:03:01.0554 2580  UmPass - ok
19:03:01.0618 2580  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\windows\System32\upnphost.dll
19:03:01.0768 2580  upnphost - ok
19:03:01.0830 2580  [ 8BF5D980CDCE35FB26F05047144BB57E ] USBAAPL         C:\windows\system32\Drivers\usbaapl.sys
19:03:01.0924 2580  USBAAPL - ok
19:03:02.0001 2580  [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp         C:\windows\system32\DRIVERS\usbccgp.sys
19:03:02.0091 2580  usbccgp - ok
19:03:02.0170 2580  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\windows\system32\drivers\usbcir.sys
19:03:02.0269 2580  usbcir - ok
19:03:02.0324 2580  [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci         C:\windows\system32\drivers\usbehci.sys
19:03:02.0391 2580  usbehci - ok
19:03:02.0428 2580  [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys
19:03:02.0544 2580  usbhub - ok
19:03:02.0589 2580  [ A6FB7957EA7AFB1165991E54CE934B74 ] usbohci         C:\windows\system32\drivers\usbohci.sys
19:03:02.0707 2580  usbohci - ok
19:03:02.0756 2580  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\windows\system32\DRIVERS\usbprint.sys
19:03:02.0834 2580  usbprint - ok
19:03:02.0889 2580  [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan         C:\windows\system32\DRIVERS\usbscan.sys
19:03:02.0973 2580  usbscan - ok
19:03:03.0024 2580  [ F991AB9CC6B908DB552166768176896A ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS
19:03:03.0137 2580  USBSTOR - ok
19:03:03.0192 2580  [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci         C:\windows\system32\drivers\usbuhci.sys
19:03:03.0273 2580  usbuhci - ok
19:03:03.0332 2580  [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo        C:\windows\System32\Drivers\usbvideo.sys
19:03:03.0413 2580  usbvideo - ok
19:03:03.0469 2580  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\windows\System32\uxsms.dll
19:03:03.0607 2580  UxSms - ok
19:03:03.0653 2580  [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc        C:\windows\system32\lsass.exe
19:03:03.0726 2580  VaultSvc - ok
19:03:03.0770 2580  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
19:03:03.0840 2580  vdrvroot - ok
19:03:03.0927 2580  [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds             C:\windows\System32\vds.exe
19:03:04.0084 2580  vds - ok
19:03:04.0146 2580  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\windows\system32\DRIVERS\vgapnp.sys
19:03:04.0230 2580  vga - ok
19:03:04.0293 2580  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\windows\System32\drivers\vga.sys
19:03:04.0412 2580  VgaSave - ok
19:03:04.0473 2580  [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp           C:\windows\system32\drivers\vhdmp.sys
19:03:04.0527 2580  vhdmp - ok
19:03:04.0564 2580  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\windows\system32\drivers\viaagp.sys
19:03:04.0634 2580  viaagp - ok
19:03:04.0678 2580  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\windows\system32\DRIVERS\viac7.sys
19:03:04.0765 2580  ViaC7 - ok
19:03:04.0827 2580  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\windows\system32\drivers\viaide.sys
19:03:04.0882 2580  viaide - ok
19:03:04.0916 2580  [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr          C:\windows\system32\drivers\volmgr.sys
19:03:04.0960 2580  volmgr - ok
19:03:05.0015 2580  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
19:03:05.0074 2580  volmgrx - ok
19:03:05.0117 2580  [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap         C:\windows\system32\drivers\volsnap.sys
19:03:05.0187 2580  volsnap - ok
19:03:05.0235 2580  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\windows\system32\DRIVERS\vsmraid.sys
19:03:05.0310 2580  vsmraid - ok
19:03:05.0382 2580  [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS             C:\windows\system32\vssvc.exe
19:03:05.0564 2580  VSS - ok
19:03:05.0616 2580  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\windows\system32\DRIVERS\vwifibus.sys
19:03:05.0731 2580  vwifibus - ok
19:03:05.0797 2580  [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
19:03:05.0874 2580  vwififlt - ok
19:03:05.0925 2580  [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys
19:03:05.0999 2580  vwifimp - ok
19:03:06.0065 2580  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\windows\system32\w32time.dll
19:03:06.0212 2580  W32Time - ok
19:03:06.0261 2580  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\windows\system32\DRIVERS\wacompen.sys
19:03:06.0337 2580  WacomPen - ok
19:03:06.0380 2580  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys
19:03:06.0499 2580  WANARP - ok
19:03:06.0524 2580  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
19:03:06.0657 2580  Wanarpv6 - ok
19:03:06.0854 2580  [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc     C:\windows\system32\Wat\WatAdminSvc.exe
19:03:07.0020 2580  WatAdminSvc - ok
19:03:07.0107 2580  [ 691E3285E53DCA558E1A84667F13E15A ] wbengine        C:\windows\system32\wbengine.exe
19:03:07.0284 2580  wbengine - ok
19:03:07.0341 2580  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
19:03:07.0464 2580  WbioSrvc - ok
19:03:07.0511 2580  [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc         C:\windows\System32\wcncsvc.dll
19:03:07.0632 2580  wcncsvc - ok
19:03:07.0681 2580  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
19:03:07.0807 2580  WcsPlugInService - ok
19:03:07.0861 2580  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\windows\system32\DRIVERS\wd.sys
19:03:07.0928 2580  Wd - ok
19:03:08.0007 2580  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
19:03:08.0122 2580  Wdf01000 - ok
19:03:08.0174 2580  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\windows\system32\wdi.dll
19:03:08.0366 2580  WdiServiceHost - ok
19:03:08.0406 2580  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\windows\system32\wdi.dll
19:03:08.0528 2580  WdiSystemHost - ok
19:03:08.0676 2580  [ A9D880F97530D5B8FEE278923349929D ] WebClient       C:\windows\System32\webclnt.dll
19:03:08.0832 2580  WebClient - ok
19:03:09.0046 2580  [ C1733D5AAFBEF8D13396C0913BB20D06 ] WebUpdate4      C:\windows\system32\WebUpdateSvc4.exe
19:03:09.0182 2580  WebUpdate4 - ok
19:03:09.0264 2580  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\windows\system32\wecsvc.dll
19:03:09.0532 2580  Wecsvc - ok
19:03:09.0588 2580  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\windows\System32\wercplsupport.dll
19:03:09.0764 2580  wercplsupport - ok
19:03:09.0830 2580  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\windows\System32\WerSvc.dll
19:03:09.0979 2580  WerSvc - ok
19:03:10.0108 2580  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys
19:03:10.0223 2580  WfpLwf - ok
19:03:10.0263 2580  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\windows\system32\drivers\wimmount.sys
19:03:10.0322 2580  WIMMount - ok
19:03:10.0429 2580  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
19:03:10.0541 2580  WinDefend - ok
19:03:10.0594 2580  WinHttpAutoProxySvc - ok
19:03:10.0711 2580  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
19:03:10.0849 2580  Winmgmt - ok
19:03:10.0944 2580  [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM           C:\windows\system32\WsmSvc.dll
19:03:11.0175 2580  WinRM - ok
19:03:11.0292 2580  [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys
19:03:11.0400 2580  WinUsb - ok
19:03:11.0465 2580  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\windows\System32\wlansvc.dll
19:03:11.0578 2580  Wlansvc - ok
19:03:11.0654 2580  [ 6067ACEF367E79914AF628FA1E9B5330 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:03:11.0701 2580  wlcrasvc - ok
19:03:11.0828 2580  [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:03:11.0985 2580  wlidsvc - ok
19:03:12.0035 2580  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\windows\system32\drivers\wmiacpi.sys
19:03:12.0123 2580  WmiAcpi - ok
19:03:12.0215 2580  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
19:03:12.0312 2580  wmiApSrv - ok
19:03:12.0428 2580  [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
19:03:12.0582 2580  WMPNetworkSvc - ok
19:03:12.0628 2580  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\windows\System32\wpcsvc.dll
19:03:12.0732 2580  WPCSvc - ok
19:03:12.0817 2580  [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
19:03:12.0934 2580  WPDBusEnum - ok
19:03:12.0984 2580  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
19:03:13.0120 2580  ws2ifsl - ok
19:03:13.0171 2580  [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc          C:\windows\system32\wscsvc.dll
19:03:13.0290 2580  wscsvc - ok
19:03:13.0316 2580  WSearch - ok
19:03:13.0451 2580  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\windows\system32\wuaueng.dll
19:03:13.0638 2580  wuauserv - ok
19:03:13.0695 2580  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
19:03:13.0793 2580  WudfPf - ok
19:03:13.0838 2580  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\windows\system32\DRIVERS\WUDFRd.sys
19:03:13.0920 2580  WUDFRd - ok
19:03:13.0984 2580  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
19:03:14.0090 2580  wudfsvc - ok
19:03:14.0145 2580  [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc         C:\windows\System32\wwansvc.dll
19:03:14.0231 2580  WwanSvc - ok
19:03:14.0369 2580  ================ Scan global ===============================
19:03:14.0428 2580  [ DAB748AE0439955ED2FA22357533DDDB ] C:\windows\system32\basesrv.dll
19:03:14.0463 2580  [ 1F5F07091D50244F17DD8D5147A628CC ] C:\windows\system32\winsrv.dll
19:03:14.0530 2580  [ 1F5F07091D50244F17DD8D5147A628CC ] C:\windows\system32\winsrv.dll
19:03:14.0596 2580  [ 364455805E64882844EE9ACB72522830 ] C:\windows\system32\sxssrv.dll
19:03:14.0682 2580  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\windows\system32\services.exe
19:03:14.0715 2580  [Global] - ok
19:03:14.0723 2580  ================ Scan MBR ==================================
19:03:14.0748 2580  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:03:15.0258 2580  \Device\Harddisk0\DR0 - ok
19:03:15.0263 2580  ================ Scan VBR ==================================
19:03:15.0276 2580  [ 01C375F6F65AB332E81E7682E4EBE92A ] \Device\Harddisk0\DR0\Partition1
19:03:15.0279 2580  \Device\Harddisk0\DR0\Partition1 - ok
19:03:15.0319 2580  [ C0CB741593A9ADF1AFE3B1244B8EFD3B ] \Device\Harddisk0\DR0\Partition2
19:03:15.0323 2580  \Device\Harddisk0\DR0\Partition2 - ok
19:03:15.0331 2580  ============================================================
19:03:15.0331 2580  Scan finished
19:03:15.0331 2580  ============================================================
19:03:15.0439 6016  Detected object count: 6
19:03:15.0439 6016  Actual detected object count: 6
19:04:21.0424 6016  asushwio ( UnsignedFile.Multi.Generic ) - skipped by user
19:04:21.0424 6016  asushwio ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:04:21.0441 6016  AsusService ( UnsignedFile.Multi.Generic ) - skipped by user
19:04:21.0441 6016  AsusService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:04:21.0454 6016  AUS ( UnsignedFile.Multi.Generic ) - skipped by user
19:04:21.0454 6016  AUS ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:04:21.0472 6016  LSM ( UnsignedFile.Multi.Generic ) - skipped by user
19:04:21.0472 6016  LSM ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:04:21.0508 6016  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
19:04:21.0508 6016  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:04:21.0517 6016  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
19:04:21.0518 6016  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:04:46.0404 0864  Deinitialize success

lillosa
Beginner Software
Beginner Software
 
Messaggi: 22
Iscritto il: 17 feb 2013 15:42

Prossimo

Torna a Sicurezza e antivirus

Chi c’è in linea

Visitano il forum: Nessuno e 3 ospiti